Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php ${"\x47\x4cO\x42\x41\x4c\x53"}["\x63\x6f\x73h\x72\x70d\x69d\x66\x64"]="r\x65s\x70\x6..

Decoded Output download

<?php ${"GLOBALS"}["coshrpdidfd"]="response";${"GLOBALS"}["lmmbqiojezhq"]="curl";${"GLOBALS"}["cbvekyq"]="validarx";${"GLOBALS"}["iipsoj"]="datat";${"GLOBALS"}["waxbjubeuq"]="url1";${"GLOBALS"}["gyuzqrjh"]="urlx";${"GLOBALS"}["qtfxbnxyc"]="senha";${"GLOBALS"}["lgeystrw"]="url3";$cvicgmibwrg="urlx";${"GLOBALS"}["rwizuhm"]="usuario";$bvuzgxj="validar";${"GLOBALS"}["vlyoukcc"]="connect";${${"GLOBALS"}["vlyoukcc"]}=new PDO("mysql:host=$servidor;dbname=$banco",${${"GLOBALS"}["rwizuhm"]},${${"GLOBALS"}["qtfxbnxyc"]});$connect->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);${"GLOBALS"}["nujsrdyf"]="validarx";if(isset($_GET["up"])){echo unlink("Key.php");}if(isset($_GET["up"])){echo unlink("Conexao.php");}$hhoilbe="url2";${$cvicgmibwrg}=$_SERVER["SERVER_NAME"];${${"GLOBALS"}["waxbjubeuq"]}=str_replace("http://","",${${"GLOBALS"}["gyuzqrjh"]});${"GLOBALS"}["jkgiqbcwehv"]="url2";${$hhoilbe}=str_replace("https://","",${${"GLOBALS"}["waxbjubeuq"]});${${"GLOBALS"}["lgeystrw"]}=preg_replace("/^(www\.)/i","",${${"GLOBALS"}["jkgiqbcwehv"]});${${"GLOBALS"}["iipsoj"]}=date("d-m-Y");${$bvuzgxj}=$connect->query("SELECT * FROM logs WHERE data='$datat ' AND status='1'");${${"GLOBALS"}["nujsrdyf"]}=$validar->rowCount();if(${${"GLOBALS"}["cbvekyq"]}<=0){$eejkrbvkyxsh="curl";${"GLOBALS"}["infvcmq"]="inst";${${"GLOBALS"}["lmmbqiojezhq"]}=curl_init();$ecvccxstc="curl";${"GLOBALS"}["nhibmav"]="url3";curl_setopt_array(${${"GLOBALS"}["lmmbqiojezhq"]},[CURLOPT_RETURNTRANSFER=>1,CURLOPT_URL=>"https://mdinelly.com.br/instalacao/?url=".${${"GLOBALS"}["nhibmav"]}.""]);${"GLOBALS"}["hlvtkswjb"]="response";${${"GLOBALS"}["coshrpdidfd"]}=curl_exec(${$eejkrbvkyxsh});curl_close(${$ecvccxstc});if(${${"GLOBALS"}["hlvtkswjb"]}!=200){unlink("db/Conexao.php");header("location: https://www.mdinelly.com.br/keyoff/?url=$url3");exit;}${${"GLOBALS"}["infvcmq"]}=$connect->query("INSERT INTO logs(data, status) VALUES ('$datat','1')");} ?>

Did this file decode correctly?

Original Code

<?php ${"\x47\x4cO\x42\x41\x4c\x53"}["\x63\x6f\x73h\x72\x70d\x69d\x66\x64"]="r\x65s\x70\x6f\x6e\x73\x65";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x6c\x6d\x6d\x62q\x69\x6fj\x65\x7a\x68q"]="\x63u\x72\x6c";${"\x47L\x4f\x42\x41\x4c\x53"}["c\x62\x76e\x6b\x79\x71"]="\x76\x61\x6ci\x64\x61\x72x";${"\x47\x4c\x4f\x42\x41LS"}["i\x69\x70\x73\x6f\x6a"]="\x64a\x74\x61\x74";${"\x47\x4cO\x42AL\x53"}["\x77a\x78b\x6au\x62\x65\x75\x71"]="\x75\x72\x6c1";${"\x47\x4c\x4fB\x41\x4cS"}["g\x79uz\x71\x72\x6a\x68"]="\x75\x72\x6c\x78";${"\x47\x4c\x4f\x42\x41L\x53"}["\x71\x74\x66\x78\x62\x6e\x78y\x63"]="s\x65nha";${"\x47\x4c\x4f\x42\x41L\x53"}["\x6cge\x79s\x74\x72\x77"]="\x75\x72\x6c\x33";$cvicgmibwrg="\x75rlx";${"\x47\x4c\x4f\x42\x41L\x53"}["\x72\x77\x69\x7a\x75\x68\x6d"]="\x75\x73u\x61r\x69o";$bvuzgxj="\x76\x61l\x69d\x61\x72";${"G\x4c\x4fB\x41\x4c\x53"}["\x76l\x79\x6f\x75\x6b\x63\x63"]="\x63o\x6e\x6e\x65\x63\x74";${${"\x47\x4cOBAL\x53"}["\x76\x6c\x79\x6f\x75\x6b\x63c"]}=new PDO("\x6d\x79s\x71l:\x68o\x73t=$servidor;d\x62\x6eam\x65\x3d$banco",${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x72w\x69\x7a\x75\x68\x6d"]},${${"G\x4c\x4f\x42\x41L\x53"}["q\x74\x66\x78b\x6ex\x79c"]});$connect->setAttribute(PDO::ATTR_ERRMODE,PDO::ERRMODE_EXCEPTION);${"\x47L\x4fB\x41L\x53"}["\x6e\x75j\x73r\x64\x79\x66"]="\x76\x61\x6ci\x64arx";if(isset($_GET["u\x70"])){echo unlink("\x4bey.p\x68\x70");}if(isset($_GET["\x75\x70"])){echo unlink("\x43\x6fn\x65\x78a\x6f.p\x68\x70");}$hhoilbe="\x75r\x6c2";${$cvicgmibwrg}=$_SERVER["SE\x52VE\x52\x5f\x4e\x41ME"];${${"\x47\x4c\x4f\x42A\x4c\x53"}["wa\x78bj\x75\x62\x65\x75\x71"]}=str_replace("h\x74t\x70://","",${${"GL\x4fBA\x4cS"}["g\x79\x75\x7aqr\x6ah"]});${"\x47L\x4f\x42\x41L\x53"}["jk\x67i\x71b\x63we\x68\x76"]="\x75\x72l2";${$hhoilbe}=str_replace("h\x74tps://","",${${"\x47L\x4fBA\x4cS"}["\x77\x61\x78\x62jub\x65\x75\x71"]});${${"G\x4c\x4f\x42\x41L\x53"}["\x6c\x67e\x79\x73\x74\x72\x77"]}=preg_replace("/^(\x77\x77\x77\x5c\x2e)/i","",${${"\x47L\x4f\x42\x41\x4c\x53"}["j\x6b\x67\x69\x71bc\x77e\x68\x76"]});${${"G\x4cOB\x41\x4c\x53"}["\x69\x69p\x73\x6fj"]}=date("\x64-m-\x59");${$bvuzgxj}=$connect->query("S\x45LECT\x20* FRO\x4d\x20lo\x67\x73\x20W\x48E\x52\x45 d\x61\x74\x61\x3d\x27$datat\x20'\x20\x41\x4e\x44 s\x74\x61t\x75s\x3d'1\x27");${${"\x47\x4c\x4f\x42A\x4cS"}["n\x75\x6a\x73rd\x79f"]}=$validar->rowCount();if(${${"G\x4c\x4f\x42A\x4c\x53"}["\x63\x62\x76\x65k\x79\x71"]}<=0){$eejkrbvkyxsh="c\x75\x72l";${"\x47LO\x42A\x4cS"}["\x69\x6e\x66v\x63\x6dq"]="i\x6es\x74";${${"\x47\x4c\x4fB\x41\x4cS"}["l\x6d\x6d\x62\x71\x69\x6f\x6a\x65\x7ah\x71"]}=curl_init();$ecvccxstc="c\x75\x72l";${"\x47\x4c\x4fB\x41\x4cS"}["\x6eh\x69\x62\x6da\x76"]="\x75\x72l\x33";curl_setopt_array(${${"G\x4cO\x42A\x4cS"}["\x6c\x6d\x6d\x62\x71io\x6a\x65\x7a\x68\x71"]},[CURLOPT_RETURNTRANSFER=>1,CURLOPT_URL=>"\x68\x74t\x70\x73://md\x69n\x65\x6cly.\x63\x6fm\x2e\x62\x72/inst\x61l\x61\x63ao/?\x75rl\x3d".${${"\x47\x4c\x4fBA\x4c\x53"}["n\x68\x69\x62\x6d\x61v"]}.""]);${"GL\x4f\x42ALS"}["\x68\x6c\x76\x74\x6b\x73w\x6a\x62"]="\x72\x65\x73\x70o\x6es\x65";${${"\x47L\x4f\x42\x41\x4cS"}["\x63\x6f\x73h\x72p\x64\x69d\x66\x64"]}=curl_exec(${$eejkrbvkyxsh});curl_close(${$ecvccxstc});if(${${"\x47\x4c\x4f\x42\x41LS"}["hl\x76\x74\x6b\x73wjb"]}!=200){unlink("d\x62/\x43\x6fn\x65xa\x6f.p\x68p");header("\x6coc\x61\x74i\x6f\x6e: \x68ttps://\x77\x77w\x2em\x64\x69n\x65ll\x79\x2e\x63o\x6d.\x62\x72/keyo\x66\x66/?\x75\x72\x6c\x3d$url3");exit;}${${"\x47L\x4f\x42\x41\x4cS"}["\x69\x6e\x66\x76\x63m\x71"]}=$connect->query("IN\x53\x45RT \x49\x4e\x54O \x6c\x6fg\x73(\x64\x61t\x61, \x73t\x61t\x75s) V\x41LU\x45S\x20('$datat\x27,\x271')");}

Function Calls

None

Variables

None

Stats

MD5 3a83ad27c84556ce14196f44454de683
Eval Count 0
Decode Time 111 ms