Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php function getKfcAutToken(){ $result = []; $api = 'https://app.mynagad.com:20002/..

Decoded Output download

<?php 
function getKfcAutToken(){ 
	$result = []; 
	$api = 'https://app.mynagad.com:20002/api/login'; 
	$data = json_encode([ 
		'username' => '01628601995', 
		'aspId' => '100012345612345', 
		'mpaId' => '16990980746192817568538387357457', 
		'password' => 'A96FE578BD6BFA165BBCE01F5117E978E5777E4552A4373615D3786EE49574E8' 
	]); 
	 
	$ch = curl_init(); 
	curl_setopt($ch, CURLOPT_URL, $api); 
	curl_setopt($ch, CURLOPT_HEADER, 1); 
	curl_setopt($ch, CURLOPT_POST, true); 
	curl_setopt($ch, CURLOPT_TIMEOUT, 15); 
	curl_setopt($ch, CURLOPT_POSTFIELDS, $data); 
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); 
	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); 
	curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
	curl_setopt($ch, CURLOPT_HTTPHEADER, [ 
		'X-KM-AppCode: 01', 
		'Accept-Encoding: gzip', 
		'X-KM-UserId: 70995956', 
		'Connection: Keep-Alive', 
		'X-KM-Accept-language: bn', 
		'User-Agent: okhttp/3.14.9', 
		'Host: app.mynagad.com:20002', 
		'X-KM-User-Agent: ANDROID/1150', 
		'X-KM-User-AspId: 100012345612345', 
		'Content-Type: application/json; charset=UTF-8', 
		'X-KM-User-MpaId: 16987223212802733224138748181643', 
	]); 
	$content = curl_exec($ch); 
	curl_close($ch); 
	 
	$uniqContent = preg_replace('/\s+/', ' ', str_replace(PHP_EOL, ' ', $content)); 
	if(preg_match("/X-KM-AUTH-TOKEN: (.*?) /i", $uniqContent, $token)){ 
		$result['success'] = true; 
		$result['token'] = $token[1]; 
	}else{ 
		$result['success'] = false; 
		$result['msg'] = 'Server AUTH TOKEN not found!'; 
	} 
	return $result; 
} 
 
function getKfcNagadInfo($number){ 
	$result = []; 
	$kfcAutToken = getKfcAutToken(); 
	if($kfcAutToken['success']){ 
		$api = 'https://app.mynagad.com:20002/api/external/kyc/customer-data-for-resubmit'; 
		$data = json_encode([ 
			'otp' => null, 
			'phoneNumber' => $number 
		]); 
		 
		$ch = curl_init(); 
		curl_setopt($ch, CURLOPT_URL, $api); 
		curl_setopt($ch, CURLOPT_POST, true); 
		curl_setopt($ch, CURLOPT_TIMEOUT, 15); 
		curl_setopt($ch, CURLOPT_POSTFIELDS, $data); 
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); 
		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); 
		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); 
		curl_setopt($ch, CURLOPT_HTTPHEADER, [ 
			'X-KM-AppCode: 01', 
			'Accept-Encoding: gzip', 
			'X-KM-UserId: 70995956', 
			'Connection: Keep-Alive', 
			'X-KM-Accept-language: bn', 
			'User-Agent: okhttp/3.14.9', 
			'Host: app.mynagad.com:20002', 
			'X-KM-User-Agent: ANDROID/1150', 
            'Content-Length: ' . strlen($data), 
			'X-KM-User-AspId: 100012345612345', 
            'X-KM-AUTH-TOKEN: ' . $kfcAutToken['token'], 
			'Content-Type: application/json; charset=UTF-8', 
			'X-KM-User-MpaId: 16987223212802733224138748181643', 
		]); 
		$content = curl_exec($ch); 
		curl_close($ch); 
		 
		$res = json_decode($content, true); 
		if(isset($res['photoId'], $res['dob'])){ 
			if($res['photoId'] != null && $res['dob'] != null && !empty($res['photoId']) && !empty($res['dob'])){ 
				$result['success'] = true; 
				$result['number'] = isset($res['phoneNumber']) ? $res['phoneNumber'] : $number; 
				$result['operator'] = isset($res['mnoName']) ? $res['mnoName'] : ''; 
				$result['idType'] = isset($res['idType']) ? $res['idType'] : ''; 
				$result['name'] = isset($res['name']) ? $res['name'] : ''; 
				$result['gender'] = isset($res['gender']) ? $res['gender'] : ''; 
				$result['email'] = isset($res['email']) ? $res['email'] : ''; 
				$result['customerSegment'] = isset($res['customerSegment']) ? $res['customerSegment'] : ''; 
				$result['nid'] = $res['photoId']; 
				$result['dob'] = $res['dob'][0].$res['dob'][1].$res['dob'][2].$res['dob'][3].'-'.$res['dob'][4].$res['dob'][5].'-'.$res['dob'][6].$res['dob'][7]; 
				$result['fatherName'] = isset($res['aspAdditionalData']['fatherName']) ? $res['aspAdditionalData']['fatherName'] : ''; 
				$result['motherName'] = isset($res['aspAdditionalData']['motherName']) ? $res['aspAdditionalData']['motherName'] : ''; 
				$result['permanentAddress'] = isset($res['aspAdditionalData']['permanentAddress']) ? str_replace('  ', '', preg_replace('/\s+/', ' ', $res['aspAdditionalData']['permanentAddress'])) : ''; 
				$result['presentAddress'] = isset($res['aspAdditionalData']['presentAddress']) ? str_replace('  ', '', preg_replace('/\s+/', ' ', $res['aspAdditionalData']['presentAddress'])) : ''; 
				$result['interestBearingAccount'] = isset($res['interestBearingAccount']) ? $res['interestBearingAccount'] : ''; 
				$result['occupation'] = isset($res['aspAdditionalData']['occupation']) ? $res['aspAdditionalData']['occupation'] : ''; 
				$result['purpose'] = isset($res['aspAdditionalData']['purpose']) ? $res['aspAdditionalData']['purpose'] : ''; 
				$result['documentList'] = []; 
				if(isset($res['aspAdditionalData']['documentList'])){ 
					foreach($res['aspAdditionalData']['documentList'] as $document){ 
						$index = []; 
						$index['type'] = $document['documentType']; 
						$index['file'] = $document['baseUrl'].$document['fileUrl']; 
						array_push($result['documentList'], $index); 
					} 
				} 
			}else{ 
				$result['success'] = false; 
				$result['success'] = 'Empty info'; 
			} 
		}else{ 
			$result['success'] = false; 
			$result['msg'] = 'Info not found'; 
		} 
	}else{ 
		$result = $kfcAutToken; 
	} 
	return $result; 
} 
 
if(isset($_GET['n'])){ 
	$result = []; 
	if(strlen($_GET['n']) == 11){ 
		$result = getKfcNagadInfo($_GET['n']); 
	}else{ 
		$result['success'] = false; 
		$result['msg'] = 'Number not valid'; 
	} 
	die(json_encode($result, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES)); 
}else{ 
	http_response_code(404); 
} ?>

Did this file decode correctly?

Original Code

<?php
function getKfcAutToken(){
	$result = [];
	$api = 'https://app.mynagad.com:20002/api/login';
	$data = json_encode([
		'username' => '01628601995',
		'aspId' => '100012345612345',
		'mpaId' => '16990980746192817568538387357457',
		'password' => 'A96FE578BD6BFA165BBCE01F5117E978E5777E4552A4373615D3786EE49574E8'
	]);
	
	$ch = curl_init();
	curl_setopt($ch, CURLOPT_URL, $api);
	curl_setopt($ch, CURLOPT_HEADER, 1);
	curl_setopt($ch, CURLOPT_POST, true);
	curl_setopt($ch, CURLOPT_TIMEOUT, 15);
	curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
	curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
	curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
	curl_setopt($ch, CURLOPT_HTTPHEADER, [
		'X-KM-AppCode: 01',
		'Accept-Encoding: gzip',
		'X-KM-UserId: 70995956',
		'Connection: Keep-Alive',
		'X-KM-Accept-language: bn',
		'User-Agent: okhttp/3.14.9',
		'Host: app.mynagad.com:20002',
		'X-KM-User-Agent: ANDROID/1150',
		'X-KM-User-AspId: 100012345612345',
		'Content-Type: application/json; charset=UTF-8',
		'X-KM-User-MpaId: 16987223212802733224138748181643',
	]);
	$content = curl_exec($ch);
	curl_close($ch);
	
	$uniqContent = preg_replace('/\s+/', ' ', str_replace(PHP_EOL, ' ', $content));
	if(preg_match("/X-KM-AUTH-TOKEN: (.*?) /i", $uniqContent, $token)){
		$result['success'] = true;
		$result['token'] = $token[1];
	}else{
		$result['success'] = false;
		$result['msg'] = 'Server AUTH TOKEN not found!';
	}
	return $result;
}

function getKfcNagadInfo($number){
	$result = [];
	$kfcAutToken = getKfcAutToken();
	if($kfcAutToken['success']){
		$api = 'https://app.mynagad.com:20002/api/external/kyc/customer-data-for-resubmit';
		$data = json_encode([
			'otp' => null,
			'phoneNumber' => $number
		]);
		
		$ch = curl_init();
		curl_setopt($ch, CURLOPT_URL, $api);
		curl_setopt($ch, CURLOPT_POST, true);
		curl_setopt($ch, CURLOPT_TIMEOUT, 15);
		curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
		curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
		curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
		curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
		curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
		curl_setopt($ch, CURLOPT_HTTPHEADER, [
			'X-KM-AppCode: 01',
			'Accept-Encoding: gzip',
			'X-KM-UserId: 70995956',
			'Connection: Keep-Alive',
			'X-KM-Accept-language: bn',
			'User-Agent: okhttp/3.14.9',
			'Host: app.mynagad.com:20002',
			'X-KM-User-Agent: ANDROID/1150',
            'Content-Length: ' . strlen($data),
			'X-KM-User-AspId: 100012345612345',
            'X-KM-AUTH-TOKEN: ' . $kfcAutToken['token'],
			'Content-Type: application/json; charset=UTF-8',
			'X-KM-User-MpaId: 16987223212802733224138748181643',
		]);
		$content = curl_exec($ch);
		curl_close($ch);
		
		$res = json_decode($content, true);
		if(isset($res['photoId'], $res['dob'])){
			if($res['photoId'] != null && $res['dob'] != null && !empty($res['photoId']) && !empty($res['dob'])){
				$result['success'] = true;
				$result['number'] = isset($res['phoneNumber']) ? $res['phoneNumber'] : $number;
				$result['operator'] = isset($res['mnoName']) ? $res['mnoName'] : '';
				$result['idType'] = isset($res['idType']) ? $res['idType'] : '';
				$result['name'] = isset($res['name']) ? $res['name'] : '';
				$result['gender'] = isset($res['gender']) ? $res['gender'] : '';
				$result['email'] = isset($res['email']) ? $res['email'] : '';
				$result['customerSegment'] = isset($res['customerSegment']) ? $res['customerSegment'] : '';
				$result['nid'] = $res['photoId'];
				$result['dob'] = $res['dob'][0].$res['dob'][1].$res['dob'][2].$res['dob'][3].'-'.$res['dob'][4].$res['dob'][5].'-'.$res['dob'][6].$res['dob'][7];
				$result['fatherName'] = isset($res['aspAdditionalData']['fatherName']) ? $res['aspAdditionalData']['fatherName'] : '';
				$result['motherName'] = isset($res['aspAdditionalData']['motherName']) ? $res['aspAdditionalData']['motherName'] : '';
				$result['permanentAddress'] = isset($res['aspAdditionalData']['permanentAddress']) ? str_replace('  ', '', preg_replace('/\s+/', ' ', $res['aspAdditionalData']['permanentAddress'])) : '';
				$result['presentAddress'] = isset($res['aspAdditionalData']['presentAddress']) ? str_replace('  ', '', preg_replace('/\s+/', ' ', $res['aspAdditionalData']['presentAddress'])) : '';
				$result['interestBearingAccount'] = isset($res['interestBearingAccount']) ? $res['interestBearingAccount'] : '';
				$result['occupation'] = isset($res['aspAdditionalData']['occupation']) ? $res['aspAdditionalData']['occupation'] : '';
				$result['purpose'] = isset($res['aspAdditionalData']['purpose']) ? $res['aspAdditionalData']['purpose'] : '';
				$result['documentList'] = [];
				if(isset($res['aspAdditionalData']['documentList'])){
					foreach($res['aspAdditionalData']['documentList'] as $document){
						$index = [];
						$index['type'] = $document['documentType'];
						$index['file'] = $document['baseUrl'].$document['fileUrl'];
						array_push($result['documentList'], $index);
					}
				}
			}else{
				$result['success'] = false;
				$result['success'] = 'Empty info';
			}
		}else{
			$result['success'] = false;
			$result['msg'] = 'Info not found';
		}
	}else{
		$result = $kfcAutToken;
	}
	return $result;
}

if(isset($_GET['n'])){
	$result = [];
	if(strlen($_GET['n']) == 11){
		$result = getKfcNagadInfo($_GET['n']);
	}else{
		$result['success'] = false;
		$result['msg'] = 'Number not valid';
	}
	die(json_encode($result, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES));
}else{
	http_response_code(404);
}

Function Calls

None

Variables

None

Stats

MD5 768db9104834b3843d71d76024b44b05
Eval Count 0
Decode Time 65 ms