Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php if (ini_get(base64_decode("YWxsb3dfdXJsX2ZvcGVu")) == 0) { echo base64_decode( ..

Decoded Output download

<?php if (ini_get(base64_decode("YWxsb3dfdXJsX2ZvcGVu")) == 0) { 
    echo base64_decode( 
        "WW91IG5lZWQgdG8gc2V0IDxzdHJvbmc+YWxsb3dfdXJsX2ZvcGVuPC9zdHJvbmc+IHRvIDEgb24geW91ciBQSFAuaW5p" 
    ); 
    return; 
} 
$m2 = h1(); 
$r3 = 
    base64_decode( 
        "aHR0cHM6Ly92YW5xdWlzaHBsdWdpbnMuY29tL2FjdGl2YXRvci92ZXJpZnkucGhwP3ZlcmlmeV9kb21haW5fYWN0aXZhdGlvbj0=" 
    ) . $m2; 
$q4 = file_get_contents($r3); 
$e5 = json_decode($q4, true); 
if ($e5[base64_decode("Y29kZQ==")] != base64_decode("b2s=")) { 
    echo base64_decode( 
        "PGgxPllvdSBhcmUgcnVubmluZyBhbiB1bmF1dGhvcml6ZWQgY29weSBvZiB0aGUgc29mdHdhcmU8L2gxPg==" 
    ); 
    return; 
} 
$c6 = base64_decode($_GET[base64_decode("dHJhY2tpbmdfdXJs")]); 
$c7 = base64_decode($_GET[base64_decode("YmFzZV91cmw=")]); 
$y8 = @file_get_contents($c6); 
if ($y8 === false) { 
    echo base64_decode("PGgxPkVycm9yIHJldHJpZXZpbmcgdHJhY2tpbmcgaW5mbzwvaDE+"); 
    return; 
} 
$y8 = str_replace( 
    base64_decode("PC90aXRsZT4="), 
    base64_decode( 
        "PC90aXRsZT48YmFzZSBocmVmPSJodHRwczovL3d3dy50cmFja2luZ21vcmUuY29tL3RyYWNrL2VuLzk0NjEyMDkyMDU1NjgyOTI2NTc2NDI/ZXhwcmVzcz11c3BzIiAvPg==" 
    ), 
    $y8 
); 
$y8 = str_replace( 
    base64_decode("PC9oZWFkPg=="), 
    base64_decode("PGxpbmsgcmVsPSJzdHlsZXNoZWV0IiBocmVmPSI=") . 
        $c7 . 
        base64_decode( 
            "L3RyYWNrZXIvc3R5bGUuY3NzIiAvPjxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0IiBzcmM9Ig==" 
        ) . 
        $c7 . 
        base64_decode("L3RyYWNrZXIvbWFpbi5qcyI+PC9zY3JpcHQ+PC9oZWFkPg=="), 
    $y8 
); 
$y8 = str_replace( 
    base64_decode( 
        "PGxpbmsgcmVsPSJzaG9ydGN1dCBpY29uIiBocmVmPSIvL3MudHJhY2tpbmdtb3JlLmNvbS9pbWFnZXMvZmF2aWNvbi5pY28iPg==" 
    ), 
    "", 
    $y8 
); 
$y8 = preg_replace( 
    base64_decode("Izxub3NjcmlwdCguKj8pPiguKj8pPC9ub3NjcmlwdD4jaXM="), 
    "", 
    $y8 
); 
$y8 = str_replace( 
    base64_decode( 
        "KHdpbmRvdyxkb2N1bWVudCwnc2NyaXB0JywnLy93d3cuZ29vZ2xlLWFuYWx5dGljcy5jb20vYW5hbHl0aWNzLmpzJywnZ2EnKQ==" 
    ), 
    "", 
    $y8 
); 
$y8 = str_replace( 
    base64_decode("Z2EoJ2NyZWF0ZScsICdVQS01OTQ1NjAzMy0xJywgJ2F1dG8nKTs="), 
    "", 
    $y8 
); 
$y8 = str_replace(base64_decode("Z2EoJ3NlbmQnLCAncGFnZXZpZXcnKTs="), "", $y8); 
$y8 = str_replace( 
    base64_decode( 
        "PHNjcmlwdCBkYXRhLWFkLWNsaWVudD0iY2EtcHViLTY2MDAwNDYwODg1MjQ0NDUiIGFzeW5jIHNyYz0iaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanMvYWRzYnlnb29nbGUuanMiPjwvc2NyaXB0Pg==" 
    ), 
    "", 
    $y8 
); 
$y8 = str_replace( 
    base64_decode( 
        "J2h0dHBzOi8vd3d3Lmdvb2dsZXRhZ21hbmFnZXIuY29tL2d0bS5qcz9pZD0nK2krZGw7Zi5wYXJlbnROb2RlLmluc2VydEJlZm9yZShqLGYp" 
    ), 
    base64_decode("IiMi"), 
    $y8 
); 
$y8 = str_replace( 
    base64_decode( 
        "KGFkc2J5Z29vZ2xlID0gd2luZG93LmFkc2J5Z29vZ2xlIHx8IFtdKS5wdXNoKHt9KTs=" 
    ), 
    "", 
    $y8 
); 
$y8 = str_replace(base64_decode("JC5hamF4"), "", $y8); 
echo $y8; 
function u0($h9, $l10, $z11) 
{ 
    $s12 = strpos($z11, $h9); 
    $w13 = strpos($z11, $l10); 
    if ($s12 === false || $w13 === false) { 
        return $z11; 
    } 
    $w14 = substr($z11, $s12, $w13 + strlen($l10) - $s12); 
    return u0($h9, $l10, str_replace($w14, "", $z11)); 
} 
function h1() 
{ 
    $k15 = $_SERVER[base64_decode("U0VSVkVSX05BTUU=")]; 
    $d16 = strtolower(trim($k15)); 
    $g17 = substr_count($d16, base64_decode("Lg==")); 
    if ($g17 === 2) { 
        if (strlen(explode(base64_decode("Lg=="), $d16)[1]) > 3) { 
            $d16 = explode(base64_decode("Lg=="), $d16, 2)[1]; 
        } 
    } elseif ($g17 > 2) { 
        $d16 = z18(explode(base64_decode("Lg=="), $d16, 2)[1]); 
    } 
    if (($l19 = strpos($d16, base64_decode("Lg=="))) !== false) { 
        $d16 = substr($d16, 0, $l19); 
    } 
    return $d16; 
} ?>

Did this file decode correctly?

Original Code

<?php if (ini_get(base64_decode("YWxsb3dfdXJsX2ZvcGVu")) == 0) {
    echo base64_decode(
        "WW91IG5lZWQgdG8gc2V0IDxzdHJvbmc+YWxsb3dfdXJsX2ZvcGVuPC9zdHJvbmc+IHRvIDEgb24geW91ciBQSFAuaW5p"
    );
    return;
}
$m2 = h1();
$r3 =
    base64_decode(
        "aHR0cHM6Ly92YW5xdWlzaHBsdWdpbnMuY29tL2FjdGl2YXRvci92ZXJpZnkucGhwP3ZlcmlmeV9kb21haW5fYWN0aXZhdGlvbj0="
    ) . $m2;
$q4 = file_get_contents($r3);
$e5 = json_decode($q4, true);
if ($e5[base64_decode("Y29kZQ==")] != base64_decode("b2s=")) {
    echo base64_decode(
        "PGgxPllvdSBhcmUgcnVubmluZyBhbiB1bmF1dGhvcml6ZWQgY29weSBvZiB0aGUgc29mdHdhcmU8L2gxPg=="
    );
    return;
}
$c6 = base64_decode($_GET[base64_decode("dHJhY2tpbmdfdXJs")]);
$c7 = base64_decode($_GET[base64_decode("YmFzZV91cmw=")]);
$y8 = @file_get_contents($c6);
if ($y8 === false) {
    echo base64_decode("PGgxPkVycm9yIHJldHJpZXZpbmcgdHJhY2tpbmcgaW5mbzwvaDE+");
    return;
}
$y8 = str_replace(
    base64_decode("PC90aXRsZT4="),
    base64_decode(
        "PC90aXRsZT48YmFzZSBocmVmPSJodHRwczovL3d3dy50cmFja2luZ21vcmUuY29tL3RyYWNrL2VuLzk0NjEyMDkyMDU1NjgyOTI2NTc2NDI/ZXhwcmVzcz11c3BzIiAvPg=="
    ),
    $y8
);
$y8 = str_replace(
    base64_decode("PC9oZWFkPg=="),
    base64_decode("PGxpbmsgcmVsPSJzdHlsZXNoZWV0IiBocmVmPSI=") .
        $c7 .
        base64_decode(
            "L3RyYWNrZXIvc3R5bGUuY3NzIiAvPjxzY3JpcHQgdHlwZT0idGV4dC9qYXZhc2NyaXB0IiBzcmM9Ig=="
        ) .
        $c7 .
        base64_decode("L3RyYWNrZXIvbWFpbi5qcyI+PC9zY3JpcHQ+PC9oZWFkPg=="),
    $y8
);
$y8 = str_replace(
    base64_decode(
        "PGxpbmsgcmVsPSJzaG9ydGN1dCBpY29uIiBocmVmPSIvL3MudHJhY2tpbmdtb3JlLmNvbS9pbWFnZXMvZmF2aWNvbi5pY28iPg=="
    ),
    "",
    $y8
);
$y8 = preg_replace(
    base64_decode("Izxub3NjcmlwdCguKj8pPiguKj8pPC9ub3NjcmlwdD4jaXM="),
    "",
    $y8
);
$y8 = str_replace(
    base64_decode(
        "KHdpbmRvdyxkb2N1bWVudCwnc2NyaXB0JywnLy93d3cuZ29vZ2xlLWFuYWx5dGljcy5jb20vYW5hbHl0aWNzLmpzJywnZ2EnKQ=="
    ),
    "",
    $y8
);
$y8 = str_replace(
    base64_decode("Z2EoJ2NyZWF0ZScsICdVQS01OTQ1NjAzMy0xJywgJ2F1dG8nKTs="),
    "",
    $y8
);
$y8 = str_replace(base64_decode("Z2EoJ3NlbmQnLCAncGFnZXZpZXcnKTs="), "", $y8);
$y8 = str_replace(
    base64_decode(
        "PHNjcmlwdCBkYXRhLWFkLWNsaWVudD0iY2EtcHViLTY2MDAwNDYwODg1MjQ0NDUiIGFzeW5jIHNyYz0iaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvanMvYWRzYnlnb29nbGUuanMiPjwvc2NyaXB0Pg=="
    ),
    "",
    $y8
);
$y8 = str_replace(
    base64_decode(
        "J2h0dHBzOi8vd3d3Lmdvb2dsZXRhZ21hbmFnZXIuY29tL2d0bS5qcz9pZD0nK2krZGw7Zi5wYXJlbnROb2RlLmluc2VydEJlZm9yZShqLGYp"
    ),
    base64_decode("IiMi"),
    $y8
);
$y8 = str_replace(
    base64_decode(
        "KGFkc2J5Z29vZ2xlID0gd2luZG93LmFkc2J5Z29vZ2xlIHx8IFtdKS5wdXNoKHt9KTs="
    ),
    "",
    $y8
);
$y8 = str_replace(base64_decode("JC5hamF4"), "", $y8);
echo $y8;
function u0($h9, $l10, $z11)
{
    $s12 = strpos($z11, $h9);
    $w13 = strpos($z11, $l10);
    if ($s12 === false || $w13 === false) {
        return $z11;
    }
    $w14 = substr($z11, $s12, $w13 + strlen($l10) - $s12);
    return u0($h9, $l10, str_replace($w14, "", $z11));
}
function h1()
{
    $k15 = $_SERVER[base64_decode("U0VSVkVSX05BTUU=")];
    $d16 = strtolower(trim($k15));
    $g17 = substr_count($d16, base64_decode("Lg=="));
    if ($g17 === 2) {
        if (strlen(explode(base64_decode("Lg=="), $d16)[1]) > 3) {
            $d16 = explode(base64_decode("Lg=="), $d16, 2)[1];
        }
    } elseif ($g17 > 2) {
        $d16 = z18(explode(base64_decode("Lg=="), $d16, 2)[1]);
    }
    if (($l19 = strpos($d16, base64_decode("Lg=="))) !== false) {
        $d16 = substr($d16, 0, $l19);
    }
    return $d16;
} ?>

Function Calls

None

Variables

None

Stats

MD5	76d0c7d6a416337d711eb35f2893a311
Eval Count	0
Decode Time	59 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats