Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto xqomk; xqomk: if ($_SERVER["\122\105\x51\125\x45\123\124\137\115\105\124\110\..
Decoded Output download
<?php
goto xqomk; xqomk: if ($_SERVER["REQUEST_METHOD"] !== "POST") { header("Location: https://vulpescoder.com"); die; } goto b9Ps8; b9Ps8: if (isset($_POST["email"])) { $email_to_admin = "[email protected]"; $email_subject_customer = "Your purchase from Vulpes"; $email_subject_admin = "New order received"; function died($error) { echo "I am sorry, but there were error(s) found with the form you submitted. "; echo "These errors appear below.<br /><br />"; echo $error . "<br /><br />"; echo "Please go back and fix these errors.<br /><br />"; die; } if (!isset($_POST["email"])) { died("It seems there was an issue with the form submission."); } $email_from = filter_var(trim($_POST["email"]), FILTER_SANITIZE_EMAIL); $txid = isset($_POST["txid"]) ? filter_var(trim($_POST["txid"]), FILTER_SANITIZE_STRING) : ''; $error_message = ''; $email_exp = "/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/"; if (!preg_match($email_exp, $email_from)) { $error_message .= "The Email Address you entered does not appear to be valid.<br />"; } if (strlen($error_message) > 0) { died($error_message); } $order_id = bin2hex(random_bytes(16)); $email_message_customer = "Thank you for your purchase from Vulpes.
\xa"; $email_message_customer .= "Your order ID: " . $order_id . "\xa"; $email_message_customer .= "To buy more, visit www.vulpescoder.com\xa"; function clean_string($string) { return htmlspecialchars(trim($string), ENT_QUOTES, "UTF-8"); } $email_message_admin .= "Email: " . clean_string($email_from) . "\xa"; $email_message_admin .= "Transaction ID/URL: " . clean_string($txid) . "\xa"; $email_message_admin .= "Order ID: " . $order_id . "
"; $headers = "From: [email protected]" . "
" . "Reply-To: [email protected]" . "
\xa" . "X-Mailer: PHP/" . phpversion(); $headers2 = "From: vulpescoder.com" . "
" . "Reply-To: vulpescoder.com" . "
\xa" . "X-Mailer: PHP/" . phpversion(); $customer_email_sent = @mail($email_from, $email_subject_customer, $email_message_customer, $headers); $admin_email_sent = @mail($email_to_admin, $email_subject_admin, $email_message_admin, $headers2); if (!$customer_email_sent || !$admin_email_sent) { died("There was a problem on the server. Please try again later or contact us directly."); header("Location: https://web.telegram.org"); } header("Location: https://web.telegram.org"); die; } goto ocja_; ocja_: ?>
Did this file decode correctly?
Original Code
<?php
goto xqomk; xqomk: if ($_SERVER["\122\105\x51\125\x45\123\124\137\115\105\124\110\x4f\x44"] !== "\x50\117\x53\x54") { header("\x4c\x6f\x63\141\164\x69\157\x6e\x3a\x20\150\164\164\160\x73\x3a\57\57\x76\165\154\160\145\163\143\x6f\144\x65\162\x2e\143\157\x6d"); die; } goto b9Ps8; b9Ps8: if (isset($_POST["\145\155\x61\x69\154"])) { $email_to_admin = "\166\x75\x6c\x70\x65\x73\141\x67\145\156\x74\100\147\x6d\x61\151\x6c\56\143\x6f\x6d"; $email_subject_customer = "\x59\157\x75\x72\40\x70\x75\x72\143\150\x61\163\145\40\x66\x72\x6f\x6d\40\126\165\154\160\145\x73"; $email_subject_admin = "\x4e\x65\167\x20\157\x72\x64\x65\162\40\162\x65\x63\145\x69\x76\x65\144"; function died($error) { echo "\111\40\141\155\40\x73\157\x72\162\171\x2c\x20\x62\165\164\40\164\x68\x65\162\x65\x20\x77\145\x72\x65\40\x65\x72\x72\157\x72\x28\163\51\40\x66\157\165\156\144\40\167\151\164\150\40\164\150\145\40\x66\x6f\162\x6d\x20\171\157\165\40\x73\165\x62\155\x69\x74\x74\x65\144\56\x20"; echo "\124\150\x65\x73\145\40\x65\162\162\x6f\162\163\x20\x61\x70\x70\x65\141\162\40\142\x65\154\157\167\56\x3c\142\162\40\x2f\x3e\74\142\162\x20\57\x3e"; echo $error . "\x3c\142\x72\40\57\x3e\74\142\x72\x20\57\76"; echo "\120\154\145\141\163\145\x20\147\x6f\40\x62\141\x63\153\40\141\x6e\x64\40\x66\151\170\40\x74\x68\145\163\145\40\x65\x72\162\157\x72\x73\x2e\74\x62\x72\40\x2f\x3e\x3c\x62\162\x20\57\x3e"; die; } if (!isset($_POST["\x65\155\141\151\x6c"])) { died("\x49\x74\40\163\145\x65\155\163\x20\x74\x68\145\162\x65\40\x77\x61\163\40\141\x6e\x20\151\x73\163\165\145\x20\167\x69\x74\150\x20\164\150\x65\x20\x66\x6f\162\155\x20\x73\165\142\155\151\163\x73\x69\x6f\x6e\x2e"); } $email_from = filter_var(trim($_POST["\x65\155\x61\151\154"]), FILTER_SANITIZE_EMAIL); $txid = isset($_POST["\164\x78\151\144"]) ? filter_var(trim($_POST["\164\x78\x69\x64"]), FILTER_SANITIZE_STRING) : ''; $error_message = ''; $email_exp = "\57\x5e\133\x41\55\132\141\55\172\x30\55\71\56\x5f\x25\x2d\135\53\100\133\x41\55\x5a\141\x2d\x7a\x30\55\71\56\x2d\135\53\x5c\x2e\133\x41\x2d\x5a\141\55\172\x5d\x7b\62\x2c\x34\175\x24\x2f"; if (!preg_match($email_exp, $email_from)) { $error_message .= "\124\x68\145\x20\105\155\141\151\154\40\x41\x64\144\x72\x65\163\x73\40\171\x6f\x75\40\145\156\x74\x65\162\145\x64\x20\x64\x6f\x65\163\x20\x6e\x6f\164\40\x61\160\160\x65\x61\162\40\x74\x6f\x20\x62\x65\40\x76\x61\154\x69\x64\x2e\x3c\142\162\x20\x2f\x3e"; } if (strlen($error_message) > 0) { died($error_message); } $order_id = bin2hex(random_bytes(16)); $email_message_customer = "\x54\x68\141\x6e\x6b\x20\171\x6f\165\x20\x66\x6f\162\x20\x79\157\x75\x72\40\160\x75\162\143\150\x61\x73\x65\40\x66\x72\157\155\40\x56\x75\154\x70\145\163\56\12\xa"; $email_message_customer .= "\x59\x6f\165\x72\40\x6f\162\144\145\162\x20\x49\x44\72\40" . $order_id . "\xa"; $email_message_customer .= "\124\157\x20\142\x75\x79\40\x6d\x6f\162\145\54\x20\166\151\x73\x69\x74\x20\x77\x77\167\56\166\165\154\160\x65\x73\143\157\144\145\162\x2e\143\x6f\x6d\xa"; function clean_string($string) { return htmlspecialchars(trim($string), ENT_QUOTES, "\x55\124\x46\x2d\x38"); } $email_message_admin .= "\105\x6d\141\x69\x6c\72\x20" . clean_string($email_from) . "\xa"; $email_message_admin .= "\124\162\141\156\x73\141\x63\164\x69\x6f\156\40\x49\104\57\x55\x52\x4c\72\40" . clean_string($txid) . "\xa"; $email_message_admin .= "\x4f\x72\x64\145\x72\x20\x49\x44\72\40" . $order_id . "\12"; $headers = "\x46\162\x6f\155\72\40\x6e\157\x2d\x72\x65\160\x6c\x79\100\166\x75\x6c\160\145\x73\x63\x6f\144\145\x72\x2e\143\157\x6d" . "\15\12" . "\122\x65\160\x6c\x79\x2d\x54\157\x3a\40\156\x6f\x2d\x72\x65\x70\x6c\x79\x40\166\x75\154\160\145\163\x63\157\x64\145\x72\56\143\157\155" . "\15\xa" . "\x58\x2d\115\141\151\x6c\145\x72\72\40\x50\x48\x50\57" . phpversion(); $headers2 = "\x46\x72\x6f\155\72\40\166\165\154\160\145\x73\143\x6f\x64\x65\x72\56\x63\157\x6d" . "\15\12" . "\122\x65\160\x6c\171\55\124\157\72\x20\166\165\x6c\160\x65\163\143\157\144\x65\162\56\143\x6f\155" . "\15\xa" . "\x58\x2d\x4d\x61\151\154\x65\162\x3a\40\x50\110\x50\x2f" . phpversion(); $customer_email_sent = @mail($email_from, $email_subject_customer, $email_message_customer, $headers); $admin_email_sent = @mail($email_to_admin, $email_subject_admin, $email_message_admin, $headers2); if (!$customer_email_sent || !$admin_email_sent) { died("\124\150\x65\x72\x65\40\x77\x61\x73\40\x61\x20\x70\162\157\142\x6c\145\155\x20\157\x6e\x20\164\150\145\x20\163\145\162\166\145\162\56\x20\x50\154\x65\x61\x73\145\x20\x74\162\171\x20\x61\x67\141\151\156\x20\154\141\x74\x65\162\x20\157\162\x20\143\x6f\156\164\x61\143\164\x20\x75\x73\40\144\151\x72\x65\143\x74\x6c\171\x2e"); header("\x4c\157\x63\141\x74\151\157\x6e\x3a\40\x68\x74\164\x70\x73\x3a\x2f\x2f\x77\145\142\x2e\x74\145\154\x65\147\162\x61\x6d\56\x6f\x72\x67"); } header("\x4c\x6f\143\x61\x74\x69\x6f\x6e\x3a\x20\150\164\x74\x70\x73\x3a\57\x2f\x77\x65\142\x2e\164\x65\x6c\x65\x67\162\x61\155\x2e\157\162\147"); die; } goto ocja_; ocja_: ?>
Function Calls
None |
Stats
MD5 | 81aa1e3694d284cb48fd38a8ab5b1243 |
Eval Count | 0 |
Decode Time | 53 ms |