Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php eval(base64_decode('CiBnb3RvIGdGbXRKOyBnRm10SjogZnVuY3Rpb24gcm9vdERvbWFpbk5hbWUoJHVy..

Decoded Output download


 goto gFmtJ; gFmtJ: function rootDomainName($url) { $pieces = parse_url($url); $domain = isset($pieces["\x68\157\163\x74"]) ? $pieces["\x68\x6f\163\164"] : $pieces["\160\141\164\150"]; if (preg_match("\57\x28\x3f\x50\x3c\x64\x6f\155\x61\x69\x6e\x3e\133\x61\55\172\x30\x2d\71\135\133\141\x2d\172\60\x2d\71\x5c\55\135\x7b\x31\54\66\63\x7d\x5c\x2e\x5b\x61\x2d\172\134\x2e\x5d\173\x32\x2c\66\175\x29\44\x2f\151", $domain, $regs)) { return $regs["\x64\x6f\x6d\x61\151\x6e"]; } return false; } goto f08Vf; QKwtS: function checkDomain($url) { include_once "\143\157\x6e\146\x69\147\x2e\160\x68\160"; $data = array("\x63\x68\145\x63\x6b" => "\x73\x74\x61\164\x75\163\144\157\155\141\151\156", "\x75\162\x6c" => $url); $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, YOURLS_ENDPOINT_CHECKDOMAIN); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($data)); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($curl); $err = curl_error($curl); curl_close($curl); if ($err) { $response = array(); } else { $response = json_decode($response); $response = array("\163\x74\x61\x74\165\163" => $response->data->status, "\165\162\154" => $response->data->url); } return $response; } goto zRri1; gzC0S: function randDomain($url = "\x67\157\157\147\154\x65\56\x63\x6f\155") { include "\x77\x6f\x72\144\56\160\150\160"; $count = file_get_contents("\x63\x6f\165\x6e\x74\x2e\x74\170\x74"); $key = array_rand($word, 2); $random = $word[$key[0]]; $rand = $random . '' . dechex($count); return $rand . "\x2e" . rootDomainName($url); } goto ZcbOZ; f08Vf: function domainName($url) { $result = parse_url($url); return $result["\150\157\163\x74"]; } goto gzC0S; ZcbOZ: function clearDomain($domain) { if (str_contains($domain, "\150\x74\164\160\163\x3a\57\x2f")) { $url = str_replace("\150\x74\x74\x70\163\72\57\57", '', $domain); } else { if (str_contains($domain, "\x68\164\164\x70\72\x2f\x2f")) { $url = str_replace("\x68\x74\x74\160\x3a\x2f\57", '', $domain); } else { $url = $domain; } } if (str_contains($url, "\x2f")) { $url = explode("\x2f", $url); $url = $url[0]; } return checkDomain($url); } goto QKwtS; zRri1: function sendReport($data) { include_once "\143\157\156\146\151\x67\x2e\160\x68\160"; $token = YOURLS_BOTTOKEN_REPORT; if (empty($data)) { return true; } $message = "\103\x44\116\x58\40\120\145\162\x75\x62\x61\150\141\x6e\40\104\x6f\155\141\151\x6e\40\x3a\x20\12"; foreach ($data as $key => $data) { $message .= "\75\75\75\75\x3d\x3d\75\75\75\75\xa"; $message .= "\124\151\x74\x6c\145\40\x3a\x20" . $data["\x74\151\x74\154\x65"] . "\xa"; $message .= "\125\x70\x64\x61\164\x65\144\40\x41\x74\40\x3a\40" . $data["\x75\160\144\141\164\x65\x64\x5f\x61\164"] . "\xa"; $message .= "\x49\104\x20\72\40" . $data["\163\150\157\x72\x74\x75\162\x6c"] . "\xa"; $message .= "\117\154\144\40\72\40" . $data["\157\x6c\x64\165\x72\154"] . "\40\50\xf0\x9f\232\xab\x69\160\x6f\163\x29\12"; $message .= "\x4e\x65\167\x20\72\x20" . $data["\156\x65\167\x75\162\x6c"] . "\x20\x28\xe2\x9c\205\xef\270\217\x6f\153\x29\12"; $message .= "\75\x3d\75\x3d\75\x3d\75\x3d\75\75\xa"; } $message .= "\xa"; $message .= "\112\x69\153\x61\40\x61\x64\x61\x20\x6b\145\x6e\144\x61\154\x61\x20\x68\x75\142\x75\x6e\147\x69\x20\x40\170\145\156\144\145\x76\40\57\x20\100\102\x61\x6b\165\x6e\x63\151\x61\x6e\147\40\12"; $url = "\150\164\x74\x70\163\x3a\57\x2f\x61\160\x69\56\x74\x65\x6c\145\147\162\x61\x6d\56\157\162\x67\x2f\x62\157\x74" . $token . "\57\163\x65\x6e\144\115\145\x73\x73\141\147\x65"; $data = array("\143\x68\x61\x74\x5f\151\x64" => "\x2d\x31\60\x30\62\63\60\61\x39\67\61\x38\x33\x32", "\164\145\170\164" => $message, "\160\x61\x72\163\x65\137\x6d\x6f\144\x65" => "\x48\x54\115\114"); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data)); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); if (curl_errno($ch)) { $error_msg = curl_error($ch); curl_close($ch); return json_encode(array("\145\162\162\157\162" => $error_msg)); } $http_code_message = curl_getinfo($ch, CURLINFO_HTTP_CODE); if ($http_code_message >= 200 && $http_code_message < 300) { $result = json_decode($response, true); if ($result["\157\153"]) { $result = json_encode(array("\163\165\143\x63\x65\163\163" => $result["\x6f\x6b"])); } else { $result = json_encode(array("\145\x72\x72\157\x72" => $result)); } } else { $result = json_encode(array("\145\162\x72\157\x72" => "\x48\124\124\x50\x20\145\162\162\157\162\x20" . $http_code_message)); } curl_close($ch); return $result;

Did this file decode correctly?

Original Code

<?php eval(base64_decode('CiBnb3RvIGdGbXRKOyBnRm10SjogZnVuY3Rpb24gcm9vdERvbWFpbk5hbWUoJHVybCkgeyAkcGllY2VzID0gcGFyc2VfdXJsKCR1cmwpOyAkZG9tYWluID0gaXNzZXQoJHBpZWNlc1siXHg2OFwxNTdcMTYzXHg3NCJdKSA/ICRwaWVjZXNbIlx4NjhceDZmXDE2M1wxNjQiXSA6ICRwaWVjZXNbIlwxNjBcMTQxXDE2NFwxNTAiXTsgaWYgKHByZWdfbWF0Y2goIlw1N1x4MjhceDNmXHg1MFx4M2NceDY0XHg2ZlwxNTVceDYxXHg2OVx4NmVceDNlXDEzM1x4NjFcNTVcMTcyXHgzMFx4MmRcNzFcMTM1XDEzM1wxNDFceDJkXDE3Mlw2MFx4MmRcNzFceDVjXDU1XDEzNVx4N2JceDMxXDU0XDY2XDYzXHg3ZFx4NWNceDJlXHg1Ylx4NjFceDJkXDE3MlwxMzRceDJlXHg1ZFwxNzNceDMyXHgyY1w2NlwxNzVceDI5XDQ0XHgyZlwxNTEiLCAkZG9tYWluLCAkcmVncykpIHsgcmV0dXJuICRyZWdzWyJceDY0XHg2Zlx4NmRceDYxXDE1MVx4NmUiXTsgfSByZXR1cm4gZmFsc2U7IH0gZ290byBmMDhWZjsgUUt3dFM6IGZ1bmN0aW9uIGNoZWNrRG9tYWluKCR1cmwpIHsgaW5jbHVkZV9vbmNlICJcMTQzXDE1N1x4NmVcMTQ2XHg2OVwxNDdceDJlXDE2MFx4NjhcMTYwIjsgJGRhdGEgPSBhcnJheSgiXHg2M1x4NjhcMTQ1XHg2M1x4NmIiID0+ICJceDczXHg3NFx4NjFcMTY0XHg3NVwxNjNcMTQ0XDE1N1wxNTVcMTQxXDE1MVwxNTYiLCAiXHg3NVwxNjJceDZjIiA9PiAkdXJsKTsgJGN1cmwgPSBjdXJsX2luaXQoKTsgY3VybF9zZXRvcHQoJGN1cmwsIENVUkxPUFRfVVJMLCBZT1VSTFNfRU5EUE9JTlRfQ0hFQ0tET01BSU4pOyBjdXJsX3NldG9wdCgkY3VybCwgQ1VSTE9QVF9QT1NULCB0cnVlKTsgY3VybF9zZXRvcHQoJGN1cmwsIENVUkxPUFRfUE9TVEZJRUxEUywgaHR0cF9idWlsZF9xdWVyeSgkZGF0YSkpOyBjdXJsX3NldG9wdCgkY3VybCwgQ1VSTE9QVF9SRVRVUk5UUkFOU0ZFUiwgdHJ1ZSk7ICRyZXNwb25zZSA9IGN1cmxfZXhlYygkY3VybCk7ICRlcnIgPSBjdXJsX2Vycm9yKCRjdXJsKTsgY3VybF9jbG9zZSgkY3VybCk7IGlmICgkZXJyKSB7ICRyZXNwb25zZSA9IGFycmF5KCk7IH0gZWxzZSB7ICRyZXNwb25zZSA9IGpzb25fZGVjb2RlKCRyZXNwb25zZSk7ICRyZXNwb25zZSA9IGFycmF5KCJcMTYzXHg3NFx4NjFceDc0XDE2NVwxNjMiID0+ICRyZXNwb25zZS0+ZGF0YS0+c3RhdHVzLCAiXDE2NVwxNjJcMTU0IiA9PiAkcmVzcG9uc2UtPmRhdGEtPnVybCk7IH0gcmV0dXJuICRyZXNwb25zZTsgfSBnb3RvIHpScmkxOyBnekMwUzogZnVuY3Rpb24gcmFuZERvbWFpbigkdXJsID0gIlx4NjdcMTU3XDE1N1wxNDdcMTU0XHg2NVw1Nlx4NjNceDZmXDE1NSIpIHsgaW5jbHVkZSAiXHg3N1x4NmZceDcyXDE0NFw1NlwxNjBcMTUwXDE2MCI7ICRjb3VudCA9IGZpbGVfZ2V0X2NvbnRlbnRzKCJceDYzXHg2ZlwxNjVceDZlXHg3NFx4MmVceDc0XDE3MFx4NzQiKTsgJGtleSA9IGFycmF5X3JhbmQoJHdvcmQsIDIpOyAkcmFuZG9tID0gJHdvcmRbJGtleVswXV07ICRyYW5kID0gJHJhbmRvbSAuICcnIC4gZGVjaGV4KCRjb3VudCk7IHJldHVybiAkcmFuZCAuICJceDJlIiAuIHJvb3REb21haW5OYW1lKCR1cmwpOyB9IGdvdG8gWmNiT1o7IGYwOFZmOiBmdW5jdGlvbiBkb21haW5OYW1lKCR1cmwpIHsgJHJlc3VsdCA9IHBhcnNlX3VybCgkdXJsKTsgcmV0dXJuICRyZXN1bHRbIlwxNTBcMTU3XDE2M1x4NzQiXTsgfSBnb3RvIGd6QzBTOyBaY2JPWjogZnVuY3Rpb24gY2xlYXJEb21haW4oJGRvbWFpbikgeyBpZiAoc3RyX2NvbnRhaW5zKCRkb21haW4sICJcMTUwXHg3NFwxNjRcMTYwXDE2M1x4M2FcNTdceDJmIikpIHsgJHVybCA9IHN0cl9yZXBsYWNlKCJcMTUwXHg3NFx4NzRceDcwXDE2M1w3Mlw1N1w1NyIsICcnLCAkZG9tYWluKTsgfSBlbHNlIHsgaWYgKHN0cl9jb250YWlucygkZG9tYWluLCAiXHg2OFwxNjRcMTY0XHg3MFw3Mlx4MmZceDJmIikpIHsgJHVybCA9IHN0cl9yZXBsYWNlKCJceDY4XHg3NFx4NzRcMTYwXHgzYVx4MmZcNTciLCAnJywgJGRvbWFpbik7IH0gZWxzZSB7ICR1cmwgPSAkZG9tYWluOyB9IH0gaWYgKHN0cl9jb250YWlucygkdXJsLCAiXHgyZiIpKSB7ICR1cmwgPSBleHBsb2RlKCJceDJmIiwgJHVybCk7ICR1cmwgPSAkdXJsWzBdOyB9IHJldHVybiBjaGVja0RvbWFpbigkdXJsKTsgfSBnb3RvIFFLd3RTOyB6UnJpMTogZnVuY3Rpb24gc2VuZFJlcG9ydCgkZGF0YSkgeyBpbmNsdWRlX29uY2UgIlwxNDNcMTU3XDE1NlwxNDZcMTUxXHg2N1x4MmVcMTYwXHg2OFwxNjAiOyAkdG9rZW4gPSBZT1VSTFNfQk9UVE9LRU5fUkVQT1JUOyBpZiAoZW1wdHkoJGRhdGEpKSB7IHJldHVybiB0cnVlOyB9ICRtZXNzYWdlID0gIlwxMDNceDQ0XDExNlx4NThcNDBcMTIwXDE0NVwxNjJceDc1XHg2Mlx4NjFcMTUwXDE0MVx4NmVcNDBcMTA0XHg2ZlwxNTVcMTQxXDE1MVx4NmVcNDBceDNhXHgyMFwxMiI7IGZvcmVhY2ggKCRkYXRhIGFzICRrZXkgPT4gJGRhdGEpIHsgJG1lc3NhZ2UgLj0gIlw3NVw3NVw3NVw3NVx4M2RceDNkXDc1XDc1XDc1XDc1XHhhIjsgJG1lc3NhZ2UgLj0gIlwxMjRcMTUxXHg3NFx4NmNcMTQ1XDQwXHgzYVx4MjAiIC4gJGRhdGFbIlx4NzRcMTUxXHg3NFwxNTRceDY1Il0gLiAiXHhhIjsgJG1lc3NhZ2UgLj0gIlwxMjVceDcwXHg2NFx4NjFcMTY0XHg2NVwxNDRcNDBceDQxXHg3NFw0MFx4M2FcNDAiIC4gJGRhdGFbIlx4NzVcMTYwXDE0NFwxNDFcMTY0XHg2NVx4NjRceDVmXHg2MVwxNjQiXSAuICJceGEiOyAkbWVzc2FnZSAuPSAiXHg0OVwxMDRceDIwXDcyXDQwIiAuICRkYXRhWyJcMTYzXDE1MFwxNTdceDcyXHg3NFx4NzVcMTYyXHg2YyJdIC4gIlx4YSI7ICRtZXNzYWdlIC49ICJcMTE3XDE1NFwxNDRcNDBcNzJcNDAiIC4gJGRhdGFbIlwxNTdceDZjXHg2NFwxNjVceDcyXDE1NCJdIC4gIlw0MFw1MFx4ZjBceDlmXDIzMlx4YWJceDY5XDE2MFx4NmZcMTYzXHgyOVwxMiI7ICRtZXNzYWdlIC49ICJceDRlXHg2NVwxNjdceDIwXDcyXHgyMCIgLiAkZGF0YVsiXDE1Nlx4NjVcMTY3XHg3NVwxNjJceDZjIl0gLiAiXHgyMFx4MjhceGUyXHg5Y1wyMDVceGVmXDI3MFwyMTdceDZmXDE1M1x4MjlcMTIiOyAkbWVzc2FnZSAuPSAiXDc1XHgzZFw3NVx4M2RcNzVceDNkXDc1XHgzZFw3NVw3NVx4YSI7IH0gJG1lc3NhZ2UgLj0gIlx4YSI7ICRtZXNzYWdlIC49ICJcMTEyXHg2OVwxNTNceDYxXDQwXHg2MVx4NjRceDYxXHgyMFx4NmJcMTQ1XHg2ZVwxNDRceDYxXDE1NFx4NjFceDIwXHg2OFx4NzVcMTQyXHg3NVx4NmVcMTQ3XHg2OVx4MjBceDQwXDE3MFwxNDVcMTU2XDE0NFwxNDVceDc2XDQwXDU3XHgyMFwxMDBcMTAyXHg2MVx4NmJcMTY1XHg2ZVx4NjNcMTUxXHg2MVx4NmVcMTQ3XDQwXDEyIjsgJHVybCA9ICJcMTUwXDE2NFx4NzRceDcwXDE2M1x4M2FcNTdceDJmXHg2MVwxNjBceDY5XDU2XHg3NFx4NjVceDZjXDE0NVwxNDdcMTYyXHg2MVx4NmRcNTZcMTU3XDE2Mlx4NjdceDJmXHg2MlwxNTdceDc0IiAuICR0b2tlbiAuICJcNTdcMTYzXHg2NVx4NmVcMTQ0XDExNVwxNDVceDczXHg3M1wxNDFcMTQ3XHg2NSI7ICRkYXRhID0gYXJyYXkoIlwxNDNceDY4XHg2MVx4NzRceDVmXDE1MVx4NjQiID0+ICJceDJkXHgzMVw2MFx4MzBcNjJcNjNcNjBcNjFceDM5XDY3XDYxXHgzOFx4MzNceDMyIiwgIlwxNjRcMTQ1XDE3MFwxNjQiID0+ICRtZXNzYWdlLCAiXDE2MFx4NjFceDcyXDE2M1x4NjVcMTM3XHg2ZFx4NmZcMTQ0XHg2NSIgPT4gIlx4NDhceDU0XDExNVwxMTQiKTsgJGNoID0gY3VybF9pbml0KCk7IGN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9VUkwsICR1cmwpOyBjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUE9TVCwgdHJ1ZSk7IGN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9QT1NURklFTERTLCBodHRwX2J1aWxkX3F1ZXJ5KCRkYXRhKSk7IGN1cmxfc2V0b3B0KCRjaCwgQ1VSTE9QVF9SRVRVUk5UUkFOU0ZFUiwgdHJ1ZSk7ICRyZXNwb25zZSA9IGN1cmxfZXhlYygkY2gpOyBpZiAoY3VybF9lcnJubygkY2gpKSB7ICRlcnJvcl9tc2cgPSBjdXJsX2Vycm9yKCRjaCk7IGN1cmxfY2xvc2UoJGNoKTsgcmV0dXJuIGpzb25fZW5jb2RlKGFycmF5KCJcMTQ1XDE2MlwxNjJcMTU3XDE2MiIgPT4gJGVycm9yX21zZykpOyB9ICRodHRwX2NvZGVfbWVzc2FnZSA9IGN1cmxfZ2V0aW5mbygkY2gsIENVUkxJTkZPX0hUVFBfQ09ERSk7IGlmICgkaHR0cF9jb2RlX21lc3NhZ2UgPj0gMjAwICYmICRodHRwX2NvZGVfbWVzc2FnZSA8IDMwMCkgeyAkcmVzdWx0ID0ganNvbl9kZWNvZGUoJHJlc3BvbnNlLCB0cnVlKTsgaWYgKCRyZXN1bHRbIlwxNTdcMTUzIl0pIHsgJHJlc3VsdCA9IGpzb25fZW5jb2RlKGFycmF5KCJcMTYzXDE2NVwxNDNceDYzXHg2NVwxNjNcMTYzIiA9PiAkcmVzdWx0WyJceDZmXHg2YiJdKSk7IH0gZWxzZSB7ICRyZXN1bHQgPSBqc29uX2VuY29kZShhcnJheSgiXDE0NVx4NzJceDcyXDE1N1x4NzIiID0+ICRyZXN1bHQpKTsgfSB9IGVsc2UgeyAkcmVzdWx0ID0ganNvbl9lbmNvZGUoYXJyYXkoIlwxNDVcMTYyXHg3MlwxNTdceDcyIiA9PiAiXHg0OFwxMjRcMTI0XHg1MFx4MjBcMTQ1XDE2MlwxNjJcMTU3XDE2Mlx4MjAiIC4gJGh0dHBfY29kZV9tZXNzYWdlKSk7IH0gY3VybF9jbG9zZSgkY2gpOyByZXR1cm4gJHJlc3VsdDs=')); ?>

Function Calls

base64_decode 1

Variables

None

Stats

MD5 8454ab9b30e4bd8f9eb8a6997f50cc84
Eval Count 1
Decode Time 86 ms