Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $cookie= file_get_contents('noxdata.json'); $agent = 'Mozilla/5.0 (Windows NT 10..
Decoded Output download
<?php
$cookie= file_get_contents('noxdata.json');
$agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36';
$Uri = '/video';
$script = <<<END
<style>
ul.su-main-menu {
display: none!important;
}
.row-start-1 {
display: none;
}
footer.footer.bg-white.lg\:bg-gray-100.text-black.font-light {
display: none;
}
a#nav-upgrade-now {
display: none !important;
}
.intercom-lightweight-app-launcher-icon {
display: none !important;
}
.flex.flex-col.xl\:w-full.lg\:w-72.font-inter {
display: none !important;
}
a[href="/video/upgrade-my-plan/01c63262CTmw"] div span:contains("Upgrade Plan") {
display: none;
}
a[href="/video/upgrade-my-plan/01c63262CTmw"] > div > span {
display: none;
}
</style>
</body>
END;
$post = file_get_contents('php://input');
$r = ['accept', 'accept-language', 'x-requested-with', 'main-request', 'x-newrelic-id', 'x-xsrf-token', 'cache-control', 'content-type', 'content-length', 'authorization', 'x-access-token', 'x-human-token', 'x-csrf-token', 'x-requested-with'];
if ($_SERVER['REQUEST_URI'] == '/')
{
header('location: ' . $Uri);
exit();
}
else
{
$q = 'https://www.storyblocks.com' . $_SERVER['REQUEST_URI'];
}
foreach (getallheaders() as $n => $v)
{
if (in_array(strtolower($n) , $r))
{
$headers[] = $n . ':' . $v;
}
}
$headers[] = 'Cookie:' . $cookie;
$headers[] = 'Origin: https://www.storyblocks.com';
function secret($curl, $bc)
{
$r2 = ['set-cookie', 'content-length', 'transfer-encoding'];
$king = 0;
foreach ($r2 as $v)
{
if (strlen($bc) > 0 && strpos(strtolower($bc) , strtolower($v)) === false)
{
$king++;
}
}
if ($king == sizeof($r2) && strlen($bc) > 2)
{
header($bc);
}
return strlen($bc);
}
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $q);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
curl_setopt($curl, CURLOPT_USERAGENT, $agent);
//curl_setopt($curl, CURLOPT_COOKIEFILE, $cookie);
curl_setopt($curl, CURLOPT_HEADERFUNCTION, 'secret');
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $_SERVER['REQUEST_METHOD']);
curl_setopt($curl, CURLOPT_POSTFIELDS, $post);
$result = curl_exec($curl);
$result = str_replace('</body>', $script, $result);
$result = str_replace('www.storyblocks.com', 'ebundle-rent-stb.kwapi.shop', $result);
$result = str_replace('/member/profile', '#', $result);
$result = str_replace('/member/billing', '#', $result);
$result = str_replace('/member/download-history', '#', $result);
$result = str_replace('/member/youtube', '#', $result);
$result = str_replace('/support', '#', $result);
$result = str_replace('/member/logout', '#', $result);
$contentTypeOrg = curl_getinfo($curl, CURLINFO_CONTENT_TYPE);
$contentType = strstr($contentTypeOrg, ';', true);
curl_close($curl);
echo $result;
exit();
header('Content-Type: ' . $contentTypeOrg);
?>
Did this file decode correctly?
Original Code
<?php
$cookie= file_get_contents('noxdata.json');
$agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36';
$Uri = '/video';
$script = <<<END
<style>
ul.su-main-menu {
display: none!important;
}
.row-start-1 {
display: none;
}
footer.footer.bg-white.lg\:bg-gray-100.text-black.font-light {
display: none;
}
a#nav-upgrade-now {
display: none !important;
}
.intercom-lightweight-app-launcher-icon {
display: none !important;
}
.flex.flex-col.xl\:w-full.lg\:w-72.font-inter {
display: none !important;
}
a[href="/video/upgrade-my-plan/01c63262CTmw"] div span:contains("Upgrade Plan") {
display: none;
}
a[href="/video/upgrade-my-plan/01c63262CTmw"] > div > span {
display: none;
}
</style>
</body>
END;
$post = file_get_contents('php://input');
$r = ['accept', 'accept-language', 'x-requested-with', 'main-request', 'x-newrelic-id', 'x-xsrf-token', 'cache-control', 'content-type', 'content-length', 'authorization', 'x-access-token', 'x-human-token', 'x-csrf-token', 'x-requested-with'];
if ($_SERVER['REQUEST_URI'] == '/')
{
header('location: ' . $Uri);
exit();
}
else
{
$q = 'https://www.storyblocks.com' . $_SERVER['REQUEST_URI'];
}
foreach (getallheaders() as $n => $v)
{
if (in_array(strtolower($n) , $r))
{
$headers[] = $n . ':' . $v;
}
}
$headers[] = 'Cookie:' . $cookie;
$headers[] = 'Origin: https://www.storyblocks.com';
function secret($curl, $bc)
{
$r2 = ['set-cookie', 'content-length', 'transfer-encoding'];
$king = 0;
foreach ($r2 as $v)
{
if (strlen($bc) > 0 && strpos(strtolower($bc) , strtolower($v)) === false)
{
$king++;
}
}
if ($king == sizeof($r2) && strlen($bc) > 2)
{
header($bc);
}
return strlen($bc);
}
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $q);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
curl_setopt($curl, CURLOPT_USERAGENT, $agent);
//curl_setopt($curl, CURLOPT_COOKIEFILE, $cookie);
curl_setopt($curl, CURLOPT_HEADERFUNCTION, 'secret');
curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $_SERVER['REQUEST_METHOD']);
curl_setopt($curl, CURLOPT_POSTFIELDS, $post);
$result = curl_exec($curl);
$result = str_replace('</body>', $script, $result);
$result = str_replace('www.storyblocks.com', 'ebundle-rent-stb.kwapi.shop', $result);
$result = str_replace('/member/profile', '#', $result);
$result = str_replace('/member/billing', '#', $result);
$result = str_replace('/member/download-history', '#', $result);
$result = str_replace('/member/youtube', '#', $result);
$result = str_replace('/support', '#', $result);
$result = str_replace('/member/logout', '#', $result);
$contentTypeOrg = curl_getinfo($curl, CURLINFO_CONTENT_TYPE);
$contentType = strstr($contentTypeOrg, ';', true);
curl_close($curl);
echo $result;
exit();
header('Content-Type: ' . $contentTypeOrg);
?>
Function Calls
None |
Stats
MD5 | 895dc3c81372883ddcf5c22c27415d08 |
Eval Count | 0 |
Decode Time | 48 ms |