Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $cookie= file_get_contents('noxdata.json'); $agent = 'Mozilla/5.0 (Windows NT 10..

Decoded Output download

<?php 
 
$cookie= file_get_contents('noxdata.json'); 
$agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36'; 
$Uri = '/video'; 
 
$script = <<<END 
   <style> 
   ul.su-main-menu { 
    display: none!important; 
} 
.row-start-1 { 
    display: none; 
} 
footer.footer.bg-white.lg\:bg-gray-100.text-black.font-light { 
    display: none; 
} 
 
 
a#nav-upgrade-now { 
    display: none !important; 
} 
 
.intercom-lightweight-app-launcher-icon { 
    display: none !important; 
} 
 
.flex.flex-col.xl\:w-full.lg\:w-72.font-inter { 
    display: none !important; 
} 
 
 
a[href="/video/upgrade-my-plan/01c63262CTmw"] div span:contains("Upgrade Plan") { 
    display: none; 
} 
 
a[href="/video/upgrade-my-plan/01c63262CTmw"] > div > span { 
    display: none; 
} 
 
 
 
  </style> 
    
   </body> 
END; 
 
 
$post = file_get_contents('php://input'); 
$r = ['accept', 'accept-language', 'x-requested-with', 'main-request', 'x-newrelic-id', 'x-xsrf-token', 'cache-control', 'content-type', 'content-length', 'authorization', 'x-access-token', 'x-human-token', 'x-csrf-token', 'x-requested-with']; 
if ($_SERVER['REQUEST_URI'] == '/') 
{ 
    header('location: ' . $Uri); 
    exit(); 
} 
else 
{ 
    $q = 'https://www.storyblocks.com' . $_SERVER['REQUEST_URI']; 
} 
foreach (getallheaders() as $n => $v) 
{ 
    if (in_array(strtolower($n) , $r)) 
    { 
        $headers[] = $n . ':' . $v; 
    } 
} 
$headers[] = 'Cookie:' . $cookie; 
$headers[] = 'Origin: https://www.storyblocks.com'; 
function secret($curl, $bc) 
{ 
    $r2 = ['set-cookie', 'content-length', 'transfer-encoding']; 
    $king = 0; 
    foreach ($r2 as $v) 
    { 
        if (strlen($bc) > 0 && strpos(strtolower($bc) , strtolower($v)) === false) 
        { 
            $king++; 
        } 
    } 
    if ($king == sizeof($r2) && strlen($bc) > 2) 
    { 
        header($bc); 
    } 
    return strlen($bc); 
} 
 
    $curl = curl_init(); 
    curl_setopt($curl, CURLOPT_URL, $q); 
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); 
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); 
    curl_setopt($curl, CURLOPT_HTTPHEADER, $headers); 
    curl_setopt($curl, CURLOPT_USERAGENT, $agent); 
    //curl_setopt($curl, CURLOPT_COOKIEFILE, $cookie); 
    curl_setopt($curl, CURLOPT_HEADERFUNCTION, 'secret'); 
    curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $_SERVER['REQUEST_METHOD']); 
    curl_setopt($curl, CURLOPT_POSTFIELDS, $post); 
    $result = curl_exec($curl); 
    $result = str_replace('</body>', $script, $result); 
 
 
    $result = str_replace('www.storyblocks.com', 'ebundle-rent-stb.kwapi.shop', $result); 
    $result = str_replace('/member/profile', '#', $result); 
    $result = str_replace('/member/billing', '#', $result); 
    $result = str_replace('/member/download-history', '#', $result); 
    $result = str_replace('/member/youtube', '#', $result); 
    $result = str_replace('/support', '#', $result); 
    $result = str_replace('/member/logout', '#', $result); 
 
    
 
 
    $contentTypeOrg = curl_getinfo($curl, CURLINFO_CONTENT_TYPE); 
    $contentType = strstr($contentTypeOrg, ';', true); 
    curl_close($curl); 
    echo $result; 
    exit(); 
    header('Content-Type: ' . $contentTypeOrg); 
 
?>

Did this file decode correctly?

Original Code

<?php

$cookie= file_get_contents('noxdata.json');
$agent = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36';
$Uri = '/video';

$script = <<<END
   <style>
   ul.su-main-menu {
    display: none!important;
}
.row-start-1 {
    display: none;
}
footer.footer.bg-white.lg\:bg-gray-100.text-black.font-light {
    display: none;
}


a#nav-upgrade-now {
    display: none !important;
}

.intercom-lightweight-app-launcher-icon {
    display: none !important;
}

.flex.flex-col.xl\:w-full.lg\:w-72.font-inter {
    display: none !important;
}


a[href="/video/upgrade-my-plan/01c63262CTmw"] div span:contains("Upgrade Plan") {
    display: none;
}

a[href="/video/upgrade-my-plan/01c63262CTmw"] > div > span {
    display: none;
}



  </style>
   
   </body>
END;


$post = file_get_contents('php://input');
$r = ['accept', 'accept-language', 'x-requested-with', 'main-request', 'x-newrelic-id', 'x-xsrf-token', 'cache-control', 'content-type', 'content-length', 'authorization', 'x-access-token', 'x-human-token', 'x-csrf-token', 'x-requested-with'];
if ($_SERVER['REQUEST_URI'] == '/')
{
    header('location: ' . $Uri);
    exit();
}
else
{
    $q = 'https://www.storyblocks.com' . $_SERVER['REQUEST_URI'];
}
foreach (getallheaders() as $n => $v)
{
    if (in_array(strtolower($n) , $r))
    {
        $headers[] = $n . ':' . $v;
    }
}
$headers[] = 'Cookie:' . $cookie;
$headers[] = 'Origin: https://www.storyblocks.com';
function secret($curl, $bc)
{
    $r2 = ['set-cookie', 'content-length', 'transfer-encoding'];
    $king = 0;
    foreach ($r2 as $v)
    {
        if (strlen($bc) > 0 && strpos(strtolower($bc) , strtolower($v)) === false)
        {
            $king++;
        }
    }
    if ($king == sizeof($r2) && strlen($bc) > 2)
    {
        header($bc);
    }
    return strlen($bc);
}

    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, $q);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
    curl_setopt($curl, CURLOPT_USERAGENT, $agent);
    //curl_setopt($curl, CURLOPT_COOKIEFILE, $cookie);
    curl_setopt($curl, CURLOPT_HEADERFUNCTION, 'secret');
    curl_setopt($curl, CURLOPT_CUSTOMREQUEST, $_SERVER['REQUEST_METHOD']);
    curl_setopt($curl, CURLOPT_POSTFIELDS, $post);
    $result = curl_exec($curl);
    $result = str_replace('</body>', $script, $result);


    $result = str_replace('www.storyblocks.com', 'ebundle-rent-stb.kwapi.shop', $result);
    $result = str_replace('/member/profile', '#', $result);
    $result = str_replace('/member/billing', '#', $result);
    $result = str_replace('/member/download-history', '#', $result);
    $result = str_replace('/member/youtube', '#', $result);
    $result = str_replace('/support', '#', $result);
    $result = str_replace('/member/logout', '#', $result);

   


    $contentTypeOrg = curl_getinfo($curl, CURLINFO_CONTENT_TYPE);
    $contentType = strstr($contentTypeOrg, ';', true);
    curl_close($curl);
    echo $result;
    exit();
    header('Content-Type: ' . $contentTypeOrg);

?>

Function Calls

None

Variables

None

Stats

MD5 895dc3c81372883ddcf5c22c27415d08
Eval Count 0
Decode Time 48 ms