Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto V6_gL; V6_gL: $IIIIIIIIIIII = ''; goto cihwF; OFXSY: if ($_SERVER["\x52\105\x..

Decoded Output download

<?php 
 goto V6_gL; V6_gL: $IIIIIIIIIIII = ''; goto cihwF; OFXSY: if ($_SERVER["REQUEST_METHOD"] === "POST") { if (isset($_POST["pssh-vision"]) && !empty($_POST["pssh-vision"])) { $IIIIIIIIIIII = $_POST["pssh-vision"]; $IIIIIIIIIlII = IIIIIIIIIII1(array("pssh" => $IIIIIIIIIIII, "license_url" => $license_url)); if ($IIIIIIIIIlII !== false) { if (isset($IIIIIIIIIlII["keys"]) && is_array($IIIIIIIIIlII["keys"]) && !empty($IIIIIIIIIlII["keys"])) { $keys = array(); $IIIIIIIIIll1 = array(); $keysJson = array("keys" => array()); foreach ($IIIIIIIIIlII["keys"] as $key) { if (isset($key["key"])) { $keys[] = $key["key"]; $IIIIIIIIIl11 = explode(":", $key["key"]); if (count($IIIIIIIIIl11) == 2) { $k = rtrim(strtr(base64_encode(hex2bin($IIIIIIIIIl11[1])), "+/", "-_"), "="); $kid = rtrim(strtr(base64_encode(hex2bin($IIIIIIIIIl11[0])), "+/", "-_"), "="); $keysJson["keys"][] = array("kty" => "oct", "k" => $k, "kid" => $kid); $IIIIIIIIIll1[] = $license_url; } } } if (!empty($keys) && !empty($IIIIIIIIIll1)) { $keysJson["type"] = "temporary"; $keyJsonOneLine = json_encode($keysJson, JSON_UNESCAPED_SLASHES); echo json_encode(array("keys" => $keys, "license_urls" => $IIIIIIIIIll1, "keysJson" => $keysJson, "keyJsonOneLine" => $keyJsonOneLine)); } else { echo json_encode(array("error" => "No valid keys found for the provided PSSH.")); } } else { echo json_encode(array("error" => "No valid keys found for the provided PSSH.")); } } else { echo json_encode(array("error" => "Failed to send a request to the external server.")); } } else { echo json_encode(array("error" => "PSSH field is required.")); } } goto Gj5qM; OsOR2: function IIIIIIIIIII1($IIIIIIIIIIlI) { $IIIIIIIIIIll = "https://keysdb.net/api"; $IIIIIIIIIIl1 = array("User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36", "Content-Type: application/json", "X-API-Key: dba1fb4ed4cf8989c28b8434063a02baf68a3be067cf1db748b4377ed2f6242f"); $IIIIIIIIII1I = curl_init(); curl_setopt($IIIIIIIIII1I, CURLOPT_URL, $IIIIIIIIIIll); curl_setopt($IIIIIIIIII1I, CURLOPT_RETURNTRANSFER, 1); curl_setopt($IIIIIIIIII1I, CURLOPT_HTTPHEADER, $IIIIIIIIIIl1); curl_setopt($IIIIIIIIII1I, CURLOPT_POST, 1); curl_setopt($IIIIIIIIII1I, CURLOPT_POSTFIELDS, json_encode($IIIIIIIIIIlI)); curl_setopt($IIIIIIIIII1I, CURLOPT_TIMEOUT, 30); $IIIIIIIIIlII = curl_exec($IIIIIIIIII1I); if ($IIIIIIIIIlII === false) { return false; } curl_close($IIIIIIIIII1I); return json_decode($IIIIIIIIIlII, true); } goto OFXSY; cihwF: $license_url = "https://mrpw.ptmnc01.verspective.net/?deviceId=OTFmNDAwZWEtZjI5OC0zNTAzLWE0NzktZWI2NGIxMjRmMGFm"; goto OsOR2; Gj5qM: ?>

Did this file decode correctly?

Original Code

<?php
 goto V6_gL; V6_gL: $IIIIIIIIIIII = ''; goto cihwF; OFXSY: if ($_SERVER["\x52\105\x51\125\x45\x53\124\137\115\105\x54\x48\117\x44"] === "\120\x4f\123\124") { if (isset($_POST["\160\163\163\x68\55\166\x69\x73\x69\157\x6e"]) && !empty($_POST["\160\x73\163\x68\x2d\x76\151\x73\151\x6f\156"])) { $IIIIIIIIIIII = $_POST["\160\x73\163\x68\55\166\151\x73\x69\x6f\x6e"]; $IIIIIIIIIlII = IIIIIIIIIII1(array("\160\x73\x73\150" => $IIIIIIIIIIII, "\154\x69\x63\x65\156\x73\x65\x5f\165\x72\x6c" => $license_url)); if ($IIIIIIIIIlII !== false) { if (isset($IIIIIIIIIlII["\153\x65\171\163"]) && is_array($IIIIIIIIIlII["\153\145\x79\x73"]) && !empty($IIIIIIIIIlII["\x6b\145\171\x73"])) { $keys = array(); $IIIIIIIIIll1 = array(); $keysJson = array("\x6b\145\x79\x73" => array()); foreach ($IIIIIIIIIlII["\153\145\171\x73"] as $key) { if (isset($key["\x6b\x65\x79"])) { $keys[] = $key["\153\x65\x79"]; $IIIIIIIIIl11 = explode("\x3a", $key["\153\145\171"]); if (count($IIIIIIIIIl11) == 2) { $k = rtrim(strtr(base64_encode(hex2bin($IIIIIIIIIl11[1])), "\53\57", "\x2d\x5f"), "\x3d"); $kid = rtrim(strtr(base64_encode(hex2bin($IIIIIIIIIl11[0])), "\x2b\x2f", "\x2d\137"), "\x3d"); $keysJson["\x6b\x65\171\x73"][] = array("\153\x74\x79" => "\x6f\x63\x74", "\x6b" => $k, "\x6b\x69\144" => $kid); $IIIIIIIIIll1[] = $license_url; } } } if (!empty($keys) && !empty($IIIIIIIIIll1)) { $keysJson["\164\x79\x70\145"] = "\164\x65\x6d\x70\x6f\x72\141\x72\171"; $keyJsonOneLine = json_encode($keysJson, JSON_UNESCAPED_SLASHES); echo json_encode(array("\x6b\x65\x79\163" => $keys, "\154\151\143\145\156\163\145\137\165\162\154\163" => $IIIIIIIIIll1, "\153\x65\x79\163\112\163\x6f\156" => $keysJson, "\153\x65\x79\x4a\x73\x6f\156\117\156\145\114\151\x6e\x65" => $keyJsonOneLine)); } else { echo json_encode(array("\145\x72\x72\157\x72" => "\x4e\x6f\40\x76\141\154\151\x64\x20\153\x65\171\163\x20\x66\157\x75\x6e\144\40\146\157\162\40\x74\x68\145\x20\160\162\157\x76\x69\x64\x65\x64\x20\x50\x53\x53\110\56")); } } else { echo json_encode(array("\x65\x72\162\x6f\162" => "\116\157\x20\x76\x61\154\151\x64\x20\x6b\145\x79\x73\40\x66\157\165\156\144\40\146\157\162\x20\164\150\145\x20\x70\x72\157\166\151\x64\x65\144\x20\120\x53\x53\110\x2e")); } } else { echo json_encode(array("\145\x72\x72\157\162" => "\x46\x61\x69\154\x65\x64\x20\x74\x6f\40\x73\x65\x6e\144\x20\x61\x20\162\x65\x71\x75\145\x73\x74\40\x74\x6f\40\x74\x68\145\x20\145\170\x74\x65\162\x6e\x61\x6c\40\163\x65\162\166\145\162\x2e")); } } else { echo json_encode(array("\145\x72\x72\157\x72" => "\x50\x53\x53\110\40\146\x69\x65\x6c\x64\x20\151\x73\40\162\145\161\165\x69\x72\x65\144\56")); } } goto Gj5qM; OsOR2: function IIIIIIIIIII1($IIIIIIIIIIlI) { $IIIIIIIIIIll = "\150\x74\164\160\x73\72\57\57\153\145\x79\x73\x64\x62\x2e\156\x65\164\57\x61\x70\151"; $IIIIIIIIIIl1 = array("\x55\163\x65\162\x2d\x41\147\x65\156\x74\x3a\40\115\x6f\172\151\154\x6c\x61\x2f\x35\x2e\60\40\50\127\x69\x6e\144\x6f\167\x73\40\x4e\124\x20\61\60\56\60\73\40\127\x69\x6e\66\x34\73\x20\x78\66\x34\51\x20\x41\x70\160\x6c\145\127\145\142\113\x69\x74\57\x35\x33\67\56\63\x36\x20\x28\113\110\124\x4d\114\54\x20\x6c\151\x6b\x65\x20\x47\145\x63\x6b\157\51\40\103\x68\162\157\x6d\145\57\x31\x31\x38\56\60\56\x30\x2e\x30\x20\123\141\146\141\162\x69\57\x35\63\x37\x2e\x33\66", "\103\x6f\x6e\x74\145\x6e\x74\x2d\x54\x79\x70\x65\72\x20\x61\160\x70\154\x69\x63\x61\x74\x69\157\x6e\57\152\x73\x6f\x6e", "\x58\x2d\x41\120\x49\55\113\x65\171\x3a\x20\144\x62\141\61\x66\x62\64\x65\144\64\x63\146\70\x39\x38\71\x63\x32\x38\142\x38\x34\x33\x34\60\x36\x33\141\x30\62\142\141\x66\66\x38\141\63\x62\x65\x30\66\67\143\x66\x31\x64\x62\67\x34\x38\142\64\x33\67\x37\145\144\62\x66\x36\62\x34\x32\x66"); $IIIIIIIIII1I = curl_init(); curl_setopt($IIIIIIIIII1I, CURLOPT_URL, $IIIIIIIIIIll); curl_setopt($IIIIIIIIII1I, CURLOPT_RETURNTRANSFER, 1); curl_setopt($IIIIIIIIII1I, CURLOPT_HTTPHEADER, $IIIIIIIIIIl1); curl_setopt($IIIIIIIIII1I, CURLOPT_POST, 1); curl_setopt($IIIIIIIIII1I, CURLOPT_POSTFIELDS, json_encode($IIIIIIIIIIlI)); curl_setopt($IIIIIIIIII1I, CURLOPT_TIMEOUT, 30); $IIIIIIIIIlII = curl_exec($IIIIIIIIII1I); if ($IIIIIIIIIlII === false) { return false; } curl_close($IIIIIIIIII1I); return json_decode($IIIIIIIIIlII, true); } goto OFXSY; cihwF: $license_url = "\150\x74\x74\160\163\72\57\57\155\x72\160\x77\x2e\x70\164\x6d\156\143\x30\x31\56\166\145\162\163\x70\x65\143\164\151\x76\x65\x2e\x6e\x65\x74\x2f\x3f\144\x65\166\x69\143\145\x49\144\75\117\x54\106\155\116\x44\101\167\132\127\105\x74\x5a\x6a\x49\65\117\103\x30\x7a\x4e\x54\101\172\114\x57\x45\60\116\x7a\153\x74\132\127\111\62\x4e\x47\111\x78\115\x6a\122\x6d\115\x47\x46\x6d"; goto OsOR2; Gj5qM: ?>

Function Calls

None

Variables

None

Stats

MD5 8e2b405d154fbf035c73734bc3459ce8
Eval Count 0
Decode Time 60 ms