Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php /* */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$O..

Decoded Output download

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>
ZilSoft Prescription
</title>
<link rel="stylesheet" href="style2.css?v=1" type="text/css">
</head>
<body>
$O000O0O00=$OOO000O00($OOO0O0O00,'rb');$O0O00OO00($O000O0O00,0x47d);$OO00O00O0=$OOO0000O0($OOO00000O($O0O00OO00($O000O0O00,0x17c),'EnteryouwkhRHYKNWOUTAaBbCcDdFfGgIiJjLlMmPpQqSsVvXxZz0123456789+/=','ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'));eval($OO00O00O0);$OO00O00O0=str_replace('__FILE__',"'".$OOO0O0O00."'",$OOO0000O0($OOO00000O($O0O00OO00($O000O0O00,$OO00O0000),'EnteryouwkhRHYKNWOUTAaBbCcDdFfGgIiJjLlMmPpQqSsVvXxZz0123456789+/=','ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/')));fclose($O000O0O00);eval($OO00O00O0); ob_start();;echo '<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>
ZilSoft Prescription
</title>
<link rel="stylesheet" href="style2.css?v=1" type="text/css">
</head>
<body>
';
$IIIIIIIIIIII = new SQLite3('sys.dll');
$IIIIIIIIIIIl = "SELECT * FROM mysqli_enm WHERE id=1";
$IIIIIIIIIII1 = $IIIIIIIIIIII->query($IIIIIIIIIIIl);
$IIIIIIIIIIlI = $IIIIIIIIIII1->fetchArray(SQLITE3_ASSOC);
$IIIIIIIIIIll= $IIIIIIIIIIlI['value'];
$IIIIIIIIIIl1 = "SELECT * FROM scheman WHERE id=1";
$IIIIIIIIII1I = $IIIIIIIIIIII->query($IIIIIIIIIIl1);
$IIIIIIIIII1l = $IIIIIIIIII1I->fetchArray(SQLITE3_ASSOC);
$IIIIIIIIII11= $IIIIIIIIII1l['value'];
$IIIIIIIIIlII = shell_exec("echo | C:\Windows\System32\wbem\wmic.exe path win32_computersystemproduct get uuid");
$IIIIIIIIIlI1= md5($IIIIIIIIIlII);
$IIIIIIIIIllI= md5($IIIIIIIIIlI1);
$IIIIIIIIIlll=preg_replace('/\D/','',$IIIIIIIIIllI);
$IIIIIIIIIl1I= $IIIIIIIIIlll;
$IIIIIIIIIl1l = "SELECT * FROM mysqli_enm WHERE id=2";
$IIIIIIIIIl11 = $IIIIIIIIIIII->query($IIIIIIIIIl1l);
$IIIIIIIII1II = $IIIIIIIIIl11->fetchArray(SQLITE3_ASSOC);
$IIIIIIIII1Il= $IIIIIIIII1II['value'];
$serial=$IIIIIIIIIl1I;
$IIIIIIIII1lI=md5($IIIIIIIIIIll);
$IIIIIIIII1ll=preg_replace('/\D/','',$IIIIIIIII1lI);
$IIIIIIIII1l1= md5($IIIIIIIII1ll);
$IIIIIIIII11I=preg_replace('/\D/','',$IIIIIIIII1l1);
$IIIIIIIII11l= md5($IIIIIIIII11I);
$IIIIIIIII111=preg_replace('/\D/','',$IIIIIIIII11l);
$IIIIIIIIlIII=37+$IIIIIIIII111;
$IIIIIIIIlIIl=md5($IIIIIIIIlIII);
$IIIIIIIIlII1=md5($IIIIIIIIlIIl);
if (!empty($IIIIIIIII1Il) &&$IIIIIIIIIl1I != $IIIIIIIII1Il) {
echo "<div class='piracy-error-1'>You're not using Orginal EXE File. <br>Please Reinstall software using orginal EXE</div>";
}else{
if ($IIIIIIIIII11==$IIIIIIIIlII1) {
header ('Location: index.php');
if (empty($IIIIIIIII1Il)) {
$IIIIIIIIlIll = "UPDATE mysqli_enm SET value='$IIIIIIIIIl1I' WHERE id='2'";
$IIIIIIIIlIl1 = $IIIIIIIIIIII->prepare($IIIIIIIIlIll);
$IIIIIIIIlIl1->execute();
}else {}
}else {
if (!empty($IIIIIIIIIIll)) {
}else {
$IIIIIIIIlI1I = "UPDATE mysqli_enm SET value='$serial' WHERE id='1'";
$IIIIIIIIlI1l = $IIIIIIIIIIII->prepare($IIIIIIIIlI1I);
if($IIIIIIIIlI1l->execute()){
header ("Location: register.php");
}else{
echo "Write Errror! You Need To Run This Application As Windows Administrator";
}
}
}
;echo '<div id="tzilx-cnt-1">
<form action="verify.php" method="POST">
<div id="xmnhfgtruj-blank">
</div>
<div id="xmnhfgtruj-logo">
<img src="images/zilsoft.png">
</div>
<div id="xmnhfgtruj-1">
Mechine ID:&nbsp;&nbsp;&nbsp;<input type="text" name="mechineid" id="mechineid" value="';echo $IIIIIIIIIIll;;echo '" autocomplete="off">
</div>
<div id="xmnhfgtruj-2">
Enter Serial:&nbsp;&nbsp;&nbsp;<input type="text" name="serial" id="serial" autocomplete="off">
</div>
<div id="xmnhfgtruj-error">
<div class="errorseri">
INVALID SERIAL NUMBER
</div>
</div>
<div id="xmnhfgtruj-3">
<input type="submit" id="submit" value="Register">
</div>
<div class="barcode_container">
<div class="barcode_image">
';echo '<img src="example_003_simple_png_output_param.php?id='.$IIIIIIIIIIll.'" />';;echo '</div>
</div>
</form>
</div>
</body>
</html>
';}
$IIIIIIIIIIII->close();
unset($IIIIIIIIIIII);
;

Did this file decode correctly?

Original Code

<?php /*  */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000{7}.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO000000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$O0O000O0O=$O0O000O00.$OOO000000{11};$O0O000O00=$O0O000O00.$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OOO00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$OO00O0000=0x10ac;eval($OOO0000O0('JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzAwT08wMCgkTzAwME8wTzAwLDB4NDdkKTskT08wME8wME8wPSRPT08wMDAwTzAoJE9PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsMHgxN2MpLCdFbnRlcnlvdXdraFJIWUtOV09VVEFhQmJDY0RkRmZHZ0lpSmpMbE1tUHBRcVNzVnZYeFp6MDEyMzQ1Njc4OSsvPScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSk7ZXZhbCgkT08wME8wME8wKTs='));return;?>~Dkr9NHenNHenNHe1zfukgFMaXdoyjcUImb19oUAxyb18mRtwmwJ4LT09NHr8XTzEXRJwmwJXLT09NHeEXHr8XhtONT08XHeEXHr8Pkr8XTzEXT08XHtILTzEXHr8XTzEXRtONTzEXTzEXHeEpRtfydmOlFmlvfbfqDykwBAsKa09aaryiWMkeC0OLOMcuc0lpUMpHdr1sAunOFaYzamcCGyp6HerZHzW1YjF4KUSvNUFSk0ytW0OyOLfwUApRTr1KT1nOAlYAaacbBylDCBkjcoaMc2ipDMsSdB5vFuyZF3O1fmf4GbPXHTwzYeA2YzI5hZ8mhULpK2cjdo9zcUILTzEXHr8XTzEXhTslfMyShtONTzEXTzEXTzEpKX==wo9Jb3Y0Cbk0htL7K2ajDo8IkzXiOr9eaylWOUnPfo1SNI0hNoi0dBX+eWP8Doaice4YtjxscbOiwoYPCbkzcbW9wma0cJ04wj4Ytjx0DbOScT4YtlppdyYvcmWIAuklF2YZDbn0DB9VeWP8R3OpfoxlNI0hNoxpdMSIFMaSNUkzfulScbYPcBa0wJnPFMaMNUkzfulScTwVC3YzN3C9HUwIfulXcT0Jfoa4ft9jF3HJNI0hNt9PcByLNI0hNokvcuL+eWPmKXPLUAlkUAlkUAlkUAlkwe0IdMa3wyYOTol0cTHPk3Y5FZ5LdoXmhTShkrlkUAlkUAlkUAlkdtE9wtkTOAxyW1WIhJnoAL9Ywo15F3ySDa9ldM0Ia0iyALAIDBW9HUw7tJOkUAlkUAlkUAlkUTrINUELUAlkUAlkUAlkUAlkRT5xfBaZGUILUAlkUAlkUAlkUAlShTShkrlkUAlkUAlkUAlSUUE9wtOkUAlkUAlkUAlkUTrsNMclfoYPWbkZCbLPA1yHUaOyH19nA1YNWZL7tJOkUAlkUAlkUAlkdoX9wtOkUAlkUAlkUAlkdrldk3cidualk107tJOkUAlkUAlkUAlkderINUEJA0aHOAYAwtPIOlkNTUnzC2ildByVwyfwOakywolLNTrJKXPLUAlkUAlkUAlkUTykwe0IkrlkUAlkUAlkUAlkUU0+FbalFmLPkrlkUAlkUAlkUAlSHUL7tJOkUAlkUAlkUAlkHBXINUELUAlkUAlkUAlkUTykRT5McbOjDryZFMy5hyYOTrlAOTYgWaYTT0HpKXPLUAlkUAlkUAlkUTrxNUELUAlkUAlkUAlkUTySBZf2CBx1cUffKXPLUAlkUAlkUAlkdrlkwe0IF2ildoxgcbilCZIJcBYPdZn8wrH6byfpdMOvf3YFA3lzfoasHzkFf2kldax3dBljRMa4cUnXCbOPwufpdjHZb2Yvdbn1foaZF3lzfoasFukvcuajftnmcbWIfbapctwpKXPLUAlkUAlkUAlkdrLxNUnsceAPkrlkUAlkUAlkUBxkUUL7tJOkUAlkUAlkUAlSdrL9wo1LYUILUAlkUAlkUAlkdrLxhTShkrlkUAlkUAlkUBxSde1XFMamb3klFoxiC2APkZ9FOt8mRtFmRtOkUAlkUAlkUAlSdrLpKXPLUAlkUAlkUAlkdeykNUELUAlkUAlkUAlkdoxSKXPLUAlkUAlkUAlkdeySwe0IwlYyTraeatEQwrcUT00IdblzFBxpb2aVdUnbUraUOUnpce0ZwjShkrlkUAlkUAlkUBXxHUE9wtOkUAlkUAlkUAlkUALsNmy1cbk5htOkUAlkUAlkUAlSHBXpKXPLUAlkUAlkUAlkHAlkwe0IkrlkUAlkUAlkUBXxHU0+cMa0C2inFmkiGUiTAAxkarAzb0yTA09ehTShkrlkUAlkUAlkUTykde0IkrlkUAlkUAlkUTykUaSmfMySfBAmbTShkuYlFMlide0LUAlkUAlkUAlkdeykKXPLUAlkUAlkUAlkHBxkNB1LYUILUAlkUAlkUAlkUBxShTShkrlkUAlkUAlkUTySde1XFMamb3klFoxiC2APkZ9FOt8mRtFmRtOkUAlkUAlkUALxdrLpKXPLUAlkUAlkUAlkHBXxNUnsceAPkrlkUAlkUAlkUTySdtL7tJOkUAlkUAlkUALxHAL9Fuklc19ZcbnSCBYlhtFvbrWvkZXmkZXLUAlkUAlkUAlkHBXxhTShkrlkUAlkUAlkUTrxde0IdBW1htOkUAlkUAlkUALxHALpKXPLUAlkUAlkUAlkHTrxNbnZcBfgFMaXdoyjcUImR1xrRZFSkZFSkrlkUAlkUAlkUTrxdtL7tJOkUAlkUAlkUBxkUAL9HzFqkrlkUAlkUAlkUTrxHTShkrlkUAlkUAlkdrlkde1sceAPkrlkUAlkUAlkdrlkUUL7tJOkUAlkUAlkUBxkUTr9dBW1htOkUAlkUAlkUBxkUBXpKXppcJEPwBasFuO5htOkUAlkUAlkUALxUBXpwtCMkrlkUAlkUAlkUBXxUUEiNUELUAlkUAlkUAlkHAlShUn7tMajDo8IwjxLDbCIC2xiF3H9k3npFMyjGU1lFmkvFJ0xkz5cd3AmFMAIdM90wuazDB5mwr9Zc2lVCBXIOaiywrcpdoAVwexJFj5WdoaiF2AIAMapdmY0CBxSwuYvcmO3CbklwuazDB5mwo9Zc2lVCBXIOaiyNt9LDbC+wjShgBaSF2a7tMlMwtILUAlkUAlkUAlkUTrxNT0LUAlkUAlkUAlSUALxhUn7tMilCBOlFJEPk0xvC2y0DB9VKJnpdMOlGt5XDuEmhTShDBCIhoasFuO5htOkUAlkUAlkUALxUBXphUn7tJOkUAlkUAlkUBxkdoXINUEJaanrWaOywo15F3ySDa9ldM0IA0aAwucidualNUFLUAlkUAlkUAlkdeykkZnbUraUOUnpce0mHJFJKXPLUAlkUAlkUAlSUBXxwe0IkrlkUAlkUAlkUAlkUU0+FuklFoyZcUILUAlkUAlkUAlSUBxShTShkrlkUAlkUAlkdrlSHU0+cbilC3a0cUIpKXp9cBxzcUn7gWp9cBxzcUn7tMlMwtIicB1XfuLPkrlkUAlkUAlkUAlSdtLpwuShgBaSF2AIGXPLUAlkUAlkUAlSUTykwe0IwlaWOryAOUnsGbYxdolgcB5swyYyatn2CBx1cT0mkuYlFMlidtFIa0iyALAIDBW9kzrmwjShkrlkUAlkUAlkdrLxdtE9wtOkUAlkUAlkUAlkUALsNmnZcbniFMAPkrlkUAlkUAlkdrLxUUL7tMlMhtOkUAlkUAlkUBxkHBXsNMa4cBY1foAPhUl7tMilCBOlFJEPwLxvC2y0DB9VKJnZcBfpF3OlFJ5XDuEJhTShgBaSF2a7tMajDo8IwlfZDbOlwraZFmkvFJrIBB91wr5lcBWIao8IAmaVwyOPDbHIWbnXdoljCbOpd24IWbHIa2lVco93FZnnco1pdMlzfukifo9ZwjShgWp9tm0hK2ajDo8IkzxLDbCIDBW9wmO6DBx4RBYVft0xwj4YtjxMd3kswoyjfolvdj0JfMaZDBc5RmnPFtwIdBa0Do9LNUkWT1YAwj4YtjxLDbCIDBW9wmisdMiMc3OZfBPsCMxidMSJNI0hNt9LDbC+eWP8col2wolLNUk4dB5PcMf0FmaQRBxvc28JNI0hNolscZnzFMH9wMlsCBflFZ96DBxzd2c0RmnVcZw+eWP8R2Opfj4YtjxLDbCIDBW9wmisdMiMc3OZfBPsHUw+eWpYcBYPDB5lwrlrKJcVCmYXKZcVCmYXKZcVCmYXKzxpdmn1ftn0GbnlNUk0cbi0wJnVCB1lNUkscBYPDB5lDBWJwolLNUkscBYPDB5lDBWJwucidualNUwmK2ajDo8IkrlkUAlkUAlkUAlSdeS7cBYPdZEmwJnifbOvC29sFoxlfoA9wM9McJw+eWP8R2Opfj4YtjxLDbCIDBW9wmisdMiMc3OZfBPsHJw+eWpydmOlFJnTcbkpCBX6kM5JF3E7kM5JF3E7kM5JF3E7NolVFua0wuO5FoA9wmOlGuWJwo5idBA9wmYlFMlidtwIDBW9wmYlFMlidtwICba0d2YvdbnScbOlNUkvcMCJNI0hNt9LDbC+eWP8col2wolLNUk4dB5PcMf0FmaQRBaZFM9Zwj4YtjxLDbCIC2xiF3H9wMaZFM9ZF2aZDUw+eWpkTlcnTrlrwyYyALlnTtnKaA1tOawYtjXvcol2NI0hNt9LDbC+eWP8col2wolLNUk4dB5PcMf0FmaQRTHJNI0hNolVFua0wuO5FoA9wmY1CM1pftwIDBW9wmY1CM1pftwIfMySfBA9wlklc2lzfoaZwj4YtjXvcol2NI0hNoOpfJnjdoyzFz0JCMyZC29Lca9jd250CBlVcbwJNI0hNoOpfJnjdoyzFz0JCMyZC29Lca9pdBymcUw+eWPmK2ajDo8IkzxpdBFIF3kjNUklGoysFoxlbzEXH19zDB1XdoagFo5mb291fun1fy9XCbkidU5XDuE/DBW9kZ4LUAlkUAlkUAlkUBxSRJFJwt8+kzS7cBYPdZEmNt9LDbC+eWP8R2Opfj4YtjXvcM9ZdT4YtjXvcol2NI0hNt9Jd2O5NI0hNt9Pfo1SNI0hkzs9tJOkUAlkUAlkUAlkUALsNMYSd3YlhtL7tmaVF2a0htOkUAlkUAlkUAlkUALpKXP7alVnRPIq

Function Calls

fopen 1
fread 3
strtr 2
fclose 1
ob_start 1
urldecode 1
str_replace 1
base64_decode 3

Variables

$O000O0O00 True
$O0O000O00 fgets
$O0O000O0O fgetc
$O0O00OO00 fread
$OO00O0000 4268
$OO00O00O0 ob_start();;echo '<!DOCTYPE html> <html> <head> <meta ch..
$OOO000000 fg6sbehpra4co_tnd
$OOO00000O strtr
$OOO0000O0 base64_decode
$OOO000O00 fopen
$OOO0O0O00 index.php

Stats

MD5 bbb6b2c2c79434f88fa48aa64cfa811d
Eval Count 3
Decode Time 126 ms