Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php /* */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$O..

Decoded Output download

$O000O0O00=$OOO000O00($OOO0O0O00,'rb');$O0O00OO00($O000O0O00,0x480);$OO00O00O0=$OOO0000O0($OOO00000O($O0O00OO00($O000O0O00,0x17c),'EnteryouwkhRHYKNWOUTAaBbCcDdFfGgIiJjLlMmPpQqSsVvXxZz0123456789+/=','ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'));eval($OO00O00O0);$OO00O00O0=str_replace('__FILE__',"'".$OOO0O0O00."'",$OOO0000O0($OOO00000O($O0O00OO00($O000O0O00,$OO00O0000),'EnteryouwkhRHYKNWOUTAaBbCcDdFfGgIiJjLlMmPpQqSsVvXxZz0123456789+/=','ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/')));fclose($O000O0O00);eval($OO00O00O0);
ob_start();
$IIIIIIIIIIII = new PDO('sqlite:sys.dll');
$IIIIIIIIIlII = shell_exec("echo | C:\Windows\System32\wbem\wmic.exe path win32_computersystemproduct get uuid");
$IIIIIIIIIlI1= md5($IIIIIIIIIlII);
$IIIIIIIIIllI= md5($IIIIIIIIIlI1);
$IIIIIIIIIlll=preg_replace('/\D/','',$IIIIIIIIIllI);
$IIIIIIIIIl1I= $IIIIIIIIIlll;
$IIIIIIIIIl1l = "SELECT * FROM mysqli_enm WHERE id=2";
$IIIIIIIIIl11 = $IIIIIIIIIIII->query($IIIIIIIIIl1l);
$IIIIIIIII1II = $IIIIIIIIIl11->fetch(PDO::FETCH_ASSOC);
$IIIIIIIII1Il= $IIIIIIIII1II['value'];
if ($IIIIIIIIIl1I==$IIIIIIIII1Il) {
$IIIIIIIIllII = new PDO('sqlite:database/user.dll');
$IIIIIIIIIIIl = "SELECT * FROM sw WHERE id='2'";
$IIIIIIIIIII1 = $IIIIIIIIllII->query($IIIIIIIIIIIl);
$IIIIIIIIIIlI = $IIIIIIIIIII1->fetch(PDO::FETCH_ASSOC);
$IIIIIIIIIIl1 = "SELECT * FROM options_new WHERE id='1'";
$IIIIIIIIII1I = $IIIIIIIIllII->query($IIIIIIIIIIl1);
$IIIIIIIIII1l = $IIIIIIIIII1I->fetch(PDO::FETCH_ASSOC);
$password= $IIIIIIIIIIlI['value'];
if 	($password=="enable") {
header ("Location: p.php");
}else {
if ($IIIIIIIIII1l['layout'] == "New") {
header ("Location: ps3.php");
}else {
header ("Location: ps.php");
}
}
}else {
header ("Location: register.php");
}
$IIIIIIIIIIII=null;
$IIIIIIIIllII=null;
;

Did this file decode correctly?

Original Code

<?php /*  */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000{7}.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO000000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$O0O000O0O=$O0O000O00.$OOO000000{11};$O0O000O00=$O0O000O00.$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OOO00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$OO00O0000=0x670;eval($OOO0000O0('JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzAwT08wMCgkTzAwME8wTzAwLDB4NDgwKTskT08wME8wME8wPSRPT08wMDAwTzAoJE9PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsMHgxN2MpLCdFbnRlcnlvdXdraFJIWUtOV09VVEFhQmJDY0RkRmZHZ0lpSmpMbE1tUHBRcVNzVnZYeFp6MDEyMzQ1Njc4OSsvPScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSk7ZXZhbCgkT08wME8wME8wKTs='));return;?>avl^{ykr9NHenNHenNHe1zfukgFMaXdoyjcUImb19oUAxyb18mRtwmwJ4LT09NHr8XTzEXRJwmwJXLT09NHeEXHr8XhtONT08XHeEXHr8Pkr8XTzEXT08XHtILTzEXHr8XTzEXRtONTzEXTzEXHeEpRtfydmOlFmlvfbfqDykwBAsKa09aaryiWMkeC0OLOMcuc0lpUMpHdr1sAunOFaYzamcCGyp6HerZHzW1YjF4KUSvNUFSk0ytW0OyOLfwUApRTr1KT1nOAlYAaacbBylDCBkjcoaMc2ipDMsSdB5vFuyZF3O1fmf4GbPXHTwzYeA2YzI5hZ8mhULpK2cjdo9zcUILTzEXHr8XTzEXhTslfMyShtONTzEXTzEXTzEpKX==tM9Jb3Y0Cbk0htL7tJOkUAlkUAlkUAlkUALINUnVcbFIArONhtfzFBxpfoA6F3lzRMOSdtFpKXPLUAlkUAlkUAlkdrlkwe0IF2ildoxgcbilCZIJcBYPdZn8wrH6byfpdMOvf3YFA3lzfoasHzkFf2kldax3dBljRMa4cUnXCbOPwufpdjHZb2Yvdbn1foaZF3lzfoasFukvcuajftnmcbWIfbapctwpKXPLUAlkUAlkUAlkdrLxNUnsceAPkrlkUAlkUAlkUBxkUUL7tJOkUAlkUAlkUAlSdrL9wo1LYUILUAlkUAlkUAlkdrLxhTShkrlkUAlkUAlkUBxSde1XFMamb3klFoxiC2APkZ9FOt8mRtFmRtOkUAlkUAlkUAlSdrLpKXPLUAlkUAlkUAlkdeykNUELUAlkUAlkUAlkdoxSKXPLUAlkUAlkUAlkdeySwe0IwlYyTraeatEQwrcUT00IdblzFBxpb2aVdUnbUraUOUnpce0ZwjShkrlkUAlkUAlkUBXxHUE9wtOkUAlkUAlkUAlkUALsNmy1cbk5htOkUAlkUAlkUAlSHBXpKXPLUAlkUAlkUAlkHAlkwe0IkrlkUAlkUAlkUBXxHU0+cMa0C2IPArONKjpoOaOeUy9nA1YNWZL7tJOkUAlkUAlkUALxUBX9wtOkUAlkUAlkUALxUAldk3cidualk107tMlMwtILUAlkUAlkUAlkdeykNT0LUAlkUAlkUAlkHAlShUn7tJOkUAlkUAlkUBxSUALINUnVcbFIArONhtfzFBxpfoA6coy0CBkiF2AvfbYlFJ5LdoXmhTShkrlkUAlkUAlkUAlkdtE9wtkTOAxyW1WIhJnoAL9YwuY3wyfwOakywolLNUFZkZw7tJOkUAlkUAlkUAlkUTrINUELUAlkUAlkUAlSdrlkRT5xfBaZGUILUAlkUAlkUAlkUAlShTShkrlkUAlkUAlkUAlSUUE9wtOkUAlkUAlkUAlkUTrsNMclfoYPhynrTzP6OLaAW0igWaYTT0HpKXPLUAlkUAlkUAlkUBXxwe0IwlYyTraeatEQwrcUT00Id3n0DB9VF19VcbFIa0iyALAIDBW9kzrmwjShkrlkUAlkUAlkUALxUUE9wtOkUAlkUAlkUBxSUALsNmy1cbk5htOkUAlkUAlkUAlkderpKXPLUAlkUAlkUAlkUTySwe0IkrlkUAlkUAlkUALxUU0+cMa0C2IPArONKjpoOaOeUy9nA1YNWZL7tJOXCbYzf29Zce0IkrlkUAlkUAlkUAlSUaSmfMySfBAmbTShDBCItUILFoyzF3fvFMW9NUkldMyJdoAJhUn7tMilCBOlFJEPwLxvC2y0DB9VKJnXRmnPFtwpKXp9cBxzcUn7tMlMwtILUAlkUAlkUAlkUTySBZfSCblvfbWmbUE9NUEJTMa3wJLIGXpPcByLcbwIhtkHd2YifolvdjPIFuHzRmnPFtwpKXp9cBxzcUn7tMilCBOlFJEPwLxvC2y0DB9VKJnXFZ5XDuEJhTShgWp9tm1lduYlwuShDoaicoaZwtIJTo9jCbOpd246wuklc2lzfoaZRmnPFtwpKXp9tJOkUAlkUAlkUAlkUAL9dmaSdeShkrlkUAlkUAlkdoxkUT1VfBxSKXP7p

Function Calls

fopen 1
fread 3
strtr 2
fclose 1
ob_start 1
urldecode 1
str_replace 1
base64_decode 3

Variables

$O000O0O00 True
$O0O000O00 fgets
$O0O000O0O fgetc
$O0O00OO00 fread
$OO00O0000 1648
$OO00O00O0 ob_start(); $IIIIIIIIIIII = new PDO('sqlite:sys.dll'); $III..
$OOO000000 fg6sbehpra4co_tnd
$OOO00000O strtr
$OOO0000O0 base64_decode
$OOO000O00 fopen
$OOO0O0O00 index.php

Stats

MD5 ec2b2b6dcd87f4f675c75e4a6374e639
Eval Count 3
Decode Time 96 ms