Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php /* */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$G..

Decoded Output download

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>
ZilSoft Prescription
</title>
<link rel="stylesheet" href="style2.css?v=1" type="text/css">
</head>
<body>
$O000O0O00=$GLOBALS['OOO000O00']($OOO0O0O00,'rb');$GLOBALS['O0O00OO00']($O000O0O00,0x502);$OO00O00O0=$GLOBALS['OOO0000O0']($GLOBALS['OOO00000O']($GLOBALS['O0O00OO00']($O000O0O00,0x1a8),'EnteryouwkhRHYKNWOUTAaBbCcDdFfGgIiJjLlMmPpQqSsVvXxZz0123456789+/=','ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'));eval($OO00O00O0);$OO00O00O0=str_replace('__FILE__',"'".$OOO0O0O00."'",$GLOBALS['OOO0000O0']($GLOBALS['OOO00000O']($GLOBALS['O0O00OO00']($O000O0O00,$OO00O0000),'EnteryouwkhRHYKNWOUTAaBbCcDdFfGgIiJjLlMmPpQqSsVvXxZz0123456789+/=','ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/')));fclose($O000O0O00);eval($OO00O00O0); ob_start();;echo '<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>
ZilSoft Prescription
</title>
<link rel="stylesheet" href="style2.css?v=1" type="text/css">
</head>
<body>
';
$IIIIIIIIIIII = new SQLite3('sys.dll');
$IIIIIIIIIIIl = "SELECT * FROM mysqli_enm WHERE id=1";
$IIIIIIIIIII1 = $IIIIIIIIIIII->query($IIIIIIIIIIIl);
$IIIIIIIIIIlI = $IIIIIIIIIII1->fetchArray(SQLITE3_ASSOC);
$IIIIIIIIIIll= $IIIIIIIIIIlI['value'];
$IIIIIIIIIIl1 = "SELECT * FROM scheman WHERE id=1";
$IIIIIIIIII1I = $IIIIIIIIIIII->query($IIIIIIIIIIl1);
$IIIIIIIIII1l = $IIIIIIIIII1I->fetchArray(SQLITE3_ASSOC);
$IIIIIIIIII11= $IIIIIIIIII1l['value'];
$IIIIIIIIIlII = shell_exec("echo | C:\Windows\System32\wbem\wmic.exe path win32_computersystemproduct get uuid");
$IIIIIIIIIlI1= md5($IIIIIIIIIlII);
$IIIIIIIIIllI= md5($IIIIIIIIIlI1);
$IIIIIIIIIlll=preg_replace('/\D/','',$IIIIIIIIIllI);
$IIIIIIIIIl1I= $IIIIIIIIIlll;
$IIIIIIIIIl1l = "SELECT * FROM mysqli_enm WHERE id=2";
$IIIIIIIIIl11 = $IIIIIIIIIIII->query($IIIIIIIIIl1l);
$IIIIIIIII1II = $IIIIIIIIIl11->fetchArray(SQLITE3_ASSOC);
$IIIIIIIII1Il= $IIIIIIIII1II['value'];
$serial=$IIIIIIIIIl1I;
$IIIIIIIII1lI=md5($IIIIIIIIIIll);
$IIIIIIIII1ll=preg_replace('/\D/','',$IIIIIIIII1lI);
$IIIIIIIII1l1= md5($IIIIIIIII1ll);
$IIIIIIIII11I=preg_replace('/\D/','',$IIIIIIIII1l1);
$IIIIIIIII11l= md5($IIIIIIIII11I);
$IIIIIIIII111=preg_replace('/\D/','',$IIIIIIIII11l);
$IIIIIIIIlIII=37+$IIIIIIIII111;
$IIIIIIIIlIIl=md5($IIIIIIIIlIII);
$IIIIIIIIlII1=md5($IIIIIIIIlIIl);
if (!empty($IIIIIIIII1Il) &&$IIIIIIIIIl1I != $IIIIIIIII1Il) {
echo "<div class='piracy-error-1'>You're not using Orginal EXE File. <br>Please Reinstall software using orginal EXE</div>";
}else{
if ($IIIIIIIIII11==$IIIIIIIIlII1) {
header ('Location: index.php');
if (empty($IIIIIIIII1Il)) {
$IIIIIIIIlIll = "UPDATE mysqli_enm SET value='$IIIIIIIIIl1I' WHERE id='2'";
$IIIIIIIIlIl1 = $IIIIIIIIIIII->prepare($IIIIIIIIlIll);
$IIIIIIIIlIl1->execute();
}else {}
}else {
if (!empty($IIIIIIIIIIll)) {
}else {
$IIIIIIIIlI1I = "UPDATE mysqli_enm SET value='$serial' WHERE id='1'";
$IIIIIIIIlI1l = $IIIIIIIIIIII->prepare($IIIIIIIIlI1I);
if($IIIIIIIIlI1l->execute()){
header ("Location: register.php");
}else{
echo "Write Errror! You Need To Run This Application As Windows Administrator";
}
}
}
include_once('qr/qrlib.php');
;echo '<div class="tzilx_cnt_2">
<div class="tzilx_cnt_2_1">
<image src="bkash.png" height="150" >
</div>
<div class="tzilx_cnt_2_2">
<image src="text.png"  height="150" >
</div>
<div class="tzilx_cnt_2_3">
<image src="rocket.png"  height="150" >
</div>
</div>
<div id="tzilx-cnt-1">
<form action="verify.php" method="POST">
<div id="xmnhfgtruj-logo">
<img src="images/logo_7_2.png" height="100">
</div>
<div id="xmnhfgtruj-1">
Machine ID:&nbsp;&nbsp;&nbsp;<input type="text" name="mechineid" id="mechineid" value="';echo $IIIIIIIIIIll;;echo '" autocomplete="off" readonly>
</div>
<div id="xmnhfgtruj-2">
Enter Serial:&nbsp;&nbsp;&nbsp;<input type="text" name="serial" id="serial" autocomplete="off">
</div>

<div id="xmnhfgtruj-error">
<div class="errorseri">
INVALID SERIAL NUMBER
</div>
</div>


<div id="xmnhfgtruj-3">
<input type="submit" id="submit" value="Register">
</div>
</form>
<div class="barcode_container">
<div class="barcode_image">
';echo '<img src="example_003_simple_png_output_param.php?id='.$IIIIIIIIIIll.'" height="150" />';;echo '</div>
</div>
<div class="ins_cnt">
        whatsapp: 01617-18-0711   
</div>
</div>
</div>
</body>
</html>
';}
$IIIIIIIIIIII->close();
unset($IIIIIIIIIIII);

Did this file decode correctly?

Original Code

<?php /*  */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$GLOBALS['OOO0000O0']=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5}.$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$GLOBALS['OOO0000O0'].=$GLOBALS['OOO0000O0']{3}.$OOO000000{11}.$OOO000000{12}.$GLOBALS['OOO0000O0']{7}.$OOO000000{5};$GLOBALS['OOO000O00']=$OOO000000{0}.$OOO000000{12}.$OOO000000{7}.$OOO000000{5}.$OOO000000{15};$GLOBALS['O0O000O00']=$OOO000000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$GLOBALS['O0O000O00']=$O0O000O00.$OOO000000{3};$GLOBALS['O0O00OO00']=$OOO000000{0}.$OOO000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$GLOBALS['OOO00000O']=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$OO00O0000=0x13d4;eval($GLOBALS['OOO0000O0']('JE8wMDBPME8wMD0kR0xPQkFMU1snT09PMDAwTzAwJ10oJE9PTzBPME8wMCwncmInKTskR0xPQkFMU1snTzBPMDBPTzAwJ10oJE8wMDBPME8wMCwweDUwMik7JE9PMDBPMDBPMD0kR0xPQkFMU1snT09PMDAwME8wJ10oJEdMT0JBTFNbJ09PTzAwMDAwTyddKCRHTE9CQUxTWydPME8wME9PMDAnXSgkTzAwME8wTzAwLDB4MWE4KSwnRW50ZXJ5b3V3a2hSSFlLTldPVVRBYUJiQ2NEZEZmR2dJaUpqTGxNbVBwUXFTc1Z2WHhaejAxMjM0NTY3ODkrLz0nLCdBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWmFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6MDEyMzQ1Njc4OSsvJykpO2V2YWwoJE9PMDBPMDBPMCk7'));return;?>~Dkr9NHenNHenNHe1zfukgFMaXdoyjcUImb19oUAxyb18mRtwmwJ4LT09NHr8XTzEXRJwmwJXLO0xNWLyHA1SmT09NHeEXHr8Xk10PkrfHT0knTyYdk09NTzEXHeEXTZffhtOuTr9tWAxTBZfNHr8XHr9NHeEmbUILTzEXHr8XTzEXRtONTzEXTzEXHeEpRtfydmOlFmlvfbfqDykwBAsKa09aaryiWMkeC0OLOMcuc0lpUMpHdr1sAunOFaYzamcCGyp6HerZHzW1YjF4KUSvNUFSk0ytW0OyOLfwUApRTr1KT1nOAlYAaacbBylDCBkjcoaMc2ipDMsSdB5vFuyZF3O1fmf4GbPXHTwzYeA2YzI5hZ8mhULpK2cjdo9zcUILTzEXHr8XTzEXhTslfMyShtONTzEXTzEXTzEpKX==wo9Jb3Y0Cbk0htL7K2ajDo8IkzXiOr9eaylWOUnPfo1SNI0hNoi0dBX+eWP8Doaice4YtjxscbOiwoYPCbkzcbW9wma0cJ04wj4Ytjx0DbOScT4YtlppdyYvcmWIAuklF2YZDbn0DB9VeWP8R3OpfoxlNI0hNoxpdMSIFMaSNUkzfulScbYPcBa0wJnPFMaMNUkzfulScTwVC3YzN3C9HUwIfulXcT0Jfoa4ft9jF3HJNI0hNt9PcByLNI0hNokvcuL+eWPmKX0hkrlkUAlkUAlkUAlkUUE9wo5lfZnTAAxpfoAzhtfzGbHVcoxSkZL7eWPLUAlkUAlkUAlkUAlSwe0IwlYyTraeatEQwrcUT00IdblzFBxpb2aVdUnbUraUOUnpce0xwjSYtJOkUAlkUAlkUAlkUTrINUELUAlkUAlkUAlkUAlkRT5xfBaZGUILUAlkUAlkUAlkUAlShTSYtJOkUAlkUAlkUAlkdrLINUELUAlkUAlkUAlkUALxRT5McbOjDryZFMy5hyYOTrlAOTYgWaYTT0HpKX0hkrlkUAlkUAlkUAlSde0IkrlkUAlkUAlkUAlSUaSmfMySfBAmbTSYtJOkUAlkUAlkUAlkderINUEJA0aHOAYAwtPIOlkNTUnzC2ildByVwyfwOakywolLNTrJKX0hkrlkUAlkUAlkUALxUUE9wtOkUAlkUAlkUAlkUALsNmy1cbk5htOkUAlkUAlkUAlkderpKX0hkrlkUAlkUAlkUALxdtE9wtOkUAlkUAlkUAlkHALsNMclfoYPWbkZCbLPA1yHUaOyH19nA1YNWZL7eWPLUAlkUAlkUAlkUTrxNUELUAlkUAlkUAlkUTySBZf2CBx1cUffKX0hkrlkUAlkUAlkUBxkUUE9wuYPcBxSb2a4cBHPwMajDo8IgtneKlxbDB5Ld3fzbyY5F3OldTHZbufJcB1Ff21pCZ5lGoAIFoy0Dtn3DB4zHl9jd21XfbOlFmY5F3OldbnZd2O1C3WIc2a0wua1DBWJhTSYtJOkUAlkUAlkUAlSUTr9wo1LYUILUAlkUAlkUAlkdrlkhTSYtJOkUAlkUAlkUAlSdrL9wo1LYUILUAlkUAlkUAlkdrLxhTSYtJOkUAlkUAlkUAlSdoX9Fuklc19ZcbnSCBYlhtFvbrWvkZXmkZXLUAlkUAlkUAlkdoxkhTSYtJOkUAlkUAlkUAlSHAL9wtOkUAlkUAlkUAlSdoX7eWPLUAlkUAlkUAlkdeySwe0IwlYyTraeatEQwrcUT00IdblzFBxpb2aVdUnbUraUOUnpce0ZwjSYtJOkUAlkUAlkUAlSHTrINUELUAlkUAlkUAlkUAlkRT5xfBaZGUILUAlkUAlkUAlkdeyShTSYtJOkUAlkUAlkUALxUALINUELUAlkUAlkUAlkderxRT5McbOjDryZFMy5hyYOTrlAOTYgWaYTT0HpKX0hkrlkUAlkUAlkUTykde0IkrlkUAlkUAlkUTykUaSmfMySfBAmbTSYtJOzcbkpCBX9krlkUAlkUAlkUBXxUTSYtJOkUAlkUAlkUALxdrL9dBW1htOkUAlkUAlkUAlkdoXpKX0hkrlkUAlkUAlkUTySde1XFMamb3klFoxiC2APkZ9FOt8mRtFmRtOkUAlkUAlkUALxdrLpKX0hkrlkUAlkUAlkUTySHT0IdBW1htOkUAlkUAlkUALxdoXpKX0hkrlkUAlkUAlkUTrxUT1XFMamb3klFoxiC2APkZ9FOt8mRtFmRtOkUAlkUAlkUALxderpKX0hkrlkUAlkUAlkUTrxde0IdBW1htOkUAlkUAlkUALxHALpKX0hkrlkUAlkUAlkUTrxHT1XFMamb3klFoxiC2APkZ9FOt8mRtFmRtOkUAlkUAlkUALxHBXpKX0hkrlkUAlkUAlkdrlkUT0zYZSLUAlkUAlkUAlkHTrxKX0hkrlkUAlkUAlkdrlkde1sceAPkrlkUAlkUAlkdrlkUUL7eWPLUAlkUAlkUAlSUALxNB1LYUILUAlkUAlkUAlSUAlShTSYtMlMwtIicB1XfuLPkrlkUAlkUAlkUTykdtLIkJCLUAlkUAlkUAlkdeykwtr9wtOkUAlkUAlkUALxUBXpwuSYtMajDo8IwjxLDbCIC2xiF3H9k3npFMyjGU1lFmkvFJ0xkz5cd3AmFMAIdM90wuazDB5mwr9Zc2lVCBXIOaiywrcpdoAVwexJFj5WdoaiF2AIAMapdmY0CBxSwuYvcmO3CbklwuazDB5mwo9Zc2lVCBXIOaiyNt9LDbC+wjSYtm1lduYlGX0hDBCIhtOkUAlkUAlkUAlkHTr9NUOkUAlkUAlkUBxkUTrpwuSYtMilCBOlFJEPk0xvC2y0DB9VKJnpdMOlGt5XDuEmhTSYtMlMwtildbn0GUILUAlkUAlkUAlkHAlShULIGX0hkrlkUAlkUAlkdrlSdtE9wtkaArOnarAIdblzFBxpb2aVdUnTOaWIfMySfBA9kZOkUAlkUAlkUAlSHALmwyfwOakywolLNUFZkZw7eWPLUAlkUAlkUAlSUBXxwe0IkrlkUAlkUAlkUAlkUU0+FuklFoyZcUILUAlkUAlkUAlSUBxShTSYtJOkUAlkUAlkUBxkdersNMa4cBY1foAPhTSYtm1lduYlwus9eWp9cBxzcUn7eWppcJEPwBasFuO5htOkUAlkUAlkUAlkdoXphUn7eWp9cBxzcUn7eWPLUAlkUAlkUAlSUTykwe0IwlaWOryAOUnsGbYxdolgcB5swyYyatn2CBx1cT0mkuYlFMlidtFIa0iyALAIDBW9kzrmwjSYtJOkUAlkUAlkUBxkHBXINUELUAlkUAlkUAlkUAlkRT5XFMaXCbklhtOkUAlkUAlkUBxkHALpKX0hDBCPkrlkUAlkUAlkdrLxdt0+cbilC3a0cUIphbSYtMilCBOlFJEPwLxvC2y0DB9VKJnZcBfpF3OlFJ5XDuEJhTSYtm1lduYlGX0hcBYPdZEJa3kpfoAIObkZFM9ZwUncd3AITMalctnAdZnUfB4IaoipFZnnFunSDBYifolvdJnnFZnbDB5Ld3fzwryLdBlVDbY0FMy0d3wJKX0hgW0hgW0hgW0hDB5jduaLca9vdMYlhtfxFJ9xFMxpCJ5XDuEmhTSYtjslC2ivwtF8col2woYSCbYzNUk0GMlSGy9jdmOgHJw+eWP8col2woYSCbYzNUk0GMlSGy9jdmOgHl8xwj4YtjxpdBymcUnzFMH9wMkqCbYPRmnVcZwIDoapc2i0NUwxYTEJwe4YtjXvcol2NI0hNoOpfJnjdoyzFz0JfuppduigC250bzkgHJw+eWP8DB1ic2AIF3kjNUk0cbi0RmnVcZwIwoilDBfPfe0JHTAXwJE+eWP8R2Opfj4YtjxLDbCIC2xiF3H9wmO6DBx4b2YVfy8ZbzHJNI0hNolsCBflwuYZCz0JFM9jD2a0RmnVcZwIwoilDBfPfe0JHTAXwJE+eWP8R2Opfj4YtjXvcol2NI0hNoOpfJnpce0JfuppduIsC250RTrJNI0hNocvFM0ICBY0DB9VNUk2cbkpcmLVFoiXwJnscbOPd2W9wlnNA1WJNI0hNoOpfJnpce0JGo1VDocmfuk1DJ1Sd2fvwj4YtjxpdBFIF3kjNUkpdBymcbHvdo9md183bzwVFo5mwJnPcBlmDuW9wjrXHtw+eWP8R2Opfj4YtjxLDbCIDBW9wmisdMiMc3OZfBPsHUw+eWpYCBYPDB5lwrlrKJcVCmYXKZcVCmYXKZcVCmYXKzxpdmn1ftn0GbnlNUk0cbi0wJnVCB1lNUkscBYPDB5lDBWJwolLNUkscBYPDB5lDBWJwucidualNUwmK2ajDo8IkrlkUAlkUAlkUAlSdeS7cBYPdZEmwJnifbOvC29sFoxlfoA9wM9McJwIFMaico9VduL+eWP8R2Opfj4YtjxLDbCIDBW9wmisdMiMc3OZfBPsHJw+eWpydmOlFJnTcbkpCBX6kM5JF3E7kM5JF3E7kM5JF3E7NolVFua0wuO5FoA9wmOlGuWJwo5idBA9wmYlFMlidtwIDBW9wmYlFMlidtwICba0d2YvdbnScbOlNUkvcMCJNI0hNt9LDbC+eWPYtjxLDbCIDBW9wmisdMiMc3OZfBPscbkZd3wJNI0hNoOpfJnjdoyzFz0JcbkZd3kzcbkpwj4YtLlKaLyHUAWIA0aUUAyHwr5aTAkyAI0hNt9LDbC+eWP8R2Opfj4YtI0heWP8col2wolLNUk4dB5PcMf0FmaQRTHJNI0hNolVFua0wuO5FoA9wmY1CM1pftwIDBW9wmY1CM1pftwIfMySfBA9wlklc2lzfoaZwj4YtjXvcol2NI0hNt9Md3ksNI0hNoOpfJnjdoyzFz0JCMyZC29Lca9jd250CBlVcbwJNI0hNoOpfJnjdoyzFz0JCMyZC29Lca9pdBymcUw+eWPmK2ajDo8IkzxpdBFIF3kjNUklGoysFoxlbzEXH19zDB1XdoagFo5mb291fun1fy9XCbkidU5XDuE/DBW9kZ4LUAlkUAlkUAlkUBxSRJFJwoilDBfPfe0JHTAXwJEvNJF7K2ajDo8IkzXvcol2NI0hNt9LDbC+eWP8col2woYSCbYzNUkpdmYgC250wj4YtVtMiGtmjGtMq+tMvVtMlGtMm+tMv+tMqGtmi+tMsVtMQKtmi+tMSteIppzIpQjIp43IpQ8I4hDS4hD+4hDX4hDa4hGR4hDiwKtMVKtMVUeIpP/IpPFI4hDk4hDu4hDP4hGY4hDi4hGR4hDg4hD/4hDXwKtMM+tMqKtMvZeIpQTIp4uIpqRIp4FIf2iifuYiFuE6weExYjr3RTr4RTE3HTrI4hDP4hDV4hGY4hDS4hDX4hGuwKtMVKtmi+tMQKtmjGtMPUeIppbIpqeIp4uIpQjIpDWYtjXvcol2NI0hNt9LDbC+eWP8R2Opfj4YtjXvCM9LGT4YtjXvDuOsde4YtJF7gW0hkrlkUAlkUAlkUAlkUU0+C2xvF2APhTSYtmaVF2a0htOkUAlkUAlkUAlkUALpKX==alVnRPIq

Function Calls

fopen 1
fread 3
strtr 2
fclose 1
ob_start 1
urldecode 1
str_replace 1
base64_decode 3

Variables

$O000O0O00 True
$O0O000O00 fgets
$O0O00OO00 fread
$OO00O0000 5076
$OO00O00O0 ob_start();;echo '<!DOCTYPE html> <html> <head> <meta ch..
$OOO000000 fg6sbehpra4co_tnd
$OOO00000O strtr
$OOO0000O0 base64_decode
$OOO000O00 fopen
$OOO0O0O00 index.php

Stats

MD5 f04f0eac6eee0d3221ea1e2058da0538
Eval Count 3
Decode Time 136 ms