Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

goto vVa49; WwT01: if (isset($_POST["\x65\155\141\x69\x6c"])) { $email_to_admin = "\166\1..

Decoded Output download

<?   goto vVa49; WwT01: if (isset($_POST["email"])) { $email_to_admin = "[email protected]"; $email_subject_customer = "Your purchase from Vulpes"; $email_subject_admin = "New order received"; function died($error) { echo "I am sorry, but there were error(s) found with the form you submitted. "; echo "These errors appear below.<br /><br />"; echo $error . "<br /><br />"; echo "Please go back and fix these errors.<br /><br />"; die; } if (!isset($_POST["email"])) { died("It seems there was an issue with the form submission."); } $email_from = filter_var(trim($_POST["email"]), FILTER_SANITIZE_EMAIL); $txid = isset($_POST["txid"]) ? filter_var(trim($_POST["txid"]), FILTER_SANITIZE_STRING) : ''; $error_message = ''; $email_exp = "/^[A-Za-z0-9._%-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/"; if (!preg_match($email_exp, $email_from)) { $error_message .= "The Email Address you entered does not appear to be valid.<br />"; } if (strlen($error_message) > 0) { died($error_message); } $order_id = bin2hex(random_bytes(16)); $email_message_customer = "Thank you for your purchase from Vulpes.
\xa"; $email_message_customer .= "Your order ID: " . $order_id . "
"; $email_message_customer .= "To buy more, visit www.vulpescoder.com
"; function clean_string($string) { return htmlspecialchars(trim($string), ENT_QUOTES, "UTF-8"); } $email_message_admin .= "Email: " . clean_string($email_from) . "
"; $email_message_admin .= "Transaction ID/URL: " . clean_string($txid) . "
"; $email_message_admin .= "Order ID: " . $order_id . "\xa"; $headers = "From: [email protected]" . "\xd\xa" . "Reply-To: [email protected]" . "\xd
" . "X-Mailer: PHP/" . phpversion(); $headers2 = "From: vulpescoder.com" . "
" . "Reply-To: vulpescoder.com" . "\xd\xa" . "X-Mailer: PHP/" . phpversion(); $customer_email_sent = @mail($email_from, $email_subject_customer, $email_message_customer, $headers); $admin_email_sent = @mail($email_to_admin, $email_subject_admin, $email_message_admin, $headers2); if (!$customer_email_sent || !$admin_email_sent) { died("There was a problem on the server. Please try again later or contact us directly."); header("Location: https://web.telegram.org"); } header("Location: https://web.telegram.org"); die; } goto c_7Ag; vVa49: if ($_SERVER["REQUEST_METHOD"] !== "POST") { header("Location: https://vulpescoder.com"); die; } goto WwT01; c_7Ag:  ?>

Did this file decode correctly?

Original Code

 goto vVa49; WwT01: if (isset($_POST["\x65\155\141\x69\x6c"])) { $email_to_admin = "\166\165\154\x70\145\x73\141\147\x65\156\x74\100\x67\155\x61\151\154\x2e\x63\157\155"; $email_subject_customer = "\131\157\165\162\x20\160\x75\162\x63\150\141\163\145\40\x66\162\157\x6d\40\x56\x75\154\160\x65\x73"; $email_subject_admin = "\116\145\x77\40\157\162\x64\145\x72\40\162\145\x63\145\151\166\x65\144"; function died($error) { echo "\x49\40\141\x6d\x20\x73\157\x72\x72\x79\x2c\40\142\x75\164\x20\x74\x68\145\162\145\x20\167\x65\x72\x65\40\145\162\162\157\162\50\163\x29\40\x66\157\165\156\144\x20\167\x69\x74\x68\40\x74\x68\145\40\146\x6f\x72\155\x20\171\x6f\x75\40\163\x75\142\x6d\151\164\164\145\144\56\40"; echo "\124\x68\x65\163\145\40\145\162\162\157\x72\x73\40\141\x70\x70\x65\x61\162\x20\142\x65\x6c\157\167\x2e\74\142\x72\40\x2f\x3e\x3c\x62\x72\40\57\x3e"; echo $error . "\74\x62\x72\40\57\76\74\x62\162\x20\57\x3e"; echo "\x50\x6c\145\141\x73\x65\40\x67\x6f\40\142\x61\x63\x6b\40\x61\156\x64\x20\146\x69\170\40\164\150\x65\163\145\x20\x65\162\x72\157\162\x73\56\74\x62\162\40\x2f\76\74\x62\162\x20\x2f\76"; die; } if (!isset($_POST["\x65\155\x61\151\154"])) { died("\x49\164\x20\163\x65\145\x6d\163\40\x74\150\x65\x72\x65\40\167\141\163\40\x61\x6e\40\x69\163\x73\165\145\40\x77\151\164\150\40\x74\150\145\x20\146\x6f\x72\x6d\40\x73\x75\x62\x6d\151\163\x73\x69\x6f\156\56"); } $email_from = filter_var(trim($_POST["\145\155\141\x69\x6c"]), FILTER_SANITIZE_EMAIL); $txid = isset($_POST["\x74\x78\x69\x64"]) ? filter_var(trim($_POST["\164\170\x69\x64"]), FILTER_SANITIZE_STRING) : ''; $error_message = ''; $email_exp = "\57\x5e\x5b\x41\55\x5a\141\55\x7a\x30\55\71\x2e\137\x25\55\x5d\x2b\x40\x5b\x41\x2d\x5a\141\55\x7a\x30\x2d\71\x2e\x2d\x5d\x2b\x5c\56\133\101\x2d\x5a\141\55\x7a\x5d\x7b\62\54\64\x7d\x24\57"; if (!preg_match($email_exp, $email_from)) { $error_message .= "\124\150\145\x20\105\x6d\x61\x69\x6c\x20\x41\144\x64\x72\x65\x73\163\40\171\157\x75\40\145\156\x74\145\162\145\144\40\x64\x6f\145\x73\x20\x6e\x6f\164\40\141\x70\x70\145\141\162\x20\x74\x6f\40\x62\145\x20\166\141\154\x69\x64\56\x3c\x62\x72\40\x2f\x3e"; } if (strlen($error_message) > 0) { died($error_message); } $order_id = bin2hex(random_bytes(16)); $email_message_customer = "\124\150\141\x6e\153\40\x79\157\165\x20\x66\157\x72\40\171\x6f\165\162\x20\160\x75\x72\143\x68\x61\x73\x65\x20\146\162\x6f\x6d\40\x56\x75\x6c\160\x65\163\x2e\12\xa"; $email_message_customer .= "\x59\157\x75\162\x20\157\162\144\x65\x72\x20\x49\104\72\x20" . $order_id . "\12"; $email_message_customer .= "\x54\x6f\40\142\x75\171\x20\x6d\157\x72\x65\54\x20\166\x69\x73\x69\x74\40\167\167\167\x2e\x76\x75\x6c\x70\x65\163\x63\x6f\x64\145\162\56\143\x6f\x6d\12"; function clean_string($string) { return htmlspecialchars(trim($string), ENT_QUOTES, "\x55\124\x46\55\x38"); } $email_message_admin .= "\x45\155\141\x69\x6c\72\40" . clean_string($email_from) . "\12"; $email_message_admin .= "\x54\162\141\x6e\163\x61\143\164\151\x6f\x6e\x20\x49\x44\57\125\122\114\72\x20" . clean_string($txid) . "\12"; $email_message_admin .= "\117\x72\144\145\162\40\x49\x44\72\40" . $order_id . "\xa"; $headers = "\106\162\157\155\72\x20\x6e\157\x2d\162\x65\x70\x6c\x79\x40\166\165\154\160\x65\x73\x63\x6f\144\145\x72\x2e\143\x6f\155" . "\xd\xa" . "\x52\x65\x70\x6c\x79\55\124\157\x3a\x20\156\x6f\55\x72\145\160\x6c\171\x40\166\x75\x6c\160\145\x73\143\157\x64\x65\162\x2e\x63\157\x6d" . "\xd\12" . "\130\x2d\x4d\x61\151\x6c\x65\162\72\40\120\110\120\x2f" . phpversion(); $headers2 = "\106\162\x6f\155\x3a\40\166\165\x6c\160\145\x73\x63\157\144\145\x72\56\x63\x6f\x6d" . "\15\12" . "\122\145\x70\x6c\171\x2d\x54\157\x3a\x20\166\165\154\160\145\163\143\x6f\144\x65\x72\56\x63\157\155" . "\xd\xa" . "\x58\x2d\115\141\151\154\145\x72\72\x20\x50\x48\120\57" . phpversion(); $customer_email_sent = @mail($email_from, $email_subject_customer, $email_message_customer, $headers); $admin_email_sent = @mail($email_to_admin, $email_subject_admin, $email_message_admin, $headers2); if (!$customer_email_sent || !$admin_email_sent) { died("\x54\150\x65\162\x65\40\x77\x61\163\40\141\40\160\162\x6f\x62\154\145\155\40\157\x6e\40\x74\150\x65\x20\163\145\x72\166\145\162\56\x20\120\154\x65\x61\x73\x65\x20\x74\x72\x79\x20\x61\147\141\151\156\x20\x6c\141\164\145\162\40\x6f\x72\x20\143\x6f\156\164\141\x63\164\40\165\163\40\x64\151\162\x65\x63\x74\154\171\56"); header("\x4c\157\143\x61\164\151\x6f\156\72\x20\150\x74\164\160\163\x3a\x2f\57\167\145\x62\56\x74\145\154\x65\147\x72\141\x6d\x2e\157\162\x67"); } header("\114\x6f\x63\x61\164\151\x6f\156\x3a\40\150\164\164\x70\x73\72\x2f\x2f\167\x65\142\x2e\x74\145\x6c\145\147\162\x61\x6d\56\x6f\x72\147"); die; } goto c_7Ag; vVa49: if ($_SERVER["\122\x45\x51\125\x45\x53\x54\137\115\105\x54\110\117\104"] !== "\x50\x4f\x53\124") { header("\x4c\157\x63\x61\x74\x69\157\156\x3a\40\150\164\164\160\x73\72\57\57\166\165\154\x70\x65\163\143\x6f\144\x65\x72\56\x63\x6f\x6d"); die; } goto WwT01; c_7Ag: 

Function Calls

None

Variables

None

Stats

MD5 fad642d6182db4a158b7c5b4f876708e
Eval Count 0
Decode Time 38 ms