Online PHP Javascript Script Decoder

Online PHP and Javascript Decoder decode hidden script to uncover its real functionality

Original code:

<?php
 goto wi6am; zkdVi: function checkLicense($key) { $secret = "\142\163\107\x68\61\x36\x62\x75\x63\x42\156\110\125\x6f\110\x32\160\x53\x4a\x46\x70\130\164\x6a\64\x38\60\x39\x32\71\70\152\x74\x34\63"; $cleanKey = trim($key); $encodedKey = urlencode($cleanKey); $url = "\x68\x74\164\x70\x73\x3a\57\57\144\x61\163\150\x62\157\141\162\x64\56\141\165\x74\x68\55\163\x6f\x6c\x75\164\x69\x6f\x6e\163\56\144\145\57\x61\x70\x69\x2e\160\150\160\77\163\x65\143\162\x65\164\x3d" . $secret . "\x26\164\171\x70\145\x3d\x6c\151\143\145\156\x73\145\x26\x6b\145\171\75" . $encodedKey . "\46\163\x63\157\x70\x65\x3d\x70\x61\x63\x6b\x76\61"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10); curl_setopt($ch, CURLOPT_HTTPHEADER, array("\x43\x6f\156\x74\145\156\x74\55\x54\171\x70\145\72\x20\141\x70\x70\x6c\x69\x63\141\x74\x69\157\156\57\152\163\x6f\x6e", "\101\143\143\145\x70\x74\72\x20\x61\x70\160\154\151\x63\x61\x74\x69\x6f\x6e\57\x6a\x73\157\156")); $response = curl_exec($ch); $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE); if ($response === false) { error_log("\103\x75\x72\154\40\105\162\162\x6f\x72\x3a\x20" . curl_error($ch)); curl_close($ch); return array("\x76\x61\x6c\151\x64" => 0, "\x6d\145\x73\x73\x61\x67\x65" => "\x43\x6f\156\x6e\x65\x63\164\151\157\x6e\x20\105\x72\162\157\162"); } $data = json_decode($response, true); if (json_last_error() !== JSON_ERROR_NONE) { error_log("\112\123\117\116\x20\104\145\143\157\x64\145\40\105\162\162\x6f\x72\x3a\x20" . json_last_error_msg()); curl_close($ch); return array("\166\x61\x6c\151\x64" => 0, "\x6d\145\x73\163\141\147\145" => "\111\x6e\x76\x61\x6c\x69\144\x20\x52\x65\163\x70\x6f\x6e\163\145\x20\x46\x6f\162\155\x61\164"); } curl_close($ch); return $data; } goto gSiPs; gSiPs: function validateLicense() { global $license_config; global $website_config; if (!isset($license_config["\x6c\151\x63\x65\x6e\x73\145\x5f\153\145\x79"])) { return false; } try { $verify = checkLicense($license_config["\154\151\x63\x65\156\163\145\137\153\145\171"]); if (isset($verify["\166\141\154\x69\x64"]) && $verify["\x76\141\154\151\144"] === 1 && isset($verify["\155\x65\x73\x73\141\147\145"]) && $verify["\x6d\145\163\163\x61\147\145"] === "\114\x49\103\x45\116\123\x45\x5f\x56\x45\x52\x49\106\111\x45\x44") { return true; } return false; } catch (Exception $e) { return false; } } goto G335b; wi6am: include "\143\x6f\x6e\146\151\x67\x2e\x70\x68\x70"; goto zkdVi; G335b: function redirectToLicenseError() { global $website_config; header("\x4c\157\x63\x61\164\151\157\156\72\x20\x68\x74\x74\160\x73\x3a\57\57" . $website_config["\163\x69\164\x65\137\x64\157\155\141\151\x6e"] . "\57\154\151\143\145\156\x73\145\x5f\x65\162\162\x6f\162\56\x70\x68\160"); die; } goto DUHHd; DUHHd: if (!defined("\x4c\111\103\x45\116\123\105\x5f\x43\x48\105\103\113\137\x42\x59\x50\101\123\123")) { if (!validateLicense()) { redirectToLicenseError(); } }

Decrypted code:

goto wi6am;
	 zkdVi: function checkLicense($key) {
	 $secret = "bsGhbucBnHUoH2pSJFpXtj4809298jt43";
	 $cleanKey = trim($key);
	 $encodedKey = urlencode($cleanKey);
	 $url = "https://dashboard.auth-solutions.de/api.php?secret=" . $secret . "&type=license&key=" . $encodedKey . "&scope=packv1";
	 $ch = curl_init();
	 curl_setopt($ch, CURLOPT_URL, $url);
	 curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
	 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
	 curl_setopt($ch, CURLOPT_TIMEOUT, 30);
	 curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
	 curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/json", "Accept: application/json"));
	 $response = curl_exec($ch);
	 $httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
		 if ($response === false) {
		 error_log("Curl Error: " . curl_error($ch));
		 curl_close($ch);
		 return array("valid" => 0, "message" => "Connection Error");
		 
	}
	 $data = json_decode($response, true);
		 if (json_last_error() !== JSON_ERROR_NONE) {
		 error_log("JSON Decode Error: " . json_last_error_msg());
		 curl_close($ch);
		 return array("valid" => 0, "message" => "Invalid Response Format");
		 
	}
	 curl_close($ch);
	 return $data;
	 
}
 goto gSiPs;
	 gSiPs: function validateLicense() {
	 global $license_config;
	 global $website_config;
		 if (!isset($license_config["license_key"])) {
		 return false;
		 
	}
		 try {
		 $verify = checkLicense($license_config["license_key"]);
			 if (isset($verify["valid"]) && $verify["valid"] === 1 && isset($verify["message"]) && $verify["message"] === "LICENSE_VERIFIED") {
			 return true;
			 
		}
		 return false;
		 
	}
		 catch (Exception $e) {
		 return false;
		 
	}
	 
}
 goto G335b;
 wi6am: include "config.php";
 goto zkdVi;
	 G335b: function redirectToLicenseError() {
	 global $website_config;
	 header("Location: https://" . $website_config["site_domain"] . "/license_error.php");
	 die;
	 
}
 goto DUHHd;
	 DUHHd: if (!defined("LICENSE_CHECK_BYPASS")) {
		 if (!validateLicense()) {
		 redirectToLicenseError();
		 
	}
	 
}

Recent submissions: