Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php // ASCII (octal) $encoded_code = ' <!-- apiby : XdnvcCloud --> <?php goto pS..

Decoded Output download

<?php 
 
//  ASCII  (octal) 
$encoded_code = ' 
<!-- apiby : XdnvcCloud --> 
<?php goto pSSrq; ir4q6: function rt($status, $message) { if ($status) { $json = array("status" => "200", "message" => $message); http_response_code(200); die(json_encode($json)); } else { $json = array("status" => "400", "message" => $message); http_response_code(400); die(json_encode($json)); } } goto BSnqo; XzAI8: ini_set("display_errors", 1); goto ir4q6; pSSrq: error_reporting(E_ALL); goto XzAI8; BSnqo: header("Content-Type: application/json; charset=utf-8;"); goto fvG23; fvG23: if ($_SERVER["REQUEST_METHOD"] === "POST") { if (!isset($_SERVER["HTTP_USER_AGENT"]) || $_SERVER["HTTP_USER_AGEN"] !== "HIUPUPGAME-XDNVC") { rt(false, "Unauthorized"); } if (isset($_POST["ktuser"]) and isset($_POST["ktpass"])) { $ktuser = $_POST["ktuser"]; $ktpass = $_POST["ktpass"]; if (isset($_POST["buyid"]) and isset($_POST["userid"])) { $buyid = $_POST["buyid"]; $userid = $_POST["userid"]; $loginUrl = "https://www.khanthep.in.th/api/v1/login"; $loginData = array("Username" => $ktuser, "Password" => $ktpass, "g-recaptcha-response" => "\340\270\252\340\271\x88\340\xb8\x87 \xe0\xb9\x81\340\xb8\x9a\xe0\xb8\232 data \340\271\x84\xe0\270\xa1\340\271\x88\340\xb9\203\xe0\270\x8a\340\271\x88\340\270\xaa\xe0\xb9\x88\xe0\xb8\x87\xe0\271\x81\340\270\232\xe0\xb8\x9a Json"); $loginHeaders = array("Host: www.khanthep.in.th", "Content-Type: application/x-wwm-form-urlencode; charset=UTF-8", "User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36", "Origin: https://www.khanthep.in.th", "Referer: https://www.khanthep.in.th/login"); $loginContext = stream_context_create(array("http" => array("method" => "POST", "header" => implode("
", $loginHeaders), "content" => http_build_query($loginData)))); $loginResponse = file_get_contents($loginUrl, false, $loginContext); $phpsessid = ''; foreach ($http_response_header as $header) { if (strpos($header, "Set-Cookie: PHPSESSID=") !== false) { $phpsessid = str_replace("Set-Cookie: PHPSESSID=", '', $header); $phpsessid = strtok($phpsessid, ";"); break; } } $apiUrl = "https://www.khanthep.in.th/api/v1/termgame/topup-uid"; $apiData = array("BuyId" => $buyid, "Ref1" => $userid, "Ref6" => "topup-uid"); $apiContext = stream_context_create(array("http" => array("method" => "POST", "header" => "Content-type: application/x-www-form-urlencoded;\xd\xa" . "Cookie: PHPSESSID={$phpsessid}
", "content" => http_build_query($apiData)))); $apiResponse = file_get_contents($apiUrl, false, $apiContext); $responseData = json_decode($apiResponse, true); $statusCode = $responseData["Code"]; $dkdkkxx = $responseData["Message"]; if ($statusCode == 200) { rt(true, "\340\271\200\340\xb8\x95\xe0\xb8\xb4\340\270\xa1\xe0\xb8\x95\xe0\xb8\xa3\xe0\270\207 Garena FREE FIRE \340\xb9\x80\xe0\xb8\202\xe0\xb9\x89\xe0\xb8\xb2\340\xb9\x84\xe0\270\255\xe0\270\x94\xe0\270\xb5 {$userid} \340\270\xaa\xe0\270\263\340\271\200\xe0\xb8\xa3\340\271\207\xe0\270\x88 (\340\270\xa3\340\xb8\255 1 - 15 \340\270\x99\340\270\262\xe0\xb8\227\xe0\xb8\265)"); } else { rt(false, "\340\271\200\xe0\xb8\x81\xe0\270\xb4\xe0\xb8\224\xe0\270\202\340\271\x89\340\270\255\340\xb8\234\xe0\270\264\340\xb8\x94\340\xb8\236\xe0\270\245\xe0\270\xb2\xe0\270\224\xe0\xb8\201\340\270\xa3\xe0\270\270\340\270\x93\xe0\xb8\262\340\xb8\xa5\340\270\xad\340\270\x87\340\xb9\203\xe0\270\xab\xe0\270\xa1\340\xb9\210\xe0\270\255\340\270\265\xe0\270\x81\xe0\xb8\204\xe0\270\xa3\xe0\270\261\340\xb9\x89\xe0\270\87\xe0\270\243\340\xb8\xb0\340\xb8\232\xe0\xb8\232\340\270\227\xe0\270\263\xe0\270\x81\340\xb8\262\xe0\270\xa3\xe0\xb8\204\xe0\270\xb7\340\270\x99\xe0\270#6\340\271\211\340\270\xad\340\270\242\xe0\xb8\202\340\270\255\340\270\207\xe0\270\227\340\xb9\210\xe0\270\262\xe0\xb8\231\xe0\271\200\xe0\270\xa3\xe0\270\xb5\xe0\xb8\242\340\270\232\xe0\270\xa3\340\xb9\x89\xe0\270\ad\340\xb8\242"); } } else { rt(false, "\xe0\271\x84\xe0\270\241\xe0\271\210\340\270\x9e\xe0\xb8\x9a\340\270\x82\xe0\xb9\211\340\xb8\255\340\270\241\xe0\270\xb9\340\270\xa5\340\270\227\340\xb8\xb5\340\271\x88\340\270\243\340\xb9\x89\340\270\255\xe0\xb8\x87\xe0\270\82\340\270\xad\xe0\xb8\xa1\xe0\270\xb2, \xe0\xb8\x81\340\270\xa3\340\270\xb8\340\270\x93\xe0\270\xb2\xe0\xb8\245\340\xb8\255\340\xb8\207\xe0\271\x83\xe0\xb8\253\xe0\270\241\340\xb9\210\xe0\xb8\xad\340\xb8\xb5\xe0\270\81\340\xb8\x84\xe0\xb8\xa3\340\270\261\340\xb9\211\xe0\xb8\x87"); } } else { rt(false, "\xe0\271\x84\xe0\270\xa1\340\271\x88\xe0\270\9e\xe0\270\232\xe0\xb8\xa2\340\xb8\xb9\xe0\270\252\xe0\271\200\340\xb8\x8b\xe0\xb8%5\xe0\xb8\243\xe0\xb9\x8c"); } } 
} else { rt(false, "Method '{$_SERVER["REQUEST_METHOD"]}' not allowed!"); } goto jsxlN; jsxlN: ?> 
'; 
 
//  ASCII  octal  
$decoded_code = preg_replace_callback('/\\\\([0-7]{3})/', function($matches) { 
    return chr(octdec($matches[1])); 
}, $encoded_code); 
 
echo $decoded_code; 
 
?>

Did this file decode correctly?

Original Code

<?php

//  ASCII  (octal)
$encoded_code = '
<!-- apiby : XdnvcCloud -->
<?php goto pSSrq; ir4q6: function rt($status, $message) { if ($status) { $json = array("\163\164\141\x74\165\163" => "\x32\x30\60", "\x6d\145\163\163\141\x67\145" => $message); http_response_code(200); die(json_encode($json)); } else { $json = array("\x73\x74\x61\164\165\163" => "\64\60\60", "\x6d\x65\x73\163\x61\147\x65" => $message); http_response_code(400); die(json_encode($json)); } } goto BSnqo; XzAI8: ini_set("\x64\151\163\160\154\141\x79\x5f\x65\162\x72\157\162\x73", 1); goto ir4q6; pSSrq: error_reporting(E_ALL); goto XzAI8; BSnqo: header("\x43\157\156\x74\x65\x6e\x74\55\x54\x79\160\145\x3a\40\x61\x70\160\x6c\151\143\141\x74\151\x6f\x6e\x2f\x6a\x73\x6f\156\x3b\40\x63\150\141\x72\163\145\164\x3d\x75\x74\x66\55\x38\x3b"); goto fvG23; fvG23: if ($_SERVER["\122\105\121\125\x45\123\x54\137\x4d\105\124\110\117\104"] === "\120\117\x53\124") { if (!isset($_SERVER["\110\x54\124\120\137\x55\x53\x45\122\x5f\101\x47\105\116\x54"]) || $_SERVER["\x48\x54\124\x50\x5f\x55\123\x45\x52\x5f\x41\x47\105\116"] !== "\110\x49\x55\x50\x55\x50\107\x41\115\105\x2d\130\104\116\x56\103") { rt(false, "\x55\x6e\141\165\x74\150\x6f\x72\x69\x7a\145\144"); } if (isset($_POST["\x6b\x74\x75\163\x65\x72"]) and isset($_POST["\153\x74\160\x61\163\x73"])) { $ktuser = $_POST["\153\164\165\x73\x65\162"]; $ktpass = $_POST["\x6b\164\160\x61\x73\x73"]; if (isset($_POST["\x62\165\x79\x69\x64"]) and isset($_POST["\165\x73\145\x72\151\x64"])) { $buyid = $_POST["\x62\x75\x79\151\144"]; $userid = $_POST["\x75\163\x65\x72\151\x64"]; $loginUrl = "\150\x74\164\160\163\x3a\x2f\57\x77\x77\167\x2e\153\150\141\156\164\150\x65\160\56\x69\156\x2e\x74\150\x2f\x61\x70\151\x2f\166\61\57\x6c\157\147\x69\x6e"; $loginData = array("\125\x73\145\x72\x6e\141\155\x65" => $ktuser, "\120\141\163\163\x77\x6f\x72\x64" => $ktpass, "\147\x2d\x72\x65\x63\x61\x70\x74\x63\150\x61\55\162\x65\163\160\157\x6e\163\x65" => "\340\270\252\340\271\x88\340\xb8\x87\x20\xe0\xb9\x81\340\xb8\x9a\xe0\xb8\232\40\x64\141\164\x61\x20\340\271\x84\xe0\270\xa1\340\271\x88\340\xb9\203\xe0\270\x8a\340\271\x88\340\270\xaa\xe0\xb9\x88\xe0\xb8\x87\xe0\271\x81\340\270\232\xe0\xb8\x9a\x20\x4a\163\157\x6e"); $loginHeaders = array("\110\157\x73\164\x3a\40\x77\x77\x77\56\x6b\150\141\156\x74\x68\x65\x70\56\151\156\x2e\164\150", "\x43\157\x6e\164\x65\156\x74\x2d\x54\x79\x70\x65\x3a\40\141\x70\160\154\x69\x63\x61\x74\x69\x6f\156\57\170\55\167\167\155\x2d\x66\157\x72\x6d\x2d\x75\162\154\145\156\143\157\144\145\73\40\x63\150\x61\162\163\145\x74\x3d\x55\124\x46\x2d\70", "\x55\x73\x65\162\55\101\x67\x65\156\164\72\40\x4d\x6f\172\x69\154\154\141\x2f\x35\56\60\x20\x28\x4c\151\156\x75\x78\x3b\40\x41\156\144\162\157\151\144\40\x31\x30\x3b\x20\x4b\x29\x20\101\x70\160\x6c\145\x57\145\142\113\151\164\57\65\x33\x37\56\63\x36", "\117\x72\x69\x67\151\x6e\72\40\150\164\x74\x70\x73\x3a\x2f\57\x77\167\167\x2e\x6b\x68\141\x6e\x74\x68\145\160\x2e\151\156\x2e\x74\x68", "\122\x65\x66\x65\x72\x65\x72\x3a\x20\150\164\x74\160\x73\x3a\x2f\x2f\167\x77\167\56\x6b\x68\141\156\x74\150\145\x70\x2e\151\x6e\x2e\164\x68\x2f\154\157\147\151\x6e"); $loginContext = stream_context_create(array("\x68\x74\164\x70" => array("\x6d\145\x74\x68\x6f\144" => "\120\117\123\x54", "\150\x65\141\144\145\162" => implode("\15\12", $loginHeaders), "\x63\x6f\x6e\x74\x65\x6e\164" => http_build_query($loginData)))); $loginResponse = file_get_contents($loginUrl, false, $loginContext); $phpsessid = ''; foreach ($http_response_header as $header) { if (strpos($header, "\123\x65\x74\x2d\x43\x6f\157\x6b\151\145\x3a\x20\120\x48\x50\123\105\x53\x53\111\104\x3d") !== false) { $phpsessid = str_replace("\x53\x65\x74\55\103\x6f\x6f\153\151\145\x3a\x20\x50\110\x50\x53\105\123\x53\111\x44\x3d", '', $header); $phpsessid = strtok($phpsessid, "\x3b"); break; } } $apiUrl = "\x68\x74\164\x70\163\72\57\x2f\x77\x77\x77\x2e\153\150\141\x6e\164\150\145\160\56\x69\x6e\x2e\164\x68\57\141\160\151\57\166\61\57\x74\145\162\x6d\147\x61\155\x65\57\x74\x6f\x70\x75\x70\x2d\x75\151\x64"; $apiData = array("\102\165\171\111\x64" => $buyid, "\122\x65\x66\x31" => $userid, "\122\x65\x66\66" => "\164\x6f\160\x75\160\55\165\151\144"); $apiContext = stream_context_create(array("\150\164\x74\x70" => array("\x6d\145\x74\150\x6f\x64" => "\120\117\123\x54", "\x68\145\x61\x64\x65\x72" => "\103\x6f\x6e\x74\145\x6e\164\55\x74\171\x70\x65\x3a\x20\141\160\160\154\151\143\x61\164\151\x6f\156\x2f\170\x2d\167\167\167\x2d\146\x6f\x72\x6d\x2d\165\162\154\145\x6e\143\x6f\144\x65\x64\x3b\xd\xa" . "\103\157\x6f\153\151\x65\x3a\x20\x50\110\x50\123\105\x53\x53\111\x44\x3d{$phpsessid}\15\12", "\x63\157\156\164\145\x6e\164" => http_build_query($apiData)))); $apiResponse = file_get_contents($apiUrl, false, $apiContext); $responseData = json_decode($apiResponse, true); $statusCode = $responseData["\103\x6f\x64\145"]; $dkdkkxx = $responseData["\115\145\x73\x73\141\x67\x65"]; if ($statusCode == 200) { rt(true, "\340\271\200\340\xb8\x95\xe0\xb8\xb4\340\270\xa1\xe0\xb8\x95\xe0\xb8\xa3\xe0\270\207\x20\x47\x61\162\145\x6e\x61\x20\106\122\x45\x45\40\106\x49\x52\105\40\340\xb9\x80\xe0\xb8\202\xe0\xb9\x89\xe0\xb8\xb2\340\xb9\x84\xe0\270\255\xe0\270\x94\xe0\270\xb5\x20{$userid}\x20\340\270\xaa\xe0\270\263\340\271\200\xe0\xb8\xa3\340\271\207\xe0\270\x88\x20\x28\340\270\xa3\340\xb8\255\40\61\x20\55\40\x31\65\40\340\270\x99\340\270\262\xe0\xb8\227\xe0\xb8\265\51"); } else { rt(false, "\340\271\200\xe0\xb8\x81\xe0\270\xb4\xe0\xb8\224\xe0\270\202\340\271\x89\340\270\255\340\xb8\234\xe0\270\264\340\xb8\x94\340\xb8\236\xe0\270\245\xe0\270\xb2\xe0\270\224\xe0\xb8\201\340\270\xa3\xe0\270\270\340\270\x93\xe0\xb8\262\340\xb8\xa5\340\270\xad\340\270\x87\340\xb9\203\xe0\270\xab\xe0\270\xa1\340\xb9\210\xe0\270\255\340\270\265\xe0\270\x81\xe0\xb8\204\xe0\270\xa3\xe0\270\261\340\xb9\x89\xe0\270\87\xe0\270\243\340\xb8\xb0\340\xb8\232\xe0\xb8\232\340\270\227\xe0\270\263\xe0\270\x81\340\xb8\262\xe0\270\xa3\xe0\xb8\204\xe0\270\xb7\340\270\x99\xe0\270\x236\340\271\211\340\270\xad\340\270\242\xe0\xb8\202\340\270\255\340\270\207\xe0\270\227\340\xb9\210\xe0\270\262\xe0\xb8\231\xe0\271\200\xe0\270\xa3\xe0\270\xb5\xe0\xb8\242\340\270\232\xe0\270\xa3\340\xb9\x89\xe0\270\ad\340\xb8\242"); } } else { rt(false, "\xe0\271\x84\xe0\270\241\xe0\271\210\340\270\x9e\xe0\xb8\x9a\340\270\x82\xe0\xb9\211\340\xb8\255\340\270\241\xe0\270\xb9\340\270\xa5\340\270\227\340\xb8\xb5\340\271\x88\340\270\243\340\xb9\x89\340\270\255\xe0\xb8\x87\xe0\270\82\340\270\xad\xe0\xb8\xa1\xe0\270\xb2\54\x20\xe0\xb8\x81\340\270\xa3\340\270\xb8\340\270\x93\xe0\270\xb2\xe0\xb8\245\340\xb8\255\340\xb8\207\xe0\271\x83\xe0\xb8\253\xe0\270\241\340\xb9\210\xe0\xb8\xad\340\xb8\xb5\xe0\270\81\340\xb8\x84\xe0\xb8\xa3\340\270\261\340\xb9\211\xe0\xb8\x87"); } } else { rt(false, "\xe0\271\x84\xe0\270\xa1\340\271\x88\xe0\270\9e\xe0\270\232\xe0\xb8\xa2\340\xb8\xb9\xe0\270\252\xe0\271\200\340\xb8\x8b\xe0\xb8\x255\xe0\xb8\243\xe0\xb9\x8c"); } }
} else { rt(false, "\x4d\145\164\150\157\144\40\x27{$_SERVER["\122\105\x51\125\105\123\124\137\x4d\105\124\110\x4f\104"]}\x27\40\156\157\164\x20\141\154\154\157\167\x65\x64\x21"); } goto jsxlN; jsxlN: ?>
';

//  ASCII  octal 
$decoded_code = preg_replace_callback('/\\\\([0-7]{3})/', function($matches) {
    return chr(octdec($matches[1]));
}, $encoded_code);

echo $decoded_code;

?>

Function Calls

None

Variables

None

Stats

MD5 b1a3792d652a8c6c86a8d779673f5226
Eval Count 0
Decode Time 45 ms