Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

^[j^r^ if (isset($_GET["\x75\x69\144"])) { $uid = $_GET["\x75\151\x64"]; $apiUrl = "\150..

Decoded Output download

<?  ^[j^r^ 
 if (isset($_GET["uid"])) { $uid = $_GET["uid"]; $apiUrl = "https://shop.garena.sg/api/auth/player_id_login"; $data = array("app_id" => 100067, "login_id" => $uid, "app_server_id" => 0); $jsonData = json_encode($data); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $apiUrl); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonData); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/json", "Accept-Encoding: gzip, deflate, br", "Accept-Language: en-IN,en-GB;q=0.9,en-US;q=0.8,en;q=0.7", "Connection: keep-alive", "Content-Length: " . strlen($jsonData), "Cookie: source=mb; _gid=GA1.2.565554625.1701011422; _gat_gtag_UA_137597827_4=1; session_key=4ryv313j988obgb94ip9l871vhu0m0fw; _ga=GA1.2.1754394281.1699017599; datadome=fki3KEySi7F0lUp1DMaCFePgR9nG3XdwZtuoDRp34gfh2oNRxnE4CvcjjfBlNxW0158MQ3Nez3cpOOp9PmS7I6XJzBiQElfH4nkEX5RgWs7myybJjPNf2vyZG5leItY8; _ga_R04L19G92K=GS1.1.1701011410.2.1.1701011454.0.0.0", "Host: shop.garena.sg", "Origin: https://shop.garena.sg", "Referer: https://shop.garena.sg/app/100067/idlogin", "Sec-Fetch-Dest: empty", "Sec-Fetch-Mode: cors", "Sec-Fetch-Site: same-origin", "Accept: application/json", "sec-ch-ua: "Not)A;Brand";v="24", "Chromium";v="116"", "sec-ch-ua-mobile: ?1", "sec-ch-ua-platform: "Android"", "x-datadome-clientid: Jmho2Ii8HPbH7oYogHAaf7~jJkrnuoe2Vf7oUk3zBadjqUWaFOuWF6JcUJ9dm0QiVzX_17vUBG4uw9rn8tiFe7oy0Spb6Mf4wJF7DjToYhK3MeHVRgpmGGxRezIKvMP8", "User-Agent: Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.0.0 Mobile Safari/537.36")); $response = curl_exec($ch); if (curl_errno($ch)) { echo "Curl error: " . curl_error($ch); } curl_close($ch); if (strpos($response, "\x1f\x8b\x8") === 0) { $response = gzdecode($response); } $parsedResponse = json_decode($response, true); if (isset($parsedResponse["nickname"])) { echo $parsedResponse["nickname"]; } else { if (isset($parsedResponse["url"])) { echo "captcha"; } else { echo "incorrect_player_id"; } } } else { echo "developed by: @geekmods1"; }  ?>

Did this file decode correctly?

Original Code

^[j^r^
 if (isset($_GET["\x75\x69\144"])) { $uid = $_GET["\x75\151\x64"]; $apiUrl = "\150\164\x74\160\163\x3a\57\57\163\150\x6f\160\56\147\x61\162\x65\x6e\141\x2e\163\x67\x2f\x61\x70\151\x2f\x61\x75\164\150\x2f\160\x6c\141\x79\x65\x72\x5f\151\144\x5f\x6c\157\x67\151\x6e"; $data = array("\x61\160\160\x5f\151\x64" => 100067, "\154\157\x67\151\156\137\151\144" => $uid, "\x61\160\160\x5f\x73\145\x72\166\145\162\x5f\151\x64" => 0); $jsonData = json_encode($data); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $apiUrl); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonData); curl_setopt($ch, CURLOPT_HTTPHEADER, array("\x43\157\156\164\145\x6e\x74\x2d\x54\x79\x70\x65\x3a\40\141\x70\x70\x6c\151\143\x61\x74\151\x6f\156\57\x6a\x73\x6f\x6e", "\x41\x63\143\x65\x70\164\x2d\x45\x6e\143\157\x64\x69\156\147\x3a\40\147\172\x69\160\x2c\x20\144\145\x66\x6c\141\x74\145\54\x20\142\x72", "\x41\x63\x63\x65\x70\x74\55\114\x61\x6e\147\x75\x61\x67\x65\72\x20\145\x6e\x2d\x49\x4e\54\x65\156\x2d\x47\102\73\161\x3d\x30\56\71\x2c\x65\x6e\x2d\x55\123\73\161\75\x30\56\x38\x2c\x65\x6e\x3b\x71\x3d\x30\x2e\67", "\103\157\x6e\x6e\x65\143\164\151\157\x6e\72\40\153\x65\145\x70\x2d\141\154\151\166\145", "\103\x6f\x6e\164\x65\x6e\164\55\x4c\145\x6e\147\x74\x68\72\40" . strlen($jsonData), "\x43\157\x6f\x6b\151\x65\72\x20\163\157\x75\162\143\x65\x3d\x6d\142\73\x20\x5f\147\x69\x64\75\107\x41\x31\56\62\56\x35\x36\x35\x35\65\64\x36\62\x35\56\x31\x37\x30\61\60\x31\61\64\62\62\x3b\x20\137\x67\x61\164\x5f\147\164\x61\x67\137\125\x41\x5f\x31\63\67\x35\71\67\x38\x32\67\x5f\x34\75\x31\x3b\40\x73\145\163\163\151\157\156\x5f\x6b\145\171\x3d\64\x72\x79\x76\63\61\63\x6a\71\70\x38\157\x62\147\142\x39\x34\x69\x70\x39\x6c\x38\67\x31\166\x68\x75\x30\155\60\146\x77\73\40\x5f\x67\141\75\x47\x41\x31\x2e\62\56\61\67\65\64\63\x39\64\x32\70\61\x2e\61\x36\71\71\x30\x31\x37\65\71\71\73\40\144\141\x74\141\x64\157\155\x65\75\x66\153\151\63\113\x45\x79\x53\151\x37\106\x30\154\x55\x70\61\x44\x4d\x61\x43\106\x65\120\x67\122\71\156\107\x33\130\144\x77\132\x74\x75\157\x44\x52\x70\x33\x34\x67\x66\x68\x32\x6f\116\122\x78\x6e\x45\x34\103\166\143\152\x6a\x66\x42\154\x4e\x78\127\60\61\65\70\x4d\x51\63\x4e\x65\x7a\63\x63\x70\117\117\160\71\120\x6d\x53\67\x49\66\x58\112\x7a\102\151\x51\x45\154\x66\110\x34\156\x6b\105\x58\x35\x52\x67\127\163\x37\155\171\x79\x62\x4a\152\x50\x4e\x66\62\166\x79\x5a\x47\65\x6c\x65\111\x74\131\70\x3b\40\137\147\141\x5f\122\x30\x34\x4c\x31\x39\107\71\x32\x4b\x3d\x47\123\61\x2e\61\56\x31\x37\x30\61\60\x31\x31\x34\61\60\56\62\56\x31\x2e\61\x37\60\x31\x30\x31\61\64\x35\x34\56\x30\56\60\x2e\x30", "\x48\157\x73\x74\x3a\40\163\150\x6f\x70\56\x67\141\162\x65\156\141\x2e\163\147", "\x4f\162\151\147\x69\156\72\40\150\x74\x74\x70\x73\x3a\x2f\x2f\163\x68\x6f\160\x2e\x67\x61\x72\145\156\141\56\163\147", "\x52\x65\146\x65\x72\x65\x72\x3a\x20\x68\164\x74\x70\x73\72\57\x2f\x73\150\157\160\56\147\x61\x72\145\156\141\56\163\147\x2f\141\160\x70\57\x31\x30\x30\60\66\x37\x2f\x69\x64\154\x6f\147\151\x6e", "\x53\145\143\x2d\106\145\x74\143\150\55\x44\145\x73\164\x3a\40\x65\155\160\x74\171", "\x53\145\x63\x2d\106\x65\164\x63\150\x2d\x4d\x6f\144\x65\72\x20\143\x6f\162\x73", "\123\x65\x63\55\x46\x65\164\x63\150\55\x53\151\x74\x65\72\40\163\x61\155\x65\x2d\157\x72\x69\147\151\156", "\101\143\x63\145\x70\164\x3a\40\141\x70\x70\154\x69\x63\x61\164\151\x6f\x6e\57\x6a\163\157\x6e", "\x73\145\143\x2d\143\150\x2d\165\x61\72\x20\x22\x4e\x6f\x74\x29\x41\x3b\102\162\x61\x6e\144\x22\x3b\x76\x3d\42\62\x34\x22\x2c\x20\42\x43\150\162\157\155\x69\165\155\x22\x3b\166\75\x22\x31\x31\x36\42", "\163\x65\x63\55\x63\x68\55\165\x61\x2d\x6d\157\x62\151\x6c\x65\72\x20\77\61", "\163\x65\143\x2d\143\x68\55\165\141\55\x70\154\x61\164\x66\157\162\155\x3a\40\x22\101\x6e\144\162\157\x69\144\42", "\x78\x2d\x64\x61\164\x61\144\x6f\x6d\145\x2d\143\154\151\145\x6e\164\x69\x64\x3a\x20\x4a\155\x68\157\62\111\x69\x38\x48\x50\142\110\67\157\x59\x6f\x67\110\x41\141\x66\67\176\152\112\153\162\156\165\157\145\62\126\x66\x37\x6f\x55\x6b\63\x7a\102\141\x64\152\161\x55\127\141\x46\117\x75\127\106\x36\112\143\x55\112\x39\x64\155\x30\x51\x69\x56\x7a\130\137\61\67\166\125\x42\107\64\165\x77\71\x72\156\70\164\151\x46\x65\x37\157\171\x30\x53\160\x62\66\x4d\x66\x34\167\x4a\106\67\x44\x6a\x54\x6f\131\150\x4b\x33\115\x65\110\126\x52\147\160\155\x47\x47\170\x52\x65\172\111\113\166\115\x50\70", "\x55\163\145\x72\55\x41\x67\x65\x6e\164\72\40\x4d\x6f\172\x69\154\x6c\x61\x2f\x35\x2e\60\40\x28\114\151\x6e\x75\170\x3b\x20\x41\156\x64\162\157\x69\144\x20\61\60\x3b\40\113\x29\x20\101\x70\x70\154\x65\127\145\142\113\151\164\x2f\x35\63\x37\56\x33\66\40\50\113\x48\124\x4d\114\x2c\40\154\151\153\145\x20\x47\145\x63\153\157\x29\x20\x43\150\162\x6f\155\145\x2f\61\x31\66\56\60\56\x30\56\60\40\115\x6f\x62\x69\154\145\40\x53\x61\146\141\x72\x69\57\65\63\67\56\63\66")); $response = curl_exec($ch); if (curl_errno($ch)) { echo "\103\165\162\154\x20\x65\x72\162\157\x72\x3a\x20" . curl_error($ch); } curl_close($ch); if (strpos($response, "\x1f\x8b\x8") === 0) { $response = gzdecode($response); } $parsedResponse = json_decode($response, true); if (isset($parsedResponse["\156\x69\x63\x6b\x6e\141\155\145"])) { echo $parsedResponse["\156\x69\x63\x6b\156\141\155\145"]; } else { if (isset($parsedResponse["\x75\x72\x6c"])) { echo "\x63\x61\x70\164\x63\x68\x61"; } else { echo "\x69\156\x63\157\x72\x72\x65\x63\164\137\x70\x6c\141\x79\x65\162\137\151\144"; } } } else { echo "\x64\145\166\145\154\157\x70\145\x64\40\142\171\x3a\40\x40\x67\x65\x65\153\x6d\157\144\163\61"; }

Function Calls

None

Variables

None

Stats

MD5 9087ebbec6bd4334b005e8adba3985db
Eval Count 0
Decode Time 46 ms