Online eval gzinflate base64_decode decoder

 
 
This free online service decodes PHP files encoded by nested functions which can be identified by the starting line like:

Nested functions combinations
  • eval(gzinflate(base64_decode('Code')))
  • eval(gzinflate(str_rot13(base64_decode('Code'))))
  • eval(gzinflate(base64_decode(str_rot13('Code'))))
  • eval(gzinflate(base64_decode(base64_decode(str_rot13('Code')))))
  • eval(gzuncompress(base64_decode('Code')))
  • eval(gzuncompress(str_rot13(base64_decode('Code'))))
  • eval(gzuncompress(base64_decode(str_rot13('Code'))))
  • eval(base64_decode('Code'))
  • eval(str_rot13(gzinflate(base64_decode('Code'))))
  • eval(gzinflate(base64_decode(strrev(str_rot13('Code')))))
  • eval(gzinflate(base64_decode(strrev('Code'))))
  • eval(gzinflate(base64_decode(str_rot13('Code'))))
  • eval(gzinflate(base64_decode(str_rot13(strrev('Code')))))
  • eval(base64_decode(gzuncompress(base64_decode('Code'))))
  • eval(gzinflate(base64_decode(rawurldecode('Code'))))
The 'Code' represents the scrambled code (aka encoded text, aka obfuscated code) containing random letters, numbers and/or characters.

If you miss a nested functions combination, inform us using the Mobilefish.com mail form.

For example:
<?php
eval(gzinflate(base64_decode("4+VKK81LLsnMz1Mozsgv900tLk5MT9XQVKjm
5eJMTc7IV1AKT81Jzs9NVSjJV/DNT8rMSU3LLM7QAwopWfNy1fJyoegDCgEA")));
?>


The 'Code' in this example is 4+VKK81LLsnMz1Mozsgv900tLk5MT9XQVKjm
5eJMTc7IV1AKT81Jzs9NVSjJV/DNT8rMSU3LLM7QAwopWfNy1fJyoegDCgEA

If the scrambled 'Code' is decoded, you will see the following unscrambled code:

function showMessage() {
   echo "Welcome to Mobilefish.com";
}
showMessage();


Developers encodes their PHP files to keep their code or intellectual property hidden so you can not steel or modify the source. However sometimes these encoded PHP files contains malicious code.

This tool should only be used to investigate if the encoded PHP files does not contain malicious code.
It should not be used to modify and distribute copyright files!

How the online eval gzinflate base64_decode decoder works:

There are two methods to choose from to decode scrambled code encoded by nested functions:

Method 1: Enter nested functions and scrambled code
  1. Enter all nested functions starting with the keyword "eval" including opening brackets "(".
    The scrambled code must be enclosed by single or double quotes.
    Closing brackets ")" are optional.
    Do not enter "<?php" and "?>".
    Max 200000 characters allowed.

    For example:
    eval(gzinflate(base64_decode("4+VKK81LLsnMz1Mozsgv900tLk5MT9XQVKjm 5eJMTc7IV1AKT81Jzs9NVSjJV/DNT8rMSU3LLM7QAwopWfNy1fJyoegDCgEA")))

    This service only recognizes nested functions starting with the keyword "eval", followed by any of the following functions:

    • gzinflate
    • base64_decode
    • str_rot13
    • gzuncompress
    • strrev
    • rawurldecode

    Sometimes the unscrambled code is again a another nested function with another scrambled code.
    This can happen multiple times over!
    This tool will continuously decode until the scrambled code is completely unscrambled.


Method 2: Select the nested functions combination and enter scrambled code
  1. Select the nested functions combination.
    In the textbox enter only the encoded string which is the text with random letters, number and characters.
    Do no enter any of the nested function names.
    Max 200000 characters allowed.

    For example:
    Nested functions combinations:
    eval(gzinflate(base64_decode(strrev('Code'))))

    Scrambled code:
    4+VKK81LLsnMz1Mozsgv900tLk5MT9XQVKjm
    5eJMTc7IV1AKT81Jzs9NVSjJV/DNT8rMSU3LLM7QAwopWfNy1fJyoegDCgEA


    Sometimes the unscrambled code is again a another nested function with another scrambled code.
    This can happen multiple times over!
    In this case it is recommened to use method 1 instead of method 2.


Note: To encode PHP code (obfuscate) use the Simple online PHP obfuscator.

YOU USE THIS SERVICE AT YOUR OWN RISK. MOBILEFISH.COM WILL NOT BE LIABLE FOR ANY DATA LOSS, DAMAGES, LOSS OF PROFITS OR ANY OTHER KIND OF LOSS WHILE USING OR MISUSING THIS SERVICE.

rss feed

Input scrambled code:


Decode method:
Help
Enter nested functions and scrambled code *:
Help
Characters entered:   
Enter all nested functions starting with the keyword "eval" including opening brackets "(".
The scrambled code must be enclosed by single or double quotes.
Closing brackets ")" are optional.
Do not enter "<?php" and "?>".
Max 200000 characters.
To prevent automated submissions an Access Code has been implemented for this tool.   access code
Please enter the Access Code as displayed above*:  
 
* = required         

  
 


Output unscrambled code:


 


Decoding report: