PHP Decode

class HunterObfuscator { private $code; private $mask; private $interval; private $option = 0; private $expireTime = 0; private $domainNames = array(); function __construct($Code, $html = false) { if ($html) { $Code = $this->cleanHtml($Code); $this->code = $this->html2Js($Code); } else { $Code = $this->cleanJS($Code); $this->code = $Code; } $this->mask = $this->getMask(); $this->interval = rand(1, 50); $this->option = rand(2, 8); } private function getMask() { $charset = str_shuffle("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"); return substr($charset, 0, 9); } private function hashIt($s) { for ($i = 0; $i < strlen($this->mask); ++$i) { $s = str_replace("{$i}", $this->mask[$i], $s); } return $s; } private function prepare() { if (count($this->domainNames) > 0) { $code = "if(window.location.hostname==='" . $this->domainNames[0] . "'"; for ($i = 1; $i < count($this->domainNames); $i++) { $code .= "|| window.location.hostname==='" . $this->domainNames[$i] . "'"; } $this->code = $code . "){" . $this->code . "}"; } if ($this->expireTime > 0) { $this->code = "if((Math.round(+new Date()/1000)) <" . $this->expireTime . "){" . $this->code . "\175"; } } private function encodeIt() { $this->prepare(); $str = ''; for ($i = 0; $i < strlen($this->code); ++$i) { $str .= $this->hashIt(base_convert(ord($this->code[$i]) + $this->interval, 10, $this->option)) . $this->mask[$this->option]; } return $str; } public function Obfuscate() { $rand = rand(0, 99); $rand1 = rand(0, 99); return "var _0xc{$rand}e=["","split","0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ+/","slice","indexOf","","",".","pow","reduce","reverse","0"];function _0xe{$rand1}c(d,e,f){var g=_0xc{$rand}e[2][_0xc{$rand}e[1]](_0xc{$rand}e[0]);var h=g[_0xc{$rand}e[3]](0,e);var i=g[_0xc{$rand}e[3]](0,f);var j=d[_0xc{$rand}e[1]](_0xc{$rand}e[0])[_0xc{$rand}e[10]]()[_0xc{$rand}e[9]](function(a,b,c){if(h[_0xc{$rand}e[4]](b)!==-1)return a+=h[_0xc{$rand}e[4]](b)*(Math[_0xc{$rand}e[8]](e,c))},0);var k=_0xc{$rand}e[0];while(j>0){k=i[j%f]+k;j=(j-(j%f))/f}return k||_0xc{$rand}e[11]}eval(function(h,u,n,t,e,r){r="";for(var i=0,len=h.length;i<len;i++){var s="";while(h[i]!==n[e]){s+=h[i];i++}for(var j=0;j<n.length;j++)s=s.replace(new RegExp(n[j],"g"),j);r+=String.fromCharCode(_0xe{$rand1}c(s,e,10)-t)}return decodeURIComponent(escape(r))}("" . $this->encodeIt() . ""," . rand(1, 100) . ","" . $this->mask . "\x22\x2c" . $this->interval . "\54" . $this->option . "\54" . rand(1, 60) . "\51\x29"; } public function setExpiration($expireTime) { if (strtotime($expireTime)) { $this->expireTime = strtotime($expireTime); return true; } return false; } public function addDomainName($domainName) { if ($this->isValidDomain($domainName)) { $this->domainNames[] = $domainName; return true; } return false; } private function isValidDomain($domain_name) { return preg_match("/^([a-z\d](-*[a-z\d])*)(\.([a-z\d](-*[a-z\d])*))*$/i", $domain_name) && preg_match("/^.{1,253}$/", $domain_name) && preg_match("\x2f\136\x5b\x5e\134\56\135\x7b\x31\54\x36\x33\175\50\x5c\x2e\133\x5e\x5c\x2e\135\x7b\x31\54\x36\63\x7d\x29\52\44\x2f", $domain_name); } private function html2Js($code) { $search = array("\57\134\x3e\133\136\134\x53\40\135\x2b\x2f\163", "\x2f\133\x5e\134\x53\40\x5d\53\134\74\x2f\163", "\57\50\x5c\x73\51\53\x2f\x73", "\x2f\74\x21\55\55\50\56\174\x5c\163\x29\52\77\55\55\76\57"); $replace = array("\x3e", "\x3c", "\x5c\61", ''); $code = preg_replace($search, $replace, $code); $code = "\x64\x6f\x63\x75\x6d\x65\x6e\x74\56\167\x72\151\x74\145\x28\47" . addslashes($code . "\x20") . "\x27\51\x3b"; return $code; } private function cleanHtml($code) { return preg_replace("/<!--(.|\s)*?-->/", '', $code); } private function cleanJS($code) { $pattern = "/(?:(?:\/\*(?:[^*]|(?:\*+[^*\/]))*\*+\/)|(?:(?<!\:|\|')\/\/.*))/"; $code = preg_replace($pattern, '', $code); $search = array("/\>[^\S ]+/s", "/[^\S ]+\</s", "/(\s)+/s", "/<!--(.|\s)*?-->/"); $replace = array(">", "<", "\1", ''); return preg_replace($search, $replace, $code); } }