Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto jpECQ; ps4CK: if ($url_ref == "\60\x30\x34") { $url = "\x68\x74\164\x70\x3a\x..

Decoded Output download

<?php 
 goto jpECQ; ps4CK: if ($url_ref == "004") { $url = "http://" . $_SERVER["SERVER_NAME"] . "/"; } goto b98Ke; jpECQ: error_reporting(0); goto i20KQ; lyQJB: if ($adm_log == 1) { $cok_eml = $_COOKIE["SublimdesignServeurEmail"]; if ($cok_eml != NULL) { $adm_001 = $cok_eml; } $_SESSION["adm_001"] = NULL; $_SESSION["adm_002"] = NULL; $cnt = "\xa  <form method="POST" enctype="multipart/form-data" autocomplete="off">\xa   <h1>" . $txt_446 . "</h1>
   <p>" . $txt_528 . "</p>\xa   <input name="adm_act" type="hidden" value="Session">\xa   <input name="adm_sec" type="hidden" value="">
   <input name="adm_001" type="email" class="eml" style="border-radius:15px 15px 0 0" maxlength="128" placeholder="" . $txt_034 . " *" value="" . $adm_001 . "" required autocomplete="new-password">\xa   <input name="adm_002" type="password" class="psw" maxlength="32" placeholder="" . $txt_035 . " *" required autocomplete="new-password">
   <input type="submit" value="" . $txt_036 . "">
   <span>" . $txt_527 . "</span>\xa  </form>\xa  <a href="" . $url . "" class="but"></a>"; $met_tit = $txt_446; } else { if ($adm_log == 2) { $cnt = "\xa  <form method="POST" enctype="multipart/form-data" autocomplete="off">\xa   <h1>" . $txt_447 . "</h1>
   <p>" . $txt_448 . "</p>
   <input name="adm_act" type="hidden" value="Recover">
   <input name="adm_sec" type="hidden" value="">
   <input name="adm_001" type="email" class="eml" style="border-radius:15px 15px 0 0" maxlength="128" placeholder="" . $txt_034 . " *" value="" . $adm_001 . "" required autocomplete="new-password">
   <input type="submit" value="" . $txt_057 . "">
  </form>\xa  <a href="" . $url . "login/" class="but"></a>"; $met_tit = $txt_447; } } goto O3op3; Do3BN: $adm_001 = !empty($_POST["adm_001"]) ? htmlentities(trim($_POST["adm_001"])) : NULL; goto KwwOU; b98Ke: if ($eml_ref == "001") { $exp = "contact@" . $_SERVER["SERVER_NAME"]; } goto DXiMl; f8rN4: if ($url_ref == "002") { $url = "http://www." . $_SERVER["SERVER_NAME"] . "/"; } goto KJXaI; KJXaI: if ($url_ref == "003") { $url = "https://" . $_SERVER["SERVER_NAME"] . "/"; } goto ps4CK; i20KQ: session_start(); goto lTmOV; C85h8: while (($data = fgetcsv($db0_cnt, 2000, ";")) !== FALSE) { $db0_000 = decrypt($data[0]); if ($db0_000 == $main_000) { $web_tit_003 = decrypt($data[1]); $lan = decrypt($data[3]); $url_ref = decrypt($data[40]); $eml_ref = decrypt($data[41]); } } goto xenD8; KwwOU: $adm_002 = !empty($_POST["adm_002"]) ? htmlentities(trim($_POST["adm_002"])) : NULL; goto F3TZH; FQ1C6: $adm_act = !empty($_POST["adm_act"]) ? htmlentities(trim($_POST["adm_act"])) : NULL; goto h11J6; mTOsb: function encrypt($text) { $string = openssl_encrypt($text, "AES-128-ECB", "A8cyk9N4"); return $string; } goto CX7HD; h11J6: $adm_sec = !empty($_POST["adm_sec"]) ? htmlentities(trim($_POST["adm_sec"])) : NULL; goto Do3BN; O3op3: if ($dis == 1) { echo "<!doctype html>
<html lang="" . $lan . "">
 <head>\xa  <meta charset="utf-8">
  <title>" . strip_tags($met_tit) . " | " . $web_tit_003 . "</title>\xa  <meta name="language" content="" . $lan . "">
  <meta name="robots" content="noindex,nofollow">
  <meta name="googlebot" content="noindex,nofollow">
  <meta name="googlebot-image" content="noindex,nofollow">
  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge">\xa  <base href="" . $url . "">
  <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">\xa  <meta name="msapplication-tap-highlight" content="no">
  <meta name="apple-mobile-web-app-capable" content="yes">\xa  <meta name="mobile-web-app-capable" content="yes">\xa  <meta name="apple-mobile-web-app-capable" content="yes">
  <meta name="HandheldFriendly" content="true">\xa  <meta name="format-detection" content="telephone=no">
  <meta name="application-name" content="" . $web_tit_003 . "">
  <meta name="apple-mobile-web-app-title" content="" . strip_tags($met_tit) . "">\xa  <meta name="apple-mobile-web-app-status-bar-style" content="white">\xa  <meta itemprop="name" content="" . $web_tit_003 . "">
  <meta property="og:type" content="article">\xa  <meta property="og:site_name" content="" . $web_tit_003 . "">\xa  <meta property="twitter:site" content="" . $web_tit_003 . "">
  <link rel="icon" href="" . $url . "favicon/favicon.ico" />
  <link rel="icon" href="" . $url . "favicon/favicon.svg" type="image/svg+xml">\xa  <link rel="apple-touch-icon" sizes="180x180" href="" . $url . "favicon/apple-touch-icon.png">
  <link rel="icon" type="image/png" sizes="32x32" href="" . $url . "favicon/favicon-32x32.png">
  <link rel="icon" type="image/png" sizes="16x16" href="" . $url . "favicon/favicon-16x16.png">\xa  <link rel="manifest" href="" . $url . "favicon/site.webmanifest">
  <link rel="mask-icon" href="" . $url . "favicon/safari-pinned-tab.svg" color="#778ca2">
  <meta name="msapplication-config" content="" . $url . "favicon/browserconfig.xml" />\xa  <meta name="msapplication-TileColor" content="#ffffff">\xa  <meta name="theme-color" content="#ffffff">
  <style>:root {--color000:#778ca2;}</style>\xa  <link rel="stylesheet" href="" . $url . "css/session.css">\xa </head>\xa <body>" . $cnt . "\xa  <div class="cov">\xa   <video autoplay loop muted>\xa    <source src="https://www.sublim.design/pictures/session-00" . rand(1, 9) . ".mp4#t=0.1" type="video/mp4"/>\xa    <param name="wmode" value="transparent">
   </video>
   <div class="cov_log"></div>\xa  </div>"; $not = $_SESSION["not"]; if ($not != NULL) { echo "
  <div id="not" class="not" Onclick="document.getElementById('not').style.display='none';">" . $not . "</div>"; $_SESSION["not"] = NULL; } echo "
 </body>\xa</html>"; } goto paZtZ; VzTls: fseek($db0_cnt, 0); goto C85h8; cFUfb: $db0_url = "data/" . date("Y/m", strtotime($main_004)) . "/" . $main_000 . "/db0.sql"; goto G4_go; qwXkL: if (($dbm_cnt = fopen($dbm_url, "r")) == FALSE) { echo "Error Main Database"; $dis = NULL; die; } goto Q3ryy; Q3ryy: while (($data = fgetcsv($dbm_cnt, 2000, ";")) !== FALSE) { $main_000 = decrypt($data[0]); $main_004 = decrypt($data[4]); } goto cFUfb; R_wQh: $url = str_replace("www.www.", "www.", $url); goto ZpzIq; cVxGP: if ($url_ref == "001") { $url = "https://www." . $_SERVER["SERVER_NAME"] . "/"; } goto f8rN4; CX7HD: function decrypt($text) { $string = openssl_decrypt($text, "AES-128-ECB", "A8cyk9N4"); return $string; } goto yjTWN; Ze7fs: if ($adm_act == "Recover" and $adm_log == 2 and $adm_sec == NULL) { fseek($dbm_cnt, 0); while (($data = fgetcsv($dbm_cnt, 2000, ";")) !== FALSE) { $dbm_002 = decrypt($data[2]); $dbm_003 = decrypt($data[3]); $_SESSION["not"] = $nsi_023; if ($adm_001 == $dbm_002) { $headers = "MIME-Version: 1.0" . "\xa"; $headers .= "Content-Type: text/html; charset="UTF-8"
"; $headers .= "Content-Transfer-Encoding:8bit\xd"; $headers .= "Reply-To: " . $exp . "
"; $headers .= "From: "Sublim.design"<" . $exp . ">" . "
"; $headers .= "Delivered-to: " . $adm_001 . "

"; $message = "<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
 <head>
  <meta name='viewport' content='width=device-width' />\xa  <meta http-equiv='Content-Type' content='text/html; charset=UTF-8' />\xa  <title>" . $txt_472 . "</title>
  <style>
   body{min-width:100%!important;height:100%;margin:20px!important;padding:20px!important;text-align:left;background-color:transparent;-webkit-font-smoothing:antialiased;}
   p{position:relative;width:100%;margin:0px;padding:0px;font-family:Arial,sans-serif;font-size:100%;text-align:left;color:#000000;font-weight:normal;line-height:125%;text-decoration:none;}
   strong{font-weight:bold;}\xa   i{position:relative;width:100%;margin:0px;padding:0px;font-family:Arial,sans-serif;font-size:75%;text-align:left;color:#aaaaaa;font-weight:normal;line-height:125%;font-style:italic;text-decoration:none;}
   a:link{margin:0px;padding:0px;text-decoration:none;font-family:Arial,sans-serif;font-size:100%;font-weight:normal;line-height:125%;color:#ffffff;}\xa   a:visited{color:#ffffff;text-decoration:none;}
   a:focus{color:#ffffff;text-decoration:none;}
   span{position:relative;margin:0px;padding:0px;font-family:Arial,sans-serif;font-size:100%;text-align:center;color:#ffffff;font-weight:normal;line-height:125%;text-decoration:none;}
  </style>
 </head>\xa <body bcolor='transparent'>
  <p><strong>" . $txt_034 . " : </strong>" . $adm_001 . "<br><strong>" . $txt_035 . " : </strong>" . $dbm_003 . "</p>\xa  <p><a href='" . $url . "login/' target='_blank' style='box-sizing:border-box;display:inline-block;font-family:arial,sans-serif;text-decoration:none;-webkit-text-size-adjust:none;text-align:center;background-color:#65656a;color:#ffffff;border-radius:3px;-webkit-border-radius:3px;-moz-border-radius:3px;width:auto;max-width:100%;overflow-wrap:break-word;word-break:break-word;word-wrap:break-word;mso-border-alt:none;'><span style='display:block;padding:10px 20px;'><span>" . $txt_003 . "</span></span></a></p>
  <p><i>" . $txt_508 . "</i></p>
 </body>
</html>"; mail($adm_001, $txt_472, $message, $headers); $_SESSION["not"] = $nsi_038; echo "<script>window.open('" . $url . "login/',target='_self');</script>"; $dis = NULL; } } $adm_001 = NULL; } goto lyQJB; yjTWN: $adm_log = $_GET["log"]; goto kd0zu; DXiMl: if ($eml_ref == "002") { $exp = "noreply@" . $_SERVER["SERVER_NAME"]; } goto kAuud; kd0zu: include "content-syntax.php"; goto FQ1C6; G4_go: if (($db0_cnt = fopen($db0_url, "r")) == FALSE) { echo "Database#0 Error"; die; } goto VzTls; ZpzIq: $dis = 1; goto mTOsb; xenD8: $url = $_SERVER["SERVER_NAME"] . "/"; goto cVxGP; kAuud: if ($eml_ref == "003") { $exp = "info@" . $_SERVER["SERVER_NAME"]; } goto R_wQh; F3TZH: if ($adm_act == "Session" and $adm_log == 1 and $adm_sec == NULL) { fseek($dbm_cnt, 0); while (($data = fgetcsv($dbm_cnt, 2000, ";")) !== FALSE) { $dbm_000 = decrypt($data[0]); $dbm_001 = decrypt($data[1]); $dbm_002 = decrypt($data[2]); $dbm_003 = decrypt($data[3]); $dbm_004 = decrypt($data[4]); if ($adm_001 == $dbm_002 and $adm_002 == $dbm_003) { $_SESSION["not"] = $txt_529; $_SESSION["dom"] = $dbm_001; $_SESSION["edi"] = 1; $ur1 = $dbm_001 . "/"; setcookie("SublimdesignServeurEmail", $adm_001); echo "<script>window.open('" . $url . "',target='_self');</script>"; $dis = NULL; die; } else { $_SESSION["not"] = $txt_147; } } } goto Ze7fs; lTmOV: $dbm_url = "data/main.sql"; goto qwXkL; paZtZ: ?>

Did this file decode correctly?

Original Code

<?php
 goto jpECQ; ps4CK: if ($url_ref == "\60\x30\x34") { $url = "\x68\x74\164\x70\x3a\x2f\x2f" . $_SERVER["\123\x45\122\126\x45\x52\137\116\x41\115\105"] . "\57"; } goto b98Ke; jpECQ: error_reporting(0); goto i20KQ; lyQJB: if ($adm_log == 1) { $cok_eml = $_COOKIE["\x53\165\x62\154\x69\155\144\145\x73\151\x67\x6e\123\x65\162\166\145\x75\x72\x45\155\x61\151\154"]; if ($cok_eml != NULL) { $adm_001 = $cok_eml; } $_SESSION["\141\144\155\x5f\60\60\x31"] = NULL; $_SESSION["\x61\144\x6d\137\60\60\x32"] = NULL; $cnt = "\xa\40\40\74\x66\x6f\x72\x6d\x20\x6d\x65\x74\150\157\144\75\42\x50\117\123\x54\x22\x20\x65\x6e\x63\164\x79\160\x65\75\42\x6d\165\154\164\151\160\x61\x72\164\x2f\146\x6f\x72\155\x2d\x64\x61\164\141\x22\40\141\165\x74\x6f\143\x6f\x6d\x70\154\145\x74\x65\x3d\x22\x6f\146\146\42\x3e\xa\x20\40\40\74\150\61\x3e" . $txt_446 . "\74\x2f\x68\61\76\12\40\x20\40\x3c\160\76" . $txt_528 . "\x3c\57\160\76\xa\x20\x20\40\74\x69\x6e\160\x75\x74\x20\x6e\x61\x6d\x65\x3d\42\141\x64\x6d\137\141\x63\164\42\40\x74\x79\x70\145\75\x22\150\x69\144\x64\x65\156\42\40\166\141\154\165\145\75\x22\123\x65\163\163\x69\x6f\x6e\42\76\xa\x20\40\x20\74\x69\156\x70\x75\164\40\156\x61\x6d\145\x3d\42\x61\144\155\x5f\163\145\143\42\x20\164\171\160\145\75\x22\150\x69\x64\144\x65\x6e\42\40\x76\x61\154\x75\x65\75\x22\x22\76\12\x20\x20\x20\x3c\x69\156\160\x75\x74\x20\x6e\141\155\145\x3d\42\141\144\155\137\60\x30\x31\42\x20\164\171\160\145\75\x22\x65\155\x61\151\x6c\x22\x20\143\x6c\141\163\163\x3d\42\x65\155\x6c\x22\40\163\x74\171\154\x65\x3d\42\x62\x6f\162\144\145\x72\55\162\x61\x64\151\x75\163\72\x31\x35\x70\170\40\61\65\160\x78\40\x30\40\60\42\40\x6d\141\170\x6c\x65\x6e\147\164\x68\x3d\x22\x31\62\70\42\40\160\x6c\141\x63\x65\x68\x6f\x6c\x64\x65\162\x3d\x22" . $txt_034 . "\40\52\42\x20\166\141\154\x75\145\75\42" . $adm_001 . "\x22\40\162\x65\161\165\x69\x72\x65\x64\x20\141\165\164\x6f\143\x6f\155\160\154\x65\x74\145\x3d\x22\156\145\167\x2d\x70\x61\x73\163\167\157\162\144\x22\76\xa\x20\x20\x20\74\151\x6e\160\165\164\x20\156\x61\x6d\x65\x3d\x22\141\144\155\137\x30\60\62\42\x20\164\x79\160\145\x3d\x22\x70\141\x73\163\x77\157\x72\x64\42\x20\x63\154\141\163\x73\x3d\42\160\x73\x77\x22\x20\x6d\x61\170\x6c\x65\x6e\x67\164\150\75\42\63\62\42\x20\x70\154\x61\143\145\x68\157\x6c\144\x65\x72\75\42" . $txt_035 . "\x20\52\42\x20\162\x65\x71\165\x69\x72\145\144\x20\x61\165\x74\157\143\x6f\155\160\x6c\x65\164\145\x3d\x22\156\x65\x77\x2d\160\141\163\163\167\x6f\162\x64\x22\76\12\x20\x20\40\x3c\151\x6e\x70\165\x74\x20\164\x79\160\x65\75\42\163\165\x62\x6d\151\x74\42\x20\x76\x61\154\x75\x65\75\x22" . $txt_036 . "\42\76\12\x20\x20\40\x3c\x73\160\141\156\76" . $txt_527 . "\74\x2f\x73\x70\x61\156\76\xa\x20\x20\74\57\146\157\162\155\x3e\xa\x20\40\74\141\x20\x68\x72\x65\146\x3d\42" . $url . "\x22\x20\143\154\x61\163\163\x3d\42\x62\165\164\42\x3e\74\57\141\76"; $met_tit = $txt_446; } else { if ($adm_log == 2) { $cnt = "\xa\x20\x20\x3c\x66\157\x72\155\40\x6d\145\x74\x68\x6f\144\75\42\x50\x4f\123\124\42\40\x65\156\x63\x74\171\x70\145\x3d\42\155\165\154\x74\x69\160\x61\x72\x74\x2f\x66\157\162\x6d\x2d\x64\x61\164\141\42\x20\141\x75\164\157\143\x6f\155\160\154\145\164\145\75\x22\157\x66\146\42\x3e\xa\40\x20\x20\74\150\61\x3e" . $txt_447 . "\74\x2f\150\x31\x3e\12\40\40\x20\74\160\76" . $txt_448 . "\x3c\57\160\x3e\12\40\x20\40\74\151\156\x70\165\164\40\x6e\141\x6d\x65\x3d\x22\x61\x64\155\137\141\x63\164\42\40\164\171\x70\x65\75\x22\150\151\x64\x64\x65\x6e\42\40\x76\141\x6c\x75\x65\75\x22\x52\x65\143\x6f\166\x65\162\x22\x3e\12\40\x20\40\x3c\x69\x6e\x70\165\x74\x20\156\x61\x6d\145\75\42\141\144\155\137\x73\145\143\42\40\164\x79\x70\x65\x3d\x22\150\x69\144\144\x65\156\42\40\166\x61\154\165\145\75\42\x22\76\12\40\40\40\x3c\151\156\160\x75\164\40\x6e\x61\155\x65\75\42\141\144\155\x5f\60\x30\x31\x22\40\x74\171\160\145\75\42\x65\155\141\151\154\42\40\143\154\x61\163\x73\x3d\42\145\155\154\42\x20\163\x74\171\154\x65\x3d\42\142\157\162\x64\x65\162\x2d\162\141\x64\151\165\163\x3a\x31\65\x70\170\x20\61\x35\x70\x78\40\x30\x20\x30\42\40\x6d\141\170\154\x65\x6e\147\164\x68\75\42\61\62\70\42\x20\160\154\141\143\x65\x68\x6f\154\144\x65\162\x3d\42" . $txt_034 . "\x20\52\x22\40\166\x61\x6c\165\145\x3d\42" . $adm_001 . "\x22\40\x72\145\161\165\x69\162\145\144\x20\141\165\x74\x6f\143\157\x6d\160\154\x65\164\145\75\42\156\x65\167\x2d\x70\x61\163\163\x77\157\x72\x64\42\76\12\40\x20\x20\x3c\151\156\x70\165\164\40\x74\171\160\x65\x3d\42\163\x75\x62\x6d\x69\x74\x22\40\166\x61\154\x75\145\x3d\x22" . $txt_057 . "\x22\76\12\x20\40\x3c\x2f\146\x6f\x72\155\x3e\xa\x20\40\x3c\141\40\150\162\x65\146\x3d\x22" . $url . "\x6c\x6f\x67\x69\156\x2f\x22\x20\143\154\141\163\x73\x3d\42\x62\x75\164\42\x3e\x3c\57\x61\76"; $met_tit = $txt_447; } } goto O3op3; Do3BN: $adm_001 = !empty($_POST["\141\x64\155\137\x30\x30\x31"]) ? htmlentities(trim($_POST["\141\144\155\137\60\x30\61"])) : NULL; goto KwwOU; b98Ke: if ($eml_ref == "\60\x30\x31") { $exp = "\143\157\156\164\x61\x63\164\100" . $_SERVER["\x53\105\122\126\x45\122\x5f\116\101\x4d\x45"]; } goto DXiMl; f8rN4: if ($url_ref == "\60\60\x32") { $url = "\150\164\164\x70\72\57\x2f\x77\167\167\56" . $_SERVER["\123\105\x52\126\x45\x52\137\116\101\115\105"] . "\57"; } goto KJXaI; KJXaI: if ($url_ref == "\x30\60\63") { $url = "\150\164\x74\x70\163\x3a\57\x2f" . $_SERVER["\x53\105\122\126\105\122\137\116\x41\x4d\105"] . "\x2f"; } goto ps4CK; i20KQ: session_start(); goto lTmOV; C85h8: while (($data = fgetcsv($db0_cnt, 2000, "\x3b")) !== FALSE) { $db0_000 = decrypt($data[0]); if ($db0_000 == $main_000) { $web_tit_003 = decrypt($data[1]); $lan = decrypt($data[3]); $url_ref = decrypt($data[40]); $eml_ref = decrypt($data[41]); } } goto xenD8; KwwOU: $adm_002 = !empty($_POST["\141\144\155\137\x30\60\x32"]) ? htmlentities(trim($_POST["\x61\x64\x6d\x5f\60\60\x32"])) : NULL; goto F3TZH; FQ1C6: $adm_act = !empty($_POST["\141\x64\155\137\141\143\164"]) ? htmlentities(trim($_POST["\141\144\x6d\137\x61\143\164"])) : NULL; goto h11J6; mTOsb: function encrypt($text) { $string = openssl_encrypt($text, "\101\105\123\55\61\62\x38\x2d\105\x43\x42", "\101\x38\143\171\153\71\116\x34"); return $string; } goto CX7HD; h11J6: $adm_sec = !empty($_POST["\x61\144\x6d\137\163\145\143"]) ? htmlentities(trim($_POST["\141\144\x6d\137\163\145\143"])) : NULL; goto Do3BN; O3op3: if ($dis == 1) { echo "\74\x21\x64\157\143\164\171\160\145\x20\x68\x74\x6d\x6c\76\12\x3c\x68\x74\155\154\40\x6c\141\x6e\x67\75\x22" . $lan . "\42\76\12\x20\x3c\x68\x65\141\144\x3e\xa\40\40\74\155\145\x74\141\40\x63\150\141\x72\x73\x65\x74\75\x22\x75\x74\146\55\70\x22\x3e\12\40\40\74\164\151\164\x6c\145\76" . strip_tags($met_tit) . "\40\174\40" . $web_tit_003 . "\x3c\x2f\164\x69\164\x6c\145\76\xa\40\40\74\x6d\x65\x74\141\x20\156\x61\155\x65\x3d\42\154\x61\x6e\x67\165\141\x67\x65\42\40\143\157\156\164\x65\156\x74\x3d\x22" . $lan . "\42\x3e\12\x20\x20\74\x6d\x65\x74\x61\x20\x6e\x61\x6d\x65\x3d\42\162\157\142\x6f\x74\163\x22\x20\x63\x6f\x6e\x74\x65\156\164\75\42\156\x6f\151\156\x64\145\x78\54\x6e\157\x66\x6f\x6c\x6c\x6f\x77\42\76\12\40\x20\74\155\145\x74\141\x20\x6e\141\x6d\x65\75\42\x67\x6f\x6f\x67\154\145\x62\x6f\x74\42\x20\143\157\156\164\x65\156\164\x3d\x22\156\x6f\x69\x6e\144\x65\x78\x2c\x6e\157\x66\157\x6c\x6c\x6f\167\x22\x3e\12\x20\40\74\155\145\x74\x61\40\x6e\141\x6d\145\x3d\42\147\x6f\157\147\x6c\145\142\x6f\x74\55\151\x6d\x61\147\x65\42\x20\143\x6f\x6e\x74\145\x6e\x74\75\42\156\157\151\x6e\x64\145\170\54\156\x6f\x66\x6f\154\154\x6f\167\x22\76\12\x20\40\x3c\x6d\x65\164\x61\x20\150\x74\164\160\x2d\145\x71\x75\151\x76\75\42\x43\x6f\x6e\164\x65\x6e\x74\55\124\171\x70\145\x22\x20\x63\157\x6e\x74\145\x6e\x74\75\42\164\145\170\x74\57\x68\x74\155\x6c\x3b\40\x63\x68\x61\x72\x73\x65\164\x3d\x55\124\106\x2d\70\x22\76\12\40\40\74\x6d\145\164\x61\x20\150\164\x74\x70\x2d\145\x71\x75\x69\x76\x3d\42\130\x2d\x55\x41\x2d\103\157\x6d\160\141\x74\151\142\x6c\x65\x22\40\x63\157\156\x74\x65\156\x74\75\x22\x49\x45\x3d\x65\x64\x67\x65\x22\x3e\xa\40\40\x3c\142\141\163\x65\x20\x68\162\x65\x66\x3d\x22" . $url . "\x22\x3e\12\40\40\74\155\x65\x74\141\x20\156\x61\x6d\x65\75\x22\x76\151\145\167\160\x6f\162\164\x22\x20\143\157\156\164\x65\156\164\x3d\42\x77\x69\x64\164\150\75\144\145\x76\151\143\x65\x2d\167\151\144\164\150\54\40\151\156\151\164\x69\141\154\55\x73\x63\x61\x6c\145\75\61\x2c\x20\155\x61\170\151\x6d\x75\155\x2d\x73\143\141\154\x65\x3d\61\x2c\x20\165\163\145\162\x2d\163\143\x61\154\141\142\x6c\145\75\156\157\42\x3e\xa\40\x20\x3c\155\x65\x74\141\40\x6e\x61\155\145\75\x22\x6d\163\x61\x70\160\154\151\x63\x61\x74\151\157\156\x2d\x74\x61\160\55\150\151\147\x68\154\x69\147\x68\x74\x22\x20\x63\157\x6e\164\x65\x6e\164\75\42\156\x6f\42\76\12\40\x20\74\x6d\145\164\x61\40\x6e\x61\155\145\x3d\42\141\x70\160\154\x65\x2d\155\x6f\142\151\154\145\55\167\145\x62\x2d\141\160\x70\x2d\143\x61\160\141\x62\x6c\x65\x22\40\x63\157\x6e\x74\145\x6e\x74\x3d\x22\171\x65\163\x22\76\xa\40\40\74\155\x65\164\141\x20\156\141\155\x65\x3d\42\x6d\x6f\x62\151\x6c\x65\x2d\x77\145\142\55\x61\160\160\55\x63\141\160\141\x62\154\145\42\x20\x63\x6f\x6e\164\x65\x6e\x74\75\42\x79\x65\x73\42\x3e\xa\40\40\74\155\x65\x74\x61\x20\156\141\x6d\x65\x3d\42\141\160\x70\154\x65\x2d\x6d\157\x62\x69\x6c\145\55\x77\145\x62\x2d\141\x70\x70\55\143\141\160\x61\x62\x6c\145\x22\x20\x63\x6f\156\164\145\156\x74\75\42\171\x65\163\x22\76\12\x20\x20\x3c\x6d\x65\164\141\40\x6e\141\x6d\x65\75\x22\110\141\x6e\144\x68\x65\x6c\x64\x46\162\x69\145\x6e\x64\154\x79\42\x20\x63\x6f\x6e\164\145\x6e\164\x3d\42\164\x72\165\145\42\x3e\xa\40\x20\x3c\155\145\x74\x61\40\156\x61\155\x65\x3d\42\x66\x6f\x72\155\x61\x74\55\x64\x65\164\x65\143\x74\151\x6f\x6e\42\x20\x63\x6f\x6e\164\x65\156\x74\x3d\x22\164\145\x6c\145\160\x68\157\x6e\145\x3d\156\157\42\76\12\40\x20\x3c\x6d\145\x74\141\40\156\x61\x6d\x65\75\42\141\x70\x70\x6c\x69\143\x61\164\x69\x6f\x6e\x2d\x6e\x61\155\145\42\40\143\157\156\164\x65\x6e\164\x3d\42" . $web_tit_003 . "\x22\x3e\12\40\x20\74\155\145\x74\x61\40\156\141\x6d\x65\75\x22\x61\160\160\x6c\145\55\155\x6f\x62\x69\154\145\x2d\x77\x65\x62\55\141\x70\x70\x2d\164\x69\x74\x6c\x65\42\x20\143\157\156\x74\x65\156\164\x3d\42" . strip_tags($met_tit) . "\x22\x3e\xa\x20\40\x3c\155\145\164\141\40\x6e\x61\155\145\75\x22\141\x70\x70\x6c\x65\55\x6d\157\142\x69\154\x65\x2d\x77\x65\142\x2d\141\160\x70\x2d\163\x74\x61\x74\165\x73\x2d\x62\x61\x72\55\x73\x74\171\154\x65\42\x20\x63\157\156\x74\145\x6e\164\75\x22\x77\150\x69\164\x65\x22\76\xa\40\40\x3c\x6d\x65\164\x61\x20\151\x74\145\155\160\162\157\x70\75\42\x6e\x61\x6d\145\x22\x20\x63\x6f\156\x74\x65\x6e\x74\75\42" . $web_tit_003 . "\x22\76\12\40\40\74\155\x65\x74\x61\40\x70\x72\157\x70\145\162\164\x79\75\42\157\x67\72\x74\x79\160\145\42\40\x63\x6f\x6e\164\145\156\164\x3d\42\x61\x72\164\151\x63\154\145\42\76\xa\x20\x20\74\x6d\145\x74\141\x20\160\162\x6f\160\145\162\164\171\x3d\x22\x6f\147\x3a\x73\151\164\x65\x5f\x6e\141\155\145\42\x20\143\x6f\156\164\x65\x6e\x74\75\42" . $web_tit_003 . "\42\76\xa\x20\40\74\x6d\x65\164\141\x20\160\x72\x6f\x70\x65\162\x74\171\75\x22\x74\x77\151\x74\x74\145\162\72\163\151\x74\145\42\x20\x63\157\x6e\x74\x65\156\164\75\x22" . $web_tit_003 . "\42\x3e\12\40\x20\74\x6c\x69\156\x6b\x20\x72\145\154\x3d\x22\x69\x63\157\x6e\x22\40\150\x72\x65\x66\75\x22" . $url . "\x66\141\166\151\143\157\156\x2f\146\x61\x76\151\x63\x6f\156\56\151\x63\x6f\x22\40\x2f\x3e\12\x20\x20\x3c\154\151\156\x6b\40\x72\145\154\x3d\42\151\143\x6f\x6e\42\x20\x68\162\x65\146\x3d\42" . $url . "\x66\141\x76\151\143\157\156\57\146\x61\166\x69\x63\157\156\56\163\166\x67\42\40\164\171\x70\x65\75\42\x69\155\x61\147\145\57\163\x76\147\x2b\170\x6d\x6c\42\x3e\xa\x20\x20\74\x6c\151\x6e\x6b\x20\162\x65\x6c\75\42\x61\x70\x70\x6c\145\x2d\x74\x6f\165\143\150\55\151\x63\157\x6e\42\x20\x73\x69\172\145\x73\75\x22\61\x38\x30\x78\61\70\x30\42\x20\150\162\x65\146\75\x22" . $url . "\x66\x61\x76\151\143\157\156\57\x61\160\160\154\145\x2d\164\x6f\x75\x63\x68\55\151\x63\157\156\56\x70\x6e\147\42\76\12\x20\x20\74\154\x69\x6e\153\40\162\145\x6c\x3d\42\151\143\x6f\x6e\x22\x20\164\171\x70\145\75\42\151\155\x61\147\x65\x2f\x70\x6e\147\x22\40\163\x69\x7a\145\163\x3d\x22\x33\62\170\63\62\42\x20\150\x72\145\146\x3d\42" . $url . "\146\141\x76\151\x63\x6f\156\57\x66\141\x76\151\143\x6f\x6e\55\63\62\x78\63\62\56\160\156\147\x22\76\12\x20\x20\x3c\154\x69\156\153\x20\x72\x65\154\75\42\x69\x63\x6f\156\x22\40\x74\171\x70\x65\x3d\x22\x69\x6d\141\147\x65\57\160\x6e\x67\x22\40\163\151\172\145\x73\75\x22\61\66\170\61\x36\42\40\150\162\x65\146\x3d\x22" . $url . "\146\141\166\151\143\x6f\x6e\x2f\x66\141\166\x69\143\x6f\x6e\x2d\61\x36\x78\61\x36\x2e\x70\156\x67\42\76\xa\x20\x20\74\x6c\151\156\153\x20\x72\145\x6c\75\x22\155\141\x6e\x69\x66\x65\163\164\42\40\x68\162\x65\x66\75\42" . $url . "\x66\x61\166\151\x63\157\x6e\57\x73\x69\164\x65\56\167\x65\142\x6d\x61\156\x69\146\x65\163\164\42\76\12\x20\40\x3c\154\x69\x6e\153\40\162\x65\x6c\x3d\42\155\141\163\x6b\55\x69\143\157\156\42\x20\150\x72\x65\x66\75\x22" . $url . "\146\x61\166\151\x63\x6f\156\x2f\163\141\x66\141\x72\x69\55\x70\151\156\156\145\144\55\164\x61\142\x2e\x73\x76\x67\42\40\x63\157\x6c\157\162\x3d\42\43\67\x37\x38\143\141\x32\x22\x3e\12\x20\40\x3c\x6d\x65\164\141\40\156\x61\155\x65\75\x22\x6d\x73\x61\160\160\x6c\x69\x63\141\164\x69\157\156\55\143\157\156\x66\x69\x67\x22\x20\x63\157\x6e\x74\145\x6e\164\x3d\x22" . $url . "\146\x61\166\151\x63\x6f\x6e\57\142\162\157\x77\x73\145\x72\143\x6f\156\146\x69\x67\x2e\170\x6d\154\x22\x20\57\x3e\xa\x20\40\74\155\145\164\x61\x20\156\x61\155\145\x3d\42\x6d\x73\141\x70\x70\x6c\151\x63\141\x74\x69\x6f\x6e\55\124\x69\154\145\x43\157\x6c\x6f\162\42\x20\x63\157\x6e\x74\145\x6e\164\75\42\43\146\146\146\x66\x66\x66\x22\x3e\xa\40\40\74\155\145\164\141\40\156\x61\x6d\x65\75\42\x74\x68\x65\x6d\145\55\143\157\154\x6f\162\42\x20\x63\x6f\x6e\164\145\x6e\x74\75\x22\x23\146\x66\x66\x66\x66\146\x22\76\12\x20\x20\x3c\163\x74\x79\154\x65\x3e\x3a\162\x6f\157\x74\40\x7b\x2d\x2d\x63\x6f\154\157\162\x30\x30\x30\72\43\x37\x37\70\x63\x61\62\73\175\x3c\57\163\164\171\154\x65\x3e\xa\x20\40\74\x6c\151\156\153\40\162\145\154\x3d\42\163\164\x79\154\145\x73\x68\x65\145\x74\42\x20\150\x72\145\146\x3d\x22" . $url . "\x63\x73\163\57\163\145\163\x73\151\157\156\x2e\143\163\x73\x22\x3e\xa\x20\x3c\x2f\x68\145\141\144\x3e\xa\40\x3c\x62\x6f\x64\x79\76" . $cnt . "\xa\x20\x20\x3c\144\x69\x76\x20\x63\154\x61\163\x73\75\x22\143\x6f\x76\42\76\xa\x20\40\40\x3c\x76\x69\144\145\157\x20\x61\x75\164\157\160\x6c\x61\171\40\154\157\157\160\x20\x6d\165\164\x65\x64\x3e\xa\x20\40\40\x20\x3c\x73\x6f\x75\x72\143\x65\x20\x73\162\143\x3d\x22\150\x74\x74\160\x73\72\57\57\167\x77\x77\x2e\x73\x75\x62\x6c\x69\155\x2e\x64\x65\163\x69\x67\x6e\57\x70\151\143\x74\x75\x72\145\x73\57\x73\x65\x73\x73\151\x6f\x6e\x2d\x30\x30" . rand(1, 9) . "\56\x6d\x70\x34\43\x74\75\60\56\x31\42\x20\x74\x79\160\x65\75\42\x76\x69\144\145\x6f\x2f\x6d\x70\64\x22\x2f\x3e\xa\40\40\40\x20\74\160\x61\x72\141\155\40\156\141\155\145\75\x22\x77\155\157\x64\145\42\x20\166\141\x6c\165\x65\75\x22\x74\x72\141\156\x73\160\x61\x72\x65\x6e\164\42\x3e\12\40\x20\40\74\57\166\x69\144\x65\157\76\12\x20\x20\40\74\x64\151\x76\x20\143\154\x61\x73\x73\x3d\x22\x63\157\166\137\154\x6f\x67\42\x3e\x3c\x2f\x64\x69\166\76\xa\40\x20\x3c\57\144\x69\x76\76"; $not = $_SESSION["\x6e\x6f\164"]; if ($not != NULL) { echo "\12\x20\40\x3c\x64\151\166\40\x69\144\75\42\x6e\x6f\164\42\40\143\x6c\141\163\x73\75\x22\x6e\x6f\x74\x22\x20\x4f\x6e\x63\154\x69\x63\153\75\42\x64\157\x63\165\x6d\145\x6e\164\x2e\x67\145\x74\x45\x6c\145\x6d\145\x6e\164\102\x79\111\144\x28\47\156\157\164\x27\x29\x2e\163\x74\171\154\x65\x2e\144\x69\163\160\x6c\141\x79\x3d\x27\156\157\156\145\x27\x3b\42\x3e" . $not . "\x3c\57\x64\x69\x76\76"; $_SESSION["\156\x6f\164"] = NULL; } echo "\12\x20\74\57\x62\157\144\171\76\xa\74\57\x68\164\155\x6c\76"; } goto paZtZ; VzTls: fseek($db0_cnt, 0); goto C85h8; cFUfb: $db0_url = "\x64\141\x74\x61\x2f" . date("\x59\x2f\x6d", strtotime($main_004)) . "\57" . $main_000 . "\57\144\142\x30\x2e\x73\x71\x6c"; goto G4_go; qwXkL: if (($dbm_cnt = fopen($dbm_url, "\x72")) == FALSE) { echo "\105\x72\162\x6f\162\x20\115\141\151\x6e\40\x44\x61\x74\x61\142\x61\x73\x65"; $dis = NULL; die; } goto Q3ryy; Q3ryy: while (($data = fgetcsv($dbm_cnt, 2000, "\73")) !== FALSE) { $main_000 = decrypt($data[0]); $main_004 = decrypt($data[4]); } goto cFUfb; R_wQh: $url = str_replace("\167\x77\167\56\167\167\167\x2e", "\x77\x77\x77\56", $url); goto ZpzIq; cVxGP: if ($url_ref == "\60\x30\61") { $url = "\x68\164\164\x70\163\x3a\57\x2f\x77\x77\167\56" . $_SERVER["\123\x45\122\x56\105\x52\x5f\116\x41\x4d\105"] . "\57"; } goto f8rN4; CX7HD: function decrypt($text) { $string = openssl_decrypt($text, "\101\105\x53\x2d\x31\62\x38\55\x45\103\x42", "\101\70\143\171\153\71\x4e\64"); return $string; } goto yjTWN; Ze7fs: if ($adm_act == "\x52\x65\x63\x6f\166\145\x72" and $adm_log == 2 and $adm_sec == NULL) { fseek($dbm_cnt, 0); while (($data = fgetcsv($dbm_cnt, 2000, "\x3b")) !== FALSE) { $dbm_002 = decrypt($data[2]); $dbm_003 = decrypt($data[3]); $_SESSION["\x6e\x6f\x74"] = $nsi_023; if ($adm_001 == $dbm_002) { $headers = "\115\x49\x4d\105\55\126\145\x72\x73\151\x6f\156\x3a\40\x31\x2e\x30" . "\xa"; $headers .= "\x43\x6f\x6e\164\145\156\x74\x2d\124\171\160\x65\72\40\164\145\170\164\57\150\x74\x6d\154\x3b\x20\x63\x68\141\162\x73\x65\x74\x3d\42\125\124\x46\x2d\70\42\15"; $headers .= "\103\x6f\156\x74\145\156\x74\55\124\x72\141\x6e\x73\146\145\x72\55\105\156\x63\x6f\144\x69\x6e\147\x3a\x38\x62\151\164\xd"; $headers .= "\122\x65\160\154\171\x2d\x54\157\72\40" . $exp . "\12"; $headers .= "\106\x72\157\x6d\72\40\42\x53\x75\x62\154\x69\155\56\x64\x65\163\x69\x67\x6e\x22\74" . $exp . "\76" . "\12"; $headers .= "\x44\x65\x6c\x69\166\145\x72\145\144\x2d\164\157\72\x20" . $adm_001 . "\12\12"; $message = "\74\41\x44\117\x43\x54\131\x50\x45\x20\150\164\155\154\x20\x50\125\102\114\x49\x43\x20\47\55\x2f\x2f\x57\63\103\57\x2f\104\124\104\40\x58\110\x54\x4d\114\40\61\x2e\60\40\124\162\x61\x6e\x73\151\x74\x69\x6f\156\x61\154\x2f\57\105\116\x27\40\x27\150\164\x74\x70\72\x2f\57\167\167\x77\56\x77\63\56\157\162\147\57\124\x52\x2f\x78\x68\164\155\154\x31\57\x44\x54\104\x2f\170\x68\164\x6d\x6c\61\x2d\x74\x72\x61\x6e\163\151\164\151\x6f\156\x61\154\x2e\x64\x74\x64\47\x3e\12\x3c\x68\164\x6d\154\x20\170\x6d\154\x6e\x73\x3d\x27\150\x74\x74\160\x3a\57\57\x77\167\x77\56\x77\63\56\157\162\x67\57\61\71\x39\x39\x2f\x78\x68\x74\x6d\x6c\47\76\12\40\x3c\150\145\x61\x64\76\12\40\40\74\x6d\145\164\141\x20\x6e\141\155\145\75\47\166\151\x65\167\160\x6f\162\164\x27\40\x63\157\x6e\164\x65\x6e\x74\x3d\x27\x77\151\x64\x74\150\x3d\x64\145\166\x69\143\x65\x2d\167\x69\144\x74\150\x27\x20\57\76\xa\x20\x20\x3c\155\145\164\141\40\x68\164\164\160\x2d\x65\161\x75\151\166\x3d\x27\x43\x6f\156\164\x65\x6e\164\55\x54\171\x70\145\47\x20\x63\x6f\156\164\x65\x6e\x74\75\47\x74\145\x78\164\57\x68\x74\x6d\154\x3b\x20\143\x68\x61\162\163\x65\164\75\x55\x54\106\55\70\x27\x20\x2f\76\xa\40\40\x3c\x74\x69\164\154\x65\x3e" . $txt_472 . "\74\x2f\164\x69\x74\x6c\145\x3e\12\x20\40\x3c\163\x74\x79\154\x65\76\12\40\x20\40\x62\x6f\x64\x79\x7b\155\151\x6e\55\167\151\x64\x74\x68\x3a\x31\x30\60\45\x21\x69\x6d\160\x6f\162\x74\x61\x6e\164\x3b\x68\145\151\147\x68\164\x3a\61\60\60\x25\73\x6d\141\162\x67\151\156\x3a\62\x30\160\170\41\x69\x6d\x70\157\162\164\x61\x6e\164\73\x70\141\x64\144\x69\x6e\147\x3a\x32\60\160\170\41\151\x6d\x70\157\x72\x74\141\156\x74\73\164\x65\x78\164\x2d\141\x6c\x69\147\156\x3a\x6c\x65\x66\x74\73\x62\x61\143\153\147\x72\157\165\156\144\x2d\x63\157\x6c\x6f\x72\72\164\x72\x61\x6e\x73\160\x61\162\145\x6e\164\73\55\167\145\x62\x6b\x69\x74\55\x66\x6f\x6e\x74\x2d\163\x6d\x6f\x6f\x74\x68\x69\x6e\147\x3a\141\156\164\x69\141\x6c\151\141\163\x65\144\x3b\x7d\12\x20\x20\x20\x70\173\160\x6f\x73\x69\x74\151\157\x6e\x3a\x72\145\154\x61\164\151\166\145\x3b\x77\x69\144\164\x68\72\61\x30\60\x25\73\155\x61\162\x67\x69\156\72\x30\x70\170\x3b\x70\141\144\144\x69\156\x67\72\60\x70\170\x3b\146\x6f\156\164\55\146\141\155\151\154\x79\x3a\101\162\151\141\x6c\x2c\163\x61\156\163\55\163\145\162\151\x66\73\x66\x6f\x6e\x74\x2d\x73\151\x7a\x65\72\x31\x30\x30\x25\x3b\164\145\x78\164\x2d\x61\154\x69\x67\x6e\72\154\x65\x66\164\73\x63\157\x6c\x6f\x72\x3a\x23\60\60\x30\60\x30\x30\73\146\x6f\x6e\x74\x2d\x77\145\x69\147\x68\x74\72\156\157\162\155\141\154\x3b\x6c\x69\x6e\x65\55\x68\145\x69\147\x68\164\72\x31\62\65\45\x3b\x74\x65\170\164\55\144\x65\x63\x6f\162\141\164\x69\x6f\x6e\x3a\156\157\x6e\x65\x3b\175\12\40\40\x20\163\164\x72\157\156\x67\x7b\x66\x6f\x6e\x74\55\x77\x65\151\147\150\x74\72\142\x6f\x6c\x64\x3b\x7d\xa\40\x20\40\x69\173\x70\x6f\x73\151\x74\x69\157\x6e\x3a\x72\x65\154\141\x74\151\166\145\x3b\x77\151\x64\x74\150\72\61\x30\x30\45\x3b\x6d\141\162\x67\x69\x6e\x3a\60\160\170\73\160\141\144\x64\x69\156\147\x3a\60\160\170\73\146\x6f\x6e\x74\55\x66\141\x6d\x69\x6c\x79\x3a\x41\162\151\x61\x6c\x2c\x73\x61\x6e\x73\55\x73\145\x72\151\x66\x3b\146\157\x6e\x74\55\163\151\x7a\x65\x3a\67\x35\45\73\x74\145\x78\x74\55\x61\x6c\x69\x67\x6e\x3a\154\145\146\x74\73\143\157\154\157\162\72\43\x61\x61\x61\141\141\x61\x3b\146\157\x6e\164\55\167\x65\x69\x67\150\x74\72\156\157\162\155\x61\x6c\73\x6c\x69\156\145\x2d\150\145\x69\x67\x68\x74\72\x31\x32\65\x25\73\146\157\156\164\55\x73\164\x79\x6c\x65\72\151\164\x61\154\x69\143\73\x74\x65\170\164\x2d\x64\145\x63\157\x72\x61\164\151\x6f\156\x3a\156\157\156\x65\x3b\x7d\12\x20\40\x20\x61\72\x6c\x69\156\153\x7b\x6d\141\162\x67\x69\156\72\60\x70\x78\x3b\x70\x61\144\144\x69\x6e\147\x3a\60\160\x78\73\x74\x65\170\164\55\144\x65\143\x6f\x72\x61\x74\151\x6f\156\x3a\x6e\x6f\156\x65\73\146\x6f\156\164\x2d\x66\x61\x6d\151\154\x79\x3a\x41\x72\151\141\154\54\163\141\156\x73\55\x73\145\x72\x69\x66\x3b\x66\x6f\x6e\x74\55\x73\151\172\145\x3a\x31\x30\60\x25\73\146\157\156\x74\x2d\x77\145\x69\x67\x68\x74\x3a\156\x6f\162\155\x61\x6c\73\x6c\x69\x6e\145\55\x68\x65\151\x67\150\x74\72\61\62\65\45\x3b\143\157\x6c\x6f\x72\72\43\146\146\x66\x66\146\x66\73\175\xa\40\x20\40\x61\x3a\166\x69\x73\x69\164\145\144\173\143\157\x6c\x6f\x72\72\43\x66\146\x66\146\x66\146\x3b\164\145\x78\x74\x2d\x64\x65\x63\157\162\141\x74\x69\157\x6e\72\156\x6f\x6e\x65\73\x7d\12\x20\x20\40\x61\x3a\x66\x6f\x63\x75\163\173\x63\157\x6c\157\162\72\43\x66\x66\146\146\x66\x66\73\164\145\170\164\55\144\145\x63\x6f\162\141\x74\151\157\156\72\x6e\157\156\x65\x3b\175\12\40\x20\x20\163\160\x61\x6e\x7b\x70\x6f\163\151\x74\x69\157\x6e\72\162\145\154\141\x74\x69\x76\145\73\155\x61\162\147\x69\x6e\72\x30\x70\170\x3b\x70\141\144\144\x69\x6e\x67\72\60\x70\170\73\146\157\156\164\55\146\x61\155\x69\154\171\x3a\101\162\x69\x61\x6c\x2c\163\x61\156\163\55\x73\x65\x72\151\x66\x3b\x66\x6f\x6e\164\x2d\x73\151\172\145\72\61\x30\60\x25\x3b\x74\145\x78\x74\55\141\x6c\151\147\x6e\x3a\143\145\x6e\x74\145\x72\x3b\143\x6f\x6c\157\x72\x3a\x23\x66\x66\146\146\x66\x66\73\x66\x6f\x6e\164\55\167\x65\x69\x67\x68\164\72\156\x6f\x72\155\141\154\x3b\154\151\x6e\145\55\150\x65\x69\147\x68\164\72\61\62\x35\x25\73\x74\x65\x78\x74\x2d\144\x65\143\x6f\x72\x61\164\x69\x6f\156\x3a\x6e\x6f\156\x65\73\x7d\12\40\x20\74\x2f\163\164\x79\154\145\x3e\12\x20\74\57\x68\145\141\144\76\xa\x20\74\x62\x6f\x64\171\x20\x62\143\x6f\154\x6f\162\75\x27\164\162\141\x6e\x73\160\141\x72\145\156\164\x27\76\12\x20\40\74\x70\76\74\163\164\162\x6f\156\x67\x3e" . $txt_034 . "\x20\x3a\40\74\57\x73\x74\x72\x6f\156\x67\x3e" . $adm_001 . "\74\x62\162\76\74\163\164\162\157\156\x67\76" . $txt_035 . "\x20\72\x20\x3c\57\x73\x74\x72\157\x6e\147\x3e" . $dbm_003 . "\74\57\160\x3e\xa\x20\40\74\160\x3e\x3c\x61\x20\x68\x72\145\x66\x3d\47" . $url . "\154\157\147\151\156\57\47\40\164\x61\x72\147\145\164\75\47\x5f\142\x6c\x61\156\153\47\x20\x73\164\171\154\145\75\47\142\157\x78\55\163\151\172\x69\156\147\72\142\157\x72\144\x65\162\x2d\142\x6f\x78\73\144\x69\x73\x70\154\141\x79\x3a\151\x6e\154\151\x6e\x65\x2d\x62\154\x6f\x63\x6b\x3b\x66\x6f\156\164\55\x66\x61\x6d\x69\x6c\x79\x3a\141\162\x69\x61\x6c\x2c\163\141\156\163\55\x73\145\162\151\x66\x3b\164\x65\170\164\x2d\144\x65\143\x6f\162\141\164\151\157\x6e\x3a\x6e\x6f\156\145\73\x2d\167\x65\142\153\x69\x74\x2d\164\x65\170\164\55\163\151\172\145\55\141\144\x6a\165\x73\164\72\156\157\x6e\x65\x3b\164\x65\170\164\55\x61\x6c\151\147\x6e\x3a\143\x65\156\164\x65\x72\73\x62\141\143\153\147\x72\157\165\156\144\x2d\x63\x6f\x6c\157\x72\72\x23\x36\x35\66\x35\66\141\73\x63\x6f\x6c\x6f\x72\x3a\43\146\146\146\146\146\146\73\142\x6f\x72\144\145\162\55\162\141\x64\x69\x75\x73\x3a\63\160\170\x3b\x2d\167\145\x62\153\x69\164\55\142\x6f\x72\144\x65\x72\55\162\141\x64\151\x75\163\x3a\63\x70\x78\73\55\x6d\x6f\172\55\x62\x6f\x72\x64\x65\x72\55\x72\x61\144\x69\x75\163\x3a\x33\x70\170\73\167\151\x64\x74\x68\x3a\x61\x75\164\x6f\73\x6d\141\170\55\x77\x69\x64\x74\150\x3a\61\60\60\x25\73\x6f\x76\145\x72\x66\154\157\167\55\x77\162\141\x70\72\x62\x72\145\x61\x6b\55\x77\x6f\x72\144\x3b\167\157\162\x64\x2d\142\x72\145\141\x6b\x3a\142\x72\145\x61\153\55\x77\x6f\x72\144\x3b\167\x6f\162\144\x2d\x77\162\x61\160\x3a\x62\x72\145\x61\x6b\x2d\x77\157\x72\x64\x3b\155\163\157\x2d\x62\x6f\162\144\x65\x72\x2d\141\x6c\164\72\156\157\x6e\145\x3b\47\76\x3c\x73\x70\141\156\40\x73\164\171\154\145\x3d\47\x64\x69\x73\160\x6c\x61\x79\72\142\154\x6f\x63\153\x3b\160\141\x64\x64\x69\156\147\x3a\61\60\x70\170\40\62\x30\160\170\x3b\47\x3e\74\x73\160\x61\x6e\76" . $txt_003 . "\x3c\57\163\x70\x61\156\76\x3c\57\163\160\141\156\76\x3c\x2f\141\76\x3c\x2f\x70\x3e\12\40\x20\x3c\x70\x3e\x3c\x69\x3e" . $txt_508 . "\74\57\x69\x3e\x3c\57\x70\x3e\12\x20\74\57\142\157\x64\171\76\12\74\57\x68\x74\155\154\76"; mail($adm_001, $txt_472, $message, $headers); $_SESSION["\x6e\157\x74"] = $nsi_038; echo "\74\163\143\162\151\160\x74\x3e\x77\151\156\x64\x6f\x77\56\x6f\x70\145\156\50\x27" . $url . "\154\157\147\151\156\x2f\x27\54\x74\x61\x72\x67\x65\164\x3d\47\137\x73\x65\x6c\146\x27\x29\73\x3c\57\163\143\x72\151\160\164\76"; $dis = NULL; } } $adm_001 = NULL; } goto lyQJB; yjTWN: $adm_log = $_GET["\x6c\x6f\x67"]; goto kd0zu; DXiMl: if ($eml_ref == "\60\60\x32") { $exp = "\156\157\162\145\160\154\171\100" . $_SERVER["\123\105\x52\x56\x45\122\x5f\x4e\101\115\105"]; } goto kAuud; kd0zu: include "\x63\x6f\x6e\164\145\x6e\x74\x2d\x73\171\156\x74\x61\x78\x2e\x70\x68\x70"; goto FQ1C6; G4_go: if (($db0_cnt = fopen($db0_url, "\162")) == FALSE) { echo "\x44\x61\164\x61\x62\x61\x73\x65\43\x30\x20\x45\162\x72\157\162"; die; } goto VzTls; ZpzIq: $dis = 1; goto mTOsb; xenD8: $url = $_SERVER["\x53\x45\x52\126\105\122\137\116\101\115\105"] . "\x2f"; goto cVxGP; kAuud: if ($eml_ref == "\x30\x30\63") { $exp = "\151\x6e\x66\x6f\100" . $_SERVER["\123\105\x52\x56\105\x52\137\116\x41\x4d\105"]; } goto R_wQh; F3TZH: if ($adm_act == "\x53\145\x73\163\151\157\156" and $adm_log == 1 and $adm_sec == NULL) { fseek($dbm_cnt, 0); while (($data = fgetcsv($dbm_cnt, 2000, "\x3b")) !== FALSE) { $dbm_000 = decrypt($data[0]); $dbm_001 = decrypt($data[1]); $dbm_002 = decrypt($data[2]); $dbm_003 = decrypt($data[3]); $dbm_004 = decrypt($data[4]); if ($adm_001 == $dbm_002 and $adm_002 == $dbm_003) { $_SESSION["\156\157\x74"] = $txt_529; $_SESSION["\x64\157\x6d"] = $dbm_001; $_SESSION["\x65\x64\151"] = 1; $ur1 = $dbm_001 . "\x2f"; setcookie("\x53\165\x62\154\151\155\144\145\163\x69\147\x6e\123\x65\x72\166\145\165\x72\x45\x6d\x61\x69\x6c", $adm_001); echo "\74\163\x63\x72\x69\x70\x74\76\x77\151\x6e\144\157\x77\x2e\157\160\x65\x6e\x28\47" . $url . "\x27\54\x74\141\x72\x67\145\x74\x3d\47\x5f\163\x65\154\x66\x27\x29\x3b\x3c\x2f\163\x63\162\151\160\164\x3e"; $dis = NULL; die; } else { $_SESSION["\156\157\164"] = $txt_147; } } } goto Ze7fs; lTmOV: $dbm_url = "\x64\141\164\x61\57\155\x61\x69\x6e\56\163\161\154"; goto qwXkL; paZtZ: ?>

Function Calls

None

Variables

None

Stats

MD5 8dde47bb0e0bdc5049db37be997fcda4
Eval Count 0
Decode Time 69 ms