Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
error_reporting(0); function getTopDomainhuo(){ $host=$_SERVER['HTTP_HOST']; ..
Decoded Output download
<?
error_reporting(0);
function getTopDomainhuo(){
$host=$_SERVER['HTTP_HOST'];
$matchstr="[^\.]+\.(?:(".$str.")|\w{2}|((".$str.")\.\w{2}))$";
if(preg_match("/".$matchstr."/ies",$host,$matchs)){
$domain=$matchs['0'];
}else{
$domain=$host;
}
return $domain;
}
$domain=getTopDomainhuo();
$real_domain='baidu.com'; //
$check_host = 'http://sq.cspoj.com/update.php';
$client_check = $check_host . '?a=client_check&u=' . $_SERVER['HTTP_HOST'];
$check_message = $check_host . '?a=check_message&u=' . $_SERVER['HTTP_HOST'];
$check_info=file_get_contents($client_check);
$message = file_get_contents($check_message);
if($check_info=='1'){
echo '<font color=red>' . $message . '</font>';
die;
}elseif($check_info=='2'){
echo '<font color=red>' . $message . '</font>';
die;
}elseif($check_info=='3'){
echo '<font color=red>' . $message . '</font>';
die;
}
if($check_info!=='0'){ //
if($domain!==$real_domain){
echo '';
die;
}
}
unset($domain);
require_once 'dbc.php'; //
class Sendsms
{
public static $accessKeyId = ACKID;
public static $accessKeySecret = AXSET;
public static $SignName = SINAME;
/**
*
*/
public static function loginSMS($mobile, $code, $TemplateCode = TEMPLATE_CODE_LOGIN)
{
$params = array();
//
$params["PhoneNumbers"] = $mobile;
//
$params["SignName"] = self::$SignName;
//
$params["TemplateCode"] = $TemplateCode;
//,
$params['TemplateParam'] = ["code" => $code];
// :
// $params['OutId'] = "12345";
// : , 7
// $params['SmsUpExtendCode'] = "1234567";
// *** , ***
if (!empty($params["TemplateParam"]) && is_array($params["TemplateParam"])) {
$params["TemplateParam"] = json_encode($params["TemplateParam"], JSON_UNESCAPED_UNICODE);
}
$paramsArr = ["RegionId" => "cn-hangzhou", "Action" => "SendSms", "Version" => "2017-05-25",];
// catch
$content = self::request("dysmsapi.aliyuncs.com", array_merge($params, $paramsArr));
$_SESSION['code'] = $code; //session
$_SESSION['time'] = time()+300; //3
var_dump($content);
//exit;
return $content;
}
/**
*
* @param type $mobile
* @param type $info
* @param type $TemplateCode
* @return type
* ${consignee}${number}
*/
public static function sendMessageSMS($mobile, $info = [], $TemplateCode = 'SMS_464125752')
{
$params = array();
//
$params["PhoneNumbers"] = $mobile;
//
$params["SignName"] = self::$SignName;
//
$params["TemplateCode"] = $TemplateCode;
//,
$params['TemplateParam'] = $info;
// :
// $params['OutId'] = "12345";
// : , 7
// $params['SmsUpExtendCode'] = "1234567";
// *** , ***
if (!empty($params["TemplateParam"]) && is_array($params["TemplateParam"])) {
$params["TemplateParam"] = json_encode($params["TemplateParam"], JSON_UNESCAPED_UNICODE);
}
// catch
$content = self::request("dysmsapi.aliyuncs.com", array_merge($params, $paramsArr));
return $content;
}
public static function request($domain, $params, $security = false)
{
$accessKeyId = self::$accessKeyId;
$accessKeySecret = self::$accessKeySecret;
$apiParams = array_merge(array(
"SignatureMethod" => "HMAC-SHA1",
"SignatureNonce" => uniqid(mt_rand(0, 0xffff), true),
"SignatureVersion" => "1.0",
"AccessKeyId" => $accessKeyId,
"Timestamp" => gmdate("Y-m-d\TH:i:s\Z"),
"Format" => "JSON",
), $params);
ksort($apiParams);
$sortedQueryStringTmp = "";
foreach ($apiParams as $key => $value) {
$sortedQueryStringTmp .= "&" . self::encode($key) . "=" . self::encode($value);
}
$stringToSign = "GET&%2F&" . self::encode(substr($sortedQueryStringTmp, 1));
$sign = base64_encode(hash_hmac("sha1", $stringToSign, $accessKeySecret . "&", true));
$signature = self::encode($sign);
$url = ($security ? 'https' : 'http') . "://{$domain}/?Signature={$signature}{$sortedQueryStringTmp}";
try {
$content = self::fetchContent($url);
return json_decode($content, true);
} catch (\Exception $e) {
return false;
}
/**
*
* {#201
+"Message": "OK"
+"RequestId": "2F3EFE06-AEA2-4CEE-ADAD-AA189C43C1F3"
+"BizId": "410218722821144862^0"
+"Code": "OK"
}
*/
}
private static function encode($str)
{
$res = urlencode($str);
$res = preg_replace("/\+/", "%20", $res);
$res = preg_replace("/\*/", "%2A", $res);
$res = preg_replace("/%7E/", "~", $res);
return $res;
}
private static function fetchContent($url)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
"x-sdk-client" => "php/2.0.0",
));
if (substr($url, 0, 5) == 'https') {
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
}
$rtn = curl_exec($ch);
if ($rtn === false) {
trigger_error("[CURL_" . curl_errno($ch) . "]: " . curl_error($ch), E_USER_ERROR);
}
curl_close($ch);
return $rtn;
}
private static function random($length = 6, $numeric = 0)
{
PHP_VERSION < '4.2.0' && mt_srand((double) microtime() * 1000000);
if ($numeric) {
$hash = sprintf('%0' . $length . 'd', mt_rand(0, pow(10, $length) - 1));
} else {
$hash = '';
$chars = 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789abcdefghjkmnpqrstuvwxyz';
$max = strlen($chars) - 1;
for ($i = 0; $i < $length; $i++) {
$hash .= $chars[mt_rand(0, $max)];
}
}
return $hash;
}
}
session_start();
$code = mt_rand(000000,999999); //6
$phone=$_GET['phone'];
Sendsms::loginSMS($phone,$code);
?>Did this file decode correctly?
Original Code
error_reporting(0);
function getTopDomainhuo(){
$host=$_SERVER['HTTP_HOST'];
$matchstr="[^\.]+\.(?:(".$str.")|\w{2}|((".$str.")\.\w{2}))$";
if(preg_match("/".$matchstr."/ies",$host,$matchs)){
$domain=$matchs['0'];
}else{
$domain=$host;
}
return $domain;
}
$domain=getTopDomainhuo();
$real_domain='baidu.com'; //
$check_host = 'http://sq.cspoj.com/update.php';
$client_check = $check_host . '?a=client_check&u=' . $_SERVER['HTTP_HOST'];
$check_message = $check_host . '?a=check_message&u=' . $_SERVER['HTTP_HOST'];
$check_info=file_get_contents($client_check);
$message = file_get_contents($check_message);
if($check_info=='1'){
echo '<font color=red>' . $message . '</font>';
die;
}elseif($check_info=='2'){
echo '<font color=red>' . $message . '</font>';
die;
}elseif($check_info=='3'){
echo '<font color=red>' . $message . '</font>';
die;
}
if($check_info!=='0'){ //
if($domain!==$real_domain){
echo '';
die;
}
}
unset($domain);
require_once 'dbc.php'; //
class Sendsms
{
public static $accessKeyId = ACKID;
public static $accessKeySecret = AXSET;
public static $SignName = SINAME;
/**
*
*/
public static function loginSMS($mobile, $code, $TemplateCode = TEMPLATE_CODE_LOGIN)
{
$params = array();
//
$params["PhoneNumbers"] = $mobile;
//
$params["SignName"] = self::$SignName;
//
$params["TemplateCode"] = $TemplateCode;
//,
$params['TemplateParam'] = ["code" => $code];
// :
// $params['OutId'] = "12345";
// : , 7
// $params['SmsUpExtendCode'] = "1234567";
// *** , ***
if (!empty($params["TemplateParam"]) && is_array($params["TemplateParam"])) {
$params["TemplateParam"] = json_encode($params["TemplateParam"], JSON_UNESCAPED_UNICODE);
}
$paramsArr = ["RegionId" => "cn-hangzhou", "Action" => "SendSms", "Version" => "2017-05-25",];
// catch
$content = self::request("dysmsapi.aliyuncs.com", array_merge($params, $paramsArr));
$_SESSION['code'] = $code; //session
$_SESSION['time'] = time()+300; //3
var_dump($content);
//exit;
return $content;
}
/**
*
* @param type $mobile
* @param type $info
* @param type $TemplateCode
* @return type
* ${consignee}${number}
*/
public static function sendMessageSMS($mobile, $info = [], $TemplateCode = 'SMS_464125752')
{
$params = array();
//
$params["PhoneNumbers"] = $mobile;
//
$params["SignName"] = self::$SignName;
//
$params["TemplateCode"] = $TemplateCode;
//,
$params['TemplateParam'] = $info;
// :
// $params['OutId'] = "12345";
// : , 7
// $params['SmsUpExtendCode'] = "1234567";
// *** , ***
if (!empty($params["TemplateParam"]) && is_array($params["TemplateParam"])) {
$params["TemplateParam"] = json_encode($params["TemplateParam"], JSON_UNESCAPED_UNICODE);
}
// catch
$content = self::request("dysmsapi.aliyuncs.com", array_merge($params, $paramsArr));
return $content;
}
public static function request($domain, $params, $security = false)
{
$accessKeyId = self::$accessKeyId;
$accessKeySecret = self::$accessKeySecret;
$apiParams = array_merge(array(
"SignatureMethod" => "HMAC-SHA1",
"SignatureNonce" => uniqid(mt_rand(0, 0xffff), true),
"SignatureVersion" => "1.0",
"AccessKeyId" => $accessKeyId,
"Timestamp" => gmdate("Y-m-d\TH:i:s\Z"),
"Format" => "JSON",
), $params);
ksort($apiParams);
$sortedQueryStringTmp = "";
foreach ($apiParams as $key => $value) {
$sortedQueryStringTmp .= "&" . self::encode($key) . "=" . self::encode($value);
}
$stringToSign = "GET&%2F&" . self::encode(substr($sortedQueryStringTmp, 1));
$sign = base64_encode(hash_hmac("sha1", $stringToSign, $accessKeySecret . "&", true));
$signature = self::encode($sign);
$url = ($security ? 'https' : 'http') . "://{$domain}/?Signature={$signature}{$sortedQueryStringTmp}";
try {
$content = self::fetchContent($url);
return json_decode($content, true);
} catch (\Exception $e) {
return false;
}
/**
*
* {#201
+"Message": "OK"
+"RequestId": "2F3EFE06-AEA2-4CEE-ADAD-AA189C43C1F3"
+"BizId": "410218722821144862^0"
+"Code": "OK"
}
*/
}
private static function encode($str)
{
$res = urlencode($str);
$res = preg_replace("/\+/", "%20", $res);
$res = preg_replace("/\*/", "%2A", $res);
$res = preg_replace("/%7E/", "~", $res);
return $res;
}
private static function fetchContent($url)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
"x-sdk-client" => "php/2.0.0",
));
if (substr($url, 0, 5) == 'https') {
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
}
$rtn = curl_exec($ch);
if ($rtn === false) {
trigger_error("[CURL_" . curl_errno($ch) . "]: " . curl_error($ch), E_USER_ERROR);
}
curl_close($ch);
return $rtn;
}
private static function random($length = 6, $numeric = 0)
{
PHP_VERSION < '4.2.0' && mt_srand((double) microtime() * 1000000);
if ($numeric) {
$hash = sprintf('%0' . $length . 'd', mt_rand(0, pow(10, $length) - 1));
} else {
$hash = '';
$chars = 'ABCDEFGHJKLMNPQRSTUVWXYZ23456789abcdefghjkmnpqrstuvwxyz';
$max = strlen($chars) - 1;
for ($i = 0; $i < $length; $i++) {
$hash .= $chars[mt_rand(0, $max)];
}
}
return $hash;
}
}
session_start();
$code = mt_rand(000000,999999); //6
$phone=$_GET['phone'];
Sendsms::loginSMS($phone,$code);
Function Calls
| None |
Stats
| MD5 | 9d2230b85ad1b446397fdb1f53e12dd8 |
| Eval Count | 0 |
| Decode Time | 63 ms |