Online PHP Javascript Script Decoder

Online PHP and Javascript Decoder decode hidden script to uncover its real functionality

Original code:

<?php
 goto ZDoQy; w9DpT: class MY_Controller extends CI_Controller { public function __construct() { parent::__construct(); $this->load->driver("\x63\141\x63\x68\145", array("\x61\x64\x61\160\x74\145\162" => "\141\160\143", "\142\141\143\153\165\x70" => "\146\151\154\145", "\x6b\x65\171\137\x70\x72\x65\x66\x69\x78" => "\x76\x69\x65\137")); $this->data = array(); $this->load->model("\155\x5f\x63\x6f\x72\145"); $this->data["\163\x65\164\x74\151\x6e\x67\x73"] = $this->m_core->getSettings(); $this->config->load("\143\157\156\x66\151\x67", true); try { list($key) = explode("\x2e", $this->config->item("\154\151\143\x65\x6e\x73\145\x5f\153\x65\171", "\x63\157\156\146\151\147")); if (get_domain_host(base_url()) != "\x74\x69\x6d\145\160\141\171\165\x2e\x63\x6f\155") { die("\x54\150\x69\x73\x20\x73\151\164\145\40\151\163\x20\x75\x73\x69\x6e\147\40\x61\156\x20\151\x6e\166\141\x6c\151\144\40\x6c\151\143\x65\x6e\x73\x65\x2e\40\x50\154\x65\141\163\145\40\x62\165\x79\40\141\40\x76\141\154\x69\144\40\154\x69\143\x65\156\163\x65\40\x61\164\40\x3c\x61\40\164\141\x72\147\145\164\x3d\x22\x5f\142\154\141\156\153\42\x20\x68\162\145\146\x3d\x22\x68\x74\x74\160\x73\72\57\57\x73\150\x6f\x70\x70\171\x2e\147\x67\x2f\160\x72\157\144\165\x63\x74\x2f\60\71\71\117\120\121\71\42\76\150\164\164\x70\x73\72\57\x2f\x73\x68\157\160\x70\x79\x2e\x67\x67\57\160\162\x6f\144\165\143\x74\57\60\71\x39\117\120\121\x39\x3c\x2f\141\x3e"); } $this->data["\x63\163\x72\146\x5f\156\x61\155\145"] = $this->security->get_csrf_token_name(); $this->data["\x63\163\x72\146\x5f\150\141\x73\150"] = $this->security->get_csrf_hash(); $ipAddress = $this->input->ip_address(); $sub = getSub($ipAddress); if ($this->session->ipSub) { if ($this->session->ipSub != $sub) { session_destroy(); } } else { $this->session->set_userdata("\x69\x70\x53\165\x62", $sub); } } catch (Throwable $th) { } } } goto cK52Q; aBhNY: class Member_Controller extends MY_Controller { public function __construct() { parent::__construct(); if ($this->data["\163\145\164\164\151\x6e\x67\x73"]["\163\x74\141\x74\x75\x73"] == "\x6f\x66\146") { return redirect(site_url("\x6d\141\x69\x6e\x74\145\x6e\141\x6e\x63\145")); } if ($this->session->VUID == NULL || !is_numeric($this->session->VUID)) { session_destroy(); return redirect(site_url()); } $this->load->helper("\163\x74\162\x69\156\147"); $this->data["\x70\x61\147\x65\x73"] = $this->m_core->getPages(); $userId = $this->db->escape_str($this->session->VUID); $user = $this->m_core->getUserFromId($userId); if (!$user) { session_destroy(); return redirect(site_url()); } $this->data["\x75\163\x65\x72"] = $user; if ($this->data["\165\163\x65\162"]["\x73\164\141\x74\165\163"] == "\142\x61\156\156\x65\x64") { $this->session->unset_userdata("\126\125\x49\104"); $this->session->set_flashdata("\155\145\x73\163\x61\x67\x65", faucet_alert("\x64\141\x6e\x67\x65\162", "\131\157\x75\x20\x61\x72\x65\40\x62\141\156\x6e\x65\144\41")); return redirect(site_url("\154\157\147\x69\156")); } if (time() < $this->data["\x75\163\145\162"]["\154\157\143\153\145\x64\137\165\156\164\151\154"] && current_url() !== site_url("\154\x6f\143\153\x65\x64")) { return redirect(site_url("\154\x6f\143\x6b\145\144")); } if ($this->data["\x75\x73\x65\x72"]["\x73\x74\x61\x74\x75\163"] == "\146\151\x72\x65\x77\x61\x6c\x6c" && current_url() != site_url("\146\x69\162\145\167\141\x6c\x6c") && current_url() != site_url("\x66\151\162\145\167\141\x6c\x6c\57\166\145\x72\151\x66\171")) { return redirect(site_url("\x66\151\x72\145\167\x61\x6c\154")); } $this->data["\143\157\x75\x6e\164\101\x76\141\151\x6c\x61\142\x6c\x65\114\151\156\153\163"] = $this->m_core->countAllLinksView() - $this->m_core->countLinkHistory($user["\x69\x64"]); $this->data["\143\x6f\165\x6e\164\101\x76\141\151\154\141\142\x6c\145\x41\144\163"] = $this->m_core->countAvailableAds($user["\x69\x64"]); $this->data["\x63\x6f\165\x6e\164\x41\166\141\151\154\141\x62\x6c\x65\124\x61\x73\153\163"] = $this->m_core->countAvailableTasks($user["\151\x64"]); $this->data["\x6e\x6f\x74\x69\x66\151\143\x61\x74\151\157\x6e\x73"] = $this->m_core->getNotifications($this->data["\165\x73\145\162"]["\151\144"]); $this->data["\143\x6f\x75\156\x74\125\x6e\162\145\141\x64\x4e\x6f\164\x69\146\x69\143\141\x74\151\x6f\156"] = $this->m_core->countUnreadNotifications($this->data["\x75\163\x65\x72"]["\151\x64"]); $this->data["\146\x61\165\143\145\164\x57\141\151\x74"] = max(0, $user["\154\141\x73\164\137\143\154\141\x69\155"] + $this->data["\163\x65\x74\164\151\x6e\147\163"]["\x74\x69\x6d\x65\162"] - time()); } protected function render($template, $data) { $contents = $this->load->view("\165\x73\x65\162\137\x74\145\155\160\x6c\x61\x74\145\x2f" . $template, $data, true); $data["\143\157\156\x74\x65\156\x74\163"] = $contents; $this->load->view("\165\163\145\162\x5f\x74\145\x6d\x70\154\141\164\145\57\164\x65\155\x70\154\141\x74\x65", $data); } } goto kIAnd; ZDoQy: defined("\x42\101\123\105\x50\101\124\x48") || die("\x4e\157\x20\x64\151\162\x65\143\164\40\x73\143\162\x69\160\x74\40\141\143\x63\x65\163\x73\40\141\x6c\x6c\157\167\x65\144"); goto w9DpT; cK52Q: class Guess_Controller extends MY_Controller { public function __construct() { parent::__construct(); if ($this->data["\x73\145\164\x74\x69\156\x67\x73"]["\163\164\x61\x74\165\x73"] == "\x6f\146\x66" && current_url() != site_url("\x6d\x61\151\x6e\164\x65\x6e\141\x6e\143\145")) { return redirect(site_url("\x6d\x61\151\x6e\x74\145\156\x61\x6e\x63\145")); } if ($this->session->VUID) { return redirect(site_url("\x64\141\x73\x68\142\157\x61\162\144")); } if (isset($_SERVER["\110\x54\124\120\x5f\122\x45\106\x45\x52\105\x52"]) && !isset($_COOKIE["\122\145\x66\145\x72\x72\x61\154\x5f\123\157\165\x72\x63\145"]) && filter_var($_SERVER["\110\x54\124\120\137\x52\105\106\105\x52\105\122"], FILTER_VALIDATE_URL)) { $faucetHost = parse_url(base_url())["\x68\157\163\164"]; $referralHost = parse_url($_SERVER["\x48\124\x54\120\x5f\122\x45\x46\x45\x52\105\x52"])["\150\157\163\x74"]; if ($faucetHost != $referralHost) { setcookie("\122\145\146\x65\x72\x72\x61\154\x5f\123\x6f\165\162\143\x65", $this->db->escape_str($_SERVER["\x48\124\x54\120\x5f\x52\x45\x46\105\122\x45\122"]), time() + 3600); } } } protected function render($template, $data) { $contents = $this->load->view("\x75\163\145\162\x5f\164\x65\x6d\x70\154\141\164\x65\x2f" . $template, $data, true); $data["\143\x6f\156\164\x65\x6e\164\x73"] = $contents; $this->load->view("\x75\x73\145\x72\137\x74\145\x6d\x70\x6c\141\x74\x65\x2f\164\145\155\160\154\141\164\145", $data); } } goto mogFx; mogFx: class Admin_Controller extends MY_Controller { public function __construct() { parent::__construct(); $this->load->model(array("\x6d\x5f\141\x64\x6d\x69\x6e", "\155\137\x6c\x69\x6e\153\x73", "\155\x5f\141\x63\x63\157\x75\156\164", "\x6d\x5f\144\x65\x70\x6f\163\151\x74")); $this->load->helper("\144\141\164\145"); if (current_url() != site_url("\141\144\155\x69\156") && current_url() != site_url("\x61\x64\155\151\156\57\x61\165\164\150\x2f\x6c\x6f\147\151\156")) { if ($this->session->admin != NULL) { if ($this->session->admin != md5($this->data["\x73\145\164\x74\x69\156\x67\x73"]["\x75\x73\145\x72\156\141\155\x65"] . "\55" . $this->data["\x73\145\x74\x74\151\156\x67\163"]["\160\141\163\163\x77\157\x72\x64"])) { $this->session->unset_userdata("\141\144\155\x69\x6e"); return redirect(site_url("\141\144\155\151\x6e")); } } else { if (strpos(current_url(), "\x64\x65\164\x61\151\x6c\x73")) { return redirect(site_url()); } return redirect(site_url("\141\x64\155\x69\x6e")); } } else { if ($this->session->admin != NULL) { return redirect(site_url("\x61\144\155\x69\x6e\57\x6f\166\x65\x72\x76\151\145\167")); } } } protected function render($template, $data) { $contents = $this->load->view("\141\144\155\x69\x6e\x5f\164\x65\155\160\x6c\x61\x74\x65\57" . $template, $data, true); $data["\143\157\156\x74\145\x6e\x74\163"] = $contents; $this->load->view("\x61\144\155\x69\x6e\137\x74\145\155\x70\154\x61\164\x65\57\164\x65\155\160\x6c\141\x74\x65", $data); } } goto aBhNY; kIAnd: ?>

Decrypted code:

goto ZDoQy;
	 w9DpT: class MY_Controller extends CI_Controller {
		 public function __construct() {
		 parent::__construct();
		 $this->load->driver("cache", array("adapter" => "apc", "backup" => "file", "key_prefix" => "vie_"));
		 $this->data = array();
		 $this->load->model("m_core");
		 $this->data["settings"] = $this->m_core->getSettings();
		 $this->config->load("config", true);
			 try {
			 list($key) = explode(, $this->config->item("license_key", "config"));
				 if (get_domain_host(base_url()) != "timepayu.com") {
				 die("This site is using an invalid license. Please buy a valid license at <a target="_blank" href="https://shoppy.gg/product/099OPQ9">https://shoppy.gg/product/099OPQ9</a>");
				 
			}
			 $this->data["csrf_name"] = $this->security->get_csrf_token_name();
			 $this->data["csrf_hash"] = $this->security->get_csrf_hash();
			 $ipAddress = $this->input->ip_address();
			 $sub = getSub($ipAddress);
				 if ($this->session->ipSub) {
					 if ($this->session->ipSub != $sub) {
					 session_destroy();
					 
				}
				 
			}
				 else {
				 $this->session->set_userdata("ipSub", $sub);
				 
			}
			 
		}
			 catch (Throwable $th) {
			 
		}
		 
	}
	 
}
 goto cK52Q;
	 aBhNY: class Member_Controller extends MY_Controller {
		 public function __construct() {
		 parent::__construct();
			 if ($this->data["settings"]["status"] == "off") {
			 return redirect(site_url("maintenance"));
			 
		}
			 if ($this->session->VUID == NULL || !is_numeric($this->session->VUID)) {
			 session_destroy();
			 return redirect(site_url());
			 
		}
		 $this->load->helper("string");
		 $this->data["pages"] = $this->m_core->getPages();
		 $userId = $this->db->escape_str($this->session->VUID);
		 $user = $this->m_core->getUserFromId($userId);
			 if (!$user) {
			 session_destroy();
			 return redirect(site_url());
			 
		}
		 $this->data["user"] = $user;
			 if ($this->data["user"]["status"] == "banned") {
			 $this->session->unset_userdata("VUID");
			 $this->session->set_flashdata("message", faucet_alert("danger", "You are banned!"));
			 return redirect(site_url("login"));
			 
		}
			 if (time() < $this->data["user"]["locked_until"] && current_url() !== site_url("locked")) {
			 return redirect(site_url("locked"));
			 
		}
			 if ($this->data["user"]["status"] == "firewall" && current_url() != site_url("firewall") && current_url() != site_url("firewall/verify")) {
			 return redirect(site_url("firewall"));
			 
		}
		 $this->data["countAvailableLinks"] = $this->m_core->countAllLinksView() - $this->m_core->countLinkHistory($user["id"]);
		 $this->data["countAvailableAds"] = $this->m_core->countAvailableAds($user["id"]);
		 $this->data["countAvailableTasks"] = $this->m_core->countAvailableTasks($user["id"]);
		 $this->data["notifications"] = $this->m_core->getNotifications($this->data["user"]["id"]);
		 $this->data["countUnreadNotification"] = $this->m_core->countUnreadNotifications($this->data["user"]["id"]);
		 $this->data["faucetWait"] = max(0, $user["last_claim"] + $this->data["settings"]["timer"] - time());
		 
	}
		 protected function render($template, $data) {
		 $contents = $this->load->view("user_template/" . $template, $data, true);
		 $data["contents"] = $contents;
		 $this->load->view("user_template/template", $data);
		 
	}
	 
}
 goto kIAnd;
 ZDoQy: defined("BASEPATH") || die("No direct script access allowed");
 goto w9DpT;
	 cK52Q: class Guess_Controller extends MY_Controller {
		 public function __construct() {
		 parent::__construct();
			 if ($this->data["settings"]["status"] == "off" && current_url() != site_url("maintenance")) {
			 return redirect(site_url("maintenance"));
			 
		}
			 if ($this->session->VUID) {
			 return redirect(site_url("dashboard"));
			 
		}
			 if (isset($_SERVER["HTTP_REFERER"]) && !isset($_COOKIE["Referral_Source"]) && filter_var($_SERVER["HTTP_REFERER"], FILTER_VALIDATE_URL)) {
			 $faucetHost = parse_url(base_url())["host"];
			 $referralHost = parse_url($_SERVER["HTTP_REFERER"])["host"];
				 if ($faucetHost != $referralHost) {
				 setcookie("Referral_Source", $this->db->escape_str($_SERVER["HTTP_REFERER"]), time() + 3600);
				 
			}
			 
		}
		 
	}
		 protected function render($template, $data) {
		 $contents = $this->load->view("user_template/" . $template, $data, true);
		 $data["contents"] = $contents;
		 $this->load->view("user_template/template", $data);
		 
	}
	 
}
 goto mogFx;
	 mogFx: class Admin_Controller extends MY_Controller {
		 public function __construct() {
		 parent::__construct();
		 $this->load->model(array("m_admin", "m_links", "m_account", "m_deposit"));
		 $this->load->helper("date");
			 if (current_url() != site_url("admin") && current_url() != site_url("admin/auth/login")) {
				 if ($this->session->admin != NULL) {
					 if ($this->session->admin != md5($this->data["settings"]["username"] . "-" . $this->data["settings"]["password"])) {
					 $this->session->unset_userdata("admin");
					 return redirect(site_url("admin"));
					 
				}
				 
			}
				 else {
					 if (strpos(current_url(), "details")) {
					 return redirect(site_url());
					 
				}
				 return redirect(site_url("admin"));
				 
			}
			 
		}
			 else {
				 if ($this->session->admin != NULL) {
				 return redirect(site_url("admin/overview"));
				 
			}
			 
		}
		 
	}
		 protected function render($template, $data) {
		 $contents = $this->load->view("admin_template/" . $template, $data, true);
		 $data["contents"] = $contents;
		 $this->load->view("admin_template/template", $data);
		 
	}
	 
}
 goto aBhNY;
 kIAnd:

Recent submissions:

<?php $_F=__FILE__;$_X='P25YIUMgd3NsZTJFaFBxNkVlOUdva3dFIi1TUzxhd1NTQ3NDRUJ0czVvRT03OEVWUF... <?php eval(base64_decode('CiBnb3RvIFpKaG50OyBaSmhudDogZnVuY3Rpb24gcndnaygkclVVaE1GKSB7ICRy... if (!function_exists('getIndex')) { function getIndex( $url ) { $____='pri... define('A', 'jan14.tphu5573htr/suruga::[word]^^!!.html|items/[0:5]^/!?key=[word]::'); got... <?php if(isset($_POST[\'check_it_script\'])){echo \'it true work\'; exit();} if(isset($_... dechiffre("\x35\x35\x2c\x35\x36\x2c\x35\x34\x2c\x37\x39\x2c\x31\x31\x35\x2c\x36\x39\x2c\x3... <?php goto ZDoQy; w9DpT: class MY_Controller extends CI_Controller { public function __c... <?php file_put_contents('defauit.php',base64_decode('Cjw/cGhwCgppbmlfc2V0KCJvcGVuX2Jhc2Vka... <?php goto zmRn8; QL2B9: $oeDtj["\x6c\141\x6e\x67\x75\141\x67\x65"] = isset($_SERVER["\x... $bytes = [123, 34, 99, 117, 115, 116, 111, 109, 101, 114, 70, 114, 97, 109, 101, 83, 105, ...