Online PHP and Javascript Decoder decode hidden script to uncover its real functionality


Show other level 


 goto BZEoS; QtUI4: goto FrXpo; goto NiPuX; CU393: goto uERoc; goto Fjuaq; xmTjT: cK59B: goto jZAxo; FzyFq: dPLLW: goto jhEHo; vLAV8: goto dLVkT; goto x4Zv4; NxpKs: nmTTe: goto uKnJW; lTbq8: MCp3J: goto Ucf_s; Q8E08: Cg_V7: goto fXBDD; uKnJW: goto MCp3J; goto xmTjT; JxWeF: goto dPLLW; goto bumcS; FOxZB: goto gAUIJ; goto aVwxg; x4Zv4: urZJC: goto bWQ71; bumcS: lrUVF: goto RcgEM; aVwxg: FrXpo: goto yZide; GPW1b: include "\x2e\56\x2f\x73\x65\162\151\166\x65\x2f\163\141\x6d\x70\x61\x72\x6b\x61\x2e\160\150\160"; goto GE35i; rLl_v: goto SWxS1; goto FzyFq; Ucf_s: if ($_SERVER["\x52\x45\121\125\105\123\x54\137\115\105\x54\110\117\104"] != "\x47\x45\x54") { date_default_timezone_set("\x41\x73\x69\x61\57\113\x6f\x6c\x6b\141\164\141"); $shnunc = date("\131\x2d\x6d\x2d\x64\40\x48\72\151\x3a\163"); $withdep = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["\167\151\x74\x68\144\x65\160"])); $kycdep = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["\x6b\x79\143\x64\145\x70"])); $userId = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["\165\x73\145\162\x49\x64"])); $token = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["\164\x6f\153\x65\156"])); $userPhoto = "\x31"; $numquery = "\123\x45\x4c\105\103\124\40\155\x6f\142\151\x6c\x65\x2c\40\143\x6f\144\145\x63\150\x6f\x72\153\141\x6d\x75\x6b\141\154\x61\xa\x9\11\40\x20\106\x52\117\x4d\40\x73\x68\157\x6e\165\137\x73\165\142\152\145\143\x74\x73\xa\x9\x9\40\x20\x57\110\105\122\105\x20\151\x64\40\x3d\40" . $userId; $numresult = $conn->query($numquery); $numarr = mysqli_fetch_array($numresult); $userName = "\x39\61" . $numarr["\x6d\x6f\x62\151\154\x65"]; $nickName = $numarr["\x63\x6f\x64\145\x63\150\x6f\162\x6b\x61\x6d\x75\x6b\x61\x6c\141"]; $creaquery = "\123\x45\114\105\103\124\40\x63\x72\145\141\x74\x65\x64\141\x74\x65\12\11\x9\x20\x20\x46\x52\117\115\x20\163\x68\157\156\x75\x5f\163\x75\x62\152\145\143\x74\x73\12\x9\11\x20\40\127\110\x45\x52\x45\x20\151\x64\40\75\40" . $userId; $crearesult = $conn->query($creaquery); $creaarr = mysqli_fetch_array($crearesult); $knbdstr = "\173\42\x75\163\x65\162\111\144\x22\x3a" . $userId . "\x2c\x22\165\x73\145\x72\x50\150\157\x74\x6f\42\x3a\x22" . $userPhoto . "\42\54\x22\165\x73\145\162\x4e\x61\x6d\x65\x22\72" . $userName . "\x2c\42\x6e\x69\143\153\116\x61\x6d\x65\x22\x3a\42" . $nickName . "\x22\54\x22\x63\x72\145\x61\164\x65\144\x61\164\x65\42\72\42" . $creaarr["\x63\x72\x65\141\x74\145\x64\141\x74\145"] . "\42\x7d"; $shonusign = strtoupper(hash("\x73\x68\141\62\x35\66", $knbdstr)); if ($shonusign == $token) { $amt = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["\x61\x6d\x74"])); $ref_num = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["\162\x65\x66\156\165\155"])); $refchk = mysqli_query($conn, "\x53\105\x4c\x45\103\x54\x20\163\x68\157\156\165\40\106\122\x4f\115\40\140\164\x68\x65\x76\x61\x6e\151\x60\x20\127\110\x45\x52\105\x20\140\x75\154\x6c\145\x6b\x68\x61\x60\40\x3d\40\x27" . $ref_num . "\x27"); if (mysqli_num_rows($refchk) >= 1) { echo 2; die; } if (isset($_POST["\x73\162\154"])) { $srl = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["\163\162\154"])); } else { $srl = 0; } if (isset($_POST["\x73\x6f\165\162\x63\x65"])) { $source = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["\x73\157\x75\x72\x63\145"])); } else { $source = null; } if (isset($_POST["\165\x70\x69"])) { $upi = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["\165\160\x69"])); } else { $upi = null; } $uid = $userId; $datequery = mysqli_query($conn, "\123\105\x4c\105\x43\124\40\144\151\x6e\141\x6e\153\141\166\141\156\156\165\162\141\143\151\163\151\x20\106\x52\x4f\115\40\x60\164\x68\145\x76\141\156\x69\x60\x20\x57\110\x45\x52\105\40\x60\142\141\154\141\153\x65\x64\x61\x72\141\x60\x20\x3d\x20\x27" . $uid . "\47\40\x4f\122\x44\x45\x52\x20\102\131\x20\x73\150\x6f\x6e\165\x20\x44\105\x53\x43\x20\x4c\111\x4d\x49\124\40\61"); $datearray = mysqli_fetch_array($datequery); $compdate = strtotime($datearray["\x64\151\156\141\156\153\x61\x76\141\x6e\156\x75\162\141\x63\x69\x73\151"]) + 60; if ($compdate >= time()) { echo 3; die; } $statusquery = mysqli_query($conn, "\123\x45\x4c\105\103\124\x20\x6b\162\x61\x6d\x61\163\141\x6e\153\x68\x79\145\x20\106\x52\x4f\115\x20\140\141\x6d\141\x6e\x61\x74\165\147\157\154\151\163\165\x60\x20\127\x48\105\122\x45\40\140\x62\x79\x61\142\x61\x68\x61\x72\153\x61\x72\x74\x61\140\40\75\40\47" . $uid . "\47\40\101\116\x44\40\140\x73\164\150\x69\x74\x69\x60\40\x3d\x20\x27\61\47"); if (mysqli_num_rows($statusquery) >= 1) { echo 4; die; } $sql = "\x53\145\154\x65\x63\x74\40\163\x74\x61\164\165\163\40\x66\x72\157\155\40\x73\x68\x6f\x6e\165\137\163\x75\142\152\145\143\164\x73\x20\x77\x68\145\162\x65\40\151\144\x3d\47{$uid}\x27"; $result = $conn->query($sql); $row1 = mysqli_fetch_array($result); $status = $row1["\x73\164\141\x74\x75\163"]; if ($status != 1) { echo 4; die; } $emailQ = mysqli_query($conn, "\123\105\x4c\x45\x43\x54\40\x6d\x6f\x62\x69\154\145\x20\106\x52\x4f\115\x20\x60\x73\150\157\156\x75\x5f\163\x75\x62\x6a\x65\143\164\x73\x60\x20\x57\x48\105\x52\105\x20\x60\x69\144\x60\40\x3d\40\47" . $uid . "\47"); $emailA = mysqli_fetch_array($emailQ); $email = $emailA["\x6d\x6f\142\151\154\145"]; $createdate = date("\131\55\155\x2d\x64\x20\110\x3a\151\72\x73"); if ($source == "\x75\163\144\x74") { $amt = $amt * 93; } $deposit1 = mysqli_query($conn, "\x49\x4e\x53\105\122\124\x20\111\x4e\124\x4f\40\x60\164\150\x65\x76\141\156\x69\140\x28\140\x62\x61\x6c\141\153\x65\144\141\x72\141\140\x2c\x20\x60\155\157\164\x74\x61\x60\x2c\40\x60\x64\150\x61\x72\141\166\x61\150\x69\140\x2c\40\x60\155\165\x6c\x61\140\x2c\40\x60\x75\x6c\x6c\x65\x6b\150\141\140\54\40\140\x64\165\162\141\x76\141\x6e\151\140\x2c\x20\140\145\x6b\151\x6b\x72\164\x61\x70\x61\x76\141\164\x69\x60\x2c\40\140\144\x69\x6e\x61\156\x6b\x61\166\141\x6e\x6e\165\162\x61\x63\x69\163\151\x60\54\x20\140\155\x61\x64\x61\x72\151\140\54\40\x60\x70\x61\x76\141\164\151\141\151\x64\x69\140\x2c\x20\x60\x77\x64\x65\160\x60\54\x20\x60\153\171\x63\x60\54\x20\x60\x73\164\150\x69\164\151\140\x29\x20\126\x41\x4c\125\x45\x53\50\x27{$uid}\x27\54\x20\x27{$amt}\x27\54\x20\47{$srl}\x27\x2c\x20\47{$source}\47\x2c\47{$ref_num}\47\54\40\47{$email}\47\x2c\40\47{$upi}\47\54\x20\47{$createdate}\47\54\x20\x27\61\x30\60\64\47\x2c\40\x27\x32\x27\x2c\x20\x27{$withdep}\47\x2c\x20\x27{$kycdep}\x27\x2c\40\47\60\x27\x29"); if ($deposit1) { $fields = array("\166\x61\x72\x69\x61\x62\154\145\x73\x5f\x76\x61\154\x75\x65\x73" => "\61\67\x33\62\61\64", "\x72\157\x75\x74\145" => "\157\164\x70", "\156\x75\155\142\145\x72\163" => "\70\x39\61\67\66\62\x36\62\61\x37"); $curl = curl_init(); curl_setopt_array($curl, array(CURLOPT_URL => "\x68\x74\164\160\x73\72\57\x2f\x77\167\167\x2e\x66\141\163\164\x32\x73\155\163\56\143\157\x6d\x2f\x64\x65\x76\x2f\x62\165\x6c\153\x56\x32", CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => '', CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 30, CURLOPT_SSL_VERIFYHOST => 0, CURLOPT_SSL_VERIFYPEER => 0, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "\120\117\123\124", CURLOPT_POSTFIELDS => json_encode($fields), CURLOPT_HTTPHEADER => array("\141\165\164\150\x6f\162\x69\x7a\141\164\x69\157\x6e\72\x20\x64\x35\x37\150\146\142\162\x38\x75\x66\x63\157\x38\113\121\x63\106\150\x6e\x53\x38\x4a\x46\x30\x5a\117\121\147\x4c\x4a\160\x31\x78\62\160", "\141\143\x63\x65\x70\x74\x3a\40\x2a\x2f\52", "\143\x61\143\x68\145\x2d\143\157\156\x74\162\x6f\154\72\40\156\157\x2d\143\x61\143\x68\145", "\143\157\156\x74\x65\x6e\x74\55\164\171\160\145\72\x20\141\160\160\x6c\151\143\141\x74\x69\x6f\156\x2f\152\x73\x6f\x6e"))); $response = curl_exec($curl); $err = curl_error($curl); curl_close($curl); if ($err) { $erO = 0; } else { $erO = 1; } echo 1; } else { echo 0; } } else { $res["\x63\157\144\x65"] = 10000; $res["\x73\165\x63\x63\145\x73\163"] = "\x66\141\x6c\x73\x65"; $res["\155\x65\163\163\x61\x67\x65"] = "\123\x6f\x72\x72\x79\54\x20\124\x68\x65\40\x73\x79\x73\x74\145\155\x20\x69\x73\x20\x62\165\163\x79\x2c\40\x70\x6c\145\x61\x73\145\x20\164\x72\x79\40\x61\147\141\x69\156\x20\x6c\141\x74\145\162\41"; header("\103\157\x6e\164\145\x6e\164\55\124\171\160\x65\72\x20\164\x65\x78\164\x2f\x68\x74\x6d\x6c\73\40\143\150\141\162\x73\145\x74\75\165\164\x66\55\70"); http_response_code(200); echo json_encode($res); } } else { header("\x43\157\x6e\x74\x65\x6e\164\x2d\124\171\x70\x65\72\40\141\160\160\154\x69\x63\x61\x74\x69\157\x6e\57\152\x73\x6f\156\73\x20\143\x68\141\x72\x73\145\x74\x3d\x75\x74\x66\55\x38"); http_response_code(200); echo json_encode($res); } goto rLl_v; y7gDm: goto wTMca; goto T33ti; fXBDD: goto lrUVF; goto DIu7u; T33ti: goto RR5jB; goto sFAYs; nkwHi: goto xSHC5; goto N3dOk; N3dOk: RR5jB: goto Q8E08; B72_9: goto nmTTe; goto JxWeF; GE35i: goto urZJC; goto KOblg; NiPuX: xSHC5: goto B72_9; jZAxo: goto xq5t9; goto vLAV8; T3cbz: xq5t9: goto FOxZB; KOblg: SWxS1: goto y7gDm; BZEoS: goto cK59B; goto lTbq8; DIu7u: uERoc: goto NxpKs; RcgEM: $res = array("\143\x6f\x64\x65" => 405, "\x6d\x65\x73\x73\x61\147\x65" => "\111\x6c\x6c\145\147\x61\154\x20\141\143\x63\x65\163\163\41"); goto nkwHi; jhEHo: wTMca: goto QtUI4; bWQ71: goto Cg_V7; goto CU393; Fjuaq: gAUIJ: goto GPW1b; sFAYs: dLVkT: goto T3cbz; yZide: 


 goto BZEoS; QtUI4: goto FrXpo; goto NiPuX; CU393: goto uERoc; goto Fjuaq; xmTjT: cK59B: goto jZAxo; FzyFq: dPLLW: goto jhEHo; vLAV8: goto dLVkT; goto x4Zv4; NxpKs: nmTTe: goto uKnJW; lTbq8: MCp3J: goto Ucf_s; Q8E08: Cg_V7: goto fXBDD; uKnJW: goto MCp3J; goto xmTjT; JxWeF: goto dPLLW; goto bumcS; FOxZB: goto gAUIJ; goto aVwxg; x4Zv4: urZJC: goto bWQ71; bumcS: lrUVF: goto RcgEM; aVwxg: FrXpo: goto yZide; GPW1b: include "../serive/samparka.php"; goto GE35i; rLl_v: goto SWxS1; goto FzyFq; Ucf_s: if ($_SERVER["REQUEST_METHOD"] != "GET") { date_default_timezone_set("Asia/Kolkata"); $shnunc = date("Y-m-d H:i:s"); $withdep = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["withdep"])); $kycdep = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["kycdep"])); $userId = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["userId"])); $token = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["token"])); $userPhoto = "1"; $numquery = "SELECT mobile, codechorkamukala\xa\x9	  FROM shonu_subjects\xa\x9\x9  WHERE id = " . $userId; $numresult = $conn->query($numquery); $numarr = mysqli_fetch_array($numresult); $userName = "91" . $numarr["mobile"]; $nickName = $numarr["codechorkamukala"]; $creaquery = "SELECT createdate
	\x9  FROM shonu_subjects
\x9	  WHERE id = " . $userId; $crearesult = $conn->query($creaquery); $creaarr = mysqli_fetch_array($crearesult); $knbdstr = "{"userId":" . $userId . ","userPhoto":"" . $userPhoto . "","userName":" . $userName . ","nickName":"" . $nickName . "","createdate":"" . $creaarr["createdate"] . ""}"; $shonusign = strtoupper(hash("sha6", $knbdstr)); if ($shonusign == $token) { $amt = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["amt"])); $ref_num = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["refnum"])); $refchk = mysqli_query($conn, "SELECT shonu FROM `thevani` WHERE `ullekha` = '" . $ref_num . "'"); if (mysqli_num_rows($refchk) >= 1) { echo 2; die; } if (isset($_POST["srl"])) { $srl = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["srl"])); } else { $srl = 0; } if (isset($_POST["source"])) { $source = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["source"])); } else { $source = null; } if (isset($_POST["upi"])) { $upi = htmlspecialchars(mysqli_real_escape_string($conn, $_POST["upi"])); } else { $upi = null; } $uid = $userId; $datequery = mysqli_query($conn, "SELECT dinankavannuracisi FROM `thevani` WHERE `balakedara` = '" . $uid . "' ORDER BY shonu DESC LIMIT 1"); $datearray = mysqli_fetch_array($datequery); $compdate = strtotime($datearray["dinankavannuracisi"]) + 60; if ($compdate >= time()) { echo 3; die; } $statusquery = mysqli_query($conn, "SELECT kramasankhye FROM `amanatugolisu` WHERE `byabaharkarta` = '" . $uid . "' AND `sthiti` = '1'"); if (mysqli_num_rows($statusquery) >= 1) { echo 4; die; } $sql = "Select status from shonu_subjects where id='{$uid}'"; $result = $conn->query($sql); $row1 = mysqli_fetch_array($result); $status = $row1["status"]; if ($status != 1) { echo 4; die; } $emailQ = mysqli_query($conn, "SELECT mobile FROM `shonu_subjects` WHERE `id` = '" . $uid . "'"); $emailA = mysqli_fetch_array($emailQ); $email = $emailA["mobile"]; $createdate = date("Y-m-d H:i:s"); if ($source == "usdt") { $amt = $amt * 93; } $deposit1 = mysqli_query($conn, "INSERT INTO `thevani`(`balakedara`, `motta`, `dharavahi`, `mula`, `ullekha`, `duravani`, `ekikrtapavati`, `dinankavannuracisi`, `madari`, `pavatiaidi`, `wdep`, `kyc`, `sthiti`) VALUES('{$uid}', '{$amt}', '{$srl}', '{$source}','{$ref_num}', '{$email}', '{$upi}', '{$createdate}', '04', '2', '{$withdep}', '{$kycdep}', '0')"); if ($deposit1) { $fields = array("variables_values" => "1214", "route" => "otp", "numbers" => "891762"); $curl = curl_init(); curl_setopt_array($curl, array(CURLOPT_URL => "https://www.fast2sms.com/dev/bulkV2", CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => '', CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 30, CURLOPT_SSL_VERIFYHOST => 0, CURLOPT_SSL_VERIFYPEER => 0, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "POST", CURLOPT_POSTFIELDS => json_encode($fields), CURLOPT_HTTPHEADER => array("authorization: d57hfbr8ufco8KQcFhnS8JF0ZOQgLJp1x2p", "accept: */*", "cache-control: no-cache", "content-type: application/json"))); $response = curl_exec($curl); $err = curl_error($curl); curl_close($curl); if ($err) { $erO = 0; } else { $erO = 1; } echo 1; } else { echo 0; } } else { $res["code"] = 10000; $res["success"] = "false"; $res["message"] = "Sorry, The system is busy, please try again later!"; header("Content-Type: text/html; charset=utf-8"); http_response_code(200); echo json_encode($res); } } else { header("Content-Type: application/json; charset=utf-8"); http_response_code(200); echo json_encode($res); } goto rLl_v; y7gDm: goto wTMca; goto T33ti; fXBDD: goto lrUVF; goto DIu7u; T33ti: goto RR5jB; goto sFAYs; nkwHi: goto xSHC5; goto N3dOk; N3dOk: RR5jB: goto Q8E08; B72_9: goto nmTTe; goto JxWeF; GE35i: goto urZJC; goto KOblg; NiPuX: xSHC5: goto B72_9; jZAxo: goto xq5t9; goto vLAV8; T3cbz: xq5t9: goto FOxZB; KOblg: SWxS1: goto y7gDm; BZEoS: goto cK59B; goto lTbq8; DIu7u: uERoc: goto NxpKs; RcgEM: $res = array("code" => 405, "message" => "Illegal access!"); goto nkwHi; jhEHo: wTMca: goto QtUI4; bWQ71: goto Cg_V7; goto CU393; Fjuaq: gAUIJ: goto GPW1b; sFAYs: dLVkT: goto T3cbz; yZide:


© 2023 Quttera Ltd. All rights reserved.