Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /var/www/html/vidoe.top/lib/jsencode/ |
<?php /** * Class AADecoder * @author Andrey Izman <[email protected]> * @link https://github.com/mervick/php-aaencoder * @license MIT */ /** * Class AADecoder */ class AADecoder { const BEGIN_CODE = "゚ω゚ノ=/`m´)ノ~┻━┻/['_'];o=(゚ー゚)=_=3;c=(゚Θ゚)=(゚ー゚)-(゚ー゚);(゚Д゚)=(゚Θ゚)=(o^_^o)/(o^_^o);(゚Д゚)={゚Θ゚:'_',゚ω゚ノ:((゚ω゚ノ==3)+'_')[゚Θ゚],゚ー゚ノ:(゚ω゚ノ+'_')[o^_^o-(゚Θ゚)],゚Д゚ノ:((゚ー゚==3)+'_')[゚ー゚]};(゚Д゚)[゚Θ゚]=((゚ω゚ノ==3)+'_')[c^_^o];(゚Д゚)['c']=((゚Д゚)+'_')[(゚ー゚)+(゚ー゚)-(゚Θ゚)];(゚Д゚)['o']=((゚Д゚)+'_')[゚Θ゚];(゚o゚)=(゚Д゚)['c']+(゚Д゚)['o']+(゚ω゚ノ+'_')[゚Θ゚]+((゚ω゚ノ==3)+'_')[゚ー゚]+((゚Д゚)+'_')[(゚ー゚)+(゚ー゚)]+((゚ー゚==3)+'_')[゚Θ゚]+((゚ー゚==3)+'_')[(゚ー゚)-(゚Θ゚)]+(゚Д゚)['c']+((゚Д゚)+'_')[(゚ー゚)+(゚ー゚)]+(゚Д゚)['o']+((゚ー゚==3)+'_')[゚Θ゚];(゚Д゚)['_']=(o^_^o)[゚o゚][゚o゚];(゚ε゚)=((゚ー゚==3)+'_')[゚Θ゚]+(゚Д゚).゚Д゚ノ+((゚Д゚)+'_')[(゚ー゚)+(゚ー゚)]+((゚ー゚==3)+'_')[o^_^o-゚Θ゚]+((゚ー゚==3)+'_')[゚Θ゚]+(゚ω゚ノ+'_')[゚Θ゚];(゚ー゚)+=(゚Θ゚);(゚Д゚)[゚ε゚]='\\\\';(゚Д゚).゚Θ゚ノ=(゚Д゚+゚ー゚)[o^_^o-(゚Θ゚)];(o゚ー゚o)=(゚ω゚ノ+'_')[c^_^o];(゚Д゚)[゚o゚]='\\\"';(゚Д゚)['_']((゚Д゚)['_'](゚ε゚+(゚Д゚)[゚o゚]+"; const END_CODE = "(゚Д゚)[゚o゚])(゚Θ゚))('_');"; /** * Decode encoded-as-aaencode JavaScript code. * @param string $js * @return string */ public static function decode($js) { if (self::hasAAEncoded($js, $start, $next, $encoded)) { $decoded = self::deobfuscate($encoded); if (substr(rtrim($decoded), -1) !== ';') { $decoded .= ';'; } return mb_substr($js, 0, $start, 'UTF-8') . $decoded . self::decode(mb_substr($js, $next, null, 'UTF-8')); } return $js; } /** * @param string $js * @return string */ protected static function deobfuscate($js) { $bytes = array( 9 => '((゚ー゚)+(゚ー゚)+(゚Θ゚))', 6 => '((o^_^o)+(o^_^o))', 2 => '((o^_^o)-(゚Θ゚))', 7 => '((゚ー゚)+(o^_^o))', 5 => '((゚ー゚)+(゚Θ゚))', 8 => '((゚ー゚)+(゚ー゚))', 10 => '(゚Д゚).゚ω゚ノ', 11 => '(゚Д゚).゚Θ゚ノ', 12 => '(゚Д゚)[\'c\']', 13 => '(゚Д゚).゚ー゚ノ', 14 => '(゚Д゚).゚Д゚ノ', 15 => '(゚Д゚)[゚Θ゚]', 3 => '(o^_^o)', 0 => '(c^_^o)', 4 => '(゚ー゚)', 1 => '(゚Θ゚)', ); $native = array( '-~' => '1+', '!' => '1', '[]' => '0', ); $native = array( array_keys($native), array_values($native), ); $chars = array(); $hex = '(o゚ー゚o)+'; $hexLen = mb_strlen($hex, 'UTF-8'); $calc = function($expr) { return eval("return $expr;"); }; $convert = function ($block, $func) use ($bytes, $calc) { while (preg_match('/\([0-9\-\+\*\/]+\)/', $block)) { $block = preg_replace_callback('/\([0-9\-\+\*\/]+\)/', function($matches) use ($calc) { return $calc($matches[0]); }, $block); } $split = array(); foreach (explode('+', trim($block, '+')) as $num) { if ($num === '') continue; $split[] = $func(intval(trim($num))); } return implode('', $split); }; foreach ($bytes as $byte => $search) { $js = implode($byte, mb_split(preg_quote($search), $js)); } foreach (mb_split(preg_quote('(゚Д゚)[゚ε゚]+'), $js) as $block) { $block = trim(trim(str_replace($native[0], $native[1], $block), '+')); if ($block === '') continue; if (mb_substr($block, 0, $hexLen, 'UTF-8') === $hex) { $code = hexdec($convert(mb_substr($block, $hexLen, null, 'UTF-8'), 'dechex')); } else { $code = octdec($convert($block, 'decoct')); } $chars[] = mb_convert_encoding('&#' . intval($code) . ';', 'UTF-8', 'HTML-ENTITIES'); } return implode('', $chars); } /** * Detect aaencoded JavaScript code. * @param string $js * @param null|int $start * @param null|int $next * @param null|string $encoded * @return bool */ public static function hasAAEncoded($js, &$start=null, &$next=null, &$encoded=null) { $find = function($haystack, $needle, $offset=0) { $matches = array(); for ($i = 0; $i < 6 && $offset !== false; $i ++) { if (($offset = mb_strpos($haystack, $needle, $offset, 'UTF-8')) !== false) { $matches[$i] = $offset; $offset ++; } } return count($matches) >= 6 ? array($matches[4], $matches[5]) : false; }; $start = -1; while (($start = mb_strpos($js, '゚ω゚ノ', $start + 1, 'UTF-8')) !== false) { $clear = preg_replace('/\/\*.+?\*\//', '', preg_replace('/[\x03-\x20]/', '', $code = mb_substr($js, $start, null, 'UTF-8'))); $len = mb_strlen(self::BEGIN_CODE, 'UTF-8'); if (mb_substr($clear, 0, $len, 'UTF-8') === self::BEGIN_CODE && mb_strpos($clear, self::END_CODE, $len, 'UTF-8') && ($matches = $find($js, '゚o゚', $start)) ) { list($beginAt, $endAt) = $matches; $beginAt = mb_strpos($js, '+', $beginAt, 'UTF-8'); $endAt = mb_strrpos($js, '(', - mb_strlen($js, 'UTF-8') + $endAt, 'UTF-8'); $next = mb_strpos($js, ';', $endAt + 1, 'UTF-8') + 1; $encoded = preg_replace('/[\x03-\x20]/', '', mb_substr($js, $beginAt, $endAt - $beginAt, 'UTF-8')); return true; } } return false; } }