Japanese 
English
PHP 難読化コードの復元・デコードWordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php
include_once 'xmlseclibs.php';
use RobRichards\XMLSecLibs\XMLSecurityKey;
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecEnc;
class SAMLSPUtilities
{
public static function generateID()
{
return "\x5f" . self::stringToHex(self::generateRandomBytes(21));
}
public static function stringToHex($Ns)
{
$Bx = '';
$lw = 0;
O1B:
if (!($lw < strlen($Ns))) {
goto FxX;
}
$Bx .= sprintf("\45\60\62\170", ord($Ns[$lw]));
tSD:
$lw++;
goto O1B;
FxX:
return $Bx;
}
public static function generateRandomBytes($PB, $hF = TRUE)
{
return openssl_random_pseudo_bytes($PB);
}
public static function createAuthnRequest($Uf, $Ai, $tG, $s2 = "\146\141\154\163\x65", $j5 = "\110\x74\164\x70\x52\145\x64\x69\x72\145\x63\x74", $So = '')
{
$So = "\x75\x72\156\72\157\141\163\151\163\72\x6e\x61\x6d\x65\163\72\164\143\72\x53\101\x4d\x4c\x3a" . $So;
$JE = "\x3c\77\170\x6d\154\x20\x76\x65\x72\163\151\157\156\75\x22\61\x2e\60\x22\40\x65\x6e\143\x6f\144\151\156\147\x3d\42\125\124\106\x2d\70\42\x3f\76" . "\74\163\141\155\154\x70\72\101\x75\164\x68\156\x52\x65\161\165\x65\x73\164\x20\x78\x6d\154\156\163\x3a\x73\x61\155\x6c\x70\75\42\165\162\x6e\x3a\157\141\163\x69\x73\x3a\x6e\141\155\x65\163\72\164\x63\72\x53\x41\x4d\114\x3a\x32\56\x30\72\x70\x72\x6f\x74\x6f\143\157\x6c\x22\40\170\x6d\154\x6e\163\x3d\x22\165\162\x6e\x3a\157\141\163\151\x73\x3a\156\x61\x6d\145\x73\x3a\164\143\x3a\x53\101\x4d\x4c\x3a\x32\56\x30\72\x61\x73\x73\x65\162\164\151\x6f\x6e\x22\x20\x49\x44\x3d\42" . self::generateID() . "\42\40\x56\145\x72\x73\151\x6f\156\75\x22\62\x2e\x30\x22\40\111\163\x73\165\145\111\x6e\x73\164\141\x6e\164\x3d\x22" . self::generateTimestamp() . "\x22";
if (!($s2 == "\164\x72\x75\x65")) {
goto Om3;
}
$JE .= "\40\106\x6f\162\143\x65\x41\x75\x74\x68\x6e\75\42\x74\162\x75\x65\x22";
Om3:
$JE .= "\x20\x50\162\157\x74\157\143\157\154\102\151\156\144\151\x6e\147\75\42\x75\162\156\72\x6f\x61\x73\151\163\72\x6e\x61\155\145\163\72\164\x63\72\123\x41\x4d\114\72\62\x2e\60\x3a\x62\x69\156\x64\x69\156\147\x73\72\110\x54\124\x50\x2d\x50\117\x53\124\42\40\x41\163\163\x65\162\164\x69\157\156\x43\x6f\x6e\x73\165\x6d\145\162\x53\x65\162\166\151\143\145\125\x52\x4c\x3d\x22" . $Uf . "\42\x20\104\x65\163\x74\x69\x6e\141\164\x69\x6f\156\75\42" . htmlspecialchars($tG) . "\42\76\74\x73\141\155\154\x3a\x49\x73\163\165\145\x72\40\170\x6d\154\156\x73\72\163\x61\x6d\154\x3d\42\165\x72\x6e\x3a\157\x61\163\151\x73\x3a\156\141\155\x65\163\x3a\x74\143\72\123\101\115\114\72\62\56\60\x3a\141\x73\x73\x65\x72\164\x69\157\156\42\76" . $Ai . "\74\x2f\x73\141\155\x6c\x3a\111\163\x73\165\x65\x72\76\74\163\141\x6d\x6c\160\x3a\116\141\x6d\145\111\x44\120\157\x6c\x69\x63\171\40\x41\154\x6c\x6f\167\x43\162\x65\x61\164\145\x3d\x22\x74\162\165\x65\42\x20\106\x6f\162\x6d\x61\x74\75\42" . $So . "\42\xa\40\40\x20\40\40\x20\40\x20\40\40\40\40\40\40\x20\40\40\x20\40\40\x20\x20\x20\x20\x2f\76\x3c\x2f\163\x61\x6d\x6c\x70\x3a\x41\x75\164\x68\156\122\145\161\165\x65\163\x74\x3e";
if (empty($j5) || $j5 == "\110\x74\x74\160\x52\145\144\151\162\x65\143\164") {
goto g3x;
}
$gl = gzdeflate($JE);
$b5 = base64_encode($gl);
update_option("\x6d\x6f\137\x73\x61\155\x6c\x5f\x72\145\x71\x75\145\163\x74", $b5);
goto ufZ;
g3x:
$gl = gzdeflate($JE);
$b5 = base64_encode($gl);
update_option("\155\157\137\x73\141\x6d\154\137\162\x65\x71\x75\145\163\164", $b5);
$Av = urlencode($b5);
$JE = $Av;
ufZ:
return $JE;
}
public static function createLogoutRequest($OJ, $Ai, $tG, $VU = '', $eu = "\110\164\x74\160\122\x65\x64\151\162\x65\143\x74")
{
$JE = "\x3c\77\170\x6d\154\x20\x76\x65\x72\x73\x69\x6f\x6e\x3d\x22\x31\56\x30\x22\40\x65\x6e\143\157\144\x69\156\147\x3d\x22\x55\124\106\55\70\x22\77\x3e" . "\74\x73\141\x6d\x6c\160\72\x4c\x6f\x67\157\x75\x74\122\145\x71\165\145\163\164\x20\x78\x6d\x6c\x6e\163\72\x73\x61\155\154\160\75\42\165\162\x6e\72\157\x61\x73\151\163\x3a\x6e\x61\x6d\145\163\72\164\143\72\x53\101\x4d\x4c\72\x32\x2e\x30\72\160\162\157\x74\x6f\x63\x6f\x6c\42\x20\x78\x6d\x6c\x6e\163\72\163\x61\x6d\154\75\x22\165\x72\156\72\x6f\x61\x73\x69\163\x3a\x6e\141\155\x65\163\x3a\164\x63\x3a\x53\x41\x4d\x4c\x3a\62\x2e\60\x3a\141\x73\x73\x65\x72\164\151\157\156\x22\40\x49\104\75\x22" . self::generateID() . "\x22\40\111\x73\x73\x75\x65\111\156\163\164\x61\x6e\164\75\x22" . self::generateTimestamp() . "\42\40\x56\145\x72\163\x69\x6f\x6e\x3d\x22\x32\56\x30\x22\40\x44\x65\x73\x74\151\156\141\x74\x69\157\156\75\42" . htmlspecialchars($tG) . "\x22\x3e\12\x9\11\11\11\x9\x9\x3c\x73\141\155\x6c\72\x49\163\x73\x75\x65\162\x20\170\x6d\154\x6e\163\x3a\x73\141\x6d\154\75\x22\165\162\x6e\72\x6f\141\x73\x69\x73\x3a\156\141\x6d\145\163\72\164\143\72\123\x41\115\114\72\62\x2e\60\x3a\141\x73\163\145\162\164\x69\157\x6e\42\76" . $Ai . "\x3c\x2f\163\141\x6d\x6c\x3a\x49\163\163\165\x65\x72\x3e\xa\x9\11\x9\x9\11\11\x3c\163\x61\x6d\154\x3a\116\x61\155\145\111\104\40\x78\155\x6c\156\163\x3a\163\141\x6d\x6c\75\x22\165\x72\x6e\x3a\157\x61\x73\151\163\x3a\x6e\141\155\x65\163\72\x74\143\x3a\123\x41\115\x4c\72\x32\56\60\72\x61\x73\x73\145\x72\x74\151\157\x6e\42\x3e" . $OJ[0] . "\x3c\57\163\x61\x6d\x6c\x3a\x4e\141\155\x65\111\x44\x3e";
if (empty($VU)) {
goto S0R;
}
$JE .= "\74\163\141\x6d\x6c\x70\72\x53\x65\163\163\x69\157\x6e\111\x6e\144\x65\x78\x3e" . $VU[0] . "\x3c\x2f\163\141\x6d\154\160\72\123\x65\163\163\151\x6f\x6e\x49\x6e\144\145\170\76";
S0R:
$JE .= "\74\57\163\141\155\x6c\x70\72\114\157\x67\x6f\x75\164\122\145\x71\x75\145\x73\x74\x3e";
if (!(empty($eu) || $eu == "\110\164\164\x70\122\145\144\151\162\145\143\164")) {
goto d5C;
}
$gl = gzdeflate($JE);
$b5 = base64_encode($gl);
$Av = urlencode($b5);
$JE = $Av;
d5C:
return $JE;
}
public static function createLogoutResponse($WQ, $Ai, $tG, $eu = "\x48\x74\x74\x70\122\x65\144\x69\x72\145\143\x74")
{
$JE = "\74\77\x78\155\x6c\x20\x76\145\x72\163\x69\x6f\156\x3d\x22\x31\56\60\x22\x20\x65\156\143\x6f\144\151\156\x67\x3d\42\125\124\106\55\70\42\77\x3e" . "\x3c\163\141\x6d\154\160\72\x4c\157\x67\x6f\x75\x74\x52\145\163\x70\157\156\163\x65\x20\170\155\154\x6e\x73\72\163\141\155\x6c\x70\75\x22\x75\x72\x6e\72\x6f\x61\163\151\x73\x3a\x6e\141\x6d\x65\x73\x3a\164\143\72\123\x41\115\x4c\x3a\62\56\x30\72\x70\x72\157\164\157\143\157\154\42\40\x78\155\154\x6e\163\x3a\x73\141\155\x6c\75\42\x75\162\156\72\x6f\141\x73\x69\x73\x3a\x6e\141\155\145\163\x3a\164\143\x3a\123\101\x4d\114\x3a\x32\x2e\60\x3a\x61\163\x73\145\x72\164\x69\157\156\x22\x20" . "\111\x44\x3d\42" . self::generateID() . "\42\x20" . "\126\x65\x72\163\x69\157\156\75\42\x32\56\60\42\40\x49\163\x73\165\x65\x49\156\163\x74\x61\156\x74\75\42" . self::generateTimestamp() . "\42\x20" . "\x44\x65\163\x74\x69\156\x61\x74\151\157\156\x3d\42" . $tG . "\x22\x20" . "\111\x6e\122\x65\x73\160\x6f\156\x73\x65\124\157\75\42" . $WQ . "\x22\76" . "\x3c\163\141\x6d\154\72\111\x73\x73\165\145\162\40\170\x6d\154\x6e\163\x3a\x73\141\155\154\x3d\42\165\x72\156\72\157\141\x73\x69\x73\x3a\156\x61\x6d\145\163\x3a\x74\x63\x3a\x53\x41\x4d\114\72\62\56\x30\x3a\141\x73\x73\x65\x72\164\x69\157\156\42\x3e" . $Ai . "\74\57\163\141\155\154\72\111\163\163\x75\145\162\76" . "\x3c\163\x61\155\154\x70\x3a\x53\164\141\164\x75\163\x3e\74\163\141\x6d\154\160\x3a\123\164\x61\x74\165\163\x43\157\x64\x65\40\126\x61\x6c\165\145\75\x22\165\162\156\x3a\x6f\x61\x73\151\x73\72\156\x61\155\145\x73\72\164\143\72\123\x41\115\x4c\x3a\62\56\60\x3a\163\164\x61\x74\x75\163\x3a\123\165\x63\143\x65\163\x73\42\x2f\x3e\74\x2f\x73\141\x6d\x6c\x70\x3a\x53\164\x61\x74\165\163\x3e\x3c\57\163\x61\155\154\160\72\x4c\x6f\147\157\x75\164\x52\145\163\x70\x6f\x6e\x73\x65\76";
if (!(empty($eu) || $eu == "\x48\164\164\160\x52\145\x64\151\162\x65\x63\x74")) {
goto QNW;
}
$gl = gzdeflate($JE);
$b5 = base64_encode($gl);
$Av = urlencode($b5);
$JE = $Av;
QNW:
return $JE;
}
public static function generateTimestamp($hx = NULL)
{
if (!($hx === NULL)) {
goto i6u;
}
$hx = time();
i6u:
return gmdate("\x59\55\155\55\144\134\x54\110\72\151\72\x73\134\132", $hx);
}
public static function xpQuery(DOMNode $Kp, $Ws)
{
static $wn = NULL;
if ($Kp instanceof DOMDocument) {
goto ZFD;
}
$ik = $Kp->ownerDocument;
goto Hqg;
ZFD:
$ik = $Kp;
Hqg:
if (!($wn === NULL || !$wn->document->isSameNode($ik))) {
goto AkE;
}
$wn = new DOMXPath($ik);
$wn->registerNamespace("\x73\157\x61\x70\x2d\x65\x6e\166", "\150\164\x74\160\x3a\57\x2f\x73\143\x68\x65\x6d\x61\x73\x2e\x78\x6d\x6c\163\157\x61\160\56\x6f\x72\147\x2f\163\x6f\x61\160\57\145\x6e\x76\145\154\157\160\x65\x2f");
$wn->registerNamespace("\x73\x61\155\x6c\137\x70\x72\x6f\x74\157\x63\x6f\154", "\165\x72\156\x3a\x6f\x61\163\151\163\72\x6e\x61\155\x65\163\x3a\x74\x63\72\123\101\115\x4c\x3a\62\56\x30\x3a\160\x72\x6f\x74\157\143\157\154");
$wn->registerNamespace("\163\x61\x6d\154\x5f\141\163\163\x65\x72\x74\151\x6f\156", "\165\x72\x6e\x3a\x6f\141\163\151\x73\72\x6e\141\155\145\x73\x3a\x74\143\72\x53\101\x4d\114\x3a\x32\56\x30\x3a\x61\163\x73\145\x72\x74\151\x6f\156");
$wn->registerNamespace("\163\141\155\154\x5f\x6d\x65\x74\141\x64\x61\x74\x61", "\165\x72\156\72\157\141\x73\x69\x73\72\x6e\x61\155\145\163\72\164\143\x3a\x53\x41\x4d\x4c\x3a\x32\x2e\x30\72\x6d\x65\x74\x61\x64\141\x74\141");
$wn->registerNamespace("\x64\163", "\x68\x74\x74\160\72\x2f\x2f\x77\x77\167\x2e\x77\x33\56\157\162\x67\x2f\x32\x30\60\x30\57\x30\x39\x2f\x78\x6d\x6c\144\x73\x69\147\43");
$wn->registerNamespace("\170\145\x6e\143", "\150\x74\x74\160\x3a\57\57\x77\x77\167\56\x77\63\x2e\x6f\x72\147\57\62\x30\x30\x31\x2f\60\x34\x2f\x78\x6d\x6c\145\156\x63\43");
AkE:
$vR = $wn->query($Ws, $Kp);
$Bx = array();
$lw = 0;
DVu:
if (!($lw < $vR->length)) {
goto Xlb;
}
$Bx[$lw] = $vR->item($lw);
QzT:
$lw++;
goto DVu;
Xlb:
return $Bx;
}
public static function parseNameId(DOMElement $l3)
{
$Bx = array("\x56\x61\154\x75\x65" => trim($l3->textContent));
foreach (array("\116\141\x6d\x65\121\x75\141\x6c\151\x66\x69\x65\162", "\123\120\116\x61\155\145\121\x75\141\154\x69\x66\151\145\x72", "\x46\x6f\162\155\141\164") as $IT) {
if (!$l3->hasAttribute($IT)) {
goto xPR;
}
$Bx[$IT] = $l3->getAttribute($IT);
xPR:
huc:
}
AeQ:
return $Bx;
}
public static function xsDateTimeToTimestamp($Xv)
{
$Hp = array();
$iL = "\57\136\x28\x5c\144\x5c\144\x5c\x64\134\x64\x29\55\50\x5c\144\134\144\x29\55\50\x5c\144\134\x64\x29\124\50\x5c\x64\x5c\144\x29\72\50\x5c\x64\x5c\x64\51\x3a\x28\134\144\x5c\x64\51\50\77\72\134\x2e\134\x64\53\x29\x3f\x5a\44\x2f\104";
if (!(preg_match($iL, $Xv, $Hp) == 0)) {
goto lDh;
}
echo sprintf("\x6e\x76\x61\154\x69\x64\x20\123\101\115\x4c\x32\40\164\151\155\x65\x73\x74\141\x6d\160\40\160\141\x73\x73\145\144\x20\x74\157\40\x78\163\x44\141\x74\x65\124\x69\155\x65\x54\x6f\x54\x69\x6d\145\x73\x74\141\155\x70\72\40" . $Xv);
exit;
lDh:
$In = intval($Hp[1]);
$Y3 = intval($Hp[2]);
$wP = intval($Hp[3]);
$Fl = intval($Hp[4]);
$R3 = intval($Hp[5]);
$YI = intval($Hp[6]);
$ot = gmmktime($Fl, $R3, $YI, $Y3, $wP, $In);
return $ot;
}
public static function extractStrings(DOMElement $Lb, $IM, $qQ)
{
$Bx = array();
$Kp = $Lb->firstChild;
e8v:
if (!($Kp !== NULL)) {
goto yfd;
}
if (!($Kp->namespaceURI !== $IM || $Kp->localName !== $qQ)) {
goto CD5;
}
goto fLd;
CD5:
$Bx[] = trim($Kp->textContent);
fLd:
$Kp = $Kp->nextSibling;
goto e8v;
yfd:
return $Bx;
}
public static function validateElement(DOMElement $Bf)
{
$fG = new XMLSecurityDSig();
$fG->idKeys[] = "\x49\104";
$QF = self::xpQuery($Bf, "\x2e\57\x64\163\x3a\123\x69\147\x6e\141\164\165\x72\x65");
if (count($QF) === 0) {
goto WIO;
}
if (count($QF) > 1) {
goto GAZ;
}
goto hT8;
WIO:
return FALSE;
goto hT8;
GAZ:
echo sprintf("\130\115\114\x53\x65\143\72\40\155\x6f\x72\x65\40\x74\150\x61\x6e\x20\x6f\x6e\145\x20\x73\x69\147\156\x61\164\165\162\x65\x20\145\x6c\145\155\x65\x6e\x74\x20\151\x6e\40\162\157\157\164\x2e");
exit;
hT8:
$QF = $QF[0];
$fG->sigNode = $QF;
$fG->canonicalizeSignedInfo();
if ($fG->validateReference()) {
goto Zv_;
}
echo sprintf("\x58\115\114\163\145\143\72\40\144\151\147\145\163\164\40\x76\141\154\151\144\x61\164\x69\x6f\x6e\x20\x66\141\x69\154\145\x64");
exit;
Zv_:
$GO = FALSE;
foreach ($fG->getValidatedNodes() as $M6) {
if ($M6->isSameNode($Bf)) {
goto htq;
}
if ($Bf->parentNode instanceof DOMDocument && $M6->isSameNode($Bf->ownerDocument)) {
goto XW4;
}
goto UHI;
htq:
$GO = TRUE;
goto KSH;
goto UHI;
XW4:
$GO = TRUE;
goto KSH;
UHI:
Tup:
}
KSH:
if ($GO) {
goto wAJ;
}
echo sprintf("\x58\115\x4c\x53\145\x63\72\x20\x54\150\x65\x20\162\157\x6f\x74\40\x65\x6c\x65\x6d\x65\156\x74\40\151\163\x20\x6e\x6f\164\x20\163\151\x67\156\145\x64\x2e");
exit;
wAJ:
$mG = array();
foreach (self::xpQuery($QF, "\56\x2f\144\163\x3a\x4b\145\171\x49\x6e\146\157\57\x64\163\x3a\130\x35\60\x39\x44\x61\164\141\57\144\x73\x3a\130\x35\60\71\103\x65\x72\x74\x69\x66\151\x63\141\x74\145") as $dy) {
$UN = trim($dy->textContent);
$UN = str_replace(array("\15", "\12", "\11", "\x20"), '', $UN);
$mG[] = $UN;
W7I:
}
P0C:
$Bx = array("\x53\151\x67\x6e\x61\164\x75\x72\x65" => $fG, "\x43\145\x72\164\x69\x66\x69\143\x61\x74\x65\x73" => $mG);
return $Bx;
}
public static function validateSignature(array $Yx, XMLSecurityKey $WO)
{
$fG = $Yx["\x53\151\147\x6e\141\x74\165\162\x65"];
$nd = self::xpQuery($fG->sigNode, "\x2e\57\x64\163\x3a\x53\x69\147\x6e\145\x64\x49\x6e\146\157\57\144\163\x3a\x53\x69\x67\x6e\141\164\165\x72\x65\x4d\x65\164\150\x6f\x64");
if (!empty($nd)) {
goto tsw;
}
echo sprintf("\x4d\151\x73\163\x69\156\147\x20\x53\x69\x67\x6e\141\164\165\162\145\x4d\x65\164\150\x6f\x64\x20\145\x6c\x65\x6d\145\x6e\x74");
exit;
tsw:
$nd = $nd[0];
if ($nd->hasAttribute("\x41\154\x67\157\x72\151\x74\x68\x6d")) {
goto cAk;
}
echo sprintf("\x4d\151\x73\163\x69\x6e\147\40\x41\154\147\x6f\162\x69\x74\x68\x6d\x2d\141\x74\164\162\x69\142\165\x74\x65\40\x6f\x6e\x20\123\x69\147\156\141\164\x75\x72\145\115\x65\x74\x68\157\x64\x20\x65\154\145\x6d\145\156\164\56");
exit;
cAk:
$yu = $nd->getAttribute("\x41\154\147\157\162\x69\x74\150\x6d");
if (!($WO->type === XMLSecurityKey::RSA_SHA1 && $yu !== $WO->type)) {
goto icb;
}
$WO = self::castKey($WO, $yu);
icb:
if ($fG->verify($WO)) {
goto aAH;
}
echo sprintf("\x55\x6e\141\142\154\145\40\164\157\x20\x76\x61\154\151\144\141\164\x65\x20\x53\151\x67\x6e\x61\164\165\162\145");
exit;
aAH:
}
public static function castKey(XMLSecurityKey $WO, $by, $YE = "\x70\165\142\154\151\143")
{
if (!($WO->type === $by)) {
goto HLn;
}
return $WO;
HLn:
$I1 = openssl_pkey_get_details($WO->key);
if (!($I1 === FALSE)) {
goto FDY;
}
echo sprintf("\125\156\x61\142\x6c\x65\x20\164\157\40\147\145\x74\40\153\145\171\40\144\x65\164\x61\x69\x6c\163\x20\x66\x72\157\155\x20\x58\115\114\x53\x65\x63\x75\162\151\x74\171\113\x65\171\56");
exit;
FDY:
if (!empty($I1["\x6b\145\171"])) {
goto Ugv;
}
echo sprintf("\x4d\x69\163\x73\151\x6e\147\x20\153\x65\x79\x20\151\x6e\x20\160\165\x62\x6c\x69\x63\x20\153\145\171\40\144\x65\164\141\151\x6c\x73\56");
exit;
Ugv:
$mM = new XMLSecurityKey($by, array("\x74\x79\160\x65" => $YE));
$mM->loadKey($I1["\x6b\145\171"]);
return $mM;
}
public static function processResponse($Wa, $o2, $XS, SAML2SPResponse $Oc, $f9, $tr)
{
$q5 = current($Oc->getAssertions());
$vN = $q5->getNotBefore();
if (!($vN !== NULL && $vN > time() + 60)) {
goto IiL;
}
wp_die("\x52\145\x63\145\x69\x76\145\x64\40\141\156\x20\141\163\163\145\x72\x74\x69\x6f\156\x20\164\x68\x61\x74\x20\x69\x73\40\166\x61\x6c\151\x64\x20\151\x6e\x20\x74\150\x65\x20\x66\165\x74\165\162\145\x2e\40\x43\x68\145\143\153\x20\x63\154\157\x63\x6b\40\x73\x79\156\143\x68\162\157\x6e\x69\172\141\164\151\157\x6e\x20\157\156\x20\x49\144\x50\40\141\x6e\x64\40\123\x50\x2e");
IiL:
$ef = $q5->getNotOnOrAfter();
if (!($ef !== NULL && $ef <= time() - 60)) {
goto lIr;
}
wp_die("\122\x65\x63\x65\x69\166\x65\x64\x20\141\x6e\x20\141\x73\x73\145\x72\164\151\x6f\x6e\40\164\150\x61\164\x20\150\x61\163\40\x65\170\x70\x69\x72\x65\144\56\40\x43\150\145\x63\153\x20\x63\154\157\x63\x6b\x20\x73\171\156\x63\150\162\157\x6e\x69\x7a\x61\164\x69\x6f\156\40\x6f\x6e\40\x49\x64\x50\x20\141\156\144\x20\123\120\56");
lIr:
$Zm = $q5->getSessionNotOnOrAfter();
if (!($Zm !== NULL && $Zm <= time() - 60)) {
goto PW2;
}
wp_die("\x52\145\x63\x65\151\x76\x65\x64\40\141\156\40\141\x73\x73\x65\162\x74\151\x6f\x6e\x20\x77\x69\x74\x68\x20\141\40\163\x65\163\x73\x69\157\x6e\40\x74\x68\141\164\x20\x68\141\x73\x20\145\x78\x70\151\x72\145\144\56\40\103\150\145\x63\x6b\40\x63\x6c\157\x63\153\40\163\x79\156\143\150\x72\157\156\x69\172\141\x74\151\157\156\x20\x6f\156\x20\x49\x64\120\x20\141\156\144\x20\x53\x50\56");
PW2:
$Uj = $Oc->getDestination();
if (!(substr($Uj, -1) == "\57")) {
goto gkX;
}
$Uj = substr($Uj, 0, -1);
gkX:
if (!(substr($Wa, -1) == "\x2f")) {
goto YZS;
}
$Wa = substr($Wa, 0, -1);
YZS:
if (!($Uj !== NULL && $Uj !== $Wa)) {
goto VwU;
}
echo "\104\145\x73\164\151\156\x61\164\x69\x6f\156\x20\151\156\40\x72\x65\163\x70\x6f\156\163\x65\x20\x64\x6f\145\163\156\x27\164\x20\155\x61\164\143\x68\40\164\x68\x65\40\x63\165\162\162\145\156\164\40\125\122\114\56\40\104\145\163\x74\151\x6e\141\x74\x69\x6f\x6e\x20\151\163\x20\x22" . htmlspecialchars($Uj) . "\42\54\x20\x63\x75\x72\x72\145\156\164\x20\125\122\x4c\x20\151\163\x20\x22" . htmlspecialchars($Wa) . "\42\56";
exit;
VwU:
$zz = self::checkSign($o2, $XS, $f9, $tr);
return $zz;
}
public static function checkSign($o2, $XS, $f9, $tr)
{
$mG = $XS["\x43\x65\x72\x74\x69\x66\151\143\141\x74\x65\x73"];
if (count($mG) === 0) {
goto tse;
}
$Hy = array();
$Hy[] = $o2;
$CX = self::findCertificate($Hy, $mG, $tr);
if (!($CX == false)) {
goto pjM;
}
return false;
pjM:
goto tnE;
tse:
$F0 = maybe_unserialize(get_option("\163\141\155\x6c\x5f\x78\x35\60\x39\137\143\x65\162\164\151\x66\151\143\x61\164\x65"));
$CX = $F0[$f9];
tnE:
$wy = NULL;
$WO = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array("\x74\171\x70\145" => "\160\x75\x62\x6c\x69\x63"));
$WO->loadKey($CX);
try {
self::validateSignature($XS, $WO);
return TRUE;
} catch (Exception $qc) {
$wy = $qc;
}
if ($wy !== NULL) {
goto yqB;
}
return FALSE;
goto Z_u;
yqB:
throw $wy;
Z_u:
}
public static function validateIssuerAndAudience($fe, $VC, $dl, $tr)
{
$Ai = current($fe->getAssertions())->getIssuer();
$q5 = current($fe->getAssertions());
$lQ = $q5->getValidAudiences();
if (strcmp($dl, $Ai) === 0) {
goto f2x;
}
if ($tr == "\164\x65\163\164\x56\x61\154\151\144\x61\164\145" or $tr == "\164\x65\163\164\x4e\x65\167\x43\x65\162\164\x69\x66\x69\143\141\x74\145") {
goto Eg6;
}
wp_die("\127\x65\40\143\x6f\x75\154\x64\x20\x6e\157\164\40\163\151\147\x6e\x20\x79\157\165\40\x69\x6e\56\x20\x50\154\145\x61\x73\x65\x20\143\157\156\x74\x61\143\x74\40\171\157\x75\x72\40\x41\x64\x6d\151\156\151\163\164\x72\141\164\157\x72", "\105\x72\x72\x6f\x72\40\72\x49\x73\x73\x75\145\x72\x20\143\x61\156\x6e\157\x74\x20\x62\145\40\x76\x65\162\151\146\151\145\144");
goto jrd;
Eg6:
ob_end_clean();
$DP = mo_options_error_constants::Error_issuer_not_verfied;
$aS = mo_options_error_constants::Cause_issuer_not_verfied;
echo "\x3c\144\x69\x76\40\163\164\171\154\x65\75\42\x66\157\156\164\55\x66\141\155\x69\x6c\x79\72\103\141\x6c\x69\x62\x72\151\73\160\141\x64\x64\x69\156\x67\x3a\60\x20\63\x25\x3b\x22\x3e";
echo "\x3c\144\x69\166\x20\x73\x74\x79\x6c\145\75\42\143\157\154\x6f\x72\x3a\x20\x23\x61\x39\x34\64\64\x32\73\x62\141\x63\153\147\162\157\165\156\144\x2d\143\x6f\x6c\157\162\72\40\43\146\62\144\145\144\145\x3b\x70\x61\x64\x64\x69\156\147\72\x20\x31\65\160\170\73\155\141\162\147\x69\x6e\55\142\157\164\x74\157\155\72\40\62\x30\160\170\x3b\x74\145\170\x74\x2d\141\154\151\147\x6e\x3a\x63\145\x6e\x74\x65\x72\73\142\x6f\x72\x64\x65\x72\72\61\160\170\40\163\157\154\151\144\x20\43\x45\66\102\x33\102\x32\73\x66\x6f\156\164\x2d\163\x69\172\x65\x3a\61\x38\160\x74\x3b\x22\x3e\40\x45\x52\122\117\122\x3c\x2f\x64\x69\x76\x3e\xa\x9\x9\x9\40\74\144\x69\166\x20\x73\164\171\x6c\x65\x3d\42\x63\157\x6c\157\x72\72\40\x23\x61\x39\64\x34\x34\x32\73\146\x6f\x6e\x74\x2d\x73\151\x7a\145\x3a\61\64\x70\164\73\40\155\141\x72\147\x69\x6e\55\142\x6f\164\x74\x6f\x6d\72\x32\x30\x70\x78\73\42\x3e\x3c\160\76\74\x73\x74\162\x6f\156\x67\76\x45\x72\x72\x6f\x72\72\x20\74\x2f\163\x74\162\157\156\147\x3e\x49\x73\163\x75\145\162\x20\x63\x61\x6e\x6e\157\164\x20\142\x65\x20\x76\x65\x72\151\x66\151\145\x64\x2e\x3c\57\x70\x3e\12\11\x9\x9\x20\x3c\x70\76\x50\x6c\145\x61\163\x65\40\143\x6f\156\164\141\x63\x74\40\x79\x6f\x75\x72\40\x61\144\x6d\151\156\151\163\164\x72\x61\164\x6f\x72\x20\x61\156\x64\x20\162\x65\160\x6f\162\x74\40\x74\150\x65\x20\x66\x6f\x6c\154\157\x77\151\x6e\147\x20\145\x72\x72\x6f\162\x3a\74\57\x70\x3e\xa\x9\11\11\x20\x3c\x70\x3e\x3c\163\164\162\x6f\156\147\76\x50\157\x73\163\151\x62\154\x65\x20\x43\x61\x75\163\x65\72\x20\74\x2f\x73\164\x72\x6f\x6e\x67\76\111\144\120\40\x45\x6e\x74\151\x74\x79\40\x49\104\40\143\157\x6e\146\151\x67\165\x72\x65\x64\40\x69\x6e\x20\164\x68\145\x20\160\x6c\x75\x67\151\156\40\x69\163\x20\151\x6e\143\x6f\162\162\145\x63\x74\x3c\x2f\x70\x3e\12\11\x9\11\40\x3c\160\76\74\x73\x74\162\x6f\156\x67\76\x45\156\x74\151\164\x79\40\111\x44\x20\x69\x6e\40\x53\101\x4d\114\40\x52\145\163\160\x6f\x6e\x73\145\x3a\x20\74\57\163\164\x72\x6f\156\x67\x3e" . esc_html($Ai) . "\x3c\160\x3e\xa\x9\11\11\x20\x3c\160\x3e\74\x73\164\162\157\156\x67\76\x45\x6e\164\151\x74\x79\x20\111\104\x20\143\x6f\x6e\146\151\147\x75\162\x65\144\x20\x69\x6e\x20\x74\150\145\40\x70\x6c\x75\x67\151\x6e\x3a\40\74\x2f\x73\164\x72\x6f\156\147\x3e" . esc_html($dl) . "\74\57\160\x3e\12\x9\x9\11\40\x3c\160\76\x3c\x73\164\x72\157\156\x67\76\x53\x6f\154\x75\164\x69\x6f\x6e\x3a\74\57\163\x74\162\x6f\156\147\76\x3c\x2f\160\76\xa\11\11\x9\11\74\157\154\76\xa\x9\11\x9\x9\x9\x3c\154\x69\x3e\x43\x6f\x70\171\x20\x74\x68\145\x20\x45\x6e\164\151\x74\171\40\111\x44\40\x6f\x66\x20\x53\x41\x4d\x4c\40\x52\145\x73\x70\157\x6e\x73\145\40\x66\x72\x6f\x6d\x20\141\x62\157\x76\145\x20\x61\x6e\x64\40\x70\x61\163\164\x65\40\151\x74\x20\151\156\x20\x45\x6e\164\151\x74\x79\x20\x49\104\x20\x6f\x72\x20\x49\x73\163\165\x65\162\x20\x66\x69\x65\154\x64\x20\165\156\x64\x65\162\x20\123\x65\162\x76\151\143\145\x20\120\x72\157\x76\x69\144\x65\162\40\123\145\x74\165\x70\40\x74\141\x62\56\x3c\57\154\x69\x3e\xa\11\11\11\11\x3c\x2f\x6f\x6c\x3e\xa\11\11\x9\x20\x3c\x2f\x64\151\x76\x3e\12\x9\x9\11\x20\x3c\144\x69\166\x20\x73\x74\171\x6c\145\75\42\x6d\141\x72\x67\151\x6e\x3a\x33\45\73\144\151\163\160\x6c\141\x79\x3a\x62\x6c\157\143\153\73\164\x65\x78\x74\x2d\x61\154\151\x67\x6e\72\x63\x65\x6e\x74\145\162\73\42\76\xa\11\11\x9\x20\x3c\144\x69\166\x20\163\x74\171\154\145\x3d\x22\x6d\141\x72\x67\x69\x6e\72\63\x25\x3b\144\x69\163\160\x6c\x61\x79\x3a\x62\x6c\x6f\143\153\73\x74\145\170\x74\55\x61\154\x69\x67\x6e\72\143\145\x6e\164\145\162\x3b\42\76\x3c\151\156\x70\165\x74\x20\163\x74\x79\154\145\x3d\42\x70\141\144\x64\x69\156\147\72\x31\x25\x3b\x77\151\144\164\x68\x3a\61\60\x30\160\170\73\142\x61\x63\x6b\147\162\x6f\165\156\x64\x3a\x20\x23\x30\60\71\61\103\104\x20\x6e\x6f\x6e\x65\x20\x72\145\x70\145\x61\x74\x20\x73\x63\162\x6f\154\x6c\40\x30\x25\x20\60\x25\x3b\x63\x75\x72\163\x6f\162\x3a\x20\x70\x6f\151\156\x74\145\x72\73\x66\157\x6e\164\55\x73\x69\172\145\x3a\x31\x35\160\x78\x3b\142\157\x72\144\145\x72\55\x77\151\x64\164\x68\72\x20\61\160\170\x3b\x62\157\x72\x64\x65\162\x2d\163\x74\x79\154\145\x3a\40\x73\x6f\154\x69\144\x3b\x62\x6f\x72\144\x65\162\x2d\162\x61\x64\151\165\x73\x3a\40\63\x70\170\x3b\x77\150\x69\x74\x65\x2d\163\160\x61\x63\145\x3a\x20\x6e\157\167\x72\141\160\73\x62\x6f\x78\x2d\163\x69\172\x69\156\x67\x3a\x20\142\157\x72\x64\x65\x72\x2d\142\157\x78\73\x62\x6f\x72\144\x65\162\x2d\143\157\x6c\157\162\72\40\x23\60\60\x37\x33\101\x41\73\x62\157\170\55\163\x68\x61\x64\x6f\167\72\x20\60\160\170\40\61\160\170\x20\x30\160\x78\x20\x72\x67\142\x61\x28\x31\62\60\54\x20\62\x30\x30\54\x20\x32\63\60\54\x20\60\x2e\66\51\x20\151\156\163\145\x74\x3b\x63\x6f\x6c\x6f\162\72\x20\43\x46\x46\x46\73\42\164\x79\160\145\75\x22\142\x75\x74\164\x6f\156\42\x20\x76\141\154\x75\x65\75\42\x44\x6f\156\145\42\x20\157\x6e\103\x6c\x69\x63\153\x3d\42\163\x65\154\x66\x2e\x63\x6c\157\163\x65\50\x29\x3b\x22\x3e\74\57\144\151\166\76";
mo_saml_download_logs($DP, $aS);
exit;
jrd:
goto GoW;
f2x:
if (empty($lQ)) {
goto B4u;
}
if (in_array($VC, $lQ, TRUE)) {
goto uvz;
}
if ($tr == "\x74\x65\163\x74\126\141\154\x69\x64\x61\x74\x65" or $tr == "\164\x65\x73\x74\116\145\167\x43\145\x72\164\151\x66\151\x63\x61\x74\145") {
goto IH7;
}
wp_die("\x57\145\40\x63\x6f\165\x6c\144\x20\156\157\x74\x20\x73\151\x67\156\x20\x79\x6f\165\40\x69\x6e\56\40\120\x6c\x65\141\163\145\40\143\x6f\156\x74\x61\143\164\x20\171\x6f\165\x72\x20\x41\144\x6d\151\x6e\x69\163\x74\x72\x61\x74\157\162", "\105\162\162\157\x72\40\x3a\111\156\x76\x61\154\x69\x64\x20\101\x75\x64\151\145\x6e\143\x65\x20\125\122\x49");
goto gdO;
IH7:
$DP = mo_options_error_constants::Error_invalid_audience;
$aS = mo_options_error_constants::Cause_invalid_audience;
ob_end_clean();
echo "\x3c\x64\151\x76\40\163\x74\x79\x6c\145\x3d\42\146\x6f\x6e\164\55\146\x61\x6d\151\x6c\171\x3a\x43\x61\154\151\x62\x72\x69\x3b\x70\141\x64\x64\x69\156\x67\72\x30\40\x33\x25\73\42\x3e";
echo "\74\x64\151\166\x20\x73\164\x79\x6c\145\75\42\x63\x6f\154\157\162\72\x20\43\x61\x39\x34\64\x34\62\73\x62\141\x63\153\x67\x72\157\x75\x6e\144\55\143\157\154\x6f\162\72\40\43\x66\62\x64\x65\144\x65\x3b\160\141\x64\x64\151\x6e\x67\x3a\40\61\x35\x70\x78\73\155\x61\x72\x67\151\x6e\x2d\x62\157\x74\164\x6f\x6d\x3a\x20\x32\60\x70\x78\x3b\164\145\170\x74\55\x61\x6c\151\x67\156\x3a\x63\x65\156\x74\x65\x72\x3b\142\157\x72\144\145\x72\x3a\x31\160\x78\40\163\x6f\x6c\x69\x64\40\43\x45\66\102\63\102\x32\x3b\146\157\x6e\164\55\x73\x69\172\145\72\61\x38\160\164\73\x22\x3e\x20\105\x52\x52\117\x52\x3c\57\x64\x69\166\x3e\12\x20\40\x20\x20\40\40\40\40\x20\40\40\x20\40\40\40\x20\40\x20\x20\x20\74\144\151\x76\40\163\164\171\x6c\145\x3d\x22\x63\x6f\x6c\x6f\162\72\40\43\141\x39\64\64\64\x32\x3b\x66\157\x6e\164\x2d\163\x69\172\145\x3a\61\x34\160\x74\x3b\40\x6d\141\162\147\x69\x6e\55\142\x6f\x74\164\x6f\155\x3a\62\60\160\x78\x3b\42\76\74\160\76\74\163\x74\x72\157\x6e\147\76\105\x72\162\x6f\162\72\x20\x3c\x2f\x73\x74\162\x6f\x6e\x67\76\x49\156\166\x61\x6c\x69\x64\x20\101\x75\144\151\x65\156\x63\x65\40\x55\x52\111\56\74\x2f\160\x3e\12\40\x20\40\x20\x20\x20\40\x20\x20\x20\40\x20\40\40\40\x20\x20\40\40\x20\74\160\76\120\154\x65\141\x73\145\x20\x63\157\156\x74\141\x63\164\x20\171\x6f\x75\162\40\x61\144\x6d\151\x6e\x69\163\x74\162\141\164\x6f\162\40\141\x6e\144\40\162\x65\160\x6f\162\x74\x20\x74\150\145\x20\146\x6f\154\x6c\x6f\167\151\x6e\147\x20\x65\x72\162\x6f\162\72\74\x2f\160\x3e\12\40\x20\40\x20\40\40\x20\x20\40\x20\40\x20\40\x20\x20\x20\40\40\40\40\74\160\x3e\74\163\164\x72\x6f\x6e\147\76\120\157\x73\163\x69\142\x6c\145\x20\103\141\x75\163\145\72\x20\x3c\x2f\x73\x74\x72\x6f\x6e\x67\76\124\150\x65\40\166\x61\x6c\x75\x65\40\x6f\146\x20\47\x41\165\144\151\145\156\x63\x65\40\125\122\111\x27\x20\x66\151\x65\154\144\40\157\x6e\x20\x49\144\145\156\x74\x69\164\171\x20\x50\162\x6f\x76\x69\x64\x65\x72\47\x73\x20\x73\151\144\145\x20\151\x73\x20\151\156\x63\x6f\162\x72\x65\x63\164\x3c\x2f\x70\76\xa\x20\40\40\40\x20\x20\40\40\40\x20\x20\x20\40\40\40\x20\40\40\40\x20\74\160\x3e\x45\170\x70\x65\x63\x74\x65\144\40\157\156\145\40\x6f\146\40\164\x68\x65\40\x41\165\x64\151\x65\x6e\x63\x65\x73\x20\164\157\x20\142\145\x3a\40" . esc_html($VC) . "\74\160\76\xa\11\11\x9\11\x9\x3c\x70\x3e\x3c\x73\164\x72\x6f\x6e\x67\x3e\x53\x6f\x6c\x75\164\x69\157\x6e\x3a\74\x2f\x73\x74\162\157\x6e\x67\x3e\74\x2f\160\76\xa\x9\11\x9\x9\x9\74\157\x6c\76\xa\x9\11\x9\11\x9\11\74\154\x69\76\103\157\160\171\40\x74\x68\x65\x20\x45\170\160\x65\x63\x74\145\x64\40\101\165\x64\151\145\156\x63\145\x20\125\x52\x49\40\x66\x72\x6f\155\40\141\142\x6f\166\x65\x20\x61\x6e\144\40\160\x61\x73\164\x65\x20\151\x74\40\151\156\40\x74\150\x65\40\x41\x75\144\151\145\x6e\143\x65\40\125\122\x49\40\146\x69\145\154\144\40\x61\164\x20\x49\144\145\x6e\164\151\x74\x79\40\120\162\157\166\x69\x64\x65\x72\x20\x73\x69\144\x65\56\x3c\57\154\151\x3e\12\11\11\x9\x9\11\x3c\x2f\x6f\154\x3e\12\x9\11\x9\11\11\x3c\x2f\144\151\x76\76\xa\40\40\40\40\x20\40\x20\x20\x20\x20\x20\40\40\40\x20\x20\40\x20\40\40\x3c\144\x69\x76\x20\163\x74\x79\154\145\x3d\x22\155\141\x72\x67\151\x6e\72\x33\45\73\x64\151\163\160\x6c\x61\x79\72\x62\154\157\x63\153\x3b\164\145\x78\x74\55\x61\x6c\x69\147\x6e\x3a\143\145\156\x74\145\162\73\42\x3e\xa\40\x20\x20\40\40\40\40\x20\40\x20\x20\x20\x20\40\40\x20\40\x20\x20\x20\x3c\144\151\166\40\163\x74\x79\154\x65\75\x22\155\141\162\x67\151\156\72\63\x25\x3b\x64\x69\x73\x70\x6c\x61\x79\x3a\x62\154\x6f\143\153\73\164\x65\x78\164\55\141\154\151\147\x6e\x3a\143\145\156\164\145\x72\73\42\76\x3c\x69\156\160\165\164\x20\x73\164\171\154\145\x3d\42\160\141\144\144\x69\156\x67\72\x31\x25\73\167\x69\144\164\150\x3a\x31\x30\60\160\x78\73\x62\141\143\x6b\x67\162\157\165\156\144\72\x20\x23\x30\x30\71\x31\x43\104\40\156\x6f\156\145\x20\162\x65\160\x65\141\164\40\163\143\x72\x6f\154\x6c\x20\60\45\x20\x30\x25\73\143\165\x72\x73\x6f\x72\72\40\160\157\x69\156\x74\145\x72\x3b\x66\157\156\164\x2d\163\x69\172\x65\72\61\x35\160\x78\73\142\x6f\162\144\145\x72\x2d\167\151\x64\x74\x68\x3a\x20\61\160\170\73\x62\157\x72\144\145\x72\55\x73\164\x79\x6c\x65\72\x20\163\x6f\154\x69\x64\73\142\x6f\162\x64\x65\162\x2d\x72\141\144\x69\x75\163\72\x20\x33\160\x78\x3b\167\150\151\164\145\55\163\160\141\143\145\72\x20\x6e\x6f\167\x72\141\160\73\x62\x6f\170\55\163\151\x7a\x69\x6e\x67\x3a\x20\x62\x6f\x72\x64\145\162\55\142\157\170\x3b\x62\157\x72\x64\145\x72\55\x63\157\x6c\157\162\72\40\x23\x30\60\67\x33\101\101\73\x62\x6f\x78\55\x73\x68\141\144\157\167\x3a\x20\x30\160\170\x20\x31\160\170\40\60\160\170\x20\x72\147\x62\141\50\x31\x32\60\x2c\40\62\60\x30\x2c\40\x32\63\x30\x2c\40\x30\x2e\66\51\40\151\156\x73\145\x74\x3b\143\x6f\x6c\157\162\x3a\x20\x23\106\x46\x46\x3b\x22\x74\171\x70\x65\x3d\x22\x62\x75\164\164\x6f\x6e\x22\x20\x76\x61\x6c\165\145\75\42\x44\157\156\x65\x22\x20\x6f\x6e\103\x6c\x69\143\153\75\x22\163\x65\154\x66\56\x63\154\x6f\163\145\50\51\x3b\x22\x3e\74\57\144\151\x76\76";
exit;
mo_saml_download_logs($DP, $aS);
gdO:
goto AEw;
uvz:
return TRUE;
AEw:
B4u:
GoW:
}
private static function findCertificate(array $MZ, array $mG, $tr)
{
$j6 = array();
foreach ($mG as $zM) {
$eA = strtolower(sha1(base64_decode($zM)));
if (in_array($eA, $MZ, TRUE)) {
goto Jak;
}
$j6[] = $eA;
return false;
Jak:
$iK = "\x2d\x2d\55\x2d\55\102\105\x47\111\x4e\40\x43\x45\122\x54\111\106\111\x43\x41\124\105\x2d\55\55\55\55\xa" . chunk_split($zM, 64) . "\x2d\55\55\55\x2d\105\x4e\104\x20\103\x45\x52\124\x49\106\x49\x43\x41\124\x45\x2d\55\55\x2d\55\12";
return $iK;
Vq5:
}
o6k:
if ($tr == "\164\x65\163\x74\126\x61\x6c\x69\x64\x61\164\x65" or $tr == "\164\145\163\164\x4e\x65\167\x43\145\162\x74\151\146\151\x63\141\x74\145") {
goto Q76;
}
wp_die("\x57\x65\x20\x63\157\165\x6c\144\40\x6e\157\x74\40\x73\151\x67\156\40\171\x6f\165\40\151\x6e\56\x20\x50\x6c\145\x61\163\145\40\x63\x6f\156\x74\x61\143\164\x20\171\x6f\165\162\x20\101\x64\155\151\156\x69\x73\164\x72\141\x74\157\162", "\105\x72\162\x6f\162\x20\72\x43\145\x72\164\151\x66\x69\x63\141\x74\x65\40\x6e\x6f\164\x20\146\157\x75\156\144");
goto u4U;
Q76:
$iK = "\x2d\55\55\x2d\55\102\x45\x47\x49\116\40\x43\x45\122\124\x49\106\111\103\x41\124\105\x2d\x2d\x2d\55\55\x3c\142\x72\76" . chunk_split($zM, 64) . "\74\142\x72\76\55\x2d\x2d\55\55\x45\116\x44\x20\103\105\x52\124\111\x46\111\103\101\124\105\x2d\55\55\55\55";
echo "\74\144\151\x76\40\163\x74\x79\x6c\145\x3d\x22\146\157\156\164\x2d\146\141\155\151\154\171\72\103\x61\154\151\x62\162\151\x3b\160\x61\x64\144\x69\156\x67\x3a\x30\x20\63\x25\73\x22\76";
echo "\74\x64\151\166\40\x73\164\x79\154\x65\75\x22\x63\x6f\154\157\x72\x3a\x20\x23\141\x39\64\x34\64\x32\73\x62\141\143\x6b\x67\x72\x6f\x75\x6e\x64\55\143\157\x6c\157\x72\72\x20\43\x66\x32\144\x65\144\x65\73\x70\x61\144\x64\x69\x6e\147\72\x20\61\x35\160\170\x3b\155\x61\162\147\151\156\x2d\x62\157\164\x74\x6f\155\x3a\40\62\x30\x70\x78\73\164\x65\x78\164\x2d\141\154\x69\x67\156\72\x63\145\x6e\x74\x65\x72\x3b\142\x6f\x72\x64\x65\162\72\61\160\x78\40\163\157\154\x69\x64\x20\43\x45\66\102\63\x42\x32\x3b\x66\x6f\x6e\x74\55\163\x69\x7a\x65\x3a\61\70\160\164\x3b\42\x3e\x20\105\122\122\x4f\x52\x3c\x2f\144\x69\x76\x3e\12\11\x9\11\74\x64\151\x76\40\163\164\x79\x6c\x65\x3d\42\143\x6f\x6c\157\162\x3a\40\43\x61\71\x34\64\64\x32\73\x66\x6f\x6e\164\55\163\x69\x7a\145\72\61\64\160\164\73\x20\155\x61\162\147\151\x6e\x2d\142\x6f\x74\164\157\155\x3a\62\x30\160\170\x3b\x22\x3e\x3c\160\x3e\74\163\x74\162\157\156\x67\76\105\162\x72\x6f\162\72\x20\x3c\57\x73\164\162\x6f\156\147\76\x55\x6e\141\142\154\145\x20\164\157\40\146\x69\156\x64\x20\x61\40\x63\145\162\164\x69\146\x69\x63\x61\164\145\x20\155\141\x74\143\x68\x69\156\147\x20\164\150\x65\40\143\157\156\146\151\x67\165\x72\x65\x64\x20\146\x69\x6e\147\x65\x72\x70\x72\151\x6e\x74\x2e\74\57\x70\76\12\11\x9\11\x3c\x70\76\120\x6c\x65\141\x73\x65\x20\x63\157\x6e\164\141\x63\164\x20\x79\x6f\165\162\x20\x61\144\x6d\151\x6e\x69\x73\x74\x72\x61\164\x6f\x72\x20\141\156\144\x20\162\145\160\x6f\x72\x74\x20\x74\150\x65\x20\x66\x6f\154\154\157\x77\x69\156\x67\x20\x65\162\x72\157\x72\72\x3c\57\160\76\xa\11\11\x9\74\x70\76\x3c\163\164\x72\157\156\x67\76\120\x6f\x73\x73\151\142\154\x65\x20\103\x61\165\163\145\72\x20\x3c\x2f\163\x74\x72\157\156\x67\x3e\x27\130\x2e\x35\60\x39\40\x43\x65\162\164\x69\x66\151\143\x61\x74\x65\47\40\x66\151\x65\x6c\x64\x20\151\156\x20\160\x6c\165\x67\x69\156\40\144\x6f\x65\163\x20\156\157\164\40\155\x61\164\143\150\40\164\150\x65\x20\x63\x65\x72\164\x69\x66\x69\x63\x61\x74\145\40\x66\157\165\x6e\x64\x20\x69\x6e\40\x53\x41\115\114\40\x52\145\163\160\157\x6e\163\x65\x2e\74\x2f\x70\76\12\x9\x9\11\74\160\76\x3c\x73\164\x72\x6f\156\147\76\103\145\162\164\151\146\x69\143\x61\164\145\40\x66\x6f\165\x6e\x64\x20\x69\156\40\x53\101\115\114\40\x52\x65\163\x70\x6f\156\163\145\x3a\40\x3c\x2f\163\x74\162\x6f\156\x67\x3e\x3c\x62\162\76\x3c\142\162\x3e" . $iK . "\x3c\57\x70\76\12\11\x9\11\11\x9\x3c\57\x64\151\x76\76\xa\11\11\x9\11\x9\x3c\144\151\x76\40\x73\164\171\154\x65\75\x22\155\141\162\x67\x69\x6e\72\x33\45\x3b\x64\151\x73\x70\154\x61\171\72\x62\x6c\157\143\x6b\x3b\164\x65\x78\x74\55\141\x6c\x69\x67\156\72\143\x65\156\164\145\162\x3b\x22\76\xa\11\11\x9\11\x9\74\x64\151\x76\40\163\164\171\x6c\145\75\x22\155\x61\x72\147\151\156\72\x33\x25\73\x64\x69\163\x70\154\x61\x79\x3a\142\154\x6f\143\x6b\x3b\x74\x65\x78\164\55\141\x6c\x69\147\156\72\143\x65\156\x74\145\x72\73\x22\76\74\151\x6e\160\165\x74\x20\163\164\x79\x6c\x65\75\x22\160\x61\x64\x64\x69\x6e\x67\72\61\x25\73\x77\151\144\164\x68\x3a\61\x30\x30\x70\x78\73\x62\141\143\153\x67\x72\157\165\x6e\x64\x3a\40\43\60\60\71\61\x43\x44\40\x6e\x6f\156\145\x20\x72\145\x70\145\141\164\40\163\x63\x72\x6f\x6c\x6c\40\60\x25\x20\60\x25\x3b\143\x75\x72\x73\157\162\72\x20\x70\157\151\x6e\164\145\162\x3b\x66\x6f\156\164\x2d\163\151\x7a\x65\x3a\61\65\x70\x78\x3b\x62\x6f\x72\x64\145\x72\x2d\x77\x69\x64\164\150\72\x20\61\x70\170\73\142\157\x72\x64\x65\x72\x2d\163\x74\171\x6c\x65\x3a\x20\x73\x6f\154\151\x64\x3b\x62\x6f\x72\144\x65\162\55\x72\141\x64\151\x75\x73\72\x20\63\160\170\73\167\150\x69\x74\145\55\163\x70\x61\x63\x65\x3a\x20\156\x6f\x77\x72\x61\160\73\x62\157\170\x2d\x73\151\x7a\151\x6e\147\x3a\x20\142\x6f\162\x64\x65\x72\x2d\142\x6f\x78\73\142\157\162\144\145\x72\55\143\x6f\x6c\157\x72\x3a\x20\x23\60\x30\67\63\101\101\73\x62\x6f\170\55\163\x68\x61\x64\x6f\167\72\40\60\160\170\40\61\160\170\40\x30\x70\x78\40\162\x67\142\141\50\61\x32\x30\54\40\x32\60\x30\x2c\40\62\63\60\x2c\x20\60\56\66\x29\40\x69\x6e\163\x65\x74\x3b\x63\x6f\154\x6f\x72\x3a\x20\43\106\x46\x46\73\42\x74\171\160\x65\75\x22\x62\165\x74\x74\x6f\x6e\42\x20\x76\141\x6c\165\145\x3d\x22\104\x6f\156\145\x22\x20\x6f\156\103\x6c\151\x63\153\x3d\42\163\x65\x6c\x66\56\x63\154\157\163\x65\50\x29\x3b\x22\76\74\57\144\x69\x76\76";
exit;
u4U:
}
private static function doDecryptElement(DOMElement $nT, XMLSecurityKey $lU, array &$io)
{
$NA = new XMLSecEnc();
$NA->setNode($nT);
$NA->type = $nT->getAttribute("\x54\x79\160\x65");
$Z3 = $NA->locateKey($nT);
if ($Z3) {
goto o9H;
}
echo sprintf("\x43\157\x75\154\144\40\156\157\164\40\154\157\143\141\164\145\x20\153\x65\x79\x20\x61\154\147\157\162\x69\164\150\155\x20\x69\156\40\145\156\x63\x72\171\x70\x74\x65\x64\40\x64\x61\164\141\56");
exit;
o9H:
$kS = $NA->locateKeyInfo($Z3);
if ($kS) {
goto dz9;
}
echo sprintf("\x43\157\165\x6c\144\x20\x6e\x6f\164\40\x6c\157\x63\x61\164\x65\x20\74\144\x73\x69\147\x3a\x4b\145\171\x49\x6e\x66\157\76\40\146\x6f\162\40\164\150\145\40\145\x6e\143\x72\x79\160\164\x65\x64\x20\x6b\x65\x79\x2e");
exit;
dz9:
$Wb = $lU->getAlgorith();
if ($kS->isEncrypted) {
goto YWW;
}
$NN = $Z3->getAlgorith();
if (!($Wb !== $NN)) {
goto xs8;
}
echo esc_html(sprintf("\101\154\147\x6f\162\151\164\150\155\40\x6d\151\163\x6d\141\x74\143\150\40\142\145\164\x77\145\x65\156\40\x69\x6e\x70\x75\164\x20\153\145\x79\x20\x61\156\x64\40\x6b\145\x79\40\x69\x6e\x20\x6d\x65\x73\x73\141\x67\145\x2e\40" . "\113\145\171\x20\x77\141\163\x3a\40" . var_export($Wb, TRUE) . "\x3b\40\155\x65\x73\x73\141\147\x65\x20\167\x61\163\72\x20" . var_export($NN, TRUE)));
exit;
xs8:
$Z3 = $lU;
goto xZ6;
YWW:
$tj = $kS->getAlgorith();
if (!in_array($tj, $io, TRUE)) {
goto Tpt;
}
echo esc_html(sprintf("\x41\154\147\157\x72\x69\x74\150\155\x20\x64\x69\163\141\142\154\x65\144\x3a\40" . var_export($tj, TRUE)));
exit;
Tpt:
if (!($tj === XMLSecurityKey::RSA_OAEP_MGF1P && $Wb === XMLSecurityKey::RSA_1_5)) {
goto w6z;
}
$Wb = XMLSecurityKey::RSA_OAEP_MGF1P;
w6z:
if (!($Wb !== $tj)) {
goto NE5;
}
echo esc_html(sprintf("\x41\154\147\157\162\x69\x74\150\x6d\x20\x6d\151\163\155\x61\164\143\x68\x20\142\x65\x74\x77\x65\x65\x6e\x20\151\156\160\x75\164\x20\153\x65\171\x20\141\x6e\x64\40\153\145\171\40\x75\163\145\x64\x20\x74\x6f\40\x65\x6e\143\x72\x79\x70\164\40" . "\x20\164\x68\145\40\x73\171\x6d\155\145\164\162\151\143\x20\x6b\x65\x79\x20\x66\x6f\162\x20\x74\x68\x65\x20\x6d\145\x73\x73\141\x67\x65\56\x20\113\145\x79\x20\x77\x61\163\x3a\40" . var_export($Wb, TRUE) . "\x3b\x20\x6d\145\163\x73\141\147\145\x20\167\141\163\72\40" . var_export($tj, TRUE)));
exit;
NE5:
$gV = $kS->encryptedCtx;
$kS->key = $lU->key;
$fn = $Z3->getSymmetricKeySize();
if (!($fn === NULL)) {
goto kwG;
}
echo esc_html(sprintf("\x55\156\153\x6e\x6f\167\156\40\153\x65\171\x20\x73\x69\x7a\x65\x20\x66\157\x72\x20\145\156\x63\x72\x79\x70\x74\151\x6f\156\x20\x61\x6c\147\157\x72\151\x74\150\155\72\x20" . var_export($Z3->type, TRUE)));
exit;
kwG:
try {
$WO = $gV->decryptKey($kS);
if (!(strlen($WO) != $fn)) {
goto zXT;
}
echo esc_html(sprintf("\125\x6e\145\x78\160\x65\143\x74\145\144\40\x6b\145\171\40\x73\151\x7a\145\40\x28" . strlen($WO) * 8 . "\142\x69\164\x73\51\x20\x66\157\162\40\x65\x6e\x63\162\171\160\164\151\x6f\156\40\141\x6c\x67\x6f\x72\x69\x74\x68\155\x3a\x20" . var_export($Z3->type, TRUE)));
exit;
zXT:
} catch (Exception $qc) {
$kN = $gV->getCipherValue();
$rq = openssl_pkey_get_details($kS->key);
$rq = sha1(serialize($rq), TRUE);
$WO = sha1($kN . $rq, TRUE);
if (strlen($WO) > $fn) {
goto gpv;
}
if (strlen($WO) < $fn) {
goto bVN;
}
goto jb9;
gpv:
$WO = substr($WO, 0, $fn);
goto jb9;
bVN:
$WO = str_pad($WO, $fn);
jb9:
}
$Z3->loadkey($WO);
xZ6:
$by = $Z3->getAlgorith();
if (!in_array($by, $io, TRUE)) {
goto fHK;
}
echo esc_html(sprintf("\101\154\147\157\162\x69\164\150\x6d\x20\x64\151\163\x61\142\x6c\x65\x64\x3a\40" . var_export($by, TRUE)));
exit;
fHK:
$dK = $NA->decryptNode($Z3, FALSE);
$l3 = "\x3c\x72\x6f\157\164\x20\170\155\x6c\156\x73\72\163\141\155\x6c\x3d\x22\x75\x72\x6e\x3a\x6f\141\163\x69\x73\72\x6e\x61\x6d\x65\163\x3a\x74\x63\x3a\x53\101\115\114\72\x32\x2e\x30\72\x61\163\163\x65\162\164\x69\157\x6e\42\40" . "\170\155\x6c\x6e\x73\x3a\x78\163\x69\75\42\x68\x74\x74\x70\x3a\x2f\57\167\167\167\56\x77\63\x2e\157\162\x67\57\x32\x30\x30\x31\x2f\130\x4d\x4c\123\143\x68\x65\155\x61\55\151\x6e\163\x74\141\156\143\145\42\x3e" . $dK . "\x3c\x2f\162\x6f\157\164\x3e";
$y7 = new DOMDocument();
if (@$y7->loadXML($l3)) {
goto PzL;
}
throw new Exception("\x46\141\x69\154\145\144\x20\164\x6f\40\x70\x61\162\163\x65\x20\144\145\x63\x72\x79\160\x74\145\x64\40\x58\115\x4c\56\40\115\x61\171\142\x65\40\x74\150\x65\x20\x77\x72\x6f\x6e\147\x20\163\x68\141\x72\x65\x64\x6b\x65\171\40\167\x61\163\40\x75\x73\145\x64\x3f");
PzL:
$pg = $y7->firstChild->firstChild;
if (!($pg === NULL)) {
goto E_3;
}
echo sprintf("\x4d\x69\163\x73\151\x6e\147\40\x65\x6e\143\x72\x79\x70\x74\x65\x64\40\145\154\x65\155\x65\x6e\164\56");
throw new Exception("\x4d\x69\163\x73\x69\x6e\x67\x20\145\156\143\x72\x79\160\164\145\144\40\x65\154\145\x6d\x65\x6e\x74\56");
E_3:
if ($pg instanceof DOMElement) {
goto lxp;
}
echo sprintf("\x44\x65\x63\162\x79\160\164\145\144\x20\x65\x6c\x65\x6d\145\156\x74\40\x77\x61\x73\x20\156\x6f\x74\40\x61\143\x74\165\x61\x6c\154\x79\40\x61\40\x44\x4f\x4d\105\154\145\155\145\156\x74\56");
lxp:
return $pg;
}
public static function decryptElement(DOMElement $nT, XMLSecurityKey $lU, array $io = array(), XMLSecurityKey $Ce = NULL)
{
try {
return self::doDecryptElement($nT, $lU, $io);
} catch (Exception $qc) {
try {
} catch (Exception $wc) {
}
echo "\74\x64\151\x76\x20\163\x74\171\x6c\145\x3d\42\x66\x6f\x6e\x74\55\x66\x61\x6d\x69\154\171\72\103\141\154\151\142\x72\x69\x3b\160\x61\x64\144\x69\156\x67\72\60\40\x33\45\73\42\76";
echo "\x3c\144\x69\166\40\163\x74\171\154\x65\75\42\143\157\x6c\x6f\x72\x3a\40\43\141\71\64\64\x34\x32\x3b\x62\x61\x63\x6b\147\162\157\x75\156\144\x2d\x63\157\x6c\x6f\x72\72\40\43\146\62\144\x65\144\145\73\160\141\x64\144\x69\156\x67\72\x20\61\x35\x70\170\x3b\x6d\141\x72\x67\x69\156\55\x62\157\x74\164\x6f\155\72\x20\62\60\x70\170\x3b\164\x65\170\x74\x2d\141\154\151\x67\x6e\x3a\x63\145\x6e\164\x65\x72\73\142\157\x72\x64\x65\x72\72\61\160\x78\x20\x73\x6f\154\151\x64\x20\x23\x45\x36\102\x33\102\x32\73\x66\157\156\x74\x2d\x73\151\172\x65\x3a\61\70\x70\x74\73\42\76\x20\x45\x52\x52\117\x52\74\x2f\x64\x69\166\76\xa\40\x20\x20\40\40\40\40\x20\40\40\x20\40\x20\x20\x20\40\40\x20\x20\x20\74\144\151\x76\x20\x73\164\x79\154\x65\75\x22\x63\x6f\154\157\162\72\40\43\x61\x39\64\64\x34\x32\x3b\146\157\x6e\164\55\x73\151\x7a\145\72\61\64\160\x74\73\40\x6d\141\162\147\151\x6e\x2d\x62\157\164\164\x6f\x6d\x3a\62\x30\x70\x78\x3b\x22\76\x3c\160\x3e\74\163\164\162\x6f\156\x67\76\105\x72\162\157\x72\x3a\x20\74\57\x73\x74\162\157\x6e\x67\x3e\x49\x6e\x76\141\154\151\x64\40\x41\x75\144\151\x65\156\143\145\x20\125\122\111\x2e\74\57\160\x3e\xa\x20\x20\x20\x20\40\40\40\40\40\x20\40\40\40\40\40\40\x20\40\40\x20\74\x70\76\120\154\x65\141\x73\145\x20\143\157\x6e\164\141\143\164\40\x79\157\x75\162\40\141\144\155\x69\156\151\163\164\x72\x61\164\157\x72\x20\141\156\144\40\x72\x65\x70\157\x72\x74\x20\x74\x68\x65\40\x66\157\x6c\x6c\x6f\x77\151\x6e\147\40\145\162\x72\x6f\x72\72\x3c\57\160\76\12\40\x20\40\40\40\40\40\40\x20\40\x20\40\40\40\x20\x20\40\40\40\40\x3c\x70\76\x3c\163\x74\162\x6f\156\147\x3e\120\x6f\163\x73\151\x62\154\x65\x20\103\141\x75\x73\145\x3a\x20\x3c\57\x73\x74\x72\157\x6e\147\76\x49\156\143\x6f\x72\x72\145\143\x74\x20\143\145\162\x74\x69\146\151\x63\x61\164\145\40\141\144\x64\145\x64\x20\157\x6e\x20\164\150\145\x20\x49\144\x65\156\x74\151\x74\x79\x20\x50\x72\157\166\151\144\x65\x72\40\x66\157\x72\x20\x45\156\143\x72\x79\x70\x74\151\157\156\x3c\x2f\x70\76\xa\x9\11\11\11\11\x3c\160\76\74\163\x74\x72\x6f\156\147\76\123\x6f\154\165\x74\151\x6f\x6e\72\x3c\x2f\x73\x74\162\x6f\156\x67\x3e\40\x50\x6c\x65\x61\163\145\x20\143\150\x65\143\x6b\x20\x69\146\40\164\x68\x65\x20\143\145\162\x74\151\146\x69\143\141\164\x65\x20\141\x64\144\145\x64\x20\151\156\40\x49\144\145\156\164\x69\x74\x79\40\x50\162\157\166\x69\x64\x65\162\x20\x69\163\x20\x73\x61\x6d\x65\40\141\x73\x20\x74\150\x65\x20\143\145\162\x74\151\146\151\143\141\164\x65\x20\160\x72\157\x76\151\x64\x65\144\x20\151\x6e\40\x74\150\x65\x20\120\x6c\165\147\151\x6e\74\x2f\160\x3e\12\x9\x9\11\x9\11\74\57\144\151\x76\x3e\12\40\x20\x20\x20\40\x20\40\40\40\x20\40\x20\x20\x20\40\40\x20\40\x20\x20\74\x64\x69\166\x20\x73\164\171\154\145\75\42\155\x61\x72\x67\151\x6e\x3a\x33\45\73\x64\x69\x73\160\x6c\x61\x79\72\x62\154\157\143\153\x3b\x74\145\170\164\x2d\141\x6c\151\147\156\x3a\143\145\156\x74\145\x72\x3b\42\x3e\xa\40\x20\x20\40\40\x20\40\x20\x20\40\40\x20\40\40\40\x20\x20\x20\40\x20\74\x64\x69\166\x20\x73\x74\171\154\x65\75\x22\155\x61\162\147\x69\156\x3a\x33\45\73\x64\x69\163\160\x6c\141\171\x3a\x62\154\157\143\x6b\x3b\x74\145\170\x74\55\x61\154\x69\147\156\x3a\143\x65\x6e\x74\x65\162\x3b\42\x3e\74\x69\x6e\x70\165\x74\40\x73\x74\x79\x6c\145\75\42\160\x61\144\144\x69\156\x67\x3a\61\x25\73\167\x69\144\164\x68\x3a\61\60\60\160\x78\x3b\x62\x61\x63\153\x67\162\157\165\156\x64\72\x20\43\60\x30\71\61\x43\x44\40\156\x6f\156\145\40\x72\x65\x70\x65\x61\x74\40\x73\143\162\x6f\154\x6c\40\x30\x25\x20\x30\45\73\143\x75\162\x73\x6f\x72\x3a\x20\x70\157\x69\x6e\164\145\162\73\146\157\x6e\164\x2d\163\x69\172\x65\x3a\x31\x35\x70\x78\x3b\x62\x6f\162\x64\x65\162\x2d\x77\x69\x64\164\150\72\x20\61\160\x78\x3b\142\157\x72\x64\x65\162\55\x73\x74\171\154\145\x3a\x20\163\157\154\151\x64\x3b\x62\157\162\144\145\162\55\162\x61\144\151\x75\x73\x3a\40\x33\x70\x78\x3b\167\150\151\x74\x65\55\x73\x70\141\x63\145\72\x20\156\x6f\x77\162\141\160\73\142\157\170\x2d\163\x69\x7a\x69\x6e\147\x3a\x20\x62\157\162\144\x65\x72\55\142\x6f\170\x3b\x62\x6f\162\144\x65\x72\x2d\143\x6f\x6c\157\x72\72\x20\43\60\x30\x37\x33\101\101\73\142\x6f\170\55\163\150\141\144\x6f\167\72\x20\60\x70\170\40\61\160\170\x20\x30\x70\170\x20\x72\147\x62\x61\x28\61\x32\x30\x2c\40\x32\x30\x30\54\x20\x32\x33\60\x2c\40\60\x2e\x36\x29\x20\x69\156\x73\145\164\73\143\x6f\154\157\162\72\x20\x23\x46\x46\106\73\42\x74\x79\x70\x65\x3d\x22\142\x75\164\x74\x6f\x6e\x22\x20\166\141\x6c\165\145\75\42\104\x6f\x6e\x65\42\x20\157\x6e\x43\154\151\x63\x6b\75\42\x73\145\154\x66\x2e\x63\x6c\x6f\x73\x65\x28\x29\x3b\42\76\74\57\144\x69\166\76";
exit;
exit;
}
}
public static function get_mapped_groups($EP, $Xa)
{
$ZX = array();
if (empty($Xa)) {
goto I_I;
}
$I4 = array();
$lw = 1;
Yh_:
if (!($lw < 10)) {
goto Bld;
}
$AZ = $EP->get("\x67\x72\157\x75\160" . $lw . "\x5f\x6d\141\160");
$I4[$lw] = explode("\73", $AZ);
$lw++;
goto Yh_;
Bld:
I_I:
foreach ($Xa as $OO) {
if (empty($OO)) {
goto lxo;
}
$lw = 0;
$qD = false;
qOK:
if (!($lw < 9 && !$qD)) {
goto H0g;
}
if (!(!empty($I4[$lw]) && in_array($OO, $I4[$lw], TRUE))) {
goto ji2;
}
$ZX[] = $EP->get("\147\x72\x6f\165\160" . $lw);
$qD = true;
ji2:
$lw++;
goto qOK;
H0g:
lxo:
I1Y:
}
dS9:
return array_unique($ZX);
}
public static function getEncryptionAlgorithm($u0)
{
switch ($u0) {
case "\150\x74\164\160\72\x2f\57\x77\x77\167\x2e\x77\63\56\x6f\162\147\57\x32\60\60\x31\x2f\x30\x34\57\170\155\154\x65\x6e\x63\x23\164\x72\x69\160\x6c\x65\144\x65\x73\55\x63\142\143":
return XMLSecurityKey::TRIPLEDES_CBC;
goto hCR;
case "\x68\x74\164\x70\72\57\57\167\x77\x77\x2e\x77\63\56\157\162\147\57\62\60\60\61\x2f\x30\64\57\170\155\154\x65\x6e\x63\x23\x61\x65\163\x31\62\x38\x2d\x63\x62\x63":
return XMLSecurityKey::AES128_CBC;
case "\x68\164\x74\x70\x3a\x2f\57\167\x77\167\x2e\x77\63\56\157\x72\147\x2f\x32\60\x30\x31\x2f\60\64\x2f\170\155\x6c\145\156\x63\43\141\145\163\x31\x39\x32\x2d\x63\142\x63":
return XMLSecurityKey::AES192_CBC;
goto hCR;
case "\x68\x74\164\160\72\57\57\x77\167\x77\56\x77\x33\x2e\x6f\x72\147\x2f\x32\60\x30\61\x2f\x30\64\x2f\x78\x6d\154\x65\x6e\143\x23\x61\x65\x73\62\x35\66\55\x63\x62\x63":
return XMLSecurityKey::AES256_CBC;
goto hCR;
case "\x68\164\164\160\72\57\57\167\167\x77\x2e\167\63\56\x6f\162\147\57\x32\x30\60\61\57\x30\x34\57\170\x6d\x6c\x65\156\x63\43\162\x73\141\55\x31\137\x35":
return XMLSecurityKey::RSA_1_5;
goto hCR;
case "\150\x74\x74\x70\x3a\x2f\x2f\167\167\x77\x2e\x77\63\56\157\x72\x67\57\x32\60\60\61\57\60\64\57\170\x6d\x6c\x65\x6e\x63\43\x72\x73\141\55\x6f\141\145\x70\55\x6d\x67\x66\61\x70":
return XMLSecurityKey::RSA_OAEP_MGF1P;
goto hCR;
case "\x68\x74\164\x70\x3a\57\x2f\167\167\x77\x2e\x77\63\56\x6f\162\147\x2f\x32\60\x30\x30\57\x30\x39\57\x78\x6d\154\144\163\151\147\x23\144\163\x61\x2d\x73\x68\x61\x31":
return XMLSecurityKey::DSA_SHA1;
goto hCR;
case "\x68\164\x74\160\72\57\x2f\x77\x77\167\x2e\x77\x33\x2e\x6f\x72\x67\57\62\x30\x30\x30\x2f\x30\x39\x2f\x78\155\x6c\144\163\x69\147\43\162\163\x61\55\x73\150\141\61":
return XMLSecurityKey::RSA_SHA1;
goto hCR;
case "\150\164\164\160\x3a\x2f\x2f\x77\x77\x77\x2e\x77\x33\x2e\x6f\x72\147\x2f\x32\60\60\61\x2f\60\x34\x2f\170\155\154\144\163\x69\147\55\155\x6f\162\x65\x23\162\163\141\55\163\x68\141\62\65\x36":
return XMLSecurityKey::RSA_SHA256;
goto hCR;
case "\x68\164\x74\160\x3a\57\x2f\x77\167\167\x2e\167\63\x2e\157\162\x67\x2f\62\x30\60\61\x2f\x30\x34\x2f\170\155\154\144\163\151\147\55\155\x6f\162\x65\43\x72\163\141\55\163\x68\141\x33\x38\64":
return XMLSecurityKey::RSA_SHA384;
goto hCR;
case "\150\x74\164\160\x3a\x2f\x2f\167\167\167\56\167\x33\x2e\x6f\162\x67\57\62\x30\x30\x31\x2f\60\64\57\170\x6d\x6c\x64\163\x69\147\x2d\x6d\x6f\162\x65\43\x72\163\x61\x2d\163\x68\x61\65\61\x32":
return XMLSecurityKey::RSA_SHA512;
goto hCR;
default:
echo esc_html(sprintf("\111\x6e\x76\x61\154\151\144\40\x45\156\143\162\x79\x70\164\x69\157\156\x20\115\145\x74\150\x6f\144\x3a\x20" . $u0));
exit;
goto hCR;
}
XrW:
hCR:
}
public static function insertSignature(XMLSecurityKey $WO, array $mG, DOMElement $Bf, DOMNode $Wh = NULL)
{
$fG = new XMLSecurityDSig();
$fG->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
switch ($WO->type) {
case XMLSecurityKey::RSA_SHA256:
$YE = XMLSecurityDSig::SHA256;
goto jW7;
case XMLSecurityKey::RSA_SHA384:
$YE = XMLSecurityDSig::SHA384;
goto jW7;
case XMLSecurityKey::RSA_SHA512:
$YE = XMLSecurityDSig::SHA512;
goto jW7;
default:
$YE = XMLSecurityDSig::SHA1;
}
wPL:
jW7:
$fG->addReferenceList(array($Bf), $YE, array("\150\164\164\x70\72\x2f\x2f\167\167\x77\56\167\x33\56\157\162\147\x2f\62\60\x30\x30\x2f\x30\x39\x2f\x78\x6d\x6c\144\x73\x69\x67\43\x65\x6e\x76\x65\154\157\160\145\x64\55\163\x69\147\x6e\x61\164\165\162\145", XMLSecurityDSig::EXC_C14N), array("\x69\144\x5f\156\141\x6d\x65" => "\x49\104", "\157\166\145\162\x77\x72\x69\x74\x65" => FALSE));
$fG->sign($WO);
foreach ($mG as $nV) {
$fG->add509Cert($nV, TRUE);
TAD:
}
Oq8:
$fG->insertSignature($Bf, $Wh);
}
public static function getRemainingDaysOfCurrentCertificate()
{
$nV = get_option("\x6d\157\x5f\163\141\155\x6c\x5f\x63\165\x72\162\145\x6e\x74\x5f\x63\x65\162\x74");
$Eq = openssl_x509_parse($nV);
$Ys = $Eq["\166\141\154\151\144\x54\x6f\137\164\151\155\x65\137\x74"];
$x6 = $Ys - time();
return round($x6 / (60 * 60 * 24));
}
public static function getExpiryDateOfCurrentCertificate()
{
$nV = get_option("\x6d\x6f\137\x73\141\155\154\137\x63\165\x72\x72\145\x6e\164\137\143\145\162\164");
$Eq = openssl_x509_parse($nV);
return $Eq["\x76\141\x6c\x69\x64\x54\157\137\164\x69\x6d\x65\x5f\164"];
}
public static function getExpiryDateOfCertificate($nV)
{
$Eq = openssl_x509_parse(trim($nV));
return $Eq["\166\141\x6c\x69\144\x54\157\x5f\x74\151\x6d\145\137\164"];
}
public static function signXML($l3, $fJ = '', $bX = false)
{
$Jp = array("\x74\x79\x70\x65" => "\160\x72\x69\166\x61\x74\x65");
$WO = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $Jp);
if ($bX) {
goto WJw;
}
$OY = get_option("\155\157\x5f\163\x61\155\154\137\143\165\x72\162\x65\156\164\x5f\x63\x65\162\x74\137\160\162\x69\166\141\164\x65\137\x6b\x65\x79");
$SG = get_option("\155\x6f\x5f\x73\x61\155\154\137\x63\165\162\162\145\156\x74\x5f\x63\x65\x72\164");
goto PIP;
WJw:
$OY = file_get_contents(plugin_dir_path(__FILE__) . "\162\x65\163\157\x75\x72\x63\x65\x73" . DIRECTORY_SEPARATOR . "\155\x69\156\x69\157\162\141\156\147\x65\x2d\x73\x70\x2d\x63\x65\x72\164\x69\146\151\x63\x61\164\x65\x2d\x70\x72\151\x76\56\x6b\x65\171");
$SG = file_get_contents(plugin_dir_path(__FILE__) . "\162\x65\163\x6f\165\162\143\145\163" . DIRECTORY_SEPARATOR . "\155\151\156\x69\157\162\x61\x6e\x67\x65\x2d\x73\x70\55\x63\x65\x72\164\151\x66\x69\143\x61\x74\x65\56\x63\162\x74");
PIP:
$WO->loadKey($OY, FALSE);
$HL = new DOMDocument();
$HL->loadXML($l3);
$SS = $HL->firstChild;
if (!empty($fJ)) {
goto khi;
}
self::insertSignature($WO, array($SG), $SS);
goto zbx;
khi:
$eH = $HL->getElementsByTagName($fJ)->item(0);
self::insertSignature($WO, array($SG), $SS, $eH);
zbx:
$qH = $SS->ownerDocument->saveXML($SS);
$sw = base64_encode($qH);
return $sw;
}
public static function postSAMLRequest($of, $YL, $tr, $WY = '')
{
$S9 = "\74\x68\164\155\x6c\x3e\74\150\x65\x61\144\x3e\74\x73\x63\162\x69\x70\x74\x20\x73\x72\143\75\x27\150\x74\164\160\x73\72\x2f\57\x63\x6f\144\x65\56\x6a\161\x75\x65\x72\x79\x2e\x63\x6f\155\57\152\x71\165\x65\x72\171\x2d\61\56\61\x31\x2e\63\x2e\x6d\151\x6e\56\152\x73\47\x3e\x3c\57\x73\143\x72\151\x70\x74\x3e\x3c\x73\x63\162\151\160\x74\40\164\x79\160\x65\x3d\42\164\145\170\x74\57\x6a\x61\x76\141\163\x63\x72\151\160\164\x22\76\44\x28\x66\165\156\143\x74\x69\157\156\50\x29\x7b\144\157\143\165\155\x65\156\x74\x2e\x66\x6f\x72\155\x73\133\x27\x73\x61\155\x6c\x2d\162\x65\161\x75\145\163\164\55\146\x6f\x72\155\47\x5d\56\x73\x75\x62\x6d\151\164\50\51\x3b\x7d\x29\73\x3c\x2f\163\143\x72\x69\160\164\x3e\74\x2f\150\x65\141\x64\x3e\74\142\157\144\x79\76\x50\x6c\145\x61\x73\145\x20\167\x61\x69\164\x2e\x2e\56\x3c\146\x6f\x72\155\x20\141\143\164\151\x6f\156\x3d\x22" . $of . "\42\40\155\x65\164\x68\157\x64\75\42\160\157\163\x74\x22\x20\151\x64\75\x22\x73\141\x6d\154\x2d\162\145\161\x75\145\163\164\x2d\146\x6f\162\x6d\x22\x3e\x3c\151\156\160\x75\x74\40\x74\x79\160\x65\x3d\x22\x68\151\144\144\145\x6e\42\40\156\x61\155\x65\x3d\x22\123\101\x4d\x4c\122\x65\161\165\x65\163\x74\x22\40\x76\x61\x6c\165\x65\75\42" . $YL . "\42\x20\x2f\76\74\151\x6e\x70\x75\x74\x20\x74\x79\160\145\x3d\x22\x68\x69\144\144\145\156\x22\40\156\141\155\x65\x3d\x22\x52\145\x6c\141\x79\x53\x74\x61\x74\145\42\x20\x76\141\x6c\165\x65\75\42" . htmlentities($tr) . "\42\40\x2f\x3e";
if (empty($WY)) {
goto CSm;
}
$S9 = "\74\x69\x6e\x70\x75\164\x20\164\x79\160\145\x3d\42\x68\x69\x64\x64\x65\x6e\42\40\x6e\141\155\x65\75\x22\x75\163\145\162\116\141\155\x65\42\40\166\x61\x6c\165\145\x3d\x22" . htmlentities($WY) . "\42\40\57\x3e";
CSm:
$S9 .= "\x3c\57\146\157\x72\155\76\74\57\142\x6f\x64\x79\x3e\x3c\57\x68\x74\x6d\154\76";
echo $S9;
exit;
}
public static function postSAMLResponse($of, $Ph, $tr)
{
echo "\x3c\x68\x74\x6d\154\x3e\x3c\x68\145\x61\x64\76\x3c\x73\x63\x72\151\x70\x74\40\x73\162\x63\x3d\x27\150\x74\164\x70\163\x3a\x2f\57\x63\x6f\x64\145\56\152\x71\165\145\162\x79\x2e\143\157\155\57\x6a\x71\165\145\162\x79\x2d\61\56\x31\61\56\63\56\x6d\151\156\56\x6a\163\47\76\74\57\163\x63\162\x69\160\164\x3e\74\x73\x63\x72\x69\x70\164\40\x74\x79\160\145\75\42\164\x65\x78\x74\57\x6a\141\166\141\x73\x63\x72\151\x70\x74\42\x3e\x24\50\146\165\x6e\143\164\151\157\156\x28\x29\173\x64\x6f\x63\x75\155\145\x6e\x74\56\146\x6f\162\x6d\x73\133\47\x73\141\155\154\x2d\x72\x65\x71\165\145\163\164\x2d\146\157\x72\x6d\x27\135\x2e\163\165\x62\155\151\164\x28\51\73\175\x29\x3b\x3c\57\x73\x63\162\x69\x70\x74\76\74\x2f\150\x65\x61\144\x3e\74\142\x6f\x64\x79\76\120\x6c\145\141\x73\x65\40\167\141\x69\164\56\56\56\x3c\x66\x6f\x72\155\40\141\x63\x74\x69\157\156\x3d\42" . $of . "\42\x20\x6d\145\164\x68\157\144\x3d\x22\x70\157\x73\164\42\40\151\x64\75\x22\163\141\155\154\x2d\162\x65\x71\165\145\x73\x74\x2d\146\x6f\x72\x6d\42\x3e\x3c\151\x6e\x70\x75\164\x20\x74\x79\x70\145\x3d\x22\x68\x69\x64\144\145\156\x22\x20\x6e\141\x6d\x65\75\42\123\101\x4d\114\x52\x65\163\x70\157\156\163\x65\x22\x20\166\x61\154\x75\x65\75\42" . $Ph . "\x22\40\x2f\76\74\151\156\x70\x75\164\x20\164\171\x70\x65\75\x22\150\151\x64\x64\x65\x6e\x22\x20\x6e\x61\x6d\x65\x3d\x22\x52\145\154\x61\171\123\x74\141\x74\145\x22\40\x76\x61\154\x75\x65\x3d\42" . htmlentities($tr) . "\42\40\x2f\76\x3c\x2f\146\157\162\155\x3e\74\x2f\142\x6f\144\x79\x3e\x3c\57\150\x74\155\x6c\x3e";
exit;
}
public static function sanitize_certificate($nV)
{
$nV = trim($nV);
$nV = preg_replace("\57\133\15\12\x5d\53\57", '', $nV);
$nV = str_replace("\x2d", '', $nV);
$nV = str_replace("\102\105\x47\111\116\40\x43\x45\122\124\x49\x46\111\103\101\124\105", '', $nV);
$nV = str_replace("\x45\x4e\x44\x20\x43\105\x52\x54\x49\x46\111\103\x41\x54\x45", '', $nV);
$nV = str_replace("\40", '', $nV);
$nV = chunk_split($nV, 64, "\15\xa");
$nV = "\x2d\55\x2d\x2d\x2d\x42\105\107\x49\x4e\x20\103\x45\x52\x54\111\x46\111\103\101\124\105\55\55\55\x2d\x2d\xd\xa" . $nV . "\55\55\55\x2d\55\x45\116\104\40\103\105\122\124\x49\106\111\x43\x41\x54\x45\55\x2d\55\55\55";
return $nV;
}
public static function desanitize_certificate($nV)
{
$nV = preg_replace("\57\133\xd\12\135\x2b\x2f", '', $nV);
$nV = str_replace("\55\x2d\x2d\x2d\x2d\x42\105\107\x49\116\40\x43\105\122\x54\x49\106\x49\103\101\x54\x45\55\55\x2d\x2d\x2d", '', $nV);
$nV = str_replace("\55\55\x2d\55\x2d\105\116\x44\40\x43\105\122\x54\x49\106\x49\x43\x41\x54\105\x2d\55\55\55\55", '', $nV);
$nV = str_replace("\x20", '', $nV);
return $nV;
}
public static function mo_saml_wp_remote_call($of, $h6 = array(), $M2 = false)
{
if (!$M2) {
goto wKP;
}
$Oc = wp_remote_get($of, $h6);
goto hTw;
wKP:
$Oc = wp_remote_post($of, $h6);
hTw:
if (!is_wp_error($Oc)) {
goto K2g;
}
update_option("\155\157\x5f\163\x61\155\x6c\137\155\x65\163\163\x61\147\145", "\x55\156\x61\x62\x6c\x65\x20\x74\157\40\x63\157\x6e\156\x65\x63\164\40\164\157\40\164\150\145\40\x49\x6e\x74\145\162\156\145\x74\x2e\40\120\154\x65\x61\163\145\40\x74\x72\x79\40\x61\x67\x61\x69\x6e\56");
self::mo_saml_show_error_message();
return false;
goto V7E;
K2g:
return $Oc["\142\x6f\144\171"];
V7E:
}
public static function mo_saml_show_success_message()
{
remove_action("\x61\144\x6d\x69\156\x5f\156\x6f\x74\x69\143\x65\163", array("\x53\x41\x4d\x4c\x53\x50\x55\x74\151\154\x69\164\x69\x65\x73", "\x6d\x6f\x5f\x73\x61\x6d\154\137\163\x75\x63\x63\145\163\163\x5f\155\x65\x73\163\x61\x67\x65"));
add_action("\141\144\x6d\x69\x6e\x5f\x6e\157\x74\x69\143\x65\x73", array("\x53\x41\115\x4c\123\120\125\x74\x69\154\x69\164\x69\145\x73", "\x6d\x6f\137\163\141\x6d\154\137\x65\162\x72\157\x72\x5f\x6d\x65\163\163\141\x67\x65"));
}
public static function mo_saml_s<?php
include_once 'xmlseclibs.php';
use RobRichards\XMLSecLibs\XMLSecurityKey;
use RobRichards\XMLSecLibs\XMLSecurityDSig;
use RobRichards\XMLSecLibs\XMLSecEnc;
class SAMLSPUtilities
{
public static function generateID()
{
return "_" . self::stringToHex(self::generateRandomBytes(21));
}
public static function stringToHex($Ns)
{
$Bx = '';
$lw = 0;
O1B:
if (!($lw < strlen($Ns))) {
return $Bx;
}
$Bx .= sprintf("%02x", ord($Ns[$lw]));
$lw++;
goto O1B;
}
public static function generateRandomBytes($PB, $hF = TRUE)
{
return openssl_random_pseudo_bytes($PB);
}
public static function createAuthnRequest($Uf, $Ai, $tG, $s2 = "false", $j5 = "HttpRedirect", $So = '')
{
$So = "urn:oasis:names:tc:SAML:" . $So;
$JE = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><samlp:AuthnRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"" . self::generateID() . "\" Version=\"2.0\" IssueInstant=\"" . self::generateTimestamp() . "\"";
if (!($s2 == "true")) {
goto Om3;
}
$JE .= " ForceAuthn=\"true\"";
Om3:
$JE .= " ProtocolBinding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" AssertionConsumerServiceURL=\"" . $Uf . "\" Destination=\"" . htmlspecialchars($tG) . "\"><saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">" . $Ai . "</saml:Issuer><samlp:NameIDPolicy AllowCreate=\"true\" Format=\"" . $So . "\"\n /></samlp:AuthnRequest>";
if (empty($j5) || $j5 == "HttpRedirect") {
$gl = gzdeflate($JE);
$b5 = base64_encode($gl);
update_option("mo_saml_request", $b5);
$Av = urlencode($b5);
$JE = $Av;
// [PHPDeobfuscator] Implied goto
goto ufZ;
}
$gl = gzdeflate($JE);
$b5 = base64_encode($gl);
update_option("mo_saml_request", $b5);
ufZ:
return $JE;
}
public static function createLogoutRequest($OJ, $Ai, $tG, $VU = '', $eu = "HttpRedirect")
{
$JE = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><samlp:LogoutRequest xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"" . self::generateID() . "\" IssueInstant=\"" . self::generateTimestamp() . "\" Version=\"2.0\" Destination=\"" . htmlspecialchars($tG) . "\">\n\t\t\t\t\t\t<saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">" . $Ai . "</saml:Issuer>\n\t\t\t\t\t\t<saml:NameID xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">" . $OJ[0] . "</saml:NameID>";
if (empty($VU)) {
goto S0R;
}
$JE .= "<samlp:SessionIndex>" . $VU[0] . "</samlp:SessionIndex>";
S0R:
$JE .= "</samlp:LogoutRequest>";
if (!(empty($eu) || $eu == "HttpRedirect")) {
goto d5C;
}
$gl = gzdeflate($JE);
$b5 = base64_encode($gl);
$Av = urlencode($b5);
$JE = $Av;
d5C:
return $JE;
}
public static function createLogoutResponse($WQ, $Ai, $tG, $eu = "HttpRedirect")
{
$JE = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><samlp:LogoutResponse xmlns:samlp=\"urn:oasis:names:tc:SAML:2.0:protocol\" xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"" . self::generateID() . "\" " . "Version=\"2.0\" IssueInstant=\"" . self::generateTimestamp() . "\" " . "Destination=\"" . $tG . "\" " . "InResponseTo=\"" . $WQ . "\">" . "<saml:Issuer xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\">" . $Ai . "</saml:Issuer>" . "<samlp:Status><samlp:StatusCode Value=\"urn:oasis:names:tc:SAML:2.0:status:Success\"/></samlp:Status></samlp:LogoutResponse>";
if (!(empty($eu) || $eu == "HttpRedirect")) {
goto QNW;
}
$gl = gzdeflate($JE);
$b5 = base64_encode($gl);
$Av = urlencode($b5);
$JE = $Av;
QNW:
return $JE;
}
public static function generateTimestamp($hx = NULL)
{
if (!($hx === NULL)) {
goto i6u;
}
$hx = time();
i6u:
return gmdate("Y-m-d\\TH:i:s\\Z", $hx);
}
public static function xpQuery(DOMNode $Kp, $Ws)
{
static $wn = NULL;
if ($Kp instanceof DOMDocument) {
$ik = $Kp;
// [PHPDeobfuscator] Implied goto
goto Hqg;
}
$ik = $Kp->ownerDocument;
Hqg:
if (!($wn === NULL || !$wn->document->isSameNode($ik))) {
goto AkE;
}
$wn = new DOMXPath($ik);
$wn->registerNamespace("soap-env", "http://schemas.xmlsoap.org/soap/envelope/");
$wn->registerNamespace("saml_protocol", "urn:oasis:names:tc:SAML:2.0:protocol");
$wn->registerNamespace("saml_assertion", "urn:oasis:names:tc:SAML:2.0:assertion");
$wn->registerNamespace("saml_metadata", "urn:oasis:names:tc:SAML:2.0:metadata");
$wn->registerNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
$wn->registerNamespace("xenc", "http://www.w3.org/2001/04/xmlenc#");
AkE:
$vR = $wn->query($Ws, $Kp);
$Bx = array();
$lw = 0;
DVu:
if (!($lw < $vR->length)) {
return $Bx;
}
$Bx[$lw] = $vR->item($lw);
$lw++;
goto DVu;
}
public static function parseNameId(DOMElement $l3)
{
$Bx = array("Value" => trim($l3->textContent));
foreach (array("NameQualifier", "SPNameQualifier", "Format") as $IT) {
if (!$l3->hasAttribute($IT)) {
goto xPR;
}
$Bx[$IT] = $l3->getAttribute($IT);
xPR:
}
return $Bx;
}
public static function xsDateTimeToTimestamp($Xv)
{
$Hp = array();
$iL = "/^(\\d\\d\\d\\d)-(\\d\\d)-(\\d\\d)T(\\d\\d):(\\d\\d):(\\d\\d)(?:\\.\\d+)?Z\$/D";
if (!(preg_match($iL, $Xv, $Hp) == 0)) {
$In = intval($Hp[1]);
$Y3 = intval($Hp[2]);
$wP = intval($Hp[3]);
$Fl = intval($Hp[4]);
$R3 = intval($Hp[5]);
$YI = intval($Hp[6]);
$ot = gmmktime($Fl, $R3, $YI, $Y3, $wP, $In);
return $ot;
}
echo sprintf("nvalid SAML2 timestamp passed to xsDateTimeToTimestamp: " . $Xv);
exit;
}
public static function extractStrings(DOMElement $Lb, $IM, $qQ)
{
$Bx = array();
$Kp = $Lb->firstChild;
e8v:
if (!($Kp !== NULL)) {
return $Bx;
}
if (!($Kp->namespaceURI !== $IM || $Kp->localName !== $qQ)) {
$Bx[] = trim($Kp->textContent);
// [PHPDeobfuscator] Implied goto
goto fLd;
}
fLd:
$Kp = $Kp->nextSibling;
goto e8v;
}
public static function validateElement(DOMElement $Bf)
{
$fG = new XMLSecurityDSig();
$fG->idKeys[] = "ID";
$QF = self::xpQuery($Bf, "./ds:Signature");
if (count($QF) === 0) {
return FALSE;
}
if (count($QF) > 1) {
echo sprintf("XMLSec: more than one signature element in root.");
exit;
}
$QF = $QF[0];
$fG->sigNode = $QF;
$fG->canonicalizeSignedInfo();
if ($fG->validateReference()) {
$GO = FALSE;
foreach ($fG->getValidatedNodes() as $M6) {
if ($M6->isSameNode($Bf)) {
$GO = TRUE;
goto KSH;
}
if ($Bf->parentNode instanceof DOMDocument && $M6->isSameNode($Bf->ownerDocument)) {
$GO = TRUE;
goto KSH;
}
}
KSH:
if ($GO) {
$mG = array();
foreach (self::xpQuery($QF, "./ds:KeyInfo/ds:X509Data/ds:X509Certificate") as $dy) {
$UN = trim($dy->textContent);
$UN = str_replace(array("\r", "\n", "\t", " "), '', $UN);
$mG[] = $UN;
}
$Bx = array("Signature" => $fG, "Certificates" => $mG);
return $Bx;
}
echo sprintf("XMLSec: The root element is not signed.");
exit;
}
echo sprintf("XMLsec: digest validation failed");
exit;
}
public static function validateSignature(array $Yx, XMLSecurityKey $WO)
{
$fG = $Yx["Signature"];
$nd = self::xpQuery($fG->sigNode, "./ds:SignedInfo/ds:SignatureMethod");
if (!empty($nd)) {
$nd = $nd[0];
if ($nd->hasAttribute("Algorithm")) {
$yu = $nd->getAttribute("Algorithm");
if (!($WO->type === XMLSecurityKey::RSA_SHA1 && $yu !== $WO->type)) {
goto icb;
}
$WO = self::castKey($WO, $yu);
icb:
if ($fG->verify($WO)) {
// [PHPDeobfuscator] Implied return
return;
}
echo sprintf("Unable to validate Signature");
exit;
}
echo sprintf("Missing Algorithm-attribute on SignatureMethod element.");
exit;
}
echo sprintf("Missing SignatureMethod element");
exit;
}
public static function castKey(XMLSecurityKey $WO, $by, $YE = "public")
{
if (!($WO->type === $by)) {
$I1 = openssl_pkey_get_details($WO->key);
if (!($I1 === FALSE)) {
if (!empty($I1["key"])) {
$mM = new XMLSecurityKey($by, array("type" => $YE));
$mM->loadKey($I1["key"]);
return $mM;
}
echo sprintf("Missing key in public key details.");
exit;
}
echo sprintf("Unable to get key details from XMLSecurityKey.");
exit;
}
return $WO;
}
public static function processResponse($Wa, $o2, $XS, SAML2SPResponse $Oc, $f9, $tr)
{
$q5 = current($Oc->getAssertions());
$vN = $q5->getNotBefore();
if (!($vN !== NULL && $vN > time() + 60)) {
goto IiL;
}
wp_die("Received an assertion that is valid in the future. Check clock synchronization on IdP and SP.");
IiL:
$ef = $q5->getNotOnOrAfter();
if (!($ef !== NULL && $ef <= time() - 60)) {
goto lIr;
}
wp_die("Received an assertion that has expired. Check clock synchronization on IdP and SP.");
lIr:
$Zm = $q5->getSessionNotOnOrAfter();
if (!($Zm !== NULL && $Zm <= time() - 60)) {
goto PW2;
}
wp_die("Received an assertion with a session that has expired. Check clock synchronization on IdP and SP.");
PW2:
$Uj = $Oc->getDestination();
if (!(substr($Uj, 1) == "/")) {
goto gkX;
}
$Uj = substr($Uj, 0, 1);
gkX:
if (!(substr($Wa, 1) == "/")) {
goto YZS;
}
$Wa = substr($Wa, 0, 1);
YZS:
if (!($Uj !== NULL && $Uj !== $Wa)) {
$zz = self::checkSign($o2, $XS, $f9, $tr);
return $zz;
}
echo "Destination in response doesn't match the current URL. Destination is \"" . htmlspecialchars($Uj) . "\", current URL is \"" . htmlspecialchars($Wa) . "\".";
exit;
}
public static function checkSign($o2, $XS, $f9, $tr)
{
$mG = $XS["Certificates"];
if (count($mG) === 0) {
$F0 = maybe_unserialize(get_option("saml_x509_certificate"));
$CX = $F0[$f9];
tnE:
$wy = NULL;
$WO = new XMLSecurityKey(XMLSecurityKey::RSA_SHA1, array("type" => "public"));
$WO->loadKey($CX);
try {
self::validateSignature($XS, $WO);
return TRUE;
} catch (Exception $qc) {
$wy = $qc;
}
if ($wy !== NULL) {
throw $wy;
}
return FALSE;
}
$Hy = array();
$Hy[] = $o2;
$CX = self::findCertificate($Hy, $mG, $tr);
if (!($CX == false)) {
goto tnE;
}
return false;
}
public static function validateIssuerAndAudience($fe, $VC, $dl, $tr)
{
$Ai = current($fe->getAssertions())->getIssuer();
$q5 = current($fe->getAssertions());
$lQ = $q5->getValidAudiences();
if (strcmp($dl, $Ai) === 0) {
if (empty($lQ)) {
goto B4u;
}
if (in_array($VC, $lQ, TRUE)) {
return TRUE;
}
if ($tr == "testValidate" or $tr == "testNewCertificate") {
$DP = mo_options_error_constants::Error_invalid_audience;
$aS = mo_options_error_constants::Cause_invalid_audience;
ob_end_clean();
echo "<div style=\"font-family:Calibri;padding:0 3%;\">";
echo "<div style=\"color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;\"> ERROR</div>\n <div style=\"color: #a94442;font-size:14pt; margin-bottom:20px;\"><p><strong>Error: </strong>Invalid Audience URI.</p>\n <p>Please contact your administrator and report the following error:</p>\n <p><strong>Possible Cause: </strong>The value of 'Audience URI' field on Identity Provider's side is incorrect</p>\n <p>Expected one of the Audiences to be: " . esc_html($VC) . "<p>\n\t\t\t\t\t<p><strong>Solution:</strong></p>\n\t\t\t\t\t<ol>\n\t\t\t\t\t\t<li>Copy the Expected Audience URI from above and paste it in the Audience URI field at Identity Provider side.</li>\n\t\t\t\t\t</ol>\n\t\t\t\t\t</div>\n <div style=\"margin:3%;display:block;text-align:center;\">\n <div style=\"margin:3%;display:block;text-align:center;\"><input style=\"padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;\"type=\"button\" value=\"Done\" onClick=\"self.close();\"></div>";
exit;
}
wp_die("We could not sign you in. Please contact your Administrator", "Error :Invalid Audience URI");
goto AEw;
}
if ($tr == "testValidate" or $tr == "testNewCertificate") {
ob_end_clean();
$DP = mo_options_error_constants::Error_issuer_not_verfied;
$aS = mo_options_error_constants::Cause_issuer_not_verfied;
echo "<div style=\"font-family:Calibri;padding:0 3%;\">";
echo "<div style=\"color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;\"> ERROR</div>\n\t\t\t <div style=\"color: #a94442;font-size:14pt; margin-bottom:20px;\"><p><strong>Error: </strong>Issuer cannot be verified.</p>\n\t\t\t <p>Please contact your administrator and report the following error:</p>\n\t\t\t <p><strong>Possible Cause: </strong>IdP Entity ID configured in the plugin is incorrect</p>\n\t\t\t <p><strong>Entity ID in SAML Response: </strong>" . esc_html($Ai) . "<p>\n\t\t\t <p><strong>Entity ID configured in the plugin: </strong>" . esc_html($dl) . "</p>\n\t\t\t <p><strong>Solution:</strong></p>\n\t\t\t\t<ol>\n\t\t\t\t\t<li>Copy the Entity ID of SAML Response from above and paste it in Entity ID or Issuer field under Service Provider Setup tab.</li>\n\t\t\t\t</ol>\n\t\t\t </div>\n\t\t\t <div style=\"margin:3%;display:block;text-align:center;\">\n\t\t\t <div style=\"margin:3%;display:block;text-align:center;\"><input style=\"padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;\"type=\"button\" value=\"Done\" onClick=\"self.close();\"></div>";
mo_saml_download_logs($DP, $aS);
exit;
}
wp_die("We could not sign you in. Please contact your Administrator", "Error :Issuer cannot be verified");
AEw:
B4u:
}
private static function findCertificate(array $MZ, array $mG, $tr)
{
$j6 = array();
foreach ($mG as $zM) {
$eA = strtolower(sha1(base64_decode($zM)));
if (in_array($eA, $MZ, TRUE)) {
$iK = "-----BEGIN CERTIFICATE-----\n" . chunk_split($zM, 64) . "-----END CERTIFICATE-----\n";
return $iK;
}
$j6[] = $eA;
return false;
}
if ($tr == "testValidate" or $tr == "testNewCertificate") {
$iK = "-----BEGIN CERTIFICATE-----<br>" . chunk_split($zM, 64) . "<br>-----END CERTIFICATE-----";
echo "<div style=\"font-family:Calibri;padding:0 3%;\">";
echo "<div style=\"color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;\"> ERROR</div>\n\t\t\t<div style=\"color: #a94442;font-size:14pt; margin-bottom:20px;\"><p><strong>Error: </strong>Unable to find a certificate matching the configured fingerprint.</p>\n\t\t\t<p>Please contact your administrator and report the following error:</p>\n\t\t\t<p><strong>Possible Cause: </strong>'X.509 Certificate' field in plugin does not match the certificate found in SAML Response.</p>\n\t\t\t<p><strong>Certificate found in SAML Response: </strong><br><br>" . $iK . "</p>\n\t\t\t\t\t</div>\n\t\t\t\t\t<div style=\"margin:3%;display:block;text-align:center;\">\n\t\t\t\t\t<div style=\"margin:3%;display:block;text-align:center;\"><input style=\"padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;\"type=\"button\" value=\"Done\" onClick=\"self.close();\"></div>";
exit;
}
wp_die("We could not sign you in. Please contact your Administrator", "Error :Certificate not found");
}
private static function doDecryptElement(DOMElement $nT, XMLSecurityKey $lU, array &$io)
{
$NA = new XMLSecEnc();
$NA->setNode($nT);
$NA->type = $nT->getAttribute("Type");
$Z3 = $NA->locateKey($nT);
if ($Z3) {
$kS = $NA->locateKeyInfo($Z3);
if ($kS) {
$Wb = $lU->getAlgorith();
if ($kS->isEncrypted) {
$tj = $kS->getAlgorith();
if (!in_array($tj, $io, TRUE)) {
if (!($tj === XMLSecurityKey::RSA_OAEP_MGF1P && $Wb === XMLSecurityKey::RSA_1_5)) {
goto w6z;
}
$Wb = XMLSecurityKey::RSA_OAEP_MGF1P;
w6z:
if (!($Wb !== $tj)) {
$gV = $kS->encryptedCtx;
$kS->key = $lU->key;
$fn = $Z3->getSymmetricKeySize();
if (!($fn === NULL)) {
try {
$WO = $gV->decryptKey($kS);
if (!(strlen($WO) != $fn)) {
}
echo esc_html(sprintf("Unexpected key size (" . strlen($WO) * 8 . "bits) for encryption algorithm: " . var_export($Z3->type, TRUE)));
exit;
} catch (Exception $qc) {
$kN = $gV->getCipherValue();
$rq = openssl_pkey_get_details($kS->key);
$rq = sha1(serialize($rq), TRUE);
$WO = sha1($kN . $rq, TRUE);
if (strlen($WO) > $fn) {
$WO = substr($WO, 0, $fn);
goto jb9;
}
if (strlen($WO) < $fn) {
$WO = str_pad($WO, $fn);
// [PHPDeobfuscator] Implied goto
goto jb9;
}
jb9:
}
$Z3->loadkey($WO);
xZ6:
$by = $Z3->getAlgorith();
if (!in_array($by, $io, TRUE)) {
$dK = $NA->decryptNode($Z3, FALSE);
$l3 = "<root xmlns:saml=\"urn:oasis:names:tc:SAML:2.0:assertion\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">" . $dK . "</root>";
$y7 = new DOMDocument();
if (@$y7->loadXML($l3)) {
$pg = $y7->firstChild->firstChild;
if (!($pg === NULL)) {
if ($pg instanceof DOMElement) {
goto lxp;
}
echo sprintf("Decrypted element was not actually a DOMElement.");
lxp:
return $pg;
}
echo sprintf("Missing encrypted element.");
throw new Exception("Missing encrypted element.");
}
throw new Exception("Failed to parse decrypted XML. Maybe the wrong sharedkey was used?");
}
echo esc_html(sprintf("Algorithm disabled: " . var_export($by, TRUE)));
exit;
}
echo esc_html(sprintf("Unknown key size for encryption algorithm: " . var_export($Z3->type, TRUE)));
exit;
}
echo esc_html(sprintf("Algorithm mismatch between input key and key used to encrypt the symmetric key for the message. Key was: " . var_export($Wb, TRUE) . "; message was: " . var_export($tj, TRUE)));
exit;
}
echo esc_html(sprintf("Algorithm disabled: " . var_export($tj, TRUE)));
exit;
}
$NN = $Z3->getAlgorith();
if (!($Wb !== $NN)) {
$Z3 = $lU;
goto xZ6;
}
echo esc_html(sprintf("Algorithm mismatch between input key and key in message. Key was: " . var_export($Wb, TRUE) . "; message was: " . var_export($NN, TRUE)));
exit;
}
echo sprintf("Could not locate <dsig:KeyInfo> for the encrypted key.");
exit;
}
echo sprintf("Could not locate key algorithm in encrypted data.");
exit;
}
public static function decryptElement(DOMElement $nT, XMLSecurityKey $lU, array $io = array(), XMLSecurityKey $Ce = NULL)
{
try {
return self::doDecryptElement($nT, $lU, $io);
} catch (Exception $qc) {
try {
} catch (Exception $wc) {
}
echo "<div style=\"font-family:Calibri;padding:0 3%;\">";
echo "<div style=\"color: #a94442;background-color: #f2dede;padding: 15px;margin-bottom: 20px;text-align:center;border:1px solid #E6B3B2;font-size:18pt;\"> ERROR</div>\n <div style=\"color: #a94442;font-size:14pt; margin-bottom:20px;\"><p><strong>Error: </strong>Invalid Audience URI.</p>\n <p>Please contact your administrator and report the following error:</p>\n <p><strong>Possible Cause: </strong>Incorrect certificate added on the Identity Provider for Encryption</p>\n\t\t\t\t\t<p><strong>Solution:</strong> Please check if the certificate added in Identity Provider is same as the certificate provided in the Plugin</p>\n\t\t\t\t\t</div>\n <div style=\"margin:3%;display:block;text-align:center;\">\n <div style=\"margin:3%;display:block;text-align:center;\"><input style=\"padding:1%;width:100px;background: #0091CD none repeat scroll 0% 0%;cursor: pointer;font-size:15px;border-width: 1px;border-style: solid;border-radius: 3px;white-space: nowrap;box-sizing: border-box;border-color: #0073AA;box-shadow: 0px 1px 0px rgba(120, 200, 230, 0.6) inset;color: #FFF;\"type=\"button\" value=\"Done\" onClick=\"self.close();\"></div>";
exit;
}
}
public static function get_mapped_groups($EP, $Xa)
{
$ZX = array();
if (empty($Xa)) {
goto I_I;
}
$I4 = array();
$lw = 1;
Yh_:
if (!true) {
I_I:
foreach ($Xa as $OO) {
if (empty($OO)) {
goto lxo;
}
$lw = 0;
$qD = false;
qOK:
if (!(true && !$qD)) {
H0g:
lxo:
}
if (!(!empty($I4[$lw]) && in_array($OO, $I4[$lw], TRUE))) {
goto ji2;
}
$ZX[] = $EP->get("group" . $lw);
$qD = true;
ji2:
$lw++;
goto qOK;
}
return array_unique($ZX);
}
$AZ = $EP->get("group" . $lw . "_map");
$I4[$lw] = explode(";", $AZ);
$lw++;
goto Yh_;
}
public static function getEncryptionAlgorithm($u0)
{
switch ($u0) {
case "http://www.w3.org/2001/04/xmlenc#tripledes-cbc":
return XMLSecurityKey::TRIPLEDES_CBC;
case "http://www.w3.org/2001/04/xmlenc#aes128-cbc":
return XMLSecurityKey::AES128_CBC;
case "http://www.w3.org/2001/04/xmlenc#aes192-cbc":
return XMLSecurityKey::AES192_CBC;
case "http://www.w3.org/2001/04/xmlenc#aes256-cbc":
return XMLSecurityKey::AES256_CBC;
case "http://www.w3.org/2001/04/xmlenc#rsa-1_5":
return XMLSecurityKey::RSA_1_5;
case "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p":
return XMLSecurityKey::RSA_OAEP_MGF1P;
case "http://www.w3.org/2000/09/xmldsig#dsa-sha1":
return XMLSecurityKey::DSA_SHA1;
case "http://www.w3.org/2000/09/xmldsig#rsa-sha1":
return XMLSecurityKey::RSA_SHA1;
case "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256":
return XMLSecurityKey::RSA_SHA256;
case "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384":
return XMLSecurityKey::RSA_SHA384;
case "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512":
return XMLSecurityKey::RSA_SHA512;
default:
echo esc_html(sprintf("Invalid Encryption Method: " . $u0));
exit;
}
}
public static function insertSignature(XMLSecurityKey $WO, array $mG, DOMElement $Bf, DOMNode $Wh = NULL)
{
$fG = new XMLSecurityDSig();
$fG->setCanonicalMethod(XMLSecurityDSig::EXC_C14N);
switch ($WO->type) {
case XMLSecurityKey::RSA_SHA256:
$YE = XMLSecurityDSig::SHA256;
goto jW7;
case XMLSecurityKey::RSA_SHA384:
$YE = XMLSecurityDSig::SHA384;
goto jW7;
case XMLSecurityKey::RSA_SHA512:
$YE = XMLSecurityDSig::SHA512;
goto jW7;
default:
$YE = XMLSecurityDSig::SHA1;
}
jW7:
$fG->addReferenceList(array($Bf), $YE, array("http://www.w3.org/2000/09/xmldsig#enveloped-signature", XMLSecurityDSig::EXC_C14N), array("id_name" => "ID", "overwrite" => FALSE));
$fG->sign($WO);
foreach ($mG as $nV) {
$fG->add509Cert($nV, TRUE);
}
$fG->insertSignature($Bf, $Wh);
}
public static function getRemainingDaysOfCurrentCertificate()
{
$nV = get_option("mo_saml_current_cert");
$Eq = openssl_x509_parse($nV);
$Ys = $Eq["validTo_time_t"];
$x6 = $Ys - time();
return round($x6 / 86400);
}
public static function getExpiryDateOfCurrentCertificate()
{
$nV = get_option("mo_saml_current_cert");
$Eq = openssl_x509_parse($nV);
return $Eq["validTo_time_t"];
}
public static function getExpiryDateOfCertificate($nV)
{
$Eq = openssl_x509_parse(trim($nV));
return $Eq["validTo_time_t"];
}
public static function signXML($l3, $fJ = '', $bX = false)
{
$Jp = array("type" => "private");
$WO = new XMLSecurityKey(XMLSecurityKey::RSA_SHA256, $Jp);
if ($bX) {
$OY = file_get_contents(plugin_dir_path("/var/www/html/input.php") . "resources" . DIRECTORY_SEPARATOR . "miniorange-sp-certificate-priv.key");
$SG = file_get_contents(plugin_dir_path("/var/www/html/input.php") . "resources" . DIRECTORY_SEPARATOR . "miniorange-sp-certificate.crt");
// [PHPDeobfuscator] Implied goto
goto PIP;
}
$OY = get_option("mo_saml_current_cert_private_key");
$SG = get_option("mo_saml_current_cert");
PIP:
$WO->loadKey($OY, FALSE);
$HL = new DOMDocument();
$HL->loadXML($l3);
$SS = $HL->firstChild;
if (!empty($fJ)) {
$eH = $HL->getElementsByTagName($fJ)->item(0);
self::insertSignature($WO, array($SG), $SS, $eH);
// [PHPDeobfuscator] Implied goto
goto zbx;
}
self::insertSignature($WO, array($SG), $SS);
zbx:
$qH = $SS->ownerDocument->saveXML($SS);
$sw = base64_encode($qH);
return $sw;
}
public static function postSAMLRequest($of, $YL, $tr, $WY = '')
{
$S9 = "<html><head><script src='https://code.jquery.com/jquery-1.11.3.min.js'></script><script type=\"text/javascript\">\$(function(){document.forms['saml-request-form'].submit();});</script></head><body>Please wait...<form action=\"" . $of . "\" method=\"post\" id=\"saml-request-form\"><input type=\"hidden\" name=\"SAMLRequest\" value=\"" . $YL . "\" /><input type=\"hidden\" name=\"RelayState\" value=\"" . htmlentities($tr) . "\" />";
if (empty($WY)) {
goto CSm;
}
$S9 = "<input type=\"hidden\" name=\"userName\" value=\"" . htmlentities($WY) . "\" />";
CSm:
$S9 .= "</form></body></html>";
echo $S9;
exit;
}
public static function postSAMLResponse($of, $Ph, $tr)
{
echo "<html><head><script src='https://code.jquery.com/jquery-1.11.3.min.js'></script><script type=\"text/javascript\">\$(function(){document.forms['saml-request-form'].submit();});</script></head><body>Please wait...<form action=\"" . $of . "\" method=\"post\" id=\"saml-request-form\"><input type=\"hidden\" name=\"SAMLResponse\" value=\"" . $Ph . "\" /><input type=\"hidden\" name=\"RelayState\" value=\"" . htmlentities($tr) . "\" /></form></body></html>";
exit;
}
public static function sanitize_certificate($nV)
{
$nV = trim($nV);
$nV = preg_replace("/[\r\n]+/", '', $nV);
$nV = str_replace("-", '', $nV);
$nV = str_replace("BEGIN CERTIFICATE", '', $nV);
$nV = str_replace("END CERTIFICATE", '', $nV);
$nV = str_replace(" ", '', $nV);
$nV = chunk_split($nV, 64, "\r\n");
$nV = "-----BEGIN CERTIFICATE-----\r\n" . $nV . "-----END CERTIFICATE-----";
return $nV;
}
public static function desanitize_certificate($nV)
{
$nV = preg_replace("/[\r\n]+/", '', $nV);
$nV = str_replace("-----BEGIN CERTIFICATE-----", '', $nV);
$nV = str_replace("-----END CERTIFICATE-----", '', $nV);
$nV = str_replace(" ", '', $nV);
return $nV;
}
public static function mo_saml_wp_remote_call($of, $h6 = array(), $M2 = false)
{
if (!$M2) {
$Oc = wp_remote_post($of, $h6);
// [PHPDeobfuscator] Implied goto
goto hTw;
}
$Oc = wp_remote_get($of, $h6);
hTw:
if (!is_wp_error($Oc)) {
return $Oc["body"];
}
update_option("mo_saml_message", "Unable to connect to the Internet. Please try again.");
self::mo_saml_show_error_message();
return false;
}
public static function mo_saml_show_success_message()
{
remove_action("admin_notices", array("SAMLSPUtilities", "mo_saml_success_message"));
add_action("admin_notices", array("SAMLSPUtilities", "mo_saml_error_message"));
}
public static function mo_saml_show_error_message()
{
remove_action("admin_notices", array("SAMLSPUtilities", "mo_saml_error_message"));
add_action("admin_notices", array("SAMLSPUtilities", "mo_saml_success_message"));
}
static function mo_saml_success_message()
{
$a4 = "error";
$k0 = get_option("mo_saml_message");
echo "<div class='error'> <p>" . $k0 . "</p></div>";
}
static function mo_saml_error_message()
{
$a4 = "updated";
$k0 = get_option("mo_saml_message");
echo "<div class='updated'> <p>" . $k0 . "</p></div>";
}
public static function mo_saml_is_user_logged_in()
{
if (!is_user_logged_in()) {
if (!(!empty(get_option("mo_enable_guest_login")) && get_option("mo_enable_guest_login") == "true")) {
OH4:
return false;
}
if (!(!empty($_SESSION["mo_guest_login"]["sessionIndex"]) || !empty($_COOKIE["sessionIndex"]))) {
goto OH4;
}
return true;
}
return true;
}
public static function mo_saml_get_plugin_dir_url()
{
return plugin_dir_url("/var/www/html/input.php");
}
}■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.