chapov/gist:c0d6fb5531d18a5d7782

## gistfile1.txt
grep -r -i -F -l --exclude=*.{png,gz,zip,rar,tgz,gif,pdf,jpg,jpeg,wmv} 'FilesMan
46.32.226.132
$GLOBALS['mrufx31']
function pttna79
_YM82iAN
http://rx-onlinepharmacystore.com/
discount-rx-shop.com
cheap-med-store.com
DQplcnJvcl9yZXBvcnRpb
0f01b0379c078cb769fe70b5f51f5e8e
eNoUmseOq8waRR
eval(stripslashes($_REQUEST[$post_var
eval(base64_decode($_POST
onfr64_
ipocr99
ZeroDayExile
@$message=$_POST['message'];
if(isset($_COOKIE[1])){$_=$_COOKIE;$_[1]($_[2]($_[3]($_[4])))
aW5pX3NldAL
$wp__theme_icon=@create_function('',@file_get_contents
eval(Yjgkdwedwe
@error_reporting(0); @ini_set(chr(101).chr(114)
7L12W+PG0jD8bOa65j8oPpwYDgyWN8DDQOJ932onb
base64_decode('ZXJyb3Jfcm'
n22ec2b
$GLOBALS['_769983974_']
$GLOBALS['_806337062_']
3d3e3f5006bf70380fdfcdc
cekjknaiws
EF8ZjRZnsUrk
k8zfodiLc2qe0E2tFqyxwbCoZVDOARJK4N0aO1QY
base64_decode($_GET
base64_decode(($_POST
LypPSnBvKi9ldmFsLypGUSZR
md5_brute
eval("?>".gzuncompress
@system("killall -9 ".basename("/usr/bin/host"));
v8d777f38
r GruLfh
c99sh_backconn
gzinflate(base64_decode(str_rot13
eJzUvWmT4ki
Da-Slake
@eval(base64_decode(
tiberius.lunariffic.com
gzuncompress(base64
$OOO0O0O00=__FILE__
\x47L\x4f\x42\x41
ZGllKGluY2x1ZGVfb25jZSAkaW4pOw
c2F1ZGloYWNrZX
8kPIvLwHOWv
c99shell
input, H1, p, textarea
base64_decode($_POST['body']
eNrtfWt72zay8Of6V9
506f97fc6b1a07b6a6e0204dba7d0c1e
c2V0X3RpbWVfbGltaXQoMCk7DQppZ25vcmVfdXNlcl
YTozNDY6e2k6MDtzOjI1OiJjcmV
\\145\\166\\141\\154\\050\\142\\141\\163\\145\\066
seNGpOJ24cb3H2Jq3XxIl3O
CiRhdXRoX3Bhc3MgPSAiN2U5NDI0YmZhMTJkMWY
FilesGirl
WSO_VERSION
IGlmICggaXNzZXQoICRf
function ddos
$token1 = md5(rand(111111,999999
$bancoChile =
define(WRITEFL
www.bancochile.cl
var fechUltimo =
SYSTEM_SKEL_PATH
JHZpc2l0YyA9ICRfQ09PS0lFWyJ2aXNp
jVRpc5s6FP3ODP9BbTMFT/IKOMYmiZc6jrcY70vi
c99 injektor
Kill-shell
w00t
$auth_password
helline
36,112,61,64,36,95,80,79,83,84,91,39,112,49,39,93,59
JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTz
CmVycm9yX3JlcG9yd
@error_reporting(0); @ini_set('error_log',NULL); @ini_set('log_errors',0); if (count($_POST) < 2)
if(md5(md5($_REQUEST[
if(strlen(trim($s_pass))>0
$hkofbfnd
eF7lff1X27jS8M97z7n
$wfzp
eval(gzunp
eval("?>".base64_decode(
print("Direct Access Not Allowed");
file_force_download($zipfile)
eval(stripslashes($_POST
echo(base64
eval(base64
echo(gzinflate
eval(gzinflate
echo(gzunp
gzipinflate(
Array(base64_decode
if (count($_POST) < 2) { die
Web Shell by
Hacked by
preg_replace("/.*/e"
function sql2_safe(
function geturl_1(
if(isset($_GET[w1343t])){
if (isset($_POST[task]))
if (isset($_POST[check]))
$_ = strrev("tress\x61");
error_reporting(0); if (count($_POST) != 2) { die
body onload="tim()"
Created By Un1xL4
devilzShell
N3tshell
Storm7Shell
Locus7Shell
DxShell
private Shell by m4rco
w4ck1ng shell
FaTaLisTiCz_Fx Fx29Sh
r57shell
$back_connect_c=
function error_404()
8c7d28457f20dc6149cf16ed54ee9923_on
c99sh
r57sh
crystalshell
phpshell
shellbot
CempLe
php shell
Web Shell
ijo_sh
fx29sh
window.eval(String.fromCharCode
function rc4(&$data, $key)
killall ping
$GLOBALS['_62805507_'
index_backup.php
JS.Scob.Trojan
VigraSpamKey
advadmin.biz
Advtraff.biz
bettersearch.biz
Connect2cash.biz
Crazy-toolbar.com
Drugs-shop.biz
Onlyfreevideo.com
pizdato.biz
private-iframe.biz
private-toolbar.biz
sexyphotos.biz
myiframe.biz
private-dialer.biz
cash4me.biz
newiframe.biz
traffi4sale.biz
traffic2cash.biz
vse-moe.biz
web-res.biz
web-result.biz
antiblock.biz
sp2admin.biz
sp2fucked.biz
admin2cash.biz
coolsearch.biz
Web-res.biz
enigmasoftwaregroup.com
healthycomputerclub.com
spyware.junglebee.com
nwolb.com
natwest.com
ibsplc.com
flasHcOm.uCoz.oRg
KuRBanG
DONSHAQ
flashsiantar.info
KunleWizzy
Kunle Wizzy
2w6al1b9d4hmqx54l
bdd1b7801d9329b2f9d7313381627c70c
c858d4c43w49f796e
w49f796e
var xR5p
var G33z1
BlueHacker
Zola-Hacker
ZolaHacker
KeNiHaCk
newresultbox@gmail.com
onebloodonemindonemoney@student.com
standardbank.co.za
SqShell
N3tsh
C1iB
bluehacker.com
exit(); } if(isset($_REQUEST[
webadmin.php
eval(stripslashes($_REQUEST[
eval(stripslashes(@$_POST
viagra
etulli.fi
function php_display(
$url = $urls[rand(0, count($urls)-1)];
full@info.com
chunk_split(base64_encode(fread
if(ord(substr(current(array_keys($_REQUEST)),-1))
@ini_set('error_log',NULL); @ini_set('log_errors',0); @ini_set('max_execution_time',0); @set_time_limit(0);
if (fwrite($handle, file_get_contents($_GET[
$mailer = $_POST["x_mailer"];
www.birthdaylounge.com
base64_decode($_POST["mailto"]);
;eval($___($__));
eval($_POST['eval']);
eval(base64_decode($_REQUEST['c_id']));
RootShell
BLACK.JaGuAr
HunTerXPro-Team
begemgi.ru
rty.xomyak2.body.e-autopay.com
moneevdi.ru
datingvule.ru
if((isset($v) AND $v==0) OR (isset($t)
OOO000000=urldecode
if(!empty($_POST["gjwqweodsa"])
sjktn =
yqxz =
tynrs =
v5031e998
basename("/usr/bin/host")
eval(base64_decode
Gootkit' /{home/${USER},var/tmp,tmp}/ >> /home/${USER}/tmp/files.$(date +%d.%m.%y).txt 2>/dev/null
	grep -r -i -F -l --exclude=*.{png,gz,zip,rar,tgz,gif,pdf,jpg,jpeg,wmv} 'FilesMan
	46.32.226.132
	$GLOBALS['mrufx31']
	function pttna79
	_YM82iAN
	http://rx-onlinepharmacystore.com/
	discount-rx-shop.com
	cheap-med-store.com
	DQplcnJvcl9yZXBvcnRpb
	0f01b0379c078cb769fe70b5f51f5e8e
	eNoUmseOq8waRR
	eval(stripslashes($_REQUEST[$post_var
	eval(base64_decode($_POST
	onfr64_
	ipocr99
	ZeroDayExile
	@$message=$_POST['message'];
	if(isset($_COOKIE[1])){$_=$_COOKIE;$_[1]($_[2]($_[3]($_[4])))
	aW5pX3NldAL
	$wp__theme_icon=@create_function('',@file_get_contents
	eval(Yjgkdwedwe
	@error_reporting(0); @ini_set(chr(101).chr(114)
	7L12W+PG0jD8bOa65j8oPpwYDgyWN8DDQOJ932onb
	base64_decode('ZXJyb3Jfcm'
	n22ec2b
	$GLOBALS['_769983974_']
	$GLOBALS['_806337062_']
	3d3e3f5006bf70380fdfcdc
	cekjknaiws
	EF8ZjRZnsUrk
	k8zfodiLc2qe0E2tFqyxwbCoZVDOARJK4N0aO1QY
	base64_decode($_GET
	base64_decode(($_POST
	LypPSnBvKi9ldmFsLypGUSZR
	md5_brute
	eval("?>".gzuncompress
	@system("killall -9 ".basename("/usr/bin/host"));
	v8d777f38
	r GruLfh
	c99sh_backconn
	gzinflate(base64_decode(str_rot13
	eJzUvWmT4ki
	Da-Slake
	@eval(base64_decode(
	tiberius.lunariffic.com
	gzuncompress(base64
	$OOO0O0O00=__FILE__
	\x47L\x4f\x42\x41
	ZGllKGluY2x1ZGVfb25jZSAkaW4pOw
	c2F1ZGloYWNrZX
	8kPIvLwHOWv
	c99shell
	input, H1, p, textarea
	base64_decode($_POST['body']
	eNrtfWt72zay8Of6V9
	506f97fc6b1a07b6a6e0204dba7d0c1e
	c2V0X3RpbWVfbGltaXQoMCk7DQppZ25vcmVfdXNlcl
	YTozNDY6e2k6MDtzOjI1OiJjcmV
	\\145\\166\\141\\154\\050\\142\\141\\163\\145\\066
	seNGpOJ24cb3H2Jq3XxIl3O
	CiRhdXRoX3Bhc3MgPSAiN2U5NDI0YmZhMTJkMWY
	FilesGirl
	WSO_VERSION
	IGlmICggaXNzZXQoICRf
	function ddos
	$token1 = md5(rand(111111,999999
	$bancoChile =
	define(WRITEFL
	www.bancochile.cl
	var fechUltimo =
	SYSTEM_SKEL_PATH
	JHZpc2l0YyA9ICRfQ09PS0lFWyJ2aXNp
	jVRpc5s6FP3ODP9BbTMFT/IKOMYmiZc6jrcY70vi
	c99 injektor
	Kill-shell
	w00t
	$auth_password
	helline
	36,112,61,64,36,95,80,79,83,84,91,39,112,49,39,93,59
	JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTz
	CmVycm9yX3JlcG9yd
	@error_reporting(0); @ini_set('error_log',NULL); @ini_set('log_errors',0); if (count($_POST) < 2)
	if(md5(md5($_REQUEST[
	if(strlen(trim($s_pass))>0
	$hkofbfnd
	eF7lff1X27jS8M97z7n
	$wfzp
	eval(gzunp
	eval("?>".base64_decode(
	print("Direct Access Not Allowed");
	file_force_download($zipfile)
	eval(stripslashes($_POST
	echo(base64
	eval(base64
	echo(gzinflate
	eval(gzinflate
	echo(gzunp
	gzipinflate(
	Array(base64_decode
	if (count($_POST) < 2) { die
	Web Shell by
	Hacked by
	preg_replace("/.*/e"
	function sql2_safe(
	function geturl_1(
	if(isset($_GET[w1343t])){
	if (isset($_POST[task]))
	if (isset($_POST[check]))
	$_ = strrev("tress\x61");
	error_reporting(0); if (count($_POST) != 2) { die
	body onload="tim()"
	Created By Un1xL4
	devilzShell
	N3tshell
	Storm7Shell
	Locus7Shell
	DxShell
	private Shell by m4rco
	w4ck1ng shell
	FaTaLisTiCz_Fx Fx29Sh
	r57shell
	$back_connect_c=
	function error_404()
	8c7d28457f20dc6149cf16ed54ee9923_on
	c99sh
	r57sh
	crystalshell
	phpshell
	shellbot
	CempLe
	php shell
	Web Shell
	ijo_sh
	fx29sh
	window.eval(String.fromCharCode
	function rc4(&$data, $key)
	killall ping
	$GLOBALS['_62805507_'
	index_backup.php
	JS.Scob.Trojan
	VigraSpamKey
	advadmin.biz
	Advtraff.biz
	bettersearch.biz
	Connect2cash.biz
	Crazy-toolbar.com
	Drugs-shop.biz
	Onlyfreevideo.com
	pizdato.biz
	private-iframe.biz
	private-toolbar.biz
	sexyphotos.biz
	myiframe.biz
	private-dialer.biz
	cash4me.biz
	newiframe.biz
	traffi4sale.biz
	traffic2cash.biz
	vse-moe.biz
	web-res.biz
	web-result.biz
	antiblock.biz
	sp2admin.biz
	sp2fucked.biz
	admin2cash.biz
	coolsearch.biz
	Web-res.biz
	enigmasoftwaregroup.com
	healthycomputerclub.com
	spyware.junglebee.com
	nwolb.com
	natwest.com
	ibsplc.com
	flasHcOm.uCoz.oRg
	KuRBanG
	DONSHAQ
	flashsiantar.info
	KunleWizzy
	Kunle Wizzy
	2w6al1b9d4hmqx54l
	bdd1b7801d9329b2f9d7313381627c70c
	c858d4c43w49f796e
	w49f796e
	var xR5p
	var G33z1
	BlueHacker
	Zola-Hacker
	ZolaHacker
	KeNiHaCk
	newresultbox@gmail.com
	onebloodonemindonemoney@student.com
	standardbank.co.za
	SqShell
	N3tsh
	C1iB
	bluehacker.com
	exit(); } if(isset($_REQUEST[
	webadmin.php
	eval(stripslashes($_REQUEST[
	eval(stripslashes(@$_POST
	viagra
	etulli.fi
	function php_display(
	$url = $urls[rand(0, count($urls)-1)];
	full@info.com
	chunk_split(base64_encode(fread
	if(ord(substr(current(array_keys($_REQUEST)),-1))
	@ini_set('error_log',NULL); @ini_set('log_errors',0); @ini_set('max_execution_time',0); @set_time_limit(0);
	if (fwrite($handle, file_get_contents($_GET[
	$mailer = $_POST["x_mailer"];
	www.birthdaylounge.com
	base64_decode($_POST["mailto"]);
	;eval($___($__));
	eval($_POST['eval']);
	eval(base64_decode($_REQUEST['c_id']));
	RootShell
	BLACK.JaGuAr
	HunTerXPro-Team
	begemgi.ru
	rty.xomyak2.body.e-autopay.com
	moneevdi.ru
	datingvule.ru
	if((isset($v) AND $v==0) OR (isset($t)
	OOO000000=urldecode
	if(!empty($_POST["gjwqweodsa"])
	sjktn =
	yqxz =
	tynrs =
	v5031e998
	basename("/usr/bin/host")
	eval(base64_decode
	Gootkit' /{home/${USER},var/tmp,tmp}/ >> /home/${USER}/tmp/files.$(date +%d.%m.%y).txt 2>/dev/null