______          _    _              
|  _  \        | |  | |             
| | | |___  ___| | _| |_ ___  _ __  
| | | / _ \/ __| |/ / __/ _ \| '_ \ 
| |/ /  __/\__ \   <| || (_) | |_) |
|___/ \___||___/_|\_\\__\___/| .__/ 
                             | |    
                             |_|    
 ##########
 # PHP-OS #
 ##########
Multitasking system
"; echo "
"; echo ""; echo ""; echo ""; echo ""; foreach (array_chunk($buttons, 4) as $chunk) { echo ""; foreach ($chunk as $button) { echo ""; } echo ""; } echo "
$display
"; echo ""; echo "
"; };;;;; ?> prompt
' method='POST'>
> rename") { $ren = $_POST['command']; $rename = '~blackcat>> rename'; if (strpos($ren, $rename) != true) { ?>
' method='POST'>
alert("renamed file!")'; };; /*#unistall command*/ if($_POST['command'] == "~blackcat>> unistall") { $unistall_me = $_SERVER['PHP_SELF']; unlink(basename($unistall_me)); echo ''; };;; /*#wget command*/ if(strpos($_POST['command'] , '~blackcat>> wget') !== false) { $uno = "~blackcat>> wget "; $wget = $_POST['command']; $due = ""; $url = str_replace($uno,$due,$wget); $fileee = file_get_contents($url); $nameeee = basename($url); $exttt = pathinfo($url, PATHINFO_EXTENSION); $namee2 =pathinfo($url, PATHINFO_FILENAME); $processing = "wget.txt"; $fp = fopen($processing,"w"); fputs ($fp,"$url"); fclose($fp); $line = file($processing)[0]; $grabbing = file_get_contents("$line"); $fp = fopen("$namee2.$exttt","w"); fputs ($fp,"$grabbing"); fclose($fp); unlink("wget.txt"); }; /*#end blackcat prompt*/ ?>
~search for files
Found: ','8 mil');">"; ?>
~Files
','8 mil');">
$filename {size " . filesize($filename) . "\n"; echo "}
"; } } }; ?>

~Folders
$dirr , "; } } /*all folders and files*/ $Mydir = './'; foreach(glob($Mydir.'*', GLOB_ONLYDIR) as $directory) { $prefix = 'SYS_'; if (strpos($directory, $prefix) != false) { if(is_dir($directory)) { if($handle=opendir($directory)) { while (($indice = readdir($handle)) !== false) { if($indice!='.' && $indice!='..') { echo "
------------------------------------------------------"; echo "Folder -> $directory
"; ?> ','8 mil');"> $directory/$indice "; ?>
------------------------------------------------------"; } } } closedir($handle); } };; };;; ?>


"; //create file btn echo "
"; //create folder btn echo "
"; //upload folder btn echo "
"; //scan directory $dir = scandir($path); $files = array_diff($dir, array('.', '..')); foreach ($files as $value) { $isDir = $path."/".$value; $astyle = "text-decoration:none;"; //action form for file and folder //edit file $actionform = "
"; //delete file $actionform .= "
"; if(is_dir($isDir)){ //style for directory $astyle = "color:#FF0000;text-decoration:none;"; //open directory $actionform = "
"; //delete directory $actionform .= "
"; } echo "
  • $value $actionform
    • "; } echo ""; } ?> 
            
          _   _   _                 
         | | | | (_)                
 ___  ___| |_| |_ _ _ __   __ _ ___ 
/ __|/ _ \ __| __| | '_ \ / _` / __|
\__ \  __/ |_| |_| | | | | (_| \__ \
|___/\___|\__|\__|_|_| |_|\__, |___/
                           __/ |    
                          |___/
  • installing / deleting / modifying files
  • blackcat defender scan {Anti-Malware}

    • "; print "Blackcat Defender found these suspicious files:{list}
    "; echo "
    "; $search_mlw = array( "c99shexit();", "_POST['phpev'].", "%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64", "Vegp7mSyWmSMZmW0WMKnmMc", "ob_start();", "_POST['liste1']);", "OOO000000{4}.", "wKTs='));return;", "0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTz", "GLOBALS['OOO0000O0']('JElJSUl", "0nc2hlbGxfZX", "xorro@jabber.ru", "passthru", "/etc/passwd", "level=0", "filemanager&act3=del&dir", "j=ord('C')", "work_dir = exec('pwd')", "eval(gzinflate(base64_decode('HJ3Hk", "dos=", "+Avu/JcredL7v7x6ks7HU3pb0TrXKQyEkJ4Y/TI20kouKTKc//", "ara = posix_getpwuid(", "\x00/../../../../../../../../../../../../", "erro_retorno)) echo", "escaped = array_map", "%H:%M %b %e %Y", "5WmSOZ+JDXEBtQvyn]@cCvWx~aF\}", "wser, 43)", "_POST[liz0])", "row[Column_name] ==", "sSHcY: echo", "time()+(1*24*3600))", "function GD6A_()", "goto NjtG4; gc9kA: if ", "PmfAp) { goto n_96v", "eP56D: s53xt: goto vGygH", "aeyv_) .", "XqZy6 = substr", "ik04L)); goto RdzWe; Z237s: if (!isset(", "OO00O0000=0x26548", "sleep(1); goto CL39n; GsH3h: system", "g+vLLaGErGwhkJ4QEghbIAkJcE4/rmM7sYk3bGc9r//702ix5cRhOT1t770", "filename2,'rb');", "('JElJSUlJSUlJbEkx", "4w8khSI7DWIciS82gW0fU6PUTsmWCsP/ys", "TksP/y4mcIpegmb2ApElsQV2kQV2kQV2KAXeK0oVCKV2kQV2kQV2kQrEAy4VKn9B", "OO00O0000=0xba70;eval", "q_qzC = explode(", "compress.zlib://", "eval(gzinflate(base64_decode('HJ3HkqNQEkU/ZzqCBd", "& 00400) ? 'r' : '-';", "file_w=@fopen(urldecode(", "function eh(", "nlines=htmlspecialchars", "error_reporting(E_ALL ^ E_NOTICE);", ".substr(sprintf('%o', fileperms(", "passwd=fopen('/etc/passwd','r');", "sql();break;", "gkTzAwME8wTzAwLDB4NTRiKTskT08wME8wME8wPSRPT08wMDAwT", "d='G7mHWQ9vvXiL/QX2oZ2VTDpo6g3FYAa6X+", "['OOO0000O0']('JElJSUlJSUlJSWxsMT0na", "_POST['eval']))", "jLsH_FwcTTMcPkfBt", "cikti=trim", "goto N1clF; mk1vZ: eval(base64_decode", "if( ini_get('safe_mode') ) {", "} elseif(@function_exists('ocilogon')) {", "PYjDn", "rBRJT: pclose", "fUNXB < count(", "fhM8v); goto DdFnP; KPJmF: if", "kNJz4++; goto ZNPex; bSmVB: if (!", "bPSwh = ", "ts9lh; goto zK_2G; mk0QS: echo", "!CbBb , !CbBdqfcjj9 { { 9&((:'));", "+1])-ord('A'))*16+(ord(", "Ei0c87P6EfkSNAxrpG09vy", "+JDXEBtLbx09vy", "upGfmCD4wmgxs8UywCD4Qvy49B", "kX8cJsli5SPSCWmalrLa+", "7x6qseZqH+7", "vSvUSW0fTXIHkSM3MXqQKHoQ", "CWmaC2+7lsP7lWeQTX8sTX87", ")));@eval", "w2Kcw9CT0Xqc5WeJ5o+gd9", "'676574637764'" ); foreach($search_mlw as $search_mlww) { $dir223 = './'; $files223 = scandir($dir223,1); foreach ($files223 as $lines223){ if(strlen($lines223) > 3 && strpos($lines223, '.php') !== false){ $readfile223 = fopen('./'.$lines223, 'r'); while(!feof($readfile223)) { $contents223 = fgets($readfile223); if(strpos($contents223, $search_mlww) !== false) echo str_replace("blackcat.php","","
    $lines223
    "); } fclose($readfile223); } } };;; } ?> alert("Blackcat Defender: File Blocked {Virus Found}")'; die(); } }; rename(__DIR__.$seprator.$file_name,$dirpath.$seprator."SYS_$file_name"); } //delete dir if(isset($_POST['del-dir'])){ $deldirpath = $_POST['del-dir-path']; if(!rmdir($deldirpath)){ echo "warning: ".$deldirpath." folder is not empty.

    "; } } //delete file if(isset($_POST['del-file'])){ $deldirpath = $_POST['del-file-path']; unlink($deldirpath); } //edit file if(isset($_POST['editfile'])){ $editfilepath = $_POST['edit-file-path']; echo "
    Editing $editfilepath

    "; if(isset($_POST['change-file-code'])){ $code = $_POST['code']; $myfile = fopen($editfilepath, "w") or die("Unable to open file!"); fwrite($myfile, $code); fclose($myfile); echo ''; echo ''; } ?>



    '; break; ?> alert("blackcat PHP-OS \nVersion: alpha \nAuthor: Emiliano Febbi \nMy site: https://nullsite.altervista.org/\nCode and release by Emiliano Febbi\n############\n# info: #\n############\nClosed-loop operating system\n")'; }; ?>

    welcome $IP"; /*#end core system*/ ?>