forked from screwloose83/php-malware-scanner
-
Notifications
You must be signed in to change notification settings - Fork 0
/
db.txt
193 lines (193 loc) · 4.34 KB
/
db.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
uname -a
/etc/shadow
/etc/passwd
WSOstripslashes
D9waHA
c3lzdGVt
\x75\x70\x6c\x6fad
\x73\x79\x73\x74\x65\x6d
cHJlZ19yZXBsYWNl
\x70\x72\x65\x67\x5f\x72\x65\x70\x6c\x61\x63\x65
ZXhlYyg
\x65\x78\x65\x63
='base'.(32*2).'_de'.'code'
"base64_decode"
YmFzZTY0X2RlY29kZ
"p"."r"."e"."g"."_"
ev\x61l
\x65\166\x61\154\x28
\x65\x76\x61\x6C
ZXZhbCg
'ev'.'al'.'
"ev"."al
'pr'.'eg'.'_r'.'epl'.'ace'
"pr"."eg"."_r"."epl"."ace"
/eval\s*\(/i
eval(base64_decode(
\x47\x4c\x4f\x42\x41LS
SFRUUF9VU0VSX0FHRU5U
YWxsb3dfdXJsX2ZvcGVu
${${
file_get_contents('http://codepad.org
PHPJiaMi
@include($_GET[
system($_GET[
gzinflate(base64_decode(
md5($_GET[
ShellBOT
bgeteam
DisablePHP=
moban.html
<?php eval
$data = base64_decode("
a,b,c,d,e,f,g
freetellafriend.com
SHELL_PASSWORD
curl_get_from_webpage
base=base64_encode
@x0powo
@preg_replace
META http-equiv="refresh" content="0;
="create_";global
YW55cmVzdWx0cy5uZXQ=
ZOBUGTEL
MagelangCyber
Baby_Drakon
Net@ddress Mail
Created By EMMA
3xp1r3
NinjaVirus Here
<dot>IrIsT
Hacked By EnDLeSs
Punker2Bot
Zed0x
darkminz
ReaL_PuNiShEr
OoN_Boy
__VIEWSTATEENCRYPTED
M4ll3r
createFilesForInputOutput
Pashkela
== "bindshell"
Webcommander at
YENI3ERI
d3lete
Made by Delorean
R0lGODlhEwAQALMAAAAAAP
Cybester90
ayu pr1 pr2 pr3 pr4 pr5 pr6
f0VMRgEBAQA
0d0a0d0a676c6f62616c20246d795f736d7
etalfnizg
JHZpc2l0Y291bnQgPSAkSFRUUF9DT09LSUVfV
edoced_46esab
VOBRA GANGO
itsoknoproblembro
HTTP flood complete after
exploitcookie
az88pix00q98
The Dark Raver
Q3JlZGl0IDogVW5kZXJncm91bmQgRGV2aWwgJm5ic3A7ICB8DQo8YSBocmVmP
463839610c000b00800100ffffffffffff21f90401000001002c000
AAAAAAAAMAAwABAAAAeAUAADQAAADsCQAAAAAAADQAIAADACgAFwAUAAEA
HJ3HjutckoRfpXf9A1zQO2AwDRrRey9uGvTeez79qAao1a0rgudkZkR8Ra
Ly83MTg3OWQyMTJkYzhjYmY0ZDRmZDA0NGEzZDE3Zjk3ZmI2N
DJ7VIU7RICXr6sEEV2cBtHDSOe9nVdpEGhEmvRVRNURfw1wQ
Asmodeus
Cautam fisierele de configurare
BRUTEFORCING
FaTaLisTiCz_Fx Fx29Sh
w4ck1ng shell
private Shell by m4rco
Shell by Mawar_Hitam
LS0gRHVtcDNkIGJ5IFBpcnVsaW4uUEhQIFdlYnNoM2xsIHYxLjAgYzBkZWQgYnkgcjBkcjEgOkw\=
5jb20iKW9yIHN0cmlzdHIoJHJlZmVyZXIsImFwb3J0Iikgb3Igc3RyaXN0cigkcmVmZXJlciwibmlnbWEiKSBvciBzdHJpc3RyKCRyZWZlcmVyLCJ3ZWJhbHRhIikgb3Igc3RyaXN0cigk
X1NFU1NJT05bJ3R4dGF1dGhpbiddID0gdHJ1ZTsNCiAgICBpZiAoJF9QT1NUWydybSddKSB7DQogICAgICBzZXRjb29raWUoJ3R4dGF1dGhfJy4kcm1ncm91cCwgbW
zehirhacker
R0lGODlhFAAUAKIAAAAAAP
m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdX
CB2aTZpIDEwMjQtDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KI3JlcXVp
DX_Header_drawn
BDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQABADASIAAhEBA
casus15
temp_r57_table
By Psych0
c99ftpbrutecheck
K!LL3r
MrHazem
BY MMNBOBZ
ConnectBackShell
Hackeado
d3b~X
REREFER_PTTH
Joomla_brute_Force
/usr/sbin/httpd
tmhapbzcerff
IrSecTeam
Spammer
FLoodeR
eriuqer
sshkeys
<kuku>
Backdoor
eggdrop
rwxrwxrwx
profexor.hell
GIF89A;<?php
$sh3llColor
fwrite($fpsetv, getenv("HTTP_COOKIE")
putbot $bot
bind join - *
privmsg $chan
fopen'(/etc/passwd
\u003c\u0069\u006d\u0067\u0020\u0073\u0072\u0063\u003d\u0022\u0068\u0074\u0074\u0070\u003a\u002f\u002f
\x31\xdb\xf7\xe3\x53\x43\x53\x6a\x02\x89\xe1\xb0\x66\xcd
find / \-type f \-name \.htpasswd
find / \-type f \-perm \-02000 \-ls
find / \-type f \-perm \-04000 \-ls
if(''==($df=@ini_get('disable_functions
system\"$cmd 1> /tmp/
ncftpput -u
wsoEx(
WSOsetcookie(
Dr.abolalh
C0derz.com
Mr.HiTman
@eval($_GET[
$payload="
$post['cmd']
register_shutdown_function('assert'
@array_diff_ukey(@array((string)
system(base64_decode("
$path_parts = pathinfo("$fdownload")
plain=b?Utf8.encode(a):a;c=plain.length
call_user_func_array($_POST['functie']
eNrtWWtPW1cW/SsERTVoUHvej1La2
=$GLOBALS['
'ZJG'|zTl;$
'02'02'02'02'
$form1=@$_COOKIE[
/^(www|ftp)\./i', '', @$_SERVER['HTTP_HOST']
$compressed=base64_decode($cookieData)
get_fwrite_data($link_ar, $mtype='get', $content)
vf_regex($answer, $regex
if($_GET["password"]==
!in_array('pfsockopen'
preg_match('|<USER>(.*)</USER>
sprintf($map_uri_format, xml_urlarg(sprintf(
exit(); } ?><?php
$action==""||$password==""||$filename==""||$body==""
$action=='GetSubFolders'
$received_hash = $_POST["hash"];
@move_uploaded_file($userfile_tmp, $
ereg_replace("%5C%22", "%22", $message)
*/extract($_COOKIE);/*
\043\056\052\043\145
$_POST['code'] . "'\
echo PHP_OS.$
@copy($_FILES['uf']
{eval(${
"preg_repl"."ace"
"_REQU"."EST"
fkf_gxu(\'xrror_rxhorufkg\')