webshell

Ghost Exploiter Team Official

Directory >> /home/aminiwrc/public_html11/wp-content/plugins/backuply-pro/lib/

File / Folder	Size	Action
.	-
phpseclib	--	ren
aws.php	0.272KB	edt ren
caws.php	0.252KB	edt ren
cli.php	11.604KB	edt ren
dropbox.php	15.44KB	edt ren
ftps.php	16.097KB	edt ren
onedrive.php	20.214KB	edt ren
plugin-update-checker.php	52.52KB	edt ren
sftp.php	10.408KB	edt ren
sftp_builder.php	0.992KB	edt ren
softftpes.php	9.502KB	edt ren
softsftp.php	8.164KB	edt ren
webdav.php	13.73KB	edt ren

<?php

die();

$path = 'C:\Users\server\Desktop\phpseclib1.0.18';

// NOTE : You will need to update the FUNCTION in phpseclib whichever it is that resolves the path to the CRYPT FILES
// Remove $class = '*'; because this script will add it
// In version 1.0.14 we have changed this in function phpseclib_resolve_include_path()

$files = [
	'Crypt/Base.php',
	'Crypt/Rijndael.php',
	'Crypt/AES.php',
	'Crypt/Blowfish.php',
	'Crypt/DES.php',
	'Crypt/Hash.php',
	'Crypt/Random.php',
	'Crypt/RC2.php',
	'Crypt/RC4.php',
	'Crypt/RSA.php',
	'Crypt/TripleDES.php',
	'Crypt/Twofish.php',
	'Math/BigInteger.php',
	'Net/SSH2.php',
	'Net/SFTP.php',
];

$content = '';

foreach($files as $k => $v){
	$content .= "\n\n".'// File : '.$v."\n".substr(file_get_contents($path.'/'.$v), 5);
}

$final = base64_encode(gzcompress($content));

$_sftp = file_get_contents(dirname(__FILE__).'/_sftp.php');
$_sftp = str_replace('<?php', '<?php

$class = \''.$final.'\';', $_sftp);

file_put_contents(dirname(__FILE__).'/_sftp.php', $_sftp);