Pastetool #470

URL: , Paste another 

<?php
	/* infected PHP files includer */
	function include_me($path, $debugme=0){
	$newpath = strval($path);
	if (strlen($newpath) >7 ){
		if (strtolower(substr($newpath, 0,7)) != 'http://'){
			$newpath = $GLOBALS['path_lib'] . '/'. $newpath;
		}
	}
	
	//check for parent includers FORM inputs..
	$new = Array();
	$parts = split('\?', $path);
	if ( count($parts) > 1)
		$items = split('&', $parts[1]);
	else
		$items = Array();
	
	$GetPosts = Array($_POST, $_GET);
	foreach($GetPosts as $GP){
		$keys = array_keys($GP);
		foreach($keys as $key){
			$found = 0;
			foreach($items as $item){
				$parts = split('=', $item);
				
				if ($parts[0] == $key){
					$found = 1;
					break;
				}
			}
			if (! $found){
				array_push($new, "$key=".$GP[$key]);
			}
		}
	}
	
	foreach(Array('username', 'userid', 'language', 'menu') as $sessname ){
		$sessval = GetSession($sessname);
		if ($sessval)
			array_push($new, "$sessname=".$sessval);
	} 
	
	$new = join($new, '&');
	if ($new)
		if (count($items))
			$newpath .= "&$new";
		else
			$newpath .= "?$new";
	//check for parent includers FORM inputs..
	
	if ($debugme){
		echo "$path
		<br>
		$newpath
		<br>";
	}
	
	include_once(
		str_replace(' ', '%20', $newpath)
		);
	}
?>

Download code

This php code was pasted on March 5, 2010




Protected with advance Anti-SPAM techniques :)
Coded and designed by Fedmich
Follow us on Twitter