Version: 3.1.0beta2
File format: 4
TRACE START [2023-02-13 00:03:23.984656]
1	0	1	0.000207	393512
1	3	0	0.005114	1306824	{main}	1		/var/www/html/uploads/shell.php	0	0
2	4	0	0.005136	1306824	function_exists	0		/var/www/html/uploads/shell.php	23	1	'getmicrotime'
2	4	1	0.005153	1306864
2	4	R			FALSE
2	5	0	0.005167	1306824	error_reporting	0		/var/www/html/uploads/shell.php	31	1	5
2	5	1	0.005181	1306864
2	5	R			22527
2	6	0	0.005194	1306824	ignore_user_abort	0		/var/www/html/uploads/shell.php	32	1	TRUE
2	6	1	0.005209	1306888
2	6	R			0
2	7	0	0.005222	1306856	substr	0		/var/www/html/uploads/shell.php	33	3	'Linux'	0	3
2	7	1	0.005237	1306984
2	7	R			'Lin'
2	8	0	0.005251	1306888	strtolower	0		/var/www/html/uploads/shell.php	33	1	'Lin'
2	8	1	0.005263	1306952
2	8	R			'lin'
1		A						/var/www/html/uploads/shell.php	33	$win = FALSE
2	9	0	0.005291	1306856	getmicrotime	1		/var/www/html/uploads/shell.php	34	0
3	10	0	0.005303	1306856	microtime	0		/var/www/html/uploads/shell.php	27	0
3	10	1	0.005316	1306904
3	10	R			'0.09202600 1676253778'
3	11	0	0.005330	1306904	explode	0		/var/www/html/uploads/shell.php	27	2	' '	'0.09202600 1676253778'
3	11	1	0.005345	1307432
3	11	R			[0 => '0.09202600', 1 => '1676253778']
2		A						/var/www/html/uploads/shell.php	27	$usec = '0.09202600'
2		A						/var/www/html/uploads/shell.php	27	$sec = '1676253778'
2	9	1	0.005384	1306856
2	9	R			1676253778.092
2	12	0	0.005399	1306856	define	0		/var/www/html/uploads/shell.php	34	2	'starttime'	1676253778.092
2	12	1	0.005413	1306960
2	12	R			TRUE
2	13	0	0.005426	1306888	get_magic_quotes_gpc	0		/var/www/html/uploads/shell.php	35	0
2	13	1	0.005438	1306888
2	13	R			FALSE
2	14	0	0.005452	1306888	array_merge	0		/var/www/html/uploads/shell.php	59	3	[]	[]	[]
2	14	1	0.005466	1307008
2	14	R			[]
1		A						/var/www/html/uploads/shell.php	59	$_REQUEST_REQUEST = []
1		A						/var/www/html/uploads/shell.php	67	$shver = '2.0 [PHP 7 Update] [25.02.2019]'
1		A						/var/www/html/uploads/shell.php	80	$surl = NULL
1		A						/var/www/html/uploads/shell.php	82	$surl_autofill_include = TRUE
1		A						/var/www/html/uploads/shell.php	85	$include = '&'
2	15	0	0.005538	1306888	getenv	0		/var/www/html/uploads/shell.php	86	1	'QUERY_STRING'
2	15	1	0.005552	1306952
2	15	R			''
2	16	0	0.005565	1306920	explode	0		/var/www/html/uploads/shell.php	86	2	'&'	''
2	16	1	0.005578	1307368
2	16	R			[0 => '']
2	17	0	0.005592	1307264	explode	0		/var/www/html/uploads/shell.php	88	2	'='	''
2	17	1	0.005604	1307712
2	17	R			[0 => '']
1		A						/var/www/html/uploads/shell.php	88	$v = [0 => '']
2	18	0	0.005628	1307640	urldecode	0		/var/www/html/uploads/shell.php	89	1	''
2	18	1	0.005641	1307704
2	18	R			''
1		A						/var/www/html/uploads/shell.php	89	$name = ''
2	19	0	0.005663	1307672	urldecode	0		/var/www/html/uploads/shell.php	90	1	NULL
2	19	1	0.005676	1307736
2	19	R			''
1		A						/var/www/html/uploads/shell.php	90	$value = ''
2	20	0	0.005698	1307704	strpos	0		/var/www/html/uploads/shell.php	99	2	''	'http://'
2	20	1	0.005711	1307776
2	20	R			FALSE
2	21	0	0.005724	1307704	strpos	0		/var/www/html/uploads/shell.php	99	2	''	'https://'
2	21	1	0.005736	1307776
2	21	R			FALSE
2	22	0	0.005749	1307704	strpos	0		/var/www/html/uploads/shell.php	99	2	''	'ssl://'
2	22	1	0.005760	1307776
2	22	R			FALSE
2	23	0	0.005773	1307704	strpos	0		/var/www/html/uploads/shell.php	99	2	''	'ftp://'
2	23	1	0.005785	1307776
2	23	R			FALSE
2	24	0	0.005797	1307704	strpos	0		/var/www/html/uploads/shell.php	99	2	''	'\\\\'
2	24	1	0.005809	1307776
2	24	R			FALSE
1		A						/var/www/html/uploads/shell.php	112	$surl = '?'
2	25	0	0.005834	1307360	htmlspecialchars	0		/var/www/html/uploads/shell.php	114	1	'?'
2	25	1	0.005848	1307552
2	25	R			'?'
1		A						/var/www/html/uploads/shell.php	114	$surl = '?'
1		A						/var/www/html/uploads/shell.php	115	$timelimit = 0
1		A						/var/www/html/uploads/shell.php	116	$login = 'hackman'
1		A						/var/www/html/uploads/shell.php	117	$pass = 'eetfuck'
1		A						/var/www/html/uploads/shell.php	118	$md5_pass = ''
1		A						/var/www/html/uploads/shell.php	120	$host_allow = [0 => '*']
1		A						/var/www/html/uploads/shell.php	122	$login_txt = 'Restricted area'
1		A						/var/www/html/uploads/shell.php	123	$accessdeniedmess = '<a href="https://github.com/KaizenLouie/C99Shell-PHP7">c99shell v.2.0 [PHP 7 Update] [25.02.2019]</a>: access denied'
1		A						/var/www/html/uploads/shell.php	124	$gzipencode = TRUE
1		A						/var/www/html/uploads/shell.php	125	$updatenow = FALSE
1		A						/var/www/html/uploads/shell.php	126	$c99sh_updateurl = 'https://github.com/KaizenLouie/C99Shell-PHP7/'
1		A						/var/www/html/uploads/shell.php	127	$c99sh_sourcesurl = 'https://github.com/KaizenLouie/C99Shell-PHP7/'
1		A						/var/www/html/uploads/shell.php	128	$filestealth = TRUE
1		A						/var/www/html/uploads/shell.php	129	$donated_html = '<center><b>Owned by hacker</b></center>'
1		A						/var/www/html/uploads/shell.php	131	$donated_act = [0 => '']
1		A						/var/www/html/uploads/shell.php	133	$curdir = './'
1		A						/var/www/html/uploads/shell.php	134	$tmpdir = ''
1		A						/var/www/html/uploads/shell.php	135	$tmpdir_log = './'
1		A						/var/www/html/uploads/shell.php	136	$log_email = 'user@host.tld'
1		A						/var/www/html/uploads/shell.php	137	$sort_default = '0a'
1		A						/var/www/html/uploads/shell.php	138	$sort_save = TRUE
1		A						/var/www/html/uploads/shell.php	140	$ftypes = ['html' => [0 => 'html', 1 => 'htm', 2 => 'shtml'], 'txt' => [0 => 'txt', 1 => 'conf', 2 => 'bat', 3 => 'sh', 4 => 'js', 5 => 'bak', 6 => 'doc', 7 => 'log', 8 => 'sfc', 9 => 'cfg', 10 => 'htaccess'], 'exe' => [0 => 'sh', 1 => 'install', 2 => 'bat', 3 => 'cmd'], 'ini' => [0 => 'ini', 1 => 'inf'], 'code' => [0 => 'php', 1 => 'phtml', 2 => 'php3', 3 => 'php4', 4 => 'inc', 5 => 'tcl', 6 => 'h', 7 => 'c', 8 => 'cpp', 9 => 'py', 10 => 'cgi', 11 => 'pl'], 'img' => [0 => 'gif', 1 => 'png', 2 => 'jpeg', 3 => 'jfif', 4 => 'jpg', 5 => 'jpe', 6 => 'bmp', 7 => 'ico', 8 => 'tif', 9 => 'tiff', 10 => 'avi', 11 => 'mpg', 12 => 'mpeg'], 'sdb' => [0 => 'sdb'], 'phpsess' => [0 => 'sess'], 'download' => [0 => 'exe', 1 => 'com', 2 => 'pif', 3 => 'src', 4 => 'lnk', 5 => 'zip', 6 => 'rar', 7 => 'gz', 8 => 'tar']]
2	26	0	0.006139	1307648	getenv	0		/var/www/html/uploads/shell.php	216	1	'PHPRC'
2	26	1	0.006153	1307680
2	26	R			FALSE
1		A						/var/www/html/uploads/shell.php	216	$exeftypes = [' -q %f%' => [0 => 'php', 1 => 'php3', 2 => 'php4'], 'perl %f%' => [0 => 'pl', 1 => 'cgi']]
2	27	0	0.006184	1308056	basename	0		/var/www/html/uploads/shell.php	228	1	'/uploads/shell.php'
2	27	1	0.006199	1308128
2	27	R			'shell.php'
1		A						/var/www/html/uploads/shell.php	228	$regxp_highlight = [0 => [0 => 'shell.php', 1 => 1, 2 => '<font color="yellow">', 3 => '</font>'], 1 => [0 => 'config.php', 1 => 1]]
1		A						/var/www/html/uploads/shell.php	239	$safemode_diskettes = [0 => 'a']
1		A						/var/www/html/uploads/shell.php	241	$hexdump_lines = 8
1		A						/var/www/html/uploads/shell.php	242	$hexdump_rows = 24
1		A						/var/www/html/uploads/shell.php	243	$nixpwdperpage = 100
1		A						/var/www/html/uploads/shell.php	244	$bindport_pass = 'c99'
1		A						/var/www/html/uploads/shell.php	245	$bindport_port = '31373'
1		A						/var/www/html/uploads/shell.php	246	$bc_port = '31373'
1		A						/var/www/html/uploads/shell.php	247	$datapipe_localport = '8081'
1		A						/var/www/html/uploads/shell.php	252	$cmdaliases = [0 => [0 => '-----------------------------------------------------------', 1 => 'ls -la'], 1 => [0 => 'find all suid files', 1 => 'find / -type f -perm -04000 -ls'], 2 => [0 => 'find suid files in current dir', 1 => 'find . -type f -perm -04000 -ls'], 3 => [0 => 'find all sgid files', 1 => 'find / -type f -perm -02000 -ls'], 4 => [0 => 'find sgid files in current dir', 1 => 'find . -type f -perm -02000 -ls'], 5 => [0 => 'find config.inc.php files', 1 => 'find / -type f -name config.inc.php'], 6 => [0 => 'find config* files', 1 => 'find / -type f -name "config*"'], 7 => [0 => 'find config* files in current dir', 1 => 'find . -type f -name "config*"'], 8 => [0 => 'find all writable folders and files', 1 => 'find / -perm -2 -ls'], 9 => [0 => 'find all writable folders and files in current dir', 1 => 'find . -perm -2 -ls'], 10 => [0 => 'find all service.pwd files', 1 => 'find / -type f -name service.pwd'], 11 => [0 => 'find service.pwd files in current dir', 1 => 'find . -type f -name service.pwd'], 12 => [0 => 'find all .htpasswd files', 1 => 'find / -type f -name .htpasswd'], 13 => [0 => 'find .htpasswd files in current dir', 1 => 'find . -type f -name .htpasswd'], 14 => [0 => 'find all .bash_history files', 1 => 'find / -type f -name .bash_history'], 15 => [0 => 'find .bash_history files in current dir', 1 => 'find . -type f -name .bash_history'], 16 => [0 => 'find all .fetchmailrc files', 1 => 'find / -type f -name .fetchmailrc'], 17 => [0 => 'find .fetchmailrc files in current dir', 1 => 'find . -type f -name .fetchmailrc'], 18 => [0 => 'list file attributes on a Linux second extended file system', 1 => 'lsattr -va'], 19 => [0 => 'show opened ports', 1 => 'netstat -an | grep -i listen']]
1		A						/var/www/html/uploads/shell.php	346	$sess_cookie = 'c99shvars'
1		A						/var/www/html/uploads/shell.php	347	$usefsbuff = TRUE
1		A						/var/www/html/uploads/shell.php	348	$copy_unset = FALSE
1		A						/var/www/html/uploads/shell.php	351	$quicklaunch = [0 => [0 => '<img src="?act=img&img=home" alt="Home" height="20" width="20" border="0">', 1 => '?'], 1 => [0 => '<img src="?act=img&img=back" alt="Back" height="20" width="20" border="0">', 1 => '#" onclick="history.back(1)'], 2 => [0 => '<img src="?act=img&img=forward" alt="Forward" height="20" width="20" border="0">', 1 => '#" onclick="history.go(1)'], 3 => [0 => '<img src="?act=img&img=up" alt="UPDIR" height="20" width="20" border="0">', 1 => '?act=ls&d=%upd&sort=%sort'], 4 => [0 => '<img src="?act=img&img=refresh" alt="Refresh" height="20" width="17" border="0">', 1 => ''], 5 => [0 => '<img src="?act=img&img=search" alt="Search" height="20" width="20" border="0">', 1 => '?act=search&d=%d'], 6 => [0 => '<img src="?act=img&img=buffer" alt="Buffer" height="20" width="20" border="0">', 1 => '?act=fsbuff&d=%d'], 7 => [0 => '<b>Encoder</b>', 1 => '?act=encoder&d=%d'], 8 => [0 => '<b>Tools</b>', 1 => '?act=tools&d=%d'], 9 => [0 => '<b>Proc.</b>', 1 => '?act=processes&d=%d'], 10 => [0 => '<b>FTP brute</b>', 1 => '?act=ftpquickbrute&d=%d'], 11 => [0 => '<b>Sec.</b>', 1 => '?act=security&d=%d'], 12 => [0 => '<b>SQL</b>', 1 => '?act=sql&d=%d'], 13 => [0 => '<b>PHP-code</b>', 1 => '?act=eval&d=%d'], 14 => [0 => '<b>Update</b>', 1 => '?act=update&d=%d'], 15 => [0 => '<b>Feedback</b>', 1 => '?act=feedback&d=%d'], 16 => [0 => '<b>Self remove</b>', 1 => '?act=selfremove'], 17 => [0 => '<b>Logout</b>', 1 => '#" onclick="if (confirm(\'Are you sure?\')) window.close()']]
1		A						/var/www/html/uploads/shell.php	423	$highlight_background = '#c0c0c0'
1		A						/var/www/html/uploads/shell.php	424	$highlight_bg = '#FFFFFF'
1		A						/var/www/html/uploads/shell.php	425	$highlight_comment = '#6A6A6A'
1		A						/var/www/html/uploads/shell.php	426	$highlight_default = '#0000BB'
1		A						/var/www/html/uploads/shell.php	427	$highlight_html = '#1300FF'
1		A						/var/www/html/uploads/shell.php	428	$highlight_keyword = '#007700'
1		A						/var/www/html/uploads/shell.php	429	$highlight_string = '#000000'
1		A						/var/www/html/uploads/shell.php	430	$f = NULL
2	28	0	0.006551	1318304	extract	0		/var/www/html/uploads/shell.php	431	1	NULL
2	28	1	0.006567	1318336
2	28	R			NULL
2	29	0	0.006581	1318304	set_time_limit	0		/var/www/html/uploads/shell.php	432	1	0
2	29	1	0.006596	1318368
2	29	R			FALSE
1		A						/var/www/html/uploads/shell.php	433	$tmp = []
1		A						/var/www/html/uploads/shell.php	434	$k = 0
2	30	0	0.006629	1317960	preg_quote	0		/var/www/html/uploads/shell.php	436	1	'*'
2	30	1	0.006642	1318032
2	30	R			'\\*'
2	31	0	0.006655	1318000	str_replace	0		/var/www/html/uploads/shell.php	436	3	'\\*'	'.*'	'\\*'
2	31	1	0.006670	1318128
2	31	R			'.*'
1		A						/var/www/html/uploads/shell.php	436	$tmp[] = '.*'
2	32	0	0.006703	1318368	implode	0		/var/www/html/uploads/shell.php	438	2	'|'	[0 => '.*']
2	32	1	0.006717	1318432
2	32	R			'.*'
1		A						/var/www/html/uploads/shell.php	438	$s = '!^(.*)$!i'
2	33	0	0.006746	1318408	getenv	0		/var/www/html/uploads/shell.php	439	1	'REMOTE_ADDR'
2	33	1	0.006761	1318480
2	33	R			'127.0.0.1'
2	34	0	0.006774	1318448	preg_match	0		/var/www/html/uploads/shell.php	439	2	'!^(.*)$!i'	'127.0.0.1'
2	34	1	0.006790	1318512
2	34	R			1
2	35	0	0.006804	1318408	md5	0		/var/www/html/uploads/shell.php	447	1	'eetfuck'
2	35	1	0.006818	1318504
2	35	R			'4c4e183a8c0fce40e3563d79a2930630'
1		A						/var/www/html/uploads/shell.php	447	$md5_pass = '4c4e183a8c0fce40e3563d79a2930630'
2	36	0	0.006847	1318600	header	0		/var/www/html/uploads/shell.php	455	1	'WWW-Authenticate: Basic realm="c99shell 2.0 [PHP 7 Update] [25.02.2019]: Restricted area"'
2	36	1	0.006866	1318768
2	36	R			NULL
2	37	0	0.006880	1318608	header	0		/var/www/html/uploads/shell.php	456	1	'HTTP/1.0 401 Unauthorized'
2	37	1	0.006894	1318672
2	37	R			NULL
			0.006932	1239400
TRACE END   [2023-02-13 00:03:23.991424]