HEX
Server: Apache/2.4.62 (Unix) OpenSSL/1.1.1k
System: Linux box12.multicloud.host 4.18.0-553.52.1.el8_10.x86_64 #1 SMP Wed May 14 09:36:12 EDT 2025 x86_64
User: kashmira (1008)
PHP: 8.1.32
Disabled: NONE
$ pwd: /usr/local/maldetect.bk847526/clean/
Upload Files
File: //usr/local/maldetect.bk847526/clean/php_malware_hexinject
#!/usr/bin/env bash
export PATH=/sbin:/bin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
# $1 file path, $2 signature name, $3 file owner, $4 file mode, $5 file size (b), $6 file md5sum
if [ -f "$1" ]; then
        sed -i -e 's/^$pw=\".*.=\"\\x.*.*\";$.*))));//' -e '/^\$.*=\".*=\"\\.*=\"\\x.*))));\r$/d' -e '/^foreach ($_GET.*insert.*base64_decode.*admin_user.*base64_decode.*substr_count(strtolower.*die(.*}.*\r/d' "$1"
fi
@ Telegram