Intrusion Exploit
Server: LiteSpeed
System: Linux cisadane.iixcp.rumahweb.net 5.14.0-427.42.1.el9_4.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Nov 1 14:58:02 EDT 2024 x86_64
User: lenf4658 (1805)
PHP: 8.4.19
Disabled: NONE
$ pwd: /opt/alt/php54/usr/bin/
Upload Files
File: //opt/alt/php54/usr/bin/peardev
#!/usr/bin/sh
alt_php_dir="/opt/alt/php54"
exec $alt_php_dir/usr/bin/php -C -q \
    -d memory_limit="-1" \
    -d include_path=$alt_php_dir/usr/share/pear \
    -d date.timezone=UTC \
    -d output_buffering=1 \
    -d variables_order=EGPCS \
    -d safe_mode=0 \
    -d register_argc_argv="On" \
    -d open_basedir="" \
    -d auto_prepend_file="" \
    -d auto_append_file=""  \
    $alt_php_dir/usr/share/pear/pearcmd.php "$@"
@ Telegram