HEX
Server: Apache/2
System: Linux jingle.dotvndns.vn 2.6.32-754.17.1.el6.x86_64 #1 SMP Tue Jul 2 12:42:48 UTC 2019 x86_64
User: chuahuehuong (1863)
PHP: 7.3.16
Disabled: apache_note,apache_setenv,proc_get_status,exec,passthru,proc_nice,proc_terminate,shell_exec,system,ini_restore,syslog,define_syslog_variables,symlink,link,error_log,leak,dbmopen,closelog,stream_socket_server,execl,escapeshellcmd,ini_alter,dl,show_source,posix_getpwuid,posix_geteuid,posix_getegid,posix_getgrgid,open_basedir,safe_mode_include_dir,pcntl_exec,pcntl_fork,pclose,virtual,openlog,popen,escapeshellarg,eval,calo,posix_getpwuid,symlinks,symlink,getpwuid,mail
$ pwd: /usr/local/maldetect/clean/
Upload Files
File: //usr/local/maldetect/clean/php.inject.n1zb
#!/usr/bin/env bash
##
# Linux Malware Detect v2.0.1
#             (C) 2002-2026, R-fx Networks <proj@rfxn.com>
#             (C) 2026, Ryan MacDonald <ryan@rfxn.com>
# This program may be freely redistributed under the terms of the GNU GPL v2
##
export PATH=/sbin:/bin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
# $1 file path, $2 signature name, $3 file owner, $4 file mode, $5 file size (b), $6 file md5sum
if [ -f "$1" ]; then
	sed -i -e 's/^<?php $.*=="));?>//' "$1"
fi
@ Telegram