HEX
Server: LiteSpeed
System: Linux box401.parsvds.com 4.18.0-553.30.1.lve.el8.x86_64 #1 SMP Tue Dec 3 01:21:19 UTC 2024 x86_64
User: iymdjwzl (2335)
PHP: 7.4.33
Disabled: exec,shell_exec,system,passthru,popen,eval,proc_close,proc_open,pcntl_exec,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_getpriority,pcntl_setpriority
$ pwd: /usr/bin/
Upload Files
File: //usr/bin/atrm
#!/bin/bash
##CageFS proxyexec wrapper - ver 16

if [[ $EUID -eq 0 ]]; then
    echo 'Cannot be run as root'
    exit 1
fi

USR=`/usr/bin/whoami`
TOKEN=`/bin/cat /var/.cagefs/.cagefs.token`
# It's user's tmp directory and write to it is secure procedure
# because this script is running only under usual user
PIDFILE="/tmp/.cagefs.proxy.$$"
USER_INTERRUPT=13
CWD=`pwd`

ctrl_c_handler() {
    if [[ -f "$PIDFILE" ]]; then
        pid=`/bin/cat $PIDFILE`
        /bin/rm -f $PIDFILE > /dev/null 2>&1
        /bin/kill -s SIGINT "$pid" > /dev/null 2>&1
    fi
    exit $USER_INTERRUPT
}

if [[ -e /var/.cagefs/origin ]]; then
    ORIGIN=`/bin/cat /var/.cagefs/origin`
    REMOTE="/usr/bin/ssh -F /etc/ssh/cagefs-rexec_config $USR@$ORIGIN"
    $REMOTE CAGEFS_TOKEN="$TOKEN" /usr/sbin/proxyexec -c cagefs.sock "$USR" "$CWD" ATRM $$ "$@"
    RETVAL=$?
else
    trap 'ctrl_c_handler' 2
    CAGEFS_TOKEN="$TOKEN" /usr/sbin/proxyexec -c cagefs.sock "$USR" "$CWD" ATRM $$ "$@"
    RETVAL=$?
    /bin/rm -f $PIDFILE > /dev/null 2>&1
fi

exit $RETVAL
@ Telegram