Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
<? namespace Bitrix\Main\Security\W; $GLOBALS['____685273414'] = array(base64_decode('dG..
Decoded Output download
<?
namespace Bitrix\Main\Security\W;
$GLOBALS['____685273414'] = array(base64_decode('dG' . 'lt' . 'ZQ=='), base64_decode('dGlt' . 'Z' . 'Q=='),
base64_decode('an' . 'Nvb' . 'l9kZWN' . 'vZGU='), base64_decode('YX' . 'JyY' . 'XlfbW' . 'VyZ2U' . '='),
base64_decode('a' . 'm9pbg=='), base64_decode('am9pbg=='), base64_decode('' . 'am9p' . 'bg=='),
base64_decode('' . 'YXJyY' . 'X' . 'lfcG9w'), base64_decode('' . 'YX' . 'JyYXlf' . 'c2h' . 'pZn' . 'Q='),
base64_decode('YXJyYXl' . 'fc2hp' . 'Z' . 'nQ='), base64_decode('YXJyY' . 'Xlfc2hp' . 'ZnQ' . '='),
base64_decode('YXJyYX' . 'l' . 'fc2h' . 'pZn' . 'Q='), base64_decode('YX' . 'JyYXlfb' . 'W' . 'Vy' . 'Z2U='),
base64_decode('a' . 'XNfY' . 'XJy' . 'YXk='),
base64_decode('' . 'Y' . 'XJy' . 'Y' . 'X' . 'l' . 'fbW' . 'V' . 'yZ2' . 'U='),
base64_decode('' . 'a' . 'W' . '5f' . 'YXJyYXk='), base64_decode('aW5f' . 'YXJyYXk='),
base64_decode('' . 'aW5fYX' . 'Jy' . 'YX' . 'k='), base64_decode('aW5fYXJ' . 'y' . 'YX' . 'k='),
base64_decode('aW' . '5fYXJyYXk='), base64_decode('' . 'dGltZQ=='), base64_decode('' . 'dGltZQ=='),
base64_decode('YXJyY' . 'Xlfb' . 'W' . 'Fw'),
base64_decode('Z2' . 'V0X2xvYW' . 'RlZ' . 'F' . '9le' . 'HR' . 'lbnN' . 'pb25' . 'z'),
base64_decode('anNvbl9lbmNvZG' . 'U='), base64_decode('anNvbl' . '9lb' . 'm' . 'Nv' . 'Z' . 'GU='),
base64_decode('' . 'c' . 'Ghwdm' . 'Vyc2lvbg=' . '='), base64_decode('' . 'an' . 'N' . 'vbl9lb' . 'm' . 'NvZGU='),
base64_decode('' . 'a' . 'm' . '9' . 'p' . 'bg=' . '='));
if (!function_exists(__NAMESPACE__ . '\___125000321')) {
function ___125000321($_2120270678)
{
static $_1919157925 = false;
if ($_1919157925 == false) $_1919157925 =
array('V1dBTEx' . 'fT' . 'E9DSw' . '=' . '=', 'c2Vjd' . 'XJ' . 'pdHk=', '' . 'REFUQQ' . '==', 'eyI=',
'V1dBTExf' . 'TE9D' . 'Sw==', 'c2Vjd' . 'XJ' . 'pd' . 'Hk=',
'' . 'U' . '0VDVVJ' . 'JVFlfV1d' . 'BTEx' . 'f' . 'RVh' . 'DRV' . 'BU' . 'SU9O',
'RkFJTF9DSEV' . 'DS0lORw==',
'Q' . '2F' . 'uIG' . '5vdCBleGVj' . 'dXRlIHd3Y' . 'WxsIHJ1bGV' . 'z' . 'OiA' . '=', 'IFRyYWNlO' . 'iA=',
'UkVRV' . 'UVTVF9VUkk=', 'a2V5cw==', 'dmFsdWVz', 'U0VD' . 'VVJ' . 'JVFlfV1d' . 'BTExfTU9ESUZ' . 'Z',
'' . 'Lg==', 'U0VDV' . 'VJJVFlfV' . '1dBTExfVU5TRVQ' . '=', '' . 'Lg=' . '=',
'U0' . 'VD' . 'VVJJ' . 'V' . 'Fl' . 'fV1' . 'dBT' . 'ExfRV' . 'hJV' . 'A=' . '=', '' . 'Lg==',
'Z2x' . 'vYmFs', '' . 'a2V5' . 'cw=' . '=', '' . 'dm' . 'Fsd' . 'WVz', 'Z2V0', 'Z2V0',
'' . 'cG9zd' . 'A==', '' . 'cG9z' . 'dA==', 'Y2' . '9va' . '2' . 'll', 'Y29' . 'va' . '2ll',
'cmVx' . 'dW' . 'Vz' . 'dA' . '==', 'cm' . 'Vx' . 'dWVzdA=' . '=', 'Z2x' . 'vYmFs',
'Z' . '2x' . 'v' . 'YmFs', 'bWFpbl9zZWM=', 'V1dBTExfQ' . 'UNUVUFMSV' . 'pFX1' . 'JV' . 'T' . 'EVT',
'd' . 'g==', '' . 'dmVy' . 'c2l' . 'vbg=' . '=', 'aQ' . '==', 'aXNJbnN' . '0YWxsZ' . 'WQ=', 'dg==',
'aW5' . 'p', 'c' . '29j' . 'a' . '2' . 'V' . '0VGltZW91dA==',
'c' . '3' . 'R' . 'yZWF' . 't' . 'VGl' . 'tZW91dA=' . '=', 'KCc=', 'ZGF0YQ=' . '=', 'JywgJw==',
'bW9kd' . 'Wxl', 'Jywg' . 'Jw==', 'bW9kdW' . 'xlX' . '3' . 'ZlcnNp' . 'b24=', 'Jyk' . '=', 'LC' . 'A=',
'U0VDVVJJ' . 'VFlfV1dB' . 'TE' . 'xfR' . 'Vh' . 'DR' . 'V' . 'B' . 'USU' . '9' . 'O',
'bW' . 'Fpbg' . '==', 'RkFJTF9SR' . 'UZS' . 'RV' . 'N' . 'IS' . 'U' . '5H',
'Q2FuIG5vdC' . 'ByZW' . 'Zy' . 'ZXNoIHd3YWxsIHJ1bGVz' . 'OiA=', 'IF' . 'RyY' . 'WNlO' . 'iA=',
'ZGF0YQ' . '==', 'eyI=', 'LS0' . 'tLS1CRUdJT' . 'iBQ' . 'VUJMS' . 'UMgS0VZ' . 'LS' . '0t' . 'LS0' . '=',
'Ck' . '1JSU' . 'JJa' . 'kFOQm' . 'd' . 'rcWh' . 'raUc5' . 'dzB' . 'C' . 'QVFFRkF' . 'B' . 'T0N' .
'BUThBTUlJQk' . 'N' . 'nS0NBUUVBcThR' . 'RTBIam1ISlVTdFdWNm4wemEKUlZvT' . 'Hgw' . 'Mkt' . '6YmZyYlMvU' .
'DZzV' . '2F4' . 'VHp3OFNl' . 'R1' . 'R0YlRD' . 'T3JwSGk' . '1U' . 'U' . 'Y2T1J5alovWHh6L' . '0tM' .
'VTFHY' . 'm9m' . 'OU' . 'NaMw' . 'o0e' . 'jdTa3' . 'FVd' . 'D' . 'Y' . '2aWJYdk' . '9' . 'GQng' .
'0Znc' . 'vQV' . 'B' . 'QUkdE' . 'c' . 'X' . 'RtMG5E' . 'M2' . 'ZnR3' . 'N1M1J' . 'lUGd3Mj' .
'lpOCt2bTdtdEJLS' . 'lV' . 'Z' . 'bDRyClZwYj' . 'ZzZlp' . 'FVDlLRWI2VDFIRFlt' . 'RX' . 'ZjM' . 'Wh' .
'xL2lpdXl4THJ' . 'aWm' . 'k' . '1UTZVZmY0VUV2' . 'VEkr' . 'Njhzc0' . 'ZSa1Er' . 'b' . '3dU' . 'Un' .
'kKZU' . '9' . 'JTWJGaE0vV' . 'VRt' . 'Z' . 'lZ' . 'Z' . 'YlRSRnkyb' . '1VROF' . 'dN' . 'emE' . 'ybk' .
'o1U' . '2Fo' . 'emkxVUtPMW' . 'pBalhUUF' . 'JyemM3' . 'Q' . 'Wp' . '1' . 'NjM5ajFPMAp' . 'wc' . 'HF' .
'mb' . 'TV4Z1dsRkFKa' . '0' . 'hRVGdiZGQ1' . 'Q' . 'VdxREZRa3Q5SEtr' . 'WS' . 't' . 'Ubm' . 'ZCTE' .
'dWT' . 'XZWeV' . 'B3VEhOV1FZQX' . 'c0e' . 'HBnL' . '3' . 'dBClp3SURB' . 'U' . 'UFCCi' . '0t' . 'L' .
'S0tR' . 'U' . '5' . 'EIFBVQkx' . 'JQyBLRV' . 'kt' . 'L' . 'S0tLQ==');
return base64_decode($_1919157925[$_2120270678]);
}
};
use Bitrix\Main\Application;
use Bitrix\Main\Config\Option;
use Bitrix\Main\Data\Cache;
use Bitrix\Main\ModuleManager;
use Bitrix\Main\Security\PublicKeyCipher;
use Bitrix\Main\SystemException;
use Bitrix\Main\Web\HttpClient;
use Bitrix\Main\Web\Json;
use Bitrix\Main\Security\W\Rules\Rule;
use Bitrix\Main\Security\W\Rules\Results\RuleAction;
use Bitrix\Main\Security\W\Rules\Results\RuleResult;
use Bitrix\Main\Security\W\Rules\Results\CheckResult;
use Bitrix\Main\Security\W\Rules\Results\ModifyResult;
use Bitrix\Main\Type\ArrayHelper;
use Bitrix\Main\Security\W\Rules\RuleRecordTable;
use ReflectionExtension;
class WWall
{
const CACHE_RULES_TTL = 10800;
private static $_1212362079 = 'https://wwall.bitrix.info/rules.php';
protected $_1508822158 = true;
public function handle()
{
try {
$_1392812524 = RuleRecordTable::getList(['cache' => ['ttl' => 3600 * 24 * 7]])->fetchAll();
if (empty($_1392812524)) {
return;
}
$_559348624 = Cache::createInstance();
$_2132879287 = false;
if ($_559348624->initCache(static::CACHE_RULES_TTL, 'WWALL_LOCK', 'security')) {
$_902230095 = $_559348624->getVars();
if ($GLOBALS['____685273414'][0]() - $_902230095 > round(0 + 5 + 5 + 5 + 5)) {
$_922881542 = Application::getConnection();
$_959446121 = RuleRecordTable::getTableName();
$_922881542->truncateTable($_959446121);
RuleRecordTable::cleanCache();
$_559348624->clean(___125000321(0), ___125000321(1));
}
} elseif ($_559348624->startDataCache()) {
$_559348624->endDataCache($GLOBALS['____685273414'][1]());
$_2132879287 = true;
}
foreach ($_1392812524 as $_635905475) {
$_1191117338 = new PublicKeyCipher;
$_264978350 = $_1191117338->decrypt($_635905475[___125000321(2)], static::__986225707());
if (!str_starts_with($_264978350, ___125000321(3))) {
continue;
}
$_1643931111 = $GLOBALS['____685273414'][2]($_264978350, true);
if (!empty($_1643931111)) {
$_1850576814 = Rule::make($_1643931111);
$_1531110473 = $this->handleRule($_1850576814);
$this->applyHandlingResults($_1531110473);
}
}
if ($_2132879287) {
$_559348624->clean(___125000321(4), ___125000321(5));
}
} catch (\Throwable $_827808309) {
$this->logEvent(___125000321(6), ___125000321(7),
___125000321(8) . $_827808309->getMessage() . ___125000321(9) . $_827808309->getTraceAsString());
}
}
public function handleRule(Rule $_1850576814): array
{
$_1531110473 = [];
if ($_1850576814->matchPath($_SERVER[___125000321(10)])) {
$_261947781 = $this->getContextElements($_1850576814->getContext());
foreach ($_261947781 as $_856864095 => &$_1496276265) {
$_1531110473 = $GLOBALS['____685273414'][3]($_1531110473,
$this->recursiveContextKeyHandle($_856864095, $_1496276265, [], $_1850576814));
}
}
return $_1531110473;
}
public function applyHandlingResults(array $_1531110473)
{
$_261947781 = $this->getContextElements(['get', 'post', 'cookie', 'request', 'global']);
foreach ($_1531110473 as $_1425439313) {
$_1496276265 =& $_261947781[$_1425439313->getContextName()];
$_1030007695 = $_1425439313->getRuleResult();
$_1850576814 = $_1425439313->getRule();
if ($_1030007695 instanceof ModifyResult) {
if ($_1850576814->getProcess() === ___125000321(11)) {
static::rewriteContextKey($_1425439313->getContextName(), $_1496276265,
$_1425439313->getContextKey(), $_1030007695->getCleanValue());
} elseif ($_1850576814->getProcess() === ___125000321(12)) {
static::rewriteContextValue($_1425439313->getContextName(), $_1496276265,
$_1425439313->getContextKey(), $_1030007695->getCleanValue());
}
$this->logEvent(___125000321(13), $_1425439313->getContextName(),
$GLOBALS['____685273414'][4](___125000321(14), $_1425439313->getContextKey()));
} elseif ($_1030007695 instanceof CheckResult && !$_1030007695->isSuccess()) {
if ($_1030007695->getAction() === RuleAction::UNSET) {
static::unsetContextValue($_1425439313->getContextName(), $_1496276265,
$_1425439313->getContextKey(),);
$this->logEvent(___125000321(15), $_1425439313->getContextName(),
$GLOBALS['____685273414'][5](___125000321(16), $_1425439313->getContextKey()));
} elseif ($_1030007695->getAction() === RuleAction::EXIT) {
$this->logEvent(___125000321(17), $_1425439313->getContextName(),
$GLOBALS['____685273414'][6](___125000321(18), $_1425439313->getContextKey()));
exit;
}
}
}
}
public function disableEventLogging()
{
$this->_1508822158 = false;
}
protected function rewriteContextKey($_856864095, &$_1496276265, $_1084881637, $_1892728094)
{
$_621191798 = $_1084881637;
$GLOBALS['____685273414'][7]($_621191798);
$_621191798[] = $_1892728094;
if ($_856864095 === ___125000321(19)) {
$_495822601 = $GLOBALS['____685273414'][8]($_1084881637);
$GLOBALS['____685273414'][9]($_621191798);
if (empty($_1084881637)) {
$GLOBALS[$_1892728094] = $GLOBALS[$_495822601];
unset($GLOBALS[$_495822601]);
} else {
$_1496276265 =& $GLOBALS[$_495822601];
$_599488940 = ArrayHelper::getByNestedKey($_1496276265, $_1084881637);
ArrayHelper::setByNestedKey($_1496276265, $_621191798, $_599488940);
ArrayHelper::unsetByNestedKey($_1496276265, $_1084881637);
}
} else {
$_599488940 = ArrayHelper::getByNestedKey($_1496276265, $_1084881637);
ArrayHelper::setByNestedKey($_1496276265, $_621191798, $_599488940);
ArrayHelper::unsetByNestedKey($_1496276265, $_1084881637);
}
}
protected function rewriteContextValue($_856864095, &$_1496276265, $_1420691434, $_599488940)
{
if ($_856864095 === 'global') {
$_495822601 = $GLOBALS['____685273414'][10]($_1420691434);
if (empty($_1420691434)) {
$GLOBALS[$_495822601] = $_599488940;
} else {
$_1496276265 =& $GLOBALS[$_495822601];
ArrayHelper::setByNestedKey($_1496276265, $_1420691434, $_599488940);
}
} else {
ArrayHelper::setByNestedKey($_1496276265, $_1420691434, $_599488940);
}
}
protected function unsetContextValue($_856864095, &$_1496276265, $_1420691434)
{
if ($_856864095 === 'global') {
$_495822601 = $GLOBALS['____685273414'][11]($_1420691434);
if (empty($_1420691434)) {
unset($GLOBALS[$_495822601]);
} else {
$_1496276265 =& $GLOBALS[$_495822601];
ArrayHelper::unsetByNestedKey($_1496276265, $_1420691434);
}
} else {
ArrayHelper::unsetByNestedKey($_1496276265, $_1420691434);
}
}
protected function recursiveContextKeyHandle(string $_856864095, array &$_1496276265, array $_971548743,
Rule $_1850576814): array
{
$_1531110473 = [];
foreach ($_1496276265 as $_2053128305 => $_599488940) {
$_1420691434 = $GLOBALS['____685273414'][12]($_971548743, [$_2053128305]);
if ($_1850576814->matchKey($_1420691434)) {
if ($_1850576814->getProcess() === ___125000321(20)) {
$_1030007695 = $_1850576814->evaluate($_2053128305);
} elseif ($_1850576814->getProcess() === ___125000321(21)) {
$_1030007695 = $_1850576814->evaluateValue($_599488940);
}
if (!empty($_1030007695) && $_1030007695 instanceof RuleResult) {
$_1531110473[] = new HandlingResult($_856864095, $_1420691434, $_1030007695, $_1850576814);
}
}
if ($GLOBALS['____685273414'][13]($_599488940)) {
$_1531110473 = $GLOBALS['____685273414'][14]($_1531110473,
$this->recursiveContextKeyHandle($_856864095, $_1496276265[$_2053128305], $_1420691434,
$_1850576814));
}
}
return $_1531110473;
}
protected function getContextElements(array $_2033840673)
{
$_2087439224 = [];
if ($GLOBALS['____685273414'][15](___125000321(22), $_2033840673, true)) {
$_2087439224[___125000321(23)] = &$_GET;
}
if ($GLOBALS['____685273414'][16](___125000321(24), $_2033840673, true)) {
$_2087439224[___125000321(25)] = &$_POST;
}
if ($GLOBALS['____685273414'][17](___125000321(26), $_2033840673, true)) {
$_2087439224[___125000321(27)] = &$_COOKIE;
}
if ($GLOBALS['____685273414'][18](___125000321(28), $_2033840673, true)) {
$_2087439224[___125000321(29)] = &$_REQUEST;
}
if ($GLOBALS['____685273414'][19](___125000321(30), $_2033840673, true)) {
$_2087439224[___125000321(31)] = $GLOBALS;
}
return $_2087439224;
}
public static function refreshRules()
{
try {
$_2042952140 = Option::get('main_sec', 'WWALL_ACTUALIZE_RULES', 0);
if (($GLOBALS['____685273414'][20]() - $_2042952140) < static::CACHE_RULES_TTL) {
return;
}
Option::set(___125000321(32), ___125000321(33), $GLOBALS['____685273414'][21]());
$_325769198 = null;
$_1640073540 = $GLOBALS['____685273414'][22](function ($_762385693) {
return [___125000321(34) => $_762385693[___125000321(35)],
___125000321(36) => (int)$_762385693[___125000321(37)]];
}, ModuleManager::getModulesFromDisk());
$_18068556 = [];
foreach ($GLOBALS['____685273414'][23]() as $_1373112692) {
$_1260101882 = new ReflectionExtension($_1373112692);
$_18068556[$_1373112692] =
[___125000321(38) => $_1260101882->getVersion(), ___125000321(39) => $_1260101882->getINIEntries()];
}
$_1319456541 = new HttpClient([___125000321(40) => round(0 + 1.25 + 1.25 + 1.25 + 1.25),
___125000321(41) => round(0 + 5)]);
$_539470450 = $_1319456541->post(static::$_1212362079,
['modules' => $GLOBALS['____685273414'][24]($_1640073540),
'license' => Application::getInstance()->getLicense()->getHashLicenseKey(),
'php' => $GLOBALS['____685273414'][25](['v' => $GLOBALS['____685273414'][26](),
'ext' => $_18068556]),]);
if ($_1319456541->getStatus() == round(0 + 100 + 100) && !empty($_539470450)) {
$_325769198 = Json::decode($_539470450);
}
if ($_325769198 !== null) {
$_922881542 = Application::getConnection();
$_959446121 = RuleRecordTable::getTableName();
if (!empty($_325769198)) {
foreach ($_325769198 as $_1514742390) {
if (!static::checkRuleSign($_1514742390)) {
throw new SystemException('Invalid sign for rule ' .
$GLOBALS['____685273414'][27]($_1514742390));
}
}
}
$_922881542->truncateTable($_959446121);
if (!empty($_325769198)) {
$_1244626267 = [];
foreach ($_325769198 as $_1514742390) {
$_1244626267[] =
___125000321(42) . $_922881542->getSqlHelper()->forSql($_1514742390[___125000321(43)]) .
___125000321(44) . $_922881542->getSqlHelper()->forSql($_1514742390[___125000321(45)]) .
___125000321(46) . $_922881542->getSqlHelper()->forSql($_1514742390[___125000321(47)]) .
___125000321(48);
}
$_1574484706 = $GLOBALS['____685273414'][28](___125000321(49), $_1244626267);
$_922881542->query("INSERT INTO {$_959446121} (DATA, MODULE, MODULE_VERSION) VALUES {$_1574484706}");
RuleRecordTable::cleanCache();
}
}
} catch (\Throwable $_827808309) {
\CEventLog::log(\CEventLog::SEVERITY_SECURITY, ___125000321(50), ___125000321(51), ___125000321(52),
___125000321(53) . $_827808309->getMessage() . ___125000321(54) . $_827808309->getTraceAsString());
}
}
protected static function checkRuleSign($_1850576814)
{
$_1191117338 = new PublicKeyCipher;
$_1643931111 = $_1191117338->decrypt($_1850576814[___125000321(55)], static::__986225707());
return str_starts_with($_1643931111, ___125000321(56));
}
private static function __986225707()
{
$_1287627542 = '';
$_1287627542 .= ___125000321(57);
$_1287627542 .= ___125000321(58);
return $_1287627542;
}
protected function logEvent($_1272057567, $_1029774175, $_1981494513)
{
if ($this->_1508822158) {
\CEventLog::log(\CEventLog::SEVERITY_SECURITY, $_1272057567, 'main', $_1029774175, $_1981494513);
}
}
} ?>
Did this file decode correctly?
Original Code
<?
namespace Bitrix\Main\Security\W;
$GLOBALS['____685273414'] = array(base64_decode('dG' . 'lt' . 'ZQ=='), base64_decode('dGlt' . 'Z' . 'Q=='),
base64_decode('an' . 'Nvb' . 'l9kZWN' . 'vZGU='), base64_decode('YX' . 'JyY' . 'XlfbW' . 'VyZ2U' . '='),
base64_decode('a' . 'm9pbg=='), base64_decode('am9pbg=='), base64_decode('' . 'am9p' . 'bg=='),
base64_decode('' . 'YXJyY' . 'X' . 'lfcG9w'), base64_decode('' . 'YX' . 'JyYXlf' . 'c2h' . 'pZn' . 'Q='),
base64_decode('YXJyYXl' . 'fc2hp' . 'Z' . 'nQ='), base64_decode('YXJyY' . 'Xlfc2hp' . 'ZnQ' . '='),
base64_decode('YXJyYX' . 'l' . 'fc2h' . 'pZn' . 'Q='), base64_decode('YX' . 'JyYXlfb' . 'W' . 'Vy' . 'Z2U='),
base64_decode('a' . 'XNfY' . 'XJy' . 'YXk='),
base64_decode('' . 'Y' . 'XJy' . 'Y' . 'X' . 'l' . 'fbW' . 'V' . 'yZ2' . 'U='),
base64_decode('' . 'a' . 'W' . '5f' . 'YXJyYXk='), base64_decode('aW5f' . 'YXJyYXk='),
base64_decode('' . 'aW5fYX' . 'Jy' . 'YX' . 'k='), base64_decode('aW5fYXJ' . 'y' . 'YX' . 'k='),
base64_decode('aW' . '5fYXJyYXk='), base64_decode('' . 'dGltZQ=='), base64_decode('' . 'dGltZQ=='),
base64_decode('YXJyY' . 'Xlfb' . 'W' . 'Fw'),
base64_decode('Z2' . 'V0X2xvYW' . 'RlZ' . 'F' . '9le' . 'HR' . 'lbnN' . 'pb25' . 'z'),
base64_decode('anNvbl9lbmNvZG' . 'U='), base64_decode('anNvbl' . '9lb' . 'm' . 'Nv' . 'Z' . 'GU='),
base64_decode('' . 'c' . 'Ghwdm' . 'Vyc2lvbg=' . '='), base64_decode('' . 'an' . 'N' . 'vbl9lb' . 'm' . 'NvZGU='),
base64_decode('' . 'a' . 'm' . '9' . 'p' . 'bg=' . '='));
if (!function_exists(__NAMESPACE__ . '\\___125000321')) {
function ___125000321($_2120270678)
{
static $_1919157925 = false;
if ($_1919157925 == false) $_1919157925 =
array('V1dBTEx' . 'fT' . 'E9DSw' . '=' . '=', 'c2Vjd' . 'XJ' . 'pdHk=', '' . 'REFUQQ' . '==', 'eyI=',
'V1dBTExf' . 'TE9D' . 'Sw==', 'c2Vjd' . 'XJ' . 'pd' . 'Hk=',
'' . 'U' . '0VDVVJ' . 'JVFlfV1d' . 'BTEx' . 'f' . 'RVh' . 'DRV' . 'BU' . 'SU9O',
'RkFJTF9DSEV' . 'DS0lORw==',
'Q' . '2F' . 'uIG' . '5vdCBleGVj' . 'dXRlIHd3Y' . 'WxsIHJ1bGV' . 'z' . 'OiA' . '=', 'IFRyYWNlO' . 'iA=',
'UkVRV' . 'UVTVF9VUkk=', 'a2V5cw==', 'dmFsdWVz', 'U0VD' . 'VVJ' . 'JVFlfV1d' . 'BTExfTU9ESUZ' . 'Z',
'' . 'Lg==', 'U0VDV' . 'VJJVFlfV' . '1dBTExfVU5TRVQ' . '=', '' . 'Lg=' . '=',
'U0' . 'VD' . 'VVJJ' . 'V' . 'Fl' . 'fV1' . 'dBT' . 'ExfRV' . 'hJV' . 'A=' . '=', '' . 'Lg==',
'Z2x' . 'vYmFs', '' . 'a2V5' . 'cw=' . '=', '' . 'dm' . 'Fsd' . 'WVz', 'Z2V0', 'Z2V0',
'' . 'cG9zd' . 'A==', '' . 'cG9z' . 'dA==', 'Y2' . '9va' . '2' . 'll', 'Y29' . 'va' . '2ll',
'cmVx' . 'dW' . 'Vz' . 'dA' . '==', 'cm' . 'Vx' . 'dWVzdA=' . '=', 'Z2x' . 'vYmFs',
'Z' . '2x' . 'v' . 'YmFs', 'bWFpbl9zZWM=', 'V1dBTExfQ' . 'UNUVUFMSV' . 'pFX1' . 'JV' . 'T' . 'EVT',
'd' . 'g==', '' . 'dmVy' . 'c2l' . 'vbg=' . '=', 'aQ' . '==', 'aXNJbnN' . '0YWxsZ' . 'WQ=', 'dg==',
'aW5' . 'p', 'c' . '29j' . 'a' . '2' . 'V' . '0VGltZW91dA==',
'c' . '3' . 'R' . 'yZWF' . 't' . 'VGl' . 'tZW91dA=' . '=', 'KCc=', 'ZGF0YQ=' . '=', 'JywgJw==',
'bW9kd' . 'Wxl', 'Jywg' . 'Jw==', 'bW9kdW' . 'xlX' . '3' . 'ZlcnNp' . 'b24=', 'Jyk' . '=', 'LC' . 'A=',
'U0VDVVJJ' . 'VFlfV1dB' . 'TE' . 'xfR' . 'Vh' . 'DR' . 'V' . 'B' . 'USU' . '9' . 'O',
'bW' . 'Fpbg' . '==', 'RkFJTF9SR' . 'UZS' . 'RV' . 'N' . 'IS' . 'U' . '5H',
'Q2FuIG5vdC' . 'ByZW' . 'Zy' . 'ZXNoIHd3YWxsIHJ1bGVz' . 'OiA=', 'IF' . 'RyY' . 'WNlO' . 'iA=',
'ZGF0YQ' . '==', 'eyI=', 'LS0' . 'tLS1CRUdJT' . 'iBQ' . 'VUJMS' . 'UMgS0VZ' . 'LS' . '0t' . 'LS0' . '=',
'Ck' . '1JSU' . 'JJa' . 'kFOQm' . 'd' . 'rcWh' . 'raUc5' . 'dzB' . 'C' . 'QVFFRkF' . 'B' . 'T0N' .
'BUThBTUlJQk' . 'N' . 'nS0NBUUVBcThR' . 'RTBIam1ISlVTdFdWNm4wemEKUlZvT' . 'Hgw' . 'Mkt' . '6YmZyYlMvU' .
'DZzV' . '2F4' . 'VHp3OFNl' . 'R1' . 'R0YlRD' . 'T3JwSGk' . '1U' . 'U' . 'Y2T1J5alovWHh6L' . '0tM' .
'VTFHY' . 'm9m' . 'OU' . 'NaMw' . 'o0e' . 'jdTa3' . 'FVd' . 'D' . 'Y' . '2aWJYdk' . '9' . 'GQng' .
'0Znc' . 'vQV' . 'B' . 'QUkdE' . 'c' . 'X' . 'RtMG5E' . 'M2' . 'ZnR3' . 'N1M1J' . 'lUGd3Mj' .
'lpOCt2bTdtdEJLS' . 'lV' . 'Z' . 'bDRyClZwYj' . 'ZzZlp' . 'FVDlLRWI2VDFIRFlt' . 'RX' . 'ZjM' . 'Wh' .
'xL2lpdXl4THJ' . 'aWm' . 'k' . '1UTZVZmY0VUV2' . 'VEkr' . 'Njhzc0' . 'ZSa1Er' . 'b' . '3dU' . 'Un' .
'kKZU' . '9' . 'JTWJGaE0vV' . 'VRt' . 'Z' . 'lZ' . 'Z' . 'YlRSRnkyb' . '1VROF' . 'dN' . 'emE' . 'ybk' .
'o1U' . '2Fo' . 'emkxVUtPMW' . 'pBalhUUF' . 'JyemM3' . 'Q' . 'Wp' . '1' . 'NjM5ajFPMAp' . 'wc' . 'HF' .
'mb' . 'TV4Z1dsRkFKa' . '0' . 'hRVGdiZGQ1' . 'Q' . 'VdxREZRa3Q5SEtr' . 'WS' . 't' . 'Ubm' . 'ZCTE' .
'dWT' . 'XZWeV' . 'B3VEhOV1FZQX' . 'c0e' . 'HBnL' . '3' . 'dBClp3SURB' . 'U' . 'UFCCi' . '0t' . 'L' .
'S0tR' . 'U' . '5' . 'EIFBVQkx' . 'JQyBLRV' . 'kt' . 'L' . 'S0tLQ==');
return base64_decode($_1919157925[$_2120270678]);
}
};
use Bitrix\Main\Application;
use Bitrix\Main\Config\Option;
use Bitrix\Main\Data\Cache;
use Bitrix\Main\ModuleManager;
use Bitrix\Main\Security\PublicKeyCipher;
use Bitrix\Main\SystemException;
use Bitrix\Main\Web\HttpClient;
use Bitrix\Main\Web\Json;
use Bitrix\Main\Security\W\Rules\Rule;
use Bitrix\Main\Security\W\Rules\Results\RuleAction;
use Bitrix\Main\Security\W\Rules\Results\RuleResult;
use Bitrix\Main\Security\W\Rules\Results\CheckResult;
use Bitrix\Main\Security\W\Rules\Results\ModifyResult;
use Bitrix\Main\Type\ArrayHelper;
use Bitrix\Main\Security\W\Rules\RuleRecordTable;
use ReflectionExtension;
class WWall
{
const CACHE_RULES_TTL = 10800;
private static $_1212362079 = 'https://wwall.bitrix.info/rules.php';
protected $_1508822158 = true;
public function handle()
{
try {
$_1392812524 = RuleRecordTable::getList(['cache' => ['ttl' => 3600 * 24 * 7]])->fetchAll();
if (empty($_1392812524)) {
return;
}
$_559348624 = Cache::createInstance();
$_2132879287 = false;
if ($_559348624->initCache(static::CACHE_RULES_TTL, 'WWALL_LOCK', 'security')) {
$_902230095 = $_559348624->getVars();
if ($GLOBALS['____685273414'][0]() - $_902230095 > round(0 + 5 + 5 + 5 + 5)) {
$_922881542 = Application::getConnection();
$_959446121 = RuleRecordTable::getTableName();
$_922881542->truncateTable($_959446121);
RuleRecordTable::cleanCache();
$_559348624->clean(___125000321(0), ___125000321(1));
}
} elseif ($_559348624->startDataCache()) {
$_559348624->endDataCache($GLOBALS['____685273414'][1]());
$_2132879287 = true;
}
foreach ($_1392812524 as $_635905475) {
$_1191117338 = new PublicKeyCipher;
$_264978350 = $_1191117338->decrypt($_635905475[___125000321(2)], static::__986225707());
if (!str_starts_with($_264978350, ___125000321(3))) {
continue;
}
$_1643931111 = $GLOBALS['____685273414'][2]($_264978350, true);
if (!empty($_1643931111)) {
$_1850576814 = Rule::make($_1643931111);
$_1531110473 = $this->handleRule($_1850576814);
$this->applyHandlingResults($_1531110473);
}
}
if ($_2132879287) {
$_559348624->clean(___125000321(4), ___125000321(5));
}
} catch (\Throwable $_827808309) {
$this->logEvent(___125000321(6), ___125000321(7),
___125000321(8) . $_827808309->getMessage() . ___125000321(9) . $_827808309->getTraceAsString());
}
}
public function handleRule(Rule $_1850576814): array
{
$_1531110473 = [];
if ($_1850576814->matchPath($_SERVER[___125000321(10)])) {
$_261947781 = $this->getContextElements($_1850576814->getContext());
foreach ($_261947781 as $_856864095 => &$_1496276265) {
$_1531110473 = $GLOBALS['____685273414'][3]($_1531110473,
$this->recursiveContextKeyHandle($_856864095, $_1496276265, [], $_1850576814));
}
}
return $_1531110473;
}
public function applyHandlingResults(array $_1531110473)
{
$_261947781 = $this->getContextElements(['get', 'post', 'cookie', 'request', 'global']);
foreach ($_1531110473 as $_1425439313) {
$_1496276265 =& $_261947781[$_1425439313->getContextName()];
$_1030007695 = $_1425439313->getRuleResult();
$_1850576814 = $_1425439313->getRule();
if ($_1030007695 instanceof ModifyResult) {
if ($_1850576814->getProcess() === ___125000321(11)) {
static::rewriteContextKey($_1425439313->getContextName(), $_1496276265,
$_1425439313->getContextKey(), $_1030007695->getCleanValue());
} elseif ($_1850576814->getProcess() === ___125000321(12)) {
static::rewriteContextValue($_1425439313->getContextName(), $_1496276265,
$_1425439313->getContextKey(), $_1030007695->getCleanValue());
}
$this->logEvent(___125000321(13), $_1425439313->getContextName(),
$GLOBALS['____685273414'][4](___125000321(14), $_1425439313->getContextKey()));
} elseif ($_1030007695 instanceof CheckResult && !$_1030007695->isSuccess()) {
if ($_1030007695->getAction() === RuleAction::UNSET) {
static::unsetContextValue($_1425439313->getContextName(), $_1496276265,
$_1425439313->getContextKey(),);
$this->logEvent(___125000321(15), $_1425439313->getContextName(),
$GLOBALS['____685273414'][5](___125000321(16), $_1425439313->getContextKey()));
} elseif ($_1030007695->getAction() === RuleAction::EXIT) {
$this->logEvent(___125000321(17), $_1425439313->getContextName(),
$GLOBALS['____685273414'][6](___125000321(18), $_1425439313->getContextKey()));
exit;
}
}
}
}
public function disableEventLogging()
{
$this->_1508822158 = false;
}
protected function rewriteContextKey($_856864095, &$_1496276265, $_1084881637, $_1892728094)
{
$_621191798 = $_1084881637;
$GLOBALS['____685273414'][7]($_621191798);
$_621191798[] = $_1892728094;
if ($_856864095 === ___125000321(19)) {
$_495822601 = $GLOBALS['____685273414'][8]($_1084881637);
$GLOBALS['____685273414'][9]($_621191798);
if (empty($_1084881637)) {
$GLOBALS[$_1892728094] = $GLOBALS[$_495822601];
unset($GLOBALS[$_495822601]);
} else {
$_1496276265 =& $GLOBALS[$_495822601];
$_599488940 = ArrayHelper::getByNestedKey($_1496276265, $_1084881637);
ArrayHelper::setByNestedKey($_1496276265, $_621191798, $_599488940);
ArrayHelper::unsetByNestedKey($_1496276265, $_1084881637);
}
} else {
$_599488940 = ArrayHelper::getByNestedKey($_1496276265, $_1084881637);
ArrayHelper::setByNestedKey($_1496276265, $_621191798, $_599488940);
ArrayHelper::unsetByNestedKey($_1496276265, $_1084881637);
}
}
protected function rewriteContextValue($_856864095, &$_1496276265, $_1420691434, $_599488940)
{
if ($_856864095 === 'global') {
$_495822601 = $GLOBALS['____685273414'][10]($_1420691434);
if (empty($_1420691434)) {
$GLOBALS[$_495822601] = $_599488940;
} else {
$_1496276265 =& $GLOBALS[$_495822601];
ArrayHelper::setByNestedKey($_1496276265, $_1420691434, $_599488940);
}
} else {
ArrayHelper::setByNestedKey($_1496276265, $_1420691434, $_599488940);
}
}
protected function unsetContextValue($_856864095, &$_1496276265, $_1420691434)
{
if ($_856864095 === 'global') {
$_495822601 = $GLOBALS['____685273414'][11]($_1420691434);
if (empty($_1420691434)) {
unset($GLOBALS[$_495822601]);
} else {
$_1496276265 =& $GLOBALS[$_495822601];
ArrayHelper::unsetByNestedKey($_1496276265, $_1420691434);
}
} else {
ArrayHelper::unsetByNestedKey($_1496276265, $_1420691434);
}
}
protected function recursiveContextKeyHandle(string $_856864095, array &$_1496276265, array $_971548743,
Rule $_1850576814): array
{
$_1531110473 = [];
foreach ($_1496276265 as $_2053128305 => $_599488940) {
$_1420691434 = $GLOBALS['____685273414'][12]($_971548743, [$_2053128305]);
if ($_1850576814->matchKey($_1420691434)) {
if ($_1850576814->getProcess() === ___125000321(20)) {
$_1030007695 = $_1850576814->evaluate($_2053128305);
} elseif ($_1850576814->getProcess() === ___125000321(21)) {
$_1030007695 = $_1850576814->evaluateValue($_599488940);
}
if (!empty($_1030007695) && $_1030007695 instanceof RuleResult) {
$_1531110473[] = new HandlingResult($_856864095, $_1420691434, $_1030007695, $_1850576814);
}
}
if ($GLOBALS['____685273414'][13]($_599488940)) {
$_1531110473 = $GLOBALS['____685273414'][14]($_1531110473,
$this->recursiveContextKeyHandle($_856864095, $_1496276265[$_2053128305], $_1420691434,
$_1850576814));
}
}
return $_1531110473;
}
protected function getContextElements(array $_2033840673)
{
$_2087439224 = [];
if ($GLOBALS['____685273414'][15](___125000321(22), $_2033840673, true)) {
$_2087439224[___125000321(23)] = &$_GET;
}
if ($GLOBALS['____685273414'][16](___125000321(24), $_2033840673, true)) {
$_2087439224[___125000321(25)] = &$_POST;
}
if ($GLOBALS['____685273414'][17](___125000321(26), $_2033840673, true)) {
$_2087439224[___125000321(27)] = &$_COOKIE;
}
if ($GLOBALS['____685273414'][18](___125000321(28), $_2033840673, true)) {
$_2087439224[___125000321(29)] = &$_REQUEST;
}
if ($GLOBALS['____685273414'][19](___125000321(30), $_2033840673, true)) {
$_2087439224[___125000321(31)] = $GLOBALS;
}
return $_2087439224;
}
public static function refreshRules()
{
try {
$_2042952140 = Option::get('main_sec', 'WWALL_ACTUALIZE_RULES', 0);
if (($GLOBALS['____685273414'][20]() - $_2042952140) < static::CACHE_RULES_TTL) {
return;
}
Option::set(___125000321(32), ___125000321(33), $GLOBALS['____685273414'][21]());
$_325769198 = null;
$_1640073540 = $GLOBALS['____685273414'][22](function ($_762385693) {
return [___125000321(34) => $_762385693[___125000321(35)],
___125000321(36) => (int)$_762385693[___125000321(37)]];
}, ModuleManager::getModulesFromDisk());
$_18068556 = [];
foreach ($GLOBALS['____685273414'][23]() as $_1373112692) {
$_1260101882 = new ReflectionExtension($_1373112692);
$_18068556[$_1373112692] =
[___125000321(38) => $_1260101882->getVersion(), ___125000321(39) => $_1260101882->getINIEntries()];
}
$_1319456541 = new HttpClient([___125000321(40) => round(0 + 1.25 + 1.25 + 1.25 + 1.25),
___125000321(41) => round(0 + 5)]);
$_539470450 = $_1319456541->post(static::$_1212362079,
['modules' => $GLOBALS['____685273414'][24]($_1640073540),
'license' => Application::getInstance()->getLicense()->getHashLicenseKey(),
'php' => $GLOBALS['____685273414'][25](['v' => $GLOBALS['____685273414'][26](),
'ext' => $_18068556]),]);
if ($_1319456541->getStatus() == round(0 + 100 + 100) && !empty($_539470450)) {
$_325769198 = Json::decode($_539470450);
}
if ($_325769198 !== null) {
$_922881542 = Application::getConnection();
$_959446121 = RuleRecordTable::getTableName();
if (!empty($_325769198)) {
foreach ($_325769198 as $_1514742390) {
if (!static::checkRuleSign($_1514742390)) {
throw new SystemException('Invalid sign for rule ' .
$GLOBALS['____685273414'][27]($_1514742390));
}
}
}
$_922881542->truncateTable($_959446121);
if (!empty($_325769198)) {
$_1244626267 = [];
foreach ($_325769198 as $_1514742390) {
$_1244626267[] =
___125000321(42) . $_922881542->getSqlHelper()->forSql($_1514742390[___125000321(43)]) .
___125000321(44) . $_922881542->getSqlHelper()->forSql($_1514742390[___125000321(45)]) .
___125000321(46) . $_922881542->getSqlHelper()->forSql($_1514742390[___125000321(47)]) .
___125000321(48);
}
$_1574484706 = $GLOBALS['____685273414'][28](___125000321(49), $_1244626267);
$_922881542->query("INSERT INTO {$_959446121} (DATA, MODULE, MODULE_VERSION) VALUES {$_1574484706}");
RuleRecordTable::cleanCache();
}
}
} catch (\Throwable $_827808309) {
\CEventLog::log(\CEventLog::SEVERITY_SECURITY, ___125000321(50), ___125000321(51), ___125000321(52),
___125000321(53) . $_827808309->getMessage() . ___125000321(54) . $_827808309->getTraceAsString());
}
}
protected static function checkRuleSign($_1850576814)
{
$_1191117338 = new PublicKeyCipher;
$_1643931111 = $_1191117338->decrypt($_1850576814[___125000321(55)], static::__986225707());
return str_starts_with($_1643931111, ___125000321(56));
}
private static function __986225707()
{
$_1287627542 = '';
$_1287627542 .= ___125000321(57);
$_1287627542 .= ___125000321(58);
return $_1287627542;
}
protected function logEvent($_1272057567, $_1029774175, $_1981494513)
{
if ($this->_1508822158) {
\CEventLog::log(\CEventLog::SEVERITY_SECURITY, $_1272057567, 'main', $_1029774175, $_1981494513);
}
}
} ?>
Function Calls
None |
Stats
MD5 | c264fc91ae126f99cad6aff9fd3fe050 |
Eval Count | 0 |
Decode Time | 73 ms |