Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<? namespace Bitrix\Main\Security\W; $GLOBALS['____685273414'] = array(base64_decode('dG..

Decoded Output download

<? 
namespace Bitrix\Main\Security\W; 
$GLOBALS['____685273414'] = array(base64_decode('dG' . 'lt' . 'ZQ=='), base64_decode('dGlt' . 'Z' . 'Q=='), 
    base64_decode('an' . 'Nvb' . 'l9kZWN' . 'vZGU='), base64_decode('YX' . 'JyY' . 'XlfbW' . 'VyZ2U' . '='), 
    base64_decode('a' . 'm9pbg=='), base64_decode('am9pbg=='), base64_decode('' . 'am9p' . 'bg=='), 
    base64_decode('' . 'YXJyY' . 'X' . 'lfcG9w'), base64_decode('' . 'YX' . 'JyYXlf' . 'c2h' . 'pZn' . 'Q='), 
    base64_decode('YXJyYXl' . 'fc2hp' . 'Z' . 'nQ='), base64_decode('YXJyY' . 'Xlfc2hp' . 'ZnQ' . '='), 
    base64_decode('YXJyYX' . 'l' . 'fc2h' . 'pZn' . 'Q='), base64_decode('YX' . 'JyYXlfb' . 'W' . 'Vy' . 'Z2U='), 
    base64_decode('a' . 'XNfY' . 'XJy' . 'YXk='), 
    base64_decode('' . 'Y' . 'XJy' . 'Y' . 'X' . 'l' . 'fbW' . 'V' . 'yZ2' . 'U='), 
    base64_decode('' . 'a' . 'W' . '5f' . 'YXJyYXk='), base64_decode('aW5f' . 'YXJyYXk='), 
    base64_decode('' . 'aW5fYX' . 'Jy' . 'YX' . 'k='), base64_decode('aW5fYXJ' . 'y' . 'YX' . 'k='), 
    base64_decode('aW' . '5fYXJyYXk='), base64_decode('' . 'dGltZQ=='), base64_decode('' . 'dGltZQ=='), 
    base64_decode('YXJyY' . 'Xlfb' . 'W' . 'Fw'), 
    base64_decode('Z2' . 'V0X2xvYW' . 'RlZ' . 'F' . '9le' . 'HR' . 'lbnN' . 'pb25' . 'z'), 
    base64_decode('anNvbl9lbmNvZG' . 'U='), base64_decode('anNvbl' . '9lb' . 'm' . 'Nv' . 'Z' . 'GU='), 
    base64_decode('' . 'c' . 'Ghwdm' . 'Vyc2lvbg=' . '='), base64_decode('' . 'an' . 'N' . 'vbl9lb' . 'm' . 'NvZGU='), 
    base64_decode('' . 'a' . 'm' . '9' . 'p' . 'bg=' . '=')); 
if (!function_exists(__NAMESPACE__ . '\___125000321')) { 
    function ___125000321($_2120270678) 
    { 
        static $_1919157925 = false; 
        if ($_1919157925 == false) $_1919157925 = 
            array('V1dBTEx' . 'fT' . 'E9DSw' . '=' . '=', 'c2Vjd' . 'XJ' . 'pdHk=', '' . 'REFUQQ' . '==', 'eyI=', 
                'V1dBTExf' . 'TE9D' . 'Sw==', 'c2Vjd' . 'XJ' . 'pd' . 'Hk=', 
                '' . 'U' . '0VDVVJ' . 'JVFlfV1d' . 'BTEx' . 'f' . 'RVh' . 'DRV' . 'BU' . 'SU9O', 
                'RkFJTF9DSEV' . 'DS0lORw==', 
                'Q' . '2F' . 'uIG' . '5vdCBleGVj' . 'dXRlIHd3Y' . 'WxsIHJ1bGV' . 'z' . 'OiA' . '=', 'IFRyYWNlO' . 'iA=', 
                'UkVRV' . 'UVTVF9VUkk=', 'a2V5cw==', 'dmFsdWVz', 'U0VD' . 'VVJ' . 'JVFlfV1d' . 'BTExfTU9ESUZ' . 'Z', 
                '' . 'Lg==', 'U0VDV' . 'VJJVFlfV' . '1dBTExfVU5TRVQ' . '=', '' . 'Lg=' . '=', 
                'U0' . 'VD' . 'VVJJ' . 'V' . 'Fl' . 'fV1' . 'dBT' . 'ExfRV' . 'hJV' . 'A=' . '=', '' . 'Lg==', 
                'Z2x' . 'vYmFs', '' . 'a2V5' . 'cw=' . '=', '' . 'dm' . 'Fsd' . 'WVz', 'Z2V0', 'Z2V0', 
                '' . 'cG9zd' . 'A==', '' . 'cG9z' . 'dA==', 'Y2' . '9va' . '2' . 'll', 'Y29' . 'va' . '2ll', 
                'cmVx' . 'dW' . 'Vz' . 'dA' . '==', 'cm' . 'Vx' . 'dWVzdA=' . '=', 'Z2x' . 'vYmFs', 
                'Z' . '2x' . 'v' . 'YmFs', 'bWFpbl9zZWM=', 'V1dBTExfQ' . 'UNUVUFMSV' . 'pFX1' . 'JV' . 'T' . 'EVT', 
                'd' . 'g==', '' . 'dmVy' . 'c2l' . 'vbg=' . '=', 'aQ' . '==', 'aXNJbnN' . '0YWxsZ' . 'WQ=', 'dg==', 
                'aW5' . 'p', 'c' . '29j' . 'a' . '2' . 'V' . '0VGltZW91dA==', 
                'c' . '3' . 'R' . 'yZWF' . 't' . 'VGl' . 'tZW91dA=' . '=', 'KCc=', 'ZGF0YQ=' . '=', 'JywgJw==', 
                'bW9kd' . 'Wxl', 'Jywg' . 'Jw==', 'bW9kdW' . 'xlX' . '3' . 'ZlcnNp' . 'b24=', 'Jyk' . '=', 'LC' . 'A=', 
                'U0VDVVJJ' . 'VFlfV1dB' . 'TE' . 'xfR' . 'Vh' . 'DR' . 'V' . 'B' . 'USU' . '9' . 'O', 
                'bW' . 'Fpbg' . '==', 'RkFJTF9SR' . 'UZS' . 'RV' . 'N' . 'IS' . 'U' . '5H', 
                'Q2FuIG5vdC' . 'ByZW' . 'Zy' . 'ZXNoIHd3YWxsIHJ1bGVz' . 'OiA=', 'IF' . 'RyY' . 'WNlO' . 'iA=', 
                'ZGF0YQ' . '==', 'eyI=', 'LS0' . 'tLS1CRUdJT' . 'iBQ' . 'VUJMS' . 'UMgS0VZ' . 'LS' . '0t' . 'LS0' . '=', 
                'Ck' . '1JSU' . 'JJa' . 'kFOQm' . 'd' . 'rcWh' . 'raUc5' . 'dzB' . 'C' . 'QVFFRkF' . 'B' . 'T0N' . 
                'BUThBTUlJQk' . 'N' . 'nS0NBUUVBcThR' . 'RTBIam1ISlVTdFdWNm4wemEKUlZvT' . 'Hgw' . 'Mkt' . '6YmZyYlMvU' . 
                'DZzV' . '2F4' . 'VHp3OFNl' . 'R1' . 'R0YlRD' . 'T3JwSGk' . '1U' . 'U' . 'Y2T1J5alovWHh6L' . '0tM' . 
                'VTFHY' . 'm9m' . 'OU' . 'NaMw' . 'o0e' . 'jdTa3' . 'FVd' . 'D' . 'Y' . '2aWJYdk' . '9' . 'GQng' . 
                '0Znc' . 'vQV' . 'B' . 'QUkdE' . 'c' . 'X' . 'RtMG5E' . 'M2' . 'ZnR3' . 'N1M1J' . 'lUGd3Mj' . 
                'lpOCt2bTdtdEJLS' . 'lV' . 'Z' . 'bDRyClZwYj' . 'ZzZlp' . 'FVDlLRWI2VDFIRFlt' . 'RX' . 'ZjM' . 'Wh' . 
                'xL2lpdXl4THJ' . 'aWm' . 'k' . '1UTZVZmY0VUV2' . 'VEkr' . 'Njhzc0' . 'ZSa1Er' . 'b' . '3dU' . 'Un' . 
                'kKZU' . '9' . 'JTWJGaE0vV' . 'VRt' . 'Z' . 'lZ' . 'Z' . 'YlRSRnkyb' . '1VROF' . 'dN' . 'emE' . 'ybk' . 
                'o1U' . '2Fo' . 'emkxVUtPMW' . 'pBalhUUF' . 'JyemM3' . 'Q' . 'Wp' . '1' . 'NjM5ajFPMAp' . 'wc' . 'HF' . 
                'mb' . 'TV4Z1dsRkFKa' . '0' . 'hRVGdiZGQ1' . 'Q' . 'VdxREZRa3Q5SEtr' . 'WS' . 't' . 'Ubm' . 'ZCTE' . 
                'dWT' . 'XZWeV' . 'B3VEhOV1FZQX' . 'c0e' . 'HBnL' . '3' . 'dBClp3SURB' . 'U' . 'UFCCi' . '0t' . 'L' . 
                'S0tR' . 'U' . '5' . 'EIFBVQkx' . 'JQyBLRV' . 'kt' . 'L' . 'S0tLQ=='); 
        return base64_decode($_1919157925[$_2120270678]); 
    } 
}; 
 
use Bitrix\Main\Application; 
use Bitrix\Main\Config\Option; 
use Bitrix\Main\Data\Cache; 
use Bitrix\Main\ModuleManager; 
use Bitrix\Main\Security\PublicKeyCipher; 
use Bitrix\Main\SystemException; 
use Bitrix\Main\Web\HttpClient; 
use Bitrix\Main\Web\Json; 
use Bitrix\Main\Security\W\Rules\Rule; 
use Bitrix\Main\Security\W\Rules\Results\RuleAction; 
use Bitrix\Main\Security\W\Rules\Results\RuleResult; 
use Bitrix\Main\Security\W\Rules\Results\CheckResult; 
use Bitrix\Main\Security\W\Rules\Results\ModifyResult; 
use Bitrix\Main\Type\ArrayHelper; 
use Bitrix\Main\Security\W\Rules\RuleRecordTable; 
use ReflectionExtension; 
 
class WWall 
{ 
    const CACHE_RULES_TTL = 10800; 
    private static $_1212362079 = 'https://wwall.bitrix.info/rules.php'; 
    protected $_1508822158 = true; 
 
    public function handle() 
    { 
        try { 
            $_1392812524 = RuleRecordTable::getList(['cache' => ['ttl' => 3600 * 24 * 7]])->fetchAll(); 
            if (empty($_1392812524)) { 
                return; 
            } 
            $_559348624 = Cache::createInstance(); 
            $_2132879287 = false; 
            if ($_559348624->initCache(static::CACHE_RULES_TTL, 'WWALL_LOCK', 'security')) { 
                $_902230095 = $_559348624->getVars(); 
                if ($GLOBALS['____685273414'][0]() - $_902230095 > round(0 + 5 + 5 + 5 + 5)) { 
                    $_922881542 = Application::getConnection(); 
                    $_959446121 = RuleRecordTable::getTableName(); 
                    $_922881542->truncateTable($_959446121); 
                    RuleRecordTable::cleanCache(); 
                    $_559348624->clean(___125000321(0), ___125000321(1)); 
                } 
            } elseif ($_559348624->startDataCache()) { 
                $_559348624->endDataCache($GLOBALS['____685273414'][1]()); 
                $_2132879287 = true; 
            } 
            foreach ($_1392812524 as $_635905475) { 
                $_1191117338 = new PublicKeyCipher; 
                $_264978350 = $_1191117338->decrypt($_635905475[___125000321(2)], static::__986225707()); 
                if (!str_starts_with($_264978350, ___125000321(3))) { 
                    continue; 
                } 
                $_1643931111 = $GLOBALS['____685273414'][2]($_264978350, true); 
                if (!empty($_1643931111)) { 
                    $_1850576814 = Rule::make($_1643931111); 
                    $_1531110473 = $this->handleRule($_1850576814); 
                    $this->applyHandlingResults($_1531110473); 
                } 
            } 
            if ($_2132879287) { 
                $_559348624->clean(___125000321(4), ___125000321(5)); 
            } 
        } catch (\Throwable $_827808309) { 
            $this->logEvent(___125000321(6), ___125000321(7), 
                ___125000321(8) . $_827808309->getMessage() . ___125000321(9) . $_827808309->getTraceAsString()); 
        } 
    } 
 
    public function handleRule(Rule $_1850576814): array 
    { 
        $_1531110473 = []; 
        if ($_1850576814->matchPath($_SERVER[___125000321(10)])) { 
            $_261947781 = $this->getContextElements($_1850576814->getContext()); 
            foreach ($_261947781 as $_856864095 => &$_1496276265) { 
                $_1531110473 = $GLOBALS['____685273414'][3]($_1531110473, 
                    $this->recursiveContextKeyHandle($_856864095, $_1496276265, [], $_1850576814)); 
            } 
        } 
        return $_1531110473; 
    } 
 
    public function applyHandlingResults(array $_1531110473) 
    { 
        $_261947781 = $this->getContextElements(['get', 'post', 'cookie', 'request', 'global']); 
        foreach ($_1531110473 as $_1425439313) { 
            $_1496276265 =& $_261947781[$_1425439313->getContextName()]; 
            $_1030007695 = $_1425439313->getRuleResult(); 
            $_1850576814 = $_1425439313->getRule(); 
            if ($_1030007695 instanceof ModifyResult) { 
                if ($_1850576814->getProcess() === ___125000321(11)) { 
                    static::rewriteContextKey($_1425439313->getContextName(), $_1496276265, 
                        $_1425439313->getContextKey(), $_1030007695->getCleanValue()); 
                } elseif ($_1850576814->getProcess() === ___125000321(12)) { 
                    static::rewriteContextValue($_1425439313->getContextName(), $_1496276265, 
                        $_1425439313->getContextKey(), $_1030007695->getCleanValue()); 
                } 
                $this->logEvent(___125000321(13), $_1425439313->getContextName(), 
                    $GLOBALS['____685273414'][4](___125000321(14), $_1425439313->getContextKey())); 
            } elseif ($_1030007695 instanceof CheckResult && !$_1030007695->isSuccess()) { 
                if ($_1030007695->getAction() === RuleAction::UNSET) { 
                    static::unsetContextValue($_1425439313->getContextName(), $_1496276265, 
                        $_1425439313->getContextKey(),); 
                    $this->logEvent(___125000321(15), $_1425439313->getContextName(), 
                        $GLOBALS['____685273414'][5](___125000321(16), $_1425439313->getContextKey())); 
                } elseif ($_1030007695->getAction() === RuleAction::EXIT) { 
                    $this->logEvent(___125000321(17), $_1425439313->getContextName(), 
                        $GLOBALS['____685273414'][6](___125000321(18), $_1425439313->getContextKey())); 
                    exit; 
                } 
            } 
        } 
    } 
 
    public function disableEventLogging() 
    { 
        $this->_1508822158 = false; 
    } 
 
    protected function rewriteContextKey($_856864095, &$_1496276265, $_1084881637, $_1892728094) 
    { 
        $_621191798 = $_1084881637; 
        $GLOBALS['____685273414'][7]($_621191798); 
        $_621191798[] = $_1892728094; 
        if ($_856864095 === ___125000321(19)) { 
            $_495822601 = $GLOBALS['____685273414'][8]($_1084881637); 
            $GLOBALS['____685273414'][9]($_621191798); 
            if (empty($_1084881637)) { 
                $GLOBALS[$_1892728094] = $GLOBALS[$_495822601]; 
                unset($GLOBALS[$_495822601]); 
            } else { 
                $_1496276265 =& $GLOBALS[$_495822601]; 
                $_599488940 = ArrayHelper::getByNestedKey($_1496276265, $_1084881637); 
                ArrayHelper::setByNestedKey($_1496276265, $_621191798, $_599488940); 
                ArrayHelper::unsetByNestedKey($_1496276265, $_1084881637); 
            } 
        } else { 
            $_599488940 = ArrayHelper::getByNestedKey($_1496276265, $_1084881637); 
            ArrayHelper::setByNestedKey($_1496276265, $_621191798, $_599488940); 
            ArrayHelper::unsetByNestedKey($_1496276265, $_1084881637); 
        } 
    } 
 
    protected function rewriteContextValue($_856864095, &$_1496276265, $_1420691434, $_599488940) 
    { 
        if ($_856864095 === 'global') { 
            $_495822601 = $GLOBALS['____685273414'][10]($_1420691434); 
            if (empty($_1420691434)) { 
                $GLOBALS[$_495822601] = $_599488940; 
            } else { 
                $_1496276265 =& $GLOBALS[$_495822601]; 
                ArrayHelper::setByNestedKey($_1496276265, $_1420691434, $_599488940); 
            } 
        } else { 
            ArrayHelper::setByNestedKey($_1496276265, $_1420691434, $_599488940); 
        } 
    } 
 
    protected function unsetContextValue($_856864095, &$_1496276265, $_1420691434) 
    { 
        if ($_856864095 === 'global') { 
            $_495822601 = $GLOBALS['____685273414'][11]($_1420691434); 
            if (empty($_1420691434)) { 
                unset($GLOBALS[$_495822601]); 
            } else { 
                $_1496276265 =& $GLOBALS[$_495822601]; 
                ArrayHelper::unsetByNestedKey($_1496276265, $_1420691434); 
            } 
        } else { 
            ArrayHelper::unsetByNestedKey($_1496276265, $_1420691434); 
        } 
    } 
 
    protected function recursiveContextKeyHandle(string $_856864095, array &$_1496276265, array $_971548743, 
                                                 Rule $_1850576814): array 
    { 
        $_1531110473 = []; 
        foreach ($_1496276265 as $_2053128305 => $_599488940) { 
            $_1420691434 = $GLOBALS['____685273414'][12]($_971548743, [$_2053128305]); 
            if ($_1850576814->matchKey($_1420691434)) { 
                if ($_1850576814->getProcess() === ___125000321(20)) { 
                    $_1030007695 = $_1850576814->evaluate($_2053128305); 
                } elseif ($_1850576814->getProcess() === ___125000321(21)) { 
                    $_1030007695 = $_1850576814->evaluateValue($_599488940); 
                } 
                if (!empty($_1030007695) && $_1030007695 instanceof RuleResult) { 
                    $_1531110473[] = new HandlingResult($_856864095, $_1420691434, $_1030007695, $_1850576814); 
                } 
            } 
            if ($GLOBALS['____685273414'][13]($_599488940)) { 
                $_1531110473 = $GLOBALS['____685273414'][14]($_1531110473, 
                    $this->recursiveContextKeyHandle($_856864095, $_1496276265[$_2053128305], $_1420691434, 
                        $_1850576814)); 
            } 
        } 
        return $_1531110473; 
    } 
 
    protected function getContextElements(array $_2033840673) 
    { 
        $_2087439224 = []; 
        if ($GLOBALS['____685273414'][15](___125000321(22), $_2033840673, true)) { 
            $_2087439224[___125000321(23)] = &$_GET; 
        } 
        if ($GLOBALS['____685273414'][16](___125000321(24), $_2033840673, true)) { 
            $_2087439224[___125000321(25)] = &$_POST; 
        } 
        if ($GLOBALS['____685273414'][17](___125000321(26), $_2033840673, true)) { 
            $_2087439224[___125000321(27)] = &$_COOKIE; 
        } 
        if ($GLOBALS['____685273414'][18](___125000321(28), $_2033840673, true)) { 
            $_2087439224[___125000321(29)] = &$_REQUEST; 
        } 
        if ($GLOBALS['____685273414'][19](___125000321(30), $_2033840673, true)) { 
            $_2087439224[___125000321(31)] = $GLOBALS; 
        } 
        return $_2087439224; 
    } 
 
    public static function refreshRules() 
    { 
        try { 
            $_2042952140 = Option::get('main_sec', 'WWALL_ACTUALIZE_RULES', 0); 
            if (($GLOBALS['____685273414'][20]() - $_2042952140) < static::CACHE_RULES_TTL) { 
                return; 
            } 
            Option::set(___125000321(32), ___125000321(33), $GLOBALS['____685273414'][21]()); 
            $_325769198 = null; 
            $_1640073540 = $GLOBALS['____685273414'][22](function ($_762385693) { 
                return [___125000321(34) => $_762385693[___125000321(35)], 
                    ___125000321(36) => (int)$_762385693[___125000321(37)]]; 
            }, ModuleManager::getModulesFromDisk()); 
            $_18068556 = []; 
            foreach ($GLOBALS['____685273414'][23]() as $_1373112692) { 
                $_1260101882 = new ReflectionExtension($_1373112692); 
                $_18068556[$_1373112692] = 
                    [___125000321(38) => $_1260101882->getVersion(), ___125000321(39) => $_1260101882->getINIEntries()]; 
            } 
            $_1319456541 = new HttpClient([___125000321(40) => round(0 + 1.25 + 1.25 + 1.25 + 1.25), 
                ___125000321(41) => round(0 + 5)]); 
            $_539470450 = $_1319456541->post(static::$_1212362079, 
                ['modules' => $GLOBALS['____685273414'][24]($_1640073540), 
                    'license' => Application::getInstance()->getLicense()->getHashLicenseKey(), 
                    'php' => $GLOBALS['____685273414'][25](['v' => $GLOBALS['____685273414'][26](), 
                        'ext' => $_18068556]),]); 
            if ($_1319456541->getStatus() == round(0 + 100 + 100) && !empty($_539470450)) { 
                $_325769198 = Json::decode($_539470450); 
            } 
            if ($_325769198 !== null) { 
                $_922881542 = Application::getConnection(); 
                $_959446121 = RuleRecordTable::getTableName(); 
                if (!empty($_325769198)) { 
                    foreach ($_325769198 as $_1514742390) { 
                        if (!static::checkRuleSign($_1514742390)) { 
                            throw new SystemException('Invalid sign for rule ' . 
                                $GLOBALS['____685273414'][27]($_1514742390)); 
                        } 
                    } 
                } 
                $_922881542->truncateTable($_959446121); 
                if (!empty($_325769198)) { 
                    $_1244626267 = []; 
                    foreach ($_325769198 as $_1514742390) { 
                        $_1244626267[] = 
                            ___125000321(42) . $_922881542->getSqlHelper()->forSql($_1514742390[___125000321(43)]) . 
                            ___125000321(44) . $_922881542->getSqlHelper()->forSql($_1514742390[___125000321(45)]) . 
                            ___125000321(46) . $_922881542->getSqlHelper()->forSql($_1514742390[___125000321(47)]) . 
                            ___125000321(48); 
                    } 
                    $_1574484706 = $GLOBALS['____685273414'][28](___125000321(49), $_1244626267); 
                    $_922881542->query("INSERT INTO {$_959446121} (DATA, MODULE, MODULE_VERSION) VALUES {$_1574484706}"); 
                    RuleRecordTable::cleanCache(); 
                } 
            } 
        } catch (\Throwable $_827808309) { 
            \CEventLog::log(\CEventLog::SEVERITY_SECURITY, ___125000321(50), ___125000321(51), ___125000321(52), 
                ___125000321(53) . $_827808309->getMessage() . ___125000321(54) . $_827808309->getTraceAsString()); 
        } 
    } 
 
    protected static function checkRuleSign($_1850576814) 
    { 
        $_1191117338 = new PublicKeyCipher; 
        $_1643931111 = $_1191117338->decrypt($_1850576814[___125000321(55)], static::__986225707()); 
        return str_starts_with($_1643931111, ___125000321(56)); 
    } 
 
    private static function __986225707() 
    { 
        $_1287627542 = ''; 
        $_1287627542 .= ___125000321(57); 
        $_1287627542 .= ___125000321(58); 
        return $_1287627542; 
    } 
 
    protected function logEvent($_1272057567, $_1029774175, $_1981494513) 
    { 
        if ($this->_1508822158) { 
            \CEventLog::log(\CEventLog::SEVERITY_SECURITY, $_1272057567, 'main', $_1029774175, $_1981494513); 
        } 
    } 
} ?>

Did this file decode correctly?

Original Code

<?
namespace Bitrix\Main\Security\W;
$GLOBALS['____685273414'] = array(base64_decode('dG' . 'lt' . 'ZQ=='), base64_decode('dGlt' . 'Z' . 'Q=='),
    base64_decode('an' . 'Nvb' . 'l9kZWN' . 'vZGU='), base64_decode('YX' . 'JyY' . 'XlfbW' . 'VyZ2U' . '='),
    base64_decode('a' . 'm9pbg=='), base64_decode('am9pbg=='), base64_decode('' . 'am9p' . 'bg=='),
    base64_decode('' . 'YXJyY' . 'X' . 'lfcG9w'), base64_decode('' . 'YX' . 'JyYXlf' . 'c2h' . 'pZn' . 'Q='),
    base64_decode('YXJyYXl' . 'fc2hp' . 'Z' . 'nQ='), base64_decode('YXJyY' . 'Xlfc2hp' . 'ZnQ' . '='),
    base64_decode('YXJyYX' . 'l' . 'fc2h' . 'pZn' . 'Q='), base64_decode('YX' . 'JyYXlfb' . 'W' . 'Vy' . 'Z2U='),
    base64_decode('a' . 'XNfY' . 'XJy' . 'YXk='),
    base64_decode('' . 'Y' . 'XJy' . 'Y' . 'X' . 'l' . 'fbW' . 'V' . 'yZ2' . 'U='),
    base64_decode('' . 'a' . 'W' . '5f' . 'YXJyYXk='), base64_decode('aW5f' . 'YXJyYXk='),
    base64_decode('' . 'aW5fYX' . 'Jy' . 'YX' . 'k='), base64_decode('aW5fYXJ' . 'y' . 'YX' . 'k='),
    base64_decode('aW' . '5fYXJyYXk='), base64_decode('' . 'dGltZQ=='), base64_decode('' . 'dGltZQ=='),
    base64_decode('YXJyY' . 'Xlfb' . 'W' . 'Fw'),
    base64_decode('Z2' . 'V0X2xvYW' . 'RlZ' . 'F' . '9le' . 'HR' . 'lbnN' . 'pb25' . 'z'),
    base64_decode('anNvbl9lbmNvZG' . 'U='), base64_decode('anNvbl' . '9lb' . 'm' . 'Nv' . 'Z' . 'GU='),
    base64_decode('' . 'c' . 'Ghwdm' . 'Vyc2lvbg=' . '='), base64_decode('' . 'an' . 'N' . 'vbl9lb' . 'm' . 'NvZGU='),
    base64_decode('' . 'a' . 'm' . '9' . 'p' . 'bg=' . '='));
if (!function_exists(__NAMESPACE__ . '\\___125000321')) {
    function ___125000321($_2120270678)
    {
        static $_1919157925 = false;
        if ($_1919157925 == false) $_1919157925 =
            array('V1dBTEx' . 'fT' . 'E9DSw' . '=' . '=', 'c2Vjd' . 'XJ' . 'pdHk=', '' . 'REFUQQ' . '==', 'eyI=',
                'V1dBTExf' . 'TE9D' . 'Sw==', 'c2Vjd' . 'XJ' . 'pd' . 'Hk=',
                '' . 'U' . '0VDVVJ' . 'JVFlfV1d' . 'BTEx' . 'f' . 'RVh' . 'DRV' . 'BU' . 'SU9O',
                'RkFJTF9DSEV' . 'DS0lORw==',
                'Q' . '2F' . 'uIG' . '5vdCBleGVj' . 'dXRlIHd3Y' . 'WxsIHJ1bGV' . 'z' . 'OiA' . '=', 'IFRyYWNlO' . 'iA=',
                'UkVRV' . 'UVTVF9VUkk=', 'a2V5cw==', 'dmFsdWVz', 'U0VD' . 'VVJ' . 'JVFlfV1d' . 'BTExfTU9ESUZ' . 'Z',
                '' . 'Lg==', 'U0VDV' . 'VJJVFlfV' . '1dBTExfVU5TRVQ' . '=', '' . 'Lg=' . '=',
                'U0' . 'VD' . 'VVJJ' . 'V' . 'Fl' . 'fV1' . 'dBT' . 'ExfRV' . 'hJV' . 'A=' . '=', '' . 'Lg==',
                'Z2x' . 'vYmFs', '' . 'a2V5' . 'cw=' . '=', '' . 'dm' . 'Fsd' . 'WVz', 'Z2V0', 'Z2V0',
                '' . 'cG9zd' . 'A==', '' . 'cG9z' . 'dA==', 'Y2' . '9va' . '2' . 'll', 'Y29' . 'va' . '2ll',
                'cmVx' . 'dW' . 'Vz' . 'dA' . '==', 'cm' . 'Vx' . 'dWVzdA=' . '=', 'Z2x' . 'vYmFs',
                'Z' . '2x' . 'v' . 'YmFs', 'bWFpbl9zZWM=', 'V1dBTExfQ' . 'UNUVUFMSV' . 'pFX1' . 'JV' . 'T' . 'EVT',
                'd' . 'g==', '' . 'dmVy' . 'c2l' . 'vbg=' . '=', 'aQ' . '==', 'aXNJbnN' . '0YWxsZ' . 'WQ=', 'dg==',
                'aW5' . 'p', 'c' . '29j' . 'a' . '2' . 'V' . '0VGltZW91dA==',
                'c' . '3' . 'R' . 'yZWF' . 't' . 'VGl' . 'tZW91dA=' . '=', 'KCc=', 'ZGF0YQ=' . '=', 'JywgJw==',
                'bW9kd' . 'Wxl', 'Jywg' . 'Jw==', 'bW9kdW' . 'xlX' . '3' . 'ZlcnNp' . 'b24=', 'Jyk' . '=', 'LC' . 'A=',
                'U0VDVVJJ' . 'VFlfV1dB' . 'TE' . 'xfR' . 'Vh' . 'DR' . 'V' . 'B' . 'USU' . '9' . 'O',
                'bW' . 'Fpbg' . '==', 'RkFJTF9SR' . 'UZS' . 'RV' . 'N' . 'IS' . 'U' . '5H',
                'Q2FuIG5vdC' . 'ByZW' . 'Zy' . 'ZXNoIHd3YWxsIHJ1bGVz' . 'OiA=', 'IF' . 'RyY' . 'WNlO' . 'iA=',
                'ZGF0YQ' . '==', 'eyI=', 'LS0' . 'tLS1CRUdJT' . 'iBQ' . 'VUJMS' . 'UMgS0VZ' . 'LS' . '0t' . 'LS0' . '=',
                'Ck' . '1JSU' . 'JJa' . 'kFOQm' . 'd' . 'rcWh' . 'raUc5' . 'dzB' . 'C' . 'QVFFRkF' . 'B' . 'T0N' .
                'BUThBTUlJQk' . 'N' . 'nS0NBUUVBcThR' . 'RTBIam1ISlVTdFdWNm4wemEKUlZvT' . 'Hgw' . 'Mkt' . '6YmZyYlMvU' .
                'DZzV' . '2F4' . 'VHp3OFNl' . 'R1' . 'R0YlRD' . 'T3JwSGk' . '1U' . 'U' . 'Y2T1J5alovWHh6L' . '0tM' .
                'VTFHY' . 'm9m' . 'OU' . 'NaMw' . 'o0e' . 'jdTa3' . 'FVd' . 'D' . 'Y' . '2aWJYdk' . '9' . 'GQng' .
                '0Znc' . 'vQV' . 'B' . 'QUkdE' . 'c' . 'X' . 'RtMG5E' . 'M2' . 'ZnR3' . 'N1M1J' . 'lUGd3Mj' .
                'lpOCt2bTdtdEJLS' . 'lV' . 'Z' . 'bDRyClZwYj' . 'ZzZlp' . 'FVDlLRWI2VDFIRFlt' . 'RX' . 'ZjM' . 'Wh' .
                'xL2lpdXl4THJ' . 'aWm' . 'k' . '1UTZVZmY0VUV2' . 'VEkr' . 'Njhzc0' . 'ZSa1Er' . 'b' . '3dU' . 'Un' .
                'kKZU' . '9' . 'JTWJGaE0vV' . 'VRt' . 'Z' . 'lZ' . 'Z' . 'YlRSRnkyb' . '1VROF' . 'dN' . 'emE' . 'ybk' .
                'o1U' . '2Fo' . 'emkxVUtPMW' . 'pBalhUUF' . 'JyemM3' . 'Q' . 'Wp' . '1' . 'NjM5ajFPMAp' . 'wc' . 'HF' .
                'mb' . 'TV4Z1dsRkFKa' . '0' . 'hRVGdiZGQ1' . 'Q' . 'VdxREZRa3Q5SEtr' . 'WS' . 't' . 'Ubm' . 'ZCTE' .
                'dWT' . 'XZWeV' . 'B3VEhOV1FZQX' . 'c0e' . 'HBnL' . '3' . 'dBClp3SURB' . 'U' . 'UFCCi' . '0t' . 'L' .
                'S0tR' . 'U' . '5' . 'EIFBVQkx' . 'JQyBLRV' . 'kt' . 'L' . 'S0tLQ==');
        return base64_decode($_1919157925[$_2120270678]);
    }
};

use Bitrix\Main\Application;
use Bitrix\Main\Config\Option;
use Bitrix\Main\Data\Cache;
use Bitrix\Main\ModuleManager;
use Bitrix\Main\Security\PublicKeyCipher;
use Bitrix\Main\SystemException;
use Bitrix\Main\Web\HttpClient;
use Bitrix\Main\Web\Json;
use Bitrix\Main\Security\W\Rules\Rule;
use Bitrix\Main\Security\W\Rules\Results\RuleAction;
use Bitrix\Main\Security\W\Rules\Results\RuleResult;
use Bitrix\Main\Security\W\Rules\Results\CheckResult;
use Bitrix\Main\Security\W\Rules\Results\ModifyResult;
use Bitrix\Main\Type\ArrayHelper;
use Bitrix\Main\Security\W\Rules\RuleRecordTable;
use ReflectionExtension;

class WWall
{
    const CACHE_RULES_TTL = 10800;
    private static $_1212362079 = 'https://wwall.bitrix.info/rules.php';
    protected $_1508822158 = true;

    public function handle()
    {
        try {
            $_1392812524 = RuleRecordTable::getList(['cache' => ['ttl' => 3600 * 24 * 7]])->fetchAll();
            if (empty($_1392812524)) {
                return;
            }
            $_559348624 = Cache::createInstance();
            $_2132879287 = false;
            if ($_559348624->initCache(static::CACHE_RULES_TTL, 'WWALL_LOCK', 'security')) {
                $_902230095 = $_559348624->getVars();
                if ($GLOBALS['____685273414'][0]() - $_902230095 > round(0 + 5 + 5 + 5 + 5)) {
                    $_922881542 = Application::getConnection();
                    $_959446121 = RuleRecordTable::getTableName();
                    $_922881542->truncateTable($_959446121);
                    RuleRecordTable::cleanCache();
                    $_559348624->clean(___125000321(0), ___125000321(1));
                }
            } elseif ($_559348624->startDataCache()) {
                $_559348624->endDataCache($GLOBALS['____685273414'][1]());
                $_2132879287 = true;
            }
            foreach ($_1392812524 as $_635905475) {
                $_1191117338 = new PublicKeyCipher;
                $_264978350 = $_1191117338->decrypt($_635905475[___125000321(2)], static::__986225707());
                if (!str_starts_with($_264978350, ___125000321(3))) {
                    continue;
                }
                $_1643931111 = $GLOBALS['____685273414'][2]($_264978350, true);
                if (!empty($_1643931111)) {
                    $_1850576814 = Rule::make($_1643931111);
                    $_1531110473 = $this->handleRule($_1850576814);
                    $this->applyHandlingResults($_1531110473);
                }
            }
            if ($_2132879287) {
                $_559348624->clean(___125000321(4), ___125000321(5));
            }
        } catch (\Throwable $_827808309) {
            $this->logEvent(___125000321(6), ___125000321(7),
                ___125000321(8) . $_827808309->getMessage() . ___125000321(9) . $_827808309->getTraceAsString());
        }
    }

    public function handleRule(Rule $_1850576814): array
    {
        $_1531110473 = [];
        if ($_1850576814->matchPath($_SERVER[___125000321(10)])) {
            $_261947781 = $this->getContextElements($_1850576814->getContext());
            foreach ($_261947781 as $_856864095 => &$_1496276265) {
                $_1531110473 = $GLOBALS['____685273414'][3]($_1531110473,
                    $this->recursiveContextKeyHandle($_856864095, $_1496276265, [], $_1850576814));
            }
        }
        return $_1531110473;
    }

    public function applyHandlingResults(array $_1531110473)
    {
        $_261947781 = $this->getContextElements(['get', 'post', 'cookie', 'request', 'global']);
        foreach ($_1531110473 as $_1425439313) {
            $_1496276265 =& $_261947781[$_1425439313->getContextName()];
            $_1030007695 = $_1425439313->getRuleResult();
            $_1850576814 = $_1425439313->getRule();
            if ($_1030007695 instanceof ModifyResult) {
                if ($_1850576814->getProcess() === ___125000321(11)) {
                    static::rewriteContextKey($_1425439313->getContextName(), $_1496276265,
                        $_1425439313->getContextKey(), $_1030007695->getCleanValue());
                } elseif ($_1850576814->getProcess() === ___125000321(12)) {
                    static::rewriteContextValue($_1425439313->getContextName(), $_1496276265,
                        $_1425439313->getContextKey(), $_1030007695->getCleanValue());
                }
                $this->logEvent(___125000321(13), $_1425439313->getContextName(),
                    $GLOBALS['____685273414'][4](___125000321(14), $_1425439313->getContextKey()));
            } elseif ($_1030007695 instanceof CheckResult && !$_1030007695->isSuccess()) {
                if ($_1030007695->getAction() === RuleAction::UNSET) {
                    static::unsetContextValue($_1425439313->getContextName(), $_1496276265,
                        $_1425439313->getContextKey(),);
                    $this->logEvent(___125000321(15), $_1425439313->getContextName(),
                        $GLOBALS['____685273414'][5](___125000321(16), $_1425439313->getContextKey()));
                } elseif ($_1030007695->getAction() === RuleAction::EXIT) {
                    $this->logEvent(___125000321(17), $_1425439313->getContextName(),
                        $GLOBALS['____685273414'][6](___125000321(18), $_1425439313->getContextKey()));
                    exit;
                }
            }
        }
    }

    public function disableEventLogging()
    {
        $this->_1508822158 = false;
    }

    protected function rewriteContextKey($_856864095, &$_1496276265, $_1084881637, $_1892728094)
    {
        $_621191798 = $_1084881637;
        $GLOBALS['____685273414'][7]($_621191798);
        $_621191798[] = $_1892728094;
        if ($_856864095 === ___125000321(19)) {
            $_495822601 = $GLOBALS['____685273414'][8]($_1084881637);
            $GLOBALS['____685273414'][9]($_621191798);
            if (empty($_1084881637)) {
                $GLOBALS[$_1892728094] = $GLOBALS[$_495822601];
                unset($GLOBALS[$_495822601]);
            } else {
                $_1496276265 =& $GLOBALS[$_495822601];
                $_599488940 = ArrayHelper::getByNestedKey($_1496276265, $_1084881637);
                ArrayHelper::setByNestedKey($_1496276265, $_621191798, $_599488940);
                ArrayHelper::unsetByNestedKey($_1496276265, $_1084881637);
            }
        } else {
            $_599488940 = ArrayHelper::getByNestedKey($_1496276265, $_1084881637);
            ArrayHelper::setByNestedKey($_1496276265, $_621191798, $_599488940);
            ArrayHelper::unsetByNestedKey($_1496276265, $_1084881637);
        }
    }

    protected function rewriteContextValue($_856864095, &$_1496276265, $_1420691434, $_599488940)
    {
        if ($_856864095 === 'global') {
            $_495822601 = $GLOBALS['____685273414'][10]($_1420691434);
            if (empty($_1420691434)) {
                $GLOBALS[$_495822601] = $_599488940;
            } else {
                $_1496276265 =& $GLOBALS[$_495822601];
                ArrayHelper::setByNestedKey($_1496276265, $_1420691434, $_599488940);
            }
        } else {
            ArrayHelper::setByNestedKey($_1496276265, $_1420691434, $_599488940);
        }
    }

    protected function unsetContextValue($_856864095, &$_1496276265, $_1420691434)
    {
        if ($_856864095 === 'global') {
            $_495822601 = $GLOBALS['____685273414'][11]($_1420691434);
            if (empty($_1420691434)) {
                unset($GLOBALS[$_495822601]);
            } else {
                $_1496276265 =& $GLOBALS[$_495822601];
                ArrayHelper::unsetByNestedKey($_1496276265, $_1420691434);
            }
        } else {
            ArrayHelper::unsetByNestedKey($_1496276265, $_1420691434);
        }
    }

    protected function recursiveContextKeyHandle(string $_856864095, array &$_1496276265, array $_971548743,
                                                 Rule $_1850576814): array
    {
        $_1531110473 = [];
        foreach ($_1496276265 as $_2053128305 => $_599488940) {
            $_1420691434 = $GLOBALS['____685273414'][12]($_971548743, [$_2053128305]);
            if ($_1850576814->matchKey($_1420691434)) {
                if ($_1850576814->getProcess() === ___125000321(20)) {
                    $_1030007695 = $_1850576814->evaluate($_2053128305);
                } elseif ($_1850576814->getProcess() === ___125000321(21)) {
                    $_1030007695 = $_1850576814->evaluateValue($_599488940);
                }
                if (!empty($_1030007695) && $_1030007695 instanceof RuleResult) {
                    $_1531110473[] = new HandlingResult($_856864095, $_1420691434, $_1030007695, $_1850576814);
                }
            }
            if ($GLOBALS['____685273414'][13]($_599488940)) {
                $_1531110473 = $GLOBALS['____685273414'][14]($_1531110473,
                    $this->recursiveContextKeyHandle($_856864095, $_1496276265[$_2053128305], $_1420691434,
                        $_1850576814));
            }
        }
        return $_1531110473;
    }

    protected function getContextElements(array $_2033840673)
    {
        $_2087439224 = [];
        if ($GLOBALS['____685273414'][15](___125000321(22), $_2033840673, true)) {
            $_2087439224[___125000321(23)] = &$_GET;
        }
        if ($GLOBALS['____685273414'][16](___125000321(24), $_2033840673, true)) {
            $_2087439224[___125000321(25)] = &$_POST;
        }
        if ($GLOBALS['____685273414'][17](___125000321(26), $_2033840673, true)) {
            $_2087439224[___125000321(27)] = &$_COOKIE;
        }
        if ($GLOBALS['____685273414'][18](___125000321(28), $_2033840673, true)) {
            $_2087439224[___125000321(29)] = &$_REQUEST;
        }
        if ($GLOBALS['____685273414'][19](___125000321(30), $_2033840673, true)) {
            $_2087439224[___125000321(31)] = $GLOBALS;
        }
        return $_2087439224;
    }

    public static function refreshRules()
    {
        try {
            $_2042952140 = Option::get('main_sec', 'WWALL_ACTUALIZE_RULES', 0);
            if (($GLOBALS['____685273414'][20]() - $_2042952140) < static::CACHE_RULES_TTL) {
                return;
            }
            Option::set(___125000321(32), ___125000321(33), $GLOBALS['____685273414'][21]());
            $_325769198 = null;
            $_1640073540 = $GLOBALS['____685273414'][22](function ($_762385693) {
                return [___125000321(34) => $_762385693[___125000321(35)],
                    ___125000321(36) => (int)$_762385693[___125000321(37)]];
            }, ModuleManager::getModulesFromDisk());
            $_18068556 = [];
            foreach ($GLOBALS['____685273414'][23]() as $_1373112692) {
                $_1260101882 = new ReflectionExtension($_1373112692);
                $_18068556[$_1373112692] =
                    [___125000321(38) => $_1260101882->getVersion(), ___125000321(39) => $_1260101882->getINIEntries()];
            }
            $_1319456541 = new HttpClient([___125000321(40) => round(0 + 1.25 + 1.25 + 1.25 + 1.25),
                ___125000321(41) => round(0 + 5)]);
            $_539470450 = $_1319456541->post(static::$_1212362079,
                ['modules' => $GLOBALS['____685273414'][24]($_1640073540),
                    'license' => Application::getInstance()->getLicense()->getHashLicenseKey(),
                    'php' => $GLOBALS['____685273414'][25](['v' => $GLOBALS['____685273414'][26](),
                        'ext' => $_18068556]),]);
            if ($_1319456541->getStatus() == round(0 + 100 + 100) && !empty($_539470450)) {
                $_325769198 = Json::decode($_539470450);
            }
            if ($_325769198 !== null) {
                $_922881542 = Application::getConnection();
                $_959446121 = RuleRecordTable::getTableName();
                if (!empty($_325769198)) {
                    foreach ($_325769198 as $_1514742390) {
                        if (!static::checkRuleSign($_1514742390)) {
                            throw new SystemException('Invalid sign for rule ' .
                                $GLOBALS['____685273414'][27]($_1514742390));
                        }
                    }
                }
                $_922881542->truncateTable($_959446121);
                if (!empty($_325769198)) {
                    $_1244626267 = [];
                    foreach ($_325769198 as $_1514742390) {
                        $_1244626267[] =
                            ___125000321(42) . $_922881542->getSqlHelper()->forSql($_1514742390[___125000321(43)]) .
                            ___125000321(44) . $_922881542->getSqlHelper()->forSql($_1514742390[___125000321(45)]) .
                            ___125000321(46) . $_922881542->getSqlHelper()->forSql($_1514742390[___125000321(47)]) .
                            ___125000321(48);
                    }
                    $_1574484706 = $GLOBALS['____685273414'][28](___125000321(49), $_1244626267);
                    $_922881542->query("INSERT INTO {$_959446121} (DATA, MODULE, MODULE_VERSION) VALUES {$_1574484706}");
                    RuleRecordTable::cleanCache();
                }
            }
        } catch (\Throwable $_827808309) {
            \CEventLog::log(\CEventLog::SEVERITY_SECURITY, ___125000321(50), ___125000321(51), ___125000321(52),
                ___125000321(53) . $_827808309->getMessage() . ___125000321(54) . $_827808309->getTraceAsString());
        }
    }

    protected static function checkRuleSign($_1850576814)
    {
        $_1191117338 = new PublicKeyCipher;
        $_1643931111 = $_1191117338->decrypt($_1850576814[___125000321(55)], static::__986225707());
        return str_starts_with($_1643931111, ___125000321(56));
    }

    private static function __986225707()
    {
        $_1287627542 = '';
        $_1287627542 .= ___125000321(57);
        $_1287627542 .= ___125000321(58);
        return $_1287627542;
    }

    protected function logEvent($_1272057567, $_1029774175, $_1981494513)
    {
        if ($this->_1508822158) {
            \CEventLog::log(\CEventLog::SEVERITY_SECURITY, $_1272057567, 'main', $_1029774175, $_1981494513);
        }
    }
} ?>

Function Calls

None

Variables

None

Stats

MD5 c264fc91ae126f99cad6aff9fd3fe050
Eval Count 0
Decode Time 73 ms