Your IP : 216.73.216.86
<? namespace Bitrix\Main\Security\W;$GLOBALS['____887368182']= array(base64_decode('d'.'GltZQ=='),base64_decode('dGltZQ=='),base64_decode('anNvbl'.'9kZWNv'.'ZGU='),base64_decode('YXJyYXlfbWV'.'yZ2U='),base64_decode('am9p'.'bg=='),base64_decode(''.'am9pbg=='),base64_decode('am'.'9pbg=='),base64_decode('YXJy'.'YXlf'.'cG9w'),base64_decode('Y'.'XJy'.'Y'.'Xlf'.'c'.'2hp'.'Z'.'nQ='),base64_decode(''.'YXJy'.'YXlfc'.'2h'.'pZ'.'nQ='),base64_decode('YXJyYXlfc2hpZnQ='),base64_decode('YXJ'.'yYX'.'lfc2'.'hpZ'.'nQ='),base64_decode('YXJ'.'yYX'.'lf'.'bWVyZ2U='),base64_decode('aXN'.'f'.'YXJyYXk='),base64_decode('Y'.'XJ'.'yYXlfbWVyZ2'.'U='),base64_decode('aW5fYXJyYXk='),base64_decode('aW5fY'.'XJ'.'yYX'.'k'.'='),base64_decode(''.'aW5fYXJyYXk='),base64_decode('aW5fYXJ'.'yY'.'Xk'.'='),base64_decode('a'.'W5'.'fYXJyYXk'.'='),base64_decode('dGlt'.'Z'.'Q'.'='.'='),base64_decode('dGltZ'.'Q=='),base64_decode('YXJyYXlfb'.'WFw'),base64_decode('Z2V0X2xv'.'Y'.'WRlZ'.'F9leHRlbn'.'Npb25z'),base64_decode('anNvbl9lbmNvZ'.'GU='),base64_decode('an'.'Nvb'.'l9lbm'.'N'.'v'.'ZGU='),base64_decode('cGhwdmVyc'.'2lvbg=='),base64_decode('anN'.'vbl'.'9'.'l'.'bmNvZGU='),base64_decode('am9'.'pbg=='));if(!function_exists(__NAMESPACE__.'\\___1730401967')){function ___1730401967($_947830927){static $_1656550453= false; if($_1656550453 == false) $_1656550453=array('V1d'.'BTExfTE9DSw==','c2Vjd'.'XJ'.'pdHk=',''.'R'.'EFUQ'.'Q==','e'.'yI=','V1d'.'BTExf'.'TE9DSw'.'='.'=','c2VjdXJpdHk=','U0'.'VDVV'.'JJVFlfV1dBTExfR'.'Vh'.'DRVBUSU9'.'O','RkFJTF9D'.'SEVDS0lOR'.'w'.'==','Q2'.'Fu'.'IG'.'5vdC'.'BleGVj'.'dXRl'.'IHd'.'3'.'YW'.'x'.'sIHJ1bGV'.'zOiA=','IFRyY'.'WNlOiA=','UkVRVUVT'.'VF9'.'V'.'Ukk=','a'.'2V5cw==','dmFs'.'dWV'.'z','U0'.'VDVVJJVFlfV1dBTExfT'.'U9'.'ESU'.'ZZ','Lg'.'==','U'.'0'.'VDVVJ'.'J'.'VFlfV1d'.'B'.'T'.'ExfVU5TRVQ'.'=','Lg'.'==','U0VDV'.'V'.'JJVFlfV1d'.'BT'.'E'.'xfR'.'VhJVA==','Lg==',''.'Z2x'.'vYm'.'Fs','a2V5cw==','dmFsdWVz','Z2V0','Z2V0','cG9z'.'dA'.'==','cG9zdA==','Y2'.'9va2ll','Y29v'.'a2ll',''.'cmVxdWVz'.'dA==',''.'c'.'mVxdWVzdA'.'==',''.'Z2xv'.'Y'.'m'.'Fs','Z2xvYmFs','bWFpbl9zZWM=',''.'V1dBTExfQ'.'UNUVUF'.'MSV'.'pFX1JVTE'.'VT','dg==','dmVyc2lvbg==','a'.'Q'.'==','a'.'XNJbnN'.'0YWxs'.'ZWQ=','d'.'g==','aW'.'5p',''.'bW9k'.'dWxlc'.'w==','bGljZW5zZQ==','cGh'.'w','dg'.'==','ZXh0','c'.'2VjdXJpd'.'Hk=',''.'ZGI=','dHlw'.'Z'.'Q==','Z'.'G'.'I=','dmVyc2lvbg==',''.'ZGI'.'=','d'.'HlwZQ==','ZGI=','dHlwZQ'.'==',''.'dmVyc2lvb'.'g==','Z'.'GI=','dmVyc2'.'lvbg==','ZW52aX'.'Jv'.'bm1lbnQ'.'=','dm1'.'fdmV'.'yc2'.'l'.'vbg==','dm'.'0=',''.'d'.'g==','ZW'.'5'.'2aXJvbm'.'1lbnQ=','dm1fd'.'m'.'Vyc2lvbg==','c'.'29j'.'a2V0VGlt'.'ZW91dA==','c3RyZWFtVGltZW91dA='.'=','KC'.'c=','Z'.'G'.'F0YQ==','JywgJw'.'==',''.'bW9kdWxl','JywgJw='.'=',''.'bW9k'.'dWxl'.'X3Zlcn'.'N'.'pb24=','J'.'yk=','LCA=','U'.'0VDVVJJ'.'VFlfV1'.'dBT'.'Exf'.'RVhDRVBUS'.'U9'.'O',''.'bWFpbg'.'='.'=','R'.'kF'.'JT'.'F'.'9'.'SRUZSRVNI'.'SU5'.'H','Q2'.'FuIG5vdCByZW'.'ZyZ'.'X'.'NoI'.'Hd3YWxsIHJ1'.'b'.'G'.'Vz'.'OiA=','I'.'F'.'RyY'.'WNlO'.'iA=','ZGF0YQ'.'==','e'.'yI=',''.'LS0'.'tLS'.'1CRU'.'dJ'.'TiBQVUJMSUM'.'gS0VZLS'.'0tLS0'.'=',''.'Ck'.'1JSU'.'JJ'.'akFO'.'Qmdr'.'cWhraU'.'c5dzBCQVF'.'F'.'RkF'.'BT0NB'.'UThBT'.'UlJQkN'.'nS'.'0NBUUV'.'BcT'.'hRRTBIam1ISlV'.'T'.'dF'.'dWNm4wemEK'.'UlZv'.'THgwMkt6YmZyYlMvUDZzV2F4'.'VHp3O'.'FNlR1R0YlRDT'.'3JwS'.'Gk1UUY2T'.'1'.'J'.'5alovWHh6L0tMVTFHYm'.'9'.'mO'.'UNa'.'Mwo'.'0ejdTa3FVdDY2a'.'WJYdk9GQ'.'ng0Z'.'n'.'cvQVB'.'QUk'.'dEcXRtM'.'G'.'5EM2Z'.'nR3N1M1JlUGd3Mjl'.'pO'.'Ct2'.'bTdtd'.'E'.'JLSlVZ'.'b'.'DRyCl'.'ZwYjZzZlpFVDlL'.'RWI2VDFI'.'R'.'Flt'.'RX'.'ZjMW'.'hxL'.'2lpdXl'.'4T'.'HJaW'.'mk1UTZVZmY0VUV'.'2V'.'E'.'krNjhzc0'.'Z'.'Sa1E'.'rb3dU'.'Unk'.'KZU'.'9JTWJGa'.'E0vVV'.'RtZlZZ'.'Y'.'lRSRnkyb1VROFdNemEy'.'bko1U2Foemkx'.'VUtPM'.'WpBa'.'lhU'.'U'.'F'.'Jy'.'emM3QWp1'.'Nj'.'M5a'.'j'.'FPMA'.'pwcH'.'FmbTV4Z'.'1'.'dsRkF'.'Ka'.'0hRVGd'.'i'.'ZGQ1'.'QVd'.'xR'.'E'.'ZRa3'.'Q5SEtrWStU'.'bm'.'ZCTEdWTXZ'.'We'.'VB3VEhOV'.'1'.'FZQXc0e'.'HB'.'nL3dBClp3SURBUUFCCi'.'0tL'.'S0tRU5EIFBV'.'QkxJQy'.'BLRV'.'k'.'tLS0tLQ==');return base64_decode($_1656550453[$_947830927]);}}; use Bitrix\Main\Application; use Bitrix\Main\Config\Option; use Bitrix\Main\Data\Cache; use Bitrix\Main\Loader; use Bitrix\Main\ModuleManager; use Bitrix\Main\Security\PublicKeyCipher; use Bitrix\Main\SystemException; use Bitrix\Main\Web\HttpClient; use Bitrix\Main\Web\Json; use Bitrix\Main\Security\W\Rules\Rule; use Bitrix\Main\Security\W\Rules\Results\RuleAction; use Bitrix\Main\Security\W\Rules\Results\RuleResult; use Bitrix\Main\Security\W\Rules\Results\CheckResult; use Bitrix\Main\Security\W\Rules\Results\ModifyResult; use Bitrix\Main\Type\ArrayHelper; use Bitrix\Main\Security\W\Rules\RuleRecordTable; use CSecuritySystemInformation; use ReflectionExtension; class WWall{ const CACHE_RULES_TTL= 10800; private static $_1165038520= 'https://wwall.bitrix.info/rules.php'; protected $_1386764961= true; public function handle(){ try{ $_664787825= RuleRecordTable::getList([ 'cache' =>['ttl' => 3600* 24* 7]])->fetchAll(); if(empty($_664787825)){ return;} $_75248929= Cache::createInstance(); $_1128930481= false; if($_75248929->initCache(static::CACHE_RULES_TTL, 'WWALL_LOCK', 'security')){ $_785802894= $_75248929->getVars(); if($GLOBALS['____887368182'][0]()- $_785802894> round(0+6.6666666666667+6.6666666666667+6.6666666666667)){ $_2060478086= Application::getConnection(); $_111747163= RuleRecordTable::getTableName(); $_2060478086->truncateTable($_111747163); RuleRecordTable::cleanCache(); $_75248929->clean(___1730401967(0), ___1730401967(1));}} elseif($_75248929->startDataCache()){ $_75248929->endDataCache($GLOBALS['____887368182'][1]()); $_1128930481= true;} foreach($_664787825 as $_317440744){ $_1072965563= new PublicKeyCipher; $_616225810= $_1072965563->decrypt($_317440744[___1730401967(2)], static::__1967700907()); if(!str_starts_with($_616225810, ___1730401967(3))){ continue;} $_412792656= $GLOBALS['____887368182'][2]($_616225810, true); if(!empty($_412792656)){ $_1408268474= Rule::make($_412792656); $_2081971692= $this->handleRule($_1408268474); $this->applyHandlingResults($_2081971692);}} if($_1128930481){ $_75248929->clean(___1730401967(4), ___1730401967(5));}} catch(\Throwable $_342259332){ $this->logEvent( ___1730401967(6), ___1730401967(7), ___1730401967(8). $_342259332->getMessage(). ___1730401967(9). $_342259332->getTraceAsString());}} public function handleRule(Rule $_1408268474): array{ $_2081971692=[]; if($_1408268474->matchPath($_SERVER[___1730401967(10)])){ $_602066494= $this->getContextElements($_1408268474->getContext()); foreach($_602066494 as $_197385318 => &$_465476592){ $_2081971692= $GLOBALS['____887368182'][3]($_2081971692, $this->recursiveContextKeyHandle($_197385318, $_465476592,[], $_1408268474));}} return $_2081971692;} public function applyHandlingResults(array $_2081971692){ $_602066494= $this->getContextElements([ 'get', 'post', 'cookie', 'request', 'global']); foreach($_2081971692 as $_555783071){ $_465476592=& $_602066494[$_555783071->getContextName()]; $_1473941081= $_555783071->getRuleResult(); $_1408268474= $_555783071->getRule(); if($_1473941081 instanceof ModifyResult){ if($_1408268474->getProcess() === ___1730401967(11)){ static::rewriteContextKey( $_555783071->getContextName(), $_465476592, $_555783071->getContextKey(), $_1473941081->getCleanValue());} elseif($_1408268474->getProcess() === ___1730401967(12)){ static::rewriteContextValue( $_555783071->getContextName(), $_465476592, $_555783071->getContextKey(), $_1473941081->getCleanValue());} $this->logEvent( ___1730401967(13), $_555783071->getContextName(), $GLOBALS['____887368182'][4](___1730401967(14), $_555783071->getContextKey()));} elseif($_1473941081 instanceof CheckResult &&!$_1473941081->isSuccess()){ if($_1473941081->getAction() === RuleAction::UNSET){ static::unsetContextValue( $_555783071->getContextName(), $_465476592, $_555783071->getContextKey(),); $this->logEvent( ___1730401967(15), $_555783071->getContextName(), $GLOBALS['____887368182'][5](___1730401967(16), $_555783071->getContextKey()));} elseif($_1473941081->getAction() === RuleAction::EXIT){ $this->logEvent( ___1730401967(17), $_555783071->getContextName(), $GLOBALS['____887368182'][6](___1730401967(18), $_555783071->getContextKey())); exit;}}}} public function disableEventLogging(){ $this->_1386764961= false;} protected function rewriteContextKey($_197385318, &$_465476592, $_396282249, $_1545227310){ $_1427491685= $_396282249; $GLOBALS['____887368182'][7]($_1427491685); $_1427491685[]= $_1545227310; if($_197385318 === ___1730401967(19)){ $_1450290493= $GLOBALS['____887368182'][8]($_396282249); $GLOBALS['____887368182'][9]($_1427491685); if(empty($_396282249)){ $GLOBALS[$_1545227310]= $GLOBALS[$_1450290493]; unset($GLOBALS[$_1450290493]);} else{ $_465476592=& $GLOBALS[$_1450290493]; $_1576061992= ArrayHelper::getByNestedKey($_465476592, $_396282249); ArrayHelper::setByNestedKey($_465476592, $_1427491685, $_1576061992); ArrayHelper::unsetByNestedKey($_465476592, $_396282249);}} else{ $_1576061992= ArrayHelper::getByNestedKey($_465476592, $_396282249); ArrayHelper::setByNestedKey($_465476592, $_1427491685, $_1576061992); ArrayHelper::unsetByNestedKey($_465476592, $_396282249);}} protected function rewriteContextValue($_197385318, &$_465476592, $_714789648, $_1576061992){ if($_197385318 === 'global'){ $_1450290493= $GLOBALS['____887368182'][10]($_714789648); if(empty($_714789648)){ $GLOBALS[$_1450290493]= $_1576061992;} else{ $_465476592=& $GLOBALS[$_1450290493]; ArrayHelper::setByNestedKey($_465476592, $_714789648, $_1576061992);}} else{ ArrayHelper::setByNestedKey($_465476592, $_714789648, $_1576061992);}} protected function unsetContextValue($_197385318, &$_465476592, $_714789648){ if($_197385318 === 'global'){ $_1450290493= $GLOBALS['____887368182'][11]($_714789648); if(empty($_714789648)){ unset($GLOBALS[$_1450290493]);} else{ $_465476592=& $GLOBALS[$_1450290493]; ArrayHelper::unsetByNestedKey($_465476592, $_714789648);}} else{ ArrayHelper::unsetByNestedKey($_465476592, $_714789648);}} protected function recursiveContextKeyHandle(string $_197385318, array &$_465476592, array $_707041269, Rule $_1408268474): array{ $_2081971692=[]; foreach($_465476592 as $_293898156 => $_1576061992){ $_714789648= $GLOBALS['____887368182'][12]($_707041269,[$_293898156]); if($_1408268474->matchKey($_714789648)){ if($_1408268474->getProcess() === ___1730401967(20)){ $_1473941081= $_1408268474->evaluate($_293898156);} elseif($_1408268474->getProcess() === ___1730401967(21)){ $_1473941081= $_1408268474->evaluateValue($_1576061992);} if(!empty($_1473941081) && $_1473941081 instanceof RuleResult){ $_2081971692[]= new HandlingResult($_197385318, $_714789648, $_1473941081, $_1408268474);}} if($GLOBALS['____887368182'][13]($_1576061992)){ $_2081971692= $GLOBALS['____887368182'][14]($_2081971692, $this->recursiveContextKeyHandle( $_197385318, $_465476592[$_293898156], $_714789648, $_1408268474));}} return $_2081971692;} protected function getContextElements(array $_624099534){ $_1564118744=[]; if($GLOBALS['____887368182'][15](___1730401967(22), $_624099534, true)){ $_1564118744[___1730401967(23)]= &$_GET;} if($GLOBALS['____887368182'][16](___1730401967(24), $_624099534, true)){ $_1564118744[___1730401967(25)]= &$_POST;} if($GLOBALS['____887368182'][17](___1730401967(26), $_624099534, true)){ $_1564118744[___1730401967(27)]= &$_COOKIE;} if($GLOBALS['____887368182'][18](___1730401967(28), $_624099534, true)){ $_1564118744[___1730401967(29)]= &$_REQUEST;} if($GLOBALS['____887368182'][19](___1730401967(30), $_624099534, true)){ $_1564118744[___1730401967(31)]= $GLOBALS;} return $_1564118744;} public static function refreshRules(){ try{ $_542923318= Option::get('main_sec', 'WWALL_ACTUALIZE_RULES', 0); if(($GLOBALS['____887368182'][20]()- $_542923318)< static::CACHE_RULES_TTL){ return;} Option::set(___1730401967(32), ___1730401967(33), $GLOBALS['____887368182'][21]()); $_53010662= null; $_1258572713= $GLOBALS['____887368182'][22](function($_270322626){ return[___1730401967(34) => $_270322626[___1730401967(35)], ___1730401967(36) => (int) $_270322626[___1730401967(37)]];}, ModuleManager::getModulesFromDisk()); $_1760807567=[]; foreach($GLOBALS['____887368182'][23]() as $_60859757){ $_1744650187= new ReflectionExtension($_60859757); $_1760807567[$_60859757]=[ ___1730401967(38) => $_1744650187->getVersion(), ___1730401967(39) => $_1744650187->getINIEntries()];} $_547331822=[ ___1730401967(40) => $GLOBALS['____887368182'][24]($_1258572713), ___1730401967(41) => Application::getInstance()->getLicense()->getHashLicenseKey(), ___1730401967(42) => $GLOBALS['____887368182'][25]([ ___1730401967(43) => $GLOBALS['____887368182'][26](), ___1730401967(44) => $_1760807567])]; if(Loader::includeModule(___1730401967(45))){ $_1602854495= CSecuritySystemInformation::getSystemInformation(); if(isset($_1602854495[___1730401967(46)][___1730401967(47)]) && isset($_1602854495[___1730401967(48)][___1730401967(49)])){ $_547331822[___1730401967(50)]=[ ___1730401967(51) => $_1602854495[___1730401967(52)][___1730401967(53)], ___1730401967(54) => $_1602854495[___1730401967(55)][___1730401967(56)]];} if(isset($_1602854495[___1730401967(57)][___1730401967(58)])){ $_547331822[___1730401967(59)]=[___1730401967(60) => $_1602854495[___1730401967(61)][___1730401967(62)]];}} $_1264931677= new HttpClient([ ___1730401967(63) => round(0+1.25+1.25+1.25+1.25), ___1730401967(64) => round(0+2.5+2.5)]); $_491653765= $_1264931677->post( static::$_1165038520, $_547331822); if($_1264931677->getStatus() == round(0+66.666666666667+66.666666666667+66.666666666667) &&!empty($_491653765)){ $_53010662= Json::decode($_491653765);} if($_53010662 !== null){ $_2060478086= Application::getConnection(); $_111747163= RuleRecordTable::getTableName(); if(!empty($_53010662)){ foreach($_53010662 as $_1589027597){ if(!static::checkRuleSign($_1589027597)){ throw new SystemException('Invalid sign for rule '.$GLOBALS['____887368182'][27]($_1589027597));}}} $_2060478086->truncateTable($_111747163); if(!empty($_53010662)){ $_498515627=[]; foreach($_53010662 as $_1589027597){ $_498515627[]= ___1730401967(65). $_2060478086->getSqlHelper()->forSql($_1589027597[___1730401967(66)]). ___1730401967(67). $_2060478086->getSqlHelper()->forSql($_1589027597[___1730401967(68)]). ___1730401967(69). $_2060478086->getSqlHelper()->forSql($_1589027597[___1730401967(70)]). ___1730401967(71);} $_753184313= $GLOBALS['____887368182'][28](___1730401967(72), $_498515627); $_2060478086->query("INSERT INTO {$_111747163} (DATA, MODULE, MODULE_VERSION) VALUES {$_753184313}"); RuleRecordTable::cleanCache();}}} catch(\Throwable $_342259332){ \CEventLog::log( \CEventLog::SEVERITY_SECURITY, ___1730401967(73), ___1730401967(74), ___1730401967(75), ___1730401967(76). $_342259332->getMessage(). ___1730401967(77). $_342259332->getTraceAsString());}} protected static function checkRuleSign($_1408268474){ $_1072965563= new PublicKeyCipher; $_412792656= $_1072965563->decrypt($_1408268474[___1730401967(78)], static::__1967700907()); return str_starts_with($_412792656, ___1730401967(79));} private static function __1967700907(){ $_1392087457= ''; $_1392087457 .= ___1730401967(80); $_1392087457 .= ___1730401967(81); return $_1392087457;} protected function logEvent($_1154177713, $_1600598730, $_2143267083){ if($this->_1386764961){ \CEventLog::log( \CEventLog::SEVERITY_SECURITY, $_1154177713, 'main', $_1600598730, $_2143267083);}}}?>