Your IP : 216.73.216.86
<? namespace Bitrix\Main\Security\W;$GLOBALS['____850102778']= array(base64_decode('dGltZQ'.'=='),base64_decode(''.'d'.'G'.'lt'.'ZQ=='),base64_decode('an'.'N'.'v'.'b'.'l9kZWNv'.'Z'.'GU='),base64_decode('YX'.'JyY'.'X'.'lfb'.'WV'.'yZ2U='),base64_decode(''.'am9pb'.'g=='),base64_decode('am9'.'pb'.'g='.'='),base64_decode('a'.'m9'.'pb'.'g=='),base64_decode('YXJ'.'y'.'YXlfcG'.'9w'),base64_decode('Y'.'XJyYXlf'.'c2hpZ'.'nQ='),base64_decode('YXJyY'.'Xlfc2hpZnQ='),base64_decode('YXJy'.'YX'.'l'.'fc2'.'h'.'pZnQ='),base64_decode(''.'YX'.'J'.'yYXlfc2hpZnQ='),base64_decode('YXJyY'.'X'.'lfbWV'.'yZ'.'2'.'U'.'='),base64_decode('aXNfY'.'XJy'.'YXk='),base64_decode('YXJy'.'YX'.'l'.'fbWVyZ2U='),base64_decode('aW5fYXJyYXk'.'='),base64_decode('aW5fYXJyYXk='),base64_decode('aW5fYXJ'.'yYXk'.'='),base64_decode('aW5'.'fY'.'XJyY'.'Xk='),base64_decode('a'.'W5'.'fY'.'X'.'JyYXk='),base64_decode('dGltZQ'.'=='),base64_decode('dGltZQ=='),base64_decode('Y'.'XJyYXlfbWFw'),base64_decode('Z2V0X'.'2xvYW'.'RlZF9le'.'H'.'Rlb'.'nNpb25z'),base64_decode('anNvb'.'l'.'9l'.'bmNvZGU='),base64_decode('a'.'nNvb'.'l9lbmNvZGU'.'='),base64_decode('cGhwdmVyc2lvbg=='),base64_decode('anNv'.'bl9lbmNv'.'ZGU='),base64_decode('am'.'9'.'pbg'.'=='));if(!function_exists(__NAMESPACE__.'\\___1432698137')){function ___1432698137($_344556574){static $_971475454= false; if($_971475454 == false) $_971475454=array('V1dBTExfTE9'.'DS'.'w==','c'.'2VjdXJ'.'pdHk=',''.'Y2F'.'jaGU=','dHRs','RE'.'FUQQ==','eyI=',''.'V'.'1dBTE'.'xfTE9DSw==',''.'c2'.'VjdXJp'.'d'.'H'.'k'.'=','U'.'0VD'.'VVJJ'.'VF'.'lfV1'.'dBTExfRV'.'hDRVB'.'USU'.'9O','R'.'kFJTF9DS'.'EVD'.'S0lO'.'Rw==','Q2'.'FuIG5vdCBleGV'.'jd'.'XRlIHd3YWx'.'sIH'.'J1b'.'GVz'.'OiA=','IFRy'.'YWN'.'l'.'Oi'.'A=','UkV'.'RVU'.'VTVF9VUk'.'k=',''.'a2'.'V5'.'cw==','dmFs'.'dWVz','U'.'0V'.'DVVJJVFlf'.'V1d'.'BT'.'ExfTU'.'9ES'.'U'.'ZZ','Lg==','U0V'.'DVVJJV'.'Fl'.'fV1d'.'BTExfV'.'U'.'5TRV'.'Q=','Lg==',''.'U0VDVVJJ'.'VF'.'lfV1'.'d'.'B'.'TExfR'.'VhJ'.'V'.'A==',''.'Lg==','Z2xvYm'.'Fs',''.'a2V5cw='.'=','d'.'mFs'.'dW'.'Vz','Z2V0',''.'Z2V0','cG9z'.'d'.'A==','cG9zdA'.'='.'=','Y29va2l'.'l',''.'Y'.'29va2'.'l'.'l','cmVxdWVzdA==','cmVxdWVz'.'dA==','Z2xvYm'.'Fs','Z2xvY'.'mF'.'s','bWFp'.'bl9'.'zZ'.'WM'.'=',''.'V1dBTExfQUNUVUF'.'MSVpFX1J'.'VTEVT',''.'dg'.'==','d'.'mVyc2lvbg='.'=','aQ'.'==','aXNJ'.'bnN0'.'YW'.'xsZW'.'Q=','dg==','aW5p','c2'.'9'.'j'.'a2'.'V0V'.'Gl'.'tZ'.'W91d'.'A'.'='.'=','c3RyZ'.'WF'.'tVGl'.'tZW91'.'d'.'A==','KCc=','Z'.'G'.'F0YQ==','Jyw'.'gJw='.'=','bW9kd'.'Wxl',''.'JywgJw'.'='.'=','bW9'.'k'.'dWx'.'lX'.'3Z'.'lcnN'.'pb2'.'4=','J'.'yk=','LCA=','U0VDVVJJ'.'VFl'.'fV1dBTEx'.'fRV'.'hDRVB'.'USU9O','bWFpbg==','Rk'.'FJT'.'F9'.'SRU'.'ZS'.'R'.'VNISU5H','Q2FuIG5vdCB'.'yZ'.'WZ'.'yZ'.'X'.'NoIHd3YWxs'.'IHJ1bGVzOiA=','IF'.'RyY'.'WNlO'.'iA=','Z'.'GF0'.'YQ'.'==','eyI'.'=','LS0t'.'L'.'S1CRUdJTiBQVUJ'.'MS'.'UMgS0'.'VZL'.'S0'.'tLS0=',''.'Ck'.'1JSUJJ'.'akFO'.'Qmdr'.'cWhraUc5dzB'.'C'.'QVFFRkFBT0NBUThBTUlJQk'.'NnS0'.'NBU'.'UVBcThR'.'RTBIam'.'1ISl'.'V'.'TdFdWN'.'m4'.'w'.'emEKUlZ'.'vTHgw'.'Mkt6YmZyYlMvUD'.'ZzV2'.'F'.'4V'.'Hp3O'.'FN'.'lR'.'1'.'R0YlRDT3JwSGk1UU'.'Y'.'2T1J5alo'.'vWHh6L'.'0'.'tMVTFHYm9'.'mOU'.'NaMwo'.'0ejd'.'T'.'a3FVd'.'D'.'Y2aW'.'JYdk9GQng0Zncv'.'QVB'.'QUk'.'d'.'EcXRtMG5EM2ZnR3N1'.'M'.'1J'.'lUGd'.'3Mj'.'lpOCt2'.'b'.'TdtdEJLS'.'lVZbDRyClZ'.'wY'.'jZzZlpFVDlLR'.'WI2'.'VDFI'.'RFltRXZjMW'.'hxL2l'.'pdXl'.'4THJa'.'Wmk1UTZVZmY0VUV2V'.'EkrNjhzc'.'0ZSa1Erb3dU'.'Un'.'kKZ'.'U9JTWJGaE0vVVRt'.'Zl'.'ZZ'.'YlRSRn'.'kyb1VROFd'.'N'.'e'.'m'.'Eybko1U'.'2FoemkxVUt'.'P'.'MWp'.'BalhUU'.'F'.'JyemM3Q'.'W'.'p1NjM5'.'ajFP'.'MApwcHF'.'mbTV4Z1dsRkFKa0hRVGdiZGQ'.'1QVdx'.'RE'.'Z'.'Ra3Q5SE'.'t'.'rWStUb'.'mZCTEd'.'WTXZ'.'W'.'eVB3VE'.'hOV1FZ'.'QXc0eH'.'Bn'.'L3dBClp3SUR'.'BUUFCCi0tLS0'.'tRU5EIF'.'BV'.'QkxJQyBLRVkt'.'LS'.'0tLQ'.'==');return base64_decode($_971475454[$_344556574]);}}; use Bitrix\Main\Application; use Bitrix\Main\Config\Option; use Bitrix\Main\Data\Cache; use Bitrix\Main\ModuleManager; use Bitrix\Main\Security\PublicKeyCipher; use Bitrix\Main\SystemException; use Bitrix\Main\Web\HttpClient; use Bitrix\Main\Web\Json; use Bitrix\Main\Security\W\Rules\Rule; use Bitrix\Main\Security\W\Rules\Results\RuleAction; use Bitrix\Main\Security\W\Rules\Results\RuleResult; use Bitrix\Main\Security\W\Rules\Results\CheckResult; use Bitrix\Main\Security\W\Rules\Results\ModifyResult; use Bitrix\Main\Type\ArrayHelper; use Bitrix\Main\Security\W\Rules\RuleRecordTable; use ReflectionExtension; class WWall{ const CACHE_RULES_TTL= 10800; private static $_570700362= 'https://wwall.bitrix.info/rules.php'; protected $_265100519= true; public function handle(){ try{ $_1118159523= Cache::createInstance(); $_304389153= false; if($_1118159523->initCache(static::CACHE_RULES_TTL, 'WWALL_LOCK', 'security')){ $_1023483944= $_1118159523->getVars(); if($GLOBALS['____850102778'][0]()- $_1023483944> round(0+6.6666666666667+6.6666666666667+6.6666666666667)){ $_562211055= Application::getConnection(); $_1574152361= RuleRecordTable::getTableName(); $_562211055->truncateTable($_1574152361); RuleRecordTable::cleanCache(); $_1118159523->clean(___1432698137(0), ___1432698137(1));}} elseif($_1118159523->startDataCache()){ $_1118159523->endDataCache($GLOBALS['____850102778'][1]()); $_304389153= true;} $_579015405= RuleRecordTable::getList([ ___1432698137(2) =>[___1432698137(3) => round(0+3600)* round(0+24)* round(0+2.3333333333333+2.3333333333333+2.3333333333333)]])->fetchAll(); foreach($_579015405 as $_1108922640){ $_402311942= new PublicKeyCipher; $_184907394= $_402311942->decrypt($_1108922640[___1432698137(4)], static::__865970077()); if(!str_starts_with($_184907394, ___1432698137(5))){ continue;} $_1192728360= $GLOBALS['____850102778'][2]($_184907394, true); if(!empty($_1192728360)){ $_1201340384= Rule::make($_1192728360); $_210687618= $this->handleRule($_1201340384); $this->applyHandlingResults($_210687618);}} if($_304389153){ $_1118159523->clean(___1432698137(6), ___1432698137(7));}} catch(\Throwable $_1568373370){ $this->logEvent( ___1432698137(8), ___1432698137(9), ___1432698137(10). $_1568373370->getMessage(). ___1432698137(11). $_1568373370->getTraceAsString());}} public function handleRule(Rule $_1201340384): array{ $_210687618=[]; if($_1201340384->matchPath($_SERVER[___1432698137(12)])){ $_846717187= $this->getContextElements($_1201340384->getContext()); foreach($_846717187 as $_148986622 => &$_1041606222){ $_210687618= $GLOBALS['____850102778'][3]($_210687618, $this->recursiveContextKeyHandle($_148986622, $_1041606222,[], $_1201340384));}} return $_210687618;} public function applyHandlingResults(array $_210687618){ $_846717187= $this->getContextElements([ 'get', 'post', 'cookie', 'request', 'global']); foreach($_210687618 as $_372294935){ $_1041606222=& $_846717187[$_372294935->getContextName()]; $_442729338= $_372294935->getRuleResult(); $_1201340384= $_372294935->getRule(); if($_442729338 instanceof ModifyResult){ if($_1201340384->getProcess() === ___1432698137(13)){ static::rewriteContextKey( $_372294935->getContextName(), $_1041606222, $_372294935->getContextKey(), $_442729338->getCleanValue());} elseif($_1201340384->getProcess() === ___1432698137(14)){ static::rewriteContextValue( $_372294935->getContextName(), $_1041606222, $_372294935->getContextKey(), $_442729338->getCleanValue());} $this->logEvent( ___1432698137(15), $_372294935->getContextName(), $GLOBALS['____850102778'][4](___1432698137(16), $_372294935->getContextKey()));} elseif($_442729338 instanceof CheckResult &&!$_442729338->isSuccess()){ if($_442729338->getAction() === RuleAction::UNSET){ static::unsetContextValue( $_372294935->getContextName(), $_1041606222, $_372294935->getContextKey(),); $this->logEvent( ___1432698137(17), $_372294935->getContextName(), $GLOBALS['____850102778'][5](___1432698137(18), $_372294935->getContextKey()));} elseif($_442729338->getAction() === RuleAction::EXIT){ $this->logEvent( ___1432698137(19), $_372294935->getContextName(), $GLOBALS['____850102778'][6](___1432698137(20), $_372294935->getContextKey())); exit;}}}} public function disableEventLogging(){ $this->_265100519= false;} protected function rewriteContextKey($_148986622, &$_1041606222, $_2056326025, $_1472103412){ $_2117311855= $_2056326025; $GLOBALS['____850102778'][7]($_2117311855); $_2117311855[]= $_1472103412; if($_148986622 === ___1432698137(21)){ $_1808052426= $GLOBALS['____850102778'][8]($_2056326025); $GLOBALS['____850102778'][9]($_2117311855); if(empty($_2056326025)){ $GLOBALS[$_1472103412]= $GLOBALS[$_1808052426]; unset($GLOBALS[$_1808052426]);} else{ $_1041606222=& $GLOBALS[$_1808052426]; $_747573495= ArrayHelper::getByNestedKey($_1041606222, $_2056326025); ArrayHelper::setByNestedKey($_1041606222, $_2117311855, $_747573495); ArrayHelper::unsetByNestedKey($_1041606222, $_2056326025);}} else{ $_747573495= ArrayHelper::getByNestedKey($_1041606222, $_2056326025); ArrayHelper::setByNestedKey($_1041606222, $_2117311855, $_747573495); ArrayHelper::unsetByNestedKey($_1041606222, $_2056326025);}} protected function rewriteContextValue($_148986622, &$_1041606222, $_8365220, $_747573495){ if($_148986622 === 'global'){ $_1808052426= $GLOBALS['____850102778'][10]($_8365220); if(empty($_8365220)){ $GLOBALS[$_1808052426]= $_747573495;} else{ $_1041606222=& $GLOBALS[$_1808052426]; ArrayHelper::setByNestedKey($_1041606222, $_8365220, $_747573495);}} else{ ArrayHelper::setByNestedKey($_1041606222, $_8365220, $_747573495);}} protected function unsetContextValue($_148986622, &$_1041606222, $_8365220){ if($_148986622 === 'global'){ $_1808052426= $GLOBALS['____850102778'][11]($_8365220); if(empty($_8365220)){ unset($GLOBALS[$_1808052426]);} else{ $_1041606222=& $GLOBALS[$_1808052426]; ArrayHelper::unsetByNestedKey($_1041606222, $_8365220);}} else{ ArrayHelper::unsetByNestedKey($_1041606222, $_8365220);}} protected function recursiveContextKeyHandle(string $_148986622, array &$_1041606222, array $_2008960258, Rule $_1201340384): array{ $_210687618=[]; foreach($_1041606222 as $_150457350 => $_747573495){ $_8365220= $GLOBALS['____850102778'][12]($_2008960258,[$_150457350]); if($_1201340384->matchKey($_8365220)){ if($_1201340384->getProcess() === ___1432698137(22)){ $_442729338= $_1201340384->evaluate($_150457350);} elseif($_1201340384->getProcess() === ___1432698137(23)){ $_442729338= $_1201340384->evaluateValue($_747573495);} if(!empty($_442729338) && $_442729338 instanceof RuleResult){ $_210687618[]= new HandlingResult($_148986622, $_8365220, $_442729338, $_1201340384);}} if($GLOBALS['____850102778'][13]($_747573495)){ $_210687618= $GLOBALS['____850102778'][14]($_210687618, $this->recursiveContextKeyHandle( $_148986622, $_1041606222[$_150457350], $_8365220, $_1201340384));}} return $_210687618;} protected function getContextElements(array $_2138214409){ $_542244710=[]; if($GLOBALS['____850102778'][15](___1432698137(24), $_2138214409, true)){ $_542244710[___1432698137(25)]= &$_GET;} if($GLOBALS['____850102778'][16](___1432698137(26), $_2138214409, true)){ $_542244710[___1432698137(27)]= &$_POST;} if($GLOBALS['____850102778'][17](___1432698137(28), $_2138214409, true)){ $_542244710[___1432698137(29)]= &$_COOKIE;} if($GLOBALS['____850102778'][18](___1432698137(30), $_2138214409, true)){ $_542244710[___1432698137(31)]= &$_REQUEST;} if($GLOBALS['____850102778'][19](___1432698137(32), $_2138214409, true)){ $_542244710[___1432698137(33)]= $GLOBALS;} return $_542244710;} public static function refreshRules(){ try{ $_577273365= Option::get('main_sec', 'WWALL_ACTUALIZE_RULES', 0); if(($GLOBALS['____850102778'][20]()- $_577273365)< static::CACHE_RULES_TTL){ return;} Option::set(___1432698137(34), ___1432698137(35), $GLOBALS['____850102778'][21]()); $_847602136= null; $_1685358147= $GLOBALS['____850102778'][22](function($_1946466028){ return[___1432698137(36) => $_1946466028[___1432698137(37)], ___1432698137(38) => (int) $_1946466028[___1432698137(39)]];}, ModuleManager::getModulesFromDisk()); $_540250245=[]; foreach($GLOBALS['____850102778'][23]() as $_1022534830){ $_83732817= new ReflectionExtension($_1022534830); $_540250245[$_1022534830]=[ ___1432698137(40) => $_83732817->getVersion(), ___1432698137(41) => $_83732817->getINIEntries()];} $_612054370= new HttpClient([ ___1432698137(42) => round(0+5), ___1432698137(43) => round(0+1.6666666666667+1.6666666666667+1.6666666666667)]); $_1658768862= $_612054370->post( static::$_570700362,[ 'modules' => $GLOBALS['____850102778'][24]($_1685358147), 'license' => Application::getInstance()->getLicense()->getHashLicenseKey(), 'php' => $GLOBALS['____850102778'][25]([ 'v' => $GLOBALS['____850102778'][26](), 'ext' => $_540250245]),]); if($_612054370->getStatus() == round(0+100+100) &&!empty($_1658768862)){ $_847602136= Json::decode($_1658768862);} if($_847602136 !== null){ $_562211055= Application::getConnection(); $_1574152361= RuleRecordTable::getTableName(); if(!empty($_847602136)){ foreach($_847602136 as $_1111354893){ if(!static::checkRuleSign($_1111354893)){ throw new SystemException('Invalid sign for rule '.$GLOBALS['____850102778'][27]($_1111354893));}}} $_562211055->truncateTable($_1574152361); if(!empty($_847602136)){ $_1808471418=[]; foreach($_847602136 as $_1111354893){ $_1808471418[]= ___1432698137(44). $_562211055->getSqlHelper()->forSql($_1111354893[___1432698137(45)]). ___1432698137(46). $_562211055->getSqlHelper()->forSql($_1111354893[___1432698137(47)]). ___1432698137(48). $_562211055->getSqlHelper()->forSql($_1111354893[___1432698137(49)]). ___1432698137(50);} $_634397693= $GLOBALS['____850102778'][28](___1432698137(51), $_1808471418); $_562211055->query("INSERT INTO {$_1574152361} (DATA, MODULE, MODULE_VERSION) VALUES {$_634397693}"); RuleRecordTable::cleanCache();}}} catch(\Throwable $_1568373370){ \CEventLog::log( \CEventLog::SEVERITY_SECURITY, ___1432698137(52), ___1432698137(53), ___1432698137(54), ___1432698137(55). $_1568373370->getMessage(). ___1432698137(56). $_1568373370->getTraceAsString());}} protected static function checkRuleSign($_1201340384){ $_402311942= new PublicKeyCipher; $_1192728360= $_402311942->decrypt($_1201340384[___1432698137(57)], static::__865970077()); return str_starts_with($_1192728360, ___1432698137(58));} private static function __865970077(){ $_1681633903= ''; $_1681633903 .= ___1432698137(59); $_1681633903 .= ___1432698137(60); return $_1681633903;} protected function logEvent($_801300634, $_2042254309, $_218506173){ if($this->_265100519){ \CEventLog::log( \CEventLog::SEVERITY_SECURITY, $_801300634, 'main', $_2042254309, $_218506173);}}}?>