<? namespace Bitrix\Main\Security\W;$GLOBALS['____76902397']= array(base64_decode('dGltZQ=='),base64_decode('d'.'Gl'.'tZQ='.'='),base64_decode('an'.'Nvb'.'l9kZWN'.'vZGU='),base64_decode('YXJyY'.'Xlf'.'bWV'.'y'.'Z2U'.'='),base64_decode('am9pbg=='),base64_decode(''.'am9pbg=='),base64_decode('am9p'.'bg=='),base64_decode('YXJy'.'Y'.'Xl'.'fcG9w'),base64_decode('Y'.'X'.'JyYXl'.'fc2hpZ'.'nQ='),base64_decode('YXJyYXlfc2hpZnQ='),base64_decode(''.'YX'.'JyYXlfc'.'2hpZnQ='),base64_decode('YX'.'JyYXlfc'.'2hpZnQ'.'='),base64_decode(''.'YX'.'JyYXlfb'.'WV'.'yZ2U='),base64_decode('aXNfYXJyYXk='),base64_decode('YXJyYXlfbWVyZ2U='),base64_decode('aW5fY'.'X'.'JyYXk='),base64_decode('aW5fYX'.'J'.'yYXk='),base64_decode('a'.'W5fYXJyYXk='),base64_decode(''.'a'.'W'.'5fYXJyY'.'Xk='),base64_decode(''.'aW5fYXJy'.'YXk='),base64_decode(''.'dGltZQ=='),base64_decode('dGltZQ='.'='),base64_decode('YXJyYX'.'lfbWFw'),base64_decode(''.'Z'.'2V0X2x'.'vY'.'WRlZF9leHRlbnNp'.'b'.'2'.'5z'),base64_decode(''.'a'.'nNv'.'bl9lb'.'mNvZGU='),base64_decode('anNv'.'bl9lbmNvZGU='),base64_decode('cGh'.'wdmVyc2'.'lvbg=='),base64_decode('anNvbl9l'.'b'.'m'.'NvZGU='),base64_decode('am9pbg=='));if(!function_exists(__NAMESPACE__.'\\___1164968040')){function ___1164968040($_1384981705){static $_1227644650= false; if($_1227644650 == false) $_1227644650=array('V1dB'.'TExfTE'.'9DSw==','c2'.'Vj'.'dX'.'JpdHk=','REFU'.'Q'.'Q'.'==','ey'.'I=',''.'V1d'.'B'.'T'.'E'.'xfT'.'E'.'9DSw='.'=','c2VjdXJp'.'dHk=','U0'.'VDVV'.'JJVFlf'.'V'.'1dBT'.'ExfR'.'Vh'.'DRVBU'.'SU9'.'O','RkFJTF9D'.'S'.'EVDS0lORw==','Q2FuIG5vdCB'.'leGV'.'jdXRlIH'.'d'.'3YW'.'xsIHJ1bGVzOiA'.'=','IFRy'.'YWNlOiA'.'=','UkVRVU'.'VTVF9VUkk=',''.'a2'.'V5cw==','dmFsdWVz','U0VDVVJJVFlfV1dBTExf'.'TU9ES'.'U'.'ZZ',''.'Lg'.'==','U0'.'V'.'DVVJJVFl'.'fV1dBTExfV'.'U5TRV'.'Q=',''.'Lg==','U0V'.'DVVJJVFl'.'fV1d'.'BTExfRV'.'hJVA==','Lg==','Z2xvYmFs',''.'a2'.'V'.'5c'.'w'.'==','dmF'.'sd'.'W'.'Vz',''.'Z2V'.'0','Z2V0','cG9z'.'dA==','cG9'.'zdA==','Y'.'29va'.'2ll','Y29v'.'a2ll','cmV'.'xdWVz'.'dA==','cmVxdWVzdA'.'==','Z'.'2xvY'.'mFs','Z2xvYmFs','b'.'W'.'F'.'pbl9zZW'.'M=',''.'V1'.'dBT'.'E'.'xf'.'QUNUVUFMSVpFX1JV'.'TEVT','d'.'g==','dmVyc2'.'lvbg==','aQ==','aXNJbnN'.'0Y'.'W'.'xsZ'.'WQ=','dg'.'==','aW5p','bW9kd'.'Wxlcw==','bGljZW5z'.'ZQ==','c'.'Gh'.'w','dg'.'='.'=','ZXh0',''.'c2VjdXJ'.'pdHk=','ZGI=','dHlwZQ'.'==','ZGI'.'=','d'.'mVyc2l'.'vbg==','Z'.'GI=',''.'dHl'.'wZQ==','ZGI=','dHlwZQ'.'==',''.'d'.'mV'.'yc2lvbg='.'=','ZGI=','dmVyc2lv'.'b'.'g==',''.'ZW'.'52aXJ'.'vbm1lbnQ=','dm1f'.'dmVy'.'c2l'.'vbg==','dm0=','dg==','Z'.'W52'.'aXJvbm1l'.'bnQ=',''.'dm1fd'.'m'.'V'.'yc2lv'.'b'.'g==','c2'.'9ja'.'2V0VGltZW91d'.'A'.'==','c'.'3RyZ'.'WFt'.'V'.'GltZW91dA==','KCc=','ZG'.'F0YQ==','J'.'ywgJw==','bW9kdW'.'xl','Jy'.'wgJw==',''.'bW9kdWxlX'.'3ZlcnN'.'pb'.'2'.'4=','Jy'.'k=','L'.'CA=','U0VDVVJ'.'JV'.'Flf'.'V1dBTExfRV'.'h'.'DRVBUSU9O','bWFpbg'.'='.'=','Rk'.'FJTF9SRUZSRVNISU5H','Q'.'2FuI'.'G5v'.'dCB'.'yZWZyZXNoI'.'Hd3YWxsIH'.'J1bGVz'.'Oi'.'A=','IF'.'RyYWN'.'lOiA'.'=','ZG'.'F0YQ==','ey'.'I'.'=',''.'LS'.'0tLS1'.'CRU'.'dJTiBQVUJMSU'.'M'.'gS0VZL'.'S0tLS0=','Ck1JS'.'U'.'JJakFO'.'QmdrcWhraUc5dz'.'BCQVFFRkFBT0NBUThBT'.'U'.'lJQk'.'NnS0'.'NB'.'UUVBcThR'.'RTBIam'.'1ISlVTdF'.'dWNm4w'.'e'.'mEKUlZ'.'vT'.'HgwMk'.'t6'.'YmZy'.'Y'.'lMvUDZ'.'zV2F4V'.'Hp3OFNlR'.'1R0'.'YlRDT3JwSGk1UUY2T1'.'J5alovWHh6L0tMV'.'TFHY'.'m9mOUNaMwo'.'0ej'.'d'.'Ta'.'3FVdDY2a'.'WJYdk9GQng0ZncvQ'.'V'.'BQU'.'kdE'.'c'.'XRtMG5EM'.'2ZnR3'.'N1M1JlUGd3MjlpO'.'C'.'t2bTdtdEJL'.'Sl'.'V'.'ZbDRyCl'.'ZwYjZ'.'zZ'.'l'.'pFV'.'DlL'.'RW'.'I2VDF'.'IRFltRX'.'ZjMW'.'h'.'x'.'L2'.'lpdX'.'l4'.'THJaWm'.'k1'.'UTZVZmY'.'0VUV2'.'VEkr'.'Njhzc0'.'ZSa1Erb3d'.'UUn'.'kKZU9'.'JTWJGaE0v'.'VV'.'RtZlZZYlRSRnkyb'.'1V'.'ROFd'.'N'.'emEy'.'bk'.'o1U2FoemkxV'.'UtP'.'MWpBa'.'lhUUFJ'.'y'.'e'.'mM3Q'.'Wp1NjM5'.'ajFP'.'MAp'.'wcHFmbT'.'V4Z1dsRkF'.'Ka0hRVGdiZGQ1'.'QVdx'.'REZRa3Q'.'5SEtrW'.'StUbmZCTE'.'dWTXZ'.'WeVB3V'.'EhOV1FZQXc0'.'eH'.'Bn'.'L3dBCl'.'p3SURBUU'.'F'.'CCi0'.'tLS0tRU5'.'EIFBV'.'Q'.'kxJQyBLRVk'.'tLS'.'0'.'tLQ==');return base64_decode($_1227644650[$_1384981705]);}}; use Bitrix\Main\Application; use Bitrix\Main\Config\Option; use Bitrix\Main\Data\Cache; use Bitrix\Main\Loader; use Bitrix\Main\ModuleManager; use Bitrix\Main\Security\PublicKeyCipher; use Bitrix\Main\SystemException; use Bitrix\Main\Web\HttpClient; use Bitrix\Main\Web\Json; use Bitrix\Main\Security\W\Rules\Rule; use Bitrix\Main\Security\W\Rules\Results\RuleAction; use Bitrix\Main\Security\W\Rules\Results\RuleResult; use Bitrix\Main\Security\W\Rules\Results\CheckResult; use Bitrix\Main\Security\W\Rules\Results\ModifyResult; use Bitrix\Main\Type\ArrayHelper; use Bitrix\Main\Security\W\Rules\RuleRecordTable; use Bitrix\Main\License\UrlProvider; use CSecuritySystemInformation; use ReflectionExtension; class WWall{ const CACHE_RULES_TTL= 10800; protected $_1975003512= true; public function handle(){ try{  $_1828409118= RuleRecordTable::getList([ 'cache' =>['ttl' => 3600* 24* 7]])->fetchAll(); if(empty($_1828409118)){ return;}  $_831238287= Cache::createInstance(); $_1616252567= false; if($_831238287->initCache(static::CACHE_RULES_TTL, 'WWALL_LOCK', 'security')){ $_2113694101= $_831238287->getVars(); if($GLOBALS['____76902397'][0]()- $_2113694101> round(0+10+10)){  $_491831903= Application::getConnection(); $_1915307920= RuleRecordTable::getTableName(); $_491831903->truncateTable($_1915307920); RuleRecordTable::cleanCache(); $_831238287->clean(___1164968040(0), ___1164968040(1));}} elseif($_831238287->startDataCache()){  $_831238287->endDataCache($GLOBALS['____76902397'][1]()); $_1616252567= true;} foreach($_1828409118 as $_490685973){ $_749512477= new PublicKeyCipher; $_527310604= $_749512477->decrypt($_490685973[___1164968040(2)], static::__1332826655()); if(!str_starts_with($_527310604, ___1164968040(3))){ continue;} $_303216225= $GLOBALS['____76902397'][2]($_527310604, true); if(!empty($_303216225)){ $_125150425= Rule::make($_303216225); $_1655857128= $this->handleRule($_125150425); $this->applyHandlingResults($_1655857128);}}  if($_1616252567){ $_831238287->clean(___1164968040(4), ___1164968040(5));}} catch(\Throwable $_1312350830){ $this->logEvent( ___1164968040(6), ___1164968040(7), ___1164968040(8). $_1312350830->getMessage(). ___1164968040(9). $_1312350830->getTraceAsString());}}  public function handleRule(Rule $_125150425): array{ $_1655857128=[]; if($_125150425->matchPath($_SERVER[___1164968040(10)])){  $_265204592= $this->getContextElements($_125150425->getContext()); foreach($_265204592 as $_1212094289 => &$_559132874){ $_1655857128= $GLOBALS['____76902397'][3]($_1655857128, $this->recursiveContextKeyHandle($_1212094289, $_559132874,[], $_125150425));}} return $_1655857128;}  public function applyHandlingResults(array $_1655857128){ $_265204592= $this->getContextElements([ 'get', 'post', 'cookie', 'request', 'global']); foreach($_1655857128 as $_1768602770){ $_559132874=& $_265204592[$_1768602770->getContextName()]; $_1287415469= $_1768602770->getRuleResult(); $_125150425= $_1768602770->getRule(); if($_1287415469 instanceof ModifyResult){ if($_125150425->getProcess() === ___1164968040(11)){  static::rewriteContextKey( $_1768602770->getContextName(), $_559132874, $_1768602770->getContextKey(), $_1287415469->getCleanValue());} elseif($_125150425->getProcess() === ___1164968040(12)){ static::rewriteContextValue( $_1768602770->getContextName(), $_559132874, $_1768602770->getContextKey(), $_1287415469->getCleanValue());} $this->logEvent( ___1164968040(13), $_1768602770->getContextName(), $GLOBALS['____76902397'][4](___1164968040(14), $_1768602770->getContextKey()));} elseif($_1287415469 instanceof CheckResult &&!$_1287415469->isSuccess()){ if($_1287415469->getAction() === RuleAction::UNSET){ static::unsetContextValue( $_1768602770->getContextName(), $_559132874, $_1768602770->getContextKey(),); $this->logEvent( ___1164968040(15), $_1768602770->getContextName(), $GLOBALS['____76902397'][5](___1164968040(16), $_1768602770->getContextKey()));} elseif($_1287415469->getAction() === RuleAction::EXIT){ $this->logEvent( ___1164968040(17), $_1768602770->getContextName(), $GLOBALS['____76902397'][6](___1164968040(18), $_1768602770->getContextKey())); exit;}}}} public function disableEventLogging(){ $this->_1975003512= false;} protected function rewriteContextKey($_1212094289, &$_559132874, $_1797304445, $_1586218175){ $_1348286897= $_1797304445;  $GLOBALS['____76902397'][7]($_1348286897); $_1348286897[]= $_1586218175; if($_1212094289 === ___1164968040(19)){ $_1513636376= $GLOBALS['____76902397'][8]($_1797304445); $GLOBALS['____76902397'][9]($_1348286897); if(empty($_1797304445)){ $GLOBALS[$_1586218175]= $GLOBALS[$_1513636376]; unset($GLOBALS[$_1513636376]);} else{ $_559132874=& $GLOBALS[$_1513636376]; $_1808050820= ArrayHelper::getByNestedKey($_559132874, $_1797304445);  ArrayHelper::setByNestedKey($_559132874, $_1348286897, $_1808050820);  ArrayHelper::unsetByNestedKey($_559132874, $_1797304445);}} else{ $_1808050820= ArrayHelper::getByNestedKey($_559132874, $_1797304445);  ArrayHelper::setByNestedKey($_559132874, $_1348286897, $_1808050820);  ArrayHelper::unsetByNestedKey($_559132874, $_1797304445);}} protected function rewriteContextValue($_1212094289, &$_559132874, $_2129170252, $_1808050820){ if($_1212094289 === 'global'){ $_1513636376= $GLOBALS['____76902397'][10]($_2129170252); if(empty($_2129170252)){ $GLOBALS[$_1513636376]= $_1808050820;} else{ $_559132874=& $GLOBALS[$_1513636376]; ArrayHelper::setByNestedKey($_559132874, $_2129170252, $_1808050820);}} else{  ArrayHelper::setByNestedKey($_559132874, $_2129170252, $_1808050820);}} protected function unsetContextValue($_1212094289, &$_559132874, $_2129170252){ if($_1212094289 === 'global'){ $_1513636376= $GLOBALS['____76902397'][11]($_2129170252); if(empty($_2129170252)){ unset($GLOBALS[$_1513636376]);} else{ $_559132874=& $GLOBALS[$_1513636376]; ArrayHelper::unsetByNestedKey($_559132874, $_2129170252);}} else{ ArrayHelper::unsetByNestedKey($_559132874, $_2129170252);}}  protected function recursiveContextKeyHandle(string $_1212094289, array &$_559132874, array $_100599520, Rule $_125150425): array{  $_1655857128=[]; foreach($_559132874 as $_1644199435 => $_1808050820){ $_2129170252= $GLOBALS['____76902397'][12]($_100599520,[$_1644199435]); if($_125150425->matchKey($_2129170252)){  if($_125150425->getProcess() === ___1164968040(20)){ $_1287415469= $_125150425->evaluate($_1644199435);} elseif($_125150425->getProcess() === ___1164968040(21)){ $_1287415469= $_125150425->evaluateValue($_1808050820);}  if(!empty($_1287415469) && $_1287415469 instanceof RuleResult){ $_1655857128[]= new HandlingResult($_1212094289, $_2129170252, $_1287415469, $_125150425);}}  if($GLOBALS['____76902397'][13]($_1808050820)){ $_1655857128= $GLOBALS['____76902397'][14]($_1655857128, $this->recursiveContextKeyHandle( $_1212094289, $_559132874[$_1644199435], $_2129170252, $_125150425));}} return $_1655857128;} protected function getContextElements(array $_467985795){ $_1716620722=[]; if($GLOBALS['____76902397'][15](___1164968040(22), $_467985795, true)){ $_1716620722[___1164968040(23)]= &$_GET;} if($GLOBALS['____76902397'][16](___1164968040(24), $_467985795, true)){ $_1716620722[___1164968040(25)]= &$_POST;} if($GLOBALS['____76902397'][17](___1164968040(26), $_467985795, true)){ $_1716620722[___1164968040(27)]= &$_COOKIE;} if($GLOBALS['____76902397'][18](___1164968040(28), $_467985795, true)){ $_1716620722[___1164968040(29)]= &$_REQUEST;} if($GLOBALS['____76902397'][19](___1164968040(30), $_467985795, true)){ $_1716620722[___1164968040(31)]= $GLOBALS;} return $_1716620722;} public static function refreshRules(){ try{ $_1395098805= Option::get('main_sec', 'WWALL_ACTUALIZE_RULES', 0); if(($GLOBALS['____76902397'][20]()- $_1395098805)< static::CACHE_RULES_TTL){ return;} Option::set(___1164968040(32), ___1164968040(33), $GLOBALS['____76902397'][21]()); $_1689873133= null;  $_305508585= $GLOBALS['____76902397'][22](function($_1655431932){ return[___1164968040(34) => $_1655431932[___1164968040(35)], ___1164968040(36) => (int) $_1655431932[___1164968040(37)]];}, ModuleManager::getModulesFromDisk());  $_1713657005=[]; foreach($GLOBALS['____76902397'][23]() as $_1720320792){ $_1291583208= new ReflectionExtension($_1720320792); $_1713657005[$_1720320792]=[ ___1164968040(38) => $_1291583208->getVersion(), ___1164968040(39) => $_1291583208->getINIEntries()];} $_1150335388=[ ___1164968040(40) => $GLOBALS['____76902397'][24]($_305508585), ___1164968040(41) => Application::getInstance()->getLicense()->getHashLicenseKey(), ___1164968040(42) => $GLOBALS['____76902397'][25]([ ___1164968040(43) => $GLOBALS['____76902397'][26](), ___1164968040(44) => $_1713657005])]; if(Loader::includeModule(___1164968040(45))){ $_1712258881= CSecuritySystemInformation::getSystemInformation(); if(isset($_1712258881[___1164968040(46)][___1164968040(47)]) && isset($_1712258881[___1164968040(48)][___1164968040(49)])){ $_1150335388[___1164968040(50)]=[ ___1164968040(51) => $_1712258881[___1164968040(52)][___1164968040(53)], ___1164968040(54) => $_1712258881[___1164968040(55)][___1164968040(56)]];} if(isset($_1712258881[___1164968040(57)][___1164968040(58)])){ $_1150335388[___1164968040(59)]=[___1164968040(60) => $_1712258881[___1164968040(61)][___1164968040(62)]];}}  $_275680712= new HttpClient([ ___1164968040(63) => round(0+1.25+1.25+1.25+1.25), ___1164968040(64) => round(0+1.25+1.25+1.25+1.25)]); $_505413203=(new UrlProvider())->getTechDomain(); $_2147348204="https://wwall.{$_505413203}/rules.php"; $_1601131055= $_275680712->post($_2147348204, $_1150335388); if($_275680712->getStatus() == round(0+66.666666666667+66.666666666667+66.666666666667) &&!empty($_1601131055)){ $_1689873133= Json::decode($_1601131055);}  if($_1689873133 !== null){ $_491831903= Application::getConnection(); $_1915307920= RuleRecordTable::getTableName(); if(!empty($_1689873133)){ foreach($_1689873133 as $_953382901){ if(!static::checkRuleSign($_953382901)){ throw new SystemException('Invalid sign for rule '.$GLOBALS['____76902397'][27]($_953382901));}}}  $_491831903->truncateTable($_1915307920);  if(!empty($_1689873133)){ $_643498303=[]; foreach($_1689873133 as $_953382901){ $_643498303[]= ___1164968040(65). $_491831903->getSqlHelper()->forSql($_953382901[___1164968040(66)]). ___1164968040(67). $_491831903->getSqlHelper()->forSql($_953382901[___1164968040(68)]). ___1164968040(69). $_491831903->getSqlHelper()->forSql($_953382901[___1164968040(70)]). ___1164968040(71);} $_889620999= $GLOBALS['____76902397'][28](___1164968040(72), $_643498303);  $_491831903->query("INSERT INTO {$_1915307920} (DATA, MODULE, MODULE_VERSION) VALUES {$_889620999}");  RuleRecordTable::cleanCache();}}} catch(\Throwable $_1312350830){ \CEventLog::log( \CEventLog::SEVERITY_SECURITY, ___1164968040(73), ___1164968040(74), ___1164968040(75), ___1164968040(76). $_1312350830->getMessage(). ___1164968040(77). $_1312350830->getTraceAsString());}} protected static function checkRuleSign($_125150425){ $_749512477= new PublicKeyCipher; $_303216225= $_749512477->decrypt($_125150425[___1164968040(78)], static::__1332826655()); return str_starts_with($_303216225, ___1164968040(79));} private static function __1332826655(){ $_509930367= ''; $_509930367 .= ___1164968040(80); $_509930367 .= ___1164968040(81); return $_509930367;} protected function logEvent($_504072001, $_661993058, $_1834051558){ if($this->_1975003512){ \CEventLog::log( \CEventLog::SEVERITY_SECURITY, $_504072001, 'main', $_661993058, $_1834051558);}}}?>